s4:rpc_server/netlogon: implement netr_LogonGetCapabilities for AES / HMAC-SHA256...

metze

diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 1a45711c574cdeb12c7ccc6c333ad9914c41a901..67c206aadf566c87b13e6408ce87f2421df51b50 100644 (file)
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -992,8 +992,27 @@ static WERROR dcesrv_netr_NetrEnumerateTrustedDomains(struct dcesrv_call_state *
 static NTSTATUS dcesrv_netr_LogonGetCapabilities(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
                       struct netr_LogonGetCapabilities *r)
 {
-       /* we don't support AES yet */
-       return NT_STATUS_NOT_IMPLEMENTED;
+       struct netlogon_creds_CredentialState *creds;
+       NTSTATUS status;
+
+       status = dcesrv_netr_creds_server_step_check(dce_call,
+                                                    mem_ctx,
+                                                    r->in.computer_name,
+                                                    r->in.credential,
+                                                    r->out.return_authenticator,
+                                                    &creds);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(0,(__location__ " Bad credentials - error\n"));
+       }
+       NT_STATUS_NOT_OK_RETURN(status);
+
+       if (r->in.query_level != 1) {
+               return NT_STATUS_NOT_SUPPORTED;
+       }
+
+       r->out.capabilities->server_capabilities = creds->negotiate_flags;
+
+       return NT_STATUS_OK;
 }