From 5b776f179aa7ac7af731e317e51ec6d560e1d463 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 12 May 2003 07:16:21 +0000 Subject: Fix two bugs that were stopping net rpc vampire from working over secure channel: - If the domain name passed to create_rpc_bind_req() is empty, use lp_workgroup() - Correctly set the auth_padding field when the send_size is a multiple of 8 bytes I've tested with nt4sp6 and win2ksp0 and it seems to work, although there are no password hashes transferred from win2k. The empty passwords are being protected by the secure channel encryption though. (This used to be commit a8c11e855611c91e94787387c62ac629232cacfa) --- source3/rpc_client/cli_pipe.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 4f465d7453..08cf8b1ef3 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -697,6 +697,12 @@ static BOOL create_rpc_bind_req(prs_struct *rpc_out, BOOL do_auth, BOOL do_netse init_rpc_hdr_auth(&hdr_auth, NETSEC_AUTH_TYPE, NETSEC_AUTH_LEVEL, 0x00, 1); + + /* Use lp_workgroup() if domain not specified */ + + if (!domain || !domain[0]) + domain = lp_workgroup(); + init_rpc_auth_netsec_neg(&netsec_neg, domain, my_name); /* @@ -1014,8 +1020,10 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num, * be stored in the auth header. */ - if (auth_schannel) - auth_padding = 8 - (send_size & 7); + if (auth_schannel) { + if (send_size % 8) + auth_padding = 8 - (send_size % 8); + } data_len = RPC_HEADER_LEN + RPC_HDR_REQ_LEN + send_size + ((auth_verify|auth_schannel) ? RPC_HDR_AUTH_LEN : 0) + -- cgit