summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-08-04 10:05:51 +0200
committerStefan Metzmacher <metze@samba.org>2012-08-04 12:33:06 +0200
commit3a0db4d865d404ce7ab3ae787c163fef951e2dd9 (patch)
treeec40bf8142ecf0ba42ceca8cc22dc2d042265dc1
parent396f3177cafdf0ed9a42d28c60ac59579864eae1 (diff)
downloadsamba-3a0db4d865d404ce7ab3ae787c163fef951e2dd9.tar.gz
samba-3a0db4d865d404ce7ab3ae787c163fef951e2dd9.tar.bz2
samba-3a0db4d865d404ce7ab3ae787c163fef951e2dd9.zip
s3:rpc_server/wkssvc: make usage of session_extract_session_key()
This makes sure we return NO_USER_SESSION_KEY if there's no session key. metze
-rw-r--r--source3/rpc_server/wkssvc/srv_wkssvc_nt.c26
1 files changed, 24 insertions, 2 deletions
diff --git a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
index b40ca0bf42..ada83ea18d 100644
--- a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
+++ b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
@@ -819,6 +819,8 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p,
char *admin_account = NULL;
WERROR werr;
struct security_token *token = p->session_info->security_token;
+ NTSTATUS status;
+ DATA_BLOB session_key;
if (!r->in.domain_name) {
return WERR_INVALID_PARAM;
@@ -841,9 +843,18 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p,
return WERR_NOT_SUPPORTED;
}
+ status = session_extract_session_key(p->session_info,
+ &session_key,
+ KEY_USE_16BYTES);
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(5,("_wkssvc_NetrJoinDomain2: no session key %s\n",
+ nt_errstr(status)));
+ return WERR_NO_USER_SESSION_KEY;
+ }
+
werr = decode_wkssvc_join_password_buffer(
p->mem_ctx, r->in.encrypted_password,
- &p->session_info->session_key, &cleartext_pwd);
+ &session_key, &cleartext_pwd);
if (!W_ERROR_IS_OK(werr)) {
return werr;
}
@@ -896,6 +907,8 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p,
char *admin_account = NULL;
WERROR werr;
struct security_token *token = p->session_info->security_token;
+ NTSTATUS status;
+ DATA_BLOB session_key;
if (!r->in.account || !r->in.encrypted_password) {
return WERR_INVALID_PARAM;
@@ -909,9 +922,18 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p,
return WERR_ACCESS_DENIED;
}
+ status = session_extract_session_key(p->session_info,
+ &session_key,
+ KEY_USE_16BYTES);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(5,("_wkssvc_NetrUnjoinDomain2: no session key %s\n",
+ nt_errstr(status)));
+ return WERR_NO_USER_SESSION_KEY;
+ }
+
werr = decode_wkssvc_join_password_buffer(
p->mem_ctx, r->in.encrypted_password,
- &p->session_info->session_key, &cleartext_pwd);
+ &session_key, &cleartext_pwd);
if (!W_ERROR_IS_OK(werr)) {
return werr;
}