diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/librpc/crypto/cli_spnego.c | 16 | ||||
-rw-r--r-- | source3/librpc/crypto/spnego.h | 3 | ||||
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 3 |
3 files changed, 17 insertions, 5 deletions
diff --git a/source3/librpc/crypto/cli_spnego.c b/source3/librpc/crypto/cli_spnego.c index 54ea99b8e8..f64a537e20 100644 --- a/source3/librpc/crypto/cli_spnego.c +++ b/source3/librpc/crypto/cli_spnego.c @@ -84,7 +84,8 @@ NTSTATUS spnego_gssapi_init_client(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } -NTSTATUS spnego_ntlmssp_init_client(TALLOC_CTX *mem_ctx, +NTSTATUS spnego_generic_init_client(TALLOC_CTX *mem_ctx, + const char *oid, bool do_sign, bool do_seal, bool is_dcerpc, const char *domain, @@ -100,7 +101,11 @@ NTSTATUS spnego_ntlmssp_init_client(TALLOC_CTX *mem_ctx, if (!NT_STATUS_IS_OK(status)) { return status; } - sp_ctx->mech = SPNEGO_NTLMSSP; + if (strcmp(oid, GENSEC_OID_NTLMSSP) == 0) { + sp_ctx->mech = SPNEGO_NTLMSSP; + } else { + return NT_STATUS_INVALID_PARAMETER; + } status = auth_generic_client_prepare(sp_ctx, &auth_generic_state); @@ -138,7 +143,12 @@ NTSTATUS spnego_ntlmssp_init_client(TALLOC_CTX *mem_ctx, GENSEC_FEATURE_SEAL); } - status = auth_generic_client_start(auth_generic_state, GENSEC_OID_NTLMSSP); + if (is_dcerpc) { + gensec_want_feature(auth_generic_state->gensec_security, + GENSEC_FEATURE_DCE_STYLE); + } + + status = auth_generic_client_start(auth_generic_state, oid); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(sp_ctx); return status; diff --git a/source3/librpc/crypto/spnego.h b/source3/librpc/crypto/spnego.h index 2605169bb0..7e0f1590ab 100644 --- a/source3/librpc/crypto/spnego.h +++ b/source3/librpc/crypto/spnego.h @@ -61,7 +61,8 @@ NTSTATUS spnego_gssapi_init_client(TALLOC_CTX *mem_ctx, const char *username, const char *password, struct spnego_context **spengo_ctx); -NTSTATUS spnego_ntlmssp_init_client(TALLOC_CTX *mem_ctx, +NTSTATUS spnego_generic_init_client(TALLOC_CTX *mem_ctx, + const char *oid, bool do_sign, bool do_seal, bool is_dcerpc, const char *domain, diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index a87cb6d5ee..49053c980e 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -3175,7 +3175,8 @@ NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli, goto err_out; } - status = spnego_ntlmssp_init_client(auth, + status = spnego_generic_init_client(auth, + GENSEC_OID_NTLMSSP, (auth->auth_level == DCERPC_AUTH_LEVEL_INTEGRITY), (auth->auth_level == |