s3:auth Add comment to clarify usage of session keys.

Explain why we have what looks like a duplicate of session keys.
It is in fact not a duplicate.

diff --git a/source3/include/auth.h b/source3/include/auth.h
index ba8b23b645621f4ad9689c89e597ebc6683dc099..fbd73ae48d6d0d4b2cb478c9785ea507f098ace8 100644 (file)
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -53,6 +53,16 @@ struct auth_serversupplied_info {
 
        NT_USER_TOKEN *ptok;
 
+       /* This is the final session key, as used by SMB signing, and
+        * (truncated to 16 bytes) encryption on the SAMR and LSA pipes
+        * when over ncacn_np.
+        * It is calculated by NTLMSSP from the session key in the info3,
+        * and is  set from the Kerberos session key using
+        * krb5_auth_con_getremotesubkey().
+        *
+        * Bootom line, it is not the same as the session keys in info3.
+        */
+
        DATA_BLOB user_session_key;
        DATA_BLOB lm_session_key;