diff options
| author | Andrew Tridgell <tridge@samba.org> | 2004-06-06 07:14:10 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:56:33 -0500 |
| commit | a1318baa5503648ffcff2e9cd625b6848ad285b8 (patch) | |
| tree | 0d3a24bfd6958b4ee0006add8c4334383472f71a /source4/librpc/rpc/dcerpc_schannel.c | |
| parent | 7ea6a0b1fc3e5f35e5096ad820053d54c4496a09 (diff) | |
| download | samba-a1318baa5503648ffcff2e9cd625b6848ad285b8.tar.gz samba-a1318baa5503648ffcff2e9cd625b6848ad285b8.tar.bz2 samba-a1318baa5503648ffcff2e9cd625b6848ad285b8.zip | |
r1041: - pulled the domain join code out of the netlogon test and made it a separate utility function, to allow
multiple torture tests to temporarily join a domain
- fixed a session key size problem
- added a schannel test suite
- allow schannel to work with ncacn_ip_tcp
(This used to be commit 36f05e4d575099fcb957b8a55781c38dcd2e1177)
Diffstat (limited to 'source4/librpc/rpc/dcerpc_schannel.c')
| -rw-r--r-- | source4/librpc/rpc/dcerpc_schannel.c | 36 |
1 files changed, 20 insertions, 16 deletions
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c index 61db90d1e3..f81429c1f3 100644 --- a/source4/librpc/rpc/dcerpc_schannel.c +++ b/source4/librpc/rpc/dcerpc_schannel.c @@ -81,7 +81,7 @@ NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p, const char *username, const char *password, int chan_type, - uint8_t new_session_key[8]) + uint8_t new_session_key[16]) { NTSTATUS status; struct dcerpc_pipe *p2; @@ -91,7 +91,7 @@ NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p, struct samr_Password mach_pwd; struct creds_CredentialState creds; const char *workgroup, *workstation; - uint32_t negotiate_flags = 0; + uint32_t negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; workstation = username; workgroup = domain; @@ -99,10 +99,10 @@ NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p, /* step 1 - establish a netlogon connection, with no authentication */ - status = dcerpc_secondary_smb(p, &p2, - DCERPC_NETLOGON_NAME, - DCERPC_NETLOGON_UUID, - DCERPC_NETLOGON_VERSION); + status = dcerpc_secondary_connection(p, &p2, + DCERPC_NETLOGON_NAME, + DCERPC_NETLOGON_UUID, + DCERPC_NETLOGON_VERSION); /* @@ -152,7 +152,7 @@ NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p, */ dcerpc_pipe_close(p2); - memcpy(new_session_key, creds.session_key, 8); + memcpy(new_session_key, creds.session_key, 16); return NT_STATUS_OK; } @@ -167,17 +167,13 @@ NTSTATUS dcerpc_bind_auth_schannel_key(struct dcerpc_pipe *p, const char *uuid, uint_t version, const char *domain, const char *username, - const uint8_t session_key[8]) + const uint8_t session_key[16]) { NTSTATUS status; - uint8_t full_session_key[16]; struct schannel_state *schannel_state; const char *workgroup, *workstation; struct dcerpc_bind_schannel bind_schannel; - memcpy(full_session_key, session_key, 8); - memset(full_session_key+8, 0, 8); - workstation = username; workgroup = domain; @@ -234,7 +230,7 @@ NTSTATUS dcerpc_bind_auth_schannel_key(struct dcerpc_pipe *p, goto done; } - status = schannel_start(&schannel_state, full_session_key, True); + status = schannel_start(&schannel_state, session_key, True); if (!NT_STATUS_IS_OK(status)) { goto done; } @@ -265,11 +261,19 @@ NTSTATUS dcerpc_bind_auth_schannel(struct dcerpc_pipe *p, const char *password) { NTSTATUS status; - uint8_t session_key[8]; + uint8_t session_key[16]; + int chan_type = 0; + + if (p->flags & DCERPC_SCHANNEL_BDC) { + chan_type = SEC_CHAN_BDC; + } else if (p->flags & DCERPC_SCHANNEL_WORKSTATION) { + chan_type = SEC_CHAN_WKSTA; + } else if (p->flags & DCERPC_SCHANNEL_DOMAIN) { + chan_type = SEC_CHAN_DOMAIN; + } status = dcerpc_schannel_key(p, domain, username, password, - lp_server_role() == ROLE_DOMAIN_BDC? SEC_CHAN_BDC:SEC_CHAN_WKSTA, - session_key); + chan_type, session_key); if (!NT_STATUS_IS_OK(status)) { return status; } |