summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/smb.h4
-rw-r--r--source3/libsmb/credentials.c11
-rw-r--r--source3/lsaparse.c116
-rw-r--r--source3/pipenetlog.c30
4 files changed, 90 insertions, 71 deletions
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 80b2f28f4a..11ec6940a6 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -741,7 +741,7 @@ typedef struct lsa_r_srv_pwset_info
/* LSA_USER_INFO */
typedef struct lsa_q_user_info
{
- uint32 undoc_buffer;
+ uint32 ptr_user_info;
NTTIME logon_time; /* logon time */
NTTIME logoff_time; /* logoff time */
@@ -809,7 +809,7 @@ typedef struct lsa_r_sam_logon_info
uint32 buffer_creds; /* undocumented buffer pointer */
DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
- uint32 buffer_user;
+ uint16 switch_value; /* 3 - indicates type of USER INFO */
LSA_USER_INFO *user;
uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
diff --git a/source3/libsmb/credentials.c b/source3/libsmb/credentials.c
index d56598e98a..8881704a7a 100644
--- a/source3/libsmb/credentials.c
+++ b/source3/libsmb/credentials.c
@@ -130,6 +130,15 @@ int cred_assert(DOM_CHAL *cred, uint32 session_key[2], DOM_CHAL *stored_cred,
DEBUG(5,(" challenge : %lx %lx\n", cred->data[0], cred->data[1]));
DEBUG(5,(" calculated: %lx %lx\n", cred2.data[0], cred2.data[1]));
- return memcmp(cred->data, cred2.data, 8) == 0;
+ if (memcmp(cred->data, cred2.data, 8) == 0)
+ {
+ DEBUG(5, ("credentials check ok\n"));
+ return True;
+ }
+ else
+ {
+ DEBUG(5, ("credentials check wrong\n"));
+ return False;
+ }
}
diff --git a/source3/lsaparse.c b/source3/lsaparse.c
index aed110f1b4..ae3d06faac 100644
--- a/source3/lsaparse.c
+++ b/source3/lsaparse.c
@@ -368,63 +368,66 @@ char* lsa_io_user_info(BOOL io, LSA_USER_INFO *usr, char *q, char *base, int ali
q = align_offset(q, base, align);
- DBG_RW_IVAL("undoc_buffer ", depth, base, io, q, usr->undoc_buffer); q += 4;
+ DBG_RW_IVAL("ptr_user_info ", depth, base, io, q, usr->ptr_user_info); q += 4;
- q = smb_io_time(io, &(usr->logon_time) , q, base, align, depth); /* logon time */
- q = smb_io_time(io, &(usr->logoff_time) , q, base, align, depth); /* logoff time */
- q = smb_io_time(io, &(usr->kickoff_time) , q, base, align, depth); /* kickoff time */
- q = smb_io_time(io, &(usr->pass_last_set_time) , q, base, align, depth); /* password last set time */
- q = smb_io_time(io, &(usr->pass_can_change_time) , q, base, align, depth); /* password can change time */
- q = smb_io_time(io, &(usr->pass_must_change_time), q, base, align, depth); /* password must change time */
-
- q = smb_io_unihdr(io, &(usr->hdr_user_name) , q, base, align, depth); /* username unicode string header */
- q = smb_io_unihdr(io, &(usr->hdr_full_name) , q, base, align, depth); /* user's full name unicode string header */
- q = smb_io_unihdr(io, &(usr->hdr_logon_script), q, base, align, depth); /* logon script unicode string header */
- q = smb_io_unihdr(io, &(usr->hdr_profile_path), q, base, align, depth); /* profile path unicode string header */
- q = smb_io_unihdr(io, &(usr->hdr_home_dir) , q, base, align, depth); /* home directory unicode string header */
- q = smb_io_unihdr(io, &(usr->hdr_dir_drive) , q, base, align, depth); /* home directory drive unicode string header */
-
- DBG_RW_SVAL("logon_count. ", depth, base, io, q, usr->logon_count ); q += 2; /* logon count */
- DBG_RW_SVAL("bad_pw_count ", depth, base, io, q, usr->bad_pw_count); q += 2; /* bad password count */
-
- DBG_RW_IVAL("user_id ", depth, base, io, q, usr->user_id ); q += 4; /* User ID */
- DBG_RW_IVAL("group_id ", depth, base, io, q, usr->group_id ); q += 4; /* Group ID */
- DBG_RW_IVAL("num_groups ", depth, base, io, q, usr->num_groups ); q += 4; /* num groups */
- DBG_RW_IVAL("buffer_groups ", depth, base, io, q, usr->buffer_groups); q += 4; /* undocumented buffer pointer to groups. */
- DBG_RW_IVAL("user_flgs ", depth, base, io, q, usr->user_flgs ); q += 4; /* user flags */
-
- DBG_RW_PCVAL("sess_key ", depth, base, io, q, usr->sess_key, 16); q += 16; /* unused user session key */
-
- q = smb_io_unihdr(io, &(usr->hdr_logon_srv), q, base, align, depth); /* logon server unicode string header */
- q = smb_io_unihdr(io, &(usr->hdr_logon_dom), q, base, align, depth); /* logon domain unicode string header */
-
- DBG_RW_IVAL("buffer_dom_id ", depth, base, io, q, usr->buffer_dom_id); q += 4; /* undocumented logon domain id pointer */
- DBG_RW_PCVAL("padding ", depth, base, io, q, usr->padding, 40); q += 40; /* unused padding bytes? */
-
- DBG_RW_IVAL("num_other_sids", depth, base, io, q, usr->num_other_sids); q += 4; /* 0 - num_sids */
- DBG_RW_IVAL("buffer_other_sids", depth, base, io, q, usr->buffer_other_sids); q += 4; /* NULL - undocumented pointer to SIDs. */
-
- q = smb_io_unistr2(io, &(usr->uni_user_name) , q, base, align, depth); /* username unicode string */
- q = smb_io_unistr2(io, &(usr->uni_full_name) , q, base, align, depth); /* user's full name unicode string */
- q = smb_io_unistr2(io, &(usr->uni_logon_script), q, base, align, depth); /* logon script unicode string */
- q = smb_io_unistr2(io, &(usr->uni_profile_path), q, base, align, depth); /* profile path unicode string */
- q = smb_io_unistr2(io, &(usr->uni_home_dir) , q, base, align, depth); /* home directory unicode string */
- q = smb_io_unistr2(io, &(usr->uni_dir_drive) , q, base, align, depth); /* home directory drive unicode string */
-
- DBG_RW_IVAL("num_groups2 ", depth, base, io, q, usr->num_groups2); q += 4; /* num groups */
- for (i = 0; i < usr->num_groups2; i++)
+ if (usr->ptr_user_info != 0)
{
- q = smb_io_gid(io, &(usr->gids[i]), q, base, align, depth); /* group info */
- }
+ q = smb_io_time(io, &(usr->logon_time) , q, base, align, depth); /* logon time */
+ q = smb_io_time(io, &(usr->logoff_time) , q, base, align, depth); /* logoff time */
+ q = smb_io_time(io, &(usr->kickoff_time) , q, base, align, depth); /* kickoff time */
+ q = smb_io_time(io, &(usr->pass_last_set_time) , q, base, align, depth); /* password last set time */
+ q = smb_io_time(io, &(usr->pass_can_change_time) , q, base, align, depth); /* password can change time */
+ q = smb_io_time(io, &(usr->pass_must_change_time), q, base, align, depth); /* password must change time */
+
+ q = smb_io_unihdr(io, &(usr->hdr_user_name) , q, base, align, depth); /* username unicode string header */
+ q = smb_io_unihdr(io, &(usr->hdr_full_name) , q, base, align, depth); /* user's full name unicode string header */
+ q = smb_io_unihdr(io, &(usr->hdr_logon_script), q, base, align, depth); /* logon script unicode string header */
+ q = smb_io_unihdr(io, &(usr->hdr_profile_path), q, base, align, depth); /* profile path unicode string header */
+ q = smb_io_unihdr(io, &(usr->hdr_home_dir) , q, base, align, depth); /* home directory unicode string header */
+ q = smb_io_unihdr(io, &(usr->hdr_dir_drive) , q, base, align, depth); /* home directory drive unicode string header */
+
+ DBG_RW_SVAL("logon_count ", depth, base, io, q, usr->logon_count ); q += 2; /* logon count */
+ DBG_RW_SVAL("bad_pw_count ", depth, base, io, q, usr->bad_pw_count); q += 2; /* bad password count */
+
+ DBG_RW_IVAL("user_id ", depth, base, io, q, usr->user_id ); q += 4; /* User ID */
+ DBG_RW_IVAL("group_id ", depth, base, io, q, usr->group_id ); q += 4; /* Group ID */
+ DBG_RW_IVAL("num_groups ", depth, base, io, q, usr->num_groups ); q += 4; /* num groups */
+ DBG_RW_IVAL("buffer_groups ", depth, base, io, q, usr->buffer_groups); q += 4; /* undocumented buffer pointer to groups. */
+ DBG_RW_IVAL("user_flgs ", depth, base, io, q, usr->user_flgs ); q += 4; /* user flags */
+
+ DBG_RW_PCVAL("sess_key ", depth, base, io, q, usr->sess_key, 16); q += 16; /* unused user session key */
+
+ q = smb_io_unihdr(io, &(usr->hdr_logon_srv), q, base, align, depth); /* logon server unicode string header */
+ q = smb_io_unihdr(io, &(usr->hdr_logon_dom), q, base, align, depth); /* logon domain unicode string header */
+
+ DBG_RW_IVAL("buffer_dom_id ", depth, base, io, q, usr->buffer_dom_id); q += 4; /* undocumented logon domain id pointer */
+ DBG_RW_PCVAL("padding ", depth, base, io, q, usr->padding, 40); q += 40; /* unused padding bytes? */
+
+ DBG_RW_IVAL("num_other_sids", depth, base, io, q, usr->num_other_sids); q += 4; /* 0 - num_sids */
+ DBG_RW_IVAL("buffer_other_sids", depth, base, io, q, usr->buffer_other_sids); q += 4; /* NULL - undocumented pointer to SIDs. */
+
+ q = smb_io_unistr2(io, &(usr->uni_user_name) , q, base, align, depth); /* username unicode string */
+ q = smb_io_unistr2(io, &(usr->uni_full_name) , q, base, align, depth); /* user's full name unicode string */
+ q = smb_io_unistr2(io, &(usr->uni_logon_script), q, base, align, depth); /* logon script unicode string */
+ q = smb_io_unistr2(io, &(usr->uni_profile_path), q, base, align, depth); /* profile path unicode string */
+ q = smb_io_unistr2(io, &(usr->uni_home_dir) , q, base, align, depth); /* home directory unicode string */
+ q = smb_io_unistr2(io, &(usr->uni_dir_drive) , q, base, align, depth); /* home directory drive unicode string */
+
+ DBG_RW_IVAL("num_groups2 ", depth, base, io, q, usr->num_groups2); q += 4; /* num groups */
+ for (i = 0; i < usr->num_groups2; i++)
+ {
+ q = smb_io_gid(io, &(usr->gids[i]), q, base, align, depth); /* group info */
+ }
- q = smb_io_unistr2(io, &( usr->uni_logon_srv), q, base, align, depth); /* logon server unicode string */
- q = smb_io_unistr2(io, &( usr->uni_logon_dom), q, base, align, depth); /* logon domain unicode string */
+ q = smb_io_unistr2(io, &( usr->uni_logon_srv), q, base, align, depth); /* logon server unicode string */
+ q = smb_io_unistr2(io, &( usr->uni_logon_dom), q, base, align, depth); /* logon domain unicode string */
- q = smb_io_dom_sid(io, &(usr->dom_sid), q, base, align, depth); /* domain SID */
+ q = smb_io_dom_sid(io, &(usr->dom_sid), q, base, align, depth); /* domain SID */
- for (i = 0; i < usr->num_other_sids; i++)
- {
- q = smb_io_dom_sid(io, &(usr->other_sids[i]), q, base, align, depth); /* other domain SIDs */
+ for (i = 0; i < usr->num_other_sids; i++)
+ {
+ q = smb_io_dom_sid(io, &(usr->other_sids[i]), q, base, align, depth); /* other domain SIDs */
+ }
}
return q;
@@ -462,12 +465,9 @@ char* lsa_io_r_sam_logon(BOOL io, LSA_R_SAM_LOGON *r_l, char *q, char *base, int
DBG_RW_IVAL("buffer_creds", depth, base, io, q, r_l->buffer_creds); q += 4; /* undocumented buffer pointer */
q = smb_io_cred(io, &(r_l->srv_creds), q, base, align, depth); /* server credentials. server time stamp appears to be ignored. */
- DBG_RW_IVAL("buffer_user ", depth, base, io, q, r_l->buffer_user); q += 4;
- if (r_l->buffer_user != 0)
- {
- q = lsa_io_user_info(io, r_l->user, q, base, align, depth);
- }
-
+ DBG_RW_SVAL("switch_value", depth, base, io, q, r_l->switch_value); q += 2; /* 1 - Authoritative response; 0 - Non-Auth? */
+ q = align_offset(q, base, align);
+ q = lsa_io_user_info(io, r_l->user, q, base, align, depth);
DBG_RW_IVAL("auth_resp ", depth, base, io, q, r_l->auth_resp); q += 4; /* 1 - Authoritative response; 0 - Non-Auth? */
DBG_RW_IVAL("status ", depth, base, io, q, r_l->status); q += 4;
diff --git a/source3/pipenetlog.c b/source3/pipenetlog.c
index 14b2063951..f291620796 100644
--- a/source3/pipenetlog.c
+++ b/source3/pipenetlog.c
@@ -164,7 +164,7 @@ static void make_lsa_user_info(LSA_USER_INFO *usr,
int len_logon_srv = strlen(logon_srv);
int len_logon_dom = strlen(logon_dom);
- usr->undoc_buffer = 1; /* yes, we're bothering to put USER_INFO data here */
+ usr->ptr_user_info = 1; /* yes, we're bothering to put USER_INFO data here */
usr->logon_time = *logon_time;
usr->logoff_time = *logoff_time;
@@ -186,7 +186,7 @@ static void make_lsa_user_info(LSA_USER_INFO *usr,
usr->user_id = user_id;
usr->group_id = group_id;
usr->num_groups = num_groups;
- usr->buffer_groups = num_groups ? 1 : 0; /* yes, we're bothering to put group info in */
+ usr->buffer_groups = 1; /* indicates fill in groups, below, even if there are none */
usr->user_flgs = user_flgs;
if (sess_key != NULL)
@@ -240,8 +240,17 @@ static int lsa_reply_sam_logon(LSA_Q_SAM_LOGON *q_s, char *q, char *base,
/* store the user information, if there is any. */
r_s.user = user_info;
- r_s.buffer_user = user_info != NULL ? 1 : 0;
- r_s.status = user_info != NULL ? 0 : (0xC000000|NT_STATUS_NO_SUCH_USER);
+ if (user_info != NULL && user_info->ptr_user_info != 0)
+ {
+ r_s.switch_value = 3; /* indicates type of validation user info */
+ r_s.status = 0;
+ }
+ else
+ {
+ r_s.switch_value = 0; /* don't know what this value is supposed to be */
+ r_s.status = 0xC000000|NT_STATUS_NO_SUCH_USER;
+ }
+
r_s.auth_resp = 1; /* authoritative response */
/* store the response in the SMB stream */
@@ -406,7 +415,7 @@ static BOOL deal_with_credentials(user_struct *vuser,
srv_cred->timestamp.time = 0;
/* check that the client credentials are valid */
- if (cred_assert(&(clnt_cred->challenge), vuser->dc.sess_key,
+ if (!cred_assert(&(clnt_cred->challenge), vuser->dc.sess_key,
&(vuser->dc.clnt_cred), clnt_cred->timestamp))
{
return False;
@@ -478,7 +487,6 @@ static void api_lsa_sam_logon( user_struct *vuser,
{
LSA_Q_SAM_LOGON q_l;
LSA_USER_INFO usr_info;
- LSA_USER_INFO *p_usr_info = NULL;
DOM_CRED srv_creds;
@@ -523,9 +531,7 @@ static void api_lsa_sam_logon( user_struct *vuser,
standard_sub_basic(home_dir);
#endif
- p_usr_info = &usr_info;
-
- make_lsa_user_info(p_usr_info,
+ make_lsa_user_info(&usr_info,
&dummy_time, /* logon_time */
&dummy_time, /* logoff_time */
@@ -558,9 +564,13 @@ static void api_lsa_sam_logon( user_struct *vuser,
dom_sid, /* char *dom_sid */
NULL); /* char *other_sids */
}
+ else
+ {
+ usr_info.ptr_user_info = 0;
+ }
*rdata_len = lsa_reply_sam_logon(&q_l, *rdata + 0x18, *rdata,
- &srv_creds, p_usr_info);
+ &srv_creds, &usr_info);
}