r13407: Change the credentials code to be more like the Samba4 structure,

makes fixes much easier to port. Fix the size of dc->sess_key to
be 16 bytes, not 8 bytes - only store 8 bytes in the inter-smbd
store in secrets.tdb though. Should fix some uses of the dc->sess_key
where we where assuming we could read 16 bytes.
Jeremy.
(This used to be commit 5b3c2e63c73fee8949108abe19ac7a448a033a7f)

2 files changed, 10 insertions, 3 deletions

diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index a30b724372..82e212c0ca 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -140,7 +140,7 @@ struct dcinfo {
 	DOM_CHAL clnt_chal; /* Client credential */
 	DOM_CHAL srv_chal;  /* Server credential */
  
-	uchar  sess_key[8]; /* Session key */
+	uchar  sess_key[16]; /* Session key - 8 bytes followed by 8 zero bytes */
 	uchar  mach_pw[16];   /* md4(machine password) */
 
 	fstring mach_acct;  /* Machine name we've authenticated. */
diff --git a/source3/include/rpc_dce.h b/source3/include/rpc_dce.h
index e718d92271..218cad336d 100644
--- a/source3/include/rpc_dce.h
+++ b/source3/include/rpc_dce.h
@@ -90,12 +90,19 @@ enum RPC_PKT_TYPE {
 #define RPC_AUTH_SCHANNEL_SIGN_ONLY_CHK_LEN 	0x18
 
 
+#define NETLOGON_EXTRA_SIDS			    0x0020
+#define NETLOGON_RESOURCE_GROUPS		    0x0200
+#define NETLOGON_NEG_ARCFOUR			0x00000004
+#define NETLOGON_NEG_128BIT			0x00004000
+#define NETLOGON_NEG_SCHANNEL			0x40000000
+
 /* The 7 here seems to be required to get Win2k not to downgrade us
    to NT4.  Actually, anything other than 1ff would seem to do... */
 #define NETLOGON_NEG_AUTH2_FLAGS 0x000701ff
- 
-#define NETLOGON_NEG_SCHANNEL    		0x40000000
 #define NETLOGON_NEG_DOMAIN_TRUST_ACCOUNT	0x2010b000
+ 
+/* these are the flags that ADS clients use */
+#define NETLOGON_NEG_AUTH2_ADS_FLAGS (0x200fbffb | NETLOGON_NEG_ARCFOUR | NETLOGON_NEG_128BIT | NETLOGON_NEG_SCHANNEL)
 
 enum schannel_direction {
 	SENDER_IS_INITIATOR,