s4:librpc/rpc: add dcerpc_bh_transport_{encrypted,session_key}()

author Stefan Metzmacher <metze@samba.org>

Sat, 14 Sep 2024 07:55:20 +0000 (09:55 +0200)

committer Jule Anger <janger@samba.org>

Thu, 12 Jun 2025 11:27:14 +0000 (11:27 +0000)
author Stefan Metzmacher <metze@samba.org>
Sat, 14 Sep 2024 07:55:20 +0000 (09:55 +0200)
committer Jule Anger <janger@samba.org>
Thu, 12 Jun 2025 11:27:14 +0000 (11:27 +0000)
diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c

index 58f00b7f9d2c24335b9dea627d17b83812861944..015b71b2da7a5fe19d0acbc8de7eeafe0aebcaae 100644 (file)
--- a/source4/librpc/rpc/dcerpc.c
+++ b/source4/librpc/rpc/dcerpc.c
@@ -213,6 +213,61 @@ static uint32_t dcerpc_bh_set_timeout(struct dcerpc_binding_handle *h,
         return old;
  }
  
+static bool dcerpc_bh_transport_encrypted(struct dcerpc_binding_handle *h)
+{
+       struct dcerpc_bh_state *hs = dcerpc_binding_handle_data(h,
+                                    struct dcerpc_bh_state);
+
+       if (hs->p == NULL) {
+               return false;
+       }
+
+       if (hs->p->conn == NULL) {
+               return false;
+       }
+
+       return hs->p->conn->transport.encrypted;
+}
+
+static NTSTATUS dcerpc_bh_transport_session_key(struct dcerpc_binding_handle *h,
+                                               TALLOC_CTX *mem_ctx,
+                                               DATA_BLOB *session_key)
+{
+       struct dcerpc_bh_state *hs = dcerpc_binding_handle_data(h,
+                                    struct dcerpc_bh_state);
+       struct dcecli_security *sec = NULL;
+       DATA_BLOB sk = { .length = 0, };
+       NTSTATUS status;
+
+       if (hs->p == NULL) {
+               return NT_STATUS_NO_USER_SESSION_KEY;
+       }
+
+       if (hs->p->conn == NULL) {
+               return NT_STATUS_NO_USER_SESSION_KEY;
+       }
+
+       sec = &hs->p->conn->security_state;
+
+       if (sec->session_key == NULL) {
+               return NT_STATUS_NO_USER_SESSION_KEY;
+       }
+
+       status = sec->session_key(hs->p->conn, &sk);
+       if (!NT_STATUS_IS_OK(status)) {
+               return status;
+       }
+
+       sk.length = MIN(sk.length, 16);
+
+       *session_key = data_blob_dup_talloc(mem_ctx, sk);
+       if (session_key->length != sk.length) {
+               return NT_STATUS_NO_MEMORY;
+       }
+       talloc_keep_secret(session_key->data);
+       return NT_STATUS_OK;
+}
+
  static void dcerpc_bh_auth_info(struct dcerpc_binding_handle *h,
                                 enum dcerpc_AuthType *auth_type,
                                 enum dcerpc_AuthLevel *auth_level)
@@ -601,6 +656,8 @@ static const struct dcerpc_binding_handle_ops dcerpc_bh_ops = {
         .name                   = "dcerpc",
         .is_connected           = dcerpc_bh_is_connected,
         .set_timeout            = dcerpc_bh_set_timeout,
+       .transport_encrypted    = dcerpc_bh_transport_encrypted,
+       .transport_session_key  = dcerpc_bh_transport_session_key,
         .auth_info              = dcerpc_bh_auth_info,
         .raw_call_send          = dcerpc_bh_raw_call_send,
         .raw_call_recv          = dcerpc_bh_raw_call_recv,
author	Stefan Metzmacher <metze@samba.org>
	Sat, 14 Sep 2024 07:55:20 +0000 (09:55 +0200)
committer	Jule Anger <janger@samba.org>
	Thu, 12 Jun 2025 11:27:14 +0000 (11:27 +0000)