From 3dc6390e721d83c2e11465db88d6998bfb61d502 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Wed, 29 Nov 2006 10:58:02 +0100 Subject: [PATCH] secur32: Improve version detection, move all the version detection to ntlm.c. Also, as starting with Samba 3.0.24, ntlm_auth will have all the features we need, require that as minimal version and remove odd old-version compatibility hacks. --- dlls/secur32/dispatcher.c | 20 +++++++++++--------- dlls/secur32/ntlm.c | 21 ++++++++++++--------- dlls/secur32/secur32_priv.h | 4 +++- 3 files changed, 26 insertions(+), 19 deletions(-) diff --git a/dlls/secur32/dispatcher.c b/dlls/secur32/dispatcher.c index c150a142ca8..5d821727313 100644 --- a/dlls/secur32/dispatcher.c +++ b/dlls/secur32/dispatcher.c @@ -20,6 +20,7 @@ #include "config.h" #include +#include #ifdef HAVE_UNISTD_H #include #endif @@ -109,7 +110,7 @@ SECURITY_STATUS fork_helper(PNegoHelper *new_helper, const char *prog, else { *new_helper = helper; - helper->version = -1; + helper->major = helper->minor = helper->micro = -1; helper->password = NULL; helper->com_buf = NULL; helper->com_buf_size = 0; @@ -273,6 +274,7 @@ void check_version(PNegoHelper helper) { char temp[80]; char *newline; + int major = 0, minor = 0, micro = 0, ret; TRACE("Checking version of helper\n"); if(helper != NULL) @@ -286,18 +288,18 @@ void check_version(PNegoHelper helper) temp[len] = 0; TRACE("Exact version is %s\n", debugstr_a(temp)); - if(strncmp(temp+8, "4", 1) == 0) + ret = sscanf(temp, "Version %d.%d.%d", &major, &minor, µ); + if(ret != 3) { - helper->version = 4; - } - else if(strncmp(temp+8, "3", 1) == 0) - { - helper->version = 3; + ERR("Failed to get the helper version.\n"); + helper->major = helper->minor = helper->micro = -1; } else { - TRACE("Unknown version!\n"); - helper->version = -1; + TRACE("Version recognized: %d.%d.%d\n", major, minor, micro); + helper->major = major; + helper->minor = minor; + helper->micro = micro; } } } diff --git a/dlls/secur32/ntlm.c b/dlls/secur32/ntlm.c index 9ca3993953a..86d61cff3c0 100644 --- a/dlls/secur32/ntlm.c +++ b/dlls/secur32/ntlm.c @@ -34,7 +34,9 @@ WINE_DEFAULT_DEBUG_CHANNEL(secur32); #define NTLM_MAX_BUF 1904 - +#define MIN_NTLM_AUTH_MAJOR_VERSION 3 +#define MIN_NTLM_AUTH_MINOR_VERSION 0 +#define MIN_NTLM_AUTH_MICRO_VERSION 24 static CHAR ntlm_auth[] = "ntlm_auth"; @@ -524,7 +526,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW( != SEC_E_OK) goto isc_end; if(!strncmp(buffer, "BH", 2)) - TRACE("Helper doesn't understand new command set\n"); + ERR("Helper doesn't understand new command set. Expect more things to fail.\n"); } lstrcpynA(buffer, "YR", max_len-1); @@ -545,8 +547,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW( max_len-1, &bin_len)) != SEC_E_OK) goto isc_end; - /* We need to set NTLMSSP_NEGOTIATE_ALWAYS_SIGN manually for now */ - bin[13] |= 0x80; /* put the decoded client blob into the out buffer */ ret = SEC_I_CONTINUE_NEEDED; @@ -653,7 +653,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW( if(buffer_len < 3) { - TRACE("No flags negotiated, or helper does not support GF command\n"); + TRACE("No flags negotiated.\n"); helper->neg_flags = 0l; } else @@ -670,7 +670,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW( if(strncmp(buffer, "BH", 2) == 0) { - TRACE("Helper does not understand command or no key negotiated.\n"); + TRACE("No key negotiated.\n"); helper->valid_session_key = FALSE; helper->session_key = HeapAlloc(GetProcessHeap(), 0, 16); /*Generate the dummy session key = MD4(MD4(password))*/ @@ -1753,12 +1753,15 @@ void SECUR32_initNTLMSP(void) { /* Cheat and allocate a helper anyway, so cleanup later will work. */ helper = HeapAlloc(GetProcessHeap(),0, sizeof(PNegoHelper)); - helper->version = -1; + helper->major = helper->minor = helper->micro = -1; } else check_version(helper); - if(helper->version > 2) + if( (helper->major > MIN_NTLM_AUTH_MAJOR_VERSION) || + (helper->major = MIN_NTLM_AUTH_MAJOR_VERSION && + helper->minor >= MIN_NTLM_AUTH_MINOR_VERSION && + helper->micro >= MIN_NTLM_AUTH_MICRO_VERSION) ) { SecureProvider *provider = SECUR32_addProvider(&ntlmTableA, &ntlmTableW, NULL); SECUR32_addPackages(provider, 1L, &infoA, &infoW); @@ -1766,7 +1769,7 @@ void SECUR32_initNTLMSP(void) else { ERR("%s was not found or is outdated. " - "Make sure that ntlm_auth >= 3.x is in your path.\n", + "Make sure that ntlm_auth >= 3.0.24 is in your path.\n", ntlm_auth); } cleanup_helper(helper); diff --git a/dlls/secur32/secur32_priv.h b/dlls/secur32/secur32_priv.h index 7ca43f0e6b3..29c48e741e5 100644 --- a/dlls/secur32/secur32_priv.h +++ b/dlls/secur32/secur32_priv.h @@ -65,7 +65,9 @@ typedef struct _NegoHelper { int pwlen; int pipe_in; int pipe_out; - int version; + int major; + int minor; + int micro; char *com_buf; int com_buf_size; int com_buf_offset;