static NTSTATUS add_schannel_auth_footer(struct schannel_state *sas, enum dcerpc_AuthLevel auth_level, DATA_BLOB *rpc_out) { uint8_t *data_p = rpc_out->data + DCERPC_RESPONSE_LENGTH; size_t data_and_pad_len = rpc_out->length - DCERPC_RESPONSE_LENGTH - DCERPC_AUTH_TRAILER_LENGTH; DATA_BLOB auth_blob; NTSTATUS status; if (!sas) { return NT_STATUS_INVALID_PARAMETER; } DEBUG(10,("add_schannel_auth_footer: SCHANNEL seq_num=%d\n", sas->seq_num)); switch (auth_level) { case DCERPC_AUTH_LEVEL_PRIVACY: status = netsec_outgoing_packet(sas, rpc_out->data, true, data_p, data_and_pad_len, &auth_blob); break; case DCERPC_AUTH_LEVEL_INTEGRITY: status = netsec_outgoing_packet(sas, rpc_out->data, false, data_p, data_and_pad_len, &auth_blob); break; default: status = NT_STATUS_INTERNAL_ERROR; break; } if (!NT_STATUS_IS_OK(status)) { DEBUG(1,("add_schannel_auth_footer: failed to process packet: %s\n", nt_errstr(status))); return status; } if (DEBUGLEVEL >= 10) { dump_NL_AUTH_SIGNATURE(talloc_tos(), &auth_blob); } /* Finally attach the blob. */ if (!data_blob_append(NULL, rpc_out, auth_blob.data, auth_blob.length)) { return NT_STATUS_NO_MEMORY; } data_blob_free(&auth_blob); return NT_STATUS_OK; }
/* seal a packet */ static NTSTATUS schannel_seal_packet(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx, uint8_t *data, size_t length, const uint8_t *whole_pdu, size_t pdu_length, DATA_BLOB *sig) { struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state); return netsec_outgoing_packet(state, mem_ctx, true, data, length, sig); }