From: Stefan Metzmacher <metze@samba.org>
Date: Sat, 14 Sep 2024 07:55:20 +0000 (+0200)
Subject: s3:rpc_client: add rpccli_bh_transport_session_key()
X-Git-Tag: samba-4.21.7~77
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=30134801b6d546e9c9af127504028e3c1602e035;p=thirdparty%2Fsamba.git

s3:rpc_client: add rpccli_bh_transport_session_key()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 5bb35cc7cca101390e58256e9b38e31113211e4f)
---

diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index cf551f6f548..5f7cc33e20c 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -2162,6 +2162,40 @@ static uint32_t rpccli_bh_set_timeout(struct dcerpc_binding_handle *h,
 	return old;
 }
 
+static NTSTATUS rpccli_bh_transport_session_key(struct dcerpc_binding_handle *h,
+						TALLOC_CTX *mem_ctx,
+						DATA_BLOB *session_key)
+{
+	struct rpccli_bh_state *hs = dcerpc_binding_handle_data(h,
+				     struct rpccli_bh_state);
+	struct pipe_auth_data *auth = NULL;
+	DATA_BLOB sk = { .length = 0, };
+
+	if (hs->rpc_cli == NULL) {
+		return NT_STATUS_NO_USER_SESSION_KEY;
+	}
+
+	if (hs->rpc_cli->auth == NULL) {
+		return NT_STATUS_NO_USER_SESSION_KEY;
+	}
+
+	auth = hs->rpc_cli->auth;
+
+	if (auth->transport_session_key.length == 0) {
+		return NT_STATUS_NO_USER_SESSION_KEY;
+	}
+
+	sk = auth->transport_session_key;
+	sk.length = MIN(sk.length, 16);
+
+	*session_key = data_blob_dup_talloc(mem_ctx, sk);
+	if (session_key->length != sk.length) {
+		return NT_STATUS_NO_MEMORY;
+	}
+	talloc_keep_secret(session_key->data);
+	return NT_STATUS_OK;
+}
+
 static void rpccli_bh_auth_info(struct dcerpc_binding_handle *h,
 				enum dcerpc_AuthType *auth_type,
 				enum dcerpc_AuthLevel *auth_level)
@@ -2352,6 +2386,7 @@ static const struct dcerpc_binding_handle_ops rpccli_bh_ops = {
 	.name			= "rpccli",
 	.is_connected		= rpccli_bh_is_connected,
 	.set_timeout		= rpccli_bh_set_timeout,
+	.transport_session_key	= rpccli_bh_transport_session_key,
 	.auth_info		= rpccli_bh_auth_info,
 	.raw_call_send		= rpccli_bh_raw_call_send,
 	.raw_call_recv		= rpccli_bh_raw_call_recv,