From 46f55ef5bc73f9a9d563913433d7d71655123aaa Mon Sep 17 00:00:00 2001 From: =?utf8?q?G=C3=BCnther=20Deschner?= Date: Sat, 6 Dec 2008 00:28:34 +0100 Subject: [PATCH] s3-samr: avoid all init_samr_user* functions. Guenther --- source3/lib/netapi/user.c | 64 ++++++----- source3/libnet/libnet_join.c | 8 +- source3/rpc_server/srv_samr_nt.c | 182 +++++++++++-------------------- source3/rpcclient/cmd_samr.c | 22 ++-- source3/utils/net_rpc.c | 30 +---- source3/utils/net_rpc_join.c | 4 +- 6 files changed, 120 insertions(+), 190 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 1f4b03f677b..770ffe32636 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -91,35 +91,41 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); /* TODO: infoX->usriX_priv */ - init_samr_user_info21(info21, - 0, - 0, - 0, - 0, - 0, - password_age, - infoX->usriX_name, - infoX->usriX_full_name, - infoX->usriX_home_dir, - infoX->usriX_home_dir_drive, - infoX->usriX_script_path, - infoX->usriX_profile, - infoX->usriX_comment, - infoX->usriX_workstations, - infoX->usriX_usr_comment, - &zero_parameters, - infoX->usriX_user_id, - infoX->usriX_primary_group_id, - infoX->usriX_flags, - fields_present, - zero_logon_hours, - infoX->usriX_bad_pw_count, - infoX->usriX_num_logons, - infoX->usriX_country_code, - infoX->usriX_code_page, - 0, - 0, - infoX->usriX_password_expired); + + info21->last_logon = 0; + info21->last_logoff = 0; + info21->last_password_change = 0; + info21->acct_expiry = 0; + info21->allow_password_change = 0; + info21->force_password_change = 0; + info21->account_name.string = infoX->usriX_name; + info21->full_name.string = infoX->usriX_full_name; + info21->home_directory.string = infoX->usriX_home_dir; + info21->home_drive.string = infoX->usriX_home_dir_drive; + info21->logon_script.string = infoX->usriX_script_path; + info21->profile_path.string = infoX->usriX_profile; + info21->description.string = infoX->usriX_comment; + info21->workstations.string = infoX->usriX_workstations; + info21->comment.string = infoX->usriX_usr_comment; + info21->parameters = zero_parameters; + info21->lm_owf_password = zero_parameters; + info21->nt_owf_password = zero_parameters; + info21->unknown3.string = NULL; + info21->buf_count = 0; + info21->buffer = NULL; + info21->rid = infoX->usriX_user_id; + info21->primary_gid = infoX->usriX_primary_group_id; + info21->acct_flags = infoX->usriX_flags; + info21->fields_present = fields_present; + info21->logon_hours = zero_logon_hours; + info21->bad_password_count = infoX->usriX_bad_pw_count; + info21->logon_count = infoX->usriX_num_logons; + info21->country_code = infoX->usriX_country_code; + info21->code_page = infoX->usriX_code_page; + info21->lm_password_set = 0; + info21->nt_password_set = 0; + info21->password_expired = infoX->usriX_password_expired; + info21->unknown4 = 0; } /**************************************************************** diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 51d979074b6..18743aad552 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -933,8 +933,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, &cli->user_session_key, &crypt_pwd_ex); - init_samr_user_info26(&user_info.info26, &crypt_pwd_ex, - PASS_DONT_CHANGE_AT_NEXT_LOGON); + user_info.info26.password = crypt_pwd_ex; + user_info.info26.password_expired = PASS_DONT_CHANGE_AT_NEXT_LOGON; status = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx, &user_pol, @@ -949,8 +949,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, &cli->user_session_key, &crypt_pwd); - init_samr_user_info24(&user_info.info24, &crypt_pwd, - PASS_DONT_CHANGE_AT_NEXT_LOGON); + user_info.info24.password = crypt_pwd; + user_info.info24.password_expired = PASS_DONT_CHANGE_AT_NEXT_LOGON; status = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx, &user_pol, diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 24d14d720fc..cb92c6e28e8 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2259,14 +2259,6 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx, { const DOM_SID *sid_user, *sid_group; uint32_t rid, primary_gid; - NTTIME last_logon, last_logoff, last_password_change, - acct_expiry; - const char *account_name, *full_name, *home_directory, *home_drive, - *logon_script, *profile_path, *description, - *workstations, *comment; - struct samr_LogonHours logon_hours; - - ZERO_STRUCTP(r); sid_user = pdb_get_user_sid(pw); @@ -2290,42 +2282,26 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx, return NT_STATUS_UNSUCCESSFUL; } - unix_to_nt_time(&last_logon, pdb_get_logon_time(pw)); - unix_to_nt_time(&last_logoff, pdb_get_logoff_time(pw)); - unix_to_nt_time(&acct_expiry, pdb_get_kickoff_time(pw)); - unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(pw)); - - account_name = talloc_strdup(mem_ctx, pdb_get_username(pw)); - full_name = talloc_strdup(mem_ctx, pdb_get_fullname(pw)); - home_directory = talloc_strdup(mem_ctx, pdb_get_homedir(pw)); - home_drive = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw)); - logon_script = talloc_strdup(mem_ctx, pdb_get_logon_script(pw)); - profile_path = talloc_strdup(mem_ctx, pdb_get_profile_path(pw)); - description = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw)); - workstations = talloc_strdup(mem_ctx, pdb_get_workstations(pw)); - comment = talloc_strdup(mem_ctx, pdb_get_comment(pw)); - - logon_hours = get_logon_hours_from_pdb(mem_ctx, pw); - - init_samr_user_info5(r, - account_name, - full_name, - rid, - primary_gid, - home_directory, - home_drive, - logon_script, - profile_path, - description, - workstations, - last_logon, - last_logoff, - logon_hours, - pdb_get_bad_password_count(pw), - pdb_get_logon_count(pw), - last_password_change, - acct_expiry, - pdb_get_acct_ctrl(pw)); + unix_to_nt_time(&r->last_logon, pdb_get_logon_time(pw)); + unix_to_nt_time(&r->last_logoff, pdb_get_logoff_time(pw)); + unix_to_nt_time(&r->acct_expiry, pdb_get_kickoff_time(pw)); + unix_to_nt_time(&r->last_password_change, pdb_get_pass_last_set_time(pw)); + + r->account_name.string = talloc_strdup(mem_ctx, pdb_get_username(pw)); + r->full_name.string = talloc_strdup(mem_ctx, pdb_get_fullname(pw)); + r->home_directory.string= talloc_strdup(mem_ctx, pdb_get_homedir(pw)); + r->home_drive.string = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw)); + r->logon_script.string = talloc_strdup(mem_ctx, pdb_get_logon_script(pw)); + r->profile_path.string = talloc_strdup(mem_ctx, pdb_get_profile_path(pw)); + r->description.string = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw)); + r->workstations.string = talloc_strdup(mem_ctx, pdb_get_workstations(pw)); + + r->logon_hours = get_logon_hours_from_pdb(mem_ctx, pw); + r->rid = rid; + r->primary_gid = primary_gid; + r->acct_flags = pdb_get_acct_ctrl(pw); + r->bad_password_count = pdb_get_bad_password_count(pw); + r->logon_count = pdb_get_logon_count(pw); return NT_STATUS_OK; } @@ -2338,17 +2314,11 @@ static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx, struct samr_UserInfo7 *r, struct samu *smbpass) { - const char *account_name = NULL; - - ZERO_STRUCTP(r); - - account_name = talloc_strdup(mem_ctx, pdb_get_username(smbpass)); - if (!account_name) { + r->account_name.string = talloc_strdup(mem_ctx, pdb_get_username(smbpass)); + if (!r->account_name.string) { return NT_STATUS_NO_MEMORY; } - init_samr_user_info7(r, account_name); - return NT_STATUS_OK; } @@ -2360,9 +2330,7 @@ static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx, struct samr_UserInfo9 *r, struct samu *smbpass) { - ZERO_STRUCTP(r); - - init_samr_user_info9(r, pdb_get_group_rid(smbpass)); + r->primary_gid = pdb_get_group_rid(smbpass); return NT_STATUS_OK; } @@ -2375,9 +2343,7 @@ static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx, struct samr_UserInfo16 *r, struct samu *smbpass) { - ZERO_STRUCTP(r); - - init_samr_user_info16(r, pdb_get_acct_ctrl(smbpass)); + r->acct_flags = pdb_get_acct_ctrl(smbpass); return NT_STATUS_OK; } @@ -2429,10 +2395,11 @@ static NTSTATUS get_user_info_18(pipes_struct *p, return NT_STATUS_ACCOUNT_DISABLED; } - init_samr_user_info18(r, - pdb_get_lanman_passwd(smbpass), - pdb_get_nt_passwd(smbpass), - 0 /* FIXME */); + r->lm_pwd_active = true; + r->nt_pwd_active = true; + memcpy(r->lm_pwd.hash, pdb_get_lanman_passwd(smbpass), 16); + memcpy(r->nt_pwd.hash, pdb_get_nt_passwd(smbpass), 16); + r->password_expired = 0; /* FIXME */ TALLOC_FREE(smbpass); @@ -2471,7 +2438,7 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx, return status; } - init_samr_user_info20(r, parameters); + r->parameters = *parameters; return NT_STATUS_OK; } @@ -2489,14 +2456,8 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, NTSTATUS status; const DOM_SID *sid_user, *sid_group; uint32_t rid, primary_gid; - NTTIME last_logon, last_logoff, last_password_change, - acct_expiry, allow_password_change, force_password_change; + NTTIME force_password_change; time_t must_change_time; - uint8_t password_expired; - const char *account_name, *full_name, *home_directory, *home_drive, - *logon_script, *profile_path, *description, - *workstations, *comment; - struct samr_LogonHours logon_hours; struct lsa_BinaryString *parameters = NULL; const char *munged_dial = NULL; DATA_BLOB blob; @@ -2525,11 +2486,11 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, return NT_STATUS_UNSUCCESSFUL; } - unix_to_nt_time(&last_logon, pdb_get_logon_time(pw)); - unix_to_nt_time(&last_logoff, pdb_get_logoff_time(pw)); - unix_to_nt_time(&acct_expiry, pdb_get_kickoff_time(pw)); - unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(pw)); - unix_to_nt_time(&allow_password_change, pdb_get_pass_can_change_time(pw)); + unix_to_nt_time(&r->last_logon, pdb_get_logon_time(pw)); + unix_to_nt_time(&r->last_logoff, pdb_get_logoff_time(pw)); + unix_to_nt_time(&r->acct_expiry, pdb_get_kickoff_time(pw)); + unix_to_nt_time(&r->last_password_change, pdb_get_pass_last_set_time(pw)); + unix_to_nt_time(&r->allow_password_change, pdb_get_pass_can_change_time(pw)); must_change_time = pdb_get_pass_must_change_time(pw); if (must_change_time == get_time_t_max()) { @@ -2538,12 +2499,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, unix_to_nt_time(&force_password_change, must_change_time); } - if (pdb_get_pass_must_change_time(pw) == 0) { - password_expired = PASS_MUST_CHANGE_AT_NEXT_LOGON; - } else { - password_expired = 0; - } - munged_dial = pdb_get_munged_dial(pw); if (munged_dial) { blob = base64_decode_data_blob(munged_dial); @@ -2557,17 +2512,33 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, return status; } - account_name = talloc_strdup(mem_ctx, pdb_get_username(pw)); - full_name = talloc_strdup(mem_ctx, pdb_get_fullname(pw)); - home_directory = talloc_strdup(mem_ctx, pdb_get_homedir(pw)); - home_drive = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw)); - logon_script = talloc_strdup(mem_ctx, pdb_get_logon_script(pw)); - profile_path = talloc_strdup(mem_ctx, pdb_get_profile_path(pw)); - description = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw)); - workstations = talloc_strdup(mem_ctx, pdb_get_workstations(pw)); - comment = talloc_strdup(mem_ctx, pdb_get_comment(pw)); + r->force_password_change = force_password_change; + + r->account_name.string = talloc_strdup(mem_ctx, pdb_get_username(pw)); + r->full_name.string = talloc_strdup(mem_ctx, pdb_get_fullname(pw)); + r->home_directory.string = talloc_strdup(mem_ctx, pdb_get_homedir(pw)); + r->home_drive.string = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw)); + r->logon_script.string = talloc_strdup(mem_ctx, pdb_get_logon_script(pw)); + r->profile_path.string = talloc_strdup(mem_ctx, pdb_get_profile_path(pw)); + r->description.string = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw)); + r->workstations.string = talloc_strdup(mem_ctx, pdb_get_workstations(pw)); + r->comment.string = talloc_strdup(mem_ctx, pdb_get_comment(pw)); + + r->logon_hours = get_logon_hours_from_pdb(mem_ctx, pw); + r->parameters = *parameters; + r->rid = rid; + r->primary_gid = primary_gid; + r->acct_flags = pdb_get_acct_ctrl(pw); + r->bad_password_count = pdb_get_bad_password_count(pw); + r->logon_count = pdb_get_logon_count(pw); + r->fields_present = pdb_build_fields_present(pw); + r->password_expired = (pdb_get_pass_must_change_time(pw) == 0) ? + PASS_MUST_CHANGE_AT_NEXT_LOGON : 0; + r->country_code = 0; + r->code_page = 0; + r->lm_password_set = 0; + r->nt_password_set = 0; - logon_hours = get_logon_hours_from_pdb(mem_ctx, pw); #if 0 /* @@ -2582,35 +2553,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, #endif - init_samr_user_info21(r, - last_logon, - last_logoff, - last_password_change, - acct_expiry, - allow_password_change, - force_password_change, - account_name, - full_name, - home_directory, - home_drive, - logon_script, - profile_path, - description, - workstations, - comment, - parameters, - rid, - primary_gid, - pdb_get_acct_ctrl(pw), - pdb_build_fields_present(pw), - logon_hours, - pdb_get_bad_password_count(pw), - pdb_get_logon_count(pw), - 0, /* country_code */ - 0, /* code_page */ - 0, /* lm_password_set */ - 0, /* nt_password_set */ - password_expired); return NT_STATUS_OK; } diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 426e7e97448..31977e95546 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -2676,10 +2676,12 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli, memcpy(lm_hash, out.data, out.length); } - init_samr_user_info18(&info.info18, - lm_hash, - nt_hash, - password_expired); + memcpy(info.info18.nt_pwd.hash, nt_hash, 16); + memcpy(info.info18.lm_pwd.hash, lm_hash, 16); + info.info18.nt_pwd_active = true; + info.info18.lm_pwd_active = true; + info.info18.password_expired = password_expired; + break; case 21: ZERO_STRUCT(info.info21); @@ -2731,9 +2733,9 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli, break; case 24: - init_samr_user_info24(&info.info24, - &pwd_buf, - password_expired); + info.info24.password = pwd_buf; + info.info24.password_expired = password_expired; + break; case 25: ZERO_STRUCT(info.info25); @@ -2749,9 +2751,9 @@ static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli, break; case 26: - init_samr_user_info26(&info.info26, - &pwd_buf_ex, - password_expired); + info.info26.password = pwd_buf_ex; + info.info26.password_expired = password_expired; + break; default: return NT_STATUS_INVALID_INFO_CLASS; diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index e0d606c19ae..652f0b531bb 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -5225,38 +5225,18 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c, } { - NTTIME notime; - struct samr_LogonHours hours; - struct lsa_BinaryString parameters; - const int units_per_week = 168; struct samr_CryptPassword crypt_pwd; - ZERO_STRUCT(notime); - ZERO_STRUCT(hours); - ZERO_STRUCT(parameters); - - hours.bits = talloc_array(mem_ctx, uint8_t, units_per_week); - if (!hours.bits) { - result = NT_STATUS_NO_MEMORY; - goto done; - } - hours.units_per_week = units_per_week; - memset(hours.bits, 0xFF, units_per_week); + ZERO_STRUCT(info.info23); init_samr_CryptPassword(argv[1], &cli->user_session_key, &crypt_pwd); - init_samr_user_info23(&info.info23, - notime, notime, notime, - notime, notime, notime, - NULL, NULL, NULL, NULL, NULL, - NULL, NULL, NULL, NULL, ¶meters, - 0, 0, ACB_DOMTRUST, - SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_NT_PASSWORD_PRESENT, - hours, - 0, 0, 0, 0, 0, 0, 0, - &crypt_pwd); + info.info23.info.fields_present = SAMR_FIELD_ACCT_FLAGS | + SAMR_FIELD_NT_PASSWORD_PRESENT; + info.info23.info.acct_flags = ACB_DOMTRUST; + info.info23.password = crypt_pwd; result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx, &user_pol, diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index 8070a6282b7..56516766934 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -339,8 +339,8 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) &cli->user_session_key, &crypt_pwd); - init_samr_user_info24(&set_info.info24, &crypt_pwd, - PASS_DONT_CHANGE_AT_NEXT_LOGON); + set_info.info24.password = crypt_pwd; + set_info.info24.password_expired = PASS_DONT_CHANGE_AT_NEXT_LOGON; CHECK_RPC_ERR(rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx, &user_pol, -- 2.34.1