diff options
| -rw-r--r-- | source3/libsmb/cliconnect.c | 9 | ||||
| -rw-r--r-- | source3/libsmb/clispnego.c | 47 |
2 files changed, 52 insertions, 4 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index cb3b4373dc..428167ebfa 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -486,16 +486,19 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, char *user, memset(sess_key, 0, 16); + DEBUG(10, ("sending NTLMSSP_NEGOTIATE\n")); + /* generate the ntlmssp negotiate packet */ msrpc_gen(&blob, "CddAA", "NTLMSSP", NTLMSSP_NEGOTIATE, neg_flags, workgroup, strlen(workgroup), - cli->calling.name, strlen(cli->calling.name)); - + cli->calling.name, strlen(cli->calling.name) + 1); + DEBUG(10, ("neg_flags: %0X, workgroup: %s, calling name %s\n", + neg_flags, workgroup, cli->calling.name)); /* and wrap it in a SPNEGO wrapper */ - msg1 = gen_negTokenTarg(mechs, blob); + msg1 = gen_negTokenInit(OID_NTLMSSP, blob); data_blob_free(&blob); /* now send that blob on its way */ diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c index 8376398e3f..8aab0fdda9 100644 --- a/source3/libsmb/clispnego.c +++ b/source3/libsmb/clispnego.c @@ -73,6 +73,50 @@ DATA_BLOB spnego_gen_negTokenInit(uint8 guid[16], return ret; } +/* + Generate a negTokenInit as used by the client side ... It has a mechType + (OID), and a mechToken (a security blob) ... + + Really, we need to break out the NTLMSSP stuff as well, because it could be + raw in the packets! +*/ +DATA_BLOB gen_negTokenInit(const char *OID, DATA_BLOB blob) +{ + ASN1_DATA data; + DATA_BLOB ret; + + memset(&data, 0, sizeof(data)); + + asn1_push_tag(&data, ASN1_APPLICATION(0)); + asn1_write_OID(&data,OID_SPNEGO); + asn1_push_tag(&data, ASN1_CONTEXT(0)); + asn1_push_tag(&data, ASN1_SEQUENCE(0)); + + asn1_push_tag(&data, ASN1_CONTEXT(0)); + asn1_push_tag(&data, ASN1_SEQUENCE(0)); + asn1_write_OID(&data, OID); + asn1_pop_tag(&data); + asn1_pop_tag(&data); + + asn1_push_tag(&data, ASN1_CONTEXT(2)); + asn1_write_OctetString(&data,blob.data,blob.length); + asn1_pop_tag(&data); + + asn1_pop_tag(&data); + asn1_pop_tag(&data); + + asn1_pop_tag(&data); + + if (data.has_error) { + DEBUG(1,("Failed to build negTokenInit at offset %d\n", (int)data.ofs)); + asn1_free(&data); + } + + ret = data_blob(data.data, data.length); + asn1_free(&data); + + return ret; +} /* parse a negTokenInit packet giving a GUID, a list of supported @@ -553,7 +597,8 @@ BOOL msrpc_gen(DATA_BLOB *blob, } data_ofs += n*2; break; - + + case 'A': case 'B': b = va_arg(ap, uint8 *); n = va_arg(ap, int); |