diff options
Diffstat (limited to 'source4/libcli/smb_composite')
-rw-r--r-- | source4/libcli/smb_composite/sesssetup.c | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/source4/libcli/smb_composite/sesssetup.c b/source4/libcli/smb_composite/sesssetup.c index e1159a4cd2..ebc35983d2 100644 --- a/source4/libcli/smb_composite/sesssetup.c +++ b/source4/libcli/smb_composite/sesssetup.c @@ -280,8 +280,17 @@ static NTSTATUS session_setup_nt1(struct composite_context *c, struct smbcli_request **req) { NTSTATUS nt_status = NT_STATUS_INTERNAL_ERROR; - struct sesssetup_state *state = talloc_get_type(c->private_data, struct sesssetup_state); - DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, session->transport->socket->hostname, cli_credentials_get_domain(io->in.credentials)); + struct sesssetup_state *state = talloc_get_type(c->private_data, + struct sesssetup_state); + const char *domain = cli_credentials_get_domain(io->in.credentials); + + /* + * domain controllers tend to reject the NTLM v2 blob + * if the netbiosname is not valid (e.g. IP address or FQDN) + * so just leave it away (as Windows client do) + */ + DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, NULL, domain); + DATA_BLOB session_key = data_blob(NULL, 0); int flags = CLI_CRED_NTLM_AUTH; @@ -353,9 +362,18 @@ static NTSTATUS session_setup_old(struct composite_context *c, struct smbcli_request **req) { NTSTATUS nt_status; - struct sesssetup_state *state = talloc_get_type(c->private_data, struct sesssetup_state); + struct sesssetup_state *state = talloc_get_type(c->private_data, + struct sesssetup_state); const char *password = cli_credentials_get_password(io->in.credentials); - DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, session->transport->socket->hostname, cli_credentials_get_domain(io->in.credentials)); + const char *domain = cli_credentials_get_domain(io->in.credentials); + + /* + * domain controllers tend to reject the NTLM v2 blob + * if the netbiosname is not valid (e.g. IP address or FQDN) + * so just leave it away (as Windows client do) + */ + DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, NULL, domain); + DATA_BLOB session_key; int flags = 0; if (session->options.lanman_auth) { |