diff options
author | Andrew Bartlett <abartlet@samba.org> | 2005-01-03 06:23:02 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:08:15 -0500 |
commit | 8eb981c90a6094b15d4b71cc14fee4f23c713cf8 (patch) | |
tree | 4a1fe311f020c986233596799ff82699bdd999c8 /source4/libcli/auth | |
parent | dd1c0a56b4e09454b6612923acfeef2fb4be7639 (diff) | |
download | samba-8eb981c90a6094b15d4b71cc14fee4f23c713cf8.tar.gz samba-8eb981c90a6094b15d4b71cc14fee4f23c713cf8.tar.bz2 samba-8eb981c90a6094b15d4b71cc14fee4f23c713cf8.zip |
r4499: Almost make our Samba4 server pass the RPC-SAMLOGON torture test.
I just need to fix a couple of NTLMv2 issues before we can fully pass,
and put this in test_rpc.sh, as a 'should pass' test.
Andrew Bartlett
(This used to be commit 4b52409e385366d87724bb79f4fad4803e8ecfec)
Diffstat (limited to 'source4/libcli/auth')
-rw-r--r-- | source4/libcli/auth/credentials.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/source4/libcli/auth/credentials.c b/source4/libcli/auth/credentials.c index a61660d776..8cae71180c 100644 --- a/source4/libcli/auth/credentials.c +++ b/source4/libcli/auth/credentials.c @@ -273,6 +273,7 @@ void creds_server_init(struct creds_CredentialState *creds, } *initial_credential = creds->server; + creds->negotiate_flags = negotiate_flags; } /* @@ -290,10 +291,14 @@ BOOL creds_server_check(const struct creds_CredentialState *creds, return True; } -BOOL creds_server_step_check(struct creds_CredentialState *creds, +NTSTATUS creds_server_step_check(struct creds_CredentialState *creds, struct netr_Authenticator *received_authenticator, struct netr_Authenticator *return_authenticator) { + if (!received_authenticator || !return_authenticator) { + return NT_STATUS_INVALID_PARAMETER; + } + /* TODO: this may allow the a replay attack on a non-signed connection. Should we check that this is increasing? */ creds->sequence = received_authenticator->timestamp; @@ -301,9 +306,9 @@ BOOL creds_server_step_check(struct creds_CredentialState *creds, if (creds_server_check(creds, &received_authenticator->cred)) { return_authenticator->cred = creds->server; return_authenticator->timestamp = creds->sequence; - return True; + return NT_STATUS_OK; } else { ZERO_STRUCTP(return_authenticator); - return False; + return NT_STATUS_ACCESS_DENIED; } } |