Set NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY if applicable and improve code readability

2025-08-05 15:31:29 +02:00 · 2017-01-19 02:10:58 +02:00 · 2017-01-19 02:10:58 +02:00 · 29828befb4
commit 29828befb4
parent 0ee31e432b
2 changed files with 25 additions and 5 deletions
--- a/SMBLibrary/Server/SMB1/NegotiateHelper.cs
+++ b/SMBLibrary/Server/SMB1/NegotiateHelper.cs
@ -72,7 +72,15 @@ namespace SMBLibrary.Server.SMB1
        private static NegotiateMessage CreateNegotiateMessage()
        {
            NegotiateMessage negotiateMessage = new NegotiateMessage();
-            negotiateMessage.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.OEMEncoding | NegotiateFlags.Sign | NegotiateFlags.LanManagerKey | NegotiateFlags.NTLMKey | NegotiateFlags.AlwaysSign | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.Use56BitEncryption;
+            negotiateMessage.NegotiateFlags = NegotiateFlags.UnicodeEncoding |
+                                              NegotiateFlags.OEMEncoding |
+                                              NegotiateFlags.Sign |
+                                              NegotiateFlags.LanManagerKey |
+                                              NegotiateFlags.NTLMKey |
+                                              NegotiateFlags.AlwaysSign |
+                                              NegotiateFlags.Version |
+                                              NegotiateFlags.Use128BitEncryption |
+                                              NegotiateFlags.Use56BitEncryption;
            negotiateMessage.Version = Authentication.Version.Server2003;
            return negotiateMessage;
        }
--- a/SMBLibrary/Server/SMB1/SessionSetupHelper.cs
+++ b/SMBLibrary/Server/SMB1/SessionSetupHelper.cs
@ -171,13 +171,25 @@ namespace SMBLibrary.Server.SMB1
            return response;
        }

-        private static AuthenticateMessage CreateAuthenticateMessage(string accountNameToAuth, byte[] lmResponse, byte[] ntlmResponse)
+        private static AuthenticateMessage CreateAuthenticateMessage(string accountNameToAuth, byte[] lmChallengeResponse, byte[] ntChallengeResponse)
        {
            AuthenticateMessage authenticateMessage = new AuthenticateMessage();
-            authenticateMessage.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.OEMEncoding | NegotiateFlags.Sign | NegotiateFlags.LanManagerKey | NegotiateFlags.NTLMKey | NegotiateFlags.AlwaysSign | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.Use56BitEncryption;
+            authenticateMessage.NegotiateFlags = NegotiateFlags.UnicodeEncoding |
+                                                 NegotiateFlags.OEMEncoding |
+                                                 NegotiateFlags.Sign |
+                                                 NegotiateFlags.LanManagerKey |
+                                                 NegotiateFlags.NTLMKey |
+                                                 NegotiateFlags.AlwaysSign |
+                                                 NegotiateFlags.Version |
+                                                 NegotiateFlags.Use128BitEncryption |
+                                                 NegotiateFlags.Use56BitEncryption;
+            if (ntChallengeResponse.Length >= 48)
+            {
+                authenticateMessage.NegotiateFlags |= NegotiateFlags.ExtendedSecurity;
+            }
            authenticateMessage.UserName = accountNameToAuth;
-            authenticateMessage.LmChallengeResponse = lmResponse;
-            authenticateMessage.NtChallengeResponse = ntlmResponse;
+            authenticateMessage.LmChallengeResponse = lmChallengeResponse;
+            authenticateMessage.NtChallengeResponse = ntChallengeResponse;
            authenticateMessage.Version = Authentication.Version.Server2003;
            return authenticateMessage;
        }