this weird-looking code uses the user_struct* that was obtained from

an SMBsesssetupX to provide a response to api_WkstaUserLogon and
api_NetUserGetInfo.

IF my suspicions are correct, an api_NetUserGetInfo or api_WkstaUserLogon
against an anonymous IPC$ connection will produce a failure, resulting
in the Win9x client DROPPING the anonymous connection and re-establishing
an authenticated SMBsesssetupX.

this will cause the smbd server to get a NET_USER_INFO_3 structure from
either the PDC or from itself (MSRPC remote or MSRPC loop-back, doesn't
matter which, it's all the same to domain_client_validate()), thence the
api_Net... or api_Wksta... call to follow will be provided with the correct
user logon info.

it also means that we can start filling in some of the "stub" fields,
such as last_logon_time, with _real_ info.  well, real, if netlogond
bothered to fill it in, but you get the idea :)

1 files changed, 2 insertions, 2 deletions

diff --git a/source/rpc_parse/parse_net.c b/source/rpc_parse/parse_net.c
index 1204806f977..4fbe1b9a793 100644
--- a/source/rpc_parse/parse_net.c
+++ b/source/rpc_parse/parse_net.c
@@ -1294,13 +1294,13 @@ BOOL net_io_user_info3(char *desc,  NET_USER_INFO_3 *usr, prs_struct *ps, int de
 	smb_io_unistr2("unistr2", &( usr->uni_logon_srv), usr->hdr_logon_srv.buffer, ps, depth); /* logon server unicode string */
 	smb_io_unistr2("unistr2", &( usr->uni_logon_dom), usr->hdr_logon_srv.buffer, ps, depth); /* logon domain unicode string */
 
-	smb_io_dom_sid2("", &(usr->dom_sid), ps, depth);           /* domain SID */
+	smb_io_dom_sid2("sid", &(usr->dom_sid), ps, depth);           /* domain SID */
 
 	SMB_ASSERT_ARRAY(usr->other_sids, usr->num_other_sids);
 
 	for (i = 0; i < usr->num_other_sids; i++)
 	{
-		smb_io_dom_sid2("", &(usr->other_sids[i]), ps, depth); /* other domain SIDs */
+		smb_io_dom_sid2("sids", &(usr->other_sids[i]), ps, depth); /* other domain SIDs */
 	}
 
 	prs_uint32("auth_resp   ", ps, depth, &usr->auth_resp); /* 1 - Authoritative response; 0 - Non-Auth? */