From 6ce0c8517256fec9ac9fc7d3f5f9a0f361020ea3 Mon Sep 17 00:00:00 2001
From: =?utf8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
Date: Fri, 13 Jun 2008 12:20:01 +0200
Subject: [PATCH] net: Fix bug #5542 (samsync contains empty passwords).

Guenther
(cherry picked from commit 1a22e975dd1255f3557c1cd873d877aa35822afc)
(This used to be commit ad8392cf7c817ee29a03bc6f515bf1cc18a29eda)
---
 source3/utils/net.h             |  1 +
 source3/utils/net_ads.c         |  2 --
 source3/utils/net_rpc_samsync.c | 27 +++++++++++++++++++++++++++
 3 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/source3/utils/net.h b/source3/utils/net.h
index ef5cfa73de..65c8d75584 100644
--- a/source3/utils/net.h
+++ b/source3/utils/net.h
@@ -23,6 +23,7 @@
  */
 
 #include "lib/netapi/netapi.h"
+#include "libnet/libnet.h"
 
 struct net_context {
 	const char *opt_requester_name;
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 8c39fa955f..c0d04acd0b 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -23,8 +23,6 @@
 #include "includes.h"
 #include "utils/net.h"
 
-#include "libnet/libnet.h"
-
 #ifdef HAVE_ADS
 
 /* when we do not have sufficient input parameters to contact a remote domain
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index bd8118ab8e..44c95f9509 100644
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -336,6 +336,7 @@ static void dump_database(struct rpc_pipe_client *pipe_hnd,
 	struct netr_Authenticator return_authenticator;
 	uint16_t restart_state = 0;
 	uint32_t sync_context = 0;
+	DATA_BLOB session_key;
 
 	ZERO_STRUCT(return_authenticator);
 
@@ -386,6 +387,14 @@ static void dump_database(struct rpc_pipe_client *pipe_hnd,
 			break;
 		}
 
+		session_key = data_blob_const(pipe_hnd->dc->sess_key, 16);
+
+		samsync_fix_delta_array(mem_ctx,
+					&session_key,
+					true,
+					database_id,
+					delta_enum_array);
+
 		/* Display results */
 		for (i = 0; i < delta_enum_array->num_deltas; i++) {
 			display_sam_entry(&delta_enum_array->delta_enum[i]);
@@ -1169,6 +1178,7 @@ static NTSTATUS fetch_database(struct rpc_pipe_client *pipe_hnd, uint32 db_type,
 	enum netr_SamDatabaseID database_id = db_type;
 	uint16_t restart_state = 0;
 	uint32_t sync_context = 0;
+	DATA_BLOB session_key;
 
 	if (!(mem_ctx = talloc_init("fetch_database")))
 		return NT_STATUS_NO_MEMORY;
@@ -1215,6 +1225,14 @@ static NTSTATUS fetch_database(struct rpc_pipe_client *pipe_hnd, uint32 db_type,
 			break;
 		}
 
+		session_key = data_blob_const(pipe_hnd->dc->sess_key, 16);
+
+		samsync_fix_delta_array(mem_ctx,
+					&session_key,
+					true,
+					database_id,
+					delta_enum_array);
+
 		for (i = 0; i < delta_enum_array->num_deltas; i++) {
 			fetch_sam_entry(&delta_enum_array->delta_enum[i], dom_sid);
 		}
@@ -1990,6 +2008,7 @@ static NTSTATUS fetch_database_to_ldif(struct rpc_pipe_client *pipe_hnd,
 	enum netr_SamDatabaseID database_id = db_type;
 	uint16_t restart_state = 0;
 	uint32_t sync_context = 0;
+	DATA_BLOB session_key;
 
 	/* Set up array for mapping accounts to groups */
 	/* Array element is the group rid */
@@ -2122,6 +2141,14 @@ static NTSTATUS fetch_database_to_ldif(struct rpc_pipe_client *pipe_hnd,
 			break;
 		}
 
+		session_key = data_blob_const(pipe_hnd->dc->sess_key, 16);
+
+		samsync_fix_delta_array(mem_ctx,
+					&session_key,
+					true,
+					database_id,
+					delta_enum_array);
+
 		num_deltas = delta_enum_array->num_deltas;
 
 		/* Re-allocate memory for groupmap and accountmap arrays */
-- 
2.34.1