}
}
+
+void dump_NL_AUTH_SIGNATURE(TALLOC_CTX *mem_ctx,
+ const DATA_BLOB *blob)
+{
+ enum ndr_err_code ndr_err;
+ uint16_t signature_algorithm;
+
+ if (blob->length < 2) {
+ return;
+ }
+
+ signature_algorithm = SVAL(blob->data, 0);
+
+ switch (signature_algorithm) {
+ case NL_SIGN_HMAC_MD5: {
+ struct NL_AUTH_SIGNATURE r;
+ ndr_err = ndr_pull_struct_blob(blob, mem_ctx, NULL, &r,
+ (ndr_pull_flags_fn_t)ndr_pull_NL_AUTH_SIGNATURE);
+ if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &r);
+ }
+ break;
+ }
+ case NL_SIGN_HMAC_SHA256: {
+ struct NL_AUTH_SHA2_SIGNATURE r;
+ ndr_err = ndr_pull_struct_blob(blob, mem_ctx, NULL, &r,
+ (ndr_pull_flags_fn_t)ndr_pull_NL_AUTH_SHA2_SIGNATURE);
+ if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ NDR_PRINT_DEBUG(NL_AUTH_SHA2_SIGNATURE, &r);
+ }
+ break;
+ }
+ default:
+ break;
+ }
+}
void ndr_print_NL_AUTH_MESSAGE_BUFFER(struct ndr_print *ndr, const char *name, const union NL_AUTH_MESSAGE_BUFFER *r);
void ndr_print_NL_AUTH_MESSAGE_BUFFER_REPLY(struct ndr_print *ndr, const char *name, const union NL_AUTH_MESSAGE_BUFFER_REPLY *r);
-
+void dump_NL_AUTH_SIGNATURE(TALLOC_CTX *mem_ctx,
+ const DATA_BLOB *blob);
uint8 *p_ss_padding_len)
{
RPC_HDR_AUTH auth_info;
- struct NL_AUTH_SIGNATURE schannel_chk;
uint32 auth_len = prhdr->auth_len;
uint32 save_offset = prs_offset(current_pdu);
struct schannel_state *schannel_auth =
cli->auth->a_u.schannel_auth;
uint32 data_len;
- enum ndr_err_code ndr_err;
DATA_BLOB blob;
NTSTATUS status;
blob = data_blob_const(prs_data_p(current_pdu) + prs_offset(current_pdu), auth_len);
- ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), NULL, &schannel_chk,
- (ndr_pull_flags_fn_t)ndr_pull_NL_AUTH_SIGNATURE);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- DEBUG(0,("cli_pipe_verify_schannel: failed to unmarshal RPC_AUTH_SCHANNEL_CHK.\n"));
- return ndr_map_error2ntstatus(ndr_err);
- }
-
if (DEBUGLEVEL >= 10) {
- NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &schannel_chk);
+ dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
}
switch (cli->auth->auth_level) {
prs_struct *outgoing_pdu)
{
RPC_HDR_AUTH auth_info;
- struct NL_AUTH_SIGNATURE verf;
struct schannel_state *sas = cli->auth->a_u.schannel_auth;
char *data_p = prs_data_p(outgoing_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN;
size_t data_and_pad_len = prs_offset(outgoing_pdu) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN;
- enum ndr_err_code ndr_err;
DATA_BLOB blob;
NTSTATUS status;
nt_errstr(status)));
return status;
}
-#if 0
- ndr_err = ndr_push_struct_blob(&blob, talloc_tos(), NULL, &verf,
- (ndr_push_flags_fn_t)ndr_push_NL_AUTH_SIGNATURE);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- return ndr_map_error2ntstatus(ndr_err);
- }
if (DEBUGLEVEL >= 10) {
- NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &verf);
+ dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
}
-#endif
+
/* Finally marshall the blob. */
if (!prs_copy_data_in(outgoing_pdu, (const char *)blob.data, blob.length)) {
return NT_STATUS_NO_MEMORY;
* Schannel processing.
*/
RPC_HDR_AUTH auth_info;
- struct NL_AUTH_SIGNATURE verf;
DATA_BLOB blob;
- enum ndr_err_code ndr_err;
/* Check it's the type of reply we were expecting to decode */
/* Finally marshall the blob. */
-#if 0
- ndr_err = ndr_push_struct_blob(&blob, talloc_tos(), NULL, &verf,
- (ndr_push_flags_fn_t)ndr_push_NL_AUTH_SIGNATURE);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- prs_mem_free(&p->out_data.frag);
- return false;
- }
-
if (DEBUGLEVEL >= 10) {
- NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &verf);
+ dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
}
-#endif
+
if (!prs_copy_data_in(&p->out_data.frag, (const char *)blob.data, blob.length)) {
prs_mem_free(&p->out_data.frag);
return false;
uint32 auth_len;
uint32 save_offset = prs_offset(rpc_in);
RPC_HDR_AUTH auth_info;
- struct NL_AUTH_SIGNATURE schannel_chk;
- enum ndr_err_code ndr_err;
DATA_BLOB blob;
NTSTATUS status;
blob = data_blob_const(prs_data_p(rpc_in) + prs_offset(rpc_in), auth_len);
- ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), NULL, &schannel_chk,
- (ndr_pull_flags_fn_t)ndr_pull_NL_AUTH_SIGNATURE);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- DEBUG(0,("failed to pull NL_AUTH_SIGNATURE\n"));
- dump_data(2, blob.data, blob.length);
- return false;
- }
-
if (DEBUGLEVEL >= 10) {
- NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &schannel_chk);
+ dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
}
switch (auth_info.auth_level) {