s3-rpc: Decrypt with the proper session key in CreateTrustedDomainEx2.
Andreas Schneider
asn at cryptomilk.org
Tue Mar 13 14:54:44 MDT 2012
On Tuesday 13 March 2012 11:28:39 Jeremy Allison wrote:
> On Tue, Mar 13, 2012 at 12:24:03PM +0100, Andreas Schneider wrote:
> > The branch, master has been updated
> >
> > via 7d4ed89 s3-rpc: Decrypt with the proper session key in
> > CreateTrustedDomainEx2.>
> > from e25f830 selftest: samba3.smbtorture_s3.LOCAL-TALLOC-DICT works
> > now
> >
> > http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
> >
> >
> > - Log -----------------------------------------------------------------
> > commit 7d4ed899831a853ec2eef8dcd82d74fdbf568f0e
> > Author: Alexander Bokovoy <ab at samba.org>
> > Date: Fri Mar 2 16:18:16 2012 +0200
> >
> > s3-rpc: Decrypt with the proper session key in CreateTrustedDomainEx2.
> >
> > On LSA and SAMR pipes session_key is truncated to 16 byte when doing
> > encryption/decryption. However, this was not done for trusted
> > domain-related modifying operations.
> >
> > As result, Samba 4 client libraries do not work against Samba 3 while
> > working against Windows 2008 r2.
> >
> > Solved this by introducing "session_extract_session_key()" function
> > that allows to specify intent of use of the key.
> >
> > Signed-off-by: Andreas Schneider <asn at samba.org>
> >
> > Autobuild-User: Andreas Schneider <asn at cryptomilk.org>
> > Autobuild-Date: Tue Mar 13 12:23:44 CET 2012 on sn-devel-104
>
> I think this one needs to be in 3.6.x also.
>
> Do we have a bug report to log it against ?
No, we don't. But I can take care of it.
-- andreas
--
Andreas Schneider GPG-ID: F33E3FC6
www.cryptomilk.org asn at cryptomilk.org
More information about the samba-technical
mailing list