diff options
| -rw-r--r-- | source3/Makefile.in | 7 | ||||
| -rw-r--r-- | source3/libsmb/ntlmssp.c | 69 |
2 files changed, 75 insertions, 1 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index ff073a32f1..b183cfd7f9 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -296,6 +296,9 @@ COMPRESSION_OBJ = ../lib/compression/mszip.o \ DRSUAPI_OBJ = $(LIBNDR_DRSUAPI_OBJ) \ $(COMPRESSION_OBJ) +LIBNDR_NTLMSSP_OBJ = ../librpc/gen_ndr/ndr_ntlmssp.o \ + ../librpc/ndr/ndr_ntlmssp.o + LIBNDR_OBJ = ../librpc/ndr/ndr_basic.o \ ../librpc/ndr/ndr.o \ ../librpc/ndr/ndr_misc.o \ @@ -470,7 +473,9 @@ LIBSMB_ERR_OBJ = $(LIBSMB_ERR_OBJ0) $(LIBSMB_ERR_OBJ1) \ LIBSMB_OBJ0 = \ ../libcli/auth/ntlm_check.o \ libsmb/ntlmssp.o \ - libsmb/ntlmssp_sign.o + libsmb/ntlmssp_sign.o \ + $(LIBNDR_NTLMSSP_OBJ) \ + libsmb/ntlmssp_ndr.o LIBSAMBA_OBJ = $(LIBSMB_OBJ0) \ $(LIBSMB_ERR_OBJ) diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index 2e5d8cc2ea..60c1d49bb0 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -23,6 +23,8 @@ #include "includes.h" #include "../libcli/auth/libcli_auth.h" +#include "../librpc/gen_ndr/ndr_ntlmssp.h" +#include "libsmb/ntlmssp_ndr.h" static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state, DATA_BLOB reply, DATA_BLOB *next_request); @@ -516,6 +518,8 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state, uint32 ntlmssp_command, chal_flags; uint8_t cryptkey[8]; const char *target_name; + struct NEGOTIATE_MESSAGE negotiate; + struct CHALLENGE_MESSAGE challenge; /* parse the NTLMSSP packet */ #if 0 @@ -533,6 +537,16 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state, return NT_STATUS_INVALID_PARAMETER; } debug_ntlmssp_flags(neg_flags); + + if (DEBUGLEVEL >= 10) { + if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(&request, + ntlmssp_state, + NULL, + &negotiate))) + { + NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE, &negotiate); + } + } } ntlmssp_handle_neg_flags(ntlmssp_state, neg_flags, lp_lanman_auth()); @@ -607,6 +621,16 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state, cryptkey, 8, 0, 0, struct_blob.data, struct_blob.length); + + if (DEBUGLEVEL >= 10) { + if (NT_STATUS_IS_OK(ntlmssp_pull_CHALLENGE_MESSAGE(reply, + ntlmssp_state, + NULL, + &challenge))) + { + NDR_PRINT_DEBUG(CHALLENGE_MESSAGE, &challenge); + } + } } data_blob_free(&struct_blob); @@ -634,6 +658,7 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state, DATA_BLOB session_key = data_blob_null; uint32 ntlmssp_command, auth_flags; NTSTATUS nt_status = NT_STATUS_OK; + struct AUTHENTICATE_MESSAGE authenticate; /* used by NTLM2 */ bool doing_ntlm2 = False; @@ -702,6 +727,16 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state, if (auth_flags) ntlmssp_handle_neg_flags(ntlmssp_state, auth_flags, lp_lanman_auth()); + if (DEBUGLEVEL >= 10) { + if (NT_STATUS_IS_OK(ntlmssp_pull_AUTHENTICATE_MESSAGE(&request, + ntlmssp_state, + NULL, + &authenticate))) + { + NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE, &authenticate); + } + } + DEBUG(3,("Got user=[%s] domain=[%s] workstation=[%s] len1=%lu len2=%lu\n", ntlmssp_state->user, ntlmssp_state->domain, ntlmssp_state->workstation, (unsigned long)ntlmssp_state->lm_resp.length, (unsigned long)ntlmssp_state->nt_resp.length)); @@ -920,6 +955,8 @@ NTSTATUS ntlmssp_server_start(NTLMSSP_STATE **ntlmssp_state) static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state, DATA_BLOB reply, DATA_BLOB *next_request) { + struct NEGOTIATE_MESSAGE negotiate; + if (ntlmssp_state->unicode) { ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE; } else { @@ -938,6 +975,16 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state, ntlmssp_state->get_domain(), ntlmssp_state->get_global_myname()); + if (DEBUGLEVEL >= 10) { + if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(next_request, + ntlmssp_state, + NULL, + &negotiate))) + { + NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE, &negotiate); + } + } + ntlmssp_state->expected_state = NTLMSSP_CHALLENGE; return NT_STATUS_MORE_PROCESSING_REQUIRED; @@ -967,6 +1014,8 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB session_key = data_blob_null; DATA_BLOB encrypted_session_key = data_blob_null; NTSTATUS nt_status = NT_STATUS_OK; + struct CHALLENGE_MESSAGE challenge; + struct AUTHENTICATE_MESSAGE authenticate; if (!msrpc_parse(ntlmssp_state, &reply, "CdBd", "NTLMSSP", @@ -979,6 +1028,16 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, return NT_STATUS_INVALID_PARAMETER; } + if (DEBUGLEVEL >= 10) { + if (NT_STATUS_IS_OK(ntlmssp_pull_CHALLENGE_MESSAGE(&reply, + ntlmssp_state, + NULL, + &challenge))) + { + NDR_PRINT_DEBUG(CHALLENGE_MESSAGE, &challenge); + } + } + data_blob_free(&server_domain_blob); DEBUG(3, ("Got challenge flags:\n")); @@ -1151,6 +1210,16 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state, return NT_STATUS_NO_MEMORY; } + if (DEBUGLEVEL >= 10) { + if (NT_STATUS_IS_OK(ntlmssp_pull_AUTHENTICATE_MESSAGE(next_request, + ntlmssp_state, + NULL, + &authenticate))) + { + NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE, &authenticate); + } + } + data_blob_free(&encrypted_session_key); data_blob_free(&ntlmssp_state->chal); |