diff options
-rw-r--r-- | source3/rpc_server/lsa/srv_lsa_nt.c | 57 |
1 files changed, 51 insertions, 6 deletions
diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c index 55ce0b6200..aba6e64917 100644 --- a/source3/rpc_server/lsa/srv_lsa_nt.c +++ b/source3/rpc_server/lsa/srv_lsa_nt.c @@ -35,6 +35,10 @@ #include "../librpc/gen_ndr/netlogon.h" #include "rpc_client/init_lsa.h" #include "../libcli/security/security.h" +#include "../libcli/security/dom_sid.h" +#include "../librpc/gen_ndr/drsblobs.h" +#include "../librpc/gen_ndr/ndr_drsblobs.h" +#include "../lib/crypto/arcfour.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_SRV @@ -1607,6 +1611,9 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p, struct security_descriptor *psd; size_t sd_size; struct pdb_trusted_domain td; + struct trustDomainPasswords auth_struct; + enum ndr_err_code ndr_err; + DATA_BLOB auth_blob; if (!IS_DC) { return NT_STATUS_NOT_SUPPORTED; @@ -1650,17 +1657,55 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p, ZERO_STRUCT(td); - td.domain_name = r->in.info->domain_name.string; - td.netbios_name = r->in.info->netbios_name.string; + td.domain_name = talloc_strdup(p->mem_ctx, + r->in.info->domain_name.string); + if (td.domain_name == NULL) { + return NT_STATUS_NO_MEMORY; + } + td.netbios_name = talloc_strdup(p->mem_ctx, + r->in.info->netbios_name.string); + if (td.netbios_name == NULL) { + return NT_STATUS_NO_MEMORY; + } sid_copy(&td.security_identifier, r->in.info->sid); - td.trust_auth_incoming.data = NULL; - td.trust_auth_incoming.length = 0; - td.trust_auth_outgoing.data = NULL; - td.trust_auth_outgoing.length = 0; td.trust_direction = r->in.info->trust_direction; td.trust_type = r->in.info->trust_type; td.trust_attributes = r->in.info->trust_attributes; + if (r->in.auth_info->auth_blob.size != 0) { + auth_blob.length = r->in.auth_info->auth_blob.size; + auth_blob.data = r->in.auth_info->auth_blob.data; + + arcfour_crypt_blob(auth_blob.data, auth_blob.length, + &p->server_info->user_session_key); + + ndr_err = ndr_pull_struct_blob(&auth_blob, p->mem_ctx, + &auth_struct, + (ndr_pull_flags_fn_t) ndr_pull_trustDomainPasswords); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return NT_STATUS_UNSUCCESSFUL; + } + + ndr_err = ndr_push_struct_blob(&td.trust_auth_incoming, p->mem_ctx, + &auth_struct.incoming, + (ndr_push_flags_fn_t) ndr_push_trustAuthInOutBlob); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return NT_STATUS_UNSUCCESSFUL; + } + + ndr_err = ndr_push_struct_blob(&td.trust_auth_outgoing, p->mem_ctx, + &auth_struct.outgoing, + (ndr_push_flags_fn_t) ndr_push_trustAuthInOutBlob); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return NT_STATUS_UNSUCCESSFUL; + } + } else { + td.trust_auth_incoming.data = NULL; + td.trust_auth_incoming.length = 0; + td.trust_auth_outgoing.data = NULL; + td.trust_auth_outgoing.length = 0; + } + status = pdb_set_trusted_domain(r->in.info->domain_name.string, &td); if (!NT_STATUS_IS_OK(status)) { return status; |