summaryrefslogtreecommitdiff
path: root/source3/include
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2006-02-09 07:03:23 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:09:59 -0500
commitad8b47a2ba4e81420bc2272e8438a727cc2223ee (patch)
treeb6f23560649f3b54aa3458d3c8667f145805ec5b /source3/include
parentcf7c47aac990f67e1829a7e4b9d3550b7e93739b (diff)
downloadsamba-ad8b47a2ba4e81420bc2272e8438a727cc2223ee.tar.gz
samba-ad8b47a2ba4e81420bc2272e8438a727cc2223ee.tar.bz2
samba-ad8b47a2ba4e81420bc2272e8438a727cc2223ee.zip
r13407: Change the credentials code to be more like the Samba4 structure,
makes fixes much easier to port. Fix the size of dc->sess_key to be 16 bytes, not 8 bytes - only store 8 bytes in the inter-smbd store in secrets.tdb though. Should fix some uses of the dc->sess_key where we where assuming we could read 16 bytes. Jeremy. (This used to be commit 5b3c2e63c73fee8949108abe19ac7a448a033a7f)
Diffstat (limited to 'source3/include')
-rw-r--r--source3/include/ntdomain.h2
-rw-r--r--source3/include/rpc_dce.h11
2 files changed, 10 insertions, 3 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index a30b724372..82e212c0ca 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -140,7 +140,7 @@ struct dcinfo {
DOM_CHAL clnt_chal; /* Client credential */
DOM_CHAL srv_chal; /* Server credential */
- uchar sess_key[8]; /* Session key */
+ uchar sess_key[16]; /* Session key - 8 bytes followed by 8 zero bytes */
uchar mach_pw[16]; /* md4(machine password) */
fstring mach_acct; /* Machine name we've authenticated. */
diff --git a/source3/include/rpc_dce.h b/source3/include/rpc_dce.h
index e718d92271..218cad336d 100644
--- a/source3/include/rpc_dce.h
+++ b/source3/include/rpc_dce.h
@@ -90,12 +90,19 @@ enum RPC_PKT_TYPE {
#define RPC_AUTH_SCHANNEL_SIGN_ONLY_CHK_LEN 0x18
+#define NETLOGON_EXTRA_SIDS 0x0020
+#define NETLOGON_RESOURCE_GROUPS 0x0200
+#define NETLOGON_NEG_ARCFOUR 0x00000004
+#define NETLOGON_NEG_128BIT 0x00004000
+#define NETLOGON_NEG_SCHANNEL 0x40000000
+
/* The 7 here seems to be required to get Win2k not to downgrade us
to NT4. Actually, anything other than 1ff would seem to do... */
#define NETLOGON_NEG_AUTH2_FLAGS 0x000701ff
-
-#define NETLOGON_NEG_SCHANNEL 0x40000000
#define NETLOGON_NEG_DOMAIN_TRUST_ACCOUNT 0x2010b000
+
+/* these are the flags that ADS clients use */
+#define NETLOGON_NEG_AUTH2_ADS_FLAGS (0x200fbffb | NETLOGON_NEG_ARCFOUR | NETLOGON_NEG_128BIT | NETLOGON_NEG_SCHANNEL)
enum schannel_direction {
SENDER_IS_INITIATOR,