diff options
author | Stefan Metzmacher <metze@samba.org> | 2011-02-01 14:47:05 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2011-02-02 11:58:26 +0100 |
commit | a4d4217dfa03bda9ace25bb4f54be5e94c09abbf (patch) | |
tree | a4f700305868f36f0b2ca396d167d18dadc5c6f2 | |
parent | 578e87dbf223c2ad529ef5de07630ed5c25a3ad6 (diff) | |
download | samba-a4d4217dfa03bda9ace25bb4f54be5e94c09abbf.tar.gz samba-a4d4217dfa03bda9ace25bb4f54be5e94c09abbf.tar.bz2 samba-a4d4217dfa03bda9ace25bb4f54be5e94c09abbf.zip |
s4:rpc_server/netlogon: add dcesrv_netr_LogonSamLogon_check()
We need to check for invalid parameters before we check for
access denied.
metze
-rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 93 |
1 files changed, 83 insertions, 10 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index d8a0f98d55..e060380402 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -531,6 +531,65 @@ static WERROR dcesrv_netr_LogonUasLogoff(struct dcesrv_call_state *dce_call, TAL } +static NTSTATUS dcesrv_netr_LogonSamLogon_check(const struct netr_LogonSamLogonEx *r) +{ + switch (r->in.logon_level) { + case NetlogonInteractiveInformation: + case NetlogonServiceInformation: + case NetlogonInteractiveTransitiveInformation: + case NetlogonServiceTransitiveInformation: + if (r->in.logon->password == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + switch (r->in.validation_level) { + case NetlogonValidationSamInfo: /* 2 */ + case NetlogonValidationSamInfo2: /* 3 */ + case NetlogonValidationSamInfo4: /* 6 */ + break; + default: + return NT_STATUS_INVALID_INFO_CLASS; + } + + break; + case NetlogonNetworkInformation: + case NetlogonNetworkTransitiveInformation: + if (r->in.logon->network == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + switch (r->in.validation_level) { + case NetlogonValidationSamInfo: /* 2 */ + case NetlogonValidationSamInfo2: /* 3 */ + case NetlogonValidationSamInfo4: /* 6 */ + break; + default: + return NT_STATUS_INVALID_INFO_CLASS; + } + + break; + + case NetlogonGenericInformation: + if (r->in.logon->generic == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + switch (r->in.validation_level) { + /* TODO: case NetlogonValidationGenericInfo: 4 */ + case NetlogonValidationGenericInfo2: /* 5 */ + break; + default: + return NT_STATUS_INVALID_INFO_CLASS; + } + + break; + default: + return NT_STATUS_INVALID_PARAMETER; + } + + return NT_STATUS_OK; +} + /* netr_LogonSamLogon_base @@ -771,6 +830,13 @@ static NTSTATUS dcesrv_netr_LogonSamLogonEx(struct dcesrv_call_state *dce_call, NTSTATUS nt_status; struct netlogon_creds_CredentialState *creds; + *r->out.authoritative = 1; + + nt_status = dcesrv_netr_LogonSamLogon_check(r); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } + nt_status = schannel_get_creds_state(mem_ctx, lpcfg_private_dir(dce_call->conn->dce_ctx->lp_ctx), r->in.computer_name, &creds); @@ -798,16 +864,6 @@ static NTSTATUS dcesrv_netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce struct netr_Authenticator *return_authenticator; - return_authenticator = talloc(mem_ctx, struct netr_Authenticator); - NT_STATUS_HAVE_NO_MEMORY(return_authenticator); - - nt_status = dcesrv_netr_creds_server_step_check(dce_call, - mem_ctx, - r->in.computer_name, - r->in.credential, return_authenticator, - &creds); - NT_STATUS_NOT_OK_RETURN(nt_status); - ZERO_STRUCT(r2); r2.in.server_name = r->in.server_name; @@ -820,6 +876,23 @@ static NTSTATUS dcesrv_netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce r2.out.authoritative = r->out.authoritative; r2.out.flags = r->out.flags; + *r->out.authoritative = 1; + + nt_status = dcesrv_netr_LogonSamLogon_check(&r2); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } + + return_authenticator = talloc(mem_ctx, struct netr_Authenticator); + NT_STATUS_HAVE_NO_MEMORY(return_authenticator); + + nt_status = dcesrv_netr_creds_server_step_check(dce_call, + mem_ctx, + r->in.computer_name, + r->in.credential, return_authenticator, + &creds); + NT_STATUS_NOT_OK_RETURN(nt_status); + nt_status = dcesrv_netr_LogonSamLogon_base(dce_call, mem_ctx, &r2, creds); r->out.return_authenticator = return_authenticator; |