diff options
| author | Andrew Tridgell <tridge@samba.org> | 2004-06-05 05:01:38 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:56:30 -0500 |
| commit | 5341ad20e1b8953c9256cd8e04a7e55ba9ef84b5 (patch) | |
| tree | 9d2c21766becd650905c32b1195d6a0203f93110 /source4/librpc/rpc | |
| parent | 4c6f04d83f20ecfe62cd87dadf9b48a898502ea7 (diff) | |
| download | samba-5341ad20e1b8953c9256cd8e04a7e55ba9ef84b5.tar.gz samba-5341ad20e1b8953c9256cd8e04a7e55ba9ef84b5.tar.bz2 samba-5341ad20e1b8953c9256cd8e04a7e55ba9ef84b5.zip | |
r1030: added server side schannel support
(This used to be commit 2ac79dfba0e64056a680f21d7dd0c007f79d4a70)
Diffstat (limited to 'source4/librpc/rpc')
| -rw-r--r-- | source4/librpc/rpc/dcerpc_schannel.c | 25 | ||||
| -rw-r--r-- | source4/librpc/rpc/dcerpc_util.c | 8 |
2 files changed, 15 insertions, 18 deletions
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c index ebfcdf7ff3..c271a94bf0 100644 --- a/source4/librpc/rpc/dcerpc_schannel.c +++ b/source4/librpc/rpc/dcerpc_schannel.c @@ -173,6 +173,7 @@ NTSTATUS dcerpc_bind_auth_schannel_key(struct dcerpc_pipe *p, uint8_t full_session_key[16]; struct schannel_state *schannel_state; const char *workgroup, *workstation; + struct dcerpc_bind_schannel bind_schannel; memcpy(full_session_key, session_key, 8); memset(full_session_key+8, 0, 8); @@ -203,21 +204,17 @@ NTSTATUS dcerpc_bind_auth_schannel_key(struct dcerpc_pipe *p, p->auth_info->auth_context_id = random(); p->security_state = NULL; - p->auth_info->credentials = data_blob_talloc(p->mem_ctx, - NULL, - 8 + - strlen(workgroup)+1 + - strlen(workstation)+1); - if (!p->auth_info->credentials.data) { - return NT_STATUS_NO_MEMORY; - } + /* TODO: what are these?? */ + bind_schannel.unknown1 = 0; + bind_schannel.unknown2 = 3; + bind_schannel.domain = workgroup; + bind_schannel.hostname = workstation; - /* oh, this is ugly! */ - SIVAL(p->auth_info->credentials.data, 0, 0); - SIVAL(p->auth_info->credentials.data, 4, 3); - memcpy(p->auth_info->credentials.data+8, workgroup, strlen(workgroup)+1); - memcpy(p->auth_info->credentials.data+8+strlen(workgroup)+1, - workstation, strlen(workstation)+1); + status = ndr_push_struct_blob(&p->auth_info->credentials, p->mem_ctx, &bind_schannel, + (ndr_push_flags_fn_t)ndr_push_dcerpc_bind_schannel); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } /* send the authenticated bind request */ status = dcerpc_bind_byuuid(p, p->mem_ctx, uuid, version); diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c index d8da1327d5..623d5ec24a 100644 --- a/source4/librpc/rpc/dcerpc_util.c +++ b/source4/librpc/rpc/dcerpc_util.c @@ -483,7 +483,7 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **p, (*p)->flags = binding->flags; if (binding->flags & DCERPC_SCHANNEL) { - const char *trust_password = secrets_fetch_machine_password(); + const char *trust_password = NULL; // samdb_fetch_member_password(); if (!trust_password) { DEBUG(0,("Unable to fetch machine password\n")); goto done; @@ -635,9 +635,9 @@ NTSTATUS dcerpc_pipe_connect(struct dcerpc_pipe **p, /* - create a secondary dcerpc connection on SMB - the secondary connection will be on the same SMB connection, but - use a new fnum + create a secondary dcerpc connection from a primary SMB connection + + the secondary connection will be on the same SMB connection, but use a new fnum */ NTSTATUS dcerpc_secondary_smb(struct dcerpc_pipe *p, struct dcerpc_pipe **p2, const char *pipe_name, |