summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_netlog.c32
-rw-r--r--source3/rpc_server/srv_netlog_nt.c68
2 files changed, 88 insertions, 12 deletions
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 01d646bf57..4c13ad0c67 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -60,6 +60,37 @@ static BOOL api_net_req_chal(pipes_struct *p)
}
/*************************************************************************
+ api_net_auth:
+ *************************************************************************/
+
+static BOOL api_net_auth(pipes_struct *p)
+{
+ NET_Q_AUTH q_u;
+ NET_R_AUTH r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ /* grab the challenge... */
+ if(!net_io_q_auth("", &q_u, data, 0)) {
+ DEBUG(0,("api_net_auth: Failed to unmarshall NET_Q_AUTH.\n"));
+ return False;
+ }
+
+ r_u.status = _net_auth(p, &q_u, &r_u);
+
+ /* store the response in the SMB stream */
+ if(!net_io_r_auth("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_net_auth: Failed to marshall NET_R_AUTH.\n"));
+ return False;
+ }
+
+ return True;
+}
+
+/*************************************************************************
api_net_auth_2:
*************************************************************************/
@@ -257,6 +288,7 @@ static BOOL api_net_logon_ctrl2(pipes_struct *p)
static struct api_struct api_net_cmds [] =
{
{ "NET_REQCHAL" , NET_REQCHAL , api_net_req_chal },
+ { "NET_AUTH" , NET_AUTH , api_net_auth },
{ "NET_AUTH2" , NET_AUTH2 , api_net_auth_2 },
{ "NET_SRVPWSET" , NET_SRVPWSET , api_net_srv_pwset },
{ "NET_SAMLOGON" , NET_SAMLOGON , api_net_sam_logon },
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index cfcfac1d1a..6b1fe64ddc 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -96,18 +96,6 @@ uint32 _net_trust_dom_list(pipes_struct *p, NET_Q_TRUST_DOM_LIST *q_u, NET_R_TRU
return r_u->status;
}
-/*************************************************************************
- init_net_r_auth_2:
- *************************************************************************/
-
-static void init_net_r_auth_2(NET_R_AUTH_2 *r_a,
- DOM_CHAL *resp_cred, NEG_FLAGS *flgs, int status)
-{
- memcpy(r_a->srv_chal.data, resp_cred->data, sizeof(resp_cred->data));
- memcpy(&r_a->srv_flgs, flgs, sizeof(r_a->srv_flgs));
- r_a->status = status;
-}
-
/***********************************************************************************
init_net_r_srv_pwset:
***********************************************************************************/
@@ -219,6 +207,62 @@ uint32 _net_req_chal(pipes_struct *p, NET_Q_REQ_CHAL *q_u, NET_R_REQ_CHAL *r_u)
}
/*************************************************************************
+ init_net_r_auth:
+ *************************************************************************/
+
+static void init_net_r_auth(NET_R_AUTH *r_a, DOM_CHAL *resp_cred, int status)
+{
+ memcpy(r_a->srv_chal.data, resp_cred->data, sizeof(resp_cred->data));
+ r_a->status = status;
+}
+
+/*************************************************************************
+ _net_auth
+ *************************************************************************/
+
+uint32 _net_auth(pipes_struct *p, NET_Q_AUTH *q_u, NET_R_AUTH *r_u)
+{
+ uint32 status = NT_STATUS_NOPROBLEMO;
+ DOM_CHAL srv_cred;
+ UTIME srv_time;
+
+ if (!get_valid_user_struct(p->vuid))
+ return NT_STATUS_NO_SUCH_USER;
+
+ srv_time.time = 0;
+
+ /* check that the client credentials are valid */
+ if (cred_assert(&q_u->clnt_chal, p->dc.sess_key, &p->dc.clnt_cred.challenge, srv_time)) {
+
+ /* create server challenge for inclusion in the reply */
+ cred_create(p->dc.sess_key, &p->dc.srv_cred.challenge, srv_time, &srv_cred);
+
+ /* copy the received client credentials for use next time */
+ memcpy(p->dc.clnt_cred.challenge.data, q_u->clnt_chal.data, sizeof(q_u->clnt_chal.data));
+ memcpy(p->dc.srv_cred .challenge.data, q_u->clnt_chal.data, sizeof(q_u->clnt_chal.data));
+ } else {
+ status = NT_STATUS_ACCESS_DENIED;
+ }
+
+ /* set up the LSA AUTH 2 response */
+ init_net_r_auth(r_u, &srv_cred, status);
+
+ return r_u->status;
+}
+
+/*************************************************************************
+ init_net_r_auth_2:
+ *************************************************************************/
+
+static void init_net_r_auth_2(NET_R_AUTH_2 *r_a,
+ DOM_CHAL *resp_cred, NEG_FLAGS *flgs, int status)
+{
+ memcpy(r_a->srv_chal.data, resp_cred->data, sizeof(resp_cred->data));
+ memcpy(&r_a->srv_flgs, flgs, sizeof(r_a->srv_flgs));
+ r_a->status = status;
+}
+
+/*************************************************************************
_net_auth_2
*************************************************************************/