diff options
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/smbd/sesssetup.c | 59 |
1 files changed, 57 insertions, 2 deletions
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 003e4952f2..cf9c2e73dd 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -283,6 +283,58 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req) action = 1; } + if (session_info->session_key.length > 0) { + struct smbXsrv_session *x = session; + uint8_t session_key[16]; + + /* + * Note: the SMB1 signing key is not truncated to 16 byte! + */ + x->global->signing_key = + data_blob_dup_talloc(x->global, + session_info->session_key); + if (x->global->signing_key.data == NULL) { + data_blob_free(&out_blob); + TALLOC_FREE(session); + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + + /* + * The application key is truncated/padded to 16 bytes + */ + ZERO_STRUCT(session_key); + memcpy(session_key, x->global->signing_key.data, + MIN(x->global->signing_key.length, + sizeof(session_key))); + x->global->application_key = + data_blob_talloc(x->global, + session_key, + sizeof(session_key)); + ZERO_STRUCT(session_key); + if (x->global->application_key.data == NULL) { + data_blob_free(&out_blob); + TALLOC_FREE(session); + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + + /* + * Place the application key into the session_info + */ + data_blob_clear_free(&session_info->session_key); + session_info->session_key = + data_blob_dup_talloc(session_info, + x->global->application_key); + if (session_info->session_key.data == NULL) { + data_blob_clear_free(&x->global->application_key); + data_blob_free(&out_blob); + TALLOC_FREE(session); + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + } + session->compat = talloc_zero(session, struct user_struct); if (session->compat == NULL) { data_blob_free(&out_blob); @@ -312,13 +364,16 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req) return; } - if (srv_is_signing_negotiated(sconn) && action == 0) { + if (srv_is_signing_negotiated(sconn) && + action == 0 && + session->global->signing_key.length > 0) + { /* * Try and turn on server signing on the first non-guest * sessionsetup. */ srv_set_signing(sconn, - session_info->session_key, + session->global->signing_key, data_blob_null); } |