r2284: Thanks to some great detective work by tridge, NTLM2 signing now works.

This means that 'require NTLMv2 session security' now works for RPC pipe signing. We don't yet have sealing, but it can't be much further. This is almost all tridge's code, munged into a form that can work with the GENSEC API. This commit also includes more lsakey fixes - that key is used for all DCE-RPC level authenticated connections, even over CIFS/ncacn_np. No doubt I missed something, but I'm going to get some sleep :-) Andrew Bartlett (This used to be commit a1fe175eec884280fb7e9ca8f528134cf4600beb)
author: Andrew Bartlett <abartlet@samba.org> 2004-09-11 15:11:36 +0000
committer: Gerald (Jerry) Carter <jerry@samba.org> 2007-10-10 12:58:39 -0500
commit: 909c9b681a0718b8701e05addbad08c0aec87113 (patch)
tree: d569f2f54075a0514fa6e4b591d383f47e8d631d /source4/librpc/rpc/dcerpc_schannel.c
parent: 4490c816a90871cd93b1a709bae91e5176e4f599 (diff)
download: samba-909c9b681a0718b8701e05addbad08c0aec87113.tar.gz
samba-909c9b681a0718b8701e05addbad08c0aec87113.tar.bz2
samba-909c9b681a0718b8701e05addbad08c0aec87113.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c
index efe609f9a3..9aa2b0c88d 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -50,7 +50,9 @@ static NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p,
 */
 static NTSTATUS dcerpc_schannel_unseal_packet(struct gensec_security *gensec_security, 
 					      TALLOC_CTX *mem_ctx, 
-					      uint8_t *data, size_t length, DATA_BLOB *sig)
+					      uint8_t *data, size_t length, 
+					      const uint8_t *whole_pdu, size_t pdu_length, 
+					      DATA_BLOB *sig)
 {
 	struct dcerpc_schannel_state *dce_schan_state = gensec_security->private_data;
 	
@@ -60,6 +62,7 @@ static NTSTATUS dcerpc_schannel_unseal_packet(struct gensec_security *gensec_sec
 static NTSTATUS dcerpc_schannel_check_packet(struct gensec_security *gensec_security, 
 					     TALLOC_CTX *mem_ctx, 
 					     const uint8_t *data, size_t length, 
+					     const uint8_t *whole_pdu, size_t pdu_length, 
 					     const DATA_BLOB *sig)
 {
 	struct dcerpc_schannel_state *dce_schan_state = gensec_security->private_data;
@@ -70,6 +73,7 @@ static NTSTATUS dcerpc_schannel_check_packet(struct gensec_security *gensec_secu
 static NTSTATUS dcerpc_schannel_seal_packet(struct gensec_security *gensec_security, 
 					    TALLOC_CTX *mem_ctx, 
 					    uint8_t *data, size_t length, 
+					    const uint8_t *whole_pdu, size_t pdu_length, 
 					    DATA_BLOB *sig)
 {
 	struct dcerpc_schannel_state *dce_schan_state = gensec_security->private_data;
@@ -80,6 +84,7 @@ static NTSTATUS dcerpc_schannel_seal_packet(struct gensec_security *gensec_secur
 static NTSTATUS dcerpc_schannel_sign_packet(struct gensec_security *gensec_security, 
 					    TALLOC_CTX *mem_ctx, 
 					    const uint8_t *data, size_t length, 
+					    const uint8_t *whole_pdu, size_t pdu_length, 
 					    DATA_BLOB *sig)
 {
 	struct dcerpc_schannel_state *dce_schan_state = gensec_security->private_data;
author	Andrew Bartlett <abartlet@samba.org>	2004-09-11 15:11:36 +0000
committer	Gerald (Jerry) Carter <jerry@samba.org>	2007-10-10 12:58:39 -0500
commit	909c9b681a0718b8701e05addbad08c0aec87113 (patch)
tree	d569f2f54075a0514fa6e4b591d383f47e8d631d /source4/librpc/rpc/dcerpc_schannel.c
parent	4490c816a90871cd93b1a709bae91e5176e4f599 (diff)
download	samba-909c9b681a0718b8701e05addbad08c0aec87113.tar.gz samba-909c9b681a0718b8701e05addbad08c0aec87113.tar.bz2 samba-909c9b681a0718b8701e05addbad08c0aec87113.zip