From: Matthew Chapman <matty@samba.org>
Date: Fri, 19 Mar 1999 15:11:07 +0000 (+0000)
Subject: querysecret now shows the real, fairdinkum, decrypted secret :-)
X-Git-Tag: samba-4.0.0alpha6~801^2~20859
X-Git-Url: http://git.samba.org/?p=samba.git;a=commitdiff_plain;h=55bce9e30e410e7c6e1209493a59238ff462e996

querysecret now shows the real, fairdinkum, decrypted secret :-)
(This used to be commit 5951e16a1134a559abefdd400e7a17627338f368)
---

diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index ca3ee49d3b3..e24f9140e40 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -158,8 +158,8 @@ BOOL lsa_open_secret(struct cli_state *cli, uint16 fnum,
 do a LSA Query Secret
 ****************************************************************************/
 BOOL lsa_query_secret(struct cli_state *cli, uint16 fnum,
-		      POLICY_HND *pol, unsigned char secret[24],
-		      NTTIME *lastupdate)
+		      POLICY_HND *pol, STRING2 *enc_secret,
+		      NTTIME *last_update)
 {
 	prs_struct rbuf;
 	prs_struct buf; 
@@ -200,8 +200,8 @@ BOOL lsa_query_secret(struct cli_state *cli, uint16 fnum,
 		    (r_q.info.value.ptr_secret != 0) &&
 		    (r_q.info.ptr_update != 0))
 		{
-			memcpy(secret, r_q.info.value.secret.buffer, 24);
-			memcpy(lastupdate, &(r_q.info.last_update), sizeof(NTTIME));
+			memcpy(enc_secret,  &(r_q.info.value.enc_secret), sizeof(STRING2));
+			memcpy(last_update, &(r_q.info.last_update),      sizeof(NTTIME));
 			valid_info = True;
 		}
 	}
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index 7542faceaf3..101100e66d6 100644
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -318,11 +318,13 @@ void cmd_lsa_query_secret(struct client_info *info)
 	fstring srv_name;
 	BOOL res = True;
 	BOOL res1;
+	BOOL res2;
 	int i;
 
 	POLICY_HND hnd_secret;
 	fstring secret_name;
-	unsigned char enc_secret[24];
+	STRING2 enc_secret;
+	STRING2 secret;
 	NTTIME last_update;
 
 	if (!next_token(NULL, secret_name, NULL, sizeof(secret_name)))
@@ -350,8 +352,8 @@ void cmd_lsa_query_secret(struct client_info *info)
 				&info->dom.lsa_info_pol,
 				secret_name, 0x20003, &hnd_secret) : False;
 
-	res1 = res1 ? lsa_query_secret(smb_cli, nt_pipe_fnum,
-				&hnd_secret, enc_secret, &last_update) : False;
+	res2 = res1 ? lsa_query_secret(smb_cli, nt_pipe_fnum,
+			       &hnd_secret, &enc_secret, &last_update) : False;
 
 	res1 = res1 ? lsa_close(smb_cli, nt_pipe_fnum, &hnd_secret) : False;
 
@@ -360,15 +362,15 @@ void cmd_lsa_query_secret(struct client_info *info)
 	/* close the session */
 	cli_nt_session_close(smb_cli, nt_pipe_fnum);
 
-	if (res1)
+	if (res2 && nt_decrypt_string2(&secret, &enc_secret, smb_cli->pwd.smb_nt_pwd))
 	{
-		fprintf(out_hnd, "\tValue (encrypted): ");
-		for (i = 0; i < 24; i++)
+		fprintf(out_hnd, "\tValue       : ");
+		for (i = 0; i < secret.str_str_len; i++)
 		{
-			fprintf(out_hnd, "%02X", enc_secret[i]);
+			fprintf(out_hnd, "%02X", secret.buffer[i]);
 		}
 
-		fprintf(out_hnd, "\n\tLast Updated     : %s\n\n",
+		fprintf(out_hnd, "\n\tLast Updated: %s\n\n",
 			http_timestring(nt_time_to_unix(&last_update)));
 	}
 	else