From dce84ffd379012812170f68f7de8aab73123f0b3 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sun, 9 May 2004 12:42:18 +0000
Subject: r610:  - Merge the Samba3 'ntlm_auth --diagnostics' testsuite to
 Samba4.   - This required using NETLOGON_NEG_AUTH2_FLAGS for the    
 SetupCredentials2 negotiation flags, which is what Samba3 does,     because
 otherwise the server uses different crypto.   - This tests the returned
 session keys, which we decrypt.

 - Update the Samba4 notion of a 'session key' to be a DATA_BLOB in
   most places.

 - Fix session key code to return NT_STATUS_NO_SESSION_KEY if none is
   available.

 - Remove a useless argument to SMBsesskeygen_ntv1

 - move netr_CredentialState from the .idl to the new credentials.h

Andrew Bartlett
(This used to be commit 44f8b5b53e6abd4de8a676f78d729988fadff320)
---
 source4/libcli/raw/clisession.c | 29 +++++++++++++++++++++--------
 1 file changed, 21 insertions(+), 8 deletions(-)

(limited to 'source4/libcli/raw/clisession.c')

diff --git a/source4/libcli/raw/clisession.c b/source4/libcli/raw/clisession.c
index 1c0af77d11..fe64565597 100644
--- a/source4/libcli/raw/clisession.c
+++ b/source4/libcli/raw/clisession.c
@@ -234,22 +234,34 @@ static DATA_BLOB nt_blob(const char *pass, DATA_BLOB challenge)
 	return blob;
 }
 
+/*
+  store the user session key for a transport
+*/
+void cli_session_set_user_session_key(struct cli_session *session,
+				   const DATA_BLOB *session_key)
+{
+	session->user_session_key = data_blob_talloc(session->mem_ctx, 
+						     session_key->data, 
+						     session_key->length);
+}
+
 /*
   setup signing for a NT1 style session setup
 */
-static void setup_nt1_signing(struct cli_transport *transport, const char *password)
+static void use_nt1_session_keys(struct cli_session *session, 
+				 const char *password, const DATA_BLOB  *nt_response)
 {
+	struct cli_transport *transport = session->transport; 
 	uchar nt_hash[16];
-	uchar session_key[16];
-	DATA_BLOB nt_response;
+	DATA_BLOB session_key = data_blob(NULL, 16);
 
 	E_md4hash(password, nt_hash);
-	SMBsesskeygen_ntv1(nt_hash, NULL, session_key);
-	nt_response = nt_blob(password, transport->negotiate.secblob);
+	SMBsesskeygen_ntv1(nt_hash, session_key.data);
 
-	cli_transport_set_session_key(transport, session_key);
+	cli_transport_simple_set_signing(transport, session_key, *nt_response);
 
-	cli_transport_simple_set_signing(transport, session_key, nt_response);
+	cli_session_set_user_session_key(session, &session_key);
+	data_blob_free(&session_key);
 }
 
 /****************************************************************************
@@ -332,7 +344,8 @@ static NTSTATUS smb_raw_session_setup_generic_nt1(struct cli_session *session,
 						  session->transport->negotiate.secblob);
 		s2.nt1.in.password2 = nt_blob(parms->generic.in.password, 
 					      session->transport->negotiate.secblob);
-		setup_nt1_signing(session->transport, parms->generic.in.password);
+		use_nt1_session_keys(session, parms->generic.in.password, &s2.nt1.in.password2);
+
 	} else {
 		s2.nt1.in.password1 = data_blob(parms->generic.in.password, 
 						strlen(parms->generic.in.password));
-- 
cgit