s3-netlogon: make _netr_ServerAuthenticate a callback to _netr_ServerAuthenticate3.

Guenther

diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 8a93b2064155b1c5ee2d654e725592c3b8f7b3cf..de898569f20f44fbcd0d27c9258d7285bf8fee65 100644 (file)
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -447,56 +447,23 @@ NTSTATUS _netr_ServerReqChallenge(pipes_struct *p,
 NTSTATUS _netr_ServerAuthenticate(pipes_struct *p,
                                  struct netr_ServerAuthenticate *r)
 {
-       NTSTATUS status;
-       struct netr_Credential srv_chal_out;
-
-       if (!p->dc || !p->dc->challenge_sent) {
-               return NT_STATUS_ACCESS_DENIED;
-       }
-
-       status = get_md4pw((char *)p->dc->mach_pw,
-                          r->in.account_name,
-                          r->in.secure_channel_type,
-                          NULL);
-       if (!NT_STATUS_IS_OK(status)) {
-               DEBUG(0,("_netr_ServerAuthenticate: get_md4pw failed. Failed to "
-                       "get password for machine account %s "
-                       "from client %s: %s\n",
-                       r->in.account_name,
-                       r->in.computer_name,
-                       nt_errstr(status) ));
-               /* always return NT_STATUS_ACCESS_DENIED */
-               return NT_STATUS_ACCESS_DENIED;
-       }
-
-       /* From the client / server challenges and md4 password, generate sess key */
-       creds_server_init(0,                    /* No neg flags. */
-                       p->dc,
-                       &p->dc->clnt_chal,      /* Stored client chal. */
-                       &p->dc->srv_chal,       /* Stored server chal. */
-                       p->dc->mach_pw,
-                       &srv_chal_out);
-
-       /* Check client credentials are valid. */
-       if (!netlogon_creds_server_check(p->dc, r->in.credentials)) {
-               DEBUG(0,("_netr_ServerAuthenticate: netlogon_creds_server_check failed. Rejecting auth "
-                       "request from client %s machine account %s\n",
-                       r->in.computer_name,
-                       r->in.account_name));
-               return NT_STATUS_ACCESS_DENIED;
-       }
+       struct netr_ServerAuthenticate3 a;
+       uint32_t negotiate_flags = 0;
+       uint32_t rid;
 
-       fstrcpy(p->dc->mach_acct, r->in.account_name);
-       fstrcpy(p->dc->remote_machine, r->in.computer_name);
-       p->dc->authenticated = True;
+       a.in.server_name                = r->in.server_name;
+       a.in.account_name               = r->in.account_name;
+       a.in.secure_channel_type        = r->in.secure_channel_type;
+       a.in.computer_name              = r->in.computer_name;
+       a.in.credentials                = r->in.credentials;
+       a.in.negotiate_flags            = &negotiate_flags;
 
-       /* set up the LSA AUTH response */
-       /* Return the server credentials. */
+       a.out.return_credentials        = r->out.return_credentials;
+       a.out.rid                       = &rid;
+       a.out.negotiate_flags           = &negotiate_flags;
 
-       memcpy(r->out.return_credentials->data, &srv_chal_out.data,
-              sizeof(r->out.return_credentials->data));
+       return _netr_ServerAuthenticate3(p, &a);
 
-       return NT_STATUS_OK;
 }
 
 /*************************************************************************
@@ -545,6 +512,9 @@ NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p,
        }
 
        switch (p->hdr_req.opnum) {
+               case NDR_NETR_SERVERAUTHENTICATE:
+                       fn = "_netr_ServerAuthenticate";
+                       break;
                case NDR_NETR_SERVERAUTHENTICATE2:
                        fn = "_netr_ServerAuthenticate2";
                        break;