libcli/auth: let netlogon_creds_crypt_samlogon_validation handle generic info

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
index cdf591ec28ca570d5b1428951f8cc2c7544d5fde..a6770d87cf846570c22f9272ac6d1e0b903005c2 100644 (file)
--- a/libcli/auth/credentials.c
+++ b/libcli/auth/credentials.c
@@ -875,6 +875,33 @@ static NTSTATUS netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_C
                        base = &validation->sam3->base;
                }
                break;
+       case 5:
+               /* NetlogonValidationGenericInfo2 */
+               if (validation->generic != NULL &&
+                   validation->generic->length == 0)
+               {
+                       /*
+                        * For "Kerberos"
+                        * KERB_VERIFY_PAC_REQUEST there's
+                        * not response, so there's nothing
+                        * to encrypt.
+                        */
+                       return NT_STATUS_OK;
+               }
+
+               /*
+                * We don't know if encryption is
+                * required or not yet.
+                *
+                * We would have to do tests
+                * with DIGEST_VALIDATION_RESP
+                *
+                * But as we don't support that
+                * yet, we just return an error
+                * for now.
+                */
+               log_stack_trace();
+               return NT_STATUS_INTERNAL_ERROR;
        case 6:
                if (validation->sam6) {
                        base = &validation->sam6->base;