summaryrefslogtreecommitdiffstats
path: root/source3
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2010-07-12 18:57:32 -0400
committerGünther Deschner <gd@samba.org>2010-07-13 01:35:16 +0200
commit25d487bebfdc771b1e0ab510ecbe4a8601f8fc98 (patch)
tree5713c2b54293a9a174e120f6e26c6e324d84c0cf /source3
parent6555307aa11741171258541da2c13ce25d9e3f55 (diff)
downloadsamba-25d487bebfdc771b1e0ab510ecbe4a8601f8fc98.tar.gz
samba-25d487bebfdc771b1e0ab510ecbe4a8601f8fc98.tar.xz
samba-25d487bebfdc771b1e0ab510ecbe4a8601f8fc98.zip
s3-dcerpc: Fix ntlmssp sign/seal.
Header calculation was misplaced. Signed-off-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source3')
-rw-r--r--source3/rpc_client/cli_pipe.c44
1 files changed, 29 insertions, 15 deletions
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index f4e42cc6a1..20f224681c 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -2146,6 +2146,29 @@ static NTSTATUS add_ntlmssp_auth_footer(struct rpc_pipe_client *cli,
return NT_STATUS_INVALID_PARAMETER;
}
+ /* marshall the dcerpc_auth with an actually empty auth_blob.
+ * this is needed because the ntmlssp signature includes the
+ * auth header */
+ status = dcerpc_push_dcerpc_auth(prs_get_mem_context(rpc_out),
+ map_pipe_auth_type_to_rpc_auth_type(cli->auth->auth_type),
+ cli->auth->auth_level,
+ ss_padding_len,
+ 1 /* context id. */,
+ &auth_blob,
+ &auth_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ /* append the header */
+ if (!prs_copy_data_in(rpc_out,
+ (char *)auth_info.data,
+ auth_info.length)) {
+ DEBUG(0, ("Failed to add %u bytes auth blob.\n",
+ (unsigned int)auth_info.length));
+ return NT_STATUS_NO_MEMORY;
+ }
+
switch (cli->auth->auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data portion is encrypted. */
@@ -2186,21 +2209,12 @@ static NTSTATUS add_ntlmssp_auth_footer(struct rpc_pipe_client *cli,
return NT_STATUS_INVALID_PARAMETER;
}
- /* Finally marshall the blob. */
- status = dcerpc_push_dcerpc_auth(prs_get_mem_context(rpc_out),
- map_pipe_auth_type_to_rpc_auth_type(cli->auth->auth_type),
- cli->auth->auth_level,
- ss_padding_len,
- 1 /* context id. */,
- &auth_blob,
- &auth_info);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- if (!prs_copy_data_in(rpc_out, (const char *)auth_info.data, auth_info.length)) {
- DEBUG(0, ("add_ntlmssp_auth_footer: failed to add %u bytes auth blob.\n",
- (unsigned int)auth_info.length));
+ /* Finally attach the blob. */
+ if (!prs_copy_data_in(rpc_out,
+ (char *)auth_blob.data,
+ auth_blob.length)) {
+ DEBUG(0, ("Failed to add %u bytes auth blob.\n",
+ (unsigned int)auth_info.length));
return NT_STATUS_NO_MEMORY;
}