diff options
| -rw-r--r-- | source/include/proto.h | 1 | ||||
| -rw-r--r-- | source/include/rpc_netlogon.h | 2 | ||||
| -rw-r--r-- | source/passdb/sampassdb.c | 53 | ||||
| -rw-r--r-- | source/rpc_parse/parse_misc.c | 30 | ||||
| -rw-r--r-- | source/rpc_parse/parse_net.c | 30 | ||||
| -rw-r--r-- | source/rpc_parse/parse_samr.c | 3 | ||||
| -rw-r--r-- | source/rpc_server/srv_netlog.c | 2 | ||||
| -rw-r--r-- | source/rpc_server/srv_reg.c | 2 | ||||
| -rw-r--r-- | source/rpc_server/srv_samr.c | 21 |
9 files changed, 101 insertions, 43 deletions
diff --git a/source/include/proto.h b/source/include/proto.h index 1d6f6d269d6..f9a83e4d948 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -2283,6 +2283,7 @@ BOOL init_buffer5(BUFFER5 **str); BOOL clear_buffer5(BUFFER5 **str); BOOL make_buffer5(BUFFER5 *str, char *buf, int len); BOOL smb_io_buffer5(char *desc, BUFFER5 *buf5, prs_struct *ps, int depth); +BOOL make_buffer2_multi(BUFFER2 *str, char *const* const buf, uint32 num); BOOL make_buffer2(BUFFER2 *str, const char *buf, int len); BOOL smb_io_buffer2(char *desc, BUFFER2 *buf2, uint32 buffer, prs_struct *ps, int depth); BOOL make_buf_unistr2(UNISTR2 *str, uint32 *ptr, const char *buf); diff --git a/source/include/rpc_netlogon.h b/source/include/rpc_netlogon.h index 08f4699636f..6842fd6e072 100644 --- a/source/include/rpc_netlogon.h +++ b/source/include/rpc_netlogon.h @@ -192,7 +192,7 @@ typedef struct net_q_trust_dom_info /* NET_R_TRUST_DOM_LIST - response to LSA Trusted Domains */ typedef struct net_r_trust_dom_info { - UNISTR2 uni_trust_dom_name[MAX_TRUST_DOMS]; + BUFFER2 uni_trust_dom_name; uint32 status; /* return code */ diff --git a/source/passdb/sampassdb.c b/source/passdb/sampassdb.c index 14d0677ac9b..bca5bfa45f3 100644 --- a/source/passdb/sampassdb.c +++ b/source/passdb/sampassdb.c @@ -349,12 +349,12 @@ struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user) return &disp_info; } -static void select_name(fstring string, char **name, const UNISTR2 *from) +static void select_name(fstring *string, char **name, const UNISTR2 *from) { if (from->buffer != 0) { - unistr2_to_ascii(string, from, sizeof(string)); - *name = string; + unistr2_to_ascii(*string, from, sizeof(*string)); + *name = *string; } } @@ -376,18 +376,41 @@ void copy_id23_to_sam_passwd(struct sam_passwd *to, const SAM_USER_INFO_23 *from if (from == NULL || to == NULL) return; - memcpy(to, from, sizeof(*from)); - - select_name(nt_name , &to->nt_name , &from->uni_user_name ); - select_name(full_name , &to->full_name , &from->uni_full_name ); - select_name(home_dir , &to->home_dir , &from->uni_home_dir ); - select_name(dir_drive , &to->dir_drive , &from->uni_dir_drive ); - select_name(logon_script, &to->logon_script, &from->uni_logon_script); - select_name(profile_path, &to->profile_path, &from->uni_profile_path); - select_name(acct_desc , &to->acct_desc , &from->uni_acct_desc ); - select_name(workstations, &to->workstations, &from->uni_workstations); - select_name(unknown_str , &to->unknown_str , &from->uni_unknown_str ); - select_name(munged_dial , &to->munged_dial , &from->uni_munged_dial ); + to->logon_time = from->logon_time; + to->logoff_time = from->logoff_time; + to->kickoff_time = from->kickoff_time; + to->pass_last_set_time = from->pass_last_set_time; + to->pass_can_change_time = from->pass_can_change_time; + to->pass_must_change_time = from->pass_must_change_time; + + select_name(&nt_name , &to->nt_name , &from->uni_user_name ); + select_name(&full_name , &to->full_name , &from->uni_full_name ); + select_name(&home_dir , &to->home_dir , &from->uni_home_dir ); + select_name(&dir_drive , &to->dir_drive , &from->uni_dir_drive ); + select_name(&logon_script, &to->logon_script, &from->uni_logon_script); + select_name(&profile_path, &to->profile_path, &from->uni_profile_path); + select_name(&acct_desc , &to->acct_desc , &from->uni_acct_desc ); + select_name(&workstations, &to->workstations, &from->uni_workstations); + select_name(&unknown_str , &to->unknown_str , &from->uni_unknown_str ); + select_name(&munged_dial , &to->munged_dial , &from->uni_munged_dial ); + + to->unix_uid = (uid_t)-1; + to->unix_gid = (gid_t)-1; + to->user_rid = from->user_rid; + to->group_rid = from->group_rid; + + to->smb_passwd = NULL; + to->smb_nt_passwd = NULL; + + to->acct_ctrl = from->acb_info; + to->unknown_3 = from->unknown_3; + + to->logon_divs = from->logon_divs; + to->hours_len = from->logon_hrs.len; + memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN); + + to->unknown_5 = from->unknown_5; + to->unknown_6 = from->unknown_6; } diff --git a/source/rpc_parse/parse_misc.c b/source/rpc_parse/parse_misc.c index 9f224c120bf..2f2c68648ab 100644 --- a/source/rpc_parse/parse_misc.c +++ b/source/rpc_parse/parse_misc.c @@ -672,6 +672,36 @@ BOOL smb_io_buffer5(char *desc, BUFFER5 *buf5, prs_struct *ps, int depth) /******************************************************************* creates a BUFFER2 structure. ********************************************************************/ +BOOL make_buffer2_multi(BUFFER2 *str, char *const* const buf, uint32 num) +{ + int i; + char *dest = (char*)str->buffer; + size_t max_len = sizeof(str->buffer)-1; + + ZERO_STRUCTP(str); + + str->buf_max_len = 0; + str->undoc = 0; + + for (i = 0; i < num && max_len > 0; i++) + { + size_t len = buf[i] != NULL ? strlen(buf[i]) : 0; + + str->buf_max_len += len * 2; + str->buf_len += len * 2; + + ascii_to_unibuf(dest, buf[i], max_len); + + dest += len * 2 + 2; + max_len -= len * 2 + 2; + } + + return True; +} + +/******************************************************************* +creates a BUFFER2 structure. +********************************************************************/ BOOL make_buffer2(BUFFER2 *str, const char *buf, int len) { ZERO_STRUCTP(str); diff --git a/source/rpc_parse/parse_net.c b/source/rpc_parse/parse_net.c index b21f612c8a8..c6e366bbbec 100644 --- a/source/rpc_parse/parse_net.c +++ b/source/rpc_parse/parse_net.c @@ -296,28 +296,18 @@ makes an NET_R_TRUST_DOM_LIST structure. BOOL make_r_trust_dom(NET_R_TRUST_DOM_LIST *r_t, uint32 num_doms, char **dom_name) { - uint32 i = 0; - if (r_t == NULL) return False; DEBUG(5,("make_r_trust_dom\n")); - for (i = 0; i < MAX_TRUST_DOMS; i++) - { - r_t->uni_trust_dom_name[i].uni_str_len = 0; - r_t->uni_trust_dom_name[i].uni_max_len = 0; - } - if (num_doms > MAX_TRUST_DOMS) num_doms = MAX_TRUST_DOMS; - - for (i = 0; i < num_doms; i++) + make_buffer2_multi(&r_t->uni_trust_dom_name, + dom_name, num_doms); + if (num_doms == 0) { - fstring domain_name; - fstrcpy(domain_name, dom_name[i]); - strupper(domain_name); - make_unistr2(&(r_t->uni_trust_dom_name[i]), domain_name, strlen(domain_name)+1); - /* the use of UNISTR2 here is non-standard. */ - r_t->uni_trust_dom_name[i].undoc = 0x1; + r_t->uni_trust_dom_name.buf_max_len = 0x2; + r_t->uni_trust_dom_name.buf_len = 0x2; } + r_t->uni_trust_dom_name.undoc = 0x1; r_t->status = 0; @@ -329,17 +319,13 @@ reads or writes an NET_R_TRUST_DOM_LIST structure. ********************************************************************/ BOOL net_io_r_trust_dom(char *desc, NET_R_TRUST_DOM_LIST *r_t, prs_struct *ps, int depth) { - uint32 i; if (r_t == NULL) return False; prs_debug(ps, depth, desc, "net_io_r_trust_dom"); depth++; - for (i = 0; i < MAX_TRUST_DOMS; i++) - { - if (r_t->uni_trust_dom_name[i].uni_str_len == 0) break; - smb_io_unistr2("", &(r_t->uni_trust_dom_name[i]), True, ps, depth); - } + smb_io_buffer2("", &r_t->uni_trust_dom_name, True, ps, depth); + prs_align(ps); prs_uint32("status", ps, depth, &(r_t->status)); diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c index 90ae3e8feef..9ea66bbf4b3 100644 --- a/source/rpc_parse/parse_samr.c +++ b/source/rpc_parse/parse_samr.c @@ -250,7 +250,7 @@ BOOL make_samr_r_unknown_2c(SAMR_R_UNKNOWN_2C *q_u, uint32 status) DEBUG(5,("samr_make_r_unknown_2c\n")); - q_u->unknown_0 = 0x00160000; + q_u->unknown_0 = 0x00150000; q_u->unknown_1 = 0x00000000; q_u->status = status; @@ -5716,6 +5716,7 @@ BOOL samr_io_q_set_userinfo(char *desc, SAMR_Q_SET_USERINFO *q_u, prs_struct *ps if (!ps->io) { + /* writing */ free_samr_q_set_userinfo(q_u); } diff --git a/source/rpc_server/srv_netlog.c b/source/rpc_server/srv_netlog.c index 09678e3eaf4..5e9ae350942 100644 --- a/source/rpc_server/srv_netlog.c +++ b/source/rpc_server/srv_netlog.c @@ -102,7 +102,7 @@ static void net_reply_trust_dom_list(NET_Q_TRUST_DOM_LIST *q_t, prs_struct *rdat /* store the response in the SMB stream */ net_io_r_trust_dom("", &r_t, rdata, 0); - DEBUG(6,("net_reply_trust_dom_listlogon_ctrl2: %d\n", __LINE__)); + DEBUG(6,("net_reply_trust_dom_list: %d\n", __LINE__)); } diff --git a/source/rpc_server/srv_reg.c b/source/rpc_server/srv_reg.c index 0ba67749007..fcc22a792ab 100644 --- a/source/rpc_server/srv_reg.c +++ b/source/rpc_server/srv_reg.c @@ -143,7 +143,7 @@ static void reg_reply_open_entry(REG_Q_OPEN_ENTRY *q_u, DEBUG(5,("reg_open_entry: %s\n", name)); /* lkcl XXXX do a check on the name, here */ if (!strequal(name, "SYSTEM\\CurrentControlSet\\Control\\ProductOptions") || - !strequal(name, "SYSTEM\\CurrentControlSet\\Services\\NETLOGON\Parameters")) + !strequal(name, "SYSTEM\\CurrentControlSet\\Services\\NETLOGON\\Parameters")) { status = 0xC000000 | NT_STATUS_ACCESS_DENIED; } diff --git a/source/rpc_server/srv_samr.c b/source/rpc_server/srv_samr.c index c3464380ed9..ff2f1bbb8cc 100644 --- a/source/rpc_server/srv_samr.c +++ b/source/rpc_server/srv_samr.c @@ -2090,6 +2090,11 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid) static uchar lm_hash[16]; pstring new_pw; + if (id23 == NULL) + { + DEBUG(5, ("set_user_info_23: NULL id23\n")); + return False; + } if (pwd == NULL) { return False; @@ -2155,6 +2160,12 @@ static void samr_reply_set_userinfo(SAMR_Q_SET_USERINFO *q_u, DEBUG(5,("samr_reply_set_userinfo: rid:0x%x\n", rid)); /* ok! user info levels (there are lots: see MSDEV help), off we go... */ + if (status == 0x0 && q_u->info.id == NULL) + { + DEBUG(5,("samr_reply_set_userinfo: NULL info level\n")); + status = 0xC0000000 | NT_STATUS_INVALID_INFO_CLASS; + } + if (status == 0x0) { switch (q_u->switch_value) @@ -2170,7 +2181,13 @@ static void samr_reply_set_userinfo(SAMR_Q_SET_USERINFO *q_u, case 23: { SAM_USER_INFO_23 *id23 = q_u->info.id23; - SamOEMhash(id23->pass, user_sess_key, True); + SamOEMhash(id23->pass, user_sess_key, 1); +#if DEBUG_PASSWORD + DEBUG(100,("pass buff:\n")); + dump_data(100, id23->pass, sizeof(id23->pass)); +#endif + dbgflush(); + status = set_user_info_23(id23, rid) ? 0 : (0xC0000000 | NT_STATUS_ACCESS_DENIED); break; } @@ -2663,7 +2680,7 @@ static void samr_reply_create_user(SAMR_Q_CREATE_USER *q_u, pstring msg_str; if (!local_password_change(user_name, True, - q_u->acb_info, 0xffff, + q_u->acb_info | ACB_DISABLED, 0xffff, NULL, err_str, sizeof(err_str), msg_str, sizeof(msg_str))) |