r610: - Merge the Samba3 'ntlm_auth --diagnostics' testsuite to Samba4.

  - This required using NETLOGON_NEG_AUTH2_FLAGS for the
    SetupCredentials2 negotiation flags, which is what Samba3 does,
    because otherwise the server uses different crypto.
  - This tests the returned session keys, which we decrypt.

 - Update the Samba4 notion of a 'session key' to be a DATA_BLOB in
   most places.

 - Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is
   available.

 - Remove a useless argument to SMBsesskeygen_ntv1

 - move netr_CredentialState from the .idl to the new credentials.h

Andrew Bartlett
(This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)

1 files changed, 10 insertions, 16 deletions

diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c
index 0e045e0033..dce325d7e1 100644
--- a/source4/librpc/rpc/dcerpc_util.c
+++ b/source4/librpc/rpc/dcerpc_util.c
@@ -673,27 +673,21 @@ NTSTATUS dcerpc_secondary_smb(struct dcerpc_pipe *p, struct dcerpc_pipe **p2,
   only works for the ncacn_np transport
 */
 NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p,
-				  uint8 session_key[16])
+				  DATA_BLOB *session_key)
 {
 	struct cli_tree *tree;
 
-	memset(session_key, 0, 16);
-
+	if (p->security_state) {
+		return p->security_state->session_key(p->security_state, session_key);
+	}
+	
 	tree = dcerpc_smb_tree(p);
 	if (tree) {
-		memcpy(session_key, 
-		       tree->session->transport->negotiate.user_session_key,
-		       16);
-	}
-
-	if (p->security_state) {
-		NTSTATUS status;
-
-		status = p->security_state->session_key(p->security_state, session_key);
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
+		if (tree->session->user_session_key.data) {
+			*session_key = tree->session->user_session_key;
+			return NT_STATUS_OK;
 		}
 	}
-	
-	return NT_STATUS_OK;
+
+	return NT_STATUS_NO_USER_SESSION_KEY;
 }