smbd: now also use smbXcli_session_dump_keys() in the server

Adds support for dumping keys in format for Wireshark
~/.wireshark/smb2_seskey_list

Example:

  debug encryption: dumping generated session keys
  Session Id    [0000] 7D 00 00 E8 57 E0 31 01                             }...W.1.
  Session Key   [0000] 71 54 77 50 C1 DD 66 68   A8 51 D8 DE 23 F4 91 01   qTwP..fh .Q..#...
  Signing Key   [0000] B1 29 AC EF 41 30 AE D2   43 00 1F 67 87 29 BF DB   .)..A0.. C..g.)..
  App Key       [0000] 6A 88 5C 51 51 22 FF 5C   25 95 A2 5C E2 2C FC 5D   j.\QQ".\ %..\.,.]
  ServerIn Key  [0000] 20 08 EB A2 14 99 17 03   9C A5 9A BB B8 48 88 3C    ....... .....H.<
  ServerOut Key [0000] 15 AA C2 0D 19 AB 4C 26   64 E8 FC 94 B1 FE 27 5A   ......L& d.....'Z
  Wireshark configuration line
  7d0000e857e03101,71547750c1dd6668a851d8de23f49101,15aac20d19ab4c2664e8fc94b1fe275a,2008eba2149917039ca59abbb848883c

When setting

    debug encryption = yes
    debug encryption:wireshark keyfile = /home/slow/.wireshark/smb2_seskey_list

the keys are appended directly to Wireshark's keyfile. Wireshark has to be
restarted to pick them up.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 4be53c8a2d014df7d2ecafe779c7ea33c7485c88..de98979788c2b6aef7f9175bc31046ba91aece07 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -30,6 +30,7 @@
 #include "../libcli/security/security.h"
 #include "../lib/util/tevent_ntstatus.h"
 #include "source3/lib/substitute.h"
+#include "libcli/smb/smbXcli_base.h"
 
 #include "lib/crypto/gnutls_helpers.h"
 #include <gnutls/gnutls.h>
@@ -384,30 +385,20 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
        x->global->application_key_blob = x->global->application_key->blob;
 
        if (xconn->protocol >= PROTOCOL_SMB3_00 && lp_debug_encryption()) {
-               DEBUG(0, ("debug encryption: dumping generated session keys\n"));
-               DEBUGADD(0, ("Session Id    "));
-               dump_data(0, (uint8_t*)&session->global->session_wire_id,
-                         sizeof(session->global->session_wire_id));
-               DEBUGADD(0, ("Session Key   "));
-               dump_data(0, session_info->session_key.data,
-                         session_info->session_key.length);
-               DEBUGADD(0, ("Signing Algo: %u\n", x->global->signing_algo));
-               DEBUGADD(0, ("Signing Key   "));
-               dump_data(0, x->global->signing_key_blob.data,
-                         x->global->signing_key_blob.length);
-               DEBUGADD(0, ("App Key       "));
-               dump_data(0, x->global->application_key_blob.data,
-                         x->global->application_key_blob.length);
-
-               /* In server code, ServerIn is the decryption key */
-
-               DEBUGADD(0, ("Cipher Algo: %u\n", x->global->encryption_cipher));
-               DEBUGADD(0, ("ServerIn Key  "));
-               dump_data(0, x->global->decryption_key_blob.data,
-                         x->global->decryption_key_blob.length);
-               DEBUGADD(0, ("ServerOut Key "));
-               dump_data(0, x->global->encryption_key_blob.data,
-                         x->global->encryption_key_blob.length);
+               const char *wireshark_keyfile = lp_parm_const_string(
+                       GLOBAL_SECTION_SNUM,
+                       "debug encryption",
+                       "wireshark keyfile",
+                       NULL);
+
+               smbXcli_session_dump_keys(session->global->session_wire_id,
+                                         &session_info->session_key,
+                                         x->global->signing_algo,
+                                         &x->global->signing_key_blob,
+                                         &x->global->application_key_blob,
+                                         &x->global->encryption_key_blob,
+                                         &x->global->decryption_key_blob,
+                                         wireshark_keyfile);
        }
 
        status = smb2_signing_key_copy(x->global->channels,