From 55b2292abace1d12b04fb47a61daab26923f887c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 15 Feb 2008 21:24:39 +0100 Subject: Use pidl for _netr_ServerAuthenticate(). Guenther (This used to be commit 943386c5dd601f5c8cf85bfcb08f731dd5a6437d) --- source3/rpc_server/srv_netlog.c | 24 +-------------- source3/rpc_server/srv_netlog_nt.c | 62 ++++++++++++++------------------------ 2 files changed, 23 insertions(+), 63 deletions(-) diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 60688d201d..7f67fe51f0 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -64,29 +64,7 @@ static bool api_net_req_chal(pipes_struct *p) static bool api_net_auth(pipes_struct *p) { - NET_Q_AUTH q_u; - NET_R_AUTH r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the challenge... */ - if(!net_io_q_auth("", &q_u, data, 0)) { - DEBUG(0,("api_net_auth: Failed to unmarshall NET_Q_AUTH.\n")); - return False; - } - - r_u.status = _net_auth(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!net_io_r_auth("", &r_u, rdata, 0)) { - DEBUG(0,("api_net_auth: Failed to marshall NET_R_AUTH.\n")); - return False; - } - - return True; + return proxy_netr_call(p, NDR_NETR_SERVERAUTHENTICATE); } /************************************************************************* diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index bb346650f2..2b4921921f 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -259,7 +259,7 @@ WERROR _netr_NetrEnumerateTrustedDomains(pipes_struct *p, gets a machine password entry. checks access rights of the host. ******************************************************************/ -static NTSTATUS get_md4pw(char *md4pw, char *mach_acct, uint16 sec_chan_type) +static NTSTATUS get_md4pw(char *md4pw, const char *mach_acct, uint16 sec_chan_type) { struct samu *sampass = NULL; const uint8 *pass; @@ -398,41 +398,30 @@ NTSTATUS _netr_ServerReqChallenge(pipes_struct *p, } /************************************************************************* - init_net_r_auth: + _netr_ServerAuthenticate + Create the initial credentials. *************************************************************************/ -static void init_net_r_auth(NET_R_AUTH *r_a, DOM_CHAL *resp_cred, NTSTATUS status) -{ - memcpy(r_a->srv_chal.data, resp_cred->data, sizeof(resp_cred->data)); - r_a->status = status; -} - -/************************************************************************* - _net_auth. Create the initial credentials. - *************************************************************************/ - -NTSTATUS _net_auth(pipes_struct *p, NET_Q_AUTH *q_u, NET_R_AUTH *r_u) +NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, + struct netr_ServerAuthenticate *r) { NTSTATUS status; - fstring mach_acct; - fstring remote_machine; DOM_CHAL srv_chal_out; if (!p->dc || !p->dc->challenge_sent) { return NT_STATUS_ACCESS_DENIED; } - rpcstr_pull(mach_acct, q_u->clnt_id.uni_acct_name.buffer,sizeof(fstring), - q_u->clnt_id.uni_acct_name.uni_str_len*2,0); - rpcstr_pull(remote_machine, q_u->clnt_id.uni_comp_name.buffer,sizeof(fstring), - q_u->clnt_id.uni_comp_name.uni_str_len*2,0); - - status = get_md4pw((char *)p->dc->mach_pw, mach_acct, q_u->clnt_id.sec_chan); + status = get_md4pw((char *)p->dc->mach_pw, + r->in.account_name, + r->in.secure_channel_type); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0,("_net_auth: creds_server_check failed. Failed to " + DEBUG(0,("_netr_ServerAuthenticate: get_md4pw failed. Failed to " "get password for machine account %s " "from client %s: %s\n", - mach_acct, remote_machine, nt_errstr(status) )); + r->in.account_name, + r->in.computer_name, + nt_errstr(status) )); /* always return NT_STATUS_ACCESS_DENIED */ return NT_STATUS_ACCESS_DENIED; } @@ -446,22 +435,25 @@ NTSTATUS _net_auth(pipes_struct *p, NET_Q_AUTH *q_u, NET_R_AUTH *r_u) &srv_chal_out); /* Check client credentials are valid. */ - if (!creds_server_check(p->dc, &q_u->clnt_chal)) { - DEBUG(0,("_net_auth: creds_server_check failed. Rejecting auth " + if (!netlogon_creds_server_check(p->dc, r->in.credentials)) { + DEBUG(0,("_netr_ServerAuthenticate: netlogon_creds_server_check failed. Rejecting auth " "request from client %s machine account %s\n", - remote_machine, mach_acct )); + r->in.computer_name, + r->in.account_name)); return NT_STATUS_ACCESS_DENIED; } - fstrcpy(p->dc->mach_acct, mach_acct); - fstrcpy(p->dc->remote_machine, remote_machine); + fstrcpy(p->dc->mach_acct, r->in.account_name); + fstrcpy(p->dc->remote_machine, r->in.computer_name); p->dc->authenticated = True; /* set up the LSA AUTH response */ /* Return the server credentials. */ - init_net_r_auth(r_u, &srv_chal_out, NT_STATUS_OK); - return r_u->status; + memcpy(r->out.credentials->data, &srv_chal_out.data, + sizeof(r->out.credentials->data)); + + return NT_STATUS_OK; } /************************************************************************* @@ -1261,16 +1253,6 @@ NTSTATUS _netr_LogonSamLogoff(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, - struct netr_ServerAuthenticate *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _netr_DatabaseDeltas(pipes_struct *p, struct netr_DatabaseDeltas *r) { -- cgit