From 60c66118b3a076aee59e581a263c045a205e5ed5 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 27 Dec 2011 19:16:14 +1100
Subject: ntlmssp: merge initial packet implementations

Signed-off-by: Stefan Metzmacher <metze@samba.org>
---
 source3/libsmb/ntlmssp.c              | 29 +++++++++++++++++++++--------
 source4/auth/ntlmssp/ntlmssp_client.c | 31 +++++++++++++++++++++++++------
 2 files changed, 46 insertions(+), 14 deletions(-)

diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 01cc1cc02e..866ce9218b 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -33,7 +33,7 @@
 #include "../nsswitch/libwbclient/wbclient.h"
 
 static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
-				       TALLOC_CTX *out_mem_ctx, /* Unused at this time */
+				       TALLOC_CTX *out_mem_ctx,
 				       DATA_BLOB reply, DATA_BLOB *next_request);
 static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
 				         TALLOC_CTX *out_mem_ctx, /* Unused at this time */
@@ -374,11 +374,22 @@ NTSTATUS ntlmssp_server_start(TALLOC_CTX *mem_ctx,
  */
 
 static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
-				  TALLOC_CTX *out_mem_ctx, /* Unused at this time */
-				  DATA_BLOB reply, DATA_BLOB *next_request)
+				       TALLOC_CTX *out_mem_ctx,
+				       DATA_BLOB in, DATA_BLOB *out)
 {
+	const char *domain = ntlmssp_state->client.netbios_domain;
+	const char *workstation = ntlmssp_state->client.netbios_name;
 	NTSTATUS status;
 
+	/* These don't really matter in the initial packet, so don't panic if they are not set */
+	if (!domain) {
+		domain = "";
+	}
+
+	if (!workstation) {
+		workstation = "";
+	}
+
 	if (ntlmssp_state->unicode) {
 		ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
 	} else {
@@ -390,15 +401,17 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
 	}
 
 	/* generate the ntlmssp negotiate packet */
-	status = msrpc_gen(ntlmssp_state, next_request, "CddAA",
+	status = msrpc_gen(out_mem_ctx,
+		  out, "CddAA",
 		  "NTLMSSP",
 		  NTLMSSP_NEGOTIATE,
 		  ntlmssp_state->neg_flags,
-		  ntlmssp_state->client.netbios_domain,
-		  ntlmssp_state->client.netbios_name);
+		  domain,
+		  workstation);
+
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0, ("ntlmssp_client_initial: failed to generate "
-			"ntlmssp negotiate packet\n"));
+			  "ntlmssp negotiate packet\n"));
 		return status;
 	}
 
@@ -407,7 +420,7 @@ static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
 			talloc_tos(), struct NEGOTIATE_MESSAGE);
 		if (negotiate != NULL) {
 			status = ntlmssp_pull_NEGOTIATE_MESSAGE(
-				next_request, negotiate, negotiate);
+				out, negotiate, negotiate);
 			if (NT_STATUS_IS_OK(status)) {
 				NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE,
 						negotiate);
diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c
index d5ece11e6a..6e372dc8f8 100644
--- a/source4/auth/ntlmssp/ntlmssp_client.c
+++ b/source4/auth/ntlmssp/ntlmssp_client.c
@@ -32,6 +32,8 @@ struct auth_session_info;
 #include "auth/gensec/gensec.h"
 #include "param/param.h"
 #include "auth/ntlmssp/ntlmssp_private.h"
+#include "../librpc/gen_ndr/ndr_ntlmssp.h"
+#include "../auth/ntlmssp/ntlmssp_ndr.h"
 
 /*********************************************************************
  Client side NTLMSSP
@@ -55,8 +57,8 @@ NTSTATUS ntlmssp_client_initial(struct gensec_security *gensec_security,
 		talloc_get_type_abort(gensec_security->private_data,
 				      struct gensec_ntlmssp_context);
 	struct ntlmssp_state *ntlmssp_state = gensec_ntlmssp->ntlmssp_state;
-	const char *domain = ntlmssp_state->domain;
-	const char *workstation = cli_credentials_get_workstation(gensec_security->credentials);
+	const char *domain = ntlmssp_state->client.netbios_domain;
+	const char *workstation = ntlmssp_state->client.netbios_name;
 	NTSTATUS status;
 
 	/* These don't really matter in the initial packet, so don't panic if they are not set */
@@ -73,24 +75,40 @@ NTSTATUS ntlmssp_client_initial(struct gensec_security *gensec_security,
 	} else {
 		ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_OEM;
 	}
-	
+
 	if (ntlmssp_state->use_ntlmv2) {
 		ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
 	}
 
 	/* generate the ntlmssp negotiate packet */
-	status = msrpc_gen(out_mem_ctx, 
+	status = msrpc_gen(out_mem_ctx,
 		  out, "CddAA",
 		  "NTLMSSP",
 		  NTLMSSP_NEGOTIATE,
 		  ntlmssp_state->neg_flags,
-		  domain, 
+		  domain,
 		  workstation);
 
 	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0, ("ntlmssp_client_initial: failed to generate "
+			  "ntlmssp negotiate packet\n"));
 		return status;
 	}
 
+	if (DEBUGLEVEL >= 10) {
+		struct NEGOTIATE_MESSAGE *negotiate = talloc(
+			talloc_tos(), struct NEGOTIATE_MESSAGE);
+		if (negotiate != NULL) {
+			status = ntlmssp_pull_NEGOTIATE_MESSAGE(
+				out, negotiate, negotiate);
+			if (NT_STATUS_IS_OK(status)) {
+				NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE,
+						negotiate);
+			}
+			TALLOC_FREE(negotiate);
+		}
+	}
+
 	ntlmssp_state->expected_state = NTLMSSP_CHALLENGE;
 
 	return NT_STATUS_MORE_PROCESSING_REQUIRED;
@@ -349,7 +367,8 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
 
 	ntlmssp_state->role = NTLMSSP_CLIENT;
 
-	ntlmssp_state->domain = lpcfg_workgroup(gensec_security->settings->lp_ctx);
+	ntlmssp_state->client.netbios_domain = lpcfg_workgroup(gensec_security->settings->lp_ctx);
+	ntlmssp_state->client.netbios_name = cli_credentials_get_workstation(gensec_security->credentials);
 
 	ntlmssp_state->unicode = gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "unicode", true);
 
-- 
cgit