I can take this Sent from my Windows Phone ________________________________ From: Matthieu Patou Sent: 2/11/2012 5:40 PM To: Interoperability Documentation Help; [email protected]; [email protected] Subject: [cifs-protocol] encryption key for NetrLogonSamLogonEx
Hello Dochelp, A bug report concerning user's session key was reported in samba when using level 3 validation for NetrLogonSamLogonEx. I did a bit of investigation and witnessed the corruption if we use level 3 validation for NetrLogonSamLogonEx and if samba opens more than 1 schannel connection with one DC and is not using the session key of the latest connection for decrypting the user's session key (and other encrypted fields) in the Validation 3 response. I checked that samba is using the same key for encrypting and decrypting schannel and sensitive fields in the validation 3 response of the NetrLogonSamLogonEx call. MS-NRPC seems to indicate that the session key should be the same and I didn't find a trace in the documentation saying that only the latest session key exchanged during a NetrAuthenticateX and what seems even more puzzeling is that using the "old" session key for schannel encryption and decryption works. Can you explain us the problem ? I can do TTTrace as the problem is highly reproducible. Matthieu. -- Matthieu Patou Samba Team http://samba.org _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
