summaryrefslogtreecommitdiff
path: root/source3/rpc_client
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2010-07-24 13:02:57 -0400
committerSimo Sorce <idra@samba.org>2010-07-28 12:42:15 -0400
commit7eaa15af2c5b544946bfb2b8c522ba9677527972 (patch)
treedf6035a0a06adf47653b8c001e673677aebf71a5 /source3/rpc_client
parent1abcbd70aed327ae5233423ce74662241fa9d21a (diff)
downloadsamba-7eaa15af2c5b544946bfb2b8c522ba9677527972.tar.gz
samba-7eaa15af2c5b544946bfb2b8c522ba9677527972.tar.bz2
samba-7eaa15af2c5b544946bfb2b8c522ba9677527972.zip
s3-dcerpc: Add sign/seal with gssapi
Diffstat (limited to 'source3/rpc_client')
-rw-r--r--source3/rpc_client/cli_pipe.c18
1 files changed, 12 insertions, 6 deletions
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 4a3229d7cc..8588875506 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -1257,6 +1257,7 @@ static NTSTATUS calculate_data_len_tosend(struct rpc_pipe_client *cli,
uint32_t *p_ss_padding)
{
uint32_t data_space, data_len;
+ size_t max_len;
switch (cli->auth->auth_level) {
case DCERPC_AUTH_LEVEL_NONE:
@@ -1272,6 +1273,10 @@ static NTSTATUS calculate_data_len_tosend(struct rpc_pipe_client *cli,
case DCERPC_AUTH_LEVEL_INTEGRITY:
case DCERPC_AUTH_LEVEL_PRIVACY:
+ max_len = cli->max_xmit_frag
+ - DCERPC_REQUEST_LENGTH
+ - DCERPC_AUTH_TRAILER_LENGTH;
+
/* Treat the same for all authenticated rpc requests. */
switch(cli->auth->auth_type) {
case DCERPC_AUTH_TYPE_SPNEGO:
@@ -1280,7 +1285,7 @@ static NTSTATUS calculate_data_len_tosend(struct rpc_pipe_client *cli,
*p_auth_len = NTLMSSP_SIG_SIZE;
break;
case PIPE_AUTH_TYPE_SPNEGO_KRB5:
- *p_auth_len = 0; /* no signing */
+ *p_auth_len = 0; /* TODO */
break;
default:
return NT_STATUS_INVALID_PARAMETER;
@@ -1292,16 +1297,17 @@ static NTSTATUS calculate_data_len_tosend(struct rpc_pipe_client *cli,
*p_auth_len = NL_AUTH_SIGNATURE_SIZE;
break;
case DCERPC_AUTH_TYPE_KRB5:
- *p_auth_len = 0; /* no signing */
+ *p_auth_len = gse_get_signature_length(
+ cli->auth->a_u.gssapi_state,
+ (cli->auth->auth_level ==
+ DCERPC_AUTH_LEVEL_PRIVACY),
+ max_len);
break;
default:
return NT_STATUS_INVALID_PARAMETER;
}
- data_space = cli->max_xmit_frag
- - DCERPC_REQUEST_LENGTH
- - DCERPC_AUTH_TRAILER_LENGTH
- - *p_auth_len;
+ data_space = max_len - *p_auth_len;
data_len = MIN(data_space, data_left);
*p_ss_padding = 0;