From 2d6f95107af7357d1084a4ba272f865c8249510a Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 29 May 2019 15:50:45 +0200
Subject: [PATCH 025/187] libcli:auth: Return WERROR for
 encode_wkssvc_join_password_buffer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 576bcf61555fb641b2919ad84a6b26b242b57061)
---
 libcli/auth/proto.h             |  8 +++---
 libcli/auth/smbencrypt.c        | 20 ++++++++++-----
 source3/lib/netapi/joindomain.c | 44 +++++++++++++++++++++------------
 source4/torture/rpc/wkssvc.c    | 20 ++++++++++++---
 4 files changed, 62 insertions(+), 30 deletions(-)

diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h
index 67caaca8c41..65ee06215dc 100644
--- a/libcli/auth/proto.h
+++ b/libcli/auth/proto.h
@@ -207,10 +207,10 @@ bool set_pw_in_buffer(uint8_t buffer[516], const DATA_BLOB *password);
 bool extract_pw_from_buffer(TALLOC_CTX *mem_ctx, 
 			    uint8_t in_buffer[516], DATA_BLOB *new_pass);
 struct wkssvc_PasswordBuffer;
-void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
-					const char *pwd,
-					DATA_BLOB *session_key,
-					struct wkssvc_PasswordBuffer **pwd_buf);
+WERROR encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
+					  const char *pwd,
+					  DATA_BLOB *session_key,
+					  struct wkssvc_PasswordBuffer **pwd_buf);
 WERROR decode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
 					  struct wkssvc_PasswordBuffer *pwd_buf,
 					  DATA_BLOB *session_key,
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
index 793012553b2..745f47999cd 100644
--- a/libcli/auth/smbencrypt.c
+++ b/libcli/auth/smbencrypt.c
@@ -965,10 +965,10 @@ bool extract_pw_from_buffer(TALLOC_CTX *mem_ctx,
  * buffer), calling MD5Update() first with session_key and then with confounder
  * (vice versa in samr) - Guenther */
 
-void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
-					const char *pwd,
-					DATA_BLOB *session_key,
-					struct wkssvc_PasswordBuffer **pwd_buf)
+WERROR encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
+					  const char *pwd,
+					  DATA_BLOB *session_key,
+					  struct wkssvc_PasswordBuffer **pwd_buf)
 {
 	uint8_t buffer[516];
 	gnutls_hash_hd_t hash_hnd = NULL;
@@ -976,11 +976,12 @@ void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
 	DATA_BLOB confounded_session_key;
 	int confounder_len = 8;
 	uint8_t confounder[8];
+	WERROR werr;
 	int rc;
 
 	my_pwd_buf = talloc_zero(mem_ctx, struct wkssvc_PasswordBuffer);
 	if (!my_pwd_buf) {
-		return;
+		return WERR_NOT_ENOUGH_MEMORY;
 	}
 
 	confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
@@ -991,17 +992,23 @@ void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
 
 	rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
 	if (rc < 0) {
+		werr = gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
+
 		goto out;
 	}
 
 	rc = gnutls_hash(hash_hnd, session_key->data, session_key->length);
 	if (rc < 0) {
 		gnutls_hash_deinit(hash_hnd, NULL);
+		werr = gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
+
 		goto out;
 	}
 	rc = gnutls_hash(hash_hnd, confounder, confounder_len);
 	if (rc < 0) {
 		gnutls_hash_deinit(hash_hnd, NULL);
+		werr = gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
+
 		goto out;
 	}
 	gnutls_hash_deinit(hash_hnd, confounded_session_key.data);
@@ -1017,8 +1024,9 @@ void encode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
 
 	*pwd_buf = my_pwd_buf;
 
+	werr = WERR_OK;
 out:
-	return;
+	return werr;
 }
 
 WERROR decode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
diff --git a/source3/lib/netapi/joindomain.c b/source3/lib/netapi/joindomain.c
index 8d0752f4531..f2d36fc00db 100644
--- a/source3/lib/netapi/joindomain.c
+++ b/source3/lib/netapi/joindomain.c
@@ -137,10 +137,13 @@ WERROR NetJoinDomain_r(struct libnetapi_ctx *ctx,
 			goto done;
 		}
 
-		encode_wkssvc_join_password_buffer(ctx,
-						   r->in.password,
-						   &session_key,
-						   &encrypted_password);
+		werr = encode_wkssvc_join_password_buffer(ctx,
+							  r->in.password,
+							  &session_key,
+							  &encrypted_password);
+		if (!W_ERROR_IS_OK(werr)) {
+			goto done;
+		}
 	}
 
 	old_timeout = rpccli_set_timeout(pipe_cli, 600000);
@@ -279,10 +282,13 @@ WERROR NetUnjoinDomain_r(struct libnetapi_ctx *ctx,
 			goto done;
 		}
 
-		encode_wkssvc_join_password_buffer(ctx,
-						   r->in.password,
-						   &session_key,
-						   &encrypted_password);
+		werr = encode_wkssvc_join_password_buffer(ctx,
+							  r->in.password,
+							  &session_key,
+							  &encrypted_password);
+		if (!W_ERROR_IS_OK(werr)) {
+			goto done;
+		}
 	}
 
 	old_timeout = rpccli_set_timeout(pipe_cli, 60000);
@@ -484,10 +490,13 @@ WERROR NetGetJoinableOUs_r(struct libnetapi_ctx *ctx,
 			goto done;
 		}
 
-		encode_wkssvc_join_password_buffer(ctx,
-						   r->in.password,
-						   &session_key,
-						   &encrypted_password);
+		werr = encode_wkssvc_join_password_buffer(ctx,
+							  r->in.password,
+							  &session_key,
+							  &encrypted_password);
+		if (!W_ERROR_IS_OK(werr)) {
+			goto done;
+		}
 	}
 
 	status = dcerpc_wkssvc_NetrGetJoinableOus2(b, talloc_tos(),
@@ -537,10 +546,13 @@ WERROR NetRenameMachineInDomain_r(struct libnetapi_ctx *ctx,
 			goto done;
 		}
 
-		encode_wkssvc_join_password_buffer(ctx,
-						   r->in.password,
-						   &session_key,
-						   &encrypted_password);
+		werr = encode_wkssvc_join_password_buffer(ctx,
+							  r->in.password,
+							  &session_key,
+							  &encrypted_password);
+		if (!W_ERROR_IS_OK(werr)) {
+			goto done;
+		}
 	}
 
 	status = dcerpc_wkssvc_NetrRenameMachineInDomain2(b, talloc_tos(),
diff --git a/source4/torture/rpc/wkssvc.c b/source4/torture/rpc/wkssvc.c
index c98ac92b39b..4bc1f9cd0c7 100644
--- a/source4/torture/rpc/wkssvc.c
+++ b/source4/torture/rpc/wkssvc.c
@@ -1199,6 +1199,7 @@ static bool test_NetrJoinDomain2(struct torture_context *tctx,
 	enum wkssvc_NetJoinStatus join_status;
 	const char *join_name = NULL;
 	WERROR expected_err;
+	WERROR werr;
 	DATA_BLOB session_key;
 	struct dcerpc_binding_handle *b = p->binding_handle;
 
@@ -1240,8 +1241,13 @@ static bool test_NetrJoinDomain2(struct torture_context *tctx,
 		return false;
 	}
 
-	encode_wkssvc_join_password_buffer(tctx, domain_admin_password,
-					   &session_key, &pwd_buf);
+	werr = encode_wkssvc_join_password_buffer(tctx,
+						  domain_admin_password,
+						  &session_key,
+						  &pwd_buf);
+	if (!W_ERROR_IS_OK(werr)) {
+		return false;
+	}
 
 	r.in.server_name = dcerpc_server_name(p);
 	r.in.domain_name = domain_name;
@@ -1284,6 +1290,7 @@ static bool test_NetrUnjoinDomain2(struct torture_context *tctx,
 	enum wkssvc_NetJoinStatus join_status;
 	const char *join_name = NULL;
 	WERROR expected_err;
+	WERROR werr;
 	DATA_BLOB session_key;
 	struct dcerpc_binding_handle *b = p->binding_handle;
 
@@ -1322,8 +1329,13 @@ static bool test_NetrUnjoinDomain2(struct torture_context *tctx,
 		return false;
 	}
 
-	encode_wkssvc_join_password_buffer(tctx, domain_admin_password,
-					   &session_key, &pwd_buf);
+	werr = encode_wkssvc_join_password_buffer(tctx,
+						  domain_admin_password,
+						  &session_key,
+						  &pwd_buf);
+	if (!W_ERROR_IS_OK(werr)) {
+		return false;
+	}
 
 	r.in.server_name = dcerpc_server_name(p);
 	r.in.account = domain_admin_account;
-- 
2.23.0