return True;
}
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+BOOL make_q_auth(NET_Q_AUTH *q_a,
+ const char *logon_srv, const char *acct_name,
+ uint16 sec_chan, const char *comp_name,
+ DOM_CHAL *clnt_chal)
+{
+ if (q_a == NULL) return False;
+
+ DEBUG(5,("make_q_auth: %d\n", __LINE__));
+
+ make_log_info(&(q_a->clnt_id), logon_srv, acct_name, sec_chan, comp_name);
+ memcpy(q_a->clnt_chal.data, clnt_chal->data, sizeof(clnt_chal->data));
+
+ DEBUG(5,("make_q_auth: %d\n", __LINE__));
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+BOOL net_io_q_auth(char *desc, NET_Q_AUTH *q_a, prs_struct *ps, int depth)
+{
+ int old_align;
+ if (q_a == NULL) return False;
+
+ prs_debug(ps, depth, desc, "net_io_q_auth");
+ depth++;
+
+ prs_align(ps);
+
+ smb_io_log_info ("", &(q_a->clnt_id), ps, depth); /* client identification info */
+ /* client challenge is _not_ aligned */
+ old_align = ps->align;
+ ps->align = 0;
+ smb_io_chal ("", &(q_a->clnt_chal), ps, depth); /* client-calculated credentials */
+ ps->align = old_align;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+BOOL net_io_r_auth(char *desc, NET_R_AUTH *r_a, prs_struct *ps, int depth)
+{
+ if (r_a == NULL) return False;
+
+ prs_debug(ps, depth, desc, "net_io_r_auth");
+ depth++;
+
+ prs_align(ps);
+
+ smb_io_chal ("", &(r_a->srv_chal), ps, depth); /* server challenge */
+ prs_uint32("status", ps, depth, &(r_a->status));
+
+ return True;
+}
/*******************************************************************
reads or writes a structure.
}
+
+/*************************************************************************
+ make_net_r_auth:
+ *************************************************************************/
+static void make_net_r_auth(NET_R_AUTH *r_a,
+ DOM_CHAL *resp_cred, int status)
+{
+ memcpy( r_a->srv_chal.data, resp_cred->data, sizeof(resp_cred->data));
+ r_a->status = status;
+}
+
+/*************************************************************************
+ net_reply_auth:
+ *************************************************************************/
+static void net_reply_auth(NET_Q_AUTH *q_a, prs_struct *rdata,
+ DOM_CHAL *resp_cred, int status)
+{
+ NET_R_AUTH r_a;
+
+ /* set up the LSA AUTH 2 response */
+
+ make_net_r_auth(&r_a, resp_cred, status);
+
+ /* store the response in the SMB stream */
+ net_io_r_auth("", &r_a, rdata, 0);
+
+}
+
/*************************************************************************
make_net_r_auth_2:
*************************************************************************/
}
+/*************************************************************************
+ api_net_auth:
+ *************************************************************************/
+static void api_net_auth( pipes_struct *p,
+ prs_struct *data,
+ prs_struct *rdata)
+{
+ NET_Q_AUTH q_a;
+ uint32 status = 0x0;
+
+ DOM_CHAL srv_cred;
+ UTIME srv_time;
+
+ user_struct *vuser;
+
+ if ((vuser = get_valid_user_struct(p->vuid)) == NULL)
+ return;
+
+ srv_time.time = 0;
+
+ /* grab the challenge... */
+ net_io_q_auth("", &q_a, data, 0);
+
+ /* check that the client credentials are valid */
+ if (cred_assert(&(q_a.clnt_chal), vuser->dc.sess_key,
+ &(vuser->dc.clnt_cred.challenge), srv_time))
+ {
+
+ /* create server challenge for inclusion in the reply */
+ cred_create(vuser->dc.sess_key, &(vuser->dc.srv_cred.challenge), srv_time, &srv_cred);
+
+ /* copy the received client credentials for use next time */
+ memcpy(vuser->dc.clnt_cred.challenge.data, q_a.clnt_chal.data, sizeof(q_a.clnt_chal.data));
+ memcpy(vuser->dc.srv_cred .challenge.data, q_a.clnt_chal.data, sizeof(q_a.clnt_chal.data));
+ }
+ else
+ {
+ status = NT_STATUS_ACCESS_DENIED | 0xC0000000;
+ }
+
+ /* construct reply. */
+ net_reply_auth(&q_a, rdata, &srv_cred, status);
+}
+
/*************************************************************************
api_net_auth_2:
*************************************************************************/
net_reply_auth_2(&q_a, rdata, &srv_cred, status);
}
-
/*************************************************************************
api_net_srv_pwset:
*************************************************************************/
static struct api_struct api_net_cmds [] =
{
{ "NET_REQCHAL" , NET_REQCHAL , api_net_req_chal },
+ { "NET_AUTH" , NET_AUTH , api_net_auth },
{ "NET_AUTH2" , NET_AUTH2 , api_net_auth_2 },
{ "NET_SRVPWSET" , NET_SRVPWSET , api_net_srv_pwset },
{ "NET_SAMLOGON" , NET_SAMLOGON , api_net_sam_logon },
{ "NET_LOGON_CTRL2" , NET_LOGON_CTRL2 , api_net_logon_ctrl2 },
{ "NET_TRUST_DOM_LIST", NET_TRUST_DOM_LIST, api_net_trust_dom_list },
{ "NET_SAM_SYNC" , NET_SAM_SYNC , api_net_sam_sync },
- { NULL , 0 , NULL }
+ { NULL , 0 , NULL }
};
/*******************************************************************
git.samba.org / ira / wip.git / commitdiff