From a8ab5d582da062b433234764a10873b9941de42e Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Thu, 26 Aug 2010 14:44:04 +0200
Subject: s3-lsa: Extract auth info from trustDomainPasswords
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Günther Deschner <gd@samba.org>
---
 source3/rpc_server/lsa/srv_lsa_nt.c | 57 +++++++++++++++++++++++++++++++++----
 1 file changed, 51 insertions(+), 6 deletions(-)

(limited to 'source3')

diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c
index 55ce0b6200..aba6e64917 100644
--- a/source3/rpc_server/lsa/srv_lsa_nt.c
+++ b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -35,6 +35,10 @@
 #include "../librpc/gen_ndr/netlogon.h"
 #include "rpc_client/init_lsa.h"
 #include "../libcli/security/security.h"
+#include "../libcli/security/dom_sid.h"
+#include "../librpc/gen_ndr/drsblobs.h"
+#include "../librpc/gen_ndr/ndr_drsblobs.h"
+#include "../lib/crypto/arcfour.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_RPC_SRV
@@ -1607,6 +1611,9 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p,
 	struct security_descriptor *psd;
 	size_t sd_size;
 	struct pdb_trusted_domain td;
+	struct trustDomainPasswords auth_struct;
+	enum ndr_err_code ndr_err;
+	DATA_BLOB auth_blob;
 
 	if (!IS_DC) {
 		return NT_STATUS_NOT_SUPPORTED;
@@ -1650,17 +1657,55 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p,
 
 	ZERO_STRUCT(td);
 
-	td.domain_name = r->in.info->domain_name.string;
-	td.netbios_name = r->in.info->netbios_name.string;
+	td.domain_name = talloc_strdup(p->mem_ctx,
+				       r->in.info->domain_name.string);
+	if (td.domain_name == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+	td.netbios_name = talloc_strdup(p->mem_ctx,
+					r->in.info->netbios_name.string);
+	if (td.netbios_name == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
 	sid_copy(&td.security_identifier, r->in.info->sid);
-	td.trust_auth_incoming.data = NULL;
-	td.trust_auth_incoming.length = 0;
-	td.trust_auth_outgoing.data = NULL;
-	td.trust_auth_outgoing.length = 0;
 	td.trust_direction = r->in.info->trust_direction;
 	td.trust_type = r->in.info->trust_type;
 	td.trust_attributes = r->in.info->trust_attributes;
 
+	if (r->in.auth_info->auth_blob.size != 0) {
+		auth_blob.length = r->in.auth_info->auth_blob.size;
+		auth_blob.data = r->in.auth_info->auth_blob.data;
+
+		arcfour_crypt_blob(auth_blob.data, auth_blob.length,
+				   &p->server_info->user_session_key);
+
+		ndr_err = ndr_pull_struct_blob(&auth_blob, p->mem_ctx,
+					       &auth_struct,
+					       (ndr_pull_flags_fn_t) ndr_pull_trustDomainPasswords);
+		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+			return NT_STATUS_UNSUCCESSFUL;
+		}
+
+		ndr_err = ndr_push_struct_blob(&td.trust_auth_incoming, p->mem_ctx,
+					       &auth_struct.incoming,
+					       (ndr_push_flags_fn_t) ndr_push_trustAuthInOutBlob);
+		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+			return NT_STATUS_UNSUCCESSFUL;
+		}
+
+		ndr_err = ndr_push_struct_blob(&td.trust_auth_outgoing, p->mem_ctx,
+					       &auth_struct.outgoing,
+					       (ndr_push_flags_fn_t) ndr_push_trustAuthInOutBlob);
+		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+			return NT_STATUS_UNSUCCESSFUL;
+		}
+	} else {
+		td.trust_auth_incoming.data = NULL;
+		td.trust_auth_incoming.length = 0;
+		td.trust_auth_outgoing.data = NULL;
+		td.trust_auth_outgoing.length = 0;
+	}
+
 	status = pdb_set_trusted_domain(r->in.info->domain_name.string, &td);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
-- 
cgit