Merge branch 'master' of ssh://git.samba.org/data/git/samba into regsrv

Conflicts:
	source4/lib/registry/ldb.c
	source4/rpc_server/winreg/rpc_winreg.c

5 files changed, 25 insertions, 25 deletions

diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c
index 0b7f0da9af..cea18c45a7 100644
--- a/source4/auth/ntlmssp/ntlmssp.c
+++ b/source4/auth/ntlmssp/ntlmssp.c
@@ -235,6 +235,10 @@ NTSTATUS gensec_ntlmssp_session_key(struct gensec_security *gensec_security,
 {
 	struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
 
+	if (gensec_ntlmssp_state->expected_state != NTLMSSP_DONE) {
+		return NT_STATUS_NO_USER_SESSION_KEY;
+	}
+
 	if (!gensec_ntlmssp_state->session_key.data) {
 		return NT_STATUS_NO_USER_SESSION_KEY;
 	}
diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c
index 891761860c..eb990dee9c 100644
--- a/source4/auth/ntlmssp/ntlmssp_client.c
+++ b/source4/auth/ntlmssp/ntlmssp_client.c
@@ -24,7 +24,7 @@
 #include "includes.h"
 #include "auth/ntlmssp/ntlmssp.h"
 #include "auth/ntlmssp/msrpc_parse.h"
-#include "lib/crypto/crypto.h"
+#include "../lib/crypto/crypto.h"
 #include "libcli/auth/libcli_auth.h"
 #include "auth/credentials/credentials.h"
 #include "auth/gensec/gensec.h"
diff --git a/source4/auth/ntlmssp/ntlmssp_parse.c b/source4/auth/ntlmssp/ntlmssp_parse.c
index e1c1e7cbb3..9256872036 100644
--- a/source4/auth/ntlmssp/ntlmssp_parse.c
+++ b/source4/auth/ntlmssp/ntlmssp_parse.c
@@ -20,8 +20,8 @@
 */
 
 #include "includes.h"
-#include "pstring.h"
 #include "param/param.h"
+#include "auth/ntlmssp/msrpc_parse.h"
 
 /*
   this is a tiny msrpc packet generator. I am only using this to
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 838596ee98..ad1ee8e871 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -24,8 +24,7 @@
 #include "includes.h"
 #include "auth/ntlmssp/ntlmssp.h"
 #include "auth/ntlmssp/msrpc_parse.h"
-#include "lib/crypto/crypto.h"
-#include "system/filesys.h"
+#include "../lib/crypto/crypto.h"
 #include "libcli/auth/libcli_auth.h"
 #include "auth/credentials/credentials.h"
 #include "auth/gensec/gensec.h"
@@ -125,8 +124,6 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
 {
 	struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
 	DATA_BLOB struct_blob;
-	char dnsname[MAXHOSTNAMELEN], dnsdomname[MAXHOSTNAMELEN];
-	const char *p;
 	uint32_t neg_flags = 0;
 	uint32_t ntlmssp_command, chal_flags;
 	const uint8_t *cryptkey;
@@ -183,25 +180,24 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
 	gensec_ntlmssp_state->chal = data_blob_talloc(gensec_ntlmssp_state, cryptkey, 8);
 	gensec_ntlmssp_state->internal_chal = data_blob_talloc(gensec_ntlmssp_state, cryptkey, 8);
 
-	dnsname[0] = '\0';
-	if (gethostname(dnsname, sizeof(dnsname)) == -1) {
-		DEBUG(0,("gethostname failed\n"));
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
-	/* This should be a 'netbios domain -> DNS domain' mapping */
-	p = strchr(dnsname, '.');
-	if (p != NULL) {
-		safe_strcpy(dnsdomname, p+1, sizeof(dnsdomname));
-		strlower_m(dnsdomname);
-	} else {
-		dnsdomname[0] = '\0';
-	}
-	
 	/* This creates the 'blob' of names that appears at the end of the packet */
-	if (chal_flags & NTLMSSP_CHAL_TARGET_INFO) 
-	{
+	if (chal_flags & NTLMSSP_CHAL_TARGET_INFO) {
+		char dnsdomname[MAXHOSTNAMELEN], dnsname[MAXHOSTNAMELEN];
 		const char *target_name_dns = "";
+
+		/* Find out the DNS domain name */
+		dnsdomname[0] = '\0';
+		safe_strcpy(dnsdomname, lp_realm(gensec_security->lp_ctx), sizeof(dnsdomname) - 1);
+		strlower_m(dnsdomname);
+
+		/* Find out the DNS host name */
+		safe_strcpy(dnsname, gensec_ntlmssp_state->server_name, sizeof(dnsname) - 1);
+		if (dnsdomname[0] != '\0') {
+			safe_strcat(dnsname, ".", sizeof(dnsname) - 1);
+			safe_strcat(dnsname, dnsdomname, sizeof(dnsname) - 1);
+		}
+		strlower_m(dnsname);
+
 		if (chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN) {
 			target_name_dns = dnsdomname;
 		} else if (chal_flags |= NTLMSSP_TARGET_TYPE_SERVER) {
@@ -221,7 +217,7 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
 	}
 
 	{
-		/* Marshel the packet in the right format, be it unicode or ASCII */
+		/* Marshal the packet in the right format, be it unicode or ASCII */
 		const char *gen_string;
 		if (gensec_ntlmssp_state->unicode) {
 			gen_string = "CdUdbddB";
diff --git a/source4/auth/ntlmssp/ntlmssp_sign.c b/source4/auth/ntlmssp/ntlmssp_sign.c
index 063b16f539..49ed48df98 100644
--- a/source4/auth/ntlmssp/ntlmssp_sign.c
+++ b/source4/auth/ntlmssp/ntlmssp_sign.c
@@ -23,7 +23,7 @@
 #include "auth/auth.h"
 #include "auth/ntlmssp/ntlmssp.h"
 #include "auth/ntlmssp/msrpc_parse.h"
-#include "lib/crypto/crypto.h"
+#include "../lib/crypto/crypto.h"
 #include "auth/credentials/credentials.h"
 #include "auth/gensec/gensec.h"
 #include "param/param.h"