summaryrefslogtreecommitdiff
path: root/source4/librpc/rpc
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-06-06 12:59:14 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:56:34 -0500
commit42eadaf3d94afc7abf8ba2f1a67c55f317215483 (patch)
tree17aba1b55e533eece7b1b6a529ac309000549a3f /source4/librpc/rpc
parent7b1e0454ef1a6af65c9e9305b7502ca5294a1793 (diff)
downloadsamba-42eadaf3d94afc7abf8ba2f1a67c55f317215483.tar.gz
samba-42eadaf3d94afc7abf8ba2f1a67c55f317215483.tar.bz2
samba-42eadaf3d94afc7abf8ba2f1a67c55f317215483.zip
r1048: - moved the schannel definitions into a separate schannel.idl
- added server side support for schannel type 23. This allows WinXP to establish a schannel connection to Samba4 as an ADS DC - added client side support for schannel type 23, but disabled it as currently the client code has now way of getting the fully qualified domain name (which is needed) - report dcerpc faults in the server code in the log (This used to be commit 55e0b014fe14ca8811b55887208a1c3147ddb0d2)
Diffstat (limited to 'source4/librpc/rpc')
-rw-r--r--source4/librpc/rpc/dcerpc_schannel.c20
1 files changed, 14 insertions, 6 deletions
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c
index 22285bd56b..c2645d36a2 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -178,7 +178,7 @@ NTSTATUS dcerpc_bind_auth_schannel_key(struct dcerpc_pipe *p,
NTSTATUS status;
struct schannel_state *schannel_state;
const char *workgroup, *workstation;
- struct dcerpc_bind_schannel bind_schannel;
+ struct schannel_bind bind_schannel;
workstation = username;
workgroup = domain;
@@ -206,14 +206,22 @@ NTSTATUS dcerpc_bind_auth_schannel_key(struct dcerpc_pipe *p,
p->auth_info->auth_context_id = random();
p->security_state = NULL;
- /* TODO: what are these?? */
bind_schannel.unknown1 = 0;
- bind_schannel.unknown2 = 3;
- bind_schannel.domain = workgroup;
- bind_schannel.hostname = workstation;
+#if 0
+ /* to support this we'd need to have access to the full domain name */
+ bind_schannel.bind_type = 23;
+ bind_schannel.u.info23.domain = domain;
+ bind_schannel.u.info23.account_name = username;
+ bind_schannel.u.info23.dnsdomain = str_format_nbt_domain(p->mem_ctx, fulldomainname);
+ bind_schannel.u.info23.workstation = str_format_nbt_domain(p->mem_ctx, username);
+#else
+ bind_schannel.bind_type = 3;
+ bind_schannel.u.info3.domain = domain;
+ bind_schannel.u.info3.account_name = username;
+#endif
status = ndr_push_struct_blob(&p->auth_info->credentials, p->mem_ctx, &bind_schannel,
- (ndr_push_flags_fn_t)ndr_push_dcerpc_bind_schannel);
+ (ndr_push_flags_fn_t)ndr_push_schannel_bind);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}