* can create the appropriate passwords for NTLM authentication without
* knowing them. */
if (cred_data && info->passwords->flags) {
- //NDR_PRINT_DEBUG(PAC_CREDENTIAL_NTLM_SECPKG, info->passwords);
+ struct PAC_CREDENTIAL_DATA_NDR data_ndr;
+
+ NDR_PRINT_DEBUG(PAC_CREDENTIAL_NTLM_SECPKG, info->passwords);
ndr_err = ndr_push_struct_blob(&ntlm_secpkg, mem_ctx, info->passwords,
(ndr_push_flags_fn_t)ndr_push_PAC_CREDENTIAL_NTLM_SECPKG);
return nt_status;
}
+ DEBUG(2, ("NTLM credential BLOB (len %zu) for user\n",
+ ntlm_secpkg.length));
+ dump_data(0, ntlm_secpkg.data, ntlm_secpkg.length);
+
ZERO_STRUCT(pac_cred_data);
pac_cred_data.count = 1;
pac_cred_data.credentials->size = ntlm_secpkg.length;
pac_cred_data.credentials->data = ntlm_secpkg.data;
- //NDR_PRINT_DEBUG(PAC_CREDENTIAL_DATA, &pac_cred_data);
+ NDR_PRINT_DEBUG(PAC_CREDENTIAL_DATA, &pac_cred_data);
+
+ data_ndr.ctr.data = &pac_cred_data;
- ndr_err = ndr_push_struct_blob(cred_data, mem_ctx, &pac_cred_data,
- (ndr_push_flags_fn_t)ndr_push_PAC_CREDENTIAL_DATA);
+ NDR_PRINT_DEBUG(PAC_CREDENTIAL_DATA_NDR, &data_ndr);
+
+ ndr_err = ndr_push_struct_blob(cred_data, mem_ctx, &data_ndr,
+ (ndr_push_flags_fn_t)ndr_push_PAC_CREDENTIAL_DATA_NDR);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
nt_status = ndr_map_error2ntstatus(ndr_err);
DEBUG(1, ("PAC (presig cred pkg) push failed: %s\n",
nt_errstr(nt_status)));
return nt_status;
}
-
DEBUG(2, ("Created credential BLOB (len %zu) for user\n",
cred_data->length));
} else if (cred_data) {
return ret;
}
+ DEBUG(2, ("Plain cred_blob (len %zu)\n",
+ cred_blob->length));
+ dump_data(0, cred_blob->data, cred_blob->length);
ret = krb5_encrypt(context, cred_crypto, KRB5_KU_OTHER_ENCRYPTED,
cred_blob->data, cred_blob->length, &cred_crypt_data);
krb5_crypto_destroy(context, cred_crypto);
pac_cred_info.data.length = cred_crypt_data.length;
pac_cred_info.data.data = (uint8_t *)cred_crypt_data.data;
- //NDR_PRINT_DEBUG(PAC_CREDENTIAL_INFO, &pac_cred_info);
+ NDR_PRINT_DEBUG(PAC_CREDENTIAL_INFO, &pac_cred_info);
ndr_err = ndr_push_struct_blob(&cred_info_blob, mem_ctx, &pac_cred_info,
(ndr_push_flags_fn_t)ndr_push_PAC_CREDENTIAL_INFO);
DEBUG(2, ("Encrypted credential BLOB (len %zu) with alg %d\n",
cred_info_blob.length, (int)pac_cred_info.enctype));
-
+ dump_data(0, cred_info_blob.data, cred_info_blob.length);
ret = krb5_copy_data_contents(&cred_data,
cred_info_blob.data,
cred_info_blob.length);