Use pidl for _samr_QueryUserInfo.

Guenther (This used to be commit 53dc913b2d01aeea2a7490c5ef1292e6c6eff5e7)
author: Günther Deschner <gd@samba.org> 2008-02-12 12:58:47 +0100
committer: Günther Deschner <gd@samba.org> 2008-02-12 14:52:25 +0100
commit: 4974200f308229f8d7d1637ef9a33bcd921e138f (patch)
tree: 4b6f3ec906eb3a980fa912127e6559920cae1540 /source3/rpc_server/srv_samr_nt.c
parent: e4501b0913088e0d6414d3440643f823dda9f0a2 (diff)
download: samba-4974200f308229f8d7d1637ef9a33bcd921e138f.tar.gz
samba-4974200f308229f8d7d1637ef9a33bcd921e138f.tar.bz2
samba-4974200f308229f8d7d1637ef9a33bcd921e138f.zip
1 files changed, 247 insertions, 94 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 412aa9df91..ac10754493 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2129,10 +2129,15 @@ NTSTATUS _samr_OpenUser(pipes_struct *p,
  get_user_info_7. Safe. Only gives out account_name.
  *************************************************************************/
 
-static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx, SAM_USER_INFO_7 *id7, DOM_SID *user_sid)
+static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx,
+				struct samr_UserInfo7 *r,
+				DOM_SID *user_sid)
 {
 	struct samu *smbpass=NULL;
 	bool ret;
+	const char *account_name = NULL;
+
+	ZERO_STRUCTP(r);
 
 	if ( !(smbpass = samu_new( mem_ctx )) ) {
 		return NT_STATUS_NO_MEMORY;
@@ -2147,12 +2152,16 @@ static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx, SAM_USER_INFO_7 *id7, DOM_S
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
-	DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
+	account_name = talloc_strdup(mem_ctx, pdb_get_username(smbpass));
+	if (!account_name) {
+		TALLOC_FREE(smbpass);
+		return NT_STATUS_NO_MEMORY;
+	}
+	TALLOC_FREE(smbpass);
 
-	ZERO_STRUCTP(id7);
-	init_sam_user_info7(id7, pdb_get_username(smbpass) );
+	DEBUG(3,("User:[%s]\n", account_name));
 
-	TALLOC_FREE(smbpass);
+	init_samr_user_info7(r, account_name);
 
 	return NT_STATUS_OK;
 }
@@ -2160,11 +2169,16 @@ static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx, SAM_USER_INFO_7 *id7, DOM_S
 /*************************************************************************
  get_user_info_9. Only gives out primary group SID.
  *************************************************************************/
-static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx, SAM_USER_INFO_9 * id9, DOM_SID *user_sid)
+
+static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx,
+				struct samr_UserInfo9 *r,
+				DOM_SID *user_sid)
 {
 	struct samu *smbpass=NULL;
 	bool ret;
 
+	ZERO_STRUCTP(r);
+
 	if ( !(smbpass = samu_new( mem_ctx )) ) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -2175,13 +2189,13 @@ static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx, SAM_USER_INFO_9 * id9, DOM_
 
 	if (ret==False) {
 		DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
+		TALLOC_FREE(smbpass);
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
 	DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
 
-	ZERO_STRUCTP(id9);
-	init_sam_user_info9(id9, pdb_get_group_rid(smbpass) );
+	init_samr_user_info9(r, pdb_get_group_rid(smbpass));
 
 	TALLOC_FREE(smbpass);
 
@@ -2192,11 +2206,15 @@ static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx, SAM_USER_INFO_9 * id9, DOM_
  get_user_info_16. Safe. Only gives out acb bits.
  *************************************************************************/
 
-static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx, SAM_USER_INFO_16 *id16, DOM_SID *user_sid)
+static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx,
+				 struct samr_UserInfo16 *r,
+				 DOM_SID *user_sid)
 {
 	struct samu *smbpass=NULL;
 	bool ret;
 
+	ZERO_STRUCTP(r);
+
 	if ( !(smbpass = samu_new( mem_ctx )) ) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -2207,13 +2225,13 @@ static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx, SAM_USER_INFO_16 *id16, DO
 
 	if (ret==False) {
 		DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
+		TALLOC_FREE(smbpass);
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
 	DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
 
-	ZERO_STRUCTP(id16);
-	init_sam_user_info16(id16, pdb_get_acct_ctrl(smbpass) );
+	init_samr_user_info16(r, pdb_get_acct_ctrl(smbpass));
 
 	TALLOC_FREE(smbpass);
 
@@ -2226,11 +2244,16 @@ static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx, SAM_USER_INFO_16 *id16, DO
  user. JRA.
  *************************************************************************/
 
-static NTSTATUS get_user_info_18(pipes_struct *p, TALLOC_CTX *mem_ctx, SAM_USER_INFO_18 * id18, DOM_SID *user_sid)
+static NTSTATUS get_user_info_18(pipes_struct *p,
+				 TALLOC_CTX *mem_ctx,
+				 struct samr_UserInfo18 *r,
+				 DOM_SID *user_sid)
 {
 	struct samu *smbpass=NULL;
 	bool ret;
 
+	ZERO_STRUCTP(r);
+
 	if (p->auth.auth_type != PIPE_AUTH_TYPE_NTLMSSP || p->auth.auth_type != PIPE_AUTH_TYPE_SPNEGO_NTLMSSP) {
 		return NT_STATUS_ACCESS_DENIED;
 	}
@@ -2262,8 +2285,8 @@ static NTSTATUS get_user_info_18(pipes_struct *p, TALLOC_CTX *mem_ctx, SAM_USER_
 		return NT_STATUS_ACCOUNT_DISABLED;
 	}
 
-	ZERO_STRUCTP(id18);
-	init_sam_user_info18(id18, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass));
+	init_samr_user_info18(r, pdb_get_lanman_passwd(smbpass),
+			      pdb_get_nt_passwd(smbpass));
 
 	TALLOC_FREE(smbpass);
 
@@ -2274,10 +2297,17 @@ static NTSTATUS get_user_info_18(pipes_struct *p, TALLOC_CTX *mem_ctx, SAM_USER_
  get_user_info_20
  *************************************************************************/
 
-static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx, SAM_USER_INFO_20 *id20, DOM_SID *user_sid)
+static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
+				 struct samr_UserInfo20 *r,
+				 DOM_SID *user_sid)
 {
 	struct samu *sampass=NULL;
 	bool ret;
+	const char *munged_dial = NULL;
+	const char *munged_dial_decoded = NULL;
+	DATA_BLOB blob;
+
+	ZERO_STRUCTP(r);
 
 	if ( !(sampass = samu_new( mem_ctx )) ) {
 		return NT_STATUS_NO_MEMORY;
@@ -2289,72 +2319,219 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx, SAM_USER_INFO_20 *id20, DO
 
 	if (ret == False) {
 		DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
+		TALLOC_FREE(sampass);
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
+	munged_dial = pdb_get_munged_dial(sampass);
+
 	samr_clear_sam_passwd(sampass);
 
 	DEBUG(3,("User:[%s]\n",  pdb_get_username(sampass) ));
 
-	ZERO_STRUCTP(id20);
-	init_sam_user_info20A(id20, sampass);
+	if (munged_dial) {
+		blob = base64_decode_data_blob(munged_dial);
+		munged_dial_decoded = talloc_strndup(mem_ctx,
+						     (const char *)blob.data,
+						     blob.length);
+		data_blob_free(&blob);
+		if (!munged_dial_decoded) {
+			TALLOC_FREE(sampass);
+			return NT_STATUS_NO_MEMORY;
+		}
+	}
+
+#if 0
+	init_unistr2_from_datablob(&usr->uni_munged_dial, &blob);
+	init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial);
+	data_blob_free(&blob);
+#endif
+	init_samr_user_info20(r, munged_dial_decoded);
 
 	TALLOC_FREE(sampass);
 
 	return NT_STATUS_OK;
 }
 
+
 /*************************************************************************
  get_user_info_21
  *************************************************************************/
 
-static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21,
-				 DOM_SID *user_sid, DOM_SID *domain_sid)
+static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
+				 struct samr_UserInfo21 *r,
+				 DOM_SID *user_sid,
+				 DOM_SID *domain_sid)
 {
-	struct samu *sampass=NULL;
+	struct samu *pw = NULL;
 	bool ret;
-	NTSTATUS nt_status;
-
-	if ( !(sampass = samu_new( mem_ctx )) ) {
+	const DOM_SID *sid_user, *sid_group;
+	uint32_t rid, primary_gid;
+	NTTIME last_logon, last_logoff, last_password_change,
+	       acct_expiry, allow_password_change, force_password_change;
+	time_t must_change_time;
+	uint8_t password_expired;
+	const char *account_name, *full_name, *home_directory, *home_drive,
+		   *logon_script, *profile_path, *description,
+		   *workstations, *comment, *parameters;
+	struct samr_LogonHours logon_hours;
+	const char *munged_dial = NULL;
+	DATA_BLOB blob;
+
+	ZERO_STRUCTP(r);
+
+	if (!(pw = samu_new(mem_ctx))) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
 	become_root();
-	ret = pdb_getsampwsid(sampass, user_sid);
+	ret = pdb_getsampwsid(pw, user_sid);
 	unbecome_root();
 
 	if (ret == False) {
 		DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
+		TALLOC_FREE(pw);
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
-	samr_clear_sam_passwd(sampass);
+	samr_clear_sam_passwd(pw);
 
-	DEBUG(3,("User:[%s]\n",  pdb_get_username(sampass) ));
+	DEBUG(3,("User:[%s]\n", pdb_get_username(pw)));
 
-	ZERO_STRUCTP(id21);
-	nt_status = init_sam_user_info21A(id21, sampass, domain_sid);
+	sid_user = pdb_get_user_sid(pw);
 
-	TALLOC_FREE(sampass);
+	if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
+		DEBUG(0, ("get_user_info_21: User %s has SID %s, \nwhich conflicts with "
+			  "the domain sid %s.  Failing operation.\n",
+			  pdb_get_username(pw), sid_string_dbg(sid_user),
+			  sid_string_dbg(domain_sid)));
+		TALLOC_FREE(pw);
+		return NT_STATUS_UNSUCCESSFUL;
+	}
 
-	return nt_status;
+	become_root();
+	sid_group = pdb_get_group_sid(pw);
+	unbecome_root();
+
+	if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
+		DEBUG(0, ("get_user_info_21: User %s has Primary Group SID %s, \n"
+			  "which conflicts with the domain sid %s.  Failing operation.\n",
+			  pdb_get_username(pw), sid_string_dbg(sid_group),
+			  sid_string_dbg(domain_sid)));
+		TALLOC_FREE(pw);
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	unix_to_nt_time(&last_logon, pdb_get_logon_time(pw));
+	unix_to_nt_time(&last_logoff, pdb_get_logoff_time(pw));
+	unix_to_nt_time(&acct_expiry, pdb_get_kickoff_time(pw));
+	unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(pw));
+	unix_to_nt_time(&allow_password_change, pdb_get_pass_can_change_time(pw));
+
+	must_change_time = pdb_get_pass_must_change_time(pw);
+	if (must_change_time == get_time_t_max()) {
+		unix_to_nt_time_abs(&force_password_change, must_change_time);
+	} else {
+		unix_to_nt_time(&force_password_change, must_change_time);
+	}
+
+	if (pdb_get_pass_must_change_time(pw) == 0) {
+		password_expired = PASS_MUST_CHANGE_AT_NEXT_LOGON;
+	} else {
+		password_expired = 0;
+	}
+
+	munged_dial = pdb_get_munged_dial(pw);
+	if (munged_dial) {
+		blob = base64_decode_data_blob(munged_dial);
+		parameters = talloc_strndup(mem_ctx, (const char *)blob.data, blob.length);
+		data_blob_free(&blob);
+		if (!parameters) {
+			TALLOC_FREE(pw);
+			return NT_STATUS_NO_MEMORY;
+		}
+	}
+
+
+	account_name = talloc_strdup(mem_ctx, pdb_get_username(pw));
+	full_name = talloc_strdup(mem_ctx, pdb_get_fullname(pw));
+	home_directory = talloc_strdup(mem_ctx, pdb_get_homedir(pw));
+	home_drive = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw));
+	logon_script = talloc_strdup(mem_ctx, pdb_get_logon_script(pw));
+	profile_path = talloc_strdup(mem_ctx, pdb_get_profile_path(pw));
+	description = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw));
+	workstations = talloc_strdup(mem_ctx, pdb_get_workstations(pw));
+	comment = talloc_strdup(mem_ctx, pdb_get_comment(pw));
+
+	logon_hours = get_logon_hours_from_pdb(mem_ctx, pw);
+#if 0
+
+	/*
+	  Look at a user on a real NT4 PDC with usrmgr, press
+	  'ok'. Then you will see that fields_present is set to
+	  0x08f827fa. Look at the user immediately after that again,
+	  and you will see that 0x00fffff is returned. This solves
+	  the problem that you get access denied after having looked
+	  at the user.
+	  -- Volker
+	*/
+
+#if 0
+	init_unistr2_from_datablob(&usr->uni_munged_dial, &munged_dial_blob);
+	init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial);
+	data_blob_free(&munged_dial_blob);
+#endif
+#endif
+
+	init_samr_user_info21(r,
+			      last_logon,
+			      last_logoff,
+			      last_password_change,
+			      acct_expiry,
+			      allow_password_change,
+			      force_password_change,
+			      account_name,
+			      full_name,
+			      home_directory,
+			      home_drive,
+			      logon_script,
+			      profile_path,
+			      description,
+			      workstations,
+			      comment,
+			      parameters,
+			      rid,
+			      primary_gid,
+			      pdb_get_acct_ctrl(pw),
+			      pdb_build_fields_present(pw),
+			      logon_hours,
+			      pdb_get_bad_password_count(pw),
+			      pdb_get_logon_count(pw),
+			      0, //country_code,
+			      0, //code_page,
+			      0, //nt_password_set,
+			      0, //lm_password_set,
+			      password_expired);
+	TALLOC_FREE(pw);
+
+	return NT_STATUS_OK;
 }
 
 /*******************************************************************
- _samr_query_userinfo
+ _samr_QueryUserInfo
  ********************************************************************/
 
-NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_R_QUERY_USERINFO *r_u)
+NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
+			     struct samr_QueryUserInfo *r)
 {
-	SAM_USERINFO_CTR *ctr;
+	NTSTATUS status;
+	union samr_UserInfo *user_info = NULL;
 	struct samr_info *info = NULL;
 	DOM_SID domain_sid;
 	uint32 rid;
 
-	r_u->status=NT_STATUS_OK;
-
 	/* search for the handle */
-	if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
+	if (!find_policy_by_hnd(p, r->in.user_handle, (void **)(void *)&info))
 		return NT_STATUS_INVALID_HANDLE;
 
 	domain_sid = info->sid;
@@ -2364,81 +2541,67 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_
 	if (!sid_check_is_in_our_domain(&info->sid))
 		return NT_STATUS_OBJECT_TYPE_MISMATCH;
 
-	DEBUG(5,("_samr_query_userinfo: sid:%s\n",
+	DEBUG(5,("_samr_QueryUserInfo: sid:%s\n",
 		 sid_string_dbg(&info->sid)));
 
-	ctr = TALLOC_ZERO_P(p->mem_ctx, SAM_USERINFO_CTR);
-	if (!ctr)
+	user_info = TALLOC_ZERO_P(p->mem_ctx, union samr_UserInfo);
+	if (!user_info) {
 		return NT_STATUS_NO_MEMORY;
+	}
 
-	ZERO_STRUCTP(ctr);
-
-	/* ok!  user info levels (lots: see MSDEV help), off we go... */
-	ctr->switch_value = q_u->switch_value;
-
-	DEBUG(5,("_samr_query_userinfo: user info level: %d\n", q_u->switch_value));
+	DEBUG(5,("_samr_QueryUserInfo: user info level: %d\n", r->in.level));
 
-	switch (q_u->switch_value) {
+	switch (r->in.level) {
 	case 7:
-		ctr->info.id7 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_7);
-		if (ctr->info.id7 == NULL)
-			return NT_STATUS_NO_MEMORY;
-
-		if (!NT_STATUS_IS_OK(r_u->status = get_user_info_7(p->mem_ctx, ctr->info.id7, &info->sid)))
-			return r_u->status;
+		status = get_user_info_7(p->mem_ctx, &user_info->info7, &info->sid);
+		if (!NT_STATUS_IS_OK(status)) {
+			return status;
+		}
 		break;
 	case 9:
-		ctr->info.id9 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_9);
-		if (ctr->info.id9 == NULL)
-			return NT_STATUS_NO_MEMORY;
-
-		if (!NT_STATUS_IS_OK(r_u->status = get_user_info_9(p->mem_ctx, ctr->info.id9, &info->sid)))
-			return r_u->status;
+		status = get_user_info_9(p->mem_ctx, &user_info->info9, &info->sid);
+		if (!NT_STATUS_IS_OK(status)) {
+			return status;
+		}
 		break;
 	case 16:
-		ctr->info.id16 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_16);
-		if (ctr->info.id16 == NULL)
-			return NT_STATUS_NO_MEMORY;
-
-		if (!NT_STATUS_IS_OK(r_u->status = get_user_info_16(p->mem_ctx, ctr->info.id16, &info->sid)))
-			return r_u->status;
+		status = get_user_info_16(p->mem_ctx, &user_info->info16, &info->sid);
+		if (!NT_STATUS_IS_OK(status)) {
+			return status;
+		}
 		break;
 
 	case 18:
-		ctr->info.id18 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_18);
-		if (ctr->info.id18 == NULL)
-			return NT_STATUS_NO_MEMORY;
-
-		if (!NT_STATUS_IS_OK(r_u->status = get_user_info_18(p, p->mem_ctx, ctr->info.id18, &info->sid)))
-			return r_u->status;
+		status = get_user_info_18(p, p->mem_ctx, &user_info->info18, &info->sid);
+		if (!NT_STATUS_IS_OK(status)) {
+			return status;
+		}
 		break;
 
 	case 20:
-		ctr->info.id20 = TALLOC_ZERO_P(p->mem_ctx,SAM_USER_INFO_20);
-		if (ctr->info.id20 == NULL)
-			return NT_STATUS_NO_MEMORY;
-		if (!NT_STATUS_IS_OK(r_u->status = get_user_info_20(p->mem_ctx, ctr->info.id20, &info->sid)))
-			return r_u->status;
+		status = get_user_info_20(p->mem_ctx, &user_info->info20, &info->sid);
+		if (!NT_STATUS_IS_OK(status)) {
+			return status;
+		}
 		break;
 
 	case 21:
-		ctr->info.id21 = TALLOC_ZERO_P(p->mem_ctx,SAM_USER_INFO_21);
-		if (ctr->info.id21 == NULL)
-			return NT_STATUS_NO_MEMORY;
-		if (!NT_STATUS_IS_OK(r_u->status = get_user_info_21(p->mem_ctx, ctr->info.id21,
-								    &info->sid, &domain_sid)))
-			return r_u->status;
+		status = get_user_info_21(p->mem_ctx, &user_info->info21,
+					  &info->sid, &domain_sid);
+		if (!NT_STATUS_IS_OK(status)) {
+			return status;
+		}
 		break;
 
 	default:
 		return NT_STATUS_INVALID_INFO_CLASS;
 	}
 
-	init_samr_r_query_userinfo(r_u, ctr, r_u->status);
+	*r->out.info = user_info;
 
-	DEBUG(5,("_samr_query_userinfo: %d\n", __LINE__));
+	DEBUG(5,("_samr_QueryUserInfo: %d\n", __LINE__));
 
-	return r_u->status;
+	return status;
 }
 
 /*******************************************************************
@@ -5395,16 +5558,6 @@ NTSTATUS _samr_SetMemberAttributesOfGroup(pipes_struct *p,
 /****************************************************************
 ****************************************************************/
 
-NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
-			     struct samr_QueryUserInfo *r)
-{
-	p->rng_fault_state = true;
-	return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-/****************************************************************
-****************************************************************/
-
 NTSTATUS _samr_ChangePasswordUser(pipes_struct *p,
 				  struct samr_ChangePasswordUser *r)
 {
author	Günther Deschner <gd@samba.org>	2008-02-12 12:58:47 +0100
committer	Günther Deschner <gd@samba.org>	2008-02-12 14:52:25 +0100
commit	4974200f308229f8d7d1637ef9a33bcd921e138f (patch)
tree	4b6f3ec906eb3a980fa912127e6559920cae1540 /source3/rpc_server/srv_samr_nt.c
parent	e4501b0913088e0d6414d3440643f823dda9f0a2 (diff)
download	samba-4974200f308229f8d7d1637ef9a33bcd921e138f.tar.gz samba-4974200f308229f8d7d1637ef9a33bcd921e138f.tar.bz2 samba-4974200f308229f8d7d1637ef9a33bcd921e138f.zip