summaryrefslogtreecommitdiff
path: root/source4/libcli/util
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-11-11 23:24:30 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:05:43 -0500
commitfd5135a63b4c81688c4e2d729380ca954f22286d (patch)
tree7179bf31f404359a702f94ed5db03a1a4732617c /source4/libcli/util
parent32e368502d80517dd7b00c1c3bc8b042887d9db0 (diff)
downloadsamba-fd5135a63b4c81688c4e2d729380ca954f22286d.tar.gz
samba-fd5135a63b4c81688c4e2d729380ca954f22286d.tar.bz2
samba-fd5135a63b4c81688c4e2d729380ca954f22286d.zip
r3686: The results of some work on the NETLOGON pipe:
Break out the samsync tests from RPC-NETLOGON into a new RPC-SAMSYNC, that will cross-verify all the values. Add support for the way netlogon credentials are shared between the pipe that sets up schannel and the pipe that is encrypted with it. Test this support, by calling both NETLOGON and SAMR operations in the RPC-SCHANNEL test. Move some of the Netlogon NEG flags into the .idl, now we have an idea what a few of them really are. Rename the sam_pwd_hash into a name that has meaning (all other crypto functions were renamed in Samba4 ages ago). Break out NTLMv2 functionality for operation on the NT hash - I intend to do NTLMv2 logins in the samsync test in future, and naturally I only have the hash. Andrew Bartlett (This used to be commit 6e6cc6fb9842113a1b0c7f6904dac709b320a6e5)
Diffstat (limited to 'source4/libcli/util')
-rw-r--r--source4/libcli/util/smbdes.c2
-rw-r--r--source4/libcli/util/smbencrypt.c25
2 files changed, 19 insertions, 8 deletions
diff --git a/source4/libcli/util/smbdes.c b/source4/libcli/util/smbdes.c
index a7c8f760ea..4e4222b9e6 100644
--- a/source4/libcli/util/smbdes.c
+++ b/source4/libcli/util/smbdes.c
@@ -439,7 +439,7 @@ void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len)
/* Decode a sam password hash into a password. The password hash is the
same method used to store passwords in the NT registry. The DES key
used is based on the RID of the user. */
-void sam_pwd_hash(uint_t rid, const uint8_t *in, uint8_t *out, int forw)
+void sam_rid_crypt(uint_t rid, const uint8_t *in, uint8_t *out, int forw)
{
uint8_t s[14];
diff --git a/source4/libcli/util/smbencrypt.c b/source4/libcli/util/smbencrypt.c
index d327b53f9d..dac8674f03 100644
--- a/source4/libcli/util/smbencrypt.c
+++ b/source4/libcli/util/smbencrypt.c
@@ -374,15 +374,13 @@ static DATA_BLOB LMv2_generate_response(const uint8_t ntlm_v2_hash[16],
return final_response;
}
-BOOL SMBNTLMv2encrypt(const char *user, const char *domain, const char *password,
- const DATA_BLOB *server_chal,
- const DATA_BLOB *names_blob,
- DATA_BLOB *lm_response, DATA_BLOB *nt_response,
- DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key)
+BOOL SMBNTLMv2encrypt_hash(const char *user, const char *domain, const char nt_hash[16],
+ const DATA_BLOB *server_chal,
+ const DATA_BLOB *names_blob,
+ DATA_BLOB *lm_response, DATA_BLOB *nt_response,
+ DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key)
{
- uint8_t nt_hash[16];
uint8_t ntlm_v2_hash[16];
- E_md4hash(password, nt_hash);
/* We don't use the NT# directly. Instead we use it mashed up with
the username and domain.
@@ -420,6 +418,19 @@ BOOL SMBNTLMv2encrypt(const char *user, const char *domain, const char *password
return True;
}
+BOOL SMBNTLMv2encrypt(const char *user, const char *domain, const char *password,
+ const DATA_BLOB *server_chal,
+ const DATA_BLOB *names_blob,
+ DATA_BLOB *lm_response, DATA_BLOB *nt_response,
+ DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key)
+{
+ uint8_t nt_hash[16];
+ E_md4hash(password, nt_hash);
+
+ return SMBNTLMv2encrypt_hash(user, domain, nt_hash, server_chal, names_blob,
+ lm_response, nt_response, lm_session_key, user_session_key);
+}
+
/***********************************************************
encode a password buffer with a unicode password. The buffer
is filled with random data to make it harder to attack.