summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/libsmb/cliconnect.c9
-rw-r--r--source3/libsmb/clispnego.c47
2 files changed, 52 insertions, 4 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index cb3b4373dc..428167ebfa 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -486,16 +486,19 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, char *user,
memset(sess_key, 0, 16);
+ DEBUG(10, ("sending NTLMSSP_NEGOTIATE\n"));
+
/* generate the ntlmssp negotiate packet */
msrpc_gen(&blob, "CddAA",
"NTLMSSP",
NTLMSSP_NEGOTIATE,
neg_flags,
workgroup, strlen(workgroup),
- cli->calling.name, strlen(cli->calling.name));
-
+ cli->calling.name, strlen(cli->calling.name) + 1);
+ DEBUG(10, ("neg_flags: %0X, workgroup: %s, calling name %s\n",
+ neg_flags, workgroup, cli->calling.name));
/* and wrap it in a SPNEGO wrapper */
- msg1 = gen_negTokenTarg(mechs, blob);
+ msg1 = gen_negTokenInit(OID_NTLMSSP, blob);
data_blob_free(&blob);
/* now send that blob on its way */
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 8376398e3f..8aab0fdda9 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -73,6 +73,50 @@ DATA_BLOB spnego_gen_negTokenInit(uint8 guid[16],
return ret;
}
+/*
+ Generate a negTokenInit as used by the client side ... It has a mechType
+ (OID), and a mechToken (a security blob) ...
+
+ Really, we need to break out the NTLMSSP stuff as well, because it could be
+ raw in the packets!
+*/
+DATA_BLOB gen_negTokenInit(const char *OID, DATA_BLOB blob)
+{
+ ASN1_DATA data;
+ DATA_BLOB ret;
+
+ memset(&data, 0, sizeof(data));
+
+ asn1_push_tag(&data, ASN1_APPLICATION(0));
+ asn1_write_OID(&data,OID_SPNEGO);
+ asn1_push_tag(&data, ASN1_CONTEXT(0));
+ asn1_push_tag(&data, ASN1_SEQUENCE(0));
+
+ asn1_push_tag(&data, ASN1_CONTEXT(0));
+ asn1_push_tag(&data, ASN1_SEQUENCE(0));
+ asn1_write_OID(&data, OID);
+ asn1_pop_tag(&data);
+ asn1_pop_tag(&data);
+
+ asn1_push_tag(&data, ASN1_CONTEXT(2));
+ asn1_write_OctetString(&data,blob.data,blob.length);
+ asn1_pop_tag(&data);
+
+ asn1_pop_tag(&data);
+ asn1_pop_tag(&data);
+
+ asn1_pop_tag(&data);
+
+ if (data.has_error) {
+ DEBUG(1,("Failed to build negTokenInit at offset %d\n", (int)data.ofs));
+ asn1_free(&data);
+ }
+
+ ret = data_blob(data.data, data.length);
+ asn1_free(&data);
+
+ return ret;
+}
/*
parse a negTokenInit packet giving a GUID, a list of supported
@@ -553,7 +597,8 @@ BOOL msrpc_gen(DATA_BLOB *blob,
}
data_ofs += n*2;
break;
-
+
+ case 'A':
case 'B':
b = va_arg(ap, uint8 *);
n = va_arg(ap, int);