s4-ntlmssp: use NTLMSSP headers from IDL and remove duplicate constants.

Guenther

diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c
index e649bba4db6262a7ab9810a8197c5a7b6deb1026..633199f463b67212f756013f925b400c56f2c57b 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp.c
+++ b/source4/auth/ntlmssp/ntlmssp.c
@@ -23,6 +23,7 @@
 
 #include "includes.h"
 #include "auth/ntlmssp/ntlmssp.h"
+#include "../librpc/gen_ndr/ntlmssp.h"
 #include "../libcli/auth/libcli_auth.h"
 #include "librpc/gen_ndr/ndr_dcerpc.h"
 #include "auth/credentials/credentials.h"
@@ -81,30 +82,28 @@ void debug_ntlmssp_flags(uint32_t neg_flags)
                DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_SIGN\n"));
        if (neg_flags & NTLMSSP_NEGOTIATE_SEAL) 
                DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_SEAL\n"));
-       if (neg_flags & NTLMSSP_NEGOTIATE_DATAGRAM_STYLE) 
-               DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_DATAGRAM_STYLE\n"));
+       if (neg_flags & NTLMSSP_NEGOTIATE_DATAGRAM)
+               DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_DATAGRAM\n"));
        if (neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) 
                DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_LM_KEY\n"));
        if (neg_flags & NTLMSSP_NEGOTIATE_NETWARE) 
                DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_NETWARE\n"));
        if (neg_flags & NTLMSSP_NEGOTIATE_NTLM) 
                DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_NTLM\n"));
-       if (neg_flags & NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED) 
-               DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED\n"));
-       if (neg_flags & NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED) 
-               DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED\n"));
+       if (neg_flags & NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED)
+               DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED\n"));
+       if (neg_flags & NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED)
+               DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED\n"));
        if (neg_flags & NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL) 
                DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL\n"));
        if (neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN) 
                DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_ALWAYS_SIGN\n"));
-       if (neg_flags & NTLMSSP_CHAL_ACCEPT_RESPONSE) 
-               DEBUGADD(4, ("  NTLMSSP_CHAL_ACCEPT_RESPONSE\n"));
-       if (neg_flags & NTLMSSP_CHAL_NON_NT_SESSION_KEY) 
-               DEBUGADD(4, ("  NTLMSSP_CHAL_NON_NT_SESSION_KEY\n"));
+       if (neg_flags & NTLMSSP_REQUEST_NON_NT_SESSION_KEY)
+               DEBUGADD(4, ("  NTLMSSP_REQUEST_NON_NT_SESSION_KEY\n"));
        if (neg_flags & NTLMSSP_NEGOTIATE_NTLM2) 
                DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_NTLM2\n"));
-       if (neg_flags & NTLMSSP_CHAL_TARGET_INFO) 
-               DEBUGADD(4, ("  NTLMSSP_CHAL_TARGET_INFO\n"));
+       if (neg_flags & NTLMSSP_NEGOTIATE_TARGET_INFO)
+               DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_TARGET_INFO\n"));
        if (neg_flags & NTLMSSP_NEGOTIATE_128) 
                DEBUGADD(4, ("  NTLMSSP_NEGOTIATE_128\n"));
        if (neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) 
@@ -295,8 +294,8 @@ void ntlmssp_handle_neg_flags(struct gensec_ntlmssp_state *gensec_ntlmssp_state,
 
        /* Woop Woop - unknown flag for Windows compatibility...
           What does this really do ? JRA. */
-       if (!(neg_flags & NTLMSSP_UNKNOWN_02000000)) {
-               gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_UNKNOWN_02000000;
+       if (!(neg_flags & NTLMSSP_NEGOTIATE_VERSION)) {
+               gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_VERSION;
        }
 
        if ((neg_flags & NTLMSSP_REQUEST_TARGET)) {

diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h
index ff7225bb3c8ccd3f534aeb67b3eb0c47fefd6c3a..d46b12000f20a4efa4f01bd999911fb28f218442 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp.h
+++ b/source4/auth/ntlmssp/ntlmssp.h
@@ -39,37 +39,6 @@ enum ntlmssp_message_type
        NTLMSSP_DONE   = 5 /* samba final state */
 };
 
-/* NTLMSSP negotiation flags */
-#define NTLMSSP_NEGOTIATE_UNICODE          0x00000001
-#define NTLMSSP_NEGOTIATE_OEM              0x00000002
-#define NTLMSSP_REQUEST_TARGET             0x00000004
-#define NTLMSSP_NEGOTIATE_SIGN             0x00000010 /* Message integrity */
-#define NTLMSSP_NEGOTIATE_SEAL             0x00000020 /* Message confidentiality */
-#define NTLMSSP_NEGOTIATE_DATAGRAM_STYLE   0x00000040
-#define NTLMSSP_NEGOTIATE_LM_KEY           0x00000080
-#define NTLMSSP_NEGOTIATE_NETWARE          0x00000100
-#define NTLMSSP_NEGOTIATE_NTLM             0x00000200
-#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED  0x00001000
-#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x00002000
-#define NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL  0x00004000
-#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN      0x00008000
-#define NTLMSSP_TARGET_TYPE_DOMAIN            0x10000
-#define NTLMSSP_TARGET_TYPE_SERVER            0x20000
-#define NTLMSSP_CHAL_INIT_RESPONSE         0x00010000
-
-#define NTLMSSP_CHAL_ACCEPT_RESPONSE       0x00020000
-#define NTLMSSP_CHAL_NON_NT_SESSION_KEY    0x00040000
-#define NTLMSSP_NEGOTIATE_NTLM2            0x00080000
-#define NTLMSSP_CHAL_TARGET_INFO           0x00800000
-#define NTLMSSP_UNKNOWN_02000000           0x02000000
-#define NTLMSSP_NEGOTIATE_128              0x20000000 /* 128-bit encryption */
-#define NTLMSSP_NEGOTIATE_KEY_EXCH         0x40000000
-#define NTLMSSP_NEGOTIATE_56               0x80000000
-
-#define NTLMSSP_SIGN_VERSION 1
-
-#define NTLMSSP_SIG_SIZE 16
-
 struct gensec_ntlmssp_state
 {
        struct gensec_security *gensec_security;

diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c
index d3c1165994cf4d2d14a7d0f3a2dfb7d9d6979786..87794ae04821633ab70792872955344b9fe76480 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp_client.c
+++ b/source4/auth/ntlmssp/ntlmssp_client.c
@@ -23,6 +23,7 @@
 
 #include "includes.h"
 #include "auth/ntlmssp/ntlmssp.h"
+#include "../librpc/gen_ndr/ntlmssp.h"
 #include "../lib/crypto/crypto.h"
 #include "../libcli/auth/libcli_auth.h"
 #include "auth/credentials/credentials.h"
@@ -141,14 +142,14 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
        ntlmssp_handle_neg_flags(gensec_ntlmssp_state, chal_flags, gensec_ntlmssp_state->allow_lm_key);
 
        if (gensec_ntlmssp_state->unicode) {
-               if (chal_flags & NTLMSSP_CHAL_TARGET_INFO) {
+               if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO) {
                        chal_parse_string = "CdUdbddB";
                } else {
                        chal_parse_string = "CdUdbdd";
                }
                auth_gen_string = "CdBBUUUBd";
        } else {
-               if (chal_flags & NTLMSSP_CHAL_TARGET_INFO) {
+               if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO) {
                        chal_parse_string = "CdAdbddB";
                } else {
                        chal_parse_string = "CdAdbdd";

diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 8cb2b1f46061e7e34b98f3de1a2ba18ce4a88330..a83df7377f883faa610f0b11a3037b4aaa9b5292 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -24,6 +24,7 @@
 #include "includes.h"
 #include "system/network.h"
 #include "auth/ntlmssp/ntlmssp.h"
+#include "../librpc/gen_ndr/ntlmssp.h"
 #include "../libcli/auth/libcli_auth.h"
 #include "../lib/crypto/crypto.h"
 #include "auth/gensec/gensec.h"
@@ -91,7 +92,7 @@ static const char *ntlmssp_target_name(struct gensec_ntlmssp_state *gensec_ntlms
                                       uint32_t neg_flags, uint32_t *chal_flags) 
 {
        if (neg_flags & NTLMSSP_REQUEST_TARGET) {
-               *chal_flags |= NTLMSSP_CHAL_TARGET_INFO;
+               *chal_flags |= NTLMSSP_NEGOTIATE_TARGET_INFO;
                *chal_flags |= NTLMSSP_REQUEST_TARGET;
                if (gensec_ntlmssp_state->server_role == ROLE_STANDALONE) {
                        *chal_flags |= NTLMSSP_TARGET_TYPE_SERVER;
@@ -179,7 +180,7 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
        gensec_ntlmssp_state->internal_chal = data_blob_talloc(gensec_ntlmssp_state, cryptkey, 8);
 
        /* This creates the 'blob' of names that appears at the end of the packet */
-       if (chal_flags & NTLMSSP_CHAL_TARGET_INFO) {
+       if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO) {
                char dnsdomname[MAXHOSTNAMELEN], dnsname[MAXHOSTNAMELEN];
                const char *target_name_dns = "";
 
@@ -762,7 +763,7 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
        gensec_ntlmssp_state->server_multiple_authentications = false;
        
        gensec_ntlmssp_state->neg_flags = 
-               NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_UNKNOWN_02000000;
+               NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_VERSION;
 
        gensec_ntlmssp_state->lm_resp = data_blob(NULL, 0);
        gensec_ntlmssp_state->nt_resp = data_blob(NULL, 0);

diff --git a/source4/auth/ntlmssp/ntlmssp_sign.c b/source4/auth/ntlmssp/ntlmssp_sign.c
index 957d0a8fbc7696ee90fcd600caa4bb4190c88759..6e5a08c5a1bc9a9d1d2cd06b1af9f214473f2bbf 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp_sign.c
+++ b/source4/auth/ntlmssp/ntlmssp_sign.c
@@ -21,6 +21,7 @@
 
 #include "includes.h"
 #include "auth/ntlmssp/ntlmssp.h"
+#include "../librpc/gen_ndr/ntlmssp.h"
 #include "../libcli/auth/libcli_auth.h"
 #include "../lib/crypto/crypto.h"
 #include "auth/gensec/gensec.h"