summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2009-09-14 20:39:54 +0200
committerGünther Deschner <gd@samba.org>2009-09-15 17:49:34 +0200
commitd3af0346c87390b72f6f1708019c7cd055ae047d (patch)
tree2702922867bfb058814584ba9c9c44689e39f1f6 /source3
parent668470c9923364c6c43afbf94162b549c8baef9a (diff)
downloadsamba-d3af0346c87390b72f6f1708019c7cd055ae047d.tar.gz
samba-d3af0346c87390b72f6f1708019c7cd055ae047d.tar.bz2
samba-d3af0346c87390b72f6f1708019c7cd055ae047d.zip
s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags.
Guenther
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth_domain.c2
-rw-r--r--source3/auth/auth_netlogond.c2
-rw-r--r--source3/include/client.h2
-rw-r--r--source3/include/ntdomain.h9
-rw-r--r--source3/include/proto.h22
-rw-r--r--source3/libnet/libnet_join.c2
-rw-r--r--source3/libsmb/passchange.c2
-rw-r--r--source3/rpc_client/cli_pipe.c70
-rw-r--r--source3/rpc_parse/parse_prs.c16
-rw-r--r--source3/rpc_server/srv_netlog_nt.c4
-rw-r--r--source3/rpc_server/srv_pipe.c30
-rw-r--r--source3/rpc_server/srv_samr_nt.c2
-rw-r--r--source3/rpcclient/rpcclient.c12
-rw-r--r--source3/utils/net_rpc.c4
-rw-r--r--source3/utils/net_rpc_join.c4
-rw-r--r--source3/winbindd/winbindd_cm.c10
16 files changed, 93 insertions, 100 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 85210e6f70..7dec6ad84b 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -177,7 +177,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
/* We also setup the creds chain in the open_schannel call. */
result = cli_rpc_pipe_open_schannel(
*cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY, domain, &netlogon_pipe);
+ DCERPC_AUTH_LEVEL_PRIVACY, domain, &netlogon_pipe);
} else {
result = cli_rpc_pipe_open_noauth(
*cli, &ndr_table_netlogon.syntax_id, &netlogon_pipe);
diff --git a/source3/auth/auth_netlogond.c b/source3/auth/auth_netlogond.c
index 3947873aaa..5f4d2f16e3 100644
--- a/source3/auth/auth_netlogond.c
+++ b/source3/auth/auth_netlogond.c
@@ -47,7 +47,7 @@ static NTSTATUS netlogond_validate(TALLOC_CTX *mem_ctx,
}
status = rpccli_schannel_bind_data(p, lp_workgroup(),
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
schannel_key, &auth);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("rpccli_schannel_bind_data failed: %s\n",
diff --git a/source3/include/client.h b/source3/include/client.h
index 5b64b9be3a..e83927cfe5 100644
--- a/source3/include/client.h
+++ b/source3/include/client.h
@@ -48,7 +48,7 @@ struct print_job_info {
struct cli_pipe_auth_data {
enum pipe_auth_type auth_type; /* switch for the union below. Defined in ntdomain.h */
- enum pipe_auth_level auth_level; /* defined in ntdomain.h */
+ enum dcerpc_AuthLevel auth_level; /* defined in ntdomain.h */
char *domain;
char *user_name;
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index 53e89a8751..1d303ca64a 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -132,13 +132,6 @@ typedef struct pipe_rpc_fns {
enum pipe_auth_type { PIPE_AUTH_TYPE_NONE = 0, PIPE_AUTH_TYPE_NTLMSSP, PIPE_AUTH_TYPE_SCHANNEL,
PIPE_AUTH_TYPE_SPNEGO_NTLMSSP, PIPE_AUTH_TYPE_KRB5, PIPE_AUTH_TYPE_SPNEGO_KRB5 };
-/* Possible auth levels - keep these in sync with the wire values. */
-enum pipe_auth_level { PIPE_AUTH_LEVEL_NONE = 0,
- PIPE_AUTH_LEVEL_CONNECT = 1, /* We treat as NONE. */
- PIPE_AUTH_LEVEL_INTEGRITY = 5, /* Sign. */
- PIPE_AUTH_LEVEL_PRIVACY = 6 /* Seal. */
-};
-
/* auth state for krb5. */
struct kerberos_auth_struct {
const char *service_principal;
@@ -155,7 +148,7 @@ struct schannel_auth_struct {
struct pipe_auth_data {
enum pipe_auth_type auth_type; /* switch for union below. */
- enum pipe_auth_level auth_level;
+ enum dcerpc_AuthLevel auth_level;
union {
struct schannel_auth_struct *schannel_auth;
AUTH_NTLMSSP_STATE *auth_ntlmssp_state;
diff --git a/source3/include/proto.h b/source3/include/proto.h
index b037bf3ac0..35d1a9929d 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -5291,17 +5291,17 @@ NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx,
struct cli_pipe_auth_data **presult);
NTSTATUS rpccli_ntlmssp_bind_data(TALLOC_CTX *mem_ctx,
enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
struct cli_pipe_auth_data **presult);
NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, const char *domain,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const uint8_t sess_key[16],
struct cli_pipe_auth_data **presult);
NTSTATUS rpccli_kerberos_bind_data(TALLOC_CTX *mem_ctx,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *service_princ,
const char *username,
const char *password,
@@ -5326,7 +5326,7 @@ NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli,
NTSTATUS cli_rpc_pipe_open_ntlmssp(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
@@ -5334,7 +5334,7 @@ NTSTATUS cli_rpc_pipe_open_ntlmssp(struct cli_state *cli,
NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
@@ -5346,14 +5346,14 @@ NTSTATUS get_schannel_session_key(struct cli_state *cli,
NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
struct netlogon_creds_CredentialState **pdc,
struct rpc_pipe_client **presult);
NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
@@ -5361,12 +5361,12 @@ NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
struct rpc_pipe_client **presult);
NTSTATUS cli_rpc_pipe_open_krb5(struct cli_state *cli,
const struct ndr_syntax_id *interface,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *service_princ,
const char *username,
const char *password,
@@ -5706,11 +5706,11 @@ bool prs_uint16s(bool charmode, const char *name, prs_struct *ps, int depth, uin
bool prs_uint32s(bool charmode, const char *name, prs_struct *ps, int depth, uint32 *data32s, int len);
bool prs_unistr(const char *name, prs_struct *ps, int depth, UNISTR *str);
bool prs_string(const char *name, prs_struct *ps, int depth, char *str, int max_buf_size);
-void schannel_encode(struct schannel_auth_struct *a, enum pipe_auth_level auth_level,
+void schannel_encode(struct schannel_auth_struct *a, enum dcerpc_AuthLevel auth_level,
enum schannel_direction direction,
struct NL_AUTH_SIGNATURE *verf,
char *data, size_t data_len);
-bool schannel_decode(struct schannel_auth_struct *a, enum pipe_auth_level auth_level,
+bool schannel_decode(struct schannel_auth_struct *a, enum dcerpc_AuthLevel auth_level,
enum schannel_direction direction,
struct NL_AUTH_SIGNATURE *verf, char *data, size_t data_len);
bool prs_init_data_blob(prs_struct *prs, DATA_BLOB *blob, TALLOC_CTX *mem_ctx);
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 7794e0367a..5315fccff6 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -1136,7 +1136,7 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name,
status = cli_rpc_pipe_open_schannel_with_key(
cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
netbios_domain_name, &netlogon_pipe->dc, &pipe_hnd);
cli_shutdown(cli);
diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c
index ab951618fe..570a048502 100644
--- a/source3/libsmb/passchange.c
+++ b/source3/libsmb/passchange.c
@@ -177,7 +177,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
result = cli_rpc_pipe_open_ntlmssp(cli,
&ndr_table_samr.syntax_id,
NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain, user,
old_passwd,
&pipe_hnd);
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index ab9b5fee33..9fa33cc7c6 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -559,8 +559,8 @@ static NTSTATUS cli_pipe_verify_ntlmssp(struct rpc_pipe_client *cli, RPC_HDR *pr
DATA_BLOB auth_blob;
NTSTATUS status;
- if (cli->auth->auth_level == PIPE_AUTH_LEVEL_NONE
- || cli->auth->auth_level == PIPE_AUTH_LEVEL_CONNECT) {
+ if (cli->auth->auth_level == DCERPC_AUTH_LEVEL_NONE
+ || cli->auth->auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
return NT_STATUS_OK;
}
@@ -605,7 +605,7 @@ static NTSTATUS cli_pipe_verify_ntlmssp(struct rpc_pipe_client *cli, RPC_HDR *pr
auth_blob.length = auth_len;
switch (cli->auth->auth_level) {
- case PIPE_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data is encrypted. */
status = ntlmssp_unseal_packet(ntlmssp_state,
data, data_len,
@@ -620,7 +620,7 @@ static NTSTATUS cli_pipe_verify_ntlmssp(struct rpc_pipe_client *cli, RPC_HDR *pr
return status;
}
break;
- case PIPE_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
/* Data is signed. */
status = ntlmssp_check_packet(ntlmssp_state,
data, data_len,
@@ -679,8 +679,8 @@ static NTSTATUS cli_pipe_verify_schannel(struct rpc_pipe_client *cli, RPC_HDR *p
enum ndr_err_code ndr_err;
DATA_BLOB blob;
- if (cli->auth->auth_level == PIPE_AUTH_LEVEL_NONE
- || cli->auth->auth_level == PIPE_AUTH_LEVEL_CONNECT) {
+ if (cli->auth->auth_level == DCERPC_AUTH_LEVEL_NONE
+ || cli->auth->auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
return NT_STATUS_OK;
}
@@ -1470,7 +1470,7 @@ static NTSTATUS rpc_api_pipe_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
********************************************************************/
static NTSTATUS create_krb5_auth_bind_req( struct rpc_pipe_client *cli,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
RPC_HDR_AUTH *pauth_out,
prs_struct *auth_data)
{
@@ -1529,7 +1529,7 @@ static NTSTATUS create_krb5_auth_bind_req( struct rpc_pipe_client *cli,
********************************************************************/
static NTSTATUS create_spnego_ntlmssp_auth_rpc_bind_req( struct rpc_pipe_client *cli,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
RPC_HDR_AUTH *pauth_out,
prs_struct *auth_data)
{
@@ -1576,7 +1576,7 @@ static NTSTATUS create_spnego_ntlmssp_auth_rpc_bind_req( struct rpc_pipe_client
********************************************************************/
static NTSTATUS create_ntlmssp_auth_rpc_bind_req( struct rpc_pipe_client *cli,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
RPC_HDR_AUTH *pauth_out,
prs_struct *auth_data)
{
@@ -1617,7 +1617,7 @@ static NTSTATUS create_ntlmssp_auth_rpc_bind_req( struct rpc_pipe_client *cli,
********************************************************************/
static NTSTATUS create_schannel_auth_rpc_bind_req( struct rpc_pipe_client *cli,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
RPC_HDR_AUTH *pauth_out,
prs_struct *auth_data)
{
@@ -1760,7 +1760,7 @@ static NTSTATUS create_rpc_bind_req(struct rpc_pipe_client *cli,
const struct ndr_syntax_id *abstract,
const struct ndr_syntax_id *transfer,
enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level)
+ enum dcerpc_AuthLevel auth_level)
{
RPC_HDR_AUTH hdr_auth;
prs_struct auth_info;
@@ -1856,7 +1856,7 @@ static NTSTATUS add_ntlmssp_auth_footer(struct rpc_pipe_client *cli,
}
switch (cli->auth->auth_level) {
- case PIPE_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data portion is encrypted. */
status = ntlmssp_seal_packet(cli->auth->a_u.ntlmssp_state,
(unsigned char *)prs_data_p(outgoing_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN,
@@ -1870,7 +1870,7 @@ static NTSTATUS add_ntlmssp_auth_footer(struct rpc_pipe_client *cli,
}
break;
- case PIPE_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
/* Data is signed. */
status = ntlmssp_sign_packet(cli->auth->a_u.ntlmssp_state,
(unsigned char *)prs_data_p(outgoing_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN,
@@ -1938,8 +1938,8 @@ static NTSTATUS add_schannel_auth_footer(struct rpc_pipe_client *cli,
}
switch (cli->auth->auth_level) {
- case PIPE_AUTH_LEVEL_PRIVACY:
- case PIPE_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
DEBUG(10,("add_schannel_auth_footer: SCHANNEL seq_num=%d\n",
sas->seq_num));
@@ -1998,8 +1998,8 @@ static uint32 calculate_data_len_tosend(struct rpc_pipe_client *cli,
#endif
switch (cli->auth->auth_level) {
- case PIPE_AUTH_LEVEL_NONE:
- case PIPE_AUTH_LEVEL_CONNECT:
+ case DCERPC_AUTH_LEVEL_NONE:
+ case DCERPC_AUTH_LEVEL_CONNECT:
data_space = cli->max_xmit_frag - RPC_HEADER_LEN - RPC_HDR_REQ_LEN;
data_len = MIN(data_space, data_left);
*p_ss_padding = 0;
@@ -2007,8 +2007,8 @@ static uint32 calculate_data_len_tosend(struct rpc_pipe_client *cli,
*p_frag_len = RPC_HEADER_LEN + RPC_HDR_REQ_LEN + data_len;
return data_len;
- case PIPE_AUTH_LEVEL_INTEGRITY:
- case PIPE_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
/* Treat the same for all authenticated rpc requests. */
switch(cli->auth->auth_type) {
case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP:
@@ -2404,7 +2404,7 @@ static bool check_bind_response(RPC_HDR_BA *hdr_ba,
static NTSTATUS create_rpc_bind_auth3(struct rpc_pipe_client *cli,
uint32 rpc_call_id,
enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
DATA_BLOB *pauth_blob,
prs_struct *rpc_out)
{
@@ -2464,7 +2464,7 @@ static NTSTATUS create_rpc_bind_auth3(struct rpc_pipe_client *cli,
static NTSTATUS create_rpc_alter_context(uint32 rpc_call_id,
const struct ndr_syntax_id *abstract,
const struct ndr_syntax_id *transfer,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const DATA_BLOB *pauth_blob, /* spnego auth blob already created. */
prs_struct *rpc_out)
{
@@ -2980,7 +2980,7 @@ NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx,
}
result->auth_type = PIPE_AUTH_TYPE_NONE;
- result->auth_level = PIPE_AUTH_LEVEL_NONE;
+ result->auth_level = DCERPC_AUTH_LEVEL_NONE;
result->user_name = talloc_strdup(result, "");
result->domain = talloc_strdup(result, "");
@@ -3001,7 +3001,7 @@ static int cli_auth_ntlmssp_data_destructor(struct cli_pipe_auth_data *auth)
NTSTATUS rpccli_ntlmssp_bind_data(TALLOC_CTX *mem_ctx,
enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
@@ -3053,9 +3053,9 @@ NTSTATUS rpccli_ntlmssp_bind_data(TALLOC_CTX *mem_ctx,
result->a_u.ntlmssp_state->neg_flags &=
~(NTLMSSP_NEGOTIATE_SIGN | NTLMSSP_NEGOTIATE_SEAL);
- if (auth_level == PIPE_AUTH_LEVEL_INTEGRITY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_INTEGRITY) {
result->a_u.ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
- } else if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ } else if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
result->a_u.ntlmssp_state->neg_flags
|= NTLMSSP_NEGOTIATE_SEAL | NTLMSSP_NEGOTIATE_SIGN;
}
@@ -3069,7 +3069,7 @@ NTSTATUS rpccli_ntlmssp_bind_data(TALLOC_CTX *mem_ctx,
}
NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, const char *domain,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const uint8_t sess_key[16],
struct cli_pipe_auth_data **presult)
{
@@ -3116,7 +3116,7 @@ static int cli_auth_kerberos_data_destructor(struct kerberos_auth_struct *auth)
#endif
NTSTATUS rpccli_kerberos_bind_data(TALLOC_CTX *mem_ctx,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *service_princ,
const char *username,
const char *password,
@@ -3702,7 +3702,7 @@ static NTSTATUS cli_rpc_pipe_open_ntlmssp_internal(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
@@ -3755,7 +3755,7 @@ static NTSTATUS cli_rpc_pipe_open_ntlmssp_internal(struct cli_state *cli,
NTSTATUS cli_rpc_pipe_open_ntlmssp(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
@@ -3780,7 +3780,7 @@ NTSTATUS cli_rpc_pipe_open_ntlmssp(struct cli_state *cli,
NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
@@ -3889,7 +3889,7 @@ NTSTATUS get_schannel_session_key(struct cli_state *cli,
NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
struct netlogon_creds_CredentialState **pdc,
struct rpc_pipe_client **presult)
@@ -3959,7 +3959,7 @@ static NTSTATUS get_schannel_session_key_auth_ntlmssp(struct cli_state *cli,
status = cli_rpc_pipe_open_spnego_ntlmssp(
cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain, username, password, &netlogon_pipe);
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -3985,7 +3985,7 @@ static NTSTATUS get_schannel_session_key_auth_ntlmssp(struct cli_state *cli,
NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
@@ -4026,7 +4026,7 @@ NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
struct rpc_pipe_client **presult)
{
@@ -4066,7 +4066,7 @@ NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli,
NTSTATUS cli_rpc_pipe_open_krb5(struct cli_state *cli,
const struct ndr_syntax_id *interface,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *service_princ,
const char *username,
const char *password,
diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c
index c5c0c02090..09263b45d4 100644
--- a/source3/rpc_parse/parse_prs.c
+++ b/source3/rpc_parse/parse_prs.c
@@ -1071,7 +1071,7 @@ bool prs_string(const char *name, prs_struct *ps, int depth, char *str, int max_
********************************************************************/
static void schannel_digest(struct schannel_auth_struct *a,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
struct NL_AUTH_SIGNATURE *verf,
char *data, size_t data_len,
uchar digest_final[16])
@@ -1095,7 +1095,7 @@ static void schannel_digest(struct schannel_auth_struct *a,
out of order */
MD5Update(&ctx3, zeros, sizeof(zeros));
MD5Update(&ctx3, sig, 8);
- if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
MD5Update(&ctx3, verf->Confounder, sizeof(verf->Confounder));
}
MD5Update(&ctx3, (const unsigned char *)data, data_len);
@@ -1169,7 +1169,7 @@ static void schannel_deal_with_seq_num(struct schannel_auth_struct *a,
quite compatible with what MS does.
********************************************************************/
-void schannel_encode(struct schannel_auth_struct *a, enum pipe_auth_level auth_level,
+void schannel_encode(struct schannel_auth_struct *a, enum dcerpc_AuthLevel auth_level,
enum schannel_direction direction,
struct NL_AUTH_SIGNATURE *verf,
char *data, size_t data_len)
@@ -1199,7 +1199,7 @@ void schannel_encode(struct schannel_auth_struct *a, enum pipe_auth_level auth_l
dump_data_pw("verf->SequenceNumber:\n", verf->SequenceNumber, sizeof(verf->SequenceNumber));
- if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
verf->SealAlgorithm = NL_SEAL_RC4;
} else {
verf->SealAlgorithm = NL_SEAL_NONE;
@@ -1217,7 +1217,7 @@ void schannel_encode(struct schannel_auth_struct *a, enum pipe_auth_level auth_l
schannel_digest(a, auth_level, verf, data, data_len, digest_final);
memcpy(verf->Checksum, digest_final, sizeof(verf->Checksum));
- if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
uchar sealing_key[16];
/* get the key to encode the data with */
@@ -1249,7 +1249,7 @@ void schannel_encode(struct schannel_auth_struct *a, enum pipe_auth_level auth_l
as well as decode sealed messages
********************************************************************/
-bool schannel_decode(struct schannel_auth_struct *a, enum pipe_auth_level auth_level,
+bool schannel_decode(struct schannel_auth_struct *a, enum dcerpc_AuthLevel auth_level,
enum schannel_direction direction,
struct NL_AUTH_SIGNATURE *verf, char *data, size_t data_len)
{
@@ -1263,7 +1263,7 @@ bool schannel_decode(struct schannel_auth_struct *a, enum pipe_auth_level auth_l
DEBUG(10,("SCHANNEL: schannel_decode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len));
- if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
schannel_sig = schannel_seal_sig;
} else {
schannel_sig = schannel_sign_sig;
@@ -1317,7 +1317,7 @@ bool schannel_decode(struct schannel_auth_struct *a, enum pipe_auth_level auth_l
return False;
}
- if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
uchar sealing_key[16];
/* get the key to extract the data with */
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 07a0b971a0..06d4937261 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -595,8 +595,8 @@ static NTSTATUS netr_creds_server_step_check(pipes_struct *p,
struct tdb_context *tdb;
bool schannel_global_required = (lp_server_schannel() == true) ? true:false;
bool schannel_in_use = (p->auth.auth_type == PIPE_AUTH_TYPE_SCHANNEL) ? true:false; /* &&
- (p->auth.auth_level == PIPE_AUTH_LEVEL_INTEGRITY ||
- p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY); */
+ (p->auth.auth_level == DCERPC_AUTH_LEVEL_INTEGRITY ||
+ p->auth.auth_level == DCERPC_AUTH_LEVEL_PRIVACY); */
tdb = open_schannel_session_store(mem_ctx);
if (!tdb) {
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index ce7df63972..fee37ba6e3 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -196,7 +196,7 @@ static bool create_next_pdu_ntlmssp(pipes_struct *p)
} else {
auth_type = RPC_SPNEGO_AUTH_TYPE;
}
- if (p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (p->auth.auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
auth_level = RPC_AUTH_LEVEL_PRIVACY;
} else {
auth_level = RPC_AUTH_LEVEL_INTEGRITY;
@@ -213,7 +213,7 @@ static bool create_next_pdu_ntlmssp(pipes_struct *p)
/* Generate the sign blob. */
switch (p->auth.auth_level) {
- case PIPE_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data portion is encrypted. */
status = ntlmssp_seal_packet(
a->ntlmssp_state,
@@ -229,7 +229,7 @@ static bool create_next_pdu_ntlmssp(pipes_struct *p)
return False;
}
break;
- case PIPE_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
/* Data is signed. */
status = ntlmssp_sign_packet(
a->ntlmssp_state,
@@ -415,7 +415,7 @@ static bool create_next_pdu_schannel(pipes_struct *p)
init_rpc_hdr_auth(&auth_info,
RPC_SCHANNEL_AUTH_TYPE,
- p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY ?
+ p->auth.auth_level == DCERPC_AUTH_LEVEL_PRIVACY ?
RPC_AUTH_LEVEL_PRIVACY : RPC_AUTH_LEVEL_INTEGRITY,
ss_padding_len, 1);
@@ -589,8 +589,8 @@ static bool create_next_pdu_noauth(pipes_struct *p)
bool create_next_pdu(pipes_struct *p)
{
switch(p->auth.auth_level) {
- case PIPE_AUTH_LEVEL_NONE:
- case PIPE_AUTH_LEVEL_CONNECT:
+ case DCERPC_AUTH_LEVEL_NONE:
+ case DCERPC_AUTH_LEVEL_CONNECT:
/* This is incorrect for auth level connect. Fixme. JRA */
return create_next_pdu_noauth(p);
@@ -647,7 +647,7 @@ static bool pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
ensure the underlying NTLMSSP flags are also set. If not we should
refuse the bind. */
- if (p->auth.auth_level == PIPE_AUTH_LEVEL_INTEGRITY) {
+ if (p->auth.auth_level == DCERPC_AUTH_LEVEL_INTEGRITY) {
if (!(a->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN)) {
DEBUG(0,("pipe_ntlmssp_verify_final: pipe %s : packet integrity requested "
"but client declined signing.\n",
@@ -655,7 +655,7 @@ static bool pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
return False;
}
}
- if (p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (p->auth.auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
if (!(a->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL)) {
DEBUG(0,("pipe_ntlmssp_verify_final: pipe %s : packet privacy requested "
"but client declined sealing.\n",
@@ -840,7 +840,7 @@ static bool setup_bind_nak(pipes_struct *p)
if (p->auth.auth_data_free_func) {
(*p->auth.auth_data_free_func)(&p->auth);
}
- p->auth.auth_level = PIPE_AUTH_LEVEL_NONE;
+ p->auth.auth_level = DCERPC_AUTH_LEVEL_NONE;
p->auth.auth_type = PIPE_AUTH_TYPE_NONE;
p->pipe_bound = False;
@@ -1690,10 +1690,10 @@ bool api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p)
/* Work out if we have to sign or seal etc. */
switch (auth_info.auth_level) {
case RPC_AUTH_LEVEL_INTEGRITY:
- p->auth.auth_level = PIPE_AUTH_LEVEL_INTEGRITY;
+ p->auth.auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
break;
case RPC_AUTH_LEVEL_PRIVACY:
- p->auth.auth_level = PIPE_AUTH_LEVEL_PRIVACY;
+ p->auth.auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
break;
default:
DEBUG(0,("api_pipe_bind_req: unexpected auth level (%u).\n",
@@ -1731,7 +1731,7 @@ bool api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p)
/* We're finished - no more packets. */
p->auth.auth_type = PIPE_AUTH_TYPE_NONE;
/* We must set the pipe auth_level here also. */
- p->auth.auth_level = PIPE_AUTH_LEVEL_NONE;
+ p->auth.auth_level = DCERPC_AUTH_LEVEL_NONE;
p->pipe_bound = True;
/* The session key was initialized from the SMB
* session in make_internal_rpc_pipe_p */
@@ -2042,7 +2042,7 @@ bool api_pipe_ntlmssp_auth_process(pipes_struct *p, prs_struct *rpc_in,
*pstatus = NT_STATUS_OK;
- if (p->auth.auth_level == PIPE_AUTH_LEVEL_NONE || p->auth.auth_level == PIPE_AUTH_LEVEL_CONNECT) {
+ if (p->auth.auth_level == DCERPC_AUTH_LEVEL_NONE || p->auth.auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
return True;
}
@@ -2091,7 +2091,7 @@ bool api_pipe_ntlmssp_auth_process(pipes_struct *p, prs_struct *rpc_in,
auth_blob.length = auth_len;
switch (p->auth.auth_level) {
- case PIPE_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data is encrypted. */
*pstatus = ntlmssp_unseal_packet(a->ntlmssp_state,
data, data_len,
@@ -2102,7 +2102,7 @@ bool api_pipe_ntlmssp_auth_process(pipes_struct *p, prs_struct *rpc_in,
return False;
}
break;
- case PIPE_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
/* Data is signed. */
*pstatus = ntlmssp_check_packet(a->ntlmssp_state,
data, data_len,
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 058bd12f61..9e95c48033 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2741,7 +2741,7 @@ static NTSTATUS get_user_info_18(pipes_struct *p,
return NT_STATUS_ACCESS_DENIED;
}
- if (p->auth.auth_level != PIPE_AUTH_LEVEL_PRIVACY) {
+ if (p->auth.auth_level != DCERPC_AUTH_LEVEL_PRIVACY) {
return NT_STATUS_ACCESS_DENIED;
}
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index c0268f348e..7a20e487f2 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -26,7 +26,7 @@
DOM_SID domain_sid;
static enum pipe_auth_type pipe_default_auth_type = PIPE_AUTH_TYPE_NONE;
-static enum pipe_auth_level pipe_default_auth_level = PIPE_AUTH_LEVEL_NONE;
+static enum dcerpc_AuthLevel pipe_default_auth_level = DCERPC_AUTH_LEVEL_NONE;
static unsigned int timeout = 0;
static enum dcerpc_transport_t default_transport = NCACN_NP;
@@ -380,7 +380,7 @@ static NTSTATUS cmd_sign(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
{
const char *type = "NTLMSSP";
- pipe_default_auth_level = PIPE_AUTH_LEVEL_INTEGRITY;
+ pipe_default_auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
pipe_default_auth_type = PIPE_AUTH_TYPE_NTLMSSP;
if (argc > 2) {
@@ -412,7 +412,7 @@ static NTSTATUS cmd_seal(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
{
const char *type = "NTLMSSP";
- pipe_default_auth_level = PIPE_AUTH_LEVEL_PRIVACY;
+ pipe_default_auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
pipe_default_auth_type = PIPE_AUTH_TYPE_NTLMSSP;
if (argc > 2) {
@@ -475,7 +475,7 @@ static NTSTATUS cmd_timeout(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
static NTSTATUS cmd_none(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- pipe_default_auth_level = PIPE_AUTH_LEVEL_NONE;
+ pipe_default_auth_level = DCERPC_AUTH_LEVEL_NONE;
pipe_default_auth_type = PIPE_AUTH_TYPE_NONE;
return cmd_set_ss_level();
@@ -485,7 +485,7 @@ static NTSTATUS cmd_schannel(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
d_printf("Setting schannel - sign and seal\n");
- pipe_default_auth_level = PIPE_AUTH_LEVEL_PRIVACY;
+ pipe_default_auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
pipe_default_auth_type = PIPE_AUTH_TYPE_SCHANNEL;
return cmd_set_ss_level();
@@ -495,7 +495,7 @@ static NTSTATUS cmd_schannel_sign(struct rpc_pipe_client *cli, TALLOC_CTX *mem_c
int argc, const char **argv)
{
d_printf("Setting schannel - sign only\n");
- pipe_default_auth_level = PIPE_AUTH_LEVEL_INTEGRITY;
+ pipe_default_auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
pipe_default_auth_type = PIPE_AUTH_TYPE_SCHANNEL;
return cmd_set_ss_level();
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 549539298f..b4505347b1 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -159,7 +159,7 @@ int run_rpc_command(struct net_context *c,
/* Always try and create an schannel netlogon pipe. */
nt_status = cli_rpc_pipe_open_schannel(
cli, interface, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY, domain_name,
+ DCERPC_AUTH_LEVEL_PRIVACY, domain_name,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise schannel netlogon pipe. Error was %s\n",
@@ -172,7 +172,7 @@ int run_rpc_command(struct net_context *c,
cli, interface,
(conn_flags & NET_FLAGS_TCP) ?
NCACN_IP_TCP : NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
lp_workgroup(), c->opt_user_name,
c->opt_password, &pipe_hnd);
} else {
diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c
index dbe77355c8..23913812b0 100644
--- a/source3/utils/net_rpc_join.c
+++ b/source3/utils/net_rpc_join.c
@@ -102,7 +102,7 @@ NTSTATUS net_rpc_join_ok(struct net_context *c, const char *domain,
ntret = cli_rpc_pipe_open_schannel_with_key(
cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain, &netlogon_pipe->dc, &pipe_hnd);
if (!NT_STATUS_IS_OK(ntret)) {
@@ -420,7 +420,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv)
result = cli_rpc_pipe_open_schannel_with_key(
cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY, domain, &pipe_hnd->dc,
+ DCERPC_AUTH_LEVEL_PRIVACY, domain, &pipe_hnd->dc,
&netlogon_schannel_pipe);
if (!NT_STATUS_IS_OK(result)) {
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 3418022c62..450bb1bc06 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2056,7 +2056,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
result = cli_rpc_pipe_open_spnego_ntlmssp(conn->cli,
&ndr_table_samr.syntax_id,
NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain_name,
machine_account,
machine_password,
@@ -2100,7 +2100,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
}
result = cli_rpc_pipe_open_schannel_with_key
(conn->cli, &ndr_table_samr.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain->name, &p_creds, &conn->samr_pipe);
if (!NT_STATUS_IS_OK(result)) {
@@ -2196,7 +2196,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
* authenticated LSA pipe with sign & seal. */
result = cli_rpc_pipe_open_spnego_ntlmssp
(conn->cli, &ndr_table_lsarpc.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
conn->cli->domain, conn->cli->user_name, conn->cli->password,
&conn->lsa_pipe);
@@ -2237,7 +2237,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
}
result = cli_rpc_pipe_open_schannel_with_key
(conn->cli, &ndr_table_lsarpc.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain->name, &p_creds, &conn->lsa_pipe);
if (!NT_STATUS_IS_OK(result)) {
@@ -2384,7 +2384,7 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
result = cli_rpc_pipe_open_schannel_with_key(
conn->cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY, domain->name, &netlogon_pipe->dc,
+ DCERPC_AUTH_LEVEL_PRIVACY, domain->name, &netlogon_pipe->dc,
&conn->netlogon_pipe);
/* We can now close the initial netlogon pipe. */