sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code

This fixes security=domain, which has been broke since the big charset

Browse Source 
changeover.  For my own sainity I have created a new function to fill out both
the header and buffer for a string in an RPC struct.  This DOES NOT take a
length argument, only the actual string to be placed.

The RPC code is currently littered with code that does init_uni_hdr() followed
immidiatly by init_unistr2(), and often the length argument is wrong.  (It was
for the code I changed, even before the charset stuff).  Another bug where we
made strings AT LEAST MAX_UNICODE_LEN long hid this bug.

This works for loopback connections to Samba, and can't be any more broke than
it was before :-).  (We had double and revese conversions, fun...).

In particular this makes us multibyte complient.

In any case, if there are no objections I will slowly convert other bits of
code to the same system.
This commit is contained in:
Andrew Bartlett 0001-01-01 00:00:00 +00:00
parent 22ea0770d8
commit cf1d1cd9d6
3 changed files with 60 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
source/rpc_client/cli_login.c
View File

@ -160,20 +160,13 @@ BOOL cli_nt_login_network(struct cli_state *cli, char *domain, char *username,
char *lm_chal_resp, char *nt_chal_resp,
NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3)
{
fstring dos_wksta_name, dos_username, dos_domain;
DEBUG(5,("cli_nt_login_network: %d\n", __LINE__));
/* indicate a "network" login */
ctr->switch_value = NET_LOGON_TYPE;
clistr_pull(cli, dos_wksta_name, cli->clnt_name_slash, sizeof(dos_wksta_name), 0, STR_TERMINATE);
clistr_pull(cli, dos_username, username, sizeof(dos_username), 0, STR_TERMINATE);
clistr_pull(cli, dos_domain, username, sizeof(dos_domain), 0, STR_TERMINATE);
/* Create the structure needed for SAM logon. */
init_id_info2(&ctr->auth.id2, dos_domain, 0, smb_userid_low, 0,
dos_username, dos_wksta_name,
init_id_info2(&ctr->auth.id2, domain, 0, smb_userid_low, 0,
username, cli->clnt_name_slash,
(uchar *)lm_chal, (uchar *)lm_chal_resp,
(uchar *)nt_chal_resp);

54
source/rpc_parse/parse_misc.c
View File

@ -5,6 +5,7 @@
* Copyright (C) Andrew Tridgell 1992-1997,
* Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
* Copyright (C) Paul Ashton 1997.
* Copyright (C) Andrew Bartlett 2001.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -920,6 +921,59 @@ void init_unistr2(UNISTR2 *str, const char *buf, size_t len)
rpcstr_push((char *)str->buffer, buf, len, STR_TERMINATE);
}
/*******************************************************************
Inits a UNIHDR and UNISTR2 structure at one time.
********************************************************************/
void init_unistr2_and_hdr(UNISTR2 *str, UNIHDR *hdr, const char *buf )
{
size_t convbuf_len_bytes, len_bytes;
int len;
uint16 *conversion_buffer;
if (buf == NULL) {
str->buffer = NULL;
hdr->uni_str_len = 0;
hdr->uni_max_len = 0;
hdr->buffer = 0;
return;
}
convbuf_len_bytes = (sizeof(uint16)*(strlen(buf) + 1));
/* Our strings cannot expand from internal to unicode by more
than a factor of 2 */
conversion_buffer = malloc(convbuf_len_bytes);
if (conversion_buffer == NULL)
smb_panic("init_unistr: malloc fail\n");
/* Check this */
len_bytes = rpcstr_push(conversion_buffer, buf, convbuf_len_bytes, STR_TERMINATE);
len = len_bytes/sizeof(uint16);
if (len > MAX_UNISTRLEN) {
len = MAX_UNISTRLEN;
}
str->buffer = (uint16 *)talloc_zero(get_talloc_ctx(), len*sizeof(uint16));
if (str->buffer == NULL)
smb_panic("init_unistr: talloc fail\n");
hdr->uni_str_len = len;
hdr->uni_max_len = len;
hdr->buffer = 1;
str->uni_str_len = len;
str->uni_max_len = len;
memcpy(str->buffer, conversion_buffer, len*sizeof(uint16));
free(conversion_buffer);
}
/*******************************************************************
Inits a UNISTR2 structure from a UNISTR
********************************************************************/

15
source/rpc_parse/parse_net.c
View File

@ -5,6 +5,7 @@
* Copyright (C) Andrew Tridgell 1992-1997,
* Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
* Copyright (C) Paul Ashton 1997.
* Copyright (C) Andrew Bartlett 2001.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -983,9 +984,6 @@ void init_id_info2(NET_ID_INFO_2 *id, char *domain_name,
unsigned char *lm_chal_resp,
unsigned char *nt_chal_resp)
{
int len_domain_name = strlen(domain_name);
int len_user_name = strlen(user_name );
int len_wksta_name = strlen(wksta_name );
int nt_chal_resp_len = ((nt_chal_resp != NULL) ? 24 : 0);
int lm_chal_resp_len = ((lm_chal_resp != NULL) ? 24 : 0);
unsigned char lm_owf[24];
@ -995,14 +993,9 @@ void init_id_info2(NET_ID_INFO_2 *id, char *domain_name,
id->ptr_id_info2 = 1;
init_uni_hdr(&id->hdr_domain_name, len_domain_name);
id->param_ctrl = param_ctrl;
init_logon_id(&id->logon_id, log_id_low, log_id_high);
init_uni_hdr(&id->hdr_user_name, len_user_name);
init_uni_hdr(&id->hdr_wksta_name, len_wksta_name);
if (nt_chal_resp) {
/* oops. can only send what-ever-it-is direct */
memcpy(nt_owf, nt_chal_resp, 24);
@ -1018,9 +1011,9 @@ void init_id_info2(NET_ID_INFO_2 *id, char *domain_name,
init_str_hdr(&id->hdr_nt_chal_resp, 24, nt_chal_resp_len, (nt_chal_resp != NULL) ? 1 : 0);
init_str_hdr(&id->hdr_lm_chal_resp, 24, lm_chal_resp_len, (lm_chal_resp != NULL) ? 1 : 0);
init_unistr2(&id->uni_domain_name, domain_name, len_domain_name);
init_unistr2(&id->uni_user_name, user_name, len_user_name);
init_unistr2(&id->uni_wksta_name, wksta_name, len_wksta_name);
init_unistr2_and_hdr(&id->uni_domain_name, &id->hdr_domain_name, domain_name);
init_unistr2_and_hdr(&id->uni_user_name, &id->hdr_user_name, user_name);
init_unistr2_and_hdr(&id->uni_wksta_name, &id->hdr_wksta_name, wksta_name);
init_string2(&id->nt_chal_resp, (char *)nt_chal_resp, nt_chal_resp_len);
init_string2(&id->lm_chal_resp, (char *)lm_chal_resp, lm_chal_resp_len);