summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorJean-François Micouleau <jfm@samba.org>2000-10-07 15:56:36 +0000
committerJean-François Micouleau <jfm@samba.org>2000-10-07 15:56:36 +0000
commit75c346e70c83f7386ecd2f10fe155c4a4dfd47de (patch)
tree23a7a2fe9a9c3c571bae50760d54518885455d5f /source3
parent8582d426467e715a912ef06c13bdbbdeb9000739 (diff)
downloadsamba-75c346e70c83f7386ecd2f10fe155c4a4dfd47de.tar.gz
samba-75c346e70c83f7386ecd2f10fe155c4a4dfd47de.tar.bz2
samba-75c346e70c83f7386ecd2f10fe155c4a4dfd47de.zip
added samr_set_user_info and info_2.
cleanup of create_user cleanup of rid/sid mix in samr. now we only have sid. some prs_align() missing in parse_samr.c a small debug change in srv_pipe.c You still can't change a user's password in this commit. Will be availble in the next one. J.F. (This used to be commit b655bc281fa183b1827a946ada1fcf500fb93aea)
Diffstat (limited to 'source3')
-rw-r--r--source3/include/proto.h31
-rw-r--r--source3/include/rpc_samr_old.h236
-rw-r--r--source3/libsmb/smbencrypt.c44
-rw-r--r--source3/passdb/passdb.c209
-rw-r--r--source3/rpc_client/cli_samr.c12
-rw-r--r--source3/rpc_parse/parse_samr.c706
-rw-r--r--source3/rpc_server/srv_lsa_hnd.c31
-rw-r--r--source3/rpc_server/srv_pipe.c2
-rw-r--r--source3/rpc_server/srv_samr.c687
9 files changed, 1697 insertions, 261 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index c1c1cd8e35..27fcb6a921 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -867,6 +867,8 @@ void SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]);
void NTLMSSPOWFencrypt(uchar passwd[8], uchar *ntlmchalresp, uchar p24[24]);
void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24);
BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode);
+BOOL decode_pw_buffer(const char buffer[516], char *new_pwrd,
+ int new_pwrd_size, uint32 *new_pw_len);
/*The following definitions come from libsmb/smberr.c */
@@ -1627,11 +1629,16 @@ struct sam_disp_info *getsamdisprid(uint32 rid);
struct sam_passwd *getsam21pwent(void *vp);
struct sam_passwd *getsam21pwnam(char *name);
struct sam_passwd *getsam21pwrid(uint32 rid);
+BOOL add_sam21pwd_entry(struct sam_passwd *pwd);
+BOOL mod_sam21pwd_entry(struct sam_passwd *pwd, BOOL override);
void pdb_init_smb(struct smb_passwd *user);
void pdb_init_sam(struct sam_passwd *user);
struct sam_disp_info *pdb_sam_to_dispinfo(struct sam_passwd *user);
struct smb_passwd *pdb_sam_to_smb(struct sam_passwd *user);
struct sam_passwd *pdb_smb_to_sam(struct smb_passwd *user);
+void copy_id23_to_sam_passwd(struct sam_passwd *to, SAM_USER_INFO_23 *from);
+void copy_id21_to_sam_passwd(struct sam_passwd *to, SAM_USER_INFO_21 *from);
+void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from);
char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length);
uint16 pdb_decode_acct_ctrl(const char *p);
time_t pdb_get_last_set_time(const char *p);
@@ -2539,8 +2546,13 @@ BOOL samr_io_q_unknown_3(char *desc, SAMR_Q_UNKNOWN_3 *q_u, prs_struct *ps, int
void init_samr_q_query_dom_info(SAMR_Q_QUERY_DOMAIN_INFO *q_u,
POLICY_HND *domain_pol, uint16 switch_value);
BOOL samr_io_q_query_dom_info(char *desc, SAMR_Q_QUERY_DOMAIN_INFO *q_u, prs_struct *ps, int depth);
+BOOL init_unk_info1(SAM_UNK_INFO_1 *u_1);
void init_unk_info2(SAM_UNK_INFO_2 *u_2, char *domain, char *server);
BOOL sam_io_unk_info2(char *desc, SAM_UNK_INFO_2 *u_2, prs_struct *ps, int depth);
+BOOL init_unk_info3(SAM_UNK_INFO_3 * u_3);
+BOOL init_unk_info6(SAM_UNK_INFO_6 * u_6);
+BOOL init_unk_info7(SAM_UNK_INFO_7 *u_7);
+BOOL init_unk_info12(SAM_UNK_INFO_12 * u_12);
void init_samr_r_query_dom_info(SAMR_R_QUERY_DOMAIN_INFO *r_u,
uint16 switch_value, SAM_UNK_CTR *ctr,
uint32 status);
@@ -2601,11 +2613,11 @@ BOOL samr_io_q_lookup_names(char *desc, SAMR_Q_LOOKUP_NAMES *q_u, prs_struct *p
void init_samr_r_lookup_names(SAMR_R_LOOKUP_NAMES *r_u,
uint32 num_rids, uint32 *rid, enum SID_NAME_USE *type, uint32 status);
BOOL samr_io_r_lookup_names(char *desc, SAMR_R_LOOKUP_NAMES *r_u, prs_struct *ps, int depth);
-BOOL samr_io_q_unknown_12(char *desc, SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, int depth);
-void init_samr_r_unknown_12(SAMR_R_UNKNOWN_12 *r_u,
+BOOL samr_io_q_lookup_rids(char *desc, SAMR_Q_LOOKUP_RIDS *q_u, prs_struct *ps, int depth);
+void init_samr_r_lookup_rids(SAMR_R_LOOKUP_RIDS *r_u,
uint32 num_aliases, fstring *als_name, uint32 *num_als_usrs,
uint32 status);
-BOOL samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, int depth);
+BOOL samr_io_r_lookup_rids(char *desc, SAMR_R_LOOKUP_RIDS *r_u, prs_struct *ps, int depth);
void init_samr_q_open_user(SAMR_Q_OPEN_USER *q_u,
POLICY_HND *pol,
uint32 unk_0, uint32 rid);
@@ -2672,9 +2684,9 @@ BOOL samr_io_q_connect_anon(char *desc, SAMR_Q_CONNECT_ANON *q_u, prs_struct *p
BOOL samr_io_r_connect_anon(char *desc, SAMR_R_CONNECT_ANON *r_u, prs_struct *ps, int depth);
void init_samr_q_open_alias(SAMR_Q_OPEN_ALIAS *q_u,
uint32 unknown_0, uint32 rid);
-BOOL samr_io_q_open_alias(char *desc, SAMR_Q_OPEN_ALIAS *q_u, prs_struct *ps, int depth);
+BOOL samr_io_q_open_alias(char *desc, SAMR_Q_OPEN_ALIAS *q_u, prs_struct *ps, int depth);
BOOL samr_io_r_open_alias(char *desc, SAMR_R_OPEN_ALIAS *r_u, prs_struct *ps, int depth);
-void init_samr_q_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
+void init_samr_q_lookup_rids(SAMR_Q_LOOKUP_RIDS *q_u,
POLICY_HND *pol, uint32 rid,
uint32 num_gids, uint32 *gid);
void init_samr_q_unknown_21(SAMR_Q_UNKNOWN_21 *q_c,
@@ -2707,6 +2719,14 @@ BOOL init_samr_r_enum_domains(SAMR_R_ENUM_DOMAINS * r_u,
uint32 next_idx, fstring* domains, uint32 num_sam_entries);
BOOL samr_io_r_enum_domains(char *desc, SAMR_R_ENUM_DOMAINS * r_u,
prs_struct *ps, int depth);
+void free_samr_userinfo_ctr(SAM_USERINFO_CTR * ctr);
+BOOL samr_io_q_set_userinfo(char *desc, SAMR_Q_SET_USERINFO *q_u, prs_struct *ps, int depth);
+void free_samr_q_set_userinfo(SAMR_Q_SET_USERINFO * q_u);
+BOOL samr_io_r_set_userinfo(char *desc, SAMR_R_SET_USERINFO *r_u, prs_struct *ps, int depth);
+BOOL samr_io_q_set_userinfo2(char *desc, SAMR_Q_SET_USERINFO2 *q_u, prs_struct *ps, int depth);
+void free_samr_q_set_userinfo2(SAMR_Q_SET_USERINFO2 *q_u);
+BOOL make_samr_r_set_userinfo2(SAMR_R_SET_USERINFO2 *r_u, uint32 status);
+BOOL samr_io_r_set_userinfo2(char *desc, SAMR_R_SET_USERINFO2 *r_u, prs_struct *ps, int depth);
#endif
/*The following definitions come from rpc_parse/parse_sec.c */
@@ -3074,7 +3094,6 @@ BOOL api_ntlsa_rpc(pipes_struct *p);
void init_lsa_policy_hnd(void);
BOOL open_lsa_policy_hnd(POLICY_HND *hnd);
int find_lsa_policy_by_hnd(POLICY_HND *hnd);
-BOOL set_lsa_policy_samr_rid(POLICY_HND *hnd, uint32 rid);
BOOL set_lsa_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status);
BOOL set_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid);
BOOL get_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid);
diff --git a/source3/include/rpc_samr_old.h b/source3/include/rpc_samr_old.h
index 620f5bc628..656a9de434 100644
--- a/source3/include/rpc_samr_old.h
+++ b/source3/include/rpc_samr_old.h
@@ -77,32 +77,34 @@ SamrTestPrivateFunctionsUser
********************************************************************/
+#define SAMR_CONNECT_ANON 0x00
#define SAMR_CLOSE_HND 0x01
+#define SAMR_UNKNOWN_3 0x03
#define SAMR_LOOKUP_DOMAIN 0x05
#define SAMR_ENUM_DOMAINS 0x06
#define SAMR_OPEN_DOMAIN 0x07
#define SAMR_QUERY_DOMAIN_INFO 0x08
+#define SAMR_ENUM_DOM_USERS 0x0d
+#define SAMR_ENUM_DOM_ALIASES 0x0f
#define SAMR_LOOKUP_IDS 0x10
#define SAMR_LOOKUP_NAMES 0x11
-#define SAMR_UNKNOWN_3 0x03
-#define SAMR_QUERY_DISPINFO 0x28
+#define SAMR_LOOKUP_RIDS 0x12
+#define SAMR_OPEN_ALIAS 0x1b
+#define SAMR_QUERY_ALIASINFO 0x1c
+#define SAMR_UNKNOWN_21 0x21
#define SAMR_OPEN_USER 0x22
#define SAMR_QUERY_USERINFO 0x24
+#define SAMR_SET_USERINFO2 0x25
#define SAMR_QUERY_USERGROUPS 0x27
-#define SAMR_UNKNOWN_12 0x12
-#define SAMR_UNKNOWN_21 0x21
+#define SAMR_QUERY_DISPINFO 0x28
#define SAMR_UNKNOWN_2C 0x2c
+#define SAMR_ENUM_DOM_GROUPS 0x30
#define SAMR_CREATE_USER 0x32
#define SAMR_UNKNOWN_34 0x34
#define SAMR_CHGPASSWD_USER 0x37
#define SAMR_UNKNOWN_38 0x38
#define SAMR_CONNECT 0x39
-#define SAMR_CONNECT_ANON 0x00
-#define SAMR_OPEN_ALIAS 0x1b
-#define SAMR_QUERY_ALIASINFO 0x1c
-#define SAMR_ENUM_DOM_USERS 0x0d
-#define SAMR_ENUM_DOM_ALIASES 0x0f
-#define SAMR_ENUM_DOM_GROUPS 0x30
+#define SAMR_SET_USERINFO 0x3A
typedef struct logon_hours_info
@@ -139,7 +141,7 @@ typedef struct sam_user_info_21
uint32 user_rid; /* Primary User ID */
uint32 group_rid; /* Primary Group ID */
- uint16 acb_info; /* account info (ACB_xxxx bit-mask) */
+ uint32 acb_info; /* account info (ACB_xxxx bit-mask) */
/* uint8 pad[2] */
uint32 unknown_3; /* 0x00ff ffff */
@@ -351,6 +353,14 @@ typedef struct q_samr_query_domain_info
} SAMR_Q_QUERY_DOMAIN_INFO;
+typedef struct sam_unknown_info_1_inf
+{
+ uint8 padding[12]; /* 12 bytes zeros */
+ uint32 unknown_1; /* 0x8000 0000 */
+ uint32 unknown_2; /* 0x0000 0000 */
+
+} SAM_UNK_INFO_1;
+
typedef struct sam_unkown_info_2_info
{
uint32 unknown_0; /* 0x0000 0000 */
@@ -382,13 +392,49 @@ typedef struct sam_unkown_info_2_info
} SAM_UNK_INFO_2;
+typedef struct sam_unknown_info_3_info
+{
+ uint32 unknown_0; /* 0x0000 0000 */
+ uint32 unknown_1; /* 0x8000 0000 */
+
+} SAM_UNK_INFO_3;
+
+typedef struct sam_unknown_info_6_info
+{
+ uint32 unknown_0; /* 0x0000 0000 */
+
+ uint32 ptr_0; /* pointer to unknown structure */
+ uint8 padding[12]; /* 12 bytes zeros */
+
+} SAM_UNK_INFO_6;
+
+typedef struct sam_unknown_info_7_info
+{
+ uint16 unknown_0; /* 0x0003 */
+
+} SAM_UNK_INFO_7;
+
+typedef struct sam_unknown_info_12_inf
+{
+ uint32 unknown_0; /* 0xcf1d cc00 */
+ uint32 unknown_1; /* 0xffff fffb */
+ uint32 unknown_2; /* 0xcf1d cc00 */
+ uint32 unknown_3; /* 0xffff fffb */
+
+ uint32 unknown_4; /* 0x8a88 0000 */
+
+} SAM_UNK_INFO_12;
typedef struct sam_unknown_ctr_info
{
union
{
+ SAM_UNK_INFO_1 inf1;
SAM_UNK_INFO_2 inf2;
-
+ SAM_UNK_INFO_3 inf3;
+ SAM_UNK_INFO_6 inf6;
+ SAM_UNK_INFO_7 inf7;
+ SAM_UNK_INFO_12 inf12;
} info;
} SAM_UNK_CTR;
@@ -896,12 +942,12 @@ typedef struct r_samr_lookup_names_info
} SAMR_R_LOOKUP_NAMES;
/****************************************************************************
-SAMR_Q_UNKNOWN_12 - do a conversion from RID groups to something.
+SAMR_Q_LOOKUP_RIDS - do a conversion from RID groups to something.
called to resolve domain RID groups.
*****************************************************************************/
-/* SAMR_Q_UNKNOWN_12 */
-typedef struct q_samr_unknown_12_info
+/* SAMR_Q_LOOKUP_RIDS */
+typedef struct q_samr_lookup_rids_info
{
POLICY_HND pol; /* policy handle */
@@ -912,17 +958,17 @@ typedef struct q_samr_unknown_12_info
uint32 gid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */
-} SAMR_Q_UNKNOWN_12;
+} SAMR_Q_LOOKUP_RIDS;
/****************************************************************************
-SAMR_R_UNKNOWN_12 - do a conversion from group RID to names
+SAMR_R_LOOKUP_RIDS - do a conversion from group RID to names
*****************************************************************************/
-/* SAMR_R_UNKNOWN_12 */
-typedef struct r_samr_unknown_12_info
+/* SAMR_R_LOOKUP_RIDS */
+typedef struct r_samr_lookup_rids_info
{
- POLICY_HND pol; /* policy handle */
+ POLICY_HND pol; /* policy handle */
uint32 num_aliases1; /* number of aliases being looked up */
uint32 ptr_aliases; /* pointer to aliases */
@@ -939,13 +985,13 @@ typedef struct r_samr_unknown_12_info
uint32 status;
-} SAMR_R_UNKNOWN_12;
+} SAMR_R_LOOKUP_RIDS;
/* SAMR_Q_OPEN_USER - probably an open */
typedef struct q_samr_open_user_info
{
- POLICY_HND domain_pol; /* policy handle */
+ POLICY_HND domain_pol; /* policy handle */
uint32 unknown_0; /* 32 bit unknown - 0x02011b */
uint32 user_rid; /* user RID */
@@ -955,7 +1001,7 @@ typedef struct q_samr_open_user_info
/* SAMR_R_OPEN_USER - probably an open */
typedef struct r_samr_open_user_info
{
- POLICY_HND user_pol; /* policy handle associated with unknown id */
+ POLICY_HND user_pol; /* policy handle associated with unknown id */
uint32 status; /* return status */
} SAMR_R_OPEN_USER;
@@ -964,7 +1010,7 @@ typedef struct r_samr_open_user_info
/* SAMR_Q_UNKNOWN_13 - probably an open alias in domain */
typedef struct q_samr_unknown_13_info
{
- POLICY_HND alias_pol; /* policy handle */
+ POLICY_HND alias_pol; /* policy handle */
uint16 unknown_1; /* 16 bit unknown - 0x0200 */
uint16 unknown_2; /* 16 bit unknown - 0x0000 */
@@ -975,7 +1021,7 @@ typedef struct q_samr_unknown_13_info
/* SAMR_Q_UNKNOWN_21 - probably an open group in domain */
typedef struct q_samr_unknown_21_info
{
- POLICY_HND group_pol; /* policy handle */
+ POLICY_HND group_pol; /* policy handle */
uint16 unknown_1; /* 16 bit unknown - 0x0477 */
uint16 unknown_2; /* 16 bit unknown - 0x0000 */
@@ -1011,6 +1057,7 @@ typedef struct r_samr_create_user_info
/* SAMR_Q_OPEN_ALIAS - probably an open */
typedef struct q_samr_open_alias_info
{
+ POLICY_HND dom_pol; /* policy handle */
uint32 unknown_0; /* 0x0000 0008 */
uint32 rid_alias; /* rid */
@@ -1127,5 +1174,144 @@ typedef struct r_samr_chgpasswd_user_info
} SAMR_R_CHGPASSWD_USER;
+
+/* SAM_USER_INFO_7 */
+typedef struct sam_user_info_7
+{
+ UNIHDR hdr_user_name;
+ UNISTR2 uni_user_name;
+
+} SAM_USER_INFO_7;
+
+/* SAM_USER_INFO_12 */
+typedef struct sam_user_info_12
+{
+ uint8 lm_pwd[16]; /* lm user passwords */
+ uint8 nt_pwd[16]; /* nt user passwords */
+
+ uint8 lm_pwd_active;
+ uint8 nt_pwd_active;
+
+} SAM_USER_INFO_12;
+
+/* SAM_USER_INFO_23 */
+typedef struct sam_user_info_23
+{
+ /* TIMES MAY NOT IN RIGHT ORDER!!!! */
+ NTTIME logon_time; /* logon time */
+ NTTIME logoff_time; /* logoff time */
+ NTTIME kickoff_time; /* kickoff time */
+ NTTIME pass_last_set_time; /* password last set time */
+ NTTIME pass_can_change_time; /* password can change time */
+ NTTIME pass_must_change_time; /* password must change time */
+
+ UNIHDR hdr_user_name; /* NULL - user name unicode string header */
+ UNIHDR hdr_full_name; /* user's full name unicode string header */
+ UNIHDR hdr_home_dir; /* home directory unicode string header */
+ UNIHDR hdr_dir_drive; /* home drive unicode string header */
+ UNIHDR hdr_logon_script; /* logon script unicode string header */
+ UNIHDR hdr_profile_path; /* profile path unicode string header */
+ UNIHDR hdr_acct_desc ; /* user description */
+ UNIHDR hdr_workstations; /* comma-separated workstations user can log in from */
+ UNIHDR hdr_unknown_str ; /* don't know what this is, yet. */
+ UNIHDR hdr_munged_dial ; /* munged path name and dial-back tel number */
+
+ uint8 lm_pwd[16]; /* lm user passwords */
+ uint8 nt_pwd[16]; /* nt user passwords */
+
+ uint32 user_rid; /* Primary User ID */
+ uint32 group_rid; /* Primary Group ID */
+
+ uint32 acb_info; /* account info (ACB_xxxx bit-mask) */
+
+ uint32 unknown_3; /* 0x09f8 27fa */
+
+ uint16 logon_divs; /* 0x0000 00a8 which is 168 which is num hrs in a week */
+ /* uint8 pad[2] */
+ uint32 ptr_logon_hrs; /* pointer to logon hours */
+
+ uint8 padding1[8];
+
+ uint32 unknown_5; /* 0x0001 0000 */
+
+ uint8 pass[516];
+
+ UNISTR2 uni_user_name; /* NULL - username unicode string */
+ UNISTR2 uni_full_name; /* user's full name unicode string */
+ UNISTR2 uni_home_dir; /* home directory unicode string */
+ UNISTR2 uni_dir_drive; /* home directory drive unicode string */
+ UNISTR2 uni_logon_script; /* logon script unicode string */
+ UNISTR2 uni_profile_path; /* profile path unicode string */
+ UNISTR2 uni_acct_desc ; /* user description unicode string */
+ UNISTR2 uni_workstations; /* login from workstations unicode string */
+ UNISTR2 uni_unknown_str ; /* don't know what this is, yet. */
+ UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel no */
+
+ uint32 unknown_6; /* 0x0000 04ec */
+ uint32 padding4;
+
+ LOGON_HRS logon_hrs;
+
+} SAM_USER_INFO_23;
+
+/* SAM_USER_INFO_24 */
+typedef struct sam_user_info_24
+{
+ uint8 pass[516];
+ uint16 unk_0;
+
+} SAM_USER_INFO_24;
+
+/* SAM_USERINFO_CTR - sam user info */
+typedef struct sam_userinfo_ctr_info
+{
+ uint16 switch_value;
+ union
+ {
+ SAM_USER_INFO_7 *id7;
+ SAM_USER_INFO_10 *id10; /* auth-level 0x10 */
+ SAM_USER_INFO_11 *id11; /* auth-level 0x11 */
+ SAM_USER_INFO_12 *id12; /* auth-level 0x12 */
+ SAM_USER_INFO_21 *id21; /* auth-level 21 */
+ SAM_USER_INFO_23 *id23; /* auth-level 0x17 */
+ SAM_USER_INFO_24 *id24; /* auth-level 0x18 */
+ void* id; /* to make typecasting easy */
+ } info;
+
+} SAM_USERINFO_CTR;
+
+/* SAMR_Q_SET_USERINFO - set sam info */
+typedef struct q_samr_set_user_info
+{
+ POLICY_HND pol; /* policy handle associated with user */
+ uint16 switch_value;
+ SAM_USERINFO_CTR *ctr;
+
+} SAMR_Q_SET_USERINFO;
+
+/* SAMR_R_SET_USERINFO - set sam info */
+typedef struct r_samr_set_user_info
+{
+ uint32 status; /* return status */
+
+} SAMR_R_SET_USERINFO;
+
+/* SAMR_Q_SET_USERINFO2 - set sam info */
+typedef struct q_samr_set_user_info2
+{
+ POLICY_HND pol; /* policy handle associated with user */
+ uint16 switch_value; /* 0x0010 */
+
+ SAM_USERINFO_CTR *ctr;
+
+} SAMR_Q_SET_USERINFO2;
+
+/* SAMR_R_SET_USERINFO2 - set sam info */
+typedef struct r_samr_set_user_info2
+{
+ uint32 status; /* return status */
+
+} SAMR_R_SET_USERINFO2;
+
#endif /* _RPC_SAMR_H */
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index b927e193dd..16f2493947 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -228,3 +228,47 @@ BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[
return True;
}
+/***********************************************************
+ decode a password buffer
+************************************************************/
+BOOL decode_pw_buffer(const char buffer[516], char *new_pwrd,
+ int new_pwrd_size, uint32 *new_pw_len)
+{
+ int uni_pw_len=0;
+ char *pw;
+ /*
+ Warning !!! : This function is called from some rpc call.
+ The password IN the buffer is a UNICODE string.
+ The password IN new_pwrd is an ASCII string
+ If you reuse that code somewhere else check first.
+ */
+
+
+ /*
+ * The length of the new password is in the last 4 bytes of
+ * the data buffer.
+ */
+
+ *new_pw_len = IVAL(buffer, 512);
+
+#ifdef DEBUG_PASSWORD
+ dump_data(100, buffer, 516);
+#endif
+
+ if ((*new_pw_len) < 0 || (*new_pw_len) > new_pwrd_size - 1) {
+ DEBUG(0, ("decode_pw_buffer: incorrect password length (%d).\n", (*new_pw_len)));
+ return False;
+ }
+
+ uni_pw_len = *new_pw_len;
+ *new_pw_len /= 2;
+ pw = dos_unistrn2((uint16 *)(&buffer[512 - uni_pw_len]), uni_pw_len);
+ memcpy(new_pwrd, pw, *new_pw_len + 1);
+
+#ifdef DEBUG_PASSWORD
+ dump_data(100, new_pwrd, (*new_pw_len));
+#endif
+
+ return True;
+}
+
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index a05783ac36..8b2deb4af8 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -411,6 +411,23 @@ struct sam_passwd *getsam21pwrid(uint32 rid)
return pdb_ops->getsam21pwrid(rid);
}
+/************************************************************************
+ Routine to add a SAM entry to the smb passwd file.
+*************************************************************************/
+
+BOOL add_sam21pwd_entry(struct sam_passwd *pwd)
+{
+ return pdb_ops->add_sam21pwd_entry(pwd);
+}
+
+/************************************************************************
+ Routine to modify a SAM entry to the smb passwd file.
+*************************************************************************/
+
+BOOL mod_sam21pwd_entry(struct sam_passwd *pwd, BOOL override)
+{
+ return pdb_ops->mod_sam21pwd_entry(pwd, override);
+}
/**********************************************************
**********************************************************
@@ -521,6 +538,198 @@ struct sam_passwd *pdb_smb_to_sam(struct smb_passwd *user)
return &pw_buf;
}
+static void select_name(fstring *string, char **name, const UNISTR2 *from)
+{
+ if (from->buffer != 0)
+ {
+ unistr2_to_ascii(*string, from, sizeof(*string));
+ *name = *string;
+ }
+}
+
+/*************************************************************
+ copies a sam passwd.
+ **************************************************************/
+void copy_id23_to_sam_passwd(struct sam_passwd *to, SAM_USER_INFO_23 *from)
+{
+ static fstring smb_name;
+ static fstring full_name;
+ static fstring home_dir;
+ static fstring dir_drive;
+ static fstring logon_script;
+ static fstring profile_path;
+ static fstring acct_desc;
+ static fstring workstations;
+ static fstring unknown_str;
+ static fstring munged_dial;
+
+ if (from == NULL || to == NULL) return;
+
+ to->logon_time = nt_time_to_unix(&from->logon_time);
+ to->logoff_time = nt_time_to_unix(&from->logoff_time);
+ to->kickoff_time = nt_time_to_unix(&from->kickoff_time);
+ to->pass_last_set_time = nt_time_to_unix(&from->pass_last_set_time);
+ to->pass_can_change_time = nt_time_to_unix(&from->pass_can_change_time);
+ to->pass_must_change_time = nt_time_to_unix(&from->pass_must_change_time);
+
+ select_name(&smb_name , &to->smb_name , &from->uni_user_name );
+ select_name(&full_name , &to->full_name , &from->uni_full_name );
+ select_name(&home_dir , &to->home_dir , &from->uni_home_dir );
+ select_name(&dir_drive , &to->dir_drive , &from->uni_dir_drive );
+ select_name(&logon_script, &to->logon_script, &from->uni_logon_script);
+ select_name(&profile_path, &to->profile_path, &from->uni_profile_path);
+ select_name(&acct_desc , &to->acct_desc , &from->uni_acct_desc );
+ select_name(&workstations, &to->workstations, &from->uni_workstations);
+ select_name(&unknown_str , &to->unknown_str , &from->uni_unknown_str );
+ select_name(&munged_dial , &to->munged_dial , &from->uni_munged_dial );
+
+ to->smb_userid = (uid_t)-1;
+ to->smb_grpid = (gid_t)-1;
+ to->user_rid = from->user_rid;
+ to->group_rid = from->group_rid;
+
+ to->smb_passwd = NULL;
+ to->smb_nt_passwd = NULL;
+
+ to->acct_ctrl = from->acb_info;
+ to->unknown_3 = from->unknown_3;
+
+ to->logon_divs = from->logon_divs;
+ to->hours_len = from->logon_hrs.len;
+ memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
+
+ to->unknown_5 = from->unknown_5;
+ to->unknown_6 = from->unknown_6;
+}
+
+/*************************************************************
+ copies a sam passwd.
+ **************************************************************/
+void copy_id21_to_sam_passwd(struct sam_passwd *to, SAM_USER_INFO_21 *from)
+{
+ static fstring smb_name;
+ static fstring full_name;
+ static fstring home_dir;
+ static fstring dir_drive;
+ static fstring logon_script;
+ static fstring profile_path;
+ static fstring acct_desc;
+ static fstring workstations;
+ static fstring unknown_str;
+ static fstring munged_dial;
+
+ if (from == NULL || to == NULL) return;
+
+ to->logon_time = nt_time_to_unix(&from->logon_time);
+ to->logoff_time = nt_time_to_unix(&from->logoff_time);
+ to->kickoff_time = nt_time_to_unix(&from->kickoff_time);
+ to->pass_last_set_time = nt_time_to_unix(&from->pass_last_set_time);
+ to->pass_can_change_time = nt_time_to_unix(&from->pass_can_change_time);
+ to->pass_must_change_time = nt_time_to_unix(&from->pass_must_change_time);
+
+ select_name(&smb_name , &to->smb_name , &from->uni_user_name );
+ select_name(&full_name , &to->full_name , &from->uni_full_name );
+ select_name(&home_dir , &to->home_dir , &from->uni_home_dir );
+ select_name(&dir_drive , &to->dir_drive , &from->uni_dir_drive );
+ select_name(&logon_script, &to->logon_script, &from->uni_logon_script);
+ select_name(&profile_path, &to->profile_path, &from->uni_profile_path);
+ select_name(&acct_desc , &to->acct_desc , &from->uni_acct_desc );
+ select_name(&workstations, &to->workstations, &from->uni_workstations);
+ select_name(&unknown_str , &to->unknown_str , &from->uni_unknown_str );
+ select_name(&munged_dial , &to->munged_dial , &from->uni_munged_dial );
+
+ to->smb_userid = (uid_t)-1;
+ to->smb_grpid = (gid_t)-1;
+ to->user_rid = from->user_rid;
+ to->group_rid = from->group_rid;
+
+ to->smb_passwd = NULL;
+ to->smb_nt_passwd = NULL;
+
+ to->acct_ctrl = from->acb_info;
+ to->unknown_3 = from->unknown_3;
+
+ to->logon_divs = from->logon_divs;
+ to->hours_len = from->logon_hrs.len;
+ memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
+
+ to->unknown_5 = from->unknown_5;
+ to->unknown_6 = from->unknown_6;
+}
+
+
+/*************************************************************
+ copies a sam passwd.
+ **************************************************************/
+void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from)
+{
+ static fstring smb_name="";
+ static fstring unix_name="";
+ static fstring full_name="";
+ static fstring home_dir="";
+ static fstring dir_drive="";
+ static fstring logon_script="";
+ static fstring profile_path="";
+ static fstring acct_desc="";
+ static fstring workstations="";
+ static fstring unknown_str="";
+ static fstring munged_dial="";
+
+ if (from == NULL || to == NULL) return;
+
+ memcpy(to, from, sizeof(*from));
+
+ if (from->smb_name != NULL) {
+ fstrcpy(smb_name , from->smb_name);
+ to->smb_name = smb_name;
+ }
+
+ if (from->full_name != NULL) {
+ fstrcpy(full_name, from->full_name);
+ to->full_name = full_name;
+ }
+
+ if (from->home_dir != NULL) {
+ fstrcpy(home_dir , from->home_dir);
+ to->home_dir = home_dir;
+ }
+
+ if (from->dir_drive != NULL) {
+ fstrcpy(dir_drive , from->dir_drive);
+ to->dir_drive = dir_drive;
+ }
+
+ if (from->logon_script != NULL) {
+ fstrcpy(logon_script , from->logon_script);
+ to->logon_script = logon_script;
+ }
+
+ if (from->profile_path != NULL) {
+ fstrcpy(profile_path , from->profile_path);
+ to->profile_path = profile_path;
+ }
+
+ if (from->acct_desc != NULL) {
+ fstrcpy(acct_desc , from->acct_desc);
+ to->acct_desc = acct_desc;
+ }
+
+ if (from->workstations != NULL) {
+ fstrcpy(workstations , from->workstations);
+ to->workstations = workstations;
+ }
+
+ if (from->unknown_str != NULL) {
+ fstrcpy(unknown_str , from->unknown_str);
+ to->unknown_str = unknown_str;
+ }
+
+ if (from->munged_dial != NULL) {
+ fstrcpy(munged_dial , from->munged_dial);
+ to->munged_dial = munged_dial;
+ }
+}
+
/**********************************************************
Encode the account control bits into a string.
length = length of string to encode into (including terminating
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index 521c42ce2c..dbc10f7682 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -552,8 +552,8 @@ BOOL do_samr_query_unknown_12(struct cli_state *cli,
{
prs_struct data;
prs_struct rdata;
- SAMR_Q_UNKNOWN_12 q_o;
- SAMR_R_UNKNOWN_12 r_o;
+ SAMR_Q_LOOKUP_RIDS q_o;
+ SAMR_R_LOOKUP_RIDS r_o;
if (pol == NULL || rid == 0 || num_gids == 0 || gids == NULL ||
num_aliases == NULL || als_names == NULL || num_als_users == NULL )
@@ -567,17 +567,17 @@ BOOL do_samr_query_unknown_12(struct cli_state *cli,
DEBUG(4,("SAMR Query Unknown 12.\n"));
/* store the parameters */
- init_samr_q_unknown_12(&q_o, pol, rid, num_gids, gids);
+ init_samr_q_lookup_rids(&q_o, pol, rid, num_gids, gids);
/* turn parameters into data stream */
- if(!samr_io_q_unknown_12("", &q_o, &data, 0)) {
+ if(!samr_io_q_lookup_rids("", &q_o, &data, 0)) {
prs_mem_free(&data);
prs_mem_free(&rdata);
return False;
}
/* send the data on \PIPE\ */
- if (!rpc_api_pipe_req(cli, SAMR_UNKNOWN_12, &data, &rdata)) {
+ if (!rpc_api_pipe_req(cli, SAMR_LOOKUP_RIDS, &data, &rdata)) {
prs_mem_free(&data);
prs_mem_free(&rdata);
return False;
@@ -585,7 +585,7 @@ BOOL do_samr_query_unknown_12(struct cli_state *cli,
prs_mem_free(&data);
- if(!samr_io_r_unknown_12("", &r_o, &rdata, 0)) {
+ if(!samr_io_r_lookup_rids("", &r_o, &rdata, 0)) {
prs_mem_free(&rdata);
return False;
}
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index c6b219d382..0bd1c29710 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -319,6 +319,46 @@ BOOL samr_io_q_query_dom_info(char *desc, SAMR_Q_QUERY_DOMAIN_INFO *q_u, prs_st
}
/*******************************************************************
+Inits a structure.
+********************************************************************/
+BOOL init_unk_info1(SAM_UNK_INFO_1 *u_1)
+{
+ if (u_1 == NULL)
+ return False;
+
+ memset(u_1->padding, 0, sizeof(u_1->padding)); /* 12 bytes zeros */
+ u_1->unknown_1 = 0x80000000;
+ u_1->unknown_2 = 0x00000000;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+static BOOL sam_io_unk_info1(char *desc, SAM_UNK_INFO_1 *u_1, prs_struct *ps, int depth)
+{
+ if (u_1 == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "sam_io_unk_info1");
+ depth++;
+
+ if(!prs_uint8s(False, "padding", ps, depth, u_1->padding, sizeof(u_1->padding)))
+ return False;
+
+ if(!prs_uint32("unknown_1", ps, depth, &u_1->unknown_1)) /* 0x8000 0000 */
+ return False;
+ if(!prs_uint32("unknown_2", ps, depth, &u_1->unknown_2)) /* 0x0000 0000 */
+ return False;
+
+ if(!prs_align(ps))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
Inits a structure.
********************************************************************/
@@ -404,6 +444,9 @@ BOOL sam_io_unk_info2(char *desc, SAM_UNK_INFO_2 *u_2, prs_struct *ps, int depth
if(!smb_io_unistr2( "uni_domain", &u_2->uni_domain, u_2->hdr_domain.buffer, ps, depth)) /* domain name unicode string */
return False;
+ if(!prs_align(ps))
+ return False;
+
if(!smb_io_unistr2( "uni_server", &u_2->uni_server, u_2->hdr_server.buffer, ps, depth)) /* server name unicode string */
return False;
@@ -414,6 +457,160 @@ BOOL sam_io_unk_info2(char *desc, SAM_UNK_INFO_2 *u_2, prs_struct *ps, int depth
}
/*******************************************************************
+Inits a structure.
+********************************************************************/
+BOOL init_unk_info3(SAM_UNK_INFO_3 * u_3)
+{
+ if (u_3 == NULL)
+ return False;
+
+ u_3->unknown_0 = 0x00000000;
+ u_3->unknown_1 = 0x80000000;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+static BOOL sam_io_unk_info3(char *desc, SAM_UNK_INFO_3 *u_3, prs_struct *ps, int depth)
+{
+ if (u_3 == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "sam_io_unk_info3");
+ depth++;
+
+ if(!prs_uint32("unknown_0", ps, depth, &u_3->unknown_0)) /* 0x0000 0000 */
+ return False;
+ if(!prs_uint32("unknown_1", ps, depth, &u_3->unknown_1)) /* 0x8000 0000 */
+ return False;
+
+ if(!prs_align(ps))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+Inits a structure.
+********************************************************************/
+BOOL init_unk_info6(SAM_UNK_INFO_6 * u_6)
+{
+ if (u_6 == NULL)
+ return False;
+
+ u_6->unknown_0 = 0x00000000;
+ u_6->ptr_0 = 1;
+ memset(u_6->padding, 0, sizeof(u_6->padding)); /* 12 bytes zeros */
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+static BOOL sam_io_unk_info6(char *desc, SAM_UNK_INFO_6 *u_6, prs_struct *ps, int depth)
+{
+ if (u_6 == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "sam_io_unk_info6");
+ depth++;
+
+ if(!prs_uint32("unknown_0", ps, depth, &u_6->unknown_0)) /* 0x0000 0000 */
+ return False;
+ if(!prs_uint32("ptr_0", ps, depth, &u_6->ptr_0)) /* pointer to unknown structure */
+ return False;
+ if(!prs_uint8s(False, "padding", ps, depth, u_6->padding, sizeof(u_6->padding))) /* 12 bytes zeros */
+ return False;
+
+ if(!prs_align(ps))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+Inits a structure.
+********************************************************************/
+BOOL init_unk_info7(SAM_UNK_INFO_7 *u_7)
+{
+ if (u_7 == NULL)
+ return False;
+
+ u_7->unknown_0 = 0x0003;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+static BOOL sam_io_unk_info7(char *desc, SAM_UNK_INFO_7 *u_7, prs_struct *ps, int depth)
+{
+ if (u_7 == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "sam_io_unk_info7");
+ depth++;
+
+ if(!prs_uint16("unknown_0", ps, depth, &u_7->unknown_0)) /* 0x0003 */
+ return False;
+ if(!prs_align(ps))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+Inits a structure.
+********************************************************************/
+BOOL init_unk_info12(SAM_UNK_INFO_12 * u_12)
+{
+ if (u_12 == NULL)
+ return False;
+
+ u_12->unknown_0 = 0xcf1dcc00;
+ u_12->unknown_1 = 0xfffffffb;
+ u_12->unknown_2 = 0xcf1dcc00;
+ u_12->unknown_3 = 0xfffffffb;
+
+ u_12->unknown_4 = 0x8a880000;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+static BOOL sam_io_unk_info12(char *desc, SAM_UNK_INFO_12 * u_12,
+ prs_struct *ps, int depth)
+{
+ if (u_12 == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "sam_io_unk_info12");
+ depth++;
+
+ if(!prs_uint32("unknown_0", ps, depth, &u_12->unknown_0))
+ return False;
+ if(!prs_uint32("unknown_1", ps, depth, &u_12->unknown_1))
+ return False;
+ if(!prs_uint32("unknown_2", ps, depth, &u_12->unknown_2))
+ return False;
+ if(!prs_uint32("unknown_3", ps, depth, &u_12->unknown_3))
+ return False;
+ if(!prs_uint32("unknown_4", ps, depth, &u_12->unknown_4))
+ return False;
+
+ if(!prs_align(ps))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
Inits a SAMR_R_QUERY_DOMAIN_INFO structure.
********************************************************************/
@@ -451,17 +648,38 @@ BOOL samr_io_r_query_dom_info(char *desc, SAMR_R_QUERY_DOMAIN_INFO *r_u, prs_str
if(!prs_uint32("ptr_0 ", ps, depth, &r_u->ptr_0))
return False;
- if(!prs_uint16("switch_value", ps, depth, &r_u->switch_value))
- return False;
- if(!prs_align(ps))
- return False;
if (r_u->ptr_0 != 0 && r_u->ctr != NULL) {
+ if(!prs_uint16("switch_value", ps, depth, &r_u->switch_value))
+ return False;
+ if(!prs_align(ps))
+ return False;
+
switch (r_u->switch_value) {
+ case 0x01:
+ if(!sam_io_unk_info1("unk_inf1", &r_u->ctr->info.inf1, ps, depth))
+ return False;
+ break;
case 0x02:
if(!sam_io_unk_info2("unk_inf2", &r_u->ctr->info.inf2, ps, depth))
return False;
break;
+ case 0x03:
+ if(!sam_io_unk_info3("unk_inf3", &r_u->ctr->info.inf3, ps, depth))
+ return False;
+ break;
+ case 0x06:
+ if(!sam_io_unk_info6("unk_inf6", &r_u->ctr->info.inf6, ps, depth))
+ return False;
+ break;
+ case 0x07:
+ if(!sam_io_unk_info7("unk_inf7", &r_u->ctr->info.inf7, ps, depth))
+ return False;
+ break;
+ case 0x0c:
+ if(!sam_io_unk_info12("unk_inf12", &r_u->ctr->info.inf12, ps, depth))
+ return False;
+ break;
default:
DEBUG(3,("samr_io_r_query_dom_info: unknown switch level 0x%x\n",
r_u->switch_value));
@@ -469,6 +687,9 @@ BOOL samr_io_r_query_dom_info(char *desc, SAMR_R_QUERY_DOMAIN_INFO *r_u, prs_str
}
}
+ if(!prs_uint32("status", ps, depth, &r_u->status))
+ return False;
+
return True;
}
@@ -2178,7 +2399,7 @@ BOOL samr_io_r_lookup_names(char *desc, SAMR_R_LOOKUP_NAMES *r_u, prs_struct *p
Reads or writes a structure.
********************************************************************/
-BOOL samr_io_q_unknown_12(char *desc, SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, int depth)
+BOOL samr_io_q_lookup_rids(char *desc, SAMR_Q_LOOKUP_RIDS *q_u, prs_struct *ps, int depth)
{
int i;
fstring tmp;
@@ -2186,7 +2407,7 @@ BOOL samr_io_q_unknown_12(char *desc, SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, i
if (q_u == NULL)
return False;
- prs_debug(ps, depth, desc, "samr_io_q_unknown_12");
+ prs_debug(ps, depth, desc, "samr_io_q_lookup_rids");
depth++;
if(!prs_align(ps))
@@ -2214,9 +2435,6 @@ BOOL samr_io_q_unknown_12(char *desc, SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, i
return False;
}
- if(!prs_align(ps))
- return False;
-
return True;
}
@@ -2224,13 +2442,13 @@ BOOL samr_io_q_unknown_12(char *desc, SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, i
Inits a SAMR_R_UNKNOWN_12 structure.
********************************************************************/
-void init_samr_r_unknown_12(SAMR_R_UNKNOWN_12 *r_u,
+void init_samr_r_lookup_rids(SAMR_R_LOOKUP_RIDS *r_u,
uint32 num_aliases, fstring *als_name, uint32 *num_als_usrs,
uint32 status)
{
int i;
- DEBUG(5,("init_samr_r_unknown_12\n"));
+ DEBUG(5,("init_samr_r_lookup_rids\n"));
if (status == 0x0) {
r_u->num_aliases1 = num_aliases;
@@ -2266,7 +2484,7 @@ void init_samr_r_unknown_12(SAMR_R_UNKNOWN_12 *r_u,
Reads or writes a structure.
********************************************************************/
-BOOL samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, int depth)
+BOOL samr_io_r_lookup_rids(char *desc, SAMR_R_LOOKUP_RIDS *r_u, prs_struct *ps, int depth)
{
int i;
fstring tmp;
@@ -2274,7 +2492,7 @@ BOOL samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, i
if (r_u == NULL)
return False;
- prs_debug(ps, depth, desc, "samr_io_r_unknown_12");
+ prs_debug(ps, depth, desc, "samr_io_r_lookup_rids");
depth++;
if(!prs_align(ps))
@@ -2299,6 +2517,8 @@ BOOL samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, i
slprintf(tmp, sizeof(tmp) - 1, "als_str[%02d] ", i);
if(!smb_io_unistr2("", &r_u->uni_als_name[i], r_u->hdr_als_name[i].buffer, ps, depth))
return False;
+ if(!prs_align(ps))
+ return False;
}
}
@@ -2559,7 +2779,7 @@ static BOOL sam_io_logon_hrs(char *desc, LOGON_HRS *hrs, prs_struct *ps, int de
if(!prs_align(ps))
return False;
- if(!prs_uint32 ( "len ", ps, depth, &hrs->len))
+ if(!prs_uint32 ("len ", ps, depth, &hrs->len))
return False;
if (hrs->len > 64) {
@@ -2838,12 +3058,12 @@ void init_sam_user_info21(SAM_USER_INFO_21 *usr,
Reads or writes a structure.
********************************************************************/
-static BOOL sam_io_user_info21(char *desc, SAM_USER_INFO_21 *usr, prs_struct *ps, int depth)
+static BOOL sam_io_user_info21(char *desc, SAM_USER_INFO_21 *usr, prs_struct *ps, int depth)
{
if (usr == NULL)
return False;
- prs_debug(ps, depth, desc, "lsa_io_user_info");
+ prs_debug(ps, depth, desc, "sam_io_user_info21");
depth++;
if(!prs_align(ps))
@@ -2892,9 +3112,7 @@ static BOOL sam_io_user_info21(char *desc, SAM_USER_INFO_21 *usr, prs_struct *p
return False;
if(!prs_uint32("group_rid ", ps, depth, &usr->group_rid)) /* Group ID */
return False;
- if(!prs_uint16("acb_info ", ps, depth, &usr->acb_info)) /* Group ID */
- return False;
- if(!prs_align(ps))
+ if(!prs_uint32("acb_info ", ps, depth, &usr->acb_info)) /* Group ID */
return False;
if(!prs_uint32("unknown_3 ", ps, depth, &usr->unknown_3))
@@ -2915,36 +3133,53 @@ static BOOL sam_io_user_info21(char *desc, SAM_USER_INFO_21 *usr, prs_struct *p
if(!smb_io_unistr2("uni_user_name ", &usr->uni_user_name, usr->hdr_user_name.buffer, ps, depth)) /* username unicode string */
return False;
+ if(!prs_align(ps))
+ return False;
if(!smb_io_unistr2("uni_full_name ", &usr->uni_full_name, usr->hdr_full_name.buffer, ps, depth)) /* user's full name unicode string */
return False;
+ if(!prs_align(ps))
+ return False;
if(!smb_io_unistr2("uni_home_dir ", &usr->uni_home_dir, usr->hdr_home_dir.buffer, ps, depth)) /* home directory unicode string */
return False;
+ if(!prs_align(ps))
+ return False;
if(!smb_io_unistr2("uni_dir_drive ", &usr->uni_dir_drive, usr->hdr_dir_drive.buffer, ps, depth)) /* home directory drive unicode string */
return False;
+ if(!prs_align(ps))
+ return False;
if(!smb_io_unistr2("uni_logon_script", &usr->uni_logon_script, usr->hdr_logon_script.buffer, ps, depth)) /* logon script unicode string */
return False;
+ if(!prs_align(ps))
+ return False;
if(!smb_io_unistr2("uni_profile_path", &usr->uni_profile_path, usr->hdr_profile_path.buffer, ps, depth)) /* profile path unicode string */
return False;
+ if(!prs_align(ps))
+ return False;
if(!smb_io_unistr2("uni_acct_desc ", &usr->uni_acct_desc, usr->hdr_acct_desc.buffer, ps, depth)) /* user description unicode string */
return False;
+ if(!prs_align(ps))
+ return False;
if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth)) /* worksations user can log on from */
return False;
+ if(!prs_align(ps))
+ return False;
if(!smb_io_unistr2("uni_unknown_str ", &usr->uni_unknown_str, usr->hdr_unknown_str .buffer, ps, depth)) /* unknown string */
return False;
+ if(!prs_align(ps))
+ return False;
if(!smb_io_unistr2("uni_munged_dial ", &usr->uni_munged_dial, usr->hdr_munged_dial .buffer, ps, depth)) /* worksations user can log on from */
return False;
+ if(!prs_align(ps))
+ return False;
if(!prs_uint32("unknown_6 ", ps, depth, &usr->unknown_6))
return False;
if(!prs_uint32("padding4 ", ps, depth, &usr->padding4))
return False;
- if (usr->ptr_logon_hrs) {
+ if (usr->ptr_logon_hrs)
if(!sam_io_logon_hrs("logon_hrs", &usr->logon_hrs, ps, depth))
return False;
- if(!prs_align(ps))
- return False;
- }
return True;
}
@@ -3048,6 +3283,9 @@ BOOL samr_io_r_query_userinfo(char *desc, SAMR_R_QUERY_USERINFO *r_u, prs_struc
}
}
+ if(!prs_align(ps))
+ return False;
+
if(!prs_uint32("status", ps, depth, &r_u->status))
return False;
@@ -3279,7 +3517,7 @@ void init_samr_q_open_alias(SAMR_Q_OPEN_ALIAS *q_u,
Reads or writes a structure.
********************************************************************/
-BOOL samr_io_q_open_alias(char *desc, SAMR_Q_OPEN_ALIAS *q_u, prs_struct *ps, int depth)
+BOOL samr_io_q_open_alias(char *desc, SAMR_Q_OPEN_ALIAS *q_u, prs_struct *ps, int depth)
{
if (q_u == NULL)
return False;
@@ -3290,6 +3528,9 @@ BOOL samr_io_q_open_alias(char *desc, SAMR_Q_OPEN_ALIAS *q_u, prs_struct *ps, i
if(!prs_align(ps))
return False;
+ if(!smb_io_pol_hnd("domain_pol", &(q_u->dom_pol), ps, depth))
+ return False;
+
if(!prs_uint32("unknown_0", ps, depth, &q_u->unknown_0))
return False;
if(!prs_uint32("rid_alias", ps, depth, &q_u->rid_alias))
@@ -3328,13 +3569,13 @@ BOOL samr_io_r_open_alias(char *desc, SAMR_R_OPEN_ALIAS *r_u, prs_struct *ps, i
Inits a SAMR_Q_UNKNOWN_12 structure.
********************************************************************/
-void init_samr_q_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
+void init_samr_q_lookup_rids(SAMR_Q_LOOKUP_RIDS *q_u,
POLICY_HND *pol, uint32 rid,
uint32 num_gids, uint32 *gid)
{
int i;
- DEBUG(5,("init_samr_r_unknwon_12\n"));
+ DEBUG(5,("init_samr_q_lookup_rids\n"));
memcpy(&q_u->pol, pol, sizeof(*pol));
@@ -3858,4 +4099,417 @@ BOOL samr_io_r_enum_domains(char *desc, SAMR_R_ENUM_DOMAINS * r_u,
return True;
}
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+static BOOL sam_io_user_info12(char *desc, SAM_USER_INFO_12 *u, prs_struct *ps, int depth)
+{
+ if (u == NULL)
+ return False;
+
+ DEBUG(0, ("possible security breach!\n"));
+
+ prs_debug(ps, depth, desc, "samr_io_r_user_info12");
+ depth++;
+
+ if(!prs_align(ps))
+ return False;
+
+ if(!prs_uint8s(False, "lm_pwd", ps, depth, u->lm_pwd, sizeof(u->lm_pwd)))
+ return False;
+ if(!prs_uint8s(False, "nt_pwd", ps, depth, u->nt_pwd, sizeof(u->nt_pwd)))
+ return False;
+
+ if(!prs_uint8("lm_pwd_active", ps, depth, &u->lm_pwd_active))
+ return False;
+ if(!prs_uint8("nt_pwd_active", ps, depth, &u->nt_pwd_active))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+static BOOL sam_io_user_info23(char *desc, SAM_USER_INFO_23 *usr, prs_struct *ps, int depth)
+{
+ if (usr == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "sam_io_user_info23");
+ depth++;
+
+ if(!prs_align(ps))
+ return False;
+
+ if(!smb_io_time("logon_time", &usr->logon_time, ps, depth))
+ return False;
+ if(!smb_io_time("logoff_time", &usr->logoff_time, ps, depth))
+ return False;
+ if(!smb_io_time("kickoff_time", &usr->kickoff_time, ps, depth))
+ return False;
+ if(!smb_io_time("pass_last_set_time", &usr->pass_last_set_time, ps, depth))
+ return False;
+ if(!smb_io_time("pass_can_change_time", &usr->pass_can_change_time, ps, depth))
+ return False;
+ if(!smb_io_time("pass_must_change_time", &usr->pass_must_change_time, ps, depth))
+ return False;
+
+ if(!smb_io_unihdr("hdr_user_name", &usr->hdr_user_name, ps, depth)) /* username unicode string header */
+ return False;
+ if(!smb_io_unihdr("hdr_full_name", &usr->hdr_full_name, ps, depth)) /* user's full name unicode string header */
+ return False;
+ if(!smb_io_unihdr("hdr_home_dir", &usr->hdr_home_dir, ps, depth)) /* home directory unicode string header */
+ return False;
+ if(!smb_io_unihdr("hdr_dir_drive", &usr->hdr_dir_drive, ps, depth)) /* home directory drive */
+ return False;
+ if(!smb_io_unihdr("hdr_logon_script", &usr->hdr_logon_script, ps, depth)) /* logon script unicode string header */
+ return False;
+ if(!smb_io_unihdr("hdr_profile_path", &usr->hdr_profile_path, ps, depth)) /* profile path unicode string header */
+ return False;
+ if(!smb_io_unihdr("hdr_acct_desc", &usr->hdr_acct_desc, ps, depth)) /* account desc */
+ return False;
+ if(!smb_io_unihdr("hdr_workstations", &usr->hdr_workstations, ps, depth)) /* wkstas user can log on from */
+ return False;
+ if(!smb_io_unihdr("hdr_unknown_str", &usr->hdr_unknown_str, ps, depth)) /* unknown string */
+ return False;
+ if(!smb_io_unihdr("hdr_munged_dial", &usr->hdr_munged_dial, ps, depth)) /* wkstas user can log on from */
+ return False;
+
+ if(!prs_uint8s(False, "lm_pwd", ps, depth, usr->lm_pwd, sizeof(usr->lm_pwd)))
+ return False;
+ if(!prs_uint8s(False, "nt_pwd", ps, depth, usr->nt_pwd, sizeof(usr->nt_pwd)))
+ return False;
+
+ if(!prs_uint32("user_rid", ps, depth, &usr->user_rid)) /* User ID */
+ return False;
+ if(!prs_uint32("group_rid", ps, depth, &usr->group_rid)) /* Group ID */
+ return False;
+ if(!prs_uint32("acb_info", ps, depth, &usr->acb_info))
+ return False;
+
+ if(!prs_uint32("unknown_3", ps, depth, &usr->unknown_3))
+ return False;
+ if(!prs_uint16("logon_divs", ps, depth, &usr->logon_divs)) /* logon divisions per week */
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!prs_uint32("ptr_logon_hrs", ps, depth, &usr->ptr_logon_hrs))
+ return False;
+ if(!prs_uint8s(False, "padding1", ps, depth, usr->padding1, sizeof(usr->padding1)))
+ return False;
+ if(!prs_uint32("unknown_5", ps, depth, &usr->unknown_5))
+ return False;
+
+ if(!prs_uint8s(False, "password", ps, depth, usr->pass, sizeof(usr->pass)))
+ return False;
+
+ /* here begins pointed-to data */
+
+ if(!smb_io_unistr2("uni_user_name", &usr->uni_user_name, usr->hdr_user_name.buffer, ps, depth)) /* username unicode string */
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!smb_io_unistr2("uni_full_name", &usr->uni_full_name, usr->hdr_full_name.buffer, ps, depth)) /* user's full name unicode string */
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!smb_io_unistr2("uni_home_dir", &usr->uni_home_dir, usr->hdr_home_dir.buffer, ps, depth)) /* home directory unicode string */
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!smb_io_unistr2("uni_dir_drive", &usr->uni_dir_drive, usr->hdr_dir_drive.buffer, ps, depth)) /* home directory drive unicode string */
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!smb_io_unistr2("uni_logon_script", &usr->uni_logon_script, usr->hdr_logon_script.buffer, ps, depth)) /* logon script unicode string */
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!smb_io_unistr2("uni_profile_path", &usr->uni_profile_path, usr->hdr_profile_path.buffer, ps, depth)) /* profile path unicode string */
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!smb_io_unistr2("uni_acct_desc", &usr->uni_acct_desc, usr->hdr_acct_desc.buffer, ps, depth)) /* user desc unicode string */
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth)) /* worksations user can log on from */
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!smb_io_unistr2("uni_unknown_str", &usr->uni_unknown_str, usr->hdr_unknown_str.buffer, ps, depth)) /* unknown string */
+ return False;
+ if(!prs_align(ps))
+ return False;
+ if(!smb_io_unistr2("uni_munged_dial", &usr->uni_munged_dial, usr->hdr_munged_dial.buffer, ps, depth)) /* worksations user can log on from */
+ return False;
+ if(!prs_align(ps))
+ return False;
+
+ /* ok, this is only guess-work (as usual) */
+ if (usr->unknown_3 != 0x0) {
+ if(!prs_uint32("unknown_6", ps, depth, &usr->unknown_6))
+ return False;
+ if(!prs_uint32("padding4", ps, depth, &usr->padding4))
+ return False;
+ } else if (UNMARSHALLING(ps)) {
+ usr->unknown_6 = 0;
+ usr->padding4 = 0;
+ }
+
+ if (usr->ptr_logon_hrs) {
+ if(!sam_io_logon_hrs("logon_hrs", &usr->logon_hrs, ps, depth))
+ return False;
+ }
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+static BOOL sam_io_user_info24(char *desc, SAM_USER_INFO_24 *usr, prs_struct *ps, int depth)
+{
+ if (usr == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "sam_io_user_info24");
+ depth++;
+
+ if(!prs_align(ps))
+ return False;
+
+ if(!prs_uint8s(False, "password", ps, depth, usr->pass, sizeof(usr->pass)))
+ return False;
+ if(!prs_uint16("unk_0", ps, depth, &usr->unk_0)) /* unknown */
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+static BOOL samr_io_userinfo_ctr(char *desc, SAM_USERINFO_CTR *ctr, prs_struct *ps, int depth)
+{
+ if (ctr == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "samr_io_userinfo_ctr");
+ depth++;
+
+ /* lkclXXXX DO NOT ALIGN BEFORE READING SWITCH VALUE! */
+
+ if(!prs_uint16("switch_value", ps, depth, &ctr->switch_value))
+ return False;
+ if(!prs_align(ps))
+ return False;
+
+ switch (ctr->switch_value) {
+ case 0x10:
+ if (UNMARSHALLING(ps)) /* reading */
+ ctr->info.id10 = (SAM_USER_INFO_10 *)malloc(sizeof(SAM_USER_INFO_10));
+ if (ctr->info.id10 == NULL) {
+ DEBUG(2, ("samr_io_userinfo_ctr: info pointer not initialised\n"));
+ return False;
+ }
+ if(!sam_io_user_info10("", ctr->info.id10, ps, depth))
+ return False;
+ break;
+ case 0x11:
+ if (UNMARSHALLING(ps)) /* reading */
+ ctr->info.id11 = (SAM_USER_INFO_11 *)malloc(sizeof(SAM_USER_INFO_11));
+ if (ctr->info.id11 == NULL) {
+ DEBUG(2, ("samr_io_userinfo_ctr: info pointer not initialised\n"));
+ return False;
+ }
+ if(!sam_io_user_info11("", ctr->info.id11, ps, depth))
+ return False;
+ break;
+ case 0x12:
+ if (UNMARSHALLING(ps)) /* reading */
+ ctr->info.id12 = (SAM_USER_INFO_12 *)malloc(sizeof(SAM_USER_INFO_12));
+ if (ctr->info.id12 == NULL) {
+ DEBUG(2, ("samr_io_userinfo_ctr: info pointer not initialised\n"));
+ return False;
+ }
+ if(!sam_io_user_info12("", ctr->info.id12, ps, depth))
+ return False;
+ break;
+ case 21:
+ if (UNMARSHALLING(ps)) /* reading */
+ ctr->info.id21 = (SAM_USER_INFO_21 *)malloc(sizeof(SAM_USER_INFO_21));
+ if (ctr->info.id21 == NULL) {
+ DEBUG(2, ("samr_io_userinfo_ctr: info pointer not initialised\n"));
+ return False;
+ }
+ if(!sam_io_user_info21("", ctr->info.id21, ps, depth))
+ return False;
+ break;
+ case 23:
+ if (UNMARSHALLING(ps)) /* reading */
+ ctr->info.id23 = (SAM_USER_INFO_23 *)malloc(sizeof(SAM_USER_INFO_23));
+ if (ctr->info.id23 == NULL) {
+ DEBUG(2, ("samr_io_userinfo_ctr: info pointer not initialised\n"));
+ return False;
+ }
+ if(!sam_io_user_info23("", ctr->info.id23, ps, depth))
+ return False;
+ break;
+ case 24:
+ if (UNMARSHALLING(ps)) /* reading */
+ ctr->info.id24 = (SAM_USER_INFO_24 *)malloc(sizeof(SAM_USER_INFO_24));
+ if (ctr->info.id24 == NULL) {
+ DEBUG(2, ("samr_io_userinfo_ctr: info pointer not initialised\n"));
+ return False;
+ }
+ if(!sam_io_user_info24("", ctr->info.id24, ps, depth))
+ return False;
+ break;
+ default:
+ DEBUG(2, ("samr_io_userinfo_ctr: unknown switch level 0x%x\n", ctr->switch_value));
+ return False;
+ break;
+
+ }
+
+ return True;
+}
+
+/*******************************************************************
+frees a structure.
+********************************************************************/
+void free_samr_userinfo_ctr(SAM_USERINFO_CTR * ctr)
+{
+ if (ctr == NULL)
+ return;
+ safe_free(ctr->info.id);
+ ctr->info.id = NULL;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+BOOL samr_io_q_set_userinfo(char *desc, SAMR_Q_SET_USERINFO *q_u, prs_struct *ps, int depth)
+{
+ if (q_u == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "samr_io_q_set_userinfo");
+ depth++;
+
+ if(!prs_align(ps))
+ return False;
+
+ if(!smb_io_pol_hnd("pol", &q_u->pol, ps, depth))
+ return False;
+
+ if(!prs_uint16("switch_value", ps, depth, &q_u->switch_value))
+ return False;
+ if(!samr_io_userinfo_ctr("ctr", q_u->ctr, ps, depth))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+frees a structure.
+********************************************************************/
+void free_samr_q_set_userinfo(SAMR_Q_SET_USERINFO * q_u)
+{
+ if (q_u == NULL)
+ return;
+ free_samr_userinfo_ctr(q_u->ctr);
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+BOOL samr_io_r_set_userinfo(char *desc, SAMR_R_SET_USERINFO *r_u, prs_struct *ps, int depth)
+{
+ if (r_u == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "samr_io_r_set_userinfo");
+ depth++;
+
+ if(!prs_align(ps))
+ return False;
+
+ if(!prs_uint32("status", ps, depth, &r_u->status))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+BOOL samr_io_q_set_userinfo2(char *desc, SAMR_Q_SET_USERINFO2 *q_u, prs_struct *ps, int depth)
+{
+ if (q_u == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "samr_io_q_set_userinfo2");
+ depth++;
+
+ if(!prs_align(ps))
+ return False;
+
+ if(!smb_io_pol_hnd("pol", &q_u->pol, ps, depth))
+ return False;
+
+ if(!prs_uint16("switch_value", ps, depth, &q_u->switch_value))
+ return False;
+ if(!samr_io_userinfo_ctr("ctr", q_u->ctr, ps, depth))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+frees a structure.
+********************************************************************/
+void free_samr_q_set_userinfo2(SAMR_Q_SET_USERINFO2 *q_u)
+{
+ free_samr_userinfo_ctr(q_u->ctr);
+}
+
+/*******************************************************************
+makes a SAMR_R_SET_USERINFO2 structure.
+********************************************************************/
+BOOL make_samr_r_set_userinfo2(SAMR_R_SET_USERINFO2 *r_u, uint32 status)
+{
+ if (r_u == NULL)
+ return False;
+
+ DEBUG(5, ("make_samr_r_set_userinfo2\n"));
+
+ r_u->status = status; /* return status */
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+BOOL samr_io_r_set_userinfo2(char *desc, SAMR_R_SET_USERINFO2 *r_u, prs_struct *ps, int depth)
+{
+ if (r_u == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "samr_io_r_set_userinfo2");
+ depth++;
+
+ if(!prs_align(ps))
+ return False;
+
+ if(!prs_uint32("status", ps, depth, &r_u->status))
+ return False;
+
+ return True;
+}
+
+
#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c
index 5670178732..0782c8c4b2 100644
--- a/source3/rpc_server/srv_lsa_hnd.c
+++ b/source3/rpc_server/srv_lsa_hnd.c
@@ -32,16 +32,15 @@ extern int DEBUGLEVEL;
struct reg_info
{
- /* for use by \PIPE\winreg */
+ /* for use by \PIPE\winreg */
fstring name; /* name of registry key */
};
struct samr_info
{
- /* for use by the \PIPE\samr policy */
+ /* for use by the \PIPE\samr policy */
DOM_SID sid;
- uint32 rid; /* relative id associated with the pol_hnd */
- uint32 status; /* some sort of flag. best to record it. comes from opnum 0x39 */
+ uint32 status; /* some sort of flag. best to record it. comes from opnum 0x39 */
};
static struct policy
@@ -162,25 +161,6 @@ int find_lsa_policy_by_hnd(POLICY_HND *hnd)
return p?p->pnum:-1;
}
-/****************************************************************************
- set samr rid
-****************************************************************************/
-BOOL set_lsa_policy_samr_rid(POLICY_HND *hnd, uint32 rid)
-{
- struct policy *p = find_lsa_policy(hnd);
-
- if (p && p->open) {
- DEBUG(3,("Setting policy device rid=%x pnum=%x\n",
- rid, p->pnum));
-
- p->dev.samr.rid = rid;
- return True;
- }
-
- DEBUG(3,("Error setting policy rid=%x\n",rid));
- return False;
-}
-
/****************************************************************************
set samr pol status. absolutely no idea what this is.
@@ -230,8 +210,7 @@ BOOL get_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid)
{
struct policy *p = find_lsa_policy(hnd);
- if (p != NULL && p->open)
- {
+ if (p != NULL && p->open) {
fstring sidstr;
memcpy(sid, &p->dev.samr.sid, sizeof(*sid));
DEBUG(3,("Getting policy sid=%s pnum=%x\n",
@@ -252,7 +231,7 @@ uint32 get_lsa_policy_samr_rid(POLICY_HND *hnd)
struct policy *p = find_lsa_policy(hnd);
if (p && p->open) {
- uint32 rid = p->dev.samr.rid;
+ uint32 rid = p->dev.samr.sid.sub_auths[p->dev.samr.sid.num_auths-1];
DEBUG(3,("Getting policy device rid=%x pnum=%x\n",
rid, p->pnum));
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 44bca13c1a..01d9568477 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -1195,7 +1195,7 @@ BOOL api_rpcTNP(pipes_struct *p, char *rpc_name,
/* do the actual command */
if(!api_rpc_cmds[fn_num].fn(p)) {
- DEBUG(0,("api_rpcTNP: %s: failed.\n", rpc_name));
+ DEBUG(0,("api_rpcTNP: %s: %s failed.\n", rpc_name, api_rpc_cmds[fn_num].name));
prs_mem_free(&p->out_data.rdata);
return False;
}
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index 7891fc16dc..59a541abd9 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -1306,9 +1306,9 @@ static BOOL api_samr_unknown_38(pipes_struct *p)
/*******************************************************************
- samr_reply_unknown_12
+ samr_reply_lookup_rids
********************************************************************/
-static BOOL samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
+static BOOL samr_reply_lookup_rids(SAMR_Q_LOOKUP_RIDS *q_u,
prs_struct *rdata)
{
fstring group_names[MAX_SAM_ENTRIES];
@@ -1316,9 +1316,9 @@ static BOOL samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
uint32 status = 0;
int num_gids = q_u->num_gids1;
- SAMR_R_UNKNOWN_12 r_u;
+ SAMR_R_LOOKUP_RIDS r_u;
- DEBUG(5,("samr_unknown_12: %d\n", __LINE__));
+ DEBUG(5,("samr_reply_lookup_rids: %d\n", __LINE__));
/* find the policy handle. open a policy on it. */
if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
@@ -1332,7 +1332,7 @@ static BOOL samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
if (num_gids > MAX_SAM_ENTRIES)
{
num_gids = MAX_SAM_ENTRIES;
- DEBUG(5,("samr_unknown_12: truncating entries to %d\n", num_gids));
+ DEBUG(5,("samr_reply_lookup_rids: truncating entries to %d\n", num_gids));
}
for (i = 0; i < num_gids && status == 0; i++)
@@ -1342,32 +1342,32 @@ static BOOL samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
}
}
- init_samr_r_unknown_12(&r_u, num_gids, group_names, group_attrs, status);
+ init_samr_r_lookup_rids(&r_u, num_gids, group_names, group_attrs, status);
/* store the response in the SMB stream */
- if(!samr_io_r_unknown_12("", &r_u, rdata, 0))
+ if(!samr_io_r_lookup_rids("", &r_u, rdata, 0))
return False;
- DEBUG(5,("samr_unknown_12: %d\n", __LINE__));
+ DEBUG(5,("samr_reply_lookup_rids: %d\n", __LINE__));
return True;
}
/*******************************************************************
- api_samr_unknown_12
+ api_samr_lookup_rids
********************************************************************/
-static BOOL api_samr_unknown_12(pipes_struct *p)
+static BOOL api_samr_lookup_rids(pipes_struct *p)
{
- SAMR_Q_UNKNOWN_12 q_u;
+ SAMR_Q_LOOKUP_RIDS q_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
/* grab the samr lookup names */
- if(!samr_io_q_unknown_12("", &q_u, data, 0))
+ if(!samr_io_q_lookup_rids("", &q_u, data, 0))
return False;
/* construct reply. always indicate success */
- if(!samr_reply_unknown_12(&q_u, rdata))
+ if(!samr_reply_lookup_rids(&q_u, rdata))
return False;
return True;
@@ -1375,62 +1375,51 @@ static BOOL api_samr_unknown_12(pipes_struct *p)
/*******************************************************************
- samr_reply_open_user
+ _api_samr_open_user
********************************************************************/
-static BOOL samr_reply_open_user(SAMR_Q_OPEN_USER *q_u, prs_struct *rdata, int status)
+static uint32 _api_samr_open_user(POLICY_HND domain_pol, uint32 user_rid, POLICY_HND *user_pol)
{
- SAMR_R_OPEN_USER r_u;
struct sam_passwd *sam_pass;
- BOOL pol_open = False;
-
- /* set up the SAMR open_user response */
- memset((char *)r_u.user_pol.data, '\0', POL_HND_SIZE);
+ DOM_SID sid;
- r_u.status = 0x0;
-
- /* find the policy handle. open a policy on it. */
- if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->domain_pol)) == -1))
- {
- r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- }
+ /* find the domain policy handle. */
+ if (find_lsa_policy_by_hnd(&domain_pol) == -1)
+ return NT_STATUS_INVALID_HANDLE;
/* get a (unique) handle. open a policy on it. */
- if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.user_pol))))
- {
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
+ if (!open_lsa_policy_hnd(user_pol))
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
become_root();
- sam_pass = getsam21pwrid(q_u->user_rid);
+ sam_pass = getsam21pwrid(user_rid);
unbecome_root();
/* check that the RID exists in our domain. */
- if (r_u.status == 0x0 && sam_pass == NULL)
- {
- r_u.status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
+ if (sam_pass == NULL) {
+ close_lsa_policy_hnd(user_pol);
+ return NT_STATUS_NO_SUCH_USER;
}
-
- /* associate the RID with the (unique) handle. */
- if (r_u.status == 0x0 && !set_lsa_policy_samr_rid(&(r_u.user_pol), q_u->user_rid))
- {
- /* oh, whoops. don't know what error message to return, here */
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
+
+ /* Get the domain SID stored in the domain policy */
+ if(!get_lsa_policy_samr_sid(&domain_pol, &sid)) {
+ close_lsa_policy_hnd(user_pol);
+ return NT_STATUS_INVALID_HANDLE;
}
- if (r_u.status != 0 && pol_open)
- {
- close_lsa_policy_hnd(&(r_u.user_pol));
+ /* append the user's RID to it */
+ if(!sid_append_rid(&sid, user_rid)) {
+ close_lsa_policy_hnd(user_pol);
+ return NT_STATUS_NO_SUCH_USER;
}
- DEBUG(5,("samr_open_user: %d\n", __LINE__));
-
- /* store the response in the SMB stream */
- if(!samr_io_r_open_user("", &r_u, rdata, 0))
- return False;
-
- DEBUG(5,("samr_open_user: %d\n", __LINE__));
+ /* associate the user's SID with the handle. */
+ if (!set_lsa_policy_samr_sid(user_pol, &sid)) {
+ /* oh, whoops. don't know what error message to return, here */
+ close_lsa_policy_hnd(user_pol);
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ }
- return True;
+ return NT_STATUS_NO_PROBLEMO;
}
/*******************************************************************
@@ -1439,21 +1428,28 @@ static BOOL samr_reply_open_user(SAMR_Q_OPEN_USER *q_u, prs_struct *rdata, int s
static BOOL api_samr_open_user(pipes_struct *p)
{
SAMR_Q_OPEN_USER q_u;
+ SAMR_R_OPEN_USER r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
/* grab the samr unknown 22 */
if(!samr_io_q_open_user("", &q_u, data, 0))
return False;
- /* construct reply. always indicate success */
- if(!samr_reply_open_user(&q_u, rdata, 0x0))
+ r_u.status = _api_samr_open_user(q_u.domain_pol, q_u.user_rid, &r_u.user_pol);
+
+ /* store the response in the SMB stream */
+ if(!samr_io_r_open_user("", &r_u, rdata, 0))
return False;
+ DEBUG(5,("samr_open_user: %d\n", __LINE__));
+
return True;
}
-
/*************************************************************************
get_user_info_10
*************************************************************************/
@@ -1753,45 +1749,64 @@ static BOOL api_samr_query_usergroups(pipes_struct *p)
/*******************************************************************
- samr_reply_query_dom_info
+ api_samr_query_dom_info
********************************************************************/
-static BOOL samr_reply_query_dom_info(SAMR_Q_QUERY_DOMAIN_INFO *q_u, prs_struct *rdata)
+static BOOL api_samr_query_dom_info(pipes_struct *p)
{
+ SAMR_Q_QUERY_DOMAIN_INFO q_u;
SAMR_R_QUERY_DOMAIN_INFO r_u;
SAM_UNK_CTR ctr;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
uint16 switch_value = 0x0;
uint32 status = 0x0;
+ ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
ZERO_STRUCT(ctr);
- r_u.ctr = &ctr;
+ DEBUG(5,("api_samr_query_dom_info: %d\n", __LINE__));
- DEBUG(5,("samr_reply_query_dom_info: %d\n", __LINE__));
+ /* grab the samr unknown 8 command */
+ if(!samr_io_q_query_dom_info("", &q_u, data, 0))
+ return False;
/* find the policy handle. open a policy on it. */
- if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->domain_pol)) == -1))
- {
- r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- DEBUG(5,("samr_reply_query_dom_info: invalid handle\n"));
+ if (find_lsa_policy_by_hnd(&q_u.domain_pol) == -1) {
+ status = NT_STATUS_INVALID_HANDLE;
+ DEBUG(5,("api_samr_query_dom_info: invalid handle\n"));
}
- if (status == 0x0)
- {
- switch (q_u->switch_value)
- {
+ if (status == 0x0) {
+ switch (q_u.switch_value) {
+ case 0x01:
+ switch_value = 0x1;
+ init_unk_info1(&ctr.info.inf1);
+ break;
case 0x02:
- {
switch_value = 0x2;
init_unk_info2(&ctr.info.inf2, global_myworkgroup, global_myname);
-
break;
- }
+ case 0x03:
+ switch_value = 0x3;
+ init_unk_info3(&ctr.info.inf3);
+ break;
+ case 0x06:
+ switch_value = 0x6;
+ init_unk_info6(&ctr.info.inf6);
+ break;
+ case 0x07:
+ switch_value = 0x7;
+ init_unk_info7(&ctr.info.inf7);
+ break;
+ case 0x0c:
+ switch_value = 0xc;
+ init_unk_info12(&ctr.info.inf12);
+ break;
default:
- {
- status = 0xC0000000 | NT_STATUS_INVALID_INFO_CLASS;
+ status = NT_STATUS_INVALID_INFO_CLASS;
break;
- }
}
}
@@ -1801,65 +1816,28 @@ static BOOL samr_reply_query_dom_info(SAMR_Q_QUERY_DOMAIN_INFO *q_u, prs_struct
if(!samr_io_r_query_dom_info("", &r_u, rdata, 0))
return False;
- DEBUG(5,("samr_query_dom_info: %d\n", __LINE__));
-
- return True;
-}
-
-/*******************************************************************
- api_samr_query_dom_info
- ********************************************************************/
-static BOOL api_samr_query_dom_info(pipes_struct *p)
-{
- SAMR_Q_QUERY_DOMAIN_INFO q_e;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- /* grab the samr unknown 8 command */
- if(!samr_io_q_query_dom_info("", &q_e, data, 0))
- return False;
-
- /* construct reply. */
- if(!samr_reply_query_dom_info(&q_e, rdata))
- return False;
+ DEBUG(5,("api_samr_query_dom_info: %d\n", __LINE__));
return True;
}
/*******************************************************************
- api_samr_create_user
+ _api_samr_create_user
********************************************************************/
-static BOOL api_samr_create_user(pipes_struct *p)
+static BOOL _api_samr_create_user(POLICY_HND dom_pol, UNISTR2 user_account, uint32 acb_info, uint32 access_mask,
+ POLICY_HND *user_pol, uint32 *unknown0, uint32 *user_rid)
{
struct sam_passwd *sam_pass;
fstring mach_acct;
pstring err_str;
pstring msg_str;
int local_flags=0;
+ DOM_SID sid;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- SAMR_Q_CREATE_USER q_u;
- SAMR_R_CREATE_USER r_u;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- DEBUG(5,("api_samr_create_user: %d\n", __LINE__));
-
- /* grab the samr create user */
- if (!samr_io_q_create_user("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_create_user: Unable to unmarshall SAMR_Q_CREATE_USER.\n"));
- return False;
- }
-
/* find the policy handle. open a policy on it. */
- if ((find_lsa_policy_by_hnd(&q_u.pol) == -1)) {
- r_u.status = NT_STATUS_INVALID_HANDLE;
- goto out;
- }
+ if (find_lsa_policy_by_hnd(&dom_pol) == -1)
+ return NT_STATUS_INVALID_HANDLE;
/* find the machine account: tell the caller if it exists.
lkclXXXX i have *no* idea if this is a problem or not
@@ -1867,7 +1845,7 @@ static BOOL api_samr_create_user(pipes_struct *p)
reply if the account already exists...
*/
- fstrcpy(mach_acct, dos_unistrn2(q_u.uni_mach_acct.buffer, q_u.uni_mach_acct.uni_str_len));
+ fstrcpy(mach_acct, dos_unistrn2(user_account.buffer, user_account.uni_str_len));
strlower(mach_acct);
become_root();
@@ -1875,18 +1853,15 @@ static BOOL api_samr_create_user(pipes_struct *p)
unbecome_root();
if (sam_pass != NULL) {
/* machine account exists: say so */
- r_u.status = NT_STATUS_USER_EXISTS;
- goto out;
+ return NT_STATUS_USER_EXISTS;
}
/* get a (unique) handle. open a policy on it. */
- if (!open_lsa_policy_hnd(&r_u.pol)) {
- r_u.status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
- goto out;
- }
+ if (!open_lsa_policy_hnd(user_pol))
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
local_flags=LOCAL_ADD_USER|LOCAL_DISABLE_USER|LOCAL_SET_NO_PASSWORD;
- local_flags|= (q_u.acb_info & ACB_WSTRUST) ? LOCAL_TRUST_ACCOUNT:0;
+ local_flags|= (acb_info & ACB_WSTRUST) ? LOCAL_TRUST_ACCOUNT:0;
/*
* NB. VERY IMPORTANT ! This call must be done as the current pipe user,
@@ -1897,10 +1872,8 @@ static BOOL api_samr_create_user(pipes_struct *p)
if (!local_password_change(mach_acct, local_flags, NULL, err_str, sizeof(err_str), msg_str, sizeof(msg_str))) {
DEBUG(0, ("%s\n", err_str));
- r_u.status = NT_STATUS_ACCESS_DENIED;
- close_lsa_policy_hnd(&r_u.pol);
- memset((char *)r_u.pol.data, '\0', POL_HND_SIZE);
- goto out;
+ close_lsa_policy_hnd(user_pol);
+ return NT_STATUS_ACCESS_DENIED;
}
become_root();
@@ -1908,31 +1881,62 @@ static BOOL api_samr_create_user(pipes_struct *p)
unbecome_root();
if (sam_pass == NULL) {
/* account doesn't exist: say so */
- r_u.status = NT_STATUS_ACCESS_DENIED;
- close_lsa_policy_hnd(&r_u.pol);
- memset((char *)r_u.pol.data, '\0', POL_HND_SIZE);
- goto out;
+ close_lsa_policy_hnd(user_pol);
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ /* Get the domain SID stored in the domain policy */
+ if(!get_lsa_policy_samr_sid(&dom_pol, &sid)) {
+ close_lsa_policy_hnd(user_pol);
+ return NT_STATUS_INVALID_HANDLE;
+ }
+
+ /* append the user's RID to it */
+ if(!sid_append_rid(&sid, sam_pass->user_rid)) {
+ close_lsa_policy_hnd(user_pol);
+ return NT_STATUS_NO_SUCH_USER;
}
/* associate the RID with the (unique) handle. */
- if (!set_lsa_policy_samr_rid(&r_u.pol, sam_pass->user_rid)) {
+ if (!set_lsa_policy_samr_sid(user_pol, &sid)) {
/* oh, whoops. don't know what error message to return, here */
- r_u.status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
- close_lsa_policy_hnd(&r_u.pol);
- memset((char *)r_u.pol.data, '\0', POL_HND_SIZE);
- goto out;
+ close_lsa_policy_hnd(user_pol);
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ }
+
+ *unknown0=0x000703ff;
+ *user_rid=sam_pass->user_rid;
+
+ return NT_STATUS_NO_PROBLEMO;
+}
+
+/*******************************************************************
+ api_samr_create_user
+ ********************************************************************/
+static BOOL api_samr_create_user(pipes_struct *p)
+{
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ SAMR_Q_CREATE_USER q_u;
+ SAMR_R_CREATE_USER r_u;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ /* grab the samr create user */
+ if (!samr_io_q_create_user("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_create_user: Unable to unmarshall SAMR_Q_CREATE_USER.\n"));
+ return False;
}
- r_u.unknown_0=0x000703ff;
- r_u.user_rid=sam_pass->user_rid;
+ r_u.status=_api_samr_create_user(q_u.pol, q_u.uni_mach_acct, q_u.acb_info, q_u.access_mask,
+ &r_u.pol, &r_u.unknown_0, &r_u.user_rid);
- out:
/* store the response in the SMB stream */
if(!samr_io_r_create_user("", &r_u, rdata, 0))
return False;
- DEBUG(5,("api_samr_create_user: %d\n", __LINE__));
-
return True;
}
@@ -2146,67 +2150,406 @@ static BOOL api_samr_enum_domains(pipes_struct *p)
return True;
}
+
/*******************************************************************
- samr_reply_open_alias
+ api_samr_open_alias
********************************************************************/
-static BOOL samr_reply_open_alias(SAMR_Q_OPEN_ALIAS *q_u, prs_struct *rdata)
+static uint32 _api_samr_open_alias(POLICY_HND domain_pol, uint32 alias_rid, POLICY_HND *alias_pol)
{
- SAMR_R_OPEN_ALIAS r_u;
- BOOL pol_open = False;
-
- /* set up the SAMR open_alias response */
+ DOM_SID sid;
+
+ /* get the domain policy. */
+ if (!open_lsa_policy_hnd(&domain_pol))
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
- r_u.status = 0x0;
/* get a (unique) handle. open a policy on it. */
- if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.pol))))
- {
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ if (!open_lsa_policy_hnd(alias_pol))
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+
+ /* Get the domain SID stored in the domain policy */
+ if(!get_lsa_policy_samr_sid(&domain_pol, &sid)) {
+ close_lsa_policy_hnd(alias_pol);
+ return NT_STATUS_INVALID_HANDLE;
+ }
+
+ /* append the alias' RID to it */
+ if(!sid_append_rid(&sid, alias_rid)) {
+ close_lsa_policy_hnd(alias_pol);
+ return NT_STATUS_NO_SUCH_USER;
}
/* associate a RID with the (unique) handle. */
- if (r_u.status == 0x0 && !set_lsa_policy_samr_rid(&(r_u.pol), q_u->rid_alias))
- {
+ if (!set_lsa_policy_samr_sid(alias_pol, &sid)) {
/* oh, whoops. don't know what error message to return, here */
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ close_lsa_policy_hnd(alias_pol);
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
- if (r_u.status != 0 && pol_open)
- {
- close_lsa_policy_hnd(&(r_u.pol));
- }
+ return NT_STATUS_NO_PROBLEMO;
+}
- DEBUG(5,("samr_open_alias: %d\n", __LINE__));
+/*******************************************************************
+ api_samr_open_alias
+ ********************************************************************/
+static BOOL api_samr_open_alias(pipes_struct *p)
+{
+ SAMR_Q_OPEN_ALIAS q_u;
+ SAMR_R_OPEN_ALIAS r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ /* grab the samr open policy */
+ if(!samr_io_q_open_alias("", &q_u, data, 0))
+ return False;
+
+ r_u.status=_api_samr_open_alias(q_u.dom_pol, q_u.rid_alias, &r_u.pol);
/* store the response in the SMB stream */
if(!samr_io_r_open_alias("", &r_u, rdata, 0))
return False;
+
+ return True;
+}
+
+/*******************************************************************
+ set_user_info_10
+ ********************************************************************/
+static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, uint32 rid)
+{
+ struct sam_passwd *pwd = getsam21pwrid(rid);
+ struct sam_passwd new_pwd;
+
+ if (id10 == NULL) {
+ DEBUG(5, ("set_user_info_10: NULL id10\n"));
+ return False;
+ }
+
+ if (pwd == NULL)
+ return False;
+
+ copy_sam_passwd(&new_pwd, pwd);
+
+ new_pwd.acct_ctrl = id10->acb_info;
+
+ if(!mod_sam21pwd_entry(&new_pwd, True))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+ set_user_info_12
+ ********************************************************************/
+static BOOL set_user_info_12(const SAM_USER_INFO_12 *id12, uint32 rid)
+{
+ struct sam_passwd *pwd = getsam21pwrid(rid);
+ struct sam_passwd new_pwd;
+ static uchar nt_hash[16];
+ static uchar lm_hash[16];
+
+ if (pwd == NULL)
+ return False;
+
+ if (id12 == NULL) {
+ DEBUG(2, ("set_user_info_12: id12 is NULL\n"));
+ return False;
+ }
+
+ pdb_init_sam(&new_pwd);
+ copy_sam_passwd(&new_pwd, pwd);
+
+ memcpy(nt_hash, id12->nt_pwd, sizeof(nt_hash));
+ memcpy(lm_hash, id12->lm_pwd, sizeof(lm_hash));
+
+ new_pwd.smb_passwd = lm_hash;
+ new_pwd.smb_nt_passwd = nt_hash;
+
+ if(!mod_sam21pwd_entry(&new_pwd, True))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+ set_user_info_21
+ ********************************************************************/
+static BOOL set_user_info_21(SAM_USER_INFO_21 * id21, uint32 rid)
+{
+ struct sam_passwd *pwd = getsam21pwrid(rid);
+ struct sam_passwd new_pwd;
+ static uchar nt_hash[16];
+ static uchar lm_hash[16];
+
+ if (id21 == NULL) {
+ DEBUG(5, ("set_user_info_21: NULL id21\n"));
+ return False;
+ }
+
+ if (pwd == NULL)
+ return False;
+
+ pdb_init_sam(&new_pwd);
+ copy_sam_passwd(&new_pwd, pwd);
+ copy_id21_to_sam_passwd(&new_pwd, id21);
+
+ if (pwd->smb_nt_passwd != NULL) {
+ memcpy(nt_hash, pwd->smb_nt_passwd, 16);
+ new_pwd.smb_nt_passwd = nt_hash;
+ } else
+ new_pwd.smb_nt_passwd = NULL;
+
+ if (pwd->smb_nt_passwd != NULL) {
+ memcpy(lm_hash, pwd->smb_passwd, 16);
+ new_pwd.smb_passwd = lm_hash;
+ } else
+ new_pwd.smb_passwd = NULL;
+
+ if(!mod_sam21pwd_entry(&new_pwd, True))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+ set_user_info_23
+ ********************************************************************/
+static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
+{
+ struct sam_passwd *pwd = getsam21pwrid(rid);
+ struct sam_passwd new_pwd;
+ static uchar nt_hash[16];
+ static uchar lm_hash[16];
+ pstring buf;
+ uint32 len;
+
+ if (id23 == NULL) {
+ DEBUG(5, ("set_user_info_23: NULL id23\n"));
+ return False;
+ }
+
+ if (pwd == NULL)
+ return False;
+
+ pdb_init_sam(&new_pwd);
+ copy_sam_passwd(&new_pwd, pwd);
+ copy_id23_to_sam_passwd(&new_pwd, id23);
- DEBUG(5,("samr_open_alias: %d\n", __LINE__));
+ if (!decode_pw_buffer(id23->pass, buf, 256, &len))
+ return False;
+
+ nt_lm_owf_gen(buf, nt_hash, lm_hash);
+
+ new_pwd.smb_passwd = lm_hash;
+ new_pwd.smb_nt_passwd = nt_hash;
+
+ if(!mod_sam21pwd_entry(&new_pwd, True))
+ return False;
return True;
}
/*******************************************************************
- api_samr_open_alias
+ set_user_info_24
********************************************************************/
-static BOOL api_samr_open_alias(pipes_struct *p)
+static BOOL set_user_info_24(const SAM_USER_INFO_24 *id24, uint32 rid)
{
- SAMR_Q_OPEN_ALIAS q_u;
+ struct sam_passwd *pwd = getsam21pwrid(rid);
+ struct sam_passwd new_pwd;
+ static uchar nt_hash[16];
+ static uchar lm_hash[16];
+ uint32 len;
+ pstring buf;
+
+ if (pwd == NULL)
+ return False;
+
+ pdb_init_sam(&new_pwd);
+ copy_sam_passwd(&new_pwd, pwd);
+
+ if (!decode_pw_buffer(id24->pass, buf, 256, &len))
+ return False;
+
+ nt_lm_owf_gen(buf, nt_hash, lm_hash);
+
+ new_pwd.smb_passwd = lm_hash;
+ new_pwd.smb_nt_passwd = nt_hash;
+
+ if(!mod_sam21pwd_entry(&new_pwd, True))
+ return False;
+
+ return True;
+}
+
+/*******************************************************************
+ samr_reply_set_userinfo
+ ********************************************************************/
+static uint32 _samr_set_userinfo(POLICY_HND *pol, uint16 switch_value, SAM_USERINFO_CTR *ctr, uint16 vuid)
+{
+ uint32 rid = 0x0;
+ DOM_SID sid;
+ user_struct *vuser = NULL;
+
+ DEBUG(5, ("samr_reply_set_userinfo: %d\n", __LINE__));
+
+ /* search for the handle */
+ if (find_lsa_policy_by_hnd(pol) == -1)
+ return NT_STATUS_INVALID_HANDLE;
+
+ if ((vuser = get_valid_user_struct(vuid)) == NULL)
+ return NT_STATUS_INVALID_HANDLE;
+
+ /* find the policy handle. open a policy on it. */
+ if (!get_lsa_policy_samr_sid(pol, &sid))
+ return NT_STATUS_INVALID_HANDLE;
+
+ sid_split_rid(&sid, &rid);
+
+ DEBUG(5, ("samr_reply_set_userinfo: rid:0x%x, level:%d\n", rid, switch_value));
+
+ if (ctr == NULL) {
+ DEBUG(5, ("samr_reply_set_userinfo: NULL info level\n"));
+ return NT_STATUS_INVALID_INFO_CLASS;
+ }
+
+ /* ok! user info levels (lots: see MSDEV help), off we go... */
+ switch (switch_value) {
+ case 0x12:
+ if (!set_user_info_12(ctr->info.id12, rid))
+ return NT_STATUS_ACCESS_DENIED;
+ break;
+
+ case 24:
+ SamOEMhash(ctr->info.id24->pass, vuser->dc.sess_key, True);
+ if (!set_user_info_24(ctr->info.id24, rid))
+ return NT_STATUS_ACCESS_DENIED;
+ break;
+
+ case 23:
+ DEBUG(5, ("samr_reply_set_userinfo: sess key:[%s]\n", credstr(vuser->dc.sess_key)));
+ SamOEMhash(ctr->info.id23->pass, vuser->dc.sess_key, 1);
+ if (!set_user_info_23(ctr->info.id23, rid))
+ return NT_STATUS_ACCESS_DENIED;
+ break;
+
+ default:
+ return NT_STATUS_INVALID_INFO_CLASS;
+ }
+
+ return NT_STATUS_NOPROBLEMO;
+}
+
+/*******************************************************************
+ api_samr_set_userinfo
+ ********************************************************************/
+static BOOL api_samr_set_userinfo(pipes_struct *p)
+{
+ SAMR_Q_SET_USERINFO q_u;
+ SAMR_R_SET_USERINFO r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr open policy */
- if(!samr_io_q_open_alias("", &q_u, data, 0))
+ SAM_USERINFO_CTR ctr;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ q_u.ctr = &ctr;
+
+ if (!samr_io_q_set_userinfo("", &q_u, data, 0))
return False;
- /* construct reply. always indicate success */
- if(!samr_reply_open_alias(&q_u, rdata))
+ r_u.status = _samr_set_userinfo(&q_u.pol, q_u.switch_value, &ctr, p->vuid);
+
+ free_samr_q_set_userinfo(&q_u);
+
+ if(!samr_io_r_set_userinfo("", &r_u, rdata, 0))
return False;
return True;
}
/*******************************************************************
+ samr_reply_set_userinfo2
+ ********************************************************************/
+static uint32 _samr_set_userinfo2(POLICY_HND *pol, uint16 switch_value, SAM_USERINFO_CTR *ctr)
+{
+ DOM_SID sid;
+ uint32 rid = 0x0;
+
+ DEBUG(5, ("samr_reply_set_userinfo2: %d\n", __LINE__));
+
+ /* search for the handle */
+ if (find_lsa_policy_by_hnd(pol) == -1)
+ return NT_STATUS_INVALID_HANDLE;
+
+ /* find the policy handle. open a policy on it. */
+ if (!get_lsa_policy_samr_sid(pol, &sid))
+ return NT_STATUS_INVALID_HANDLE;
+
+ sid_split_rid(&sid, &rid);
+
+ DEBUG(5, ("samr_reply_set_userinfo2: rid:0x%x\n", rid));
+
+ if (ctr == NULL) {
+ DEBUG(5, ("samr_reply_set_userinfo2: NULL info level\n"));
+ return NT_STATUS_INVALID_INFO_CLASS;
+ }
+
+ ctr->switch_value = switch_value;
+
+ /* ok! user info levels (lots: see MSDEV help), off we go... */
+ switch (switch_value) {
+ case 21:
+ if (!set_user_info_21(ctr->info.id21, rid))
+ return NT_STATUS_ACCESS_DENIED;
+ break;
+ case 16:
+ if (!set_user_info_10(ctr->info.id10, rid))
+ return NT_STATUS_ACCESS_DENIED;
+ break;
+ default:
+ return NT_STATUS_INVALID_INFO_CLASS;
+ }
+
+ return NT_STATUS_NOPROBLEMO;
+}
+
+/*******************************************************************
+ api_samr_set_userinfo2
+ ********************************************************************/
+static BOOL api_samr_set_userinfo2(pipes_struct *p)
+{
+ SAMR_Q_SET_USERINFO2 q_u;
+ SAMR_R_SET_USERINFO2 r_u;
+ SAM_USERINFO_CTR ctr;
+
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ q_u.ctr = &ctr;
+
+ if (!samr_io_q_set_userinfo2("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _samr_set_userinfo2(&q_u.pol, q_u.switch_value, &ctr);
+
+ free_samr_q_set_userinfo2(&q_u);
+
+ if(!samr_io_r_set_userinfo2("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+
+
+/*******************************************************************
array of \PIPE\samr operations
********************************************************************/
static struct api_struct api_samr_cmds [] =
@@ -2221,12 +2564,12 @@ static struct api_struct api_samr_cmds [] =
{ "SAMR_LOOKUP_NAMES" , SAMR_LOOKUP_NAMES , api_samr_lookup_names },
{ "SAMR_OPEN_USER" , SAMR_OPEN_USER , api_samr_open_user },
{ "SAMR_QUERY_USERINFO" , SAMR_QUERY_USERINFO , api_samr_query_userinfo },
- { "SAMR_QUERY_DOMAIN_INFO", SAMR_QUERY_DOMAIN_INFO, api_samr_query_dom_info },
+ { "SAMR_QUERY_DOMAIN_INFO", SAMR_QUERY_DOMAIN_INFO, api_samr_query_dom_info },
{ "SAMR_QUERY_USERGROUPS" , SAMR_QUERY_USERGROUPS , api_samr_query_usergroups },
{ "SAMR_QUERY_DISPINFO" , SAMR_QUERY_DISPINFO , api_samr_query_dispinfo },
{ "SAMR_QUERY_ALIASINFO" , SAMR_QUERY_ALIASINFO , api_samr_query_aliasinfo },
{ "SAMR_CREATE_USER" , SAMR_CREATE_USER , api_samr_create_user },
- { "SAMR_UNKNOWN_12" , SAMR_UNKNOWN_12 , api_samr_unknown_12 },
+ { "SAMR_LOOKUP_RIDS" , SAMR_LOOKUP_RIDS , api_samr_lookup_rids },
{ "SAMR_UNKNOWN_38" , SAMR_UNKNOWN_38 , api_samr_unknown_38 },
{ "SAMR_CHGPASSWD_USER" , SAMR_CHGPASSWD_USER , api_samr_chgpasswd_user },
{ "SAMR_OPEN_ALIAS" , SAMR_OPEN_ALIAS , api_samr_open_alias },
@@ -2235,6 +2578,8 @@ static struct api_struct api_samr_cmds [] =
{ "SAMR_UNKNOWN_2C" , SAMR_UNKNOWN_2C , api_samr_unknown_2c },
{ "SAMR_LOOKUP_DOMAIN" , SAMR_LOOKUP_DOMAIN , api_samr_lookup_domain },
{ "SAMR_ENUM_DOMAINS" , SAMR_ENUM_DOMAINS , api_samr_enum_domains },
+ { "SAMR_SET_USERINFO" , SAMR_SET_USERINFO , api_samr_set_userinfo },
+ { "SAMR_SET_USERINFO2" , SAMR_SET_USERINFO2 , api_samr_set_userinfo2 },
{ NULL , 0 , NULL }
};