summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/ntdomain.h6
-rw-r--r--source3/libsmb/credentials.c32
-rw-r--r--source3/rpc_client/cli_netlogon.c52
-rw-r--r--source3/rpc_server/srv_netlog_nt.c6
4 files changed, 47 insertions, 49 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index 6537d5a7fb..b89b0fea3a 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -135,9 +135,9 @@ struct handle_list {
/* Domain controller authentication protocol info */
struct dcinfo {
uint32 sequence; /* "timestamp" from client. */
- DOM_CHAL seed_chal;
- DOM_CHAL clnt_chal; /* Client credential */
- DOM_CHAL srv_chal; /* Server credential */
+ struct netr_Credential seed_chal;
+ struct netr_Credential clnt_chal; /* Client credential */
+ struct netr_Credential srv_chal; /* Server credential */
unsigned char sess_key[16]; /* Session key - 8 bytes followed by 8 zero bytes */
unsigned char mach_pw[16]; /* md4(machine password) */
diff --git a/source3/libsmb/credentials.c b/source3/libsmb/credentials.c
index 0043f4e6a9..328b931df0 100644
--- a/source3/libsmb/credentials.c
+++ b/source3/libsmb/credentials.c
@@ -42,9 +42,9 @@ char *credstr(const unsigned char *cred)
****************************************************************************/
static void creds_init_128(struct dcinfo *dc,
- const DOM_CHAL *clnt_chal_in,
- const DOM_CHAL *srv_chal_in,
- const unsigned char mach_pw[16])
+ const struct netr_Credential *clnt_chal_in,
+ const struct netr_Credential *srv_chal_in,
+ const unsigned char mach_pw[16])
{
unsigned char zero[4], tmp[16];
HMACMD5Context ctx;
@@ -94,9 +94,9 @@ static void creds_init_128(struct dcinfo *dc,
****************************************************************************/
static void creds_init_64(struct dcinfo *dc,
- const DOM_CHAL *clnt_chal_in,
- const DOM_CHAL *srv_chal_in,
- const unsigned char mach_pw[16])
+ const struct netr_Credential *clnt_chal_in,
+ const struct netr_Credential *srv_chal_in,
+ const unsigned char mach_pw[16])
{
uint32 sum[2];
unsigned char sum2[8];
@@ -177,10 +177,10 @@ static void creds_step(struct dcinfo *dc)
void creds_server_init(uint32 neg_flags,
struct dcinfo *dc,
- DOM_CHAL *clnt_chal,
- DOM_CHAL *srv_chal,
+ struct netr_Credential *clnt_chal,
+ struct netr_Credential *srv_chal,
const unsigned char mach_pw[16],
- DOM_CHAL *init_chal_out)
+ struct netr_Credential *init_chal_out)
{
DEBUG(10,("creds_server_init: neg_flags : %x\n", (unsigned int)neg_flags));
DEBUG(10,("creds_server_init: client chal : %s\n", credstr(clnt_chal->data) ));
@@ -246,7 +246,7 @@ bool netlogon_creds_server_check(const struct dcinfo *dc,
static void creds_reseed(struct dcinfo *dc)
{
- DOM_CHAL time_chal;
+ struct netr_Credential time_chal;
SIVAL(time_chal.data, 0, IVAL(dc->seed_chal.data, 0) + dc->sequence + 1);
SIVAL(time_chal.data, 4, IVAL(dc->seed_chal.data, 4));
@@ -274,7 +274,8 @@ bool creds_server_step(struct dcinfo *dc, const DOM_CRED *received_cred, DOM_CRE
/* Create the outgoing credentials */
cred_out->timestamp.time = tmp_dc.sequence + 1;
- cred_out->challenge = tmp_dc.srv_chal;
+ memcpy(&cred_out->challenge.data, tmp_dc.srv_chal.data,
+ sizeof(cred_out->challenge.data));
creds_reseed(&tmp_dc);
@@ -324,10 +325,10 @@ bool netlogon_creds_server_step(struct dcinfo *dc,
void creds_client_init(uint32 neg_flags,
struct dcinfo *dc,
- DOM_CHAL *clnt_chal,
- DOM_CHAL *srv_chal,
+ struct netr_Credential *clnt_chal,
+ struct netr_Credential *srv_chal,
const unsigned char mach_pw[16],
- DOM_CHAL *init_chal_out)
+ struct netr_Credential *init_chal_out)
{
dc->sequence = time(NULL);
@@ -406,7 +407,8 @@ void creds_client_step(struct dcinfo *dc, DOM_CRED *next_cred_out)
creds_step(dc);
creds_reseed(dc);
- next_cred_out->challenge = dc->clnt_chal;
+ memcpy(&next_cred_out->challenge.data, dc->clnt_chal.data,
+ sizeof(next_cred_out->challenge.data));
next_cred_out->timestamp.time = dc->sequence;
}
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index f15340ffec..5d6f32980d 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -251,17 +251,17 @@ static NTSTATUS rpccli_net_auth3(struct rpc_pipe_client *cli,
****************************************************************************/
NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
- const char *server_name,
- const char *domain,
- const char *clnt_name,
- const char *machine_account,
- const unsigned char machine_pwd[16],
- uint32 sec_chan_type,
- uint32 *neg_flags_inout)
+ const char *server_name,
+ const char *domain,
+ const char *clnt_name,
+ const char *machine_account,
+ const unsigned char machine_pwd[16],
+ enum netr_SchannelType sec_chan_type,
+ uint32_t *neg_flags_inout)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_CHAL clnt_chal_send;
- DOM_CHAL srv_chal_recv;
+ struct netr_Credential clnt_chal_send;
+ struct netr_Credential srv_chal_recv;
struct dcinfo *dc;
SMB_ASSERT(cli->pipe_idx == PI_NETLOGON);
@@ -288,13 +288,11 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
generate_random_buffer(clnt_chal_send.data, 8);
/* Get the server challenge. */
- result = rpccli_net_req_chal(cli,
- cli->mem_ctx,
- dc->remote_machine,
- clnt_name,
- &clnt_chal_send,
- &srv_chal_recv);
-
+ result = rpccli_netr_ServerReqChallenge(cli, cli->mem_ctx,
+ dc->remote_machine,
+ clnt_name,
+ &clnt_chal_send,
+ &srv_chal_recv);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
@@ -307,20 +305,18 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
machine_pwd,
&clnt_chal_send);
- /*
+ /*
* Send client auth-2 challenge and receive server repy.
*/
- result = rpccli_net_auth2(cli,
- cli->mem_ctx,
- dc->remote_machine,
- dc->mach_acct,
- sec_chan_type,
- clnt_name,
- neg_flags_inout,
- &clnt_chal_send, /* input. */
- &srv_chal_recv); /* output */
-
+ result = rpccli_netr_ServerAuthenticate2(cli, cli->mem_ctx,
+ dc->remote_machine,
+ dc->mach_acct,
+ sec_chan_type,
+ clnt_name,
+ &clnt_chal_send, /* input. */
+ &srv_chal_recv, /* output. */
+ neg_flags_inout);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
@@ -330,7 +326,7 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
* server received challenge.
*/
- if (!creds_client_check(dc, &srv_chal_recv)) {
+ if (!netlogon_creds_client_check(dc, &srv_chal_recv)) {
/*
* Server replied with bad credential. Fail.
*/
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 3e15d38043..017c4fe046 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -35,7 +35,7 @@ extern userdom_struct current_user_info;
*************************************************************************/
static void init_net_r_req_chal(struct netr_Credential *r,
- DOM_CHAL *srv_chal)
+ struct netr_Credential *srv_chal)
{
DEBUG(6,("init_net_r_req_chal: %d\n", __LINE__));
@@ -406,7 +406,7 @@ NTSTATUS _netr_ServerAuthenticate(pipes_struct *p,
struct netr_ServerAuthenticate *r)
{
NTSTATUS status;
- DOM_CHAL srv_chal_out;
+ struct netr_Credential srv_chal_out;
if (!p->dc || !p->dc->challenge_sent) {
return NT_STATUS_ACCESS_DENIED;
@@ -465,7 +465,7 @@ NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p,
{
NTSTATUS status;
uint32_t srv_flgs;
- DOM_CHAL srv_chal_out;
+ struct netr_Credential srv_chal_out;
/* We use this as the key to store the creds: */
/* r->in.computer_name */