2 files changed, 70 insertions, 24 deletions

diff --git a/source3/rpc_server/rpc_ncacn_np.c b/source3/rpc_server/rpc_ncacn_np.c
index af21ec2aad..c35fa847ad 100644
--- a/source3/rpc_server/rpc_ncacn_np.c
+++ b/source3/rpc_server/rpc_ncacn_np.c
@@ -26,6 +26,8 @@
 #include "../libcli/named_pipe_auth/npa_tstream.h"
 #include "rpc_server/rpc_ncacn_np.h"
 #include "librpc/gen_ndr/netlogon.h"
+#include "librpc/gen_ndr/auth.h"
+#include "../auth/auth_sam_reply.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_RPC_SRV
@@ -594,7 +596,9 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 	const char *socket_dir;
 	struct tevent_context *ev;
 	struct tevent_req *subreq;
-	struct netr_SamInfo3 *info3;
+	struct auth_session_info_transport *session_info;
+	struct auth_user_info_dc *user_info_dc;
+	union netr_Validation val;
 	NTSTATUS status;
 	bool ok;
 	int ret;
@@ -637,20 +641,31 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 		goto fail;
 	}
 
-	info3 = talloc_zero(talloc_tos(), struct netr_SamInfo3);
-	if (info3 == NULL) {
+	session_info = talloc_zero(talloc_tos(), struct auth_session_info_transport);
+	if (session_info == NULL) {
 		DEBUG(0, ("talloc failed\n"));
 		goto fail;
 	}
 
-	status = serverinfo_to_SamInfo3(server_info, NULL, 0, info3);
+	/* Send the named_pipe_auth server the user's full token */
+	session_info->security_token = server_info->ptok;
+	session_info->session_key = server_info->user_session_key;
+
+	val.sam3 = server_info->info3;
+
+	/* Convert into something we can build a struct
+	 * auth_session_info_transport from.  Most of the work here
+	 * will be to convert the SIDS, which we will then ignore, but
+	 * this is the easier way to handle it */
+	status = make_user_info_dc_netlogon_validation(talloc_tos(), "", 3, &val, &user_info_dc);
 	if (!NT_STATUS_IS_OK(status)) {
-		TALLOC_FREE(info3);
-		DEBUG(0, ("serverinfo_to_SamInfo3 failed: %s\n",
-			  nt_errstr(status)));
+		DEBUG(0, ("conversion of info3 into user_info_dc failed!\n"));
 		goto fail;
 	}
 
+	session_info->info = talloc_move(session_info, &user_info_dc->info);
+	talloc_free(user_info_dc);
+
 	become_root();
 	subreq = tstream_npa_connect_send(talloc_tos(), ev,
 					  socket_np_dir,
@@ -659,15 +674,13 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 					  NULL, /* client_name */
 					  local_address, /* server_addr */
 					  NULL, /* server_name */
-					  info3,
-					  server_info->user_session_key,
-					  data_blob_null /* delegated_creds */);
+					  session_info);
 	if (subreq == NULL) {
 		unbecome_root();
 		DEBUG(0, ("tstream_npa_connect_send to %s for pipe %s and "
 			  "user %s\\%s failed\n",
-			  socket_np_dir, pipe_name, info3->base.domain.string,
-			  info3->base.account_name.string));
+			  socket_np_dir, pipe_name, session_info->info->domain_name,
+			  session_info->info->account_name));
 		goto fail;
 	}
 	ok = tevent_req_poll(subreq, ev);
@@ -675,8 +688,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 	if (!ok) {
 		DEBUG(0, ("tevent_req_poll to %s for pipe %s and user %s\\%s "
 			  "failed for tstream_npa_connect: %s\n",
-			  socket_np_dir, pipe_name, info3->base.domain.string,
-			  info3->base.account_name.string,
+			  socket_np_dir, pipe_name, session_info->info->domain_name,
+			  session_info->info->account_name,
 			  strerror(errno)));
 		goto fail;
 
@@ -691,8 +704,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 	if (ret != 0) {
 		DEBUG(0, ("tstream_npa_connect_recv  to %s for pipe %s and "
 			  "user %s\\%s failed: %s\n",
-			  socket_np_dir, pipe_name, info3->base.domain.string,
-			  info3->base.account_name.string,
+			  socket_np_dir, pipe_name, session_info->info->domain_name,
+			  session_info->info->account_name,
 			  strerror(sys_errno)));
 		goto fail;
 	}
diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c
index 229096e463..a0da354fd3 100644
--- a/source3/rpc_server/rpc_server.c
+++ b/source3/rpc_server/rpc_server.c
@@ -21,9 +21,11 @@
 #include "rpc_server/rpc_server.h"
 #include "rpc_dce.h"
 #include "librpc/gen_ndr/netlogon.h"
+#include "librpc/gen_ndr/auth.h"
 #include "registry/reg_parse_prs.h"
 #include "lib/tsocket/tsocket.h"
 #include "libcli/named_pipe_auth/npa_tstream.h"
+#include "../auth/auth_sam_reply.h"
 
 /* Creates a pipes_struct and initializes it with the information
  * sent from the client */
@@ -31,10 +33,12 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
 				    const char *pipe_name,
 				    const struct ndr_syntax_id id,
 				    const char *client_address,
-				    struct netr_SamInfo3 *info3,
+				    struct auth_session_info_transport *session_info,
 				    struct pipes_struct **_p,
 				    int *perrno)
 {
+	struct netr_SamInfo3 *info3;
+	struct auth_user_info_dc *auth_user_info_dc;
 	struct pipes_struct *p;
 	NTSTATUS status;
 	bool ok;
@@ -67,6 +71,30 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
 
 	p->endian = RPC_LITTLE_ENDIAN;
 
+	/* Fake up an auth_user_info_dc for now, to make an info3, to make the server_info structure */
+	auth_user_info_dc = talloc_zero(p, struct auth_user_info_dc);
+	if (!auth_user_info_dc) {
+		TALLOC_FREE(p);
+		*perrno = ENOMEM;
+		return -1;
+	}
+
+	auth_user_info_dc->num_sids = session_info->security_token->num_sids;
+	auth_user_info_dc->sids = session_info->security_token->sids;
+	auth_user_info_dc->info = session_info->info;
+	auth_user_info_dc->user_session_key = session_info->session_key;
+
+	/* This creates the input structure that make_server_info_info3 is looking for */
+	status = auth_convert_user_info_dc_saminfo3(p, auth_user_info_dc,
+						    &info3);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(1, ("Failed to convert auth_user_info_dc into netr_SamInfo3\n"));
+		TALLOC_FREE(p);
+		*perrno = EINVAL;
+		return -1;
+	}
+
 	status = make_server_info_info3(p,
 					info3->base.account_name.string,
 					info3->base.domain.string,
@@ -90,6 +118,15 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
 		return -1;
 	}
 
+	/* Now override the server_info->ptok with the exact
+	 * security_token we were given from the other side,
+	 * regardless of what we just calculated */
+	p->server_info->ptok = talloc_move(p->server_info, &session_info->security_token);
+
+	/* Also set the session key to the correct value */
+	p->server_info->user_session_key = session_info->session_key;
+	p->server_info->user_session_key.data = talloc_move(p->server_info, &session_info->session_key.data);
+
 	p->client_id = talloc_zero(p, struct client_address);
 	if (!p->client_id) {
 		TALLOC_FREE(p);
@@ -318,9 +355,7 @@ struct named_pipe_client {
 	char *client_name;
 	struct tsocket_address *server;
 	char *server_name;
-	struct netr_SamInfo3 *info3;
-	DATA_BLOB session_key;
-	DATA_BLOB delegated_creds;
+	struct auth_session_info_transport *session_info;
 
 	struct pipes_struct *p;
 
@@ -410,9 +445,7 @@ static void named_pipe_accept_done(struct tevent_req *subreq)
 						&npc->client_name,
 						&npc->server,
 						&npc->server_name,
-						&npc->info3,
-						&npc->session_key,
-						&npc->delegated_creds);
+						&npc->session_info);
 	TALLOC_FREE(subreq);
 	if (ret != 0) {
 		DEBUG(2, ("Failed to accept named pipe connection! (%s)\n",
@@ -434,7 +467,7 @@ static void named_pipe_accept_done(struct tevent_req *subreq)
 
 	ret = make_server_pipes_struct(npc,
 					npc->pipe_name, npc->pipe_id,
-					cli_addr, npc->info3,
+					cli_addr, npc->session_info,
 					&npc->p, &error);
 	if (ret != 0) {
 		DEBUG(2, ("Failed to create pipes_struct! (%s)\n",