From 3b7872f69ffa0b1cde8d14ab9122a91ee8aab7a6 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 6 Jul 2004 01:16:57 +0000 Subject: r1351: add derpc spengo wrapper not yet used and not working because of bugs in the gensec spnego code metze (This used to be commit b9795ed5735ad88a2ba9608d3d8804edf77e4cd4) --- source4/librpc/config.m4 | 1 + source4/librpc/rpc/dcerpc_spnego.c | 79 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 80 insertions(+) create mode 100644 source4/librpc/rpc/dcerpc_spnego.c (limited to 'source4') diff --git a/source4/librpc/config.m4 b/source4/librpc/config.m4 index 4df76e96be..7e0f92b3cc 100644 --- a/source4/librpc/config.m4 +++ b/source4/librpc/config.m4 @@ -39,6 +39,7 @@ SMB_SUBSYSTEM(LIBRPC_RAW,[], librpc/rpc/dcerpc_util.o librpc/rpc/dcerpc_schannel.o librpc/rpc/dcerpc_ntlm.o + librpc/rpc/dcerpc_spnego.o librpc/rpc/dcerpc_smb.o librpc/rpc/dcerpc_tcp.o]) diff --git a/source4/librpc/rpc/dcerpc_spnego.c b/source4/librpc/rpc/dcerpc_spnego.c new file mode 100644 index 0000000000..141ea787e7 --- /dev/null +++ b/source4/librpc/rpc/dcerpc_spnego.c @@ -0,0 +1,79 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc authentication operations + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +/* + do spnego style authentication on a gensec pipe +*/ +NTSTATUS dcerpc_bind_auth_spnego(struct dcerpc_pipe *p, + const char *uuid, uint_t version, + const char *domain, + const char *username, + const char *password) +{ + NTSTATUS status; + + status = gensec_client_start(&p->security_state.generic_state); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to start GENSEC client mode: %s\n", nt_errstr(status))); + return status; + } + + status = gensec_set_domain(p->security_state.generic_state, domain); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to start set GENSEC client domain to %s: %s\n", + domain, nt_errstr(status))); + return status; + } + + status = gensec_set_username(p->security_state.generic_state, username); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to start set GENSEC client username to %s: %s\n", + username, nt_errstr(status))); + return status; + } + + status = gensec_set_password(p->security_state.generic_state, password); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to start set GENSEC client password: %s\n", + nt_errstr(status))); + return status; + } + + status = gensec_start_mech_by_authtype(p->security_state.generic_state, DCERPC_AUTH_TYPE_SPNEGO); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to start set GENSEC client SPNEGO mechanism: %s\n", + nt_errstr(status))); + return status; + } + + status = dcerpc_bind_auth(p, DCERPC_AUTH_TYPE_SPNEGO, + uuid, version); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2, ("Failed to bind to pipe with SPNEGO: %s\n", nt_errstr(status))); + return status; + } + + return status; +} -- cgit