4 files changed, 19 insertions, 15 deletions

diff --git a/source4/libcli/auth/credentials.h b/source4/libcli/auth/credentials.h
index a6e119e1ad..30114fe7fa 100644
--- a/source4/libcli/auth/credentials.h
+++ b/source4/libcli/auth/credentials.h
@@ -36,12 +36,6 @@ struct creds_CredentialState {
    to NT4.  Actually, anything other than 1ff would seem to do... */
 #define NETLOGON_NEG_AUTH2_FLAGS     0x000701ff
 
-
-#define NETLOGON_NEG_ARCFOUR         0x00000004
-#define NETLOGON_NEG_128BIT          0x00004000
-
-#define NETLOGON_NEG_SCHANNEL        0x40000000
-
 /* these are the flags that ADS clients use */
 #define NETLOGON_NEG_AUTH2_ADS_FLAGS (0x200fbffb | NETLOGON_NEG_ARCFOUR | NETLOGON_NEG_128BIT | NETLOGON_NEG_SCHANNEL)
 
diff --git a/source4/libcli/auth/gensec.h b/source4/libcli/auth/gensec.h
index b2c685332b..23d9861cb7 100644
--- a/source4/libcli/auth/gensec.h
+++ b/source4/libcli/auth/gensec.h
@@ -28,7 +28,6 @@ struct gensec_user {
 	const char *realm;
 	const char *name;
 	const char *password;
-	char schan_session_key[16];
 };
 struct gensec_target {
 	const char *principal;
diff --git a/source4/libcli/util/smbdes.c b/source4/libcli/util/smbdes.c
index a7c8f760ea..4e4222b9e6 100644
--- a/source4/libcli/util/smbdes.c
+++ b/source4/libcli/util/smbdes.c
@@ -439,7 +439,7 @@ void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len)
 /* Decode a sam password hash into a password.  The password hash is the
    same method used to store passwords in the NT registry.  The DES key
    used is based on the RID of the user. */
-void sam_pwd_hash(uint_t rid, const uint8_t *in, uint8_t *out, int forw)
+void sam_rid_crypt(uint_t rid, const uint8_t *in, uint8_t *out, int forw)
 {
 	uint8_t s[14];
 
diff --git a/source4/libcli/util/smbencrypt.c b/source4/libcli/util/smbencrypt.c
index d327b53f9d..dac8674f03 100644
--- a/source4/libcli/util/smbencrypt.c
+++ b/source4/libcli/util/smbencrypt.c
@@ -374,15 +374,13 @@ static DATA_BLOB LMv2_generate_response(const uint8_t ntlm_v2_hash[16],
 	return final_response;
 }
 
-BOOL SMBNTLMv2encrypt(const char *user, const char *domain, const char *password, 
-		      const DATA_BLOB *server_chal, 
-		      const DATA_BLOB *names_blob,
-		      DATA_BLOB *lm_response, DATA_BLOB *nt_response, 
-		      DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key) 
+BOOL SMBNTLMv2encrypt_hash(const char *user, const char *domain, const char nt_hash[16],
+			   const DATA_BLOB *server_chal, 
+			   const DATA_BLOB *names_blob,
+			   DATA_BLOB *lm_response, DATA_BLOB *nt_response, 
+			   DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key) 
 {
-	uint8_t nt_hash[16];
 	uint8_t ntlm_v2_hash[16];
-	E_md4hash(password, nt_hash);
 
 	/* We don't use the NT# directly.  Instead we use it mashed up with
 	   the username and domain.
@@ -420,6 +418,19 @@ BOOL SMBNTLMv2encrypt(const char *user, const char *domain, const char *password
 	return True;
 }
 
+BOOL SMBNTLMv2encrypt(const char *user, const char *domain, const char *password, 
+		      const DATA_BLOB *server_chal, 
+		      const DATA_BLOB *names_blob,
+		      DATA_BLOB *lm_response, DATA_BLOB *nt_response, 
+		      DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key) 
+{
+	uint8_t nt_hash[16];
+	E_md4hash(password, nt_hash);
+
+	return SMBNTLMv2encrypt_hash(user, domain, nt_hash, server_chal, names_blob,
+				     lm_response, nt_response, lm_session_key, user_session_key);
+}
+
 /***********************************************************
  encode a password buffer with a unicode password.  The buffer
  is filled with random data to make it harder to attack.