1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00

Kill off another ugly wart from the side of the passdb subsystem.

This time its the pdb_getsampwuid() function - which was only being used by the
SAMR rpc subsystem to gain a 'user session key'.  This 'user session key' is
actually generated at login time, and the other changes here simply move that
data around.

This also means that (when I check some details) we will be able to use the
user session key, even when we are not actually the DC, becouse its one of the
components of the info3 struct returned on logon.

Andrew Bartlett
(This used to be commit 799ac01fe0)
This commit is contained in:
Andrew Bartlett 2002-01-20 13:26:31 +00:00
parent 3871e970b5
commit 32101155d4
8 changed files with 23 additions and 70 deletions

View File

@ -85,7 +85,7 @@ typedef struct auth_serversupplied_info
NT_USER_TOKEN *ptok;
uchar session_key[16];
uint8 session_key[16];
uint8 first_8_lm_hash[8];

View File

@ -200,6 +200,8 @@ typedef struct pipes_struct
fstring pipe_user_name;
struct current_user pipe_user;
uint8 session_key[16];
/*
* Set to true when an RPC bind has been done on this pipe.
*/

View File

@ -1629,6 +1629,8 @@ typedef struct user_struct
NT_USER_TOKEN *nt_user_token;
uint8 session_key[16];
int session_id; /* used by utmp and pam session code */
} user_struct;

View File

@ -1158,36 +1158,3 @@ account without a valid local system user.\n", user_name);
pdb_free_sam(&sam_pass);
return True;
}
/***************************************************************************
Search by uid. Wrapper around pdb_getsampwnam()
**************************************************************************/
BOOL pdb_getsampwuid (SAM_ACCOUNT* user, uid_t uid)
{
struct passwd *pw;
fstring name;
if (user==NULL) {
DEBUG(0,("pdb_getsampwuid: SAM_ACCOUNT is NULL.\n"));
return False;
}
/*
* Never trust the uid in the passdb. Lookup the username first
* and then lokup the user by name in the sam.
*/
if ((pw=getpwuid_alloc(uid)) == NULL) {
DEBUG(0,("pdb_getsampwuid: getpwuid(%d) return NULL. User does not exist in Unix accounts!\n", uid));
return False;
}
fstrcpy (name, pw->pw_name);
passwd_free(&pw);
return pdb_getsampwnam (user, name);
}

View File

@ -423,6 +423,8 @@ failed authentication on named pipe %s.\n", domain, user_name, wks, p->name ));
return False;
}
memcpy(p->session_key, server_info->session_key, sizeof(p->session_key));
uid = pdb_get_uid(server_info->sam_account);
gid = pdb_get_gid(server_info->sam_account);

View File

@ -252,9 +252,15 @@ static void *make_internal_rpc_pipe_p(char *pipe_name,
connection_struct *conn, uint16 vuid)
{
pipes_struct *p;
user_struct *vuser = get_valid_user_struct(vuid);
DEBUG(4,("Create pipe requested %s\n", pipe_name));
if (!vuser && vuid != UID_FIELD_INVALID) {
DEBUG(0,("ERROR! vuid %d did not map to a valid vuser struct!\n", vuid));
return NULL;
}
p = (pipes_struct *)malloc(sizeof(*p));
if (!p)
@ -308,6 +314,11 @@ static void *make_internal_rpc_pipe_p(char *pipe_name,
p->pipe_user.uid = (uid_t)-1;
p->pipe_user.gid = (gid_t)-1;
/* Store the session key */
if (vuser) {
memcpy(p->session_key, vuser->session_key, sizeof(p->session_key));
}
/*
* Initialize the incoming RPC struct.
*/

View File

@ -2439,9 +2439,6 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE
{
uint32 rid = 0x0;
DOM_SID sid;
struct current_user user;
SAM_ACCOUNT *sam_pass=NULL;
unsigned char sess_key[16];
POLICY_HND *pol = &q_u->pol;
uint16 switch_value = q_u->switch_value;
SAM_USERINFO_CTR *ctr = q_u->ctr;
@ -2451,13 +2448,6 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE
r_u->status = NT_STATUS_OK;
if (p->ntlmssp_auth_validated) {
memcpy(&user, &p->pipe_user, sizeof(user));
} else {
extern struct current_user current_user;
memcpy(&user, &current_user, sizeof(user));
}
/* find the policy handle. open a policy on it. */
if (!get_lsa_policy_samr_sid(p, pol, &sid))
return NT_STATUS_INVALID_HANDLE;
@ -2471,29 +2461,6 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE
return NT_STATUS_INVALID_INFO_CLASS;
}
pdb_init_sam(&sam_pass);
/*
* We need the NT hash of the user who is changing the user's password.
* This NT hash is used to generate a "user session key"
* This "user session key" is in turn used to encrypt/decrypt the user's password.
*/
become_root();
ret = pdb_getsampwuid(sam_pass, user.uid);
unbecome_root();
if(ret == False) {
DEBUG(0,("_samr_set_userinfo: Unable to get smbpasswd entry for uid %u\n", (unsigned int)user.uid ));
pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
memset(sess_key, '\0', 16);
mdfour(sess_key, pdb_get_nt_passwd(sam_pass), 16);
pdb_free_sam(&sam_pass);
/* ok! user info levels (lots: see MSDEV help), off we go... */
switch (switch_value) {
case 0x12:
@ -2502,7 +2469,7 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE
break;
case 24:
SamOEMhash(ctr->info.id24->pass, sess_key, 516);
SamOEMhash(ctr->info.id24->pass, p->session_key, 516);
dump_data(100, (char *)ctr->info.id24->pass, 516);
@ -2520,7 +2487,7 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE
* info level and W2K SP2 drops down to level 23... JRA.
*/
SamOEMhash(ctr->info.id25->pass, sess_key, 532);
SamOEMhash(ctr->info.id25->pass, p->session_key, 532);
dump_data(100, (char *)ctr->info.id25->pass, 532);
@ -2531,7 +2498,7 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE
return NT_STATUS_INVALID_INFO_CLASS;
case 23:
SamOEMhash(ctr->info.id23->pass, sess_key, 516);
SamOEMhash(ctr->info.id23->pass, p->session_key, 516);
dump_data(100, (char *)ctr->info.id23->pass, 516);

View File

@ -265,6 +265,8 @@ int register_vuid(auth_serversupplied_info *server_info, char *smb_name)
}
}
memcpy(vuser->session_key, server_info->session_key, sizeof(vuser->session_key));
DEBUG(10,("register_vuid: (%u,%u) %s %s %s guest=%d\n",
(unsigned int)vuser->uid,
(unsigned int)vuser->gid,