r2290: Fix 'lsakey' for the server-side, it is static for

'authenticated' connections.

Fix kerberos session key issues - we need to call the
routine for extracting the session key, not just read the cache.

Andrew Bartlett
(This used to be commit b80d849b6b586869fc7d3d4153db1a316f2867a9)

1 files changed, 8 insertions, 10 deletions

diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index 436a53b7d9..3347787425 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -679,15 +679,14 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call,
 			   struct ldb_message *msg, 
 			   struct samr_CryptPassword *pwbuf)
 {
+	NTSTATUS nt_status;
 	char new_pass[512];
 	uint32_t new_pass_len;
 	DATA_BLOB session_key = data_blob(NULL, 0);
 
-	session_key = dce_call->conn->transport_session_key;
-
-	if (session_key.length == 0) {
-		DEBUG(3,("Bad session key in samr_set_password\n"));
-		return NT_STATUS_NO_USER_SESSION_KEY;
+	nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key);
+	if (!NT_STATUS_IS_OK(nt_status)) {
+		return nt_status;
 	}
 
 	arcfour_crypt_blob(pwbuf->data, 516, &session_key);
@@ -721,17 +720,16 @@ NTSTATUS samr_set_password_ex(struct dcesrv_call_state *dce_call,
 			      struct ldb_message *msg, 
 			      struct samr_CryptPasswordEx *pwbuf)
 {
+	NTSTATUS nt_status;
 	char new_pass[512];
 	uint32_t new_pass_len;
 	DATA_BLOB co_session_key;
 	DATA_BLOB session_key = data_blob(NULL, 0);
 	struct MD5Context ctx;
 
-	session_key = dce_call->conn->transport_session_key;
-
-	if (session_key.length == 0) {
-		DEBUG(3,("Bad session key in samr_set_password\n"));
-		return NT_STATUS_NO_USER_SESSION_KEY;
+	nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key);
+	if (!NT_STATUS_IS_OK(nt_status)) {
+		return nt_status;
 	}
 
 	co_session_key = data_blob_talloc(mem_ctx, NULL, 16);