diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2002-05-26 14:59:57 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2002-05-26 14:59:57 +0000 |
| commit | 069e6fb9eb4a0bf6720cbbf493d0cb36baac9580 (patch) | |
| tree | 27461d24724e16992e070157d7ff1e22d2b0e50f /source3/libsmb/clispnego.c | |
| parent | 34728ec659751f2e14cfb8502300f3fdb96d405a (diff) | |
| download | samba-069e6fb9eb4a0bf6720cbbf493d0cb36baac9580.tar.gz samba-069e6fb9eb4a0bf6720cbbf493d0cb36baac9580.tar.xz samba-069e6fb9eb4a0bf6720cbbf493d0cb36baac9580.zip | |
Add support for NTLMv2 (tested!) with NTLMSSP.
The problem was the NTLMv2 uses extra data in order to make reply/lookup
more difficult. That extra data includes the hostname, and the domain.
This matches Win2k (sort of) by sending this information.
Win2k connects with LMCompatibilityLevel=5 without a problem.
We can change the negotiation bits if we want, this should allow us to make
NTLMv2 the default for other clients as well.
Some of the extra #defines were found in the squid source.
Andrew Bartlett
(This used to be commit 17a5f67b3d1935baf6197ae967624eb847b66ac8)
Diffstat (limited to 'source3/libsmb/clispnego.c')
| -rw-r--r-- | source3/libsmb/clispnego.c | 43 |
1 files changed, 42 insertions, 1 deletions
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c index a4fcfa5d9a..469b946088 100644 --- a/source3/libsmb/clispnego.c +++ b/source3/libsmb/clispnego.c @@ -549,7 +549,7 @@ BOOL msrpc_gen(DATA_BLOB *blob, format specifiers are: - U = unicode string (input is unix string) + U = unicode string (output is unix string) B = data blob b = data blob in header d = word (4 bytes) @@ -620,3 +620,44 @@ BOOL msrpc_parse(DATA_BLOB *blob, return True; } + +/** + * Print out the NTLMSSP flags for debugging + */ + +void debug_ntlmssp_flags(uint32 neg_flags) +{ + if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) + DEBUG(4, (" NTLMSSP_NEGOTIATE_UNICODE\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_OEM) + DEBUG(4, (" NTLMSSP_NEGOTIATE_OEM\n")); + if (neg_flags & NTLMSSP_REQUEST_TARGET) + DEBUG(4, (" NTLMSSP_REQUEST_TARGET\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_SIGN) + DEBUG(4, (" NTLMSSP_NEGOTIATE_SIGN\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_SIGN) + DEBUG(4, (" NTLMSSP_NEGOTIATE_SEAL\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) + DEBUG(4, (" NTLMSSP_NEGOTIATE_LM_KEY\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_NETWARE) + DEBUG(4, (" NTLMSSP_NEGOTIATE_NETWARE\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_NTLM) + DEBUG(4, (" NTLMSSP_NEGOTIATE_NTLM\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED) + DEBUG(4, (" NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED) + DEBUG(4, (" NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL) + DEBUG(4, (" NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN) + DEBUG(4, (" NTLMSSP_NEGOTIATE_ALWAYS_SIGN\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_NTLM2) + DEBUG(4, (" NTLMSSP_NEGOTIATE_NTLM2\n")); + if (neg_flags & NTLMSSP_CHAL_TARGET_INFO) + DEBUG(4, (" NTLMSSP_CHAL_TARGET_INFO\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_128) + DEBUG(4, (" NTLMSSP_NEGOTIATE_128\n")); + if (neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) + DEBUG(4, (" NTLMSSP_NEGOTIATE_KEY_EXCH\n")); +} + |