s3:utils/net_rpc*: make use of cli_get_session_key()

metze

3 files changed, 39 insertions, 7 deletions

diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 49b405f75f..46c3c91779 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -5776,6 +5776,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
 	union samr_UserInfo info;
 	unsigned int orig_timeout;
 	struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
+	DATA_BLOB session_key = data_blob_null;
 
 	if (argc != 2) {
 		d_printf("%s\n%s",
@@ -5797,6 +5798,13 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
 
 	init_lsa_String(&lsa_acct_name, acct_name);
 
+	status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0,("Error getting session_key of SAM pipe. Error was %s\n",
+			nt_errstr(status)));
+		goto done;
+	}
+
 	/* Get samr policy handle */
 	status = dcerpc_samr_Connect2(b, mem_ctx,
 				      pipe_hnd->desthost,
@@ -5867,7 +5875,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
 		ZERO_STRUCT(info.info23);
 
 		init_samr_CryptPassword(argv[1],
-					&cli->user_session_key,
+					&session_key,
 					&crypt_pwd);
 
 		info.info23.info.fields_present = SAMR_FIELD_ACCT_FLAGS |
@@ -5894,6 +5902,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
 
  done:
 	SAFE_FREE(acct_name);
+	data_blob_clear_free(&session_key);
 	return status;
 }
 
diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c
index f89ffb8b10..2e3e240a3f 100644
--- a/source3/utils/net_rpc_join.c
+++ b/source3/utils/net_rpc_join.c
@@ -186,6 +186,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv)
 
 	/* Password stuff */
 
+	DATA_BLOB session_key = data_blob_null;
 	char *clear_trust_password = NULL;
 	struct samr_CryptPassword crypt_pwd;
 	uchar md4_trust_password[16];
@@ -289,6 +290,13 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv)
 
 	b = pipe_hnd->binding_handle;
 
+	status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0,("Error getting session_key of SAM pipe. Error was %s\n",
+			nt_errstr(status)));
+		goto done;
+	}
+
 	CHECK_DCERPC_ERR(dcerpc_samr_Connect2(b, mem_ctx,
 					      pipe_hnd->desthost,
 					      SAMR_ACCESS_ENUM_DOMAINS
@@ -396,7 +404,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv)
 	/* Set password on machine account */
 
 	init_samr_CryptPassword(clear_trust_password,
-				&cli->user_session_key,
+				&session_key,
 				&crypt_pwd);
 
 	set_info.info24.password = crypt_pwd;
@@ -532,6 +540,7 @@ done:
 	cli_shutdown(cli);
 
 	TALLOC_FREE(clear_trust_password);
+	data_blob_clear_free(&session_key);
 
 	return retval;
 }
diff --git a/source3/utils/net_rpc_trust.c b/source3/utils/net_rpc_trust.c
index 82cc8a5f90..d15d10c0d4 100644
--- a/source3/utils/net_rpc_trust.c
+++ b/source3/utils/net_rpc_trust.c
@@ -196,7 +196,8 @@ static NTSTATUS connect_and_get_info(TALLOC_CTX *mem_ctx,
 				     struct cli_state **cli,
 				     struct rpc_pipe_client **pipe_hnd,
 				     struct policy_handle *pol_hnd,
-				     struct dom_data *dom_data)
+				     struct dom_data *dom_data,
+				     DATA_BLOB *session_key)
 {
 	NTSTATUS status;
 	NTSTATUS result;
@@ -244,6 +245,13 @@ static NTSTATUS connect_and_get_info(TALLOC_CTX *mem_ctx,
 		return status;
 	}
 
+	status = cli_get_session_key(mem_ctx, *pipe_hnd, session_key);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0,("Error getting session_key of LSA pipe. Error was %s\n",
+			nt_errstr(status)));
+		return status;
+	}
+
 	return NT_STATUS_OK;
 }
 
@@ -412,6 +420,7 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc,
 	int success = -1;
 	struct cli_state *cli[2] = {NULL, NULL};
 	struct rpc_pipe_client *pipe_hnd[2] = {NULL, NULL};
+	DATA_BLOB session_key[2];
 	struct policy_handle pol_hnd[2];
 	struct lsa_TrustDomainInfoAuthInfoInternal authinfo;
 	DATA_BLOB auth_blob;
@@ -421,6 +430,8 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc,
 	struct dom_data dom_data[2];
 	void (*usage)(void);
 
+	ZERO_STRUCT(session_key);
+
 	switch (op) {
 		case TRUST_CREATE:
 			usage = print_trust_usage;
@@ -480,7 +491,7 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc,
 	}
 
 	status = connect_and_get_info(mem_ctx, net_ctx, &cli[0], &pipe_hnd[0],
-				      &pol_hnd[0], &dom_data[0]);
+				      &pol_hnd[0], &dom_data[0], &session_key[0]);
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0, ("connect_and_get_info failed with error [%s]\n",
 			  nt_errstr(status)));
@@ -490,7 +501,8 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc,
 	if (other_net_ctx != NULL) {
 		status = connect_and_get_info(mem_ctx, other_net_ctx,
 					      &cli[1], &pipe_hnd[1],
-					      &pol_hnd[1], &dom_data[1]);
+					      &pol_hnd[1], &dom_data[1],
+					      &session_key[1]);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(0, ("connect_and_get_info failed with error [%s]\n",
 				  nt_errstr(status)));
@@ -534,7 +546,7 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc,
 
 		arcfour_crypt_blob(authinfo.auth_blob.data,
 				   authinfo.auth_blob.size,
-				   &cli[0]->user_session_key);
+				   &session_key[0]);
 
 		status = create_trust(mem_ctx, pipe_hnd[0]->binding_handle,
 				      &pol_hnd[0],
@@ -561,7 +573,7 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc,
 
 			arcfour_crypt_blob(authinfo.auth_blob.data,
 					   authinfo.auth_blob.size,
-					   &cli[1]->user_session_key);
+					   &session_key[1]);
 
 			status = create_trust(mem_ctx,
 					      pipe_hnd[1]->binding_handle,
@@ -617,6 +629,8 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc,
 	success = 0;
 
 done:
+	data_blob_clear_free(&session_key[0]);
+	data_blob_clear_free(&session_key[1]);
 	cli_shutdown(cli[0]);
 	cli_shutdown(cli[1]);
 	talloc_destroy(mem_ctx);