summaryrefslogtreecommitdiff
path: root/source4/librpc/rpc
diff options
context:
space:
mode:
Diffstat (limited to 'source4/librpc/rpc')
-rw-r--r--source4/librpc/rpc/dcerpc.c4
-rw-r--r--source4/librpc/rpc/dcerpc.h6
-rw-r--r--source4/librpc/rpc/dcerpc_ntlm.c39
-rw-r--r--source4/librpc/rpc/dcerpc_schannel.c20
4 files changed, 36 insertions, 33 deletions
diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c
index 21340e4f63..e4c5174af3 100644
--- a/source4/librpc/rpc/dcerpc.c
+++ b/source4/librpc/rpc/dcerpc.c
@@ -183,6 +183,7 @@ static NTSTATUS dcerpc_pull_request_sign(struct dcerpc_pipe *p,
switch (p->auth_info->auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
status = p->security_state->unseal_packet(p->security_state,
+ mem_ctx,
pkt->u.response.stub_and_verifier.data,
pkt->u.response.stub_and_verifier.length,
&auth.credentials);
@@ -190,6 +191,7 @@ static NTSTATUS dcerpc_pull_request_sign(struct dcerpc_pipe *p,
case DCERPC_AUTH_LEVEL_INTEGRITY:
status = p->security_state->check_packet(p->security_state,
+ mem_ctx,
pkt->u.response.stub_and_verifier.data,
pkt->u.response.stub_and_verifier.length,
&auth.credentials);
@@ -250,6 +252,7 @@ static NTSTATUS dcerpc_push_request_sign(struct dcerpc_pipe *p,
switch (p->auth_info->auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
status = p->security_state->seal_packet(p->security_state,
+ mem_ctx,
ndr->data + DCERPC_REQUEST_LENGTH,
ndr->offset - DCERPC_REQUEST_LENGTH,
&p->auth_info->credentials);
@@ -257,6 +260,7 @@ static NTSTATUS dcerpc_push_request_sign(struct dcerpc_pipe *p,
case DCERPC_AUTH_LEVEL_INTEGRITY:
status = p->security_state->sign_packet(p->security_state,
+ mem_ctx,
ndr->data + DCERPC_REQUEST_LENGTH,
ndr->offset - DCERPC_REQUEST_LENGTH,
&p->auth_info->credentials);
diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h
index 5c7f01c658..25c2029f34 100644
--- a/source4/librpc/rpc/dcerpc.h
+++ b/source4/librpc/rpc/dcerpc.h
@@ -28,12 +28,16 @@ enum dcerpc_transport_t {NCACN_NP, NCACN_IP_TCP};
struct dcerpc_security {
void *private;
NTSTATUS (*unseal_packet)(struct dcerpc_security *,
+ TALLOC_CTX *mem_ctx,
uchar *data, size_t length, DATA_BLOB *sig);
NTSTATUS (*check_packet)(struct dcerpc_security *,
+ TALLOC_CTX *mem_ctx,
const uchar *data, size_t length, const DATA_BLOB *sig);
NTSTATUS (*seal_packet)(struct dcerpc_security *,
- uchar *data, size_t length, DATA_BLOB *sig);
+ TALLOC_CTX *mem_ctx,
+ uchar *data, size_t length, DATA_BLOB *sig);
NTSTATUS (*sign_packet)(struct dcerpc_security *,
+ TALLOC_CTX *mem_ctx,
const uchar *data, size_t length, DATA_BLOB *sig);
NTSTATUS (*session_key)(struct dcerpc_security *, DATA_BLOB *session_key);
void (*security_end)(struct dcerpc_security *);
diff --git a/source4/librpc/rpc/dcerpc_ntlm.c b/source4/librpc/rpc/dcerpc_ntlm.c
index fa4232c94a..1a216e9885 100644
--- a/source4/librpc/rpc/dcerpc_ntlm.c
+++ b/source4/librpc/rpc/dcerpc_ntlm.c
@@ -26,34 +26,38 @@
wrappers for the ntlmssp_*() functions
*/
static NTSTATUS ntlm_unseal_packet(struct dcerpc_security *dcerpc_security,
- uchar *data, size_t length, DATA_BLOB *sig)
+ TALLOC_CTX *mem_ctx,
+ uchar *data, size_t length, DATA_BLOB *sig)
{
struct ntlmssp_state *ntlmssp_state = dcerpc_security->private;
- return ntlmssp_unseal_packet(ntlmssp_state, data, length, sig);
+ return ntlmssp_unseal_packet(ntlmssp_state, mem_ctx, data, length, sig);
}
static NTSTATUS ntlm_check_packet(struct dcerpc_security *dcerpc_security,
+ TALLOC_CTX *mem_ctx,
const uchar *data, size_t length,
const DATA_BLOB *sig)
{
struct ntlmssp_state *ntlmssp_state = dcerpc_security->private;
- return ntlmssp_check_packet(ntlmssp_state, data, length, sig);
+ return ntlmssp_check_packet(ntlmssp_state, mem_ctx, data, length, sig);
}
static NTSTATUS ntlm_seal_packet(struct dcerpc_security *dcerpc_security,
+ TALLOC_CTX *mem_ctx,
uchar *data, size_t length,
DATA_BLOB *sig)
{
struct ntlmssp_state *ntlmssp_state = dcerpc_security->private;
- return ntlmssp_seal_packet(ntlmssp_state, data, length, sig);
+ return ntlmssp_seal_packet(ntlmssp_state, mem_ctx, data, length, sig);
}
static NTSTATUS ntlm_sign_packet(struct dcerpc_security *dcerpc_security,
+ TALLOC_CTX *mem_ctx,
const uchar *data, size_t length,
DATA_BLOB *sig)
{
struct ntlmssp_state *ntlmssp_state = dcerpc_security->private;
- return ntlmssp_sign_packet(ntlmssp_state, data, length, sig);
+ return ntlmssp_sign_packet(ntlmssp_state, mem_ctx, data, length, sig);
}
static NTSTATUS ntlm_session_key(struct dcerpc_security *dcerpc_security,
@@ -137,35 +141,30 @@ NTSTATUS dcerpc_bind_auth_ntlm(struct dcerpc_pipe *p,
p->auth_info->credentials = data_blob(NULL, 0);
p->security_state = NULL;
- status = ntlmssp_update(state,
+ status = ntlmssp_update(state, mem_ctx,
p->auth_info->credentials,
&credentials);
+
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
goto done;
}
- p->auth_info->credentials = data_blob_talloc(mem_ctx,
- credentials.data,
- credentials.length);
- data_blob_free(&credentials);
+ p->auth_info->credentials = credentials;
status = dcerpc_bind_byuuid(p, mem_ctx, uuid, version);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
-
- status = ntlmssp_update(state,
+ status = ntlmssp_update(state, mem_ctx,
p->auth_info->credentials,
&credentials);
+
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
goto done;
}
- p->auth_info->credentials = data_blob_talloc(mem_ctx,
- credentials.data,
- credentials.length);
- data_blob_free(&credentials);
+ p->auth_info->credentials = credentials;
status = dcerpc_auth3(p, mem_ctx);
@@ -187,14 +186,6 @@ NTSTATUS dcerpc_bind_auth_ntlm(struct dcerpc_pipe *p,
p->security_state->session_key = ntlm_session_key;
p->security_state->security_end = ntlm_security_end;
- switch (p->auth_info->auth_level) {
- case DCERPC_AUTH_LEVEL_PRIVACY:
- case DCERPC_AUTH_LEVEL_INTEGRITY:
- /* setup for signing */
- status = ntlmssp_sign_init(state);
- break;
- }
-
done:
talloc_destroy(mem_ctx);
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c
index a88d3c1b3e..f368ce30b3 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -26,34 +26,38 @@
wrappers for the schannel_*() functions
*/
static NTSTATUS schan_unseal_packet(struct dcerpc_security *dcerpc_security,
- uchar *data, size_t length, DATA_BLOB *sig)
+ TALLOC_CTX *mem_ctx,
+ uchar *data, size_t length, DATA_BLOB *sig)
{
struct schannel_state *schannel_state = dcerpc_security->private;
- return schannel_unseal_packet(schannel_state, data, length, sig);
+ return schannel_unseal_packet(schannel_state, mem_ctx, data, length, sig);
}
static NTSTATUS schan_check_packet(struct dcerpc_security *dcerpc_security,
- const uchar *data, size_t length,
- const DATA_BLOB *sig)
+ TALLOC_CTX *mem_ctx,
+ const uchar *data, size_t length,
+ const DATA_BLOB *sig)
{
struct schannel_state *schannel_state = dcerpc_security->private;
return schannel_check_packet(schannel_state, data, length, sig);
}
static NTSTATUS schan_seal_packet(struct dcerpc_security *dcerpc_security,
- uchar *data, size_t length,
- DATA_BLOB *sig)
+ TALLOC_CTX *mem_ctx,
+ uchar *data, size_t length,
+ DATA_BLOB *sig)
{
struct schannel_state *schannel_state = dcerpc_security->private;
- return schannel_seal_packet(schannel_state, data, length, sig);
+ return schannel_seal_packet(schannel_state, mem_ctx, data, length, sig);
}
static NTSTATUS schan_sign_packet(struct dcerpc_security *dcerpc_security,
+ TALLOC_CTX *mem_ctx,
const uchar *data, size_t length,
DATA_BLOB *sig)
{
struct schannel_state *schannel_state = dcerpc_security->private;
- return schannel_sign_packet(schannel_state, data, length, sig);
+ return schannel_sign_packet(schannel_state, mem_ctx, data, length, sig);
}
static NTSTATUS schan_session_key(struct dcerpc_security *dcerpc_security,
generated by cgit (git 2.34.1) at 2024-11-13 21:14:00 +0000