summaryrefslogtreecommitdiff
path: root/source4/rpc_server/netlogon/schannel_state.c
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-06-14 08:12:50 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:56:39 -0500
commitbccac81d8792f85ae37d4a6617a92e2fae75aa50 (patch)
treef0c16dd01073e4c7276a23b0b7a666b33e055053 /source4/rpc_server/netlogon/schannel_state.c
parent2fcf85920deb2bb3e564c7be611b2cec838afbf1 (diff)
downloadsamba-bccac81d8792f85ae37d4a6617a92e2fae75aa50.tar.gz
samba-bccac81d8792f85ae37d4a6617a92e2fae75aa50.tar.bz2
samba-bccac81d8792f85ae37d4a6617a92e2fae75aa50.zip
r1136: - added IDL for netr_LogonGetDomainInfo()
- added workstation to auth_session_info in rpc servers - added session key fetch hook in crypto backends in dcesrv - store and fetch seed as well as a session key in schannel ldb - when a client uses schannel to setup a netlogon pipe connection we also need to setup the credentials from the schannel negotiation so credentials chaining works - added server side netr_LogonGetDomainInfo() call (This used to be commit a35459387de3b6a422c5af6f658338fc7e4314b0)
Diffstat (limited to 'source4/rpc_server/netlogon/schannel_state.c')
-rw-r--r--source4/rpc_server/netlogon/schannel_state.c26
1 files changed, 21 insertions, 5 deletions
diff --git a/source4/rpc_server/netlogon/schannel_state.c b/source4/rpc_server/netlogon/schannel_state.c
index eaa5013572..43134fd437 100644
--- a/source4/rpc_server/netlogon/schannel_state.c
+++ b/source4/rpc_server/netlogon/schannel_state.c
@@ -53,11 +53,12 @@ static struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx)
use a simple ldb structure
*/
NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
- const char *computer_name, struct creds_CredentialState *creds)
+ const char *computer_name,
+ struct creds_CredentialState *creds)
{
struct ldb_context *ldb;
struct ldb_message msg;
- struct ldb_val val;
+ struct ldb_val val, seed;
char *s = NULL;
time_t expiry = time(NULL) + SCHANNEL_CREDENTIALS_EXPIRY;
int ret;
@@ -85,7 +86,11 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
val.data = creds->session_key;
val.length = sizeof(creds->session_key);
+ seed.data = creds->seed.data;
+ seed.length = sizeof(creds->seed.data);
+
ldb_msg_add_value(ldb, &msg, "sessionKey", &val);
+ ldb_msg_add_value(ldb, &msg, "seed", &seed);
ldb_msg_add_string(ldb, &msg, "expiry", s);
ldb_delete(ldb, msg.dn);
@@ -104,10 +109,11 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
/*
- read back a session key for a computer
+ read back a credentials back for a computer
*/
NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
- const char *computer_name, uint8_t session_key[16])
+ const char *computer_name,
+ struct creds_CredentialState *creds)
{
struct ldb_context *ldb;
time_t expiry;
@@ -116,6 +122,8 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
const struct ldb_val *val;
char *expr=NULL;
+ ZERO_STRUCTP(creds);
+
ldb = schannel_db_connect(mem_ctx);
if (ldb == NULL) {
return NT_STATUS_NO_MEMORY;
@@ -146,7 +154,15 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
return NT_STATUS_INVALID_HANDLE;
}
- memcpy(session_key, val->data, 16);
+ memcpy(creds->session_key, val->data, 16);
+
+ val = ldb_msg_find_ldb_val(res[0], "seed");
+ if (val == NULL || val->length != 8) {
+ ldb_close(ldb);
+ return NT_STATUS_INVALID_HANDLE;
+ }
+
+ memcpy(creds->seed.data, val->data, 8);
ldb_close(ldb);