diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/ntdomain.h | 1 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 47 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe_hnd.c | 4 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 22 | ||||
-rw-r--r-- | source3/rpc_server/srv_wkssvc_nt.c | 14 |
5 files changed, 47 insertions, 41 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index 352d17bd3b..d582d50c97 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -237,7 +237,6 @@ typedef struct pipes_struct { */ struct current_user pipe_user; - DATA_BLOB session_key; /* * Set to true when an RPC bind has been done on this pipe. diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index cac48db7ee..80e2b2f9a9 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -606,9 +606,10 @@ bool create_next_pdu(pipes_struct *p) static bool pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob) { - DATA_BLOB reply; + DATA_BLOB session_key, reply; NTSTATUS status; AUTH_NTLMSSP_STATE *a = p->auth.a_u.auth_ntlmssp_state; + bool ret; DEBUG(5,("pipe_ntlmssp_verify_final: pipe %s checking user details\n", p->name)); @@ -663,18 +664,6 @@ static bool pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob) p->pipe_user.ut.uid = a->server_info->utok.uid; p->pipe_user.ut.gid = a->server_info->utok.gid; - /* - * We're an authenticated bind over smb, so the session key needs to - * be set to "SystemLibraryDTC". Weird, but this is what Windows - * does. See the RPC-SAMBA3SESSIONKEY. - */ - - data_blob_free(&p->session_key); - p->session_key = generic_session_key(); - if (!p->session_key.data) { - return False; - } - p->pipe_user.ut.ngroups = a->server_info->utok.ngroups; if (p->pipe_user.ut.ngroups) { if (!(p->pipe_user.ut.groups = (gid_t *)memdup( @@ -702,7 +691,20 @@ static bool pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob) return false; } - server_info_set_session_key(p->server_info, p->session_key); + /* + * We're an authenticated bind over smb, so the session key needs to + * be set to "SystemLibraryDTC". Weird, but this is what Windows + * does. See the RPC-SAMBA3SESSIONKEY. + */ + + session_key = generic_session_key(); + if (session_key.data == NULL) { + return False; + } + + ret = server_info_set_session_key(p->server_info, session_key); + + data_blob_free(&session_key); return True; } @@ -1332,6 +1334,7 @@ static bool pipe_schannel_auth_bind(pipes_struct *p, prs_struct *rpc_in_p, bool ret; struct dcinfo *pdcinfo; uint32 flags; + DATA_BLOB session_key; if (!smb_io_rpc_auth_schannel_neg("", &neg, rpc_in_p, 0)) { DEBUG(0,("pipe_schannel_auth_bind: Could not unmarshal SCHANNEL auth neg\n")); @@ -1378,12 +1381,20 @@ static bool pipe_schannel_auth_bind(pipes_struct *p, prs_struct *rpc_in_p, * anymore. */ - data_blob_free(&p->session_key); - p->session_key = generic_session_key(); - if (p->session_key.data == NULL) { + session_key = generic_session_key(); + if (session_key.data == NULL) { DEBUG(0, ("pipe_schannel_auth_bind: Could not alloc session" " key\n")); - return False; + return false; + } + + ret = server_info_set_session_key(p->server_info, session_key); + + data_blob_free(&session_key); + + if (!ret) { + DEBUG(0, ("server_info_set_session_key failed\n")); + return false; } init_rpc_hdr_auth(&auth_info, RPC_SCHANNEL_AUTH_TYPE, pauth_info->auth_level, RPC_HDR_AUTH_LEN, 1); diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index 9a57a1bdb3..f2b2919f43 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -339,9 +339,6 @@ static void *make_internal_rpc_pipe_p(const char *pipe_name, /* Store the session key and NT_TOKEN */ if (vuser) { - p->session_key = data_blob( - vuser->server_info->user_session_key.data, - vuser->server_info->user_session_key.length); p->pipe_user.nt_user_token = dup_nt_token( NULL, vuser->server_info->ptok); } @@ -1219,7 +1216,6 @@ static bool close_internal_rpc_pipe_hnd(void *np_conn) close_policy_by_pipe(p); TALLOC_FREE(p->pipe_user.nt_user_token); - data_blob_free(&p->session_key); SAFE_FREE(p->pipe_user.ut.groups); DLIST_REMOVE(InternalPipes, p); diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index a89e00f1ec..1b1e98c049 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -4206,11 +4206,11 @@ static NTSTATUS samr_SetUserInfo_internal(const char *fn_name, break; case 23: - if (!p->session_key.length) { + if (!p->server_info->user_session_key.length) { status = NT_STATUS_NO_USER_SESSION_KEY; } SamOEMhashBlob(info->info23.password.data, 516, - &p->session_key); + &p->server_info->user_session_key); dump_data(100, info->info23.password.data, 516); @@ -4219,12 +4219,12 @@ static NTSTATUS samr_SetUserInfo_internal(const char *fn_name, break; case 24: - if (!p->session_key.length) { + if (!p->server_info->user_session_key.length) { status = NT_STATUS_NO_USER_SESSION_KEY; } SamOEMhashBlob(info->info24.password.data, 516, - &p->session_key); + &p->server_info->user_session_key); dump_data(100, info->info24.password.data, 516); @@ -4235,11 +4235,12 @@ static NTSTATUS samr_SetUserInfo_internal(const char *fn_name, break; case 25: - if (!p->session_key.length) { + if (!p->server_info->user_session_key.length) { status = NT_STATUS_NO_USER_SESSION_KEY; } - encode_or_decode_arc4_passwd_buffer(info->info25.password.data, - &p->session_key); + encode_or_decode_arc4_passwd_buffer( + info->info25.password.data, + &p->server_info->user_session_key); dump_data(100, info->info25.password.data, 532); @@ -4255,11 +4256,12 @@ static NTSTATUS samr_SetUserInfo_internal(const char *fn_name, break; case 26: - if (!p->session_key.length) { + if (!p->server_info->user_session_key.length) { status = NT_STATUS_NO_USER_SESSION_KEY; } - encode_or_decode_arc4_passwd_buffer(info->info26.password.data, - &p->session_key); + encode_or_decode_arc4_passwd_buffer( + info->info26.password.data, + &p->server_info->user_session_key); dump_data(100, info->info26.password.data, 516); diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c index 3c64abfcdf..c96439cc1a 100644 --- a/source3/rpc_server/srv_wkssvc_nt.c +++ b/source3/rpc_server/srv_wkssvc_nt.c @@ -316,10 +316,9 @@ WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p, return WERR_NOT_SUPPORTED; } - werr = decode_wkssvc_join_password_buffer(p->mem_ctx, - r->in.encrypted_password, - &p->session_key, - &cleartext_pwd); + werr = decode_wkssvc_join_password_buffer( + p->mem_ctx, r->in.encrypted_password, + &p->server_info->user_session_key, &cleartext_pwd); if (!W_ERROR_IS_OK(werr)) { return werr; } @@ -383,10 +382,9 @@ WERROR _wkssvc_NetrUnjoinDomain2(pipes_struct *p, return WERR_ACCESS_DENIED; } - werr = decode_wkssvc_join_password_buffer(p->mem_ctx, - r->in.encrypted_password, - &p->session_key, - &cleartext_pwd); + werr = decode_wkssvc_join_password_buffer( + p->mem_ctx, r->in.encrypted_password, + &p->server_info->user_session_key, &cleartext_pwd); if (!W_ERROR_IS_OK(werr)) { return werr; } |