summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h3
-rw-r--r--source3/rpc_client/init_netlogon.c18
-rw-r--r--source3/rpc_server/srv_netlog_nt.c2
3 files changed, 18 insertions, 5 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index ac55a67c19..49c9aff349 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -5549,7 +5549,8 @@ void init_netr_SamInfo3(struct netr_SamInfo3 *r,
uint32_t sidcount,
struct netr_SidAttr *sids);
NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
- uint8_t pipe_session_key[16],
+ uint8_t *pipe_session_key,
+ size_t pipe_session_key_len,
struct netr_SamInfo3 *sam3);
void init_netr_IdentityInfo(struct netr_IdentityInfo *r,
const char *domain_name,
diff --git a/source3/rpc_client/init_netlogon.c b/source3/rpc_client/init_netlogon.c
index e4c39e739e..4318a94076 100644
--- a/source3/rpc_client/init_netlogon.c
+++ b/source3/rpc_client/init_netlogon.c
@@ -172,7 +172,8 @@ static NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx,
*****************************************************************************/
NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
- uint8_t pipe_session_key[16],
+ uint8_t *pipe_session_key,
+ size_t pipe_session_key_len,
struct netr_SamInfo3 *sam3)
{
struct samu *sampw;
@@ -203,6 +204,13 @@ NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
user_sid = pdb_get_user_sid(sampw);
group_sid = pdb_get_group_sid(sampw);
+ if (pipe_session_key && pipe_session_key_len != 16) {
+ DEBUG(0,("serverinfo_to_SamInfo3: invalid "
+ "pipe_session_key_len[%u] != 16\n",
+ pipe_session_key_len));
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
if ((user_sid == NULL) || (group_sid == NULL)) {
DEBUG(1, ("_netr_LogonSamLogon: User without group or user SID\n"));
return NT_STATUS_UNSUCCESSFUL;
@@ -248,14 +256,18 @@ NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
server_info->user_session_key.data,
MIN(sizeof(user_session_key.key),
server_info->user_session_key.length));
- SamOEMhash(user_session_key.key, pipe_session_key, 16);
+ if (pipe_session_key) {
+ SamOEMhash(user_session_key.key, pipe_session_key, 16);
+ }
}
if (server_info->lm_session_key.length) {
memcpy(lm_session_key.key,
server_info->lm_session_key.data,
MIN(sizeof(lm_session_key.key),
server_info->lm_session_key.length));
- SamOEMhash(lm_session_key.key, pipe_session_key, 8);
+ if (pipe_session_key) {
+ SamOEMhash(lm_session_key.key, pipe_session_key, 8);
+ }
}
groups.count = num_gids;
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 75fc99401e..45acd3ed48 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -981,7 +981,7 @@ NTSTATUS _netr_LogonSamLogon(pipes_struct *p,
memcpy(pipe_session_key, p->auth.a_u.schannel_auth->sess_key, 16);
}
- status = serverinfo_to_SamInfo3(server_info, pipe_session_key, sam3);
+ status = serverinfo_to_SamInfo3(server_info, pipe_session_key, 16, sam3);
TALLOC_FREE(server_info);
return status;
}