diff options
| author | Günther Deschner <gd@samba.org> | 2009-08-25 18:36:28 +0200 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2009-08-26 00:47:55 +0200 |
| commit | 1a53b617710b1bf9555de6ab01afeaf6f9c1d42a (patch) | |
| tree | a8a1da2c0b56606426df4fef2854c6eb5756b49e /source3/rpc_server | |
| parent | 808a0d44f84ed668c906eaa6777d2c0743351560 (diff) | |
| download | samba-1a53b617710b1bf9555de6ab01afeaf6f9c1d42a.tar.gz samba-1a53b617710b1bf9555de6ab01afeaf6f9c1d42a.tar.bz2 samba-1a53b617710b1bf9555de6ab01afeaf6f9c1d42a.zip | |
s3-netlogon: make _netr_ServerAuthenticate a callback to _netr_ServerAuthenticate3.
Guenther
Diffstat (limited to 'source3/rpc_server')
| -rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 62 |
1 files changed, 16 insertions, 46 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 8a93b20641..de898569f2 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -447,56 +447,23 @@ NTSTATUS _netr_ServerReqChallenge(pipes_struct *p, NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, struct netr_ServerAuthenticate *r) { - NTSTATUS status; - struct netr_Credential srv_chal_out; - - if (!p->dc || !p->dc->challenge_sent) { - return NT_STATUS_ACCESS_DENIED; - } - - status = get_md4pw((char *)p->dc->mach_pw, - r->in.account_name, - r->in.secure_channel_type, - NULL); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0,("_netr_ServerAuthenticate: get_md4pw failed. Failed to " - "get password for machine account %s " - "from client %s: %s\n", - r->in.account_name, - r->in.computer_name, - nt_errstr(status) )); - /* always return NT_STATUS_ACCESS_DENIED */ - return NT_STATUS_ACCESS_DENIED; - } - - /* From the client / server challenges and md4 password, generate sess key */ - creds_server_init(0, /* No neg flags. */ - p->dc, - &p->dc->clnt_chal, /* Stored client chal. */ - &p->dc->srv_chal, /* Stored server chal. */ - p->dc->mach_pw, - &srv_chal_out); - - /* Check client credentials are valid. */ - if (!netlogon_creds_server_check(p->dc, r->in.credentials)) { - DEBUG(0,("_netr_ServerAuthenticate: netlogon_creds_server_check failed. Rejecting auth " - "request from client %s machine account %s\n", - r->in.computer_name, - r->in.account_name)); - return NT_STATUS_ACCESS_DENIED; - } + struct netr_ServerAuthenticate3 a; + uint32_t negotiate_flags = 0; + uint32_t rid; - fstrcpy(p->dc->mach_acct, r->in.account_name); - fstrcpy(p->dc->remote_machine, r->in.computer_name); - p->dc->authenticated = True; + a.in.server_name = r->in.server_name; + a.in.account_name = r->in.account_name; + a.in.secure_channel_type = r->in.secure_channel_type; + a.in.computer_name = r->in.computer_name; + a.in.credentials = r->in.credentials; + a.in.negotiate_flags = &negotiate_flags; - /* set up the LSA AUTH response */ - /* Return the server credentials. */ + a.out.return_credentials = r->out.return_credentials; + a.out.rid = &rid; + a.out.negotiate_flags = &negotiate_flags; - memcpy(r->out.return_credentials->data, &srv_chal_out.data, - sizeof(r->out.return_credentials->data)); + return _netr_ServerAuthenticate3(p, &a); - return NT_STATUS_OK; } /************************************************************************* @@ -545,6 +512,9 @@ NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p, } switch (p->hdr_req.opnum) { + case NDR_NETR_SERVERAUTHENTICATE: + fn = "_netr_ServerAuthenticate"; + break; case NDR_NETR_SERVERAUTHENTICATE2: fn = "_netr_ServerAuthenticate2"; break; |