/*
* If schannel is required for this call test that it actually is available.
*/
-static NTSTATUS schannel_check_required(struct dcerpc_auth *auth_info,
+static NTSTATUS schannel_check_required(const struct dcesrv_auth *auth_info,
const char *computer_name,
bool integrity, bool privacy)
{
struct netlogon_creds_CredentialState **creds_out)
{
NTSTATUS nt_status;
- struct dcerpc_auth *auth_info = dce_call->conn->auth_state.auth_info;
int schannel = lpcfg_server_schannel(dce_call->conn->dce_ctx->lp_ctx);
bool schannel_global_required = (schannel == true);
if (schannel_global_required) {
- nt_status = schannel_check_required(auth_info,
+ nt_status = schannel_check_required(&dce_call->conn->auth_state,
computer_name,
true, false);
if (!NT_STATUS_IS_OK(nt_status)) {
break;
case 6:
- if (dce_call->conn->auth_state.auth_info == NULL) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (dce_call->conn->auth_state.auth_info->auth_level !=
- DCERPC_AUTH_LEVEL_PRIVACY)
- {
+ if (dce_call->conn->auth_state.auth_level < DCERPC_AUTH_LEVEL_PRIVACY) {
return NT_STATUS_INVALID_PARAMETER;
}
return nt_status;
}
- if (!dce_call->conn->auth_state.auth_info ||
- dce_call->conn->auth_state.auth_info->auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
+ if (dce_call->conn->auth_state.auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
return NT_STATUS_ACCESS_DENIED;
}
return dcesrv_netr_LogonSamLogon_base(dce_call, mem_ctx, r, creds);