From f62d9f5b5774c6066229ce029bc7c96f8478a3b1 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Thu, 25 Jun 2009 12:00:20 +0200
Subject: s3-netlogon: fix validation level 2 support in netr_SamLogon and
 friends.

Guenther
---
 source3/rpc_server/srv_netlog_nt.c | 38 +++++++++++++++++++++++++++-----------
 1 file changed, 27 insertions(+), 11 deletions(-)

(limited to 'source3/rpc_server/srv_netlog_nt.c')

diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 906de04147..c74d2acc4a 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -851,7 +851,6 @@ NTSTATUS _netr_LogonSamLogon(pipes_struct *p,
 			     struct netr_LogonSamLogon *r)
 {
 	NTSTATUS status = NT_STATUS_OK;
-	struct netr_SamInfo3 *sam3 = NULL;
 	union netr_LogonLevel *logon = r->in.logon;
 	fstring nt_username, nt_domain, nt_workstation;
 	auth_usersupplied_info *user_info = NULL;
@@ -883,20 +882,26 @@ NTSTATUS _netr_LogonSamLogon(pipes_struct *p,
 	}
 
 	*r->out.authoritative = true; /* authoritative response */
-	if (r->in.validation_level != 2 && r->in.validation_level != 3) {
+
+	switch (r->in.validation_level) {
+	case 2:
+		r->out.validation->sam2 = TALLOC_ZERO_P(p->mem_ctx, struct netr_SamInfo2);
+		if (!r->out.validation->sam2) {
+			return NT_STATUS_NO_MEMORY;
+		}
+		break;
+	case 3:
+		r->out.validation->sam3 = TALLOC_ZERO_P(p->mem_ctx, struct netr_SamInfo3);
+		if (!r->out.validation->sam3) {
+			return NT_STATUS_NO_MEMORY;
+		}
+		break;
+	default:
 		DEBUG(0,("%s: bad validation_level value %d.\n",
 			fn, (int)r->in.validation_level));
 		return NT_STATUS_INVALID_INFO_CLASS;
 	}
 
-	sam3 = TALLOC_ZERO_P(p->mem_ctx, struct netr_SamInfo3);
-	if (!sam3) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
- 	/* store the user information, if there is any. */
-	r->out.validation->sam3 = sam3;
-
 	if (process_creds) {
 
 		/* Get the remote machine name for the creds store. */
@@ -1082,8 +1087,19 @@ NTSTATUS _netr_LogonSamLogon(pipes_struct *p,
 		memcpy(pipe_session_key, p->auth.a_u.schannel_auth->sess_key, 16);
 	}
 
-	status = serverinfo_to_SamInfo3(server_info, pipe_session_key, 16, sam3);
+	switch (r->in.validation_level) {
+	case 2:
+		status = serverinfo_to_SamInfo2(server_info, pipe_session_key, 16,
+						r->out.validation->sam2);
+		break;
+	case 3:
+		status = serverinfo_to_SamInfo3(server_info, pipe_session_key, 16,
+						r->out.validation->sam3);
+		break;
+	}
+
 	TALLOC_FREE(server_info);
+
 	return status;
 }
 
-- 
cgit