summaryrefslogtreecommitdiffstats
path: root/source4/rpc_server/netlogon
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2005-01-10 16:12:41 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:08:39 -0500
commita070551e7aece72cba7b801c05107f739b17301c (patch)
tree942c4ee791028674989019ed000d61aa7617d2ec /source4/rpc_server/netlogon
parent0457324cc8ee3eb1a8c4d2067db3c7e7934e8702 (diff)
downloadsamba-a070551e7aece72cba7b801c05107f739b17301c.tar.gz
samba-a070551e7aece72cba7b801c05107f739b17301c.tar.xz
samba-a070551e7aece72cba7b801c05107f739b17301c.zip
r4648: fix netr_ServerPasswordSet() bugs
metze (This used to be commit 7feface9b77f2be4f592d04a6131348af761a8e8)
Diffstat (limited to 'source4/rpc_server/netlogon')
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c40
1 files changed, 18 insertions, 22 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index c3ca59a0415..731905e2a60 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -314,19 +314,15 @@ static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLO
struct ldb_message **msgs;
struct ldb_message **msgs_domain;
NTSTATUS nt_status;
- struct ldb_message mod, *msg_set_pw = &mod;
- const char *domain_dn;
+ struct ldb_message *mod;
const char *domain_sid;
const char *attrs[] = {"objectSid", NULL };
const char **domain_attrs = attrs;
- ZERO_STRUCT(mod);
nt_status = netr_creds_server_step_check(pipe_state, &r->in.credential, &r->out.return_authenticator);
- if (NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
- }
+ NT_STATUS_NOT_OK_RETURN(nt_status);
sam_ctx = samdb_connect(mem_ctx);
if (sam_ctx == NULL) {
@@ -336,6 +332,9 @@ static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLO
num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
"(&(sAMAccountName=%s)(objectclass=user))",
pipe_state->creds->account_name);
+ if (num_records == -1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
if (num_records == 0) {
DEBUG(3,("Couldn't find user [%s] in samdb.\n",
@@ -360,6 +359,9 @@ static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLO
&msgs_domain, domain_attrs,
"(&(objectSid=%s)(objectclass=domain))",
domain_sid);
+ if (num_records_domain == -1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
if (num_records_domain == 0) {
DEBUG(3,("check_sam_security: Couldn't find domain [%s] in passdb file.\n",
@@ -373,30 +375,25 @@ static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLO
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- domain_dn = msgs_domain[0]->dn;
-
- mod.dn = talloc_strdup(mem_ctx, msgs[0]->dn);
- if (!mod.dn) {
- return NT_STATUS_NO_MEMORY;
- }
-
+ mod = talloc_zero(mem_ctx, struct ldb_message);
+ NT_STATUS_HAVE_NO_MEMORY(mod);
+ mod->dn = talloc_reference(mod, msgs[0]->dn);
+
creds_des_decrypt(pipe_state->creds, &r->in.new_password);
/* set the password - samdb needs to know both the domain and user DNs,
so the domain password policy can be used */
- nt_status = samdb_set_password(sam_ctx, mem_ctx,
- msgs[0]->dn, domain_dn,
- msg_set_pw,
+ nt_status = samdb_set_password(sam_ctx, mod,
+ msgs[0]->dn,
+ msgs_domain[0]->dn,
+ mod,
NULL, /* Don't have plaintext */
NULL, &r->in.new_password,
False /* This is not considered a password change */,
NULL);
-
- if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
- }
+ NT_STATUS_NOT_OK_RETURN(nt_status);
- ret = samdb_replace(sam_ctx, mem_ctx, msg_set_pw);
+ ret = samdb_replace(sam_ctx, mem_ctx, mod);
if (ret != 0) {
/* we really need samdb.c to return NTSTATUS */
return NT_STATUS_UNSUCCESSFUL;
@@ -651,7 +648,6 @@ static NTSTATUS netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce_call,
r->out.validation = r2.out.validation;
r->out.authoritative = r2.out.authoritative;
r->out.flags = r2.out.flags;
- r->out.flags = r2.out.flags;
return nt_status;
}