[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-test-2291-gea0bf74
Günther Deschner
gd at samba.org
Fri Feb 15 19:59:43 GMT 2008
The branch, v3-2-test has been updated
via ea0bf74918e7b009439452ea14ed68b0ce620787 (commit)
from 2c54ef2d07ab440f1c163b666caedcb9c061543b (commit)
http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit ea0bf74918e7b009439452ea14ed68b0ce620787
Author: Günther Deschner <gd at samba.org>
Date: Fri Feb 15 17:30:38 2008 +0100
Add netlogon_creds_server_check and netlogon_creds_server_step.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/libsmb/credentials.c | 45 +++++++++++++++++++++++++++++++++++++++++++
1 files changed, 45 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/libsmb/credentials.c b/source/libsmb/credentials.c
index f03bf22..0043f4e 100644
--- a/source/libsmb/credentials.c
+++ b/source/libsmb/credentials.c
@@ -225,6 +225,21 @@ bool creds_server_check(const struct dcinfo *dc, const DOM_CHAL *rcv_cli_chal_in
return True;
}
+bool netlogon_creds_server_check(const struct dcinfo *dc,
+ const struct netr_Credential *rcv_cli_chal_in)
+{
+ if (memcmp(dc->clnt_chal.data, rcv_cli_chal_in->data, 8)) {
+ DEBUG(5,("netlogon_creds_server_check: challenge : %s\n",
+ credstr(rcv_cli_chal_in->data)));
+ DEBUG(5,("calculated: %s\n", credstr(dc->clnt_chal.data)));
+ DEBUG(2,("netlogon_creds_server_check: credentials check failed.\n"));
+ return false;
+ }
+
+ DEBUG(10,("netlogon_creds_server_check: credentials check OK.\n"));
+
+ return true;
+}
/****************************************************************************
Replace current seed chal. Internal function - due to split server step below.
****************************************************************************/
@@ -273,6 +288,36 @@ bool creds_server_step(struct dcinfo *dc, const DOM_CRED *received_cred, DOM_CRE
return True;
}
+bool netlogon_creds_server_step(struct dcinfo *dc,
+ const struct netr_Authenticator *received_cred,
+ struct netr_Authenticator *cred_out)
+{
+ bool ret;
+ struct dcinfo tmp_dc = *dc;
+
+ /* Do all operations on a temporary copy of the dc,
+ which we throw away if the checks fail. */
+
+ tmp_dc.sequence = received_cred->timestamp;
+
+ creds_step(&tmp_dc);
+
+ /* Create the outgoing credentials */
+ cred_out->timestamp = tmp_dc.sequence + 1;
+ memcpy(&cred_out->cred, &tmp_dc.srv_chal, sizeof(cred_out->cred));
+
+ creds_reseed(&tmp_dc);
+
+ ret = netlogon_creds_server_check(&tmp_dc, &received_cred->cred);
+ if (!ret) {
+ return false;
+ }
+
+ /* creds step succeeded - replace the current creds. */
+ *dc = tmp_dc;
+ return true;
+}
+
/****************************************************************************
Create a client credential struct.
****************************************************************************/
--
Samba Shared Repository
More information about the samba-cvs
mailing list