This allows to remove some more old netlogon client calls.
Guenther
/* Domain controller authentication protocol info */
struct dcinfo {
uint32 sequence; /* "timestamp" from client. */
- DOM_CHAL seed_chal;
- DOM_CHAL clnt_chal; /* Client credential */
- DOM_CHAL srv_chal; /* Server credential */
+ struct netr_Credential seed_chal;
+ struct netr_Credential clnt_chal; /* Client credential */
+ struct netr_Credential srv_chal; /* Server credential */
unsigned char sess_key[16]; /* Session key - 8 bytes followed by 8 zero bytes */
unsigned char mach_pw[16]; /* md4(machine password) */
****************************************************************************/
static void creds_init_128(struct dcinfo *dc,
- const DOM_CHAL *clnt_chal_in,
- const DOM_CHAL *srv_chal_in,
- const unsigned char mach_pw[16])
+ const struct netr_Credential *clnt_chal_in,
+ const struct netr_Credential *srv_chal_in,
+ const unsigned char mach_pw[16])
{
unsigned char zero[4], tmp[16];
HMACMD5Context ctx;
****************************************************************************/
static void creds_init_64(struct dcinfo *dc,
- const DOM_CHAL *clnt_chal_in,
- const DOM_CHAL *srv_chal_in,
- const unsigned char mach_pw[16])
+ const struct netr_Credential *clnt_chal_in,
+ const struct netr_Credential *srv_chal_in,
+ const unsigned char mach_pw[16])
{
uint32 sum[2];
unsigned char sum2[8];
void creds_server_init(uint32 neg_flags,
struct dcinfo *dc,
- DOM_CHAL *clnt_chal,
- DOM_CHAL *srv_chal,
+ struct netr_Credential *clnt_chal,
+ struct netr_Credential *srv_chal,
const unsigned char mach_pw[16],
- DOM_CHAL *init_chal_out)
+ struct netr_Credential *init_chal_out)
{
DEBUG(10,("creds_server_init: neg_flags : %x\n", (unsigned int)neg_flags));
DEBUG(10,("creds_server_init: client chal : %s\n", credstr(clnt_chal->data) ));
static void creds_reseed(struct dcinfo *dc)
{
- DOM_CHAL time_chal;
+ struct netr_Credential time_chal;
SIVAL(time_chal.data, 0, IVAL(dc->seed_chal.data, 0) + dc->sequence + 1);
SIVAL(time_chal.data, 4, IVAL(dc->seed_chal.data, 4));
/* Create the outgoing credentials */
cred_out->timestamp.time = tmp_dc.sequence + 1;
- cred_out->challenge = tmp_dc.srv_chal;
+ memcpy(&cred_out->challenge.data, tmp_dc.srv_chal.data,
+ sizeof(cred_out->challenge.data));
creds_reseed(&tmp_dc);
void creds_client_init(uint32 neg_flags,
struct dcinfo *dc,
- DOM_CHAL *clnt_chal,
- DOM_CHAL *srv_chal,
+ struct netr_Credential *clnt_chal,
+ struct netr_Credential *srv_chal,
const unsigned char mach_pw[16],
- DOM_CHAL *init_chal_out)
+ struct netr_Credential *init_chal_out)
{
dc->sequence = time(NULL);
creds_step(dc);
creds_reseed(dc);
- next_cred_out->challenge = dc->clnt_chal;
+ memcpy(&next_cred_out->challenge.data, dc->clnt_chal.data,
+ sizeof(next_cred_out->challenge.data));
next_cred_out->timestamp.time = dc->sequence;
}
****************************************************************************/
NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
- const char *server_name,
- const char *domain,
- const char *clnt_name,
- const char *machine_account,
- const unsigned char machine_pwd[16],
- uint32 sec_chan_type,
- uint32 *neg_flags_inout)
+ const char *server_name,
+ const char *domain,
+ const char *clnt_name,
+ const char *machine_account,
+ const unsigned char machine_pwd[16],
+ enum netr_SchannelType sec_chan_type,
+ uint32_t *neg_flags_inout)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_CHAL clnt_chal_send;
- DOM_CHAL srv_chal_recv;
+ struct netr_Credential clnt_chal_send;
+ struct netr_Credential srv_chal_recv;
struct dcinfo *dc;
SMB_ASSERT(cli->pipe_idx == PI_NETLOGON);
generate_random_buffer(clnt_chal_send.data, 8);
/* Get the server challenge. */
- result = rpccli_net_req_chal(cli,
- cli->mem_ctx,
- dc->remote_machine,
- clnt_name,
- &clnt_chal_send,
- &srv_chal_recv);
-
+ result = rpccli_netr_ServerReqChallenge(cli, cli->mem_ctx,
+ dc->remote_machine,
+ clnt_name,
+ &clnt_chal_send,
+ &srv_chal_recv);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
machine_pwd,
&clnt_chal_send);
- /*
+ /*
* Send client auth-2 challenge and receive server repy.
*/
- result = rpccli_net_auth2(cli,
- cli->mem_ctx,
- dc->remote_machine,
- dc->mach_acct,
- sec_chan_type,
- clnt_name,
- neg_flags_inout,
- &clnt_chal_send, /* input. */
- &srv_chal_recv); /* output */
-
+ result = rpccli_netr_ServerAuthenticate2(cli, cli->mem_ctx,
+ dc->remote_machine,
+ dc->mach_acct,
+ sec_chan_type,
+ clnt_name,
+ &clnt_chal_send, /* input. */
+ &srv_chal_recv, /* output. */
+ neg_flags_inout);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
* server received challenge.
*/
- if (!creds_client_check(dc, &srv_chal_recv)) {
+ if (!netlogon_creds_client_check(dc, &srv_chal_recv)) {
/*
* Server replied with bad credential. Fail.
*/
*************************************************************************/
static void init_net_r_req_chal(struct netr_Credential *r,
- DOM_CHAL *srv_chal)
+ struct netr_Credential *srv_chal)
{
DEBUG(6,("init_net_r_req_chal: %d\n", __LINE__));
struct netr_ServerAuthenticate *r)
{
NTSTATUS status;
- DOM_CHAL srv_chal_out;
+ struct netr_Credential srv_chal_out;
if (!p->dc || !p->dc->challenge_sent) {
return NT_STATUS_ACCESS_DENIED;
{
NTSTATUS status;
uint32_t srv_flgs;
- DOM_CHAL srv_chal_out;
+ struct netr_Credential srv_chal_out;
/* We use this as the key to store the creds: */
/* r->in.computer_name */
projects / thirdparty / samba.git / commitdiff
