bool extract_pw_from_buffer(TALLOC_CTX *mem_ctx,
uint8_t in_buffer[516], DATA_BLOB *new_pass);
struct wkssvc_PasswordBuffer;
-void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
- const char *pwd,
- DATA_BLOB *session_key,
- struct wkssvc_PasswordBuffer **pwd_buf);
+WERROR encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
+ const char *pwd,
+ DATA_BLOB *session_key,
+ struct wkssvc_PasswordBuffer **pwd_buf);
WERROR decode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
struct wkssvc_PasswordBuffer *pwd_buf,
DATA_BLOB *session_key,
* buffer), calling MD5Update() first with session_key and then with confounder
* (vice versa in samr) - Guenther */
-void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
- const char *pwd,
- DATA_BLOB *session_key,
- struct wkssvc_PasswordBuffer **pwd_buf)
+WERROR encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
+ const char *pwd,
+ DATA_BLOB *session_key,
+ struct wkssvc_PasswordBuffer **pwd_buf)
{
uint8_t buffer[516];
gnutls_hash_hd_t hash_hnd = NULL;
DATA_BLOB confounded_session_key;
int confounder_len = 8;
uint8_t confounder[8];
+ WERROR werr;
int rc;
my_pwd_buf = talloc_zero(mem_ctx, struct wkssvc_PasswordBuffer);
if (!my_pwd_buf) {
- return;
+ return WERR_NOT_ENOUGH_MEMORY;
}
confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
if (rc < 0) {
+ werr = gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
+
goto out;
}
rc = gnutls_hash(hash_hnd, session_key->data, session_key->length);
if (rc < 0) {
gnutls_hash_deinit(hash_hnd, NULL);
+ werr = gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
+
goto out;
}
rc = gnutls_hash(hash_hnd, confounder, confounder_len);
if (rc < 0) {
gnutls_hash_deinit(hash_hnd, NULL);
+ werr = gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
+
goto out;
}
gnutls_hash_deinit(hash_hnd, confounded_session_key.data);
*pwd_buf = my_pwd_buf;
+ werr = WERR_OK;
out:
- return;
+ return werr;
}
WERROR decode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
goto done;
}
- encode_wkssvc_join_password_buffer(ctx,
- r->in.password,
- &session_key,
- &encrypted_password);
+ werr = encode_wkssvc_join_password_buffer(ctx,
+ r->in.password,
+ &session_key,
+ &encrypted_password);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
}
old_timeout = rpccli_set_timeout(pipe_cli, 600000);
goto done;
}
- encode_wkssvc_join_password_buffer(ctx,
- r->in.password,
- &session_key,
- &encrypted_password);
+ werr = encode_wkssvc_join_password_buffer(ctx,
+ r->in.password,
+ &session_key,
+ &encrypted_password);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
}
old_timeout = rpccli_set_timeout(pipe_cli, 60000);
goto done;
}
- encode_wkssvc_join_password_buffer(ctx,
- r->in.password,
- &session_key,
- &encrypted_password);
+ werr = encode_wkssvc_join_password_buffer(ctx,
+ r->in.password,
+ &session_key,
+ &encrypted_password);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
}
status = dcerpc_wkssvc_NetrGetJoinableOus2(b, talloc_tos(),
goto done;
}
- encode_wkssvc_join_password_buffer(ctx,
- r->in.password,
- &session_key,
- &encrypted_password);
+ werr = encode_wkssvc_join_password_buffer(ctx,
+ r->in.password,
+ &session_key,
+ &encrypted_password);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
}
status = dcerpc_wkssvc_NetrRenameMachineInDomain2(b, talloc_tos(),
enum wkssvc_NetJoinStatus join_status;
const char *join_name = NULL;
WERROR expected_err;
+ WERROR werr;
DATA_BLOB session_key;
struct dcerpc_binding_handle *b = p->binding_handle;
return false;
}
- encode_wkssvc_join_password_buffer(tctx, domain_admin_password,
- &session_key, &pwd_buf);
+ werr = encode_wkssvc_join_password_buffer(tctx,
+ domain_admin_password,
+ &session_key,
+ &pwd_buf);
+ if (!W_ERROR_IS_OK(werr)) {
+ return false;
+ }
r.in.server_name = dcerpc_server_name(p);
r.in.domain_name = domain_name;
enum wkssvc_NetJoinStatus join_status;
const char *join_name = NULL;
WERROR expected_err;
+ WERROR werr;
DATA_BLOB session_key;
struct dcerpc_binding_handle *b = p->binding_handle;
return false;
}
- encode_wkssvc_join_password_buffer(tctx, domain_admin_password,
- &session_key, &pwd_buf);
+ werr = encode_wkssvc_join_password_buffer(tctx,
+ domain_admin_password,
+ &session_key,
+ &pwd_buf);
+ if (!W_ERROR_IS_OK(werr)) {
+ return false;
+ }
r.in.server_name = dcerpc_server_name(p);
r.in.account = domain_admin_account;