summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2005-06-17 06:36:13 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:18:21 -0500
commit8047db6e4b9cbaccb8a21b8947f6d04a7ca3c436 (patch)
treec72f3dae50a5c7eab304e7c5fcee32bd7b7be961 /source4
parentb523bde4998b95c676c01b660511ad77029471d2 (diff)
downloadsamba-8047db6e4b9cbaccb8a21b8947f6d04a7ca3c436.tar.gz
samba-8047db6e4b9cbaccb8a21b8947f6d04a7ca3c436.tar.bz2
samba-8047db6e4b9cbaccb8a21b8947f6d04a7ca3c436.zip
r7676: Make VUID and TID choice random, as this gives us protection against
replay attacks under SMB signing, where the session key is a fixed derivitive of the user's password. This removes the VID offset, but I'm not worried about random client bytes mattering here, given the space (and the fact that it applies to very, very old clients). Andrew Bartlett (This used to be commit eb1d37c5a91a6bc4515469e1ae026d28c12d7149)
Diffstat (limited to 'source4')
-rw-r--r--source4/smb_server/conn.c2
-rw-r--r--source4/smb_server/session.c2
2 files changed, 2 insertions, 2 deletions
diff --git a/source4/smb_server/conn.c b/source4/smb_server/conn.c
index 6ca8e4286c..dfc310a161 100644
--- a/source4/smb_server/conn.c
+++ b/source4/smb_server/conn.c
@@ -73,7 +73,7 @@ struct smbsrv_tcon *smbsrv_tcon_new(struct smbsrv_connection *smb_conn)
tcon = talloc_zero(smb_conn, struct smbsrv_tcon);
if (!tcon) return NULL;
- i = idr_get_new(smb_conn->tree.idtree_tid, tcon, UINT16_MAX);
+ i = idr_get_new_random(smb_conn->tree.idtree_tid, tcon, UINT16_MAX);
if (i == -1) {
DEBUG(1,("ERROR! Out of connection structures\n"));
return NULL;
diff --git a/source4/smb_server/session.c b/source4/smb_server/session.c
index bc2ac5fcb7..d7b7f22cd8 100644
--- a/source4/smb_server/session.c
+++ b/source4/smb_server/session.c
@@ -115,7 +115,7 @@ struct smbsrv_session *smbsrv_register_session(struct smbsrv_connection *smb_con
ZERO_STRUCTP(sess);
- i = idr_get_new_above(smb_conn->sessions.idtree_vuid, sess, VUID_OFFSET, UINT16_MAX);
+ i = idr_get_new_random(smb_conn->sessions.idtree_vuid, sess, UINT16_MAX);
if (i == -1) {
DEBUG(1,("ERROR! Out of connection structures\n"));
talloc_free(sess);