summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
authorRichard Sharpe <sharpe@samba.org>2002-09-03 17:36:00 +0000
committerRichard Sharpe <sharpe@samba.org>2002-09-03 17:36:00 +0000
commitfd13038acff34acb9113afffd01af3e0fe90a6af (patch)
tree5b8cb48e730499753894e76e454b145387261996 /source3/libsmb
parentfc15341b8265f57a2bdd9be8a06c83e1fd90497a (diff)
downloadsamba-fd13038acff34acb9113afffd01af3e0fe90a6af.tar.gz
samba-fd13038acff34acb9113afffd01af3e0fe90a6af.tar.bz2
samba-fd13038acff34acb9113afffd01af3e0fe90a6af.zip
Fix the client side NTLMSSP. It now works between smbclient and smbd!
However, it does not work with Win2K over 445 with raw NTLMSSP! (This used to be commit 53e4975337be2cab3ee89f2f62e5659855365b73)
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/cliconnect.c9
-rw-r--r--source3/libsmb/clispnego.c47
2 files changed, 52 insertions, 4 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index cb3b4373dc..428167ebfa 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -486,16 +486,19 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, char *user,
memset(sess_key, 0, 16);
+ DEBUG(10, ("sending NTLMSSP_NEGOTIATE\n"));
+
/* generate the ntlmssp negotiate packet */
msrpc_gen(&blob, "CddAA",
"NTLMSSP",
NTLMSSP_NEGOTIATE,
neg_flags,
workgroup, strlen(workgroup),
- cli->calling.name, strlen(cli->calling.name));
-
+ cli->calling.name, strlen(cli->calling.name) + 1);
+ DEBUG(10, ("neg_flags: %0X, workgroup: %s, calling name %s\n",
+ neg_flags, workgroup, cli->calling.name));
/* and wrap it in a SPNEGO wrapper */
- msg1 = gen_negTokenTarg(mechs, blob);
+ msg1 = gen_negTokenInit(OID_NTLMSSP, blob);
data_blob_free(&blob);
/* now send that blob on its way */
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 8376398e3f..8aab0fdda9 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -73,6 +73,50 @@ DATA_BLOB spnego_gen_negTokenInit(uint8 guid[16],
return ret;
}
+/*
+ Generate a negTokenInit as used by the client side ... It has a mechType
+ (OID), and a mechToken (a security blob) ...
+
+ Really, we need to break out the NTLMSSP stuff as well, because it could be
+ raw in the packets!
+*/
+DATA_BLOB gen_negTokenInit(const char *OID, DATA_BLOB blob)
+{
+ ASN1_DATA data;
+ DATA_BLOB ret;
+
+ memset(&data, 0, sizeof(data));
+
+ asn1_push_tag(&data, ASN1_APPLICATION(0));
+ asn1_write_OID(&data,OID_SPNEGO);
+ asn1_push_tag(&data, ASN1_CONTEXT(0));
+ asn1_push_tag(&data, ASN1_SEQUENCE(0));
+
+ asn1_push_tag(&data, ASN1_CONTEXT(0));
+ asn1_push_tag(&data, ASN1_SEQUENCE(0));
+ asn1_write_OID(&data, OID);
+ asn1_pop_tag(&data);
+ asn1_pop_tag(&data);
+
+ asn1_push_tag(&data, ASN1_CONTEXT(2));
+ asn1_write_OctetString(&data,blob.data,blob.length);
+ asn1_pop_tag(&data);
+
+ asn1_pop_tag(&data);
+ asn1_pop_tag(&data);
+
+ asn1_pop_tag(&data);
+
+ if (data.has_error) {
+ DEBUG(1,("Failed to build negTokenInit at offset %d\n", (int)data.ofs));
+ asn1_free(&data);
+ }
+
+ ret = data_blob(data.data, data.length);
+ asn1_free(&data);
+
+ return ret;
+}
/*
parse a negTokenInit packet giving a GUID, a list of supported
@@ -553,7 +597,8 @@ BOOL msrpc_gen(DATA_BLOB *blob,
}
data_ofs += n*2;
break;
-
+
+ case 'A':
case 'B':
b = va_arg(ap, uint8 *);
n = va_arg(ap, int);