diff options
Diffstat (limited to 'source4/rpc_server')
-rw-r--r-- | source4/rpc_server/dcerpc_server.c | 24 | ||||
-rw-r--r-- | source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 15 | ||||
-rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 6 | ||||
-rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.c | 66 |
4 files changed, 64 insertions, 47 deletions
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c index d8dafd61f6..ac36825acd 100644 --- a/source4/rpc_server/dcerpc_server.c +++ b/source4/rpc_server/dcerpc_server.c @@ -270,11 +270,20 @@ NTSTATUS dcesrv_generic_session_key(struct dcesrv_connection *p, /* fetch the user session key - may be default (above) or the SMB session key + + The key is always truncated to 16 bytes */ _PUBLIC_ NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p, DATA_BLOB *session_key) { - return p->auth_state.session_key(p, session_key); + NTSTATUS status = p->auth_state.session_key(p, session_key); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + session_key->length = MIN(session_key->length, 16); + + return NT_STATUS_OK; } @@ -534,7 +543,18 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call) uint32_t context_id; const struct dcesrv_interface *iface; - if (call->pkt.u.bind.assoc_group_id != 0) { + /* + * Association groups allow policy handles to be shared across + * multiple client connections. We don't implement this yet. + * + * So we just allow 0 if the client wants to create a new + * association group. + * + * And we allow the 0x12345678 value, we give away as + * assoc_group_id back to the clients + */ + if (call->pkt.u.bind.assoc_group_id != 0 && + call->pkt.u.bind.assoc_group_id != 0x12345678) { return dcesrv_bind_nak(call, 0); } diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c index e0a222e767..bbb78cb778 100644 --- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c +++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c @@ -45,7 +45,7 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C struct ldb_result *ntds_res; struct ldb_dn *ntds_dn; static const char *ntds_attrs[] = { "ms-DS-ReplicationEpoch", NULL }; - uint32_t u1; + uint32_t pid; uint32_t repl_epoch; int ret; @@ -98,9 +98,12 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C repl_epoch = samdb_result_uint(ntds_res->msgs[0], "ms-DS-ReplicationEpoch", 0); /* - * TODO: find out what this is... + * The "process identifier" of the client. + * According to the WSPP docs, sectin 5.35, this is + * for informational and debugging purposes only. + * The assignment is implementation specific. */ - u1 = 0; + pid = 0; /* * store the clients bind_guid @@ -119,7 +122,7 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C info24 = &r->in.bind_info->info.info24; b_state->remote_info28.supported_extensions = info24->supported_extensions; b_state->remote_info28.site_guid = info24->site_guid; - b_state->remote_info28.u1 = info24->u1; + b_state->remote_info28.pid = info24->pid; b_state->remote_info28.repl_epoch = 0; break; } @@ -171,8 +174,8 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS; #endif b_state->local_info28.site_guid = site_guid; - b_state->local_info28.u1 = u1; - b_state->local_info28.repl_epoch = repl_epoch; + b_state->local_info28.pid = pid; + b_state->local_info28.repl_epoch = repl_epoch; /* * allocate the return bind_info diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index eb60f426d8..f02e2325a0 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -1130,9 +1130,6 @@ static NTSTATUS dcesrv_lsa_EnumTrustDom(struct dcesrv_call_state *dce_call, TALL if (count == -1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } - if (count == 0 || r->in.max_size == 0) { - return NT_STATUS_OK; - } /* convert to lsa_TrustInformation format */ entries = talloc_array(mem_ctx, struct lsa_DomainInfo, count); @@ -1218,9 +1215,6 @@ static NTSTATUS dcesrv_lsa_EnumTrustedDomainsEx(struct dcesrv_call_state *dce_ca if (count == -1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } - if (count == 0 || r->in.max_size == 0) { - return NT_STATUS_OK; - } /* convert to lsa_DomainInformation format */ entries = talloc_array(mem_ctx, struct lsa_TrustDomainInfoInfoEx, count); diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index 8ee77a6a30..e54d518f76 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -521,10 +521,10 @@ static NTSTATUS dcesrv_samr_info_DomInfo1(struct samr_domain_state *state, /* return DomInfo2 */ -static NTSTATUS dcesrv_samr_info_DomInfo2(struct samr_domain_state *state, - TALLOC_CTX *mem_ctx, - struct ldb_message **dom_msgs, - struct samr_DomInfo2 *info) +static NTSTATUS dcesrv_samr_info_DomGeneralInformation(struct samr_domain_state *state, + TALLOC_CTX *mem_ctx, + struct ldb_message **dom_msgs, + struct samr_DomGeneralInformation *info) { /* This pulls the NetBIOS name from the cn=NTDS Settings,cn=<NETBIOS name of PDC>,.... @@ -538,7 +538,7 @@ static NTSTATUS dcesrv_samr_info_DomInfo2(struct samr_domain_state *state, info->force_logoff_time = ldb_msg_find_attr_as_uint64(dom_msgs[0], "forceLogoff", 0x8000000000000000LL); - info->comment.string = samdb_result_string(dom_msgs[0], "comment", NULL); + info->oem_information.string = samdb_result_string(dom_msgs[0], "oEMInformation", NULL); info->domain_name.string = state->domain_name; info->sequence_num = ldb_msg_find_attr_as_uint64(dom_msgs[0], "modifiedCount", @@ -592,12 +592,12 @@ static NTSTATUS dcesrv_samr_info_DomInfo3(struct samr_domain_state *state, /* return DomInfo4 */ -static NTSTATUS dcesrv_samr_info_DomInfo4(struct samr_domain_state *state, +static NTSTATUS dcesrv_samr_info_DomOEMInformation(struct samr_domain_state *state, TALLOC_CTX *mem_ctx, struct ldb_message **dom_msgs, - struct samr_DomInfo4 *info) + struct samr_DomOEMInformation *info) { - info->comment.string = samdb_result_string(dom_msgs[0], "comment", NULL); + info->oem_information.string = samdb_result_string(dom_msgs[0], "oEMInformation", NULL); return NT_STATUS_OK; } @@ -700,13 +700,13 @@ static NTSTATUS dcesrv_samr_info_DomInfo9(struct samr_domain_state *state, /* return DomInfo11 */ -static NTSTATUS dcesrv_samr_info_DomInfo11(struct samr_domain_state *state, +static NTSTATUS dcesrv_samr_info_DomGeneralInformation2(struct samr_domain_state *state, TALLOC_CTX *mem_ctx, struct ldb_message **dom_msgs, - struct samr_DomInfo11 *info) + struct samr_DomGeneralInformation2 *info) { NTSTATUS status; - status = dcesrv_samr_info_DomInfo2(state, mem_ctx, dom_msgs, &info->info2); + status = dcesrv_samr_info_DomGeneralInformation(state, mem_ctx, dom_msgs, &info->general); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -792,7 +792,7 @@ static NTSTATUS dcesrv_samr_QueryDomainInfo(struct dcesrv_call_state *dce_call, case 2: { static const char * const attrs2[] = {"forceLogoff", - "comment", + "oEMInformation", "modifiedCount", "fSMORoleOwner", NULL}; @@ -808,7 +808,7 @@ static NTSTATUS dcesrv_samr_QueryDomainInfo(struct dcesrv_call_state *dce_call, } case 4: { - static const char * const attrs2[] = {"comment", + static const char * const attrs2[] = {"oEMInformation", NULL}; attrs = attrs2; break; @@ -843,7 +843,7 @@ static NTSTATUS dcesrv_samr_QueryDomainInfo(struct dcesrv_call_state *dce_call, break; case 11: { - static const char * const attrs2[] = { "comment", "forceLogoff", + static const char * const attrs2[] = { "oEMInformation", "forceLogoff", "modifiedCount", "lockoutDuration", "lockOutObservationWindow", @@ -886,42 +886,42 @@ static NTSTATUS dcesrv_samr_QueryDomainInfo(struct dcesrv_call_state *dce_call, switch (r->in.level) { case 1: return dcesrv_samr_info_DomInfo1(d_state, mem_ctx, dom_msgs, - &r->out.info->info1); + &r->out.info->info1); case 2: - return dcesrv_samr_info_DomInfo2(d_state, mem_ctx, dom_msgs, - &r->out.info->info2); + return dcesrv_samr_info_DomGeneralInformation(d_state, mem_ctx, dom_msgs, + &r->out.info->general); case 3: return dcesrv_samr_info_DomInfo3(d_state, mem_ctx, dom_msgs, - &r->out.info->info3); + &r->out.info->info3); case 4: - return dcesrv_samr_info_DomInfo4(d_state, mem_ctx, dom_msgs, - &r->out.info->info4); + return dcesrv_samr_info_DomOEMInformation(d_state, mem_ctx, dom_msgs, + &r->out.info->oem); case 5: return dcesrv_samr_info_DomInfo5(d_state, mem_ctx, dom_msgs, - &r->out.info->info5); + &r->out.info->info5); case 6: return dcesrv_samr_info_DomInfo6(d_state, mem_ctx, dom_msgs, - &r->out.info->info6); + &r->out.info->info6); case 7: return dcesrv_samr_info_DomInfo7(d_state, mem_ctx, dom_msgs, - &r->out.info->info7); + &r->out.info->info7); case 8: return dcesrv_samr_info_DomInfo8(d_state, mem_ctx, dom_msgs, - &r->out.info->info8); + &r->out.info->info8); case 9: return dcesrv_samr_info_DomInfo9(d_state, mem_ctx, dom_msgs, - &r->out.info->info9); + &r->out.info->info9); case 11: - return dcesrv_samr_info_DomInfo11(d_state, mem_ctx, dom_msgs, - &r->out.info->info11); + return dcesrv_samr_info_DomGeneralInformation2(d_state, mem_ctx, dom_msgs, + &r->out.info->general2); case 12: return dcesrv_samr_info_DomInfo12(d_state, mem_ctx, dom_msgs, - &r->out.info->info12); + &r->out.info->info12); case 13: return dcesrv_samr_info_DomInfo13(d_state, mem_ctx, dom_msgs, - &r->out.info->info13); + &r->out.info->info13); } - + return NT_STATUS_INVALID_INFO_CLASS; } @@ -962,10 +962,10 @@ static NTSTATUS dcesrv_samr_SetDomainInfo(struct dcesrv_call_state *dce_call, TA SET_INT64 (msg, info1.min_password_age, "minPwdAge"); break; case 3: - SET_UINT64 (msg, info3.force_logoff_time, "forceLogoff"); + SET_UINT64 (msg, info3.force_logoff_time, "forceLogoff"); break; case 4: - SET_STRING(msg, info4.comment, "comment"); + SET_STRING(msg, oem.oem_information, "oEMInformation"); break; case 6: @@ -2997,7 +2997,7 @@ static NTSTATUS dcesrv_samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TA case 1: { static const char * const attrs2[] = {"sAMAccountName", "displayName", - "primaryGroupID", "description", + "primaryroupID", "description", "comment", NULL}; attrs = attrs2; break; |