diff options
| -rw-r--r-- | libcli/auth/credentials.c | 8 | ||||
| -rw-r--r-- | libcli/auth/netlogon_creds_cli.c | 20 | ||||
| -rw-r--r-- | libcli/auth/proto.h | 6 | ||||
| -rw-r--r-- | source4/torture/rpc/samlogon.c | 36 |
4 files changed, 49 insertions, 21 deletions
diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index 545d3c6956c..11aeea28a27 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -680,12 +680,14 @@ static void netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_Crede } } -void netlogon_creds_decrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds, - uint16_t validation_level, - union netr_Validation *validation) +NTSTATUS netlogon_creds_decrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds, + uint16_t validation_level, + union netr_Validation *validation) { netlogon_creds_crypt_samlogon_validation(creds, validation_level, validation, false); + + return NT_STATUS_OK; } NTSTATUS netlogon_creds_encrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds, diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c index dd286a281bf..01831930cef 100644 --- a/libcli/auth/netlogon_creds_cli.c +++ b/libcli/auth/netlogon_creds_cli.c @@ -2531,9 +2531,13 @@ static void netlogon_creds_cli_LogonSamLogon_done(struct tevent_req *subreq) return; } - netlogon_creds_decrypt_samlogon_validation(state->ro_creds, - state->validation_level, - state->validation); + status = netlogon_creds_decrypt_samlogon_validation(state->ro_creds, + state->validation_level, + state->validation); + if (tevent_req_nterror(req, status)) { + netlogon_creds_cli_LogonSamLogon_cleanup(req, status); + return; + } tevent_req_done(req); return; @@ -2601,9 +2605,13 @@ static void netlogon_creds_cli_LogonSamLogon_done(struct tevent_req *subreq) return; } - netlogon_creds_decrypt_samlogon_validation(&state->tmp_creds, - state->validation_level, - state->validation); + status = netlogon_creds_decrypt_samlogon_validation(&state->tmp_creds, + state->validation_level, + state->validation); + if (tevent_req_nterror(req, result)) { + netlogon_creds_cli_LogonSamLogon_cleanup(req, result); + return; + } tevent_req_done(req); } diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h index 00033b9ce55..6bf83d60e81 100644 --- a/libcli/auth/proto.h +++ b/libcli/auth/proto.h @@ -59,9 +59,9 @@ struct netlogon_creds_CredentialState *netlogon_creds_server_init(TALLOC_CTX *me NTSTATUS netlogon_creds_server_step_check(struct netlogon_creds_CredentialState *creds, const struct netr_Authenticator *received_authenticator, struct netr_Authenticator *return_authenticator) ; -void netlogon_creds_decrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds, - uint16_t validation_level, - union netr_Validation *validation); +NTSTATUS netlogon_creds_decrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds, + uint16_t validation_level, + union netr_Validation *validation); NTSTATUS netlogon_creds_encrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds, uint16_t validation_level, union netr_Validation *validation); diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c index c7d56101878..76933b8869e 100644 --- a/source4/torture/rpc/samlogon.c +++ b/source4/torture/rpc/samlogon.c @@ -176,9 +176,15 @@ static NTSTATUS check_samlogon(struct samlogon_state *samlogon_state, validation_level = r->in.validation_level; - netlogon_creds_decrypt_samlogon_validation(samlogon_state->creds, - validation_level, - r->out.validation); + status = netlogon_creds_decrypt_samlogon_validation(samlogon_state->creds, + validation_level, + r->out.validation); + if (!NT_STATUS_IS_OK(status)) { + if (error_string) { + *error_string = strdup(nt_errstr(status)); + } + return status; + } switch (validation_level) { case 2: @@ -210,9 +216,15 @@ static NTSTATUS check_samlogon(struct samlogon_state *samlogon_state, validation_level = r_ex->in.validation_level; - netlogon_creds_decrypt_samlogon_validation(samlogon_state->creds, - validation_level, - r_ex->out.validation); + status = netlogon_creds_decrypt_samlogon_validation(samlogon_state->creds, + validation_level, + r_ex->out.validation); + if (!NT_STATUS_IS_OK(status)) { + if (error_string) { + *error_string = strdup(nt_errstr(status)); + } + return status; + } switch (validation_level) { case 2: @@ -252,9 +264,15 @@ static NTSTATUS check_samlogon(struct samlogon_state *samlogon_state, validation_level = r_flags->in.validation_level; - netlogon_creds_decrypt_samlogon_validation(samlogon_state->creds, - validation_level, - r_flags->out.validation); + status = netlogon_creds_decrypt_samlogon_validation(samlogon_state->creds, + validation_level, + r_flags->out.validation); + if (!NT_STATUS_IS_OK(status)) { + if (error_string) { + *error_string = strdup(nt_errstr(status)); + } + return status; + } switch (validation_level) { case 2: |