The Samba-Bugzilla – Attachment 3594 Details for
Bug 5713
Windows 2000 (Admin Pack) MMC consoles don't work anymore
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
GIT formatted version of the NTLMSSP patch
ldapNTLMSSP.patch (text/plain), 4.10 KB, created by
Matthias Dieter Wallnöfer
on 2008-09-17 10:57:03 UTC
(
hide
)
Description:
GIT formatted version of the NTLMSSP patch
Filename:
MIME Type:
Creator:
Matthias Dieter Wallnöfer
Created:
2008-09-17 10:57:03 UTC
Size:
4.10 KB
patch
obsolete
>From 3f3fbc129a6192159eb200706e3ce6b7c63e4f11 Mon Sep 17 00:00:00 2001 >From: =?utf-8?q?Matthias=20Dieter=20Walln=C3=B6fer?= <mwallnoefer@yahoo.de> >Date: Wed, 17 Sep 2008 17:55:52 +0200 >Subject: [PATCH] NTLMSSP Server: Correctly fills in the DNS server name and server domain > >Don't rely on "get*" system calls but rather on SAMBA "lp_*" calls. >--- > source4/auth/ntlmssp/ntlmssp_server.c | 38 ++++++++++++++------------------ > 1 files changed, 17 insertions(+), 21 deletions(-) > >diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c >index 838596e..bf91be3 100644 >--- a/source4/auth/ntlmssp/ntlmssp_server.c >+++ b/source4/auth/ntlmssp/ntlmssp_server.c >@@ -25,7 +25,6 @@ > #include "auth/ntlmssp/ntlmssp.h" > #include "auth/ntlmssp/msrpc_parse.h" > #include "lib/crypto/crypto.h" >-#include "system/filesys.h" > #include "libcli/auth/libcli_auth.h" > #include "auth/credentials/credentials.h" > #include "auth/gensec/gensec.h" >@@ -125,8 +124,6 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security, > { > struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data; > DATA_BLOB struct_blob; >- char dnsname[MAXHOSTNAMELEN], dnsdomname[MAXHOSTNAMELEN]; >- const char *p; > uint32_t neg_flags = 0; > uint32_t ntlmssp_command, chal_flags; > const uint8_t *cryptkey; >@@ -183,25 +180,24 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security, > gensec_ntlmssp_state->chal = data_blob_talloc(gensec_ntlmssp_state, cryptkey, 8); > gensec_ntlmssp_state->internal_chal = data_blob_talloc(gensec_ntlmssp_state, cryptkey, 8); > >- dnsname[0] = '\0'; >- if (gethostname(dnsname, sizeof(dnsname)) == -1) { >- DEBUG(0,("gethostname failed\n")); >- return NT_STATUS_UNSUCCESSFUL; >- } >- >- /* This should be a 'netbios domain -> DNS domain' mapping */ >- p = strchr(dnsname, '.'); >- if (p != NULL) { >- safe_strcpy(dnsdomname, p+1, sizeof(dnsdomname)); >- strlower_m(dnsdomname); >- } else { >- dnsdomname[0] = '\0'; >- } >- > /* This creates the 'blob' of names that appears at the end of the packet */ >- if (chal_flags & NTLMSSP_CHAL_TARGET_INFO) >- { >+ if (chal_flags & NTLMSSP_CHAL_TARGET_INFO) { >+ char dnsdomname[MAXHOSTNAMELEN], dnsname[MAXHOSTNAMELEN]; > const char *target_name_dns = ""; >+ >+ /* Find out the DNS domain name */ >+ dnsdomname[0] = '\0'; >+ safe_strcpy(dnsdomname, lp_realm(gensec_security->lp_ctx), sizeof(dnsdomname) - 1); >+ strlower_m(dnsdomname); >+ >+ /* Find out the DNS host name */ >+ safe_strcpy(dnsname, gensec_ntlmssp_state->server_name, sizeof(dnsname) - 1); >+ if (dnsdomname[0] != '\0') { >+ safe_strcat(dnsname, ".", sizeof(dnsname) - 1); >+ safe_strcat(dnsname, dnsdomname, sizeof(dnsname) - 1); >+ } >+ strlower_m(dnsname); >+ > if (chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN) { > target_name_dns = dnsdomname; > } else if (chal_flags |= NTLMSSP_TARGET_TYPE_SERVER) { >@@ -221,7 +217,7 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security, > } > > { >- /* Marshel the packet in the right format, be it unicode or ASCII */ >+ /* Marshal the packet in the right format, be it unicode or ASCII */ > const char *gen_string; > if (gensec_ntlmssp_state->unicode) { > gen_string = "CdUdbddB"; >-- >1.5.4.5 > > >From e631c2f7dcb4e83b1e10a8060870ab2ae4153cda Mon Sep 17 00:00:00 2001 >From: =?utf-8?q?Matthias=20Dieter=20Walln=C3=B6fer?= <mwallnoefer@yahoo.de> >Date: Wed, 17 Sep 2008 17:55:02 +0200 >Subject: [PATCH] LDAP Server: Don't create the SASL SECBLOB output object twice > >Removes one "talloc" creation of the output object. >--- > source4/ldap_server/ldap_bind.c | 3 --- > 1 files changed, 0 insertions(+), 3 deletions(-) > >diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c >index f37ef31..8357251 100644 >--- a/source4/ldap_server/ldap_bind.c >+++ b/source4/ldap_server/ldap_bind.c >@@ -180,9 +180,6 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call) > input = *req->creds.SASL.secblob; > } > >- resp->SASL.secblob = talloc(reply, DATA_BLOB); >- NT_STATUS_HAVE_NO_MEMORY(resp->SASL.secblob); >- > status = gensec_update(conn->gensec, reply, > input, &output); > >-- >1.5.4.5 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3594">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 5713
:
3505
|
3532
|
3533
|
3590
|
3592
|
3593
|
3594
|
3602