diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-09-12 03:18:24 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:58:40 -0500 |
commit | 15a96c42985c9bb4778a16160290220a935d99bd (patch) | |
tree | 3ca0bd98be270465d8be1596ccd684d33ca60ad1 /source4/rpc_server/dcerpc_server.c | |
parent | 67c37a3b8ed9a0c9b5cc95ba03a921cf32e3cf3f (diff) | |
download | samba-15a96c42985c9bb4778a16160290220a935d99bd.tar.gz samba-15a96c42985c9bb4778a16160290220a935d99bd.tar.bz2 samba-15a96c42985c9bb4778a16160290220a935d99bd.zip |
r2290: Fix 'lsakey' for the server-side, it is static for
'authenticated' connections.
Fix kerberos session key issues - we need to call the
routine for extracting the session key, not just read the cache.
Andrew Bartlett
(This used to be commit b80d849b6b586869fc7d3d4153db1a316f2867a9)
Diffstat (limited to 'source4/rpc_server/dcerpc_server.c')
-rw-r--r-- | source4/rpc_server/dcerpc_server.c | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index ba8d2bd835..4c460d377a 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -239,6 +239,35 @@ NTSTATUS dcesrv_interface_register(struct dcesrv_context *dce_ctx, return NT_STATUS_OK; } +static NTSTATUS dcesrv_inherited_session_key(struct dcesrv_connection *p, + DATA_BLOB *session_key) +{ + if (p->auth_state.session_info->session_key.length) { + *session_key = p->auth_state.session_info->session_key; + return NT_STATUS_OK; + } + return NT_STATUS_NO_USER_SESSION_KEY; +} + +NTSTATUS dcesrv_generic_session_key(struct dcesrv_connection *p, + DATA_BLOB *session_key) +{ + /* this took quite a few CPU cycles to find ... */ + session_key->data = "SystemLibraryDTC"; + session_key->length = 16; + return NT_STATUS_OK; +} + +/* + fetch the user session key - may be default (above) or the SMB session key +*/ +NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p, + DATA_BLOB *session_key) +{ + return p->auth_state.session_key(p, session_key); +} + + /* connect to a dcerpc endpoint */ @@ -271,6 +300,7 @@ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx, (*p)->auth_state.auth_info = NULL; (*p)->auth_state.gensec_security = NULL; (*p)->auth_state.session_info = NULL; + (*p)->auth_state.session_key = dcesrv_generic_session_key; (*p)->srv_conn = NULL; return NT_STATUS_OK; @@ -300,7 +330,7 @@ NTSTATUS dcesrv_endpoint_search_connect(struct dcesrv_context *dce_ctx, session_info->refcount++; (*dce_conn_p)->auth_state.session_info = session_info; - (*dce_conn_p)->transport_session_key = session_info->session_key; + (*dce_conn_p)->auth_state.session_key = dcesrv_inherited_session_key; /* TODO: check security descriptor of the endpoint here * if it's a smb named pipe |