From 44e44310d1871fe94728573fa162a454caba3d12 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 31 Aug 2009 20:21:40 +0200 Subject: s3-netlogon: support validation level 6 in netr_SamLogon calls. Guenther --- source3/rpc_server/srv_netlog_nt.c | 10 ++++++++ source3/rpc_server/srv_pipe_hnd.c | 51 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 61 insertions(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 1982da4f2d..9169c74534 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -910,6 +910,12 @@ static NTSTATUS _netr_LogonSamLogon_base(pipes_struct *p, return NT_STATUS_NO_MEMORY; } break; + case 6: + r->out.validation->sam6 = TALLOC_ZERO_P(p->mem_ctx, struct netr_SamInfo6); + if (!r->out.validation->sam6) { + return NT_STATUS_NO_MEMORY; + } + break; default: DEBUG(0,("%s: bad validation_level value %d.\n", fn, (int)r->in.validation_level)); @@ -1075,6 +1081,10 @@ static NTSTATUS _netr_LogonSamLogon_base(pipes_struct *p, status = serverinfo_to_SamInfo3(server_info, pipe_session_key, 16, r->out.validation->sam3); break; + case 6: + status = serverinfo_to_SamInfo6(server_info, pipe_session_key, 16, + r->out.validation->sam6); + break; } TALLOC_FREE(server_info); diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index b13e34be07..7711d6ced8 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -1716,3 +1716,54 @@ NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info, return NT_STATUS_OK; } + +/**************************************************************************** + inits a netr_SamInfo6 structure from an auth_serversupplied_info. sam6 must + already be initialized and is used as the talloc parent for its members. +*****************************************************************************/ + +NTSTATUS serverinfo_to_SamInfo6(struct auth_serversupplied_info *server_info, + uint8_t *pipe_session_key, + size_t pipe_session_key_len, + struct netr_SamInfo6 *sam6) +{ + NTSTATUS status; + struct pdb_domain_info *dominfo; + + if ((pdb_capabilities() & PDB_CAP_ADS) == 0) { + DEBUG(10,("Not adding validation info level 6 " + "without ADS passdb backend\n")); + return NT_STATUS_INVALID_INFO_CLASS; + } + + dominfo = pdb_get_domain_info(sam6); + if (dominfo == NULL) { + return NT_STATUS_NO_MEMORY; + } + + status = serverinfo_to_SamInfo_base(sam6, + server_info, + pipe_session_key, + pipe_session_key_len, + &sam6->base); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + sam6->sidcount = 0; + sam6->sids = NULL; + + sam6->forest.string = talloc_strdup(sam6, dominfo->dns_forest); + if (sam6->forest.string == NULL) { + return NT_STATUS_NO_MEMORY; + } + + sam6->principle.string = talloc_asprintf(sam6, "%s@%s", + pdb_get_username(server_info->sam_account), + dominfo->dns_domain); + if (sam6->principle.string == NULL) { + return NT_STATUS_NO_MEMORY; + } + + return NT_STATUS_OK; +} -- cgit