git.samba.org / tprouty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 042eefe)
The SMB session key must not be more than 16 bytes in SAMR (and
authorAndrew Bartlett <abartlet@samba.org>
Wed, 23 Jul 2008 06:19:54 +0000 (16:19 +1000)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 23 Jul 2008 06:19:54 +0000 (16:19 +1000)
presumably LSA).

Tests show that Vista requires the sesion key to be truncated for a
domain join.

Andrew Bartlett
(This used to be commit af629a3738298d27eb2dbecf466ceb503cec9638)

source4/librpc/rpc/dcerpc_util.c patch | blob | history
source4/rpc_server/dcerpc_server.c patch | blob | history

diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c
index 71c6d5f2cc85d08e79ca65f972b47d1720d0876a..32646e85b0e62793789a682c27f81632acb0a42e 100644 (file)
--- a/source4/librpc/rpc/dcerpc_util.c
+++ b/source4/librpc/rpc/dcerpc_util.c
@@ -647,11 +647,21 @@ NTSTATUS dcerpc_generic_session_key(struct dcerpc_connection *c,
 
 /*
   fetch the user session key - may be default (above) or the SMB session key
+
+  The key is always truncated to 16 bytes 
 */
 _PUBLIC_ NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p,
-                                 DATA_BLOB *session_key)
+                                          DATA_BLOB *session_key)
 {
-       return p->conn->security_state.session_key(p->conn, session_key);
+       NTSTATUS status;
+       status = p->conn->security_state.session_key(p->conn, session_key);
+       if (!NT_STATUS_IS_OK(status)) {
+               return status;
+       }
+
+       session_key->length = MIN(session_key->length, 16);
+
+       return NT_STATUS_OK;
 }
 
 
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c
index d8dafd61f61f9d7aad80624cc17d5a004717e9af..fb487dfdcf8c626df4d67a2dbe638cde2d1232ba 100644 (file)
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -270,11 +270,20 @@ NTSTATUS dcesrv_generic_session_key(struct dcesrv_connection *p,
 
 /*
   fetch the user session key - may be default (above) or the SMB session key
+
+  The key is always truncated to 16 bytes 
 */
 _PUBLIC_ NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p,
                                  DATA_BLOB *session_key)
 {
-       return p->auth_state.session_key(p, session_key);
+       NTSTATUS status = p->auth_state.session_key(p, session_key);
+       if (!NT_STATUS_IS_OK(status)) {
+               return status;
+       }
+
+       session_key->length = MIN(session_key->length, 16);
+
+       return NT_STATUS_OK;
 }
 
 
My public samba repository