summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2010-07-20 11:22:50 -0400
committerSimo Sorce <idra@samba.org>2010-07-28 12:18:19 -0400
commitbfe53d414548cd8a0226136b73cf2b766b6a61ef (patch)
tree775a9c15877c8754513dbf4e95ce6d4396f17459 /source3/rpc_server
parent7407c979a1469997c9277c501787b5f222216aac (diff)
downloadsamba-bfe53d414548cd8a0226136b73cf2b766b6a61ef.tar.gz
samba-bfe53d414548cd8a0226136b73cf2b766b6a61ef.tar.bz2
samba-bfe53d414548cd8a0226136b73cf2b766b6a61ef.zip
s3-dcerpc: Set flags directly instead of calling unimplemented functions.
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_pipe.c23
1 files changed, 19 insertions, 4 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 5ab64c2d37..ae6c12710e 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -721,12 +721,21 @@ static bool pipe_spnego_auth_bind_negotiate(struct pipes_struct *p,
goto err;
}
+ /* Clear flags,
+ * then set them according to requested Auth Level */
+ auth_ntlmssp_and_flags(a, ~(NTLMSSP_NEGOTIATE_SIGN |
+ NTLMSSP_NEGOTIATE_SEAL));
switch (pauth_info->auth_level) {
case DCERPC_AUTH_LEVEL_INTEGRITY:
- auth_ntlmssp_want_sign(a);
+ auth_ntlmssp_or_flags(a,
+ NTLMSSP_NEGOTIATE_SIGN);
break;
case DCERPC_AUTH_LEVEL_PRIVACY:
- auth_ntlmssp_want_seal(a);
+ /* Privacy always implies both sign and seal
+ * for ntlmssp */
+ auth_ntlmssp_or_flags(a,
+ NTLMSSP_NEGOTIATE_SIGN |
+ NTLMSSP_NEGOTIATE_SEAL);
break;
default:
break;
@@ -988,12 +997,18 @@ static bool pipe_ntlmssp_auth_bind(struct pipes_struct *p,
goto err;
}
+ /* Clear flags, then set them according to requested Auth Level */
+ auth_ntlmssp_and_flags(a, ~(NTLMSSP_NEGOTIATE_SIGN |
+ NTLMSSP_NEGOTIATE_SEAL));
+
switch (auth_info->auth_level) {
case DCERPC_AUTH_LEVEL_INTEGRITY:
- auth_ntlmssp_want_sign(a);
+ auth_ntlmssp_or_flags(a, NTLMSSP_NEGOTIATE_SIGN);
break;
case DCERPC_AUTH_LEVEL_PRIVACY:
- auth_ntlmssp_want_seal(a);
+ /* Privacy always implies both sign and seal for ntlmssp */
+ auth_ntlmssp_or_flags(a, NTLMSSP_NEGOTIATE_SIGN |
+ NTLMSSP_NEGOTIATE_SEAL);
break;
default:
break;