From ff818b159795eb992aae53a8e428bceaa99c2825 Mon Sep 17 00:00:00 2001
From: Thomas Fitzsimmons <fitzsim@fitzsim.org>
Date: Sat, 4 Oct 2014 12:23:42 -0700
Subject: [PATCH] * lisp/net/ntlm.el (ntlm-build-auth-request): Add NTLM2
 Session support.

---
 lisp/ChangeLog   |  5 +++++
 lisp/net/ntlm.el | 38 +++++++++++++++++++++++++++++++-------
 2 files changed, 36 insertions(+), 7 deletions(-)

diff --git a/lisp/ChangeLog b/lisp/ChangeLog
index 37de66835be..076f8bd05e7 100644
--- a/lisp/ChangeLog
+++ b/lisp/ChangeLog
@@ -1,3 +1,8 @@
+2014-10-04  Thomas Fitzsimmons  <fitzsim@fitzsim.org>
+
+	* net/ntlm.el (ntlm-build-auth-request):
+	Add NTLM2 Session support.  (Bug#15603)
+
 2014-10-04  Glenn Morris  <rgm@gnu.org>
 
 	* apropos.el (apropos-symbols-internal):
diff --git a/lisp/net/ntlm.el b/lisp/net/ntlm.el
index bff3bab7207..30958aaa6bf 100644
--- a/lisp/net/ntlm.el
+++ b/lisp/net/ntlm.el
@@ -80,8 +80,8 @@ is not given."
 	(request-msgType (concat (make-string 1 1) (make-string 3 0)))
 					;0x01 0x00 0x00 0x00
 	(request-flags (concat (make-string 1 7) (make-string 1 178)
-			       (make-string 2 0)))
-					;0x07 0xb2 0x00 0x00
+			       (make-string 1 8) (make-string 1 0)))
+					;0x07 0xb2 0x08 0x00
 	lu ld off-d off-u)
     (when (string-match "@" user)
       (unless domain
@@ -144,11 +144,35 @@ by PASSWORD-HASHES.  PASSWORD-HASHES should be a return value of
       (setq domain (substring user (1+ (match-beginning 0))))
       (setq user (substring user 0 (match-beginning 0))))
 
-    ;; generate response data
-    (setq lmRespData
-	  (ntlm-smb-owf-encrypt (car password-hashes) challengeData))
-    (setq ntRespData
-	  (ntlm-smb-owf-encrypt (cadr password-hashes) challengeData))
+    ;; check if "negotiate NTLM2 key" flag is set in type 2 message
+    (if (not (zerop (logand (aref flags 2) 8)))
+	(let (randomString
+	      sessionHash)
+	  ;; generate NTLM2 session response data
+	  (setq randomString (string-make-unibyte
+			      (concat
+			       (make-string 1 (random 256))
+			       (make-string 1 (random 256))
+			       (make-string 1 (random 256))
+			       (make-string 1 (random 256))
+			       (make-string 1 (random 256))
+			       (make-string 1 (random 256))
+			       (make-string 1 (random 256))
+			       (make-string 1 (random 256)))))
+	  (setq sessionHash (secure-hash 'md5
+					 (concat challengeData randomString)
+					 nil nil t))
+	  (setq sessionHash (substring sessionHash 0 8))
+
+	  (setq lmRespData (concat randomString (make-string 16 0)))
+	  (setq ntRespData (ntlm-smb-owf-encrypt
+			    (cadr password-hashes) sessionHash)))
+      (progn
+	;; generate response data
+	(setq lmRespData
+	      (ntlm-smb-owf-encrypt (car password-hashes) challengeData))
+	(setq ntRespData
+	      (ntlm-smb-owf-encrypt (cadr password-hashes) challengeData))))
 
     ;; get offsets to fields to pack the response struct in a string
     (setq lu (length user))
-- 
2.11.4.GIT