diff options
| -rw-r--r-- | source/auth/auth_util.c | 7 | ||||
| -rw-r--r-- | source/include/rpc_netlogon.h | 4 | ||||
| -rw-r--r-- | source/nsswitch/winbindd_pam.c | 2 | ||||
| -rw-r--r-- | source/rpc_client/cli_netlogon.c | 12 | ||||
| -rw-r--r-- | source/rpc_parse/parse_net.c | 26 |
5 files changed, 37 insertions, 14 deletions
diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c index d985c0a54fc..2eacc2b0d10 100644 --- a/source/auth/auth_util.c +++ b/source/auth/auth_util.c @@ -1324,11 +1324,12 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, (*server_info)->user_session_key = data_blob(info3->user_sess_key, sizeof(info3->user_sess_key)); } - if (memcmp(info3->padding, zeros, sizeof(zeros)) == 0) { + if (memcmp(info3->lm_sess_key, zeros, 8) == 0) { (*server_info)->lm_session_key = data_blob(NULL, 0); } else { - (*server_info)->lm_session_key = data_blob(info3->padding, 16); - } + (*server_info)->lm_session_key = data_blob(info3->lm_sess_key, sizeof(info3->lm_sess_key)); + } + return NT_STATUS_OK; } diff --git a/source/include/rpc_netlogon.h b/source/include/rpc_netlogon.h index 44beb2b8c82..97b2523d72c 100644 --- a/source/include/rpc_netlogon.h +++ b/source/include/rpc_netlogon.h @@ -168,7 +168,9 @@ typedef struct net_user_info_3 UNIHDR hdr_logon_dom; /* logon domain unicode string header */ uint32 buffer_dom_id; /* undocumented logon domain id pointer */ - uint8 padding[40]; /* unused padding bytes. expansion room */ + uint8 lm_sess_key[8]; /* lm session key */ + uint32 acct_flags; /* account flags */ + uint32 unknown[7]; /* unknown */ uint32 num_other_sids; /* number of foreign/trusted domain sids */ uint32 buffer_other_sids; diff --git a/source/nsswitch/winbindd_pam.c b/source/nsswitch/winbindd_pam.c index f7d3ac5aa41..cb44ec98d76 100644 --- a/source/nsswitch/winbindd_pam.c +++ b/source/nsswitch/winbindd_pam.c @@ -612,7 +612,7 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) memcpy(state->response.data.auth.user_session_key, info3.user_sess_key, sizeof(state->response.data.auth.user_session_key) /* 16 */); } if (state->request.flags & WBFLAG_PAM_LMKEY) { - memcpy(state->response.data.auth.first_8_lm_hash, info3.padding, sizeof(state->response.data.auth.first_8_lm_hash) /* 8 */); + memcpy(state->response.data.auth.first_8_lm_hash, info3.lm_sess_key, sizeof(state->response.data.auth.first_8_lm_hash) /* 8 */); } } diff --git a/source/rpc_client/cli_netlogon.c b/source/rpc_client/cli_netlogon.c index 3fb032234f5..b88753a7ed0 100644 --- a/source/rpc_client/cli_netlogon.c +++ b/source/rpc_client/cli_netlogon.c @@ -654,6 +654,7 @@ NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_c char *workstation_name_slash; uint8 netlogon_sess_key[16]; static uint8 zeros[16]; + int i; ZERO_STRUCT(q); ZERO_STRUCT(r); @@ -716,10 +717,15 @@ NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_c memset(info3->user_sess_key, '\0', 16); } - if (memcmp(zeros, info3->padding, 16) != 0) { - SamOEMhash(info3->padding, netlogon_sess_key, 16); + if (memcmp(zeros, info3->lm_sess_key, 8) != 0) { + SamOEMhash(info3->lm_sess_key, netlogon_sess_key, 8); } else { - memset(info3->padding, '\0', 16); + memset(info3->lm_sess_key, '\0', 8); + } + + memset(&info3->acct_flags, '\0', 4); + for (i=0; i < 7; i++) { + memset(&info3->unknown[i], '\0', 4); } /* Return results */ diff --git a/source/rpc_parse/parse_net.c b/source/rpc_parse/parse_net.c index 97ca0d406b4..7e5eec3e6d8 100644 --- a/source/rpc_parse/parse_net.c +++ b/source/rpc_parse/parse_net.c @@ -1454,12 +1454,16 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr, usr->buffer_dom_id = dom_sid ? 1 : 0; /* yes, we're bothering to put a domain SID in */ - memset((char *)usr->padding, '\0', sizeof(usr->padding)); + memset((char *)usr->lm_sess_key, '\0', sizeof(usr->lm_sess_key)); + memset(&usr->acct_flags, '\0', sizeof(usr->acct_flags)); -#if 0 /* JRATEST - exchange auth test. */ - if (lm_session_key != NULL) - memcpy(usr->padding, lm_session_key, sizeof(usr->user_sess_key)); -#endif + for (i=0; i<7; i++) { + memset(&usr->unknown[i], '\0', sizeof(usr->unknown)); + } + + if (lm_session_key != NULL) { + memcpy(usr->lm_sess_key, lm_session_key, sizeof(usr->lm_sess_key)); + } num_other_sids = init_dom_sid2s(ctx, other_sids, &usr->other_sids); @@ -1580,9 +1584,19 @@ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, if(!prs_uint32("buffer_dom_id ", ps, depth, &usr->buffer_dom_id)) /* undocumented logon domain id pointer */ return False; - if(!prs_uint8s (False, "padding ", ps, depth, usr->padding, 40)) /* unused padding bytes? */ + + if(!prs_uint8s(False, "lm_sess_key", ps, depth, usr->lm_sess_key, 8)) /* lm session key */ return False; + if(!prs_uint32("acct_flags ", ps, depth, &usr->acct_flags)) /* Account flags */ + return False; + + for (i = 0; i < 7; i++) + { + if (!prs_uint32("unkown", ps, depth, &usr->unknown[i])) /* unknown */ + return False; + } + if (validation_level == 3) { if(!prs_uint32("num_other_sids", ps, depth, &usr->num_other_sids)) /* 0 - num_sids */ return False; |