diff options
-rw-r--r-- | librpc/idl/dcerpc.idl | 3 | ||||
-rw-r--r-- | source3/librpc/rpc/dcerpc_helpers.c | 5 | ||||
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 33 | ||||
-rw-r--r-- | source3/rpc_client/cli_pipe.h | 3 |
4 files changed, 42 insertions, 2 deletions
diff --git a/librpc/idl/dcerpc.idl b/librpc/idl/dcerpc.idl index b7ba432688..86f22a4b8c 100644 --- a/librpc/idl/dcerpc.idl +++ b/librpc/idl/dcerpc.idl @@ -179,7 +179,8 @@ interface dcerpc DCERPC_AUTH_TYPE_MSN = 18, DCERPC_AUTH_TYPE_DIGEST = 21, DCERPC_AUTH_TYPE_SCHANNEL = 68, - DCERPC_AUTH_TYPE_MSMQ = 100 + DCERPC_AUTH_TYPE_MSMQ = 100, + DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM = 200 } dcerpc_AuthType; typedef [enum8bit] enum { diff --git a/source3/librpc/rpc/dcerpc_helpers.c b/source3/librpc/rpc/dcerpc_helpers.c index f45ee941c1..7520d767ba 100644 --- a/source3/librpc/rpc/dcerpc_helpers.c +++ b/source3/librpc/rpc/dcerpc_helpers.c @@ -754,7 +754,8 @@ NTSTATUS dcerpc_add_auth_footer(struct pipe_auth_data *auth, DATA_BLOB auth_blob; NTSTATUS status; - if (auth->auth_type == DCERPC_AUTH_TYPE_NONE) { + if (auth->auth_type == DCERPC_AUTH_TYPE_NONE || + auth->auth_type == DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM) { return NT_STATUS_OK; } @@ -792,6 +793,7 @@ NTSTATUS dcerpc_add_auth_footer(struct pipe_auth_data *auth, /* Generate any auth sign/seal and add the auth footer. */ switch (auth->auth_type) { case DCERPC_AUTH_TYPE_NONE: + case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM: status = NT_STATUS_OK; break; case DCERPC_AUTH_TYPE_SPNEGO: @@ -914,6 +916,7 @@ NTSTATUS dcerpc_check_auth(struct pipe_auth_data *auth, switch (auth->auth_type) { case DCERPC_AUTH_TYPE_NONE: + case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM: return NT_STATUS_OK; case DCERPC_AUTH_TYPE_SPNEGO: diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index aac47f34a8..26a00547c3 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -1194,6 +1194,12 @@ static NTSTATUS create_rpc_bind_req(TALLOC_CTX *mem_ctx, } break; + case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM: + auth_token = data_blob_talloc(mem_ctx, + "NCALRPC_AUTH_TOKEN", + 18); + break; + case DCERPC_AUTH_TYPE_NONE: break; @@ -1721,6 +1727,7 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq) switch(pauth->auth_type) { case DCERPC_AUTH_TYPE_NONE: + case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM: case DCERPC_AUTH_TYPE_SCHANNEL: /* Bind complete. */ tevent_req_done(req); @@ -1759,6 +1766,7 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq) switch(pauth->auth_type) { case DCERPC_AUTH_TYPE_NONE: + case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM: case DCERPC_AUTH_TYPE_SCHANNEL: /* Bind complete. */ tevent_req_done(req); @@ -2243,6 +2251,30 @@ bool rpccli_get_pwd_hash(struct rpc_pipe_client *rpc_cli, uint8_t nt_hash[16]) return true; } +NTSTATUS rpccli_ncalrpc_bind_data(TALLOC_CTX *mem_ctx, + struct pipe_auth_data **presult) +{ + struct pipe_auth_data *result; + + result = talloc(mem_ctx, struct pipe_auth_data); + if (result == NULL) { + return NT_STATUS_NO_MEMORY; + } + + result->auth_type = DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM; + result->auth_level = DCERPC_AUTH_LEVEL_NONE; + + result->user_name = talloc_strdup(result, ""); + result->domain = talloc_strdup(result, ""); + if ((result->user_name == NULL) || (result->domain == NULL)) { + TALLOC_FREE(result); + return NT_STATUS_NO_MEMORY; + } + + *presult = result; + return NT_STATUS_OK; +} + NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx, struct pipe_auth_data **presult) { @@ -3259,6 +3291,7 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx, sk = gse_get_session_key(mem_ctx, gse_ctx); make_dup = false; break; + case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM: case DCERPC_AUTH_TYPE_NONE: sk = data_blob_const(a->user_session_key.data, a->user_session_key.length); diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h index b627c0af21..30c1bad797 100644 --- a/source3/rpc_client/cli_pipe.h +++ b/source3/rpc_client/cli_pipe.h @@ -50,6 +50,9 @@ bool rpccli_is_connected(struct rpc_pipe_client *rpc_cli); bool rpccli_get_pwd_hash(struct rpc_pipe_client *cli, uint8_t nt_hash[16]); +NTSTATUS rpccli_ncalrpc_bind_data(TALLOC_CTX *mem_ctx, + struct pipe_auth_data **presult); + NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx, struct pipe_auth_data **presult); |