diff options
Diffstat (limited to 'source3/rpc_server')
| -rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 26 | ||||
| -rw-r--r-- | source3/rpc_server/srv_pipe.c | 8 |
2 files changed, 28 insertions, 6 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 1aa58f5274..6f0d2384d5 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -566,26 +566,46 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * switch (ctr->switch_value) { case NET_LOGON_TYPE: + { + auth_authsupplied_info *auth_info = NULL; + make_auth_info_fixed(&auth_info, ctr->auth.id2.lm_chal); /* Standard challange/response authenticaion */ make_user_info_netlogon_network(&user_info, nt_username, nt_domain, - nt_workstation, ctr->auth.id2.lm_chal, + nt_workstation, ctr->auth.id2.lm_chal_resp.buffer, ctr->auth.id2.lm_chal_resp.str_str_len, ctr->auth.id2.nt_chal_resp.buffer, ctr->auth.id2.nt_chal_resp.str_str_len); + + status = check_password(user_info, auth_info, &server_info); + free_auth_info(&auth_info); + break; + } case INTERACTIVE_LOGON_TYPE: /* 'Interactive' autheticaion, supplies the password in its MD4 form, encrypted with the session key. We will convert this to challange/responce for the auth subsystem to chew on */ { + auth_authsupplied_info *auth_info = NULL; + DATA_BLOB chal; + if (!make_auth_info_subsystem(&auth_info)) { + return NT_STATUS_NO_MEMORY; + } + + chal = auth_get_challange(auth_info); + make_user_info_netlogon_interactive(&user_info, nt_username, nt_domain, - nt_workstation, + nt_workstation, chal.data, ctr->auth.id1.lm_owf.data, ctr->auth.id1.nt_owf.data, p->dc.sess_key); + status = check_password(user_info, auth_info, &server_info); + data_blob_free(&chal); + free_auth_info(&auth_info); + break; } default: @@ -593,8 +613,6 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * return NT_STATUS_INVALID_INFO_CLASS; } /* end switch */ - status = check_password(user_info, &server_info); - free_user_info(&user_info); DEBUG(5, ("_net_sam_logon: check_password returned status %s\n", diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index b9c40e719b..4b3140b350 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -271,6 +271,7 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm NTSTATUS nt_status; auth_usersupplied_info *user_info = NULL; + auth_authsupplied_info *auth_info = NULL; auth_serversupplied_info *server_info = NULL; uid_t *puid; @@ -343,17 +344,20 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm return False; } + + make_auth_info_fixed(&auth_info, (uchar*)p->challenge); if (!make_user_info_netlogon_network(&user_info, - user_name, domain, wks, (uchar*)p->challenge, + user_name, domain, wks, lm_owf, lm_pw_len, nt_owf, nt_pw_len)) { DEBUG(0,("make_user_info_netlogon_network failed! Failing authenticaion.\n")); return False; } - nt_status = check_password(user_info, &server_info); + nt_status = check_password(user_info, auth_info, &server_info); + free_auth_info(&auth_info); free_user_info(&user_info); p->ntlmssp_auth_validated = NT_STATUS_IS_OK(nt_status); |