pipenetlog.c lsaparse.c smb.h :

	SAM logon sorting.  too many buffer pointers.  added in the missing
	switch value (value of 3).  dealing with the buffer pointers to the
	user info structure in a slightly different way.
(This used to be commit 7993e17c9a1edddae6407d3f12790c461def705a)

4 files changed, 90 insertions, 71 deletions

diff --git a/source3/include/smb.h b/source3/include/smb.h
index 80b2f28f4a..11ec6940a6 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -741,7 +741,7 @@ typedef struct lsa_r_srv_pwset_info
 /* LSA_USER_INFO */
 typedef struct lsa_q_user_info
 {
-	uint32 undoc_buffer;
+	uint32 ptr_user_info;
 
 	NTTIME logon_time;            /* logon time */
 	NTTIME logoff_time;           /* logoff time */
@@ -809,7 +809,7 @@ typedef struct lsa_r_sam_logon_info
     uint32 buffer_creds; /* undocumented buffer pointer */
     DOM_CRED srv_creds; /* server credentials.  server time stamp appears to be ignored. */
     
-    uint32 buffer_user;
+	uint16 switch_value; /* 3 - indicates type of USER INFO */
     LSA_USER_INFO *user;
 
     uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
diff --git a/source3/libsmb/credentials.c b/source3/libsmb/credentials.c
index d56598e98a..8881704a7a 100644
--- a/source3/libsmb/credentials.c
+++ b/source3/libsmb/credentials.c
@@ -130,6 +130,15 @@ int cred_assert(DOM_CHAL *cred, uint32 session_key[2], DOM_CHAL *stored_cred,
 	DEBUG(5,("	challenge : %lx %lx\n", cred->data[0], cred->data[1]));
 	DEBUG(5,("	calculated: %lx %lx\n", cred2.data[0], cred2.data[1]));
 
-	return memcmp(cred->data, cred2.data, 8) == 0;
+	if (memcmp(cred->data, cred2.data, 8) == 0)
+	{
+		DEBUG(5, ("credentials check ok\n"));
+		return True;
+	}
+	else
+	{
+		DEBUG(5, ("credentials check wrong\n"));
+		return False;
+	}
 }
 
diff --git a/source3/lsaparse.c b/source3/lsaparse.c
index aed110f1b4..ae3d06faac 100644
--- a/source3/lsaparse.c
+++ b/source3/lsaparse.c
@@ -368,63 +368,66 @@ char* lsa_io_user_info(BOOL io, LSA_USER_INFO *usr, char *q, char *base, int ali
 
 	q = align_offset(q, base, align);
 	
-	DBG_RW_IVAL("undoc_buffer  ", depth, base, io, q, usr->undoc_buffer); q += 4;
+	DBG_RW_IVAL("ptr_user_info ", depth, base, io, q, usr->ptr_user_info); q += 4;
 
-	q = smb_io_time(io, &(usr->logon_time)           , q, base, align, depth); /* logon time */
-	q = smb_io_time(io, &(usr->logoff_time)          , q, base, align, depth); /* logoff time */
-	q = smb_io_time(io, &(usr->kickoff_time)         , q, base, align, depth); /* kickoff time */
-	q = smb_io_time(io, &(usr->pass_last_set_time)   , q, base, align, depth); /* password last set time */
-	q = smb_io_time(io, &(usr->pass_can_change_time) , q, base, align, depth); /* password can change time */
-	q = smb_io_time(io, &(usr->pass_must_change_time), q, base, align, depth); /* password must change time */
-
-	q = smb_io_unihdr(io, &(usr->hdr_user_name)   , q, base, align, depth); /* username unicode string header */
-	q = smb_io_unihdr(io, &(usr->hdr_full_name)   , q, base, align, depth); /* user's full name unicode string header */
-	q = smb_io_unihdr(io, &(usr->hdr_logon_script), q, base, align, depth); /* logon script unicode string header */
-	q = smb_io_unihdr(io, &(usr->hdr_profile_path), q, base, align, depth); /* profile path unicode string header */
-	q = smb_io_unihdr(io, &(usr->hdr_home_dir)    , q, base, align, depth); /* home directory unicode string header */
-	q = smb_io_unihdr(io, &(usr->hdr_dir_drive)   , q, base, align, depth); /* home directory drive unicode string header */
-
-	DBG_RW_SVAL("logon_count.  ", depth, base, io, q, usr->logon_count ); q += 2;  /* logon count */
-	DBG_RW_SVAL("bad_pw_count  ", depth, base, io, q, usr->bad_pw_count); q += 2; /* bad password count */
-
-	DBG_RW_IVAL("user_id       ", depth, base, io, q, usr->user_id      ); q += 4;       /* User ID */
-	DBG_RW_IVAL("group_id      ", depth, base, io, q, usr->group_id     ); q += 4;      /* Group ID */
-	DBG_RW_IVAL("num_groups    ", depth, base, io, q, usr->num_groups   ); q += 4;    /* num groups */
-	DBG_RW_IVAL("buffer_groups ", depth, base, io, q, usr->buffer_groups); q += 4; /* undocumented buffer pointer to groups. */
-	DBG_RW_IVAL("user_flgs     ", depth, base, io, q, usr->user_flgs    ); q += 4;     /* user flags */
-
-	DBG_RW_PCVAL("sess_key     ", depth, base, io, q, usr->sess_key, 16); q += 16; /* unused user session key */
-
-	q = smb_io_unihdr(io, &(usr->hdr_logon_srv), q, base, align, depth); /* logon server unicode string header */
-	q = smb_io_unihdr(io, &(usr->hdr_logon_dom), q, base, align, depth); /* logon domain unicode string header */
-
-	DBG_RW_IVAL("buffer_dom_id ", depth, base, io, q, usr->buffer_dom_id); q += 4; /* undocumented logon domain id pointer */
-	DBG_RW_PCVAL("padding       ", depth, base, io, q, usr->padding, 40); q += 40; /* unused padding bytes? */
-
-	DBG_RW_IVAL("num_other_sids", depth, base, io, q, usr->num_other_sids); q += 4; /* 0 - num_sids */
-	DBG_RW_IVAL("buffer_other_sids", depth, base, io, q, usr->buffer_other_sids); q += 4; /* NULL - undocumented pointer to SIDs. */
-	
-	q = smb_io_unistr2(io, &(usr->uni_user_name)   , q, base, align, depth); /* username unicode string */
-	q = smb_io_unistr2(io, &(usr->uni_full_name)   , q, base, align, depth); /* user's full name unicode string */
-	q = smb_io_unistr2(io, &(usr->uni_logon_script), q, base, align, depth); /* logon script unicode string */
-	q = smb_io_unistr2(io, &(usr->uni_profile_path), q, base, align, depth); /* profile path unicode string */
-	q = smb_io_unistr2(io, &(usr->uni_home_dir)    , q, base, align, depth); /* home directory unicode string */
-	q = smb_io_unistr2(io, &(usr->uni_dir_drive)   , q, base, align, depth); /* home directory drive unicode string */
-
-	DBG_RW_IVAL("num_groups2   ", depth, base, io, q, usr->num_groups2); q += 4;        /* num groups */
-	for (i = 0; i < usr->num_groups2; i++)
+	if (usr->ptr_user_info != 0)
 	{
-		q = smb_io_gid(io, &(usr->gids[i]), q, base, align, depth); /* group info */
-	}
+		q = smb_io_time(io, &(usr->logon_time)           , q, base, align, depth); /* logon time */
+		q = smb_io_time(io, &(usr->logoff_time)          , q, base, align, depth); /* logoff time */
+		q = smb_io_time(io, &(usr->kickoff_time)         , q, base, align, depth); /* kickoff time */
+		q = smb_io_time(io, &(usr->pass_last_set_time)   , q, base, align, depth); /* password last set time */
+		q = smb_io_time(io, &(usr->pass_can_change_time) , q, base, align, depth); /* password can change time */
+		q = smb_io_time(io, &(usr->pass_must_change_time), q, base, align, depth); /* password must change time */
+
+		q = smb_io_unihdr(io, &(usr->hdr_user_name)   , q, base, align, depth); /* username unicode string header */
+		q = smb_io_unihdr(io, &(usr->hdr_full_name)   , q, base, align, depth); /* user's full name unicode string header */
+		q = smb_io_unihdr(io, &(usr->hdr_logon_script), q, base, align, depth); /* logon script unicode string header */
+		q = smb_io_unihdr(io, &(usr->hdr_profile_path), q, base, align, depth); /* profile path unicode string header */
+		q = smb_io_unihdr(io, &(usr->hdr_home_dir)    , q, base, align, depth); /* home directory unicode string header */
+		q = smb_io_unihdr(io, &(usr->hdr_dir_drive)   , q, base, align, depth); /* home directory drive unicode string header */
+
+		DBG_RW_SVAL("logon_count   ", depth, base, io, q, usr->logon_count ); q += 2;  /* logon count */
+		DBG_RW_SVAL("bad_pw_count  ", depth, base, io, q, usr->bad_pw_count); q += 2; /* bad password count */
+
+		DBG_RW_IVAL("user_id       ", depth, base, io, q, usr->user_id      ); q += 4;       /* User ID */
+		DBG_RW_IVAL("group_id      ", depth, base, io, q, usr->group_id     ); q += 4;      /* Group ID */
+		DBG_RW_IVAL("num_groups    ", depth, base, io, q, usr->num_groups   ); q += 4;    /* num groups */
+		DBG_RW_IVAL("buffer_groups ", depth, base, io, q, usr->buffer_groups); q += 4; /* undocumented buffer pointer to groups. */
+		DBG_RW_IVAL("user_flgs     ", depth, base, io, q, usr->user_flgs    ); q += 4;     /* user flags */
+
+		DBG_RW_PCVAL("sess_key     ", depth, base, io, q, usr->sess_key, 16); q += 16; /* unused user session key */
+
+		q = smb_io_unihdr(io, &(usr->hdr_logon_srv), q, base, align, depth); /* logon server unicode string header */
+		q = smb_io_unihdr(io, &(usr->hdr_logon_dom), q, base, align, depth); /* logon domain unicode string header */
+
+		DBG_RW_IVAL("buffer_dom_id ", depth, base, io, q, usr->buffer_dom_id); q += 4; /* undocumented logon domain id pointer */
+		DBG_RW_PCVAL("padding       ", depth, base, io, q, usr->padding, 40); q += 40; /* unused padding bytes? */
+
+		DBG_RW_IVAL("num_other_sids", depth, base, io, q, usr->num_other_sids); q += 4; /* 0 - num_sids */
+		DBG_RW_IVAL("buffer_other_sids", depth, base, io, q, usr->buffer_other_sids); q += 4; /* NULL - undocumented pointer to SIDs. */
+		
+		q = smb_io_unistr2(io, &(usr->uni_user_name)   , q, base, align, depth); /* username unicode string */
+		q = smb_io_unistr2(io, &(usr->uni_full_name)   , q, base, align, depth); /* user's full name unicode string */
+		q = smb_io_unistr2(io, &(usr->uni_logon_script), q, base, align, depth); /* logon script unicode string */
+		q = smb_io_unistr2(io, &(usr->uni_profile_path), q, base, align, depth); /* profile path unicode string */
+		q = smb_io_unistr2(io, &(usr->uni_home_dir)    , q, base, align, depth); /* home directory unicode string */
+		q = smb_io_unistr2(io, &(usr->uni_dir_drive)   , q, base, align, depth); /* home directory drive unicode string */
+
+		DBG_RW_IVAL("num_groups2   ", depth, base, io, q, usr->num_groups2); q += 4;        /* num groups */
+		for (i = 0; i < usr->num_groups2; i++)
+		{
+			q = smb_io_gid(io, &(usr->gids[i]), q, base, align, depth); /* group info */
+		}
 
-	q = smb_io_unistr2(io, &( usr->uni_logon_srv), q, base, align, depth); /* logon server unicode string */
-	q = smb_io_unistr2(io, &( usr->uni_logon_dom), q, base, align, depth); /* logon domain unicode string */
+		q = smb_io_unistr2(io, &( usr->uni_logon_srv), q, base, align, depth); /* logon server unicode string */
+		q = smb_io_unistr2(io, &( usr->uni_logon_dom), q, base, align, depth); /* logon domain unicode string */
 
-	q = smb_io_dom_sid(io, &(usr->dom_sid), q, base, align, depth);           /* domain SID */
+		q = smb_io_dom_sid(io, &(usr->dom_sid), q, base, align, depth);           /* domain SID */
 
-	for (i = 0; i < usr->num_other_sids; i++)
-	{
-		q = smb_io_dom_sid(io, &(usr->other_sids[i]), q, base, align, depth); /* other domain SIDs */
+		for (i = 0; i < usr->num_other_sids; i++)
+		{
+			q = smb_io_dom_sid(io, &(usr->other_sids[i]), q, base, align, depth); /* other domain SIDs */
+		}
 	}
 
 	return q;
@@ -462,12 +465,9 @@ char* lsa_io_r_sam_logon(BOOL io, LSA_R_SAM_LOGON *r_l, char *q, char *base, int
 	DBG_RW_IVAL("buffer_creds", depth, base, io, q, r_l->buffer_creds); q += 4; /* undocumented buffer pointer */
 	q = smb_io_cred(io, &(r_l->srv_creds), q, base, align, depth); /* server credentials.  server time stamp appears to be ignored. */
 
-	DBG_RW_IVAL("buffer_user ", depth, base, io, q, r_l->buffer_user); q += 4;
-	if (r_l->buffer_user != 0)
-	{
-		q = lsa_io_user_info(io, r_l->user, q, base, align, depth);
-	}
-
+	DBG_RW_SVAL("switch_value", depth, base, io, q, r_l->switch_value); q += 2; /* 1 - Authoritative response; 0 - Non-Auth? */
+	q = align_offset(q, base, align);
+	q = lsa_io_user_info(io, r_l->user, q, base, align, depth);
 	DBG_RW_IVAL("auth_resp   ", depth, base, io, q, r_l->auth_resp); q += 4; /* 1 - Authoritative response; 0 - Non-Auth? */
 
 	DBG_RW_IVAL("status      ", depth, base, io, q, r_l->status); q += 4;
diff --git a/source3/pipenetlog.c b/source3/pipenetlog.c
index 14b2063951..f291620796 100644
--- a/source3/pipenetlog.c
+++ b/source3/pipenetlog.c
@@ -164,7 +164,7 @@ static void make_lsa_user_info(LSA_USER_INFO *usr,
 	int len_logon_srv    = strlen(logon_srv);
 	int len_logon_dom    = strlen(logon_dom);
 
-	usr->undoc_buffer = 1; /* yes, we're bothering to put USER_INFO data here */
+	usr->ptr_user_info = 1; /* yes, we're bothering to put USER_INFO data here */
 
 	usr->logon_time            = *logon_time;
 	usr->logoff_time           = *logoff_time;
@@ -186,7 +186,7 @@ static void make_lsa_user_info(LSA_USER_INFO *usr,
 	usr->user_id = user_id;
 	usr->group_id = group_id;
 	usr->num_groups = num_groups;
-	usr->buffer_groups = num_groups ? 1 : 0; /* yes, we're bothering to put group info in */
+	usr->buffer_groups = 1; /* indicates fill in groups, below, even if there are none */
 	usr->user_flgs = user_flgs;
 
 	if (sess_key != NULL)
@@ -240,8 +240,17 @@ static int lsa_reply_sam_logon(LSA_Q_SAM_LOGON *q_s, char *q, char *base,
 
 	/* store the user information, if there is any. */
 	r_s.user = user_info;
-	r_s.buffer_user = user_info != NULL ? 1 : 0;
-	r_s.status = user_info != NULL ? 0 : (0xC000000|NT_STATUS_NO_SUCH_USER);
+	if (user_info != NULL && user_info->ptr_user_info != 0)
+	{
+		r_s.switch_value = 3; /* indicates type of validation user info */
+		r_s.status = 0;
+	}
+	else
+	{
+		r_s.switch_value = 0; /* don't know what this value is supposed to be */
+		r_s.status = 0xC000000|NT_STATUS_NO_SUCH_USER;
+	}
+
 	r_s.auth_resp = 1; /* authoritative response */
 
 	/* store the response in the SMB stream */
@@ -406,7 +415,7 @@ static BOOL deal_with_credentials(user_struct *vuser,
 	srv_cred->timestamp.time = 0;
 
 	/* check that the client credentials are valid */
-	if (cred_assert(&(clnt_cred->challenge), vuser->dc.sess_key,
+	if (!cred_assert(&(clnt_cred->challenge), vuser->dc.sess_key,
                     &(vuser->dc.clnt_cred), clnt_cred->timestamp))
 	{
 		return False;
@@ -478,7 +487,6 @@ static void api_lsa_sam_logon( user_struct *vuser,
 {
 	LSA_Q_SAM_LOGON q_l;
 	LSA_USER_INFO usr_info;
-	LSA_USER_INFO *p_usr_info = NULL;
 
 	DOM_CRED srv_creds;
 
@@ -523,9 +531,7 @@ static void api_lsa_sam_logon( user_struct *vuser,
 		standard_sub_basic(home_dir);
 #endif
 
-		p_usr_info = &usr_info;
-
-		make_lsa_user_info(p_usr_info,
+		make_lsa_user_info(&usr_info,
 
 		               &dummy_time, /* logon_time */
 		               &dummy_time, /* logoff_time */
@@ -558,9 +564,13 @@ static void api_lsa_sam_logon( user_struct *vuser,
 		               dom_sid, /* char *dom_sid */
 		               NULL); /* char *other_sids */
 	}
+	else
+	{
+		usr_info.ptr_user_info = 0;
+	}
 
 	*rdata_len = lsa_reply_sam_logon(&q_l, *rdata + 0x18, *rdata,
-					&srv_creds, p_usr_info);
+					&srv_creds, &usr_info);
 }