s3:librpc: Rename the data blobs for keys in smbXsrv.idl

The original names will be used with a new structure to cache mac and
cipher handles for gnutls later.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl
index 935c4084252311534f5b9b23f0d18c7d09884fa2..a261dc72981f6f722de19ffe70e77d53d0b546e0 100644 (file)
--- a/source3/librpc/idl/smbXsrv.idl
+++ b/source3/librpc/idl/smbXsrv.idl
@@ -203,7 +203,7 @@ interface smbXsrv
                [charset(UTF8),string] char             local_address[];
                [charset(UTF8),string] char             remote_address[];
                [charset(UTF8),string] char             remote_name[];
-               [noprint] DATA_BLOB                     signing_key;
+               [noprint] DATA_BLOB                     signing_key_blob;
                uint32                                  auth_session_info_seqnum;
                [ignore] smbXsrv_connection             *connection;
                uint16                                  encryption_cipher;
@@ -225,9 +225,9 @@ interface smbXsrv
                uint16                                  connection_dialect;
                smbXsrv_signing_flags                   signing_flags;
                smbXsrv_encrpytion_flags                encryption_flags;
-               [noprint] DATA_BLOB                     signing_key;
-               [noprint] DATA_BLOB                     encryption_key;
-               [noprint] DATA_BLOB                     decryption_key;
+               [noprint] DATA_BLOB                     signing_key_blob;
+               [noprint] DATA_BLOB                     encryption_key_blob;
+               [noprint] DATA_BLOB                     decryption_key_blob;
                [noprint] DATA_BLOB                     application_key;
                [range(1, 1024)] uint32                 num_channels;
                smbXsrv_channel_global0                 channels[num_channels];

diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 405bd6ce00462768f3feddcb4fd7eb6a3008fdef..86be7313524b330afd365b8ddc565fc234f93f6a 100644 (file)
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -1013,7 +1013,7 @@ void reply_tcon_and_X(struct smb_request *req)
         * change any more.
         */
        if (session->global->application_key.length == 0 &&
-           session->global->signing_key.length > 0)
+           session->global->signing_key_blob.length > 0)
        {
                struct smbXsrv_session *x = session;
                struct auth_session_info *session_info =
@@ -1021,8 +1021,8 @@ void reply_tcon_and_X(struct smb_request *req)
                uint8_t session_key[16];
 
                ZERO_STRUCT(session_key);
-               memcpy(session_key, x->global->signing_key.data,
-                      MIN(x->global->signing_key.length, sizeof(session_key)));
+               memcpy(session_key, x->global->signing_key_blob.data,
+                      MIN(x->global->signing_key_blob.length, sizeof(session_key)));
 
                /*
                 * The application key is truncated/padded to 16 bytes

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 906378a841c46092a8fa41b2a457108d4a557943..e66e5d31bbc675d2989ebba7dba21f3e8abc7f4d 100644 (file)
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -273,10 +273,10 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
                        /*
                         * Note: the SMB1 signing key is not truncated to 16 byte!
                         */
-                       x->global->signing_key =
+                       x->global->signing_key_blob =
                                data_blob_dup_talloc(x->global,
                                                     session_info->session_key);
-                       if (x->global->signing_key.data == NULL) {
+                       if (x->global->signing_key_blob.data == NULL) {
                                data_blob_free(&out_blob);
                                TALLOC_FREE(session);
                                reply_nterror(req, NT_STATUS_NO_MEMORY);
@@ -313,14 +313,14 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req)
 
                if (srv_is_signing_negotiated(xconn) &&
                    is_authenticated &&
-                   session->global->signing_key.length > 0)
+                   session->global->signing_key_blob.length > 0)
                {
                        /*
                         * Try and turn on server signing on the first non-guest
                         * sessionsetup.
                         */
                        srv_set_signing(xconn,
-                               session->global->signing_key,
+                               session->global->signing_key_blob,
                                data_blob_null);
                }
 
@@ -997,10 +997,10 @@ void reply_sesssetup_and_X(struct smb_request *req)
                /*
                 * Note: the SMB1 signing key is not truncated to 16 byte!
                 */
-               session->global->signing_key =
+               session->global->signing_key_blob =
                        data_blob_dup_talloc(session->global,
                                             session_info->session_key);
-               if (session->global->signing_key.data == NULL) {
+               if (session->global->signing_key_blob.data == NULL) {
                        TALLOC_FREE(session);
                        reply_nterror(req, NT_STATUS_NO_MEMORY);
                        END_PROFILE(SMBsesssetupX);
@@ -1011,8 +1011,8 @@ void reply_sesssetup_and_X(struct smb_request *req)
                 * The application key is truncated/padded to 16 bytes
                 */
                ZERO_STRUCT(session_key);
-               memcpy(session_key, session->global->signing_key.data,
-                      MIN(session->global->signing_key.length,
+               memcpy(session_key, session->global->signing_key_blob.data,
+                      MIN(session->global->signing_key_blob.length,
                           sizeof(session_key)));
                session->global->application_key =
                        data_blob_talloc(session->global,
@@ -1063,14 +1063,14 @@ void reply_sesssetup_and_X(struct smb_request *req)
 
        if (srv_is_signing_negotiated(xconn) &&
            is_authenticated &&
-           session->global->signing_key.length > 0)
+           session->global->signing_key_blob.length > 0)
        {
                /*
                 * Try and turn on server signing on the first non-guest
                 * sessionsetup.
                 */
                srv_set_signing(xconn,
-                       session->global->signing_key,
+                       session->global->signing_key_blob,
                        state->nt_resp.data ? state->nt_resp : state->lm_resp);
        }
 

diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 956c5f0ca09400e8caf26b2c325f2cde678a7666..7e225fa2b6741e0c162a4ee15107871b02acab2a 100644 (file)
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -428,7 +428,7 @@ static NTSTATUS smbd_smb2_inbuf_parse_compound(struct smbXsrv_connection *xconn,
                        tf_iov[1].iov_base = (void *)hdr;
                        tf_iov[1].iov_len = enc_len;
 
-                       status = smb2_signing_decrypt_pdu(s->global->decryption_key,
+                       status = smb2_signing_decrypt_pdu(s->global->decryption_key_blob,
                                                          xconn->smb2.server.cipher,
                                                          tf_iov, 2);
                        if (!NT_STATUS_IS_OK(status)) {
@@ -1517,11 +1517,11 @@ static DATA_BLOB smbd_smb2_signing_key(struct smbXsrv_session *session,
 
        status = smbXsrv_session_find_channel(session, xconn, &c);
        if (NT_STATUS_IS_OK(status)) {
-               key = c->signing_key;
+               key = c->signing_key_blob;
        }
 
        if (key.length == 0) {
-               key = session->global->signing_key;
+               key = session->global->signing_key_blob;
        }
 
        return key;
@@ -1716,7 +1716,7 @@ static void smbd_smb2_request_pending_timer(struct tevent_context *ev,
 
        if (req->do_encryption) {
                struct smbXsrv_session *x = req->session;
-               DATA_BLOB encryption_key = x->global->encryption_key;
+               DATA_BLOB encryption_key = x->global->encryption_key_blob;
 
                status = smb2_signing_encrypt_pdu(encryption_key,
                                        xconn->smb2.server.cipher,
@@ -2830,9 +2830,9 @@ static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req)
            (firsttf->iov_len == 0) &&
            (req->first_key.length == 0) &&
            (req->session != NULL) &&
-           (req->session->global->encryption_key.length != 0))
+           (req->session->global->encryption_key_blob.length != 0))
        {
-               DATA_BLOB encryption_key = req->session->global->encryption_key;
+               DATA_BLOB encryption_key = req->session->global->encryption_key_blob;
                uint8_t *tf;
                uint64_t session_id = req->session->global->session_wire_id;
                uint64_t nonce_high;
@@ -3359,7 +3359,7 @@ static NTSTATUS smbd_smb2_send_break(struct smbXsrv_connection *xconn,
        }
 
        if (do_encryption) {
-               DATA_BLOB encryption_key = session->global->encryption_key;
+               DATA_BLOB encryption_key = session->global->encryption_key_blob;
 
                status = smb2_signing_encrypt_pdu(encryption_key,
                                        xconn->smb2.server.cipher,

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 9591a8823dd3f6d36e14fb8fec60132b803c891f..9e5e8c5932241c5670d16648b41bbb74d15e4619 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -323,10 +323,10 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
        memcpy(session_key, session_info->session_key.data,
               MIN(session_info->session_key.length, sizeof(session_key)));
 
-       x->global->signing_key = data_blob_talloc(x->global,
+       x->global->signing_key_blob = data_blob_talloc(x->global,
                                                  session_key,
                                                  sizeof(session_key));
-       if (x->global->signing_key.data == NULL) {
+       if (x->global->signing_key_blob.data == NULL) {
                ZERO_STRUCT(session_key);
                return NT_STATUS_NO_MEMORY;
        }
@@ -337,16 +337,16 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                smb2_key_derivation(session_key, sizeof(session_key),
                                    d->label.data, d->label.length,
                                    d->context.data, d->context.length,
-                                   x->global->signing_key.data);
+                                   x->global->signing_key_blob.data);
        }
 
        if (xconn->protocol >= PROTOCOL_SMB2_24) {
                struct _derivation *d = &derivation.decryption;
 
-               x->global->decryption_key = data_blob_talloc(x->global,
+               x->global->decryption_key_blob = data_blob_talloc(x->global,
                                                             session_key,
                                                             sizeof(session_key));
-               if (x->global->decryption_key.data == NULL) {
+               if (x->global->decryption_key_blob.data == NULL) {
                        ZERO_STRUCT(session_key);
                        return NT_STATUS_NO_MEMORY;
                }
@@ -354,17 +354,17 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                smb2_key_derivation(session_key, sizeof(session_key),
                                    d->label.data, d->label.length,
                                    d->context.data, d->context.length,
-                                   x->global->decryption_key.data);
+                                   x->global->decryption_key_blob.data);
        }
 
        if (xconn->protocol >= PROTOCOL_SMB2_24) {
                struct _derivation *d = &derivation.encryption;
                size_t nonce_size;
 
-               x->global->encryption_key = data_blob_talloc(x->global,
+               x->global->encryption_key_blob = data_blob_talloc(x->global,
                                                             session_key,
                                                             sizeof(session_key));
-               if (x->global->encryption_key.data == NULL) {
+               if (x->global->encryption_key_blob.data == NULL) {
                        ZERO_STRUCT(session_key);
                        return NT_STATUS_NO_MEMORY;
                }
@@ -372,7 +372,7 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                smb2_key_derivation(session_key, sizeof(session_key),
                                    d->label.data, d->label.length,
                                    d->context.data, d->context.length,
-                                   x->global->encryption_key.data);
+                                   x->global->encryption_key_blob.data);
 
                /*
                 * CCM and GCM algorithms must never have their
@@ -401,8 +401,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                x->nonce_low = 0;
        }
 
-       x->global->application_key = data_blob_dup_talloc(x->global,
-                                               x->global->signing_key);
+       x->global->application_key =
+               data_blob_dup_talloc(x->global, x->global->signing_key_blob);
        if (x->global->application_key.data == NULL) {
                ZERO_STRUCT(session_key);
                return NT_STATUS_NO_MEMORY;
@@ -425,8 +425,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                DEBUGADD(0, ("Session Key   "));
                dump_data(0, session_key, sizeof(session_key));
                DEBUGADD(0, ("Signing Key   "));
-               dump_data(0, x->global->signing_key.data,
-                         x->global->signing_key.length);
+               dump_data(0, x->global->signing_key_blob.data,
+                         x->global->signing_key_blob.length);
                DEBUGADD(0, ("App Key       "));
                dump_data(0, x->global->application_key.data,
                          x->global->application_key.length);
@@ -434,18 +434,19 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                /* In server code, ServerIn is the decryption key */
 
                DEBUGADD(0, ("ServerIn Key  "));
-               dump_data(0, x->global->decryption_key.data,
-                         x->global->decryption_key.length);
+               dump_data(0, x->global->decryption_key_blob.data,
+                         x->global->decryption_key_blob.length);
                DEBUGADD(0, ("ServerOut Key "));
-               dump_data(0, x->global->encryption_key.data,
-                         x->global->encryption_key.length);
+               dump_data(0, x->global->encryption_key_blob.data,
+                         x->global->encryption_key_blob.length);
        }
 
        ZERO_STRUCT(session_key);
 
-       x->global->channels[0].signing_key = data_blob_dup_talloc(x->global->channels,
-                                               x->global->signing_key);
-       if (x->global->channels[0].signing_key.data == NULL) {
+       x->global->channels[0].signing_key_blob =
+               data_blob_dup_talloc(x->global->channels,
+                                    x->global->signing_key_blob);
+       if (x->global->channels[0].signing_key_blob.data == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
 
@@ -672,10 +673,10 @@ static NTSTATUS smbd_smb2_bind_auth_return(struct smbXsrv_session *session,
        memcpy(session_key, session_info->session_key.data,
               MIN(session_info->session_key.length, sizeof(session_key)));
 
-       c->signing_key = data_blob_talloc(x->global,
+       c->signing_key_blob = data_blob_talloc(x->global,
                                          session_key,
                                          sizeof(session_key));
-       if (c->signing_key.data == NULL) {
+       if (c->signing_key_blob.data == NULL) {
                ZERO_STRUCT(session_key);
                return NT_STATUS_NO_MEMORY;
        }
@@ -686,7 +687,7 @@ static NTSTATUS smbd_smb2_bind_auth_return(struct smbXsrv_session *session,
                smb2_key_derivation(session_key, sizeof(session_key),
                                    d->label.data, d->label.length,
                                    d->context.data, d->context.length,
-                                   c->signing_key.data);
+                                   c->signing_key_blob.data);
        }
        ZERO_STRUCT(session_key);
 
@@ -784,7 +785,7 @@ static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
                                                      smb2req->xconn,
                                                      &c);
                if (NT_STATUS_IS_OK(status)) {
-                       if (c->signing_key.length == 0) {
+                       if (c->signing_key_blob.length == 0) {
                                goto auth;
                        }
                        tevent_req_nterror(req, NT_STATUS_REQUEST_NOT_ACCEPTED);