1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

s4:rpc_server/lsa: we need to normalize the trustAuth* blobs before storing them

The number of current and previous elements need to match and we have to
fill TRUST_AUTH_TYPE_NONE if needed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
This commit is contained in:
Stefan Metzmacher 2015-01-31 11:45:12 +01:00 committed by Günther Deschner
parent 73a4387ab9
commit 6f8b868a29

View File

@ -830,6 +830,51 @@ static NTSTATUS get_trustauth_inout_blob(struct dcesrv_call_state *dce_call,
{ {
enum ndr_err_code ndr_err; enum ndr_err_code ndr_err;
if (iopw->current.count != iopw->count) {
return NT_STATUS_INVALID_PARAMETER;
}
if (iopw->previous.count > iopw->current.count) {
return NT_STATUS_INVALID_PARAMETER;
}
if (iopw->previous.count == 0) {
/*
* If the previous credentials are not present
* we need to make a copy.
*/
iopw->previous = iopw->current;
}
if (iopw->previous.count < iopw->current.count) {
struct AuthenticationInformationArray *c = &iopw->current;
struct AuthenticationInformationArray *p = &iopw->previous;
/*
* The previous array needs to have the same size
* as the current one.
*
* We may have to fill with TRUST_AUTH_TYPE_NONE
* elements.
*/
p->array = talloc_realloc(mem_ctx, p->array,
struct AuthenticationInformation,
c->count);
if (p->array == NULL) {
return NT_STATUS_NO_MEMORY;
}
while (p->count < c->count) {
struct AuthenticationInformation *a =
&p->array[p->count++];
*a = (struct AuthenticationInformation) {
.LastUpdateTime = p->array[0].LastUpdateTime,
.AuthType = TRUST_AUTH_TYPE_NONE,
};
}
}
ndr_err = ndr_push_struct_blob(trustauth_blob, mem_ctx, ndr_err = ndr_push_struct_blob(trustauth_blob, mem_ctx,
iopw, iopw,
(ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob); (ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob);