svn commit: samba r2280 - in branches/SAMBA_4_0/source/rpc_server: . samr

Sat Sep 11 12:32:06 GMT 2004

Author: tridge
Date: 2004-09-11 12:32:05 +0000 (Sat, 11 Sep 2004)
New Revision: 2280

WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/branches/SAMBA_4_0/source/rpc_server&rev=2280&nolog=1

Log:
fixed the session key choice for ncacn_np and ncacn_ip_tcp in the rpc server


Modified:
   branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c
   branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h
   branches/SAMBA_4_0/source/rpc_server/dcerpc_tcp.c
   branches/SAMBA_4_0/source/rpc_server/samr/samr_password.c


Changeset:
Modified: branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c
===================================================================

--- branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c	2004-09-10 16:15:29 UTC (rev 2279)
+++ branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c	2004-09-11 12:32:05 UTC (rev 2280)
@@ -300,6 +300,7 @@
 
 	session_info->refcount++;
 	(*dce_conn_p)->auth_state.session_info = session_info;
+	(*dce_conn_p)->transport_session_key = session_info->session_key;
 
 	/* TODO: check security descriptor of the endpoint here 
 	 *       if it's a smb named pipe
@@ -763,15 +764,16 @@
 		return status;
 	}
 
-	dce_partial_advance(dce_conn, blob.length);
-
 	/* we have to check the signing here, before combining the
 	   pdus */
 	if (call->pkt.ptype == DCERPC_PKT_REQUEST &&
-	    !dcesrv_auth_request(call)) {
+	    !dcesrv_auth_request(call, &blob)) {
+		dce_partial_advance(dce_conn, blob.length);
 		return dcesrv_fault(call, DCERPC_FAULT_LOGON_FAILURE);		
 	}
 
+	dce_partial_advance(dce_conn, blob.length);
+
 	/* see if this is a continued packet */
 	if (!(call->pkt.pfc_flags & DCERPC_PFC_FLAG_FIRST)) {
 		struct dcesrv_call_state *call2 = call;

Modified: branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h	2004-09-10 16:15:29 UTC (rev 2279)
+++ branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h	2004-09-11 12:32:05 UTC (rev 2280)
@@ -134,6 +134,9 @@
 	struct dcesrv_auth auth_state;
 
 	struct server_connection *srv_conn;
+
+	/* the transport level session key */
+	DATA_BLOB transport_session_key;
 };
 
 

Modified: branches/SAMBA_4_0/source/rpc_server/dcerpc_tcp.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/dcerpc_tcp.c	2004-09-10 16:15:29 UTC (rev 2279)
+++ branches/SAMBA_4_0/source/rpc_server/dcerpc_tcp.c	2004-09-11 12:32:05 UTC (rev 2280)
@@ -124,8 +124,6 @@
 
 	DEBUG(5,("dcesrv_tcp_accept\n"));
 
-
-
 	status = dcesrv_endpoint_connect(dcesrv_sock->dcesrv_ctx, dcesrv_sock->endpoint, &dcesrv_conn);
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0,("dcesrv_tcp_accept: dcesrv_endpoint_connect failed: %s\n", 
@@ -135,6 +133,8 @@
 
 	dcesrv_conn->srv_conn = conn;
 
+	dcesrv_conn->transport_session_key = data_blob_talloc(dcesrv_conn, "SystemLibraryDTC", 16);
+
 	conn->private_data = dcesrv_conn;
 
 	/* TODO: this should to the generic code

Modified: branches/SAMBA_4_0/source/rpc_server/samr/samr_password.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/samr/samr_password.c	2004-09-10 16:15:29 UTC (rev 2279)
+++ branches/SAMBA_4_0/source/rpc_server/samr/samr_password.c	2004-09-11 12:32:05 UTC (rev 2280)
@@ -683,12 +683,8 @@
 	uint32_t new_pass_len;
 	DATA_BLOB session_key = data_blob(NULL, 0);
 
-	session_key = data_blob(NULL,0);
+	session_key = dce_call->conn->transport_session_key;
 
-	if (dce_call->conn->auth_state.session_info) {	
-		session_key = dce_call->conn->auth_state.session_info->session_key;
-	}
-
 	if (session_key.length == 0) {
 		DEBUG(3,("Bad session key in samr_set_password\n"));
 		return NT_STATUS_NO_USER_SESSION_KEY;
@@ -731,12 +727,8 @@
 	DATA_BLOB session_key = data_blob(NULL, 0);
 	struct MD5Context ctx;
 
-	session_key = data_blob(NULL,0);
+	session_key = dce_call->conn->transport_session_key;
 
-	if (dce_call->conn->auth_state.session_info) {	
-		session_key = dce_call->conn->auth_state.session_info->session_key;
-	}
-
 	if (session_key.length == 0) {
 		DEBUG(3,("Bad session key in samr_set_password\n"));
 		return NT_STATUS_NO_USER_SESSION_KEY;

