if (seal_secure_channel) {
auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
+ auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
} else {
auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
}
struct netlogon_creds_CredentialState *creds;
struct netr_Authenticator req_auth;
struct netr_Authenticator rep_auth;
+
+ struct {
+ uint32_t negotiate_flags;
+ struct netr_Credential client_credential;
+ struct netr_Credential server_credential;
+ } verify1, verify2, verify3;
};
static void netlogon_creds_cli_check_cleanup(struct tevent_req *req,
TALLOC_FREE(state->creds);
}
+static void netlogon_creds_cli_check_verify(struct tevent_req *req);
+
static void netlogon_creds_cli_check_caps(struct tevent_req *subreq)
{
struct tevent_req *req =
* already, we expect this to work!
*/
status = NT_STATUS_DOWNGRADE_DETECTED;
+DEBUG(0,("%s:%s\n", __location__, __func__));
tevent_req_nterror(req, status);
netlogon_creds_cli_check_cleanup(req, status);
return;
* allowed without "require strong key = no"
*/
status = NT_STATUS_DOWNGRADE_DETECTED;
+DEBUG(0,("%s:%s\n", __location__, __func__));
tevent_req_nterror(req, status);
netlogon_creds_cli_check_cleanup(req, status);
return;
* gets out of sync.
*/
netlogon_creds_cli_check_cleanup(req, status);
- tevent_req_done(req);
+ netlogon_creds_cli_check_verify(req);
+ //tevent_req_done(req);
return;
}
if (tevent_req_nterror(req, status)) {
* already, we expect this to work!
*/
status = NT_STATUS_DOWNGRADE_DETECTED;
+DEBUG(0,("%s:%s\n", __location__, __func__));
tevent_req_nterror(req, status);
netlogon_creds_cli_check_cleanup(req, status);
return;
}
-
/*
* This is ok, the server does not support
* NETLOGON_NEG_SUPPORTS_AES.
* NETLOGON_NEG_SUPPORTS_AES was invented.
*/
netlogon_creds_cli_check_cleanup(req, result);
- tevent_req_done(req);
+ netlogon_creds_cli_check_verify(req);
+ //tevent_req_done(req);
return;
}
if (state->caps.server_capabilities != state->creds->negotiate_flags) {
status = NT_STATUS_DOWNGRADE_DETECTED;
+DEBUG(0,("%s:%s\n", __location__, __func__));
tevent_req_nterror(req, status);
netlogon_creds_cli_check_cleanup(req, status);
return;
*/
if (!(state->caps.server_capabilities & NETLOGON_NEG_SUPPORTS_AES)) {
status = NT_STATUS_DOWNGRADE_DETECTED;
+DEBUG(0,("%s:%s\n", __location__, __func__));
tevent_req_nterror(req, status);
netlogon_creds_cli_check_cleanup(req, status);
return;
return;
}
+ netlogon_creds_cli_check_verify(req);
+ //tevent_req_done(req);
+}
+
+static void netlogon_creds_cli_check_verify1(struct tevent_req *subreq);
+
+static void netlogon_creds_cli_check_verify(struct tevent_req *req)
+{
+ struct netlogon_creds_cli_check_state *state =
+ tevent_req_data(req,
+ struct netlogon_creds_cli_check_state);
+ struct tevent_req *subreq;
+
+ state->verify1.negotiate_flags = UINT32_MAX;
+ subreq = dcerpc_netr_ServerAuthenticate2_send(state, state->ev,
+ state->binding_handle,
+ state->srv_name_slash,
+ "__samba_verify1_no_account__",
+ SEC_CHAN_NULL,
+ "__samba_verify1_no_computer__",
+ &state->verify1.client_credential,
+ &state->verify1.server_credential,
+ &state->verify1.negotiate_flags);
+ if (tevent_req_nomem(subreq, req)) {
+ return;
+ }
+ tevent_req_set_callback(subreq,
+ netlogon_creds_cli_check_verify1,
+ req);
+}
+
+static void netlogon_creds_cli_check_verify2(struct tevent_req *subreq);
+
+static void netlogon_creds_cli_check_verify1(struct tevent_req *subreq)
+{
+ struct tevent_req *req =
+ tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct netlogon_creds_cli_check_state *state =
+ tevent_req_data(req,
+ struct netlogon_creds_cli_check_state);
+ NTSTATUS status;
+ NTSTATUS result;
+
+ status = dcerpc_netr_ServerAuthenticate2_recv(subreq, state,
+ &result);
+ TALLOC_FREE(subreq);
+ if (tevent_req_nterror(req, status)) {
+ return;
+ }
+ if (NT_STATUS_IS_OK(result)) {
+ result = NT_STATUS_DOWNGRADE_DETECTED;
+DEBUG(0,("%s:%s\n", __location__, __func__));
+ tevent_req_nterror(req, result);
+ return;
+ }
+ if (!NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED)) {
+ //tevent_req_nterror(req, result);
+ //return;
+ }
+
+ state->verify2.negotiate_flags = 0;
+ subreq = dcerpc_netr_ServerAuthenticate2_send(state, state->ev,
+ state->binding_handle,
+ state->srv_name_slash,
+ "__samba_verify2_no_account__",
+ SEC_CHAN_NULL,
+ "__samba_verify2_no_computer__",
+ &state->verify2.client_credential,
+ &state->verify2.server_credential,
+ &state->verify2.negotiate_flags);
+ if (tevent_req_nomem(subreq, req)) {
+ status = NT_STATUS_NO_MEMORY;
+ return;
+ }
+ tevent_req_set_callback(subreq,
+ netlogon_creds_cli_check_verify2,
+ req);
+}
+
+static void netlogon_creds_cli_check_verify3(struct tevent_req *subreq);
+
+static void netlogon_creds_cli_check_verify2(struct tevent_req *subreq)
+{
+ struct tevent_req *req =
+ tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct netlogon_creds_cli_check_state *state =
+ tevent_req_data(req,
+ struct netlogon_creds_cli_check_state);
+ NTSTATUS status;
+ NTSTATUS result;
+
+ status = dcerpc_netr_ServerAuthenticate2_recv(subreq, state,
+ &result);
+ TALLOC_FREE(subreq);
+ if (tevent_req_nterror(req, status)) {
+ return;
+ }
+ if (NT_STATUS_IS_OK(result)) {
+ result = NT_STATUS_DOWNGRADE_DETECTED;
+DEBUG(0,("%s:%s\n", __location__, __func__));
+ tevent_req_nterror(req, result);
+ return;
+ }
+ if (!NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED)) {
+ }
+
+ state->verify3.negotiate_flags = state->context->client.proposed_flags;
+ subreq = dcerpc_netr_ServerAuthenticate2_send(state, state->ev,
+ state->binding_handle,
+ state->srv_name_slash,
+ "__samba_verify3_no_account__",
+ SEC_CHAN_NULL,
+ "__samba_verify3_no_computer__",
+ &state->verify3.client_credential,
+ &state->verify3.server_credential,
+ &state->verify3.negotiate_flags);
+ if (tevent_req_nomem(subreq, req)) {
+ status = NT_STATUS_NO_MEMORY;
+ return;
+ }
+ tevent_req_set_callback(subreq,
+ netlogon_creds_cli_check_verify3,
+ req);
+}
+
+static void netlogon_creds_cli_check_verify3(struct tevent_req *subreq)
+{
+ struct tevent_req *req =
+ tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct netlogon_creds_cli_check_state *state =
+ tevent_req_data(req,
+ struct netlogon_creds_cli_check_state);
+ NTSTATUS status;
+ NTSTATUS result;
+
+ status = dcerpc_netr_ServerAuthenticate2_recv(subreq, state,
+ &result);
+ TALLOC_FREE(subreq);
+ if (tevent_req_nterror(req, status)) {
+ return;
+ }
+ if (NT_STATUS_IS_OK(result)) {
+ result = NT_STATUS_DOWNGRADE_DETECTED;
+DEBUG(0,("%s:%s\n", __location__, __func__));
+ tevent_req_nterror(req, result);
+ return;
+ }
+ if (!NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED)) {
+ }
+
+ DEBUG(0, ("domain[%s] flags: proposed[0x%08X] required[0x%08X] client[0x%08X] "
+ "server[0x%08X] verify1[0x%08X] verify2[0x%08X] verify3[0x%08X]\n",
+ state->context->server.netbios_domain,
+ (unsigned int)state->context->client.proposed_flags,
+ (unsigned int)state->context->client.required_flags,
+ (unsigned int)state->tmp_creds.negotiate_flags,
+ (unsigned int)state->caps.server_capabilities,
+ (unsigned int)state->verify1.negotiate_flags,
+ (unsigned int)state->verify2.negotiate_flags,
+ (unsigned int)state->verify3.negotiate_flags));
+
tevent_req_done(req);
}