diff options
| author | Andrew Tridgell <tridge@samba.org> | 2004-06-03 23:15:16 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:56:25 -0500 |
| commit | 8087d844ef59a82617be51f7c887b9bafe362f80 (patch) | |
| tree | e09e1761bc871b73eeaf5c25109e9d8daf207c1d /source4/rpc_server/netlogon | |
| parent | 4309727424a0a27bbf5372789bc8644b96a28ba9 (diff) | |
| download | samba-8087d844ef59a82617be51f7c887b9bafe362f80.tar.gz samba-8087d844ef59a82617be51f7c887b9bafe362f80.tar.bz2 samba-8087d844ef59a82617be51f7c887b9bafe362f80.zip | |
r995: - renamed many of our crypto routines to use the industry standard
names rather than our crazy naming scheme. So DES is now called
des_crypt() rather than smbhash()
- added the code from the solution of the ADS crypto challenge that
allows Samba to correctly handle a 128 bit session key in all of the
netr_ServerAuthenticateX() varients. A huge thanks to Luke Howard
from PADL for solving this one!
- restructured the server side rpc authentication to allow for other
than NTLMSSP sign and seal. This commit just adds the structure, the
next commit will add schannel server side support.
- added 128 bit session key support to our client side code, and
testing against w2k3 with smbtorture. Works well.
(This used to be commit 729b2f41c924a0b435d44a14209e6dacc2304cee)
Diffstat (limited to 'source4/rpc_server/netlogon')
| -rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 81d37d0984..5f4717a5c6 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -148,7 +148,7 @@ static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TAL ZERO_STRUCTP(r->out.credentials); *r->out.rid = 0; - *r->out.negotiate_flags = *r->in.negotiate_flags & NETLOGON_NEG_AUTH2_FLAGS; + *r->out.negotiate_flags = *r->in.negotiate_flags; if (!pipe_state) { DEBUG(1, ("No challange requested by client, cannot authenticate\n")); @@ -228,8 +228,9 @@ static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TAL creds_server_init(pipe_state->creds, &pipe_state->client_challenge, &pipe_state->server_challenge, mach_pwd, - r->out.credentials); - + r->out.credentials, + *r->in.negotiate_flags); + if (!creds_server_check(pipe_state->creds, r->in.credentials)) { return NT_STATUS_ACCESS_DENIED; } @@ -249,8 +250,6 @@ static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TAL } pipe_state->computer_name = talloc_strdup(pipe_state->mem_ctx, r->in.computer_name); - - *r->out.negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; return NT_STATUS_OK; } |