1 files changed, 7 insertions, 5 deletions

diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index bfee4d4fa5..30077010bc 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -225,6 +225,8 @@ struct ntlmssp_server_auth_state {
 	DATA_BLOB lm_session_key;
 	/* internal variables used by KEY_EXCH (client-supplied user session key */
 	DATA_BLOB encrypted_session_key;
+	/* internal variables used by NTLM2 */
+	uint8_t session_nonce[16];
 };
 
 /**
@@ -349,11 +351,11 @@ static NTSTATUS ntlmssp_server_preauth(struct ntlmssp_state *ntlmssp_state,
 			
 			ntlmssp_state->doing_ntlm2 = true;
 
-			memcpy(ntlmssp_state->crypt.ntlm2.session_nonce, ntlmssp_state->internal_chal.data, 8);
-			memcpy(&ntlmssp_state->crypt.ntlm2.session_nonce[8], ntlmssp_state->lm_resp.data, 8);
+			memcpy(state->session_nonce, ntlmssp_state->internal_chal.data, 8);
+			memcpy(&state->session_nonce[8], ntlmssp_state->lm_resp.data, 8);
 			
 			MD5Init(&md5_session_nonce_ctx);
-			MD5Update(&md5_session_nonce_ctx, ntlmssp_state->crypt.ntlm2.session_nonce, 16);
+			MD5Update(&md5_session_nonce_ctx, state->session_nonce, 16);
 			MD5Final(session_nonce_hash, &md5_session_nonce_ctx);
 			
 			ntlmssp_state->chal = data_blob_talloc(ntlmssp_state,
@@ -411,8 +413,8 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
 	if (ntlmssp_state->doing_ntlm2) {
 		if (user_session_key && user_session_key->data && user_session_key->length == 16) {
 			session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
-			hmac_md5(user_session_key->data, ntlmssp_state->crypt.ntlm2.session_nonce,
-				 sizeof(ntlmssp_state->crypt.ntlm2.session_nonce), session_key.data);
+			hmac_md5(user_session_key->data, state->session_nonce,
+				 sizeof(state->session_nonce), session_key.data);
 			DEBUG(10,("ntlmssp_server_auth: Created NTLM2 session key.\n"));
 			dump_data_pw("NTLM2 session key:\n", session_key.data, session_key.length);