DATA_BLOB in, DATA_BLOB *out)
{
struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
+ const char *domain = gensec_ntlmssp_state->domain;
+ const char *workstation = cli_credentials_get_workstation(gensec_security->credentials);
+
+ /* These don't really matter in the initial packet, so don't panic if they are not set */
+ if (!domain) {
+ domain = "";
+ }
+
+ if (!workstation) {
+ workstation = "";
+ }
if (gensec_ntlmssp_state->unicode) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE;
/* generate the ntlmssp negotiate packet */
msrpc_gen(out_mem_ctx,
+ lp_iconv_convenience(gensec_security->lp_ctx),
out, "CddAA",
"NTLMSSP",
NTLMSSP_NEGOTIATE,
gensec_ntlmssp_state->neg_flags,
- gensec_ntlmssp_state->domain,
- cli_credentials_get_workstation(gensec_security->credentials));
+ domain,
+ workstation);
gensec_ntlmssp_state->expected_state = NTLMSSP_CHALLENGE;
}
if (!msrpc_parse(mem_ctx,
+ lp_iconv_convenience(gensec_security->lp_ctx),
&in, "CdBd",
"NTLMSSP",
&ntlmssp_command,
}
if (!msrpc_parse(mem_ctx,
+ lp_iconv_convenience(gensec_security->lp_ctx),
&in, chal_parse_string,
"NTLMSSP",
&ntlmssp_command,
if (gensec_ntlmssp_state->use_nt_response) {
flags |= CLI_CRED_NTLM_AUTH;
}
- if (lp_client_lanman_auth(global_loadparm)) {
+ if (lp_client_lanman_auth(gensec_security->lp_ctx)) {
flags |= CLI_CRED_LANMAN_AUTH;
}
}
if ((gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY)
- && lp_client_lanman_auth(global_loadparm) && lm_session_key.length == 16) {
+ && lp_client_lanman_auth(gensec_security->lp_ctx) && lm_session_key.length == 16) {
DATA_BLOB new_session_key = data_blob_talloc(mem_ctx, NULL, 16);
if (lm_response.length == 24) {
SMBsesskeygen_lm_sess_key(lm_session_key.data, lm_response.data,
/* this generates the actual auth packet */
if (!msrpc_gen(mem_ctx,
+ lp_iconv_convenience(gensec_security->lp_ctx),
out, auth_gen_string,
"NTLMSSP",
NTLMSSP_AUTH,
gensec_ntlmssp_state->role = NTLMSSP_CLIENT;
- gensec_ntlmssp_state->domain = lp_workgroup(global_loadparm);
+ gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->lp_ctx);
- gensec_ntlmssp_state->unicode = lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "unicode", true);
+ gensec_ntlmssp_state->unicode = lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "unicode", true);
- gensec_ntlmssp_state->use_nt_response = lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "send_nt_reponse", true);
+ gensec_ntlmssp_state->use_nt_response = lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "send_nt_reponse", true);
- gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(global_loadparm)
- && (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "allow_lm_key", false)
- || lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "lm_key", false)));
+ gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(gensec_security->lp_ctx)
+ && (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "allow_lm_key", false)
+ || lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "lm_key", false)));
- gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(global_loadparm);
+ gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(gensec_security->lp_ctx);
gensec_ntlmssp_state->expected_state = NTLMSSP_INITIAL;
NTLMSSP_NEGOTIATE_NTLM |
NTLMSSP_REQUEST_TARGET;
- if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "128bit", true)) {
+ if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "128bit", true)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128;
}
- if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "56bit", false)) {
+ if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "56bit", false)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;
}
- if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "lm_key", false)) {
+ if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "lm_key", false)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY;
}
- if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "keyexchange", true)) {
+ if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "keyexchange", true)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;
}
- if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "alwayssign", true)) {
+ if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "alwayssign", true)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
}
- if (lp_parm_bool(global_loadparm, NULL, "ntlmssp_client", "ntlm2", true)) {
+ if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "ntlm2", true)) {
gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
} else {
/* apparently we can't do ntlmv2 if we don't do ntlm2 */