From 642ba4bfeee9951957287647628fa82269a318b1 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Sat, 25 Sep 2004 07:25:51 +0000
Subject: r2614: support CONNECT level DCE/RPC security in both client and
 server. CONNECT security uses NTLMSSP, but does not do any signing or sealing
 (or equivalently, its like signing, but with a zero filled checksum). (This
 used to be commit f4660857bc708db7f5aa7487bf7ab04bffe68928)

---
 source4/rpc_server/dcesrv_auth.c | 43 ++++++++++++++++++++++++++++++++++++++--
 1 file changed, 41 insertions(+), 2 deletions(-)

(limited to 'source4/rpc_server/dcesrv_auth.c')

diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c
index e2a798c1ae..bfdf557bdf 100644
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -31,7 +31,8 @@ NTSTATUS dcesrv_crypto_select_type(struct dcesrv_connection *dce_conn,
 {
 	NTSTATUS status;
 	if (auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_INTEGRITY &&
-	    auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_PRIVACY) {
+	    auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_PRIVACY &&
+	    auth->auth_info->auth_level != DCERPC_AUTH_LEVEL_CONNECT) {
 		DEBUG(2,("auth_level %d not supported in dcesrv auth\n", 
 			 auth->auth_info->auth_level));
 		return NT_STATUS_INVALID_PARAMETER;
@@ -191,6 +192,34 @@ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call)
 	return True;
 }
 
+
+/*
+  generate a CONNECT level verifier
+*/
+static NTSTATUS dcesrv_connect_verifier(TALLOC_CTX *mem_ctx, DATA_BLOB *blob)
+{
+	*blob = data_blob_talloc(mem_ctx, NULL, 16);
+	if (blob->data == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+	SIVAL(blob->data, 0, 1);
+	memset(blob->data+4, 0, 12);
+	return NT_STATUS_OK;
+}
+
+/*
+  generate a CONNECT level verifier
+*/
+static NTSTATUS dcesrv_check_connect_verifier(DATA_BLOB *blob)
+{
+	if (blob->length != 16 ||
+	    IVAL(blob->data, 0) != 1) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+	return NT_STATUS_OK;
+}
+
+
 /*
   check credentials on a request
 */
@@ -260,6 +289,10 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet)
 					     &auth.credentials);
 		break;
 
+	case DCERPC_AUTH_LEVEL_CONNECT:
+		status = dcesrv_check_connect_verifier(&auth.credentials);
+		break;
+
 	default:
 		status = NT_STATUS_INVALID_LEVEL;
 		break;
@@ -340,7 +373,7 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call,
 					    payload_length,
 					    blob->data,
 					    blob->length - dce_conn->auth_state.auth_info->credentials.length,
-					      &dce_conn->auth_state.auth_info->credentials);
+					    &dce_conn->auth_state.auth_info->credentials);
 		break;
 
 	case DCERPC_AUTH_LEVEL_INTEGRITY:
@@ -353,6 +386,12 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call,
 					    &dce_conn->auth_state.auth_info->credentials);
 
 		break;
+
+	case DCERPC_AUTH_LEVEL_CONNECT:
+		status = dcesrv_connect_verifier(call->mem_ctx,
+						 &dce_conn->auth_state.auth_info->credentials);
+		break;
+
 	default:
 		status = NT_STATUS_INVALID_LEVEL;
 		break;
-- 
cgit