From: Stefan Metzmacher <metze@samba.org>
Date: Sat, 4 Aug 2012 08:05:51 +0000 (+0200)
Subject: s3:rpc_server/wkssvc: make usage of session_extract_session_key()
X-Git-Tag: ldb-1.1.10~126
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3a0db4d865d404ce7ab3ae787c163fef951e2dd9;p=thirdparty%2Fsamba.git

s3:rpc_server/wkssvc: make usage of session_extract_session_key()

This makes sure we return NO_USER_SESSION_KEY if there's no session key.

metze
---

diff --git a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
index b40ca0bf42e..ada83ea18df 100644
--- a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
+++ b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
@@ -819,6 +819,8 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p,
 	char *admin_account = NULL;
 	WERROR werr;
 	struct security_token *token = p->session_info->security_token;
+	NTSTATUS status;
+	DATA_BLOB session_key;
 
 	if (!r->in.domain_name) {
 		return WERR_INVALID_PARAM;
@@ -841,9 +843,18 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p,
 		return WERR_NOT_SUPPORTED;
 	}
 
+	status = session_extract_session_key(p->session_info,
+					     &session_key,
+					     KEY_USE_16BYTES);
+	if(!NT_STATUS_IS_OK(status)) {
+		DEBUG(5,("_wkssvc_NetrJoinDomain2: no session key %s\n",
+			nt_errstr(status)));
+		return WERR_NO_USER_SESSION_KEY;
+	}
+
 	werr = decode_wkssvc_join_password_buffer(
 		p->mem_ctx, r->in.encrypted_password,
-		&p->session_info->session_key, &cleartext_pwd);
+		&session_key, &cleartext_pwd);
 	if (!W_ERROR_IS_OK(werr)) {
 		return werr;
 	}
@@ -896,6 +907,8 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p,
 	char *admin_account = NULL;
 	WERROR werr;
 	struct security_token *token = p->session_info->security_token;
+	NTSTATUS status;
+	DATA_BLOB session_key;
 
 	if (!r->in.account || !r->in.encrypted_password) {
 		return WERR_INVALID_PARAM;
@@ -909,9 +922,18 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p,
 		return WERR_ACCESS_DENIED;
 	}
 
+	status = session_extract_session_key(p->session_info,
+					     &session_key,
+					     KEY_USE_16BYTES);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(5,("_wkssvc_NetrUnjoinDomain2: no session key %s\n",
+			nt_errstr(status)));
+		return WERR_NO_USER_SESSION_KEY;
+	}
+
 	werr = decode_wkssvc_join_password_buffer(
 		p->mem_ctx, r->in.encrypted_password,
-		&p->session_info->session_key, &cleartext_pwd);
+		&session_key, &cleartext_pwd);
 	if (!W_ERROR_IS_OK(werr)) {
 		return werr;
 	}