Author: tridge Date: 2004-10-30 11:07:28 +0000 (Sat, 30 Oct 2004) New Revision: 3390
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=3390 Log: fixed schannel server side support. RPC-SCHANNEL now works against Samba4. Removed: branches/SAMBA_4_0/source/libcli/auth/schannel.h Modified: branches/SAMBA_4_0/source/include/includes.h branches/SAMBA_4_0/source/libcli/auth/gensec.h branches/SAMBA_4_0/source/libcli/auth/schannel.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc_schannel.c branches/SAMBA_4_0/source/param/loadparm.c Changeset: Modified: branches/SAMBA_4_0/source/include/includes.h =================================================================== --- branches/SAMBA_4_0/source/include/includes.h 2004-10-30 10:51:18 UTC (rev 3389) +++ branches/SAMBA_4_0/source/include/includes.h 2004-10-30 11:07:28 UTC (rev 3390) @@ -653,7 +653,6 @@ #include "libcli/auth/ntlmssp.h" #include "libcli/auth/credentials.h" -#include "libcli/auth/schannel.h" #include "libcli/auth/kerberos.h" #include "libcli/auth/gensec.h" #include "libcli/auth/spnego.h" Modified: branches/SAMBA_4_0/source/libcli/auth/gensec.h =================================================================== --- branches/SAMBA_4_0/source/libcli/auth/gensec.h 2004-10-30 10:51:18 UTC (rev 3389) +++ branches/SAMBA_4_0/source/libcli/auth/gensec.h 2004-10-30 11:07:28 UTC (rev 3390) @@ -108,4 +108,5 @@ }; - +/* pre-declare schannel structure for schannel backend */ +struct schannel_state; Modified: branches/SAMBA_4_0/source/libcli/auth/schannel.c =================================================================== --- branches/SAMBA_4_0/source/libcli/auth/schannel.c 2004-10-30 10:51:18 UTC (rev 3389) +++ branches/SAMBA_4_0/source/libcli/auth/schannel.c 2004-10-30 11:07:28 UTC (rev 3390) @@ -22,6 +22,16 @@ #include "includes.h" +struct schannel_state { + TALLOC_CTX *mem_ctx; + uint8_t session_key[16]; + uint32_t seq_num; + BOOL initiator; +}; + +#define NETSEC_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 } +#define NETSEC_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 } + /******************************************************************* Encode or Decode the sequence number (which is symmetric) ********************************************************************/ @@ -209,13 +219,7 @@ netsec_deal_with_seq_num(state, digest_final, seq_num); - if (!state->signature.data) { - state->signature = data_blob_talloc(state->mem_ctx, NULL, 32); - if (!state->signature.data) { - return NT_STATUS_NO_MEMORY; - } - } - (*sig) = state->signature; + (*sig) = data_blob_talloc(state->mem_ctx, NULL, 32); memcpy(sig->data, netsec_sig, 8); memcpy(sig->data+8, seq_num, 8); @@ -252,13 +256,7 @@ netsec_deal_with_seq_num(state, digest_final, seq_num); - if (!state->signature.data) { - state->signature = data_blob_talloc(state->mem_ctx, NULL, 32); - if (!state->signature.data) { - return NT_STATUS_NO_MEMORY; - } - } - (*sig) = state->signature; + (*sig) = data_blob_talloc(state->mem_ctx, NULL, 32); memcpy(sig->data, netsec_sig, 8); memcpy(sig->data+8, seq_num, 8); @@ -307,7 +305,6 @@ (*state)->mem_ctx = mem_ctx; memcpy((*state)->session_key, session_key, 16); (*state)->initiator = initiator; - (*state)->signature = data_blob(NULL, 0); (*state)->seq_num = 0; return NT_STATUS_OK; Deleted: branches/SAMBA_4_0/source/libcli/auth/schannel.h =================================================================== --- branches/SAMBA_4_0/source/libcli/auth/schannel.h 2004-10-30 10:51:18 UTC (rev 3389) +++ branches/SAMBA_4_0/source/libcli/auth/schannel.h 2004-10-30 11:07:28 UTC (rev 3390) @@ -1,35 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - schannel library code - - Copyright (C) Andrew Tridgell 2004 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -struct schannel_state { - TALLOC_CTX *mem_ctx; - uint8_t session_key[16]; - uint32_t seq_num; - BOOL initiator; - DATA_BLOB signature; -}; - -#define NETSEC_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 } -#define NETSEC_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 } - Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_schannel.c =================================================================== --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_schannel.c 2004-10-30 10:51:18 UTC (rev 3389) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_schannel.c 2004-10-30 11:07:28 UTC (rev 3390) @@ -316,7 +316,6 @@ return status; } - dump_data_pw("session key:\n", dce_schan_state->schannel_state->session_key, 16); return NT_STATUS_OK; } Modified: branches/SAMBA_4_0/source/param/loadparm.c =================================================================== --- branches/SAMBA_4_0/source/param/loadparm.c 2004-10-30 10:51:18 UTC (rev 3389) +++ branches/SAMBA_4_0/source/param/loadparm.c 2004-10-30 11:07:28 UTC (rev 3390) @@ -1685,6 +1685,8 @@ ServicePtrs[i]->bPrint_ok = False; ServicePtrs[i]->bBrowseable = sDefault.bBrowseable; + lp_do_parameter(i, "ntvfs handler", "default"); + DEBUG(3, ("adding IPC service\n")); return (True);