diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-09-12 06:38:00 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2004-09-12 06:38:00 +0000 |
commit | 69d38a9e83539bef936c435773882b5050fec796 (patch) | |
tree | 0abb7760c578da384e7c85b876df28ded719788f /source/librpc/rpc/dcerpc.c | |
parent | fbcf3b0db593718a951fabadb11aa950d11d93f9 (diff) | |
download | samba-69d38a9e83539bef936c435773882b5050fec796.tar.gz samba-69d38a9e83539bef936c435773882b5050fec796.tar.xz samba-69d38a9e83539bef936c435773882b5050fec796.zip |
r2294: this fixes the NTLM2 sign+seal combination. I have now tested:
NTLM sign
NTLM sign+seal
NTLM2 sign
NTLM2 sign+seal
and all of the above both with and without key exchange
the NTLM2 seal case is ugly and involves an extra data copy, which
some API changes in gensec or the ndr layer might avoid in future.
Diffstat (limited to 'source/librpc/rpc/dcerpc.c')
-rw-r--r-- | source/librpc/rpc/dcerpc.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/source/librpc/rpc/dcerpc.c b/source/librpc/rpc/dcerpc.c index c2f691aa09b..629edd16d42 100644 --- a/source/librpc/rpc/dcerpc.c +++ b/source/librpc/rpc/dcerpc.c @@ -214,11 +214,14 @@ static NTSTATUS dcerpc_pull_request_sign(struct dcerpc_pipe *p, case DCERPC_AUTH_LEVEL_PRIVACY: status = gensec_unseal_packet(p->security_state.generic_state, mem_ctx, - pkt->u.response.stub_and_verifier.data, + blob->data + DCERPC_REQUEST_LENGTH, pkt->u.response.stub_and_verifier.length, blob->data, blob->length - auth.credentials.length, &auth.credentials); + memcpy(pkt->u.response.stub_and_verifier.data, + blob->data + DCERPC_REQUEST_LENGTH, + pkt->u.response.stub_and_verifier.length); break; case DCERPC_AUTH_LEVEL_INTEGRITY: @@ -327,8 +330,8 @@ static NTSTATUS dcerpc_push_request_sign(struct dcerpc_pipe *p, case DCERPC_AUTH_LEVEL_PRIVACY: status = gensec_seal_packet(p->security_state.generic_state, mem_ctx, - ndr->data + DCERPC_REQUEST_LENGTH, - ndr->offset - DCERPC_REQUEST_LENGTH, + blob->data + DCERPC_REQUEST_LENGTH, + pkt->u.request.stub_and_verifier.length+p->security_state.auth_info->auth_pad_length, blob->data, blob->length - p->security_state.auth_info->credentials.length, @@ -339,8 +342,8 @@ static NTSTATUS dcerpc_push_request_sign(struct dcerpc_pipe *p, case DCERPC_AUTH_LEVEL_INTEGRITY: status = gensec_sign_packet(p->security_state.generic_state, mem_ctx, - ndr->data + DCERPC_REQUEST_LENGTH, - ndr->offset - DCERPC_REQUEST_LENGTH, + blob->data + DCERPC_REQUEST_LENGTH, + pkt->u.request.stub_and_verifier.length, blob->data, blob->length - p->security_state.auth_info->credentials.length, |