sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-11-28 12:23:49 +03:00
Code Activity

various. debug levels changed. nmbd doesn't need libsmb/clienttrust.c.

Browse Source 
samr_lookup_rids() moved to a dynamic memory structure not a
static one limited to 32 RIDs.  cli_pipe.c reading wasn't checking
ERRmoredata when DOS error codes negotiated (this terminates
MSRPC code with prejudice).
This commit is contained in:
Luke Leighton
-
parent 479fc93bd0
commit 8976eca2db
14 changed files with 210 additions and 282 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
source/Makefile.in
View File

@@ -121,7 +121,7 @@ PARAM_OBJ = param/loadparm.o param/params.o
LIBSMB_OBJ = libsmb/clientgen.o libsmb/namequery.o libsmb/nmblib.o \ LIBSMB_OBJ = libsmb/clientgen.o libsmb/namequery.o libsmb/nmblib.o \
libsmb/nterr.o libsmb/smbdes.o libsmb/smbencrypt.o \ libsmb/nterr.o libsmb/smbdes.o libsmb/smbencrypt.o \
libsmb/smberr.o libsmb/credentials.o libsmb/pwd_cache.o \ libsmb/smberr.o libsmb/credentials.o libsmb/pwd_cache.o \
libsmb/passchange.o libsmb/clienttrust.o libsmb/passchange.o
RPC_SERVER_OBJ = \ RPC_SERVER_OBJ = \
rpc_server/srv_lsa.o \ rpc_server/srv_lsa.o \
@@ -162,8 +162,8 @@ RPC_CLIENT_OBJ = \
rpc_client/cli_svcctl.o \ rpc_client/cli_svcctl.o \
rpc_client/cli_samr.o \ rpc_client/cli_samr.o \
rpc_client/cli_atsvc.o \ rpc_client/cli_atsvc.o \
rpc_client/cli_eventlog.o rpc_client/cli_eventlog.o \
libsmb/clienttrust.o
LOCKING_OBJ = locking/locking.o locking/locking_shm.o locking/locking_slow.o \ LOCKING_OBJ = locking/locking.o locking/locking_shm.o locking/locking_slow.o \
locking/shmem.o locking/shmem_sysv.o locking/shmem.o locking/shmem_sysv.o

11
source/include/proto.h
View File

@@ -716,6 +716,11 @@ BOOL cli_message_text(struct cli_state *cli, char *msg, int len, int grp);
BOOL cli_message_end(struct cli_state *cli, int grp); BOOL cli_message_end(struct cli_state *cli, int grp);
BOOL cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail); BOOL cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail);
/*The following definitions come from libsmb/clienttrust.c */
BOOL change_trust_account_password(char *domain, char *remote_machine_list,
uint16 sec_chan);
/*The following definitions come from libsmb/credentials.c */ /*The following definitions come from libsmb/credentials.c */
char *credstr(uchar *cred); char *credstr(uchar *cred);
@@ -1774,9 +1779,8 @@ BOOL cli_net_sam_logon(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_C
NET_USER_INFO_3 *user_info3); NET_USER_INFO_3 *user_info3);
BOOL cli_net_sam_logoff(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_CTR *ctr); BOOL cli_net_sam_logoff(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_CTR *ctr);
BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id, uint32 *num_deltas, SAM_DELTA_HDR *hdr_deltas, SAM_DELTA_CTR *deltas); BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id, uint32 *num_deltas, SAM_DELTA_HDR *hdr_deltas, SAM_DELTA_CTR *deltas);
BOOL change_trust_account_password(char *domain, char *remote_machine_list,
uint16 sec_chan);
BOOL do_sam_sync(struct cli_state *cli, uchar trust_passwd[16], BOOL do_sam_sync(struct cli_state *cli, uchar trust_passwd[16],
const char* srv_name,
SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS], SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS],
SAM_DELTA_CTR deltas [MAX_SAM_DELTAS], SAM_DELTA_CTR deltas [MAX_SAM_DELTAS],
uint32 *num_deltas); uint32 *num_deltas);
@@ -1878,7 +1882,7 @@ BOOL get_samr_query_aliasmem(struct cli_state *cli, uint16 fnum,
BOOL get_samr_query_userinfo(struct cli_state *cli, uint16 fnum, BOOL get_samr_query_userinfo(struct cli_state *cli, uint16 fnum,
POLICY_HND *pol_open_domain, POLICY_HND *pol_open_domain,
uint32 info_level, uint32 info_level,
uint32 user_rid, void *usr); uint32 user_rid, SAM_USER_INFO_21 *usr);
BOOL get_samr_query_groupinfo(struct cli_state *cli, uint16 fnum, BOOL get_samr_query_groupinfo(struct cli_state *cli, uint16 fnum,
POLICY_HND *pol_open_domain, POLICY_HND *pol_open_domain,
uint32 info_level, uint32 info_level,
@@ -2630,6 +2634,7 @@ BOOL make_samr_r_lookup_rids(SAMR_R_LOOKUP_RIDS *r_u,
uint32 num_names, fstring *name, uint8 *type, uint32 num_names, fstring *name, uint8 *type,
uint32 status); uint32 status);
BOOL samr_io_r_lookup_rids(char *desc, SAMR_R_LOOKUP_RIDS *r_u, prs_struct *ps, int depth); BOOL samr_io_r_lookup_rids(char *desc, SAMR_R_LOOKUP_RIDS *r_u, prs_struct *ps, int depth);
void samr_free_r_lookup_rids(SAMR_R_LOOKUP_RIDS *r_u);
BOOL make_samr_q_delete_alias(SAMR_Q_DELETE_DOM_ALIAS *q_u, POLICY_HND *hnd); BOOL make_samr_q_delete_alias(SAMR_Q_DELETE_DOM_ALIAS *q_u, POLICY_HND *hnd);
BOOL samr_io_q_delete_alias(char *desc, SAMR_Q_DELETE_DOM_ALIAS *q_u, prs_struct *ps, int depth); BOOL samr_io_q_delete_alias(char *desc, SAMR_Q_DELETE_DOM_ALIAS *q_u, prs_struct *ps, int depth);
BOOL samr_io_r_delete_alias(char *desc, SAMR_R_DELETE_DOM_ALIAS *r_u, prs_struct *ps, int depth); BOOL samr_io_r_delete_alias(char *desc, SAMR_R_DELETE_DOM_ALIAS *r_u, prs_struct *ps, int depth);

8
source/include/rpc_samr.h
View File

@@ -1267,7 +1267,7 @@ typedef struct q_samr_lookup_rids_info
uint32 ptr; /* 0x0000 0000 - 32 bit unknown */ uint32 ptr; /* 0x0000 0000 - 32 bit unknown */
uint32 num_rids2; /* number of rids being looked up */ uint32 num_rids2; /* number of rids being looked up */
uint32 rid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */ uint32 *rid; /* domain RIDs being looked up */
} SAMR_Q_LOOKUP_RIDS; } SAMR_Q_LOOKUP_RIDS;
@@ -1283,14 +1283,14 @@ typedef struct r_samr_lookup_rids_info
uint32 ptr_names; /* pointer to aliases */ uint32 ptr_names; /* pointer to aliases */
uint32 num_names2; /* number of aliases being looked up */ uint32 num_names2; /* number of aliases being looked up */
UNIHDR hdr_name[MAX_LOOKUP_SIDS]; /* unicode account name header */ UNIHDR *hdr_name; /* unicode account name header */
UNISTR2 uni_name[MAX_LOOKUP_SIDS]; /* unicode account name string */ UNISTR2 *uni_name; /* unicode account name string */
uint32 num_types1; /* number of users in aliases being looked up */ uint32 num_types1; /* number of users in aliases being looked up */
uint32 ptr_types; /* pointer to users in aliases */ uint32 ptr_types; /* pointer to users in aliases */
uint32 num_types2; /* number of users in aliases being looked up */ uint32 num_types2; /* number of users in aliases being looked up */
uint32 type[MAX_LOOKUP_SIDS]; /* SID_ENUM type */ uint32 *type; /* SID_ENUM type */
uint32 status; uint32 status;

4
source/rpc_client/cli_login.c
View File

@@ -48,7 +48,7 @@ uint32 cli_nt_setup_creds(struct cli_state *cli, uint16 fnum,
ret = cli_net_req_chal(cli, fnum, srv_name, &clnt_chal, &srv_chal); ret = cli_net_req_chal(cli, fnum, srv_name, &clnt_chal, &srv_chal);
if (ret != 0) if (ret != 0)
{ {
DEBUG(0,("cli_nt_setup_creds: request challenge failed\n")); DEBUG(1,("cli_nt_setup_creds: request challenge failed\n"));
return ret; return ret;
} }
@@ -73,7 +73,7 @@ uint32 cli_nt_setup_creds(struct cli_state *cli, uint16 fnum,
sec_chan, 0x000001ff, &srv_chal); sec_chan, 0x000001ff, &srv_chal);
if (ret != 0x0) if (ret != 0x0)
{ {
DEBUG(0,("cli_nt_setup_creds: auth2 challenge failed\n")); DEBUG(1,("cli_nt_setup_creds: auth2 challenge failed. status: %x\n", ret));
} }
return ret; return ret;

221
source/rpc_client/cli_netlogon.c
View File

@@ -30,7 +30,6 @@
#include "includes.h" #include "includes.h"
extern int DEBUGLEVEL; extern int DEBUGLEVEL;
extern pstring scope;
extern pstring global_myname; extern pstring global_myname;
/**************************************************************************** /****************************************************************************
@@ -89,7 +88,7 @@ BOOL cli_net_logon_ctrl2(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 stat
if (ok && r_l.status != 0) if (ok && r_l.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("do_net_logon_ctrl2: Error %s\n", get_nt_error_msg(r_l.status))); DEBUG(5,("do_net_logon_ctrl2: Error %s\n", get_nt_error_msg(r_l.status)));
cli->nt_error = r_l.status; cli->nt_error = r_l.status;
ok = False; ok = False;
} }
@@ -147,7 +146,7 @@ uint32 cli_net_auth2(struct cli_state *cli, uint16 nt_pipe_fnum,
if (status == 0x0 && r_a.status != 0) if (status == 0x0 && r_a.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("cli_net_auth2: Error %s\n", DEBUG(5,("cli_net_auth2: Error %s\n",
get_nt_error_msg(r_a.status))); get_nt_error_msg(r_a.status)));
cli->nt_error = r_a.status; cli->nt_error = r_a.status;
status = r_a.status; status = r_a.status;
@@ -167,7 +166,7 @@ uint32 cli_net_auth2(struct cli_state *cli, uint16 nt_pipe_fnum,
/* /*
* Server replied with bad credential. Fail. * Server replied with bad credential. Fail.
*/ */
DEBUG(0,("cli_net_auth2: server %s replied with bad credential (bad machine \ DEBUG(5,("cli_net_auth2: server %s replied with bad credential (bad machine \
password ?).\n", cli->desthost )); password ?).\n", cli->desthost ));
status = NT_STATUS_NETWORK_CREDENTIAL_CONFLICT | 0xC0000000; status = NT_STATUS_NETWORK_CREDENTIAL_CONFLICT | 0xC0000000;
} }
@@ -182,7 +181,7 @@ uint32 cli_net_auth2(struct cli_state *cli, uint16 nt_pipe_fnum,
if (ok && r_a.srv_flgs.neg_flags != q_a.clnt_flgs.neg_flags) if (ok && r_a.srv_flgs.neg_flags != q_a.clnt_flgs.neg_flags)
{ {
/* report different neg_flags */ /* report different neg_flags */
DEBUG(0,("cli_net_auth2: error neg_flags (q,r) differ - (%x,%x)\n", DEBUG(5,("cli_net_auth2: error neg_flags (q,r) differ - (%x,%x)\n",
q_a.clnt_flgs.neg_flags, r_a.srv_flgs.neg_flags)); q_a.clnt_flgs.neg_flags, r_a.srv_flgs.neg_flags));
ok = False; ok = False;
} }
@@ -191,9 +190,12 @@ uint32 cli_net_auth2(struct cli_state *cli, uint16 nt_pipe_fnum,
} }
else else
{ {
DEBUG(5,("rpc_api_pipe_req FAILED\n"));
status = 0xC0000000 | NT_STATUS_ACCESS_DENIED; status = 0xC0000000 | NT_STATUS_ACCESS_DENIED;
} }
DEBUG(5,("cli_net_auth2 status: %x\n", status));
prs_mem_free(&rbuf); prs_mem_free(&rbuf);
prs_mem_free(&buf ); prs_mem_free(&buf );
@@ -242,7 +244,7 @@ uint32 cli_net_req_chal(struct cli_state *cli, uint16 nt_pipe_fnum,
if (status == 0x0 && r_c.status != 0) if (status == 0x0 && r_c.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("cli_net_req_chal: Error %s\n", get_nt_error_msg(r_c.status))); DEBUG(5,("cli_net_req_chal: Error %s\n", get_nt_error_msg(r_c.status)));
cli->nt_error = r_c.status; cli->nt_error = r_c.status;
status = r_c.status; status = r_c.status;
} }
@@ -255,6 +257,7 @@ uint32 cli_net_req_chal(struct cli_state *cli, uint16 nt_pipe_fnum,
} }
else else
{ {
DEBUG(5,("rpc_api_pipe_req FAILED\n"));
status = 0xC0000000 | NT_STATUS_ACCESS_DENIED; status = 0xC0000000 | NT_STATUS_ACCESS_DENIED;
} }
@@ -306,7 +309,7 @@ BOOL cli_net_srv_pwset(struct cli_state *cli, uint16 nt_pipe_fnum,
if (ok && r_s.status != 0) if (ok && r_s.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("cli_net_srv_pwset: %s\n", get_nt_error_msg(r_s.status))); DEBUG(5,("cli_net_srv_pwset: %s\n", get_nt_error_msg(r_s.status)));
cli->nt_error = r_s.status; cli->nt_error = r_s.status;
ok = False; ok = False;
} }
@@ -317,7 +320,7 @@ BOOL cli_net_srv_pwset(struct cli_state *cli, uint16 nt_pipe_fnum,
/* /*
* Server replied with bad credential. Fail. * Server replied with bad credential. Fail.
*/ */
DEBUG(0,("cli_net_srv_pwset: server %s replied with bad credential (bad machine \ DEBUG(5,("cli_net_srv_pwset: server %s replied with bad credential (bad machine \
password ?).\n", cli->desthost )); password ?).\n", cli->desthost ));
ok = False; ok = False;
} }
@@ -379,7 +382,7 @@ BOOL cli_net_sam_logon(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_C
if (ok && r_s.status != 0) if (ok && r_s.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("cli_net_sam_logon: %s\n", get_nt_error_msg(r_s.status))); DEBUG(5,("cli_net_sam_logon: %s\n", get_nt_error_msg(r_s.status)));
cli->nt_error = r_s.status; cli->nt_error = r_s.status;
ok = False; ok = False;
} }
@@ -390,7 +393,7 @@ BOOL cli_net_sam_logon(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_C
/* /*
* Server replied with bad credential. Fail. * Server replied with bad credential. Fail.
*/ */
DEBUG(0,("cli_net_sam_logon: server %s replied with bad credential (bad machine \ DEBUG(5,("cli_net_sam_logon: server %s replied with bad credential (bad machine \
password ?).\n", cli->desthost )); password ?).\n", cli->desthost ));
ok = False; ok = False;
} }
@@ -398,7 +401,7 @@ password ?).\n", cli->desthost ));
if (ok && r_s.switch_value != 3) if (ok && r_s.switch_value != 3)
{ {
/* report different switch_value */ /* report different switch_value */
DEBUG(0,("cli_net_sam_logon: switch_value of 3 expected %x\n", DEBUG(5,("cli_net_sam_logon: switch_value of 3 expected %x\n",
r_s.switch_value)); r_s.switch_value));
ok = False; ok = False;
} }
@@ -461,7 +464,7 @@ BOOL cli_net_sam_logoff(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_
if (ok && r_s.status != 0) if (ok && r_s.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("cli_net_sam_logoff: %s\n", get_nt_error_msg(r_s.status))); DEBUG(5,("cli_net_sam_logoff: %s\n", get_nt_error_msg(r_s.status)));
cli->nt_error = r_s.status; cli->nt_error = r_s.status;
ok = False; ok = False;
} }
@@ -472,7 +475,7 @@ BOOL cli_net_sam_logoff(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_
/* /*
* Server replied with bad credential. Fail. * Server replied with bad credential. Fail.
*/ */
DEBUG(0,("cli_net_sam_logoff: server %s replied with bad credential (bad machine \ DEBUG(5,("cli_net_sam_logoff: server %s replied with bad credential (bad machine \
password ?).\n", cli->desthost )); password ?).\n", cli->desthost ));
ok = False; ok = False;
} }
@@ -522,7 +525,7 @@ BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 databas
if (ok && r_s.status != 0 && r_s.status != NT_STATUS_MORE_ENTRIES) if (ok && r_s.status != 0 && r_s.status != NT_STATUS_MORE_ENTRIES)
{ {
/* report error code */ /* report error code */
DEBUG(0,("cli_net_sam_sync: %s\n", get_nt_error_msg(r_s.status))); DEBUG(5,("cli_net_sam_sync: %s\n", get_nt_error_msg(r_s.status)));
cli->nt_error = r_s.status; cli->nt_error = r_s.status;
ok = False; ok = False;
} }
@@ -530,7 +533,7 @@ BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 databas
/* Update the credentials. */ /* Update the credentials. */
if (ok && !clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), &(r_s.srv_creds))) if (ok && !clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), &(r_s.srv_creds)))
{ {
DEBUG(0,("cli_net_sam_sync: server %s replied with bad credential (bad machine password ?).\n", cli->desthost)); DEBUG(5,("cli_net_sam_sync: server %s replied with bad credential (bad machine password ?).\n", cli->desthost));
ok = False; ok = False;
} }
@@ -540,7 +543,7 @@ BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 databas
if (r_s.status == NT_STATUS_MORE_ENTRIES) if (r_s.status == NT_STATUS_MORE_ENTRIES)
{ {
DEBUG(2, ("(More entries)\n")); DEBUG(5, ("(More entries)\n"));
} }
} }
} }
@@ -551,183 +554,9 @@ BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 databas
return ok; return ok;
} }
/*********************************************************
Change the domain password on the PDC.
**********************************************************/
static BOOL modify_trust_password( char *domain, char *remote_machine,
unsigned char orig_trust_passwd_hash[16],
unsigned char new_trust_passwd_hash[16],
uint16 sec_chan)
{
uint16 nt_pipe_fnum;
struct cli_state cli;
struct nmb_name calling, called;
make_nmb_name(&calling, global_myname , 0x0 , scope);
make_nmb_name(&called , remote_machine, 0x20, scope);
ZERO_STRUCT(cli);
if(cli_initialise(&cli) == NULL)
{
DEBUG(0,("modify_trust_password: unable to initialize client \
connection.\n"));
return False;
}
if(!resolve_name( remote_machine, &cli.dest_ip, 0x20))
{
DEBUG(0,("modify_trust_password: Can't resolve address for \
%s\n", remote_machine));
return False;
}
if (ismyip(cli.dest_ip))
{
DEBUG(0,("modify_trust_password: Machine %s is one of our \
addresses. Cannot add to ourselves.\n", remote_machine));
return False;
}
cli.protocol = PROTOCOL_NT1;
pwd_set_nullpwd(&cli.pwd);
if (!cli_establish_connection(&cli, remote_machine, &cli.dest_ip,
&calling, &called,
"IPC$", "IPC", False, True))
{
fstring errstr;
cli_safe_errstr(&cli, errstr, sizeof(errstr));
DEBUG(0,("modify_trust_password: machine %s rejected the SMB \
session. Error was : %s.\n", remote_machine, errstr ));
cli_shutdown(&cli);
return False;
}
if (cli.protocol != PROTOCOL_NT1)
{
DEBUG(0,("modify_trust_password: machine %s didn't negotiate \
NT protocol.\n", remote_machine));
cli_shutdown(&cli);
return False;
}
if (!(IS_BITS_SET_ALL(cli.sec_mode, 1)))
{
DEBUG(0,("modify_trust_password: machine %s isn't in user \
level security mode\n", remote_machine));
cli_shutdown(&cli);
return False;
}
/*
* Ok - we have an anonymous connection to the IPC$ share.
* Now start the NT Domain stuff :-).
*/
if (!cli_nt_session_open(&cli, PIPE_NETLOGON, &nt_pipe_fnum))
{
fstring errstr;
cli_safe_errstr(&cli, errstr, sizeof(errstr));
DEBUG(0,("modify_trust_password: unable to open the domain \
client session to server %s. Error was : %s.\n", remote_machine, errstr ));
cli_nt_session_close(&cli, nt_pipe_fnum);
cli_ulogoff(&cli);
cli_shutdown(&cli);
return False;
}
if (cli_nt_setup_creds(&cli, nt_pipe_fnum,
cli.mach_acct, global_myname,
orig_trust_passwd_hash, sec_chan) != 0x0)
{
fstring errstr;
cli_safe_errstr(&cli, errstr, sizeof(errstr));
DEBUG(0,("modify_trust_password: unable to setup the PDC \
credentials to server %s. Error was : %s.\n", remote_machine, errstr ));
cli_nt_session_close(&cli, nt_pipe_fnum);
cli_ulogoff(&cli);
cli_shutdown(&cli);
return False;
}
if (!cli_nt_srv_pwset( &cli, nt_pipe_fnum, new_trust_passwd_hash,
sec_chan ) )
{
fstring errstr;
cli_safe_errstr(&cli, errstr, sizeof(errstr));
DEBUG(0,("modify_trust_password: unable to change password for \
workstation %s in domain %s to Domain controller %s. Error was %s.\n",
global_myname, domain, remote_machine, errstr ));
cli_nt_session_close(&cli, nt_pipe_fnum);
cli_ulogoff(&cli);
cli_shutdown(&cli);
return False;
}
cli_nt_session_close(&cli, nt_pipe_fnum);
cli_ulogoff(&cli);
cli_shutdown(&cli);
return True;
}
/************************************************************************
Change the trust account password for a domain.
The user of this function must have locked the trust password file for
update.
************************************************************************/
BOOL change_trust_account_password(char *domain, char *remote_machine_list,
uint16 sec_chan)
{
fstring remote_machine;
unsigned char old_trust_passwd_hash[16];
unsigned char new_trust_passwd_hash[16];
time_t lct;
BOOL res;
if(!get_trust_account_password( old_trust_passwd_hash, &lct)) {
DEBUG(0,("change_trust_account_password: unable to read the machine \
account password for domain %s.\n", domain));
return False;
}
/*
* Create the new (random) password.
*/
generate_random_buffer( new_trust_passwd_hash, 16, True);
while(remote_machine_list &&
next_token(&remote_machine_list, remote_machine,
LIST_SEP, sizeof(remote_machine))) {
strupper(remote_machine);
if(modify_trust_password( domain, remote_machine,
old_trust_passwd_hash, new_trust_passwd_hash, sec_chan)) {
DEBUG(0,("%s : change_trust_account_password: Changed password for \
domain %s.\n", timestring(), domain));
/*
* Return the result of trying to write the new password
* back into the trust account file.
*/
res = set_trust_account_password(new_trust_passwd_hash);
memset(new_trust_passwd_hash, 0, 16);
memset(old_trust_passwd_hash, 0, 16);
return res;
}
}
memset(new_trust_passwd_hash, 0, 16);
memset(old_trust_passwd_hash, 0, 16);
DEBUG(0,("%s : change_trust_account_password: Failed to change password for \
domain %s.\n", timestring(), domain));
return False;
}
BOOL do_sam_sync(struct cli_state *cli, uchar trust_passwd[16], BOOL do_sam_sync(struct cli_state *cli, uchar trust_passwd[16],
const char* srv_name,
SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS], SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS],
SAM_DELTA_CTR deltas [MAX_SAM_DELTAS], SAM_DELTA_CTR deltas [MAX_SAM_DELTAS],
uint32 *num_deltas) uint32 *num_deltas)
@@ -737,14 +566,14 @@ BOOL do_sam_sync(struct cli_state *cli, uchar trust_passwd[16],
*num_deltas = 0; *num_deltas = 0;
DEBUG(2,("Attempting SAM sync with PDC, domain: %s name: %s\n", DEBUG(5,("Attempting SAM sync with PDC, domain: %s name: %s\n",
cli->domain, global_myname)); cli->domain, srv_name));
/* open NETLOGON session. negotiate credentials */ /* open NETLOGON session. negotiate credentials */
res = res ? cli_nt_session_open(cli, PIPE_NETLOGON, &nt_pipe_fnum) : False; res = res ? cli_nt_session_open(cli, PIPE_NETLOGON, &nt_pipe_fnum) : False;
res = res ? cli_nt_setup_creds(cli, nt_pipe_fnum, res = res ? cli_nt_setup_creds(cli, nt_pipe_fnum,
cli->mach_acct, global_myname, cli->mach_acct, srv_name,
trust_passwd, SEC_CHAN_BDC) == 0x0 : False; trust_passwd, SEC_CHAN_BDC) == 0x0 : False;
memset(trust_passwd, 0, 16); memset(trust_passwd, 0, 16);
@@ -756,11 +585,11 @@ BOOL do_sam_sync(struct cli_state *cli, uchar trust_passwd[16],
if (!res) if (!res)
{ {
DEBUG(0, ("SAM synchronisation FAILED\n")); DEBUG(5, ("SAM synchronisation FAILED\n"));
return False; return False;
} }
DEBUG(0, ("SAM synchronisation returned %d entries\n", *num_deltas)); DEBUG(5, ("SAM synchronisation returned %d entries\n", *num_deltas));
return True; return True;
} }

3
source/rpc_client/cli_netlogon_sync.c
View File

@@ -62,7 +62,8 @@ BOOL synchronise_passdb(void)
return False; return False;
} }
ret = do_sam_sync(&cli, trust_passwd, hdr_deltas, deltas, &num); ret = do_sam_sync(&cli, trust_passwd, global_myname,
hdr_deltas, deltas, &num);
if (ret) if (ret)
{ {

27
source/rpc_client/cli_pipe.c
View File

@@ -50,11 +50,13 @@ static BOOL rpc_read(struct cli_state *cli, uint16 nt_pipe_fnum,
prs_struct *rdata, uint32 data_to_read, prs_struct *rdata, uint32 data_to_read,
uint32 rdata_offset) uint32 rdata_offset)
{ {
int size = cli->max_recv_frag; size_t size = cli->max_recv_frag;
int file_offset = 0; int file_offset = 0;
int num_read; int num_read;
char *data; char *data;
uint32 new_data_size = rdata_offset + data_to_read; uint32 new_data_size = rdata_offset + data_to_read;
uint8 cls;
uint32 type;
DEBUG(5,("rpc_read: data_to_read: %d data offset: %d file offset: %d\n", DEBUG(5,("rpc_read: data_to_read: %d data offset: %d file offset: %d\n",
data_to_read, rdata_offset, file_offset)); data_to_read, rdata_offset, file_offset));
@@ -81,7 +83,13 @@ static BOOL rpc_read(struct cli_state *cli, uint16 nt_pipe_fnum,
file_offset += num_read; file_offset += num_read;
data += num_read; data += num_read;
if (cli_error(cli, NULL, NULL)) return False; if (cli_error(cli, &cls, &type))
{
if (cls != ERRDOS || type != ERRmoredata)
{
return False;
}
}
} while (num_read > 0 && data_to_read > 0); } while (num_read > 0 && data_to_read > 0);
@@ -244,7 +252,8 @@ static BOOL rpc_api_pipe(struct cli_state *cli, uint16 nt_pipe_fnum, uint16 cmd,
int len; int len;
uint16 setup[2]; /* only need 2 uint16 setup parameters */ uint16 setup[2]; /* only need 2 uint16 setup parameters */
uint32 err; uint8 cls;
uint32 type;
BOOL first = True; BOOL first = True;
BOOL last = True; BOOL last = True;
RPC_HDR rhdr; RPC_HDR rhdr;
@@ -366,7 +375,13 @@ static BOOL rpc_api_pipe(struct cli_state *cli, uint16 nt_pipe_fnum, uint16 cmd,
prs_mem_free(&hps); prs_mem_free(&hps);
if (cli_error(cli, NULL, &err)) return False; if (cli_error(cli, &cls, &type))
{
if (cls != ERRDOS || type != ERRmoredata)
{
return False;
}
}
if (first) if (first)
{ {
@@ -725,10 +740,10 @@ static BOOL valid_pipe_name(char *pipe_name, RPC_IFACE *abstract, RPC_IFACE *tra
{ {
if (strequal(pipe_name, pipe_names[pipe_idx].client_pipe )) if (strequal(pipe_name, pipe_names[pipe_idx].client_pipe ))
{ {
DEBUG(5,("Bind Abstract Syntax: ")); DEBUG(5,("Bind Abstract Syntax:\n"));
dump_data(5, (char*)&(pipe_names[pipe_idx].abstr_syntax), dump_data(5, (char*)&(pipe_names[pipe_idx].abstr_syntax),
sizeof(pipe_names[pipe_idx].abstr_syntax)); sizeof(pipe_names[pipe_idx].abstr_syntax));
DEBUG(5,("Bind Transfer Syntax: ")); DEBUG(5,("Bind Transfer Syntax:\n"));
dump_data(5, (char*)&(pipe_names[pipe_idx].trans_syntax), dump_data(5, (char*)&(pipe_names[pipe_idx].trans_syntax),
sizeof(pipe_names[pipe_idx].trans_syntax)); sizeof(pipe_names[pipe_idx].trans_syntax));

89
source/rpc_client/cli_samr.c
View File

@@ -309,12 +309,14 @@ do a SAMR query user info
BOOL get_samr_query_userinfo(struct cli_state *cli, uint16 fnum, BOOL get_samr_query_userinfo(struct cli_state *cli, uint16 fnum,
POLICY_HND *pol_open_domain, POLICY_HND *pol_open_domain,
uint32 info_level, uint32 info_level,
uint32 user_rid, void *usr) uint32 user_rid, SAM_USER_INFO_21 *usr)
{ {
POLICY_HND pol_open_user; POLICY_HND pol_open_user;
BOOL ret = True; BOOL ret = True;
if (pol_open_domain == NULL) return False; if (pol_open_domain == NULL || usr == NULL) return False;
bzero(usr, sizeof(*usr));
/* send open domain (on user sid) */ /* send open domain (on user sid) */
if (!samr_open_user(cli, fnum, if (!samr_open_user(cli, fnum,
@@ -328,7 +330,7 @@ BOOL get_samr_query_userinfo(struct cli_state *cli, uint16 fnum,
/* send user info query */ /* send user info query */
if (!samr_query_userinfo(cli, fnum, if (!samr_query_userinfo(cli, fnum,
&pol_open_user, &pol_open_user,
info_level, usr)) info_level, (void*)usr))
{ {
DEBUG(5,("samr_query_userinfo: error in query user info, level 0x%x\n", DEBUG(5,("samr_query_userinfo: error in query user info, level 0x%x\n",
info_level)); info_level));
@@ -415,7 +417,7 @@ BOOL samr_chgpasswd_user(struct cli_state *cli, uint16 fnum,
if (p && r_e.status != 0) if (p && r_e.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_CHGPASSWD_USER: %s\n", get_nt_error_msg(r_e.status))); DEBUG(4,("SAMR_R_CHGPASSWD_USER: %s\n", get_nt_error_msg(r_e.status)));
p = False; p = False;
} }
@@ -468,7 +470,7 @@ BOOL samr_unknown_38(struct cli_state *cli, uint16 fnum, char *srv_name)
if (p && r_e.status != 0) if (p && r_e.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_UNKNOWN_38: %s\n", get_nt_error_msg(r_e.status))); DEBUG(4,("SAMR_R_UNKNOWN_38: %s\n", get_nt_error_msg(r_e.status)));
p = False; p = False;
} }
#endif #endif
@@ -525,7 +527,7 @@ BOOL samr_query_dom_info(struct cli_state *cli, uint16 fnum,
if (p && r_e.status != 0) if (p && r_e.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_QUERY_DOMAIN_INFO: %s\n", get_nt_error_msg(r_e.status))); DEBUG(4,("SAMR_R_QUERY_DOMAIN_INFO: %s\n", get_nt_error_msg(r_e.status)));
p = False; p = False;
} }
@@ -582,7 +584,7 @@ BOOL samr_enum_dom_groups(struct cli_state *cli, uint16 fnum,
if (p && r_e.status != 0) if (p && r_e.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_ENUM_DOM_GROUPS: %s\n", get_nt_error_msg(r_e.status))); DEBUG(4,("SAMR_R_ENUM_DOM_GROUPS: %s\n", get_nt_error_msg(r_e.status)));
p = False; p = False;
} }
@@ -670,7 +672,7 @@ BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum,
if (p && r_e.status != 0) if (p && r_e.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_ENUM_DOM_ALIASES: %s\n", get_nt_error_msg(r_e.status))); DEBUG(4,("SAMR_R_ENUM_DOM_ALIASES: %s\n", get_nt_error_msg(r_e.status)));
p = False; p = False;
} }
@@ -759,7 +761,7 @@ BOOL samr_enum_dom_users(struct cli_state *cli, uint16 fnum,
if (p && r_e.status != 0) if (p && r_e.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_ENUM_DOM_USERS: %s\n", get_nt_error_msg(r_e.status))); DEBUG(4,("SAMR_R_ENUM_DOM_USERS: %s\n", get_nt_error_msg(r_e.status)));
p = False; p = False;
} }
@@ -849,7 +851,7 @@ BOOL samr_connect(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_CONNECT: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_CONNECT: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -907,7 +909,7 @@ BOOL samr_open_user(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_OPEN_USER: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_OPEN_USER: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -965,7 +967,7 @@ BOOL samr_open_alias(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_OPEN_ALIAS: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_OPEN_ALIAS: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1021,7 +1023,7 @@ BOOL samr_del_aliasmem(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_DEL_ALIASMEM: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_DEL_ALIASMEM: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1076,7 +1078,7 @@ BOOL samr_add_aliasmem(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_ADD_ALIASMEM: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_ADD_ALIASMEM: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1131,7 +1133,7 @@ BOOL samr_delete_dom_alias(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_DELETE_DOM_ALIAS: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_DELETE_DOM_ALIAS: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1188,7 +1190,7 @@ BOOL samr_create_dom_user(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_CREATE_USER: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_CREATE_USER: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1246,7 +1248,7 @@ BOOL samr_create_dom_alias(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_CREATE_DOM_ALIAS: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_CREATE_DOM_ALIAS: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1304,7 +1306,7 @@ BOOL samr_get_aliasinfo(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_GET_ALIASINFO: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_GET_ALIASINFO: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1360,7 +1362,7 @@ BOOL samr_set_aliasinfo(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_SET_ALIASINFO: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_SET_ALIASINFO: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1417,7 +1419,7 @@ BOOL samr_open_group(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_OPEN_GROUP: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_OPEN_GROUP: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1473,7 +1475,7 @@ BOOL samr_del_groupmem(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_DEL_GROUPMEM: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_DEL_GROUPMEM: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1528,7 +1530,7 @@ BOOL samr_add_groupmem(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_ADD_GROUPMEM: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_ADD_GROUPMEM: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1582,7 +1584,7 @@ BOOL samr_delete_dom_group(struct cli_state *cli, uint16 fnum, POLICY_HND *group
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_DELETE_DOM_GROUP: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_DELETE_DOM_GROUP: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1638,7 +1640,7 @@ BOOL samr_create_dom_group(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_CREATE_DOM_GROUP: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_CREATE_DOM_GROUP: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1695,7 +1697,7 @@ BOOL samr_set_groupinfo(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_SET_GROUPINFO: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_SET_GROUPINFO: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1758,7 +1760,7 @@ BOOL samr_open_domain(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_OPEN_DOMAIN: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_OPEN_DOMAIN: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1815,7 +1817,7 @@ BOOL samr_query_lookup_domain(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_LOOKUP_DOMAIN: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_LOOKUP_DOMAIN: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1876,7 +1878,7 @@ BOOL samr_query_lookup_names(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_LOOKUP_NAMES: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_LOOKUP_NAMES: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1954,6 +1956,7 @@ BOOL samr_query_lookup_rids(struct cli_state *cli, uint16 fnum,
{ {
SAMR_R_LOOKUP_RIDS r_o; SAMR_R_LOOKUP_RIDS r_o;
BOOL p; BOOL p;
ZERO_STRUCT(r_o);
samr_io_r_lookup_rids("", &r_o, &rdata, 0); samr_io_r_lookup_rids("", &r_o, &rdata, 0);
p = rdata.offset != 0; p = rdata.offset != 0;
@@ -1961,7 +1964,7 @@ BOOL samr_query_lookup_rids(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_LOOKUP_RIDS: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_LOOKUP_RIDS: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -1994,6 +1997,8 @@ BOOL samr_query_lookup_rids(struct cli_state *cli, uint16 fnum,
p = False; p = False;
} }
} }
samr_free_r_lookup_rids(&r_o);
} }
prs_mem_free(&data ); prs_mem_free(&data );
@@ -2045,7 +2050,7 @@ BOOL samr_query_aliasmem(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_QUERY_ALIASMEM: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_QUERY_ALIASMEM: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -2106,7 +2111,7 @@ BOOL samr_query_useraliases(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_QUERY_USERALIASES: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_QUERY_USERALIASES: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -2168,7 +2173,7 @@ BOOL samr_query_groupmem(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_QUERY_GROUPMEM: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_QUERY_GROUPMEM: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -2230,7 +2235,7 @@ BOOL samr_query_usergroups(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_QUERY_USERGROUPS: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_QUERY_USERGROUPS: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -2291,13 +2296,13 @@ BOOL samr_query_groupinfo(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_QUERY_GROUPINFO: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_QUERY_GROUPINFO: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
if (p && r_o.ctr->switch_value1 != switch_value) if (p && r_o.ctr->switch_value1 != switch_value)
{ {
DEBUG(0,("SAMR_R_QUERY_GROUPINFO: received incorrect level %d\n", DEBUG(4,("SAMR_R_QUERY_GROUPINFO: received incorrect level %d\n",
r_o.ctr->switch_value1)); r_o.ctr->switch_value1));
} }
@@ -2327,7 +2332,7 @@ BOOL samr_query_userinfo(struct cli_state *cli, uint16 fnum,
DEBUG(4,("SAMR Query User Info. level: %d\n", switch_value)); DEBUG(4,("SAMR Query User Info. level: %d\n", switch_value));
if (pol == NULL || switch_value == 0) return False; if (pol == NULL || usr == NULL || switch_value == 0) return False;
/* create and send a MSRPC command with api SAMR_QUERY_USERINFO */ /* create and send a MSRPC command with api SAMR_QUERY_USERINFO */
@@ -2355,13 +2360,13 @@ BOOL samr_query_userinfo(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_QUERY_USERINFO: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_QUERY_USERINFO: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
if (p && r_o.switch_value != switch_value) if (p && r_o.switch_value != switch_value)
{ {
DEBUG(0,("SAMR_R_QUERY_USERINFO: received incorrect level %d\n", DEBUG(4,("SAMR_R_QUERY_USERINFO: received incorrect level %d\n",
r_o.switch_value)); r_o.switch_value));
} }
@@ -2415,7 +2420,7 @@ BOOL samr_close(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd)
if (p && r_c.status != 0) if (p && r_c.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_CLOSE_HND: %s\n", get_nt_error_msg(r_c.status))); DEBUG(4,("SAMR_CLOSE_HND: %s\n", get_nt_error_msg(r_c.status)));
p = False; p = False;
} }
@@ -2435,7 +2440,7 @@ BOOL samr_close(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd)
} }
if (!valid_close) if (!valid_close)
{ {
DEBUG(0,("SAMR_CLOSE_HND: non-zero handle returned\n")); DEBUG(4,("SAMR_CLOSE_HND: non-zero handle returned\n"));
} }
} }
} }
@@ -2494,13 +2499,13 @@ BOOL samr_query_dispinfo(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SAMR_R_QUERY_DISPINFO: %s\n", get_nt_error_msg(r_o.status))); DEBUG(4,("SAMR_R_QUERY_DISPINFO: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
if (p && r_o.switch_level != level) if (p && r_o.switch_level != level)
{ {
DEBUG(0,("SAMR_R_QUERY_DISPINFO: received incorrect level %d\n", DEBUG(4,("SAMR_R_QUERY_DISPINFO: received incorrect level %d\n",
r_o.switch_level)); r_o.switch_level));
} }

15
source/rpc_client/cli_svcctl.c
View File

@@ -72,7 +72,7 @@ BOOL svc_open_sc_man(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SVC_OPEN_SC_MAN: %s\n", get_nt_error_msg(r_o.status))); DEBUG(1,("SVC_OPEN_SC_MAN: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -133,7 +133,7 @@ BOOL svc_open_service(struct cli_state *cli, uint16 fnum,
if (p && r_o.status != 0) if (p && r_o.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SVC_OPEN_SC_MAN: %s\n", get_nt_error_msg(r_o.status))); DEBUG(1,("SVC_OPEN_SC_MAN: %s\n", get_nt_error_msg(r_o.status)));
p = False; p = False;
} }
@@ -201,11 +201,12 @@ BOOL svc_enum_svcs(struct cli_state *cli, uint16 fnum,
{ {
fstring errmsg; fstring errmsg;
if (r_o.dos_status != ERRmoredata) { if (r_o.dos_status != ERRmoredata)
{
smb_safe_err_msg(ERRDOS, r_o.dos_status, smb_safe_err_msg(ERRDOS, r_o.dos_status,
errmsg, sizeof(errmsg)); errmsg, sizeof(errmsg));
/* report error code */ /* report error code */
DEBUG(0,("SVC_ENUM_SVCS_STATUS: %s\n", errmsg)); DEBUG(1,("SVC_ENUM_SVCS_STATUS: %s\n", errmsg));
} }
p = r_o.dos_status == ERRmoredata; p = r_o.dos_status == ERRmoredata;
} }
@@ -273,7 +274,7 @@ BOOL svc_query_svc_cfg(struct cli_state *cli, uint16 fnum,
if (p && r_c.status != 0) if (p && r_c.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SVC_QUERY_SVC_CONFIG: %s\n", get_nt_error_msg(r_c.status))); DEBUG(1,("SVC_QUERY_SVC_CONFIG: %s\n", get_nt_error_msg(r_c.status)));
p = False; p = False;
} }
@@ -329,7 +330,7 @@ BOOL svc_close(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd)
if (p && r_c.status != 0) if (p && r_c.status != 0)
{ {
/* report error code */ /* report error code */
DEBUG(0,("SVC_CLOSE: %s\n", get_nt_error_msg(r_c.status))); DEBUG(1,("SVC_CLOSE: %s\n", get_nt_error_msg(r_c.status)));
p = False; p = False;
} }
@@ -349,7 +350,7 @@ BOOL svc_close(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd)
} }
if (!valid_close) if (!valid_close)
{ {
DEBUG(0,("SVC_CLOSE: non-zero handle returned\n")); DEBUG(1,("SVC_CLOSE: non-zero handle returned\n"));
} }
} }
} }

84
source/rpc_parse/parse_samr.c
View File

@@ -3388,7 +3388,6 @@ BOOL make_samr_q_lookup_rids(SAMR_Q_LOOKUP_RIDS *q_u,
POLICY_HND *pol, uint32 flags, POLICY_HND *pol, uint32 flags,
uint32 num_rids, uint32 *rid) uint32 num_rids, uint32 *rid)
{ {
int i;
if (q_u == NULL) return False; if (q_u == NULL) return False;
DEBUG(5,("make_samr_r_unknwon_12\n")); DEBUG(5,("make_samr_r_unknwon_12\n"));
@@ -3399,11 +3398,7 @@ BOOL make_samr_q_lookup_rids(SAMR_Q_LOOKUP_RIDS *q_u,
q_u->flags = flags; q_u->flags = flags;
q_u->ptr = 0; q_u->ptr = 0;
q_u->num_rids2 = num_rids; q_u->num_rids2 = num_rids;
q_u->rid = rid;
for (i = 0; i < num_rids; i++)
{
q_u->rid[i] = rid[i];
}
return True; return True;
} }
@@ -3468,7 +3463,25 @@ BOOL make_samr_r_lookup_rids(SAMR_R_LOOKUP_RIDS *r_u,
r_u->ptr_types = 1; r_u->ptr_types = 1;
r_u->num_types2 = num_names; r_u->num_types2 = num_names;
SMB_ASSERT_ARRAY(r_u->hdr_name, num_names); r_u->hdr_name = malloc(num_names * sizeof(r_u->hdr_name[0]));
if (r_u->hdr_name == NULL)
{
return False;
}
r_u->uni_name = malloc(num_names * sizeof(r_u->uni_name[0]));
if (r_u->uni_name == NULL)
{
free(r_u->hdr_name);
return False;
}
r_u->type = malloc(r_u->num_types2 * sizeof(r_u->type[0]));
if (r_u->type == NULL)
{
free(r_u->hdr_name);
free(r_u->uni_name);
return False;
}
for (i = 0; i < num_names; i++) for (i = 0; i < num_names; i++)
{ {
@@ -3514,8 +3527,20 @@ BOOL samr_io_r_lookup_rids(char *desc, SAMR_R_LOOKUP_RIDS *r_u, prs_struct *ps,
if (r_u->ptr_names != 0 && r_u->num_names1 != 0) if (r_u->ptr_names != 0 && r_u->num_names1 != 0)
{ {
SMB_ASSERT_ARRAY(r_u->hdr_name, r_u->num_names2); r_u->hdr_name = Realloc(r_u->hdr_name, r_u->num_names2 *
sizeof(r_u->hdr_name[0]));
if (r_u->hdr_name == NULL)
{
return False;
}
r_u->uni_name = Realloc(r_u->uni_name, r_u->num_names2 *
sizeof(r_u->uni_name[0]));
if (r_u->uni_name == NULL)
{
free(r_u->hdr_name);
return False;
}
for (i = 0; i < r_u->num_names2; i++) for (i = 0; i < r_u->num_names2; i++)
{ {
prs_grow(ps); prs_grow(ps);
@@ -3538,6 +3563,21 @@ BOOL samr_io_r_lookup_rids(char *desc, SAMR_R_LOOKUP_RIDS *r_u, prs_struct *ps,
if (r_u->ptr_types != 0 && r_u->num_types1 != 0) if (r_u->ptr_types != 0 && r_u->num_types1 != 0)
{ {
r_u->type = Realloc(r_u->type, r_u->num_types2 *
sizeof(r_u->type[0]));
if (r_u->type == NULL)
{
if (r_u->uni_name != NULL)
{
free(r_u->uni_name);
}
if (r_u->hdr_name != NULL)
{
free(r_u->hdr_name);
}
return False;
}
for (i = 0; i < r_u->num_types2; i++) for (i = 0; i < r_u->num_types2; i++)
{ {
prs_grow(ps); prs_grow(ps);
@@ -3548,9 +3588,37 @@ BOOL samr_io_r_lookup_rids(char *desc, SAMR_R_LOOKUP_RIDS *r_u, prs_struct *ps,
prs_uint32("status", ps, depth, &(r_u->status)); prs_uint32("status", ps, depth, &(r_u->status));
if (!ps->io)
{
/* storing. don't need memory any more */
samr_free_r_lookup_rids(r_u);
}
return True; return True;
} }
/*******************************************************************
reads or writes a structure.
********************************************************************/
void samr_free_r_lookup_rids(SAMR_R_LOOKUP_RIDS *r_u)
{
if (r_u->uni_name != NULL)
{
free(r_u->uni_name);
r_u->uni_name = NULL;
}
if (r_u->hdr_name != NULL)
{
free(r_u->hdr_name);
r_u->hdr_name = NULL;
}
if (r_u->type != NULL)
{
free(r_u->type);
r_u->type = NULL;
}
}
/******************************************************************* /*******************************************************************
makes a SAMR_Q_OPEN_ALIAS structure. makes a SAMR_Q_OPEN_ALIAS structure.
********************************************************************/ ********************************************************************/

1
source/rpc_server/srv_samr.c
View File

@@ -1654,6 +1654,7 @@ static void samr_reply_lookup_rids(SAMR_Q_LOOKUP_RIDS *q_u,
DOM_SID pol_sid; DOM_SID pol_sid;
SAMR_R_LOOKUP_RIDS r_u; SAMR_R_LOOKUP_RIDS r_u;
ZERO_STRUCT(r_u);
DEBUG(5,("samr_lookup_rids: %d\n", __LINE__)); DEBUG(5,("samr_lookup_rids: %d\n", __LINE__));

9
source/rpcclient/cmd_netlogon.c
View File

@@ -36,6 +36,7 @@ extern int DEBUGLEVEL;
extern struct cli_state *smb_cli; extern struct cli_state *smb_cli;
extern FILE* out_hnd; extern FILE* out_hnd;
extern pstring global_myname;
/**************************************************************************** /****************************************************************************
@@ -93,7 +94,7 @@ void cmd_netlogon_login_test(struct client_info *info)
res = res ? cli_nt_session_open(smb_cli, PIPE_NETLOGON, &nt_pipe_fnum) : False; res = res ? cli_nt_session_open(smb_cli, PIPE_NETLOGON, &nt_pipe_fnum) : False;
res = res ? cli_nt_setup_creds(smb_cli, nt_pipe_fnum, res = res ? cli_nt_setup_creds(smb_cli, nt_pipe_fnum,
smb_cli->mach_acct, smb_cli->mach_acct, global_myname,
trust_passwd, SEC_CHAN_WKSTA) == 0x0 : False; trust_passwd, SEC_CHAN_WKSTA) == 0x0 : False;
#if 0 #if 0
@@ -165,7 +166,8 @@ void cmd_netlogon_domain_test(struct client_info *info)
res = res ? cli_nt_session_open(smb_cli, PIPE_NETLOGON, &nt_pipe_fnum) : False; res = res ? cli_nt_session_open(smb_cli, PIPE_NETLOGON, &nt_pipe_fnum) : False;
res = res ? cli_nt_setup_creds(smb_cli, nt_pipe_fnum, inter_dom_acct, res = res ? cli_nt_setup_creds(smb_cli, nt_pipe_fnum, inter_dom_acct,
trust_passwd, SEC_CHAN_DOMAIN) == 0x0 : False; trust_passwd, global_myname,
SEC_CHAN_DOMAIN) == 0x0 : False;
memset(trust_passwd, 0, 16); memset(trust_passwd, 0, 16);
@@ -193,7 +195,8 @@ void cmd_sam_sync(struct client_info *info)
return; return;
} }
if (do_sam_sync(smb_cli, trust_passwd, hdr_deltas, deltas, &num)) if (do_sam_sync(smb_cli, global_myname,
trust_passwd, hdr_deltas, deltas, &num))
{ {
display_sam_sync(out_hnd, ACTION_HEADER , hdr_deltas, deltas, num); display_sam_sync(out_hnd, ACTION_HEADER , hdr_deltas, deltas, num);
display_sam_sync(out_hnd, ACTION_ENUMERATE, hdr_deltas, deltas, num); display_sam_sync(out_hnd, ACTION_ENUMERATE, hdr_deltas, deltas, num);

2
source/rpcclient/cmd_samr.c
View File

@@ -1381,7 +1381,7 @@ int msrpc_sam_enum_users(struct client_info *info,
/* read some users */ /* read some users */
res = res ? samr_enum_dom_users(smb_cli, fnum, res = res ? samr_enum_dom_users(smb_cli, fnum,
&info->dom.samr_pol_open_domain, &info->dom.samr_pol_open_domain,
start_idx, acb_mask, unk_1, 0x8000, start_idx, acb_mask, unk_1, 0xf0000000,
&info->dom.sam, &info->dom.num_sam_entries) : False; &info->dom.sam, &info->dom.num_sam_entries) : False;
if (res && info->dom.num_sam_entries == 0) if (res && info->dom.num_sam_entries == 0)

2
source/smbd/password.c
View File

@@ -1191,7 +1191,7 @@ BOOL domain_client_validate( char *user, char *domain,
} }
if(cli_nt_setup_creds(&cli, nt_pipe_fnum, if(cli_nt_setup_creds(&cli, nt_pipe_fnum,
cli.mach_acct, trust_passwd, SEC_CHAN_WKSTA) == False) cli.mach_acct, global_myname, trust_passwd, SEC_CHAN_WKSTA) == False)
{ {
DEBUG(0,("domain_client_validate: unable to setup the PDC credentials to machine \ DEBUG(0,("domain_client_validate: unable to setup the PDC credentials to machine \
%s. Error was : %s.\n", cli.desthost, cli_errstr(&cli))); %s. Error was : %s.\n", cli.desthost, cli_errstr(&cli)));