From 8f25fd3d7240a309182b32ac705634b4ff5cff2b Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 16 Apr 2003 15:54:00 +0000
Subject: Fixes to make SCHANNEL work against a W2K DC. Still need to fix
 multi-PDU encode/decode with SCHANNEL. Also need to test against WNT DC.
 Jeremy. (This used to be commit ec82e8e9f4a6bf807a91ac265af39a516c7ab631)

---
 source3/rpc_parse/parse_prs.c | 14 ++++++--------
 source3/rpc_parse/parse_rpc.c | 14 +++++++-------
 2 files changed, 13 insertions(+), 15 deletions(-)

(limited to 'source3/rpc_parse')

diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c
index a22ae1bacd..696142905b 100644
--- a/source3/rpc_parse/parse_prs.c
+++ b/source3/rpc_parse/parse_prs.c
@@ -1392,14 +1392,13 @@ void netsec_encode(struct netsec_auth_struct *a,
 	uchar sess_kf0[16];
 	int i;
 
-	/* store the sequence number */
-	SIVAL(dataN, 0, a->seq_num);
+	SIVAL(dataN, 0, 0);
 
-	for (i = 0; i < sizeof(sess_kf0); i++)
-	{
+	for (i = 0; i < sizeof(sess_kf0); i++) {
 		sess_kf0[i] = a->sess_key[i] ^ 0xf0;
 	}
 
+	DEBUG(10,("SCHANNEL: netsec_encode seq_num=%d data_len=%d\n", a->seq_num, data_len));
 	dump_data_pw("a->sess_key:\n", a->sess_key, sizeof(a->sess_key));
 	dump_data_pw("a->seq_num :\n", dataN, sizeof(dataN));
 
@@ -1459,14 +1458,13 @@ BOOL netsec_decode(struct netsec_auth_struct *a,
 	uchar sess_kf0[16];
 	int i;
 
-	/* store the sequence number */
-	SIVAL(dataN, 0, a->seq_num);
+	SIVAL(dataN, 0, 0);
 
-	for (i = 0; i < sizeof(sess_kf0); i++)
-	{
+	for (i = 0; i < sizeof(sess_kf0); i++) {
 		sess_kf0[i] = a->sess_key[i] ^ 0xf0;
 	}
 
+	DEBUG(10,("SCHANNEL: netsec_decode seq_num=%d data_len=%d\n", a->seq_num, data_len));
 	dump_data_pw("a->sess_key:\n", a->sess_key, sizeof(a->sess_key));
 	dump_data_pw("a->seq_num :\n", dataN, sizeof(dataN));
 	hmac_md5(a->sess_key, dataN, 0x4, digest1);
diff --git a/source3/rpc_parse/parse_rpc.c b/source3/rpc_parse/parse_rpc.c
index 30909c6910..dd75ea1f55 100644
--- a/source3/rpc_parse/parse_rpc.c
+++ b/source3/rpc_parse/parse_rpc.c
@@ -1144,8 +1144,8 @@ creates an RPC_AUTH_NETSEC_NEG structure.
 void init_rpc_auth_netsec_neg(RPC_AUTH_NETSEC_NEG *neg,
 			      const char *domain, const char *myname)
 {
-	neg->unknown1 = 0;
-	neg->unknown2 = 0x13;
+	neg->type1 = 0;
+	neg->type2 = 0x3;
 	fstrcpy(neg->domain, domain);
 	fstrcpy(neg->myname, myname);
 }
@@ -1166,16 +1166,16 @@ BOOL smb_io_rpc_auth_netsec_neg(const char *desc, RPC_AUTH_NETSEC_NEG *neg,
 	if(!prs_align(ps))
 		return False;
 
-	if(!prs_uint32("unknown1", ps, depth, &neg->unknown1))
+	if(!prs_uint32("type1", ps, depth, &neg->type1))
 		return False;
-	if(!prs_uint32("unknown2", ps, depth, &neg->unknown2))
-		return False;
-	if(!prs_string("myname  ", ps, depth, neg->myname, 
-		       strlen(neg->myname), sizeof(neg->myname)))
+	if(!prs_uint32("type2", ps, depth, &neg->type2))
 		return False;
 	if(!prs_string("domain  ", ps, depth, neg->domain,
 		       strlen(neg->domain), sizeof(neg->domain)))
 		return False;
+	if(!prs_string("myname  ", ps, depth, neg->myname, 
+		       strlen(neg->myname), sizeof(neg->myname)))
+		return False;
 
 	return True;
 }
-- 
cgit