summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/rpc_netlogon.h51
-rw-r--r--source3/rpc_parse/parse_net.c14
-rw-r--r--source3/rpc_server/srv_netlog.c8
-rw-r--r--source3/rpc_server/srv_netlog_nt.c14
-rw-r--r--source3/rpc_server/srv_samr_nt.c5
5 files changed, 77 insertions, 15 deletions
diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h
index 91f85601e3..63ab804acb 100644
--- a/source3/include/rpc_netlogon.h
+++ b/source3/include/rpc_netlogon.h
@@ -169,6 +169,57 @@ typedef struct net_user_info_2 {
} NET_USER_INFO_2;
#endif
+/* NET_USER_INFO_2 */
+typedef struct net_user_info_2 {
+ uint32 ptr_user_info;
+
+ NTTIME logon_time; /* logon time */
+ NTTIME logoff_time; /* logoff time */
+ NTTIME kickoff_time; /* kickoff time */
+ NTTIME pass_last_set_time; /* password last set time */
+ NTTIME pass_can_change_time; /* password can change time */
+ NTTIME pass_must_change_time; /* password must change time */
+
+ UNIHDR hdr_user_name; /* username unicode string header */
+ UNIHDR hdr_full_name; /* user's full name unicode string header */
+ UNIHDR hdr_logon_script; /* logon script unicode string header */
+ UNIHDR hdr_profile_path; /* profile path unicode string header */
+ UNIHDR hdr_home_dir; /* home directory unicode string header */
+ UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
+
+ uint16 logon_count; /* logon count */
+ uint16 bad_pw_count; /* bad password count */
+
+ uint32 user_rid; /* User RID */
+ uint32 group_rid; /* Group RID */
+
+ uint32 num_groups; /* num groups */
+ uint32 buffer_groups; /* undocumented buffer pointer to groups. */
+ uint32 user_flgs; /* user flags */
+
+ uint8 user_sess_key[16]; /* user session key */
+
+ UNIHDR hdr_logon_srv; /* logon server unicode string header */
+ UNIHDR hdr_logon_dom; /* logon domain unicode string header */
+
+ uint32 buffer_dom_id; /* undocumented logon domain id pointer */
+ uint8 lm_sess_key[8]; /* lm session key */
+ uint32 acct_flags; /* account flags */
+ uint32 unknown[7]; /* unknown */
+
+ UNISTR2 uni_user_name; /* username unicode string */
+ UNISTR2 uni_full_name; /* user's full name unicode string */
+ UNISTR2 uni_logon_script; /* logon script unicode string */
+ UNISTR2 uni_profile_path; /* profile path unicode string */
+ UNISTR2 uni_home_dir; /* home directory unicode string */
+ UNISTR2 uni_dir_drive; /* home directory drive unicode string */
+
+ UNISTR2 uni_logon_srv; /* logon server unicode string */
+ UNISTR2 uni_logon_dom; /* logon domain unicode string */
+
+ DOM_SID2 dom_sid; /* domain SID */
+} NET_USER_INFO_2;
+
/* NET_USER_INFO_3 */
typedef struct net_user_info_3 {
uint32 ptr_user_info;
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index e7b1cdc767..fd2bc3cf38 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -1295,7 +1295,7 @@ static BOOL net_io_id_info_ctr(const char *desc, NET_ID_INFO_CTR **pp_ctr, prs_s
{
NET_ID_INFO_CTR *ctr = *pp_ctr;
- prs_debug(ps, depth, desc, "smb_io_sam_info");
+ prs_debug(ps, depth, desc, "smb_io_sam_info_ctr");
depth++;
if (UNMARSHALLING(ps)) {
@@ -1323,7 +1323,7 @@ static BOOL net_io_id_info_ctr(const char *desc, NET_ID_INFO_CTR **pp_ctr, prs_s
break;
default:
/* PANIC! */
- DEBUG(4,("smb_io_sam_info: unknown switch_value!\n"));
+ DEBUG(4,("smb_io_sam_info_ctr: unknown switch_value!\n"));
break;
}
@@ -1350,8 +1350,10 @@ static BOOL smb_io_sam_info(const char *desc, DOM_SAM_INFO *sam, prs_struct *ps,
if(!prs_uint32("ptr_rtn_cred ", ps, depth, &sam->ptr_rtn_cred))
return False;
- if(!smb_io_cred("", &sam->rtn_cred, ps, depth))
- return False;
+ if (sam->ptr_rtn_cred) {
+ if(!smb_io_cred("", &sam->rtn_cred, ps, depth))
+ return False;
+ }
if(!prs_uint16("logon_level ", ps, depth, &sam->logon_level))
return False;
@@ -1700,7 +1702,7 @@ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
if(!smb_io_dom_sid2("", &usr->dom_sid, ps, depth)) /* domain SID */
return False;
- if (usr->buffer_other_sids) {
+ if (validation_level == 3 && usr->buffer_other_sids) {
uint32 num_other_sids = usr->num_other_sids;
@@ -1776,7 +1778,7 @@ BOOL net_io_q_sam_logon(const char *desc, NET_Q_SAM_LOGON *q_l, prs_struct *ps,
if(!prs_align_uint16(ps))
return False;
-
+
if(!prs_uint16("validation_level", ps, depth, &q_l->validation_level))
return False;
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index a45a7eebf6..567028eec4 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -197,10 +197,10 @@ static BOOL api_net_sam_logon(pipes_struct *p)
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- if(!net_io_q_sam_logon("", &q_u, data, 0)) {
- DEBUG(0, ("api_net_sam_logon: Failed to unmarshall NET_Q_SAM_LOGON.\n"));
- return False;
- }
+ if(!net_io_q_sam_logon("", &q_u, data, 0)) {
+ DEBUG(0, ("api_net_sam_logon: Failed to unmarshall NET_Q_SAM_LOGON.\n"));
+ return False;
+ }
r_u.status = _net_sam_logon(p, &q_u, &r_u);
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index fd78f954cc..d6ec31a985 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -473,7 +473,7 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
DEBUG(2,("_net_srv_pwset: creds_server_step failed. Rejecting auth "
"request from client %s machine account %s\n",
p->dc->remote_machine, p->dc->mach_acct ));
- return NT_STATUS_ACCESS_DENIED;
+ return NT_STATUS_INVALID_PARAMETER;
}
DEBUG(5,("_net_srv_pwset: %d\n", __LINE__));
@@ -573,7 +573,7 @@ NTSTATUS _net_sam_logoff(pipes_struct *p, NET_Q_SAM_LOGOFF *q_u, NET_R_SAM_LOGOF
DEBUG(2,("_net_sam_logoff: creds_server_step failed. Rejecting auth "
"request from client %s machine account %s\n",
p->dc->remote_machine, p->dc->mach_acct ));
- return NT_STATUS_ACCESS_DENIED;
+ return NT_STATUS_INVALID_PARAMETER;
}
r_u->status = NT_STATUS_OK;
@@ -636,9 +636,13 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
/* store the user information, if there is any. */
r_u->user = usr_info;
- r_u->switch_value = 0; /* indicates no info */
r_u->auth_resp = 1; /* authoritative response */
- r_u->switch_value = 3; /* indicates type of validation user info */
+ if (q_u->validation_level != 2 && q_u->validation_level != 3) {
+ DEBUG(0,("_net_sam_logon: bad validation_level value %d.\n", (int)q_u->validation_level ));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+ /* We handle the return of USER_INFO_2 instead of 3 in the parse return. Sucks, I know... */
+ r_u->switch_value = q_u->validation_level; /* indicates type of validation user info */
r_u->buffer_creds = 1; /* Ensure we always return server creds. */
if (!get_valid_user_struct(p->vuid))
@@ -662,7 +666,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
DEBUG(2,("_net_sam_logon: creds_server_step failed. Rejecting auth "
"request from client %s machine account %s\n",
p->dc->remote_machine, p->dc->mach_acct ));
- return NT_STATUS_ACCESS_DENIED;
+ return NT_STATUS_INVALID_PARAMETER;
}
/* find the username */
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 52f922b924..bf0e2ba070 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2537,6 +2537,11 @@ NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CO
was observed from a win98 client trying to enumerate users (when configured
user level access control on shares) --jerry */
+ if (des_access == MAXIMUM_ALLOWED_ACCESS) {
+ /* Map to max possible knowing we're filtered below. */
+ des_access = GENERIC_ALL_ACCESS;
+ }
+
se_map_generic( &des_access, &sam_generic_mapping );
info->acc_granted = des_access & (SA_RIGHT_SAM_ENUM_DOMAINS|SA_RIGHT_SAM_OPEN_DOMAIN);