summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source4/auth/ntlmssp/ntlmssp.c9
-rw-r--r--source4/auth/ntlmssp/ntlmssp.h1
-rw-r--r--source4/auth/ntlmssp/ntlmssp_server.c6
3 files changed, 12 insertions, 4 deletions
diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c
index fff0c9c7e9..bb9ff9cc63 100644
--- a/source4/auth/ntlmssp/ntlmssp.c
+++ b/source4/auth/ntlmssp/ntlmssp.c
@@ -260,9 +260,6 @@ void ntlmssp_handle_neg_flags(struct gensec_ntlmssp_state *gensec_ntlmssp_state,
if (!(neg_flags & NTLMSSP_NEGOTIATE_128)) {
gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_128;
- if (neg_flags & NTLMSSP_NEGOTIATE_56) {
- gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;
- }
}
if (!(neg_flags & NTLMSSP_NEGOTIATE_56)) {
@@ -273,6 +270,12 @@ void ntlmssp_handle_neg_flags(struct gensec_ntlmssp_state *gensec_ntlmssp_state,
gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_KEY_EXCH;
}
+ /* Woop Woop - unknown flag for Windows compatibility...
+ What does this really do ? JRA. */
+ if (!(neg_flags & NTLMSSP_UNKNOWN_02000000)) {
+ gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_UNKNOWN_02000000;
+ }
+
if ((neg_flags & NTLMSSP_REQUEST_TARGET)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_REQUEST_TARGET;
}
diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h
index 1efb1afd54..a9ad988a5f 100644
--- a/source4/auth/ntlmssp/ntlmssp.h
+++ b/source4/auth/ntlmssp/ntlmssp.h
@@ -62,6 +62,7 @@ enum ntlmssp_message_type
#define NTLMSSP_CHAL_NON_NT_SESSION_KEY 0x00040000
#define NTLMSSP_NEGOTIATE_NTLM2 0x00080000
#define NTLMSSP_CHAL_TARGET_INFO 0x00800000
+#define NTLMSSP_UNKNOWN_02000000 0x02000000
#define NTLMSSP_NEGOTIATE_128 0x20000000 /* 128-bit encryption */
#define NTLMSSP_NEGOTIATE_KEY_EXCH 0x40000000
#define NTLMSSP_NEGOTIATE_56 0x80000000
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 44f7fa8b8c..b574622bbe 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -800,7 +800,7 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
gensec_ntlmssp_state->server_multiple_authentications = False;
gensec_ntlmssp_state->neg_flags =
- NTLMSSP_NEGOTIATE_NTLM;
+ NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_UNKNOWN_02000000;
gensec_ntlmssp_state->lm_resp = data_blob(NULL, 0);
gensec_ntlmssp_state->nt_resp = data_blob(NULL, 0);
@@ -810,6 +810,10 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128;
}
+ if (lp_parm_bool(-1, "ntlmssp_server", "56bit", True)) {
+ gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;
+ }
+
if (lp_parm_bool(-1, "ntlmssp_server", "keyexchange", True)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;
}
generated by cgit (git 2.34.1) at 2024-07-18 22:04:47 +0000