/* We also setup the creds chain in the open_schannel call. */
result = cli_rpc_pipe_open_schannel(
*cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY, domain, &netlogon_pipe);
+ DCERPC_AUTH_LEVEL_PRIVACY, domain, &netlogon_pipe);
} else {
result = cli_rpc_pipe_open_noauth(
*cli, &ndr_table_netlogon.syntax_id, &netlogon_pipe);
}
status = rpccli_schannel_bind_data(p, lp_workgroup(),
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
schannel_key, &auth);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("rpccli_schannel_bind_data failed: %s\n",
struct cli_pipe_auth_data {
enum pipe_auth_type auth_type; /* switch for the union below. Defined in ntdomain.h */
- enum pipe_auth_level auth_level; /* defined in ntdomain.h */
+ enum dcerpc_AuthLevel auth_level; /* defined in ntdomain.h */
char *domain;
char *user_name;
enum pipe_auth_type { PIPE_AUTH_TYPE_NONE = 0, PIPE_AUTH_TYPE_NTLMSSP, PIPE_AUTH_TYPE_SCHANNEL,
PIPE_AUTH_TYPE_SPNEGO_NTLMSSP, PIPE_AUTH_TYPE_KRB5, PIPE_AUTH_TYPE_SPNEGO_KRB5 };
-/* Possible auth levels - keep these in sync with the wire values. */
-enum pipe_auth_level { PIPE_AUTH_LEVEL_NONE = 0,
- PIPE_AUTH_LEVEL_CONNECT = 1, /* We treat as NONE. */
- PIPE_AUTH_LEVEL_INTEGRITY = 5, /* Sign. */
- PIPE_AUTH_LEVEL_PRIVACY = 6 /* Seal. */
-};
-
/* auth state for krb5. */
struct kerberos_auth_struct {
const char *service_principal;
struct pipe_auth_data {
enum pipe_auth_type auth_type; /* switch for union below. */
- enum pipe_auth_level auth_level;
+ enum dcerpc_AuthLevel auth_level;
union {
struct schannel_auth_struct *schannel_auth;
AUTH_NTLMSSP_STATE *auth_ntlmssp_state;
struct cli_pipe_auth_data **presult);
NTSTATUS rpccli_ntlmssp_bind_data(TALLOC_CTX *mem_ctx,
enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
struct cli_pipe_auth_data **presult);
NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, const char *domain,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const uint8_t sess_key[16],
struct cli_pipe_auth_data **presult);
NTSTATUS rpccli_kerberos_bind_data(TALLOC_CTX *mem_ctx,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *service_princ,
const char *username,
const char *password,
NTSTATUS cli_rpc_pipe_open_ntlmssp(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
struct netlogon_creds_CredentialState **pdc,
struct rpc_pipe_client **presult);
NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
struct rpc_pipe_client **presult);
NTSTATUS cli_rpc_pipe_open_krb5(struct cli_state *cli,
const struct ndr_syntax_id *interface,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *service_princ,
const char *username,
const char *password,
bool prs_uint32s(bool charmode, const char *name, prs_struct *ps, int depth, uint32 *data32s, int len);
bool prs_unistr(const char *name, prs_struct *ps, int depth, UNISTR *str);
bool prs_string(const char *name, prs_struct *ps, int depth, char *str, int max_buf_size);
-void schannel_encode(struct schannel_auth_struct *a, enum pipe_auth_level auth_level,
+void schannel_encode(struct schannel_auth_struct *a, enum dcerpc_AuthLevel auth_level,
enum schannel_direction direction,
struct NL_AUTH_SIGNATURE *verf,
char *data, size_t data_len);
-bool schannel_decode(struct schannel_auth_struct *a, enum pipe_auth_level auth_level,
+bool schannel_decode(struct schannel_auth_struct *a, enum dcerpc_AuthLevel auth_level,
enum schannel_direction direction,
struct NL_AUTH_SIGNATURE *verf, char *data, size_t data_len);
bool prs_init_data_blob(prs_struct *prs, DATA_BLOB *blob, TALLOC_CTX *mem_ctx);
status = cli_rpc_pipe_open_schannel_with_key(
cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
netbios_domain_name, &netlogon_pipe->dc, &pipe_hnd);
cli_shutdown(cli);
result = cli_rpc_pipe_open_ntlmssp(cli,
&ndr_table_samr.syntax_id,
NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain, user,
old_passwd,
&pipe_hnd);
DATA_BLOB auth_blob;
NTSTATUS status;
- if (cli->auth->auth_level == PIPE_AUTH_LEVEL_NONE
- || cli->auth->auth_level == PIPE_AUTH_LEVEL_CONNECT) {
+ if (cli->auth->auth_level == DCERPC_AUTH_LEVEL_NONE
+ || cli->auth->auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
return NT_STATUS_OK;
}
auth_blob.length = auth_len;
switch (cli->auth->auth_level) {
- case PIPE_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data is encrypted. */
status = ntlmssp_unseal_packet(ntlmssp_state,
data, data_len,
return status;
}
break;
- case PIPE_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
/* Data is signed. */
status = ntlmssp_check_packet(ntlmssp_state,
data, data_len,
enum ndr_err_code ndr_err;
DATA_BLOB blob;
- if (cli->auth->auth_level == PIPE_AUTH_LEVEL_NONE
- || cli->auth->auth_level == PIPE_AUTH_LEVEL_CONNECT) {
+ if (cli->auth->auth_level == DCERPC_AUTH_LEVEL_NONE
+ || cli->auth->auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
return NT_STATUS_OK;
}
********************************************************************/
static NTSTATUS create_krb5_auth_bind_req( struct rpc_pipe_client *cli,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
RPC_HDR_AUTH *pauth_out,
prs_struct *auth_data)
{
********************************************************************/
static NTSTATUS create_spnego_ntlmssp_auth_rpc_bind_req( struct rpc_pipe_client *cli,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
RPC_HDR_AUTH *pauth_out,
prs_struct *auth_data)
{
********************************************************************/
static NTSTATUS create_ntlmssp_auth_rpc_bind_req( struct rpc_pipe_client *cli,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
RPC_HDR_AUTH *pauth_out,
prs_struct *auth_data)
{
********************************************************************/
static NTSTATUS create_schannel_auth_rpc_bind_req( struct rpc_pipe_client *cli,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
RPC_HDR_AUTH *pauth_out,
prs_struct *auth_data)
{
const struct ndr_syntax_id *abstract,
const struct ndr_syntax_id *transfer,
enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level)
+ enum dcerpc_AuthLevel auth_level)
{
RPC_HDR_AUTH hdr_auth;
prs_struct auth_info;
}
switch (cli->auth->auth_level) {
- case PIPE_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data portion is encrypted. */
status = ntlmssp_seal_packet(cli->auth->a_u.ntlmssp_state,
(unsigned char *)prs_data_p(outgoing_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN,
}
break;
- case PIPE_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
/* Data is signed. */
status = ntlmssp_sign_packet(cli->auth->a_u.ntlmssp_state,
(unsigned char *)prs_data_p(outgoing_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN,
}
switch (cli->auth->auth_level) {
- case PIPE_AUTH_LEVEL_PRIVACY:
- case PIPE_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
DEBUG(10,("add_schannel_auth_footer: SCHANNEL seq_num=%d\n",
sas->seq_num));
#endif
switch (cli->auth->auth_level) {
- case PIPE_AUTH_LEVEL_NONE:
- case PIPE_AUTH_LEVEL_CONNECT:
+ case DCERPC_AUTH_LEVEL_NONE:
+ case DCERPC_AUTH_LEVEL_CONNECT:
data_space = cli->max_xmit_frag - RPC_HEADER_LEN - RPC_HDR_REQ_LEN;
data_len = MIN(data_space, data_left);
*p_ss_padding = 0;
*p_frag_len = RPC_HEADER_LEN + RPC_HDR_REQ_LEN + data_len;
return data_len;
- case PIPE_AUTH_LEVEL_INTEGRITY:
- case PIPE_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
/* Treat the same for all authenticated rpc requests. */
switch(cli->auth->auth_type) {
case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP:
static NTSTATUS create_rpc_bind_auth3(struct rpc_pipe_client *cli,
uint32 rpc_call_id,
enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
DATA_BLOB *pauth_blob,
prs_struct *rpc_out)
{
static NTSTATUS create_rpc_alter_context(uint32 rpc_call_id,
const struct ndr_syntax_id *abstract,
const struct ndr_syntax_id *transfer,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const DATA_BLOB *pauth_blob, /* spnego auth blob already created. */
prs_struct *rpc_out)
{
}
result->auth_type = PIPE_AUTH_TYPE_NONE;
- result->auth_level = PIPE_AUTH_LEVEL_NONE;
+ result->auth_level = DCERPC_AUTH_LEVEL_NONE;
result->user_name = talloc_strdup(result, "");
result->domain = talloc_strdup(result, "");
NTSTATUS rpccli_ntlmssp_bind_data(TALLOC_CTX *mem_ctx,
enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
result->a_u.ntlmssp_state->neg_flags &=
~(NTLMSSP_NEGOTIATE_SIGN | NTLMSSP_NEGOTIATE_SEAL);
- if (auth_level == PIPE_AUTH_LEVEL_INTEGRITY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_INTEGRITY) {
result->a_u.ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
- } else if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ } else if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
result->a_u.ntlmssp_state->neg_flags
|= NTLMSSP_NEGOTIATE_SEAL | NTLMSSP_NEGOTIATE_SIGN;
}
}
NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, const char *domain,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const uint8_t sess_key[16],
struct cli_pipe_auth_data **presult)
{
#endif
NTSTATUS rpccli_kerberos_bind_data(TALLOC_CTX *mem_ctx,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *service_princ,
const char *username,
const char *password,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
NTSTATUS cli_rpc_pipe_open_ntlmssp(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
struct netlogon_creds_CredentialState **pdc,
struct rpc_pipe_client **presult)
status = cli_rpc_pipe_open_spnego_ntlmssp(
cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain, username, password, &netlogon_pipe);
if (!NT_STATUS_IS_OK(status)) {
return status;
NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
const char *username,
const char *password,
NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum dcerpc_transport_t transport,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *domain,
struct rpc_pipe_client **presult)
{
NTSTATUS cli_rpc_pipe_open_krb5(struct cli_state *cli,
const struct ndr_syntax_id *interface,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
const char *service_princ,
const char *username,
const char *password,
********************************************************************/
static void schannel_digest(struct schannel_auth_struct *a,
- enum pipe_auth_level auth_level,
+ enum dcerpc_AuthLevel auth_level,
struct NL_AUTH_SIGNATURE *verf,
char *data, size_t data_len,
uchar digest_final[16])
out of order */
MD5Update(&ctx3, zeros, sizeof(zeros));
MD5Update(&ctx3, sig, 8);
- if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
MD5Update(&ctx3, verf->Confounder, sizeof(verf->Confounder));
}
MD5Update(&ctx3, (const unsigned char *)data, data_len);
quite compatible with what MS does.
********************************************************************/
-void schannel_encode(struct schannel_auth_struct *a, enum pipe_auth_level auth_level,
+void schannel_encode(struct schannel_auth_struct *a, enum dcerpc_AuthLevel auth_level,
enum schannel_direction direction,
struct NL_AUTH_SIGNATURE *verf,
char *data, size_t data_len)
dump_data_pw("verf->SequenceNumber:\n", verf->SequenceNumber, sizeof(verf->SequenceNumber));
- if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
verf->SealAlgorithm = NL_SEAL_RC4;
} else {
verf->SealAlgorithm = NL_SEAL_NONE;
schannel_digest(a, auth_level, verf, data, data_len, digest_final);
memcpy(verf->Checksum, digest_final, sizeof(verf->Checksum));
- if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
uchar sealing_key[16];
/* get the key to encode the data with */
as well as decode sealed messages
********************************************************************/
-bool schannel_decode(struct schannel_auth_struct *a, enum pipe_auth_level auth_level,
+bool schannel_decode(struct schannel_auth_struct *a, enum dcerpc_AuthLevel auth_level,
enum schannel_direction direction,
struct NL_AUTH_SIGNATURE *verf, char *data, size_t data_len)
{
DEBUG(10,("SCHANNEL: schannel_decode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len));
- if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
schannel_sig = schannel_seal_sig;
} else {
schannel_sig = schannel_sign_sig;
return False;
}
- if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
uchar sealing_key[16];
/* get the key to extract the data with */
struct tdb_context *tdb;
bool schannel_global_required = (lp_server_schannel() == true) ? true:false;
bool schannel_in_use = (p->auth.auth_type == PIPE_AUTH_TYPE_SCHANNEL) ? true:false; /* &&
- (p->auth.auth_level == PIPE_AUTH_LEVEL_INTEGRITY ||
- p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY); */
+ (p->auth.auth_level == DCERPC_AUTH_LEVEL_INTEGRITY ||
+ p->auth.auth_level == DCERPC_AUTH_LEVEL_PRIVACY); */
tdb = open_schannel_session_store(mem_ctx);
if (!tdb) {
} else {
auth_type = RPC_SPNEGO_AUTH_TYPE;
}
- if (p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (p->auth.auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
auth_level = RPC_AUTH_LEVEL_PRIVACY;
} else {
auth_level = RPC_AUTH_LEVEL_INTEGRITY;
/* Generate the sign blob. */
switch (p->auth.auth_level) {
- case PIPE_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data portion is encrypted. */
status = ntlmssp_seal_packet(
a->ntlmssp_state,
return False;
}
break;
- case PIPE_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
/* Data is signed. */
status = ntlmssp_sign_packet(
a->ntlmssp_state,
init_rpc_hdr_auth(&auth_info,
RPC_SCHANNEL_AUTH_TYPE,
- p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY ?
+ p->auth.auth_level == DCERPC_AUTH_LEVEL_PRIVACY ?
RPC_AUTH_LEVEL_PRIVACY : RPC_AUTH_LEVEL_INTEGRITY,
ss_padding_len, 1);
bool create_next_pdu(pipes_struct *p)
{
switch(p->auth.auth_level) {
- case PIPE_AUTH_LEVEL_NONE:
- case PIPE_AUTH_LEVEL_CONNECT:
+ case DCERPC_AUTH_LEVEL_NONE:
+ case DCERPC_AUTH_LEVEL_CONNECT:
/* This is incorrect for auth level connect. Fixme. JRA */
return create_next_pdu_noauth(p);
ensure the underlying NTLMSSP flags are also set. If not we should
refuse the bind. */
- if (p->auth.auth_level == PIPE_AUTH_LEVEL_INTEGRITY) {
+ if (p->auth.auth_level == DCERPC_AUTH_LEVEL_INTEGRITY) {
if (!(a->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN)) {
DEBUG(0,("pipe_ntlmssp_verify_final: pipe %s : packet integrity requested "
"but client declined signing.\n",
return False;
}
}
- if (p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ if (p->auth.auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
if (!(a->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL)) {
DEBUG(0,("pipe_ntlmssp_verify_final: pipe %s : packet privacy requested "
"but client declined sealing.\n",
if (p->auth.auth_data_free_func) {
(*p->auth.auth_data_free_func)(&p->auth);
}
- p->auth.auth_level = PIPE_AUTH_LEVEL_NONE;
+ p->auth.auth_level = DCERPC_AUTH_LEVEL_NONE;
p->auth.auth_type = PIPE_AUTH_TYPE_NONE;
p->pipe_bound = False;
/* Work out if we have to sign or seal etc. */
switch (auth_info.auth_level) {
case RPC_AUTH_LEVEL_INTEGRITY:
- p->auth.auth_level = PIPE_AUTH_LEVEL_INTEGRITY;
+ p->auth.auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
break;
case RPC_AUTH_LEVEL_PRIVACY:
- p->auth.auth_level = PIPE_AUTH_LEVEL_PRIVACY;
+ p->auth.auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
break;
default:
DEBUG(0,("api_pipe_bind_req: unexpected auth level (%u).\n",
/* We're finished - no more packets. */
p->auth.auth_type = PIPE_AUTH_TYPE_NONE;
/* We must set the pipe auth_level here also. */
- p->auth.auth_level = PIPE_AUTH_LEVEL_NONE;
+ p->auth.auth_level = DCERPC_AUTH_LEVEL_NONE;
p->pipe_bound = True;
/* The session key was initialized from the SMB
* session in make_internal_rpc_pipe_p */
*pstatus = NT_STATUS_OK;
- if (p->auth.auth_level == PIPE_AUTH_LEVEL_NONE || p->auth.auth_level == PIPE_AUTH_LEVEL_CONNECT) {
+ if (p->auth.auth_level == DCERPC_AUTH_LEVEL_NONE || p->auth.auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
return True;
}
auth_blob.length = auth_len;
switch (p->auth.auth_level) {
- case PIPE_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data is encrypted. */
*pstatus = ntlmssp_unseal_packet(a->ntlmssp_state,
data, data_len,
return False;
}
break;
- case PIPE_AUTH_LEVEL_INTEGRITY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
/* Data is signed. */
*pstatus = ntlmssp_check_packet(a->ntlmssp_state,
data, data_len,
return NT_STATUS_ACCESS_DENIED;
}
- if (p->auth.auth_level != PIPE_AUTH_LEVEL_PRIVACY) {
+ if (p->auth.auth_level != DCERPC_AUTH_LEVEL_PRIVACY) {
return NT_STATUS_ACCESS_DENIED;
}
DOM_SID domain_sid;
static enum pipe_auth_type pipe_default_auth_type = PIPE_AUTH_TYPE_NONE;
-static enum pipe_auth_level pipe_default_auth_level = PIPE_AUTH_LEVEL_NONE;
+static enum dcerpc_AuthLevel pipe_default_auth_level = DCERPC_AUTH_LEVEL_NONE;
static unsigned int timeout = 0;
static enum dcerpc_transport_t default_transport = NCACN_NP;
{
const char *type = "NTLMSSP";
- pipe_default_auth_level = PIPE_AUTH_LEVEL_INTEGRITY;
+ pipe_default_auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
pipe_default_auth_type = PIPE_AUTH_TYPE_NTLMSSP;
if (argc > 2) {
{
const char *type = "NTLMSSP";
- pipe_default_auth_level = PIPE_AUTH_LEVEL_PRIVACY;
+ pipe_default_auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
pipe_default_auth_type = PIPE_AUTH_TYPE_NTLMSSP;
if (argc > 2) {
static NTSTATUS cmd_none(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- pipe_default_auth_level = PIPE_AUTH_LEVEL_NONE;
+ pipe_default_auth_level = DCERPC_AUTH_LEVEL_NONE;
pipe_default_auth_type = PIPE_AUTH_TYPE_NONE;
return cmd_set_ss_level();
int argc, const char **argv)
{
d_printf("Setting schannel - sign and seal\n");
- pipe_default_auth_level = PIPE_AUTH_LEVEL_PRIVACY;
+ pipe_default_auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
pipe_default_auth_type = PIPE_AUTH_TYPE_SCHANNEL;
return cmd_set_ss_level();
int argc, const char **argv)
{
d_printf("Setting schannel - sign only\n");
- pipe_default_auth_level = PIPE_AUTH_LEVEL_INTEGRITY;
+ pipe_default_auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
pipe_default_auth_type = PIPE_AUTH_TYPE_SCHANNEL;
return cmd_set_ss_level();
/* Always try and create an schannel netlogon pipe. */
nt_status = cli_rpc_pipe_open_schannel(
cli, interface, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY, domain_name,
+ DCERPC_AUTH_LEVEL_PRIVACY, domain_name,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise schannel netlogon pipe. Error was %s\n",
cli, interface,
(conn_flags & NET_FLAGS_TCP) ?
NCACN_IP_TCP : NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
lp_workgroup(), c->opt_user_name,
c->opt_password, &pipe_hnd);
} else {
ntret = cli_rpc_pipe_open_schannel_with_key(
cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain, &netlogon_pipe->dc, &pipe_hnd);
if (!NT_STATUS_IS_OK(ntret)) {
result = cli_rpc_pipe_open_schannel_with_key(
cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY, domain, &pipe_hnd->dc,
+ DCERPC_AUTH_LEVEL_PRIVACY, domain, &pipe_hnd->dc,
&netlogon_schannel_pipe);
if (!NT_STATUS_IS_OK(result)) {
result = cli_rpc_pipe_open_spnego_ntlmssp(conn->cli,
&ndr_table_samr.syntax_id,
NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain_name,
machine_account,
machine_password,
}
result = cli_rpc_pipe_open_schannel_with_key
(conn->cli, &ndr_table_samr.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain->name, &p_creds, &conn->samr_pipe);
if (!NT_STATUS_IS_OK(result)) {
* authenticated LSA pipe with sign & seal. */
result = cli_rpc_pipe_open_spnego_ntlmssp
(conn->cli, &ndr_table_lsarpc.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
conn->cli->domain, conn->cli->user_name, conn->cli->password,
&conn->lsa_pipe);
}
result = cli_rpc_pipe_open_schannel_with_key
(conn->cli, &ndr_table_lsarpc.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY,
+ DCERPC_AUTH_LEVEL_PRIVACY,
domain->name, &p_creds, &conn->lsa_pipe);
if (!NT_STATUS_IS_OK(result)) {
result = cli_rpc_pipe_open_schannel_with_key(
conn->cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- PIPE_AUTH_LEVEL_PRIVACY, domain->name, &netlogon_pipe->dc,
+ DCERPC_AUTH_LEVEL_PRIVACY, domain->name, &netlogon_pipe->dc,
&conn->netlogon_pipe);
/* We can now close the initial netlogon pipe. */