diff options
author | Sumit Bose <sbose@redhat.com> | 2013-02-04 13:15:18 +0100 |
---|---|---|
committer | Andreas Schneider <asn@samba.org> | 2013-02-07 14:07:50 +0100 |
commit | 62e6ea408a20197420eadb133df6ba233c7874b4 (patch) | |
tree | ca554f9072cd1ee744d11c9292e86bdb488b4787 /source3/rpc_server/netlogon | |
parent | 823a25f6a47c311ab33874be8a889ffbaf8db527 (diff) | |
download | samba-62e6ea408a20197420eadb133df6ba233c7874b4.tar.gz samba-62e6ea408a20197420eadb133df6ba233c7874b4.tar.bz2 samba-62e6ea408a20197420eadb133df6ba233c7874b4.zip |
s3-rpc_server: Fix password encoding in _netr_ServerGetTrustInfo().
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'source3/rpc_server/netlogon')
-rw-r--r-- | source3/rpc_server/netlogon/srv_netlog_nt.c | 22 |
1 files changed, 8 insertions, 14 deletions
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index 96e1c8751c..a355dd1cbb 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -2429,29 +2429,27 @@ static NTSTATUS get_password_from_trustAuth(TALLOC_CTX *mem_ctx, return NT_STATUS_UNSUCCESSFUL; } - if (trustAuth.count != 0 && trustAuth.current.count != 0 && trustAuth.current.array[0].AuthType == TRUST_AUTH_TYPE_CLEAR) { - mdfour(previous_pw_enc->hash, + mdfour(current_pw_enc->hash, trustAuth.current.array[0].AuthInfo.clear.password, trustAuth.current.array[0].AuthInfo.clear.size); + netlogon_creds_des_encrypt(creds, current_pw_enc); } else { return NT_STATUS_UNSUCCESSFUL; } - netlogon_creds_des_encrypt(creds, current_pw_enc); if (trustAuth.previous.count != 0 && trustAuth.previous.array[0].AuthType == TRUST_AUTH_TYPE_CLEAR) { mdfour(previous_pw_enc->hash, trustAuth.previous.array[0].AuthInfo.clear.password, trustAuth.previous.array[0].AuthInfo.clear.size); + netlogon_creds_des_encrypt(creds, previous_pw_enc); } else { - mdfour(previous_pw_enc->hash, NULL, 0); + ZERO_STRUCTP(previous_pw_enc); } - netlogon_creds_des_encrypt(creds, previous_pw_enc); - return NT_STATUS_OK; } @@ -2469,7 +2467,6 @@ NTSTATUS _netr_ServerGetTrustInfo(struct pipes_struct *p, bool trusted; struct netr_TrustInfo *trust_info; struct pdb_trusted_domain *td; - DATA_BLOB trustAuth_blob; struct loadparm_context *lp_ctx; lp_ctx = loadparm_init_s3(p->mem_ctx, loadparm_s3_helpers()); @@ -2543,15 +2540,12 @@ NTSTATUS _netr_ServerGetTrustInfo(struct pipes_struct *p, *r->out.trust_info = trust_info; } -/* TODO: which trustAuth shall we use if we have in/out trust or do they have to - * be equal ? */ - if (td->trust_direction & NETR_TRUST_FLAG_INBOUND) { - trustAuth_blob = td->trust_auth_incoming; - } else if (td->trust_direction & NETR_TRUST_FLAG_OUTBOUND) { - trustAuth_blob = td->trust_auth_outgoing; + if (td->trust_auth_incoming.data == NULL) { + return NT_STATUS_INVALID_PARAMETER; } - status = get_password_from_trustAuth(p->mem_ctx, &trustAuth_blob, + status = get_password_from_trustAuth(p->mem_ctx, + &td->trust_auth_incoming, creds, r->out.new_owf_password, r->out.old_owf_password); |