r2284: Thanks to some great detective work by tridge, NTLM2 signing now works.

This means that 'require NTLMv2 session security' now works for RPC
pipe signing.  We don't yet have sealing, but it can't be much further.

This is almost all tridge's code, munged into a form that can work
with the GENSEC API.

This commit also includes more lsakey fixes - that key is used for all
DCE-RPC level authenticated connections, even over CIFS/ncacn_np.

No doubt I missed something, but I'm going to get some sleep :-)

Andrew Bartlett
(This used to be commit a1fe175eec884280fb7e9ca8f528134cf4600beb)

1 files changed, 3 insertions, 2 deletions

diff --git a/source4/librpc/rpc/dcerpc_smb.c b/source4/librpc/rpc/dcerpc_smb.c
index fa9101bbd6..eece07c678 100644
--- a/source4/librpc/rpc/dcerpc_smb.c
+++ b/source4/librpc/rpc/dcerpc_smb.c
@@ -359,7 +359,6 @@ NTSTATUS smb_session_key(struct dcerpc_pipe *p, DATA_BLOB *session_key)
 		*session_key = smb->tree->session->user_session_key;
 		return NT_STATUS_OK;
 	}
-
 	return NT_STATUS_NO_USER_SESSION_KEY;
 }
 
@@ -425,13 +424,15 @@ NTSTATUS dcerpc_pipe_open_smb(struct dcerpc_pipe **p,
 	(*p)->transport.private = NULL;
 	(*p)->transport.shutdown_pipe = smb_shutdown_pipe;
 	(*p)->transport.peer_name = smb_peer_name;
-	(*p)->transport.session_key = smb_session_key;
 
 	(*p)->transport.send_request = smb_send_request;
 	(*p)->transport.send_read = send_read_request;
 	(*p)->transport.event_context = smb_event_context;
 	(*p)->transport.recv_data = NULL;
 	
+	/* Over-ride the default session key with the SMB session key */
+	(*p)->security_state.session_key = smb_session_key;
+
 	smb = talloc((*p), sizeof(*smb));
 	if (!smb) {
 		dcerpc_pipe_close(*p);