diff options
author | Andrew Bartlett <abartlet@samba.org> | 2003-07-14 10:38:23 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2003-07-14 10:38:23 +0000 |
commit | 236702e15c26432fd09888658fd66f318d03e3f5 (patch) | |
tree | 83f9e20aafa3e1484e55105413eb5fcdae5d87dd /source3/libsmb/cliconnect.c | |
parent | 456f51bcbe04ccbb37a27b6e115a851cc134adcd (diff) | |
download | samba-236702e15c26432fd09888658fd66f318d03e3f5.tar.gz samba-236702e15c26432fd09888658fd66f318d03e3f5.tar.bz2 samba-236702e15c26432fd09888658fd66f318d03e3f5.zip |
Fix SMB signing when using NTLMSSP...
It's so simple now I know how it works - and it has nothing to do with
NTLMSSP (it's just a slightly different use of the old algorithm). :-).
Note: This is actually less secure then the non-NTLMSSP code, as there is
no per-session random data included for NTLM logins. (NTLMv2 is better,
fortunetly).
Andrew Bartlett
(This used to be commit 95ec8317d4c6817d192bcd52eec44a22286e10ee)
Diffstat (limited to 'source3/libsmb/cliconnect.c')
-rw-r--r-- | source3/libsmb/cliconnect.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index cdd80b7f0c..8c02c4fdfe 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -551,6 +551,7 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, const char *user, blob_in, &blob_out); data_blob_free(&blob_in); if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + DATA_BLOB null = data_blob(NULL, 0); if (turn == 1) { /* and wrap it in a SPNEGO wrapper */ msg1 = gen_negTokenInit(OID_NTLMSSP, blob_out); @@ -559,14 +560,16 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, const char *user, msg1 = spnego_gen_auth(blob_out); } + cli_simple_set_signing(cli, + ntlmssp_state->session_key.data, + null); + /* now send that blob on its way */ if (!cli_session_setup_blob_send(cli, msg1)) { return False; } data_blob_free(&msg1); - cli_ntlmssp_set_signing(cli, ntlmssp_state); - blob = cli_session_setup_blob_receive(cli); nt_status = cli_nt_error(cli); |