[PATCH] S4: Fix our NTLMSSP implementation against the Microsoft torture tester.
Jeremy Allison
jra at samba.org
Tue May 18 17:53:18 MDT 2010
We need to return a version blob if we negotiate version info.
Jeremy.
---
source4/auth/ntlmssp/ntlmssp_server.c | 53 ++++++++++++++++++++++++---------
1 files changed, 39 insertions(+), 14 deletions(-)
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 8a8c579..dcc8454 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -199,23 +199,48 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
{
/* Marshal the packet in the right format, be it unicode or ASCII */
const char *gen_string;
- if (ntlmssp_state->unicode) {
- gen_string = "CdUdbddB";
+ /* "What Windows returns" as a version number. */
+ const char vers[] = { 0x6, 0x1, 0xb0, 0x1d, 0, 0, 0, 0xf};
+
+ if (chal_flags & NTLMSSP_NEGOTIATE_VERSION) {
+ DATA_BLOB version_blob = data_blob_talloc(out_mem_ctx, vers, 8);
+
+ if (ntlmssp_state->unicode) {
+ gen_string = "CdUdbddBb";
+ } else {
+ gen_string = "CdAdbddBb";
+ }
+
+ msrpc_gen(out_mem_ctx,
+ out, gen_string,
+ "NTLMSSP",
+ NTLMSSP_CHALLENGE,
+ target_name,
+ chal_flags,
+ cryptkey, 8,
+ 0, 0,
+ struct_blob.data, struct_blob.length,
+ version_blob.data, version_blob.length);
+ data_blob_free(&version_blob);
} else {
- gen_string = "CdAdbddB";
+ if (ntlmssp_state->unicode) {
+ gen_string = "CdUdbddB";
+ } else {
+ gen_string = "CdAdbddB";
+ }
+
+ msrpc_gen(out_mem_ctx,
+ out, gen_string,
+ "NTLMSSP",
+ NTLMSSP_CHALLENGE,
+ target_name,
+ chal_flags,
+ cryptkey, 8,
+ 0, 0,
+ struct_blob.data, struct_blob.length);
}
-
- msrpc_gen(out_mem_ctx,
- out, gen_string,
- "NTLMSSP",
- NTLMSSP_CHALLENGE,
- target_name,
- chal_flags,
- cryptkey, 8,
- 0, 0,
- struct_blob.data, struct_blob.length);
}
-
+
ntlmssp_state->expected_state = NTLMSSP_AUTH;
return NT_STATUS_MORE_PROCESSING_REQUIRED;
--
1.7.0.4
--uAKRQypu60I7Lcqm--
More information about the samba-technical
mailing list