}
/*******************************************************************
+ Creates an auth_data blob.
********************************************************************/
-static NTSTATUS dcerpc_push_dcerpc_auth(TALLOC_CTX *mem_ctx,
- enum dcerpc_AuthType auth_type,
- enum dcerpc_AuthLevel auth_level,
- uint8_t auth_pad_length,
- uint32_t auth_context_id,
- const DATA_BLOB *credentials,
- DATA_BLOB *blob)
+NTSTATUS dcerpc_push_dcerpc_auth(TALLOC_CTX *mem_ctx,
+ enum dcerpc_AuthType auth_type,
+ enum dcerpc_AuthLevel auth_level,
+ uint8_t auth_pad_length,
+ uint32_t auth_context_id,
+ const DATA_BLOB *credentials,
+ DATA_BLOB *blob)
{
struct dcerpc_auth r;
enum ndr_err_code ndr_err;
static NTSTATUS add_schannel_auth_footer(struct rpc_pipe_client *cli,
uint32 ss_padding_len,
- prs_struct *outgoing_pdu)
+ prs_struct *rpc_out)
{
- RPC_HDR_AUTH auth_info;
+ DATA_BLOB auth_info;
struct schannel_state *sas = cli->auth->a_u.schannel_auth;
- char *data_p = prs_data_p(outgoing_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN;
- size_t data_and_pad_len = prs_offset(outgoing_pdu) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN;
+ char *data_p = prs_data_p(rpc_out) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN;
+ size_t data_and_pad_len = prs_offset(rpc_out) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN;
DATA_BLOB blob;
NTSTATUS status;
return NT_STATUS_INVALID_PARAMETER;
}
- /* Init and marshall the auth header. */
- init_rpc_hdr_auth(&auth_info,
- map_pipe_auth_type_to_rpc_auth_type(cli->auth->auth_type),
- cli->auth->auth_level,
- ss_padding_len,
- 1 /* context id. */);
-
- if(!smb_io_rpc_hdr_auth("hdr_auth", &auth_info, outgoing_pdu, 0)) {
- DEBUG(0,("add_schannel_auth_footer: failed to marshall RPC_HDR_AUTH.\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
DEBUG(10,("add_schannel_auth_footer: SCHANNEL seq_num=%d\n",
sas->seq_num));
}
/* Finally marshall the blob. */
- if (!prs_copy_data_in(outgoing_pdu, (const char *)blob.data, blob.length)) {
+ status = dcerpc_push_dcerpc_auth(prs_get_mem_context(rpc_out),
+ map_pipe_auth_type_to_rpc_auth_type(cli->auth->auth_type),
+ cli->auth->auth_level,
+ ss_padding_len,
+ 1 /* context id. */,
+ &blob,
+ &auth_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ if (!prs_copy_data_in(rpc_out, (const char *)auth_info.data, auth_info.length)) {
return NT_STATUS_NO_MEMORY;
}
static NTSTATUS rpc_finish_spnego_ntlmssp_bind_send(struct tevent_req *req,
struct rpc_pipe_bind_state *state,
struct ncacn_packet *r,
- prs_struct *reply_pdu)
+ prs_struct *rpc_in)
{
- DATA_BLOB server_spnego_response = data_blob_null;
DATA_BLOB server_ntlm_response = data_blob_null;
DATA_BLOB client_reply = data_blob_null;
DATA_BLOB tmp_blob = data_blob_null;
- RPC_HDR_AUTH hdr_auth;
+ struct dcerpc_auth auth_info;
+ DATA_BLOB auth_blob;
struct tevent_req *subreq;
NTSTATUS status;
/* Process the returned NTLMSSP blob first. */
if (!prs_set_offset(
- reply_pdu,
+ rpc_in,
r->frag_length - r->auth_length - RPC_HDR_AUTH_LEN)) {
return NT_STATUS_INVALID_PARAMETER;
}
- if (!smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, reply_pdu, 0)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
+ auth_blob = data_blob_const(prs_data_p(rpc_in) + prs_offset(rpc_in),
+ prs_data_size(rpc_in) - prs_offset(rpc_in));
- server_spnego_response = data_blob(NULL, r->auth_length);
- prs_copy_data_out((char *)server_spnego_response.data,
- reply_pdu, r->auth_length);
+ status = dcerpc_pull_dcerpc_auth(state, &auth_blob, &auth_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("Failed to unmarshall dcerpc_auth.\n"));
+ return status;
+ }
/*
* The server might give us back two challenges - tmp_blob is for the
* second.
*/
- if (!spnego_parse_challenge(server_spnego_response,
+ if (!spnego_parse_challenge(auth_info.credentials,
&server_ntlm_response, &tmp_blob)) {
- data_blob_free(&server_spnego_response);
data_blob_free(&server_ntlm_response);
data_blob_free(&tmp_blob);
return NT_STATUS_INVALID_PARAMETER;
}
/* We're finished with the server spnego response and the tmp_blob. */
- data_blob_free(&server_spnego_response);
data_blob_free(&tmp_blob);
status = ntlmssp_update(state->cli->auth->a_u.ntlmssp_state,
git.samba.org / kamenim / samba.git / blobdiff