r2280: fixed the session key choice for ncacn_np and ncacn_ip_tcp in the rpc server

(This used to be commit 3b4ed24f4ba467a77bef8d6c25695fdbdb42b2ac)

4 files changed, 12 insertions, 15 deletions

diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c
index 891462214c..ba8d2bd835 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -300,6 +300,7 @@ NTSTATUS dcesrv_endpoint_search_connect(struct dcesrv_context *dce_ctx,
 
 	session_info->refcount++;
 	(*dce_conn_p)->auth_state.session_info = session_info;
+	(*dce_conn_p)->transport_session_key = session_info->session_key;
 
 	/* TODO: check security descriptor of the endpoint here 
 	 *       if it's a smb named pipe
@@ -763,15 +764,16 @@ NTSTATUS dcesrv_input_process(struct dcesrv_connection *dce_conn)
 		return status;
 	}
 
-	dce_partial_advance(dce_conn, blob.length);
-
 	/* we have to check the signing here, before combining the
 	   pdus */
 	if (call->pkt.ptype == DCERPC_PKT_REQUEST &&
-	    !dcesrv_auth_request(call)) {
+	    !dcesrv_auth_request(call, &blob)) {
+		dce_partial_advance(dce_conn, blob.length);
 		return dcesrv_fault(call, DCERPC_FAULT_LOGON_FAILURE);		
 	}
 
+	dce_partial_advance(dce_conn, blob.length);
+
 	/* see if this is a continued packet */
 	if (!(call->pkt.pfc_flags & DCERPC_PFC_FLAG_FIRST)) {
 		struct dcesrv_call_state *call2 = call;
diff --git a/source4/rpc_server/dcerpc_server.h b/source4/rpc_server/dcerpc_server.h
index 15da3e38bb..0a7ccdaed8 100644
--- a/source4/rpc_server/dcerpc_server.h
+++ b/source4/rpc_server/dcerpc_server.h
@@ -134,6 +134,9 @@ struct dcesrv_connection {
 	struct dcesrv_auth auth_state;
 
 	struct server_connection *srv_conn;
+
+	/* the transport level session key */
+	DATA_BLOB transport_session_key;
 };
 
 
diff --git a/source4/rpc_server/dcerpc_tcp.c b/source4/rpc_server/dcerpc_tcp.c
index c6a85377e0..3d51ecc51d 100644
--- a/source4/rpc_server/dcerpc_tcp.c
+++ b/source4/rpc_server/dcerpc_tcp.c
@@ -124,8 +124,6 @@ void dcesrv_tcp_accept(struct server_connection *conn)
 
 	DEBUG(5,("dcesrv_tcp_accept\n"));
 
-
-
 	status = dcesrv_endpoint_connect(dcesrv_sock->dcesrv_ctx, dcesrv_sock->endpoint, &dcesrv_conn);
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0,("dcesrv_tcp_accept: dcesrv_endpoint_connect failed: %s\n", 
@@ -135,6 +133,8 @@ void dcesrv_tcp_accept(struct server_connection *conn)
 
 	dcesrv_conn->srv_conn = conn;
 
+	dcesrv_conn->transport_session_key = data_blob_talloc(dcesrv_conn, "SystemLibraryDTC", 16);
+
 	conn->private_data = dcesrv_conn;
 
 	/* TODO: this should to the generic code
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index 852f564aef..436a53b7d9 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -683,11 +683,7 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call,
 	uint32_t new_pass_len;
 	DATA_BLOB session_key = data_blob(NULL, 0);
 
-	session_key = data_blob(NULL,0);
-
-	if (dce_call->conn->auth_state.session_info) {	
-		session_key = dce_call->conn->auth_state.session_info->session_key;
-	}
+	session_key = dce_call->conn->transport_session_key;
 
 	if (session_key.length == 0) {
 		DEBUG(3,("Bad session key in samr_set_password\n"));
@@ -731,11 +727,7 @@ NTSTATUS samr_set_password_ex(struct dcesrv_call_state *dce_call,
 	DATA_BLOB session_key = data_blob(NULL, 0);
 	struct MD5Context ctx;
 
-	session_key = data_blob(NULL,0);
-
-	if (dce_call->conn->auth_state.session_info) {	
-		session_key = dce_call->conn->auth_state.session_info->session_key;
-	}
+	session_key = dce_call->conn->transport_session_key;
 
 	if (session_key.length == 0) {
 		DEBUG(3,("Bad session key in samr_set_password\n"));