diff options
author | Stefan Metzmacher <metze@samba.org> | 2004-07-09 12:26:34 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:56:54 -0500 |
commit | b119ebeab0699910f717384591903651d0621886 (patch) | |
tree | 73fe119f7479de2e8f3ded246278f1f6693d9e3a /source4/librpc/rpc/dcerpc_auth.c | |
parent | bdb0b60861dd2c352dd30ff1c1822c57ce304d0f (diff) | |
download | samba-b119ebeab0699910f717384591903651d0621886.tar.gz samba-b119ebeab0699910f717384591903651d0621886.tar.bz2 samba-b119ebeab0699910f717384591903651d0621886.zip |
r1419: spnego inside of dcerpc using alter_context/alter_context_resp
instead of auth3
metze
(This used to be commit 19b0567ee533744a0f2778bf8549636a25d96526)
Diffstat (limited to 'source4/librpc/rpc/dcerpc_auth.c')
-rw-r--r-- | source4/librpc/rpc/dcerpc_auth.c | 88 |
1 files changed, 87 insertions, 1 deletions
diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c index 92f1a88485..43b2212d60 100644 --- a/source4/librpc/rpc/dcerpc_auth.c +++ b/source4/librpc/rpc/dcerpc_auth.c @@ -44,7 +44,7 @@ NTSTATUS dcerpc_bind_auth_none(struct dcerpc_pipe *p, return status; } -NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p, uint8_t auth_type, +NTSTATUS dcerpc_bind_auth3(struct dcerpc_pipe *p, uint8_t auth_type, const char *uuid, uint_t version) { NTSTATUS status; @@ -126,4 +126,90 @@ done: return status; } +NTSTATUS dcerpc_bind_alter(struct dcerpc_pipe *p, uint8_t auth_type, + const char *uuid, uint_t version) +{ + NTSTATUS status; + TALLOC_CTX *mem_ctx; + DATA_BLOB credentials; + DATA_BLOB null_data_blob = data_blob(NULL, 0); + + mem_ctx = talloc_init("dcerpc_bind_auth"); + if (!mem_ctx) { + return NT_STATUS_NO_MEMORY; + } + + if (!p->security_state.generic_state) { + status = gensec_client_start(&p->security_state.generic_state); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + status = gensec_start_mech_by_authtype(p->security_state.generic_state, auth_type); + + if (!NT_STATUS_IS_OK(status)) { + return status; + } + } + + p->security_state.auth_info = talloc(p->mem_ctx, sizeof(*p->security_state.auth_info)); + if (!p->security_state.auth_info) { + status = NT_STATUS_NO_MEMORY; + goto done; + } + + p->security_state.auth_info->auth_type = auth_type; + p->security_state.auth_info->auth_pad_length = 0; + p->security_state.auth_info->auth_reserved = 0; + p->security_state.auth_info->auth_context_id = random(); + p->security_state.auth_info->credentials = null_data_blob; + + if (p->flags & DCERPC_SEAL) { + p->security_state.auth_info->auth_level = DCERPC_AUTH_LEVEL_PRIVACY; + } else if (p->flags & DCERPC_SIGN) { + p->security_state.auth_info->auth_level = DCERPC_AUTH_LEVEL_INTEGRITY; + } else { + p->security_state.auth_info->auth_level = DCERPC_AUTH_LEVEL_NONE; + } + + status = gensec_update(p->security_state.generic_state, mem_ctx, + null_data_blob, + &credentials); + + if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + goto done; + } + + p->security_state.auth_info->credentials = credentials; + + status = dcerpc_bind_byuuid(p, mem_ctx, uuid, version); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + while(1) { + status = gensec_update(p->security_state.generic_state, mem_ctx, + p->security_state.auth_info->credentials, + &credentials); + + if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + goto done; + } + + p->security_state.auth_info->credentials = credentials; + + status = dcerpc_alter(p, mem_ctx); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + } + +done: + talloc_destroy(mem_ctx); + + if (!NT_STATUS_IS_OK(status)) { + ZERO_STRUCT(p->security_state); + } + + return status; +} |