summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-09-12 03:18:24 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:58:40 -0500
commit15a96c42985c9bb4778a16160290220a935d99bd (patch)
tree3ca0bd98be270465d8be1596ccd684d33ca60ad1
parent67c37a3b8ed9a0c9b5cc95ba03a921cf32e3cf3f (diff)
downloadsamba-15a96c42985c9bb4778a16160290220a935d99bd.tar.gz
samba-15a96c42985c9bb4778a16160290220a935d99bd.tar.bz2
samba-15a96c42985c9bb4778a16160290220a935d99bd.zip
r2290: Fix 'lsakey' for the server-side, it is static for
'authenticated' connections. Fix kerberos session key issues - we need to call the routine for extracting the session key, not just read the cache. Andrew Bartlett (This used to be commit b80d849b6b586869fc7d3d4153db1a316f2867a9)
-rw-r--r--source4/libcli/auth/gensec_krb5.c6
-rw-r--r--source4/rpc_server/dcerpc_server.c32
-rw-r--r--source4/rpc_server/dcerpc_server.h1
-rw-r--r--source4/rpc_server/dcerpc_tcp.c2
-rw-r--r--source4/rpc_server/dcesrv_auth.c5
-rw-r--r--source4/rpc_server/samr/samr_password.c18
6 files changed, 47 insertions, 17 deletions
diff --git a/source4/libcli/auth/gensec_krb5.c b/source4/libcli/auth/gensec_krb5.c
index 4a97d51c40..5dbdf56b03 100644
--- a/source4/libcli/auth/gensec_krb5.c
+++ b/source4/libcli/auth/gensec_krb5.c
@@ -682,15 +682,13 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
session_info->nt_user_token = NULL;
}
- session_info->session_key = data_blob_talloc(session_info->mem_ctx,
- gensec_krb5_state->session_key.data,
- gensec_krb5_state->session_key.length);
+ nt_status = gensec_krb5_session_key(gensec_security, &session_info->session_key);
session_info->workstation = NULL;
*session_info_out = session_info;
- return NT_STATUS_OK;
+ return nt_status;
}
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c
index ba8d2bd835..4c460d377a 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -239,6 +239,35 @@ NTSTATUS dcesrv_interface_register(struct dcesrv_context *dce_ctx,
return NT_STATUS_OK;
}
+static NTSTATUS dcesrv_inherited_session_key(struct dcesrv_connection *p,
+ DATA_BLOB *session_key)
+{
+ if (p->auth_state.session_info->session_key.length) {
+ *session_key = p->auth_state.session_info->session_key;
+ return NT_STATUS_OK;
+ }
+ return NT_STATUS_NO_USER_SESSION_KEY;
+}
+
+NTSTATUS dcesrv_generic_session_key(struct dcesrv_connection *p,
+ DATA_BLOB *session_key)
+{
+ /* this took quite a few CPU cycles to find ... */
+ session_key->data = "SystemLibraryDTC";
+ session_key->length = 16;
+ return NT_STATUS_OK;
+}
+
+/*
+ fetch the user session key - may be default (above) or the SMB session key
+*/
+NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p,
+ DATA_BLOB *session_key)
+{
+ return p->auth_state.session_key(p, session_key);
+}
+
+
/*
connect to a dcerpc endpoint
*/
@@ -271,6 +300,7 @@ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
(*p)->auth_state.auth_info = NULL;
(*p)->auth_state.gensec_security = NULL;
(*p)->auth_state.session_info = NULL;
+ (*p)->auth_state.session_key = dcesrv_generic_session_key;
(*p)->srv_conn = NULL;
return NT_STATUS_OK;
@@ -300,7 +330,7 @@ NTSTATUS dcesrv_endpoint_search_connect(struct dcesrv_context *dce_ctx,
session_info->refcount++;
(*dce_conn_p)->auth_state.session_info = session_info;
- (*dce_conn_p)->transport_session_key = session_info->session_key;
+ (*dce_conn_p)->auth_state.session_key = dcesrv_inherited_session_key;
/* TODO: check security descriptor of the endpoint here
* if it's a smb named pipe
diff --git a/source4/rpc_server/dcerpc_server.h b/source4/rpc_server/dcerpc_server.h
index 0a7ccdaed8..fd009f6219 100644
--- a/source4/rpc_server/dcerpc_server.h
+++ b/source4/rpc_server/dcerpc_server.h
@@ -99,6 +99,7 @@ struct dcesrv_auth {
struct dcerpc_auth *auth_info;
struct gensec_security *gensec_security;
struct auth_session_info *session_info;
+ NTSTATUS (*session_key)(struct dcesrv_connection *, DATA_BLOB *session_key);
};
diff --git a/source4/rpc_server/dcerpc_tcp.c b/source4/rpc_server/dcerpc_tcp.c
index 3d51ecc51d..a3290e0170 100644
--- a/source4/rpc_server/dcerpc_tcp.c
+++ b/source4/rpc_server/dcerpc_tcp.c
@@ -133,8 +133,6 @@ void dcesrv_tcp_accept(struct server_connection *conn)
dcesrv_conn->srv_conn = conn;
- dcesrv_conn->transport_session_key = data_blob_talloc(dcesrv_conn, "SystemLibraryDTC", 16);
-
conn->private_data = dcesrv_conn;
/* TODO: this should to the generic code
diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c
index ea029d4d7d..ace5da992d 100644
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -128,6 +128,9 @@ BOOL dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct dcerpc_packet *
DEBUG(1, ("Failed to establish session_info: %s\n", nt_errstr(status)));
return False;
}
+
+ /* Now that we are authenticated, got back to the generic session key... */
+ dce_conn->auth_state.session_key = dcesrv_generic_session_key;
return True;
} else if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
dce_conn->auth_state.auth_info->auth_pad_length = 0;
@@ -176,6 +179,8 @@ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call)
DEBUG(1, ("Failed to establish session_info: %s\n", nt_errstr(status)));
return False;
}
+ /* Now that we are authenticated, got back to the generic session key... */
+ dce_conn->auth_state.session_key = dcesrv_generic_session_key;
return True;
} else {
DEBUG(4, ("dcesrv_auth_auth3: failed to authenticate: %s\n",
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index 436a53b7d9..3347787425 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -679,15 +679,14 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call,
struct ldb_message *msg,
struct samr_CryptPassword *pwbuf)
{
+ NTSTATUS nt_status;
char new_pass[512];
uint32_t new_pass_len;
DATA_BLOB session_key = data_blob(NULL, 0);
- session_key = dce_call->conn->transport_session_key;
-
- if (session_key.length == 0) {
- DEBUG(3,("Bad session key in samr_set_password\n"));
- return NT_STATUS_NO_USER_SESSION_KEY;
+ nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
}
arcfour_crypt_blob(pwbuf->data, 516, &session_key);
@@ -721,17 +720,16 @@ NTSTATUS samr_set_password_ex(struct dcesrv_call_state *dce_call,
struct ldb_message *msg,
struct samr_CryptPasswordEx *pwbuf)
{
+ NTSTATUS nt_status;
char new_pass[512];
uint32_t new_pass_len;
DATA_BLOB co_session_key;
DATA_BLOB session_key = data_blob(NULL, 0);
struct MD5Context ctx;
- session_key = dce_call->conn->transport_session_key;
-
- if (session_key.length == 0) {
- DEBUG(3,("Bad session key in samr_set_password\n"));
- return NT_STATUS_NO_USER_SESSION_KEY;
+ nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
}
co_session_key = data_blob_talloc(mem_ctx, NULL, 16);