From f888c82fe08f7bf624aad53c20aaa634662b36dd Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Thu, 27 May 2010 20:40:22 -0400 Subject: s3:auth Add comment to clarify usage of session keys. Explain why we have what looks like a duplicate of session keys. It is in fact not a duplicate. --- source3/include/auth.h | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'source3/include/auth.h') diff --git a/source3/include/auth.h b/source3/include/auth.h index ba8b23b645..fbd73ae48d 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -53,6 +53,16 @@ struct auth_serversupplied_info { NT_USER_TOKEN *ptok; + /* This is the final session key, as used by SMB signing, and + * (truncated to 16 bytes) encryption on the SAMR and LSA pipes + * when over ncacn_np. + * It is calculated by NTLMSSP from the session key in the info3, + * and is set from the Kerberos session key using + * krb5_auth_con_getremotesubkey(). + * + * Bootom line, it is not the same as the session keys in info3. + */ + DATA_BLOB user_session_key; DATA_BLOB lm_session_key; -- cgit