SAM database "set user info".

---------------------------- - removed DOM_RID4 - removed SAMR_UNKNOWN_32 - added SAMR_SET_USERINFO (opcode 0x32) - added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user) - fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - added mod_sam21pwd_entry() - preparing to call mod_sam21pwd_entry() - added "user session key" to user_struct.dc. this is md4(nt#) and is needed to decode user's clear-text passwords in SAMR_SET_USERINFO. - split code out in chgpasswd.c to decode 516 byte password buffers. (This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)
author: Luke Leighton <lkcl@samba.org> 1999-03-25 13:54:31 +0000
committer: Luke Leighton <lkcl@samba.org> 1999-03-25 13:54:31 +0000
commit: 43a460075a39148060d4193fcb9c62bfa4acc737 (patch)
tree: 7b8542161c3ea4d7049955ec7dc5034dbf14ba9d /source3/include
parent: 1ad002b7497c840f84b17e2a5187079d1140f90b (diff)
download: samba-43a460075a39148060d4193fcb9c62bfa4acc737.tar.gz
samba-43a460075a39148060d4193fcb9c62bfa4acc737.tar.bz2
samba-43a460075a39148060d4193fcb9c62bfa4acc737.zip
4 files changed, 151 insertions, 47 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 83bea437fa..8e8e7e292a 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -492,7 +492,7 @@ void pwdb_set_can_change_time(char *p, int max_len, time_t t);
 void pwdb_set_must_change_time(char *p, int max_len, time_t t);
 void pwdb_set_last_set_time(char *p, int max_len, time_t t);
 void pwdb_sethexpwd(char *p, const char *pwd, uint16 acct_ctrl);
-BOOL pwdb_gethexpwd(const char *p, char *pwd);
+BOOL pwdb_gethexpwd(const char *p, char *pwd, uint32 *acct_ctrl);
 BOOL pwdb_initialise(BOOL is_server);
 
 /*The following definitions come from  lib/util_sid.c  */
@@ -1507,6 +1507,7 @@ BOOL initialise_sam_password_db(void);
 void *startsam21pwent(BOOL update);
 void endsam21pwent(void *vp);
 struct sam_passwd *getsam21pwent(void *vp);
+BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override);
 struct sam_passwd *iterate_getsam21pwntnam(const char *ntname);
 struct sam_passwd *iterate_getsam21pwrid(uint32 rid);
 struct sam_passwd *iterate_getsam21pwuid(uid_t uid);
@@ -1973,7 +1974,6 @@ void make_dom_rid2(DOM_RID2 *rid2, uint32 rid, uint8 type, uint32 idx);
 void smb_io_dom_rid2(char *desc,  DOM_RID2 *rid2, prs_struct *ps, int depth);
 void make_dom_rid3(DOM_RID3 *rid3, uint32 rid, uint8 type);
 void smb_io_dom_rid3(char *desc,  DOM_RID3 *rid3, prs_struct *ps, int depth);
-void make_dom_rid4(DOM_RID4 *rid4, uint16 unknown, uint16 attr, uint32 rid);
 void make_log_info(DOM_LOG_INFO *log,
 		const char *logon_srv, const char *acct_name,
 		uint16 sec_chan, const char *comp_name);
@@ -2264,6 +2264,8 @@ void make_unk_info7(SAM_UNK_INFO_7 *u_7);
 void sam_io_unk_info7(char *desc, SAM_UNK_INFO_7 *u_7, prs_struct *ps, int depth);
 void make_unk_info2(SAM_UNK_INFO_2 *u_2, char *domain, char *server);
 void sam_io_unk_info2(char *desc, SAM_UNK_INFO_2 *u_2, prs_struct *ps, int depth);
+void make_unk_info1(SAM_UNK_INFO_1 *u_1);
+void sam_io_unk_info1(char *desc, SAM_UNK_INFO_1 *u_1, prs_struct *ps, int depth);
 void make_samr_r_query_dom_info(SAMR_R_QUERY_DOMAIN_INFO *r_u, 
 				uint16 switch_value, SAM_UNK_CTR *ctr,
 				uint32 status);
@@ -2456,6 +2458,10 @@ void make_samr_q_create_user(SAMR_Q_CREATE_USER *q_u,
 				const char *name,
 				uint16 acb_info, uint32 unk_1);
 void samr_io_q_create_user(char *desc,  SAMR_Q_CREATE_USER *q_u, prs_struct *ps, int depth);
+void make_samr_r_create_user(SAMR_R_CREATE_USER *r_u,
+				POLICY_HND *user_pol,
+				uint32 unk_0, uint32 user_rid,
+				uint32 status);
 void samr_io_r_create_user(char *desc,  SAMR_R_CREATE_USER *r_u, prs_struct *ps, int depth);
 void make_samr_q_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
 				POLICY_HND *hnd, uint16 switch_value);
@@ -2470,6 +2476,36 @@ void make_sam_user_info11(SAM_USER_INFO_11 *usr,
 				uint32 rid_group,
 				uint16 acct_ctrl);
 void sam_io_user_info11(char *desc,  SAM_USER_INFO_11 *usr, prs_struct *ps, int depth);
+void make_sam_user_info23(SAM_USER_INFO_23 *usr,
+
+	NTTIME *logon_time, /* all zeros */
+	NTTIME *logoff_time, /* all zeros */
+	NTTIME *kickoff_time, /* all zeros */
+	NTTIME *pass_last_set_time, /* all zeros */
+	NTTIME *pass_can_change_time, /* all zeros */
+	NTTIME *pass_must_change_time, /* all zeros */
+
+	char *user_name, /* NULL */
+	char *full_name,
+	char *home_dir,
+	char *dir_drive,
+	char *logon_script,
+	char *profile_path,
+	char *description,
+	char *workstations,
+	char *unknown_str,
+	char *munged_dial,
+
+	uint32 user_rid, /* 0x0000 0000 */
+	uint32 group_rid,
+	uint16 acb_info, 
+
+	uint32 unknown_3,
+	uint16 logon_divs,
+	LOGON_HRS *hrs,
+	uint32 unknown_5,
+	char newpass[516],
+	uint32 unknown_6);
 void make_sam_user_info21(SAM_USER_INFO_21 *usr,
 
 	NTTIME *logon_time,
@@ -2502,8 +2538,12 @@ void make_sam_user_info21(SAM_USER_INFO_21 *usr,
 void make_samr_r_query_userinfo(SAMR_R_QUERY_USERINFO *r_u,
 				uint16 switch_value, void *info, uint32 status);
 void samr_io_r_query_userinfo(char *desc,  SAMR_R_QUERY_USERINFO *r_u, prs_struct *ps, int depth);
-void samr_io_q_unknown_32(char *desc,  SAMR_Q_UNKNOWN_32 *q_u, prs_struct *ps, int depth);
-void samr_io_r_unknown_32(char *desc,  SAMR_R_UNKNOWN_32 *r_u, prs_struct *ps, int depth);
+void make_samr_q_set_userinfo(SAMR_Q_SET_USERINFO *q_u,
+				POLICY_HND *hnd,
+				uint16 switch_value, void *info);
+void samr_io_q_set_userinfo(char *desc, SAMR_Q_SET_USERINFO *q_u, prs_struct *ps, int depth);
+void make_samr_r_set_userinfo(SAMR_R_SET_USERINFO *r_u, uint32 status);
+void samr_io_r_set_userinfo(char *desc,  SAMR_R_SET_USERINFO *r_u, prs_struct *ps, int depth);
 void make_samr_q_connect(SAMR_Q_CONNECT *q_u,
 				char *srv_name, uint32 unknown_0);
 void samr_io_q_connect(char *desc,  SAMR_Q_CONNECT *q_u, prs_struct *ps, int depth);
@@ -2932,6 +2972,8 @@ BOOL change_lanman_password(struct smb_passwd *smbpw, uchar *pass1, uchar *pass2
 BOOL pass_oem_change(char *user,
 			uchar *lmdata, uchar *lmhash,
 			uchar *ntdata, uchar *nthash);
+BOOL decode_pw_buffer(const char buffer[516], char *new_passwd,
+			int new_passwd_size, BOOL nt_pass_set);
 BOOL check_oem_password(char *user,
 			uchar *lmdata, uchar *lmhash,
 			uchar *ntdata, uchar *nthash,
@@ -3119,15 +3161,16 @@ BOOL set_challenge(unsigned char *challenge);
 user_struct *get_valid_user_struct(uint16 vuid);
 void invalidate_vuid(uint16 vuid);
 char *validated_username(uint16 vuid);
-uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, BOOL guest);
+uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, BOOL guest, uchar user_sess_key[16]);
 void add_session_user(char *user);
 BOOL smb_password_check(char *password, unsigned char *part_passwd, unsigned char *c8);
 BOOL smb_password_ok(struct smb_passwd *smb_pass, uchar chal[8],
                      uchar lm_pass[24], uchar nt_pass[24]);
 BOOL pass_check_smb(char *user, char *domain,
 		uchar *chal, uchar *lm_pwd, uchar *nt_pwd,
-		struct passwd *pwd);
-BOOL password_ok(char *user, char *password, int pwlen, struct passwd *pwd);
+		struct passwd *pwd, uchar user_sess_key[16]);
+BOOL password_ok(char *user, char *password, int pwlen, struct passwd *pwd,
+		uchar user_sess_key[16]);
 BOOL user_ok(char *user,int snum);
 BOOL authorise_login(int snum,char *user,char *password, int pwlen, 
 		     BOOL *guest,BOOL *force,uint16 vuid);
diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h
index 1c5689dd87..3e4d52a038 100644
--- a/source3/include/rpc_misc.h
+++ b/source3/include/rpc_misc.h
@@ -212,15 +212,6 @@ typedef struct domrid3_info
 
 } DOM_RID3;
 
-/* DOM_RID4 - rid + user attributes */
-typedef struct domrid4_info
-{
-	uint32 unknown;      
-	uint16 attr;
-	uint32 rid;  /* user RID */
-
-} DOM_RID4;
-
 /* DOM_CLNT_SRV - client / server names */
 typedef struct clnt_srv_info
 {
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index 44e1c61484..92125f9f2c 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -68,7 +68,7 @@ SamrRemoveMultipleMembersFromAlias
 x SamrSetInformationAlias
 SamrSetInformationDomain
 x SamrSetInformationGroup
-SamrSetInformationUser
+x SamrSetInformationUser
 SamrSetMemberAttributesOfGroup
 SamrSetSecurityObject
 SamrShutdownSamServer
@@ -114,6 +114,7 @@ SamrTestPrivateFunctionsUser
 
 #define SAMR_OPEN_USER         0x22
 #define SAMR_CREATE_USER       0x32
+#define SAMR_SET_USERINFO      0x3A
 
 #define SAMR_QUERY_USERINFO    0x24
 #define SAMR_QUERY_USERGROUPS  0x27
@@ -122,7 +123,6 @@ SamrTestPrivateFunctionsUser
 #define SAMR_UNKNOWN_2C        0x2c
 #define SAMR_QUERY_DISPINFO3   0x30 /* Alias for SAMR_QUERY_DISPINFO
 				       with info level 3 */
-#define SAMR_UNKNOWN_32        0x32
 #define SAMR_QUERY_DISPINFO4   0x33 /* Alias for SAMR_QUERY_DISPINFO
 				       with info level 4 */
 #define SAMR_UNKNOWN_34        0x34
@@ -140,6 +140,67 @@ typedef struct logon_hours_info
 
 } LOGON_HRS;
 
+/* SAM_USER_INFO_23 */
+typedef struct sam_user_info_23
+{
+	NTTIME logon_time;            /* logon time */
+	NTTIME logoff_time;           /* logoff time */
+	NTTIME kickoff_time;          /* kickoff time */
+	NTTIME pass_last_set_time;    /* password last set time */
+	NTTIME pass_can_change_time;  /* password can change time */
+	NTTIME pass_must_change_time; /* password must change time */
+
+	UNIHDR hdr_user_name;    /* NULL - user name unicode string header */
+	UNIHDR hdr_full_name;    /* user's full name unicode string header */
+	UNIHDR hdr_home_dir;     /* home directory unicode string header */
+	UNIHDR hdr_dir_drive;    /* home drive unicode string header */
+	UNIHDR hdr_logon_script; /* logon script unicode string header */
+	UNIHDR hdr_profile_path; /* profile path unicode string header */
+	UNIHDR hdr_acct_desc  ;  /* user description */
+	UNIHDR hdr_workstations; /* comma-separated workstations user can log in from */
+	UNIHDR hdr_unknown_str ; /* don't know what this is, yet. */
+	UNIHDR hdr_munged_dial ; /* munged path name and dial-back tel number */
+
+	uint8 lm_pwd[16];    /* lm user passwords */
+	uint8 nt_pwd[16];    /* nt user passwords */
+
+	uint32 user_rid;      /* Primary User ID */
+	uint32 group_rid;     /* Primary Group ID */
+
+	uint16 acb_info; /* account info (ACB_xxxx bit-mask) */
+	/* uint8 pad[2] */
+
+	uint32 unknown_3; /* 0x09f8 27fa */
+
+	uint16 logon_divs; /* 0x0000 00a8 which is 168 which is num hrs in a week */
+	/* uint8 pad[2] */
+	uint32 ptr_logon_hrs; /* pointer to logon hours */
+
+	uint8 padding1[8];
+
+	uint32 unknown_5;     /* 0x0001 0000 */
+
+	uint8 pass[516];
+
+	UNISTR2 uni_user_name;    /* NULL - username unicode string */
+	UNISTR2 uni_full_name;    /* user's full name unicode string */
+	UNISTR2 uni_home_dir;     /* home directory unicode string */
+	UNISTR2 uni_dir_drive;    /* home directory drive unicode string */
+	UNISTR2 uni_logon_script; /* logon script unicode string */
+	UNISTR2 uni_profile_path; /* profile path unicode string */
+	UNISTR2 uni_acct_desc  ;  /* user description unicode string */
+	UNISTR2 uni_workstations; /* login from workstations unicode string */
+	UNISTR2 uni_unknown_str ; /* don't know what this is, yet. */
+	UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel number */
+
+	uint32 unknown_6; /* 0x0000 04ec */
+	uint32 padding4;
+
+	LOGON_HRS logon_hrs;
+
+} SAM_USER_INFO_23;
+
+
 /* SAM_USER_INFO_21 */
 typedef struct sam_user_info_21
 {
@@ -375,7 +436,7 @@ SAMR_Q_QUERY_DOMAIN_INFO - probably a query on domain group info.
 typedef struct q_samr_query_domain_info
 {
 	POLICY_HND domain_pol;   /* policy handle */
-	uint16 switch_value;     /* 0x0002 */
+	uint16 switch_value;     /* 0x0002, 0x0001 */
 
 } SAMR_Q_QUERY_DOMAIN_INFO;
 
@@ -394,7 +455,7 @@ typedef struct sam_unknown_info_7_info
 
 } SAM_UNK_INFO_7;
 
-typedef struct sam_unknown_info_2_info
+typedef struct sam_unknown_info_2_inf
 {
 	uint32 unknown_0; /* 0x0000 0000 */
 	uint32 unknown_1; /* 0x8000 0000 */
@@ -425,11 +486,21 @@ typedef struct sam_unknown_info_2_info
 
 } SAM_UNK_INFO_2;
 
+typedef struct sam_unknown_info_1_inf
+{
+	uint8 padding[12]; /* 12 bytes zeros */
+	uint32 unknown_1; /* 0x8000 0000 */
+	uint32 unknown_2; /* 0x0000 0000 */
+	uint32 unknown_3; /* 0x0000 0000 */
+
+} SAM_UNK_INFO_1;
+
 
 typedef struct sam_unknown_ctr_info
 {
 	union
 	{
+		SAM_UNK_INFO_1 inf1;
 		SAM_UNK_INFO_2 inf2;
 		SAM_UNK_INFO_6 inf6;
 		SAM_UNK_INFO_7 inf7;
@@ -1035,6 +1106,30 @@ typedef struct r_samr_query_usergroup_info
 } SAMR_R_QUERY_USERGROUPS;
 
 
+/* SAMR_Q_SET_USERINFO - set sam info */
+typedef struct q_samr_set_user_info
+{
+	POLICY_HND pol;          /* policy handle associated with user */
+	uint16 switch_value;      /* 0x0017 */
+	uint16 switch_value2;      /* 0x0017 */
+
+	union
+	{
+		SAM_USER_INFO_23 *id23; /* auth-level 0x17 */
+		void* id; /* to make typecasting easy */
+
+	} info;
+
+} SAMR_Q_SET_USERINFO;
+
+/* SAMR_R_SET_USERINFO - set sam info */
+typedef struct r_samr_set_user_info
+{
+	uint32 status;         /* return status */
+
+} SAMR_R_SET_USERINFO;
+
+
 /* SAMR_Q_QUERY_USERINFO - probably a get sam info */
 typedef struct q_samr_query_user_info
 {
@@ -1230,33 +1325,6 @@ typedef struct r_samr_create_user_info
 
 
 
-/* SAMR_Q_UNKNOWN_32 - probably a "create SAM entry" */
-typedef struct q_samr_unknown_32_info
-{
-	POLICY_HND pol;             /* policy handle */
-
-	UNIHDR  hdr_mach_acct;       /* unicode machine account name header */
-	UNISTR2 uni_mach_acct;       /* unicode machine account name */
-
-	uint32 acct_ctrl;            /* 32 bit ACB_XXXX */
-	uint16 unknown_1;            /* 16 bit unknown - 0x00B0 */
-	uint16 unknown_2;            /* 16 bit unknown - 0xe005 */
-
-} SAMR_Q_UNKNOWN_32;
-
-
-/* SAMR_R_UNKNOWN_32 - probably a "create SAM entry" */
-typedef struct r_samr_unknown_32_info
-{
-    POLICY_HND pol;       /* policy handle */
-
-	/* rid4.unknown - fail: 0030 success: 0x03ff */
-	DOM_RID4 rid4;         /* rid and attributes */
-
-	uint32 status;         /* return status - fail: 0xC000 0099: user exists */
-
-} SAMR_R_UNKNOWN_32;
-
 /* SAMR_Q_QUERY_GROUPMEM - query group members */
 typedef struct q_samr_query_groupmem_info
 {
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 65746d219c..edd021f4fb 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -613,6 +613,7 @@ typedef struct connection_struct
 	char *connectpath;
 	char *origpath;
 	char *user; /* name of user who *opened* this connection */
+
 	uid_t uid; /* uid of user who *opened* this connection */
 	gid_t gid; /* gid of user who *opened* this connection */
 
@@ -709,6 +710,7 @@ struct dcinfo
 
   uchar  sess_key[8]; /* Session key */
   uchar  md4pw[16];   /* md4(machine password) */
+  uchar  user_sess_key[16]; /* user session key (md4 nt#) */
 };
 
 typedef struct
author	Luke Leighton <lkcl@samba.org>	1999-03-25 13:54:31 +0000
committer	Luke Leighton <lkcl@samba.org>	1999-03-25 13:54:31 +0000
commit	43a460075a39148060d4193fcb9c62bfa4acc737 (patch)
tree	7b8542161c3ea4d7049955ec7dc5034dbf14ba9d /source3/include
parent	1ad002b7497c840f84b17e2a5187079d1140f90b (diff)
download	samba-43a460075a39148060d4193fcb9c62bfa4acc737.tar.gz samba-43a460075a39148060d4193fcb9c62bfa4acc737.tar.bz2 samba-43a460075a39148060d4193fcb9c62bfa4acc737.zip