From d4fc2094776025cb13d52a2d309441cf6862e59c Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sat, 8 Jan 2000 16:12:44 +0000 Subject: identified RPC_AUTH_NTLMSSP_VERIFIER as something general to all dce/rpc auth, so called it RPC_AUTH_VERIFIER instead. hm, that may result in a few mini-changes to the auth api. --- source/include/proto.h | 30 +++--------------------------- source/include/rpc_dce.h | 8 ++++++++ source/include/rpc_ntlmssp.h | 9 --------- source/rpc_client/cli_pipe_ntlmssp.c | 20 ++++++++++---------- source/rpc_parse/parse_ntlmssp.c | 34 ++-------------------------------- source/rpc_parse/parse_rpc.c | 30 ++++++++++++++++++++++++++++++ source/rpc_server/srv_pipe_ntlmssp.c | 14 +++++++------- 7 files changed, 60 insertions(+), 85 deletions(-) (limited to 'source') diff --git a/source/include/proto.h b/source/include/proto.h index b807eaf855f..a3d0f5c8101 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -2872,11 +2872,8 @@ BOOL net_io_r_sam_sync(char *desc, uint8 sess_key[16], /*The following definitions come from rpc_parse/parse_ntlmssp.c */ BOOL rpc_hdr_ntlmssp_auth_chk(RPC_HDR_AUTH *rai); -BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_NTLMSSP_VERIFIER *rav, +BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_VERIFIER *rav, char *signature, uint32 msg_type); -BOOL make_rpc_auth_ntlmssp_verifier(RPC_AUTH_NTLMSSP_VERIFIER *rav, - char *signature, uint32 msg_type); -BOOL smb_io_rpc_auth_ntlmssp_verifier(char *desc, RPC_AUTH_NTLMSSP_VERIFIER *rav, prs_struct *ps, int depth); BOOL make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg, uint32 neg_flgs, fstring myname, fstring domain); @@ -3046,35 +3043,14 @@ BOOL make_rpc_hdr_autha(RPC_HDR_AUTHA *rai, uint8 auth_type, uint8 auth_level, uint8 stub_type_len); BOOL smb_io_rpc_hdr_autha(char *desc, RPC_HDR_AUTHA *rai, prs_struct *ps, int depth); -BOOL rpc_hdr_ntlmssp_auth_chk(RPC_HDR_AUTH *rai); BOOL make_rpc_hdr_auth(RPC_HDR_AUTH *rai, uint8 auth_type, uint8 auth_level, uint8 stub_type_len, uint32 ptr); BOOL smb_io_rpc_hdr_auth(char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int depth); -BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_NTLMSSP_VERIFIER *rav, - char *signature, uint32 msg_type); -BOOL make_rpc_auth_ntlmssp_verifier(RPC_AUTH_NTLMSSP_VERIFIER *rav, +BOOL make_rpc_auth_verifier(RPC_AUTH_VERIFIER *rav, char *signature, uint32 msg_type); -BOOL smb_io_rpc_auth_ntlmssp_verifier(char *desc, RPC_AUTH_NTLMSSP_VERIFIER *rav, prs_struct *ps, int depth); -BOOL make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg, - uint32 neg_flgs, - fstring myname, fstring domain); -BOOL smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth); -BOOL make_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl, - uint32 neg_flags, - uint8 challenge[8]); -BOOL smb_io_rpc_auth_ntlmssp_chal(char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth); -BOOL make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp, - uchar lm_resp[24], - uchar *nt_resp, size_t nt_len, - char *domain, char *user, char *wks, - uint32 neg_flags); -BOOL smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth); -BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num); -BOOL make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, - uint32 ver, uint32 crc32, uint32 seq_num); -BOOL smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth); +BOOL smb_io_rpc_auth_verifier(char *desc, RPC_AUTH_VERIFIER *rav, prs_struct *ps, int depth); /*The following definitions come from rpc_parse/parse_samr.c */ diff --git a/source/include/rpc_dce.h b/source/include/rpc_dce.h index 7ad145db822..cd30fac10fa 100644 --- a/source/include/rpc_dce.h +++ b/source/include/rpc_dce.h @@ -157,6 +157,14 @@ typedef struct rpc_hdr_auth_info } RPC_HDR_AUTH; +/* RPC_AUTH_VERIFIER */ +typedef struct rpc_auth_ntlmssp_info +{ + fstring signature; /* authentication type */ + uint32 msg_type; /* message type (1,2,3) */ + +} RPC_AUTH_VERIFIER; + /* RPC_BIND_REQ - ms req bind */ typedef struct rpc_bind_req_info { diff --git a/source/include/rpc_ntlmssp.h b/source/include/rpc_ntlmssp.h index 7ac6ce71b53..113f2cb9b54 100644 --- a/source/include/rpc_ntlmssp.h +++ b/source/include/rpc_ntlmssp.h @@ -56,15 +56,6 @@ enum NTLM_MESSAGE_TYPE /* NTLMSSP signature version */ #define NTLMSSP_SIGN_VERSION 0x01 - -/* RPC_AUTH_NTLMSSP_VERIFIER */ -typedef struct rpc_auth_ntlmssp_verif_info -{ - fstring signature; /* "NTLMSSP" */ - uint32 msg_type; /* NTLMSSP_MESSAGE_TYPE (1,2,3) */ - -} RPC_AUTH_NTLMSSP_VERIFIER; - /* this is TEMPORARILY coded up as a specific structure */ /* this structure comes after the bind request */ /* RPC_AUTH_NTLMSSP_NEG */ diff --git a/source/rpc_client/cli_pipe_ntlmssp.c b/source/rpc_client/cli_pipe_ntlmssp.c index fc377563283..bc6fdfb870a 100644 --- a/source/rpc_client/cli_pipe_ntlmssp.c +++ b/source/rpc_client/cli_pipe_ntlmssp.c @@ -309,7 +309,7 @@ static BOOL create_ntlmssp_bind_req(struct cli_connection *con, RPC_HDR_RB hdr_rb; RPC_HDR hdr; RPC_HDR_AUTH hdr_auth; - RPC_AUTH_NTLMSSP_VERIFIER auth_verifier; + RPC_AUTH_VERIFIER auth_verifier; RPC_AUTH_NTLMSSP_NEG ntlmssp_neg; struct ntuser_creds *usr; @@ -331,10 +331,10 @@ static BOOL create_ntlmssp_bind_req(struct cli_connection *con, make_rpc_hdr_auth(&hdr_auth, 0x0a, 0x06, 0x00, 1); smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, &rhdr_auth, 0); - make_rpc_auth_ntlmssp_verifier(&auth_verifier, + make_rpc_auth_verifier(&auth_verifier, "NTLMSSP", NTLMSSP_NEGOTIATE); - smb_io_rpc_auth_ntlmssp_verifier("auth_verifier", &auth_verifier, &auth_req, 0); + smb_io_rpc_auth_verifier("auth_verifier", &auth_verifier, &auth_req, 0); make_rpc_auth_ntlmssp_neg(&ntlmssp_neg, usr->ntlmssp_flags, global_myname, usr->domain); @@ -399,8 +399,8 @@ static BOOL decode_ntlmssp_bind_resp(struct cli_connection *con, } if (valid_ack) { - RPC_AUTH_NTLMSSP_VERIFIER rhdr_verf; - smb_io_rpc_auth_ntlmssp_verifier("", &rhdr_verf, rdata, 0); + RPC_AUTH_VERIFIER rhdr_verf; + smb_io_rpc_auth_verifier("", &rhdr_verf, rdata, 0); if (rdata->offset == 0 || !rpc_auth_ntlmssp_verifier_chk(&rhdr_verf, "NTLMSSP", @@ -433,18 +433,18 @@ static BOOL create_ntlmssp_rpc_bind_resp(struct pwd_info *pwd, prs_struct *rhdr_autha, prs_struct *auth_resp) { - RPC_HDR hdr; - RPC_HDR_AUTHA hdr_autha; - RPC_AUTH_NTLMSSP_VERIFIER auth_verifier; + RPC_HDR hdr; + RPC_HDR_AUTHA hdr_autha; + RPC_AUTH_VERIFIER auth_verifier; make_rpc_hdr_autha(&hdr_autha, 0x1630, 0x1630, 0x0a, 0x06, 0x00); smb_io_rpc_hdr_autha("hdr_autha", &hdr_autha, rhdr_autha, 0); prs_realloc_data(rhdr_autha, rhdr_autha->offset); - make_rpc_auth_ntlmssp_verifier(&auth_verifier, + make_rpc_auth_verifier(&auth_verifier, "NTLMSSP", NTLMSSP_AUTH); - smb_io_rpc_auth_ntlmssp_verifier("auth_verifier", &auth_verifier, auth_resp, 0); + smb_io_rpc_auth_verifier("auth_verifier", &auth_verifier, auth_resp, 0); prs_realloc_data(auth_resp, auth_resp->offset); create_ntlmssp_resp(pwd, domain, user_name, my_name, ntlmssp_cli_flgs, diff --git a/source/rpc_parse/parse_ntlmssp.c b/source/rpc_parse/parse_ntlmssp.c index 2b063b8b36f..5150cd76a36 100644 --- a/source/rpc_parse/parse_ntlmssp.c +++ b/source/rpc_parse/parse_ntlmssp.c @@ -37,44 +37,14 @@ BOOL rpc_hdr_ntlmssp_auth_chk(RPC_HDR_AUTH *rai) } /******************************************************************* -checks an RPC_AUTH_NTLMSSP_VERIFIER structure. +checks an RPC_AUTH_VERIFIER structure. ********************************************************************/ -BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_NTLMSSP_VERIFIER *rav, +BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_VERIFIER *rav, char *signature, uint32 msg_type) { return (strequal(rav->signature, signature) && rav->msg_type == msg_type); } -/******************************************************************* -creates an RPC_AUTH_NTLMSSP_VERIFIER structure. -********************************************************************/ -BOOL make_rpc_auth_ntlmssp_verifier(RPC_AUTH_NTLMSSP_VERIFIER *rav, - char *signature, uint32 msg_type) -{ - if (rav == NULL) return False; - - fstrcpy(rav->signature, signature); /* "NTLMSSP" */ - rav->msg_type = msg_type; /* NTLMSSP_MESSAGE_TYPE */ - - return True; -} - -/******************************************************************* -reads or writes an RPC_AUTH_NTLMSSP_VERIFIER structure. -********************************************************************/ -BOOL smb_io_rpc_auth_ntlmssp_verifier(char *desc, RPC_AUTH_NTLMSSP_VERIFIER *rav, prs_struct *ps, int depth) -{ - if (rav == NULL) return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier"); - depth++; - - prs_string("signature", ps, depth, rav->signature, 0, sizeof(rav->signature)); /* "NTLMSSP" */ - prs_uint32("msg_type ", ps, depth, &(rav->msg_type )); /* NTLMSSP_MESSAGE_TYPE */ - - return True; -} - /******************************************************************* creates an RPC_AUTH_NTLMSSP_NEG structure. ********************************************************************/ diff --git a/source/rpc_parse/parse_rpc.c b/source/rpc_parse/parse_rpc.c index 8b26575ed12..0e4a3d95982 100644 --- a/source/rpc_parse/parse_rpc.c +++ b/source/rpc_parse/parse_rpc.c @@ -632,3 +632,33 @@ BOOL smb_io_rpc_hdr_auth(char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int dept return True; } +/******************************************************************* +creates an RPC_AUTH_VERIFIER structure. +********************************************************************/ +BOOL make_rpc_auth_verifier(RPC_AUTH_VERIFIER *rav, + char *signature, uint32 msg_type) +{ + if (rav == NULL) return False; + + fstrcpy(rav->signature, signature); + rav->msg_type = msg_type; + + return True; +} + +/******************************************************************* +reads or writes an RPC_AUTH_VERIFIER structure. +********************************************************************/ +BOOL smb_io_rpc_auth_verifier(char *desc, RPC_AUTH_VERIFIER *rav, prs_struct *ps, int depth) +{ + if (rav == NULL) return False; + + prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier"); + depth++; + + prs_string("signature", ps, depth, rav->signature, 0, sizeof(rav->signature)); + prs_align(ps); + prs_uint32("msg_type ", ps, depth, &(rav->msg_type )); + + return True; +} diff --git a/source/rpc_server/srv_pipe_ntlmssp.c b/source/rpc_server/srv_pipe_ntlmssp.c index d5d1da0304a..d0c8a70e6bb 100644 --- a/source/rpc_server/srv_pipe_ntlmssp.c +++ b/source/rpc_server/srv_pipe_ntlmssp.c @@ -422,7 +422,7 @@ static BOOL api_ntlmssp(rpcsrv_struct *l, uint32 msg_type) static BOOL api_ntlmssp_bind_auth_resp(rpcsrv_struct *l) { RPC_HDR_AUTHA autha_info; - RPC_AUTH_NTLMSSP_VERIFIER auth_verifier; + RPC_AUTH_VERIFIER auth_verifier; DEBUG(5,("api_pipe_bind_auth_resp: decode request. %d\n", __LINE__)); @@ -432,7 +432,7 @@ static BOOL api_ntlmssp_bind_auth_resp(rpcsrv_struct *l) smb_io_rpc_hdr_autha("", &autha_info, &l->data_i, 0); if (l->data_i.offset == 0) return False; - smb_io_rpc_auth_ntlmssp_verifier("", &auth_verifier, &l->data_i, 0); + smb_io_rpc_auth_verifier("", &auth_verifier, &l->data_i, 0); if (l->data_i.offset == 0) return False; if (!rpc_auth_ntlmssp_verifier_chk(&auth_verifier, "NTLMSSP", NTLMSSP_AUTH)) return False; @@ -452,8 +452,8 @@ static BOOL api_ntlmssp_auth_chk(rpcsrv_struct *l, case RPC_BINDACK: case RPC_ALTCONTRESP: { - RPC_AUTH_NTLMSSP_VERIFIER auth_verifier; - smb_io_rpc_auth_ntlmssp_verifier("", &auth_verifier, &l->data_i, 0); + RPC_AUTH_VERIFIER auth_verifier; + smb_io_rpc_auth_verifier("", &auth_verifier, &l->data_i, 0); if (l->data_i.offset == 0) return False; if (strequal(auth_verifier.signature, "NTLMSSP")) @@ -476,7 +476,7 @@ static BOOL api_ntlmssp_auth_gen(rpcsrv_struct *l, prs_struct *resp, BOOL ret; uint8 challenge[8]; RPC_HDR_AUTH auth_info; - RPC_AUTH_NTLMSSP_VERIFIER auth_verifier; + RPC_AUTH_VERIFIER auth_verifier; prs_struct rhdr; prs_struct rauth; prs_struct rverf; @@ -499,9 +499,9 @@ static BOOL api_ntlmssp_auth_gen(rpcsrv_struct *l, prs_struct *resp, /*** NTLMSSP verifier ***/ - make_rpc_auth_ntlmssp_verifier(&auth_verifier, + make_rpc_auth_verifier(&auth_verifier, "NTLMSSP", NTLMSSP_CHALLENGE); - smb_io_rpc_auth_ntlmssp_verifier("", &auth_verifier, &rauth, 0); + smb_io_rpc_auth_verifier("", &auth_verifier, &rauth, 0); prs_realloc_data(&rauth, rauth.offset); /* NTLMSSP challenge ***/ -- cgit v1.2.1