summaryrefslogtreecommitdiff
path: root/source4/rpc_server
diff options
context:
space:
mode:
Diffstat (limited to 'source4/rpc_server')
-rw-r--r--source4/rpc_server/dcesrv_auth.c17
1 files changed, 9 insertions, 8 deletions
diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c
index a117f08445..48792180c6 100644
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -66,6 +66,7 @@ BOOL dcesrv_auth_bind(struct dcesrv_call_state *call)
status = auth_ntlmssp_start(&dce_conn->auth_state.ntlmssp_state);
if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(2, ("Failed to start NTLMSSP subsystem!\n"));
return False;
}
@@ -85,10 +86,12 @@ BOOL dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct dcerpc_packet *
}
status = auth_ntlmssp_update(dce_conn->auth_state.ntlmssp_state,
+ call->mem_ctx,
dce_conn->auth_state.auth_info->credentials,
&dce_conn->auth_state.auth_info->credentials);
if (!NT_STATUS_IS_OK(status) &&
!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ DEBUG(2, ("Failed to start NTLMSSP process NTLMSSP negotiate: %s\n", nt_errstr(status)));
return False;
}
@@ -131,20 +134,14 @@ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call)
}
status = auth_ntlmssp_update(dce_conn->auth_state.ntlmssp_state,
+ call->mem_ctx,
dce_conn->auth_state.auth_info->credentials,
&dce_conn->auth_state.auth_info->credentials);
if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(4, ("User failed to authenticated with NTLMSSP: %s\n", nt_errstr(status)));
return False;
}
- switch (dce_conn->auth_state.auth_info->auth_level) {
- case DCERPC_AUTH_LEVEL_PRIVACY:
- case DCERPC_AUTH_LEVEL_INTEGRITY:
- /* setup for signing */
- status = ntlmssp_sign_init(dce_conn->auth_state.ntlmssp_state->ntlmssp_state);
- break;
- }
-
return True;
}
@@ -197,6 +194,7 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call)
switch (dce_conn->auth_state.auth_info->auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
status = ntlmssp_unseal_packet(dce_conn->auth_state.ntlmssp_state->ntlmssp_state,
+ call->mem_ctx,
pkt->u.request.stub_and_verifier.data,
pkt->u.request.stub_and_verifier.length,
&auth.credentials);
@@ -204,6 +202,7 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call)
case DCERPC_AUTH_LEVEL_INTEGRITY:
status = ntlmssp_check_packet(dce_conn->auth_state.ntlmssp_state->ntlmssp_state,
+ call->mem_ctx,
pkt->u.request.stub_and_verifier.data,
pkt->u.request.stub_and_verifier.length,
&auth.credentials);
@@ -262,6 +261,7 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call,
switch (dce_conn->auth_state.auth_info->auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
status = ntlmssp_seal_packet(dce_conn->auth_state.ntlmssp_state->ntlmssp_state,
+ call->mem_ctx,
ndr->data + DCERPC_REQUEST_LENGTH,
ndr->offset - DCERPC_REQUEST_LENGTH,
&dce_conn->auth_state.auth_info->credentials);
@@ -269,6 +269,7 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call,
case DCERPC_AUTH_LEVEL_INTEGRITY:
status = ntlmssp_sign_packet(dce_conn->auth_state.ntlmssp_state->ntlmssp_state,
+ call->mem_ctx,
ndr->data + DCERPC_REQUEST_LENGTH,
ndr->offset - DCERPC_REQUEST_LENGTH,
&dce_conn->auth_state.auth_info->credentials);