mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
s4:rpc_server/lsa: we need to normalize the trustAuth* blobs before storing them
The number of current and previous elements need to match and we have to fill TRUST_AUTH_TYPE_NONE if needed. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
This commit is contained in:
parent
73a4387ab9
commit
6f8b868a29
@ -830,6 +830,51 @@ static NTSTATUS get_trustauth_inout_blob(struct dcesrv_call_state *dce_call,
|
|||||||
{
|
{
|
||||||
enum ndr_err_code ndr_err;
|
enum ndr_err_code ndr_err;
|
||||||
|
|
||||||
|
if (iopw->current.count != iopw->count) {
|
||||||
|
return NT_STATUS_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (iopw->previous.count > iopw->current.count) {
|
||||||
|
return NT_STATUS_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (iopw->previous.count == 0) {
|
||||||
|
/*
|
||||||
|
* If the previous credentials are not present
|
||||||
|
* we need to make a copy.
|
||||||
|
*/
|
||||||
|
iopw->previous = iopw->current;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (iopw->previous.count < iopw->current.count) {
|
||||||
|
struct AuthenticationInformationArray *c = &iopw->current;
|
||||||
|
struct AuthenticationInformationArray *p = &iopw->previous;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The previous array needs to have the same size
|
||||||
|
* as the current one.
|
||||||
|
*
|
||||||
|
* We may have to fill with TRUST_AUTH_TYPE_NONE
|
||||||
|
* elements.
|
||||||
|
*/
|
||||||
|
p->array = talloc_realloc(mem_ctx, p->array,
|
||||||
|
struct AuthenticationInformation,
|
||||||
|
c->count);
|
||||||
|
if (p->array == NULL) {
|
||||||
|
return NT_STATUS_NO_MEMORY;
|
||||||
|
}
|
||||||
|
|
||||||
|
while (p->count < c->count) {
|
||||||
|
struct AuthenticationInformation *a =
|
||||||
|
&p->array[p->count++];
|
||||||
|
|
||||||
|
*a = (struct AuthenticationInformation) {
|
||||||
|
.LastUpdateTime = p->array[0].LastUpdateTime,
|
||||||
|
.AuthType = TRUST_AUTH_TYPE_NONE,
|
||||||
|
};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
ndr_err = ndr_push_struct_blob(trustauth_blob, mem_ctx,
|
ndr_err = ndr_push_struct_blob(trustauth_blob, mem_ctx,
|
||||||
iopw,
|
iopw,
|
||||||
(ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob);
|
(ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob);
|
||||||
|
Loading…
Reference in New Issue
Block a user