}
-static NTSTATUS dcesrv_netr_LogonSamLogon_check(const struct netr_LogonSamLogonEx *r)
+static NTSTATUS dcesrv_netr_LogonSamLogon_check(struct dcesrv_call_state *dce_call,
+ const struct netr_LogonSamLogonEx *r)
{
switch (r->in.logon_level) {
case NetlogonInteractiveInformation:
return NT_STATUS_INVALID_PARAMETER;
}
+ switch (r->in.validation_level) {
+ case NetlogonValidationSamInfo4: /* 6 */
+ if (dce_call->conn->auth_state.auth_level < DCERPC_AUTH_LEVEL_PRIVACY) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ break;
+
+ default:
+ break;
+ }
+
return NT_STATUS_OK;
}
break;
case 6:
- if (dce_call->conn->auth_state.auth_level < DCERPC_AUTH_LEVEL_PRIVACY) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
nt_status = auth_convert_user_info_dc_saminfo6(mem_ctx,
user_info_dc,
&sam6);
*r->out.authoritative = 1;
- nt_status = dcesrv_netr_LogonSamLogon_check(r);
+ nt_status = dcesrv_netr_LogonSamLogon_check(dce_call, r);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
*r->out.authoritative = 1;
- nt_status = dcesrv_netr_LogonSamLogon_check(&r2);
+ nt_status = dcesrv_netr_LogonSamLogon_check(dce_call, &r2);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}