diff options
| author | Günther Deschner <gd@samba.org> | 2016-03-11 16:04:52 +0100 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2016-03-14 16:19:23 +0100 |
| commit | e0da059b39f9dd5ccb74f32f965e1ced384c77eb (patch) | |
| tree | e1f10bcd8a4f145efa8798f0ae5ede704157ee10 /source3 | |
| parent | 4a49f6fac9d6c77d1eedf914308e67eb6e2baa8d (diff) | |
| download | samba-e0da059b39f9dd5ccb74f32f965e1ced384c77eb.tar.gz | |
s3:libnet:libnet_join: define list of desired encryption types only once.
Guenther
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11755
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/libads/ads_proto.h | 6 | ||||
| -rw-r--r-- | source3/libads/ldap.c | 14 | ||||
| -rw-r--r-- | source3/libnet/libnet_join.c | 24 |
3 files changed, 22 insertions, 22 deletions
diff --git a/source3/libads/ads_proto.h b/source3/libads/ads_proto.h index 1399f41fbf7..425c352476c 100644 --- a/source3/libads/ads_proto.h +++ b/source3/libads/ads_proto.h @@ -97,8 +97,10 @@ ADS_STATUS ads_get_service_principal_names(TALLOC_CTX *mem_ctx, ADS_STATUS ads_clear_service_principal_names(ADS_STRUCT *ads, const char *machine_name); ADS_STATUS ads_add_service_principal_name(ADS_STRUCT *ads, const char *machine_name, const char *my_fqdn, const char *spn); -ADS_STATUS ads_create_machine_acct(ADS_STRUCT *ads, const char *machine_name, - const char *org_unit); +ADS_STATUS ads_create_machine_acct(ADS_STRUCT *ads, + const char *machine_name, + const char *org_unit, + uint32_t etype_list); ADS_STATUS ads_move_machine_acct(ADS_STRUCT *ads, const char *machine_name, const char *org_unit, bool *moved); int ads_count_replies(ADS_STRUCT *ads, void *res); diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 10cdae49d0c..86191a12783 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -2077,8 +2077,10 @@ ADS_STATUS ads_add_service_principal_name(ADS_STRUCT *ads, const char *machine_n * @return 0 upon success, or non-zero otherwise **/ -ADS_STATUS ads_create_machine_acct(ADS_STRUCT *ads, const char *machine_name, - const char *org_unit) +ADS_STATUS ads_create_machine_acct(ADS_STRUCT *ads, + const char *machine_name, + const char *org_unit, + uint32_t etype_list) { ADS_STATUS ret; char *samAccountName, *controlstr; @@ -2130,16 +2132,8 @@ ADS_STATUS ads_create_machine_acct(ADS_STRUCT *ads, const char *machine_name, ads_mod_str(ctx, &mods, "userAccountControl", controlstr); if (func_level >= DS_DOMAIN_FUNCTION_2008) { - uint32_t etype_list = ENC_CRC32 | ENC_RSA_MD5 | ENC_RC4_HMAC_MD5; const char *etype_list_str; -#ifdef HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96 - etype_list |= ENC_HMAC_SHA1_96_AES128; -#endif -#ifdef HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96 - etype_list |= ENC_HMAC_SHA1_96_AES256; -#endif - etype_list_str = talloc_asprintf(ctx, "%d", (int)etype_list); if (etype_list_str == NULL) { goto done; diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 6b9be5e153d..c72172ad97b 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -318,7 +318,8 @@ static ADS_STATUS libnet_join_precreate_machine_acct(TALLOC_CTX *mem_ctx, status = ads_create_machine_acct(r->in.ads, r->in.machine_name, - r->in.account_ou); + r->in.account_ou, + r->in.desired_encryption_types); if (ADS_ERR_OK(status)) { DEBUG(1,("machine account creation created\n")); @@ -684,17 +685,10 @@ static ADS_STATUS libnet_join_set_etypes(TALLOC_CTX *mem_ctx, { ADS_STATUS status; ADS_MODLIST mods; - uint32_t etype_list = ENC_CRC32 | ENC_RSA_MD5 | ENC_RC4_HMAC_MD5; const char *etype_list_str; -#ifdef HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96 - etype_list |= ENC_HMAC_SHA1_96_AES128; -#endif -#ifdef HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96 - etype_list |= ENC_HMAC_SHA1_96_AES256; -#endif - - etype_list_str = talloc_asprintf(mem_ctx, "%d", etype_list); + etype_list_str = talloc_asprintf(mem_ctx, "%d", + r->in.desired_encryption_types); if (!etype_list_str) { return ADS_ERROR(LDAP_NO_MEMORY); } @@ -2135,6 +2129,16 @@ WERROR libnet_init_JoinCtx(TALLOC_CTX *mem_ctx, ctx->in.secure_channel_type = SEC_CHAN_WKSTA; + ctx->in.desired_encryption_types = ENC_CRC32 | + ENC_RSA_MD5 | + ENC_RC4_HMAC_MD5; +#ifdef HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96 + ctx->in.desired_encryption_types |= ENC_HMAC_SHA1_96_AES128; +#endif +#ifdef HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96 + ctx->in.desired_encryption_types |= ENC_HMAC_SHA1_96_AES256; +#endif + *r = ctx; return WERR_OK; |