r4682: A LDB-based secrets implementation in Samba4.

This uses LDB (a local secrets.ldb and the global samdb) to fill out
the secrets from an LSA perspective.

Some small changes to come, but the bulk of the work is now done.

A re-provision is required after this change.

Andrew Bartlett
(This used to be commit ded33033521a6a1c7ea80758c5c5aeeebb182a51)

1 files changed, 9 insertions, 3 deletions

diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index e393cd40fe..8c85787fe2 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -778,8 +778,11 @@ static BOOL samsync_handle_secret(TALLOC_CTX *mem_ctx, struct samsync_state *sam
 		lsa_blob1.data = q.out.old_val->buf->data;
 		lsa_blob1.length = q.out.old_val->buf->length;
 
-		lsa_blob_out = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key);
-		
+		status = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key, &lsa_blob_out);
+		if (!NT_STATUS_IS_OK(status)) {
+			return False;
+		}
+
 		if (!q.out.old_mtime) {
 			printf("OLD mtime not available on LSA for secret %s\n", old->name);
 			ret = False;
@@ -814,7 +817,10 @@ static BOOL samsync_handle_secret(TALLOC_CTX *mem_ctx, struct samsync_state *sam
 		lsa_blob1.data = q.out.new_val->buf->data;
 		lsa_blob1.length = q.out.new_val->buf->length;
 
-		lsa_blob_out = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key);
+		status = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key, &lsa_blob_out);
+		if (!NT_STATUS_IS_OK(status)) {
+			return False;
+		}
 		
 		if (!q.out.new_mtime) {
 			printf("NEW mtime not available on LSA for secret %s\n", new->name);