summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/asn1.c2
-rw-r--r--source3/libsmb/cliconnect.c7
-rw-r--r--source3/libsmb/clilist.c8
-rw-r--r--source3/libsmb/clireadwrite.c7
-rw-r--r--source3/libsmb/clispnego.c61
-rw-r--r--source3/libsmb/namequery.c179
-rw-r--r--source3/libsmb/ntlmssp.c278
7 files changed, 201 insertions, 341 deletions
diff --git a/source3/libsmb/asn1.c b/source3/libsmb/asn1.c
index 333d157905..b967927871 100644
--- a/source3/libsmb/asn1.c
+++ b/source3/libsmb/asn1.c
@@ -407,7 +407,7 @@ BOOL asn1_check_enumerated(ASN1_DATA *data, int v)
return !data->has_error && (v == b);
}
-/* write an enumarted value to the stream */
+/* check a enumarted value is correct */
BOOL asn1_write_enumerated(ASN1_DATA *data, uint8 v)
{
if (!asn1_push_tag(data, ASN1_ENUMERATED)) return False;
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 389b7a1733..b758af41c4 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -465,8 +465,7 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, const char *user,
neg_flags = NTLMSSP_NEGOTIATE_UNICODE |
NTLMSSP_NEGOTIATE_128 |
- NTLMSSP_NEGOTIATE_NTLM |
- NTLMSSP_REQUEST_TARGET;
+ NTLMSSP_NEGOTIATE_NTLM;
memset(sess_key, 0, 16);
@@ -477,8 +476,8 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, const char *user,
"NTLMSSP",
NTLMSSP_NEGOTIATE,
neg_flags,
- workgroup,
- cli->calling.name);
+ workgroup, strlen(workgroup),
+ cli->calling.name, strlen(cli->calling.name) + 1);
DEBUG(10, ("neg_flags: %0X, workgroup: %s, calling name %s\n",
neg_flags, workgroup, cli->calling.name));
/* and wrap it in a SPNEGO wrapper */
diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c
index 89ab5d6414..4a1737af49 100644
--- a/source3/libsmb/clilist.c
+++ b/source3/libsmb/clilist.c
@@ -324,11 +324,9 @@ static int interpret_short_filename(struct cli_state *cli, char *p,file_info *fi
finfo->mtime = finfo->atime = finfo->ctime;
finfo->size = IVAL(p,26);
clistr_pull(cli, finfo->name, p+30, sizeof(finfo->name), 12, STR_ASCII);
- if (strcmp(finfo->name, "..") && strcmp(finfo->name, ".")) {
- strncpy(finfo->short_name,finfo->name, sizeof(finfo->short_name)-1);
- finfo->short_name[sizeof(finfo->short_name)-1] = '\0';
- }
-
+ if (strcmp(finfo->name, "..") && strcmp(finfo->name, "."))
+ fstrcpy(finfo->short_name,finfo->name);
+
return(DIR_STRUCT_SIZE);
}
diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c
index 0715aa7f1a..fb013734ac 100644
--- a/source3/libsmb/clireadwrite.c
+++ b/source3/libsmb/clireadwrite.c
@@ -285,13 +285,10 @@ static BOOL cli_issue_write(struct cli_state *cli, int fnum, off_t offset,
SIVAL(cli->outbuf,smb_vwv5,0);
SSVAL(cli->outbuf,smb_vwv7,mode);
- SSVAL(cli->outbuf,smb_vwv8,(mode & 0x0008) ? size : 0);
/*
- * According to CIFS-TR-1p00, this following field should only
- * be set if CAP_LARGE_WRITEX is set. We should check this
- * locally. However, this check might already have been
- * done by our callers.
+ * THe following is still wrong ...
*/
+ SSVAL(cli->outbuf,smb_vwv8,(mode & 0x0008) ? size : 0);
SSVAL(cli->outbuf,smb_vwv9,((size>>16)&1));
SSVAL(cli->outbuf,smb_vwv10,size);
SSVAL(cli->outbuf,smb_vwv11,
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 6a5f6c00ae..55f49c5987 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -485,7 +485,7 @@ BOOL spnego_parse_auth(DATA_BLOB blob, DATA_BLOB *auth)
/*
generate a minimal SPNEGO NTLMSSP response packet. Doesn't contain much.
*/
-DATA_BLOB spnego_gen_auth_response(DATA_BLOB *ntlmssp_reply)
+DATA_BLOB spnego_gen_auth_response(void)
{
ASN1_DATA data;
DATA_BLOB ret;
@@ -495,13 +495,8 @@ DATA_BLOB spnego_gen_auth_response(DATA_BLOB *ntlmssp_reply)
asn1_push_tag(&data, ASN1_CONTEXT(1));
asn1_push_tag(&data, ASN1_SEQUENCE(0));
asn1_push_tag(&data, ASN1_CONTEXT(0));
- asn1_write_enumerated(&data, ntlmssp_reply->length ? 1 : 0);
+ asn1_write_enumerated(&data, 0);
asn1_pop_tag(&data);
- if (ntlmssp_reply->length) {
- asn1_push_tag(&data,ASN1_CONTEXT(2));
- asn1_write_OctetString(&data, ntlmssp_reply->data, ntlmssp_reply->length);
- asn1_pop_tag(&data);
- }
asn1_pop_tag(&data);
asn1_pop_tag(&data);
@@ -519,9 +514,8 @@ DATA_BLOB spnego_gen_auth_response(DATA_BLOB *ntlmssp_reply)
format specifiers are:
U = unicode string (input is unix string)
- a = address (input is BOOL unicode, char *unix_string)
- (1 byte type, 1 byte length, unicode/ASCII string, all inline)
- A = ASCII string (input is unix string)
+ a = address (1 byte type, 1 byte length, unicode string, all inline)
+ A = ASCII string (pointer + length) Actually same as B
B = data blob (pointer + length)
b = data blob in header (pointer + length)
D
@@ -537,7 +531,6 @@ BOOL msrpc_gen(DATA_BLOB *blob,
uint8 *b;
int head_size=0, data_size=0;
int head_ofs, data_ofs;
- BOOL unicode;
/* first scan the format to work out the header and body size */
va_start(ap, format);
@@ -548,21 +541,12 @@ BOOL msrpc_gen(DATA_BLOB *blob,
head_size += 8;
data_size += str_charnum(s) * 2;
break;
- case 'A':
- s = va_arg(ap, char *);
- head_size += 8;
- data_size += str_ascii_charnum(s);
- break;
case 'a':
- unicode = va_arg(ap, BOOL);
n = va_arg(ap, int);
s = va_arg(ap, char *);
- if (unicode) {
- data_size += (str_charnum(s) * 2) + 4;
- } else {
- data_size += (str_ascii_charnum(s)) + 4;
- }
+ data_size += (str_charnum(s) * 2) + 4;
break;
+ case 'A':
case 'B':
b = va_arg(ap, uint8 *);
head_size += 8;
@@ -602,39 +586,20 @@ BOOL msrpc_gen(DATA_BLOB *blob,
push_string(NULL, blob->data+data_ofs, s, n*2, STR_UNICODE|STR_NOALIGN);
data_ofs += n*2;
break;
- case 'A':
- s = va_arg(ap, char *);
- n = str_ascii_charnum(s);
- SSVAL(blob->data, head_ofs, n); head_ofs += 2;
- SSVAL(blob->data, head_ofs, n); head_ofs += 2;
- SIVAL(blob->data, head_ofs, data_ofs); head_ofs += 4;
- push_string(NULL, blob->data+data_ofs, s, n, STR_ASCII|STR_NOALIGN);
- data_ofs += n;
- break;
case 'a':
- unicode = va_arg(ap, BOOL);
n = va_arg(ap, int);
SSVAL(blob->data, data_ofs, n); data_ofs += 2;
s = va_arg(ap, char *);
- if (unicode) {
- n = str_charnum(s);
- SSVAL(blob->data, data_ofs, n*2); data_ofs += 2;
- if (0 < n) {
- push_string(NULL, blob->data+data_ofs, s, n*2,
- STR_UNICODE|STR_NOALIGN);
- }
- data_ofs += n*2;
- } else {
- n = str_ascii_charnum(s);
- SSVAL(blob->data, data_ofs, n); data_ofs += 2;
- if (0 < n) {
- push_string(NULL, blob->data+data_ofs, s, n,
- STR_ASCII|STR_NOALIGN);
- }
- data_ofs += n;
+ n = str_charnum(s);
+ SSVAL(blob->data, data_ofs, n*2); data_ofs += 2;
+ if (0 < n) {
+ push_string(NULL, blob->data+data_ofs, s, n*2,
+ STR_UNICODE|STR_NOALIGN);
}
+ data_ofs += n*2;
break;
+ case 'A':
case 'B':
b = va_arg(ap, uint8 *);
n = va_arg(ap, int);
diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c
index f446453b9a..342a2a2926 100644
--- a/source3/libsmb/namequery.c
+++ b/source3/libsmb/namequery.c
@@ -1001,6 +1001,7 @@ BOOL find_master_ip(const char *group, struct in_addr *master_ip)
BOOL lookup_dc_name(const char *srcname, const char *domain,
struct in_addr *dc_ip, char *ret_name)
{
+#if !defined(I_HATE_WINDOWS_REPLY_CODE)
fstring dc_name;
BOOL ret;
@@ -1024,6 +1025,184 @@ BOOL lookup_dc_name(const char *srcname, const char *domain,
}
return False;
+
+#else /* defined(I_HATE_WINDOWS_REPLY_CODE) */
+
+JRA - This code is broken with BDC rollover - we need to do a full
+NT GETDC call, UNICODE, NT domain SID and uncle tom cobbley and all...
+
+ int retries = 3;
+ int retry_time = 2000;
+ struct timeval tval;
+ struct packet_struct p;
+ struct dgram_packet *dgram = &p.packet.dgram;
+ char *ptr,*p2;
+ char tmp[4];
+ int len;
+ struct sockaddr_in sock_name;
+ int sock_len = sizeof(sock_name);
+ const char *mailslot = NET_LOGON_MAILSLOT;
+ char *mailslot_name;
+ char buffer[1024];
+ char *bufp;
+ int dgm_id = generate_trn_id();
+ int sock = open_socket_in(SOCK_DGRAM, 0, 3, interpret_addr(lp_socket_address()), True );
+
+ if(sock == -1)
+ return False;
+
+ /* Find out the transient UDP port we have been allocated. */
+ if(getsockname(sock, (struct sockaddr *)&sock_name, &sock_len)<0) {
+ DEBUG(0,("lookup_pdc_name: Failed to get local UDP port. Error was %s\n",
+ strerror(errno)));
+ close(sock);
+ return False;
+ }
+
+ /*
+ * Create the request data.
+ */
+
+ memset(buffer,'\0',sizeof(buffer));
+ bufp = buffer;
+ SSVAL(bufp,0,QUERYFORPDC);
+ bufp += 2;
+ fstrcpy(bufp,srcname);
+ bufp += (strlen(bufp) + 1);
+ slprintf(bufp, sizeof(fstring)-1, "\\MAILSLOT\\NET\\GETDC%d", dgm_id);
+ mailslot_name = bufp;
+ bufp += (strlen(bufp) + 1);
+ bufp = ALIGN2(bufp, buffer);
+ bufp += push_ucs2(NULL, bufp, srcname, sizeof(buffer) - (bufp - buffer), STR_TERMINATE);
+
+ SIVAL(bufp,0,1);
+ SSVAL(bufp,4,0xFFFF);
+ SSVAL(bufp,6,0xFFFF);
+ bufp += 8;
+ len = PTR_DIFF(bufp,buffer);
+
+ memset((char *)&p,'\0',sizeof(p));
+
+ /* DIRECT GROUP or UNIQUE datagram. */
+ dgram->header.msg_type = 0x10;
+ dgram->header.flags.node_type = M_NODE;
+ dgram->header.flags.first = True;
+ dgram->header.flags.more = False;
+ dgram->header.dgm_id = dgm_id;
+ dgram->header.source_ip = *iface_ip(*pdc_ip);
+ dgram->header.source_port = ntohs(sock_name.sin_port);
+ dgram->header.dgm_length = 0; /* Let build_dgram() handle this. */
+ dgram->header.packet_offset = 0;
+
+ make_nmb_name(&dgram->source_name,srcname,0);
+ make_nmb_name(&dgram->dest_name,domain,0x1C);
+
+ ptr = &dgram->data[0];
+
+ /* Setup the smb part. */
+ ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */
+ memcpy(tmp,ptr,4);
+ set_message(ptr,17,17 + len,True);
+ memcpy(ptr,tmp,4);
+
+ CVAL(ptr,smb_com) = SMBtrans;
+ SSVAL(ptr,smb_vwv1,len);
+ SSVAL(ptr,smb_vwv11,len);
+ SSVAL(ptr,smb_vwv12,70 + strlen(mailslot));
+ SSVAL(ptr,smb_vwv13,3);
+ SSVAL(ptr,smb_vwv14,1);
+ SSVAL(ptr,smb_vwv15,1);
+ SSVAL(ptr,smb_vwv16,2);
+ p2 = smb_buf(ptr);
+ pstrcpy(p2,mailslot);
+ p2 = skip_string(p2,1);
+
+ memcpy(p2,buffer,len);
+ p2 += len;
+
+ dgram->datasize = PTR_DIFF(p2,ptr+4); /* +4 for tcp length. */
+
+ p.ip = *pdc_ip;
+ p.port = DGRAM_PORT;
+ p.fd = sock;
+ p.timestamp = time(NULL);
+ p.packet_type = DGRAM_PACKET;
+
+ GetTimeOfDay(&tval);
+
+ if (!send_packet(&p)) {
+ DEBUG(0,("lookup_pdc_name: send_packet failed.\n"));
+ close(sock);
+ return False;
+ }
+
+ retries--;
+
+ while (1) {
+ struct timeval tval2;
+ struct packet_struct *p_ret;
+
+ GetTimeOfDay(&tval2);
+ if (TvalDiff(&tval,&tval2) > retry_time) {
+ if (!retries)
+ break;
+ if (!send_packet(&p)) {
+ DEBUG(0,("lookup_pdc_name: send_packet failed.\n"));
+ close(sock);
+ return False;
+ }
+ GetTimeOfDay(&tval);
+ retries--;
+ }
+
+ if ((p_ret = receive_dgram_packet(sock,90,mailslot_name))) {
+ struct dgram_packet *dgram2 = &p_ret->packet.dgram;
+ char *buf;
+ char *buf2;
+
+ buf = &dgram2->data[0];
+ buf -= 4;
+
+ if (CVAL(buf,smb_com) != SMBtrans) {
+ DEBUG(0,("lookup_pdc_name: datagram type %u != SMBtrans(%u)\n", (unsigned int)
+ CVAL(buf,smb_com), (unsigned int)SMBtrans ));
+ free_packet(p_ret);
+ continue;
+ }
+
+ len = SVAL(buf,smb_vwv11);
+ buf2 = smb_base(buf) + SVAL(buf,smb_vwv12);
+
+ if (len <= 0) {
+ DEBUG(0,("lookup_pdc_name: datagram len < 0 (%d)\n", len ));
+ free_packet(p_ret);
+ continue;
+ }
+
+ DEBUG(4,("lookup_pdc_name: datagram reply from %s to %s IP %s for %s of type %d len=%d\n",
+ nmb_namestr(&dgram2->source_name),nmb_namestr(&dgram2->dest_name),
+ inet_ntoa(p_ret->ip), smb_buf(buf),SVAL(buf2,0),len));
+
+ if(SVAL(buf2,0) != QUERYFORPDC_R) {
+ DEBUG(0,("lookup_pdc_name: datagram type (%u) != QUERYFORPDC_R(%u)\n",
+ (unsigned int)SVAL(buf,0), (unsigned int)QUERYFORPDC_R ));
+ free_packet(p_ret);
+ continue;
+ }
+
+ buf2 += 2;
+ /* Note this is safe as it is a bounded strcpy. */
+ fstrcpy(ret_name, buf2);
+ ret_name[sizeof(fstring)-1] = '\0';
+ close(sock);
+ free_packet(p_ret);
+ return True;
+ }
+ }
+
+ close(sock);
+ return False;
+#endif /* defined(I_HATE_WINDOWS_REPLY_CODE) */
}
/********************************************************
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
deleted file mode 100644
index 4183f3e77a..0000000000
--- a/source3/libsmb/ntlmssp.c
+++ /dev/null
@@ -1,278 +0,0 @@
-/*
- Unix SMB/Netbios implementation.
- Version 3.0
- handle NLTMSSP, server side
-
- Copyright (C) Andrew Tridgell 2001
- Copyright (C) Andrew Bartlett 2001-2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-/**
- * Default challange generation code.
- *
- */
-
-
-static const uint8 *get_challenge(void *cookie)
-{
- static uchar chal[8];
- generate_random_buffer(chal, sizeof(chal), False);
-
- return chal;
-}
-
-NTSTATUS ntlmssp_server_start(NTLMSSP_STATE **ntlmssp_state)
-{
- TALLOC_CTX *mem_ctx;
-
- mem_ctx = talloc_init("NTLMSSP context");
-
- *ntlmssp_state = talloc_zero(mem_ctx, sizeof(**ntlmssp_state));
- if (!*ntlmssp_state) {
- DEBUG(0,("ntlmssp_start: talloc failed!\n"));
- talloc_destroy(mem_ctx);
- return NT_STATUS_NO_MEMORY;
- }
-
- ZERO_STRUCTP(*ntlmssp_state);
-
- (*ntlmssp_state)->mem_ctx = mem_ctx;
- (*ntlmssp_state)->get_challenge = get_challenge;
-
- (*ntlmssp_state)->get_global_myname = global_myname;
- (*ntlmssp_state)->get_domain = lp_workgroup;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS ntlmssp_server_end(NTLMSSP_STATE **ntlmssp_state)
-{
- TALLOC_CTX *mem_ctx = (*ntlmssp_state)->mem_ctx;
-
- data_blob_free(&(*ntlmssp_state)->lm_resp);
- data_blob_free(&(*ntlmssp_state)->nt_resp);
-
- SAFE_FREE((*ntlmssp_state)->user);
- SAFE_FREE((*ntlmssp_state)->domain);
- SAFE_FREE((*ntlmssp_state)->workstation);
-
- talloc_destroy(mem_ctx);
- *ntlmssp_state = NULL;
- return NT_STATUS_OK;
-}
-
-NTSTATUS ntlmssp_server_update(NTLMSSP_STATE *ntlmssp_state,
- DATA_BLOB request, DATA_BLOB *reply)
-{
- uint32 ntlmssp_command;
-
- if (!msrpc_parse(&request, "Cd",
- "NTLMSSP",
- &ntlmssp_command)) {
- return NT_STATUS_LOGON_FAILURE;
- }
-
- if (ntlmssp_command == NTLMSSP_NEGOTIATE) {
- return ntlmssp_negotiate(ntlmssp_state, request, reply);
- } else if (ntlmssp_command == NTLMSSP_AUTH) {
- return ntlmssp_auth(ntlmssp_state, request, reply);
- } else {
- return NT_STATUS_LOGON_FAILURE;
- }
-}
-
-static const char *ntlmssp_target_name(NTLMSSP_STATE *ntlmssp_state,
- uint32 neg_flags, uint32 *chal_flags)
-{
- if (neg_flags & NTLMSSP_REQUEST_TARGET) {
- *chal_flags |= NTLMSSP_CHAL_TARGET_INFO;
- *chal_flags |= NTLMSSP_REQUEST_TARGET;
- if (lp_server_role() == ROLE_STANDALONE) {
- *chal_flags |= NTLMSSP_TARGET_TYPE_SERVER;
- return ntlmssp_state->get_global_myname();
- } else {
- *chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN;
- return ntlmssp_state->get_domain();
- };
- } else {
- return "";
- }
-}
-
-NTSTATUS ntlmssp_negotiate(NTLMSSP_STATE *ntlmssp_state,
- DATA_BLOB request, DATA_BLOB *reply)
-{
- DATA_BLOB struct_blob;
- fstring dnsname, dnsdomname;
- uint32 ntlmssp_command, neg_flags, chal_flags;
- char *cliname=NULL, *domname=NULL;
- const uint8 *cryptkey;
- const char *target_name;
-
- /* parse the NTLMSSP packet */
-#if 0
- file_save("ntlmssp_negotiate.dat", request.data, request.length);
-#endif
-
- if (!msrpc_parse(&request, "CddAA",
- "NTLMSSP",
- &ntlmssp_command,
- &neg_flags,
- &cliname,
- &domname)) {
- return NT_STATUS_LOGON_FAILURE;
- }
-
- SAFE_FREE(cliname);
- SAFE_FREE(domname);
-
- debug_ntlmssp_flags(neg_flags);
-
- cryptkey = ntlmssp_state->get_challenge(ntlmssp_state->auth_context);
-
- /* Give them the challenge. For now, ignore neg_flags and just
- return the flags we want. Obviously this is not correct */
-
- chal_flags =
- NTLMSSP_NEGOTIATE_128 |
- NTLMSSP_NEGOTIATE_NTLM;
-
- if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) {
- chal_flags |= NTLMSSP_NEGOTIATE_UNICODE;
- ntlmssp_state->unicode = True;
- } else {
- chal_flags |= NTLMSSP_NEGOTIATE_OEM;
- }
-
- target_name = ntlmssp_target_name(ntlmssp_state,
- neg_flags, &chal_flags);
-
- /* This should be a 'netbios domain -> DNS domain' mapping */
- dnsdomname[0] = '\0';
- get_mydomname(dnsdomname);
- strlower(dnsdomname);
-
- dnsname[0] = '\0';
- get_myfullname(dnsname);
- strlower(dnsname);
-
- if (chal_flags & NTLMSSP_CHAL_TARGET_INFO)
- {
- const char *target_name_dns = "";
- if (chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN) {
- target_name_dns = dnsdomname;
- } else if (chal_flags |= NTLMSSP_TARGET_TYPE_SERVER) {
- target_name_dns = dnsname;
- }
-
- /* the numbers here are the string type flags */
- msrpc_gen(&struct_blob, "aaaaa",
- ntlmssp_state->unicode, NTLMSSP_NAME_TYPE_DOMAIN, target_name,
- ntlmssp_state->unicode, NTLMSSP_NAME_TYPE_SERVER, ntlmssp_state->get_global_myname(),
- ntlmssp_state->unicode, NTLMSSP_NAME_TYPE_DOMAIN_DNS, target_name_dns,
- ntlmssp_state->unicode, NTLMSSP_NAME_TYPE_SERVER_DNS, dnsdomname,
- ntlmssp_state->unicode, 0, "");
- } else {
- struct_blob = data_blob(NULL, 0);
- }
-
- {
- const char *gen_string;
- if (ntlmssp_state->unicode) {
- gen_string = "CdUdbddB";
- } else {
- gen_string = "CdAdbddB";
- }
-
- msrpc_gen(reply, gen_string,
- "NTLMSSP",
- NTLMSSP_CHALLENGE,
- target_name,
- chal_flags,
- cryptkey, 8,
- 0, 0,
- struct_blob.data, struct_blob.length);
- }
-
- data_blob_free(&struct_blob);
-
- return NT_STATUS_MORE_PROCESSING_REQUIRED;
-}
-
-NTSTATUS ntlmssp_auth(NTLMSSP_STATE *ntlmssp_state,
- DATA_BLOB request, DATA_BLOB *reply)
-{
- DATA_BLOB sess_key;
- uint32 ntlmssp_command, neg_flags;
- NTSTATUS nt_status;
-
- const char *parse_string;
-
- /* parse the NTLMSSP packet */
-#if 0
- file_save("ntlmssp_auth.dat", request.data, request.length);
-#endif
-
- if (ntlmssp_state->unicode) {
- parse_string = "CdBBUUUBd";
- } else {
- parse_string = "CdBBAAABd";
- }
-
- data_blob_free(&ntlmssp_state->lm_resp);
- data_blob_free(&ntlmssp_state->nt_resp);
-
- SAFE_FREE(ntlmssp_state->user);
- SAFE_FREE(ntlmssp_state->domain);
- SAFE_FREE(ntlmssp_state->workstation);
-
- /* now the NTLMSSP encoded auth hashes */
- if (!msrpc_parse(&request, parse_string,
- "NTLMSSP",
- &ntlmssp_command,
- &ntlmssp_state->lm_resp,
- &ntlmssp_state->nt_resp,
- &ntlmssp_state->domain,
- &ntlmssp_state->user,
- &ntlmssp_state->workstation,
- &sess_key,
- &neg_flags)) {
- return NT_STATUS_LOGON_FAILURE;
- }
-
- data_blob_free(&sess_key);
-
- DEBUG(3,("Got user=[%s] domain=[%s] workstation=[%s] len1=%d len2=%d\n",
- ntlmssp_state->user, ntlmssp_state->domain, ntlmssp_state->workstation, ntlmssp_state->lm_resp.length, ntlmssp_state->nt_resp.length));
-
-#if 0
- file_save("nthash1.dat", &ntlmssp_state->nt_resp.data, &ntlmssp_state->nt_resp.length);
- file_save("lmhash1.dat", &ntlmssp_state->lm_resp.data, &ntlmssp_state->lm_resp.length);
-#endif
-
- nt_status = ntlmssp_state->check_password(ntlmssp_state->auth_context);
-
- if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
- }
-
- *reply = data_blob(NULL, 0);
-
- return nt_status;
-}