summaryrefslogtreecommitdiff
path: root/source4/librpc
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2004-11-10 16:50:15 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:05:42 -0500
commitf847f3a3e13d2d96f9b74a398047d84b4ad78127 (patch)
treedd73f41e4149a6d19b0aa83ef4f1a445ed23741b /source4/librpc
parente7810eeab787bb93b36c95f8783d0b8f4c7cf7c0 (diff)
downloadsamba-f847f3a3e13d2d96f9b74a398047d84b4ad78127.tar.gz
samba-f847f3a3e13d2d96f9b74a398047d84b4ad78127.tar.bz2
samba-f847f3a3e13d2d96f9b74a398047d84b4ad78127.zip
r3660: This simulates the logon sequence of a XP login session I'm currently tuning
Samba3/OpenLDAP for. For a concrete situation you have to adapt the domain, pdcname and usernames/passwords. Sorry, not parametrized yet, but this should be doable if necessary. Volker (This used to be commit 02f52058722fc1aea02d4fe237c97404d8e4f491)
Diffstat (limited to 'source4/librpc')
-rw-r--r--source4/librpc/rpc/dcerpc_schannel.c66
1 files changed, 42 insertions, 24 deletions
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c
index 3472e1cbe2..c0db63e8b8 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -425,39 +425,23 @@ static NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p,
do a schannel style bind on a dcerpc pipe. The username is usually
of the form HOSTNAME$ and the password is the domain trust password
*/
-NTSTATUS dcerpc_bind_auth_schannel(struct dcerpc_pipe *p,
- const char *uuid, uint_t version,
- const char *domain,
- const char *username,
- const char *password)
+NTSTATUS dcerpc_bind_auth_schannel_withkey(struct dcerpc_pipe *p,
+ const char *uuid, uint_t version,
+ const char *domain,
+ const char *username,
+ const char *password,
+ uint8_t session_key[16])
{
NTSTATUS status;
- int chan_type = 0;
status = gensec_client_start(p, &p->security_state.generic_state);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- if (p->flags & DCERPC_SCHANNEL_BDC) {
- chan_type = SEC_CHAN_BDC;
- } else if (p->flags & DCERPC_SCHANNEL_WORKSTATION) {
- chan_type = SEC_CHAN_WKSTA;
- } else if (p->flags & DCERPC_SCHANNEL_DOMAIN) {
- chan_type = SEC_CHAN_DOMAIN;
- }
+ memcpy(p->security_state.generic_state->user.schan_session_key,
+ session_key, 16);
- status = dcerpc_schannel_key(p, domain,
- username,
- password,
- chan_type,
- p->security_state.generic_state->user.schan_session_key);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1, ("Failed to fetch schannel session key: %s\n", nt_errstr(status)));
- gensec_end(&p->security_state.generic_state);
- return status;
- }
-
status = gensec_set_username(p->security_state.generic_state, username);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to set schannel username to %s: %s\n", username, nt_errstr(status)));
@@ -492,6 +476,40 @@ NTSTATUS dcerpc_bind_auth_schannel(struct dcerpc_pipe *p,
return NT_STATUS_OK;
}
+NTSTATUS dcerpc_bind_auth_schannel(struct dcerpc_pipe *p,
+ const char *uuid, uint_t version,
+ const char *domain,
+ const char *username,
+ const char *password)
+{
+ NTSTATUS status;
+ int chan_type = 0;
+ uint8_t new_session_key[16];
+
+ if (p->flags & DCERPC_SCHANNEL_BDC) {
+ chan_type = SEC_CHAN_BDC;
+ } else if (p->flags & DCERPC_SCHANNEL_WORKSTATION) {
+ chan_type = SEC_CHAN_WKSTA;
+ } else if (p->flags & DCERPC_SCHANNEL_DOMAIN) {
+ chan_type = SEC_CHAN_DOMAIN;
+ }
+
+ status = dcerpc_schannel_key(p, domain,
+ username,
+ password,
+ chan_type,
+ new_session_key);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("Failed to fetch schannel session key: %s\n",
+ nt_errstr(status)));
+ return status;
+ }
+
+ return dcerpc_bind_auth_schannel_withkey(p, uuid, version, domain,
+ username, password,
+ new_session_key);
+}
static const struct gensec_security_ops gensec_dcerpc_schannel_security_ops = {
.name = "dcerpc_schannel",