summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2005-07-27 20:25:04 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:00:18 -0500
commit8b2b177a8e07e3a0cb00fbd7fdbafc8aeba5b204 (patch)
treeb8b68c1a30899de0f90020a25ceb605c0534c928 /source3/rpc_server
parentb344de3f83d8025d0c00c8ae20207e9e42b70d57 (diff)
downloadsamba-8b2b177a8e07e3a0cb00fbd7fdbafc8aeba5b204.tar.gz
samba-8b2b177a8e07e3a0cb00fbd7fdbafc8aeba5b204.tar.bz2
samba-8b2b177a8e07e3a0cb00fbd7fdbafc8aeba5b204.zip
r8805: Merge a duplicate struct. Get ready to support SPNEGO rpc binds.
Jeremy. (This used to be commit fd6e342746edfda2f25df1ae0067d359b756e0cd)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_pipe.c125
1 files changed, 65 insertions, 60 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 30aacdc4c5..70563d3029 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -582,9 +582,9 @@ BOOL api_pipe_bind_auth_resp(pipes_struct *p, prs_struct *rpc_in_p)
return False;
}
- if (autha_info.auth_type != NTLMSSP_AUTH_TYPE || autha_info.auth_level != RPC_PIPE_AUTH_SEAL_LEVEL) {
+ if (autha_info.auth.auth_type != NTLMSSP_AUTH_TYPE || autha_info.auth.auth_level != RPC_PIPE_AUTH_SEAL_LEVEL) {
DEBUG(0,("api_pipe_bind_auth_resp: incorrect auth type (%d) or level (%d).\n",
- (int)autha_info.auth_type, (int)autha_info.auth_level ));
+ (int)autha_info.auth.auth_type, (int)autha_info.auth.auth_level ));
return False;
}
@@ -941,67 +941,72 @@ BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p)
return False;
}
- if(auth_info.auth_type == NTLMSSP_AUTH_TYPE) {
-
- if(!smb_io_rpc_auth_verifier("", &auth_verifier, rpc_in_p, 0)) {
- DEBUG(0,("api_pipe_bind_req: unable to "
- "unmarshall RPC_HDR_AUTH struct.\n"));
- return False;
- }
-
- if(!strequal(auth_verifier.signature, "NTLMSSP")) {
- DEBUG(0,("api_pipe_bind_req: "
- "auth_verifier.signature != NTLMSSP\n"));
- return False;
- }
-
- if(auth_verifier.msg_type != NTLMSSP_NEGOTIATE) {
- DEBUG(0,("api_pipe_bind_req: "
- "auth_verifier.msg_type (%d) != NTLMSSP_NEGOTIATE\n",
- auth_verifier.msg_type));
- return False;
- }
-
- if(!smb_io_rpc_auth_ntlmssp_neg("", &ntlmssp_neg, rpc_in_p, 0)) {
- DEBUG(0,("api_pipe_bind_req: "
- "Failed to unmarshall RPC_AUTH_NTLMSSP_NEG.\n"));
- return False;
- }
-
- p->ntlmssp_chal_flags = SMBD_NTLMSSP_NEG_FLAGS;
- p->ntlmssp_auth_requested = True;
-
- } else if (auth_info.auth_type == NETSEC_AUTH_TYPE) {
-
- RPC_AUTH_NETSEC_NEG neg;
- struct netsec_auth_struct *a = &(p->netsec_auth);
-
- if (!server_auth2_negotiated) {
- DEBUG(0, ("Attempt to bind using schannel "
- "without successful serverauth2\n"));
- return False;
+ switch(auth_info.auth_type) {
+ case NTLMSSP_AUTH_TYPE:
+
+ if(!smb_io_rpc_auth_verifier("", &auth_verifier, rpc_in_p, 0)) {
+ DEBUG(0,("api_pipe_bind_req: unable to "
+ "unmarshall RPC_HDR_AUTH struct.\n"));
+ return False;
+ }
+
+ if(!strequal(auth_verifier.signature, "NTLMSSP")) {
+ DEBUG(0,("api_pipe_bind_req: "
+ "auth_verifier.signature != NTLMSSP\n"));
+ return False;
+ }
+
+ if(auth_verifier.msg_type != NTLMSSP_NEGOTIATE) {
+ DEBUG(0,("api_pipe_bind_req: "
+ "auth_verifier.msg_type (%d) != NTLMSSP_NEGOTIATE\n",
+ auth_verifier.msg_type));
+ return False;
+ }
+
+ if(!smb_io_rpc_auth_ntlmssp_neg("", &ntlmssp_neg, rpc_in_p, 0)) {
+ DEBUG(0,("api_pipe_bind_req: "
+ "Failed to unmarshall RPC_AUTH_NTLMSSP_NEG.\n"));
+ return False;
+ }
+
+ p->ntlmssp_chal_flags = SMBD_NTLMSSP_NEG_FLAGS;
+ p->ntlmssp_auth_requested = True;
+ break;
+
+ case NETSEC_AUTH_TYPE:
+ {
+ RPC_AUTH_NETSEC_NEG neg;
+ struct netsec_auth_struct *a = &(p->netsec_auth);
+
+ if (!server_auth2_negotiated) {
+ DEBUG(0, ("Attempt to bind using schannel "
+ "without successful serverauth2\n"));
+ return False;
+ }
+
+ if (!smb_io_rpc_auth_netsec_neg("", &neg, rpc_in_p, 0)) {
+ DEBUG(0,("api_pipe_bind_req: "
+ "Could not unmarshal SCHANNEL auth neg\n"));
+ return False;
+ }
+
+ p->netsec_auth_validated = True;
+
+ memset(a->sess_key, 0, sizeof(a->sess_key));
+ memcpy(a->sess_key, last_dcinfo.sess_key, sizeof(last_dcinfo.sess_key));
+
+ a->seq_num = 0;
+
+ DEBUG(10,("schannel auth: domain [%s] myname [%s]\n",
+ neg.domain, neg.myname));
+ break;
}
- if (!smb_io_rpc_auth_netsec_neg("", &neg, rpc_in_p, 0)) {
- DEBUG(0,("api_pipe_bind_req: "
- "Could not unmarshal SCHANNEL auth neg\n"));
+ case SPNEGO_AUTH_TYPE:
+ default:
+ DEBUG(0,("api_pipe_bind_req: unknown auth type %x requested.\n",
+ auth_info.auth_type ));
return False;
- }
-
- p->netsec_auth_validated = True;
-
- memset(a->sess_key, 0, sizeof(a->sess_key));
- memcpy(a->sess_key, last_dcinfo.sess_key, sizeof(last_dcinfo.sess_key));
-
- a->seq_num = 0;
-
- DEBUG(10,("schannel auth: domain [%s] myname [%s]\n",
- neg.domain, neg.myname));
-
- } else {
- DEBUG(0,("api_pipe_bind_req: unknown auth type %x requested.\n",
- auth_info.auth_type ));
- return False;
}
}