[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-unstable-1086-gfe75e5c
Günther Deschner
gd at samba.org
Fri Jan 4 22:06:59 GMT 2008
The branch, v3-2-test has been updated
via fe75e5ccdfc2609380367e59215637b0de1ef241 (commit)
from 4e1bf48e7eab927e70fde3408a42c56e06b9b178 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit fe75e5ccdfc2609380367e59215637b0de1ef241
Author: Günther Deschner <gd at samba.org>
Date: Fri Jan 4 22:56:31 2008 +0100
Do not pass emtpy wkssvc_PasswordBuffers to rpc functions.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/lib/netapi/joindomain.c | 12 ++++--------
source/libsmb/smbencrypt.c | 20 ++++++++++++++------
2 files changed, 18 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/lib/netapi/joindomain.c b/source/lib/netapi/joindomain.c
index 0d4452e..c7849c9 100644
--- a/source/lib/netapi/joindomain.c
+++ b/source/lib/netapi/joindomain.c
@@ -90,13 +90,11 @@ static WERROR NetJoinDomainRemote(struct libnetapi_ctx *ctx,
{
struct cli_state *cli = NULL;
struct rpc_pipe_client *pipe_cli = NULL;
- struct wkssvc_PasswordBuffer encrypted_password;
+ struct wkssvc_PasswordBuffer *encrypted_password = NULL;
NTSTATUS status;
WERROR werr;
unsigned int old_timeout = 0;
- ZERO_STRUCT(encrypted_password);
-
status = cli_full_connection(&cli, NULL, server_name,
NULL, 0,
"IPC$", "IPC",
@@ -129,7 +127,7 @@ static WERROR NetJoinDomainRemote(struct libnetapi_ctx *ctx,
status = rpccli_wkssvc_NetrJoinDomain2(pipe_cli, ctx,
server_name, domain_name,
account_ou, Account,
- &encrypted_password,
+ encrypted_password,
join_flags, &werr);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
@@ -277,13 +275,11 @@ static WERROR NetUnjoinDomainRemote(struct libnetapi_ctx *ctx,
{
struct cli_state *cli = NULL;
struct rpc_pipe_client *pipe_cli = NULL;
- struct wkssvc_PasswordBuffer encrypted_password;
+ struct wkssvc_PasswordBuffer *encrypted_password = NULL;
NTSTATUS status;
WERROR werr;
unsigned int old_timeout = 0;
- ZERO_STRUCT(encrypted_password);
-
status = cli_full_connection(&cli, NULL, server_name,
NULL, 0,
"IPC$", "IPC",
@@ -316,7 +312,7 @@ static WERROR NetUnjoinDomainRemote(struct libnetapi_ctx *ctx,
status = rpccli_wkssvc_NetrUnjoinDomain2(pipe_cli, ctx,
server_name,
account,
- &encrypted_password,
+ encrypted_password,
unjoin_flags,
&werr);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source/libsmb/smbencrypt.c b/source/libsmb/smbencrypt.c
index 9e37d1d..d7f6f60 100644
--- a/source/libsmb/smbencrypt.c
+++ b/source/libsmb/smbencrypt.c
@@ -704,16 +704,22 @@ char *decrypt_trustdom_secret(const char *pass, DATA_BLOB *data_in)
void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
const char *pwd,
DATA_BLOB *session_key,
- struct wkssvc_PasswordBuffer *pwd_buf)
+ struct wkssvc_PasswordBuffer **pwd_buf)
{
uint8_t buffer[516];
struct MD5Context ctx;
-
- DATA_BLOB confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
-
+ struct wkssvc_PasswordBuffer *my_pwd_buf = NULL;
+ DATA_BLOB confounded_session_key;
int confounder_len = 8;
uint8_t confounder[8];
+ my_pwd_buf = talloc_zero(mem_ctx, struct wkssvc_PasswordBuffer);
+ if (!my_pwd_buf) {
+ return;
+ }
+
+ confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
+
encode_pw_buffer(buffer, pwd, STR_UNICODE);
generate_random_buffer((uint8_t *)confounder, confounder_len);
@@ -725,10 +731,12 @@ void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
SamOEMhashBlob(buffer, 516, &confounded_session_key);
- memcpy(&pwd_buf->data[0], confounder, confounder_len);
- memcpy(&pwd_buf->data[8], buffer, 516);
+ memcpy(&my_pwd_buf->data[0], confounder, confounder_len);
+ memcpy(&my_pwd_buf->data[8], buffer, 516);
data_blob_free(&confounded_session_key);
+
+ *pwd_buf = my_pwd_buf;
}
WERROR decode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
--
Samba Shared Repository
More information about the samba-cvs
mailing list