diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2004-05-09 12:42:18 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:51:51 -0500 |
| commit | dce84ffd379012812170f68f7de8aab73123f0b3 (patch) | |
| tree | c5f6973838572fd06c07d6771f5286bc2073b569 /source4/libcli/raw/clisession.c | |
| parent | 55fa62be31c9027d84be0e4caad3ee59d78ca1b0 (diff) | |
| download | samba-dce84ffd379012812170f68f7de8aab73123f0b3.tar.gz samba-dce84ffd379012812170f68f7de8aab73123f0b3.tar.bz2 samba-dce84ffd379012812170f68f7de8aab73123f0b3.zip | |
r610: - Merge the Samba3 'ntlm_auth --diagnostics' testsuite to Samba4.
- This required using NETLOGON_NEG_AUTH2_FLAGS for the
SetupCredentials2 negotiation flags, which is what Samba3 does,
because otherwise the server uses different crypto.
- This tests the returned session keys, which we decrypt.
- Update the Samba4 notion of a 'session key' to be a DATA_BLOB in
most places.
- Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is
available.
- Remove a useless argument to SMBsesskeygen_ntv1
- move netr_CredentialState from the .idl to the new credentials.h
Andrew Bartlett
(This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)
Diffstat (limited to 'source4/libcli/raw/clisession.c')
| -rw-r--r-- | source4/libcli/raw/clisession.c | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/source4/libcli/raw/clisession.c b/source4/libcli/raw/clisession.c index 1c0af77d11..fe64565597 100644 --- a/source4/libcli/raw/clisession.c +++ b/source4/libcli/raw/clisession.c @@ -235,21 +235,33 @@ static DATA_BLOB nt_blob(const char *pass, DATA_BLOB challenge) } /* + store the user session key for a transport +*/ +void cli_session_set_user_session_key(struct cli_session *session, + const DATA_BLOB *session_key) +{ + session->user_session_key = data_blob_talloc(session->mem_ctx, + session_key->data, + session_key->length); +} + +/* setup signing for a NT1 style session setup */ -static void setup_nt1_signing(struct cli_transport *transport, const char *password) +static void use_nt1_session_keys(struct cli_session *session, + const char *password, const DATA_BLOB *nt_response) { + struct cli_transport *transport = session->transport; uchar nt_hash[16]; - uchar session_key[16]; - DATA_BLOB nt_response; + DATA_BLOB session_key = data_blob(NULL, 16); E_md4hash(password, nt_hash); - SMBsesskeygen_ntv1(nt_hash, NULL, session_key); - nt_response = nt_blob(password, transport->negotiate.secblob); + SMBsesskeygen_ntv1(nt_hash, session_key.data); - cli_transport_set_session_key(transport, session_key); + cli_transport_simple_set_signing(transport, session_key, *nt_response); - cli_transport_simple_set_signing(transport, session_key, nt_response); + cli_session_set_user_session_key(session, &session_key); + data_blob_free(&session_key); } /**************************************************************************** @@ -332,7 +344,8 @@ static NTSTATUS smb_raw_session_setup_generic_nt1(struct cli_session *session, session->transport->negotiate.secblob); s2.nt1.in.password2 = nt_blob(parms->generic.in.password, session->transport->negotiate.secblob); - setup_nt1_signing(session->transport, parms->generic.in.password); + use_nt1_session_keys(session, parms->generic.in.password, &s2.nt1.in.password2); + } else { s2.nt1.in.password1 = data_blob(parms->generic.in.password, strlen(parms->generic.in.password)); |