static int reply_spnego_negotiate(connection_struct *conn, char *inbuf, char *outbuf, uint16 vuid, int length, int bufsize, DATA_BLOB blob1, AUTH_NTLMSSP_STATE **auth_ntlmssp_state) { DATA_BLOB secblob; DATA_BLOB chal; BOOL got_kerberos_mechanism = False; NTSTATUS status; status = parse_spnego_mechanisms(blob1, &secblob, &got_kerberos_mechanism); if (!NT_STATUS_IS_OK(status)) { /* Kill the intermediate vuid */ invalidate_vuid(vuid); return ERROR_NT(nt_status_squash(status)); } DEBUG(3,("reply_spnego_negotiate: Got secblob of size %lu\n", (unsigned long)secblob.length)); #ifdef HAVE_KRB5 if ( got_kerberos_mechanism && ((lp_security()==SEC_ADS) || lp_use_kerberos_keytab()) ) { BOOL destroy_vuid = True; int ret = reply_spnego_kerberos(conn, inbuf, outbuf, length, bufsize, &secblob, &destroy_vuid); data_blob_free(&secblob); if (destroy_vuid) { /* Kill the intermediate vuid */ invalidate_vuid(vuid); } return ret; } #endif if (*auth_ntlmssp_state) { auth_ntlmssp_end(auth_ntlmssp_state); } status = auth_ntlmssp_start(auth_ntlmssp_state); if (!NT_STATUS_IS_OK(status)) { /* Kill the intermediate vuid */ invalidate_vuid(vuid); return ERROR_NT(nt_status_squash(status)); } status = auth_ntlmssp_update(*auth_ntlmssp_state, secblob, &chal); data_blob_free(&secblob); reply_spnego_ntlmssp(conn, inbuf, outbuf, vuid, auth_ntlmssp_state, &chal, status, True); data_blob_free(&chal); /* already replied */ return -1; }
static int reply_spnego_auth(connection_struct *conn, char *inbuf, char *outbuf, uint16 vuid, int length, int bufsize, DATA_BLOB blob1, AUTH_NTLMSSP_STATE **auth_ntlmssp_state) { DATA_BLOB auth = data_blob(NULL,0); DATA_BLOB auth_reply = data_blob(NULL,0); DATA_BLOB secblob = data_blob(NULL,0); NTSTATUS status = NT_STATUS_INVALID_PARAMETER; if (!spnego_parse_auth(blob1, &auth)) { #if 0 file_save("auth.dat", blob1.data, blob1.length); #endif /* Kill the intermediate vuid */ invalidate_vuid(vuid); return ERROR_NT(nt_status_squash(NT_STATUS_INVALID_PARAMETER)); } if (auth.data[0] == ASN1_APPLICATION(0)) { /* Might be a second negTokenTarg packet */ BOOL got_krb5_mechanism = False; status = parse_spnego_mechanisms(auth, &secblob, &got_krb5_mechanism); if (NT_STATUS_IS_OK(status)) { DEBUG(3,("reply_spnego_auth: Got secblob of size %lu\n", (unsigned long)secblob.length)); #ifdef HAVE_KRB5 if ( got_krb5_mechanism && ((lp_security()==SEC_ADS) || lp_use_kerberos_keytab()) ) { BOOL destroy_vuid = True; int ret = reply_spnego_kerberos(conn, inbuf, outbuf, length, bufsize, &secblob, &destroy_vuid); data_blob_free(&secblob); data_blob_free(&auth); if (destroy_vuid) { /* Kill the intermediate vuid */ invalidate_vuid(vuid); } return ret; } #endif } } /* If we get here it wasn't a negTokenTarg auth packet. */ data_blob_free(&secblob); if (!*auth_ntlmssp_state) { /* Kill the intermediate vuid */ invalidate_vuid(vuid); /* auth before negotiatiate? */ return ERROR_NT(nt_status_squash(NT_STATUS_INVALID_PARAMETER)); } status = auth_ntlmssp_update(*auth_ntlmssp_state, auth, &auth_reply); data_blob_free(&auth); reply_spnego_ntlmssp(conn, inbuf, outbuf, vuid, auth_ntlmssp_state, &auth_reply, status, True); data_blob_free(&auth_reply); /* and tell smbd that we have already replied to this packet */ return -1; }
static int reply_spnego_negotiate(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize, DATA_BLOB blob1) { char *OIDs[ASN1_MAX_OIDS]; DATA_BLOB secblob; int i; DATA_BLOB chal; BOOL got_kerberos = False; NTSTATUS nt_status; /* parse out the OIDs and the first sec blob */ if (!parse_negTokenTarg(blob1, OIDs, &secblob)) { return ERROR_NT(NT_STATUS_LOGON_FAILURE); } /* only look at the first OID for determining the mechToken -- accoirding to RFC2478, we should choose the one we want and renegotiate, but i smell a client bug here.. Problem observed when connecting to a member (samba box) of an AD domain as a user in a Samba domain. Samba member server sent back krb5/mskrb5/ntlmssp as mechtypes, but the client (2ksp3) replied with ntlmssp/mskrb5/krb5 and an NTLMSSP mechtoken. --jerry */ if (strcmp(OID_KERBEROS5, OIDs[0]) == 0 || strcmp(OID_KERBEROS5_OLD, OIDs[0]) == 0) { got_kerberos = True; } for (i=0;OIDs[i];i++) { DEBUG(3,("Got OID %s\n", OIDs[i])); free(OIDs[i]); } DEBUG(3,("Got secblob of size %lu\n", (unsigned long)secblob.length)); #ifdef HAVE_KRB5 if (got_kerberos && (SEC_ADS == lp_security())) { int ret = reply_spnego_kerberos(conn, inbuf, outbuf, length, bufsize, &secblob); data_blob_free(&secblob); return ret; } #endif if (global_ntlmssp_state) { auth_ntlmssp_end(&global_ntlmssp_state); } nt_status = auth_ntlmssp_start(&global_ntlmssp_state); if (!NT_STATUS_IS_OK(nt_status)) { return ERROR_NT(nt_status); } nt_status = auth_ntlmssp_update(global_ntlmssp_state, secblob, &chal); data_blob_free(&secblob); reply_spnego_ntlmssp(conn, inbuf, outbuf, &global_ntlmssp_state, &chal, nt_status); data_blob_free(&chal); /* already replied */ return -1; }