2025-01-21 18:04:06 +03:00 · 2006-02-09 00:23:40 +00:00 · 2006-02-09 00:23:40 +00:00 · cf7c47aac9
commit cf7c47aac9
parent 86358fc10b
5 changed files with 77 additions and 15 deletions
--- a/source3/include/rpc_netlogon.h
+++ b/source3/include/rpc_netlogon.h
@ -169,6 +169,57 @@ typedef struct net_user_info_2 {
 } NET_USER_INFO_2;
 #endif

+/* NET_USER_INFO_2 */
+typedef struct net_user_info_2 {
+	uint32 ptr_user_info;
+
+	NTTIME logon_time;            /* logon time */
+	NTTIME logoff_time;           /* logoff time */
+	NTTIME kickoff_time;          /* kickoff time */
+	NTTIME pass_last_set_time;    /* password last set time */
+	NTTIME pass_can_change_time;  /* password can change time */
+	NTTIME pass_must_change_time; /* password must change time */
+
+	UNIHDR hdr_user_name;    /* username unicode string header */
+	UNIHDR hdr_full_name;    /* user's full name unicode string header */
+	UNIHDR hdr_logon_script; /* logon script unicode string header */
+	UNIHDR hdr_profile_path; /* profile path unicode string header */
+	UNIHDR hdr_home_dir;     /* home directory unicode string header */
+	UNIHDR hdr_dir_drive;    /* home directory drive unicode string header */
+
+	uint16 logon_count;  /* logon count */
+	uint16 bad_pw_count; /* bad password count */
+
+	uint32 user_rid;       /* User RID */
+	uint32 group_rid;      /* Group RID */
+
+	uint32 num_groups;    /* num groups */
+	uint32 buffer_groups; /* undocumented buffer pointer to groups. */
+	uint32 user_flgs;     /* user flags */
+
+	uint8 user_sess_key[16]; /* user session key */
+
+	UNIHDR hdr_logon_srv; /* logon server unicode string header */
+	UNIHDR hdr_logon_dom; /* logon domain unicode string header */
+
+	uint32 buffer_dom_id; /* undocumented logon domain id pointer */
+	uint8 lm_sess_key[8];	/* lm session key */
+	uint32 acct_flags;	/* account flags */
+	uint32 unknown[7];	/* unknown */
+
+	UNISTR2 uni_user_name;    /* username unicode string */
+	UNISTR2 uni_full_name;    /* user's full name unicode string */
+	UNISTR2 uni_logon_script; /* logon script unicode string */
+	UNISTR2 uni_profile_path; /* profile path unicode string */
+	UNISTR2 uni_home_dir;     /* home directory unicode string */
+	UNISTR2 uni_dir_drive;    /* home directory drive unicode string */
+
+	UNISTR2 uni_logon_srv; /* logon server unicode string */
+	UNISTR2 uni_logon_dom; /* logon domain unicode string */
+
+	DOM_SID2 dom_sid;           /* domain SID */
+} NET_USER_INFO_2;
+
 /* NET_USER_INFO_3 */
 typedef struct net_user_info_3 {
 	uint32 ptr_user_info;
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@ -1295,7 +1295,7 @@ static BOOL net_io_id_info_ctr(const char *desc, NET_ID_INFO_CTR **pp_ctr, prs_s
 {
 	NET_ID_INFO_CTR *ctr = *pp_ctr;

-	prs_debug(ps, depth, desc, "smb_io_sam_info");
+	prs_debug(ps, depth, desc, "smb_io_sam_info_ctr");
 	depth++;

 	if (UNMARSHALLING(ps)) {
@ -1323,7 +1323,7 @@ static BOOL net_io_id_info_ctr(const char *desc, NET_ID_INFO_CTR **pp_ctr, prs_s
 		break;
 	default:
 		/* PANIC! */
-		DEBUG(4,("smb_io_sam_info: unknown switch_value!\n"));
+		DEBUG(4,("smb_io_sam_info_ctr: unknown switch_value!\n"));
 		break;
 	}

@ -1350,8 +1350,10 @@ static BOOL smb_io_sam_info(const char *desc, DOM_SAM_INFO *sam, prs_struct *ps,

 	if(!prs_uint32("ptr_rtn_cred ", ps, depth, &sam->ptr_rtn_cred))
 		return False;
-	if(!smb_io_cred("", &sam->rtn_cred, ps, depth))
-		return False;
+	if (sam->ptr_rtn_cred) {
+		if(!smb_io_cred("", &sam->rtn_cred, ps, depth))
+			return False;
+	}

 	if(!prs_uint16("logon_level  ", ps, depth, &sam->logon_level))
 		return False;
@ -1700,7 +1702,7 @@ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
 	if(!smb_io_dom_sid2("", &usr->dom_sid, ps, depth))           /* domain SID */
 		return False;

-	if (usr->buffer_other_sids) {
+	if (validation_level == 3 && usr->buffer_other_sids) {

 		uint32 num_other_sids = usr->num_other_sids;

@ -1776,7 +1778,7 @@ BOOL net_io_q_sam_logon(const char *desc, NET_Q_SAM_LOGON *q_l, prs_struct *ps,

 	if(!prs_align_uint16(ps))
 		return False;
-	
+
 	if(!prs_uint16("validation_level", ps, depth, &q_l->validation_level))
 		return False;

--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@ -197,10 +197,10 @@ static BOOL api_net_sam_logon(pipes_struct *p)
 	ZERO_STRUCT(q_u);
 	ZERO_STRUCT(r_u);

-    if(!net_io_q_sam_logon("", &q_u, data, 0)) {
-        DEBUG(0, ("api_net_sam_logon: Failed to unmarshall NET_Q_SAM_LOGON.\n"));
-        return False;
-    }
+	if(!net_io_q_sam_logon("", &q_u, data, 0)) {
+		DEBUG(0, ("api_net_sam_logon: Failed to unmarshall NET_Q_SAM_LOGON.\n"));
+		return False;
+	}
   
 	r_u.status = _net_sam_logon(p, &q_u, &r_u);

--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@ -473,7 +473,7 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
 		DEBUG(2,("_net_srv_pwset: creds_server_step failed. Rejecting auth "
 			"request from client %s machine account %s\n",
 			p->dc->remote_machine, p->dc->mach_acct ));
-		return NT_STATUS_ACCESS_DENIED;
+		return NT_STATUS_INVALID_PARAMETER;
 	}

 	DEBUG(5,("_net_srv_pwset: %d\n", __LINE__));
@ -573,7 +573,7 @@ NTSTATUS _net_sam_logoff(pipes_struct *p, NET_Q_SAM_LOGOFF *q_u, NET_R_SAM_LOGOF
 		DEBUG(2,("_net_sam_logoff: creds_server_step failed. Rejecting auth "
 			"request from client %s machine account %s\n",
 			p->dc->remote_machine, p->dc->mach_acct ));
-		return NT_STATUS_ACCESS_DENIED;
+		return NT_STATUS_INVALID_PARAMETER;
 	}

 	r_u->status = NT_STATUS_OK;
@ -636,9 +636,13 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *

 	/* store the user information, if there is any. */
 	r_u->user = usr_info;
-	r_u->switch_value = 0; /* indicates no info */
 	r_u->auth_resp = 1; /* authoritative response */
-	r_u->switch_value = 3; /* indicates type of validation user info */
+	if (q_u->validation_level != 2 && q_u->validation_level != 3) {
+		DEBUG(0,("_net_sam_logon: bad validation_level value %d.\n", (int)q_u->validation_level ));
+		return NT_STATUS_ACCESS_DENIED;
+	}
+	/* We handle the return of USER_INFO_2 instead of 3 in the parse return. Sucks, I know... */
+	r_u->switch_value = q_u->validation_level; /* indicates type of validation user info */
 	r_u->buffer_creds = 1; /* Ensure we always return server creds. */
 
 	if (!get_valid_user_struct(p->vuid))
@ -662,7 +666,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
 		DEBUG(2,("_net_sam_logon: creds_server_step failed. Rejecting auth "
 			"request from client %s machine account %s\n",
 			p->dc->remote_machine, p->dc->mach_acct ));
-		return NT_STATUS_ACCESS_DENIED;
+		return NT_STATUS_INVALID_PARAMETER;
 	}

 	/* find the username */
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@ -2537,6 +2537,11 @@ NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CO
 	   was observed from a win98 client trying to enumerate users (when configured  
 	   user level access control on shares)   --jerry */
 	   
+	if (des_access == MAXIMUM_ALLOWED_ACCESS) {
+		/* Map to max possible knowing we're filtered below. */
+		des_access = GENERIC_ALL_ACCESS;
+	}
+
 	se_map_generic( &des_access, &sam_generic_mapping );
 	info->acc_granted = des_access & (SA_RIGHT_SAM_ENUM_DOMAINS|SA_RIGHT_SAM_OPEN_DOMAIN);