diff options
| author | Andrew Tridgell <tridge@samba.org> | 2004-02-10 10:22:12 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2004-02-10 10:22:12 +0000 |
| commit | 078cced5ec1026432f5df275a7023db70a62693e (patch) | |
| tree | 3d9e8d162c9268cde955087cfc78b24b1167164e /source4/librpc/rpc/dcerpc.h | |
| parent | f5cb6392b3810301614a99de2ecb938d925da519 (diff) | |
| download | samba-078cced5ec1026432f5df275a7023db70a62693e.tar.gz samba-078cced5ec1026432f5df275a7023db70a62693e.tar.bz2 samba-078cced5ec1026432f5df275a7023db70a62693e.zip | |
- modified the dcerpc client security code to be generic, so ntlmssp
and schannel are both instances of possible security modules
- added schannel sign and sign/seal support to the dcerpc client
code. You select it with binding options of "schannel,sign" or
"schannel,seal".
(This used to be commit 05db0b9d942cad8f1dd574dc35b759e5e79d4195)
Diffstat (limited to 'source4/librpc/rpc/dcerpc.h')
| -rw-r--r-- | source4/librpc/rpc/dcerpc.h | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h index c5cf07ddba..55c81c374e 100644 --- a/source4/librpc/rpc/dcerpc.h +++ b/source4/librpc/rpc/dcerpc.h @@ -20,16 +20,23 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -/* - see http://www.opengroup.org/onlinepubs/9629399/chap12.htm for details - of these structures +enum dcerpc_transport_t {NCACN_NP, NCACN_IP_TCP}; - note that the structure definitions here don't include some of the - fields that are wire-artifacts. Those are put on the wire by the - marshalling/unmarshalling routines in decrpc.c +/* + this defines a generic security context for signed/sealed dcerpc pipes. */ - -enum dcerpc_transport_t {NCACN_NP, NCACN_IP_TCP}; +struct dcerpc_security { + void *private; + NTSTATUS (*unseal_packet)(struct dcerpc_security *, + uchar *data, size_t length, DATA_BLOB *sig); + NTSTATUS (*check_packet)(struct dcerpc_security *, + const uchar *data, size_t length, const DATA_BLOB *sig); + NTSTATUS (*seal_packet)(struct dcerpc_security *, + uchar *data, size_t length, DATA_BLOB *sig); + NTSTATUS (*sign_packet)(struct dcerpc_security *, + const uchar *data, size_t length, DATA_BLOB *sig); + void (*security_end)(struct dcerpc_security *); +}; struct dcerpc_pipe { @@ -39,7 +46,7 @@ struct dcerpc_pipe { uint32 srv_max_xmit_frag; uint32 srv_max_recv_frag; unsigned flags; - struct ntlmssp_state *ntlmssp_state; + struct dcerpc_security *security_state; struct dcerpc_auth *auth_info; const char *binding_string; @@ -73,6 +80,8 @@ struct dcerpc_pipe { #define DCERPC_PUSH_BIGENDIAN 64 #define DCERPC_PULL_BIGENDIAN 128 +#define DCERPC_SCHANNEL 256 + /* this is used to find pointers to calls */ |