svn commit: samba r16961 - in branches/SAMBA_4_0/source/auth/ntlmssp: .

abartlet at samba.org abartlet at samba.org
Wed Jul 12 00:02:53 GMT 2006 

Author: abartlet
Date: 2006-07-12 00:02:50 +0000 (Wed, 12 Jul 2006)
New Revision: 16961

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16961

Log:
Merge 'seperate policy from logic' changes from Samba3.  The 56-bit
flag is handled just like all the others.

Also negotiate the unknown 0x02000000 flag, to match windows.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c
   branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.h
   branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_server.c


Changeset:
Modified: branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c
===================================================================
--- branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c	2006-07-11 21:23:44 UTC (rev 16960)
+++ branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c	2006-07-12 00:02:50 UTC (rev 16961)
@@ -260,9 +260,6 @@
 
 	if (!(neg_flags & NTLMSSP_NEGOTIATE_128)) {
 		gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_128;
-		if (neg_flags & NTLMSSP_NEGOTIATE_56) {
-			gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;
-		}
 	}
 
 	if (!(neg_flags & NTLMSSP_NEGOTIATE_56)) {
@@ -273,6 +270,12 @@
 		gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_KEY_EXCH;
 	}
 
+	/* Woop Woop - unknown flag for Windows compatibility...
+	   What does this really do ? JRA. */
+	if (!(neg_flags & NTLMSSP_UNKNOWN_02000000)) {
+		gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_UNKNOWN_02000000;
+	}
+
 	if ((neg_flags & NTLMSSP_REQUEST_TARGET)) {
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_REQUEST_TARGET;
 	}

Modified: branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.h
===================================================================
--- branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.h	2006-07-11 21:23:44 UTC (rev 16960)
+++ branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.h	2006-07-12 00:02:50 UTC (rev 16961)
@@ -62,6 +62,7 @@
 #define NTLMSSP_CHAL_NON_NT_SESSION_KEY    0x00040000
 #define NTLMSSP_NEGOTIATE_NTLM2            0x00080000
 #define NTLMSSP_CHAL_TARGET_INFO           0x00800000
+#define NTLMSSP_UNKNOWN_02000000           0x02000000
 #define NTLMSSP_NEGOTIATE_128              0x20000000 /* 128-bit encryption */
 #define NTLMSSP_NEGOTIATE_KEY_EXCH         0x40000000
 #define NTLMSSP_NEGOTIATE_56               0x80000000

Modified: branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_server.c
===================================================================
--- branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_server.c	2006-07-11 21:23:44 UTC (rev 16960)
+++ branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp_server.c	2006-07-12 00:02:50 UTC (rev 16961)
@@ -800,7 +800,7 @@
 	gensec_ntlmssp_state->server_multiple_authentications = False;
 	
 	gensec_ntlmssp_state->neg_flags = 
-		NTLMSSP_NEGOTIATE_NTLM;
+		NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_UNKNOWN_02000000;
 
 	gensec_ntlmssp_state->lm_resp = data_blob(NULL, 0);
 	gensec_ntlmssp_state->nt_resp = data_blob(NULL, 0);
@@ -810,6 +810,10 @@
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128;		
 	}
 
+	if (lp_parm_bool(-1, "ntlmssp_server", "56bit", True)) {
+		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;		
+	}
+
 	if (lp_parm_bool(-1, "ntlmssp_server", "keyexchange", True)) {
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;		
 	}

More information about the samba-cvs mailing list