1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00

s3:rpc_client: the transport_session_key is per connection!

It's not per auth_context_id, currently there's no difference
but that will change in future...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Stefan Metzmacher 2024-09-14 15:59:29 +02:00 committed by Ralph Boehme
parent 3a3338bd18
commit 1a311df3d6
3 changed files with 6 additions and 15 deletions
source3
librpc/rpc
rpc_client

View File

@ -44,9 +44,6 @@ struct pipe_auth_data {
bool verified_bitmask1;
struct gensec_security *auth_ctx;
/* Only the client code uses this for now */
DATA_BLOB transport_session_key;
};
/* The following definitions come from librpc/rpc/dcerpc_helpers.c */

View File

@ -2168,24 +2168,17 @@ static NTSTATUS rpccli_bh_transport_session_key(struct dcerpc_binding_handle *h,
{
struct rpccli_bh_state *hs = dcerpc_binding_handle_data(h,
struct rpccli_bh_state);
struct pipe_auth_data *auth = NULL;
DATA_BLOB sk = { .length = 0, };
if (hs->rpc_cli == NULL) {
return NT_STATUS_NO_USER_SESSION_KEY;
}
if (hs->rpc_cli->auth == NULL) {
if (hs->rpc_cli->transport_session_key.length == 0) {
return NT_STATUS_NO_USER_SESSION_KEY;
}
auth = hs->rpc_cli->auth;
if (auth->transport_session_key.length == 0) {
return NT_STATUS_NO_USER_SESSION_KEY;
}
sk = auth->transport_session_key;
sk = hs->rpc_cli->transport_session_key;
sk.length = MIN(sk.length, 16);
*session_key = data_blob_dup_talloc(mem_ctx, sk);
@ -3479,10 +3472,10 @@ NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli,
session = cli->smb1.session;
}
status = smbXcli_session_application_key(session, auth,
&auth->transport_session_key);
status = smbXcli_session_application_key(session, result,
&result->transport_session_key);
if (!NT_STATUS_IS_OK(status)) {
auth->transport_session_key = data_blob_null;
result->transport_session_key = data_blob_null;
}
}

View File

@ -34,6 +34,7 @@ struct dcerpc_binding_handle;
struct rpc_pipe_client {
struct rpc_pipe_client *prev, *next;
DATA_BLOB transport_session_key;
struct rpc_cli_transport *transport;
struct dcerpc_binding_handle *binding_handle;