return NT_STATUS_OK;
}
+static NTSTATUS dcesrv_session_info_session_key(struct dcesrv_auth *auth,
+ DATA_BLOB *session_key)
+{
+ if (auth->session_info == NULL) {
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+
+ if (auth->session_info->session_key.length == 0) {
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+
+ *session_key = auth->session_info->session_key;
+ return NT_STATUS_OK;
+}
+
NTSTATUS dcesrv_inherited_session_key(struct dcesrv_connection *p,
DATA_BLOB *session_key)
{
- if (p->auth_state.session_info->session_key.length) {
- *session_key = p->auth_state.session_info->session_key;
- return NT_STATUS_OK;
- }
- return NT_STATUS_NO_USER_SESSION_KEY;
+ struct dcesrv_auth *auth = &p->auth_state;
+
+ return dcesrv_session_info_session_key(auth, session_key);
+}
+
+/*
+ * Fetch the authentication session key if available.
+ *
+ * This is the key generated by a gensec authentication.
+ *
+ */
+_PUBLIC_ NTSTATUS dcesrv_auth_session_key(struct dcesrv_call_state *call,
+ DATA_BLOB *session_key)
+{
+ struct dcesrv_auth *auth = &call->conn->auth_state;
+
+ return dcesrv_session_info_session_key(auth, session_key);
}
/*
_PUBLIC_ NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p,
DATA_BLOB *session_key)
{
- NTSTATUS status = p->auth_state.session_key(p, session_key);
+ struct dcesrv_auth *auth = &p->auth_state;
+ NTSTATUS status;
+
+ if (auth->session_key == NULL) {
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+
+ status = auth->session_key(p, session_key);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
return NT_STATUS_OK;
}
+/*
+ * Fetch the transport session key if available.
+ * Typically this is the SMB session key
+ * or a fixed key for local transports.
+ *
+ * The key is always truncated to 16 bytes.
+*/
+_PUBLIC_ NTSTATUS dcesrv_transport_session_key(struct dcesrv_call_state *call,
+ DATA_BLOB *session_key)
+{
+ return dcesrv_fetch_session_key(call->conn, session_key);
+}
+
/*
connect to a dcerpc endpoint
*/
{
return dce_call->context->conn->auth_state.session_info->info->account_name;
}
+
+/**
+ * retrieve session_info from a dce_call
+ */
+_PUBLIC_ struct auth_session_info *dcesrv_call_session_info(struct dcesrv_call_state *dce_call)
+{
+ return dce_call->context->conn->auth_state.session_info;
+}