3 files changed, 35 insertions, 11 deletions
diff --git a/source3/include/client.h b/source3/include/client.h
index d75effd7d0..f3f4ef109a 100644
--- a/source3/include/client.h
+++ b/source3/include/client.h
@@ -131,25 +131,30 @@ struct cli_state {
 	 * Only used in NT domain calls.
 	 */
 
+	int pipe_idx;                      /* Index (into list of known pipes) 
+					      of the pipe we're talking to, 
+					      if any */
+
 	uint16 nt_pipe_fnum;               /* Pipe handle. */
 
+	/* Secure pipe parameters */
+	int pipe_auth_flags;
+
 	uint16 saved_netlogon_pipe_fnum;   /* The "first" pipe to get
                                               the session key for the
                                               schannel. */
 	struct netsec_auth_struct auth_info;
 
+	NTLMSSP_CLIENT_STATE *ntlmssp_pipe_state;
+
 	unsigned char sess_key[16];        /* Current session key. */
-	unsigned char ntlmssp_hash[258];   /* ntlmssp data. */
-	uint32 ntlmssp_cli_flgs;           /* ntlmssp client flags */
-	uint32 ntlmssp_srv_flgs;           /* ntlmssp server flags */
-	uint32 ntlmssp_seq_num;            /* ntlmssp sequence number */
 	DOM_CRED clnt_cred;                /* Client credential. */
 	fstring mach_acct;                 /* MYNAME$. */
 	fstring srv_name_slash;            /* \\remote server. */
 	fstring clnt_name_slash;           /* \\local client. */
 	uint16 max_xmit_frag;
 	uint16 max_recv_frag;
-	uint32 ntlmssp_flags;
+
 	BOOL use_kerberos;
 	BOOL use_spnego;
 
diff --git a/source3/include/ntlmssp.h b/source3/include/ntlmssp.h
index 067b2a5880..562e4853cc 100644
--- a/source3/include/ntlmssp.h
+++ b/source3/include/ntlmssp.h
@@ -129,5 +129,10 @@ typedef struct ntlmssp_client_state
 	/* ntlmv1 */
 	unsigned char ntlmssp_hash[258];
 
+	/* it turns out that we don't always get the
+	   response in at the time we want to process it.
+	   Store it here, until we need it */
+	DATA_BLOB stored_response; 
+	
 } NTLMSSP_CLIENT_STATE;
 
diff --git a/source3/include/rpc_dce.h b/source3/include/rpc_dce.h
index b99639d68d..dc82f45368 100644
--- a/source3/include/rpc_dce.h
+++ b/source3/include/rpc_dce.h
@@ -51,17 +51,32 @@ enum RPC_PKT_TYPE
 /* NTLMSSP signature version */
 #define NTLMSSP_SIGN_VERSION 0x01
 
-/* NTLMSSP auth type and level. */
+/* NTLMSSP auth type */
 #define NTLMSSP_AUTH_TYPE 0xa
-#define NTLMSSP_AUTH_LEVEL 0x6
+
+/* DCE-RPC standard identifiers to indicate 
+   signing or sealing of an RPC pipe */
+#define RPC_PIPE_AUTH_SIGN_LEVEL 0x5
+#define RPC_PIPE_AUTH_SEAL_LEVEL 0x6
 
 /* Netlogon schannel auth type and level */
 #define NETSEC_AUTH_TYPE 0x44
-#define NETSEC_AUTH_LEVEL 0x6
 #define NETSEC_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 }
 #define RPC_AUTH_NETSEC_CHK_LEN 0x20
 #define NETLOGON_NEG_SCHANNEL    0x40000000
 
+enum netsec_direction
+{
+	SENDER_IS_INITIATOR,
+	SENDER_IS_ACCEPTOR
+};
+
+/* Internal Flags to indicate what type of authentication on the pipe */
+#define AUTH_PIPE_SIGN    0x0001
+#define AUTH_PIPE_SEAL    0x0002
+#define AUTH_PIPE_NTLMSSP 0x0004
+#define AUTH_PIPE_NETSEC  0x0008
+
 /* Maximum PDU fragment size. */
 #define MAX_PDU_FRAG_LEN 0x1630
 /* #define MAX_PDU_FRAG_LEN 0x10b8		this is what w2k sets */
@@ -222,8 +237,8 @@ typedef struct rpc_auth_netsec_neg_info
 typedef struct rpc_auth_netsec_chk_info
 {
 	uint8 sig  [8]; /* 77 00 7a 00 ff ff 00 00 */
-	uint8 data1[8];
-	uint8 data3[8]; /* verifier, seq num */
+	uint8 packet_digest[8]; /* checksum over the packet, MD5'ed with session key */
+	uint8 seq_num[8]; /* verifier, seq num */
 	uint8 data8[8]; /* random 8-byte nonce */
 } RPC_AUTH_NETSEC_CHK;
 
@@ -350,5 +365,4 @@ typedef struct rpc_auth_ntlmssp_chk_info
 
 #define RPC_AUTH_NTLMSSP_CHK_LEN 16
 
-
 #endif /* _DCE_RPC_H */