The Samba-Bugzilla – Attachment 3935 Details for
Bug 6099
Samba returns incurrate capabilities list.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
implement netr_ServerAuthenticate3 patch
0001-s3-netlogon-implement-_netr_ServerAuthenticate3.patch (text/plain), 5.90 KB, created by
Guenther Deschner
on 2009-02-12 18:38:11 UTC
(
hide
)
Description:
implement netr_ServerAuthenticate3 patch
Filename:
MIME Type:
Creator:
Guenther Deschner
Created:
2009-02-12 18:38:11 UTC
Size:
5.90 KB
patch
obsolete
>From b3c7e15c97dbf2423b3591583a45c78a3d218850 Mon Sep 17 00:00:00 2001 >From: =?utf-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 13 Feb 2009 01:35:35 +0100 >Subject: [PATCH] s3-netlogon: implement _netr_ServerAuthenticate3. > >Guenther >--- > source3/rpc_server/srv_netlog_nt.c | 79 +++++++++++++++++++++++++---------- > 1 files changed, 56 insertions(+), 23 deletions(-) > >diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c >index 16d370c..f341fdb 100644 >--- a/source3/rpc_server/srv_netlog_nt.c >+++ b/source3/rpc_server/srv_netlog_nt.c >@@ -280,7 +280,8 @@ WERROR _netr_NetrEnumerateTrustedDomains(pipes_struct *p, > gets a machine password entry. checks access rights of the host. > ******************************************************************/ > >-static NTSTATUS get_md4pw(char *md4pw, const char *mach_acct, uint16 sec_chan_type) >+static NTSTATUS get_md4pw(char *md4pw, const char *mach_acct, >+ uint16_t sec_chan_type, uint32_t *rid) > { > struct samu *sampass = NULL; > const uint8 *pass; >@@ -376,6 +377,10 @@ static NTSTATUS get_md4pw(char *md4pw, const char *mach_acct, uint16 sec_chan_ty > memcpy(md4pw, pass, 16); > dump_data(5, (uint8 *)md4pw, 16); > >+ if (rid) { >+ *rid = pdb_get_user_rid(sampass); >+ } >+ > TALLOC_FREE(sampass); > > return NT_STATUS_OK; >@@ -435,7 +440,8 @@ NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, > > status = get_md4pw((char *)p->dc->mach_pw, > r->in.account_name, >- r->in.secure_channel_type); >+ r->in.secure_channel_type, >+ NULL); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(0,("_netr_ServerAuthenticate: get_md4pw failed. Failed to " > "get password for machine account %s " >@@ -478,21 +484,33 @@ NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, > } > > /************************************************************************* >- _netr_ServerAuthenticate2 >+ _netr_ServerAuthenticate3 > *************************************************************************/ > >-NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p, >- struct netr_ServerAuthenticate2 *r) >+NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p, >+ struct netr_ServerAuthenticate3 *r) > { > NTSTATUS status; > uint32_t srv_flgs; > struct netr_Credential srv_chal_out; >+ const char *fn; >+ >+ switch (p->hdr_req.opnum) { >+ case NDR_NETR_SERVERAUTHENTICATE2: >+ fn = "_netr_ServerAuthenticate2"; >+ break; >+ case NDR_NETR_SERVERAUTHENTICATE3: >+ fn = "_netr_ServerAuthenticate3"; >+ break; >+ default: >+ return NT_STATUS_INTERNAL_ERROR; >+ } > > /* We use this as the key to store the creds: */ > /* r->in.computer_name */ > > if (!p->dc || !p->dc->challenge_sent) { >- DEBUG(0,("_netr_ServerAuthenticate2: no challenge sent to client %s\n", >+ DEBUG(0,("%s: no challenge sent to client %s\n", fn, > r->in.computer_name)); > return NT_STATUS_ACCESS_DENIED; > } >@@ -501,19 +519,20 @@ NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p, > ((*r->in.negotiate_flags & NETLOGON_NEG_SCHANNEL) == 0) ) { > > /* schannel must be used, but client did not offer it. */ >- DEBUG(0,("_netr_ServerAuthenticate2: schannel required but client failed " >+ DEBUG(0,("%s: schannel required but client failed " > "to offer it. Client was %s\n", >- r->in.account_name)); >+ fn, r->in.account_name)); > return NT_STATUS_ACCESS_DENIED; > } > > status = get_md4pw((char *)p->dc->mach_pw, > r->in.account_name, >- r->in.secure_channel_type); >+ r->in.secure_channel_type, >+ r->out.rid); > if (!NT_STATUS_IS_OK(status)) { >- DEBUG(0,("_netr_ServerAuthenticate2: failed to get machine password for " >+ DEBUG(0,("%s: failed to get machine password for " > "account %s: %s\n", >- r->in.account_name, nt_errstr(status) )); >+ fn, r->in.account_name, nt_errstr(status) )); > /* always return NT_STATUS_ACCESS_DENIED */ > return NT_STATUS_ACCESS_DENIED; > } >@@ -528,9 +547,9 @@ NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p, > > /* Check client credentials are valid. */ > if (!netlogon_creds_server_check(p->dc, r->in.credentials)) { >- DEBUG(0,("_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth " >+ DEBUG(0,("%s: netlogon_creds_server_check failed. Rejecting auth " > "request from client %s machine account %s\n", >- r->in.computer_name, >+ fn, r->in.computer_name, > r->in.account_name)); > return NT_STATUS_ACCESS_DENIED; > } >@@ -572,6 +591,30 @@ NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p, > } > > /************************************************************************* >+ _netr_ServerAuthenticate2 >+ *************************************************************************/ >+ >+NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p, >+ struct netr_ServerAuthenticate2 *r) >+{ >+ struct netr_ServerAuthenticate3 a; >+ uint32_t rid; >+ >+ a.in.server_name = r->in.server_name; >+ a.in.account_name = r->in.account_name; >+ a.in.secure_channel_type= r->in.secure_channel_type; >+ a.in.computer_name = r->in.computer_name; >+ a.in.credentials = r->in.credentials; >+ a.in.negotiate_flags = r->in.negotiate_flags; >+ >+ a.out.return_credentials = r->out.return_credentials; >+ a.out.rid = &rid; >+ a.out.negotiate_flags = r->out.negotiate_flags; >+ >+ return _netr_ServerAuthenticate3(p, &a); >+} >+ >+/************************************************************************* > _netr_ServerPasswordSet > *************************************************************************/ > >@@ -1216,16 +1259,6 @@ WERROR _netr_NETRLOGONCOMPUTECLIENTDIGEST(pipes_struct *p, > /**************************************************************** > ****************************************************************/ > >-NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p, >- struct netr_ServerAuthenticate3 *r) >-{ >- p->rng_fault_state = true; >- return NT_STATUS_NOT_IMPLEMENTED; >-} >- >-/**************************************************************** >-****************************************************************/ >- > WERROR _netr_DsRGetDCNameEx(pipes_struct *p, > struct netr_DsRGetDCNameEx *r) > { >-- >1.6.0.6 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3935">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 6099
: 3935 |
4128
|
4141
|
4543