git.samba.org / kamenim / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7407c97)
s3-dcerpc: Set flags directly instead of calling unimplemented functions.
authorSimo Sorce <idra@samba.org>
Tue, 20 Jul 2010 15:22:50 +0000 (11:22 -0400)
committerSimo Sorce <idra@samba.org>
Wed, 28 Jul 2010 16:18:19 +0000 (12:18 -0400)
source3/rpc_server/srv_pipe.c patch | blob | history

diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 5ab64c2d3782da87339e15d4f410b8dac53284fe..ae6c12710ef2e495e26fbfd9b5524909c0904807 100644 (file)
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -721,12 +721,21 @@ static bool pipe_spnego_auth_bind_negotiate(struct pipes_struct *p,
                        goto err;
                }
 
+               /* Clear flags,
+                * then set them according to requested Auth Level */
+               auth_ntlmssp_and_flags(a, ~(NTLMSSP_NEGOTIATE_SIGN |
+                                               NTLMSSP_NEGOTIATE_SEAL));
                switch (pauth_info->auth_level) {
                        case DCERPC_AUTH_LEVEL_INTEGRITY:
-                               auth_ntlmssp_want_sign(a);
+                               auth_ntlmssp_or_flags(a,
+                                               NTLMSSP_NEGOTIATE_SIGN);
                                break;
                        case DCERPC_AUTH_LEVEL_PRIVACY:
-                               auth_ntlmssp_want_seal(a);
+                               /* Privacy always implies both sign and seal
+                                * for ntlmssp */
+                               auth_ntlmssp_or_flags(a,
+                                               NTLMSSP_NEGOTIATE_SIGN |
+                                               NTLMSSP_NEGOTIATE_SEAL);
                                break;
                        default:
                                break;
@@ -988,12 +997,18 @@ static bool pipe_ntlmssp_auth_bind(struct pipes_struct *p,
                goto err;
        }
 
+       /* Clear flags, then set them according to requested Auth Level */
+       auth_ntlmssp_and_flags(a, ~(NTLMSSP_NEGOTIATE_SIGN |
+                                       NTLMSSP_NEGOTIATE_SEAL));
+
        switch (auth_info->auth_level) {
        case DCERPC_AUTH_LEVEL_INTEGRITY:
-               auth_ntlmssp_want_sign(a);
+               auth_ntlmssp_or_flags(a, NTLMSSP_NEGOTIATE_SIGN);
                break;
        case DCERPC_AUTH_LEVEL_PRIVACY:
-               auth_ntlmssp_want_seal(a);
+               /* Privacy always implies both sign and seal for ntlmssp */
+               auth_ntlmssp_or_flags(a, NTLMSSP_NEGOTIATE_SIGN |
+                                        NTLMSSP_NEGOTIATE_SEAL);
                break;
        default:
                break;
kamenim's wip repo