diff options
author | Simo Sorce <idra@samba.org> | 2010-07-20 11:22:50 -0400 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2010-07-28 12:18:19 -0400 |
commit | bfe53d414548cd8a0226136b73cf2b766b6a61ef (patch) | |
tree | 775a9c15877c8754513dbf4e95ce6d4396f17459 /source3/rpc_server | |
parent | 7407c979a1469997c9277c501787b5f222216aac (diff) | |
download | samba-bfe53d414548cd8a0226136b73cf2b766b6a61ef.tar.gz samba-bfe53d414548cd8a0226136b73cf2b766b6a61ef.tar.bz2 samba-bfe53d414548cd8a0226136b73cf2b766b6a61ef.zip |
s3-dcerpc: Set flags directly instead of calling unimplemented functions.
Diffstat (limited to 'source3/rpc_server')
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 5ab64c2d37..ae6c12710e 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -721,12 +721,21 @@ static bool pipe_spnego_auth_bind_negotiate(struct pipes_struct *p, goto err; } + /* Clear flags, + * then set them according to requested Auth Level */ + auth_ntlmssp_and_flags(a, ~(NTLMSSP_NEGOTIATE_SIGN | + NTLMSSP_NEGOTIATE_SEAL)); switch (pauth_info->auth_level) { case DCERPC_AUTH_LEVEL_INTEGRITY: - auth_ntlmssp_want_sign(a); + auth_ntlmssp_or_flags(a, + NTLMSSP_NEGOTIATE_SIGN); break; case DCERPC_AUTH_LEVEL_PRIVACY: - auth_ntlmssp_want_seal(a); + /* Privacy always implies both sign and seal + * for ntlmssp */ + auth_ntlmssp_or_flags(a, + NTLMSSP_NEGOTIATE_SIGN | + NTLMSSP_NEGOTIATE_SEAL); break; default: break; @@ -988,12 +997,18 @@ static bool pipe_ntlmssp_auth_bind(struct pipes_struct *p, goto err; } + /* Clear flags, then set them according to requested Auth Level */ + auth_ntlmssp_and_flags(a, ~(NTLMSSP_NEGOTIATE_SIGN | + NTLMSSP_NEGOTIATE_SEAL)); + switch (auth_info->auth_level) { case DCERPC_AUTH_LEVEL_INTEGRITY: - auth_ntlmssp_want_sign(a); + auth_ntlmssp_or_flags(a, NTLMSSP_NEGOTIATE_SIGN); break; case DCERPC_AUTH_LEVEL_PRIVACY: - auth_ntlmssp_want_seal(a); + /* Privacy always implies both sign and seal for ntlmssp */ + auth_ntlmssp_or_flags(a, NTLMSSP_NEGOTIATE_SIGN | + NTLMSSP_NEGOTIATE_SEAL); break; default: break; |