--------------------- PatchSet 2895 Date: 2001/08/29 13:59:44 Author: rbcollins Branch: ntlm Tag: (none) Log: fix formatting changes and remove printf bomb code Members: src/auth/ntlm/auth_ntlm.c:1.1.10.14.2.45->1.1.10.14.2.46 src/auth/ntlm/helpers/NTLMSSP/libntlmssp.c:1.1.4.9->1.1.4.10 src/auth/ntlm/helpers/NTLMSSP/ntlm.h:1.1.4.13->1.1.4.14 src/auth/ntlm/helpers/NTLMSSP/ntlm_auth.c:1.1.4.22->1.1.4.23 Index: squid/src/auth/ntlm/auth_ntlm.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/auth_ntlm.c,v retrieving revision 1.1.10.14.2.45 retrieving revision 1.1.10.14.2.46 diff -u -r1.1.10.14.2.45 -r1.1.10.14.2.46 --- squid/src/auth/ntlm/auth_ntlm.c 29 Aug 2001 12:51:41 -0000 1.1.10.14.2.45 +++ squid/src/auth/ntlm/auth_ntlm.c 29 Aug 2001 13:59:44 -0000 1.1.10.14.2.46 @@ -379,7 +379,6 @@ if (ntlm_request->authserver != NULL && ntlm_request->authserver_deferred) { debug(29, 9) ("authenticateNTLMRequestFree: releasing server '%d'\n", ntlm_request->authserver); helperStatefulReleaseServer(ntlm_request->authserver); -debug(29,1)("ntr %x released %x\n",ntlm_request,ntlm_request->authserver); ntlm_request->authserver = NULL; } memPoolFree(ntlm_request_pool, ntlm_request); @@ -462,7 +461,6 @@ cbdataUnlock(r->data); authenticateStateFree(r); debug(29, 9) ("NTLM HandleReply, telling stateful helper : %d\n", S_HELPER_RELEASE); -debug(29,1)("au %x released %x\n",NULL,lastserver); return S_HELPER_RELEASE; } @@ -601,8 +599,6 @@ cbdataUnlock(r->data); authenticateStateFree(r); debug(29, 9) ("NTLM HandleReply, telling stateful helper : %d\n", result); -assert (result == S_HELPER_RELEASE); -debug(29,1)("au %x released %x\n",auth_user_request,lastserver); return result; } else { /* the helper broke on a KK */ @@ -636,17 +632,6 @@ cbdataUnlock(r->data); authenticateStateFree(r); debug(29, 9) ("NTLM HandleReply, telling stateful helper : %d\n", result); -switch (result) -{ - case S_HELPER_RELEASE: -debug(29,1)("au %x released %x\n",auth_user_request,lastserver); -break; - case S_HELPER_DEFER: -debug(29,1)("au %x deferred %x\n",auth_user_request,lastserver); -break; - default: -break; -} return result; } @@ -751,17 +736,14 @@ * 3: tell it to get a challenge, or give ntlmauthdone the challenge */ server = helperStatefulDefer(ntlmauthenticators); -debug(29,1)("au %x deferred %x\n",auth_user_request,server); helperstate = server ? helperStatefulServerGetData(server) : NULL; while ((server != NULL) && authenticateNTLMChangeChallenge_p(helperstate)) { /* flag this helper for challenge changing */ helperstate->starve = 1; /* and release the deferred request */ helperStatefulReleaseServer(server); -debug(29,1)("au %x released %x\n",auth_user_request,server); /* Get another deferrable server */ server = helperStatefulDefer(ntlmauthenticators); -debug(29,1)("au %x deferred %x\n",auth_user_request,server); helperstate = server ? helperStatefulServerGetData(server) : NULL; } if (server == NULL) @@ -780,12 +762,10 @@ r->auth_user_request = auth_user_request; if (server == NULL) { helperStatefulSubmit(ntlmauthenticators, NULL, authenticateNTLMHandleplaceholder, r, NULL); -debug(29,1)("au %x submitted to %x\n",auth_user_request,server); } else { /* Server with invalid challenge */ snprintf(buf, 8192, "YR\n"); helperStatefulSubmit(ntlmauthenticators, buf, authenticateNTLMHandleReply, r, ntlm_request->authserver); -debug(29,1)("au %x submitted to %x\n",auth_user_request,server); } } else { /* (server != NULL and we have a valid challenge) */ @@ -812,7 +792,6 @@ /* getting rid of deferred request status */ ntlm_request->authserver_deferred = 0; helperStatefulSubmit(ntlmauthenticators, buf, authenticateNTLMHandleReply, r, ntlm_request->authserver); -debug(29,1)("au %x submitted to %x\n",auth_user_request,ntlm_request->authserver); debug(29, 9) ("authenticateNTLMstart: finished\n"); break; default: @@ -866,7 +845,6 @@ ntlm_request = auth_user_request->scheme_data; debug(29, 9) ("authenticateNTLMReleaseServer: releasing server '%d'\n", ntlm_request->authserver); helperStatefulReleaseServer(ntlm_request->authserver); -debug(29,1)("au %x released %x\n",auth_user_request,ntlm_request->authserver); ntlm_request->authserver = NULL; } Index: squid/src/auth/ntlm/helpers/NTLMSSP/libntlmssp.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/helpers/NTLMSSP/Attic/libntlmssp.c,v retrieving revision 1.1.4.9 retrieving revision 1.1.4.10 diff -u -r1.1.4.9 -r1.1.4.10 --- squid/src/auth/ntlm/helpers/NTLMSSP/libntlmssp.c 9 Aug 2001 10:41:36 -0000 1.1.4.9 +++ squid/src/auth/ntlm/helpers/NTLMSSP/libntlmssp.c 29 Aug 2001 13:59:44 -0000 1.1.4.10 @@ -29,19 +29,20 @@ #endif /* these are part of rfcnb-priv.h and smblib-priv.h */ -extern int SMB_Get_Error_Msg (int msg, char *msgbuf, int len); -extern int SMB_Get_Last_Error (); -extern int RFCNB_Get_Last_Errno (); +extern int SMB_Get_Error_Msg(int msg, char *msgbuf, int len); +extern int SMB_Get_Last_Error(); +extern int RFCNB_Get_Last_Errno(); #include "smblib-priv.h" /* for SMB_Handle_Type */ /* a few forward-declarations. Hackish, but I don't care right now */ -SMB_Handle_Type SMB_Connect_Server (SMB_Handle_Type Con_Handle, char *server, +SMB_Handle_Type SMB_Connect_Server(SMB_Handle_Type Con_Handle, char *server, char *NTdomain); /* this one is reallllly haackiish. We really should be using anything from smblib-priv.h */ -static char *SMB_Prots[] = { "PC NETWORK PROGRAM 1.0", +static char *SMB_Prots[] = +{ "PC NETWORK PROGRAM 1.0", "MICROSOFT NETWORKS 1.03", "MICROSOFT NETWORKS 3.0", "DOS LANMAN1.0", @@ -57,10 +58,9 @@ }; #if 0 -int SMB_Discon (SMB_Handle_Type Con_Handle, BOOL KeepHandle); -int SMB_Negotiate (void *Con_Handle, char *Prots[]); -int SMB_Logon_Server (SMB_Handle_Type Con_Handle, char *UserName, - char *PassWord, char *Domain, int precrypted); +int SMB_Discon(SMB_Handle_Type Con_Handle, BOOL KeepHandle); +int SMB_Negotiate(void *Con_Handle, char *Prots[]); +int SMB_Logon_Server(SMB_Handle_Type Con_Handle, char *UserName, char *PassWord, char *Domain, int precrypted); #endif #ifdef DEBUG @@ -76,15 +76,15 @@ /* Disconnects from the DC. A reconnection will be done upon the next request */ void -dc_disconnect () +dc_disconnect() { if (handle != NULL) - SMB_Discon (handle, 0); + SMB_Discon(handle, 0); handle = NULL; } int -connectedp () +connectedp() { return (handle != NULL); } @@ -92,19 +92,19 @@ /* Tries to connect to a DC. Returns 0 on failure, 1 on OK */ int -is_dc_ok (char *domain, char *domain_controller) +is_dc_ok(char *domain, char *domain_controller) { - SMB_Handle_Type h = SMB_Connect_Server (NULL, domain_controller, domain); + SMB_Handle_Type h = SMB_Connect_Server(NULL, domain_controller, domain); if (h == NULL) return 0; - SMB_Discon (h, 0); + SMB_Discon(h, 0); return 1; } /* returns 0 on success, > 0 on failure */ static int -init_challenge (char *domain, char *domain_controller) +init_challenge(char *domain, char *domain_controller) { int smberr; char errstr[100]; @@ -112,41 +112,40 @@ if (handle != NULL) { return 0; } - debug ("Connecting to server %s domain %s\n", domain_controller, domain); - handle = SMB_Connect_Server (NULL, domain_controller, domain); - smberr = SMB_Get_Last_Error (); - SMB_Get_Error_Msg (smberr, errstr, 100); + debug("Connecting to server %s domain %s\n", domain_controller, domain); + handle = SMB_Connect_Server(NULL, domain_controller, domain); + smberr = SMB_Get_Last_Error(); + SMB_Get_Error_Msg(smberr, errstr, 100); if (handle == NULL) { /* couldn't connect */ - debug ("Couldn't connect to SMB Server. Error:%s\n", errstr); + debug("Couldn't connect to SMB Server. Error:%s\n", errstr); return 1; } - if (SMB_Negotiate (handle, SMB_Prots) < 0) { /* An error */ - debug ("Error negotiating protocol with SMB Server\n"); - SMB_Discon (handle, 0); + if (SMB_Negotiate(handle, SMB_Prots) < 0) { /* An error */ + debug("Error negotiating protocol with SMB Server\n"); + SMB_Discon(handle, 0); handle = NULL; return 2; } if (handle->Security == 0) { /* share-level security, unuseable */ debug ("SMB Server uses share-level security .. we need user sercurity.\n"); - SMB_Discon (handle, 0); + SMB_Discon(handle, 0); handle = NULL; return 3; } - memcpy (challenge, handle->Encrypt_Key, NONCE_LEN); + memcpy(challenge, handle->Encrypt_Key, NONCE_LEN); return 0; } const char * -make_challenge (char *domain, char *domain_controller) +make_challenge(char *domain, char *domain_controller) { - if (init_challenge (domain, domain_controller) > 0) { + if (init_challenge(domain, domain_controller) > 0) { return NULL; } - return ntlm_make_challenge (domain, domain_controller, challenge, - NONCE_LEN); + return ntlm_make_challenge(domain, domain_controller, challenge, NONCE_LEN); } #define min(A,B) (Adomain); + tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->domain); if (tmp.str == NULL) return NULL; - memcpy (p, tmp.str, tmp.l); + memcpy(p, tmp.str, tmp.l); p += tmp.l; *p++ = '\\'; - tmp = ntlm_fetch_string ((char *) auth, auth_length, &auth->user); + tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->user); if (tmp.str == NULL) return NULL; *(p + tmp.l) = '\0'; @@ -184,7 +183,7 @@ * codes defined in ntlm.h */ char * -ntlm_check_auth (ntlm_authenticate * auth, int auth_length) +ntlm_check_auth(ntlm_authenticate * auth, int auth_length) { int rv; char pass[25]; @@ -193,46 +192,46 @@ lstring tmp; if (handle == NULL) { /*if null we aren't connected, but it shouldn't happen */ - debug ("Weird, we've been disconnected\n"); + debug("Weird, we've been disconnected\n"); ntlm_errno = NTLM_NOT_CONNECTED; return NULL; } /* Authenticating against the NT response doesn't seem to work... */ - tmp = ntlm_fetch_string ((char *) auth, auth_length, &auth->lmresponse); + tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->lmresponse); if (tmp.str == NULL) { - fprintf (stderr, "No auth at all. Returning no-auth\n"); + fprintf(stderr, "No auth at all. Returning no-auth\n"); ntlm_errno = NTLM_LOGON_ERROR; return NULL; } - memcpy (pass, tmp.str, tmp.l); + memcpy(pass, tmp.str, tmp.l); pass[25] = '\0'; /* debug("fetching domain\n"); */ - tmp = ntlm_fetch_string ((char *) auth, auth_length, &auth->domain); + tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->domain); if (tmp.str == NULL) { - debug ("No domain supplied. Returning no-auth\n"); + debug("No domain supplied. Returning no-auth\n"); ntlm_errno = NTLM_LOGON_ERROR; return NULL; } - memcpy (domain, tmp.str, tmp.l); + memcpy(domain, tmp.str, tmp.l); user = domain + tmp.l; *user++ = '\0'; /* debug("fetching user name\n"); */ - tmp = ntlm_fetch_string ((char *) auth, auth_length, &auth->user); + tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->user); if (tmp.str == NULL) { - debug ("No username supplied. Returning no-auth\n"); + debug("No username supplied. Returning no-auth\n"); ntlm_errno = NTLM_LOGON_ERROR; return NULL; } - memcpy (user, tmp.str, tmp.l); + memcpy(user, tmp.str, tmp.l); *(user + tmp.l) = '\0'; - debug ("checking domain: '%s', user: '%s', pass='%s'\n", domain, user, + debug("checking domain: '%s', user: '%s', pass='%s'\n", domain, user, pass); - rv = SMB_Logon_Server (handle, user, pass, domain, 1); - debug ("Login attempt had result %d\n", rv); + rv = SMB_Logon_Server(handle, user, pass, domain, 1); + debug("Login attempt had result %d\n", rv); if (rv != NTV_NO_ERROR) { /* failed */ ntlm_errno = rv; @@ -240,6 +239,6 @@ } *(user - 1) = '\\'; /* hack. Performing, but ugly. */ - debug ("credentials: %s\n", credentials); + debug("credentials: %s\n", credentials); return credentials; } Index: squid/src/auth/ntlm/helpers/NTLMSSP/ntlm.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/helpers/NTLMSSP/Attic/ntlm.h,v retrieving revision 1.1.4.13 retrieving revision 1.1.4.14 diff -u -r1.1.4.13 -r1.1.4.14 --- squid/src/auth/ntlm/helpers/NTLMSSP/ntlm.h 20 Aug 2001 11:50:30 -0000 1.1.4.13 +++ squid/src/auth/ntlm/helpers/NTLMSSP/ntlm.h 29 Aug 2001 13:59:44 -0000 1.1.4.14 @@ -97,7 +97,7 @@ struct _dc { char *domain; char *controller; - time_t dead; /* 0 if it's alive, otherwise time of death */ + time_t dead; /* 0 if it's alive, otherwise time of death */ dc *next; }; Index: squid/src/auth/ntlm/helpers/NTLMSSP/ntlm_auth.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/auth/ntlm/helpers/NTLMSSP/Attic/ntlm_auth.c,v retrieving revision 1.1.4.22 retrieving revision 1.1.4.23 diff -u -r1.1.4.22 -r1.1.4.23 --- squid/src/auth/ntlm/helpers/NTLMSSP/ntlm_auth.c 29 Aug 2001 09:24:52 -0000 1.1.4.22 +++ squid/src/auth/ntlm/helpers/NTLMSSP/ntlm_auth.c 29 Aug 2001 13:59:44 -0000 1.1.4.23 @@ -26,10 +26,10 @@ #include /* these are part of rfcnb-priv.h and smblib-priv.h */ -extern int SMB_Get_Error_Msg (int msg, char *msgbuf, int len); -extern int SMB_Get_Last_Error (); -extern int SMB_Get_Last_SMB_Err (); -extern int RFCNB_Get_Last_Error (); +extern int SMB_Get_Error_Msg(int msg, char *msgbuf, int len); +extern int SMB_Get_Last_Error(); +extern int SMB_Get_Last_SMB_Err(); +extern int RFCNB_Get_Last_Error(); #include @@ -76,43 +76,43 @@ /* makes a null-terminated string upper-case. Changes CONTENTS! */ static void -uc (char *string) +uc(char *string) { char *p = string, c; while ((c = *p)) { - *p = toupper (c); + *p = toupper(c); p++; } } /* makes a null-terminated string lower-case. Changes CONTENTS! */ static void -lc (char *string) +lc(char *string) { char *p = string, c; while ((c = *p)) { - *p = tolower (c); + *p = tolower(c); p++; } } void -send_bh_or_ld (char *bhmessage, ntlm_authenticate * failedauth, int authlen) +send_bh_or_ld(char *bhmessage, ntlm_authenticate * failedauth, int authlen) { char *creds = NULL; #ifdef NTLM_FAIL_OPEN if (last_ditch_enabled) { - creds = fetch_credentials (failedauth, authlen); + creds = fetch_credentials(failedauth, authlen); if (creds) { - lc (creds); - SEND2 ("LD %s", creds); + lc(creds); + SEND2("LD %s", creds); } else { - SEND ("NA last-ditch on, but no credentials"); + SEND("NA last-ditch on, but no credentials"); } } else { #endif - SEND2 ("BH %s", bhmessage); + SEND2("BH %s", bhmessage); #ifdef NTLM_FAIL_OPEN } #endif @@ -129,26 +129,26 @@ char *my_program_name = NULL; void -usage () +usage() { - fprintf (stderr, + fprintf(stderr, "%s usage:\n%s [-b] [-f] domain\\controller [domain\\controller ...]\n-b, if specified, enables load-balancing among controllers\n-f, if specified, enables failover among controllers (DEPRECATED and always active)\n-l, if specified, changes behavior on domain controller failyures to\tlast-ditch\n\nYou MUST specify at least one Domain Controller.\nYou can use either \\ or / as separator between the domain name \n\tand the controller name\n", my_program_name, my_program_name); } void -process_options (int argc, char *argv[]) +process_options(int argc, char *argv[]) { int opt, j, had_error = 0; dc *new_dc = NULL, *last_dc = NULL; - while (-1 != (opt = getopt (argc, argv, "bfl"))) { + while (-1 != (opt = getopt(argc, argv, "bfl"))) { switch (opt) { case 'b': load_balance = 1; break; case 'f': - fprintf (stderr, + fprintf(stderr, "WARNING. The -f flag is DEPRECATED and always active.\n"); break; #ifdef NTLM_FAIL_OPEN @@ -157,43 +157,43 @@ break; #endif default: - fprintf (stderr, "unknown option: -%c. Exiting\n", opt); - usage (); + fprintf(stderr, "unknown option: -%c. Exiting\n", opt); + usage(); had_error = 1; } } if (had_error) - exit (1); + exit(1); /* Okay, now begin filling controllers up */ /* we can avoid memcpy-ing, and just reuse argv[] */ for (j = optind; j < argc; j++) { char *d, *c; /* d will not be freed in case of non-error. Since we don't reconfigure, * it's going to live as long as the process anyways */ - d = malloc (strlen (argv[j]) + 1); - strcpy (d, argv[j]); - debug ("Adding domain-controller %s\n", d); - if (NULL == (c = strchr (d, '\\')) && NULL == (c = strchr (d, '/'))) { - fprintf (stderr, "Couldn't grok domain-controller %s\n", d); - free (d); + d = malloc(strlen(argv[j]) + 1); + strcpy(d, argv[j]); + debug("Adding domain-controller %s\n", d); + if (NULL == (c = strchr(d, '\\')) && NULL == (c = strchr(d, '/'))) { + fprintf(stderr, "Couldn't grok domain-controller %s\n", d); + free(d); continue; } /* more than one delimiter is not allowed */ - if (NULL != strchr (c + 1, '\\') || NULL != strchr (c + 1, '/')) { - fprintf (stderr, "Broken domain-controller %s\n", d); - free (d); + if (NULL != strchr(c + 1, '\\') || NULL != strchr(c + 1, '/')) { + fprintf(stderr, "Broken domain-controller %s\n", d); + free(d); continue; } *c++ = '\0'; - new_dc = (dc *) malloc (sizeof (dc)); + new_dc = (dc *) malloc(sizeof(dc)); if (!new_dc) { - fprintf (stderr, "Malloc error while parsing DC options\n"); - free (d); + fprintf(stderr, "Malloc error while parsing DC options\n"); + free(d); continue; } /* capitalize */ - uc (c); - uc (d); + uc(c); + uc(d); numcontrollers++; new_dc->domain = d; new_dc->controller = c; @@ -207,9 +207,9 @@ } } if (numcontrollers == 0) { - fprintf (stderr, "You must specify at least one domain-controller!\n"); - usage (); - exit (1); + fprintf(stderr, "You must specify at least one domain-controller!\n"); + usage(); + exit(1); } last_dc->next = controllers; /* close the queue, now it's circular */ } @@ -218,36 +218,36 @@ * with failover if the adequate option is specified. */ const char * -obtain_challenge () +obtain_challenge() { int j = 0; const char *ch = NULL; for (j = 0; j < numcontrollers; j++) { - debug ("obtain_challenge: selecting %s\\%s (attempt #%d)\n", + debug("obtain_challenge: selecting %s\\%s (attempt #%d)\n", current_dc->domain, current_dc->controller, j + 1); if (current_dc->dead != 0) { - if (time (NULL) - current_dc->dead >= DEAD_DC_RETRY_INTERVAL) { + if (time(NULL) - current_dc->dead >= DEAD_DC_RETRY_INTERVAL) { /* mark helper as retry-worthy if it's so. */ - debug ("Reviving DC\n"); + debug("Reviving DC\n"); current_dc->dead = 0; } else { /* skip it */ - debug ("Skipping it\n"); + debug("Skipping it\n"); continue; } } /* else branch. Here we KNOW that the DC is fine */ - debug ("attempting challenge retrieval\n"); - ch = make_challenge (current_dc->domain, current_dc->controller); - debug ("make_challenge retuned %p\n", ch); + debug("attempting challenge retrieval\n"); + ch = make_challenge(current_dc->domain, current_dc->controller); + debug("make_challenge retuned %p\n", ch); if (ch) { - debug ("Got it\n"); + debug("Got it\n"); return ch; /* All went OK, returning */ } /* Huston, we've got a problem. Take this DC out of the loop */ - debug ("Marking DC as DEAD\n"); - current_dc->dead = time (NULL); + debug("Marking DC as DEAD\n"); + current_dc->dead = time(NULL); /* Try with the next */ - debug ("moving on to next controller\n"); + debug("moving on to next controller\n"); current_dc = current_dc->next; } /* all DCs failed. */ @@ -256,7 +256,7 @@ void -manage_request () +manage_request() { ntlmhdr *fast_header; char buf[BUFFER_SIZE]; @@ -264,41 +264,41 @@ char *ch2, *decoded, *cred; int plen; - if (fgets (buf, BUFFER_SIZE, stdin) == NULL) { - fprintf (stderr, "fgets() failed! dying..... errno=%d (%s)\n", errno, - strerror (errno)); - exit (1); /* BIIG buffer */ + if (fgets(buf, BUFFER_SIZE, stdin) == NULL) { + fprintf(stderr, "fgets() failed! dying..... errno=%d (%s)\n", errno, + strerror(errno)); + exit(1); /* BIIG buffer */ } - debug ("managing request\n"); - ch2 = memchr (buf, '\n', BUFFER_SIZE); /* safer against overrun than strchr */ + debug("managing request\n"); + ch2 = memchr(buf, '\n', BUFFER_SIZE); /* safer against overrun than strchr */ if (ch2) { *ch2 = '\0'; /* terminate the string at newline. */ ch = ch2; } - debug ("ntlm authenticator. Got '%s' from Squid\n", buf); + debug("ntlm authenticator. Got '%s' from Squid\n", buf); - if (memcmp (buf, "KK ", 3) == 0) { /* authenticate-request */ + if (memcmp(buf, "KK ", 3) == 0) { /* authenticate-request */ /* figure out what we got */ - decoded = base64_decode (buf + 3); + decoded = base64_decode(buf + 3); /* Note: we don't need to manage memory at this point, since * base64_decode returns a pointer to static storage. */ if (!decoded) { /* decoding failure, return error */ - SEND ("NA Packet format error, couldn't base64-decode"); + SEND("NA Packet format error, couldn't base64-decode"); return; } /* fast-track-decode request type. */ fast_header = (struct _ntlmhdr *) decoded; /* sanity-check: it IS a NTLMSSP packet, isn't it? */ - if (memcmp (fast_header->signature, "NTLMSSP", 8) != 0) { - SEND ("NA Broken authentication packet"); + if (memcmp(fast_header->signature, "NTLMSSP", 8) != 0) { + SEND("NA Broken authentication packet"); return; } switch (fast_header->type) { case NTLM_NEGOTIATE: - SEND ("NA Invalid negotiation request received"); + SEND("NA Invalid negotiation request received"); return; /* notreached */ case NTLM_CHALLENGE: @@ -308,10 +308,10 @@ /* notreached */ case NTLM_AUTHENTICATE: /* check against the DC */ - plen = strlen (buf) * 3 / 4; /* we only need it here. Optimization */ + plen = strlen(buf) * 3 / 4; /* we only need it here. Optimization */ signal(SIGALRM,timeout_during_auth); alarm(30); - cred = ntlm_check_auth ((ntlm_authenticate *) decoded, plen); + cred = ntlm_check_auth((ntlm_authenticate *) decoded, plen); alarm(0); signal(SIGALRM,SIG_DFL); if (got_timeout != 0) { @@ -326,27 +326,27 @@ * libntlmssp's erno is insufficient, we'll have to look at * the actual SMB library error codes, to acually figure * out what's happening. The thing has braindamaged interfacess..*/ - smblib_err = SMB_Get_Last_Error (); - smb_errorclass = SMBlib_Error_Class (SMB_Get_Last_SMB_Err ()); - smb_errorcode = SMBlib_Error_Code (SMB_Get_Last_SMB_Err ()); - nb_error = RFCNB_Get_Last_Error (); + smblib_err = SMB_Get_Last_Error(); + smb_errorclass = SMBlib_Error_Class(SMB_Get_Last_SMB_Err()); + smb_errorcode = SMBlib_Error_Code(SMB_Get_Last_SMB_Err()); + nb_error = RFCNB_Get_Last_Error(); debug ("No creds. SMBlib error %d, SMB error class %d, SMB error code %d, NB error %d\n", smblib_err, smb_errorclass, smb_errorcode, nb_error); /* Should I use smblib_err? Actually it seems I can do as well * without it.. */ if (nb_error != 0) { /* netbios-level error */ - send_bh_or_ld ("NetBios error!", + send_bh_or_ld("NetBios error!", (ntlm_authenticate *) decoded, plen); - fprintf (stderr, "NetBios error code %d (%s)\n", nb_error, - RFCNB_Error_Strings[abs (nb_error)]); + fprintf(stderr, "NetBios error code %d (%s)\n", nb_error, + RFCNB_Error_Strings[abs(nb_error)]); return; } switch (smb_errorclass) { case SMBC_SUCCESS: debug ("Huh? Got a SMB success code but could check auth.."); - SEND ("NA Authentication failed"); + SEND("NA Authentication failed"); /* * send_bh_or_ld("SMB success, but no creds. Internal error?", * (ntlm_authenticate *) decoded, plen); @@ -354,76 +354,76 @@ return; case SMBC_ERRDOS: /*this is the most important one for errors */ - debug ("DOS error\n"); + debug("DOS error\n"); switch (smb_errorcode) { /* two categories matter to us: those which could be * server errors, and those which are auth errors */ case SMBD_noaccess: /* 5 */ - SEND ("NA Access denied"); + SEND("NA Access denied"); return; case SMBD_badformat: - SEND ("NA bad format in authentication packet"); + SEND("NA bad format in authentication packet"); return; case SMBD_badaccess: - SEND ("NA Bad access request"); + SEND("NA Bad access request"); return; case SMBD_baddata: - SEND ("NA Bad Data"); + SEND("NA Bad Data"); return; default: - send_bh_or_ld ("DOS Error", + send_bh_or_ld("DOS Error", (ntlm_authenticate *) decoded, plen); return; } case SMBC_ERRSRV: /* server errors */ - debug ("Server error"); + debug("Server error"); switch (smb_errorcode) { /* mostly same as above */ case SMBV_badpw: - SEND ("NA Bad password"); + SEND("NA Bad password"); return; case SMBV_access: - SEND ("NA Server access error"); + SEND("NA Server access error"); return; default: - send_bh_or_ld ("Server Error", + send_bh_or_ld("Server Error", (ntlm_authenticate *) decoded, plen); return; } case SMBC_ERRHRD: /* hardware errors don't really matter */ - send_bh_or_ld ("Domain Controller Hardware error", + send_bh_or_ld("Domain Controller Hardware error", (ntlm_authenticate *) decoded, plen); return; case SMBC_ERRCMD: - send_bh_or_ld ("Domain Controller Command Error", + send_bh_or_ld("Domain Controller Command Error", (ntlm_authenticate *) decoded, plen); return; } } - lc (cred); /* let's lowercase them for our convenience */ - SEND2 ("AF %s", cred); + lc(cred); /* let's lowercase them for our convenience */ + SEND2("AF %s", cred); return; default: - SEND ("BH unknown authentication packet type"); + SEND("BH unknown authentication packet type"); return; } return; } - if (memcmp (buf, "YR", 2) == 0) { /* refresh-request */ - dc_disconnect (); - ch = obtain_challenge (); + if (memcmp(buf, "YR", 2) == 0) { /* refresh-request */ + dc_disconnect(); + ch = obtain_challenge(); /* Robert says we can afford to wait forever. I'll trust him on this * one */ while (ch == NULL) { - sleep (30); - ch = obtain_challenge (); + sleep(30); + ch = obtain_challenge(); } - SEND2 ("TT %s", ch); + SEND2("TT %s", ch); return; } - SEND ("BH Helper detected protocol error"); + SEND("BH Helper detected protocol error"); return; /********* END ********/ @@ -431,38 +431,38 @@ } int -main (int argc, char *argv[]) +main(int argc, char *argv[]) { - debug ("ntlm_auth build " __DATE__ ", " __TIME__ " starting up...\n"); + debug("ntlm_auth build " __DATE__ ", " __TIME__ " starting up...\n"); #ifdef DEBUG - debug ("changing dir to /tmp\n"); - chdir ("/tmp"); + debug("changing dir to /tmp\n"); + chdir("/tmp"); #endif my_program_name = argv[0]; - process_options (argc, argv); + process_options(argc, argv); - debug ("options processed OK\n"); + debug("options processed OK\n"); /* initialize FDescs */ - setbuf (stdout, NULL); - setbuf (stderr, NULL); + setbuf(stdout, NULL); + setbuf(stderr, NULL); /* select the first domain controller we're going to use */ current_dc = controllers; if (load_balance != 0 && numcontrollers > 1) { int n; - pid_t pid = getpid (); + pid_t pid = getpid(); n = pid % numcontrollers; - debug ("load balancing. Selected controller #%d\n", n); + debug("load balancing. Selected controller #%d\n", n); while (n > 0) { current_dc = current_dc->next; n--; } } while (1) { - manage_request (); + manage_request(); } return 0; }