diff options
author | Andrew Bartlett <abartlet@samba.org> | 2003-01-28 12:07:02 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2003-01-28 12:07:02 +0000 |
commit | fbb46da79cf322570a7e3318100c304bbf33409e (patch) | |
tree | 184ec1c8f2f9990840cfca0329d8fa97225e84f8 /source/auth | |
parent | b741abd496621586040081c04674ae53cb5db47c (diff) | |
download | samba-fbb46da79cf322570a7e3318100c304bbf33409e.tar.gz samba-fbb46da79cf322570a7e3318100c304bbf33409e.tar.xz samba-fbb46da79cf322570a7e3318100c304bbf33409e.zip |
Merge from HEAD:
- NTLMSSP over SPENGO (sesssion-setup-and-x) cleanup and code refactor.
- also consequential changes to the NTLMSSP and SPNEGO parsing functions
- and the client code that uses the same functions
- Add ntlm_auth, a NTLMSSP authentication interface for use by applications
like Squid and Apache.
- also consquential changes to use common code for base64 encode/decode.
- Winbind changes to support ntlm_auth (I don't want this program to need
to read smb.conf, instead getting all it's details over the pipe).
- nmbd changes for fstrcat() instead of fstrcpy().
Andrew Bartlett
Diffstat (limited to 'source/auth')
-rw-r--r-- | source/auth/auth.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/source/auth/auth.c b/source/auth/auth.c index 3c4448445ab..5d56603b9fd 100644 --- a/source/auth/auth.c +++ b/source/auth/auth.c @@ -57,7 +57,8 @@ static const uint8 *get_ntlm_challenge(struct auth_context *auth_context) TALLOC_CTX *mem_ctx; if (auth_context->challenge.length) { - DEBUG(5, ("get_ntlm_challenge (auth subsystem): returning previous challenge (normal)\n")); + DEBUG(5, ("get_ntlm_challenge (auth subsystem): returning previous challenge by module %s (normal)\n", + auth_context->challenge_set_by)); return auth_context->challenge.data; } @@ -190,6 +191,12 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, DEBUG(3, ("check_ntlm_password: mapped user is: [%s]\\[%s]@[%s]\n", user_info->domain.str, user_info->internal_username.str, user_info->wksta_name.str)); + + if (auth_context->challenge.length != 8) { + DEBUG(0, ("check_ntlm_password: Invalid challenge stored for this auth context - cannot continue\n")); + return NT_STATUS_LOGON_FAILURE; + } + if (auth_context->challenge_set_by) DEBUG(10, ("check_ntlm_password: auth_context challenge created by %s\n", auth_context->challenge_set_by)); @@ -441,6 +448,7 @@ NTSTATUS make_auth_context_fixed(struct auth_context **auth_context, uchar chal[ } (*auth_context)->challenge = data_blob(chal, 8); + (*auth_context)->challenge_set_by = "fixed"; return nt_status; } |