summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2009-08-25 18:36:28 +0200
committerGünther Deschner <gd@samba.org>2009-08-26 00:47:55 +0200
commit1a53b617710b1bf9555de6ab01afeaf6f9c1d42a (patch)
treea8a1da2c0b56606426df4fef2854c6eb5756b49e /source3/rpc_server
parent808a0d44f84ed668c906eaa6777d2c0743351560 (diff)
downloadsamba-1a53b617710b1bf9555de6ab01afeaf6f9c1d42a.tar.gz
samba-1a53b617710b1bf9555de6ab01afeaf6f9c1d42a.tar.bz2
samba-1a53b617710b1bf9555de6ab01afeaf6f9c1d42a.zip
s3-netlogon: make _netr_ServerAuthenticate a callback to _netr_ServerAuthenticate3.
Guenther
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_netlog_nt.c62
1 files changed, 16 insertions, 46 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 8a93b20641..de898569f2 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -447,56 +447,23 @@ NTSTATUS _netr_ServerReqChallenge(pipes_struct *p,
NTSTATUS _netr_ServerAuthenticate(pipes_struct *p,
struct netr_ServerAuthenticate *r)
{
- NTSTATUS status;
- struct netr_Credential srv_chal_out;
-
- if (!p->dc || !p->dc->challenge_sent) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
- status = get_md4pw((char *)p->dc->mach_pw,
- r->in.account_name,
- r->in.secure_channel_type,
- NULL);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("_netr_ServerAuthenticate: get_md4pw failed. Failed to "
- "get password for machine account %s "
- "from client %s: %s\n",
- r->in.account_name,
- r->in.computer_name,
- nt_errstr(status) ));
- /* always return NT_STATUS_ACCESS_DENIED */
- return NT_STATUS_ACCESS_DENIED;
- }
-
- /* From the client / server challenges and md4 password, generate sess key */
- creds_server_init(0, /* No neg flags. */
- p->dc,
- &p->dc->clnt_chal, /* Stored client chal. */
- &p->dc->srv_chal, /* Stored server chal. */
- p->dc->mach_pw,
- &srv_chal_out);
-
- /* Check client credentials are valid. */
- if (!netlogon_creds_server_check(p->dc, r->in.credentials)) {
- DEBUG(0,("_netr_ServerAuthenticate: netlogon_creds_server_check failed. Rejecting auth "
- "request from client %s machine account %s\n",
- r->in.computer_name,
- r->in.account_name));
- return NT_STATUS_ACCESS_DENIED;
- }
+ struct netr_ServerAuthenticate3 a;
+ uint32_t negotiate_flags = 0;
+ uint32_t rid;
- fstrcpy(p->dc->mach_acct, r->in.account_name);
- fstrcpy(p->dc->remote_machine, r->in.computer_name);
- p->dc->authenticated = True;
+ a.in.server_name = r->in.server_name;
+ a.in.account_name = r->in.account_name;
+ a.in.secure_channel_type = r->in.secure_channel_type;
+ a.in.computer_name = r->in.computer_name;
+ a.in.credentials = r->in.credentials;
+ a.in.negotiate_flags = &negotiate_flags;
- /* set up the LSA AUTH response */
- /* Return the server credentials. */
+ a.out.return_credentials = r->out.return_credentials;
+ a.out.rid = &rid;
+ a.out.negotiate_flags = &negotiate_flags;
- memcpy(r->out.return_credentials->data, &srv_chal_out.data,
- sizeof(r->out.return_credentials->data));
+ return _netr_ServerAuthenticate3(p, &a);
- return NT_STATUS_OK;
}
/*************************************************************************
@@ -545,6 +512,9 @@ NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p,
}
switch (p->hdr_req.opnum) {
+ case NDR_NETR_SERVERAUTHENTICATE:
+ fn = "_netr_ServerAuthenticate";
+ break;
case NDR_NETR_SERVERAUTHENTICATE2:
fn = "_netr_ServerAuthenticate2";
break;