--------------------- PatchSet 3368 Date: 2001/11/22 18:05:43 Author: kinkie Branch: ntlm Tag: (none) Log: Completed. Now it compiles. Members: src/auth/ntlm/helpers/winbind/wb_ntlm_auth.c:1.1.2.1->1.1.2.2 Index: squid/src/auth/ntlm/helpers/winbind/wb_ntlm_auth.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/helpers/winbind/Attic/wb_ntlm_auth.c,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -u -r1.1.2.1 -r1.1.2.2 --- squid/src/auth/ntlm/helpers/winbind/wb_ntlm_auth.c 21 Nov 2001 21:54:31 -0000 1.1.2.1 +++ squid/src/auth/ntlm/helpers/winbind/wb_ntlm_auth.c 22 Nov 2001 18:05:43 -0000 1.1.2.2 @@ -24,7 +24,13 @@ #include /* for gettimeofday */ #include /* BUG: is this portable? */ +#include "winbind_nss_config.h" +#include "winbindd_nss.h" +NSS_STATUS winbindd_request(int req_type, + struct winbindd_request *request, + struct winbindd_response *response); + static tristate have_urandom = DONTKNOW; FILE *urandom_file=NULL; @@ -56,7 +62,7 @@ static unsigned char challenge[CHALLENGE_LEN+1]; static char *build_challenge(void) { size_t gotchars; - unsigned char rd,j; + unsigned char j; switch (have_urandom) { case YES: if ((gotchars=fread(&challenge,CHALLENGE_LEN,1,urandom_file))==0) { @@ -77,11 +83,16 @@ } } -static char domuser[200], lmhash[50], nthash[50]; -static char have_nt_hash=0; /* simple flag. A tad dirty.. */ +static char domuser[200]; +lstring lmhash, nthash; +static char have_nthash=0; /* simple flag. A tad dirty.. */ + void do_authenticate(ntlm_authenticate *auth, int auth_length) { lstring tmp; int offset=0; + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS winbindd_result; /* domain */ tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->domain); @@ -90,8 +101,8 @@ return; } memcpy(domuser, tmp.str, tmp.l); - domuser[l]='\\'; - offset=l+1; + domuser[tmp.l]='\\'; + offset=tmp.l+1; /* username */ tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->user); @@ -103,29 +114,53 @@ domuser[offset+tmp.l]='\0'; /* now the LM hash */ - tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->lmresponse); - if (tmp.str == NULL || tmp.l == 0) { + lmhash = ntlm_fetch_string((char *) auth, auth_length, &auth->lmresponse); + if (lmhash.str == NULL || lmhash.l == 0) { SEND("NA No lm hash"); - return NULL; + return; } - memcpy(lmhash,tmp.str,tmp.l); - lmhash[tmp.l]='\0'; - tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->ntresponse); - if (tmp.str == NULL || tmp.l == 0) - have_nt_hash=0; - else { - have_nt_hash=1; - memcpy(nthash,tmp.str,tmp.l); - nthash[tmp.l]='\0'; + nthash = ntlm_fetch_string((char *) auth, auth_length, &auth->ntresponse); + if (nthash.str == NULL || nthash.l == 0) + have_nthash=0; + else + have_nthash=1; + + debug("Checking user '%s' lmhash='%24s', have_nthash=%d, nthash='%24s'\n", + domuser, lmhash.str, have_nthash, nthash.str); + + memset(&request,0,sizeof(struct winbindd_request)); + memset(&response,0,sizeof(struct winbindd_response)); + + memcpy(request.data.auth_crap.chal,challenge,CHALLENGE_LEN); + strcpy(request.data.auth_crap.user,domuser); + memcpy(request.data.auth_crap.lm_resp,lmhash.str,24); + request.data.auth_crap.lm_resp_len=24; + if (have_nthash) { + memcpy(request.data.auth_crap.nt_resp,nthash.str,24); + request.data.auth_crap.nt_resp_len=24; + } else { + request.data.auth_crap.nt_resp[0]='\0'; + request.data.auth_crap.nt_resp_len=0; + } + winbindd_result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, + &request, &response); + debug("winbindd result: %d",winbindd_result); + + if (winbindd_result==WINBINDD_OK) { + SEND2("AF %s",domuser); + } else { + SEND("NA authentication error"); } - /* I'm here. */ - + + return; /* useless */ } void manage_request(void) { char buf[BUFFER_SIZE+1]; char *c, *decoded; + ntlmhdr *fast_header; + if (fgets(buf, BUFFER_SIZE, stdin) == NULL) { warn("fgets() failed! dying..... errno=%d (%s)\n", errno,