secur32: Improve version detection, move all the version detection to ntlm.c.

Also, as starting with Samba 3.0.24, ntlm_auth will have all the features we need, require that as minimal version and remove odd old-version compatibility hacks.
2024-11-01 11:08:45 +00:00 · 2006-11-29 10:58:02 +01:00 · 2006-11-29 10:58:02 +01:00 · 3dc6390e72
commit 3dc6390e72
parent a3a2eaea93
3 changed files with 26 additions and 19 deletions
--- a/dlls/secur32/dispatcher.c
+++ b/dlls/secur32/dispatcher.c
@ -20,6 +20,7 @@

 #include "config.h"
 #include <stdarg.h>
+#include <stdio.h>
 #ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
@ -109,7 +110,7 @@ SECURITY_STATUS fork_helper(PNegoHelper *new_helper, const char *prog,
    else
    {
        *new_helper = helper;
-        helper->version = -1;
+        helper->major = helper->minor = helper->micro = -1;
        helper->password = NULL;
        helper->com_buf = NULL;
        helper->com_buf_size = 0;
@ -273,6 +274,7 @@ void check_version(PNegoHelper helper)
 {
    char temp[80];
    char *newline;
+    int major = 0, minor = 0, micro = 0, ret;

    TRACE("Checking version of helper\n");
    if(helper != NULL)
@ -286,18 +288,18 @@ void check_version(PNegoHelper helper)
                temp[len] = 0;

            TRACE("Exact version is %s\n", debugstr_a(temp));
-            if(strncmp(temp+8, "4", 1) == 0)
+            ret = sscanf(temp, "Version %d.%d.%d", &major, &minor, &micro);
+            if(ret != 3)
            {
-                helper->version = 4;
-            }
-            else if(strncmp(temp+8, "3", 1) == 0)
-            {
-                helper->version = 3;
+                ERR("Failed to get the helper version.\n");
+                helper->major = helper->minor = helper->micro = -1;
            }
            else
            {
-                TRACE("Unknown version!\n");
-                helper->version = -1;
+                TRACE("Version recognized: %d.%d.%d\n", major, minor, micro);
+                helper->major = major;
+                helper->minor = minor;
+                helper->micro = micro;
            }
        }
    }
--- a/dlls/secur32/ntlm.c
+++ b/dlls/secur32/ntlm.c
@ -34,7 +34,9 @@
 WINE_DEFAULT_DEBUG_CHANNEL(secur32);

 #define NTLM_MAX_BUF 1904
-
+#define MIN_NTLM_AUTH_MAJOR_VERSION 3
+#define MIN_NTLM_AUTH_MINOR_VERSION 0
+#define MIN_NTLM_AUTH_MICRO_VERSION 24

 static CHAR ntlm_auth[] = "ntlm_auth";

@ -524,7 +526,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
                    != SEC_E_OK)
                goto isc_end;
            if(!strncmp(buffer, "BH", 2))
-                TRACE("Helper doesn't understand new command set\n");
+                ERR("Helper doesn't understand new command set. Expect more things to fail.\n");
        }

        lstrcpynA(buffer, "YR", max_len-1);
@ -545,8 +547,6 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
                        max_len-1, &bin_len)) != SEC_E_OK)
            goto isc_end;

-        /* We need to set NTLMSSP_NEGOTIATE_ALWAYS_SIGN manually for now */
-        bin[13] |= 0x80;
        /* put the decoded client blob into the out buffer */

        ret = SEC_I_CONTINUE_NEEDED;
@ -653,7 +653,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(

        if(buffer_len < 3)
        {
-            TRACE("No flags negotiated, or helper does not support GF command\n");
+            TRACE("No flags negotiated.\n");
            helper->neg_flags = 0l;
        }
        else
@ -670,7 +670,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(

        if(strncmp(buffer, "BH", 2) == 0)
        {
-            TRACE("Helper does not understand command or no key negotiated.\n");
+            TRACE("No key negotiated.\n");
            helper->valid_session_key = FALSE;
            helper->session_key = HeapAlloc(GetProcessHeap(), 0, 16);
            /*Generate the dummy session key = MD4(MD4(password))*/
@ -1753,12 +1753,15 @@ void SECUR32_initNTLMSP(void)
    {
        /* Cheat and allocate a helper anyway, so cleanup later will work. */
        helper = HeapAlloc(GetProcessHeap(),0, sizeof(PNegoHelper));
-        helper->version = -1;
+        helper->major = helper->minor = helper->micro = -1;
    }
    else
        check_version(helper);

-    if(helper->version > 2)
+    if( (helper->major >  MIN_NTLM_AUTH_MAJOR_VERSION) ||
+        (helper->major  = MIN_NTLM_AUTH_MAJOR_VERSION  &&
+         helper->minor >= MIN_NTLM_AUTH_MINOR_VERSION  &&
+         helper->micro >= MIN_NTLM_AUTH_MICRO_VERSION) )
    {
        SecureProvider *provider = SECUR32_addProvider(&ntlmTableA, &ntlmTableW, NULL);
        SECUR32_addPackages(provider, 1L, &infoA, &infoW);
@ -1766,7 +1769,7 @@ void SECUR32_initNTLMSP(void)
    else
    {
        ERR("%s was not found or is outdated. "
-            "Make sure that ntlm_auth >= 3.x is in your path.\n",
+            "Make sure that ntlm_auth >= 3.0.24 is in your path.\n",
            ntlm_auth);
    }
    cleanup_helper(helper);
--- a/dlls/secur32/secur32_priv.h
+++ b/dlls/secur32/secur32_priv.h
@ -65,7 +65,9 @@ typedef struct _NegoHelper {
    int pwlen;
    int pipe_in;
    int pipe_out;
-    int version;
+    int major;
+    int minor;
+    int micro;
    char *com_buf;
    int com_buf_size;
    int com_buf_offset;