summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/auth/auth_unix.c6
-rw-r--r--source3/auth/auth_util.c47
-rw-r--r--source3/passdb/pdb_ldap.c4
-rw-r--r--source3/passdb/pdb_nisplus.c4
-rw-r--r--source3/passdb/pdb_tdb.c12
-rw-r--r--source3/rpc_parse/parse_net.c6
-rw-r--r--source3/rpc_server/srv_netlog_nt.c10
-rw-r--r--source3/smbd/auth_unix.c6
-rw-r--r--source3/smbd/auth_util.c47
-rw-r--r--source3/smbd/reply.c4
-rw-r--r--source3/smbd/sesssetup.c6
11 files changed, 83 insertions, 69 deletions
diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c
index d456da1fdf..8c4a520350 100644
--- a/source3/auth/auth_unix.c
+++ b/source3/auth/auth_unix.c
@@ -98,13 +98,15 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve
update_smbpassword_file : NULL,
True);
+ unbecome_root();
+
if NT_STATUS_IS_OK(nt_status) {
if (pass) {
make_server_info_pw(server_info, pass);
+ } else {
+ nt_status = NT_STATUS_NO_SUCH_USER;
}
}
- unbecome_root();
-
return nt_status;
}
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 85f01605ab..9de8142578 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -282,9 +282,12 @@ BOOL make_user_info_netlogon_network(auth_usersupplied_info **user_info,
if (lm_pwd_len)
ntlmssp_flags |= NTLMSSP_NEGOTIATE_OEM;
- if (nt_pwd_len)
+ if (nt_pwd_len == 24) {
ntlmssp_flags |= NTLMSSP_NEGOTIATE_NTLM;
-
+ } else if (nt_pwd_len != 0) {
+ ntlmssp_flags |= NTLMSSP_NEGOTIATE_NTLM2;
+ }
+
ret = make_user_info_map(user_info,
smb_name, client_domain,
wksta_name, sec_blob,
@@ -303,15 +306,15 @@ BOOL make_user_info_netlogon_network(auth_usersupplied_info **user_info,
****************************************************************************/
BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info,
- char *smb_name,
- char *client_domain,
- char *wksta_name,
- uchar *lm_interactive_pwd, int lm_pwd_len,
- uchar *nt_interactive_pwd, int nt_pwd_len,
- uchar *dc_sess_key)
+ char *smb_name,
+ char *client_domain,
+ char *wksta_name,
+ uchar lm_interactive_pwd[16],
+ uchar nt_interactive_pwd[16],
+ uchar *dc_sess_key)
{
- char nt_pwd[16];
char lm_pwd[16];
+ char nt_pwd[16];
unsigned char local_lm_response[24];
unsigned char local_nt_response[24];
unsigned char key[16];
@@ -320,32 +323,32 @@ BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info,
generate_random_buffer(chal, 8, False);
- memset(key, 0, 16);
+ ZERO_STRUCT(key);
memcpy(key, dc_sess_key, 8);
- memcpy(lm_pwd, lm_interactive_pwd, 16);
- memcpy(nt_pwd, nt_interactive_pwd, 16);
+ if (lm_interactive_pwd) memcpy(lm_pwd, lm_interactive_pwd, sizeof(lm_pwd));
+ if (nt_interactive_pwd) memcpy(nt_pwd, nt_interactive_pwd, sizeof(nt_pwd));
#ifdef DEBUG_PASSWORD
DEBUG(100,("key:"));
- dump_data(100, (char *)key, 16);
+ dump_data(100, (char *)key, sizeof(key));
DEBUG(100,("lm owf password:"));
- dump_data(100, lm_pwd, 16);
+ dump_data(100, lm_pwd, sizeof(lm_pwd));
DEBUG(100,("nt owf password:"));
- dump_data(100, nt_pwd, 16);
+ dump_data(100, nt_pwd, sizeof(nt_pwd));
#endif
- SamOEMhash((uchar *)lm_pwd, key, 16);
- SamOEMhash((uchar *)nt_pwd, key, 16);
+ SamOEMhash((uchar *)lm_pwd, key, sizeof(lm_pwd));
+ SamOEMhash((uchar *)nt_pwd, key, sizeof(nt_pwd));
#ifdef DEBUG_PASSWORD
DEBUG(100,("decrypt of lm owf password:"));
- dump_data(100, lm_pwd, 16);
+ dump_data(100, lm_pwd, sizeof(lm_pwd));
DEBUG(100,("decrypt of nt owf password:"));
- dump_data(100, nt_pwd, 16);
+ dump_data(100, nt_pwd, sizeof(nt_pwd));
#endif
generate_random_buffer(chal, 8, False);
@@ -364,7 +367,11 @@ BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info,
DATA_BLOB local_nt_blob = data_blob(local_nt_response, sizeof(local_nt_response));
DATA_BLOB plaintext_blob = data_blob(NULL, 0);
- ntlmssp_flags = NTLMSSP_NEGOTIATE_OEM | NTLMSSP_NEGOTIATE_NTLM;
+ if (lm_interactive_pwd)
+ ntlmssp_flags |= NTLMSSP_NEGOTIATE_OEM;
+ if (nt_interactive_pwd)
+ ntlmssp_flags |= NTLMSSP_NEGOTIATE_NTLM;
+
ret = make_user_info_map(user_info,
smb_name, client_domain,
wksta_name, sec_blob,
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 057395a381..9502fc5fe4 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -485,8 +485,8 @@ static BOOL init_sam_from_ldap (SAM_ACCOUNT * sampass,
pdb_set_hours_len(sampass, hours_len);
pdb_set_logons_divs(sampass, logon_divs);
- pdb_set_uid(sampass, sys_user->pw_uid);
- pdb_set_gid(sampass, sys_user->pw_gid);
+ pdb_set_uid(sampass, &sys_user->pw_uid);
+ pdb_set_gid(sampass, &sys_user->pw_gid);
pdb_set_user_rid(sampass, user_rid);
pdb_set_group_rid(sampass, group_rid);
diff --git a/source3/passdb/pdb_nisplus.c b/source3/passdb/pdb_nisplus.c
index dddab8bdee..eceb1ea546 100644
--- a/source3/passdb/pdb_nisplus.c
+++ b/source3/passdb/pdb_nisplus.c
@@ -315,8 +315,8 @@ static BOOL make_sam_from_nisp_object(SAM_ACCOUNT *pw_buf, const nis_object *obj
pdb_set_workstations(pw_buf, ENTRY_VAL(obj, NPF_WORKSTATIONS));
pdb_set_munged_dial(pw_buf, NULL);
- pdb_set_uid(pw_buf, atoi(ENTRY_VAL(obj, NPF_UID)));
- pdb_set_gid(pw_buf, atoi(ENTRY_VAL(obj, NPF_SMB_GRPID)));
+ pdb_set_uid(pw_buf, &atoi(ENTRY_VAL(obj, NPF_UID)));
+ pdb_set_gid(pw_buf, &atoi(ENTRY_VAL(obj, NPF_SMB_GRPID)));
pdb_set_user_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_USER_RID)));
pdb_set_group_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_GROUP_RID)));
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index a170ac1345..a6c40eb970 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -463,8 +463,8 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
uid = pw->pw_uid;
gid = pw->pw_gid;
- pdb_set_uid (user, uid);
- pdb_set_gid (user, gid);
+ pdb_set_uid (user, &uid);
+ pdb_set_gid (user, &gid);
/* increment to next in line */
global_tdb_ent.key = tdb_nextkey (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
@@ -538,8 +538,8 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, const char *sname)
uid = pw->pw_uid;
gid = pw->pw_gid;
- pdb_set_uid (user, uid);
- pdb_set_gid (user, gid);
+ pdb_set_uid (user, &uid);
+ pdb_set_gid (user, &gid);
/* cleanup */
tdb_close (pwd_tdb);
@@ -722,10 +722,6 @@ static BOOL tdb_update_sam(const SAM_ACCOUNT* newpwd, BOOL override, int flag)
get_private_directory(tdbfile);
pstrcat (tdbfile, PASSDB_FILE_NAME);
- if ( (!pdb_get_uid(newpwd)) || (!pdb_get_gid(newpwd)) )
- DEBUG (0,("tdb_update_sam: Storing a SAM_ACCOUNT for [%s] with uid %d and gid %d!\n",
- pdb_get_username(newpwd), pdb_get_uid(newpwd), pdb_get_gid(newpwd)));
-
/* if we don't have a RID, then FAIL */
if (!pdb_get_user_rid(newpwd))
DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a RID\n",pdb_get_username(newpwd)));
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index c546213173..1b0e498f77 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -1002,17 +1002,17 @@ void init_id_info2(NET_ID_INFO_2 * id, const char *domain_name,
if (nt_chal_resp) {
/* oops. can only send what-ever-it-is direct */
- memcpy(nt_owf, nt_chal_resp, 24);
+ memcpy(nt_owf, nt_chal_resp, MIN(sizeof(nt_owf), nt_chal_resp_len));
nt_chal_resp = nt_owf;
}
if (lm_chal_resp) {
/* oops. can only send what-ever-it-is direct */
- memcpy(lm_owf, lm_chal_resp, 24);
+ memcpy(lm_owf, lm_chal_resp, MIN(sizeof(lm_owf), lm_chal_resp_len));
lm_chal_resp = lm_owf;
}
memcpy(id->lm_chal, lm_challenge, sizeof(id->lm_chal));
- init_str_hdr(&id->hdr_nt_chal_resp, sizeof(lm_owf), nt_chal_resp_len, (nt_chal_resp != NULL) ? 1 : 0);
+ init_str_hdr(&id->hdr_nt_chal_resp, sizeof(nt_owf), nt_chal_resp_len, (nt_chal_resp != NULL) ? 1 : 0);
init_str_hdr(&id->hdr_lm_chal_resp, sizeof(lm_owf), lm_chal_resp_len, (lm_chal_resp != NULL) ? 1 : 0);
init_unistr2(&id->uni_domain_name, domain_name, len_domain_name);
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 042279c568..d9677519a4 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -581,11 +581,11 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
auth subsystem to chew on */
{
make_user_info_netlogon_interactive(&user_info,
- nt_username, nt_domain,
- nt_workstation,
- ctr->auth.id1.lm_owf.data, 16,
- ctr->auth.id1.nt_owf.data, 16,
- p->dc.sess_key);
+ nt_username, nt_domain,
+ nt_workstation,
+ ctr->auth.id1.lm_owf.data,
+ ctr->auth.id1.nt_owf.data,
+ p->dc.sess_key);
break;
}
default:
diff --git a/source3/smbd/auth_unix.c b/source3/smbd/auth_unix.c
index d456da1fdf..8c4a520350 100644
--- a/source3/smbd/auth_unix.c
+++ b/source3/smbd/auth_unix.c
@@ -98,13 +98,15 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve
update_smbpassword_file : NULL,
True);
+ unbecome_root();
+
if NT_STATUS_IS_OK(nt_status) {
if (pass) {
make_server_info_pw(server_info, pass);
+ } else {
+ nt_status = NT_STATUS_NO_SUCH_USER;
}
}
- unbecome_root();
-
return nt_status;
}
diff --git a/source3/smbd/auth_util.c b/source3/smbd/auth_util.c
index 85f01605ab..9de8142578 100644
--- a/source3/smbd/auth_util.c
+++ b/source3/smbd/auth_util.c
@@ -282,9 +282,12 @@ BOOL make_user_info_netlogon_network(auth_usersupplied_info **user_info,
if (lm_pwd_len)
ntlmssp_flags |= NTLMSSP_NEGOTIATE_OEM;
- if (nt_pwd_len)
+ if (nt_pwd_len == 24) {
ntlmssp_flags |= NTLMSSP_NEGOTIATE_NTLM;
-
+ } else if (nt_pwd_len != 0) {
+ ntlmssp_flags |= NTLMSSP_NEGOTIATE_NTLM2;
+ }
+
ret = make_user_info_map(user_info,
smb_name, client_domain,
wksta_name, sec_blob,
@@ -303,15 +306,15 @@ BOOL make_user_info_netlogon_network(auth_usersupplied_info **user_info,
****************************************************************************/
BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info,
- char *smb_name,
- char *client_domain,
- char *wksta_name,
- uchar *lm_interactive_pwd, int lm_pwd_len,
- uchar *nt_interactive_pwd, int nt_pwd_len,
- uchar *dc_sess_key)
+ char *smb_name,
+ char *client_domain,
+ char *wksta_name,
+ uchar lm_interactive_pwd[16],
+ uchar nt_interactive_pwd[16],
+ uchar *dc_sess_key)
{
- char nt_pwd[16];
char lm_pwd[16];
+ char nt_pwd[16];
unsigned char local_lm_response[24];
unsigned char local_nt_response[24];
unsigned char key[16];
@@ -320,32 +323,32 @@ BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info,
generate_random_buffer(chal, 8, False);
- memset(key, 0, 16);
+ ZERO_STRUCT(key);
memcpy(key, dc_sess_key, 8);
- memcpy(lm_pwd, lm_interactive_pwd, 16);
- memcpy(nt_pwd, nt_interactive_pwd, 16);
+ if (lm_interactive_pwd) memcpy(lm_pwd, lm_interactive_pwd, sizeof(lm_pwd));
+ if (nt_interactive_pwd) memcpy(nt_pwd, nt_interactive_pwd, sizeof(nt_pwd));
#ifdef DEBUG_PASSWORD
DEBUG(100,("key:"));
- dump_data(100, (char *)key, 16);
+ dump_data(100, (char *)key, sizeof(key));
DEBUG(100,("lm owf password:"));
- dump_data(100, lm_pwd, 16);
+ dump_data(100, lm_pwd, sizeof(lm_pwd));
DEBUG(100,("nt owf password:"));
- dump_data(100, nt_pwd, 16);
+ dump_data(100, nt_pwd, sizeof(nt_pwd));
#endif
- SamOEMhash((uchar *)lm_pwd, key, 16);
- SamOEMhash((uchar *)nt_pwd, key, 16);
+ SamOEMhash((uchar *)lm_pwd, key, sizeof(lm_pwd));
+ SamOEMhash((uchar *)nt_pwd, key, sizeof(nt_pwd));
#ifdef DEBUG_PASSWORD
DEBUG(100,("decrypt of lm owf password:"));
- dump_data(100, lm_pwd, 16);
+ dump_data(100, lm_pwd, sizeof(lm_pwd));
DEBUG(100,("decrypt of nt owf password:"));
- dump_data(100, nt_pwd, 16);
+ dump_data(100, nt_pwd, sizeof(nt_pwd));
#endif
generate_random_buffer(chal, 8, False);
@@ -364,7 +367,11 @@ BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info,
DATA_BLOB local_nt_blob = data_blob(local_nt_response, sizeof(local_nt_response));
DATA_BLOB plaintext_blob = data_blob(NULL, 0);
- ntlmssp_flags = NTLMSSP_NEGOTIATE_OEM | NTLMSSP_NEGOTIATE_NTLM;
+ if (lm_interactive_pwd)
+ ntlmssp_flags |= NTLMSSP_NEGOTIATE_OEM;
+ if (nt_interactive_pwd)
+ ntlmssp_flags |= NTLMSSP_NEGOTIATE_NTLM;
+
ret = make_user_info_map(user_info,
smb_name, client_domain,
wksta_name, sec_blob,
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 8a1fecba3f..54238e90e7 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -180,7 +180,7 @@ int reply_tcon(connection_struct *conn,
conn = make_connection(service,password_blob,dev,vuid,&nt_status);
- data_blob_clear_free(&password);
+ data_blob_clear_free(&password_blob);
if (!conn) {
END_PROFILE(SMBtcon);
@@ -260,7 +260,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt
conn = make_connection(service,password,devicename,vuid,&nt_status);
data_blob_clear_free(&password);
-
+
if (!conn) {
END_PROFILE(SMBtconX);
return ERROR_NT(nt_status);
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 7361db0205..85ffadea08 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -646,7 +646,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
data_blob_free(&lm_resp);
data_blob_free(&nt_resp);
- data_blob_free(&plaintext_password);
+ data_blob_clear_free(&plaintext_password);
guest = True;
map_username(user);
@@ -667,7 +667,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
data_blob_free(&lm_resp);
data_blob_free(&nt_resp);
- data_blob_free(&plaintext_password);
+ data_blob_clear_free(&plaintext_password);
END_PROFILE(SMBsesssetupX);
return ERROR_DOS(ERRDOS,ERRnoaccess);
@@ -689,7 +689,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
data_blob_free(&lm_resp);
data_blob_free(&nt_resp);
- data_blob_free(&plaintext_password);
+ data_blob_clear_free(&plaintext_password);
if (!NT_STATUS_IS_OK(nt_status)) {
if NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) {