NTSTATUS auth_ntlmssp_start(AUTH_NTLMSSP_STATE **auth_ntlmssp_state) { NTSTATUS nt_status; TALLOC_CTX *mem_ctx; mem_ctx = talloc_init("AUTH NTLMSSP context"); *auth_ntlmssp_state = TALLOC_ZERO_P(mem_ctx, AUTH_NTLMSSP_STATE); if (!*auth_ntlmssp_state) { DEBUG(0,("auth_ntlmssp_start: talloc failed!\n")); talloc_destroy(mem_ctx); return NT_STATUS_NO_MEMORY; } ZERO_STRUCTP(*auth_ntlmssp_state); (*auth_ntlmssp_state)->mem_ctx = mem_ctx; if (!NT_STATUS_IS_OK(nt_status = ntlmssp_server_start(&(*auth_ntlmssp_state)->ntlmssp_state))) { return nt_status; } if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&(*auth_ntlmssp_state)->auth_context))) { return nt_status; } (*auth_ntlmssp_state)->ntlmssp_state->auth_context = (*auth_ntlmssp_state); (*auth_ntlmssp_state)->ntlmssp_state->get_challenge = auth_ntlmssp_get_challenge; (*auth_ntlmssp_state)->ntlmssp_state->may_set_challenge = auth_ntlmssp_may_set_challenge; (*auth_ntlmssp_state)->ntlmssp_state->set_challenge = auth_ntlmssp_set_challenge; (*auth_ntlmssp_state)->ntlmssp_state->check_password = auth_ntlmssp_check_password; (*auth_ntlmssp_state)->ntlmssp_state->server_role = (enum server_types)lp_server_role(); return NT_STATUS_OK; }
static NTSTATUS ntlm_auth_start_ntlmssp_server(NTLMSSP_STATE **ntlmssp_state) { NTSTATUS status = ntlmssp_server_start(ntlmssp_state); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Could not start NTLMSSP client: %s\n", nt_errstr(status))); return status; } /* Have we been given a local password, or should we ask winbind? */ if (opt_password) { (*ntlmssp_state)->check_password = local_pw_check; (*ntlmssp_state)->get_domain = lp_workgroup; (*ntlmssp_state)->get_global_myname = global_myname; } else { (*ntlmssp_state)->check_password = winbind_pw_check; (*ntlmssp_state)->get_domain = get_winbind_domain; (*ntlmssp_state)->get_global_myname = get_winbind_netbios_name; } return NT_STATUS_OK; }
static NTSTATUS gensec_ntlmssp3_server_start(struct gensec_security *gensec_security) { NTSTATUS nt_status; bool is_standalone; const char *netbios_name; const char *netbios_domain; const char *dns_name; char *dns_domain; struct gensec_ntlmssp_context *gensec_ntlmssp; if ((enum server_role)lp_server_role() == ROLE_STANDALONE) { is_standalone = true; } else { is_standalone = false; } netbios_name = lp_netbios_name(); netbios_domain = lp_workgroup(); /* This should be a 'netbios domain -> DNS domain' mapping */ dns_domain = get_mydnsdomname(talloc_tos()); if (dns_domain) { strlower_m(dns_domain); } dns_name = get_mydnsfullname(); nt_status = gensec_ntlmssp_start(gensec_security); NT_STATUS_NOT_OK_RETURN(nt_status); gensec_ntlmssp = talloc_get_type_abort(gensec_security->private_data, struct gensec_ntlmssp_context); nt_status = make_auth_context_subsystem(gensec_ntlmssp, &gensec_ntlmssp->auth_context); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } nt_status = ntlmssp_server_start(gensec_ntlmssp, is_standalone, netbios_name, netbios_domain, dns_name, dns_domain, &gensec_ntlmssp->ntlmssp_state); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } gensec_ntlmssp->ntlmssp_state->callback_private = gensec_ntlmssp; gensec_ntlmssp->ntlmssp_state->get_challenge = auth_ntlmssp_get_challenge; gensec_ntlmssp->ntlmssp_state->may_set_challenge = auth_ntlmssp_may_set_challenge; gensec_ntlmssp->ntlmssp_state->set_challenge = auth_ntlmssp_set_challenge; gensec_ntlmssp->ntlmssp_state->check_password = auth_ntlmssp_check_password; if (gensec_ntlmssp->gensec_security->want_features & GENSEC_FEATURE_SESSION_KEY) { gensec_ntlmssp->ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; } if (gensec_ntlmssp->gensec_security->want_features & GENSEC_FEATURE_SIGN) { gensec_ntlmssp->ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; } if (gensec_ntlmssp->gensec_security->want_features & GENSEC_FEATURE_SEAL) { gensec_ntlmssp->ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; gensec_ntlmssp->ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL; } return NT_STATUS_OK; }
NTSTATUS auth_ntlmssp_start(const struct tsocket_address *remote_address, struct auth_ntlmssp_state **auth_ntlmssp_state) { NTSTATUS nt_status; bool is_standalone; const char *netbios_name; const char *netbios_domain; const char *dns_name; char *dns_domain; struct auth_ntlmssp_state *ans; struct auth_context *auth_context; if ((enum server_role)lp_server_role() == ROLE_STANDALONE) { is_standalone = true; } else { is_standalone = false; } netbios_name = lp_netbios_name(); netbios_domain = lp_workgroup(); /* This should be a 'netbios domain -> DNS domain' mapping */ dns_domain = get_mydnsdomname(talloc_tos()); if (dns_domain) { strlower_m(dns_domain); } dns_name = get_mydnsfullname(); ans = talloc_zero(NULL, struct auth_ntlmssp_state); if (!ans) { DEBUG(0,("auth_ntlmssp_start: talloc failed!\n")); return NT_STATUS_NO_MEMORY; } ans->remote_address = tsocket_address_copy(remote_address, ans); if (ans->remote_address == NULL) { DEBUG(0,("auth_ntlmssp_start: talloc failed!\n")); return NT_STATUS_NO_MEMORY; } nt_status = ntlmssp_server_start(ans, is_standalone, netbios_name, netbios_domain, dns_name, dns_domain, &ans->ntlmssp_state); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } nt_status = make_auth_context_subsystem(talloc_tos(), &auth_context); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } ans->auth_context = talloc_steal(ans, auth_context); ans->ntlmssp_state->callback_private = ans; ans->ntlmssp_state->get_challenge = auth_ntlmssp_get_challenge; ans->ntlmssp_state->may_set_challenge = auth_ntlmssp_may_set_challenge; ans->ntlmssp_state->set_challenge = auth_ntlmssp_set_challenge; ans->ntlmssp_state->check_password = auth_ntlmssp_check_password; talloc_set_destructor((TALLOC_CTX *)ans, auth_ntlmssp_state_destructor); *auth_ntlmssp_state = ans; return NT_STATUS_OK; }