auth use info3 in auth_serversupplied_info (source3/)
simo
idra at samba.org
Thu May 27 18:24:38 MDT 2010
On Fri, 2010-05-28 at 10:17 +1000, Andrew Bartlett wrote:
> On Thu, 2010-05-27 at 19:49 -0400, simo wrote:
> /* This is the final session key, as used by SMB signing, and (truncated
> to 16 bytes) encryption on the SAMR and LSA pipes when over ncacn_np.
> It is calculated by NTLMSSP from the session key in the info3, and is
> set from the Kerberos session key using krb5_auth_con_getremotesubkey().
> */
Should we add this comment to the auth_serversupplied_info structure ?
> Yes and no. The conversion two and from the samu invoked this code, and
> from the comments deliberately so. By short-cutting it, I think we have
> changed semantics.
>
> It is a horrible violation of abstraction, and I really want it to die,
> but I first want to bring it to your attention :-)
I will check if that is still the case, testing didn't reveal any issue,
but our test do not cover all cases indeed.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>
More information about the samba-technical
mailing list