bool schannel_global_required = (schannel == true);
if (schannel_global_required) {
- if (dce_call->conn->auth_state.auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
+ enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE;
+
+ dcesrv_call_auth_info(dce_call, &auth_type, NULL);
+
+ if (auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
DBG_ERR("[%s] is not using schannel\n",
computer_name);
return NT_STATUS_ACCESS_DENIED;
static NTSTATUS dcesrv_netr_LogonSamLogon_check(struct dcesrv_call_state *dce_call,
const struct netr_LogonSamLogonEx *r)
{
+ enum dcerpc_AuthLevel auth_level = DCERPC_AUTH_LEVEL_NONE;
+
switch (r->in.logon_level) {
case NetlogonInteractiveInformation:
case NetlogonServiceInformation:
return NT_STATUS_INVALID_PARAMETER;
}
+ dcesrv_call_auth_info(dce_call, NULL, &auth_level);
+
switch (r->in.validation_level) {
case NetlogonValidationSamInfo4: /* 6 */
- if (dce_call->conn->auth_state.auth_level < DCERPC_AUTH_LEVEL_PRIVACY) {
+ if (auth_level < DCERPC_AUTH_LEVEL_PRIVACY) {
return NT_STATUS_INVALID_PARAMETER;
}
break;
static NTSTATUS dcesrv_netr_LogonSamLogonEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct netr_LogonSamLogonEx *r)
{
+ enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE;
struct dcesrv_netr_LogonSamLogon_base_state *state;
NTSTATUS nt_status;
return nt_status;
}
- if (dce_call->conn->auth_state.auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
+ dcesrv_call_auth_info(dce_call, &auth_type, NULL);
+
+ if (auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
return NT_STATUS_ACCESS_DENIED;
}