From bccac81d8792f85ae37d4a6617a92e2fae75aa50 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Mon, 14 Jun 2004 08:12:50 +0000
Subject: r1136: - added IDL for netr_LogonGetDomainInfo()

- added workstation to auth_session_info in rpc servers

- added session key fetch hook in crypto backends in dcesrv

- store and fetch seed as well as a session key in schannel ldb

- when a client uses schannel to setup a netlogon pipe connection we
  also need to setup the credentials from the schannel negotiation so
  credentials chaining works

- added server side netr_LogonGetDomainInfo() call
(This used to be commit a35459387de3b6a422c5af6f658338fc7e4314b0)
---
 source4/rpc_server/netlogon/schannel_state.c | 26 +++++++++++++++++++++-----
 1 file changed, 21 insertions(+), 5 deletions(-)

(limited to 'source4/rpc_server/netlogon/schannel_state.c')

diff --git a/source4/rpc_server/netlogon/schannel_state.c b/source4/rpc_server/netlogon/schannel_state.c
index eaa5013572..43134fd437 100644
--- a/source4/rpc_server/netlogon/schannel_state.c
+++ b/source4/rpc_server/netlogon/schannel_state.c
@@ -53,11 +53,12 @@ static struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx)
   use a simple ldb structure
 */
 NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
-				    const char *computer_name, struct creds_CredentialState *creds)
+				    const char *computer_name, 
+				    struct creds_CredentialState *creds)
 {
 	struct ldb_context *ldb;
 	struct ldb_message msg;
-	struct ldb_val val;
+	struct ldb_val val, seed;
 	char *s = NULL;
 	time_t expiry = time(NULL) + SCHANNEL_CREDENTIALS_EXPIRY;
 	int ret;
@@ -85,7 +86,11 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
 	val.data = creds->session_key;
 	val.length = sizeof(creds->session_key);
 
+	seed.data = creds->seed.data;
+	seed.length = sizeof(creds->seed.data);
+
 	ldb_msg_add_value(ldb, &msg, "sessionKey", &val);
+	ldb_msg_add_value(ldb, &msg, "seed", &seed);
 	ldb_msg_add_string(ldb, &msg, "expiry", s);
 
 	ldb_delete(ldb, msg.dn);
@@ -104,10 +109,11 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
 
 
 /*
-  read back a session key for a computer
+  read back a credentials back for a computer
 */
 NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
-				    const char *computer_name, uint8_t session_key[16])
+				    const char *computer_name, 
+				    struct creds_CredentialState *creds)
 {
 	struct ldb_context *ldb;
 	time_t expiry;
@@ -116,6 +122,8 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
 	const struct ldb_val *val;
 	char *expr=NULL;
 
+	ZERO_STRUCTP(creds);
+
 	ldb = schannel_db_connect(mem_ctx);
 	if (ldb == NULL) {
 		return NT_STATUS_NO_MEMORY;
@@ -146,7 +154,15 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_INVALID_HANDLE;
 	}
 
-	memcpy(session_key, val->data, 16);
+	memcpy(creds->session_key, val->data, 16);
+
+	val = ldb_msg_find_ldb_val(res[0], "seed");
+	if (val == NULL || val->length != 8) {
+		ldb_close(ldb);
+		return NT_STATUS_INVALID_HANDLE;
+	}
+
+	memcpy(creds->seed.data, val->data, 8);
 
 	ldb_close(ldb);
 
-- 
cgit