summaryrefslogtreecommitdiff
path: root/source4/libcli
diff options
context:
space:
mode:
Diffstat (limited to 'source4/libcli')
-rw-r--r--source4/libcli/smb_composite/sesssetup.c26
1 files changed, 22 insertions, 4 deletions
diff --git a/source4/libcli/smb_composite/sesssetup.c b/source4/libcli/smb_composite/sesssetup.c
index e1159a4cd2..ebc35983d2 100644
--- a/source4/libcli/smb_composite/sesssetup.c
+++ b/source4/libcli/smb_composite/sesssetup.c
@@ -280,8 +280,17 @@ static NTSTATUS session_setup_nt1(struct composite_context *c,
struct smbcli_request **req)
{
NTSTATUS nt_status = NT_STATUS_INTERNAL_ERROR;
- struct sesssetup_state *state = talloc_get_type(c->private_data, struct sesssetup_state);
- DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, session->transport->socket->hostname, cli_credentials_get_domain(io->in.credentials));
+ struct sesssetup_state *state = talloc_get_type(c->private_data,
+ struct sesssetup_state);
+ const char *domain = cli_credentials_get_domain(io->in.credentials);
+
+ /*
+ * domain controllers tend to reject the NTLM v2 blob
+ * if the netbiosname is not valid (e.g. IP address or FQDN)
+ * so just leave it away (as Windows client do)
+ */
+ DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, NULL, domain);
+
DATA_BLOB session_key = data_blob(NULL, 0);
int flags = CLI_CRED_NTLM_AUTH;
@@ -353,9 +362,18 @@ static NTSTATUS session_setup_old(struct composite_context *c,
struct smbcli_request **req)
{
NTSTATUS nt_status;
- struct sesssetup_state *state = talloc_get_type(c->private_data, struct sesssetup_state);
+ struct sesssetup_state *state = talloc_get_type(c->private_data,
+ struct sesssetup_state);
const char *password = cli_credentials_get_password(io->in.credentials);
- DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, session->transport->socket->hostname, cli_credentials_get_domain(io->in.credentials));
+ const char *domain = cli_credentials_get_domain(io->in.credentials);
+
+ /*
+ * domain controllers tend to reject the NTLM v2 blob
+ * if the netbiosname is not valid (e.g. IP address or FQDN)
+ * so just leave it away (as Windows client do)
+ */
+ DATA_BLOB names_blob = NTLMv2_generate_names_blob(state, NULL, domain);
+
DATA_BLOB session_key;
int flags = 0;
if (session->options.lanman_auth) {