previous commit added an abstraction function that didn't even have

struct cli_state, uint16 fnum into the code: rpc_hnd_api_req().
modified cli_lsarpc.c to use this.  the rest is const issues.
(This used to be commit c1ea396de21309c4cf19fd92f2573f5257c24588)

4 files changed, 25 insertions, 77 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 3a15e8d689..cb61009a64 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -852,7 +852,7 @@ void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24],
 
 /*The following definitions come from  libsmb/smbdes.c  */
 
-void smbhash(unsigned char *out, const uchar *in, unsigned char *key, int forw);
+void smbhash(unsigned char *out, const uchar *in, const uchar *key, int forw);
 void E_P16(unsigned char *p14,unsigned char *p16);
 void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24);
 void D_P16(unsigned char *p14, unsigned char *in, unsigned char *out);
@@ -894,7 +894,7 @@ void ntv2_owf_gen(const uchar owf[16],
 				uchar kr_buf[16]);
 void NTLMSSPOWFencrypt(uchar passwd[8], uchar *ntlmchalresp, uchar p24[24]);
 BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode);
-BOOL nt_decrypt_string2(STRING2 *out, const STRING2 *in, char nt_hash[16]);
+BOOL nt_decrypt_string2(STRING2 *out, const STRING2 *in, const uchar *key);
 void create_ntlmssp_resp(struct pwd_info *pwd,
 				char *domain, char *user_name, char *my_name,
 				uint32 ntlmssp_cli_flgs,
diff --git a/source3/libsmb/smbdes.c b/source3/libsmb/smbdes.c
index ba214a2eb0..e60b93d6a2 100644
--- a/source3/libsmb/smbdes.c
+++ b/source3/libsmb/smbdes.c
@@ -259,7 +259,7 @@ static void dohash(char *out, char *in, char *key, int forw)
 	permute(out, rl, perm6, 64);
 }
 
-static void str_to_key(unsigned char *str,unsigned char *key)
+static void str_to_key(const uchar *str, uchar *key)
 {
 	int i;
 
@@ -277,7 +277,7 @@ static void str_to_key(unsigned char *str,unsigned char *key)
 }
 
 
-void smbhash(unsigned char *out, const uchar *in, unsigned char *key, int forw)
+void smbhash(unsigned char *out, const uchar *in, const uchar *key, int forw)
 {
 	int i;
 	char outb[64];
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 3227caaa95..ace6cdc300 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -444,21 +444,18 @@ BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[
 	return True;
 }
 
-BOOL nt_decrypt_string2(STRING2 *out, const STRING2 *in, char nt_hash[16])
+BOOL nt_decrypt_string2(STRING2 *out, const STRING2 *in, const uchar *key)
 {
 	uchar bufhdr[8];
 	int datalen;
 
-	uchar key[16];
-	uchar *keyptr = key;
-	uchar *keyend = key + sizeof(key);
+	const uchar *keyptr = key;
+	const uchar *keyend = key + 16;
 
 	uchar *outbuf = (uchar *)out->buffer;
 	const uchar *inbuf = (const uchar *)in->buffer;
 	const uchar *inbufend;
 
-	mdfour(key, nt_hash, 16);
-
 	smbhash(bufhdr, inbuf, keyptr, 0);
 	datalen = IVAL(bufhdr, 0);
 
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index a7c15307a1..7706d0cd83 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -332,7 +332,7 @@ BOOL lsa_open_policy2( const char *server_name, POLICY_HND *hnd,
 	lsa_io_q_open_pol2("", &q_o, &buf, 0);
 
 	/* send the data on \PIPE\ */
-	if (rpc_api_pipe_req(cli, fnum, LSA_OPENPOLICY2, &buf, &rbuf))
+	if (rpc_hnd_pipe_req(hnd, LSA_OPENPOLICY2, &buf, &rbuf))
 	{
 		LSA_R_OPEN_POL2 r_o;
 		BOOL p;
@@ -376,14 +376,6 @@ BOOL lsa_open_secret( const POLICY_HND *hnd,
 	LSA_Q_OPEN_SECRET q_o;
 	BOOL valid_pol = False;
 
-	struct cli_state *cli = NULL;
-	uint16 fnum = 0xffff;
-
-	if (!cli_state_get(hnd, &cli, &fnum))
-	{
-		return False;
-	}
-
 	if (hnd == NULL) return False;
 
 	prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
@@ -399,7 +391,7 @@ BOOL lsa_open_secret( const POLICY_HND *hnd,
 	lsa_io_q_open_secret("", &q_o, &buf, 0);
 
 	/* send the data on \PIPE\ */
-	if (rpc_api_pipe_req(cli, fnum, LSA_OPENSECRET, &buf, &rbuf))
+	if (rpc_hnd_pipe_req(hnd, LSA_OPENSECRET, &buf, &rbuf))
 	{
 		LSA_R_OPEN_SECRET r_o;
 		BOOL p;
@@ -439,14 +431,6 @@ BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 *secret,
 	LSA_Q_QUERY_SECRET q_q;
 	BOOL valid_info = False;
 
-	struct cli_state *cli = NULL;
-	uint16 fnum = 0xffff;
-
-	if (!cli_state_get(hnd, &cli, &fnum))
-	{
-		return False;
-	}
-
 	if (hnd == NULL) return False;
 
 	prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
@@ -462,7 +446,7 @@ BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 *secret,
 	lsa_io_q_query_secret("", &q_q, &buf, 0);
 
 	/* send the data on \PIPE\ */
-	if (rpc_api_pipe_req(cli, fnum, LSA_QUERYSECRET, &buf, &rbuf))
+	if (rpc_hnd_pipe_req(hnd, LSA_QUERYSECRET, &buf, &rbuf))
 	{
 		LSA_R_QUERY_SECRET r_q;
 		BOOL p;
@@ -481,11 +465,19 @@ BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 *secret,
 		    (r_q.info.value.ptr_secret != 0) &&
 		    (r_q.info.ptr_update != 0))
 		{
+			uchar sess_key[16];
 			STRING2 enc_secret;
 			memcpy(&enc_secret,  &(r_q.info.value.enc_secret), sizeof(STRING2));
 			memcpy(last_update, &(r_q.info.last_update),      sizeof(NTTIME));
+			if (!cli_get_usr_sesskey(hnd, sess_key))
+			{
+				return False;
+			}
+#ifdef DEBUG_PASSWORD
+			dump_data(100, sess_key, 16);
+#endif
 			valid_info = nt_decrypt_string2(secret, &enc_secret,
-			             (char*)(cli->usr.pwd.smb_nt_pwd));
+			             sess_key);
 		}
 	}
 
@@ -511,14 +503,6 @@ BOOL lsa_lookup_names( POLICY_HND *hnd,
 	LSA_Q_LOOKUP_NAMES q_l;
 	BOOL valid_response = False;
 
-	struct cli_state *cli = NULL;
-	uint16 fnum = 0xffff;
-
-	if (!cli_state_get(hnd, &cli, &fnum))
-	{
-		return False;
-	}
-
 	if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
 
 	prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
@@ -535,7 +519,7 @@ BOOL lsa_lookup_names( POLICY_HND *hnd,
 	lsa_io_q_lookup_names("", &q_l, &buf, 0);
 
 	/* send the data on \PIPE\ */
-	if (rpc_api_pipe_req(cli, fnum, LSA_LOOKUPNAMES, &buf, &rbuf))
+	if (rpc_hnd_pipe_req(hnd, LSA_LOOKUPNAMES, &buf, &rbuf))
 	{
 		LSA_R_LOOKUP_NAMES r_l;
 		DOM_R_REF ref;
@@ -650,14 +634,6 @@ BOOL lsa_lookup_sids(POLICY_HND *hnd,
 	LSA_Q_LOOKUP_SIDS q_l;
 	BOOL valid_response = False;
 
-	struct cli_state *cli = NULL;
-	uint16 fnum = 0xffff;
-
-	if (!cli_state_get(hnd, &cli, &fnum))
-	{
-		return False;
-	}
-
 	ZERO_STRUCT(q_l);
 
 	if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
@@ -689,7 +665,7 @@ BOOL lsa_lookup_sids(POLICY_HND *hnd,
 	lsa_io_q_lookup_sids("", &q_l, &buf, 0);
 
 	/* send the data on \PIPE\ */
-	if (rpc_api_pipe_req(cli, fnum, LSA_LOOKUPSIDS, &buf, &rbuf))
+	if (rpc_hnd_pipe_req(hnd, LSA_LOOKUPSIDS, &buf, &rbuf))
 	{
 		LSA_R_LOOKUP_SIDS r_l;
 		DOM_R_REF ref;
@@ -803,14 +779,6 @@ BOOL lsa_query_info_pol(POLICY_HND *hnd, uint16 info_class,
 	LSA_Q_QUERY_INFO q_q;
 	BOOL valid_response = False;
 
-	struct cli_state *cli = NULL;
-	uint16 fnum = 0xffff;
-
-	if (!cli_state_get(hnd, &cli, &fnum))
-	{
-		return False;
-	}
-
 	ZERO_STRUCTP(domain_sid);
 	domain_name[0] = 0;
 
@@ -830,7 +798,7 @@ BOOL lsa_query_info_pol(POLICY_HND *hnd, uint16 info_class,
 	lsa_io_q_query("", &q_q, &buf, 0);
 
 	/* send the data on \PIPE\ */
-	if (rpc_api_pipe_req(cli, fnum, LSA_QUERYINFOPOLICY, &buf, &rbuf))
+	if (rpc_hnd_pipe_req(hnd, LSA_QUERYINFOPOLICY, &buf, &rbuf))
 	{
 		LSA_R_QUERY_INFO r_q;
 		BOOL p;
@@ -920,14 +888,6 @@ BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 *enum_ctx,
 	LSA_Q_ENUM_TRUST_DOM q_q;
 	BOOL valid_response = False;
 
-	struct cli_state *cli = NULL;
-	uint16 fnum = 0xffff;
-
-	if (!cli_state_get(hnd, &cli, &fnum))
-	{
-		return False;
-	}
-
 	if (hnd == NULL || num_doms == NULL || names == NULL) return False;
 
 	prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
@@ -935,7 +895,7 @@ BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 *enum_ctx,
 
 	/* create and send a MSRPC command with api LSA_ENUMTRUSTDOM */
 
-	DEBUG(4,("LSA Query Info Policy\n"));
+	DEBUG(4,("LSA Enum Trusted Domains\n"));
 
 	/* store the parameters */
 	make_q_enum_trust_dom(&q_q, hnd, *enum_ctx, 0xffffffff);
@@ -944,7 +904,7 @@ BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 *enum_ctx,
 	lsa_io_q_enum_trust_dom("", &q_q, &buf, 0);
 
 	/* send the data on \PIPE\ */
-	if (rpc_api_pipe_req(cli, fnum, LSA_ENUMTRUSTDOM, &buf, &rbuf))
+	if (rpc_hnd_pipe_req(hnd, LSA_ENUMTRUSTDOM, &buf, &rbuf))
 	{
 		LSA_R_ENUM_TRUST_DOM r_q;
 		BOOL p;
@@ -1002,14 +962,6 @@ BOOL lsa_close(POLICY_HND *hnd)
 	LSA_Q_CLOSE q_c;
 	BOOL valid_close = False;
 
-	struct cli_state *cli = NULL;
-	uint16 fnum = 0xffff;
-
-	if (!cli_state_get(hnd, &cli, &fnum))
-	{
-		return False;
-	}
-
 	if (hnd == NULL) return False;
 
 	/* create and send a MSRPC command with api LSA_OPENPOLICY */
@@ -1026,7 +978,7 @@ BOOL lsa_close(POLICY_HND *hnd)
 	lsa_io_q_close("", &q_c, &buf, 0);
 
 	/* send the data on \PIPE\ */
-	if (rpc_api_pipe_req(cli, fnum, LSA_CLOSE, &buf, &rbuf))
+	if (rpc_hnd_pipe_req(hnd, LSA_CLOSE, &buf, &rbuf))
 	{
 		LSA_R_CLOSE r_c;
 		BOOL p;
@@ -1070,4 +1022,3 @@ BOOL lsa_close(POLICY_HND *hnd)
 	return valid_close;
 }
 
-