summaryrefslogtreecommitdiff
path: root/source4/libcli/raw/clisession.c
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-05-09 12:42:18 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:51:51 -0500
commitdce84ffd379012812170f68f7de8aab73123f0b3 (patch)
treec5f6973838572fd06c07d6771f5286bc2073b569 /source4/libcli/raw/clisession.c
parent55fa62be31c9027d84be0e4caad3ee59d78ca1b0 (diff)
downloadsamba-dce84ffd379012812170f68f7de8aab73123f0b3.tar.gz
samba-dce84ffd379012812170f68f7de8aab73123f0b3.tar.bz2
samba-dce84ffd379012812170f68f7de8aab73123f0b3.zip
r610: - Merge the Samba3 'ntlm_auth --diagnostics' testsuite to Samba4.
- This required using NETLOGON_NEG_AUTH2_FLAGS for the SetupCredentials2 negotiation flags, which is what Samba3 does, because otherwise the server uses different crypto. - This tests the returned session keys, which we decrypt. - Update the Samba4 notion of a 'session key' to be a DATA_BLOB in most places. - Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is available. - Remove a useless argument to SMBsesskeygen_ntv1 - move netr_CredentialState from the .idl to the new credentials.h Andrew Bartlett (This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)
Diffstat (limited to 'source4/libcli/raw/clisession.c')
-rw-r--r--source4/libcli/raw/clisession.c29
1 files changed, 21 insertions, 8 deletions
diff --git a/source4/libcli/raw/clisession.c b/source4/libcli/raw/clisession.c
index 1c0af77d11..fe64565597 100644
--- a/source4/libcli/raw/clisession.c
+++ b/source4/libcli/raw/clisession.c
@@ -235,21 +235,33 @@ static DATA_BLOB nt_blob(const char *pass, DATA_BLOB challenge)
}
/*
+ store the user session key for a transport
+*/
+void cli_session_set_user_session_key(struct cli_session *session,
+ const DATA_BLOB *session_key)
+{
+ session->user_session_key = data_blob_talloc(session->mem_ctx,
+ session_key->data,
+ session_key->length);
+}
+
+/*
setup signing for a NT1 style session setup
*/
-static void setup_nt1_signing(struct cli_transport *transport, const char *password)
+static void use_nt1_session_keys(struct cli_session *session,
+ const char *password, const DATA_BLOB *nt_response)
{
+ struct cli_transport *transport = session->transport;
uchar nt_hash[16];
- uchar session_key[16];
- DATA_BLOB nt_response;
+ DATA_BLOB session_key = data_blob(NULL, 16);
E_md4hash(password, nt_hash);
- SMBsesskeygen_ntv1(nt_hash, NULL, session_key);
- nt_response = nt_blob(password, transport->negotiate.secblob);
+ SMBsesskeygen_ntv1(nt_hash, session_key.data);
- cli_transport_set_session_key(transport, session_key);
+ cli_transport_simple_set_signing(transport, session_key, *nt_response);
- cli_transport_simple_set_signing(transport, session_key, nt_response);
+ cli_session_set_user_session_key(session, &session_key);
+ data_blob_free(&session_key);
}
/****************************************************************************
@@ -332,7 +344,8 @@ static NTSTATUS smb_raw_session_setup_generic_nt1(struct cli_session *session,
session->transport->negotiate.secblob);
s2.nt1.in.password2 = nt_blob(parms->generic.in.password,
session->transport->negotiate.secblob);
- setup_nt1_signing(session->transport, parms->generic.in.password);
+ use_nt1_session_keys(session, parms->generic.in.password, &s2.nt1.in.password2);
+
} else {
s2.nt1.in.password1 = data_blob(parms->generic.in.password,
strlen(parms->generic.in.password));