summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_netlog_nt.c26
-rw-r--r--source3/rpc_server/srv_pipe.c8
2 files changed, 28 insertions, 6 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 1aa58f5274..6f0d2384d5 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -566,26 +566,46 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
switch (ctr->switch_value) {
case NET_LOGON_TYPE:
+ {
+ auth_authsupplied_info *auth_info = NULL;
+ make_auth_info_fixed(&auth_info, ctr->auth.id2.lm_chal);
/* Standard challange/response authenticaion */
make_user_info_netlogon_network(&user_info,
nt_username, nt_domain,
- nt_workstation, ctr->auth.id2.lm_chal,
+ nt_workstation,
ctr->auth.id2.lm_chal_resp.buffer,
ctr->auth.id2.lm_chal_resp.str_str_len,
ctr->auth.id2.nt_chal_resp.buffer,
ctr->auth.id2.nt_chal_resp.str_str_len);
+
+ status = check_password(user_info, auth_info, &server_info);
+ free_auth_info(&auth_info);
+
break;
+ }
case INTERACTIVE_LOGON_TYPE:
/* 'Interactive' autheticaion, supplies the password in its MD4 form, encrypted
with the session key. We will convert this to challange/responce for the
auth subsystem to chew on */
{
+ auth_authsupplied_info *auth_info = NULL;
+ DATA_BLOB chal;
+ if (!make_auth_info_subsystem(&auth_info)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ chal = auth_get_challange(auth_info);
+
make_user_info_netlogon_interactive(&user_info,
nt_username, nt_domain,
- nt_workstation,
+ nt_workstation, chal.data,
ctr->auth.id1.lm_owf.data,
ctr->auth.id1.nt_owf.data,
p->dc.sess_key);
+ status = check_password(user_info, auth_info, &server_info);
+ data_blob_free(&chal);
+ free_auth_info(&auth_info);
+
break;
}
default:
@@ -593,8 +613,6 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
return NT_STATUS_INVALID_INFO_CLASS;
} /* end switch */
- status = check_password(user_info, &server_info);
-
free_user_info(&user_info);
DEBUG(5, ("_net_sam_logon: check_password returned status %s\n",
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index b9c40e719b..4b3140b350 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -271,6 +271,7 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm
NTSTATUS nt_status;
auth_usersupplied_info *user_info = NULL;
+ auth_authsupplied_info *auth_info = NULL;
auth_serversupplied_info *server_info = NULL;
uid_t *puid;
@@ -343,17 +344,20 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm
return False;
}
+
+ make_auth_info_fixed(&auth_info, (uchar*)p->challenge);
if (!make_user_info_netlogon_network(&user_info,
- user_name, domain, wks, (uchar*)p->challenge,
+ user_name, domain, wks,
lm_owf, lm_pw_len,
nt_owf, nt_pw_len)) {
DEBUG(0,("make_user_info_netlogon_network failed! Failing authenticaion.\n"));
return False;
}
- nt_status = check_password(user_info, &server_info);
+ nt_status = check_password(user_info, auth_info, &server_info);
+ free_auth_info(&auth_info);
free_user_info(&user_info);
p->ntlmssp_auth_validated = NT_STATUS_IS_OK(nt_status);