diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2004-05-25 14:06:28 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:56:14 -0500 |
| commit | 5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3 (patch) | |
| tree | 78f843cb6a9ff745f9ac5ef35de53bccbf1ccbd8 /source4/librpc/rpc/dcerpc.c | |
| parent | 579c13da43d5b40ac6d6c1436399fbc1d8dfd054 (diff) | |
| download | samba-5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3.tar.gz samba-5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3.tar.bz2 samba-5b0ab386cb0fb74d78e6c68abe1b047ab515b7b3.zip | |
r874: This patch is a pile of work on NTLMSSP:
Samba's NTLMSSP code is now fully talloc based, which should go a long
way to cleaning up the memory leaks in this code. This also avoids a
lot of extra copies of data, as we now allocate the 'return' blobs on
a caller-supplied context.
I have also been doing a lot of work towards NTLM2 signing and
sealing. I have this working for sealing, but not for the verifier
(MD5 integrity check on the stream) which is still incorrect.
(I can aim a rpcecho sinkdata from a Win2k3 box to my server, and the
data arrives intact, but the signature check fails. It does however
match the test values I have...).
The new torture test is cludged in - when we get a unit test suite
back, I'll happliy put it in the 'right' place....
Andrew Bartlett
(This used to be commit 399e2e2b1149b8d1c070aa7f0d5131c0b577d2b9)
Diffstat (limited to 'source4/librpc/rpc/dcerpc.c')
| -rw-r--r-- | source4/librpc/rpc/dcerpc.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c index 21340e4f63..e4c5174af3 100644 --- a/source4/librpc/rpc/dcerpc.c +++ b/source4/librpc/rpc/dcerpc.c @@ -183,6 +183,7 @@ static NTSTATUS dcerpc_pull_request_sign(struct dcerpc_pipe *p, switch (p->auth_info->auth_level) { case DCERPC_AUTH_LEVEL_PRIVACY: status = p->security_state->unseal_packet(p->security_state, + mem_ctx, pkt->u.response.stub_and_verifier.data, pkt->u.response.stub_and_verifier.length, &auth.credentials); @@ -190,6 +191,7 @@ static NTSTATUS dcerpc_pull_request_sign(struct dcerpc_pipe *p, case DCERPC_AUTH_LEVEL_INTEGRITY: status = p->security_state->check_packet(p->security_state, + mem_ctx, pkt->u.response.stub_and_verifier.data, pkt->u.response.stub_and_verifier.length, &auth.credentials); @@ -250,6 +252,7 @@ static NTSTATUS dcerpc_push_request_sign(struct dcerpc_pipe *p, switch (p->auth_info->auth_level) { case DCERPC_AUTH_LEVEL_PRIVACY: status = p->security_state->seal_packet(p->security_state, + mem_ctx, ndr->data + DCERPC_REQUEST_LENGTH, ndr->offset - DCERPC_REQUEST_LENGTH, &p->auth_info->credentials); @@ -257,6 +260,7 @@ static NTSTATUS dcerpc_push_request_sign(struct dcerpc_pipe *p, case DCERPC_AUTH_LEVEL_INTEGRITY: status = p->security_state->sign_packet(p->security_state, + mem_ctx, ndr->data + DCERPC_REQUEST_LENGTH, ndr->offset - DCERPC_REQUEST_LENGTH, &p->auth_info->credentials); |