diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2011-08-03 09:33:29 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2011-08-03 12:45:04 +0200 |
| commit | fec25c3a627bfbb14cf0aaf8773f54e0e5017517 (patch) | |
| tree | c49e380c6ecfb3410133119e60c3ba702fbb2286 | |
| parent | d811862b453cc616650cdc10f4d69b239d66943a (diff) | |
| download | samba-fec25c3a627bfbb14cf0aaf8773f54e0e5017517.tar.gz | |
ntlmssp: Add ntlmssp_blob_matches_magic()
This avoids having the same check in 3 different parts of the code
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Aug 3 12:45:04 CEST 2011 on sn-devel-104
| -rw-r--r-- | libcli/auth/ntlmssp.c | 10 | ||||
| -rw-r--r-- | libcli/auth/ntlmssp.h | 2 | ||||
| -rw-r--r-- | source3/smbd/sesssetup.c | 2 | ||||
| -rw-r--r-- | source3/smbd/smb2_sesssetup.c | 2 | ||||
| -rw-r--r-- | source4/auth/ntlmssp/ntlmssp.c | 2 |
5 files changed, 15 insertions, 3 deletions
diff --git a/libcli/auth/ntlmssp.c b/libcli/auth/ntlmssp.c index b7f14c153cc..4817329314a 100644 --- a/libcli/auth/ntlmssp.c +++ b/libcli/auth/ntlmssp.c @@ -132,3 +132,13 @@ void ntlmssp_handle_neg_flags(struct ntlmssp_state *ntlmssp_state, ntlmssp_state->neg_flags |= NTLMSSP_REQUEST_TARGET; } } + +/* Does this blob looks like it could be NTLMSSP? */ +bool ntlmssp_blob_matches_magic(const DATA_BLOB *blob) +{ + if (blob->length > 8 && memcmp("NTLMSSP\0", blob->data, 8) == 0) { + return true; + } else { + return false; + } +} diff --git a/libcli/auth/ntlmssp.h b/libcli/auth/ntlmssp.h index 495d94f6a03..cf8bb8dd301 100644 --- a/libcli/auth/ntlmssp.h +++ b/libcli/auth/ntlmssp.h @@ -169,3 +169,5 @@ NTSTATUS ntlmssp_unwrap(struct ntlmssp_state *ntlmssp_stae, const DATA_BLOB *in, DATA_BLOB *out); NTSTATUS ntlmssp_sign_init(struct ntlmssp_state *ntlmssp_state); + +bool ntlmssp_blob_matches_magic(const DATA_BLOB *blob); diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 8b133b4a541..6dc8609071d 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -1140,7 +1140,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req) * identical regardless. In particular, both rely only on the * status code (not the contents of the packet) and do not * wrap the result */ - if (sconn->use_gensec_hook || (blob1.length > 7 && strncmp((char *)(blob1.data), "NTLMSSP", 7) == 0)) { + if (sconn->use_gensec_hook || ntlmssp_blob_matches_magic(&blob1)) { DATA_BLOB chal; if (!vuser->auth_ntlmssp_state) { diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 6517fb6d004..30e65c21371 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -753,7 +753,7 @@ static NTSTATUS smbd_smb2_session_setup(struct smbd_smb2_request *smb2req, * status code (not the contents of the packet) and do not * wrap the result */ if (session->sconn->use_gensec_hook - || (in_security_buffer.length > 7 && strncmp((char *)(in_security_buffer.data), "NTLMSSP", 7) == 0)) { + || ntlmssp_blob_matches_magic(&in_security_buffer)) { return smbd_smb2_raw_ntlmssp_auth(session, smb2req, in_security_mode, diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c index a53e5547ab2..d90c908d8d6 100644 --- a/source4/auth/ntlmssp/ntlmssp.c +++ b/source4/auth/ntlmssp/ntlmssp.c @@ -63,7 +63,7 @@ static const struct ntlmssp_callbacks { static NTSTATUS gensec_ntlmssp_magic(struct gensec_security *gensec_security, const DATA_BLOB *first_packet) { - if (first_packet->length > 8 && memcmp("NTLMSSP\0", first_packet->data, 8) == 0) { + if (ntlmssp_blob_matches_magic(first_packet)) { return NT_STATUS_OK; } else { return NT_STATUS_INVALID_PARAMETER; |