s4:rpc_server: remember the hdr_signing negotiation result in dcesrv_auth

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jan  8 18:37:22 CET 2014 on sn-devel-104

diff --git a/source4/rpc_server/dcerpc_server.h b/source4/rpc_server/dcerpc_server.h
index 4d9676f29fd584e56a0228c1457d51231c646380..c5d8632f2614d98fd95cc3a8145c39b19c3ba4e5 100644 (file)
--- a/source4/rpc_server/dcerpc_server.h
+++ b/source4/rpc_server/dcerpc_server.h
@@ -148,6 +148,8 @@ struct dcesrv_auth {
        struct gensec_security *gensec_security;
        struct auth_session_info *session_info;
        NTSTATUS (*session_key)(struct dcesrv_connection *, DATA_BLOB *session_key);
+       bool client_hdr_signing;
+       bool hdr_signing;
 };
 
 struct dcesrv_connection_context {

diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c
index d69dc61b46cdc4c58ef08cc7c3bfdbfa9cc5cf79..7ec0d43bfd7053891996d4a1fd859029d1504c51 100644 (file)
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -110,6 +110,7 @@ NTSTATUS dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct ncacn_packe
        }
 
        if (call->pkt.pfc_flags & DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN) {
+               dce_conn->auth_state.client_hdr_signing = true;
                want_header_signing = true;
        }
 
@@ -140,6 +141,7 @@ NTSTATUS dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct ncacn_packe
                if (want_header_signing) {
                        gensec_want_feature(dce_conn->auth_state.gensec_security,
                                            GENSEC_FEATURE_SIGN_PKT_HEADER);
+                       dce_conn->auth_state.hdr_signing = true;
                        pkt->pfc_flags |= DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN;
                }
 
@@ -159,6 +161,7 @@ NTSTATUS dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct ncacn_packe
                if (want_header_signing) {
                        gensec_want_feature(dce_conn->auth_state.gensec_security,
                                            GENSEC_FEATURE_SIGN_PKT_HEADER);
+                       dce_conn->auth_state.hdr_signing = true;
                        pkt->pfc_flags |= DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN;
                }