rpcrt4: Implemented NTLM authentication for rpcrt4 connections.

Mike McCormack mike at codeweavers.com
Mon May 15 19:56:40 CDT 2006

Kai Blin wrote:

>>+  /* tack on a negotiate packet */
>>+  RPCRT4_AuthNegotiate(Connection, &out);
>>+  r = RPCRT4_SendAuth(Connection, Header, Buffer, BufferLength, out.pvBuffer, out.cbBuffer);
>>+  HeapFree(GetProcessHeap(), 0, out.pvBuffer);
> Should that actually be a Negotiate packet?
> If it should, I can add Negotiate to the set of patches I sent Rob.

You are probably aware of this, but for others who are interested, 
rpcrt4 seems to work something like:

1. Client sends NTLMSSP_NEGOTIATE to server on first outgoing packet
2. Server sends NTLMSSP_CHALLENGE to client on first incoming packet
3. Client sends NTLMSSP_AUTHORIZE to server after receiving challenge
4. Client attaches authorization context to further packets

Calling RPCRT4_AuthNegotiate() in the above code snippet is step 1 and 
as a side-effect, the Connection->ctx is set to something non-zero, and 
we won't go down that codepath again.

This scheme currently only works for NTLM authentication, and may need 
slight modification for other authentication schemes, but that's all I'm 
interested in at the moment.

Initially I was using the dcom98 version of secur32 for testing, as the 
builtin doesn't support SECURITY_NETWORK_DREP as yet.  Now I'm using a 
hacked up builtin secur32 that generates the required NTLM exchange 
independently of ntlm_auth.

I'm hoping to submit a patch for secur32 that works as above but falls 
back to ntlm_auth for exchanges its not capable of (ie. most of them).


More information about the wine-devel mailing list