diff options
| author | Andrew Tridgell <tridge@samba.org> | 2004-09-12 06:38:00 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:58:40 -0500 |
| commit | f8f2630c0d65460435598f3b1db5672091df99e7 (patch) | |
| tree | d38ec5117a7b02c5e48e95ab15f1c98d666451b1 /source4/librpc/rpc/dcerpc.c | |
| parent | 350c12e5c98e13426710c16a2787dd1580e0a060 (diff) | |
| download | samba-f8f2630c0d65460435598f3b1db5672091df99e7.tar.gz samba-f8f2630c0d65460435598f3b1db5672091df99e7.tar.bz2 samba-f8f2630c0d65460435598f3b1db5672091df99e7.zip | |
r2294: this fixes the NTLM2 sign+seal combination. I have now tested:
NTLM sign
NTLM sign+seal
NTLM2 sign
NTLM2 sign+seal
and all of the above both with and without key exchange
the NTLM2 seal case is ugly and involves an extra data copy, which
some API changes in gensec or the ndr layer might avoid in future.
(This used to be commit fce7a4218b3136d880dd1a123e8525e3091bbed8)
Diffstat (limited to 'source4/librpc/rpc/dcerpc.c')
| -rw-r--r-- | source4/librpc/rpc/dcerpc.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c index c2f691aa09..629edd16d4 100644 --- a/source4/librpc/rpc/dcerpc.c +++ b/source4/librpc/rpc/dcerpc.c @@ -214,11 +214,14 @@ static NTSTATUS dcerpc_pull_request_sign(struct dcerpc_pipe *p, case DCERPC_AUTH_LEVEL_PRIVACY: status = gensec_unseal_packet(p->security_state.generic_state, mem_ctx, - pkt->u.response.stub_and_verifier.data, + blob->data + DCERPC_REQUEST_LENGTH, pkt->u.response.stub_and_verifier.length, blob->data, blob->length - auth.credentials.length, &auth.credentials); + memcpy(pkt->u.response.stub_and_verifier.data, + blob->data + DCERPC_REQUEST_LENGTH, + pkt->u.response.stub_and_verifier.length); break; case DCERPC_AUTH_LEVEL_INTEGRITY: @@ -327,8 +330,8 @@ static NTSTATUS dcerpc_push_request_sign(struct dcerpc_pipe *p, case DCERPC_AUTH_LEVEL_PRIVACY: status = gensec_seal_packet(p->security_state.generic_state, mem_ctx, - ndr->data + DCERPC_REQUEST_LENGTH, - ndr->offset - DCERPC_REQUEST_LENGTH, + blob->data + DCERPC_REQUEST_LENGTH, + pkt->u.request.stub_and_verifier.length+p->security_state.auth_info->auth_pad_length, blob->data, blob->length - p->security_state.auth_info->credentials.length, @@ -339,8 +342,8 @@ static NTSTATUS dcerpc_push_request_sign(struct dcerpc_pipe *p, case DCERPC_AUTH_LEVEL_INTEGRITY: status = gensec_sign_packet(p->security_state.generic_state, mem_ctx, - ndr->data + DCERPC_REQUEST_LENGTH, - ndr->offset - DCERPC_REQUEST_LENGTH, + blob->data + DCERPC_REQUEST_LENGTH, + pkt->u.request.stub_and_verifier.length, blob->data, blob->length - p->security_state.auth_info->credentials.length, |