diff options
| author | Andrew Tridgell <tridge@samba.org> | 2003-12-14 10:45:50 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2003-12-14 10:45:50 +0000 |
| commit | d009dc61f90e45b695fb9eaaf11899c7572dc9a7 (patch) | |
| tree | 95106415da035447f3b5a7779d6e149ce6512f2c /source4/rpc_server/dcerpc_server.c | |
| parent | e2898c098fa090303ad0df67d5a9c454bac63e86 (diff) | |
| download | samba-d009dc61f90e45b695fb9eaaf11899c7572dc9a7.tar.gz samba-d009dc61f90e45b695fb9eaaf11899c7572dc9a7.tar.bz2 samba-d009dc61f90e45b695fb9eaaf11899c7572dc9a7.zip | |
ntlmssp over rpc over tcp now fully works
I needed to hack the ntlmssp code a little, as the auth code in samba4
is out of date relative to the samba3 auth code. I need to do a merge :)
(This used to be commit 6ee0935afe9444bf9bb24eed4e02e8377dc746b7)
Diffstat (limited to 'source4/rpc_server/dcerpc_server.c')
| -rw-r--r-- | source4/rpc_server/dcerpc_server.c | 44 |
1 files changed, 36 insertions, 8 deletions
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index 7fa7a7aa8b..16b573cfad 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -369,7 +369,8 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) return NT_STATUS_NO_MEMORY; } - status = dcerpc_push_auth(&rep->data, call->mem_ctx, &pkt, NULL); + status = dcerpc_push_auth(&rep->data, call->mem_ctx, &pkt, + call->dce->auth_state.auth_info); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -377,7 +378,26 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) SSVAL(rep->data.data, DCERPC_FRAG_LEN_OFFSET, rep->data.length); DLIST_ADD_END(call->replies, rep, struct dcesrv_call_reply *); + DLIST_ADD_END(call->dce->call_list, call, struct dcesrv_call_state *); + + return NT_STATUS_OK; +} + + +/* + handle a auth3 request +*/ +static NTSTATUS dcesrv_auth3(struct dcesrv_call_state *call) +{ + /* handle the auth3 in the auth code */ + if (!dcesrv_auth_auth3(call)) { + return dcesrv_fault(call, DCERPC_FAULT_OTHER); + } + + talloc_destroy(call->mem_ctx); + /* we don't send a reply to a auth3 request, except by a + fault */ return NT_STATUS_OK; } @@ -473,10 +493,8 @@ static NTSTATUS dcesrv_request(struct dcesrv_call_state *call) pkt.u.response.stub_and_verifier.data = stub.data; pkt.u.response.stub_and_verifier.length = length; - - status = dcerpc_push_auth(&rep->data, call->mem_ctx, &pkt, NULL); - if (!NT_STATUS_IS_OK(status)) { - return status; + if (!dcesrv_auth_response(call, &rep->data, &pkt)) { + return dcesrv_fault(call, DCERPC_FAULT_OTHER); } SSVAL(rep->data.data, DCERPC_FRAG_LEN_OFFSET, rep->data.length); @@ -487,6 +505,8 @@ static NTSTATUS dcesrv_request(struct dcesrv_call_state *call) stub.length -= length; } while (stub.length != 0); + DLIST_ADD_END(call->dce->call_list, call, struct dcesrv_call_state *); + return NT_STATUS_OK; } @@ -568,6 +588,13 @@ NTSTATUS dcesrv_input_process(struct dcesrv_state *dce) dce_partial_advance(dce, blob.length); + /* we have to check the signing here, before combining the + pdus */ + if (call->pkt.ptype == DCERPC_PKT_REQUEST && + !dcesrv_auth_request(call)) { + return dcesrv_fault(call, DCERPC_FAULT_OTHER); + } + /* see if this is a continued packet */ if (!(call->pkt.pfc_flags & DCERPC_PFC_FLAG_FIRST)) { struct dcesrv_call_state *call2 = call; @@ -623,6 +650,9 @@ NTSTATUS dcesrv_input_process(struct dcesrv_state *dce) case DCERPC_PKT_BIND: status = dcesrv_bind(call); break; + case DCERPC_PKT_AUTH3: + status = dcesrv_auth3(call); + break; case DCERPC_PKT_REQUEST: status = dcesrv_request(call); break; @@ -634,9 +664,7 @@ NTSTATUS dcesrv_input_process(struct dcesrv_state *dce) /* if we are going to be sending a reply then add it to the list of pending calls. We add it to the end to keep the call list in the order we will answer */ - if (NT_STATUS_IS_OK(status)) { - DLIST_ADD_END(dce->call_list, call, struct dcesrv_call_state *); - } else { + if (!NT_STATUS_IS_OK(status)) { talloc_destroy(mem_ctx); } |