sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code

r8001: Also fill in the krbtgt checksum, and make sure to put the right

Browse Source 
checksum in the right place...

Andrew Bartlett
(This used to be commit 90d0f502da)
This commit is contained in:
Andrew Bartlett 2005-06-30 01:04:51 +00:00 committed by Gerald (Jerry) Carter
parent 0a8d694e80
commit ddffc922df
4 changed files with 30 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
source4/auth/kerberos/kerberos.h
View File

@ -132,10 +132,12 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
DATA_BLOB blob, DATA_BLOB blob,
struct smb_krb5_context *smb_krb5_context, struct smb_krb5_context *smb_krb5_context,
krb5_keyblock *keyblock); krb5_keyblock *keyblock);
krb5_error_code kerberos_encode_pac(TALLOC_CTX *mem_ctx, krb5_error_code kerberos_encode_pac(TALLOC_CTX *mem_ctx,
struct auth_serversupplied_info *server_info, struct auth_serversupplied_info *server_info,
krb5_context context, krb5_context context,
krb5_keyblock *keyblock, krb5_keyblock *krbtgt_keyblock,
krb5_keyblock *server_keyblock,
krb5_data *pac); krb5_data *pac);
#endif /* HAVE_KRB5 */ #endif /* HAVE_KRB5 */

26
source4/auth/kerberos/kerberos_pac.c
View File

@ -222,11 +222,13 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx,
krb5_error_code kerberos_encode_pac(TALLOC_CTX *mem_ctx, krb5_error_code kerberos_encode_pac(TALLOC_CTX *mem_ctx,
struct auth_serversupplied_info *server_info, struct auth_serversupplied_info *server_info,
krb5_context context, krb5_context context,
krb5_keyblock *keyblock, krb5_keyblock *krbtgt_keyblock,
krb5_keyblock *server_keyblock,
krb5_data *pac) krb5_data *pac)
{ {
NTSTATUS nt_status; NTSTATUS nt_status;
DATA_BLOB tmp_blob = data_blob(NULL, 0); DATA_BLOB tmp_blob = data_blob(NULL, 0);
DATA_BLOB server_checksum_blob;
krb5_error_code ret; krb5_error_code ret;
struct PAC_DATA *pac_data = talloc(mem_ctx, struct PAC_DATA); struct PAC_DATA *pac_data = talloc(mem_ctx, struct PAC_DATA);
struct netr_SamBaseInfo *sam; struct netr_SamBaseInfo *sam;
@ -279,7 +281,10 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx,
/* First, just get the keytypes filled in (and lengths right, eventually) */ /* First, just get the keytypes filled in (and lengths right, eventually) */
ret = make_pac_checksum(mem_ctx, tmp_blob, &pac_data->buffers[2].info->srv_cksum, ret = make_pac_checksum(mem_ctx, tmp_blob, &pac_data->buffers[2].info->srv_cksum,
context, keyblock); context, krbtgt_keyblock);
ret = make_pac_checksum(mem_ctx, tmp_blob, &pac_data->buffers[3].info->srv_cksum,
context, server_keyblock);
if (ret) { if (ret) {
DEBUG(2, ("making PAC checksum failed: %s\n", DEBUG(2, ("making PAC checksum failed: %s\n",
smb_get_krb5_error_message(context, ret, mem_ctx))); smb_get_krb5_error_message(context, ret, mem_ctx)));
@ -303,9 +308,22 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx,
/* Then sign the result of the previous push, where the sig was zero'ed out */ /* Then sign the result of the previous push, where the sig was zero'ed out */
ret = make_pac_checksum(mem_ctx, tmp_blob, &pac_data->buffers[3].info->srv_cksum, ret = make_pac_checksum(mem_ctx, tmp_blob, &pac_data->buffers[3].info->srv_cksum,
context, keyblock); context, server_keyblock);
/* And push it out to the world. This relies on determanistic pointer values */ /* Push the Server checksum out */
nt_status = ndr_push_struct_blob(&server_checksum_blob, mem_ctx, &pac_data->buffers[3].info->srv_cksum,
(ndr_push_flags_fn_t)ndr_push_PAC_SIGNATURE_DATA);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("PAC push failed: %s\n", nt_errstr(nt_status)));
talloc_free(pac_data);
return EINVAL;
}
/* Then sign the result of the previous push, where the sig was zero'ed out */
ret = make_pac_checksum(mem_ctx, server_checksum_blob, &pac_data->buffers[2].info->kdc_cksum,
context, krbtgt_keyblock);
/* And push it out again, this time to the world. This relies on determanistic pointer values */
nt_status = ndr_push_struct_blob(&tmp_blob, mem_ctx, pac_data, nt_status = ndr_push_struct_blob(&tmp_blob, mem_ctx, pac_data,
(ndr_push_flags_fn_t)ndr_push_PAC_DATA); (ndr_push_flags_fn_t)ndr_push_PAC_DATA);
if (!NT_STATUS_IS_OK(nt_status)) { if (!NT_STATUS_IS_OK(nt_status)) {

7
source4/kdc/pac-glue.c
View File

@ -27,7 +27,8 @@
krb5_error_code samba_get_pac(krb5_context context, krb5_error_code samba_get_pac(krb5_context context,
struct krb5_kdc_configuration *config, struct krb5_kdc_configuration *config,
krb5_principal client, krb5_principal client,
krb5_keyblock *keyblock, krb5_keyblock *krbtgt_keyblock,
krb5_keyblock *server_keyblock,
krb5_data *pac) krb5_data *pac)
{ {
krb5_error_code ret; krb5_error_code ret;
@ -64,13 +65,13 @@
if (!NT_STATUS_IS_OK(nt_status)) { if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Getting user info for PAC failed: %s\n", DEBUG(0, ("Getting user info for PAC failed: %s\n",
nt_errstr(nt_status))); nt_errstr(nt_status)));
talloc_free(mem_ctx);
return EINVAL; return EINVAL;
} }
ret = kerberos_encode_pac(mem_ctx, server_info, ret = kerberos_encode_pac(mem_ctx, server_info,
context, context,
keyblock, krbtgt_keyblock,
server_keyblock,
pac); pac);
talloc_free(mem_ctx); talloc_free(mem_ctx);

2
source4/librpc/idl/krb5pac.idl
View File

@ -19,7 +19,7 @@ interface krb5pac
[value(0)] uint32 _pad; [value(0)] uint32 _pad;
} PAC_LOGON_NAME; } PAC_LOGON_NAME;
typedef [flag(NDR_PAHEX)] struct { typedef [public,flag(NDR_PAHEX)] struct {
uint32 type; uint32 type;
uint8 signature[16]; uint8 signature[16];
[value(0)] uint32 _pad; [value(0)] uint32 _pad;