The Samba-Bugzilla – Attachment 10834 Details for
Bug 10016
NTLM authentication fails.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am fix for master.
look (text/plain), 5.92 KB, created by
Jeremy Allison
on 2015-03-09 21:30:02 UTC
(
hide
)
Description:
git-am fix for master.
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2015-03-09 21:30:02 UTC
Size:
5.92 KB
patch
obsolete
>From 0d6639658942db05f888a3d2b0e5d65a26dddac3 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Mon, 9 Mar 2015 14:21:22 -0700 >Subject: [PATCH 1/2] s4: lib: auth: If NTLMSSP_NEGOTIATE_TARGET_INFO isn't > set, cope with servers that don't send the 2 unused fields. > >Packet traces showing such servers are found in the bug this fixes: > >https://bugzilla.samba.org/show_bug.cgi?id=10016 > >Signed-off-by: Jeremy Allison <jra@samba.org> >--- > auth/ntlmssp/ntlmssp_client.c | 40 ++++++++++++++++++++++++++++++++++++---- > 1 file changed, 36 insertions(+), 4 deletions(-) > >diff --git a/auth/ntlmssp/ntlmssp_client.c b/auth/ntlmssp/ntlmssp_client.c >index f99257d..d8531e4c 100644 >--- a/auth/ntlmssp/ntlmssp_client.c >+++ b/auth/ntlmssp/ntlmssp_client.c >@@ -132,12 +132,13 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, > talloc_get_type_abort(gensec_security->private_data, > struct gensec_ntlmssp_context); > struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state; >- uint32_t chal_flags, ntlmssp_command, unkn1, unkn2; >+ uint32_t chal_flags, ntlmssp_command, unkn1 = 0, unkn2 = 0; > DATA_BLOB server_domain_blob; > DATA_BLOB challenge_blob; > DATA_BLOB target_info = data_blob(NULL, 0); > char *server_domain; > const char *chal_parse_string; >+ const char *chal_parse_string_short = NULL; > const char *auth_gen_string; > DATA_BLOB lm_response = data_blob(NULL, 0); > DATA_BLOB nt_response = data_blob(NULL, 0); >@@ -178,6 +179,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, > chal_parse_string = "CdUdbddB"; > } else { > chal_parse_string = "CdUdbdd"; >+ chal_parse_string_short = "CdUdb"; > } > auth_gen_string = "CdBBUUUBd"; > } else { >@@ -185,6 +187,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, > chal_parse_string = "CdAdbddB"; > } else { > chal_parse_string = "CdAdbdd"; >+ chal_parse_string_short = "CdAdb"; > } > > auth_gen_string = "CdBBAAABd"; >@@ -199,10 +202,39 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security, > &challenge_blob, 8, > &unkn1, &unkn2, > &target_info)) { >+ >+ bool ok = false; >+ > DEBUG(1, ("Failed to parse the NTLMSSP Challenge: (#2)\n")); >- dump_data(2, in.data, in.length); >- talloc_free(mem_ctx); >- return NT_STATUS_INVALID_PARAMETER; >+ >+ if (chal_parse_string_short != NULL) { >+ /* >+ * In the case where NTLMSSP_NEGOTIATE_TARGET_INFO >+ * is not used, some NTLMSSP servers don't return >+ * the unused unkn1 and unkn2 fields. >+ * See bug: >+ * https://bugzilla.samba.org/show_bug.cgi?id=10016 >+ * for packet traces. >+ * Try and parse again without them. >+ */ >+ ok = msrpc_parse(mem_ctx, >+ &in, chal_parse_string_short, >+ "NTLMSSP", >+ &ntlmssp_command, >+ &server_domain, >+ &chal_flags, >+ &challenge_blob, 8); >+ if (!ok) { >+ DEBUG(1, ("Failed to short parse " >+ "the NTLMSSP Challenge: (#2)\n")); >+ } >+ } >+ >+ if (!ok) { >+ dump_data(2, in.data, in.length); >+ talloc_free(mem_ctx); >+ return NT_STATUS_INVALID_PARAMETER; >+ } > } > > if (chal_flags & NTLMSSP_TARGET_TYPE_SERVER) { >-- >2.2.0.rc0.207.ga3a616c > > >From 1b42c15e044f5de3f49f9292de79bcf80b38934b Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Mon, 9 Mar 2015 14:27:43 -0700 >Subject: [PATCH 2/2] s3: lib: ntlmssp: If NTLMSSP_NEGOTIATE_TARGET_INFO isn't > set, cope with servers that don't send the 2 unused fields. > >Packet traces showing such servers are found in the bug this fixes: > >https://bugzilla.samba.org/show_bug.cgi?id=10016 > >Signed-off-by: Jeremy Allison <jra@samba.org> >--- > source3/libsmb/ntlmssp.c | 38 +++++++++++++++++++++++++++++++++++--- > 1 file changed, 35 insertions(+), 3 deletions(-) > >diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c >index 617b34b..e661aeb 100644 >--- a/source3/libsmb/ntlmssp.c >+++ b/source3/libsmb/ntlmssp.c >@@ -359,12 +359,13 @@ static NTSTATUS ntlmssp3_client_challenge(struct ntlmssp_state *ntlmssp_state, > TALLOC_CTX *out_mem_ctx, /* Unused at this time */ > const DATA_BLOB reply, DATA_BLOB *next_request) > { >- uint32_t chal_flags, ntlmssp_command, unkn1, unkn2; >+ uint32_t chal_flags, ntlmssp_command, unkn1 = 0, unkn2 = 0; > DATA_BLOB server_domain_blob; > DATA_BLOB challenge_blob; > DATA_BLOB struct_blob = data_blob_null; > char *server_domain; > const char *chal_parse_string; >+ const char *chal_parse_string_short = NULL; > const char *auth_gen_string; > DATA_BLOB lm_response = data_blob_null; > DATA_BLOB nt_response = data_blob_null; >@@ -474,6 +475,7 @@ noccache: > chal_parse_string = "CdUdbddB"; > } else { > chal_parse_string = "CdUdbdd"; >+ chal_parse_string_short = "CdUdb"; > } > auth_gen_string = "CdBBUUUBd"; > } else { >@@ -481,6 +483,7 @@ noccache: > chal_parse_string = "CdAdbddB"; > } else { > chal_parse_string = "CdAdbdd"; >+ chal_parse_string_short = "CdAdb"; > } > > auth_gen_string = "CdBBAAABd"; >@@ -497,9 +500,38 @@ noccache: > &challenge_blob, 8, > &unkn1, &unkn2, > &struct_blob)) { >+ >+ bool ok = false; >+ > DEBUG(1, ("Failed to parse the NTLMSSP Challenge: (#2)\n")); >- dump_data(2, reply.data, reply.length); >- return NT_STATUS_INVALID_PARAMETER; >+ >+ if (chal_parse_string_short != NULL) { >+ /* >+ * In the case where NTLMSSP_NEGOTIATE_TARGET_INFO >+ * is not used, some NTLMSSP servers don't return >+ * the unused unkn1 and unkn2 fields. >+ * See bug: >+ * https://bugzilla.samba.org/show_bug.cgi?id=10016 >+ * for packet traces. >+ * Try and parse again without them. >+ */ >+ ok = msrpc_parse(ntlmssp_state, &reply, >+ chal_parse_string_short, >+ "NTLMSSP", >+ &ntlmssp_command, >+ &server_domain, >+ &chal_flags, >+ &challenge_blob, 8); >+ if (!ok) { >+ DEBUG(1, ("Failed to short parse " >+ "the NTLMSSP Challenge: (#2)\n")); >+ } >+ } >+ >+ if (!ok) { >+ dump_data(2, reply.data, reply.length); >+ return NT_STATUS_INVALID_PARAMETER; >+ } > } > > if (chal_flags & NTLMSSP_TARGET_TYPE_SERVER) { >-- >2.2.0.rc0.207.ga3a616c >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
jra
:
review?
(
abartlet
)
jra
:
review?
(
idra
)
jra
:
review?
(
ddiss
)
obnox
:
review+
Actions:
View
Attachments on
bug 10016
:
10817
|
10818
| 10834 |
10891