"Session Key" in NTLMSSP auth frame.

Richard Sharpe rsharpe at ns.aus.com
Mon Sep 2 23:39:00 GMT 2002

On Mon, 2 Sep 2002, Steven French wrote:

> I am getting a "STATUS_INVALID_PARM" error returned on my NTLMSSP auth
> frame (from the CIFS VFS to XP).   Looking at working traces, other than a
> few negotiate flags (mostly requesting signing) I don't see much difference
> between the traces except for two things - I send a LANMAN encrypted pass
> field that is all zero (I don't send the flag indicating the presence of a
> LANMAN password) and a "session key" that is all zero (whatever that means
> in this context).   I noticed that Samba doesn't seem to set the LANMAN
> encrypted pass either (which is good) but I am suspicious that the problem
> is that I am setting a session key of all zero - where do I get this from.
> The libsmb Samba client code seems to get it somehow out of the challenge
> which does not seem to make sense based on the traces of Windows clients
> doing NTLMSSP that I have looked at.   Any idea how to construct the
> NTLMSSP auth request frame's "session key" field?

OK, I think that the code in cliconnect that tries to do ntlmssp is wrong 
when it comes to the AUTH response. There is no session key sent. That is, 
the session key is empty in the auth, and there should not be one in the 

If you look in sesssetup.c you will notice that the session key is 
discarded after the token blob is parsed as well.

So, get rid of the key in the negotiate, and send a NULL key in the AUTH, 
and you should be right!

Richard Sharpe, rsharpe at ns.aus.com, rsharpe at samba.org, 
sharpe at ethereal.com

More information about the samba-technical mailing list