summaryrefslogtreecommitdiffstats
path: root/source3/rpc_server/samr
diff options
context:
space:
mode:
authorAlexander Bokovoy <ab@samba.org>2012-03-02 16:18:16 +0200
committerAndreas Schneider <asn@cryptomilk.org>2012-03-13 12:23:44 +0100
commit7d4ed899831a853ec2eef8dcd82d74fdbf568f0e (patch)
tree4ff03d559933f3b11ae4c96a3ad357ff4abcda89 /source3/rpc_server/samr
parente25f830f1df323607999179e00a5a39197bf02ea (diff)
downloadsamba-7d4ed899831a853ec2eef8dcd82d74fdbf568f0e.tar.gz
samba-7d4ed899831a853ec2eef8dcd82d74fdbf568f0e.tar.xz
samba-7d4ed899831a853ec2eef8dcd82d74fdbf568f0e.zip
s3-rpc: Decrypt with the proper session key in CreateTrustedDomainEx2.
On LSA and SAMR pipes session_key is truncated to 16 byte when doing encryption/decryption. However, this was not done for trusted domain-related modifying operations. As result, Samba 4 client libraries do not work against Samba 3 while working against Windows 2008 r2. Solved this by introducing "session_extract_session_key()" function that allows to specify intent of use of the key. Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Tue Mar 13 12:23:44 CET 2012 on sn-devel-104
Diffstat (limited to 'source3/rpc_server/samr')
-rw-r--r--source3/rpc_server/samr/srv_samr_nt.c37
1 files changed, 19 insertions, 18 deletions
diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c
index ebe6e451d4..77888ea1e8 100644
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -5036,6 +5036,7 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
uint32_t fields = 0;
bool ret;
char *rhost;
+ DATA_BLOB session_key;
DEBUG(5,("_samr_SetUserInfo: %d\n", __LINE__));
@@ -5193,10 +5194,14 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
break;
case 18:
+ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
+ if(!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
/* Used by AS/U JRA. */
status = set_user_info_18(&info->info18,
p->mem_ctx,
- &p->session_info->session_key,
+ &session_key,
pwd);
break;
@@ -5206,18 +5211,20 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
break;
case 21:
+ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
+ if(!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
status = set_user_info_21(&info->info21,
p->mem_ctx,
- &p->session_info->session_key,
+ &session_key,
pwd);
break;
case 23:
- if (!p->session_info->session_key.length) {
- status = NT_STATUS_NO_USER_SESSION_KEY;
- }
+ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
arcfour_crypt_blob(info->info23.password.data, 516,
- &p->session_info->session_key);
+ &session_key);
dump_data(100, info->info23.password.data, 516);
@@ -5228,12 +5235,10 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
break;
case 24:
- if (!p->session_info->session_key.length) {
- status = NT_STATUS_NO_USER_SESSION_KEY;
- }
+ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
arcfour_crypt_blob(info->info24.password.data,
516,
- &p->session_info->session_key);
+ &session_key);
dump_data(100, info->info24.password.data, 516);
@@ -5243,12 +5248,10 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
break;
case 25:
- if (!p->session_info->session_key.length) {
- status = NT_STATUS_NO_USER_SESSION_KEY;
- }
+ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
encode_or_decode_arc4_passwd_buffer(
info->info25.password.data,
- &p->session_info->session_key);
+ &session_key);
dump_data(100, info->info25.password.data, 532);
@@ -5258,12 +5261,10 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
break;
case 26:
- if (!p->session_info->session_key.length) {
- status = NT_STATUS_NO_USER_SESSION_KEY;
- }
+ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
encode_or_decode_arc4_passwd_buffer(
info->info26.password.data,
- &p->session_info->session_key);
+ &session_key);
dump_data(100, info->info26.password.data, 516);