[ipfire-2.x.git] / src / patches / samba / samba-3.6.99-fix_smbclient_ntlmv2_auth.patch

From b413a09fa5b927102655a8332e95a64a80e57825 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 21 Jul 2011 21:15:38 +0200
Subject: [PATCH 1/2] PATCHSET19: s3:libsmb: don't pass cli->called.name to
 NTLMv2_generate_names_blob()

cli->called.name is never initialized, so this change doesn't change
the behavior. And this behavior seems to be correct, see
commit 29c0c37691da10bf061ba90a5b31482bda2fa486
s4/libcli: do not use netbios name in NTLMv2 blobs w/o spnego.

metze

(cherry picked from commit 392ddf970c8f8486e79eec5214ed49912e344e09)
---
 source3/libsmb/cliconnect.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 8653ba7..38ae230 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -862,11 +862,11 @@ static struct tevent_req *cli_session_setup_nt1_send(
 			/*
 			 * note that the 'workgroup' here is a best
 			 * guess - we don't know the server's domain
-			 * at this point.  The 'server name' is also
-			 * dodgy...
+			 * at this point. Windows clients also don't
+			 * use hostname...
 			 */
 			names_blob = NTLMv2_generate_names_blob(
-				NULL, cli->called.name, workgroup);
+				NULL, NULL, workgroup);
 
 			if (tevent_req_nomem(names_blob.data, req)) {
 				return tevent_req_post(req, ev);
-- 
2.1.0


From 1415733b6cfeba129e1459ef55a0a12a5dec0fa3 Mon Sep 17 00:00:00 2001
From: Christian Ambach <christian.ambach@de.ibm.com>
Date: Thu, 7 Apr 2011 14:05:04 +0200
Subject: [PATCH 2/2] PATCHSET19: s4/libcli: do not use netbios name in NTLMv2
 blobs w/o spnego

I have seen domain controllers rejecting NTLMv2 blobs presented to
NetrLogonSamLogonEx with LOGON_FAILURE when the MsvAvNbComputerName
was a FQDN or an IP address

I have not seen this field in NTLMv2 blobs send by Windows clients
when extended security was not available, so omitting the field
makes Samba similar to Windows.

This prevents errors with some smbtorture testcases that disable
spnego and when a target name is specified that is not a valid
netbios name.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Apr 14 02:19:08 CEST 2011 on sn-devel-104
(cherry picked from commit 29c0c37691da10bf061ba90a5b31482bda2fa486)
---
 source4/libcli/smb_composite/sesssetup.c | 26 ++++++++++++++++++++++----
 1 file changed, 22 insertions(+), 4 deletions(-)

diff --git a/source4/libcli/smb_composite/sesssetup.c b/source4/libcli/smb_composite/sesssetup.c
index e1159a4..ebc3598 100644
--- a/source4/libcli/smb_composite/sesssetup.c
+++ b/source4/libcli/smb_composite/sesssetup.c
@@ -280,8 +280,17 @@ static NTSTATUS session_setup_nt1(struct composite_context *c,
 				  struct smbcli_request **req) 
 {
 	NTSTATUS nt_status = NT_STATUS_INTERNAL_ERROR;
-	struct sesssetup_state *state = talloc_get_type(c->private_data, struct sesssetup_state);
-	DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, session->transport->socket->hostname, cli_credentials_get_domain(io->in.credentials));
+	struct sesssetup_state *state = talloc_get_type(c->private_data,
+							struct sesssetup_state);
+	const char *domain = cli_credentials_get_domain(io->in.credentials);
+
+	/*
+	 * domain controllers tend to reject the NTLM v2 blob
+	 * if the netbiosname is not valid (e.g. IP address or FQDN)
+	 * so just leave it away (as Windows client do)
+	 */
+	DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, NULL, domain);
+
 	DATA_BLOB session_key = data_blob(NULL, 0);
 	int flags = CLI_CRED_NTLM_AUTH;
 
@@ -353,9 +362,18 @@ static NTSTATUS session_setup_old(struct composite_context *c,
 				  struct smbcli_request **req) 
 {
 	NTSTATUS nt_status;
-	struct sesssetup_state *state = talloc_get_type(c->private_data, struct sesssetup_state);
+	struct sesssetup_state *state = talloc_get_type(c->private_data,
+							struct sesssetup_state);
 	const char *password = cli_credentials_get_password(io->in.credentials);
-	DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, session->transport->socket->hostname, cli_credentials_get_domain(io->in.credentials));
+	const char *domain = cli_credentials_get_domain(io->in.credentials);
+
+	/*
+	 * domain controllers tend to reject the NTLM v2 blob
+	 * if the netbiosname is not valid (e.g. IP address or FQDN)
+	 * so just leave it away (as Windows client do)
+	 */
+	DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, NULL, domain);
+
 	DATA_BLOB session_key;
 	int flags = 0;
 	if (session->options.lanman_auth) {
-- 
2.1.0
Commit	Line	Data
1d13e637 AF	1	From b413a09fa5b927102655a8332e95a64a80e57825 Mon Sep 17 00:00:00 2001
	2	From: Stefan Metzmacher <metze@samba.org>
	3	Date: Thu, 21 Jul 2011 21:15:38 +0200
	4	Subject: [PATCH 1/2] PATCHSET19: s3:libsmb: don't pass cli->called.name to
	5	NTLMv2_generate_names_blob()
	6
	7	cli->called.name is never initialized, so this change doesn't change
	8	the behavior. And this behavior seems to be correct, see
	9	commit 29c0c37691da10bf061ba90a5b31482bda2fa486
	10	s4/libcli: do not use netbios name in NTLMv2 blobs w/o spnego.
	11
	12	metze
	13
	14	(cherry picked from commit 392ddf970c8f8486e79eec5214ed49912e344e09)
	15	---
	16	source3/libsmb/cliconnect.c \| 6 +++---
	17	1 file changed, 3 insertions(+), 3 deletions(-)
	18
	19	diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
	20	index 8653ba7..38ae230 100644
	21	--- a/source3/libsmb/cliconnect.c
	22	+++ b/source3/libsmb/cliconnect.c
	23	@@ -862,11 +862,11 @@ static struct tevent_req *cli_session_setup_nt1_send(
	24	/*
	25	* note that the 'workgroup' here is a best
	26	* guess - we don't know the server's domain
	27	- * at this point. The 'server name' is also
	28	- * dodgy...
	29	+ * at this point. Windows clients also don't
	30	+ * use hostname...
	31	*/
	32	names_blob = NTLMv2_generate_names_blob(
	33	- NULL, cli->called.name, workgroup);
	34	+ NULL, NULL, workgroup);
	35
	36	if (tevent_req_nomem(names_blob.data, req)) {
	37	return tevent_req_post(req, ev);
	38	--
	39	2.1.0
	40
	41
	42	From 1415733b6cfeba129e1459ef55a0a12a5dec0fa3 Mon Sep 17 00:00:00 2001
	43	From: Christian Ambach <christian.ambach@de.ibm.com>
	44	Date: Thu, 7 Apr 2011 14:05:04 +0200
	45	Subject: [PATCH 2/2] PATCHSET19: s4/libcli: do not use netbios name in NTLMv2
	46	blobs w/o spnego
	47
	48	I have seen domain controllers rejecting NTLMv2 blobs presented to
	49	NetrLogonSamLogonEx with LOGON_FAILURE when the MsvAvNbComputerName
	50	was a FQDN or an IP address
	51
	52	I have not seen this field in NTLMv2 blobs send by Windows clients
	53	when extended security was not available, so omitting the field
	54	makes Samba similar to Windows.
	55
	56	This prevents errors with some smbtorture testcases that disable
	57	spnego and when a target name is specified that is not a valid
	58	netbios name.
	59
	60	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
	61
	62	Autobuild-User: Andrew Bartlett <abartlet@samba.org>
	63	Autobuild-Date: Thu Apr 14 02:19:08 CEST 2011 on sn-devel-104
	64	(cherry picked from commit 29c0c37691da10bf061ba90a5b31482bda2fa486)
65	---
66	source4/libcli/smb_composite/sesssetup.c \| 26 ++++++++++++++++++++++----
67	1 file changed, 22 insertions(+), 4 deletions(-)
68
69	diff --git a/source4/libcli/smb_composite/sesssetup.c b/source4/libcli/smb_composite/sesssetup.c
70	index e1159a4..ebc3598 100644
71	--- a/source4/libcli/smb_composite/sesssetup.c
72	+++ b/source4/libcli/smb_composite/sesssetup.c
73	@@ -280,8 +280,17 @@ static NTSTATUS session_setup_nt1(struct composite_context *c,
74	struct smbcli_request **req)
75	{
76	NTSTATUS nt_status = NT_STATUS_INTERNAL_ERROR;
77	- struct sesssetup_state *state = talloc_get_type(c->private_data, struct sesssetup_state);
78	- DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, session->transport->socket->hostname, cli_credentials_get_domain(io->in.credentials));
79	+ struct sesssetup_state *state = talloc_get_type(c->private_data,
80	+ struct sesssetup_state);
81	+ const char *domain = cli_credentials_get_domain(io->in.credentials);
82	+
83	+ /*
84	+ * domain controllers tend to reject the NTLM v2 blob
85	+ * if the netbiosname is not valid (e.g. IP address or FQDN)
86	+ * so just leave it away (as Windows client do)
87	+ */
88	+ DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, NULL, domain);
89	+
90	DATA_BLOB session_key = data_blob(NULL, 0);
91	int flags = CLI_CRED_NTLM_AUTH;
92
93	@@ -353,9 +362,18 @@ static NTSTATUS session_setup_old(struct composite_context *c,
94	struct smbcli_request **req)
95	{
96	NTSTATUS nt_status;
97	- struct sesssetup_state *state = talloc_get_type(c->private_data, struct sesssetup_state);
98	+ struct sesssetup_state *state = talloc_get_type(c->private_data,
99	+ struct sesssetup_state);
100	const char *password = cli_credentials_get_password(io->in.credentials);
101	- DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, session->transport->socket->hostname, cli_credentials_get_domain(io->in.credentials));
102	+ const char *domain = cli_credentials_get_domain(io->in.credentials);
103	+
104	+ /*
105	+ * domain controllers tend to reject the NTLM v2 blob
106	+ * if the netbiosname is not valid (e.g. IP address or FQDN)
107	+ * so just leave it away (as Windows client do)
108	+ */
109	+ DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, NULL, domain);
110	+
111	DATA_BLOB session_key;
112	int flags = 0;
113	if (session->options.lanman_auth) {
114	--
115	2.1.0
116