diff options
-rw-r--r-- | source4/libcli/auth/gensec_krb5.c | 6 | ||||
-rw-r--r-- | source4/rpc_server/dcerpc_server.c | 32 | ||||
-rw-r--r-- | source4/rpc_server/dcerpc_server.h | 1 | ||||
-rw-r--r-- | source4/rpc_server/dcerpc_tcp.c | 2 | ||||
-rw-r--r-- | source4/rpc_server/dcesrv_auth.c | 5 | ||||
-rw-r--r-- | source4/rpc_server/samr/samr_password.c | 18 |
6 files changed, 47 insertions, 17 deletions
diff --git a/source4/libcli/auth/gensec_krb5.c b/source4/libcli/auth/gensec_krb5.c index 4a97d51c40..5dbdf56b03 100644 --- a/source4/libcli/auth/gensec_krb5.c +++ b/source4/libcli/auth/gensec_krb5.c @@ -682,15 +682,13 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security session_info->nt_user_token = NULL; } - session_info->session_key = data_blob_talloc(session_info->mem_ctx, - gensec_krb5_state->session_key.data, - gensec_krb5_state->session_key.length); + nt_status = gensec_krb5_session_key(gensec_security, &session_info->session_key); session_info->workstation = NULL; *session_info_out = session_info; - return NT_STATUS_OK; + return nt_status; } diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index ba8d2bd835..4c460d377a 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -239,6 +239,35 @@ NTSTATUS dcesrv_interface_register(struct dcesrv_context *dce_ctx, return NT_STATUS_OK; } +static NTSTATUS dcesrv_inherited_session_key(struct dcesrv_connection *p, + DATA_BLOB *session_key) +{ + if (p->auth_state.session_info->session_key.length) { + *session_key = p->auth_state.session_info->session_key; + return NT_STATUS_OK; + } + return NT_STATUS_NO_USER_SESSION_KEY; +} + +NTSTATUS dcesrv_generic_session_key(struct dcesrv_connection *p, + DATA_BLOB *session_key) +{ + /* this took quite a few CPU cycles to find ... */ + session_key->data = "SystemLibraryDTC"; + session_key->length = 16; + return NT_STATUS_OK; +} + +/* + fetch the user session key - may be default (above) or the SMB session key +*/ +NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p, + DATA_BLOB *session_key) +{ + return p->auth_state.session_key(p, session_key); +} + + /* connect to a dcerpc endpoint */ @@ -271,6 +300,7 @@ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx, (*p)->auth_state.auth_info = NULL; (*p)->auth_state.gensec_security = NULL; (*p)->auth_state.session_info = NULL; + (*p)->auth_state.session_key = dcesrv_generic_session_key; (*p)->srv_conn = NULL; return NT_STATUS_OK; @@ -300,7 +330,7 @@ NTSTATUS dcesrv_endpoint_search_connect(struct dcesrv_context *dce_ctx, session_info->refcount++; (*dce_conn_p)->auth_state.session_info = session_info; - (*dce_conn_p)->transport_session_key = session_info->session_key; + (*dce_conn_p)->auth_state.session_key = dcesrv_inherited_session_key; /* TODO: check security descriptor of the endpoint here * if it's a smb named pipe diff --git a/source4/rpc_server/dcerpc_server.h b/source4/rpc_server/dcerpc_server.h index 0a7ccdaed8..fd009f6219 100644 --- a/source4/rpc_server/dcerpc_server.h +++ b/source4/rpc_server/dcerpc_server.h @@ -99,6 +99,7 @@ struct dcesrv_auth { struct dcerpc_auth *auth_info; struct gensec_security *gensec_security; struct auth_session_info *session_info; + NTSTATUS (*session_key)(struct dcesrv_connection *, DATA_BLOB *session_key); }; diff --git a/source4/rpc_server/dcerpc_tcp.c b/source4/rpc_server/dcerpc_tcp.c index 3d51ecc51d..a3290e0170 100644 --- a/source4/rpc_server/dcerpc_tcp.c +++ b/source4/rpc_server/dcerpc_tcp.c @@ -133,8 +133,6 @@ void dcesrv_tcp_accept(struct server_connection *conn) dcesrv_conn->srv_conn = conn; - dcesrv_conn->transport_session_key = data_blob_talloc(dcesrv_conn, "SystemLibraryDTC", 16); - conn->private_data = dcesrv_conn; /* TODO: this should to the generic code diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c index ea029d4d7d..ace5da992d 100644 --- a/source4/rpc_server/dcesrv_auth.c +++ b/source4/rpc_server/dcesrv_auth.c @@ -128,6 +128,9 @@ BOOL dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct dcerpc_packet * DEBUG(1, ("Failed to establish session_info: %s\n", nt_errstr(status))); return False; } + + /* Now that we are authenticated, got back to the generic session key... */ + dce_conn->auth_state.session_key = dcesrv_generic_session_key; return True; } else if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { dce_conn->auth_state.auth_info->auth_pad_length = 0; @@ -176,6 +179,8 @@ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call) DEBUG(1, ("Failed to establish session_info: %s\n", nt_errstr(status))); return False; } + /* Now that we are authenticated, got back to the generic session key... */ + dce_conn->auth_state.session_key = dcesrv_generic_session_key; return True; } else { DEBUG(4, ("dcesrv_auth_auth3: failed to authenticate: %s\n", diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c index 436a53b7d9..3347787425 100644 --- a/source4/rpc_server/samr/samr_password.c +++ b/source4/rpc_server/samr/samr_password.c @@ -679,15 +679,14 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call, struct ldb_message *msg, struct samr_CryptPassword *pwbuf) { + NTSTATUS nt_status; char new_pass[512]; uint32_t new_pass_len; DATA_BLOB session_key = data_blob(NULL, 0); - session_key = dce_call->conn->transport_session_key; - - if (session_key.length == 0) { - DEBUG(3,("Bad session key in samr_set_password\n")); - return NT_STATUS_NO_USER_SESSION_KEY; + nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; } arcfour_crypt_blob(pwbuf->data, 516, &session_key); @@ -721,17 +720,16 @@ NTSTATUS samr_set_password_ex(struct dcesrv_call_state *dce_call, struct ldb_message *msg, struct samr_CryptPasswordEx *pwbuf) { + NTSTATUS nt_status; char new_pass[512]; uint32_t new_pass_len; DATA_BLOB co_session_key; DATA_BLOB session_key = data_blob(NULL, 0); struct MD5Context ctx; - session_key = dce_call->conn->transport_session_key; - - if (session_key.length == 0) { - DEBUG(3,("Bad session key in samr_set_password\n")); - return NT_STATUS_NO_USER_SESSION_KEY; + nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; } co_session_key = data_blob_talloc(mem_ctx, NULL, 16); |