diff options
| author | Volker Lendecke <vl@samba.org> | 2010-01-24 16:41:30 +0100 |
|---|---|---|
| committer | Volker Lendecke <vl@samba.org> | 2010-01-24 20:32:16 +0100 |
| commit | 6ba9bf004f966a217e705b69fd8c713391941929 (patch) | |
| tree | 6544aef1f13eca13985c29dcb6f3d92f9ec36986 /source3/winbindd/winbindd_ccache_access.c | |
| parent | 7d18d058a1203ab7079f9dbdf37962803064d699 (diff) | |
| download | samba-6ba9bf004f966a217e705b69fd8c713391941929.tar.gz samba-6ba9bf004f966a217e705b69fd8c713391941929.tar.xz samba-6ba9bf004f966a217e705b69fd8c713391941929.zip | |
s3: Add the session key to the ccache_ntlm_auth response
Diffstat (limited to 'source3/winbindd/winbindd_ccache_access.c')
| -rw-r--r-- | source3/winbindd/winbindd_ccache_access.c | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/source3/winbindd/winbindd_ccache_access.c b/source3/winbindd/winbindd_ccache_access.c index b0efc6474bf..436e9076994 100644 --- a/source3/winbindd/winbindd_ccache_access.c +++ b/source3/winbindd/winbindd_ccache_access.c @@ -47,7 +47,8 @@ static NTSTATUS do_ntlm_auth_with_hashes(const char *username, const unsigned char nt_hash[NT_HASH_LEN], const DATA_BLOB initial_msg, const DATA_BLOB challenge_msg, - DATA_BLOB *auth_msg) + DATA_BLOB *auth_msg, + uint8_t session_key[16]) { NTSTATUS status; struct ntlmssp_state *ntlmssp_state = NULL; @@ -85,6 +86,8 @@ static NTSTATUS do_ntlm_auth_with_hashes(const char *username, goto done; } + ntlmssp_want_feature(ntlmssp_state, NTLMSSP_FEATURE_SESSION_KEY); + /* We need to get our protocol handler into the right state. So first we ask it to generate the initial message. Actually the client has already sent its own initial message, so we're going to drop this one on the floor. @@ -116,7 +119,16 @@ static NTSTATUS do_ntlm_auth_with_hashes(const char *username, data_blob_free(&reply); goto done; } + + if (ntlmssp_state->session_key.length != 16) { + DEBUG(1, ("invalid session key length %d\n", + (int)ntlmssp_state->session_key.length)); + data_blob_free(&reply); + goto done; + } + *auth_msg = data_blob(reply.data, reply.length); + memcpy(session_key, ntlmssp_state->session_key.data, 16); status = NT_STATUS_OK; done: @@ -257,9 +269,11 @@ enum winbindd_result winbindd_dual_ccache_ntlm_auth(struct winbindd_domain *doma state->request->extra_data.data + initial_blob_len, state->request->data.ccache_ntlm_auth.challenge_blob_len); - result = do_ntlm_auth_with_hashes(name_user, name_domain, - entry->lm_hash, entry->nt_hash, - initial, challenge, &auth); + result = do_ntlm_auth_with_hashes( + name_user, name_domain, entry->lm_hash, entry->nt_hash, + initial, challenge, &auth, + state->response->data.ccache_ntlm_auth.session_key); + if (!NT_STATUS_IS_OK(result)) { goto process_result; } |