} else {
nt_status = make_server_info_info3(mem_ctx, user_info->internal_username.str,
user_info->smb_name.str, domain, server_info, &info3);
-#if 0
- /* The stuff doesn't work right yet */
- SMB_ASSERT(sizeof((*server_info)->session_key) == sizeof(info3.user_sess_key));
- memcpy((*server_info)->session_key, info3.user_sess_key, sizeof((*server_info)->session_key)/* 16 */);
- SamOEMhash((*server_info)->session_key, trust_passwd, sizeof((*server_info)->session_key));
-#endif
-
uni_group_cache_store_netlogon(mem_ctx, &info3);
}
SAFE_FREE(all_group_SIDs);
+ memcpy((*server_info)->session_key, info3.user_sess_key, sizeof((*server_info)->session_key)/* 16 */);
+ memcpy((*server_info)->first_8_lm_hash, info3.padding, 8);
+
return NT_STATUS_OK;
}
uint32 buffer_groups; /* undocumented buffer pointer to groups. */
uint32 user_flgs; /* user flags */
- uint8 user_sess_key[16]; /* unused user session key */
+ uint8 user_sess_key[16]; /* user session key */
UNIHDR hdr_logon_srv; /* logon server unicode string header */
UNIHDR hdr_logon_dom; /* logon domain unicode string header */
*dest = 0;
return(dest);
}
- while (n-- && (*d++ = *src++))
- ;
+
+ while (n-- && (*d = *src)) {
+ d++;
+ src++;
+ }
+
*d = 0;
return(dest);
}
return num_chars;
}
+/**
+ * Routine to print a buffer as HEX digits, into an allocated string.
+ */
+
+void hex_encode(const unsigned char *buff_in, size_t len, char **out_hex_buffer)
+{
+ int i;
+ char *hex_buffer;
+
+ *out_hex_buffer = smb_xmalloc((len*2)+1);
+ hex_buffer = *out_hex_buffer;
+
+ for (i = 0; i < len; i++)
+ slprintf(&hex_buffer[i*2], 3, "%02X", buff_in[i]);
+}
+
/**
Check if a string is part of a list.
**/
{
DATA_BLOB struct_blob;
fstring dnsname, dnsdomname;
- uint32 ntlmssp_command, neg_flags, chal_flags;
+ uint32 neg_flags = 0;
+ uint32 ntlmssp_command, chal_flags;
char *cliname=NULL, *domname=NULL;
const uint8 *cryptkey;
const char *target_name;
file_save("ntlmssp_negotiate.dat", request.data, request.length);
#endif
- if (!msrpc_parse(&request, "CddAA",
- "NTLMSSP",
- &ntlmssp_command,
- &neg_flags,
- &cliname,
- &domname)) {
- return NT_STATUS_INVALID_PARAMETER;
+ if (request.length) {
+ if (!msrpc_parse(&request, "CddAA",
+ "NTLMSSP",
+ &ntlmssp_command,
+ &neg_flags,
+ &cliname,
+ &domname)) {
+ DEBUG(1, ("ntlmssp_server_negotiate: failed to parse NTLMSSP:\n"));
+ dump_data(2, request.data, request.length);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ SAFE_FREE(cliname);
+ SAFE_FREE(domname);
+
+ debug_ntlmssp_flags(neg_flags);
}
-
- SAFE_FREE(cliname);
- SAFE_FREE(domname);
-
- debug_ntlmssp_flags(neg_flags);
-
+
cryptkey = ntlmssp_state->get_challenge(ntlmssp_state);
data_blob_free(&ntlmssp_state->chal);
&ntlmssp_state->workstation,
&sess_key,
&neg_flags)) {
+ DEBUG(1, ("ntlmssp_server_auth: failed to parse NTLMSSP:\n"));
+ dump_data(2, request.data, request.length);
return NT_STATUS_INVALID_PARAMETER;
}
uint32 ntlmssp_command;
*reply = data_blob(NULL, 0);
- if (!msrpc_parse(&request, "Cd",
- "NTLMSSP",
- &ntlmssp_command)) {
- return NT_STATUS_INVALID_PARAMETER;
+ if (request.length) {
+ if (!msrpc_parse(&request, "Cd",
+ "NTLMSSP",
+ &ntlmssp_command)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ } else {
+ /* 'datagram' mode - no neg packet */
+ ntlmssp_command = NTLMSSP_NEGOTIATE;
}
if (ntlmssp_command != ntlmssp_state->expected_state) {
+ DEBUG(1, ("got NTLMSSP command %u, expected %u\n", ntlmssp_command, ntlmssp_state->expected_state));
return NT_STATUS_INVALID_PARAMETER;
}
} else if (ntlmssp_command == NTLMSSP_AUTH) {
return ntlmssp_server_auth(ntlmssp_state, request, reply);
} else {
+ DEBUG(1, ("unknown NTLMSSP command %u\n", ntlmssp_command, ntlmssp_state->expected_state));
return NT_STATUS_INVALID_PARAMETER;
}
}
/* Connect to winbindd socket */
-int winbind_open_pipe_sock(void)
+static int winbind_named_pipe_sock(const char *dir)
{
-#ifdef HAVE_UNIXSOCKET
struct sockaddr_un sunaddr;
- static pid_t our_pid;
struct stat st;
pstring path;
int fd;
- if (our_pid != getpid()) {
- close_sock();
- our_pid = getpid();
- }
-
- if (winbindd_fd != -1) {
- return winbindd_fd;
- }
-
/* Check permissions on unix socket directory */
- if (lstat(WINBINDD_SOCKET_DIR, &st) == -1) {
+ if (lstat(dir, &st) == -1) {
return -1;
}
/* Connect to socket */
- strncpy(path, WINBINDD_SOCKET_DIR, sizeof(path) - 1);
+ strncpy(path, dir, sizeof(path) - 1);
path[sizeof(path) - 1] = '\0';
- strncat(path, "/", sizeof(path) - 1);
+ strncat(path, "/", sizeof(path) - 1 - strlen(path));
path[sizeof(path) - 1] = '\0';
- strncat(path, WINBINDD_SOCKET_NAME, sizeof(path) - 1);
+ strncat(path, WINBINDD_SOCKET_NAME, sizeof(path) - 1 - strlen(path));
path[sizeof(path) - 1] = '\0';
ZERO_STRUCT(sunaddr);
return -1;
}
- if ((winbindd_fd = make_safe_fd( fd)) == -1) {
- return winbindd_fd;
+ if ((fd = make_safe_fd( fd)) == -1) {
+ return fd;
}
- if (connect(winbindd_fd, (struct sockaddr *)&sunaddr,
+ if (connect(fd, (struct sockaddr *)&sunaddr,
sizeof(sunaddr)) == -1) {
- close_sock();
+ close(fd);
return -1;
}
+ return fd;
+}
+
+/* Connect to winbindd socket */
+
+int winbind_open_pipe_sock(void)
+{
+#ifdef HAVE_UNIXSOCKET
+ static pid_t our_pid;
+ struct winbindd_request request;
+ struct winbindd_response response;
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ if (our_pid != getpid()) {
+ close_sock();
+ our_pid = getpid();
+ }
+
+ if (winbindd_fd != -1) {
+ return winbindd_fd;
+ }
+
+ if ((winbindd_fd = winbind_named_pipe_sock(WINBINDD_SOCKET_DIR)) == -1) {
+ return -1;
+ }
+
+ /* version-check the socket */
+
+ if ((winbindd_request(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) {
+ close_sock();
+ return -1;
+ }
+
+ /* try and get priv pipe */
+
+ if (winbindd_request(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) {
+ int fd;
+ if ((fd = winbind_named_pipe_sock(response.extra_data)) != -1) {
+ close(winbindd_fd);
+ winbindd_fd = fd;
+ }
+ }
+
return winbindd_fd;
#else
return -1;
{ WINBINDD_INTERFACE_VERSION, winbindd_interface_version, "INTERFACE_VERSION" },
{ WINBINDD_DOMAIN_NAME, winbindd_domain_name, "DOMAIN_NAME" },
{ WINBINDD_NETBIOS_NAME, winbindd_netbios_name, "NETBIOS_NAME" },
+ { WINBINDD_PRIV_PIPE_DIR, winbindd_priv_pipe_dir, "WINBINDD_PRIV_PIPE_DIR" },
/* WINS functions */
/* Process a new connection by adding it to the client connection list */
-static void new_connection(int listen_sock)
+static void new_connection(int listen_sock, BOOL privilaged)
{
struct sockaddr_un sunaddr;
struct winbindd_cli_state *state;
state->last_access = time(NULL);
+ state->privilaged = privilaged;
+
/* Add to connection list */
winbindd_add_client(state);
while (1) {
struct winbindd_cli_state *state;
fd_set r_fds, w_fds;
- int maxfd, listen_sock, selret;
+ int maxfd, listen_sock, listen_priv_sock, selret;
struct timeval timeout;
/* Handle messages */
/* Initialise fd lists for select() */
listen_sock = open_winbindd_socket();
+ listen_priv_sock = open_winbindd_priv_socket();
- if (listen_sock == -1) {
+ if (listen_sock == -1 || listen_priv_sock == -1) {
perror("open_winbind_socket");
exit(1);
}
- maxfd = listen_sock;
+ maxfd = MAX(listen_sock, listen_priv_sock);
FD_ZERO(&r_fds);
FD_ZERO(&w_fds);
FD_SET(listen_sock, &r_fds);
+ FD_SET(listen_priv_sock, &r_fds);
timeout.tv_sec = WINBINDD_ESTABLISH_LOOP;
timeout.tv_usec = 0;
break;
}
}
- new_connection(listen_sock);
+ /* new, non-privilaged connection */
+ new_connection(listen_sock, False);
+ }
+
+ if (FD_ISSET(listen_priv_sock, &r_fds)) {
+ while (winbindd_num_clients() > WINBINDD_MAX_SIMULTANEOUS_CLIENTS - 1) {
+ DEBUG(5,("winbindd: Exceeding %d client connections, removing idle connection.\n",
+ WINBINDD_MAX_SIMULTANEOUS_CLIENTS));
+ if (!remove_idle_client()) {
+ DEBUG(0,("winbindd: Exceeding %d client connections, no idle connection found\n",
+ WINBINDD_MAX_SIMULTANEOUS_CLIENTS));
+ break;
+ }
+ }
+ /* new, privilaged connection */
+ new_connection(listen_priv_sock, True);
}
/* Process activity on client connections */
BOOL finished; /* Can delete from list */
BOOL write_extra_data; /* Write extra_data field */
time_t last_access; /* Time of last access (read or write) */
+ BOOL privilaged; /* Is the client 'privilaged' */
+
struct winbindd_request request; /* Request from client */
struct winbindd_response response; /* Respose to client */
struct getent_state *getpwent_state; /* State for getpwent() */
return WINBINDD_OK;
}
+
+/* What's my name again? */
+
+enum winbindd_result winbindd_priv_pipe_dir(struct winbindd_cli_state *state)
+{
+
+ DEBUG(3, ("[%5d]: request location of privilaged pipe\n", state->pid));
+
+ state->response.extra_data = strdup(get_winbind_priv_pipe_dir());
+ if (!state->response.extra_data)
+ return WINBINDD_ERROR;
+
+ /* must add one to length to copy the 0 for string termination */
+ state->response.length += strlen((char *)state->response.extra_data) + 1;
+
+ return WINBINDD_OK;
+}
#define WINBINDD_SOCKET_NAME "pipe" /* Name of PF_UNIX socket */
#define WINBINDD_SOCKET_DIR "/tmp/.winbindd" /* Name of PF_UNIX dir */
-
+#define WINBINDD_PRIV_SOCKET_SUBDIR "winbindd_privilaged" /* name of subdirectory of lp_lockdir() to hold the 'privilaged' pipe */
#define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variables */
#define WINBINDD_DONT_ENV "_NO_WINBINDD"
WINBINDD_NETBIOS_NAME, /* The netbios name of the server */
/* Placeholder for end of cmd list */
+ /* find the location of our privilaged pipe */
+ WINBINDD_PRIV_PIPE_DIR,
+
WINBINDD_NUM_CMDS
};
DATA_BLOB lm_resp, nt_resp;
+ if (!state->privilaged) {
+ DEBUG(2, ("winbindd_pam_auth_crap: non-privilaged access denied!\n"));
+ result = NT_STATUS_ACCESS_DENIED;
+ goto done;
+ }
+
/* Ensure null termination */
state->request.data.auth_crap.user[sizeof(state->request.data.auth_crap.user)-1]='\0';
result = append_info3_as_ndr(mem_ctx, state, &info3);
}
-#if 0
- /* we don't currently do this stuff right */
- /* Doing an assert in a daemon is going to be a pretty bad
- idea. - tpot */
if (state->request.data.auth_crap.flags & WINBIND_PAM_NTKEY) {
- SMB_ASSERT(sizeof(state->response.data.auth.nt_session_key) == sizeof(info3.user_sess_key));
memcpy(state->response.data.auth.nt_session_key, info3.user_sess_key, sizeof(state->response.data.auth.nt_session_key) /* 16 */);
}
if (state->request.data.auth_crap.flags & WINBIND_PAM_LMKEY) {
- SMB_ASSERT(sizeof(state->response.data.auth.nt_session_key) <= sizeof(info3.user_sess_key));
memcpy(state->response.data.auth.first_8_lm_hash, info3.padding, sizeof(state->response.data.auth.nt_session_key) /* 16 */);
}
-#endif
}
done:
* Winbindd socket accessor functions
*/
+char *get_winbind_priv_pipe_dir(void)
+{
+ return lock_path(WINBINDD_PRIV_SOCKET_SUBDIR);
+}
+
/* Open the winbindd socket */
static int _winbindd_socket = -1;
+static int _winbindd_priv_socket = -1;
int open_winbindd_socket(void)
{
return _winbindd_socket;
}
+int open_winbindd_priv_socket(void)
+{
+ if (_winbindd_priv_socket == -1) {
+ _winbindd_priv_socket = create_pipe_sock(
+ get_winbind_priv_pipe_dir(), WINBINDD_SOCKET_NAME, 0750);
+ DEBUG(10, ("open_winbindd_priv_socket: opened socket fd %d\n",
+ _winbindd_priv_socket));
+ }
+
+ return _winbindd_priv_socket;
+}
+
/* Close the winbindd socket */
void close_winbindd_socket(void)
close(_winbindd_socket);
_winbindd_socket = -1;
}
+ if (_winbindd_priv_socket != -1) {
+ DEBUG(10, ("close_winbindd_socket: closing socket fd %d\n",
+ _winbindd_priv_socket));
+ close(_winbindd_priv_socket);
+ _winbindd_priv_socket = -1;
+ }
}
/*
NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
const char *username, const char *domain, const char *workstation,
- const uint8 chal[8],
+ const uint8 chal[8],
DATA_BLOB lm_response, DATA_BLOB nt_response,
NET_USER_INFO_3 *info3)
NET_ID_INFO_CTR ctr;
int validation_level = 3;
char *workstation_name_slash;
+ uint8 netlogon_sess_key[16];
+ static uint8 zeros[16];
ZERO_STRUCT(q);
ZERO_STRUCT(r);
goto done;
}
+ ZERO_STRUCT(netlogon_sess_key);
+ memcpy(netlogon_sess_key, cli->sess_key, 8);
+
+ if (memcmp(zeros, info3->user_sess_key, 16) != 0)
+ SamOEMhash(info3->user_sess_key, netlogon_sess_key, 16);
+
+ if (memcmp(zeros, info3->padding, 16) != 0)
+ SamOEMhash(info3->padding, netlogon_sess_key, 16);
+
/* Return results */
result = r.status;
static size_t lm_response_len;
static unsigned char *nt_response;
static size_t nt_response_len;
+static int request_lm_key;
+static int request_nt_key;
static char *password;
memcpy(request.data.auth_crap.lm_resp, ntlmssp_state->lm_resp.data,
MIN(ntlmssp_state->lm_resp.length, sizeof(request.data.auth_crap.lm_resp)));
- memcpy(request.data.auth_crap.nt_resp, ntlmssp_state->lm_resp.data,
+ memcpy(request.data.auth_crap.nt_resp, ntlmssp_state->nt_resp.data,
MIN(ntlmssp_state->nt_resp.length, sizeof(request.data.auth_crap.nt_resp)));
request.data.auth_crap.lm_resp_len = ntlmssp_state->lm_resp.length;
static void manage_squid_ntlmssp_request(enum squid_mode squid_mode,
char *buf, int length)
{
- static NTLMSSP_STATE *ntlmssp_state;
+ static NTLMSSP_STATE *ntlmssp_state = NULL;
DATA_BLOB request, reply;
NTSTATUS nt_status;
+ if (strlen(buf) < 2) {
+ DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
+ x_fprintf(x_stdout, "BH\n");
+ return;
+ }
+
+ if (strlen(buf) > 3) {
+ request = base64_decode_data_blob(buf + 3);
+ } else if (strcmp(buf, "YR") == 0) {
+ request = data_blob(NULL, 0);
+ if (ntlmssp_state)
+ ntlmssp_server_end(&ntlmssp_state);
+ } else {
+ DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
+ x_fprintf(x_stdout, "BH\n");
+ return;
+ }
+
if (!ntlmssp_state) {
ntlmssp_server_start(&ntlmssp_state);
ntlmssp_state->check_password = winbind_pw_check;
ntlmssp_state->get_global_myname = get_winbind_netbios_name;
}
- if (strlen(buf) < 3) {
- x_fprintf(x_stdout, "BH\n");
- return;
- }
-
- request = base64_decode_data_blob(buf + 3);
-
- DEBUG(0, ("got NTLMSSP packet:\n"));
- dump_data(0, request.data, request.length);
+ DEBUG(10, ("got NTLMSSP packet:\n"));
+ dump_data(10, request.data, request.length);
nt_status = ntlmssp_server_update(ntlmssp_state, request, &reply);
x_fprintf(x_stdout, "TT %s\n", reply_base64);
SAFE_FREE(reply_base64);
data_blob_free(&reply);
+ DEBUG(10, ("NTLMSSP challenge\n"));
} else if (!NT_STATUS_IS_OK(nt_status)) {
x_fprintf(x_stdout, "NA %s\n", nt_errstr(nt_status));
+ DEBUG(10, ("NTLMSSP %s\n", nt_errstr(nt_status)));
} else {
x_fprintf(x_stdout, "AF %s\\%s\n", ntlmssp_state->domain, ntlmssp_state->user);
+ DEBUG(10, ("NTLMSSP OK!\n"));
}
data_blob_free(&request);
int length;
char *c;
static BOOL err;
-
- if (x_fgets(buf, sizeof(buf)-1, x_stdin) == NULL) {
- DEBUG(1, ("fgets() failed! dying..... errno=%d (%s)\n", errno,
- strerror(errno)));
+
+ /* this is not a typo - x_fgets doesn't work too well under squid */
+ if (fgets(buf, sizeof(buf)-1, stdin) == NULL) {
+ DEBUG(1, ("fgets() failed! dying..... errno=%d (%s)\n", ferror(stdin),
+ strerror(ferror(stdin))));
exit(1); /* BIIG buffer */
}
{
struct winbindd_request request;
struct winbindd_response response;
+ char *lm_key;
+ char *nt_key;
+ static uint8 zeros[16];
+
NSS_STATUS result;
/* Send off request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
+ if (request_lm_key)
+ request.data.auth_crap.flags |= WINBIND_PAM_LMKEY;
+
+ if (request_nt_key)
+ request.data.auth_crap.flags |= WINBIND_PAM_NTKEY;
+
fstrcpy(request.data.auth_crap.user, username);
fstrcpy(request.data.auth_crap.domain, domain);
response.data.auth.nt_status_string,
response.data.auth.nt_status);
+ if (response.data.auth.nt_status == 0) {
+ if (request_lm_key
+ && (memcmp(zeros, response.data.auth.first_8_lm_hash,
+ sizeof(response.data.auth.first_8_lm_hash)) != 0)) {
+ hex_encode(response.data.auth.first_8_lm_hash,
+ sizeof(response.data.auth.first_8_lm_hash),
+ &lm_key);
+ d_printf("LM_KEY: %s\n", lm_key);
+ SAFE_FREE(lm_key);
+ }
+ if (request_nt_key
+ && (memcmp(zeros, response.data.auth.nt_session_key,
+ sizeof(response.data.auth.nt_session_key)) != 0)) {
+ hex_encode(response.data.auth.nt_session_key,
+ sizeof(response.data.auth.nt_session_key),
+ &nt_key);
+ d_printf("NT_KEY: %s\n", nt_key);
+ SAFE_FREE(nt_key);
+ }
+ }
+
return result == NSS_STATUS_SUCCESS;
}
OPT_RESPONSE,
OPT_LM,
OPT_NT,
- OPT_PASSWORD
+ OPT_PASSWORD,
+ OPT_LM_KEY,
+ OPT_NT_KEY
};
-/*************************************************************
- Routine to set hex password characters into an allocated array.
-**************************************************************/
-
-static void hex_encode(const unsigned char *buff_in, size_t len, char **out_hex_buffer)
-{
- int i;
- char *hex_buffer;
-
- *out_hex_buffer = smb_xmalloc((len*2)+1);
- hex_buffer = *out_hex_buffer;
-
- for (i = 0; i < len; i++)
- slprintf(&hex_buffer[i*2], 3, "%02X", buff_in[i]);
-}
-
-/*************************************************************
- Routine to get the 32 hex characters and turn them
- into a 16 byte array.
-**************************************************************/
-
-static BOOL hex_decode(const char *hex_buf_in, unsigned char **out_buffer, size_t *size)
-{
- int i;
- size_t hex_buf_in_len = strlen(hex_buf_in);
- unsigned char partial_byte_hex;
- unsigned char partial_byte;
- const char *hexchars = "0123456789ABCDEF";
- char *p;
- BOOL high = True;
-
- if (!hex_buf_in)
- return (False);
-
- *size = (hex_buf_in_len + 1) / 2;
-
- *out_buffer = smb_xmalloc(*size);
-
- for (i = 0; i < hex_buf_in_len; i++) {
- partial_byte_hex = toupper(hex_buf_in[i]);
-
- p = strchr(hexchars, partial_byte_hex);
-
- if (!p)
- return (False);
-
- partial_byte = PTR_DIFF(p, hexchars);
-
- if (high) {
- (*out_buffer)[i / 2] = (partial_byte << 4);
- } else {
- (*out_buffer)[i / 2] |= partial_byte;
- }
- high = !high;
- }
- return (True);
-}
-
-
int main(int argc, const char **argv)
{
int opt;
{ "lm-response", 0, POPT_ARG_STRING, &hex_lm_response, OPT_LM, "LM Response to the challenge (HEX encoded)"},
{ "nt-response", 0, POPT_ARG_STRING, &hex_nt_response, OPT_NT, "NT or NTLMv2 Response to the challenge (HEX encoded)"},
{ "password", 0, POPT_ARG_STRING, &password, OPT_PASSWORD, "User's plaintext password"},
+ { "request-lm-key", 0, POPT_ARG_NONE, &request_lm_key, OPT_LM_KEY, "Retreive LM session key"},
+ { "request-nt-key", 0, POPT_ARG_NONE, &request_nt_key, OPT_NT_KEY, "Retreive NT session key"},
{ NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_debug },
{ NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_configfile },
{ NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version},
while((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_CHALLENGE:
- if (!hex_decode(hex_challenge, &challenge, &challenge_len)) {
- fprintf(stderr, "hex decode of %s failed!\n", hex_challenge);
+ challenge_len = strlen(hex_challenge);
+ challenge = smb_xmalloc((challenge_len+1)/2);
+ if ((challenge_len = strhex_to_str(challenge, challenge_len, hex_challenge)) != 8) {
+ fprintf(stderr, "hex decode of %s failed (only got %u bytes)!\n",
+ hex_challenge, challenge_len);
exit(1);
}
break;
case OPT_LM:
- if (!hex_decode(hex_lm_response, &lm_response, &lm_response_len)) {
- fprintf(stderr, "hex decode of %s failed!\n", lm_response);
+ lm_response_len = strlen(hex_lm_response);
+ lm_response = smb_xmalloc((lm_response_len+1)/2);
+ if ((lm_response_len = strhex_to_str(lm_response, lm_response_len, hex_lm_response)) != 24) {
+ fprintf(stderr, "hex decode of %s failed!\n", hex_lm_response);
exit(1);
}
break;
- case OPT_NT:
- if (!hex_decode(hex_lm_response, &lm_response, &lm_response_len)) {
- fprintf(stderr, "hex decode of %s failed!\n", lm_response);
+ case OPT_NT:
+ nt_response_len = strlen(hex_nt_response);
+ nt_response = smb_xmalloc((nt_response_len+1)/2);
+ if ((nt_response_len = strhex_to_str(nt_response, nt_response_len, hex_nt_response)) < 24) {
+ fprintf(stderr, "hex decode of %s failed!\n", hex_nt_response);
exit(1);
}
break;
git.samba.org / amitay / samba.git / commitdiff