1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

libcli/auth: pass auth_{type,level} to netlogon_creds_{de,en}crypt_samlogon_logon()

This will be needed when we implement netr_ServerAuthenticateKerberos...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This commit is contained in:
Stefan Metzmacher 2024-10-28 12:55:12 +01:00 committed by Douglas Bagnall
parent a56356e399
commit 3d4ea276bd
5 changed files with 38 additions and 10 deletions

View File

@ -976,6 +976,8 @@ NTSTATUS netlogon_creds_encrypt_samlogon_validation(struct netlogon_creds_Creden
static NTSTATUS netlogon_creds_crypt_samlogon_logon(struct netlogon_creds_CredentialState *creds,
enum netr_LogonInfoClass level,
union netr_LogonLevel *logon,
enum dcerpc_AuthType auth_type,
enum dcerpc_AuthLevel auth_level,
bool do_encrypt)
{
NTSTATUS status;
@ -1121,16 +1123,30 @@ static NTSTATUS netlogon_creds_crypt_samlogon_logon(struct netlogon_creds_Creden
NTSTATUS netlogon_creds_decrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds,
enum netr_LogonInfoClass level,
union netr_LogonLevel *logon)
union netr_LogonLevel *logon,
enum dcerpc_AuthType auth_type,
enum dcerpc_AuthLevel auth_level)
{
return netlogon_creds_crypt_samlogon_logon(creds, level, logon, false);
return netlogon_creds_crypt_samlogon_logon(creds,
level,
logon,
auth_type,
auth_level,
false);
}
NTSTATUS netlogon_creds_encrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds,
enum netr_LogonInfoClass level,
union netr_LogonLevel *logon)
union netr_LogonLevel *logon,
enum dcerpc_AuthType auth_type,
enum dcerpc_AuthLevel auth_level)
{
return netlogon_creds_crypt_samlogon_logon(creds, level, logon, true);
return netlogon_creds_crypt_samlogon_logon(creds,
level,
logon,
auth_type,
auth_level,
true);
}
union netr_LogonLevel *netlogon_creds_shallow_copy_logon(TALLOC_CTX *mem_ctx,

View File

@ -2738,7 +2738,9 @@ static void netlogon_creds_cli_LogonSamLogon_start(struct tevent_req *req)
status = netlogon_creds_encrypt_samlogon_logon(state->ro_creds,
state->logon_level,
state->logon);
state->logon,
auth_type,
auth_level);
if (!NT_STATUS_IS_OK(status)) {
status = NT_STATUS_ACCESS_DENIED;
tevent_req_nterror(req, status);
@ -2802,7 +2804,9 @@ static void netlogon_creds_cli_LogonSamLogon_start(struct tevent_req *req)
status = netlogon_creds_encrypt_samlogon_logon(&state->tmp_creds,
state->logon_level,
state->logon);
state->logon,
auth_type,
auth_level);
if (tevent_req_nterror(req, status)) {
netlogon_creds_cli_LogonSamLogon_cleanup(req, status);
return;

View File

@ -88,10 +88,14 @@ NTSTATUS netlogon_creds_encrypt_samlogon_validation(struct netlogon_creds_Creden
enum dcerpc_AuthLevel auth_level);
NTSTATUS netlogon_creds_decrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds,
enum netr_LogonInfoClass level,
union netr_LogonLevel *logon);
union netr_LogonLevel *logon,
enum dcerpc_AuthType auth_type,
enum dcerpc_AuthLevel auth_level);
NTSTATUS netlogon_creds_encrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds,
enum netr_LogonInfoClass level,
union netr_LogonLevel *logon);
union netr_LogonLevel *logon,
enum dcerpc_AuthType auth_type,
enum dcerpc_AuthLevel auth_level);
union netr_LogonLevel *netlogon_creds_shallow_copy_logon(TALLOC_CTX *mem_ctx,
enum netr_LogonInfoClass level,
const union netr_LogonLevel *in);

View File

@ -1765,7 +1765,9 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
status = netlogon_creds_decrypt_samlogon_logon(creds,
r->in.logon_level,
logon);
logon,
auth_type,
auth_level);
if (!NT_STATUS_IS_OK(status)) {
return status;
}

View File

@ -1387,7 +1387,9 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base_call(struct dcesrv_netr_LogonSamL
nt_status = netlogon_creds_decrypt_samlogon_logon(creds,
r->in.logon_level,
r->in.logon);
r->in.logon,
auth_type,
auth_level);
NT_STATUS_NOT_OK_RETURN(nt_status);
switch (r->in.logon_level) {