From 3719bfd1a0d15c7c17d86bc049634063434ba8ca Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sun, 2 Feb 2003 05:22:37 +0000
Subject: Merge from HEAD: Send the session key to the client, allowing it to
 perform SMB signing.

Andrew Bartlett
(This used to be commit 9bcdb869e53ee8048dd69053b804bdaf55db7b91)
---
 source3/rpc_parse/parse_net.c      |  4 ++--
 source3/rpc_server/srv_netlog_nt.c | 11 ++++++++++-
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index ac21e6f2dd..853bca3b54 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -1271,7 +1271,7 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr,
 			 
 			 uint16 logon_count, uint16 bad_pw_count,
  		 	 uint32 num_groups, const DOM_GID *gids,
-			 uint32 user_flgs, uchar *sess_key,
+			 uint32 user_flgs, uchar sess_key[16],
  			 const char *logon_srv, const char *logon_dom,
 			 const DOM_SID *dom_sid, const char *other_sids)
 {
@@ -1448,7 +1448,7 @@ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
 	if(!prs_uint32("user_flgs     ", ps, depth, &usr->user_flgs))     /* user flags */
 		return False;
 
-	if(!prs_uint8s(False, "user_sess_key", ps, depth, usr->user_sess_key, 16)) /* unused user session key */
+	if(!prs_uint8s(False, "user_sess_key", ps, depth, usr->user_sess_key, 16)) /* user session key */
 		return False;
 
 	if(!smb_io_unihdr("hdr_logon_srv", &usr->hdr_logon_srv, ps, depth)) /* logon server unicode string header */
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index c3d48a6527..8070cdd984 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -666,6 +666,8 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
 		pstring my_name;
 		fstring user_sid_string;
 		fstring group_sid_string;
+		uchar user_sess_key[16];
+		uchar netlogon_sess_key[16];
 		
 		sampw = server_info->sam_account;
 
@@ -697,6 +699,12 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
 			return status;
 		}
 
+		ZERO_STRUCT(netlogon_sess_key);
+		memcpy(netlogon_sess_key, p->dc.sess_key, 8);
+		memcpy(user_sess_key, server_info->session_key, sizeof(user_sess_key));
+		SamOEMhash(user_sess_key, netlogon_sess_key, 16);
+		ZERO_STRUCT(netlogon_sess_key);
+
 		init_net_user_info3(p->mem_ctx, usr_info, 
 				    user_rid,
 				    group_rid,
@@ -719,13 +727,14 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
 				    num_gids,    /* uint32 num_groups */
 				    gids    , /* DOM_GID *gids */
 				    0x20    , /* uint32 user_flgs (?) */
-				    NULL, /* uchar sess_key[16] */
+				    user_sess_key,
 				    my_name     , /* char *logon_srv */
 				    pdb_get_domain(sampw),
 				    &domain_sid,     /* DOM_SID *dom_sid */  
 				    /* Should be users domain sid, not servers - for trusted domains */
 				  
 				    NULL); /* char *other_sids */
+		ZERO_STRUCT(user_sess_key);
 	}
 	free_server_info(&server_info);
 	return status;
-- 
cgit