The code in SMBNTLMv2encrypt_hash() should not be requesting case
changes on the domain name.
(cherry picked from commit
c47183b337d996640f009d133d47f90c153acd56)
The last 3 patches address bug #9117 - smbclient can't connect to a Windows 7
server using NTLMv2 (crypto code changes domain case).
but for NTLMv2 it is meant to contain the current time etc.
*/
- if (!ntv2_owf_gen(part_passwd, user, domain, false, kr)) {
+ if (!ntv2_owf_gen(part_passwd, user, domain, kr)) {
return false;
}
client_key_data = data_blob_talloc(mem_ctx, ntv2_response->data+16, ntv2_response->length-16);
- if (!ntv2_owf_gen(part_passwd, user, domain, false, kr)) {
+ if (!ntv2_owf_gen(part_passwd, user, domain, kr)) {
return false;
}
void nt_lm_owf_gen(const char *pwd, uint8_t nt_p16[16], uint8_t p16[16]);
bool ntv2_owf_gen(const uint8_t owf[16],
const char *user_in, const char *domain_in,
- bool upper_case_domain, /* Transform the domain into UPPER case */
uint8_t kr_buf[16]);
void SMBOWFencrypt(const uint8_t passwd[16], const uint8_t *c8, uint8_t p24[24]);
void SMBNTencrypt_hash(const uint8_t nt_hash[16], uint8_t *c8, uint8_t *p24);
/* Does both the NTLMv2 owfs of a user's password */
bool ntv2_owf_gen(const uint8_t owf[16],
const char *user_in, const char *domain_in,
- bool upper_case_domain, /* Transform the domain into UPPER case */
uint8_t kr_buf[16])
{
smb_ucs2_t *user;
return false;
}
- if (upper_case_domain) {
- domain_in = strupper_talloc(mem_ctx, domain_in);
- if (domain_in == NULL) {
- talloc_free(mem_ctx);
- return false;
- }
- }
-
ret = push_ucs2_talloc(mem_ctx, &user, user_in, &user_byte_len );
if (!ret) {
DEBUG(0, ("push_uss2_talloc() for user failed)\n"));
the username and domain.
This prevents username swapping during the auth exchange
*/
- if (!ntv2_owf_gen(nt_hash, user, domain, true, ntlm_v2_hash)) {
+ if (!ntv2_owf_gen(nt_hash, user, domain, ntlm_v2_hash)) {
return false;
}