From fcfc94a66ac66af1f12cb5924df31e936bca3dc9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 23 Jan 2005 14:10:57 +0000 Subject: r4946: Our notion the other_sids in the info3 SamLogon struct was ...hmmm... completely bogus. This does not affect us as a domain controller, as we never set other_sids, but I have *no* idea how winbind got away with it. Please review thoroughly, samba4 idl looks closer to reality here. Test case: Member of w2k3 domain, authenticate as a user who is member of one or more domain local groups. Easiest review with 'client schannel = no'. Thanks, Volker (This used to be commit a0a6388830d9457de3e42686c64bddeba42954f8) --- source3/include/rpc_netlogon.h | 3 +-- source3/rpc_parse/parse_net.c | 45 +++++++++++++++++++++++++++++++----------- 2 files changed, 34 insertions(+), 14 deletions(-) diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h index b865d05b34..3ba1ce6465 100644 --- a/source3/include/rpc_netlogon.h +++ b/source3/include/rpc_netlogon.h @@ -190,9 +190,8 @@ typedef struct net_user_info_3 DOM_SID2 dom_sid; /* domain SID */ - uint32 num_other_groups; /* other groups */ - DOM_GID *other_gids; /* group info */ DOM_SID2 *other_sids; /* foreign/trusted domain SIDs */ + uint32 *other_sids_attrib; } NET_USER_INFO_3; diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c index 5f1d4b622e..b26083b89e 100644 --- a/source3/rpc_parse/parse_net.c +++ b/source3/rpc_parse/parse_net.c @@ -1646,31 +1646,52 @@ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, if(!smb_io_dom_sid2("", &usr->dom_sid, ps, depth)) /* domain SID */ return False; - if (usr->num_other_sids) { + if (usr->buffer_other_sids) { + + uint32 num_other_sids = usr->num_other_sids; + + if (!prs_uint32("num_other_sids", ps, depth, + &num_other_sids)) + return False; + + if (num_other_sids != usr->num_other_sids) + return False; if (UNMARSHALLING(ps)) { usr->other_sids = PRS_ALLOC_MEM(ps, DOM_SID2, usr->num_other_sids); - if (usr->other_sids == NULL) + usr->other_sids_attrib = + PRS_ALLOC_MEM(ps, uint32, usr->num_other_sids); + + if ((num_other_sids != 0) && + ((usr->other_sids == NULL) || + (usr->other_sids_attrib == NULL))) return False; } - - if(!prs_uint32("num_other_groups", ps, depth, &usr->num_other_groups)) - return False; - if (UNMARSHALLING(ps) && usr->num_other_groups > 0) { - usr->other_gids = PRS_ALLOC_MEM(ps, DOM_GID, usr->num_other_groups); - if (usr->other_gids == NULL) + /* First the pointers to the SIDS and attributes */ + + depth++; + + for (i=0; inum_other_sids; i++) { + uint32 ptr = 1; + + if (!prs_uint32("sid_ptr", ps, depth, &ptr)) return False; - } - - for (i = 0; i < usr->num_other_groups; i++) { - if(!smb_io_gid("", &usr->other_gids[i], ps, depth)) /* other GIDs */ + + if (UNMARSHALLING(ps) && (ptr == 0)) + return False; + + if (!prs_uint32("attribute", ps, depth, + &usr->other_sids_attrib[i])) return False; } + for (i = 0; i < usr->num_other_sids; i++) { if(!smb_io_dom_sid2("", &usr->other_sids[i], ps, depth)) /* other domain SIDs */ return False; } + + depth--; } return True; -- cgit