From e8c06b9221d9818042ea8a08efccfc88f17a9e3e Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 10 Jan 2005 12:30:13 +0000 Subject: r4641: Push a few more details into the schannel ldb, and into the credentials struct it maintains. Clearly much of this will be replaced with some system to pass and store the session_info, as that is the 'right way' to handle this. Andrew Bartlett (This used to be commit c6fcb33a887fbf0c0b42c3bc331df942a985128c) --- source4/libcli/auth/credentials.c | 8 ++++++-- source4/libcli/auth/credentials.h | 3 +++ 2 files changed, 9 insertions(+), 2 deletions(-) (limited to 'source4/libcli/auth') diff --git a/source4/libcli/auth/credentials.c b/source4/libcli/auth/credentials.c index 8cae71180c..18ce6fec1b 100644 --- a/source4/libcli/auth/credentials.c +++ b/source4/libcli/auth/credentials.c @@ -292,13 +292,17 @@ BOOL creds_server_check(const struct creds_CredentialState *creds, } NTSTATUS creds_server_step_check(struct creds_CredentialState *creds, - struct netr_Authenticator *received_authenticator, - struct netr_Authenticator *return_authenticator) + struct netr_Authenticator *received_authenticator, + struct netr_Authenticator *return_authenticator) { if (!received_authenticator || !return_authenticator) { return NT_STATUS_INVALID_PARAMETER; } + if (!creds) { + return NT_STATUS_ACCESS_DENIED; + } + /* TODO: this may allow the a replay attack on a non-signed connection. Should we check that this is increasing? */ creds->sequence = received_authenticator->timestamp; diff --git a/source4/libcli/auth/credentials.h b/source4/libcli/auth/credentials.h index 30114fe7fa..01206bc282 100644 --- a/source4/libcli/auth/credentials.h +++ b/source4/libcli/auth/credentials.h @@ -27,6 +27,9 @@ struct creds_CredentialState { struct netr_Credential seed; struct netr_Credential client; struct netr_Credential server; + uint16_t secure_channel_type; + char *computer_name; + char *account_name; }; -- cgit