s3:ntlmssp Move ntlmssp_sign.c from source3 to common code.
[amitay/samba.git] / source3 / libsmb / ntlmssp.c
1 /*
2    Unix SMB/Netbios implementation.
3    Version 3.0
4    handle NLTMSSP, server side
5
6    Copyright (C) Andrew Tridgell      2001
7    Copyright (C) Andrew Bartlett 2001-2003
8    Copyright (C) Andrew Bartlett 2005 (Updated from gensec).
9
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 3 of the License, or
13    (at your option) any later version.
14
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19
20    You should have received a copy of the GNU General Public License
21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "../libcli/auth/ntlmssp.h"
26 #include "../libcli/auth/ntlmssp_private.h"
27 #include "../libcli/auth/libcli_auth.h"
28 #include "../librpc/gen_ndr/ndr_ntlmssp.h"
29 #include "../libcli/auth/ntlmssp_ndr.h"
30 #include "../lib/crypto/md5.h"
31 #include "../lib/crypto/arcfour.h"
32 #include "../lib/crypto/hmacmd5.h"
33
34 static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
35                                        DATA_BLOB reply, DATA_BLOB *next_request);
36 static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
37                                          const DATA_BLOB in, DATA_BLOB *out);
38 static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
39                                          const DATA_BLOB reply, DATA_BLOB *next_request);
40 static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
41                                     const DATA_BLOB request, DATA_BLOB *reply);
42
43 /**
44  * Callbacks for NTLMSSP - for both client and server operating modes
45  *
46  */
47
48 static const struct ntlmssp_callbacks {
49         enum ntlmssp_role role;
50         enum ntlmssp_message_type ntlmssp_command;
51         NTSTATUS (*fn)(struct ntlmssp_state *ntlmssp_state,
52                        DATA_BLOB in, DATA_BLOB *out);
53 } ntlmssp_callbacks[] = {
54         {NTLMSSP_CLIENT, NTLMSSP_INITIAL, ntlmssp_client_initial},
55         {NTLMSSP_SERVER, NTLMSSP_NEGOTIATE, ntlmssp_server_negotiate},
56         {NTLMSSP_CLIENT, NTLMSSP_CHALLENGE, ntlmssp_client_challenge},
57         {NTLMSSP_SERVER, NTLMSSP_AUTH, ntlmssp_server_auth},
58         {NTLMSSP_CLIENT, NTLMSSP_UNKNOWN, NULL},
59         {NTLMSSP_SERVER, NTLMSSP_UNKNOWN, NULL}
60 };
61
62
63 /**
64  * Default challenge generation code.
65  *
66  */
67
68 static NTSTATUS get_challenge(const struct ntlmssp_state *ntlmssp_state,
69                               uint8_t chal[8])
70 {
71         generate_random_buffer(chal, 8);
72         return NT_STATUS_OK;
73 }
74
75 /**
76  * Default 'we can set the challenge to anything we like' implementation
77  *
78  */
79
80 static bool may_set_challenge(const struct ntlmssp_state *ntlmssp_state)
81 {
82         return True;
83 }
84
85 /**
86  * Default 'we can set the challenge to anything we like' implementation
87  *
88  * Does not actually do anything, as the value is always in the structure anyway.
89  *
90  */
91
92 static NTSTATUS set_challenge(struct ntlmssp_state *ntlmssp_state, DATA_BLOB *challenge)
93 {
94         SMB_ASSERT(challenge->length == 8);
95         return NT_STATUS_OK;
96 }
97
98 /**
99  * Set a username on an NTLMSSP context - ensures it is talloc()ed
100  *
101  */
102
103 NTSTATUS ntlmssp_set_username(struct ntlmssp_state *ntlmssp_state, const char *user)
104 {
105         ntlmssp_state->user = talloc_strdup(ntlmssp_state, user ? user : "" );
106         if (!ntlmssp_state->user) {
107                 return NT_STATUS_NO_MEMORY;
108         }
109         return NT_STATUS_OK;
110 }
111
112 /**
113  * Store NT and LM hashes on an NTLMSSP context - ensures they are talloc()ed
114  *
115  */
116 NTSTATUS ntlmssp_set_hashes(struct ntlmssp_state *ntlmssp_state,
117                             const uint8_t lm_hash[16],
118                             const uint8_t nt_hash[16])
119 {
120         ntlmssp_state->lm_hash = (uint8_t *)
121                 TALLOC_MEMDUP(ntlmssp_state, lm_hash, 16);
122         ntlmssp_state->nt_hash = (uint8_t *)
123                 TALLOC_MEMDUP(ntlmssp_state, nt_hash, 16);
124         if (!ntlmssp_state->lm_hash || !ntlmssp_state->nt_hash) {
125                 TALLOC_FREE(ntlmssp_state->lm_hash);
126                 TALLOC_FREE(ntlmssp_state->nt_hash);
127                 return NT_STATUS_NO_MEMORY;
128         }
129         return NT_STATUS_OK;
130 }
131
132 /**
133  * Converts a password to the hashes on an NTLMSSP context.
134  *
135  */
136 NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *password)
137 {
138         if (!password) {
139                 ntlmssp_state->lm_hash = NULL;
140                 ntlmssp_state->nt_hash = NULL;
141         } else {
142                 uint8_t lm_hash[16];
143                 uint8_t nt_hash[16];
144
145                 E_deshash(password, lm_hash);
146                 E_md4hash(password, nt_hash);
147                 return ntlmssp_set_hashes(ntlmssp_state, lm_hash, nt_hash);
148         }
149         return NT_STATUS_OK;
150 }
151
152 /**
153  * Set a domain on an NTLMSSP context - ensures it is talloc()ed
154  *
155  */
156 NTSTATUS ntlmssp_set_domain(struct ntlmssp_state *ntlmssp_state, const char *domain)
157 {
158         ntlmssp_state->domain = talloc_strdup(ntlmssp_state,
159                                               domain ? domain : "" );
160         if (!ntlmssp_state->domain) {
161                 return NT_STATUS_NO_MEMORY;
162         }
163         return NT_STATUS_OK;
164 }
165
166 /**
167  * Request features for the NTLMSSP negotiation
168  *
169  * @param ntlmssp_state NTLMSSP state
170  * @param feature_list List of space seperated features requested from NTLMSSP.
171  */
172 void ntlmssp_want_feature_list(struct ntlmssp_state *ntlmssp_state, char *feature_list)
173 {
174         /*
175          * We need to set this to allow a later SetPassword
176          * via the SAMR pipe to succeed. Strange.... We could
177          * also add  NTLMSSP_NEGOTIATE_SEAL here. JRA.
178          */
179         if (in_list("NTLMSSP_FEATURE_SESSION_KEY", feature_list, True)) {
180                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
181         }
182         if (in_list("NTLMSSP_FEATURE_SIGN", feature_list, True)) {
183                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
184         }
185         if(in_list("NTLMSSP_FEATURE_SEAL", feature_list, True)) {
186                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
187         }
188         if (in_list("NTLMSSP_FEATURE_CCACHE", feature_list, true)) {
189                 ntlmssp_state->use_ccache = true;
190         }
191 }
192
193 /**
194  * Request a feature for the NTLMSSP negotiation
195  *
196  * @param ntlmssp_state NTLMSSP state
197  * @param feature Bit flag specifying the requested feature
198  */
199 void ntlmssp_want_feature(struct ntlmssp_state *ntlmssp_state, uint32_t feature)
200 {
201         /* As per JRA's comment above */
202         if (feature & NTLMSSP_FEATURE_SESSION_KEY) {
203                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
204         }
205         if (feature & NTLMSSP_FEATURE_SIGN) {
206                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
207         }
208         if (feature & NTLMSSP_FEATURE_SEAL) {
209                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
210         }
211         if (feature & NTLMSSP_FEATURE_CCACHE) {
212                 ntlmssp_state->use_ccache = true;
213         }
214 }
215
216 /**
217  * Next state function for the NTLMSSP state machine
218  *
219  * @param ntlmssp_state NTLMSSP State
220  * @param in The packet in from the NTLMSSP partner, as a DATA_BLOB
221  * @param out The reply, as an allocated DATA_BLOB, caller to free.
222  * @return Errors, NT_STATUS_MORE_PROCESSING_REQUIRED or NT_STATUS_OK.
223  */
224
225 NTSTATUS ntlmssp_update(struct ntlmssp_state *ntlmssp_state,
226                         const DATA_BLOB input, DATA_BLOB *out)
227 {
228         uint32_t ntlmssp_command;
229         int i;
230
231         if (ntlmssp_state->expected_state == NTLMSSP_DONE) {
232                 /* Called update after negotiations finished. */
233                 DEBUG(1, ("Called NTLMSSP after state machine was 'done'\n"));
234                 return NT_STATUS_INVALID_PARAMETER;
235         }
236
237         *out = data_blob_null;
238
239         if (!input.length) {
240                 switch (ntlmssp_state->role) {
241                 case NTLMSSP_CLIENT:
242                         ntlmssp_command = NTLMSSP_INITIAL;
243                         break;
244                 case NTLMSSP_SERVER:
245                         /* 'datagram' mode - no neg packet */
246                         ntlmssp_command = NTLMSSP_NEGOTIATE;
247                         break;
248                 }
249         } else {
250                 if (!msrpc_parse(ntlmssp_state, &input, "Cd",
251                                  "NTLMSSP",
252                                  &ntlmssp_command)) {
253                         DEBUG(1, ("Failed to parse NTLMSSP packet, could not extract NTLMSSP command\n"));
254                         dump_data(2, input.data, input.length);
255                         return NT_STATUS_INVALID_PARAMETER;
256                 }
257         }
258
259         if (ntlmssp_command != ntlmssp_state->expected_state) {
260                 DEBUG(1, ("got NTLMSSP command %u, expected %u\n", ntlmssp_command, ntlmssp_state->expected_state));
261                 return NT_STATUS_INVALID_PARAMETER;
262         }
263
264         for (i=0; ntlmssp_callbacks[i].fn; i++) {
265                 if (ntlmssp_callbacks[i].role == ntlmssp_state->role
266                     && ntlmssp_callbacks[i].ntlmssp_command == ntlmssp_command) {
267                         return ntlmssp_callbacks[i].fn(ntlmssp_state, input, out);
268                 }
269         }
270
271         DEBUG(1, ("failed to find NTLMSSP callback for NTLMSSP mode %u, command %u\n",
272                   ntlmssp_state->role, ntlmssp_command));
273
274         return NT_STATUS_INVALID_PARAMETER;
275 }
276
277 /**
278  * End an NTLMSSP state machine
279  *
280  * @param ntlmssp_state NTLMSSP State, free()ed by this function
281  */
282
283 void ntlmssp_end(struct ntlmssp_state **ntlmssp_state)
284 {
285         data_blob_free(&(*ntlmssp_state)->chal);
286         data_blob_free(&(*ntlmssp_state)->lm_resp);
287         data_blob_free(&(*ntlmssp_state)->nt_resp);
288         TALLOC_FREE(*ntlmssp_state);
289
290         *ntlmssp_state = NULL;
291         return;
292 }
293
294 /**
295  * Determine correct target name flags for reply, given server role
296  * and negotiated flags
297  *
298  * @param ntlmssp_state NTLMSSP State
299  * @param neg_flags The flags from the packet
300  * @param chal_flags The flags to be set in the reply packet
301  * @return The 'target name' string.
302  */
303
304 static const char *ntlmssp_target_name(struct ntlmssp_state *ntlmssp_state,
305                                        uint32_t neg_flags, uint32_t *chal_flags)
306 {
307         if (neg_flags & NTLMSSP_REQUEST_TARGET) {
308                 *chal_flags |= NTLMSSP_NEGOTIATE_TARGET_INFO;
309                 *chal_flags |= NTLMSSP_REQUEST_TARGET;
310                 if (ntlmssp_state->server.is_standalone) {
311                         *chal_flags |= NTLMSSP_TARGET_TYPE_SERVER;
312                         return ntlmssp_state->server.netbios_name;
313                 } else {
314                         *chal_flags |= NTLMSSP_TARGET_TYPE_DOMAIN;
315                         return ntlmssp_state->server.netbios_domain;
316                 };
317         } else {
318                 return "";
319         }
320 }
321
322 static void ntlmssp_handle_neg_flags(struct ntlmssp_state *ntlmssp_state,
323                                      uint32_t neg_flags, bool allow_lm) {
324         if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) {
325                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
326                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_OEM;
327                 ntlmssp_state->unicode = True;
328         } else {
329                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_UNICODE;
330                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_OEM;
331                 ntlmssp_state->unicode = False;
332         }
333
334         if ((neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) && allow_lm) {
335                 /* other end forcing us to use LM */
336                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY;
337                 ntlmssp_state->use_ntlmv2 = False;
338         } else {
339                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
340         }
341
342         if (!(neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)) {
343                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
344         }
345
346         if (!(neg_flags & NTLMSSP_NEGOTIATE_NTLM2)) {
347                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2;
348         }
349
350         if (!(neg_flags & NTLMSSP_NEGOTIATE_128)) {
351                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_128;
352         }
353
354         if (!(neg_flags & NTLMSSP_NEGOTIATE_56)) {
355                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_56;
356         }
357
358         if (!(neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH)) {
359                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_KEY_EXCH;
360         }
361
362         if (!(neg_flags & NTLMSSP_NEGOTIATE_SIGN)) {
363                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_SIGN;
364         }
365
366         if (!(neg_flags & NTLMSSP_NEGOTIATE_SEAL)) {
367                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_SEAL;
368         }
369
370         /* Woop Woop - unknown flag for Windows compatibility...
371            What does this really do ? JRA. */
372         if (!(neg_flags & NTLMSSP_NEGOTIATE_VERSION)) {
373                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_VERSION;
374         }
375
376         if ((neg_flags & NTLMSSP_REQUEST_TARGET)) {
377                 ntlmssp_state->neg_flags |= NTLMSSP_REQUEST_TARGET;
378         }
379 }
380
381 /**
382  * Next state function for the Negotiate packet
383  *
384  * @param ntlmssp_state NTLMSSP State
385  * @param request The request, as a DATA_BLOB
386  * @param request The reply, as an allocated DATA_BLOB, caller to free.
387  * @return Errors or MORE_PROCESSING_REQUIRED if a reply is sent.
388  */
389
390 static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
391                                          const DATA_BLOB request, DATA_BLOB *reply)
392 {
393         DATA_BLOB struct_blob;
394         uint32_t neg_flags = 0;
395         uint32_t ntlmssp_command, chal_flags;
396         uint8_t cryptkey[8];
397         const char *target_name;
398         struct NEGOTIATE_MESSAGE negotiate;
399         struct CHALLENGE_MESSAGE challenge;
400         NTSTATUS status;
401
402         /* parse the NTLMSSP packet */
403 #if 0
404         file_save("ntlmssp_negotiate.dat", request.data, request.length);
405 #endif
406
407         if (request.length) {
408                 if ((request.length < 16) || !msrpc_parse(ntlmssp_state, &request, "Cdd",
409                                                           "NTLMSSP",
410                                                           &ntlmssp_command,
411                                                           &neg_flags)) {
412                         DEBUG(1, ("ntlmssp_server_negotiate: failed to parse NTLMSSP Negotiate of length %u\n",
413                                 (unsigned int)request.length));
414                         dump_data(2, request.data, request.length);
415                         return NT_STATUS_INVALID_PARAMETER;
416                 }
417                 debug_ntlmssp_flags(neg_flags);
418
419                 if (DEBUGLEVEL >= 10) {
420                         if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(&request,
421                                                        ntlmssp_state,
422                                                        &negotiate)))
423                         {
424                                 NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE, &negotiate);
425                         }
426                 }
427         }
428
429         ntlmssp_handle_neg_flags(ntlmssp_state, neg_flags, lp_lanman_auth());
430
431         /* Ask our caller what challenge they would like in the packet */
432         status = ntlmssp_state->get_challenge(ntlmssp_state, cryptkey);
433         if (!NT_STATUS_IS_OK(status)) {
434                 return status;
435         }
436
437         /* Check if we may set the challenge */
438         if (!ntlmssp_state->may_set_challenge(ntlmssp_state)) {
439                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2;
440         }
441
442         /* The flags we send back are not just the negotiated flags,
443          * they are also 'what is in this packet'.  Therfore, we
444          * operate on 'chal_flags' from here on
445          */
446
447         chal_flags = ntlmssp_state->neg_flags;
448
449         /* get the right name to fill in as 'target' */
450         target_name = ntlmssp_target_name(ntlmssp_state,
451                                           neg_flags, &chal_flags);
452         if (target_name == NULL)
453                 return NT_STATUS_INVALID_PARAMETER;
454
455         ntlmssp_state->chal = data_blob_talloc(ntlmssp_state, cryptkey, 8);
456         ntlmssp_state->internal_chal = data_blob_talloc(ntlmssp_state,
457                                                         cryptkey, 8);
458
459         /* This creates the 'blob' of names that appears at the end of the packet */
460         if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO)
461         {
462                 msrpc_gen(ntlmssp_state, &struct_blob, "aaaaa",
463                           MsvAvNbDomainName, target_name,
464                           MsvAvNbComputerName, ntlmssp_state->server.netbios_name,
465                           MsvAvDnsDomainName, ntlmssp_state->server.dns_domain,
466                           MsvAvDnsComputerName, ntlmssp_state->server.dns_name,
467                           MsvAvEOL, "");
468         } else {
469                 struct_blob = data_blob_null;
470         }
471
472         {
473                 /* Marshal the packet in the right format, be it unicode or ASCII */
474                 const char *gen_string;
475                 DATA_BLOB version_blob = data_blob_null;
476
477                 if (chal_flags & NTLMSSP_NEGOTIATE_VERSION) {
478                         enum ndr_err_code err;
479                         struct VERSION vers;
480
481                         /* "What Windows returns" as a version number. */
482                         ZERO_STRUCT(vers);
483                         vers.ProductMajorVersion = NTLMSSP_WINDOWS_MAJOR_VERSION_6;
484                         vers.ProductMinorVersion = NTLMSSP_WINDOWS_MINOR_VERSION_1;
485                         vers.ProductBuild = 0;
486                         vers.NTLMRevisionCurrent = NTLMSSP_REVISION_W2K3;
487
488                         err = ndr_push_struct_blob(&version_blob,
489                                                 ntlmssp_state,
490                                                 &vers,
491                                                 (ndr_push_flags_fn_t)ndr_push_VERSION);
492
493                         if (!NDR_ERR_CODE_IS_SUCCESS(err)) {
494                                 return NT_STATUS_NO_MEMORY;
495                         }
496                 }
497
498                 if (ntlmssp_state->unicode) {
499                         gen_string = "CdUdbddBb";
500                 } else {
501                         gen_string = "CdAdbddBb";
502                 }
503
504                 msrpc_gen(ntlmssp_state, reply, gen_string,
505                         "NTLMSSP",
506                         NTLMSSP_CHALLENGE,
507                         target_name,
508                         chal_flags,
509                         cryptkey, 8,
510                         0, 0,
511                         struct_blob.data, struct_blob.length,
512                         version_blob.data, version_blob.length);
513
514                 data_blob_free(&version_blob);
515
516                 if (DEBUGLEVEL >= 10) {
517                         if (NT_STATUS_IS_OK(ntlmssp_pull_CHALLENGE_MESSAGE(reply,
518                                                        ntlmssp_state,
519                                                        &challenge)))
520                         {
521                                 NDR_PRINT_DEBUG(CHALLENGE_MESSAGE, &challenge);
522                         }
523                 }
524         }
525
526         data_blob_free(&struct_blob);
527
528         ntlmssp_state->expected_state = NTLMSSP_AUTH;
529
530         return NT_STATUS_MORE_PROCESSING_REQUIRED;
531 }
532
533 /**
534  * Next state function for the Authenticate packet
535  *
536  * @param ntlmssp_state NTLMSSP State
537  * @param request The request, as a DATA_BLOB
538  * @param request The reply, as an allocated DATA_BLOB, caller to free.
539  * @return Errors or NT_STATUS_OK.
540  */
541
542 static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
543                                     const DATA_BLOB request, DATA_BLOB *reply)
544 {
545         DATA_BLOB encrypted_session_key = data_blob_null;
546         DATA_BLOB user_session_key = data_blob_null;
547         DATA_BLOB lm_session_key = data_blob_null;
548         DATA_BLOB session_key = data_blob_null;
549         uint32_t ntlmssp_command, auth_flags;
550         NTSTATUS nt_status = NT_STATUS_OK;
551         struct AUTHENTICATE_MESSAGE authenticate;
552
553         /* used by NTLM2 */
554         bool doing_ntlm2 = False;
555
556         uint8_t session_nonce[16];
557         uint8_t session_nonce_hash[16];
558
559         const char *parse_string;
560
561         /* parse the NTLMSSP packet */
562         *reply = data_blob_null;
563
564 #if 0
565         file_save("ntlmssp_auth.dat", request.data, request.length);
566 #endif
567
568         if (ntlmssp_state->unicode) {
569                 parse_string = "CdBBUUUBd";
570         } else {
571                 parse_string = "CdBBAAABd";
572         }
573
574         data_blob_free(&ntlmssp_state->lm_resp);
575         data_blob_free(&ntlmssp_state->nt_resp);
576
577         ntlmssp_state->user = NULL;
578         ntlmssp_state->domain = NULL;
579
580         /* now the NTLMSSP encoded auth hashes */
581         if (!msrpc_parse(ntlmssp_state, &request, parse_string,
582                          "NTLMSSP",
583                          &ntlmssp_command,
584                          &ntlmssp_state->lm_resp,
585                          &ntlmssp_state->nt_resp,
586                          &ntlmssp_state->domain,
587                          &ntlmssp_state->user,
588                          &ntlmssp_state->client.netbios_name,
589                          &encrypted_session_key,
590                          &auth_flags)) {
591                 auth_flags = 0;
592
593                 /* Try again with a shorter string (Win9X truncates this packet) */
594                 if (ntlmssp_state->unicode) {
595                         parse_string = "CdBBUUU";
596                 } else {
597                         parse_string = "CdBBAAA";
598                 }
599
600                 /* now the NTLMSSP encoded auth hashes */
601                 if (!msrpc_parse(ntlmssp_state, &request, parse_string,
602                                  "NTLMSSP",
603                                  &ntlmssp_command,
604                                  &ntlmssp_state->lm_resp,
605                                  &ntlmssp_state->nt_resp,
606                                  &ntlmssp_state->domain,
607                                  &ntlmssp_state->user,
608                                  &ntlmssp_state->client.netbios_name)) {
609                         DEBUG(1, ("ntlmssp_server_auth: failed to parse NTLMSSP (tried both formats):\n"));
610                         dump_data(2, request.data, request.length);
611
612                         return NT_STATUS_INVALID_PARAMETER;
613                 }
614         }
615
616         if (auth_flags)
617                 ntlmssp_handle_neg_flags(ntlmssp_state, auth_flags, lp_lanman_auth());
618
619         if (DEBUGLEVEL >= 10) {
620                 if (NT_STATUS_IS_OK(ntlmssp_pull_AUTHENTICATE_MESSAGE(&request,
621                                                   ntlmssp_state,
622                                                   &authenticate)))
623                 {
624                         NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE, &authenticate);
625                 }
626         }
627
628         DEBUG(3,("Got user=[%s] domain=[%s] workstation=[%s] len1=%lu len2=%lu\n",
629                  ntlmssp_state->user, ntlmssp_state->domain,
630                  ntlmssp_state->client.netbios_name,
631                  (unsigned long)ntlmssp_state->lm_resp.length,
632                  (unsigned long)ntlmssp_state->nt_resp.length));
633
634 #if 0
635         file_save("nthash1.dat",  &ntlmssp_state->nt_resp.data,  &ntlmssp_state->nt_resp.length);
636         file_save("lmhash1.dat",  &ntlmssp_state->lm_resp.data,  &ntlmssp_state->lm_resp.length);
637 #endif
638
639         /* NTLM2 uses a 'challenge' that is made of up both the server challenge, and a
640            client challenge
641
642            However, the NTLM2 flag may still be set for the real NTLMv2 logins, be careful.
643         */
644         if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
645                 if (ntlmssp_state->nt_resp.length == 24 && ntlmssp_state->lm_resp.length == 24) {
646                         struct MD5Context md5_session_nonce_ctx;
647                         SMB_ASSERT(ntlmssp_state->internal_chal.data && ntlmssp_state->internal_chal.length == 8);
648
649                         doing_ntlm2 = True;
650
651                         memcpy(session_nonce, ntlmssp_state->internal_chal.data, 8);
652                         memcpy(&session_nonce[8], ntlmssp_state->lm_resp.data, 8);
653
654                         MD5Init(&md5_session_nonce_ctx);
655                         MD5Update(&md5_session_nonce_ctx, session_nonce, 16);
656                         MD5Final(session_nonce_hash, &md5_session_nonce_ctx);
657
658                         ntlmssp_state->chal = data_blob_talloc(
659                                 ntlmssp_state, session_nonce_hash, 8);
660
661                         /* LM response is no longer useful */
662                         data_blob_free(&ntlmssp_state->lm_resp);
663
664                         /* We changed the effective challenge - set it */
665                         if (!NT_STATUS_IS_OK(nt_status = ntlmssp_state->set_challenge(ntlmssp_state, &ntlmssp_state->chal))) {
666                                 data_blob_free(&encrypted_session_key);
667                                 return nt_status;
668                         }
669
670                         /* LM Key is incompatible. */
671                         ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
672                 }
673         }
674
675         /*
676          * Note we don't check here for NTLMv2 auth settings. If NTLMv2 auth
677          * is required (by "ntlm auth = no" and "lm auth = no" being set in the
678          * smb.conf file) and no NTLMv2 response was sent then the password check
679          * will fail here. JRA.
680          */
681
682         /* Finally, actually ask if the password is OK */
683
684         if (!NT_STATUS_IS_OK(nt_status = ntlmssp_state->check_password(ntlmssp_state,
685                                                                        &user_session_key, &lm_session_key))) {
686                 data_blob_free(&encrypted_session_key);
687                 return nt_status;
688         }
689
690         dump_data_pw("NT session key:\n", user_session_key.data, user_session_key.length);
691         dump_data_pw("LM first-8:\n", lm_session_key.data, lm_session_key.length);
692
693         /* Handle the different session key derivation for NTLM2 */
694         if (doing_ntlm2) {
695                 if (user_session_key.data && user_session_key.length == 16) {
696                         session_key = data_blob_talloc(ntlmssp_state,
697                                                        NULL, 16);
698                         hmac_md5(user_session_key.data, session_nonce,
699                                  sizeof(session_nonce), session_key.data);
700                         DEBUG(10,("ntlmssp_server_auth: Created NTLM2 session key.\n"));
701                         dump_data_pw("NTLM2 session key:\n", session_key.data, session_key.length);
702
703                 } else {
704                         DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM2 session key.\n"));
705                         session_key = data_blob_null;
706                 }
707         } else if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) {
708                 if (lm_session_key.data && lm_session_key.length >= 8) {
709                         if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
710                                 session_key = data_blob_talloc(ntlmssp_state,
711                                                                NULL, 16);
712                                 if (session_key.data == NULL) {
713                                         return NT_STATUS_NO_MEMORY;
714                                 }
715                                 SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state->lm_resp.data,
716                                                           session_key.data);
717                                 DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
718                         } else {
719                                 static const uint8_t zeros[24] = {0, };
720                                 session_key = data_blob_talloc(
721                                         ntlmssp_state, NULL, 16);
722                                 if (session_key.data == NULL) {
723                                         return NT_STATUS_NO_MEMORY;
724                                 }
725                                 SMBsesskeygen_lm_sess_key(
726                                         lm_session_key.data, zeros,
727                                         session_key.data);
728                         }
729                         dump_data_pw("LM session key:\n", session_key.data,
730                                      session_key.length);
731                 } else {
732                         DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM session key.\n"));
733                         session_key = data_blob_null;
734                 }
735         } else if (user_session_key.data) {
736                 session_key = user_session_key;
737                 DEBUG(10,("ntlmssp_server_auth: Using unmodified nt session key.\n"));
738                 dump_data_pw("unmodified session key:\n", session_key.data, session_key.length);
739         } else if (lm_session_key.data) {
740                 session_key = lm_session_key;
741                 DEBUG(10,("ntlmssp_server_auth: Using unmodified lm session key.\n"));
742                 dump_data_pw("unmodified session key:\n", session_key.data, session_key.length);
743         } else {
744                 DEBUG(10,("ntlmssp_server_auth: Failed to create unmodified session key.\n"));
745                 session_key = data_blob_null;
746         }
747
748         /* With KEY_EXCH, the client supplies the proposed session key,
749            but encrypts it with the long-term key */
750         if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
751                 if (!encrypted_session_key.data || encrypted_session_key.length != 16) {
752                         data_blob_free(&encrypted_session_key);
753                         DEBUG(1, ("Client-supplied KEY_EXCH session key was of invalid length (%u)!\n",
754                                   (unsigned int)encrypted_session_key.length));
755                         return NT_STATUS_INVALID_PARAMETER;
756                 } else if (!session_key.data || session_key.length != 16) {
757                         DEBUG(5, ("server session key is invalid (len == %u), cannot do KEY_EXCH!\n",
758                                   (unsigned int)session_key.length));
759                         ntlmssp_state->session_key = session_key;
760                 } else {
761                         dump_data_pw("KEY_EXCH session key (enc):\n", encrypted_session_key.data, encrypted_session_key.length);
762                         arcfour_crypt_blob(encrypted_session_key.data,
763                                            encrypted_session_key.length,
764                                            &session_key);
765                         ntlmssp_state->session_key = data_blob_talloc(
766                                 ntlmssp_state, encrypted_session_key.data,
767                                 encrypted_session_key.length);
768                         dump_data_pw("KEY_EXCH session key:\n", encrypted_session_key.data,
769                                      encrypted_session_key.length);
770                 }
771         } else {
772                 ntlmssp_state->session_key = session_key;
773         }
774
775         if (!NT_STATUS_IS_OK(nt_status)) {
776                 ntlmssp_state->session_key = data_blob_null;
777         } else if (ntlmssp_state->session_key.length) {
778                 nt_status = ntlmssp_sign_init(ntlmssp_state);
779         }
780
781         data_blob_free(&encrypted_session_key);
782
783         /* Only one authentication allowed per server state. */
784         ntlmssp_state->expected_state = NTLMSSP_DONE;
785
786         return nt_status;
787 }
788
789 /**
790  * Create an NTLMSSP state machine
791  *
792  * @param ntlmssp_state NTLMSSP State, allocated by this function
793  */
794
795 NTSTATUS ntlmssp_server_start(TALLOC_CTX *mem_ctx,
796                               bool is_standalone,
797                               const char *netbios_name,
798                               const char *netbios_domain,
799                               const char *dns_name,
800                               const char *dns_domain,
801                               struct ntlmssp_state **_ntlmssp_state)
802 {
803         struct ntlmssp_state *ntlmssp_state;
804
805         if (!netbios_name) {
806                 netbios_name = "";
807         }
808
809         if (!netbios_domain) {
810                 netbios_domain = "";
811         }
812
813         if (!dns_domain) {
814                 dns_domain = "";
815         }
816
817         if (!dns_name) {
818                 dns_name = "";
819         }
820
821         ntlmssp_state = talloc_zero(mem_ctx, struct ntlmssp_state);
822         if (!ntlmssp_state) {
823                 return NT_STATUS_NO_MEMORY;
824         }
825
826         ntlmssp_state->role = NTLMSSP_SERVER;
827
828         ntlmssp_state->get_challenge = get_challenge;
829         ntlmssp_state->set_challenge = set_challenge;
830         ntlmssp_state->may_set_challenge = may_set_challenge;
831
832         ntlmssp_state->server.is_standalone = is_standalone;
833
834         ntlmssp_state->expected_state = NTLMSSP_NEGOTIATE;
835
836         ntlmssp_state->neg_flags =
837                 NTLMSSP_NEGOTIATE_128 |
838                 NTLMSSP_NEGOTIATE_56 |
839                 NTLMSSP_NEGOTIATE_VERSION |
840                 NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
841                 NTLMSSP_NEGOTIATE_NTLM |
842                 NTLMSSP_NEGOTIATE_NTLM2 |
843                 NTLMSSP_NEGOTIATE_KEY_EXCH |
844                 NTLMSSP_NEGOTIATE_SIGN |
845                 NTLMSSP_NEGOTIATE_SEAL;
846
847         ntlmssp_state->server.netbios_name = talloc_strdup(ntlmssp_state, netbios_name);
848         if (!ntlmssp_state->server.netbios_name) {
849                 talloc_free(ntlmssp_state);
850                 return NT_STATUS_NO_MEMORY;
851         }
852         ntlmssp_state->server.netbios_domain = talloc_strdup(ntlmssp_state, netbios_domain);
853         if (!ntlmssp_state->server.netbios_domain) {
854                 talloc_free(ntlmssp_state);
855                 return NT_STATUS_NO_MEMORY;
856         }
857         ntlmssp_state->server.dns_name = talloc_strdup(ntlmssp_state, dns_name);
858         if (!ntlmssp_state->server.dns_name) {
859                 talloc_free(ntlmssp_state);
860                 return NT_STATUS_NO_MEMORY;
861         }
862         ntlmssp_state->server.dns_domain = talloc_strdup(ntlmssp_state, dns_domain);
863         if (!ntlmssp_state->server.dns_domain) {
864                 talloc_free(ntlmssp_state);
865                 return NT_STATUS_NO_MEMORY;
866         }
867
868         *_ntlmssp_state = ntlmssp_state;
869         return NT_STATUS_OK;
870 }
871
872 /*********************************************************************
873  Client side NTLMSSP
874 *********************************************************************/
875
876 /**
877  * Next state function for the Initial packet
878  *
879  * @param ntlmssp_state NTLMSSP State
880  * @param request The request, as a DATA_BLOB.  reply.data must be NULL
881  * @param request The reply, as an allocated DATA_BLOB, caller to free.
882  * @return Errors or NT_STATUS_OK.
883  */
884
885 static NTSTATUS ntlmssp_client_initial(struct ntlmssp_state *ntlmssp_state,
886                                   DATA_BLOB reply, DATA_BLOB *next_request)
887 {
888         struct NEGOTIATE_MESSAGE negotiate;
889
890         if (ntlmssp_state->unicode) {
891                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
892         } else {
893                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_OEM;
894         }
895
896         if (ntlmssp_state->use_ntlmv2) {
897                 ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
898         }
899
900         /* generate the ntlmssp negotiate packet */
901         msrpc_gen(ntlmssp_state, next_request, "CddAA",
902                   "NTLMSSP",
903                   NTLMSSP_NEGOTIATE,
904                   ntlmssp_state->neg_flags,
905                   ntlmssp_state->client.netbios_domain,
906                   ntlmssp_state->client.netbios_name);
907
908         if (DEBUGLEVEL >= 10) {
909                 if (NT_STATUS_IS_OK(ntlmssp_pull_NEGOTIATE_MESSAGE(next_request,
910                                                ntlmssp_state,
911                                                &negotiate)))
912                 {
913                         NDR_PRINT_DEBUG(NEGOTIATE_MESSAGE, &negotiate);
914                 }
915         }
916
917         ntlmssp_state->expected_state = NTLMSSP_CHALLENGE;
918
919         return NT_STATUS_MORE_PROCESSING_REQUIRED;
920 }
921
922 /**
923  * Next state function for the Challenge Packet.  Generate an auth packet.
924  *
925  * @param ntlmssp_state NTLMSSP State
926  * @param request The request, as a DATA_BLOB.  reply.data must be NULL
927  * @param request The reply, as an allocated DATA_BLOB, caller to free.
928  * @return Errors or NT_STATUS_OK.
929  */
930
931 static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
932                                          const DATA_BLOB reply, DATA_BLOB *next_request)
933 {
934         uint32_t chal_flags, ntlmssp_command, unkn1, unkn2;
935         DATA_BLOB server_domain_blob;
936         DATA_BLOB challenge_blob;
937         DATA_BLOB struct_blob = data_blob_null;
938         char *server_domain;
939         const char *chal_parse_string;
940         const char *auth_gen_string;
941         DATA_BLOB lm_response = data_blob_null;
942         DATA_BLOB nt_response = data_blob_null;
943         DATA_BLOB session_key = data_blob_null;
944         DATA_BLOB encrypted_session_key = data_blob_null;
945         NTSTATUS nt_status = NT_STATUS_OK;
946         struct CHALLENGE_MESSAGE challenge;
947         struct AUTHENTICATE_MESSAGE authenticate;
948
949         if (ntlmssp_state->use_ccache) {
950                 struct wbcCredentialCacheParams params;
951                 struct wbcCredentialCacheInfo *info = NULL;
952                 struct wbcAuthErrorInfo *error = NULL;
953                 struct wbcNamedBlob auth_blob;
954                 struct wbcBlob *wbc_next = NULL;
955                 struct wbcBlob *wbc_session_key = NULL;
956                 wbcErr wbc_status;
957                 int i;
958
959                 params.account_name = ntlmssp_state->user;
960                 params.domain_name = ntlmssp_state->domain;
961                 params.level = WBC_CREDENTIAL_CACHE_LEVEL_NTLMSSP;
962
963                 auth_blob.name = "challenge_blob";
964                 auth_blob.flags = 0;
965                 auth_blob.blob.data = reply.data;
966                 auth_blob.blob.length = reply.length;
967                 params.num_blobs = 1;
968                 params.blobs = &auth_blob;
969
970                 wbc_status = wbcCredentialCache(&params, &info, &error);
971                 if (error != NULL) {
972                         wbcFreeMemory(error);
973                 }
974                 if (!WBC_ERROR_IS_OK(wbc_status)) {
975                         goto noccache;
976                 }
977
978                 for (i=0; i<info->num_blobs; i++) {
979                         if (strequal(info->blobs[i].name, "auth_blob")) {
980                                 wbc_next = &info->blobs[i].blob;
981                         }
982                         if (strequal(info->blobs[i].name, "session_key")) {
983                                 wbc_session_key = &info->blobs[i].blob;
984                         }
985                 }
986                 if ((wbc_next == NULL) || (wbc_session_key == NULL)) {
987                         wbcFreeMemory(info);
988                         goto noccache;
989                 }
990
991                 *next_request = data_blob(wbc_next->data, wbc_next->length);
992                 ntlmssp_state->session_key = data_blob(
993                         wbc_session_key->data, wbc_session_key->length);
994
995                 wbcFreeMemory(info);
996                 goto done;
997         }
998
999 noccache:
1000
1001         if (!msrpc_parse(ntlmssp_state, &reply, "CdBd",
1002                          "NTLMSSP",
1003                          &ntlmssp_command,
1004                          &server_domain_blob,
1005                          &chal_flags)) {
1006                 DEBUG(1, ("Failed to parse the NTLMSSP Challenge: (#1)\n"));
1007                 dump_data(2, reply.data, reply.length);
1008
1009                 return NT_STATUS_INVALID_PARAMETER;
1010         }
1011
1012         if (DEBUGLEVEL >= 10) {
1013                 if (NT_STATUS_IS_OK(ntlmssp_pull_CHALLENGE_MESSAGE(&reply,
1014                                                ntlmssp_state,
1015                                                &challenge)))
1016                 {
1017                         NDR_PRINT_DEBUG(CHALLENGE_MESSAGE, &challenge);
1018                 }
1019         }
1020
1021         data_blob_free(&server_domain_blob);
1022
1023         DEBUG(3, ("Got challenge flags:\n"));
1024         debug_ntlmssp_flags(chal_flags);
1025
1026         ntlmssp_handle_neg_flags(ntlmssp_state, chal_flags, lp_client_lanman_auth());
1027
1028         if (ntlmssp_state->unicode) {
1029                 if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO) {
1030                         chal_parse_string = "CdUdbddB";
1031                 } else {
1032                         chal_parse_string = "CdUdbdd";
1033                 }
1034                 auth_gen_string = "CdBBUUUBd";
1035         } else {
1036                 if (chal_flags & NTLMSSP_NEGOTIATE_TARGET_INFO) {
1037                         chal_parse_string = "CdAdbddB";
1038                 } else {
1039                         chal_parse_string = "CdAdbdd";
1040                 }
1041
1042                 auth_gen_string = "CdBBAAABd";
1043         }
1044
1045         DEBUG(3, ("NTLMSSP: Set final flags:\n"));
1046         debug_ntlmssp_flags(ntlmssp_state->neg_flags);
1047
1048         if (!msrpc_parse(ntlmssp_state, &reply, chal_parse_string,
1049                          "NTLMSSP",
1050                          &ntlmssp_command,
1051                          &server_domain,
1052                          &chal_flags,
1053                          &challenge_blob, 8,
1054                          &unkn1, &unkn2,
1055                          &struct_blob)) {
1056                 DEBUG(1, ("Failed to parse the NTLMSSP Challenge: (#2)\n"));
1057                 dump_data(2, reply.data, reply.length);
1058                 return NT_STATUS_INVALID_PARAMETER;
1059         }
1060
1061         if (chal_flags & NTLMSSP_TARGET_TYPE_SERVER) {
1062                 ntlmssp_state->server.is_standalone = true;
1063         } else {
1064                 ntlmssp_state->server.is_standalone = false;
1065         }
1066         /* TODO: parse struct_blob and fill in the rest */
1067         ntlmssp_state->server.netbios_name = "";
1068         ntlmssp_state->server.netbios_domain = server_domain;
1069         ntlmssp_state->server.dns_name = "";
1070         ntlmssp_state->server.dns_domain = "";
1071
1072         if (challenge_blob.length != 8) {
1073                 data_blob_free(&struct_blob);
1074                 return NT_STATUS_INVALID_PARAMETER;
1075         }
1076
1077         if (!ntlmssp_state->nt_hash || !ntlmssp_state->lm_hash) {
1078                 static const uint8_t zeros[16] = {0, };
1079                 /* do nothing - blobs are zero length */
1080
1081                 /* session key is all zeros */
1082                 session_key = data_blob_talloc(ntlmssp_state, zeros, 16);
1083
1084                 /* not doing NLTM2 without a password */
1085                 ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2;
1086         } else if (ntlmssp_state->use_ntlmv2) {
1087                 if (!struct_blob.length) {
1088                         /* be lazy, match win2k - we can't do NTLMv2 without it */
1089                         DEBUG(1, ("Server did not provide 'target information', required for NTLMv2\n"));
1090                         return NT_STATUS_INVALID_PARAMETER;
1091                 }
1092
1093                 /* TODO: if the remote server is standalone, then we should replace 'domain'
1094                    with the server name as supplied above */
1095
1096                 if (!SMBNTLMv2encrypt_hash(ntlmssp_state,
1097                                            ntlmssp_state->user,
1098                                            ntlmssp_state->domain,
1099                                            ntlmssp_state->nt_hash, &challenge_blob,
1100                                            &struct_blob,
1101                                            &lm_response, &nt_response, NULL,
1102                                            &session_key)) {
1103                         data_blob_free(&challenge_blob);
1104                         data_blob_free(&struct_blob);
1105                         return NT_STATUS_NO_MEMORY;
1106                 }
1107         } else if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) {
1108                 struct MD5Context md5_session_nonce_ctx;
1109                 uint8_t session_nonce[16];
1110                 uint8_t session_nonce_hash[16];
1111                 uint8_t user_session_key[16];
1112
1113                 lm_response = data_blob_talloc(ntlmssp_state, NULL, 24);
1114                 generate_random_buffer(lm_response.data, 8);
1115                 memset(lm_response.data+8, 0, 16);
1116
1117                 memcpy(session_nonce, challenge_blob.data, 8);
1118                 memcpy(&session_nonce[8], lm_response.data, 8);
1119
1120                 MD5Init(&md5_session_nonce_ctx);
1121                 MD5Update(&md5_session_nonce_ctx, challenge_blob.data, 8);
1122                 MD5Update(&md5_session_nonce_ctx, lm_response.data, 8);
1123                 MD5Final(session_nonce_hash, &md5_session_nonce_ctx);
1124
1125                 DEBUG(5, ("NTLMSSP challenge set by NTLM2\n"));
1126                 DEBUG(5, ("challenge is: \n"));
1127                 dump_data(5, session_nonce_hash, 8);
1128
1129                 nt_response = data_blob_talloc(ntlmssp_state, NULL, 24);
1130                 SMBNTencrypt_hash(ntlmssp_state->nt_hash,
1131                                   session_nonce_hash,
1132                                   nt_response.data);
1133
1134                 session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
1135
1136                 SMBsesskeygen_ntv1(ntlmssp_state->nt_hash, user_session_key);
1137                 hmac_md5(user_session_key, session_nonce, sizeof(session_nonce), session_key.data);
1138                 dump_data_pw("NTLM2 session key:\n", session_key.data, session_key.length);
1139         } else {
1140                 /* lanman auth is insecure, it may be disabled */
1141                 if (lp_client_lanman_auth()) {
1142                         lm_response = data_blob_talloc(ntlmssp_state,
1143                                                        NULL, 24);
1144                         SMBencrypt_hash(ntlmssp_state->lm_hash,challenge_blob.data,
1145                                    lm_response.data);
1146                 }
1147
1148                 nt_response = data_blob_talloc(ntlmssp_state, NULL, 24);
1149                 SMBNTencrypt_hash(ntlmssp_state->nt_hash,challenge_blob.data,
1150                              nt_response.data);
1151
1152                 session_key = data_blob_talloc(ntlmssp_state, NULL, 16);
1153                 if ((ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY)
1154                     && lp_client_lanman_auth()) {
1155                         SMBsesskeygen_lm_sess_key(ntlmssp_state->lm_hash, lm_response.data,
1156                                         session_key.data);
1157                         dump_data_pw("LM session key\n", session_key.data, session_key.length);
1158                 } else {
1159                         SMBsesskeygen_ntv1(ntlmssp_state->nt_hash, session_key.data);
1160                         dump_data_pw("NT session key:\n", session_key.data, session_key.length);
1161                 }
1162         }
1163         data_blob_free(&struct_blob);
1164
1165         /* Key exchange encryptes a new client-generated session key with
1166            the password-derived key */
1167         if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
1168                 /* Make up a new session key */
1169                 uint8_t client_session_key[16];
1170                 generate_random_buffer(client_session_key, sizeof(client_session_key));
1171
1172                 /* Encrypt the new session key with the old one */
1173                 encrypted_session_key = data_blob(client_session_key, sizeof(client_session_key));
1174                 dump_data_pw("KEY_EXCH session key:\n", encrypted_session_key.data, encrypted_session_key.length);
1175                 arcfour_crypt_blob(encrypted_session_key.data, encrypted_session_key.length, &session_key);
1176                 dump_data_pw("KEY_EXCH session key (enc):\n", encrypted_session_key.data, encrypted_session_key.length);
1177
1178                 /* Mark the new session key as the 'real' session key */
1179                 data_blob_free(&session_key);
1180                 session_key = data_blob_talloc(ntlmssp_state,
1181                                                client_session_key,
1182                                                sizeof(client_session_key));
1183         }
1184
1185         /* this generates the actual auth packet */
1186         if (!msrpc_gen(ntlmssp_state, next_request, auth_gen_string,
1187                        "NTLMSSP",
1188                        NTLMSSP_AUTH,
1189                        lm_response.data, lm_response.length,
1190                        nt_response.data, nt_response.length,
1191                        ntlmssp_state->domain,
1192                        ntlmssp_state->user,
1193                        ntlmssp_state->client.netbios_name,
1194                        encrypted_session_key.data, encrypted_session_key.length,
1195                        ntlmssp_state->neg_flags)) {
1196
1197                 return NT_STATUS_NO_MEMORY;
1198         }
1199
1200         if (DEBUGLEVEL >= 10) {
1201                 if (NT_STATUS_IS_OK(ntlmssp_pull_AUTHENTICATE_MESSAGE(next_request,
1202                                                   ntlmssp_state,
1203                                                   &authenticate)))
1204                 {
1205                         NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE, &authenticate);
1206                 }
1207         }
1208
1209         data_blob_free(&encrypted_session_key);
1210
1211         data_blob_free(&ntlmssp_state->chal);
1212
1213         ntlmssp_state->session_key = session_key;
1214
1215         ntlmssp_state->chal = challenge_blob;
1216         ntlmssp_state->lm_resp = lm_response;
1217         ntlmssp_state->nt_resp = nt_response;
1218
1219 done:
1220
1221         ntlmssp_state->expected_state = NTLMSSP_DONE;
1222
1223         if (!NT_STATUS_IS_OK(nt_status = ntlmssp_sign_init(ntlmssp_state))) {
1224                 DEBUG(1, ("Could not setup NTLMSSP signing/sealing system (error was: %s)\n", nt_errstr(nt_status)));
1225         }
1226
1227         return nt_status;
1228 }
1229
1230 NTSTATUS ntlmssp_client_start(TALLOC_CTX *mem_ctx,
1231                               const char *netbios_name,
1232                               const char *netbios_domain,
1233                               bool use_ntlmv2,
1234                               struct ntlmssp_state **_ntlmssp_state)
1235 {
1236         struct ntlmssp_state *ntlmssp_state;
1237
1238         if (!netbios_name) {
1239                 netbios_name = "";
1240         }
1241
1242         if (!netbios_domain) {
1243                 netbios_domain = "";
1244         }
1245
1246         ntlmssp_state = talloc_zero(mem_ctx, struct ntlmssp_state);
1247         if (!ntlmssp_state) {
1248                 return NT_STATUS_NO_MEMORY;
1249         }
1250
1251         ntlmssp_state->role = NTLMSSP_CLIENT;
1252
1253         ntlmssp_state->unicode = True;
1254
1255         ntlmssp_state->use_ntlmv2 = use_ntlmv2;
1256
1257         ntlmssp_state->expected_state = NTLMSSP_INITIAL;
1258
1259         ntlmssp_state->neg_flags =
1260                 NTLMSSP_NEGOTIATE_128 |
1261                 NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
1262                 NTLMSSP_NEGOTIATE_NTLM |
1263                 NTLMSSP_NEGOTIATE_NTLM2 |
1264                 NTLMSSP_NEGOTIATE_KEY_EXCH |
1265                 NTLMSSP_REQUEST_TARGET;
1266
1267         ntlmssp_state->client.netbios_name = talloc_strdup(ntlmssp_state, netbios_name);
1268         if (!ntlmssp_state->client.netbios_name) {
1269                 talloc_free(ntlmssp_state);
1270                 return NT_STATUS_NO_MEMORY;
1271         }
1272         ntlmssp_state->client.netbios_domain = talloc_strdup(ntlmssp_state, netbios_domain);
1273         if (!ntlmssp_state->client.netbios_domain) {
1274                 talloc_free(ntlmssp_state);
1275                 return NT_STATUS_NO_MEMORY;
1276         }
1277
1278         *_ntlmssp_state = ntlmssp_state;
1279         return NT_STATUS_OK;
1280 }