From 1a239fa0bdb381fb36d8bea3e01273c505875b4e Mon Sep 17 00:00:00 2001
From: Guenther Deschner <gd@samba.org>
Date: Wed, 27 Mar 2019 17:51:04 +0100
Subject: auth:ntlmssp: Add back CRAP ndr debug output

This got lost somehow during refactoring. This is still viable
information when trying to figure out what is going wrong when
authenticating a user over NTLMSSP.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13861

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 9e92654899db3c951bee0203415a15737402e7b7)
---
 auth/ntlmssp/ntlmssp_client.c | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

(limited to 'auth')

diff --git a/auth/ntlmssp/ntlmssp_client.c b/auth/ntlmssp/ntlmssp_client.c
index ab406a2c5be..8e49dcee5ea 100644
--- a/auth/ntlmssp/ntlmssp_client.c
+++ b/auth/ntlmssp/ntlmssp_client.c
@@ -342,6 +342,22 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
 		}
 	}
 
+	if (DEBUGLEVEL >= 10) {
+		struct CHALLENGE_MESSAGE *challenge =
+			talloc(ntlmssp_state, struct CHALLENGE_MESSAGE);
+		if (challenge != NULL) {
+			NTSTATUS status;
+			challenge->NegotiateFlags = chal_flags;
+			status = ntlmssp_pull_CHALLENGE_MESSAGE(
+					&in, challenge, challenge);
+			if (NT_STATUS_IS_OK(status)) {
+				NDR_PRINT_DEBUG(CHALLENGE_MESSAGE,
+						challenge);
+			}
+			TALLOC_FREE(challenge);
+		}
+	}
+
 	if (chal_flags & NTLMSSP_TARGET_TYPE_SERVER) {
 		ntlmssp_state->server.is_standalone = true;
 	} else {
@@ -702,6 +718,22 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
 		return nt_status;
 	}
 
+	if (DEBUGLEVEL >= 10) {
+		struct AUTHENTICATE_MESSAGE *authenticate =
+			talloc(ntlmssp_state, struct AUTHENTICATE_MESSAGE);
+		if (authenticate != NULL) {
+			NTSTATUS status;
+			authenticate->NegotiateFlags = ntlmssp_state->neg_flags;
+			status = ntlmssp_pull_AUTHENTICATE_MESSAGE(
+				out, authenticate, authenticate);
+			if (NT_STATUS_IS_OK(status)) {
+				NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE,
+						authenticate);
+			}
+			TALLOC_FREE(authenticate);
+		}
+	}
+
 	/*
 	 * We always include the MIC, even without:
 	 * av_flags->Value.AvFlags |= NTLMSSP_AVFLAG_MIC_IN_AUTHENTICATE_MESSAGE;
-- 
cgit v1.2.1