diff options
author | Luke Leighton <lkcl@samba.org> | 2000-02-10 09:34:12 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 2000-02-10 09:34:12 +0000 |
commit | 0cac988d687857db0cb9b00e7cd602668bce0b63 (patch) | |
tree | eb409680f51e4dfcdb73195956b519f6f120ddc0 /source/lsarpcd | |
parent | 2dcd4943ae34e22657f3c196a9560ead08f6ae0f (diff) | |
download | samba-0cac988d687857db0cb9b00e7cd602668bce0b63.tar.gz |
added _lsa_query_secret implementation.
Diffstat (limited to 'source/lsarpcd')
-rw-r--r-- | source/lsarpcd/srv_lsa.c | 48 | ||||
-rw-r--r-- | source/lsarpcd/srv_lsa_samdb.c | 69 |
2 files changed, 117 insertions, 0 deletions
diff --git a/source/lsarpcd/srv_lsa.c b/source/lsarpcd/srv_lsa.c index 0e54ef6a29a..4bf0ba81099 100644 --- a/source/lsarpcd/srv_lsa.c +++ b/source/lsarpcd/srv_lsa.c @@ -472,6 +472,53 @@ static void api_lsa_create_secret( rpcsrv_struct *p, prs_struct *data, } /*************************************************************************** + api_lsa_query_secret. AGH! HACK! :) + ***************************************************************************/ +static void api_lsa_query_secret( rpcsrv_struct *p, prs_struct *data, + prs_struct *rdata) +{ + LSA_R_QUERY_SECRET r_o; + LSA_Q_QUERY_SECRET q_o; + NTTIME *curtim = NULL; + NTTIME *oldtim = NULL; + STRING2 *curval = NULL; + STRING2 *oldval = NULL; + + ZERO_STRUCT(r_o); + ZERO_STRUCT(q_o); + + lsa_io_q_query_secret("", &q_o, data, 0); + + /* HACK! */ + if (q_o.sec.curinfo.ptr_value != 0) curval = &q_o.sec.curinfo.value.enc_secret; + if (q_o.sec.curinfo.ptr_update != 0) curtim = &q_o.sec.curinfo.last_update; + if (q_o.sec.oldinfo.ptr_value != 0) oldval = &q_o.sec.oldinfo.value.enc_secret; + if (q_o.sec.oldinfo.ptr_update != 0) oldtim = &q_o.sec.oldinfo.last_update; + + r_o.status = _lsa_query_secret(&q_o.pol, + curval, curtim, + oldval, oldtim); + + memcpy(&r_o.sec, &q_o.sec, sizeof(r_o.sec)); /* urgh! HACK! */ + if (r_o.sec.curinfo.ptr_value != 0) /* MORE HACK! */ + { + r_o.sec.curinfo.value.ptr_secret = 1; + make_strhdr2(&r_o.sec.curinfo.value.hdr_secret, + r_o.sec.curinfo.value.enc_secret.str_str_len, + r_o.sec.curinfo.value.enc_secret.str_max_len, 1); + } + if (r_o.sec.oldinfo.ptr_value != 0) /* MORE HACK! */ + { + r_o.sec.curinfo.value.ptr_secret = 1; + make_strhdr2(&r_o.sec.oldinfo.value.hdr_secret, + r_o.sec.oldinfo.value.enc_secret.str_str_len, + r_o.sec.oldinfo.value.enc_secret.str_max_len, 1); + } + + lsa_io_r_query_secret("", &r_o, rdata, 0); +} + +/*************************************************************************** api_lsa_open_secret ***************************************************************************/ static void api_lsa_open_secret( rpcsrv_struct *p, prs_struct *data, @@ -501,6 +548,7 @@ static const struct api_struct api_lsa_cmds[] = { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom }, { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close }, { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret }, + { "LSA_QUERYSECRET" , LSA_QUERYSECRET , api_lsa_query_secret }, { "LSA_CREATESECRET" , LSA_CREATESECRET , api_lsa_create_secret }, { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids }, { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names }, diff --git a/source/lsarpcd/srv_lsa_samdb.c b/source/lsarpcd/srv_lsa_samdb.c index bef698c704c..12a91539060 100644 --- a/source/lsarpcd/srv_lsa_samdb.c +++ b/source/lsarpcd/srv_lsa_samdb.c @@ -553,6 +553,75 @@ uint32 _lsa_create_secret(const POLICY_HND *hnd, } /*************************************************************************** + _lsa_query_secret + ***************************************************************************/ +uint32 _lsa_query_secret(const POLICY_HND *hnd_secret, + STRING2 *curval, NTTIME *curtime, + STRING2 *oldval, NTTIME *oldtime) +{ + TDB_CONTEXT *tdb = NULL; + UNISTR2 secret_name; + LSA_SECRET *sec = NULL; + uchar user_sess_key[16]; + + if (!pol_get_usr_sesskey(get_global_hnd_cache(), hnd_secret, + user_sess_key)) + { + return NT_STATUS_INVALID_HANDLE; + } + + dump_data_pw("sess_key:", user_sess_key, 16); + + ZERO_STRUCT(sec); + ZERO_STRUCT(secret_name); + + if (!get_tdbsecname(get_global_hnd_cache(), hnd_secret, &tdb, + &secret_name)) + { + return NT_STATUS_ACCESS_DENIED; + } + + if (!tdb_lookup_secret(tdb, &secret_name, &sec)) + { + return NT_STATUS_ACCESS_DENIED; + } + + if (sec == NULL) + { + return NT_STATUS_ACCESS_DENIED; + } + + if (curtime != NULL) + { + (*curtime) = sec->curinfo.last_update; + } + if (oldtime != NULL) + { + (*oldtime) = sec->oldinfo.last_update; + } + if (curval != NULL) + { + if (!nt_encrypt_string2(curval, &sec->curinfo.value.enc_secret, + user_sess_key)) + { + safe_free(sec); + return NT_STATUS_INVALID_PARAMETER; + } + } + if (oldval != NULL) + { + if (!nt_encrypt_string2(oldval, &sec->oldinfo.value.enc_secret, + user_sess_key)) + { + safe_free(sec); + return NT_STATUS_INVALID_PARAMETER; + } + } + safe_free(sec); + return NT_STATUS_NOPROBLEMO; +} + +/*************************************************************************** _lsa_open_secret ***************************************************************************/ uint32 _lsa_open_secret(const POLICY_HND *hnd, |