search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:http/gensec: add missing tevent_req_done() to gensec_http_ntlm_update_done()
[Samba.git] / source4 / lib / http / gensec / ntlm.c
blob788fb7d3636b90be215ca275acae2c34bfefa412
1 /*
2 Unix SMB/CIFS implementation.
3
4 HTTP library - NTLM authentication mechanism gensec module
5
6 Copyright (C) 2014 Samuel Cabrero <samuelcabrero@kernevil.me>
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include <tevent.h>
24 #include "lib/util/tevent_ntstatus.h"
25 #include "auth/auth.h"
26 #include "auth/gensec/gensec.h"
27 #include "auth/gensec/gensec_internal.h"
28 #include "lib/util/base64.h"
29
30 _PUBLIC_ NTSTATUS gensec_http_ntlm_init(TALLOC_CTX *);
31
32 struct gensec_http_ntlm_state {
33 struct gensec_security *sub;
34 };
35
36 static NTSTATUS gensec_http_ntlm_client_start(struct gensec_security *gensec)
37 {
38 NTSTATUS status;
39 struct gensec_http_ntlm_state *state;
40
41 state = talloc_zero(gensec, struct gensec_http_ntlm_state);
42 if (state == NULL) {
43 return NT_STATUS_NO_MEMORY;
44 }
45 gensec->private_data = state;
46
47 status = gensec_subcontext_start(state, gensec, &state->sub);
48 if (!NT_STATUS_IS_OK(status)) {
49 return status;
50 }
51
52 return gensec_start_mech_by_oid(state->sub, GENSEC_OID_NTLMSSP);
53 }
54
55 struct gensec_http_ntlm_update_state {
56 DATA_BLOB ntlm_in;
57 NTSTATUS status;
58 DATA_BLOB out;
59 };
60
61 static void gensec_http_ntlm_update_done(struct tevent_req *subreq);
62
63 static struct tevent_req *gensec_http_ntlm_update_send(TALLOC_CTX *mem_ctx,
64 struct tevent_context *ev,
65 struct gensec_security *gensec_ctx,
66 const DATA_BLOB in)
67 {
68 struct gensec_http_ntlm_state *http_ntlm =
69 talloc_get_type_abort(gensec_ctx->private_data,
70 struct gensec_http_ntlm_state);
71 struct tevent_req *req = NULL;
72 struct gensec_http_ntlm_update_state *state = NULL;
73 struct tevent_req *subreq = NULL;
74
75 req = tevent_req_create(mem_ctx, &state,
76 struct gensec_http_ntlm_update_state);
77 if (req == NULL) {
78 return NULL;
79 }
80
81 if (in.length) {
82 if (strncasecmp((char *)in.data, "NTLM ", 5) != 0) {
83 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
84 return tevent_req_post(req, ev);
85 }
86 state->ntlm_in = base64_decode_data_blob_talloc(state,
87 (char *)&in.data[5]);
88 }
89
90 subreq = gensec_update_send(state, ev,
91 http_ntlm->sub,
92 state->ntlm_in);
93 if (tevent_req_nomem(subreq, req)) {
94 return tevent_req_post(req, ev);
95 }
96 tevent_req_set_callback(subreq, gensec_http_ntlm_update_done, req);
97
98 return req;
99 }
100
101 static void gensec_http_ntlm_update_done(struct tevent_req *subreq)
102 {
103 struct tevent_req *req =
104 tevent_req_callback_data(subreq,
105 struct tevent_req);
106 struct gensec_http_ntlm_update_state *state =
107 tevent_req_data(req,
108 struct gensec_http_ntlm_update_state);
109 NTSTATUS status;
110 DATA_BLOB ntlm_out;
111 char *b64 = NULL;
112 char *str = NULL;
113
114 status = gensec_update_recv(subreq, state, &ntlm_out);
115 TALLOC_FREE(subreq);
116 state->status = status;
117 if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
118 status = NT_STATUS_OK;
119 }
120 if (tevent_req_nterror(req, status)) {
121 return;
122 }
123
124 b64 = base64_encode_data_blob(state, ntlm_out);
125 data_blob_free(&ntlm_out);
126 if (tevent_req_nomem(b64, req)) {
127 return;
128 }
129
130 str = talloc_asprintf(state, "NTLM %s", b64);
131 TALLOC_FREE(b64);
132 if (tevent_req_nomem(str, req)) {
133 return;
134 }
135
136 state->out = data_blob_string_const(str);
137 tevent_req_done(req);
138 }
139
140 static NTSTATUS gensec_http_ntlm_update_recv(struct tevent_req *req,
141 TALLOC_CTX *out_mem_ctx,
142 DATA_BLOB *out)
143 {
144 struct gensec_http_ntlm_update_state *state =
145 tevent_req_data(req,
146 struct gensec_http_ntlm_update_state);
147 NTSTATUS status;
148
149 *out = data_blob_null;
150
151 if (tevent_req_is_nterror(req, &status)) {
152 tevent_req_received(req);
153 return status;
154 }
155
156 *out = state->out;
157 talloc_steal(out_mem_ctx, state->out.data);
158 status = state->status;
159 tevent_req_received(req);
160 return status;
161 }
162
163 static const struct gensec_security_ops gensec_http_ntlm_security_ops = {
164 .name = "http_ntlm",
165 .auth_type = 0,
166 .client_start = gensec_http_ntlm_client_start,
167 .update_send = gensec_http_ntlm_update_send,
168 .update_recv = gensec_http_ntlm_update_recv,
169 .enabled = true,
170 .priority = GENSEC_EXTERNAL,
171 };
172
173 _PUBLIC_ NTSTATUS gensec_http_ntlm_init(TALLOC_CTX *ctx)
174 {
175 NTSTATUS status;
176
177 status = gensec_register(ctx, &gensec_http_ntlm_security_ops);
178 if (!NT_STATUS_IS_OK(status)) {
179 DEBUG(0, ("Failed to register '%s' gensec backend!\n",
180 gensec_http_ntlm_security_ops.name));
181 return status;
182 }
183
184 return status;
185 }
Samba GIT mirror