sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-02 09:47:23 +03:00
Code

chgpasswd.c: Added comments to #ifdefs

Browse Source 
ipc.c: Caused samba password changing not to be done if UNIX password
       changing requested and not successful.
util.c: Added string_to_sid() and sid_to_string() functions.
lib/rpc/client/cli_samr.c:
lib/rpc/include/rpc_misc.h:
lib/rpc/parse/parse_lsa.c:
lib/rpc/parse/parse_misc.c:
lib/rpc/parse/parse_net.c:
lib/rpc/parse/parse_samr.c:
lib/rpc/server/srv_lsa.c:
lib/rpc/server/srv_lsa_hnd.c:
lib/rpc/server/srv_netlog.c:
lib/rpc/server/srv_samr.c:
lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs
around as char *, they are converted to DOM_SID at the earliest
opportunity, and passed around as that. Also added dynamic memory
allocation of group sids. Preparing to auto-generate machine sid.
Jeremy.
(This used to be commit 134d6fa79c1b6b9505a2c84ba9bfb91dd3be76e5)
This commit is contained in:
Jeremy Allison 1998-05-14 01:30:40 +00:00
parent 329fe21343
commit a4276507e4
17 changed files with 446 additions and 382 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
source3/include/proto.h
View File

@ -297,8 +297,8 @@ void make_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class);
void lsa_io_q_query(char *desc, LSA_Q_QUERY_INFO *q_q, prs_struct *ps, int depth);
void lsa_io_q_enum_trust_dom(char *desc, LSA_Q_ENUM_TRUST_DOM *q_e, prs_struct *ps, int depth);
void make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e,
uint32 enum_context, char *domain_name, char *domain_sid,
uint32 status);
uint32 enum_context, char *domain_name, DOM_SID *domain_sid,
uint32 status);
void lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth);
void make_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd);
void lsa_io_q_close(char *desc, LSA_Q_CLOSE *q_c, prs_struct *ps, int depth);
@ -320,9 +320,8 @@ void smb_io_lookup_level(char *desc, LOOKUP_LEVEL *level, prs_struct *ps, int de
uint32 get_enum_hnd(ENUM_HND *enh);
void make_enum_hnd(ENUM_HND *enh, uint32 hnd);
void smb_io_enum_hnd(char *desc, ENUM_HND *hnd, prs_struct *ps, int depth);
void make_dom_sid(DOM_SID *sid, char *str_sid);
void smb_io_dom_sid(char *desc, DOM_SID *sid, prs_struct *ps, int depth);
void make_dom_sid2(DOM_SID2 *sid, char *str_sid);
void make_dom_sid2(DOM_SID2 *sid2, DOM_SID *sid);
void smb_io_dom_sid2(char *desc, DOM_SID2 *sid, prs_struct *ps, int depth);
void make_str_hdr(STRHDR *hdr, int max_len, int len, uint32 buffer);
void smb_io_strhdr(char *desc, STRHDR *hdr, prs_struct *ps, int depth);
@ -459,7 +458,7 @@ void make_net_user_info3(NET_USER_INFO_3 *usr,
char *logon_srv,
char *logon_dom,
char *dom_sid,
DOM_SID *dom_sid,
char *other_sids);
void net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, int depth);
void net_io_q_sam_logon(char *desc, NET_Q_SAM_LOGON *q_l, prs_struct *ps, int depth);
@ -562,7 +561,7 @@ void make_samr_q_close_hnd(SAMR_Q_CLOSE_HND *q_c, POLICY_HND *hnd);
void samr_io_q_close_hnd(char *desc, SAMR_Q_CLOSE_HND *q_u, prs_struct *ps, int depth);
void samr_io_r_close_hnd(char *desc, SAMR_R_CLOSE_HND *r_u, prs_struct *ps, int depth);
void make_samr_q_open_domain(SAMR_Q_OPEN_DOMAIN *q_u,
POLICY_HND *connect_pol, uint32 rid, char *sid);
POLICY_HND *connect_pol, uint32 rid, DOM_SID *sid);
void samr_io_q_open_domain(char *desc, SAMR_Q_OPEN_DOMAIN *q_u, prs_struct *ps, int depth);
void samr_io_r_open_domain(char *desc, SAMR_R_OPEN_DOMAIN *r_u, prs_struct *ps, int depth);
void make_samr_q_unknown_8(SAMR_Q_UNKNOWN_8 *q_u,
@ -571,7 +570,7 @@ void samr_io_q_unknown_8(char *desc, SAMR_Q_UNKNOWN_8 *q_u, prs_struct *ps, int
void make_samr_q_unknown_3(SAMR_Q_UNKNOWN_3 *q_u,
POLICY_HND *user_pol, uint16 switch_value);
void samr_io_q_unknown_3(char *desc, SAMR_Q_UNKNOWN_3 *q_u, prs_struct *ps, int depth);
void make_dom_sid3(DOM_SID3 *sid3, uint16 unk_0, uint16 unk_1, char *sid);
void make_dom_sid3(DOM_SID3 *sid3, uint16 unk_0, uint16 unk_1, char *sidstr);
void sam_io_dom_sid3(char *desc, DOM_SID3 *sid3, prs_struct *ps, int depth);
void make_sam_sid_stuff(SAM_SID_STUFF *stf,
uint16 unknown_2, uint16 unknown_3,
@ -909,7 +908,7 @@ BOOL api_srvsvc_rpc(pipes_struct *p, prs_struct *data);
/*The following definitions come from lib/rpc/server/srv_util.c */
int make_dom_gids(char *gids_str, DOM_GID *gids);
int make_dom_gids(char *gids_str, DOM_GID **ppgids);
BOOL create_rpc_reply(pipes_struct *p,
uint32 data_start, uint32 data_end);
BOOL api_rpcTNP(pipes_struct *p, char *rpc_name, struct api_struct *api_rpc_cmds,
@ -2043,8 +2042,6 @@ int struni2(uint16 *p, char *buf);
char *unistr(char *buf);
int unistrncpy(char *dst, char *src, int len);
int unistrcpy(char *dst, char *src);
void fstrcpy(char *dest, char *src);
void fstrcat(char *dest, char *src);
char *safe_strcpy(char *dest, char *src, int maxlength);
char *safe_strcat(char *dest, char *src, int maxlength);
char *align4(char *q, char *base);
@ -2053,7 +2050,8 @@ char *align_offset(char *q, char *base, int align_offset_len);
void print_asc(int level, unsigned char *buf,int len);
void dump_data(int level,char *buf1,int len);
char *tab_depth(int depth);
char *dom_sid_to_string(DOM_SID *sid);
char *sid_to_string(pstring sidstr_out, DOM_SID *sid);
BOOL string_to_sid(DOM_SID *sidout, char *sidstr);
/*The following definitions come from web/cgi.c */

4
source3/include/rpc_misc.h
View File

@ -85,6 +85,10 @@ typedef struct sid_info
uint8 sid_rev_num; /* SID revision number */
uint8 num_auths; /* number of sub-authorities */
uint8 id_auth[6]; /* Identifier Authority */
/*
* Note that the values in these uint32's are in *native* byteorder,
* not neccessarily little-endian...... JRA.
*/
uint32 sub_auths[MAXSUBAUTHS]; /* pointer to sub-authorities. */
} DOM_SID;

72
source3/lib/util.c
View File

@ -4943,29 +4943,85 @@ char *tab_depth(int depth)
}
/*****************************************************************
Convert a domain SID to an ascii string. (non-reentrant).
Convert a SID to an ascii string.
*****************************************************************/
/* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
char *dom_sid_to_string(DOM_SID *sid)
char *sid_to_string(pstring sidstr_out, DOM_SID *sid)
{
static pstring sidstr;
char subauth[16];
int i;
/* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
uint32 ia = (sid->id_auth[5]) +
(sid->id_auth[4] << 8 ) +
(sid->id_auth[3] << 16) +
(sid->id_auth[2] << 24);
slprintf(sidstr, sizeof(sidstr) - 1, "S-%d-%d", sid->sid_rev_num, ia);
slprintf(sidstr_out, sizeof(pstring) - 1, "S-%d-%d", sid->sid_rev_num, ia);
for (i = 0; i < sid->num_auths; i++)
{
slprintf(subauth, sizeof(subauth)-1, "-%d", sid->sub_auths[i]);
pstrcat(sidstr, subauth);
pstrcat(sidstr_out, subauth);
}
DEBUG(7,("dom_sid_to_string returning %s\n", sidstr));
return sidstr;
DEBUG(7,("sid_to_string returning %s\n", sidstr_out));
return sidstr_out;
}
/*****************************************************************
Convert a string to a SID. Returns True on success, False on fail.
*****************************************************************/
BOOL string_to_sid(DOM_SID *sidout, char *sidstr)
{
pstring tok;
char *p = sidstr;
/* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
uint32 ia;
memset((char *)sidout, '\0', sizeof(DOM_SID));
if(StrnCaseCmp( sidstr, "S-", 2)) {
DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n", sidstr));
return False;
}
p += 2;
if(!next_token(&p, tok, "-")) {
DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
return False;
}
/* Get the revision number. */
sidout->sid_rev_num = atoi(tok);
if(!next_token(&p, tok, "-")) {
DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
return False;
}
/* identauth in decimal should be < 2^32 */
ia = atoi(tok);
/* NOTE - the ia value is in big-endian format. */
sidout->id_auth[0] = 0;
sidout->id_auth[1] = 0;
sidout->id_auth[2] = (ia & 0xff000000) >> 24;
sidout->id_auth[3] = (ia & 0x00ff0000) >> 16;
sidout->id_auth[4] = (ia & 0x0000ff00) >> 8;
sidout->id_auth[5] = (ia & 0x000000ff);
sidout->num_auths = 0;
while(next_token(&p, tok, "-") && sidout->num_auths < MAXSUBAUTHS) {
/*
* NOTE - the subauths are in native machine-endian format. They
* are converted to little-endian when linearized onto the wire.
*/
sidout->sub_auths[sidout->num_auths++] = atoi(tok);
}
DEBUG(7,("string_to_sid: converted SID %s ok\n", sidstr));
return True;
}

29
source3/lib/util_hnd.c
View File

@ -206,22 +206,23 @@ BOOL set_lsa_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status)
****************************************************************************/
BOOL set_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid)
{
int pnum = find_lsa_policy_by_hnd(hnd);
pstring sidstr;
int pnum = find_lsa_policy_by_hnd(hnd);
if (OPEN_POL(pnum))
{
DEBUG(3,("%s Setting policy sid=%s pnum=%x\n",
timestring(), dom_sid_to_string(sid), pnum));
if (OPEN_POL(pnum))
{
DEBUG(3,("%s Setting policy sid=%s pnum=%x\n",
timestring(), sid_to_string(sidstr, sid), pnum));
memcpy(&(Policy[pnum].dev.samr.sid), sid, sizeof(*sid));
return True;
}
else
{
DEBUG(3,("%s Error setting policy sid=%s (pnum=%x)\n",
timestring(), dom_sid_to_string(sid), pnum));
return False;
}
memcpy(&(Policy[pnum].dev.samr.sid), sid, sizeof(*sid));
return True;
}
else
{
DEBUG(3,("%s Error setting policy sid=%s (pnum=%x)\n",
timestring(), sid_to_string(sidstr, sid), pnum));
return False;
}
}
/****************************************************************************

75
source3/lsarpcd/srv_lsa.c
View File

@ -6,7 +6,8 @@
* Copyright (C) Andrew Tridgell 1992-1997,
* Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
* Copyright (C) Paul Ashton 1997.
*
* Copyright (C) Jeremy Allison 1998.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
@ -52,7 +53,7 @@ static void lsa_reply_open_policy(prs_struct *rdata)
/***************************************************************************
make_dom_query
***************************************************************************/
static void make_dom_query(DOM_QUERY *d_q, char *dom_name, char *dom_sid)
static void make_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
{
int domlen = strlen(dom_name);
@ -73,7 +74,7 @@ lsa_reply_query_info
***************************************************************************/
static void lsa_reply_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
prs_struct *rdata,
uint32 enum_context, char *dom_name, char *dom_sid)
uint32 enum_context, char *dom_name, DOM_SID *dom_sid)
{
LSA_R_ENUM_TRUST_DOM r_e;
@ -89,7 +90,7 @@ static void lsa_reply_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
lsa_reply_query_info
***************************************************************************/
static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata,
char *dom_name, char *dom_sid)
char *dom_name, DOM_SID *dom_sid)
{
LSA_R_QUERY_INFO r_q;
@ -112,14 +113,10 @@ make_dom_ref
pretty much hard-coded choice of "other" sids, unfortunately...
***************************************************************************/
static void make_dom_ref(DOM_R_REF *ref,
char *dom_name, char *dom_sid,
char *other_sid1, char *other_sid2, char *other_sid3)
static void make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid,
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
{
int len_dom_name = strlen(dom_name);
int len_other_sid1 = strlen(other_sid1);
int len_other_sid2 = strlen(other_sid2);
int len_other_sid3 = strlen(other_sid3);
ref->undoc_buffer = 1;
ref->num_ref_doms_1 = 4;
@ -128,9 +125,9 @@ static void make_dom_ref(DOM_R_REF *ref,
ref->num_ref_doms_2 = 4;
make_uni_hdr2(&(ref->hdr_dom_name ), len_dom_name , len_dom_name , 0);
make_uni_hdr2(&(ref->hdr_ref_dom[0]), len_other_sid1, len_other_sid1, 0);
make_uni_hdr2(&(ref->hdr_ref_dom[1]), len_other_sid2, len_other_sid2, 0);
make_uni_hdr2(&(ref->hdr_ref_dom[2]), len_other_sid3, len_other_sid3, 0);
make_uni_hdr2(&(ref->hdr_ref_dom[0]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
make_uni_hdr2(&(ref->hdr_ref_dom[1]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
make_uni_hdr2(&(ref->hdr_ref_dom[2]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
if (dom_name != NULL)
{
@ -148,8 +145,8 @@ make_reply_lookup_rids
***************************************************************************/
static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
char *dom_name, char *dom_sid,
char *other_sid1, char *other_sid2, char *other_sid3)
char *dom_name, DOM_SID *dom_sid,
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
{
int i;
@ -232,8 +229,8 @@ lsa_reply_lookup_sids
***************************************************************************/
static void lsa_reply_lookup_sids(prs_struct *rdata,
int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
char *dom_name, char *dom_sid,
char *other_sid1, char *other_sid2, char *other_sid3)
char *dom_name, DOM_SID *dom_sid,
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
{
LSA_R_LOOKUP_SIDS r_l;
DOM_R_REF ref;
@ -254,8 +251,8 @@ lsa_reply_lookup_rids
***************************************************************************/
static void lsa_reply_lookup_rids(prs_struct *rdata,
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
char *dom_name, char *dom_sid,
char *other_sid1, char *other_sid2, char *other_sid3)
char *dom_name, DOM_SID *dom_sid,
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
{
LSA_R_LOOKUP_RIDS r_l;
@ -309,16 +306,16 @@ static void api_lsa_query_info( int uid, prs_struct *data,
{
LSA_Q_QUERY_INFO q_i;
pstring dom_name;
pstring dom_sid;
DOM_SID dom_sid;
/* grab the info class and policy handle */
lsa_io_q_query("", &q_i, data, 0);
pstrcpy(dom_name, lp_workgroup());
pstrcpy(dom_sid , lp_domain_sid());
string_to_sid(&dom_sid, lp_domain_sid());
/* construct reply. return status is always 0x0 */
lsa_reply_query_info(&q_i, rdata, dom_name, dom_sid);
lsa_reply_query_info(&q_i, rdata, dom_name, &dom_sid);
}
/***************************************************************************
@ -329,19 +326,26 @@ static void api_lsa_lookup_sids( int uid, prs_struct *data,
{
LSA_Q_LOOKUP_SIDS q_l;
pstring dom_name;
pstring dom_sid;
DOM_SID dom_sid;
DOM_SID sid_S_1_1;
DOM_SID sid_S_1_3;
DOM_SID sid_S_1_5;
/* grab the info class and policy handle */
lsa_io_q_lookup_sids("", &q_l, data, 0);
pstrcpy(dom_name, lp_workgroup());
pstrcpy(dom_sid , lp_domain_sid());
string_to_sid(&dom_sid , lp_domain_sid());
string_to_sid(&sid_S_1_1, "S-1-1");
string_to_sid(&sid_S_1_3, "S-1-3");
string_to_sid(&sid_S_1_5, "S-1-5");
/* construct reply. return status is always 0x0 */
lsa_reply_lookup_sids(rdata,
q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
dom_name, dom_sid, /* domain name, domain SID */
"S-1-1", "S-1-3", "S-1-5"); /* the three other SIDs */
q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
dom_name, &dom_sid, /* domain name, domain SID */
&sid_S_1_1, &sid_S_1_3, &sid_S_1_5); /* the three other SIDs */
}
/***************************************************************************
@ -353,7 +357,10 @@ static void api_lsa_lookup_names( int uid, prs_struct *data,
int i;
LSA_Q_LOOKUP_RIDS q_l;
pstring dom_name;
pstring dom_sid;
DOM_SID dom_sid;
DOM_SID sid_S_1_1;
DOM_SID sid_S_1_3;
DOM_SID sid_S_1_5;
uint32 dom_rids[MAX_LOOKUP_SIDS];
uint32 dummy_g_rid;
@ -361,7 +368,11 @@ static void api_lsa_lookup_names( int uid, prs_struct *data,
lsa_io_q_lookup_rids("", &q_l, data, 0);
pstrcpy(dom_name, lp_workgroup());
pstrcpy(dom_sid , lp_domain_sid());
string_to_sid(&dom_sid , lp_domain_sid());
string_to_sid(&sid_S_1_1, "S-1-1");
string_to_sid(&sid_S_1_3, "S-1-3");
string_to_sid(&sid_S_1_5, "S-1-5");
/* convert received RIDs to strings, so we can do them. */
for (i = 0; i < q_l.num_entries; i++)
@ -376,9 +387,9 @@ static void api_lsa_lookup_names( int uid, prs_struct *data,
/* construct reply. return status is always 0x0 */
lsa_reply_lookup_rids(rdata,
q_l.num_entries, dom_rids, /* text-converted SIDs */
dom_name, dom_sid, /* domain name, domain SID */
"S-1-1", "S-1-3", "S-1-5"); /* the three other SIDs */
q_l.num_entries, dom_rids, /* text-converted SIDs */
dom_name, &dom_sid, /* domain name, domain SID */
&sid_S_1_1, &sid_S_1_3, &sid_S_1_5); /* the three other SIDs */
}
/***************************************************************************

2
source3/rpc_client/cli_samr.c
View File

@ -362,7 +362,7 @@ BOOL do_samr_open_user(struct cli_state *cli, int t_idx, uint16 fnum,
do a SAMR Open Domain
****************************************************************************/
BOOL do_samr_open_domain(struct cli_state *cli, int t_idx, uint16 fnum,
POLICY_HND *connect_pol, uint32 rid, char *sid,
POLICY_HND *connect_pol, uint32 rid, DOM_SID *sid,
POLICY_HND *domain_pol)
{
prs_struct data;

4
source3/rpc_parse/parse_lsa.c
View File

@ -247,8 +247,8 @@ void lsa_io_q_enum_trust_dom(char *desc, LSA_Q_ENUM_TRUST_DOM *q_e, prs_struct
makes an LSA_R_ENUM_TRUST_DOM structure.
********************************************************************/
void make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e,
uint32 enum_context, char *domain_name, char *domain_sid,
uint32 status)
uint32 enum_context, char *domain_name, DOM_SID *domain_sid,
uint32 status)
{
if (r_e == NULL) return;

61
source3/rpc_parse/parse_misc.c
View File

@ -115,61 +115,6 @@ void smb_io_enum_hnd(char *desc, ENUM_HND *hnd, prs_struct *ps, int depth)
}
}
/*******************************************************************
creates a DOM_SID structure.
BIG NOTE: this function only does SIDS where the identauth is not >= 2^32
identauth >= 2^32 can be detected because it will be specified in hex
********************************************************************/
void make_dom_sid(DOM_SID *sid, char *str_sid)
{
pstring domsid;
int identauth;
char *p;
if (sid == NULL) return;
if (domsid == NULL)
{
DEBUG(4,("netlogon domain SID: none\n"));
sid->sid_rev_num = 0;
sid->num_auths = 0;
return;
}
pstrcpy(domsid, str_sid);
DEBUG(4,("make_dom_sid %d SID: %s\n", __LINE__, domsid));
/* assume, but should check, that domsid starts "S-" */
p = strtok(domsid+2,"-");
sid->sid_rev_num = atoi(p);
/* identauth in decimal should be < 2^32 */
/* identauth in hex should be >= 2^32 */
identauth = atoi(strtok(0,"-"));
DEBUG(4,("netlogon rev %d\n", sid->sid_rev_num));
DEBUG(4,("netlogon %s ia %d\n", p, identauth));
sid->id_auth[0] = 0;
sid->id_auth[1] = 0;
sid->id_auth[2] = (identauth & 0xff000000) >> 24;
sid->id_auth[3] = (identauth & 0x00ff0000) >> 16;
sid->id_auth[4] = (identauth & 0x0000ff00) >> 8;
sid->id_auth[5] = (identauth & 0x000000ff);
sid->num_auths = 0;
while ((p = strtok(0, "-")) != NULL && sid->num_auths < MAXSUBAUTHS)
{
sid->sub_auths[sid->num_auths++] = atoi(p);
}
DEBUG(4,("make_dom_sid: %d SID: %s\n", __LINE__, domsid));
}
/*******************************************************************
reads or writes a DOM_SID structure.
********************************************************************/
@ -203,10 +148,10 @@ void smb_io_dom_sid(char *desc, DOM_SID *sid, prs_struct *ps, int depth)
/*******************************************************************
creates a DOM_SID2 structure.
********************************************************************/
void make_dom_sid2(DOM_SID2 *sid, char *str_sid)
void make_dom_sid2(DOM_SID2 *sid2, DOM_SID *sid)
{
make_dom_sid(&(sid->sid), str_sid);
sid->num_auths = sid->sid.num_auths;
sid2->sid = *sid;
sid2->num_auths = sid2->sid.num_auths;
}
/*******************************************************************

6
source3/rpc_parse/parse_net.c
View File

@ -560,7 +560,9 @@ static int make_dom_sid2s(char *sids_str, DOM_SID2 *sids, int max_sids)
for (count = 0, ptr = sids_str; next_token(&ptr, s2, NULL) && count < max_sids; count++)
{
make_dom_sid2(&sids[count], s2);
DOM_SID tmpsid;
string_to_sid(&tmpsid, s2);
make_dom_sid2(&sids[count], &tmpsid);
}
return count;
@ -908,7 +910,7 @@ void make_net_user_info3(NET_USER_INFO_3 *usr,
char *logon_srv,
char *logon_dom,
char *dom_sid,
DOM_SID *dom_sid,
char *other_sids)
{
/* only cope with one "other" sid, right now. */

6
source3/rpc_parse/parse_samr.c
View File

@ -78,7 +78,7 @@ void samr_io_r_close_hnd(char *desc, SAMR_R_CLOSE_HND *r_u, prs_struct *ps, int
reads or writes a structure.
********************************************************************/
void make_samr_q_open_domain(SAMR_Q_OPEN_DOMAIN *q_u,
POLICY_HND *connect_pol, uint32 rid, char *sid)
POLICY_HND *connect_pol, uint32 rid, DOM_SID *sid)
{
if (q_u == NULL) return;
@ -204,11 +204,11 @@ void samr_io_q_unknown_3(char *desc, SAMR_Q_UNKNOWN_3 *q_u, prs_struct *ps, int
calculate length by adding up the size of the components.
********************************************************************/
void make_dom_sid3(DOM_SID3 *sid3, uint16 unk_0, uint16 unk_1, char *sid)
void make_dom_sid3(DOM_SID3 *sid3, uint16 unk_0, uint16 unk_1, char *sidstr)
{
if (sid3 == NULL) return;
make_dom_sid(&(sid3->sid), sid);
string_to_sid(&(sid3->sid), sidstr);
sid3->len = 2 + 8 + sid3->sid.num_auths * 4;
}

75
source3/rpc_server/srv_lsa.c
View File

@ -6,7 +6,8 @@
* Copyright (C) Andrew Tridgell 1992-1997,
* Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
* Copyright (C) Paul Ashton 1997.
*
* Copyright (C) Jeremy Allison 1998.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
@ -52,7 +53,7 @@ static void lsa_reply_open_policy(prs_struct *rdata)
/***************************************************************************
make_dom_query
***************************************************************************/
static void make_dom_query(DOM_QUERY *d_q, char *dom_name, char *dom_sid)
static void make_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
{
int domlen = strlen(dom_name);
@ -73,7 +74,7 @@ lsa_reply_query_info
***************************************************************************/
static void lsa_reply_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
prs_struct *rdata,
uint32 enum_context, char *dom_name, char *dom_sid)
uint32 enum_context, char *dom_name, DOM_SID *dom_sid)
{
LSA_R_ENUM_TRUST_DOM r_e;
@ -89,7 +90,7 @@ static void lsa_reply_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
lsa_reply_query_info
***************************************************************************/
static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata,
char *dom_name, char *dom_sid)
char *dom_name, DOM_SID *dom_sid)
{
LSA_R_QUERY_INFO r_q;
@ -112,14 +113,10 @@ make_dom_ref
pretty much hard-coded choice of "other" sids, unfortunately...
***************************************************************************/
static void make_dom_ref(DOM_R_REF *ref,
char *dom_name, char *dom_sid,
char *other_sid1, char *other_sid2, char *other_sid3)
static void make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid,
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
{
int len_dom_name = strlen(dom_name);
int len_other_sid1 = strlen(other_sid1);
int len_other_sid2 = strlen(other_sid2);
int len_other_sid3 = strlen(other_sid3);
ref->undoc_buffer = 1;
ref->num_ref_doms_1 = 4;
@ -128,9 +125,9 @@ static void make_dom_ref(DOM_R_REF *ref,
ref->num_ref_doms_2 = 4;
make_uni_hdr2(&(ref->hdr_dom_name ), len_dom_name , len_dom_name , 0);
make_uni_hdr2(&(ref->hdr_ref_dom[0]), len_other_sid1, len_other_sid1, 0);
make_uni_hdr2(&(ref->hdr_ref_dom[1]), len_other_sid2, len_other_sid2, 0);
make_uni_hdr2(&(ref->hdr_ref_dom[2]), len_other_sid3, len_other_sid3, 0);
make_uni_hdr2(&(ref->hdr_ref_dom[0]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
make_uni_hdr2(&(ref->hdr_ref_dom[1]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
make_uni_hdr2(&(ref->hdr_ref_dom[2]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
if (dom_name != NULL)
{
@ -148,8 +145,8 @@ make_reply_lookup_rids
***************************************************************************/
static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
char *dom_name, char *dom_sid,
char *other_sid1, char *other_sid2, char *other_sid3)
char *dom_name, DOM_SID *dom_sid,
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
{
int i;
@ -232,8 +229,8 @@ lsa_reply_lookup_sids
***************************************************************************/
static void lsa_reply_lookup_sids(prs_struct *rdata,
int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
char *dom_name, char *dom_sid,
char *other_sid1, char *other_sid2, char *other_sid3)
char *dom_name, DOM_SID *dom_sid,
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
{
LSA_R_LOOKUP_SIDS r_l;
DOM_R_REF ref;
@ -254,8 +251,8 @@ lsa_reply_lookup_rids
***************************************************************************/
static void lsa_reply_lookup_rids(prs_struct *rdata,
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
char *dom_name, char *dom_sid,
char *other_sid1, char *other_sid2, char *other_sid3)
char *dom_name, DOM_SID *dom_sid,
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
{
LSA_R_LOOKUP_RIDS r_l;
@ -309,16 +306,16 @@ static void api_lsa_query_info( int uid, prs_struct *data,
{
LSA_Q_QUERY_INFO q_i;
pstring dom_name;
pstring dom_sid;
DOM_SID dom_sid;
/* grab the info class and policy handle */
lsa_io_q_query("", &q_i, data, 0);
pstrcpy(dom_name, lp_workgroup());
pstrcpy(dom_sid , lp_domain_sid());
string_to_sid(&dom_sid, lp_domain_sid());
/* construct reply. return status is always 0x0 */
lsa_reply_query_info(&q_i, rdata, dom_name, dom_sid);
lsa_reply_query_info(&q_i, rdata, dom_name, &dom_sid);
}
/***************************************************************************
@ -329,19 +326,26 @@ static void api_lsa_lookup_sids( int uid, prs_struct *data,
{
LSA_Q_LOOKUP_SIDS q_l;
pstring dom_name;
pstring dom_sid;
DOM_SID dom_sid;
DOM_SID sid_S_1_1;
DOM_SID sid_S_1_3;
DOM_SID sid_S_1_5;
/* grab the info class and policy handle */
lsa_io_q_lookup_sids("", &q_l, data, 0);
pstrcpy(dom_name, lp_workgroup());
pstrcpy(dom_sid , lp_domain_sid());
string_to_sid(&dom_sid , lp_domain_sid());
string_to_sid(&sid_S_1_1, "S-1-1");
string_to_sid(&sid_S_1_3, "S-1-3");
string_to_sid(&sid_S_1_5, "S-1-5");
/* construct reply. return status is always 0x0 */
lsa_reply_lookup_sids(rdata,
q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
dom_name, dom_sid, /* domain name, domain SID */
"S-1-1", "S-1-3", "S-1-5"); /* the three other SIDs */
q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
dom_name, &dom_sid, /* domain name, domain SID */
&sid_S_1_1, &sid_S_1_3, &sid_S_1_5); /* the three other SIDs */
}
/***************************************************************************
@ -353,7 +357,10 @@ static void api_lsa_lookup_names( int uid, prs_struct *data,
int i;
LSA_Q_LOOKUP_RIDS q_l;
pstring dom_name;
pstring dom_sid;
DOM_SID dom_sid;
DOM_SID sid_S_1_1;
DOM_SID sid_S_1_3;
DOM_SID sid_S_1_5;
uint32 dom_rids[MAX_LOOKUP_SIDS];
uint32 dummy_g_rid;
@ -361,7 +368,11 @@ static void api_lsa_lookup_names( int uid, prs_struct *data,
lsa_io_q_lookup_rids("", &q_l, data, 0);
pstrcpy(dom_name, lp_workgroup());
pstrcpy(dom_sid , lp_domain_sid());
string_to_sid(&dom_sid , lp_domain_sid());
string_to_sid(&sid_S_1_1, "S-1-1");
string_to_sid(&sid_S_1_3, "S-1-3");
string_to_sid(&sid_S_1_5, "S-1-5");
/* convert received RIDs to strings, so we can do them. */
for (i = 0; i < q_l.num_entries; i++)
@ -376,9 +387,9 @@ static void api_lsa_lookup_names( int uid, prs_struct *data,
/* construct reply. return status is always 0x0 */
lsa_reply_lookup_rids(rdata,
q_l.num_entries, dom_rids, /* text-converted SIDs */
dom_name, dom_sid, /* domain name, domain SID */
"S-1-1", "S-1-3", "S-1-5"); /* the three other SIDs */
q_l.num_entries, dom_rids, /* text-converted SIDs */
dom_name, &dom_sid, /* domain name, domain SID */
&sid_S_1_1, &sid_S_1_3, &sid_S_1_5); /* the three other SIDs */
}
/***************************************************************************

29
source3/rpc_server/srv_lsa_hnd.c
View File

@ -206,22 +206,23 @@ BOOL set_lsa_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status)
****************************************************************************/
BOOL set_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid)
{
int pnum = find_lsa_policy_by_hnd(hnd);
pstring sidstr;
int pnum = find_lsa_policy_by_hnd(hnd);
if (OPEN_POL(pnum))
{
DEBUG(3,("%s Setting policy sid=%s pnum=%x\n",
timestring(), dom_sid_to_string(sid), pnum));
if (OPEN_POL(pnum))
{
DEBUG(3,("%s Setting policy sid=%s pnum=%x\n",
timestring(), sid_to_string(sidstr, sid), pnum));
memcpy(&(Policy[pnum].dev.samr.sid), sid, sizeof(*sid));
return True;
}
else
{
DEBUG(3,("%s Error setting policy sid=%s (pnum=%x)\n",
timestring(), dom_sid_to_string(sid), pnum));
return False;
}
memcpy(&(Policy[pnum].dev.samr.sid), sid, sizeof(*sid));
return True;
}
else
{
DEBUG(3,("%s Error setting policy sid=%s (pnum=%x)\n",
timestring(), sid_to_string(sidstr, sid), pnum));
return False;
}
}
/****************************************************************************

330
source3/rpc_server/srv_netlog.c
View File

@ -6,7 +6,8 @@
* Copyright (C) Andrew Tridgell 1992-1997,
* Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
* Copyright (C) Paul Ashton 1997.
*
* Copyright (C) Jeremy Allison 1998.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
@ -563,200 +564,213 @@ static void api_net_sam_logon( int uid,
prs_struct *data,
prs_struct *rdata)
{
NET_Q_SAM_LOGON q_l;
NET_ID_INFO_CTR ctr;
NET_USER_INFO_3 usr_info;
uint32 status = 0x0;
DOM_CRED srv_cred;
struct smb_passwd *smb_pass = NULL;
UNISTR2 *uni_samlogon_user = NULL;
NET_Q_SAM_LOGON q_l;
NET_ID_INFO_CTR ctr;
NET_USER_INFO_3 usr_info;
uint32 status = 0x0;
DOM_CRED srv_cred;
struct smb_passwd *smb_pass = NULL;
UNISTR2 *uni_samlogon_user = NULL;
user_struct *vuser = NULL;
user_struct *vuser = NULL;
if ((vuser = get_valid_user_struct(uid)) == NULL) return;
if ((vuser = get_valid_user_struct(uid)) == NULL)
return;
q_l.sam_id.ctr = &ctr;
q_l.sam_id.ctr = &ctr;
net_io_q_sam_logon("", &q_l, data, 0);
net_io_q_sam_logon("", &q_l, data, 0);
/* checks and updates credentials. creates reply credentials */
if (!deal_with_creds(vuser->dc.sess_key, &(vuser->dc.clnt_cred),
&(q_l.sam_id.client.cred), &srv_cred))
{
status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
}
else
{
memcpy(&(vuser->dc.srv_cred), &(vuser->dc.clnt_cred), sizeof(vuser->dc.clnt_cred));
}
/* checks and updates credentials. creates reply credentials */
if (!deal_with_creds(vuser->dc.sess_key, &(vuser->dc.clnt_cred),
&(q_l.sam_id.client.cred), &srv_cred))
{
status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
}
else
{
memcpy(&(vuser->dc.srv_cred), &(vuser->dc.clnt_cred), sizeof(vuser->dc.clnt_cred));
}
/* find the username */
/* find the username */
if (status == 0x0)
{
switch (q_l.sam_id.logon_level)
{
case 1:
{
uni_samlogon_user = &(q_l.sam_id.ctr->auth.id1.uni_user_name);
if (status == 0)
{
switch (q_l.sam_id.logon_level)
{
case INTERACTIVE_LOGON_TYPE:
{
uni_samlogon_user = &(q_l.sam_id.ctr->auth.id1.uni_user_name);
DEBUG(3,("SAM Logon (Interactive). Domain:[%s]. ",
lp_workgroup()));
break;
}
case 2:
{
uni_samlogon_user = &(q_l.sam_id.ctr->auth.id2.uni_user_name);
DEBUG(3,("SAM Logon (Interactive). Domain:[%s]. ", lp_workgroup()));
break;
}
case NET_LOGON_TYPE:
{
uni_samlogon_user = &(q_l.sam_id.ctr->auth.id2.uni_user_name);
DEBUG(3,("SAM Logon (Network). Domain:[%s]. ",
lp_workgroup()));
break;
}
default:
{
DEBUG(2,("SAM Logon: unsupported switch value\n"));
status = 0xC0000000 | NT_STATUS_INVALID_INFO_CLASS;
break;
}
}
}
DEBUG(3,("SAM Logon (Network). Domain:[%s]. ", lp_workgroup()));
break;
}
default:
{
DEBUG(2,("SAM Logon: unsupported switch value\n"));
status = 0xC0000000 | NT_STATUS_INVALID_INFO_CLASS;
break;
}
} /* end switch */
} /* end if status == 0 */
/* check username exists */
/* check username exists */
if (status == 0x0)
{
pstrcpy(samlogon_user, unistrn2(uni_samlogon_user->buffer,
uni_samlogon_user->uni_str_len));
if (status == 0)
{
pstrcpy(samlogon_user, unistrn2(uni_samlogon_user->buffer,
uni_samlogon_user->uni_str_len));
DEBUG(3,("User:[%s]\n", samlogon_user));
DEBUG(3,("User:[%s]\n", samlogon_user));
become_root(True);
smb_pass = getsampwnam(samlogon_user);
unbecome_root(True);
become_root(True);
smb_pass = getsampwnam(samlogon_user);
unbecome_root(True);
if (smb_pass == NULL)
{
status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
}
}
if (smb_pass == NULL)
{
status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
}
}
/* validate password. */
/* validate password. */
if (status == 0x0)
{
switch (q_l.sam_id.logon_level)
{
case 1:
{
/* interactive login. */
status = net_login_interactive(&q_l.sam_id.ctr->auth.id1,
smb_pass, vuser);
break;
}
case 2:
{
/* network login. lm challenge and 24 byte responses */
status = net_login_network(&q_l.sam_id.ctr->auth.id2,
smb_pass, vuser);
break;
}
}
}
if (status == 0)
{
switch (q_l.sam_id.logon_level)
{
case INTERACTIVE_LOGON_TYPE:
{
/* interactive login. */
status = net_login_interactive(&q_l.sam_id.ctr->auth.id1, smb_pass, vuser);
break;
}
case NET_LOGON_TYPE:
{
/* network login. lm challenge and 24 byte responses */
status = net_login_network(&q_l.sam_id.ctr->auth.id2, smb_pass, vuser);
break;
}
}
}
/* lkclXXXX this is the point at which, if the login was
successful, that the SAM Local Security Authority should
record that the user is logged in to the domain.
*/
/* lkclXXXX this is the point at which, if the login was
successful, that the SAM Local Security Authority should
record that the user is logged in to the domain.
*/
/* return the profile plus other bits :-) */
/* return the profile plus other bits :-) */
if (status == 0x0)
{
DOM_GID gids[LSA_MAX_GROUPS];
int num_gids = 0;
NTTIME dummy_time;
pstring logon_script;
pstring profile_path;
pstring home_dir;
pstring home_drive;
pstring my_name;
pstring my_workgroup;
pstring domain_groups;
pstring dom_sid;
pstring other_sids;
uint32 r_uid;
uint32 r_gid;
if (status == 0)
{
DOM_GID *gids = NULL;
int num_gids = 0;
NTTIME dummy_time;
pstring logon_script;
pstring profile_path;
pstring home_dir;
pstring home_drive;
pstring my_name;
pstring my_workgroup;
pstring domain_groups;
DOM_SID dom_sid;
char *other_sids;
uint32 r_uid;
uint32 r_gid;
/* set up pointer indicating user/password failed to be found */
usr_info.ptr_user_info = 0;
/* set up pointer indicating user/password failed to be found */
usr_info.ptr_user_info = 0;
dummy_time.low = 0xffffffff;
dummy_time.high = 0x7fffffff;
dummy_time.low = 0xffffffff;
dummy_time.high = 0x7fffffff;
/* XXXX hack to get standard_sub_basic() to use sam logon username */
/* possibly a better way would be to do a become_user() call */
sam_logon_in_ssb = True;
/* XXXX hack to get standard_sub_basic() to use sam logon username */
/* possibly a better way would be to do a become_user() call */
sam_logon_in_ssb = True;
pstrcpy(logon_script, lp_logon_script ());
pstrcpy(profile_path, lp_logon_path ());
pstrcpy(dom_sid , lp_domain_sid ());
pstrcpy(other_sids , lp_domain_other_sids());
pstrcpy(my_workgroup, lp_workgroup ());
pstrcpy(logon_script, lp_logon_script());
pstrcpy(profile_path, lp_logon_path());
string_to_sid(&dom_sid, lp_domain_sid());
pstrcpy(home_drive , lp_logon_drive ());
pstrcpy(home_dir , lp_logon_home ());
pstrcpy(other_sids, lp_domain_other_sids());
pstrcpy(my_workgroup, lp_workgroup());
pstrcpy(my_name , global_myname );
strupper(my_name);
pstrcpy(home_drive, lp_logon_drive());
pstrcpy(home_dir, lp_logon_home());
get_domain_user_groups(domain_groups, samlogon_user);
pstrcpy(my_name, global_myname);
strupper(my_name);
num_gids = make_dom_gids(domain_groups, gids);
/*
* This is the point at which we get the group
* database - we should be getting the gid_t list
* from /etc/group and then turning the uids into
* rids and then into machine sids for this user.
* JRA.
*/
sam_logon_in_ssb = False;
get_domain_user_groups(domain_groups, samlogon_user);
if (name_to_rid(samlogon_user, &r_uid, &r_gid))
{
make_net_user_info3(&usr_info,
/*
* make_dom_gids allocates the gids array. JRA.
*/
gids = NULL;
num_gids = make_dom_gids(domain_groups, &gids);
&dummy_time, /* logon_time */
&dummy_time, /* logoff_time */
&dummy_time, /* kickoff_time */
&dummy_time, /* pass_last_set_time */
&dummy_time, /* pass_can_change_time */
&dummy_time, /* pass_must_change_time */
sam_logon_in_ssb = False;
samlogon_user , /* user_name */
vuser->real_name, /* full_name */
logon_script , /* logon_script */
profile_path , /* profile_path */
home_dir , /* home_dir */
home_drive , /* dir_drive */
if (name_to_rid(samlogon_user, &r_uid, &r_gid))
{
make_net_user_info3(&usr_info,
&dummy_time, /* logon_time */
&dummy_time, /* logoff_time */
&dummy_time, /* kickoff_time */
&dummy_time, /* pass_last_set_time */
&dummy_time, /* pass_can_change_time */
&dummy_time, /* pass_must_change_time */
0, /* logon_count */
0, /* bad_pw_count */
samlogon_user , /* user_name */
vuser->real_name, /* full_name */
logon_script , /* logon_script */
profile_path , /* profile_path */
home_dir , /* home_dir */
home_drive , /* dir_drive */
r_uid , /* RID user_id */
r_gid , /* RID group_id */
num_gids, /* uint32 num_groups */
gids , /* DOM_GID *gids */
0x20 , /* uint32 user_flgs (?) */
0, /* logon_count */
0, /* bad_pw_count */
NULL, /* char sess_key[16] */
r_uid , /* RID user_id */
r_gid , /* RID group_id */
num_gids, /* uint32 num_groups */
gids , /* DOM_GID *gids */
0x20 , /* uint32 user_flgs (?) */
my_name , /* char *logon_srv */
my_workgroup, /* char *logon_dom */
NULL, /* char sess_key[16] */
dom_sid, /* char *dom_sid */
other_sids); /* char *other_sids */
}
else
{
status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
}
}
my_name , /* char *logon_srv */
my_workgroup, /* char *logon_dom */
net_reply_sam_logon(&q_l, rdata, &srv_cred, &usr_info, status);
&dom_sid, /* DOM_SID *dom_sid */
other_sids); /* char *other_sids */
}
else
{
status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
}
/* Free any allocated groups array. */
if(gids)
free((char *)gids);
}
net_reply_sam_logon(&q_l, rdata, &srv_cred, &usr_info, status);
}

7
source3/rpc_server/srv_samr.c
View File

@ -1018,7 +1018,7 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
uint32 status = 0x0;
struct smb_passwd *smb_pass;
DOM_GID gids[LSA_MAX_GROUPS];
DOM_GID *gids = NULL;
int num_groups = 0;
int pol_idx;
uint32 rid;
@ -1053,7 +1053,8 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
{
pstring groups;
get_domain_user_groups(groups, smb_pass->smb_name);
num_groups = make_dom_gids(groups, gids);
gids = NULL;
num_groups = make_dom_gids(groups, &gids);
}
/* construct the response. lkclXXXX: gids are not copied! */
@ -1062,6 +1063,8 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
/* store the response in the SMB stream */
samr_io_r_query_usergroups("", &r_u, rdata, 0);
if(gids)
free((char *)gids);
DEBUG(5,("samr_query_usergroups: %d\n", __LINE__));
}

99
source3/rpc_server/srv_util.c
View File

@ -79,57 +79,74 @@ rid_name domain_group_rids[] =
};
int make_dom_gids(char *gids_str, DOM_GID *gids)
int make_dom_gids(char *gids_str, DOM_GID **ppgids)
{
char *ptr;
pstring s2;
int count;
char *ptr;
pstring s2;
int count;
DOM_GID *gids;
DEBUG(4,("make_dom_gids: %s\n", gids_str));
*ppgids = NULL;
if (gids_str == NULL || *gids_str == 0) return 0;
DEBUG(4,("make_dom_gids: %s\n", gids_str));
for (count = 0, ptr = gids_str; next_token(&ptr, s2, NULL) && count < LSA_MAX_GROUPS; count++)
{
/* the entries are of the form GID/ATTR, ATTR being optional.*/
char *attr;
uint32 rid = 0;
int i;
if (gids_str == NULL || *gids_str == 0)
return 0;
attr = strchr(s2,'/');
if (attr) *attr++ = 0;
if (!attr || !*attr) attr = "7"; /* default value for attribute is 7 */
for (count = 0, ptr = gids_str; next_token(&ptr, s2, NULL); count++)
;
/* look up the RID string and see if we can turn it into a rid number */
for (i = 0; domain_alias_rids[i].name != NULL; i++)
{
if (strequal(domain_alias_rids[i].name, s2))
{
rid = domain_alias_rids[i].rid;
break;
}
}
gids = (DOM_GID *)malloc( sizeof(DOM_GID) * count );
if(!gids)
{
DEBUG(0,("make_dom_gids: malloc fail !\n"));
return 0;
}
if (rid == 0) rid = atoi(s2);
for (count = 0, ptr = gids_str; next_token(&ptr, s2, NULL) &&
count < LSA_MAX_GROUPS; count++)
{
/* the entries are of the form GID/ATTR, ATTR being optional.*/
char *attr;
uint32 rid = 0;
int i;
if (rid == 0)
{
DEBUG(1,("make_dom_gids: unknown well-known alias RID %s/%s\n",
s2, attr));
count--;
}
else
{
gids[count].g_rid = rid;
gids[count].attr = atoi(attr);
attr = strchr(s2,'/');
if (attr)
*attr++ = 0;
DEBUG(5,("group id: %d attr: %d\n",
gids[count].g_rid,
gids[count].attr));
}
}
if (!attr || !*attr)
attr = "7"; /* default value for attribute is 7 */
return count;
/* look up the RID string and see if we can turn it into a rid number */
for (i = 0; domain_alias_rids[i].name != NULL; i++)
{
if (strequal(domain_alias_rids[i].name, s2))
{
rid = domain_alias_rids[i].rid;
break;
}
}
if (rid == 0)
rid = atoi(s2);
if (rid == 0)
{
DEBUG(1,("make_dom_gids: unknown well-known alias RID %s/%s\n", s2, attr));
count--;
}
else
{
gids[count].g_rid = rid;
gids[count].attr = atoi(attr);
DEBUG(5,("group id: %d attr: %d\n", gids[count].g_rid, gids[count].attr));
}
}
*ppgids = gids;
return count;
}
/*******************************************************************

4
source3/smbd/chgpasswd.c
View File

@ -427,13 +427,13 @@ BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root)
return(chat_with_program(passwordprogram,name,chatsequence, as_root));
}
#else
#else /* ALLOW_CHANGE_PASSWORD */
BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root)
{
DEBUG(0,("Password changing not compiled in (user=%s)\n",name));
return(False);
}
#endif
#endif /* ALLOW_CHANGE_PASSWORD */
/***********************************************************
Code to check the lanman hashed password.

5
source3/smbd/ipc.c
View File

@ -1677,6 +1677,7 @@ static BOOL api_SamOEMChangePassword(int cnum,uint16 vuid, char *param,char *dat
fstring new_passwd;
struct smb_passwd *sampw = NULL;
char *p = param + 2;
int ret = True;
*rparam_len = 2;
*rparam = REALLOC(*rparam,*rparam_len);
@ -1718,9 +1719,9 @@ static BOOL api_SamOEMChangePassword(int cnum,uint16 vuid, char *param,char *dat
*/
if(lp_unix_password_sync())
chgpasswd(user,"", new_passwd, True);
ret = chgpasswd(user,"", new_passwd, True);
if(change_oem_password( sampw, new_passwd, False)) {
if(ret && change_oem_password( sampw, new_passwd, False)) {
SSVAL(*rparam,0,NERR_Success);
}