svn commit: samba r10764 - in branches/SAMBA_4_0/source:
auth/gensec rpc_server/lsa torture/rpc
abartlet at samba.org
abartlet at samba.org
Thu Oct 6 11:15:24 GMT 2005
Author: abartlet
Date: 2005-10-06 11:15:20 +0000 (Thu, 06 Oct 2005)
New Revision: 10764
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10764
Log:
To match Win2k3 SP1, we need to set an anonymous user token for
schannel connections.
Test for Win2k3 SP1 behaviour in RPC-SCHANNEL.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/auth/gensec/schannel.c
branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c
branches/SAMBA_4_0/source/torture/rpc/schannel.c
Changeset:
Modified: branches/SAMBA_4_0/source/auth/gensec/schannel.c
===================================================================
--- branches/SAMBA_4_0/source/auth/gensec/schannel.c 2005-10-06 10:29:28 UTC (rev 10763)
+++ branches/SAMBA_4_0/source/auth/gensec/schannel.c 2005-10-06 11:15:20 UTC (rev 10764)
@@ -160,23 +160,34 @@
/**
- * Return the credentials of a logged on user, including session keys
- * etc.
+ * Returns anonymous credentials for schannel, matching Win2k3.
*
- * Only valid after a successful authentication
- *
- * May only be called once per authentication.
- *
*/
static NTSTATUS schannel_session_info(struct gensec_security *gensec_security,
- struct auth_session_info **session_info)
+ struct auth_session_info **_session_info)
{
- (*session_info) = talloc(gensec_security, struct auth_session_info);
- NT_STATUS_HAVE_NO_MEMORY(*session_info);
+ NTSTATUS nt_status;
+ struct schannel_state *state = gensec_security->private_data;
+ struct auth_serversupplied_info *server_info = NULL;
+ struct auth_session_info *session_info = NULL;
+ TALLOC_CTX *mem_ctx = talloc_new(state);
+
+ nt_status = auth_anonymous_server_info(mem_ctx,
+ &server_info);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ talloc_free(mem_ctx);
+ return nt_status;
+ }
- ZERO_STRUCTP(*session_info);
+ /* references the server_info into the session_info */
+ nt_status = auth_generate_session_info(state, server_info, &session_info);
+ talloc_free(mem_ctx);
+ NT_STATUS_NOT_OK_RETURN(nt_status);
+
+ *_session_info = session_info;
+
return NT_STATUS_OK;
}
Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2005-10-06 10:29:28 UTC (rev 10763)
+++ branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2005-10-06 11:15:20 UTC (rev 10764)
@@ -2404,7 +2404,7 @@
lsa_GetUserName
*/
static NTSTATUS lsa_GetUserName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct lsa_GetUserName *r)
+ struct lsa_GetUserName *r)
{
NTSTATUS status = NT_STATUS_OK;
const char *account_name;
Modified: branches/SAMBA_4_0/source/torture/rpc/schannel.c
===================================================================
--- branches/SAMBA_4_0/source/torture/rpc/schannel.c 2005-10-06 10:29:28 UTC (rev 10763)
+++ branches/SAMBA_4_0/source/torture/rpc/schannel.c 2005-10-06 11:15:20 UTC (rev 10764)
@@ -112,9 +112,9 @@
return False;
}
- if (strcmp(r.out.account_name->string, "SYSTEM") != 0) {
+ if (strcmp(r.out.account_name->string, "ANONYMOUS LOGON") != 0) {
printf("GetUserName returned wrong user: %s, expected %s\n",
- r.out.account_name->string, "SYSTEM");
+ r.out.account_name->string, "ANONYMOUS LOGON");
return False;
}
if (!r.out.authority_name || !r.out.authority_name->string) {
More information about the samba-cvs
mailing list