Move libcli/auth to the top level

8 files changed, 2255 insertions, 0 deletions

diff --git a/libcli/auth/config.mk b/libcli/auth/config.mk
new file mode 100644
index 00000000000..c09d1631c0d
--- /dev/null
+++ b/libcli/auth/config.mk
@@ -0,0 +1,13 @@
+[SUBSYSTEM::LIBCLI_AUTH]
+PUBLIC_DEPENDENCIES = \
+		MSRPC_PARSE \
+		LIBSAMBA-HOSTCONFIG
+
+LIBCLI_AUTH_OBJ_FILES = $(addprefix $(libclicommonsrcdir)/auth/, \
+		credentials.o \
+		session.o \
+		smbencrypt.o \
+		smbdes.o)
+
+PUBLIC_HEADERS += ../libcli/auth/credentials.h
+$(eval $(call proto_header_template,$(libclicommonsrcdir)/auth/proto.h,$(LIBCLI_AUTH_OBJ_FILES:.o=.c)))
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
new file mode 100644
index 00000000000..3c77b0836de
--- /dev/null
+++ b/libcli/auth/credentials.c
@@ -0,0 +1,375 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   code to manipulate domain credentials
+
+   Copyright (C) Andrew Tridgell 1997-2003
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "system/time.h"
+#include "auth/auth.h"
+#include "../lib/crypto/crypto.h"
+#include "libcli/auth/libcli_auth.h"
+
+/*
+  initialise the credentials state for old-style 64 bit session keys
+
+  this call is made after the netr_ServerReqChallenge call
+*/
+static void creds_init_64bit(struct creds_CredentialState *creds,
+			     const struct netr_Credential *client_challenge,
+			     const struct netr_Credential *server_challenge,
+			     const struct samr_Password *machine_password)
+{
+	uint32_t sum[2];
+	uint8_t sum2[8];
+
+	sum[0] = IVAL(client_challenge->data, 0) + IVAL(server_challenge->data, 0);
+	sum[1] = IVAL(client_challenge->data, 4) + IVAL(server_challenge->data, 4);
+
+	SIVAL(sum2,0,sum[0]);
+	SIVAL(sum2,4,sum[1]);
+
+	ZERO_STRUCT(creds->session_key);
+
+	des_crypt128(creds->session_key, sum2, machine_password->hash);
+
+	des_crypt112(creds->client.data, client_challenge->data, creds->session_key, 1);
+	des_crypt112(creds->server.data, server_challenge->data, creds->session_key, 1);
+
+	creds->seed = creds->client;
+}
+
+/*
+  initialise the credentials state for ADS-style 128 bit session keys
+
+  this call is made after the netr_ServerReqChallenge call
+*/
+static void creds_init_128bit(struct creds_CredentialState *creds,
+			      const struct netr_Credential *client_challenge,
+			      const struct netr_Credential *server_challenge,
+			      const struct samr_Password *machine_password)
+{
+	unsigned char zero[4], tmp[16];
+	HMACMD5Context ctx;
+	struct MD5Context md5;
+
+	ZERO_STRUCT(creds->session_key);
+
+	memset(zero, 0, sizeof(zero));
+
+	hmac_md5_init_rfc2104(machine_password->hash, sizeof(machine_password->hash), &ctx);	
+	MD5Init(&md5);
+	MD5Update(&md5, zero, sizeof(zero));
+	MD5Update(&md5, client_challenge->data, 8);
+	MD5Update(&md5, server_challenge->data, 8);
+	MD5Final(tmp, &md5);
+	hmac_md5_update(tmp, sizeof(tmp), &ctx);
+	hmac_md5_final(creds->session_key, &ctx);
+
+	creds->client = *client_challenge;
+	creds->server = *server_challenge;
+
+	des_crypt112(creds->client.data, client_challenge->data, creds->session_key, 1);
+	des_crypt112(creds->server.data, server_challenge->data, creds->session_key, 1);
+
+	creds->seed = creds->client;
+}
+
+
+/*
+  step the credentials to the next element in the chain, updating the
+  current client and server credentials and the seed
+*/
+static void creds_step(struct creds_CredentialState *creds)
+{
+	struct netr_Credential time_cred;
+
+	DEBUG(5,("\tseed        %08x:%08x\n", 
+		 IVAL(creds->seed.data, 0), IVAL(creds->seed.data, 4)));
+
+	SIVAL(time_cred.data, 0, IVAL(creds->seed.data, 0) + creds->sequence);
+	SIVAL(time_cred.data, 4, IVAL(creds->seed.data, 4));
+
+	DEBUG(5,("\tseed+time   %08x:%08x\n", IVAL(time_cred.data, 0), IVAL(time_cred.data, 4)));
+
+	des_crypt112(creds->client.data, time_cred.data, creds->session_key, 1);
+
+	DEBUG(5,("\tCLIENT      %08x:%08x\n", 
+		 IVAL(creds->client.data, 0), IVAL(creds->client.data, 4)));
+
+	SIVAL(time_cred.data, 0, IVAL(creds->seed.data, 0) + creds->sequence + 1);
+	SIVAL(time_cred.data, 4, IVAL(creds->seed.data, 4));
+
+	DEBUG(5,("\tseed+time+1 %08x:%08x\n", 
+		 IVAL(time_cred.data, 0), IVAL(time_cred.data, 4)));
+
+	des_crypt112(creds->server.data, time_cred.data, creds->session_key, 1);
+
+	DEBUG(5,("\tSERVER      %08x:%08x\n", 
+		 IVAL(creds->server.data, 0), IVAL(creds->server.data, 4)));
+
+	creds->seed = time_cred;
+}
+
+
+/*
+  DES encrypt a 8 byte LMSessionKey buffer using the Netlogon session key
+*/
+void creds_des_encrypt_LMKey(struct creds_CredentialState *creds, struct netr_LMSessionKey *key)
+{
+	struct netr_LMSessionKey tmp;
+	des_crypt56(tmp.key, key->key, creds->session_key, 1);
+	*key = tmp;
+}
+
+/*
+  DES decrypt a 8 byte LMSessionKey buffer using the Netlogon session key
+*/
+void creds_des_decrypt_LMKey(struct creds_CredentialState *creds, struct netr_LMSessionKey *key)
+{
+	struct netr_LMSessionKey tmp;
+	des_crypt56(tmp.key, key->key, creds->session_key, 0);
+	*key = tmp;
+}
+
+/*
+  DES encrypt a 16 byte password buffer using the session key
+*/
+void creds_des_encrypt(struct creds_CredentialState *creds, struct samr_Password *pass)
+{
+	struct samr_Password tmp;
+	des_crypt112_16(tmp.hash, pass->hash, creds->session_key, 1);
+	*pass = tmp;
+}
+
+/*
+  DES decrypt a 16 byte password buffer using the session key
+*/
+void creds_des_decrypt(struct creds_CredentialState *creds, struct samr_Password *pass)
+{
+	struct samr_Password tmp;
+	des_crypt112_16(tmp.hash, pass->hash, creds->session_key, 0);
+	*pass = tmp;
+}
+
+/*
+  ARCFOUR encrypt/decrypt a password buffer using the session key
+*/
+void creds_arcfour_crypt(struct creds_CredentialState *creds, uint8_t *data, size_t len)
+{
+	DATA_BLOB session_key = data_blob(creds->session_key, 16);
+
+	arcfour_crypt_blob(data, len, &session_key);
+
+	data_blob_free(&session_key);
+}
+
+/*****************************************************************
+The above functions are common to the client and server interface
+next comes the client specific functions
+******************************************************************/
+
+/*
+  initialise the credentials chain and return the first client
+  credentials
+*/
+void creds_client_init(struct creds_CredentialState *creds,
+		       const struct netr_Credential *client_challenge,
+		       const struct netr_Credential *server_challenge,
+		       const struct samr_Password *machine_password,
+		       struct netr_Credential *initial_credential,
+		       uint32_t negotiate_flags)
+{
+	creds->sequence = time(NULL);
+	creds->negotiate_flags = negotiate_flags;
+
+	dump_data_pw("Client chall", client_challenge->data, sizeof(client_challenge->data));
+	dump_data_pw("Server chall", server_challenge->data, sizeof(server_challenge->data));
+	dump_data_pw("Machine Pass", machine_password->hash, sizeof(machine_password->hash));
+
+	if (negotiate_flags & NETLOGON_NEG_128BIT) {
+		creds_init_128bit(creds, client_challenge, server_challenge, machine_password);
+	} else {
+		creds_init_64bit(creds, client_challenge, server_challenge, machine_password);
+	}
+
+	dump_data_pw("Session key", creds->session_key, 16);
+	dump_data_pw("Credential ", creds->client.data, 8);
+
+	*initial_credential = creds->client;
+}
+
+/*
+  step the credentials to the next element in the chain, updating the
+  current client and server credentials and the seed
+
+  produce the next authenticator in the sequence ready to send to 
+  the server
+*/
+void creds_client_authenticator(struct creds_CredentialState *creds,
+				struct netr_Authenticator *next)
+{	
+	creds->sequence += 2;
+	creds_step(creds);
+
+	next->cred = creds->client;
+	next->timestamp = creds->sequence;
+}
+
+/*
+  check that a credentials reply from a server is correct
+*/
+bool creds_client_check(struct creds_CredentialState *creds,
+			const struct netr_Credential *received_credentials)
+{
+	if (!received_credentials || 
+	    memcmp(received_credentials->data, creds->server.data, 8) != 0) {
+		DEBUG(2,("credentials check failed\n"));
+		return false;
+	}
+	return true;
+}
+
+
+/*****************************************************************
+The above functions are common to the client and server interface
+next comes the server specific functions
+******************************************************************/
+
+/*
+  initialise the credentials chain and return the first server
+  credentials
+*/
+void creds_server_init(struct creds_CredentialState *creds,
+		       const struct netr_Credential *client_challenge,
+		       const struct netr_Credential *server_challenge,
+		       const struct samr_Password *machine_password,
+		       struct netr_Credential *initial_credential,
+		       uint32_t negotiate_flags)
+{
+	if (negotiate_flags & NETLOGON_NEG_128BIT) {
+		creds_init_128bit(creds, client_challenge, server_challenge, 
+				  machine_password);
+	} else {
+		creds_init_64bit(creds, client_challenge, server_challenge, 
+				 machine_password);
+	}
+
+	*initial_credential = creds->server;
+	creds->negotiate_flags = negotiate_flags;
+}
+
+/*
+  check that a credentials reply from a server is correct
+*/
+bool creds_server_check(const struct creds_CredentialState *creds,
+			const struct netr_Credential *received_credentials)
+{
+	if (memcmp(received_credentials->data, creds->client.data, 8) != 0) {
+		DEBUG(2,("credentials check failed\n"));
+		dump_data_pw("client creds", creds->client.data, 8);
+		dump_data_pw("calc   creds", received_credentials->data, 8);
+		return false;
+	}
+	return true;
+}
+
+NTSTATUS creds_server_step_check(struct creds_CredentialState *creds,
+				 struct netr_Authenticator *received_authenticator,
+				 struct netr_Authenticator *return_authenticator) 
+{
+	if (!received_authenticator || !return_authenticator) {
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
+	if (!creds) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	/* TODO: this may allow the a replay attack on a non-signed
+	   connection. Should we check that this is increasing? */
+	creds->sequence = received_authenticator->timestamp;
+	creds_step(creds);
+	if (creds_server_check(creds, &received_authenticator->cred)) {
+		return_authenticator->cred = creds->server;
+		return_authenticator->timestamp = creds->sequence;
+		return NT_STATUS_OK;
+	} else {
+		ZERO_STRUCTP(return_authenticator);
+		return NT_STATUS_ACCESS_DENIED;
+	}
+}
+
+void creds_decrypt_samlogon(struct creds_CredentialState *creds,
+			    uint16_t validation_level,
+			    union netr_Validation *validation) 
+{
+	static const char zeros[16];
+
+	struct netr_SamBaseInfo *base = NULL;
+	switch (validation_level) {
+	case 2:
+		if (validation->sam2) {
+			base = &validation->sam2->base;
+		}
+		break;
+	case 3:
+		if (validation->sam3) {
+			base = &validation->sam3->base;
+		}
+		break;
+	case 6:
+		if (validation->sam6) {
+			base = &validation->sam6->base;
+		}
+		break;
+	default:
+		/* If we can't find it, we can't very well decrypt it */
+		return;
+	}
+
+	if (!base) {
+		return;
+	}
+
+	/* find and decyrpt the session keys, return in parameters above */
+	if (validation_level == 6) {
+		/* they aren't encrypted! */
+	} else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
+		if (memcmp(base->key.key, zeros,  
+			   sizeof(base->key.key)) != 0) {
+			creds_arcfour_crypt(creds, 
+					    base->key.key, 
+					    sizeof(base->key.key));
+		}
+			
+		if (memcmp(base->LMSessKey.key, zeros,  
+			   sizeof(base->LMSessKey.key)) != 0) {
+			creds_arcfour_crypt(creds, 
+					    base->LMSessKey.key, 
+					    sizeof(base->LMSessKey.key));
+		}
+	} else {
+		if (memcmp(base->LMSessKey.key, zeros,  
+			   sizeof(base->LMSessKey.key)) != 0) {
+			creds_des_decrypt_LMKey(creds, 
+						&base->LMSessKey);
+		}
+	}
+}	
diff --git a/libcli/auth/credentials.h b/libcli/auth/credentials.h
new file mode 100644
index 00000000000..4e11cb090f9
--- /dev/null
+++ b/libcli/auth/credentials.h
@@ -0,0 +1,46 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   code to manipulate domain credentials
+
+   Copyright (C) Andrew Tridgell 2004
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "librpc/gen_ndr/netlogon.h"
+
+struct creds_CredentialState {
+	uint32_t negotiate_flags;
+	uint8_t session_key[16];
+	uint32_t sequence;
+	struct netr_Credential seed;
+	struct netr_Credential client;
+	struct netr_Credential server;
+	uint16_t secure_channel_type;
+	const char *domain;
+	const char *computer_name;
+	const char *account_name;
+	struct dom_sid *sid;
+};
+
+/* for the timebeing, use the same neg flags as Samba3. */
+/* The 7 here seems to be required to get Win2k not to downgrade us
+   to NT4.  Actually, anything other than 1ff would seem to do... */
+#define NETLOGON_NEG_AUTH2_FLAGS     0x000701ff
+
+/* these are the flags that ADS clients use */
+#define NETLOGON_NEG_AUTH2_ADS_FLAGS (0x200fbffb | NETLOGON_NEG_ARCFOUR | NETLOGON_NEG_128BIT | NETLOGON_NEG_SCHANNEL)
+
+
diff --git a/libcli/auth/libcli_auth.h b/libcli/auth/libcli_auth.h
new file mode 100644
index 00000000000..ec1c1e7d98e
--- /dev/null
+++ b/libcli/auth/libcli_auth.h
@@ -0,0 +1,24 @@
+/* 
+   samba -- Unix SMB/CIFS implementation.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+#ifndef __LIBCLI_AUTH_H__
+#define __LIBCLI_AUTH_H__
+
+#include "librpc/gen_ndr/netlogon.h"
+#include "libcli/auth/credentials.h"
+#include "libcli/auth/proto.h"
+
+#endif /* __LIBCLI_AUTH_H__ */
diff --git a/libcli/auth/ntlm_check.c b/libcli/auth/ntlm_check.c
new file mode 100644
index 00000000000..0805b1b0431
--- /dev/null
+++ b/libcli/auth/ntlm_check.c
@@ -0,0 +1,603 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Password and authentication handling
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2001-2004
+   Copyright (C) Gerald Carter                             2003
+   Copyright (C) Luke Kenneth Casson Leighton         1996-2000
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../lib/crypto/crypto.h"
+#include "librpc/gen_ndr/netlogon.h"
+#include "libcli/auth/libcli_auth.h"
+#include "auth/ntlm/ntlm_check.h"
+
+/****************************************************************************
+ Core of smb password checking routine.
+****************************************************************************/
+
+static bool smb_pwd_check_ntlmv1(TALLOC_CTX *mem_ctx,
+				 const DATA_BLOB *nt_response,
+				 const uint8_t *part_passwd,
+				 const DATA_BLOB *sec_blob,
+				 DATA_BLOB *user_sess_key)
+{
+	/* Finish the encryption of part_passwd. */
+	uint8_t p24[24];
+	
+	if (part_passwd == NULL) {
+		DEBUG(10,("No password set - DISALLOWING access\n"));
+		/* No password set - always false ! */
+		return false;
+	}
+	
+	if (sec_blob->length != 8) {
+		DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challenge size (%lu)\n", 
+			  (unsigned long)sec_blob->length));
+		return false;
+	}
+	
+	if (nt_response->length != 24) {
+		DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect password length (%lu)\n", 
+			  (unsigned long)nt_response->length));
+		return false;
+	}
+
+	SMBOWFencrypt(part_passwd, sec_blob->data, p24);
+	
+#if DEBUG_PASSWORD
+	DEBUG(100,("Part password (P16) was |\n"));
+	dump_data(100, part_passwd, 16);
+	DEBUGADD(100,("Password from client was |\n"));
+	dump_data(100, nt_response->data, nt_response->length);
+	DEBUGADD(100,("Given challenge was |\n"));
+	dump_data(100, sec_blob->data, sec_blob->length);
+	DEBUGADD(100,("Value from encryption was |\n"));
+	dump_data(100, p24, 24);
+#endif
+	if (memcmp(p24, nt_response->data, 24) == 0) {
+		if (user_sess_key != NULL) {
+			*user_sess_key = data_blob_talloc(mem_ctx, NULL, 16);
+			SMBsesskeygen_ntv1(part_passwd, user_sess_key->data);
+		}
+		return true;
+	} 
+	return false;
+}
+
+/****************************************************************************
+ Core of smb password checking routine. (NTLMv2, LMv2)
+ Note:  The same code works with both NTLMv2 and LMv2.
+****************************************************************************/
+
+static bool smb_pwd_check_ntlmv2(TALLOC_CTX *mem_ctx,
+				 const DATA_BLOB *ntv2_response,
+				 const uint8_t *part_passwd,
+				 const DATA_BLOB *sec_blob,
+				 const char *user, const char *domain,
+				 bool upper_case_domain, /* should the domain be transformed into upper case? */
+				 DATA_BLOB *user_sess_key)
+{
+	/* Finish the encryption of part_passwd. */
+	uint8_t kr[16];
+	uint8_t value_from_encryption[16];
+	DATA_BLOB client_key_data;
+
+	if (part_passwd == NULL) {
+		DEBUG(10,("No password set - DISALLOWING access\n"));
+		/* No password set - always false */
+		return false;
+	}
+
+	if (sec_blob->length != 8) {
+		DEBUG(0, ("smb_pwd_check_ntlmv2: incorrect challenge size (%lu)\n", 
+			  (unsigned long)sec_blob->length));
+		return false;
+	}
+	
+	if (ntv2_response->length < 24) {
+		/* We MUST have more than 16 bytes, or the stuff below will go
+		   crazy.  No known implementation sends less than the 24 bytes
+		   for LMv2, let alone NTLMv2. */
+		DEBUG(0, ("smb_pwd_check_ntlmv2: incorrect password length (%lu)\n", 
+			  (unsigned long)ntv2_response->length));
+		return false;
+	}
+
+	client_key_data = data_blob_talloc(mem_ctx, ntv2_response->data+16, ntv2_response->length-16);
+	/* 
+	   todo:  should we be checking this for anything?  We can't for LMv2, 
+	   but for NTLMv2 it is meant to contain the current time etc.
+	*/
+
+	if (!ntv2_owf_gen(part_passwd, user, domain, upper_case_domain, kr)) {
+		return false;
+	}
+
+	SMBOWFencrypt_ntv2(kr, sec_blob, &client_key_data, value_from_encryption);
+
+#if DEBUG_PASSWORD
+	DEBUG(100,("Part password (P16) was |\n"));
+	dump_data(100, part_passwd, 16);
+	DEBUGADD(100,("Password from client was |\n"));
+	dump_data(100, ntv2_response->data, ntv2_response->length);
+	DEBUGADD(100,("Variable data from client was |\n"));
+	dump_data(100, client_key_data.data, client_key_data.length);
+	DEBUGADD(100,("Given challenge was |\n"));
+	dump_data(100, sec_blob->data, sec_blob->length);
+	DEBUGADD(100,("Value from encryption was |\n"));
+	dump_data(100, value_from_encryption, 16);
+#endif
+	data_blob_clear_free(&client_key_data);
+	if (memcmp(value_from_encryption, ntv2_response->data, 16) == 0) { 
+		if (user_sess_key != NULL) {
+			*user_sess_key = data_blob_talloc(mem_ctx, NULL, 16);
+			SMBsesskeygen_ntv2(kr, value_from_encryption, user_sess_key->data);
+		}
+		return true;
+	}
+	return false;
+}
+
+/****************************************************************************
+ Core of smb password checking routine. (NTLMv2, LMv2)
+ Note:  The same code works with both NTLMv2 and LMv2.
+****************************************************************************/
+
+static bool smb_sess_key_ntlmv2(TALLOC_CTX *mem_ctx,
+				const DATA_BLOB *ntv2_response,
+				const uint8_t *part_passwd,
+				const DATA_BLOB *sec_blob,
+				const char *user, const char *domain,
+				bool upper_case_domain, /* should the domain be transformed into upper case? */
+				DATA_BLOB *user_sess_key)
+{
+	/* Finish the encryption of part_passwd. */
+	uint8_t kr[16];
+	uint8_t value_from_encryption[16];
+	DATA_BLOB client_key_data;
+
+	if (part_passwd == NULL) {
+		DEBUG(10,("No password set - DISALLOWING access\n"));
+		/* No password set - always false */
+		return false;
+	}
+
+	if (sec_blob->length != 8) {
+		DEBUG(0, ("smb_sess_key_ntlmv2: incorrect challenge size (%lu)\n", 
+			  (unsigned long)sec_blob->length));
+		return false;
+	}
+	
+	if (ntv2_response->length < 24) {
+		/* We MUST have more than 16 bytes, or the stuff below will go
+		   crazy.  No known implementation sends less than the 24 bytes
+		   for LMv2, let alone NTLMv2. */
+		DEBUG(0, ("smb_sess_key_ntlmv2: incorrect password length (%lu)\n", 
+			  (unsigned long)ntv2_response->length));
+		return false;
+	}
+
+	client_key_data = data_blob_talloc(mem_ctx, ntv2_response->data+16, ntv2_response->length-16);
+
+	if (!ntv2_owf_gen(part_passwd, user, domain, upper_case_domain, kr)) {
+		return false;
+	}
+
+	SMBOWFencrypt_ntv2(kr, sec_blob, &client_key_data, value_from_encryption);
+	*user_sess_key = data_blob_talloc(mem_ctx, NULL, 16);
+	SMBsesskeygen_ntv2(kr, value_from_encryption, user_sess_key->data);
+	return true;
+}
+
+/**
+ * Compare password hashes against those from the SAM
+ *
+ * @param mem_ctx talloc context
+ * @param client_lanman LANMAN password hash, as supplied by the client
+ * @param client_nt NT (MD4) password hash, as supplied by the client
+ * @param username internal Samba username, for log messages
+ * @param client_username username the client used
+ * @param client_domain domain name the client used (may be mapped)
+ * @param stored_lanman LANMAN password hash, as stored on the SAM
+ * @param stored_nt NT (MD4) password hash, as stored on the SAM
+ * @param user_sess_key User session key
+ * @param lm_sess_key LM session key (first 8 bytes of the LM hash)
+ */
+
+NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
+				 bool lanman_auth,
+			     const struct samr_Password *client_lanman,
+			     const struct samr_Password *client_nt,
+			     const char *username, 
+			     const struct samr_Password *stored_lanman, 
+			     const struct samr_Password *stored_nt)
+{
+	if (stored_nt == NULL) {
+		DEBUG(3,("ntlm_password_check: NO NT password stored for user %s.\n", 
+			 username));
+	}
+
+	if (client_nt && stored_nt) {
+		if (memcmp(client_nt->hash, stored_nt->hash, sizeof(stored_nt->hash)) == 0) {
+			return NT_STATUS_OK;
+		} else {
+			DEBUG(3,("ntlm_password_check: Interactive logon: NT password check failed for user %s\n",
+				 username));
+			return NT_STATUS_WRONG_PASSWORD;
+		}
+
+	} else if (client_lanman && stored_lanman) {
+		if (!lanman_auth) {
+			DEBUG(3,("ntlm_password_check: Interactive logon: only LANMAN password supplied for user %s, and LM passwords are disabled!\n",
+				 username));
+			return NT_STATUS_WRONG_PASSWORD;
+		}
+		if (strchr_m(username, '@')) {
+			return NT_STATUS_NOT_FOUND;
+		}
+
+		if (memcmp(client_lanman->hash, stored_lanman->hash, sizeof(stored_lanman->hash)) == 0) {
+			return NT_STATUS_OK;
+		} else {
+			DEBUG(3,("ntlm_password_check: Interactive logon: LANMAN password check failed for user %s\n",
+				 username));
+			return NT_STATUS_WRONG_PASSWORD;
+		}
+	}
+	if (strchr_m(username, '@')) {
+		return NT_STATUS_NOT_FOUND;
+	}
+	return NT_STATUS_WRONG_PASSWORD;
+}
+
+/**
+ * Check a challenge-response password against the value of the NT or
+ * LM password hash.
+ *
+ * @param mem_ctx talloc context
+ * @param challenge 8-byte challenge.  If all zero, forces plaintext comparison
+ * @param nt_response 'unicode' NT response to the challenge, or unicode password
+ * @param lm_response ASCII or LANMAN response to the challenge, or password in DOS code page
+ * @param username internal Samba username, for log messages
+ * @param client_username username the client used
+ * @param client_domain domain name the client used (may be mapped)
+ * @param stored_lanman LANMAN ASCII password from our passdb or similar
+ * @param stored_nt MD4 unicode password from our passdb or similar
+ * @param user_sess_key User session key
+ * @param lm_sess_key LM session key (first 8 bytes of the LM hash)
+ */
+
+NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
+				 bool lanman_auth,
+				 bool ntlm_auth,
+			     uint32_t logon_parameters,
+			     const DATA_BLOB *challenge,
+			     const DATA_BLOB *lm_response,
+			     const DATA_BLOB *nt_response,
+			     const char *username, 
+			     const char *client_username, 
+			     const char *client_domain,
+			     const struct samr_Password *stored_lanman, 
+			     const struct samr_Password *stored_nt, 
+			     DATA_BLOB *user_sess_key, 
+			     DATA_BLOB *lm_sess_key)
+{
+	const static uint8_t zeros[8];
+	DATA_BLOB tmp_sess_key;
+
+	if (stored_nt == NULL) {
+		DEBUG(3,("ntlm_password_check: NO NT password stored for user %s.\n", 
+			 username));
+	}
+
+	*lm_sess_key = data_blob(NULL, 0);
+	*user_sess_key = data_blob(NULL, 0);
+
+	/* Check for cleartext netlogon. Used by Exchange 5.5. */
+	if ((logon_parameters & MSV1_0_CLEARTEXT_PASSWORD_ALLOWED)
+	    && challenge->length == sizeof(zeros) 
+	    && (memcmp(challenge->data, zeros, challenge->length) == 0 )) {
+		struct samr_Password client_nt;
+		struct samr_Password client_lm;
+		char *unix_pw = NULL;
+		bool lm_ok;
+
+		DEBUG(4,("ntlm_password_check: checking plaintext passwords for user %s\n",
+			 username));
+		mdfour(client_nt.hash, nt_response->data, nt_response->length);
+		
+		if (lm_response->length && 
+		    (convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX, 
+					  lm_response->data, lm_response->length, 
+					   (void **)&unix_pw, NULL, false))) {
+			if (E_deshash(unix_pw, client_lm.hash)) {
+				lm_ok = true;
+			} else {
+				lm_ok = false;
+			}
+		} else {
+			lm_ok = false;
+		}
+		return hash_password_check(mem_ctx, 
+					   lanman_auth,
+					   lm_ok ? &client_lm : NULL, 
+					   nt_response->length ? &client_nt : NULL, 
+					   username,  
+					   stored_lanman, stored_nt);
+	}
+
+	if (nt_response->length != 0 && nt_response->length < 24) {
+		DEBUG(2,("ntlm_password_check: invalid NT password length (%lu) for user %s\n", 
+			 (unsigned long)nt_response->length, username));		
+	}
+	
+	if (nt_response->length > 24 && stored_nt) {
+		/* We have the NT MD4 hash challenge available - see if we can
+		   use it 
+		*/
+		DEBUG(4,("ntlm_password_check: Checking NTLMv2 password with domain [%s]\n", client_domain));
+		if (smb_pwd_check_ntlmv2(mem_ctx,
+					 nt_response, 
+					 stored_nt->hash, challenge, 
+					 client_username, 
+					 client_domain,
+					 false,
+					 user_sess_key)) {
+			*lm_sess_key = *user_sess_key;
+			if (user_sess_key->length) {
+				lm_sess_key->length = 8;
+			}
+			return NT_STATUS_OK;
+		}
+		
+		DEBUG(4,("ntlm_password_check: Checking NTLMv2 password with uppercased version of domain [%s]\n", client_domain));
+		if (smb_pwd_check_ntlmv2(mem_ctx,
+					 nt_response, 
+					 stored_nt->hash, challenge, 
+					 client_username, 
+					 client_domain,
+					 true,
+					 user_sess_key)) {
+			*lm_sess_key = *user_sess_key;
+			if (user_sess_key->length) {
+				lm_sess_key->length = 8;
+			}
+			return NT_STATUS_OK;
+		}
+		
+		DEBUG(4,("ntlm_password_check: Checking NTLMv2 password without a domain\n"));
+		if (smb_pwd_check_ntlmv2(mem_ctx,
+					 nt_response, 
+					 stored_nt->hash, challenge, 
+					 client_username, 
+					 "",
+					 false,
+					 user_sess_key)) {
+			*lm_sess_key = *user_sess_key;
+			if (user_sess_key->length) {
+				lm_sess_key->length = 8;
+			}
+			return NT_STATUS_OK;
+		} else {
+			DEBUG(3,("ntlm_password_check: NTLMv2 password check failed\n"));
+		}
+	} else if (nt_response->length == 24 && stored_nt) {
+		if (ntlm_auth) {		
+			/* We have the NT MD4 hash challenge available - see if we can
+			   use it (ie. does it exist in the smbpasswd file).
+			*/
+			DEBUG(4,("ntlm_password_check: Checking NT MD4 password\n"));
+			if (smb_pwd_check_ntlmv1(mem_ctx, 
+						 nt_response, 
+						 stored_nt->hash, challenge,
+						 user_sess_key)) {
+				/* The LM session key for this response is not very secure, 
+				   so use it only if we otherwise allow LM authentication */
+				
+				if (lanman_auth && stored_lanman) {
+					*lm_sess_key = data_blob_talloc(mem_ctx, stored_lanman->hash, 8);
+				}
+				return NT_STATUS_OK;
+			} else {
+				DEBUG(3,("ntlm_password_check: NT MD4 password check failed for user %s\n",
+					 username));
+				return NT_STATUS_WRONG_PASSWORD;
+			}
+		} else {
+			DEBUG(2,("ntlm_password_check: NTLMv1 passwords NOT PERMITTED for user %s\n",
+				 username));			
+			/* no return, becouse we might pick up LMv2 in the LM field */
+		}
+	}
+	
+	if (lm_response->length == 0) {
+		DEBUG(3,("ntlm_password_check: NEITHER LanMan nor NT password supplied for user %s\n",
+			 username));
+		return NT_STATUS_WRONG_PASSWORD;
+	}
+	
+	if (lm_response->length < 24) {
+		DEBUG(2,("ntlm_password_check: invalid LanMan password length (%lu) for user %s\n", 
+			 (unsigned long)nt_response->length, username));		
+		return NT_STATUS_WRONG_PASSWORD;
+	}
+		
+	if (!lanman_auth) {
+		DEBUG(3,("ntlm_password_check: Lanman passwords NOT PERMITTED for user %s\n",
+			 username));
+	} else if (!stored_lanman) {
+		DEBUG(3,("ntlm_password_check: NO LanMan password set for user %s (and no NT password supplied)\n",
+			 username));
+	} else if (strchr_m(username, '@')) {
+		DEBUG(3,("ntlm_password_check: NO LanMan password allowed for username@realm logins (user: %s)\n",
+			 username));
+	} else {
+		DEBUG(4,("ntlm_password_check: Checking LM password\n"));
+		if (smb_pwd_check_ntlmv1(mem_ctx,
+					 lm_response, 
+					 stored_lanman->hash, challenge,
+					 NULL)) {
+			/* The session key for this response is still very odd.  
+			   It not very secure, so use it only if we otherwise 
+			   allow LM authentication */
+
+			if (lanman_auth && stored_lanman) {
+				uint8_t first_8_lm_hash[16];
+				memcpy(first_8_lm_hash, stored_lanman->hash, 8);
+				memset(first_8_lm_hash + 8, '\0', 8);
+				*user_sess_key = data_blob_talloc(mem_ctx, first_8_lm_hash, 16);
+				*lm_sess_key = data_blob_talloc(mem_ctx, stored_lanman->hash, 8);
+			}
+			return NT_STATUS_OK;
+		}
+	}
+	
+	if (!stored_nt) {
+		DEBUG(4,("ntlm_password_check: LM password check failed for user, no NT password %s\n",username));
+		return NT_STATUS_WRONG_PASSWORD;
+	}
+	
+	/* This is for 'LMv2' authentication.  almost NTLMv2 but limited to 24 bytes.
+	   - related to Win9X, legacy NAS pass-though authentication
+	*/
+	DEBUG(4,("ntlm_password_check: Checking LMv2 password with domain %s\n", client_domain));
+	if (smb_pwd_check_ntlmv2(mem_ctx,
+				 lm_response, 
+				 stored_nt->hash, challenge, 
+				 client_username,
+				 client_domain,
+				 false,
+				 &tmp_sess_key)) {
+		if (nt_response->length > 24) {
+			/* If NTLMv2 authentication has preceeded us
+			 * (even if it failed), then use the session
+			 * key from that.  See the RPC-SAMLOGON
+			 * torture test */
+			smb_sess_key_ntlmv2(mem_ctx,
+					    nt_response, 
+					    stored_nt->hash, challenge, 
+					    client_username,
+					    client_domain,
+					    false,
+					    user_sess_key);
+		} else {
+			/* Otherwise, use the LMv2 session key */
+			*user_sess_key = tmp_sess_key;
+		}
+		*lm_sess_key = *user_sess_key;
+		if (user_sess_key->length) {
+			lm_sess_key->length = 8;
+		}
+		return NT_STATUS_OK;
+	}
+	
+	DEBUG(4,("ntlm_password_check: Checking LMv2 password with upper-cased version of domain %s\n", client_domain));
+	if (smb_pwd_check_ntlmv2(mem_ctx,
+				 lm_response, 
+				 stored_nt->hash, challenge, 
+				 client_username,
+				 client_domain,
+				 true,
+				 &tmp_sess_key)) {
+		if (nt_response->length > 24) {
+			/* If NTLMv2 authentication has preceeded us
+			 * (even if it failed), then use the session
+			 * key from that.  See the RPC-SAMLOGON
+			 * torture test */
+			smb_sess_key_ntlmv2(mem_ctx,
+					    nt_response, 
+					    stored_nt->hash, challenge, 
+					    client_username,
+					    client_domain,
+					    true,
+					    user_sess_key);
+		} else {
+			/* Otherwise, use the LMv2 session key */
+			*user_sess_key = tmp_sess_key;
+		}
+		*lm_sess_key = *user_sess_key;
+		if (user_sess_key->length) {
+			lm_sess_key->length = 8;
+		}
+		return NT_STATUS_OK;
+	}
+	
+	DEBUG(4,("ntlm_password_check: Checking LMv2 password without a domain\n"));
+	if (smb_pwd_check_ntlmv2(mem_ctx,
+				 lm_response, 
+				 stored_nt->hash, challenge, 
+				 client_username,
+				 "",
+				 false,
+				 &tmp_sess_key)) {
+		if (nt_response->length > 24) {
+			/* If NTLMv2 authentication has preceeded us
+			 * (even if it failed), then use the session
+			 * key from that.  See the RPC-SAMLOGON
+			 * torture test */
+			smb_sess_key_ntlmv2(mem_ctx,
+					    nt_response, 
+					    stored_nt->hash, challenge, 
+					    client_username,
+					    "",
+					    false,
+					    user_sess_key);
+		} else {
+			/* Otherwise, use the LMv2 session key */
+			*user_sess_key = tmp_sess_key;
+		}
+		*lm_sess_key = *user_sess_key;
+		if (user_sess_key->length) {
+			lm_sess_key->length = 8;
+		}
+		return NT_STATUS_OK;
+	}
+
+	/* Apparently NT accepts NT responses in the LM field
+	   - I think this is related to Win9X pass-though authentication
+	*/
+	DEBUG(4,("ntlm_password_check: Checking NT MD4 password in LM field\n"));
+	if (ntlm_auth) {
+		if (smb_pwd_check_ntlmv1(mem_ctx, 
+					 lm_response, 
+					 stored_nt->hash, challenge,
+					 NULL)) {
+			/* The session key for this response is still very odd.  
+			   It not very secure, so use it only if we otherwise 
+			   allow LM authentication */
+
+			if (lanman_auth && stored_lanman) {
+				uint8_t first_8_lm_hash[16];
+				memcpy(first_8_lm_hash, stored_lanman->hash, 8);
+				memset(first_8_lm_hash + 8, '\0', 8);
+				*user_sess_key = data_blob_talloc(mem_ctx, first_8_lm_hash, 16);
+				*lm_sess_key = data_blob_talloc(mem_ctx, stored_lanman->hash, 8);
+			}
+			return NT_STATUS_OK;
+		}
+		DEBUG(3,("ntlm_password_check: LM password, NT MD4 password in LM field and LMv2 failed for user %s\n",username));
+	} else {
+		DEBUG(3,("ntlm_password_check: LM password and LMv2 failed for user %s, and NT MD4 password in LM field not permitted\n",username));
+	}
+
+	/* Try and match error codes */
+	if (strchr_m(username, '@')) {
+		return NT_STATUS_NOT_FOUND;
+	}
+	return NT_STATUS_WRONG_PASSWORD;
+}
+
diff --git a/libcli/auth/session.c b/libcli/auth/session.c
new file mode 100644
index 00000000000..10c728662db
--- /dev/null
+++ b/libcli/auth/session.c
@@ -0,0 +1,218 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   code to encrypt/decrypt data using the user session key
+
+   Copyright (C) Andrew Tridgell 2004
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "libcli/auth/libcli_auth.h"
+
+/*
+  encrypt or decrypt a blob of data using the user session key
+  as used in lsa_SetSecret
+
+  before calling, the out blob must be initialised to be the same size
+  as the in blob
+*/
+void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key,
+		     bool forward)
+{
+	int i, k;
+
+	for (i=0,k=0;
+	     i<in->length;
+	     i += 8, k += 7) {
+		uint8_t bin[8], bout[8], key[7];
+
+		memset(bin, 0, 8);
+		memcpy(bin,  &in->data[i], MIN(8, in->length-i));
+
+		if (k + 7 > session_key->length) {
+			k = (session_key->length - k);
+		}
+		memcpy(key, &session_key->data[k], 7);
+
+		des_crypt56(bout, bin, key, forward?1:0);
+
+		memcpy(&out->data[i], bout, MIN(8, in->length-i));
+	}
+}
+
+
+/*
+  a convenient wrapper around sess_crypt_blob() for strings, using the LSA convention
+
+  note that we round the length to a multiple of 8. This seems to be needed for 
+  compatibility with windows
+
+  caller should free using data_blob_free()
+*/
+DATA_BLOB sess_encrypt_string(const char *str, const DATA_BLOB *session_key)
+{
+	DATA_BLOB ret, src;
+	int slen = strlen(str);
+	int dlen = (slen+7) & ~7;
+
+	src = data_blob(NULL, 8+dlen);
+	if (!src.data) {
+		return data_blob(NULL, 0);
+	}
+
+	ret = data_blob(NULL, 8+dlen);
+	if (!ret.data) {
+		data_blob_free(&src);
+		return data_blob(NULL, 0);
+	}
+
+	SIVAL(src.data, 0, slen);
+	SIVAL(src.data, 4, 1);
+	memset(src.data+8, 0,   dlen);
+	memcpy(src.data+8, str, slen);
+
+	sess_crypt_blob(&ret, &src, session_key, true);
+	
+	data_blob_free(&src);
+
+	return ret;
+}
+
+/*
+  a convenient wrapper around sess_crypt_blob() for strings, using the LSA convention
+
+  caller should free the returned string
+*/
+char *sess_decrypt_string(TALLOC_CTX *mem_ctx, 
+			  DATA_BLOB *blob, const DATA_BLOB *session_key)
+{
+	DATA_BLOB out;
+	int slen;
+	char *ret;
+
+	if (blob->length < 8) {
+		return NULL;
+	}
+	
+	out = data_blob_talloc(mem_ctx, NULL, blob->length);
+	if (!out.data) {
+		return NULL;
+	}
+
+	sess_crypt_blob(&out, blob, session_key, false);
+
+	if (IVAL(out.data, 4) != 1) {
+		DEBUG(0,("Unexpected revision number %d in session crypted string\n",
+			 IVAL(out.data, 4)));
+		data_blob_free(&out);
+		return NULL;
+	}
+
+	slen = IVAL(out.data, 0);
+	if (slen > blob->length - 8) {
+		DEBUG(0,("Invalid crypt length %d\n", slen));
+		data_blob_free(&out);
+		return NULL;
+	}
+
+	ret = talloc_strndup(mem_ctx, (const char *)(out.data+8), slen);
+
+	data_blob_free(&out);
+
+	DEBUG(0,("decrypted string '%s' of length %d\n", ret, slen));
+
+	return ret;
+}
+
+/*
+  a convenient wrapper around sess_crypt_blob() for DATA_BLOBs, using the LSA convention
+
+  note that we round the length to a multiple of 8. This seems to be needed for 
+  compatibility with windows
+
+  caller should free using data_blob_free()
+*/
+DATA_BLOB sess_encrypt_blob(TALLOC_CTX *mem_ctx, DATA_BLOB *blob_in, const DATA_BLOB *session_key)
+{
+	DATA_BLOB ret, src;
+	int dlen = (blob_in->length+7) & ~7;
+
+	src = data_blob_talloc(mem_ctx, NULL, 8+dlen);
+	if (!src.data) {
+		return data_blob(NULL, 0);
+	}
+
+	ret = data_blob_talloc(mem_ctx, NULL, 8+dlen);
+	if (!ret.data) {
+		data_blob_free(&src);
+		return data_blob(NULL, 0);
+	}
+
+	SIVAL(src.data, 0, blob_in->length);
+	SIVAL(src.data, 4, 1);
+	memset(src.data+8, 0, dlen);
+	memcpy(src.data+8, blob_in->data, blob_in->length);
+
+	sess_crypt_blob(&ret, &src, session_key, true);
+	
+	data_blob_free(&src);
+
+	return ret;
+}
+
+/*
+  Decrypt a DATA_BLOB using the LSA convention
+*/
+NTSTATUS sess_decrypt_blob(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, const DATA_BLOB *session_key, 
+			   DATA_BLOB *ret)
+{
+	DATA_BLOB out;
+	int slen;
+
+	if (blob->length < 8) {
+		DEBUG(0, ("Unexpected length %d in session crypted secret (BLOB)\n",
+			  (int)blob->length));
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+	
+	out = data_blob_talloc(mem_ctx, NULL, blob->length);
+	if (!out.data) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	sess_crypt_blob(&out, blob, session_key, false);
+
+	if (IVAL(out.data, 4) != 1) {
+		DEBUG(2,("Unexpected revision number %d in session crypted secret (BLOB)\n",
+			 IVAL(out.data, 4)));
+		return NT_STATUS_UNKNOWN_REVISION;
+	}
+		
+	slen = IVAL(out.data, 0);
+	if (slen > blob->length - 8) {
+		DEBUG(0,("Invalid crypt length %d in session crypted secret (BLOB)\n", slen));
+		return NT_STATUS_WRONG_PASSWORD;
+	}
+
+	*ret = data_blob_talloc(mem_ctx, out.data+8, slen);
+	if (slen && !ret->data) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	data_blob_free(&out);
+
+	return NT_STATUS_OK;
+}
diff --git a/libcli/auth/smbdes.c b/libcli/auth/smbdes.c
new file mode 100644
index 00000000000..32e65e779d8
--- /dev/null
+++ b/libcli/auth/smbdes.c
@@ -0,0 +1,381 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   a partial implementation of DES designed for use in the 
+   SMB authentication protocol
+
+   Copyright (C) Andrew Tridgell 1998
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "libcli/auth/libcli_auth.h"
+
+/* NOTES: 
+
+   This code makes no attempt to be fast! In fact, it is a very
+   slow implementation 
+
+   This code is NOT a complete DES implementation. It implements only
+   the minimum necessary for SMB authentication, as used by all SMB
+   products (including every copy of Microsoft Windows95 ever sold)
+
+   In particular, it can only do a unchained forward DES pass. This
+   means it is not possible to use this code for encryption/decryption
+   of data, instead it is only useful as a "hash" algorithm.
+
+   There is no entry point into this code that allows normal DES operation.
+
+   I believe this means that this code does not come under ITAR
+   regulations but this is NOT a legal opinion. If you are concerned
+   about the applicability of ITAR regulations to this code then you
+   should confirm it for yourself (and maybe let me know if you come
+   up with a different answer to the one above)
+*/
+
+
+static const uint8_t perm1[56] = {57, 49, 41, 33, 25, 17,  9,
+			 1, 58, 50, 42, 34, 26, 18,
+			10,  2, 59, 51, 43, 35, 27,
+			19, 11,  3, 60, 52, 44, 36,
+			63, 55, 47, 39, 31, 23, 15,
+			 7, 62, 54, 46, 38, 30, 22,
+			14,  6, 61, 53, 45, 37, 29,
+			21, 13,  5, 28, 20, 12,  4};
+
+static const uint8_t perm2[48] = {14, 17, 11, 24,  1,  5,
+                         3, 28, 15,  6, 21, 10,
+                        23, 19, 12,  4, 26,  8,
+                        16,  7, 27, 20, 13,  2,
+                        41, 52, 31, 37, 47, 55,
+                        30, 40, 51, 45, 33, 48,
+                        44, 49, 39, 56, 34, 53,
+                        46, 42, 50, 36, 29, 32};
+
+static const uint8_t perm3[64] = {58, 50, 42, 34, 26, 18, 10,  2,
+			60, 52, 44, 36, 28, 20, 12,  4,
+			62, 54, 46, 38, 30, 22, 14,  6,
+			64, 56, 48, 40, 32, 24, 16,  8,
+			57, 49, 41, 33, 25, 17,  9,  1,
+			59, 51, 43, 35, 27, 19, 11,  3,
+			61, 53, 45, 37, 29, 21, 13,  5,
+			63, 55, 47, 39, 31, 23, 15,  7};
+
+static const uint8_t perm4[48] = {   32,  1,  2,  3,  4,  5,
+                            4,  5,  6,  7,  8,  9,
+                            8,  9, 10, 11, 12, 13,
+                           12, 13, 14, 15, 16, 17,
+                           16, 17, 18, 19, 20, 21,
+                           20, 21, 22, 23, 24, 25,
+                           24, 25, 26, 27, 28, 29,
+                           28, 29, 30, 31, 32,  1};
+
+static const uint8_t perm5[32] = {      16,  7, 20, 21,
+                              29, 12, 28, 17,
+                               1, 15, 23, 26,
+                               5, 18, 31, 10,
+                               2,  8, 24, 14,
+                              32, 27,  3,  9,
+                              19, 13, 30,  6,
+                              22, 11,  4, 25};
+
+
+static const uint8_t perm6[64] ={ 40,  8, 48, 16, 56, 24, 64, 32,
+                        39,  7, 47, 15, 55, 23, 63, 31,
+                        38,  6, 46, 14, 54, 22, 62, 30,
+                        37,  5, 45, 13, 53, 21, 61, 29,
+                        36,  4, 44, 12, 52, 20, 60, 28,
+                        35,  3, 43, 11, 51, 19, 59, 27,
+                        34,  2, 42, 10, 50, 18, 58, 26,
+                        33,  1, 41,  9, 49, 17, 57, 25};
+
+
+static const uint8_t sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1};
+
+static const uint8_t sbox[8][4][16] = {
+	{{14,  4, 13,  1,  2, 15, 11,  8,  3, 10,  6, 12,  5,  9,  0,  7},
+	 {0, 15,  7,  4, 14,  2, 13,  1, 10,  6, 12, 11,  9,  5,  3,  8},
+	 {4,  1, 14,  8, 13,  6,  2, 11, 15, 12,  9,  7,  3, 10,  5,  0},
+	 {15, 12,  8,  2,  4,  9,  1,  7,  5, 11,  3, 14, 10,  0,  6, 13}},
+
+	{{15,  1,  8, 14,  6, 11,  3,  4,  9,  7,  2, 13, 12,  0,  5, 10},
+	 {3, 13,  4,  7, 15,  2,  8, 14, 12,  0,  1, 10,  6,  9, 11,  5},
+	 {0, 14,  7, 11, 10,  4, 13,  1,  5,  8, 12,  6,  9,  3,  2, 15},
+	 {13,  8, 10,  1,  3, 15,  4,  2, 11,  6,  7, 12,  0,  5, 14,  9}},
+
+	{{10,  0,  9, 14,  6,  3, 15,  5,  1, 13, 12,  7, 11,  4,  2,  8},
+	 {13,  7,  0,  9,  3,  4,  6, 10,  2,  8,  5, 14, 12, 11, 15,  1},
+	 {13,  6,  4,  9,  8, 15,  3,  0, 11,  1,  2, 12,  5, 10, 14,  7},
+	 {1, 10, 13,  0,  6,  9,  8,  7,  4, 15, 14,  3, 11,  5,  2, 12}},
+
+	{{7, 13, 14,  3,  0,  6,  9, 10,  1,  2,  8,  5, 11, 12,  4, 15},
+	 {13,  8, 11,  5,  6, 15,  0,  3,  4,  7,  2, 12,  1, 10, 14,  9},
+	 {10,  6,  9,  0, 12, 11,  7, 13, 15,  1,  3, 14,  5,  2,  8,  4},
+	 {3, 15,  0,  6, 10,  1, 13,  8,  9,  4,  5, 11, 12,  7,  2, 14}},
+
+	{{2, 12,  4,  1,  7, 10, 11,  6,  8,  5,  3, 15, 13,  0, 14,  9},
+	 {14, 11,  2, 12,  4,  7, 13,  1,  5,  0, 15, 10,  3,  9,  8,  6},
+	 {4,  2,  1, 11, 10, 13,  7,  8, 15,  9, 12,  5,  6,  3,  0, 14},
+	 {11,  8, 12,  7,  1, 14,  2, 13,  6, 15,  0,  9, 10,  4,  5,  3}},
+
+	{{12,  1, 10, 15,  9,  2,  6,  8,  0, 13,  3,  4, 14,  7,  5, 11},
+	 {10, 15,  4,  2,  7, 12,  9,  5,  6,  1, 13, 14,  0, 11,  3,  8},
+	 {9, 14, 15,  5,  2,  8, 12,  3,  7,  0,  4, 10,  1, 13, 11,  6},
+	 {4,  3,  2, 12,  9,  5, 15, 10, 11, 14,  1,  7,  6,  0,  8, 13}},
+
+	{{4, 11,  2, 14, 15,  0,  8, 13,  3, 12,  9,  7,  5, 10,  6,  1},
+	 {13,  0, 11,  7,  4,  9,  1, 10, 14,  3,  5, 12,  2, 15,  8,  6},
+	 {1,  4, 11, 13, 12,  3,  7, 14, 10, 15,  6,  8,  0,  5,  9,  2},
+	 {6, 11, 13,  8,  1,  4, 10,  7,  9,  5,  0, 15, 14,  2,  3, 12}},
+
+	{{13,  2,  8,  4,  6, 15, 11,  1, 10,  9,  3, 14,  5,  0, 12,  7},
+	 {1, 15, 13,  8, 10,  3,  7,  4, 12,  5,  6, 11,  0, 14,  9,  2},
+	 {7, 11,  4,  1,  9, 12, 14,  2,  0,  6, 10, 13, 15,  3,  5,  8},
+	 {2,  1, 14,  7,  4, 10,  8, 13, 15, 12,  9,  0,  3,  5,  6, 11}}};
+
+static void permute(char *out, const char *in, const uint8_t *p, int n)
+{
+	int i;
+	for (i=0;i<n;i++)
+		out[i] = in[p[i]-1];
+}
+
+static void lshift(char *d, int count, int n)
+{
+	char out[64];
+	int i;
+	for (i=0;i<n;i++)
+		out[i] = d[(i+count)%n];
+	for (i=0;i<n;i++)
+		d[i] = out[i];
+}
+
+static void concat(char *out, char *in1, char *in2, int l1, int l2)
+{
+	while (l1--)
+		*out++ = *in1++;
+	while (l2--)
+		*out++ = *in2++;
+}
+
+static void xor(char *out, char *in1, char *in2, int n)
+{
+	int i;
+	for (i=0;i<n;i++)
+		out[i] = in1[i] ^ in2[i];
+}
+
+static void dohash(char *out, char *in, char *key, int forw)
+{
+	int i, j, k;
+	char pk1[56];
+	char c[28];
+	char d[28];
+	char cd[56];
+	char ki[16][48];
+	char pd1[64];
+	char l[32], r[32];
+	char rl[64];
+
+	permute(pk1, key, perm1, 56);
+
+	for (i=0;i<28;i++)
+		c[i] = pk1[i];
+	for (i=0;i<28;i++)
+		d[i] = pk1[i+28];
+
+	for (i=0;i<16;i++) {
+		lshift(c, sc[i], 28);
+		lshift(d, sc[i], 28);
+
+		concat(cd, c, d, 28, 28); 
+		permute(ki[i], cd, perm2, 48); 
+	}
+
+	permute(pd1, in, perm3, 64);
+
+	for (j=0;j<32;j++) {
+		l[j] = pd1[j];
+		r[j] = pd1[j+32];
+	}
+
+	for (i=0;i<16;i++) {
+		char er[48];
+		char erk[48];
+		char b[8][6];
+		char cb[32];
+		char pcb[32];
+		char r2[32];
+
+		permute(er, r, perm4, 48);
+
+		xor(erk, er, ki[forw ? i : 15 - i], 48);
+
+		for (j=0;j<8;j++)
+			for (k=0;k<6;k++)
+				b[j][k] = erk[j*6 + k];
+
+		for (j=0;j<8;j++) {
+			int m, n;
+			m = (b[j][0]<<1) | b[j][5];
+
+			n = (b[j][1]<<3) | (b[j][2]<<2) | (b[j][3]<<1) | b[j][4]; 
+
+			for (k=0;k<4;k++) 
+				b[j][k] = (sbox[j][m][n] & (1<<(3-k)))?1:0; 
+		}
+
+		for (j=0;j<8;j++)
+			for (k=0;k<4;k++)
+				cb[j*4+k] = b[j][k];
+		permute(pcb, cb, perm5, 32);
+
+		xor(r2, l, pcb, 32);
+
+		for (j=0;j<32;j++)
+			l[j] = r[j];
+
+		for (j=0;j<32;j++)
+			r[j] = r2[j];
+	}
+
+	concat(rl, r, l, 32, 32);
+
+	permute(out, rl, perm6, 64);
+}
+
+static void str_to_key(const uint8_t *str,uint8_t *key)
+{
+	int i;
+
+	key[0] = str[0]>>1;
+	key[1] = ((str[0]&0x01)<<6) | (str[1]>>2);
+	key[2] = ((str[1]&0x03)<<5) | (str[2]>>3);
+	key[3] = ((str[2]&0x07)<<4) | (str[3]>>4);
+	key[4] = ((str[3]&0x0F)<<3) | (str[4]>>5);
+	key[5] = ((str[4]&0x1F)<<2) | (str[5]>>6);
+	key[6] = ((str[5]&0x3F)<<1) | (str[6]>>7);
+	key[7] = str[6]&0x7F;
+	for (i=0;i<8;i++) {
+		key[i] = (key[i]<<1);
+	}
+}
+
+/*
+  basic des crypt using a 56 bit (7 byte) key
+*/
+void des_crypt56(uint8_t out[8], const uint8_t in[8], const uint8_t key[7], int forw)
+{
+	int i;
+	char outb[64];
+	char inb[64];
+	char keyb[64];
+	uint8_t key2[8];
+
+	str_to_key(key, key2);
+
+	for (i=0;i<64;i++) {
+		inb[i] = (in[i/8] & (1<<(7-(i%8)))) ? 1 : 0;
+		keyb[i] = (key2[i/8] & (1<<(7-(i%8)))) ? 1 : 0;
+		outb[i] = 0;
+	}
+
+	dohash(outb, inb, keyb, forw);
+
+	for (i=0;i<8;i++) {
+		out[i] = 0;
+	}
+
+	for (i=0;i<64;i++) {
+		if (outb[i])
+			out[i/8] |= (1<<(7-(i%8)));
+	}
+}
+
+void E_P16(const uint8_t *p14,uint8_t *p16)
+{
+	const uint8_t sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
+	des_crypt56(p16, sp8, p14, 1);
+	des_crypt56(p16+8, sp8, p14+7, 1);
+}
+
+void E_P24(const uint8_t *p21, const uint8_t *c8, uint8_t *p24)
+{
+	des_crypt56(p24, c8, p21, 1);
+	des_crypt56(p24+8, c8, p21+7, 1);
+	des_crypt56(p24+16, c8, p21+14, 1);
+}
+
+void D_P16(const uint8_t *p14, const uint8_t *in, uint8_t *out)
+{
+	des_crypt56(out, in, p14, 0);
+        des_crypt56(out+8, in+8, p14+7, 0);
+}
+
+void E_old_pw_hash( uint8_t *p14, const uint8_t *in, uint8_t *out)
+{
+        des_crypt56(out, in, p14, 1);
+        des_crypt56(out+8, in+8, p14+7, 1);
+}
+
+/* des encryption with a 128 bit key */
+void des_crypt128(uint8_t out[8], const uint8_t in[8], const uint8_t key[16])
+{
+	uint8_t buf[8];
+	des_crypt56(buf, in, key, 1);
+	des_crypt56(out, buf, key+9, 1);
+}
+
+/* des encryption with a 64 bit key */
+void des_crypt64(uint8_t out[8], const uint8_t in[8], const uint8_t key[8], int forw)
+{
+	uint8_t buf[8];
+	uint8_t key2[8];
+	ZERO_STRUCT(key2);
+	des_crypt56(buf, in, key, forw);
+	key2[0] = key[7];
+	des_crypt56(out, buf, key2, forw);
+}
+
+/* des encryption with a 112 bit (14 byte) key */
+void des_crypt112(uint8_t out[8], const uint8_t in[8], const uint8_t key[14], int forw)
+{
+	uint8_t buf[8];
+	des_crypt56(buf, in, key, forw);
+	des_crypt56(out, buf, key+7, forw);
+}
+
+/* des encryption of a 16 byte lump of data with a 112 bit key */
+void des_crypt112_16(uint8_t out[16], uint8_t in[16], const uint8_t key[14], int forw)
+{
+        des_crypt56(out, in, key, forw);
+        des_crypt56(out + 8, in + 8, key+7, forw);
+}
+
+/* Decode a sam password hash into a password.  The password hash is the
+   same method used to store passwords in the NT registry.  The DES key
+   used is based on the RID of the user. */
+void sam_rid_crypt(uint_t rid, const uint8_t *in, uint8_t *out, int forw)
+{
+	uint8_t s[14];
+
+	s[0] = s[4] = s[8] = s[12] = (uint8_t)(rid & 0xFF);
+	s[1] = s[5] = s[9] = s[13] = (uint8_t)((rid >> 8) & 0xFF);
+	s[2] = s[6] = s[10]        = (uint8_t)((rid >> 16) & 0xFF);
+	s[3] = s[7] = s[11]        = (uint8_t)((rid >> 24) & 0xFF);
+
+	des_crypt56(out, in, s, forw);
+	des_crypt56(out+8, in+8, s+7, forw);
+}
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
new file mode 100644
index 00000000000..c6118c6568f
--- /dev/null
+++ b/libcli/auth/smbencrypt.c
@@ -0,0 +1,595 @@
+/* 
+   Unix SMB/CIFS implementation.
+   SMB parameters and setup
+   Copyright (C) Andrew Tridgell 1992-1998
+   Modified by Jeremy Allison 1995.
+   Copyright (C) Jeremy Allison 1995-2000.
+   Copyright (C) Luke Kennethc Casson Leighton 1996-2000.
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "system/time.h"
+#include "auth/ntlmssp/ntlmssp.h"
+#include "auth/ntlmssp/msrpc_parse.h"
+#include "../lib/crypto/crypto.h"
+#include "libcli/auth/libcli_auth.h"
+
+/*
+   This implements the X/Open SMB password encryption
+   It takes a password ('unix' string), a 8 byte "crypt key" 
+   and puts 24 bytes of encrypted password into p24 
+
+   Returns false if password must have been truncated to create LM hash
+*/
+bool SMBencrypt(const char *passwd, const uint8_t *c8, uint8_t p24[24])
+{
+	bool ret;
+	uint8_t p21[21];
+
+	memset(p21,'\0',21);
+	ret = E_deshash(passwd, p21); 
+
+	SMBOWFencrypt(p21, c8, p24);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100,("SMBencrypt: lm#, challenge, response\n"));
+	dump_data(100, p21, 16);
+	dump_data(100, c8, 8);
+	dump_data(100, p24, 24);
+#endif
+
+	return ret;
+}
+
+/**
+ * Creates the MD4 Hash of the users password in NT UNICODE.
+ * @param passwd password in 'unix' charset.
+ * @param p16 return password hashed with md4, caller allocated 16 byte buffer
+ */
+ 
+bool E_md4hash(const char *passwd, uint8_t p16[16])
+{
+	size_t len;
+	smb_ucs2_t *wpwd;
+	bool ret;
+
+	ret = push_ucs2_talloc(NULL, &wpwd, passwd, &len);
+	if (!ret || len < 2) {
+		/* We don't want to return fixed data, as most callers
+		 * don't check */
+		mdfour(p16, (const uint8_t *)passwd, strlen(passwd));
+		return false;
+	}
+	
+	len -= 2;
+	mdfour(p16, (const uint8_t *)wpwd, len);
+
+	talloc_free(wpwd);
+	return true;
+}
+
+/**
+ * Creates the DES forward-only Hash of the users password in DOS ASCII charset
+ * @param passwd password in 'unix' charset.
+ * @param p16 return password hashed with DES, caller allocated 16 byte buffer
+ * @return false if password was > 14 characters, and therefore may be incorrect, otherwise true
+ * @note p16 is filled in regardless
+ */
+ 
+bool E_deshash(const char *passwd, uint8_t p16[16])
+{
+	bool ret = true;
+	char dospwd[256];
+	ZERO_STRUCT(dospwd);
+
+	/* Password must be converted to DOS charset - null terminated, uppercase. */
+	push_string(dospwd, passwd, sizeof(dospwd), STR_ASCII|STR_UPPER|STR_TERMINATE);
+
+	/* Only the first 14 chars are considered, password need not be null terminated. */
+	E_P16((const uint8_t *)dospwd, p16);
+
+	if (strlen(dospwd) > 14) {
+		ret = false;
+	}
+
+	ZERO_STRUCT(dospwd);	
+
+	return ret;
+}
+
+/* Does both the NTLMv2 owfs of a user's password */
+bool ntv2_owf_gen(const uint8_t owf[16],
+		  const char *user_in, const char *domain_in,
+		  bool upper_case_domain, /* Transform the domain into UPPER case */
+		  uint8_t kr_buf[16])
+{
+	smb_ucs2_t *user;
+	smb_ucs2_t *domain;	
+	size_t user_byte_len;
+	size_t domain_byte_len;
+	bool ret;
+
+	HMACMD5Context ctx;
+	TALLOC_CTX *mem_ctx = talloc_init("ntv2_owf_gen for %s\\%s", domain_in, user_in); 
+
+	if (!mem_ctx) {
+		return false;
+	}
+
+	if (!user_in) {
+		user_in = "";
+	}
+
+	if (!domain_in) {
+		domain_in = "";
+	}
+
+	user_in = strupper_talloc(mem_ctx, user_in);
+	if (user_in == NULL) {
+		talloc_free(mem_ctx);
+		return false;
+	}
+
+	if (upper_case_domain) {
+		domain_in = strupper_talloc(mem_ctx, domain_in);
+		if (domain_in == NULL) {
+			talloc_free(mem_ctx);
+			return false;
+		}
+	}
+
+	ret = push_ucs2_talloc(mem_ctx, &user, user_in, &user_byte_len );
+	if (!ret) {
+		DEBUG(0, ("push_uss2_talloc() for user returned -1 (probably talloc() failure)\n"));
+		talloc_free(mem_ctx);
+		return false;
+	}
+
+	ret = push_ucs2_talloc(mem_ctx, &domain, domain_in, &domain_byte_len);
+	if (!ret) {
+		DEBUG(0, ("push_ucs2_talloc() for domain returned -1 (probably talloc() failure)\n"));
+		talloc_free(mem_ctx);
+		return false;
+	}
+
+	SMB_ASSERT(user_byte_len >= 2);
+	SMB_ASSERT(domain_byte_len >= 2);
+
+	/* We don't want null termination */
+	user_byte_len = user_byte_len - 2;
+	domain_byte_len = domain_byte_len - 2;
+	
+	hmac_md5_init_limK_to_64(owf, 16, &ctx);
+	hmac_md5_update((const void *)user, user_byte_len, &ctx);
+	hmac_md5_update((const void *)domain, domain_byte_len, &ctx);
+	hmac_md5_final(kr_buf, &ctx);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100, ("ntv2_owf_gen: user, domain, owfkey, kr\n"));
+	dump_data(100, (const void *)user, user_byte_len);
+	dump_data(100, (const void *)domain, domain_byte_len);
+	dump_data(100, owf, 16);
+	dump_data(100, kr_buf, 16);
+#endif
+
+	talloc_free(mem_ctx);
+	return true;
+}
+
+/* Does the des encryption from the NT or LM MD4 hash. */
+void SMBOWFencrypt(const uint8_t passwd[16], const uint8_t *c8, uint8_t p24[24])
+{
+	uint8_t p21[21];
+
+	ZERO_STRUCT(p21);
+ 
+	memcpy(p21, passwd, 16);    
+	E_P24(p21, c8, p24);
+}
+
+/* Does the NT MD4 hash then des encryption. */
+ 
+void SMBNTencrypt(const char *passwd, uint8_t *c8, uint8_t *p24)
+{
+	uint8_t p21[21];
+ 
+	memset(p21,'\0',21);
+ 
+	E_md4hash(passwd, p21);    
+	SMBOWFencrypt(p21, c8, p24);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100,("SMBNTencrypt: nt#, challenge, response\n"));
+	dump_data(100, p21, 16);
+	dump_data(100, c8, 8);
+	dump_data(100, p24, 24);
+#endif
+}
+
+/* Does the md5 encryption from the Key Response for NTLMv2. */
+void SMBOWFencrypt_ntv2(const uint8_t kr[16],
+			const DATA_BLOB *srv_chal,
+			const DATA_BLOB *smbcli_chal,
+			uint8_t resp_buf[16])
+{
+	HMACMD5Context ctx;
+
+	hmac_md5_init_limK_to_64(kr, 16, &ctx);
+	hmac_md5_update(srv_chal->data, srv_chal->length, &ctx);
+	hmac_md5_update(smbcli_chal->data, smbcli_chal->length, &ctx);
+	hmac_md5_final(resp_buf, &ctx);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100, ("SMBOWFencrypt_ntv2: srv_chal, smbcli_chal, resp_buf\n"));
+	dump_data(100, srv_chal->data, srv_chal->length);
+	dump_data(100, smbcli_chal->data, smbcli_chal->length);
+	dump_data(100, resp_buf, 16);
+#endif
+}
+
+void SMBsesskeygen_ntv2(const uint8_t kr[16],
+			const uint8_t * nt_resp, uint8_t sess_key[16])
+{
+	/* a very nice, 128 bit, variable session key */
+	
+	HMACMD5Context ctx;
+
+	hmac_md5_init_limK_to_64(kr, 16, &ctx);
+	hmac_md5_update(nt_resp, 16, &ctx);
+	hmac_md5_final((uint8_t *)sess_key, &ctx);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100, ("SMBsesskeygen_ntv2:\n"));
+	dump_data(100, sess_key, 16);
+#endif
+}
+
+void SMBsesskeygen_ntv1(const uint8_t kr[16], uint8_t sess_key[16])
+{
+	/* yes, this session key does not change - yes, this 
+	   is a problem - but it is 128 bits */
+	
+	mdfour((uint8_t *)sess_key, kr, 16);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100, ("SMBsesskeygen_ntv1:\n"));
+	dump_data(100, sess_key, 16);
+#endif
+}
+
+void SMBsesskeygen_lm_sess_key(const uint8_t lm_hash[16],
+			       const uint8_t lm_resp[24], /* only uses 8 */ 
+			       uint8_t sess_key[16])
+{
+	/* Calculate the LM session key (effective length 40 bits,
+	   but changes with each session) */
+	uint8_t p24[24];
+	uint8_t partial_lm_hash[14];
+ 
+	memcpy(partial_lm_hash, lm_hash, 8);    
+	memset(partial_lm_hash + 8, 0xbd, 6);
+
+	des_crypt56(p24,   lm_resp, partial_lm_hash,     1);
+	des_crypt56(p24+8, lm_resp, partial_lm_hash + 7, 1);
+
+	memcpy(sess_key, p24, 16);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100, ("SMBsesskeygen_lm_sess_key: \n"));
+	dump_data(100, sess_key, 16);
+#endif
+}
+
+DATA_BLOB NTLMv2_generate_names_blob(TALLOC_CTX *mem_ctx, 
+				     const char *hostname, 
+				     const char *domain)
+{
+	DATA_BLOB names_blob = data_blob_talloc(mem_ctx, NULL, 0);
+	
+	msrpc_gen(mem_ctx, &names_blob, 
+		  "aaa", 
+		  NTLMSSP_NAME_TYPE_DOMAIN, domain,
+		  NTLMSSP_NAME_TYPE_SERVER, hostname,
+		  0, "");
+	return names_blob;
+}
+
+static DATA_BLOB NTLMv2_generate_client_data(TALLOC_CTX *mem_ctx, const DATA_BLOB *names_blob) 
+{
+	uint8_t client_chal[8];
+	DATA_BLOB response = data_blob(NULL, 0);
+	uint8_t long_date[8];
+	NTTIME nttime;
+
+	unix_to_nt_time(&nttime, time(NULL));
+
+	generate_random_buffer(client_chal, sizeof(client_chal));
+
+	push_nttime(long_date, 0, nttime);
+
+	/* See http://www.ubiqx.org/cifs/SMB.html#SMB.8.5 */
+
+	msrpc_gen(mem_ctx, &response, "ddbbdb", 
+		  0x00000101,     /* Header  */
+		  0,              /* 'Reserved'  */
+		  long_date, 8,	  /* Timestamp */
+		  client_chal, 8, /* client challenge */
+		  0,		  /* Unknown */
+		  names_blob->data, names_blob->length);	/* End of name list */
+
+	return response;
+}
+
+static DATA_BLOB NTLMv2_generate_response(TALLOC_CTX *out_mem_ctx, 
+					  const uint8_t ntlm_v2_hash[16],
+					  const DATA_BLOB *server_chal,
+					  const DATA_BLOB *names_blob)
+{
+	uint8_t ntlmv2_response[16];
+	DATA_BLOB ntlmv2_client_data;
+	DATA_BLOB final_response;
+	
+	TALLOC_CTX *mem_ctx = talloc_named(out_mem_ctx, 0, 
+					   "NTLMv2_generate_response internal context");
+
+	if (!mem_ctx) {
+		return data_blob(NULL, 0);
+	}
+	
+	/* NTLMv2 */
+	/* generate some data to pass into the response function - including
+	   the hostname and domain name of the server */
+	ntlmv2_client_data = NTLMv2_generate_client_data(mem_ctx, names_blob);
+
+	/* Given that data, and the challenge from the server, generate a response */
+	SMBOWFencrypt_ntv2(ntlm_v2_hash, server_chal, &ntlmv2_client_data, ntlmv2_response);
+	
+	final_response = data_blob_talloc(out_mem_ctx, NULL, sizeof(ntlmv2_response) + ntlmv2_client_data.length);
+
+	memcpy(final_response.data, ntlmv2_response, sizeof(ntlmv2_response));
+
+	memcpy(final_response.data+sizeof(ntlmv2_response), 
+	       ntlmv2_client_data.data, ntlmv2_client_data.length);
+
+	talloc_free(mem_ctx);
+
+	return final_response;
+}
+
+static DATA_BLOB LMv2_generate_response(TALLOC_CTX *mem_ctx, 
+					const uint8_t ntlm_v2_hash[16],
+					const DATA_BLOB *server_chal)
+{
+	uint8_t lmv2_response[16];
+	DATA_BLOB lmv2_client_data = data_blob_talloc(mem_ctx, NULL, 8);
+	DATA_BLOB final_response = data_blob_talloc(mem_ctx, NULL,24);
+	
+	/* LMv2 */
+	/* client-supplied random data */
+	generate_random_buffer(lmv2_client_data.data, lmv2_client_data.length);	
+
+	/* Given that data, and the challenge from the server, generate a response */
+	SMBOWFencrypt_ntv2(ntlm_v2_hash, server_chal, &lmv2_client_data, lmv2_response);
+	memcpy(final_response.data, lmv2_response, sizeof(lmv2_response));
+
+	/* after the first 16 bytes is the random data we generated above, 
+	   so the server can verify us with it */
+	memcpy(final_response.data+sizeof(lmv2_response), 
+	       lmv2_client_data.data, lmv2_client_data.length);
+
+	data_blob_free(&lmv2_client_data);
+
+	return final_response;
+}
+
+bool SMBNTLMv2encrypt_hash(TALLOC_CTX *mem_ctx, 
+			   const char *user, const char *domain, const uint8_t nt_hash[16],
+			   const DATA_BLOB *server_chal, 
+			   const DATA_BLOB *names_blob,
+			   DATA_BLOB *lm_response, DATA_BLOB *nt_response, 
+			   DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key) 
+{
+	uint8_t ntlm_v2_hash[16];
+
+	/* We don't use the NT# directly.  Instead we use it mashed up with
+	   the username and domain.
+	   This prevents username swapping during the auth exchange
+	*/
+	if (!ntv2_owf_gen(nt_hash, user, domain, true, ntlm_v2_hash)) {
+		return false;
+	}
+	
+	if (nt_response) {
+		*nt_response = NTLMv2_generate_response(mem_ctx, 
+							ntlm_v2_hash, server_chal,
+							names_blob); 
+		if (user_session_key) {
+			*user_session_key = data_blob_talloc(mem_ctx, NULL, 16);
+			
+			/* The NTLMv2 calculations also provide a session key, for signing etc later */
+			/* use only the first 16 bytes of nt_response for session key */
+			SMBsesskeygen_ntv2(ntlm_v2_hash, nt_response->data, user_session_key->data);
+		}
+	}
+	
+	/* LMv2 */
+	
+	if (lm_response) {
+		*lm_response = LMv2_generate_response(mem_ctx, 
+						      ntlm_v2_hash, server_chal);
+		if (lm_session_key) {
+			*lm_session_key = data_blob_talloc(mem_ctx, NULL, 16);
+			
+			/* The NTLMv2 calculations also provide a session key, for signing etc later */
+			/* use only the first 16 bytes of lm_response for session key */
+			SMBsesskeygen_ntv2(ntlm_v2_hash, lm_response->data, lm_session_key->data);
+		}
+	}
+	
+	return true;
+}
+
+bool SMBNTLMv2encrypt(TALLOC_CTX *mem_ctx, 
+		      const char *user, const char *domain, 
+		      const char *password, 
+		      const DATA_BLOB *server_chal, 
+		      const DATA_BLOB *names_blob,
+		      DATA_BLOB *lm_response, DATA_BLOB *nt_response, 
+		      DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key) 
+{
+	uint8_t nt_hash[16];
+	E_md4hash(password, nt_hash);
+
+	return SMBNTLMv2encrypt_hash(mem_ctx, 
+				     user, domain, nt_hash, server_chal, names_blob,
+				     lm_response, nt_response, lm_session_key, user_session_key);
+}
+
+/***********************************************************
+ encode a password buffer with a unicode password.  The buffer
+ is filled with random data to make it harder to attack.
+************************************************************/
+bool encode_pw_buffer(uint8_t buffer[516], const char *password, int string_flags)
+{
+	uint8_t new_pw[512];
+	size_t new_pw_len;
+
+	/* the incoming buffer can be any alignment. */
+	string_flags |= STR_NOALIGN;
+
+	new_pw_len = push_string(new_pw,
+				 password, 
+				 sizeof(new_pw), string_flags);
+	
+	memcpy(&buffer[512 - new_pw_len], new_pw, new_pw_len);
+
+	generate_random_buffer(buffer, 512 - new_pw_len);
+
+	/* 
+	 * The length of the new password is in the last 4 bytes of
+	 * the data buffer.
+	 */
+	SIVAL(buffer, 512, new_pw_len);
+	ZERO_STRUCT(new_pw);
+	return true;
+}
+
+
+/***********************************************************
+ decode a password buffer
+ *new_pw_len is the length in bytes of the possibly mulitbyte
+ returned password including termination.
+************************************************************/
+bool decode_pw_buffer(uint8_t in_buffer[516], char *new_pwrd,
+		      int new_pwrd_size, int string_flags)
+{
+	int byte_len=0;
+	ssize_t converted_pw_len;
+
+	/* the incoming buffer can be any alignment. */
+	string_flags |= STR_NOALIGN;
+
+	/*
+	  Warning !!! : This function is called from some rpc call.
+	  The password IN the buffer may be a UNICODE string.
+	  The password IN new_pwrd is an ASCII string
+	  If you reuse that code somewhere else check first.
+	*/
+
+	/* The length of the new password is in the last 4 bytes of the data buffer. */
+
+	byte_len = IVAL(in_buffer, 512);
+
+#ifdef DEBUG_PASSWORD
+	dump_data(100, in_buffer, 516);
+#endif
+
+	/* Password cannot be longer than the size of the password buffer */
+	if ( (byte_len < 0) || (byte_len > 512)) {
+		return false;
+	}
+
+	/* decode into the return buffer.  Buffer length supplied */
+ 	converted_pw_len = pull_string(new_pwrd, &in_buffer[512 - byte_len], new_pwrd_size, 
+				  byte_len, string_flags);
+
+	if (converted_pw_len == -1) {
+		return false;
+	}
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100,("decode_pw_buffer: new_pwrd: "));
+	dump_data(100, (const uint8_t *)new_pwrd, converted_pw_len);
+	DEBUG(100,("multibyte len:%d\n", (int)converted_pw_len));
+	DEBUG(100,("original char len:%d\n", byte_len/2));
+#endif
+	
+	return true;
+}
+
+/***********************************************************
+ encode a password buffer with an already unicode password.  The
+ rest of the buffer is filled with random data to make it harder to attack.
+************************************************************/
+bool set_pw_in_buffer(uint8_t buffer[516], DATA_BLOB *password)
+{
+	if (password->length > 512) {
+		return false;
+	}
+
+	memcpy(&buffer[512 - password->length], password->data, password->length);
+
+	generate_random_buffer(buffer, 512 - password->length);
+
+	/* 
+	 * The length of the new password is in the last 4 bytes of
+	 * the data buffer.
+	 */
+	SIVAL(buffer, 512, password->length);
+	return true;
+}
+
+/***********************************************************
+ decode a password buffer
+ *new_pw_size is the length in bytes of the extracted unicode password
+************************************************************/
+bool extract_pw_from_buffer(TALLOC_CTX *mem_ctx, 
+			    uint8_t in_buffer[516], DATA_BLOB *new_pass)
+{
+	int byte_len=0;
+
+	/* The length of the new password is in the last 4 bytes of the data buffer. */
+
+	byte_len = IVAL(in_buffer, 512);
+
+#ifdef DEBUG_PASSWORD
+	dump_data(100, in_buffer, 516);
+#endif
+
+	/* Password cannot be longer than the size of the password buffer */
+	if ( (byte_len < 0) || (byte_len > 512)) {
+		return false;
+	}
+
+	*new_pass = data_blob_talloc(mem_ctx, &in_buffer[512 - byte_len], byte_len);
+
+	if (!new_pass->data) {
+		return false;
+	}
+
+	return true;
+}