diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/utils/net_rpc.c | 11 | ||||
-rw-r--r-- | source3/utils/net_rpc_join.c | 11 | ||||
-rw-r--r-- | source3/utils/net_rpc_trust.c | 24 |
3 files changed, 39 insertions, 7 deletions
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 49b405f75f..46c3c91779 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -5776,6 +5776,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c, union samr_UserInfo info; unsigned int orig_timeout; struct dcerpc_binding_handle *b = pipe_hnd->binding_handle; + DATA_BLOB session_key = data_blob_null; if (argc != 2) { d_printf("%s\n%s", @@ -5797,6 +5798,13 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c, init_lsa_String(&lsa_acct_name, acct_name); + status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("Error getting session_key of SAM pipe. Error was %s\n", + nt_errstr(status))); + goto done; + } + /* Get samr policy handle */ status = dcerpc_samr_Connect2(b, mem_ctx, pipe_hnd->desthost, @@ -5867,7 +5875,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c, ZERO_STRUCT(info.info23); init_samr_CryptPassword(argv[1], - &cli->user_session_key, + &session_key, &crypt_pwd); info.info23.info.fields_present = SAMR_FIELD_ACCT_FLAGS | @@ -5894,6 +5902,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c, done: SAFE_FREE(acct_name); + data_blob_clear_free(&session_key); return status; } diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index f89ffb8b10..2e3e240a3f 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -186,6 +186,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) /* Password stuff */ + DATA_BLOB session_key = data_blob_null; char *clear_trust_password = NULL; struct samr_CryptPassword crypt_pwd; uchar md4_trust_password[16]; @@ -289,6 +290,13 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) b = pipe_hnd->binding_handle; + status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("Error getting session_key of SAM pipe. Error was %s\n", + nt_errstr(status))); + goto done; + } + CHECK_DCERPC_ERR(dcerpc_samr_Connect2(b, mem_ctx, pipe_hnd->desthost, SAMR_ACCESS_ENUM_DOMAINS @@ -396,7 +404,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) /* Set password on machine account */ init_samr_CryptPassword(clear_trust_password, - &cli->user_session_key, + &session_key, &crypt_pwd); set_info.info24.password = crypt_pwd; @@ -532,6 +540,7 @@ done: cli_shutdown(cli); TALLOC_FREE(clear_trust_password); + data_blob_clear_free(&session_key); return retval; } diff --git a/source3/utils/net_rpc_trust.c b/source3/utils/net_rpc_trust.c index 82cc8a5f90..d15d10c0d4 100644 --- a/source3/utils/net_rpc_trust.c +++ b/source3/utils/net_rpc_trust.c @@ -196,7 +196,8 @@ static NTSTATUS connect_and_get_info(TALLOC_CTX *mem_ctx, struct cli_state **cli, struct rpc_pipe_client **pipe_hnd, struct policy_handle *pol_hnd, - struct dom_data *dom_data) + struct dom_data *dom_data, + DATA_BLOB *session_key) { NTSTATUS status; NTSTATUS result; @@ -244,6 +245,13 @@ static NTSTATUS connect_and_get_info(TALLOC_CTX *mem_ctx, return status; } + status = cli_get_session_key(mem_ctx, *pipe_hnd, session_key); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("Error getting session_key of LSA pipe. Error was %s\n", + nt_errstr(status))); + return status; + } + return NT_STATUS_OK; } @@ -412,6 +420,7 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc, int success = -1; struct cli_state *cli[2] = {NULL, NULL}; struct rpc_pipe_client *pipe_hnd[2] = {NULL, NULL}; + DATA_BLOB session_key[2]; struct policy_handle pol_hnd[2]; struct lsa_TrustDomainInfoAuthInfoInternal authinfo; DATA_BLOB auth_blob; @@ -421,6 +430,8 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc, struct dom_data dom_data[2]; void (*usage)(void); + ZERO_STRUCT(session_key); + switch (op) { case TRUST_CREATE: usage = print_trust_usage; @@ -480,7 +491,7 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc, } status = connect_and_get_info(mem_ctx, net_ctx, &cli[0], &pipe_hnd[0], - &pol_hnd[0], &dom_data[0]); + &pol_hnd[0], &dom_data[0], &session_key[0]); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("connect_and_get_info failed with error [%s]\n", nt_errstr(status))); @@ -490,7 +501,8 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc, if (other_net_ctx != NULL) { status = connect_and_get_info(mem_ctx, other_net_ctx, &cli[1], &pipe_hnd[1], - &pol_hnd[1], &dom_data[1]); + &pol_hnd[1], &dom_data[1], + &session_key[1]); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("connect_and_get_info failed with error [%s]\n", nt_errstr(status))); @@ -534,7 +546,7 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc, arcfour_crypt_blob(authinfo.auth_blob.data, authinfo.auth_blob.size, - &cli[0]->user_session_key); + &session_key[0]); status = create_trust(mem_ctx, pipe_hnd[0]->binding_handle, &pol_hnd[0], @@ -561,7 +573,7 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc, arcfour_crypt_blob(authinfo.auth_blob.data, authinfo.auth_blob.size, - &cli[1]->user_session_key); + &session_key[1]); status = create_trust(mem_ctx, pipe_hnd[1]->binding_handle, @@ -617,6 +629,8 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc, success = 0; done: + data_blob_clear_free(&session_key[0]); + data_blob_clear_free(&session_key[1]); cli_shutdown(cli[0]); cli_shutdown(cli[1]); talloc_destroy(mem_ctx); |