Re: Bug#466487: libauthen-smb-perl: should this package be orphaned or removed?
Of course, just to be sure... the promised diff. sorry.
--
Gunnar Wolf - gwolf@gwolf.org - (+52-55)5623-0154 / 1451-2244
PGP key 1024D/8BB527AF 2001-10-23
Fingerprint: 0C79 D2D1 2C4E 9CE4 5973 F800 D80E F35A 8BB5 27AF
diff -ru libauthen-smb-perl-0.91/Changes libapache2-authenntlm-perl-0.02/smb/Changes
--- libauthen-smb-perl-0.91/Changes 1999-06-07 09:51:25.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/Changes 2005-04-28 14:14:03.000000000 -0500
@@ -51,3 +51,10 @@
0.91 Mon Jun 7 08:03:47 1999
- Fixed a ridiculous thinko in Smb.pm (thansk Daniel Myers)
+
+0.92 Jan 4 2002
+ - Added functions for Apache::AuthenNTLM (Gerald Richter)
+
+0.93-0.96 Seg 3 2002
+ - updated smbval, fixed bugs in smbval VC count handling,
+ fixed bug in nonce passing
Only in libauthen-smb-perl-0.91/: debian
diff -ru libauthen-smb-perl-0.91/README libapache2-authenntlm-perl-0.02/smb/README
--- libauthen-smb-perl-0.91/README 1999-06-06 20:54:22.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/README 2005-04-28 14:14:03.000000000 -0500
@@ -1,2 +1,4 @@
+This is a slightly modified version of Authen::Smb for use with Apache::AuthenNTLM
+
Authen::Smb allows you to authenticate users against an NT server. See
Smb.pm POD documentation for details.
diff -ru libauthen-smb-perl-0.91/Smb.pm libapache2-authenntlm-perl-0.02/smb/Smb.pm
--- libauthen-smb-perl-0.91/Smb.pm 1999-06-07 09:50:40.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/Smb.pm 2005-04-28 14:14:03.000000000 -0500
@@ -18,7 +18,7 @@
NTV_PROTOCOL_ERROR
NTV_SERVER_ERROR
);
-$VERSION = '0.91';
+$VERSION = '0.96';
sub authen {
my @args = @_;
@@ -114,6 +114,7 @@
Patrick Michael Kane, modus@pr.es.to
Based on the smbval library from the samba package
+Additions for Apache::AuthenNTLM by Gerald Richter <richter@dev.ecos.de>
=head1 SEE ALSO
diff -ru libauthen-smb-perl-0.91/smbval/rfcnb-util.c libapache2-authenntlm-perl-0.02/smb/smbval/rfcnb-util.c
--- libauthen-smb-perl-0.91/smbval/rfcnb-util.c 1999-06-06 20:54:22.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/smbval/rfcnb-util.c 2005-04-28 14:14:03.000000000 -0500
@@ -24,7 +24,11 @@
*/
#include <string.h>
+#ifdef __FreeBSD__
+#include <stdlib.h>
+#else
#include <malloc.h>
+#endif
#include <arpa/inet.h>
#include "std-includes.h"
@@ -433,15 +437,23 @@
}
sess_pkt = pkt -> data; /* Get pointer to packet proper */
+ memset (sess_pkt, 0, RFCNB_Pkt_Sess_Len) ;
+
+
sess_pkt[RFCNB_Pkt_Type_Offset] = RFCNB_SESSION_REQUEST;
- RFCNB_Put_Pkt_Len(sess_pkt, RFCNB_Pkt_Sess_Len-RFCNB_Pkt_Hdr_Len);
+ RFCNB_Put_Pkt_Len(sess_pkt, (RFCNB_Pkt_Sess_Len-RFCNB_Pkt_Hdr_Len));
sess_pkt[RFCNB_Pkt_N1Len_Offset] = 32;
sess_pkt[RFCNB_Pkt_N2Len_Offset] = 32;
RFCNB_CvtPad_Name(Called_Name, (sess_pkt + RFCNB_Pkt_Called_Offset));
RFCNB_CvtPad_Name(Calling_Name, (sess_pkt + RFCNB_Pkt_Calling_Offset));
+ /* this magic AA marks the calling name as workstation (gr) */
+ sess_pkt[RFCNB_Pkt_Calling_Offset+30] = 'A' ;
+ sess_pkt[RFCNB_Pkt_Calling_Offset+31] = 'A' ;
+
+
/* Now send the packet */
#ifdef RFCNB_DEBUG
@@ -451,7 +463,7 @@
#endif
if ((len = RFCNB_Put_Pkt(con, pkt, RFCNB_Pkt_Sess_Len)) < 0) {
-
+ RFCNB_Free_Pkt(pkt);
return(RFCNBE_Bad); /* Should be able to write that lot ... */
}
@@ -467,7 +479,7 @@
res_pkt.next = NULL;
if ((len = RFCNB_Get_Pkt(con, &res_pkt, sizeof(resp))) < 0) {
-
+ RFCNB_Free_Pkt(pkt);
return(RFCNBE_Bad);
}
@@ -501,12 +513,12 @@
RFCNB_errno = RFCNBE_ProtErr;
break;
}
-
+ RFCNB_Free_Pkt(pkt);
return(RFCNBE_Bad);
break;
case RFCNB_SESSION_ACK: /* Got what we wanted ... */
-
+ RFCNB_Free_Pkt(pkt);
return(0);
break;
@@ -516,13 +528,14 @@
memcpy(Dest_IP, (resp + RFCNB_Pkt_IP_Offset), sizeof(struct in_addr));
*port = SVAL(resp, RFCNB_Pkt_Port_Offset);
-
+ RFCNB_Free_Pkt(pkt);
return(0);
break;
default: /* A protocol error */
RFCNB_errno = RFCNBE_ProtErr;
+ RFCNB_Free_Pkt(pkt);
return(RFCNBE_Bad);
break;
}
diff -ru libauthen-smb-perl-0.91/smbval/session.c libapache2-authenntlm-perl-0.02/smb/smbval/session.c
--- libauthen-smb-perl-0.91/smbval/session.c 1999-06-06 20:54:22.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/smbval/session.c 2005-04-28 14:14:03.000000000 -0500
@@ -22,8 +22,11 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-
+#ifdef __FreeBSD__
+#include <stdlib.h>
+#else
#include <malloc.h>
+#endif
#include <string.h>
int RFCNB_errno = 0;
@@ -282,9 +285,18 @@
int RFCNB_Hangup(struct RFCNB_Con *con_Handle)
{
+ struct redirect_addr *redir_addr,*next;
if (con_Handle != NULL) {
RFCNB_Close(con_Handle -> fd); /* Could this fail? */
+ if (con_Handle -> redirect_list != NULL)
+ {
+ do {
+ redir_addr = con_Handle->redirect_list;
+ next = redir_addr->next;
+ free(redir_addr);
+ } while(next!=NULL);
+ }
free(con_Handle);
}
diff -ru libauthen-smb-perl-0.91/smbval/smbencrypt.c libapache2-authenntlm-perl-0.02/smb/smbval/smbencrypt.c
--- libauthen-smb-perl-0.91/smbval/smbencrypt.c 1999-06-06 20:54:22.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/smbval/smbencrypt.c 2005-04-28 14:14:03.000000000 -0500
@@ -20,11 +20,14 @@
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#include <stdlib.h>
#include <string.h>
#include <arpa/inet.h>
#include <dirent.h>
#include <string.h>
+#ifdef HAVE_SYS_VFS_H
#include <sys/vfs.h>
+#endif
#include <netinet/in.h>
#include <ctype.h>
#include "smblib-priv.h"
diff -ru libauthen-smb-perl-0.91/smbval/smblib.c libapache2-authenntlm-perl-0.02/smb/smbval/smblib.c
--- libauthen-smb-perl-0.91/smbval/smblib.c 2008-02-20 09:48:35.000000000 -0600
+++ libapache2-authenntlm-perl-0.02/smb/smbval/smblib.c 2005-04-28 14:14:03.000000000 -0500
@@ -111,7 +111,7 @@
char *server, char *NTdomain)
{ SMB_Handle_Type con;
- char temp[80], called[80], calling[80], *address;
+ char temp[80], called[80], calling[100], *address, buf [20];
int i;
/* Get a connection structure if one does not exist */
@@ -150,9 +150,10 @@
con -> pid = getpid();
con -> mid = con -> pid; /* This will do for now ... */
- con -> uid = 0; /* Until we have done a logon, no uid ... */
+ con -> uid = 0; /* Until we have done a logon, no uid */
con -> gid = getgid();
+
/* Now connect to the remote end, but first upper case the name of the
service we are going to call, sine some servers want it in uppercase */
@@ -273,6 +274,7 @@
else
address = con -> address;
+
con -> Trans_Connect = RFCNB_Call(called,
calling,
address, /* Protocol specific */
@@ -318,11 +320,17 @@
/* Unicode yet! */
int SMB_Logon_Server(SMB_Handle_Type Con_Handle, char *UserName,
- char *PassWord)
+ char *PassWord, int precrypted, char * domain)
{ struct RFCNB_Pkt *pkt;
int param_len, i, pkt_len, pass_len,a;
char *p, pword[128];
+ char * pdomain ;
+
+ if (domain && domain[0])
+ pdomain = domain ;
+ else
+ pdomain = Con_Handle -> PDomain ;
/* First we need a packet etc ... but we need to know what protocol has */
/* been negotiated to figure out if we can do it and what SMB format to */
@@ -337,7 +345,10 @@
strcpy(pword, PassWord);
- if (Con_Handle -> encrypt_passwords)
+ if (precrypted) {
+ pass_len=24;
+ memcpy(pword, PassWord, 24);
+ } else if (Con_Handle -> encrypt_passwords)
{
pass_len=24;
SMBencrypt((uchar *) PassWord, (uchar *)Con_Handle -> Encrypt_Key,(uchar *)pword);
@@ -351,7 +362,7 @@
if (Con_Handle -> protocol < SMB_P_NT1) {
param_len = strlen(UserName) + 1 + pass_len + 1 +
- strlen(Con_Handle -> PDomain) + 1 +
+ strlen(pdomain) + 1 +
strlen(Con_Handle -> OSName) + 1;
pkt_len = SMB_ssetpLM_len + param_len;
@@ -378,7 +389,7 @@
SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_mbs_offset, SMBLIB_MAX_XMIT);
SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_mmc_offset, 2);
- SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_vcn_offset, Con_Handle -> pid);
+ SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_vcn_offset, 1); /* must be one, otherwise server will close all other connections!!! */
SIVAL(SMB_Hdr(pkt), SMB_ssetpLM_snk_offset, 0);
SSVAL(SMB_Hdr(pkt), SMB_ssetpLM_pwl_offset, pass_len + 1);
SIVAL(SMB_Hdr(pkt), SMB_ssetpLM_res_offset, 0);
@@ -400,8 +411,8 @@
p = p + 1;
- strcpy(p, Con_Handle -> PDomain);
- p = p + strlen(Con_Handle -> PDomain);
+ strcpy(p, pdomain);
+ p = p + strlen(pdomain);
*p = 0;
p = p + 1;
@@ -415,7 +426,7 @@
/* We don't admit to UNICODE support ... */
param_len = strlen(UserName) + 1 + pass_len +
- strlen(Con_Handle -> PDomain) + 1 +
+ strlen(pdomain) + 1 +
strlen(Con_Handle -> OSName) + 1 +
strlen(Con_Handle -> LMType) + 1;
@@ -442,8 +453,8 @@
SSVAL(SMB_Hdr(pkt), SMB_hdr_axo_offset, 0);
SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_mbs_offset, SMBLIB_MAX_XMIT);
- SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_mmc_offset, 0);
- SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_vcn_offset, 0);
+ SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_mmc_offset, 2);
+ SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_vcn_offset, 1); /* must be one, otherwise server will close all other connections!!! */
SIVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_snk_offset, 0);
SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cipl_offset, pass_len);
SSVAL(SMB_Hdr(pkt), SMB_ssetpNTLM_cspl_offset, 0);
@@ -467,8 +478,8 @@
p = p + 1;
- strcpy(p, Con_Handle -> PDomain);
- p = p + strlen(Con_Handle -> PDomain);
+ strcpy(p, pdomain);
+ p = p + strlen(pdomain);
*p = 0;
p = p + 1;
@@ -528,6 +539,15 @@
}
+ if (SVAL(SMB_Hdr(pkt), SMB_ssetpr_act_offset) & 0x1)
+ {
+ /* do we allow guest login? NO! */
+ RFCNB_Free_Pkt(pkt);
+ SMBlib_errno = SMBlibE_GuestOnly ;
+ return(SMBlibE_BAD);
+ }
+
+
#ifdef DEBUG
fprintf(stderr, "SessSetupAndX response. Action = %i\n",
SVAL(SMB_Hdr(pkt), SMB_ssetpr_act_offset));
diff -ru libauthen-smb-perl-0.91/smbval/smblib.h libapache2-authenntlm-perl-0.02/smb/smbval/smblib.h
--- libauthen-smb-perl-0.91/smbval/smblib.h 1999-06-06 20:54:23.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/smbval/smblib.h 2005-04-28 14:14:03.000000000 -0500
@@ -95,3 +95,6 @@
char *service, char *st);
#define SMBLIB_DEFAULT_DOMAIN "anydom"
+
+
+extern int SMBlib_errno;
\ No newline at end of file
diff -ru libauthen-smb-perl-0.91/smbval/smblib-util.c libapache2-authenntlm-perl-0.02/smb/smbval/smblib-util.c
--- libauthen-smb-perl-0.91/smbval/smblib-util.c 1999-06-06 20:54:23.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/smbval/smblib-util.c 2005-04-28 14:14:03.000000000 -0500
@@ -24,7 +24,11 @@
*/
#include "smblib-priv.h"
+#ifdef __FreeBSD__
+#include <stdlib.h>
+#else
#include <malloc.h>
+#endif
#include "rfcnb.h"
@@ -591,8 +595,8 @@
if (Con_Handle -> first_tree == NULL) {
- Con_Handle -> first_tree == tree;
- Con_Handle -> last_tree == tree;
+ Con_Handle -> first_tree = tree;
+ Con_Handle -> last_tree = tree;
}
else {
diff -ru libauthen-smb-perl-0.91/smbval/valid.c libapache2-authenntlm-perl-0.02/smb/smbval/valid.c
--- libauthen-smb-perl-0.91/smbval/valid.c 1999-06-06 20:54:23.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/smbval/valid.c 2005-04-28 14:14:03.000000000 -0500
@@ -24,7 +24,7 @@
if (con == NULL) { /* Error ... */
con = SMB_Connect_Server(NULL, BACKUP, DOMAIN);
if (con == NULL) {
- return(NTV_SERVER_ERROR);
+ return(NTV_SERVER_ERROR);
}
}
if (SMB_Negotiate(con, SMB_Prots) < 0) { /* An error */
@@ -39,7 +39,7 @@
return(NTV_PROTOCOL_ERROR);
}
- if (SMB_Logon_Server(con, USERNAME, PASSWORD) < 0) {
+ if (SMB_Logon_Server(con, USERNAME, PASSWORD, 0, NULL) < 0) {
SMB_Discon(con,0);
return(NTV_LOGON_ERROR);
}
@@ -47,3 +47,59 @@
SMB_Discon(con,0);
return(NTV_NO_ERROR);
}
+
+/* the following addtions are taken from mod_ntlm, see http://sourceforge.net/projects/modntlm/ */
+
+void *Valid_User_Connect(char *SERVER,char *BACKUP, char *DOMAIN, char *nonce)
+{
+ char *SMB_Prots[] = {"PC NETWORK PROGRAM 1.0",
+ "MICROSOFT NETWORKS 1.03",
+ "MICROSOFT NETWORKS 3.0",
+ "LANMAN1.0",
+ "LM1.2X002",
+ "Samba",
+ "NT LM 0.12",
+
+ "NT LANMAN 1.0",
+ NULL};
+ SMB_Handle_Type con;
+
+ SMB_Init();
+ con = SMB_Connect_Server(NULL, SERVER, DOMAIN);
+ if (con == NULL) { /* Error ... */
+ con = SMB_Connect_Server(NULL, BACKUP, DOMAIN);
+ if (con == NULL) {
+ return(NULL);
+ }
+ }
+ if (SMB_Negotiate(con, SMB_Prots) < 0) { /* An error */
+ SMB_Discon(con,0);
+ return(NULL);
+ }
+ /* Test for a server in share level mode do not authenticate against it */
+ if (con -> Security == 0)
+ {
+ SMB_Discon(con,0);
+ return(NULL);
+ }
+
+ memcpy(nonce, con -> Encrypt_Key, 8);
+
+ return (con);
+}
+
+int Valid_User_Auth(void *handle, char *USERNAME,char *PASSWORD,int precrypted, char * domain)
+{
+ SMB_Handle_Type con = handle;
+
+ if (SMB_Logon_Server(con, USERNAME, PASSWORD, precrypted, domain) < 0) {
+ return(NTV_LOGON_ERROR);
+ }
+ return(NTV_NO_ERROR);
+}
+
+void Valid_User_Disconnect(void *handle)
+{
+ SMB_Handle_Type con = handle;
+ SMB_Discon(con);
+}
diff -ru libauthen-smb-perl-0.91/smbval/valid.h libapache2-authenntlm-perl-0.02/smb/smbval/valid.h
--- libauthen-smb-perl-0.91/smbval/valid.h 1999-06-06 20:54:23.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/smbval/valid.h 2005-04-28 14:14:03.000000000 -0500
@@ -7,6 +7,9 @@
#define NTV_PROTOCOL_ERROR 2
#define NTV_LOGON_ERROR 3
-int Valid_User(char *USERNAME,char *PASSWORD,char *SERVER, char *BACKUP, char *DOMAIN);
+int Valid_User(char *username,char *password,char *server, char *backup, char *domain);
+void *Valid_User_Connect(char *server,char *backup, char *domain, char *nonce) ;
+int Valid_User_Auth(void *handle, char *username,char *password,int precrypt, char * domain) ;
+void Valid_User_Disconnect(void *handle) ;
#endif
diff -ru libauthen-smb-perl-0.91/Smb.xs libapache2-authenntlm-perl-0.02/smb/Smb.xs
--- libauthen-smb-perl-0.91/Smb.xs 1999-06-06 20:54:22.000000000 -0500
+++ libapache2-authenntlm-perl-0.02/smb/Smb.xs 2005-04-28 14:14:03.000000000 -0500
@@ -4,6 +4,13 @@
#include "EXTERN.h"
#include "perl.h"
#include "XSUB.h"
+
+#undef TRUE
+#undef FALSE
+#undef WORD
+
+#include "smbval/valid.h"
+#include "smbval/smblib-priv.h"
#ifdef __cplusplus
}
#endif
@@ -126,3 +133,50 @@
char * domain
OUTPUT:
RETVAL
+
+
+
+void *
+Valid_User_Connect(server,backup,domain,nonce)
+ char *server
+ char *backup
+ char *domain
+ char *nonce
+CODE:
+ if (!SvPOK (ST(3)) || SvCUR(ST(3)) < 8)
+ croak ("nonce muist be preallocated with an 8 character string") ;
+
+ RETVAL = Valid_User_Connect(server, backup, domain, nonce);
+OUTPUT:
+ RETVAL
+
+
+
+int
+Valid_User_Auth(handle,username,password,precrypt=0,domain="")
+ void *handle
+ char *username
+ char *password
+ int precrypt
+ char *domain
+
+
+void
+Valid_User_Disconnect(handle)
+ void *handle
+
+
+int
+SMBlib_errno()
+CODE:
+ RETVAL = SMBlib_errno ;
+OUTPUT:
+ RETVAL
+
+
+int
+SMBlib_SMB_Error()
+CODE:
+ RETVAL = SMBlib_SMB_Error ;
+OUTPUT:
+ RETVAL
Reply to: