summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/auth/auth_ntlmssp.c10
-rw-r--r--source3/include/proto.h2
-rw-r--r--source3/rpc_server/srv_pipe.c21
3 files changed, 33 insertions, 0 deletions
diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index 1b48ba022d..7184fa6b95 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -74,6 +74,16 @@ bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *auth_ntlmssp_state)
return auth_ntlmssp_state->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL;
}
+void auth_ntlmssp_want_sign(struct auth_ntlmssp_state *auth_ntlmssp_state)
+{
+
+}
+
+void auth_ntlmssp_want_seal(struct auth_ntlmssp_state *auth_ntlmssp_state)
+{
+
+}
+
NTSTATUS auth_ntlmssp_server_info(TALLOC_CTX *mem_ctx,
struct auth_ntlmssp_state *auth_ntlmssp_state,
struct auth_serversupplied_info **_server_info)
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 268e2b50aa..9582884c2f 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -63,6 +63,8 @@ const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *auth_ntlmssp_stat
const char *auth_ntlmssp_get_client(struct auth_ntlmssp_state *auth_ntlmssp_state);
bool auth_ntlmssp_negotiated_sign(struct auth_ntlmssp_state *auth_ntlmssp_state);
bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *auth_ntlmssp_state);
+void auth_ntlmssp_want_sign(struct auth_ntlmssp_state *auth_ntlmssp_state);
+void auth_ntlmssp_want_seal(struct auth_ntlmssp_state *auth_ntlmssp_state);
NTSTATUS auth_ntlmssp_start(struct auth_ntlmssp_state **auth_ntlmssp_state);
void auth_ntlmssp_end(struct auth_ntlmssp_state **auth_ntlmssp_state);
NTSTATUS auth_ntlmssp_update(struct auth_ntlmssp_state *auth_ntlmssp_state,
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 0f60cdff1c..4678aeb698 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -1189,6 +1189,16 @@ static bool pipe_spnego_auth_bind_negotiate(pipes_struct *p, prs_struct *rpc_in_
goto err;
}
+ switch (auth_info.auth_level) {
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
+ auth_ntlmssp_want_sign(a);
+ break;
+ case DCERPC_AUTH_LEVEL_PRIVACY:
+ auth_ntlmssp_want_seal(a);
+ break;
+ default:
+ break;
+ }
/*
* Pass the first security blob of data to it.
* This can return an error or NT_STATUS_MORE_PROCESSING_REQUIRED
@@ -1524,6 +1534,17 @@ static bool pipe_ntlmssp_auth_bind(pipes_struct *p, prs_struct *rpc_in_p,
goto err;
}
+ switch (pauth_info->auth_level) {
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
+ auth_ntlmssp_want_sign(a);
+ break;
+ case DCERPC_AUTH_LEVEL_PRIVACY:
+ auth_ntlmssp_want_seal(a);
+ break;
+ default:
+ break;
+ }
+
status = auth_ntlmssp_update(a, blob, &response);
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
DEBUG(0,("pipe_ntlmssp_auth_bind: auth_ntlmssp_update failed: %s\n",