Merge branch 'master' of ssh://git.samba.org/data/git/samba

author: Andrew Tridgell <tridge@samba.org> 2008-12-16 11:41:20 +1100
committer: Andrew Tridgell <tridge@samba.org> 2008-12-16 11:41:20 +1100
commit: f448fde4e35e56508ad93be8de9f60d88e8b8dcd (patch)
tree: 597b58ba1af03f5250af918ec15300c385281706 /source3/rpc_server
parent: a226d86dcec393b2cd657d5441c3041dfdf5cd8f (diff)
parent: 530758dc2a6dd6dce083789b328e16e51ba6573d (diff)
download: samba-f448fde4e35e56508ad93be8de9f60d88e8b8dcd.tar.gz
samba-f448fde4e35e56508ad93be8de9f60d88e8b8dcd.tar.bz2
samba-f448fde4e35e56508ad93be8de9f60d88e8b8dcd.zip
3 files changed, 105 insertions, 47 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 45acd3ed48..038690d0f1 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -1402,10 +1402,10 @@ NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p,
 /****************************************************************
 ****************************************************************/
 
-WERROR _netr_NETRSERVERGETTRUSTINFO(pipes_struct *p,
-				    struct netr_NETRSERVERGETTRUSTINFO *r)
+NTSTATUS _netr_ServerGetTrustInfo(pipes_struct *p,
+				  struct netr_ServerGetTrustInfo *r)
 {
 	p->rng_fault_state = true;
-	return WERR_NOT_SUPPORTED;
+	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index cbcd4de60c..342f432c4e 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2079,7 +2079,7 @@ NTSTATUS _samr_LookupRids(pipes_struct *p,
 		return NT_STATUS_INVALID_HANDLE;
 
 	status = access_check_samr_function(acc_granted,
-					    SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
+					    0, /* Don't know the acc_bits yet */
 					    "_samr_LookupRids");
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
@@ -2430,8 +2430,10 @@ static NTSTATUS get_user_info_18(pipes_struct *p,
 		return NT_STATUS_ACCOUNT_DISABLED;
 	}
 
-	init_samr_user_info18(r, pdb_get_lanman_passwd(smbpass),
-			      pdb_get_nt_passwd(smbpass));
+	init_samr_user_info18(r,
+			      pdb_get_lanman_passwd(smbpass),
+			      pdb_get_nt_passwd(smbpass),
+			      0 /* FIXME */);
 
 	TALLOC_FREE(smbpass);
 
@@ -2607,8 +2609,8 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
 			      pdb_get_logon_count(pw),
 			      0, /* country_code */
 			      0, /* code_page */
-			      0, /* nt_password_set */
 			      0, /* lm_password_set */
+			      0, /* nt_password_set */
 			      password_expired);
 
 	return NT_STATUS_OK;
@@ -2634,7 +2636,7 @@ NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
 		return NT_STATUS_INVALID_HANDLE;
 
 	status = access_check_samr_function(info->acc_granted,
-					    SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
+					    SAMR_USER_ACCESS_GET_ATTRIBUTES,
 					    "_samr_QueryUserInfo");
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
@@ -3699,29 +3701,62 @@ static bool set_user_info_16(struct samr_UserInfo16 *id16,
  set_user_info_18
  ********************************************************************/
 
-static bool set_user_info_18(struct samr_UserInfo18 *id18,
-			     struct samu *pwd)
+static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18,
+				 TALLOC_CTX *mem_ctx,
+				 DATA_BLOB *session_key,
+				 struct samu *pwd)
 {
 	if (id18 == NULL) {
 		DEBUG(2, ("set_user_info_18: id18 is NULL\n"));
-		return False;
+		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	if (!pdb_set_lanman_passwd (pwd, id18->lm_pwd.hash, PDB_CHANGED)) {
-		return False;
+	if (id18->nt_pwd_active || id18->lm_pwd_active) {
+		if (!session_key->length) {
+			return NT_STATUS_NO_USER_SESSION_KEY;
+		}
 	}
-	if (!pdb_set_nt_passwd     (pwd, id18->nt_pwd.hash, PDB_CHANGED)) {
-		return False;
+
+	if (id18->nt_pwd_active) {
+
+		DATA_BLOB in, out;
+
+		in = data_blob_const(id18->nt_pwd.hash, 16);
+		out = data_blob_talloc_zero(mem_ctx, 16);
+
+		sess_crypt_blob(&out, &in, session_key, false);
+
+		if (!pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED)) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
+
+		pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
 	}
- 	if (!pdb_set_pass_last_set_time (pwd, time(NULL), PDB_CHANGED)) {
-		return False;
+
+	if (id18->lm_pwd_active) {
+
+		DATA_BLOB in, out;
+
+		in = data_blob_const(id18->lm_pwd.hash, 16);
+		out = data_blob_talloc_zero(mem_ctx, 16);
+
+		sess_crypt_blob(&out, &in, session_key, false);
+
+		if (!pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED)) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
+
+		pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
 	}
 
-	if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
-		return False;
- 	}
+	if (id18->password_expired) {
+		pdb_set_pass_last_set_time(pwd, 0, PDB_CHANGED);
+	} else {
+		/* FIXME */
+		pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
+	}
 
-	return True;
+	return pdb_update_sam_account(pwd);
 }
 
 /*******************************************************************
@@ -3856,8 +3891,8 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
-	if ((id23->info.fields_present & SAMR_FIELD_PASSWORD) ||
-	    (id23->info.fields_present & SAMR_FIELD_PASSWORD2)) {
+	if ((id23->info.fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
+	    (id23->info.fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT)) {
 
 		DEBUG(5, ("Attempting administrator password change (level 23) for user %s\n",
 			  pdb_get_username(pwd)));
@@ -4178,9 +4213,10 @@ NTSTATUS _samr_SetUserInfo(pipes_struct *p,
 
 		case 18:
 			/* Used by AS/U JRA. */
-			if (!set_user_info_18(&info->info18, pwd)) {
-				status = NT_STATUS_ACCESS_DENIED;
-			}
+			status = set_user_info_18(&info->info18,
+						  p->mem_ctx,
+						  &p->server_info->user_session_key,
+						  pwd);
 			break;
 
 		case 20:
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index bf3669022d..15af963c4c 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -493,6 +493,19 @@ static bool is_hidden_share(int snum)
 }
 
 /*******************************************************************
+ Verify user is allowed to view share, access based enumeration
+********************************************************************/
+static bool is_enumeration_allowed(pipes_struct *p,
+                                   int snum)
+{
+    if (!lp_access_based_share_enum(snum))
+        return true;
+
+    return share_access_check(p->server_info->ptok, lp_servicename(snum),
+                              FILE_READ_DATA);
+}
+
+/*******************************************************************
  Fill in a share info structure.
  ********************************************************************/
 
@@ -509,6 +522,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 	TALLOC_CTX *ctx = p->mem_ctx;
 	int i = 0;
 	int valid_share_count = 0;
+	bool *allowed = 0;
 	union srvsvc_NetShareCtr ctr;
 	uint32_t resume_handle = resume_handle_p ? *resume_handle_p : 0;
 
@@ -521,15 +535,21 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 	num_services = lp_numservices();
 	unbecome_root();
 
-	/* Count the number of entries. */
-	for (snum = 0; snum < num_services; snum++) {
-		if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) ) {
-			DEBUG(10, ("counting service %s\n", lp_servicename(snum)));
-			num_entries++;
-		} else {
-			DEBUG(10, ("NOT counting service %s\n", lp_servicename(snum)));
-		}
-	}
+        allowed = TALLOC_ZERO_ARRAY(ctx, bool, num_services);
+        W_ERROR_HAVE_NO_MEMORY(allowed);
+
+        /* Count the number of entries. */
+        for (snum = 0; snum < num_services; snum++) {
+                if (lp_browseable(snum) && lp_snum_ok(snum) &&
+                    is_enumeration_allowed(p, snum) &&
+                    (all_shares || !is_hidden_share(snum)) ) {
+                        DEBUG(10, ("counting service %s\n", lp_servicename(snum)));
+                        allowed[snum] = true;
+                        num_entries++;
+                } else {
+                        DEBUG(10, ("NOT counting service %s\n", lp_servicename(snum)));
+                }
+        }
 
 	if (!num_entries || (resume_handle >= num_entries)) {
 		return WERR_OK;
@@ -547,7 +567,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 		W_ERROR_HAVE_NO_MEMORY(ctr.ctr0->array);
 
 		for (snum = 0; snum < num_services; snum++) {
-			if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+			if (allowed[snum] &&
 			    (resume_handle <= (i + valid_share_count++)) ) {
 				init_srv_share_info_0(p, &ctr.ctr0->array[i++], snum);
 			}
@@ -564,7 +584,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 		W_ERROR_HAVE_NO_MEMORY(ctr.ctr1->array);
 
 		for (snum = 0; snum < num_services; snum++) {
-			if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+			if (allowed[snum] &&
 			    (resume_handle <= (i + valid_share_count++)) ) {
 				init_srv_share_info_1(p, &ctr.ctr1->array[i++], snum);
 			}
@@ -581,7 +601,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 		W_ERROR_HAVE_NO_MEMORY(ctr.ctr2->array);
 
 		for (snum = 0; snum < num_services; snum++) {
-			if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+			if (allowed[snum] &&
 			    (resume_handle <= (i + valid_share_count++)) ) {
 				init_srv_share_info_2(p, &ctr.ctr2->array[i++], snum);
 			}
@@ -598,7 +618,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 		W_ERROR_HAVE_NO_MEMORY(ctr.ctr501->array);
 
 		for (snum = 0; snum < num_services; snum++) {
-			if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+			if (allowed[snum] &&
 			    (resume_handle <= (i + valid_share_count++)) ) {
 				init_srv_share_info_501(p, &ctr.ctr501->array[i++], snum);
 			}
@@ -615,7 +635,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 		W_ERROR_HAVE_NO_MEMORY(ctr.ctr502->array);
 
 		for (snum = 0; snum < num_services; snum++) {
-			if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+			if (allowed[snum] &&
 			    (resume_handle <= (i + valid_share_count++)) ) {
 				init_srv_share_info_502(p, &ctr.ctr502->array[i++], snum);
 			}
@@ -632,7 +652,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 		W_ERROR_HAVE_NO_MEMORY(ctr.ctr1004->array);
 
 		for (snum = 0; snum < num_services; snum++) {
-			if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+			if (allowed[snum] &&
 			    (resume_handle <= (i + valid_share_count++)) ) {
 				init_srv_share_info_1004(p, &ctr.ctr1004->array[i++], snum);
 			}
@@ -649,7 +669,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 		W_ERROR_HAVE_NO_MEMORY(ctr.ctr1005->array);
 
 		for (snum = 0; snum < num_services; snum++) {
-			if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+			if (allowed[snum] &&
 			    (resume_handle <= (i + valid_share_count++)) ) {
 				init_srv_share_info_1005(p, &ctr.ctr1005->array[i++], snum);
 			}
@@ -666,7 +686,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 		W_ERROR_HAVE_NO_MEMORY(ctr.ctr1006->array);
 
 		for (snum = 0; snum < num_services; snum++) {
-			if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+			if (allowed[snum] &&
 			    (resume_handle <= (i + valid_share_count++)) ) {
 				init_srv_share_info_1006(p, &ctr.ctr1006->array[i++], snum);
 			}
@@ -683,7 +703,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 		W_ERROR_HAVE_NO_MEMORY(ctr.ctr1007->array);
 
 		for (snum = 0; snum < num_services; snum++) {
-			if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+			if (allowed[snum] &&
 			    (resume_handle <= (i + valid_share_count++)) ) {
 				init_srv_share_info_1007(p, &ctr.ctr1007->array[i++], snum);
 			}
@@ -700,7 +720,7 @@ static WERROR init_srv_share_info_ctr(pipes_struct *p,
 		W_ERROR_HAVE_NO_MEMORY(ctr.ctr1501->array);
 
 		for (snum = 0; snum < num_services; snum++) {
-			if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+			if (allowed[snum] &&
 			    (resume_handle <= (i + valid_share_count++)) ) {
 				init_srv_share_info_1501(p, &ctr.ctr1501->array[i++], snum);
 			}
@@ -2048,11 +2068,12 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
 		goto error_exit;
 	}
 
-	nt_status = create_file(
+	nt_status = SMB_VFS_CREATE_FILE(
 		conn,					/* conn */
 		NULL,					/* req */
 		0,					/* root_dir_fid */
 		r->in.file,				/* fname */
+		CFF_DOS_PATH,				/* create_file_flags */
 		FILE_READ_ATTRIBUTES,			/* access_mask */
 		FILE_SHARE_READ|FILE_SHARE_WRITE,	/* share_access */
 		FILE_OPEN,				/* create_disposition*/
@@ -2162,11 +2183,12 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p,
 		goto error_exit;
 	}
 
-	nt_status = create_file(
+	nt_status = SMB_VFS_CREATE_FILE(
 		conn,					/* conn */
 		NULL,					/* req */
 		0,					/* root_dir_fid */
 		r->in.file,				/* fname */
+		CFF_DOS_PATH,				/* create_file_flags */
 		FILE_WRITE_ATTRIBUTES,			/* access_mask */
 		FILE_SHARE_READ|FILE_SHARE_WRITE,	/* share_access */
 		FILE_OPEN,				/* create_disposition*/
author	Andrew Tridgell <tridge@samba.org>	2008-12-16 11:41:20 +1100
committer	Andrew Tridgell <tridge@samba.org>	2008-12-16 11:41:20 +1100
commit	f448fde4e35e56508ad93be8de9f60d88e8b8dcd (patch)
tree	597b58ba1af03f5250af918ec15300c385281706 /source3/rpc_server
parent	a226d86dcec393b2cd657d5441c3041dfdf5cd8f (diff)
parent	530758dc2a6dd6dce083789b328e16e51ba6573d (diff)
download	samba-f448fde4e35e56508ad93be8de9f60d88e8b8dcd.tar.gz samba-f448fde4e35e56508ad93be8de9f60d88e8b8dcd.tar.bz2 samba-f448fde4e35e56508ad93be8de9f60d88e8b8dcd.zip