From ead54d5a6c4a505f7e5c6634793562ce840f177c Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 12 Aug 2020 17:08:14 +0200 Subject: [PATCH 1/3] libcli/security: let dom_sid_lookup_predefined_sid() behave like Windows 2008R2 Windows (172.31.9.133) returns the following: #> rpcclient 172.31.9.133 -Uadministrator%A1b2C3d4 -c 'lookupsids S-1-22-1 S-1-22-1-0;lookupsids S-1-22;lookupsids S-1-3-0 S-1-3-99;lookupsids S-1-3' S-1-22-1 *unknown*\*unknown* (8) S-1-22-1-0 *unknown*\*unknown* (8) result was NT_STATUS_INVALID_SID S-1-3-0 \CREATOR OWNER (5) S-1-3-99 *unknown*\*unknown* (8) result was NT_STATUS_INVALID_SID While the current Samba (172.31.9.163) returns the following: #> rpcclient 172.31.9.163 -Uadministrator%A1b2C3d4 -c 'lookupsids S-1-22-1 S-1-22-1-0;lookupsids S-1-22;lookupsids S-1-3-0 S-1-3-99;lookupsids S-1-3' result was NT_STATUS_INVALID_SID result was NT_STATUS_INVALID_SID S-1-3-0 \CREATOR OWNER (5) S-1-3-99 *unknown*\*unknown* (8) S-1-3 *unknown*\*unknown* (8) With this change also return the same as Windows: #> rpcclient 172.31.9.163 -Uadministrator%A1b2C3d4 -c 'lookupsids S-1-22-1 S-1-22-1-0;lookupsids S-1-22;lookupsids S-1-3-0 S-1-3-99;lookupsids S-1-3' S-1-22-1 *unknown*\*unknown* (8) S-1-22-1-0 *unknown*\*unknown* (8) result was NT_STATUS_INVALID_SID S-1-3-0 \CREATOR OWNER (5) S-1-3-99 *unknown*\*unknown* (8) result was NT_STATUS_INVALID_SID This is a minimal fix in order to avoid crashes in the Windows Explorer. The real fix needs more work and additional tests, as the behavior seems to be different in newer Windows releases. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14213 Signed-off-by: Stefan Metzmacher --- libcli/security/util_sid.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/libcli/security/util_sid.c b/libcli/security/util_sid.c index 6ee22284033c..dbc3f52a4ac9 100644 --- a/libcli/security/util_sid.c +++ b/libcli/security/util_sid.c @@ -1002,7 +1002,6 @@ NTSTATUS dom_sid_lookup_predefined_sid(const struct dom_sid *sid, const char **authority_name) { size_t di; - bool match_domain = false; *name = NULL; *type = SID_NAME_UNKNOWN; @@ -1024,8 +1023,6 @@ NTSTATUS dom_sid_lookup_predefined_sid(const struct dom_sid *sid, continue; } - match_domain = true; - for (ni = 0; ni < d->num_names; ni++) { const struct predefined_name_mapping *n = &d->names[ni]; @@ -1043,7 +1040,7 @@ NTSTATUS dom_sid_lookup_predefined_sid(const struct dom_sid *sid, } } - if (!match_domain) { + if (sid->num_auths == 0) { return NT_STATUS_INVALID_SID; } -- 2.34.1 From 97cf587c3ea19b8c92c6058fb76206391c002683 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 10 Mar 2023 15:05:15 +0100 Subject: [PATCH 2/3] source4/rpc_server/lsa/lsa_lookup.c behave like Windows 2008R2 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14213 --- source4/rpc_server/lsa/lsa_lookup.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/source4/rpc_server/lsa/lsa_lookup.c b/source4/rpc_server/lsa/lsa_lookup.c index 61cb8a10a238..d8d06bf82164 100644 --- a/source4/rpc_server/lsa/lsa_lookup.c +++ b/source4/rpc_server/lsa/lsa_lookup.c @@ -35,6 +35,7 @@ struct dcesrv_lsa_TranslatedItem { uint32_t flags; uint32_t wb_idx; bool done; + bool invalid_sid; struct { const char *domain; /* only $DOMAIN\ */ const char *namespace; /* $NAMESPACE\ or @$NAMESPACE */ @@ -380,6 +381,10 @@ static NTSTATUS dcesrv_lsa_LookupSids_base_call(struct dcesrv_lsa_LookupSids_bas status = view->lookup_sid(state, item); if (NT_STATUS_IS_OK(status)) { item->done = true; + } else if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_SID)) { + item->done = true; + item->invalid_sid = true; + status = NT_STATUS_OK; } else if (NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) { status = NT_STATUS_OK; } else if (NT_STATUS_EQUAL(status, NT_STATUS_SOME_NOT_MAPPED)) { @@ -438,6 +443,7 @@ static NTSTATUS dcesrv_lsa_LookupSids_base_finish( struct dcesrv_lsa_LookupSids_base_state *state) { struct lsa_LookupSids3 *r = &state->r; + uint32_t num_invalid_sid = 0; uint32_t i; for (i=0;iin.sids->num_sids;i++) { @@ -470,6 +476,16 @@ static NTSTATUS dcesrv_lsa_LookupSids_base_finish( if (item->type != SID_NAME_UNKNOWN) { (*r->out.count)++; } + if (item->invalid_sid) { + num_invalid_sid++; + } + } + + if (num_invalid_sid != 0) { + TALLOC_FREE(*r->out.domains); + TALLOC_FREE(r->out.names->names); + r->out.names->count = 0; + return NT_STATUS_INVALID_SID; } if (*r->out.count == 0) { -- 2.34.1 From e3193fd4d904030107ca78944c725157fc94cce2 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 10 Mar 2023 15:05:15 +0100 Subject: [PATCH 3/3] source4/rpc_server/lsa/lsa_lookup.c behave like Windows 2022 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14213 --- source4/rpc_server/lsa/lsa_lookup.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/source4/rpc_server/lsa/lsa_lookup.c b/source4/rpc_server/lsa/lsa_lookup.c index d8d06bf82164..3c19819c1e7f 100644 --- a/source4/rpc_server/lsa/lsa_lookup.c +++ b/source4/rpc_server/lsa/lsa_lookup.c @@ -481,14 +481,13 @@ static NTSTATUS dcesrv_lsa_LookupSids_base_finish( } } - if (num_invalid_sid != 0) { - TALLOC_FREE(*r->out.domains); - TALLOC_FREE(r->out.names->names); - r->out.names->count = 0; - return NT_STATUS_INVALID_SID; - } - if (*r->out.count == 0) { + if (num_invalid_sid != 0) { + for (i=0;iout.names->count;i++) { + r->out.names->names[i].name.string = NULL; + } + return NT_STATUS_INVALID_SID; + } return NT_STATUS_NONE_MAPPED; } if (*r->out.count != r->in.sids->num_sids) { -- 2.34.1