summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-02-12 12:06:08 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:51:54 -0500
commitba04ff6736c0551da06d112af28d42b351c10481 (patch)
treef5a309a2473bad4cf38d10c3dfc5ca65ca2db263
parent93d6990dd41e1509fb55a7077e3a10834117f244 (diff)
downloadsamba-ba04ff6736c0551da06d112af28d42b351c10481.tar.gz
samba-ba04ff6736c0551da06d112af28d42b351c10481.tar.bz2
samba-ba04ff6736c0551da06d112af28d42b351c10481.zip
r13467: Add new parametric options (for testing) controlling LM_KEY and 56-bit
encryption behaviour. Andrew Bartlett (This used to be commit 2b3b2f33a4c531f2b0f65521cc352e6d762e95bd)
-rw-r--r--source4/auth/ntlmssp/ntlmssp_client.c18
1 files changed, 13 insertions, 5 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c
index 3f781825e3..d058b84a28 100644
--- a/source4/auth/ntlmssp/ntlmssp_client.c
+++ b/source4/auth/ntlmssp/ntlmssp_client.c
@@ -144,9 +144,6 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
auth_gen_string = "CdBBAAABd";
}
- DEBUG(3, ("NTLMSSP: Set final flags:\n"));
- debug_ntlmssp_flags(gensec_ntlmssp_state->neg_flags);
-
if (!msrpc_parse(mem_ctx,
&in, chal_parse_string,
"NTLMSSP",
@@ -215,7 +212,6 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
SMBsesskeygen_lm_sess_key(lm_session_key.data, zeros,
new_session_key.data);
}
- new_session_key.length = 16;
session_key = new_session_key;
dump_data_pw("LM session key\n", session_key.data, session_key.length);
}
@@ -239,6 +235,9 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
session_key = data_blob_talloc(mem_ctx, client_session_key, sizeof(client_session_key));
}
+ DEBUG(3, ("NTLMSSP: Set final flags:\n"));
+ debug_ntlmssp_flags(gensec_ntlmssp_state->neg_flags);
+
/* this generates the actual auth packet */
if (!msrpc_gen(mem_ctx,
out, auth_gen_string,
@@ -304,7 +303,8 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
gensec_ntlmssp_state->use_nt_response = lp_parm_bool(-1, "ntlmssp_client", "send_nt_reponse", True);
gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth()
- && lp_parm_bool(-1, "ntlmssp_client", "allow_lm_key", False));
+ && (lp_parm_bool(-1, "ntlmssp_client", "allow_lm_key", False)
+ || lp_parm_bool(-1, "ntlmssp_client", "lm_key", False)));
gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth();
@@ -318,6 +318,14 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128;
}
+ if (lp_parm_bool(-1, "ntlmssp_client", "56bit", False)) {
+ gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;
+ }
+
+ if (lp_parm_bool(-1, "ntlmssp_client", "lm_key", False)) {
+ gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY;
+ }
+
if (lp_parm_bool(-1, "ntlmssp_client", "keyexchange", True)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;
}