From 396f3177cafdf0ed9a42d28c60ac59579864eae1 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 4 Aug 2012 10:05:51 +0200 Subject: s3:rpc_server/netlogon: make usage of session_extract_session_key() This makes sure we return NO_USER_SESSION_KEY if there's no session key. metze --- source3/rpc_server/netlogon/srv_netlog_nt.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'source3/rpc_server/netlogon') diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index 4621590169..d992a65561 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -1142,9 +1142,17 @@ static NTSTATUS netr_set_machine_account_password(TALLOC_CTX *mem_ctx, struct samr_UserInfo18 info18; DATA_BLOB in,out; int rc; + DATA_BLOB session_key; ZERO_STRUCT(user_handle); + status = session_extract_session_key(session_info, + &session_key, + KEY_USE_16BYTES); + if (!NT_STATUS_IS_OK(status)) { + goto out; + } + rc = tsocket_address_inet_from_strings(mem_ctx, "ip", "127.0.0.1", @@ -1210,7 +1218,7 @@ static NTSTATUS netr_set_machine_account_password(TALLOC_CTX *mem_ctx, in = data_blob_const(nt_hash->hash, 16); out = data_blob_talloc_zero(mem_ctx, 16); - sess_crypt_blob(&out, &in, &session_info->session_key, true); + sess_crypt_blob(&out, &in, &session_key, true); memcpy(info18.nt_pwd.hash, out.data, out.length); info18.nt_pwd_active = true; -- cgit