Attachment 15446 Details for Bug 14106 – wip patch

wip patch

0001-wip-spnego-fallback.patch.txt (text/plain), 3.59 KB, created by Isaac Boukris on 2019-08-29 23:45:07 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Isaac Boukris

Created: 2019-08-29 23:45:07 UTC

Size: 3.59 KB

patch

obsolete

>From 62f92cfa3056c92054c53fb3a6f8ced753e3992b Mon Sep 17 00:00:00 2001
>From: Isaac Boukris <iboukris@gmail.com>
>Date: Thu, 29 Aug 2019 20:15:15 +0300
>Subject: [PATCH] wip: spnego fallback
>
>Signed-off-by: Isaac Boukris <iboukris@gmail.com>
>---
> auth/ntlmssp/ntlmssp.c         |  7 +++++--
> auth/ntlmssp/ntlmssp.h         |  5 +++--
> auth/ntlmssp/ntlmssp_private.h |  4 ++++
> auth/ntlmssp/ntlmssp_server.c  | 20 ++++++++++++++++++++
> 4 files changed, 32 insertions(+), 4 deletions(-)
>
>diff --git a/auth/ntlmssp/ntlmssp.c b/auth/ntlmssp/ntlmssp.c
>index 37434fbb0c2..558b9311730 100644
>--- a/auth/ntlmssp/ntlmssp.c
>+++ b/auth/ntlmssp/ntlmssp.c
>@@ -67,6 +67,10 @@ static const struct ntlmssp_callbacks {
> 		.role		= NTLMSSP_SERVER,
> 		.command	= NTLMSSP_NEGOTIATE,
> 		.sync_fn	= gensec_ntlmssp_server_negotiate,
>+	},{
>+		.role		= NTLMSSP_SERVER,
>+		.command	= NTLMSSP_SPNEGO_FALLBACK,
>+		.sync_fn	= gensec_ntlmssp_server_spnego_fallback,
> 	},{
> 		.role		= NTLMSSP_CLIENT,
> 		.command	= NTLMSSP_CHALLENGE,
>@@ -116,8 +120,7 @@ static NTSTATUS gensec_ntlmssp_update_find(struct gensec_security *gensec_securi
> 				ntlmssp_command = NTLMSSP_NEGOTIATE;
> 			} else {
> 				/* This is normal in SPNEGO mech negotiation fallback */
>-				DEBUG(2, ("Failed to parse NTLMSSP packet: zero length\n"));
>-				return NT_STATUS_INVALID_PARAMETER;
>+                                ntlmssp_command = NTLMSSP_SPNEGO_FALLBACK;
> 			}
> 			break;
> 		default:
>diff --git a/auth/ntlmssp/ntlmssp.h b/auth/ntlmssp/ntlmssp.h
>index 658d3fa86af..781ca454624 100644
>--- a/auth/ntlmssp/ntlmssp.h
>+++ b/auth/ntlmssp/ntlmssp.h
>@@ -43,8 +43,9 @@ enum ntlmssp_message_type
> 	NTLMSSP_NEGOTIATE = 1,
> 	NTLMSSP_CHALLENGE = 2,
> 	NTLMSSP_AUTH      = 3,
>-	NTLMSSP_UNKNOWN   = 4,
>-	NTLMSSP_DONE      = 5 /* samba final state */
>+	NTLMSSP_SPNEGO_FALLBACK  = 4,
>+	NTLMSSP_UNKNOWN   = 5,
>+	NTLMSSP_DONE      = 6 /* samba final state */
> };
> 
> #define NTLMSSP_FEATURE_SESSION_KEY        0x00000001
>diff --git a/auth/ntlmssp/ntlmssp_private.h b/auth/ntlmssp/ntlmssp_private.h
>index 4d84e3347b6..57d7c009942 100644
>--- a/auth/ntlmssp/ntlmssp_private.h
>+++ b/auth/ntlmssp/ntlmssp_private.h
>@@ -118,6 +118,10 @@ NTSTATUS gensec_ntlmssp_server_negotiate(struct gensec_security *gensec_security
> 					 TALLOC_CTX *out_mem_ctx,
> 					 const DATA_BLOB request, DATA_BLOB *reply);
> 
>+NTSTATUS gensec_ntlmssp_server_spnego_fallback(struct gensec_security *gensec_security,
>+					 TALLOC_CTX *out_mem_ctx,
>+					 const DATA_BLOB request, DATA_BLOB *reply);
>+
> struct tevent_req *ntlmssp_server_auth_send(TALLOC_CTX *mem_ctx,
> 					    struct tevent_context *ev,
> 					    struct gensec_security *gensec_security,
>diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c
>index 5a56a4db99f..4e0be7c3440 100644
>--- a/auth/ntlmssp/ntlmssp_server.c
>+++ b/auth/ntlmssp/ntlmssp_server.c
>@@ -71,6 +71,26 @@ const char *ntlmssp_target_name(struct ntlmssp_state *ntlmssp_state,
> 	}
> }
> 
>+
>+/**
>+ * Next state function for the NTLMSSP Negotiate packet
>+ *
>+ * @param gensec_security GENSEC state
>+ * @param out_mem_ctx Memory context for *out
>+ * @param in The request, as a DATA_BLOB.  reply.data must be NULL
>+ * @param out The reply, as an allocated DATA_BLOB, caller to free.
>+ * @return Errors or MORE_PROCESSING_REQUIRED if (normal) a reply is required.
>+ */
>+
>+NTSTATUS gensec_ntlmssp_server_spnego_fallback(struct gensec_security *gensec_security,
>+					 TALLOC_CTX *out_mem_ctx,
>+					 const DATA_BLOB request, DATA_BLOB *reply)
>+{
>+        *reply = data_blob_talloc(out_mem_ctx, NULL, 0);
>+
>+	return NT_STATUS_MORE_PROCESSING_REQUIRED;
>+}
>+
> /**
>  * Next state function for the NTLMSSP Negotiate packet
>  *
>-- 
>2.14.5
>

Actions: View

Attachments on bug 14106: 15446 | 15447 | 15448 | 15515 | 15535 | 15536 | 15537