From 768515f4ad13785729fcd4df7cecaede39b7409a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 23 Jul 2008 16:19:54 +1000 Subject: The SMB session key must not be more than 16 bytes in SAMR (and presumably LSA). Tests show that Vista requires the sesion key to be truncated for a domain join. Andrew Bartlett (This used to be commit af629a3738298d27eb2dbecf466ceb503cec9638) --- source4/rpc_server/dcerpc_server.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'source4/rpc_server/dcerpc_server.c') diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index d8dafd61f6..fb487dfdcf 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -270,11 +270,20 @@ NTSTATUS dcesrv_generic_session_key(struct dcesrv_connection *p, /* fetch the user session key - may be default (above) or the SMB session key + + The key is always truncated to 16 bytes */ _PUBLIC_ NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p, DATA_BLOB *session_key) { - return p->auth_state.session_key(p, session_key); + NTSTATUS status = p->auth_state.session_key(p, session_key); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + session_key->length = MIN(session_key->length, 16); + + return NT_STATUS_OK; } -- cgit