diff options
Diffstat (limited to 'source3/rpc_client')
| -rw-r--r-- | source3/rpc_client/cli_netlogon.c | 12 | ||||
| -rw-r--r-- | source3/rpc_client/cli_pipe.c | 31 | ||||
| -rw-r--r-- | source3/rpc_client/cli_samr.c | 14 |
3 files changed, 38 insertions, 19 deletions
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index 97bc4c65b7..70ac460303 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -654,11 +654,17 @@ NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_c ZERO_STRUCT(netlogon_sess_key); memcpy(netlogon_sess_key, cli->sess_key, 8); - if (memcmp(zeros, info3->user_sess_key, 16) != 0) + if (memcmp(zeros, info3->user_sess_key, 16) != 0) { SamOEMhash(info3->user_sess_key, netlogon_sess_key, 16); - - if (memcmp(zeros, info3->padding, 16) != 0) + } else { + memset(info3->user_sess_key, '\0', 16); + } + + if (memcmp(zeros, info3->padding, 16) != 0) { SamOEMhash(info3->padding, netlogon_sess_key, 16); + } else { + memset(info3->padding, '\0', 16); + } /* Return results */ diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index fdd9d3c3b1..aca0494dbd 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -264,13 +264,16 @@ static BOOL rpc_auth_pipe(struct cli_state *cli, prs_struct *rdata, later use */ DATA_BLOB ntlmssp_verf = data_blob(NULL, auth_len); - + BOOL store_ok; + /* save the reply away, for use a little later */ prs_copy_data_out((char *)ntlmssp_verf.data, &auth_verf, auth_len); + store_ok = (NT_STATUS_IS_OK(ntlmssp_store_response(cli->ntlmssp_pipe_state, + ntlmssp_verf))); - return (NT_STATUS_IS_OK(ntlmssp_client_store_response(cli->ntlmssp_pipe_state, - ntlmssp_verf))); + data_blob_free(&ntlmssp_verf); + return store_ok; } else if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { /* nothing to do here - we don't seem to be able to @@ -307,12 +310,12 @@ static BOOL rpc_auth_pipe(struct cli_state *cli, prs_struct *rdata, DEBUG(1, ("Can't unseal - data_len < 0!!\n")); return False; } - nt_status = ntlmssp_client_unseal_packet(cli->ntlmssp_pipe_state, + nt_status = ntlmssp_unseal_packet(cli->ntlmssp_pipe_state, (unsigned char *)reply_data, data_len, &sig); } else if (cli->pipe_auth_flags & AUTH_PIPE_SIGN) { - nt_status = ntlmssp_client_check_packet(cli->ntlmssp_pipe_state, + nt_status = ntlmssp_check_packet(cli->ntlmssp_pipe_state, (const unsigned char *)reply_data, data_len, &sig); } @@ -674,9 +677,9 @@ static NTSTATUS create_rpc_bind_req(struct cli_state *cli, prs_struct *rpc_out, DATA_BLOB request; DEBUG(5, ("Processing NTLMSSP Negotiate\n")); - nt_status = ntlmssp_client_update(cli->ntlmssp_pipe_state, - null_blob, - &request); + nt_status = ntlmssp_update(cli->ntlmssp_pipe_state, + null_blob, + &request); if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { @@ -777,9 +780,9 @@ static NTSTATUS create_rpc_bind_resp(struct cli_state *cli, /* The response is picked up from the internal cache, where it was placed by the rpc_auth_pipe() code */ - nt_status = ntlmssp_client_update(cli->ntlmssp_pipe_state, - ntlmssp_null_response, - &ntlmssp_reply); + nt_status = ntlmssp_update(cli->ntlmssp_pipe_state, + ntlmssp_null_response, + &ntlmssp_reply); if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { return nt_status; @@ -820,7 +823,7 @@ static NTSTATUS create_rpc_bind_resp(struct cli_state *cli, } if (cli->pipe_auth_flags & AUTH_PIPE_SIGN) { - nt_status = ntlmssp_client_sign_init(cli->ntlmssp_pipe_state); + nt_status = ntlmssp_sign_init(cli->ntlmssp_pipe_state); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; @@ -994,7 +997,7 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num, */ if (cli->pipe_auth_flags & AUTH_PIPE_SEAL) { - nt_status = ntlmssp_client_seal_packet(cli->ntlmssp_pipe_state, + nt_status = ntlmssp_seal_packet(cli->ntlmssp_pipe_state, (unsigned char*)prs_data_p(&sec_blob), data_and_padding_size, &sign_blob); @@ -1005,7 +1008,7 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num, } else if (cli->pipe_auth_flags & AUTH_PIPE_SIGN) { - nt_status = ntlmssp_client_sign_packet(cli->ntlmssp_pipe_state, + nt_status = ntlmssp_sign_packet(cli->ntlmssp_pipe_state, (unsigned char*)prs_data_p(&sec_blob), data_and_padding_size, &sign_blob); if (!NT_STATUS_IS_OK(nt_status)) { diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c index e5e67f39dc..9bab816b81 100644 --- a/source3/rpc_client/cli_samr.c +++ b/source3/rpc_client/cli_samr.c @@ -1341,7 +1341,7 @@ NTSTATUS cli_samr_create_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx, NTSTATUS cli_samr_set_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, POLICY_HND *user_pol, uint16 switch_value, - uchar sess_key[16], SAM_USERINFO_CTR *ctr) + DATA_BLOB sess_key, SAM_USERINFO_CTR *ctr) { prs_struct qbuf, rbuf; SAMR_Q_SET_USERINFO q; @@ -1353,6 +1353,11 @@ NTSTATUS cli_samr_set_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); + if (sess_key.length != 16) { + DEBUG(1, ("Cannot handle user session key of length [%u]\n", sess_key.length)); + return NT_STATUS_NO_USER_SESSION_KEY; + } + /* Initialise parse structures */ prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); @@ -1393,7 +1398,7 @@ NTSTATUS cli_samr_set_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, NTSTATUS cli_samr_set_userinfo2(struct cli_state *cli, TALLOC_CTX *mem_ctx, POLICY_HND *user_pol, uint16 switch_value, - uchar sess_key[16], SAM_USERINFO_CTR *ctr) + DATA_BLOB sess_key, SAM_USERINFO_CTR *ctr) { prs_struct qbuf, rbuf; SAMR_Q_SET_USERINFO2 q; @@ -1402,6 +1407,11 @@ NTSTATUS cli_samr_set_userinfo2(struct cli_state *cli, TALLOC_CTX *mem_ctx, DEBUG(10,("cli_samr_set_userinfo2\n")); + if (sess_key.length != 16) { + DEBUG(1, ("Cannot handle user session key of length [%u]\n", sess_key.length)); + return NT_STATUS_NO_USER_SESSION_KEY; + } + ZERO_STRUCT(q); ZERO_STRUCT(r); |