From 8087d844ef59a82617be51f7c887b9bafe362f80 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 3 Jun 2004 23:15:16 +0000 Subject: r995: - renamed many of our crypto routines to use the industry standard names rather than our crazy naming scheme. So DES is now called des_crypt() rather than smbhash() - added the code from the solution of the ADS crypto challenge that allows Samba to correctly handle a 128 bit session key in all of the netr_ServerAuthenticateX() varients. A huge thanks to Luke Howard from PADL for solving this one! - restructured the server side rpc authentication to allow for other than NTLMSSP sign and seal. This commit just adds the structure, the next commit will add schannel server side support. - added 128 bit session key support to our client side code, and testing against w2k3 with smbtorture. Works well. (This used to be commit 729b2f41c924a0b435d44a14209e6dacc2304cee) --- source4/libcli/auth/credentials.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'source4/libcli/auth/credentials.h') diff --git a/source4/libcli/auth/credentials.h b/source4/libcli/auth/credentials.h index 20eed73cc0..de0e086278 100644 --- a/source4/libcli/auth/credentials.h +++ b/source4/libcli/auth/credentials.h @@ -21,7 +21,8 @@ */ struct creds_CredentialState { - uint8_t session_key[8]; + uint32_t negotiate_flags; + uint8_t session_key[16]; uint32_t sequence; struct netr_Credential seed; struct netr_Credential client; @@ -29,6 +30,9 @@ struct creds_CredentialState { }; +#define NETLOGON_NEG_128BIT 0x4000 + + /* for the timebeing, use the same neg flags as Samba3. */ /* The 7 here seems to be required to get Win2k not to downgrade us to NT4. Actually, anything other than 1ff would seem to do... */ -- cgit