diff options
-rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 170 |
1 files changed, 89 insertions, 81 deletions
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 88b9c08e18..47f54442db 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -733,6 +733,79 @@ static NTSTATUS dcesrv_lsa_EnumAccounts(struct dcesrv_call_state *dce_call, TALL } +/* This decrypts and returns Trusted Domain Auth Information Internal data */ +static NTSTATUS get_trustdom_auth_blob(struct dcesrv_call_state *dce_call, + TALLOC_CTX *mem_ctx, DATA_BLOB *auth_blob, + struct trustDomainPasswords *auth_struct) +{ + DATA_BLOB session_key = data_blob(NULL, 0); + enum ndr_err_code ndr_err; + NTSTATUS nt_status; + + nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } + + arcfour_crypt_blob(auth_blob->data, auth_blob->length, &session_key); + ndr_err = ndr_pull_struct_blob(auth_blob, mem_ctx, + lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx), + auth_struct, + (ndr_pull_flags_fn_t)ndr_pull_trustDomainPasswords); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return NT_STATUS_INVALID_PARAMETER; + } + + return NT_STATUS_OK; +} + +static NTSTATUS get_trustauth_inout_blob(struct dcesrv_call_state *dce_call, + TALLOC_CTX *mem_ctx, + struct trustCurrentPasswords *iopw, + DATA_BLOB *trustauth_blob) +{ + uint32_t i; + struct trustAuthInOutBlob ioblob; + enum ndr_err_code ndr_err; + + ioblob.count = iopw->count; + ioblob.current = talloc(mem_ctx, + struct AuthenticationInformationArray); + if (!ioblob.current) { + return NT_STATUS_NO_MEMORY; + } + + ioblob.current->array = *iopw->current; + if (!ioblob.current->array) { + return NT_STATUS_NO_MEMORY; + } + + ioblob.previous = talloc(mem_ctx, + struct AuthenticationInformationArray); + if (!ioblob.previous) { + return NT_STATUS_NO_MEMORY; + } + ioblob.previous->array = talloc_array(mem_ctx, + struct AuthenticationInformation, + ioblob.count); + if (!ioblob.previous->array) { + return NT_STATUS_NO_MEMORY; + } + + for (i = 0; i < ioblob.count; i++) { + ioblob.previous->array[i].LastUpdateTime = 0; + ioblob.previous->array[i].AuthType = 0; + } + ndr_err = ndr_push_struct_blob(trustauth_blob, mem_ctx, + lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx), + &ioblob, + (ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return NT_STATUS_INVALID_PARAMETER; + } + + return NT_STATUS_OK; +} /* lsa_CreateTrustedDomainEx2 @@ -753,12 +826,10 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc const char *netbios_name; const char *dns_name; const char *name; - DATA_BLOB session_key = data_blob(NULL, 0); DATA_BLOB trustAuthIncoming, trustAuthOutgoing, auth_blob; struct trustDomainPasswords auth_struct; int ret; NTSTATUS nt_status; - enum ndr_err_code ndr_err; struct ldb_context *sam_ldb; DCESRV_PULL_HANDLE(policy_handle, r->in.policy_handle, LSA_HANDLE_POLICY); @@ -767,11 +838,6 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc policy_state = policy_handle->data; sam_ldb = policy_state->sam_ldb; - nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key); - if (!NT_STATUS_IS_OK(nt_status)) { - return nt_status; - } - netbios_name = r->in.info->netbios_name.string; if (!netbios_name) { return NT_STATUS_INVALID_PARAMETER; @@ -805,14 +871,12 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc auth_struct.outgoing.count = 0; auth_struct.incoming.count = 0; } else { - auth_blob = data_blob_const(r->in.auth_info->auth_blob.data, r->in.auth_info->auth_blob.size); - arcfour_crypt_blob(auth_blob.data, auth_blob.length, &session_key); - ndr_err = ndr_pull_struct_blob(&auth_blob, mem_ctx, - lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx), - &auth_struct, - (ndr_pull_flags_fn_t)ndr_pull_trustDomainPasswords); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return NT_STATUS_INVALID_PARAMETER; + auth_blob = data_blob_const(r->in.auth_info->auth_blob.data, + r->in.auth_info->auth_blob.size); + nt_status = get_trustdom_auth_blob(dce_call, mem_ctx, + &auth_blob, &auth_struct); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; } if (op == NDR_LSA_CREATETRUSTEDDOMAINEX) { @@ -823,78 +887,22 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc } if (auth_struct.incoming.count) { - uint32_t i; - struct trustAuthInOutBlob incoming; - - incoming.count = auth_struct.incoming.count; - incoming.current = talloc(mem_ctx, struct AuthenticationInformationArray); - if (!incoming.current) { - return NT_STATUS_NO_MEMORY; - } - - incoming.current->array = *auth_struct.incoming.current; - if (!incoming.current->array) { - return NT_STATUS_NO_MEMORY; - } - - incoming.previous = talloc(mem_ctx, struct AuthenticationInformationArray); - if (!incoming.previous) { - return NT_STATUS_NO_MEMORY; - } - incoming.previous->array = talloc_array(mem_ctx, struct AuthenticationInformation, incoming.count); - if (!incoming.previous->array) { - return NT_STATUS_NO_MEMORY; - } - - for (i = 0; i < incoming.count; i++) { - incoming.previous->array[i].LastUpdateTime = 0; - incoming.previous->array[i].AuthType = 0; - } - ndr_err = ndr_push_struct_blob(&trustAuthIncoming, mem_ctx, - lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx), - &incoming, - (ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return NT_STATUS_INVALID_PARAMETER; + nt_status = get_trustauth_inout_blob(dce_call, mem_ctx, + &auth_struct.incoming, + &trustAuthIncoming); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; } } else { trustAuthIncoming = data_blob(NULL, 0); } if (auth_struct.outgoing.count) { - uint32_t i; - struct trustAuthInOutBlob outgoing; - - outgoing.count = auth_struct.outgoing.count; - outgoing.current = talloc(mem_ctx, struct AuthenticationInformationArray); - if (!outgoing.current) { - return NT_STATUS_NO_MEMORY; - } - - outgoing.current->array = *auth_struct.outgoing.current; - if (!outgoing.current->array) { - return NT_STATUS_NO_MEMORY; - } - - outgoing.previous = talloc(mem_ctx, struct AuthenticationInformationArray); - if (!outgoing.previous) { - return NT_STATUS_NO_MEMORY; - } - outgoing.previous->array = talloc_array(mem_ctx, struct AuthenticationInformation, outgoing.count); - if (!outgoing.previous->array) { - return NT_STATUS_NO_MEMORY; - } - - for (i = 0; i < outgoing.count; i++) { - outgoing.previous->array[i].LastUpdateTime = 0; - outgoing.previous->array[i].AuthType = 0; - } - ndr_err = ndr_push_struct_blob(&trustAuthOutgoing, mem_ctx, - lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx), - &outgoing, - (ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return NT_STATUS_INVALID_PARAMETER; + nt_status = get_trustauth_inout_blob(dce_call, mem_ctx, + &auth_struct.outgoing, + &trustAuthOutgoing); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; } } else { trustAuthOutgoing = data_blob(NULL, 0); |