diff options
author | Stefan Metzmacher <metze@samba.org> | 2012-08-04 10:05:51 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-08-04 12:33:06 +0200 |
commit | 3a0db4d865d404ce7ab3ae787c163fef951e2dd9 (patch) | |
tree | ec40bf8142ecf0ba42ceca8cc22dc2d042265dc1 | |
parent | 396f3177cafdf0ed9a42d28c60ac59579864eae1 (diff) | |
download | samba-3a0db4d865d404ce7ab3ae787c163fef951e2dd9.tar.gz samba-3a0db4d865d404ce7ab3ae787c163fef951e2dd9.tar.bz2 samba-3a0db4d865d404ce7ab3ae787c163fef951e2dd9.zip |
s3:rpc_server/wkssvc: make usage of session_extract_session_key()
This makes sure we return NO_USER_SESSION_KEY if there's no session key.
metze
-rw-r--r-- | source3/rpc_server/wkssvc/srv_wkssvc_nt.c | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c index b40ca0bf42..ada83ea18d 100644 --- a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c +++ b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c @@ -819,6 +819,8 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p, char *admin_account = NULL; WERROR werr; struct security_token *token = p->session_info->security_token; + NTSTATUS status; + DATA_BLOB session_key; if (!r->in.domain_name) { return WERR_INVALID_PARAM; @@ -841,9 +843,18 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p, return WERR_NOT_SUPPORTED; } + status = session_extract_session_key(p->session_info, + &session_key, + KEY_USE_16BYTES); + if(!NT_STATUS_IS_OK(status)) { + DEBUG(5,("_wkssvc_NetrJoinDomain2: no session key %s\n", + nt_errstr(status))); + return WERR_NO_USER_SESSION_KEY; + } + werr = decode_wkssvc_join_password_buffer( p->mem_ctx, r->in.encrypted_password, - &p->session_info->session_key, &cleartext_pwd); + &session_key, &cleartext_pwd); if (!W_ERROR_IS_OK(werr)) { return werr; } @@ -896,6 +907,8 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p, char *admin_account = NULL; WERROR werr; struct security_token *token = p->session_info->security_token; + NTSTATUS status; + DATA_BLOB session_key; if (!r->in.account || !r->in.encrypted_password) { return WERR_INVALID_PARAM; @@ -909,9 +922,18 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p, return WERR_ACCESS_DENIED; } + status = session_extract_session_key(p->session_info, + &session_key, + KEY_USE_16BYTES); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(5,("_wkssvc_NetrUnjoinDomain2: no session key %s\n", + nt_errstr(status))); + return WERR_NO_USER_SESSION_KEY; + } + werr = decode_wkssvc_join_password_buffer( p->mem_ctx, r->in.encrypted_password, - &p->session_info->session_key, &cleartext_pwd); + &session_key, &cleartext_pwd); if (!W_ERROR_IS_OK(werr)) { return werr; } |