From 780006db9de7a55030ba07fc5236c85bee7b4961 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 23 Dec 2011 15:20:26 +0100 Subject: s4:librpc/rpc: add DCERPC_SCHANNEL_AES support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit metze Signed-off-by: Günther Deschner --- source4/librpc/rpc/dcerpc_schannel.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'source4/librpc') diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c index 3a3dec068b..f3e52585ae 100644 --- a/source4/librpc/rpc/dcerpc_schannel.c +++ b/source4/librpc/rpc/dcerpc_schannel.c @@ -243,7 +243,13 @@ static void continue_srv_auth2(struct tevent_req *subreq) } s->dcerpc_schannel_auto = false; - if (lf & NETLOGON_NEG_STRONG_KEYS) { + if (lf & NETLOGON_NEG_SUPPORTS_AES) { + ln = "aes"; + if (rf & NETLOGON_NEG_SUPPORTS_AES) { + composite_error(c, s->a.out.result); + return; + } + } else if (lf & NETLOGON_NEG_STRONG_KEYS) { ln = "strong"; if (rf & NETLOGON_NEG_STRONG_KEYS) { composite_error(c, s->a.out.result); @@ -253,7 +259,9 @@ static void continue_srv_auth2(struct tevent_req *subreq) ln = "des"; } - if (rf & NETLOGON_NEG_STRONG_KEYS) { + if (rf & NETLOGON_NEG_SUPPORTS_AES) { + rn = "aes"; + } else if (rf & NETLOGON_NEG_STRONG_KEYS) { rn = "strong"; } else { rn = "des"; @@ -324,8 +332,13 @@ struct composite_context *dcerpc_schannel_key_send(TALLOC_CTX *mem_ctx, if (s->pipe->conn->flags & DCERPC_SCHANNEL_128) { s->local_negotiate_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; } + if (s->pipe->conn->flags & DCERPC_SCHANNEL_AES) { + s->local_negotiate_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; + s->local_negotiate_flags |= NETLOGON_NEG_SUPPORTS_AES; + } if (s->pipe->conn->flags & DCERPC_SCHANNEL_AUTO) { s->local_negotiate_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; + s->local_negotiate_flags |= NETLOGON_NEG_SUPPORTS_AES; s->dcerpc_schannel_auto = true; } -- cgit