[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-66-gb474600

Thu Oct 18 07:33:08 GMT 2007

The branch, v3-2-test has been updated
       via  b4746009735bf66b2578b884973c505b0363a79d (commit)
      from  315215e20e1e470c5077122a2e250ecb3d45ce9b (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit b4746009735bf66b2578b884973c505b0363a79d
Author: Volker Lendecke <vlendec at samba.org>
Date:   Mon Jun 5 20:38:21 2006 +0000

    r16050: Set the session key "SystemLibraryDTC" on ntlmssp binds. We only do INTEGRITY
    and PRIVACY, so no other cases to take care of so far...
    
    Andrew B., if you have time, could you take a look? This makes us survive the
    RPC-SAMBA3SESSIONKEY test.
    
    Volker
    (cherry picked from commit 25cc1e7ff15675b70001d1cb8d8584880650dd2e)

-----------------------------------------------------------------------

Summary of changes:
 source/rpc_server/srv_pipe.c |   24 ++++++++++++++++++++++--
 1 files changed, 22 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/rpc_server/srv_pipe.c b/source/rpc_server/srv_pipe.c
index 72ce72f..c213ec5 100644
--- a/source/rpc_server/srv_pipe.c
+++ b/source/rpc_server/srv_pipe.c
@@ -45,6 +45,11 @@ static void free_pipe_ntlmssp_auth_data(struct pipe_auth_data *auth)
 	auth->a_u.auth_ntlmssp_state = NULL;
 }
 
+static DATA_BLOB generic_session_key(void)
+{
+	return data_blob("SystemLibraryDTC", 16);
+}
+
 /*******************************************************************
  Generate the next PDU to be returned from the data in p->rdata. 
  Handle NTLMSSP.
@@ -668,11 +673,13 @@ static BOOL pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
 	p->pipe_user.ut.gid = a->server_info->gid;
 	
 	/*
-	 * Copy the session key from the ntlmssp state.
+	 * We're an authenticated bind over smbd, so the session key needs to
+	 * be set to "SystemLibraryDTC". Weird, but this is what Windows
+	 * does. See the RPC-SAMBA3SESSIONKEY.
 	 */
 
 	data_blob_free(&p->session_key);
-	p->session_key = data_blob(a->ntlmssp_state->session_key.data, a->ntlmssp_state->session_key.length);
+	p->session_key = generic_session_key();
 	if (!p->session_key.data) {
 		return False;
 	}
@@ -1351,8 +1358,21 @@ static BOOL pipe_schannel_auth_bind(pipes_struct *p, prs_struct *rpc_in_p,
 	 * JRA. Should we also copy the schannel session key into the pipe session key p->session_key
 	 * here ? We do that for NTLMSSP, but the session key is already set up from the vuser
 	 * struct of the person who opened the pipe. I need to test this further. JRA.
+	 *
+	 * VL. As we are mapping this to guest set the generic key
+	 * "SystemLibraryDTC" key here. It's a bit difficult to test against
+	 * W2k3, as it does not allow schannel binds against SAMR and LSA
+	 * anymore.
 	 */
 
+	data_blob_free(&p->session_key);
+	p->session_key = generic_session_key();
+	if (p->session_key.data == NULL) {
+		DEBUG(0, ("pipe_schannel_auth_bind: Could not alloc session"
+			  " key\n"));
+		return False;
+	}
+
 	init_rpc_hdr_auth(&auth_info, RPC_SCHANNEL_AUTH_TYPE, pauth_info->auth_level, RPC_HDR_AUTH_LEN, 1);
 	if(!smb_io_rpc_hdr_auth("", &auth_info, pout_auth, 0)) {
 		DEBUG(0,("pipe_schannel_auth_bind: marshalling of RPC_HDR_AUTH failed.\n"));


-- 
Samba Shared Repository
