diff options
| author | Simo Sorce <idra@samba.org> | 2010-07-29 16:34:39 -0400 |
|---|---|---|
| committer | Simo Sorce <idra@samba.org> | 2010-07-30 14:55:27 -0400 |
| commit | 984438ca1522bfc2d882b2e3e7e8db187577e05a (patch) | |
| tree | f2dc3d43598bfe6abfd05f0d57358ac088c79309 /source3/rpc_client | |
| parent | 0b24e8e869207dcb567b61272794daef48ee492a (diff) | |
| download | samba-984438ca1522bfc2d882b2e3e7e8db187577e05a.tar.gz samba-984438ca1522bfc2d882b2e3e7e8db187577e05a.tar.bz2 samba-984438ca1522bfc2d882b2e3e7e8db187577e05a.zip | |
s3-dcerpc: add sign/seal support when using SPNEGO/KRB5
Diffstat (limited to 'source3/rpc_client')
| -rw-r--r-- | source3/rpc_client/cli_pipe.c | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 6dc2cd69af..e41966f6fb 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -1305,6 +1305,10 @@ static NTSTATUS calculate_data_len_tosend(struct rpc_pipe_client *cli, { uint32_t data_space, data_len; size_t max_len; + struct gse_context *gse_ctx; + enum dcerpc_AuthType auth_type; + void *auth_ctx; + NTSTATUS status; switch (cli->auth->auth_level) { case DCERPC_AUTH_LEVEL_NONE: @@ -1332,11 +1336,26 @@ static NTSTATUS calculate_data_len_tosend(struct rpc_pipe_client *cli, *p_auth_len = NTLMSSP_SIG_SIZE; break; case PIPE_AUTH_TYPE_SPNEGO_KRB5: - *p_auth_len = 0; /* TODO */ + status = spnego_get_negotiated_mech( + cli->auth->a_u.spnego_state, + &auth_type, &auth_ctx); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + gse_ctx = talloc_get_type(auth_ctx, + struct gse_context); + if (!gse_ctx) { + return NT_STATUS_INVALID_PARAMETER; + } + *p_auth_len = gse_get_signature_length(gse_ctx, + (cli->auth->auth_level == + DCERPC_AUTH_LEVEL_PRIVACY), + max_len); break; default: return NT_STATUS_INVALID_PARAMETER; } + break; case DCERPC_AUTH_TYPE_NTLMSSP: *p_auth_len = NTLMSSP_SIG_SIZE; break; |