diff options
-rw-r--r-- | source3/auth/auth_ntlmssp.c | 33 | ||||
-rw-r--r-- | source3/auth/auth_util.c | 172 | ||||
-rw-r--r-- | source3/auth/proto.h | 20 | ||||
-rw-r--r-- | source3/auth/user_krb5.c | 43 | ||||
-rw-r--r-- | source3/rpc_server/dcesrv_gssapi.c | 5 | ||||
-rw-r--r-- | source3/rpc_server/rpc_server.c | 10 | ||||
-rw-r--r-- | source3/smbd/service.c | 6 | ||||
-rw-r--r-- | source3/smbd/sesssetup.c | 64 | ||||
-rw-r--r-- | source3/smbd/smb2_sesssetup.c | 23 |
9 files changed, 193 insertions, 183 deletions
diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c index ae29c30570..99f4564cdf 100644 --- a/source3/auth/auth_ntlmssp.c +++ b/source3/auth/auth_ntlmssp.c @@ -31,23 +31,16 @@ NTSTATUS auth_ntlmssp_steal_session_info(TALLOC_CTX *mem_ctx, struct auth_ntlmssp_state *auth_ntlmssp_state, struct auth_serversupplied_info **session_info) { - /* Free the current server_info user_session_key and reset it from the - * current ntlmssp_state session_key */ - data_blob_free(&auth_ntlmssp_state->server_info->user_session_key); - /* Set up the final session key for the connection */ - auth_ntlmssp_state->server_info->user_session_key = - data_blob_talloc( - auth_ntlmssp_state->server_info, - auth_ntlmssp_state->ntlmssp_state->session_key.data, - auth_ntlmssp_state->ntlmssp_state->session_key.length); - if (auth_ntlmssp_state->ntlmssp_state->session_key.length && - !auth_ntlmssp_state->server_info->user_session_key.data) { - *session_info = NULL; - return NT_STATUS_NO_MEMORY; + NTSTATUS nt_status = create_local_token(mem_ctx, + auth_ntlmssp_state->server_info, + &auth_ntlmssp_state->ntlmssp_state->session_key, + session_info); + + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(10, ("create_local_token failed: %s\n", + nt_errstr(nt_status))); } - /* Steal session_info away from auth_ntlmssp_state */ - *session_info = talloc_move(mem_ctx, &auth_ntlmssp_state->server_info); - return NT_STATUS_OK; + return nt_status; } /** @@ -156,14 +149,6 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, auth_ntlmssp_state->server_info->nss_token |= username_was_mapped; - nt_status = create_local_token(auth_ntlmssp_state->server_info); - - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(10, ("create_local_token failed: %s\n", - nt_errstr(nt_status))); - return nt_status; - } - /* Clear out the session keys, and pass them to the caller. * They will not be used in this form again - instead the * NTLMSSP code will decide on the final correct session key, diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index c84e3d3508..8666b55b47 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -442,11 +442,46 @@ static NTSTATUS log_nt_token(struct security_token *token) * server_info->sids (the info3/sam groups). Find the unix gids. */ -NTSTATUS create_local_token(struct auth_serversupplied_info *server_info) +NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, + struct auth_serversupplied_info *server_info, + DATA_BLOB *session_key, + struct auth_serversupplied_info **session_info_out) { NTSTATUS status; size_t i; struct dom_sid tmp_sid; + struct auth_serversupplied_info *session_info; + + /* Ensure we can't possible take a code path leading to a + * null defref. */ + if (!server_info) { + return NT_STATUS_LOGON_FAILURE; + } + + session_info = copy_serverinfo(mem_ctx, server_info); + + if (!session_info) { + return NT_STATUS_NO_MEMORY; + } + + if (session_key) { + data_blob_free(&session_info->user_session_key); + session_info->user_session_key = data_blob_talloc(session_info, + session_key->data, + session_key->length); + if (!session_info->user_session_key.data && session_key->length) { + return NT_STATUS_NO_MEMORY; + } + } + + if (session_info->security_token) { + /* Just copy the token, it has already been finalised + * (nasty hack to support a cached guest session_info, + * and a possible strategy for auth_samba4 to pass in + * a finalised session) */ + *session_info_out = session_info; + return NT_STATUS_OK; + } /* * If winbind is not around, we can not make much use of the SIDs the @@ -455,21 +490,21 @@ NTSTATUS create_local_token(struct auth_serversupplied_info *server_info) */ if (((lp_server_role() == ROLE_DOMAIN_MEMBER) && !winbind_ping()) || - (server_info->nss_token)) { - status = create_token_from_username(server_info, - server_info->unix_name, - server_info->guest, - &server_info->utok.uid, - &server_info->utok.gid, - &server_info->unix_name, - &server_info->security_token); + (session_info->nss_token)) { + status = create_token_from_username(session_info, + session_info->unix_name, + session_info->guest, + &session_info->utok.uid, + &session_info->utok.gid, + &session_info->unix_name, + &session_info->security_token); } else { - status = create_local_nt_token_from_info3(server_info, - server_info->guest, - server_info->info3, - &server_info->extra, - &server_info->security_token); + status = create_local_nt_token_from_info3(session_info, + session_info->guest, + session_info->info3, + &session_info->extra, + &session_info->security_token); } if (!NT_STATUS_IS_OK(status)) { @@ -478,14 +513,14 @@ NTSTATUS create_local_token(struct auth_serversupplied_info *server_info) /* Convert the SIDs to gids. */ - server_info->utok.ngroups = 0; - server_info->utok.groups = NULL; + session_info->utok.ngroups = 0; + session_info->utok.groups = NULL; /* Start at index 1, where the groups start. */ - for (i=1; i<server_info->security_token->num_sids; i++) { + for (i=1; i<session_info->security_token->num_sids; i++) { gid_t gid; - struct dom_sid *sid = &server_info->security_token->sids[i]; + struct dom_sid *sid = &session_info->security_token->sids[i]; if (!sid_to_gid(sid, &gid)) { DEBUG(10, ("Could not convert SID %s to gid, " @@ -493,8 +528,8 @@ NTSTATUS create_local_token(struct auth_serversupplied_info *server_info) continue; } if (!add_gid_to_array_unique(server_info, gid, - &server_info->utok.groups, - &server_info->utok.ngroups)) { + &session_info->utok.groups, + &session_info->utok.ngroups)) { return NT_STATUS_NO_MEMORY; } } @@ -512,28 +547,33 @@ NTSTATUS create_local_token(struct auth_serversupplied_info *server_info) * the nt token. */ - uid_to_unix_users_sid(server_info->utok.uid, &tmp_sid); + uid_to_unix_users_sid(session_info->utok.uid, &tmp_sid); - add_sid_to_array_unique(server_info->security_token, &tmp_sid, - &server_info->security_token->sids, - &server_info->security_token->num_sids); + add_sid_to_array_unique(session_info->security_token, &tmp_sid, + &session_info->security_token->sids, + &session_info->security_token->num_sids); - for ( i=0; i<server_info->utok.ngroups; i++ ) { - gid_to_unix_groups_sid(server_info->utok.groups[i], &tmp_sid); - add_sid_to_array_unique(server_info->security_token, &tmp_sid, - &server_info->security_token->sids, - &server_info->security_token->num_sids); + for ( i=0; i<session_info->utok.ngroups; i++ ) { + gid_to_unix_groups_sid(session_info->utok.groups[i], &tmp_sid); + add_sid_to_array_unique(session_info->security_token, &tmp_sid, + &session_info->security_token->sids, + &session_info->security_token->num_sids); } - security_token_debug(DBGC_AUTH, 10, server_info->security_token); + security_token_debug(DBGC_AUTH, 10, session_info->security_token); debug_unix_user_token(DBGC_AUTH, 10, - server_info->utok.uid, - server_info->utok.gid, - server_info->utok.ngroups, - server_info->utok.groups); + session_info->utok.uid, + session_info->utok.gid, + session_info->utok.ngroups, + session_info->utok.groups); - status = log_nt_token(server_info->security_token); - return status; + status = log_nt_token(session_info->security_token); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + *session_info_out = session_info; + return NT_STATUS_OK; } /*************************************************************************** @@ -693,10 +733,16 @@ static NTSTATUS get_guest_info3(TALLOC_CTX *mem_ctx, Make (and fill) a user_info struct for a guest login. This *must* succeed for smbd to start. If there is no mapping entry for the guest gid, then create one. + + The resulting structure is a 'session_info' because + create_local_token() has already been called on it. This is quite + nasty, as the auth subsystem isn't expect this, but the behaviour is + left as-is for now. ***************************************************************************/ -static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **server_info) +static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **session_info) { + struct auth_serversupplied_info *server_info; static const char zeros[16] = {0}; const char *guest_account = lp_guestaccount(); const char *domain = global_myname(); @@ -720,29 +766,34 @@ static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **ser status = make_server_info_info3(tmp_ctx, guest_account, domain, - server_info, + &server_info, &info3); if (!NT_STATUS_IS_OK(status)) { goto done; } - (*server_info)->guest = True; + server_info->guest = True; - status = create_local_token(*server_info); + /* This should not be done here (we should produce a server + * info, and later construct a session info from it), but for + * now this does not change the previous behaviours */ + status = create_local_token(tmp_ctx, server_info, NULL, session_info); + TALLOC_FREE(server_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("create_local_token failed: %s\n", nt_errstr(status))); goto done; } + talloc_steal(NULL, *session_info); /* annoying, but the Guest really does have a session key, and it is all zeros! */ - (*server_info)->user_session_key = data_blob(zeros, sizeof(zeros)); - (*server_info)->lm_session_key = data_blob(zeros, sizeof(zeros)); + (*session_info)->user_session_key = data_blob(zeros, sizeof(zeros)); + (*session_info)->lm_session_key = data_blob(zeros, sizeof(zeros)); - alpha_strcpy(tmp, (*server_info)->info3->base.account_name.string, + alpha_strcpy(tmp, (*session_info)->info3->base.account_name.string, ". _-$", sizeof(tmp)); - (*server_info)->sanitized_username = talloc_strdup(*server_info, tmp); + (*session_info)->sanitized_username = talloc_strdup(*session_info, tmp); status = NT_STATUS_OK; done: @@ -766,10 +817,10 @@ static NTSTATUS make_new_session_info_system(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_SUCH_USER; } - status = make_serverinfo_from_username(mem_ctx, - pwd->pw_name, - false, - session_info); + status = make_session_info_from_username(mem_ctx, + pwd->pw_name, + false, + session_info); TALLOC_FREE(pwd); if (!NT_STATUS_IS_OK(status)) { return status; @@ -790,13 +841,15 @@ static NTSTATUS make_new_session_info_system(TALLOC_CTX *mem_ctx, } /**************************************************************************** - Fake a auth_serversupplied_info just from a username + Fake a auth_serversupplied_info just from a username (as a + session_info structure, with create_local_token() already called on + it. ****************************************************************************/ -NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, - const char *username, - bool is_guest, - struct auth_serversupplied_info **presult) +NTSTATUS make_session_info_from_username(TALLOC_CTX *mem_ctx, + const char *username, + bool is_guest, + struct auth_serversupplied_info **session_info) { struct auth_serversupplied_info *result; struct passwd *pwd; @@ -818,15 +871,10 @@ NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, result->nss_token = true; result->guest = is_guest; - status = create_local_token(result); - - if (!NT_STATUS_IS_OK(status)) { - TALLOC_FREE(result); - return status; - } - - *presult = talloc_steal(mem_ctx, result); - return NT_STATUS_OK; + /* Now turn the server_info into a session_info with the full token etc */ + status = create_local_token(mem_ctx, result, NULL, session_info); + talloc_free(result); + return status; } diff --git a/source3/auth/proto.h b/source3/auth/proto.h index 3bf325e763..15e79dda0a 100644 --- a/source3/auth/proto.h +++ b/source3/auth/proto.h @@ -101,7 +101,10 @@ bool make_user_info_guest(struct auth_usersupplied_info **user_info) ; struct samu; NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info, struct samu *sampass); -NTSTATUS create_local_token(struct auth_serversupplied_info *server_info); +NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, + struct auth_serversupplied_info *server_info, + DATA_BLOB *session_key, + struct auth_serversupplied_info **session_info_out); NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, bool is_guest, uid_t *uid, gid_t *gid, @@ -113,10 +116,10 @@ struct passwd; NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, char *unix_username, struct passwd *pwd); -NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, - const char *username, - bool is_guest, - struct auth_serversupplied_info **presult); +NTSTATUS make_session_info_from_username(TALLOC_CTX *mem_ctx, + const char *username, + bool is_guest, + struct auth_serversupplied_info **session_info); struct auth_serversupplied_info *copy_serverinfo(TALLOC_CTX *mem_ctx, const struct auth_serversupplied_info *src); bool init_guest_info(void); @@ -258,11 +261,12 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx, char **ntdomain, char **username, struct passwd **_pw); -NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx, +NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx, char *ntuser, char *ntdomain, char *username, struct passwd *pw, struct PAC_LOGON_INFO *logon_info, - bool mapped_to_guest, bool username_was_mapped, - struct auth_serversupplied_info **server_info); + bool mapped_to_guest, bool username_was_mapped, + DATA_BLOB *session_key, + struct auth_serversupplied_info **session_info); diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c index 1d87ccab79..db73c6dfc0 100644 --- a/source3/auth/user_krb5.c +++ b/source3/auth/user_krb5.c @@ -179,19 +179,21 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } -NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx, +NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx, char *ntuser, char *ntdomain, char *username, struct passwd *pw, struct PAC_LOGON_INFO *logon_info, - bool mapped_to_guest, bool username_was_mapped, - struct auth_serversupplied_info **server_info) + bool mapped_to_guest, bool username_was_mapped, + DATA_BLOB *session_key, + struct auth_serversupplied_info **session_info) { NTSTATUS status; + struct auth_serversupplied_info *server_info; if (mapped_to_guest) { - status = make_server_info_guest(mem_ctx, server_info); + status = make_server_info_guest(mem_ctx, &server_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("make_server_info_guest failed: %s!\n", nt_errstr(status))); @@ -204,7 +206,7 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx, status = make_server_info_info3(mem_ctx, ntuser, ntdomain, - server_info, + &server_info, &logon_info->info3); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("make_server_info_info3 failed: %s!\n", @@ -248,28 +250,24 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx, return status; } - /* Steal tmp server info into the server_info pointer. */ - *server_info = talloc_move(mem_ctx, &tmp); - /* make_server_info_pw does not set the domain. Without this * we end up with the local netbios name in substitutions for * %D. */ - if ((*server_info)->info3 != NULL) { - (*server_info)->info3->base.domain.string = - talloc_strdup((*server_info)->info3, ntdomain); + if (server_info->info3 != NULL) { + server_info->info3->base.domain.string = + talloc_strdup(server_info->info3, ntdomain); } } - (*server_info)->nss_token |= username_was_mapped; + server_info->nss_token |= username_was_mapped; - if (!mapped_to_guest) { - status = create_local_token(*server_info); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(10,("failed to create local token: %s\n", - nt_errstr(status))); - return status; - } + status = create_local_token(mem_ctx, server_info, session_key, session_info); + talloc_free(server_info); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10,("failed to create local token: %s\n", + nt_errstr(status))); + return status; } return NT_STATUS_OK; @@ -290,14 +288,15 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx, return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx, +NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx, char *ntuser, char *ntdomain, char *username, struct passwd *pw, struct PAC_LOGON_INFO *logon_info, - bool mapped_to_guest, - struct auth_serversupplied_info **server_info) + bool mapped_to_guest, bool username_was_mapped, + DATA_BLOB *session_key, + struct auth_serversupplied_info **session_info) { return NT_STATUS_NOT_IMPLEMENTED; } diff --git a/source3/rpc_server/dcesrv_gssapi.c b/source3/rpc_server/dcesrv_gssapi.c index a3007e4044..c8a015e066 100644 --- a/source3/rpc_server/dcesrv_gssapi.c +++ b/source3/rpc_server/dcesrv_gssapi.c @@ -228,9 +228,10 @@ NTSTATUS gssapi_server_get_user_info(struct gse_context *gse_ctx, /* TODO: save PAC data in netsamlogon cache ? */ - status = make_server_info_krb5(mem_ctx, + status = make_session_info_krb5(mem_ctx, ntuser, ntdomain, username, pw, - logon_info, is_guest, is_mapped, server_info); + logon_info, is_guest, is_mapped, NULL /* No session key for now */, + server_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to map kerberos pac to server info (%s)\n", nt_errstr(status))); diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c index b9e5f9f946..9934e196cc 100644 --- a/source3/rpc_server/rpc_server.c +++ b/source3/rpc_server/rpc_server.c @@ -88,6 +88,7 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx, struct netr_SamInfo3 *info3; struct auth_user_info_dc *auth_user_info_dc; struct pipes_struct *p; + struct auth_serversupplied_info *server_info; NTSTATUS status; bool ok; @@ -148,7 +149,7 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx, status = make_server_info_info3(p, info3->base.account_name.string, info3->base.domain.string, - &p->session_info, info3); + &server_info, info3); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to init server info\n")); TALLOC_FREE(p); @@ -160,7 +161,8 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx, * Some internal functions need a local token to determine access to * resoutrces. */ - status = create_local_token(p->session_info); + status = create_local_token(p, server_info, &session_info->session_key, &p->session_info); + talloc_free(server_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to init local auth token\n")); TALLOC_FREE(p); @@ -173,10 +175,6 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx, * regardless of what we just calculated */ p->session_info->security_token = talloc_move(p->session_info, &session_info->security_token); - /* Also set the session key to the correct value */ - p->session_info->user_session_key = session_info->session_key; - p->session_info->user_session_key.data = talloc_move(p->session_info, &session_info->session_key.data); - p->client_id = talloc_zero(p, struct client_address); if (!p->client_id) { TALLOC_FREE(p); diff --git a/source3/smbd/service.c b/source3/smbd/service.c index f48cfcaa5d..b29713d21d 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -655,8 +655,8 @@ static NTSTATUS create_connection_session_info(struct smbd_server_connection *sc return NT_STATUS_WRONG_PASSWORD; } - return make_serverinfo_from_username(mem_ctx, user, guest, - presult); + return make_session_info_from_username(mem_ctx, user, guest, + presult); } DEBUG(0, ("invalid VUID (vuser) but not in security=share\n")); @@ -688,7 +688,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum) return NT_STATUS_NO_MEMORY; } - status = make_serverinfo_from_username( + status = make_session_info_from_username( conn, fuser, conn->session_info->guest, &forced_serverinfo); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 57b0b68be7..5067201a65 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -248,7 +248,7 @@ static void reply_spnego_kerberos(struct smb_request *req, int sess_vuid = req->vuid; NTSTATUS ret = NT_STATUS_OK; DATA_BLOB ap_rep, ap_rep_wrapped, response; - struct auth_serversupplied_info *server_info = NULL; + struct auth_serversupplied_info *session_info = NULL; DATA_BLOB session_key = data_blob_null; uint8 tok_id[2]; DATA_BLOB nullblob = data_blob_null; @@ -369,15 +369,16 @@ static void reply_spnego_kerberos(struct smb_request *req, /* reload services so that the new %U is taken into account */ reload_services(sconn->msg_ctx, sconn->sock, True); - ret = make_server_info_krb5(mem_ctx, - user, domain, real_username, pw, - logon_info, map_domainuser_to_guest, - username_was_mapped, - &server_info); + ret = make_session_info_krb5(mem_ctx, + user, domain, real_username, pw, + logon_info, map_domainuser_to_guest, + username_was_mapped, + &session_key, + &session_info); + data_blob_free(&session_key); if (!NT_STATUS_IS_OK(ret)) { DEBUG(1, ("make_server_info_krb5 failed!\n")); data_blob_free(&ap_rep); - data_blob_free(&session_key); TALLOC_FREE(mem_ctx); reply_nterror(req, nt_status_squash(ret)); return; @@ -387,20 +388,13 @@ static void reply_spnego_kerberos(struct smb_request *req, sess_vuid = register_initial_vuid(sconn); } - data_blob_free(&server_info->user_session_key); - /* Set the kerberos-derived session key onto the server_info */ - server_info->user_session_key = session_key; - talloc_steal(server_info, session_key.data); - - session_key = data_blob_null; - /* register_existing_vuid keeps the server info */ /* register_existing_vuid takes ownership of session_key on success, * no need to free after this on success. A better interface would copy * it.... */ sess_vuid = register_existing_vuid(sconn, sess_vuid, - server_info, nullblob, user); + session_info, nullblob, user); reply_outbuf(req, 4, 0); SSVAL(req->outbuf,smb_uid,sess_vuid); @@ -413,7 +407,7 @@ static void reply_spnego_kerberos(struct smb_request *req, SSVAL(req->outbuf, smb_vwv3, 0); - if (server_info->guest) { + if (session_info->guest) { SSVAL(req->outbuf,smb_vwv2,1); } @@ -1275,6 +1269,7 @@ void reply_sesssetup_and_X(struct smb_request *req) const char *primary_domain; struct auth_usersupplied_info *user_info = NULL; struct auth_serversupplied_info *server_info = NULL; + struct auth_serversupplied_info *session_info = NULL; uint16 smb_flag2 = req->flags2; NTSTATUS nt_status; @@ -1622,29 +1617,20 @@ void reply_sesssetup_and_X(struct smb_request *req) return; } - /* Ensure we can't possible take a code path leading to a - * null defref. */ - if (!server_info) { - reply_nterror(req, nt_status_squash(NT_STATUS_LOGON_FAILURE)); + nt_status = create_local_token(req, server_info, NULL, &session_info); + TALLOC_FREE(server_info); + + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(10, ("create_local_token failed: %s\n", + nt_errstr(nt_status))); + data_blob_free(&nt_resp); + data_blob_free(&lm_resp); + data_blob_clear_free(&plaintext_password); + reply_nterror(req, nt_status_squash(nt_status)); END_PROFILE(SMBsesssetupX); return; } - if (!server_info->security_token) { - nt_status = create_local_token(server_info); - - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(10, ("create_local_token failed: %s\n", - nt_errstr(nt_status))); - data_blob_free(&nt_resp); - data_blob_free(&lm_resp); - data_blob_clear_free(&plaintext_password); - reply_nterror(req, nt_status_squash(nt_status)); - END_PROFILE(SMBsesssetupX); - return; - } - } - data_blob_clear_free(&plaintext_password); /* it's ok - setup a reply */ @@ -1654,7 +1640,7 @@ void reply_sesssetup_and_X(struct smb_request *req) /* perhaps grab OS version here?? */ } - if (server_info->guest) { + if (session_info->guest) { SSVAL(req->outbuf,smb_vwv2,1); } @@ -1663,7 +1649,7 @@ void reply_sesssetup_and_X(struct smb_request *req) if (lp_security() == SEC_SHARE) { sess_vuid = UID_FIELD_INVALID; - TALLOC_FREE(server_info); + TALLOC_FREE(session_info); } else { /* Ignore the initial vuid. */ sess_vuid = register_initial_vuid(sconn); @@ -1675,9 +1661,9 @@ void reply_sesssetup_and_X(struct smb_request *req) END_PROFILE(SMBsesssetupX); return; } - /* register_existing_vuid keeps the server info */ + /* register_existing_vuid keeps the session_info */ sess_vuid = register_existing_vuid(sconn, sess_vuid, - server_info, + session_info, nt_resp.data ? nt_resp : lm_resp, sub_user); if (sess_vuid == UID_FIELD_INVALID) { diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 3668ab8851..722e4c7705 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -236,11 +236,12 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session, /* reload services so that the new %U is taken into account */ reload_services(smb2req->sconn->msg_ctx, smb2req->sconn->sock, true); - status = make_server_info_krb5(session, - user, domain, real_username, pw, - logon_info, map_domainuser_to_guest, - username_was_mapped, - &session->session_info); + status = make_session_info_krb5(session, + user, domain, real_username, pw, + logon_info, map_domainuser_to_guest, + username_was_mapped, + &session_key, + &session->session_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("smb2: make_server_info_krb5 failed\n")); goto fail; @@ -259,18 +260,6 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session, session->do_signing = false; } - data_blob_free(&session->session_info->user_session_key); - session->session_info->user_session_key = - data_blob_talloc( - session->session_info, - session_key.data, - session_key.length); - if (session_key.length > 0) { - if (session->session_info->user_session_key.data == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - } session->session_key = session->session_info->user_session_key; session->compat_vuser = talloc_zero(session, user_struct); |