summaryrefslogtreecommitdiff
path: root/source4/rpc_server/netlogon
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-06-03 23:15:16 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:56:25 -0500
commit8087d844ef59a82617be51f7c887b9bafe362f80 (patch)
treee09e1761bc871b73eeaf5c25109e9d8daf207c1d /source4/rpc_server/netlogon
parent4309727424a0a27bbf5372789bc8644b96a28ba9 (diff)
downloadsamba-8087d844ef59a82617be51f7c887b9bafe362f80.tar.gz
samba-8087d844ef59a82617be51f7c887b9bafe362f80.tar.bz2
samba-8087d844ef59a82617be51f7c887b9bafe362f80.zip
r995: - renamed many of our crypto routines to use the industry standard
names rather than our crazy naming scheme. So DES is now called des_crypt() rather than smbhash() - added the code from the solution of the ADS crypto challenge that allows Samba to correctly handle a 128 bit session key in all of the netr_ServerAuthenticateX() varients. A huge thanks to Luke Howard from PADL for solving this one! - restructured the server side rpc authentication to allow for other than NTLMSSP sign and seal. This commit just adds the structure, the next commit will add schannel server side support. - added 128 bit session key support to our client side code, and testing against w2k3 with smbtorture. Works well. (This used to be commit 729b2f41c924a0b435d44a14209e6dacc2304cee)
Diffstat (limited to 'source4/rpc_server/netlogon')
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c9
1 files changed, 4 insertions, 5 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 81d37d0984..5f4717a5c6 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -148,7 +148,7 @@ static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TAL
ZERO_STRUCTP(r->out.credentials);
*r->out.rid = 0;
- *r->out.negotiate_flags = *r->in.negotiate_flags & NETLOGON_NEG_AUTH2_FLAGS;
+ *r->out.negotiate_flags = *r->in.negotiate_flags;
if (!pipe_state) {
DEBUG(1, ("No challange requested by client, cannot authenticate\n"));
@@ -228,8 +228,9 @@ static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TAL
creds_server_init(pipe_state->creds, &pipe_state->client_challenge,
&pipe_state->server_challenge, mach_pwd,
- r->out.credentials);
-
+ r->out.credentials,
+ *r->in.negotiate_flags);
+
if (!creds_server_check(pipe_state->creds, r->in.credentials)) {
return NT_STATUS_ACCESS_DENIED;
}
@@ -249,8 +250,6 @@ static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TAL
}
pipe_state->computer_name = talloc_strdup(pipe_state->mem_ctx, r->in.computer_name);
-
- *r->out.negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS;
return NT_STATUS_OK;
}