diff options
Diffstat (limited to 'source4/libcli')
-rw-r--r-- | source4/libcli/auth/credentials.c | 8 | ||||
-rw-r--r-- | source4/libcli/auth/credentials.h | 3 |
2 files changed, 9 insertions, 2 deletions
diff --git a/source4/libcli/auth/credentials.c b/source4/libcli/auth/credentials.c index 8cae71180c..18ce6fec1b 100644 --- a/source4/libcli/auth/credentials.c +++ b/source4/libcli/auth/credentials.c @@ -292,13 +292,17 @@ BOOL creds_server_check(const struct creds_CredentialState *creds, } NTSTATUS creds_server_step_check(struct creds_CredentialState *creds, - struct netr_Authenticator *received_authenticator, - struct netr_Authenticator *return_authenticator) + struct netr_Authenticator *received_authenticator, + struct netr_Authenticator *return_authenticator) { if (!received_authenticator || !return_authenticator) { return NT_STATUS_INVALID_PARAMETER; } + if (!creds) { + return NT_STATUS_ACCESS_DENIED; + } + /* TODO: this may allow the a replay attack on a non-signed connection. Should we check that this is increasing? */ creds->sequence = received_authenticator->timestamp; diff --git a/source4/libcli/auth/credentials.h b/source4/libcli/auth/credentials.h index 30114fe7fa..01206bc282 100644 --- a/source4/libcli/auth/credentials.h +++ b/source4/libcli/auth/credentials.h @@ -27,6 +27,9 @@ struct creds_CredentialState { struct netr_Credential seed; struct netr_Credential client; struct netr_Credential server; + uint16_t secure_channel_type; + char *computer_name; + char *account_name; }; |