summaryrefslogtreecommitdiff
path: root/source4/auth/gensec/schannel_state.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth/gensec/schannel_state.c')
-rw-r--r--source4/auth/gensec/schannel_state.c23
1 files changed, 0 insertions, 23 deletions
diff --git a/source4/auth/gensec/schannel_state.c b/source4/auth/gensec/schannel_state.c
index 99d5fdef53..0c5ce09637 100644
--- a/source4/auth/gensec/schannel_state.c
+++ b/source4/auth/gensec/schannel_state.c
@@ -26,9 +26,6 @@
#include "lib/ldb/include/ldb.h"
#include "db_wrap.h"
-/* a reasonable amount of time to keep credentials live */
-#define SCHANNEL_CREDENTIALS_EXPIRY 600
-
/*
connect to the schannel ldb
*/
@@ -72,11 +69,9 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
struct ldb_context *ldb;
struct ldb_message *msg;
struct ldb_val val, seed;
- char *s;
char *f;
char *sct;
char *rid;
- time_t expiry = time(NULL) + SCHANNEL_CREDENTIALS_EXPIRY;
int ret;
ldb = schannel_db_connect(mem_ctx);
@@ -84,13 +79,6 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
- s = talloc_asprintf(mem_ctx, "%u", (unsigned int)expiry);
-
- if (s == NULL) {
- talloc_free(ldb);
- return NT_STATUS_NO_MEMORY;
- }
-
f = talloc_asprintf(mem_ctx, "%u", (unsigned int)creds->negotiate_flags);
if (f == NULL) {
@@ -133,7 +121,6 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
ldb_msg_add_value(ldb, msg, "sessionKey", &val);
ldb_msg_add_value(ldb, msg, "seed", &seed);
- ldb_msg_add_string(ldb, msg, "expiry", s);
ldb_msg_add_string(ldb, msg, "negotiateFlags", f);
ldb_msg_add_string(ldb, msg, "secureChannelType", sct);
ldb_msg_add_string(ldb, msg, "accountName", creds->account_name);
@@ -145,8 +132,6 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
ret = ldb_add(ldb, msg);
- talloc_free(s);
-
if (ret != 0) {
DEBUG(0,("Unable to add %s to session key db - %s\n",
msg->dn, ldb_errstring(ldb)));
@@ -171,7 +156,6 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
struct creds_CredentialState **creds)
{
struct ldb_context *ldb;
- time_t expiry;
struct ldb_message **res;
int ret;
const struct ldb_val *val;
@@ -199,13 +183,6 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
return NT_STATUS_INVALID_HANDLE;
}
- expiry = ldb_msg_find_uint(res[0], "expiry", 0);
- if (expiry < time(NULL)) {
- DEBUG(1,("schannel: attempt to use expired session key for %s\n", computer_name));
- talloc_free(ldb);
- return NT_STATUS_INVALID_HANDLE;
- }
-
val = ldb_msg_find_ldb_val(res[0], "sessionKey");
if (val == NULL || val->length != 16) {
DEBUG(1,("schannel: record in schannel DB must contain a sessionKey of length 16, when searching for client: %s\n", computer_name));
generated by cgit (git 2.34.1) at 2024-07-15 11:02:37 +0000