summaryrefslogtreecommitdiff
path: root/source3/include
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-07-26 13:46:25 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-08-03 18:48:04 +1000
commitef69e140d817688c6bba1b40713001f316421754 (patch)
tree93fd3dbd5c2d1bff149d488de110ae8768c1ac46 /source3/include
parent1aced1e989a9fb052ee67e302e59df1113e6bd79 (diff)
downloadsamba-ef69e140d817688c6bba1b40713001f316421754.tar.gz
samba-ef69e140d817688c6bba1b40713001f316421754.tar.bz2
samba-ef69e140d817688c6bba1b40713001f316421754.zip
s3-auth clarify the role of these session keys
This comment can be clarified now the auth subsystem does not use the same structure as the rest of the code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3/include')
-rw-r--r--source3/include/auth.h14
1 files changed, 6 insertions, 8 deletions
diff --git a/source3/include/auth.h b/source3/include/auth.h
index be23adb4a7..f7422f0600 100644
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -38,14 +38,12 @@ struct auth_serversupplied_info {
struct security_token *security_token;
- /* This is the final session key, as used by SMB signing, and
- * (truncated to 16 bytes) encryption on the SAMR and LSA pipes
- * when over ncacn_np.
- * It is calculated by NTLMSSP from the session key in the info3,
- * and is set from the Kerberos session key using
- * krb5_auth_con_getremotesubkey().
- *
- * Bottom line, it is not the same as the session keys in info3.
+ /* These are the intermediate session keys, as provided by a
+ * NETLOGON server and used by NTLMSSP to negotiate key
+ * exchange etc (which will provide the session_key in the
+ * auth_session_info). It is usually the same as the keys in
+ * the info3, but is a variable length structure here to allow
+ * it to be omitted if the auth module does not know it.
*/
DATA_BLOB session_key;