*/
#include "includes.h"
-#include "../libcli/auth/ntlmssp.h"
-#include "../libcli/auth/ntlmssp_private.h"
+#include "../auth/ntlmssp/ntlmssp.h"
+#include "../auth/ntlmssp/ntlmssp_private.h"
#include "../libcli/auth/libcli_auth.h"
#include "../librpc/gen_ndr/ndr_ntlmssp.h"
-#include "../libcli/auth/ntlmssp_ndr.h"
+#include "../auth/ntlmssp/ntlmssp_ndr.h"
#include "../lib/crypto/md5.h"
#include "../lib/crypto/arcfour.h"
#include "../lib/crypto/hmacmd5.h"
+#include "../nsswitch/libwbclient/wbclient.h"
static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
TALLOC_CTX *out_mem_ctx, /* Unused at this time */
const uint8_t nt_hash[16])
{
ntlmssp_state->lm_hash = (uint8_t *)
- TALLOC_MEMDUP(ntlmssp_state, lm_hash, 16);
+ talloc_memdup(ntlmssp_state, lm_hash, 16);
ntlmssp_state->nt_hash = (uint8_t *)
- TALLOC_MEMDUP(ntlmssp_state, nt_hash, 16);
+ talloc_memdup(ntlmssp_state, nt_hash, 16);
if (!ntlmssp_state->lm_hash || !ntlmssp_state->nt_hash) {
TALLOC_FREE(ntlmssp_state->lm_hash);
TALLOC_FREE(ntlmssp_state->nt_hash);
ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
}
if (feature & NTLMSSP_FEATURE_SEAL) {
+ ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
}
if (feature & NTLMSSP_FEATURE_CCACHE) {
/* 'datagram' mode - no neg packet */
ntlmssp_command = NTLMSSP_NEGOTIATE;
break;
+ default:
+ DEBUG(1, ("Invalid role: %d\n", ntlmssp_state->role));
+ return NT_STATUS_INVALID_PARAMETER;
}
} else {
if (!msrpc_parse(ntlmssp_state, &input, "Cd",
NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
NTLMSSP_NEGOTIATE_NTLM |
NTLMSSP_NEGOTIATE_NTLM2 |
- NTLMSSP_NEGOTIATE_KEY_EXCH |
- NTLMSSP_NEGOTIATE_SIGN |
- NTLMSSP_NEGOTIATE_SEAL;
+ NTLMSSP_NEGOTIATE_KEY_EXCH;
ntlmssp_state->server.netbios_name = talloc_strdup(ntlmssp_state, netbios_name);
if (!ntlmssp_state->server.netbios_name) {
TALLOC_CTX *out_mem_ctx, /* Unused at this time */
DATA_BLOB reply, DATA_BLOB *next_request)
{
+ NTSTATUS status;
+
if (ntlmssp_state->unicode) {
ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
} else {
}
/* generate the ntlmssp negotiate packet */
- msrpc_gen(ntlmssp_state, next_request, "CddAA",
+ status = msrpc_gen(ntlmssp_state, next_request, "CddAA",
"NTLMSSP",
NTLMSSP_NEGOTIATE,
ntlmssp_state->neg_flags,
ntlmssp_state->client.netbios_domain,
ntlmssp_state->client.netbios_name);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("ntlmssp_client_initial: failed to generate "
+ "ntlmssp negotiate packet\n"));
+ return status;
+ }
if (DEBUGLEVEL >= 10) {
struct NEGOTIATE_MESSAGE *negotiate = talloc(
talloc_tos(), struct NEGOTIATE_MESSAGE);
if (negotiate != NULL) {
- NTSTATUS status;
status = ntlmssp_pull_NEGOTIATE_MESSAGE(
next_request, negotiate, negotiate);
if (NT_STATUS_IS_OK(status)) {
params.blobs = &auth_blob;
wbc_status = wbcCredentialCache(¶ms, &info, &error);
- if (error != NULL) {
- wbcFreeMemory(error);
- }
+ wbcFreeMemory(error);
if (!WBC_ERROR_IS_OK(wbc_status)) {
goto noccache;
}
}
/* this generates the actual auth packet */
- if (!msrpc_gen(ntlmssp_state, next_request, auth_gen_string,
+ nt_status = msrpc_gen(ntlmssp_state, next_request, auth_gen_string,
"NTLMSSP",
NTLMSSP_AUTH,
lm_response.data, lm_response.length,
ntlmssp_state->user,
ntlmssp_state->client.netbios_name,
encrypted_session_key.data, encrypted_session_key.length,
- ntlmssp_state->neg_flags)) {
+ ntlmssp_state->neg_flags);
+ if (!NT_STATUS_IS_OK(nt_status)) {
return NT_STATUS_NO_MEMORY;
}