[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-4560-gbc3a277
Günther Deschner
gd at samba.org
Mon Dec 1 11:45:29 GMT 2008
The branch, v3-3-test has been updated
via bc3a277455dd4557e796ddc0bef0f52a11f889e7 (commit)
via f479fdc29813c3452fd22c4a2780f0bc5066e664 (commit)
via b72a6e2e9d93be619d6cd242ccfdf8ac07715bc3 (commit)
via 82dfb92cae1ffc52a92ea27ba96dc875ce0ae4a1 (commit)
via c28e83417dc67083b06fb060f5382ceb082bbdcd (commit)
via 0315308cbc724bbf54b7767b4af307217833f541 (commit)
from f7825e07c9674f994d7c0d571448c2927721fdaf (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit bc3a277455dd4557e796ddc0bef0f52a11f889e7
Author: Günther Deschner <gd at samba.org>
Date: Sat Nov 29 00:12:26 2008 +0100
s3-libnetjoin: Fix bug #5749. Re-set acctflags while joining. fix from metze.
Guenther
commit f479fdc29813c3452fd22c4a2780f0bc5066e664
Author: Günther Deschner <gd at samba.org>
Date: Sat Nov 29 00:10:18 2008 +0100
s3-libnetjoin: remove unused md4_trust_password, found by metze.
Guenther
commit b72a6e2e9d93be619d6cd242ccfdf8ac07715bc3
Author: Günther Deschner <gd at samba.org>
Date: Fri Nov 28 11:15:29 2008 +0100
s3-samr: add init_samr_user_info25 and init_samr_user_info26.
Guenther
commit 82dfb92cae1ffc52a92ea27ba96dc875ce0ae4a1
Author: Günther Deschner <gd at samba.org>
Date: Mon Nov 24 18:49:37 2008 +0100
s3-samr: fix init_samr_user_info{23,24} callers.
Guenther
commit c28e83417dc67083b06fb060f5382ceb082bbdcd
Author: Günther Deschner <gd at samba.org>
Date: Mon Nov 24 16:32:18 2008 +0100
s3-build: re-run make samba3-idl.
Guenther
commit 0315308cbc724bbf54b7767b4af307217833f541
Author: Günther Deschner <gd at samba.org>
Date: Mon Nov 24 16:31:49 2008 +0100
samr: fix samr_UserInfo24 and samr_UserInfo26.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/include/proto.h | 40 ++++++++++++++--
source/libnet/libnet_join.c | 53 ++++++++++++---------
source/librpc/gen_ndr/ndr_samr.c | 12 ++--
source/librpc/gen_ndr/samr.h | 4 +-
source/librpc/idl/samr.idl | 4 +-
source/rpc_client/init_samr.c | 98 +++++++++++++++++++++++++++++++++++---
source/utils/net_rpc.c | 2 +-
source/utils/net_rpc_join.c | 3 +-
8 files changed, 171 insertions(+), 45 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/include/proto.h b/source/include/proto.h
index cb2588b..99e9d76 100644
--- a/source/include/proto.h
+++ b/source/include/proto.h
@@ -7467,11 +7467,43 @@ void init_samr_user_info23(struct samr_UserInfo23 *r,
uint8_t nt_password_set,
uint8_t lm_password_set,
uint8_t password_expired,
- uint8_t data[516],
- uint8_t pw_len);
+ struct samr_CryptPassword *pwd_buf);
void init_samr_user_info24(struct samr_UserInfo24 *r,
- uint8_t data[516],
- uint8_t pw_len);
+ struct samr_CryptPassword *pwd_buf,
+ uint8_t password_expired);
+void init_samr_user_info25(struct samr_UserInfo25 *r,
+ NTTIME last_logon,
+ NTTIME last_logoff,
+ NTTIME last_password_change,
+ NTTIME acct_expiry,
+ NTTIME allow_password_change,
+ NTTIME force_password_change,
+ const char *account_name,
+ const char *full_name,
+ const char *home_directory,
+ const char *home_drive,
+ const char *logon_script,
+ const char *profile_path,
+ const char *description,
+ const char *workstations,
+ const char *comment,
+ struct lsa_BinaryString *parameters,
+ uint32_t rid,
+ uint32_t primary_gid,
+ uint32_t acct_flags,
+ uint32_t fields_present,
+ struct samr_LogonHours logon_hours,
+ uint16_t bad_password_count,
+ uint16_t logon_count,
+ uint16_t country_code,
+ uint16_t code_page,
+ uint8_t nt_password_set,
+ uint8_t lm_password_set,
+ uint8_t password_expired,
+ struct samr_CryptPasswordEx *pwd_buf);
+void init_samr_user_info26(struct samr_UserInfo26 *r,
+ struct samr_CryptPasswordEx *pwd_buf,
+ uint8_t password_expired);
void init_samr_CryptPasswordEx(const char *pwd,
DATA_BLOB *session_key,
struct samr_CryptPasswordEx *pwd_buf);
diff --git a/source/libnet/libnet_join.c b/source/libnet/libnet_join.c
index 3b6af5e..d53cb68 100644
--- a/source/libnet/libnet_join.c
+++ b/source/libnet/libnet_join.c
@@ -762,7 +762,6 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
struct lsa_String lsa_acct_name;
uint32_t user_rid;
uint32_t acct_flags = ACB_WSTRUST;
- uchar md4_trust_password[16];
struct samr_Ids user_rids;
struct samr_Ids name_types;
union samr_UserInfo user_info;
@@ -898,14 +897,6 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
goto done;
}
- /* Create a random machine account password and generate the hash */
-
- E_md4hash(r->in.machine_password, md4_trust_password);
-
- init_samr_CryptPasswordEx(r->in.machine_password,
- &cli->user_session_key,
- &crypt_pwd_ex);
-
/* Fill in the additional account flags now */
acct_flags |= ACB_PWNOEXP;
@@ -916,23 +907,40 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
;;
}
- /* Set password and account flags on machine account */
-
- ZERO_STRUCT(user_info.info25);
-
- user_info.info25.info.fields_present = ACCT_NT_PWD_SET |
- ACCT_LM_PWD_SET |
- SAMR_FIELD_ACCT_FLAGS;
-
- user_info.info25.info.acct_flags = acct_flags;
- memcpy(&user_info.info25.password.data, crypt_pwd_ex.data,
- sizeof(crypt_pwd_ex.data));
+ /* Set account flags on machine account */
+ ZERO_STRUCT(user_info.info16);
+ user_info.info16.acct_flags = acct_flags;
status = rpccli_samr_SetUserInfo(pipe_hnd, mem_ctx,
&user_pol,
- 25,
+ 16,
&user_info);
+ if (!NT_STATUS_IS_OK(status)) {
+
+ rpccli_samr_DeleteUser(pipe_hnd, mem_ctx,
+ &user_pol);
+
+ libnet_join_set_error_string(mem_ctx, r,
+ "Failed to set account flags for machine account (%s)\n",
+ nt_errstr(status));
+ goto done;
+ }
+
+ /* Set password on machine account - first try level 26 */
+
+ init_samr_CryptPasswordEx(r->in.machine_password,
+ &cli->user_session_key,
+ &crypt_pwd_ex);
+
+ init_samr_user_info26(&user_info.info26, &crypt_pwd_ex,
+ PASS_DONT_CHANGE_AT_NEXT_LOGON);
+
+ status = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+ &user_pol,
+ 26,
+ &user_info);
+
if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) {
/* retry with level 24 */
@@ -941,7 +949,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
&cli->user_session_key,
&crypt_pwd);
- init_samr_user_info24(&user_info.info24, crypt_pwd.data, 24);
+ init_samr_user_info24(&user_info.info24, &crypt_pwd,
+ PASS_DONT_CHANGE_AT_NEXT_LOGON);
status = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
diff --git a/source/librpc/gen_ndr/ndr_samr.c b/source/librpc/gen_ndr/ndr_samr.c
index 9c5a886..bd87a50 100644
--- a/source/librpc/gen_ndr/ndr_samr.c
+++ b/source/librpc/gen_ndr/ndr_samr.c
@@ -2961,7 +2961,7 @@ static enum ndr_err_code ndr_push_samr_UserInfo24(struct ndr_push *ndr, int ndr_
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_push_align(ndr, 1));
NDR_CHECK(ndr_push_samr_CryptPassword(ndr, NDR_SCALARS, &r->password));
- NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->pw_len));
+ NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->password_expired));
}
if (ndr_flags & NDR_BUFFERS) {
}
@@ -2973,7 +2973,7 @@ static enum ndr_err_code ndr_pull_samr_UserInfo24(struct ndr_pull *ndr, int ndr_
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_pull_align(ndr, 1));
NDR_CHECK(ndr_pull_samr_CryptPassword(ndr, NDR_SCALARS, &r->password));
- NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->pw_len));
+ NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->password_expired));
}
if (ndr_flags & NDR_BUFFERS) {
}
@@ -2985,7 +2985,7 @@ _PUBLIC_ void ndr_print_samr_UserInfo24(struct ndr_print *ndr, const char *name,
ndr_print_struct(ndr, name, "samr_UserInfo24");
ndr->depth++;
ndr_print_samr_CryptPassword(ndr, "password", &r->password);
- ndr_print_uint8(ndr, "pw_len", r->pw_len);
+ ndr_print_uint8(ndr, "password_expired", r->password_expired);
ndr->depth--;
}
@@ -3074,7 +3074,7 @@ static enum ndr_err_code ndr_push_samr_UserInfo26(struct ndr_push *ndr, int ndr_
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_push_align(ndr, 1));
NDR_CHECK(ndr_push_samr_CryptPasswordEx(ndr, NDR_SCALARS, &r->password));
- NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->pw_len));
+ NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, r->password_expired));
}
if (ndr_flags & NDR_BUFFERS) {
}
@@ -3086,7 +3086,7 @@ static enum ndr_err_code ndr_pull_samr_UserInfo26(struct ndr_pull *ndr, int ndr_
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_pull_align(ndr, 1));
NDR_CHECK(ndr_pull_samr_CryptPasswordEx(ndr, NDR_SCALARS, &r->password));
- NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->pw_len));
+ NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->password_expired));
}
if (ndr_flags & NDR_BUFFERS) {
}
@@ -3098,7 +3098,7 @@ _PUBLIC_ void ndr_print_samr_UserInfo26(struct ndr_print *ndr, const char *name,
ndr_print_struct(ndr, name, "samr_UserInfo26");
ndr->depth++;
ndr_print_samr_CryptPasswordEx(ndr, "password", &r->password);
- ndr_print_uint8(ndr, "pw_len", r->pw_len);
+ ndr_print_uint8(ndr, "password_expired", r->password_expired);
ndr->depth--;
}
diff --git a/source/librpc/gen_ndr/samr.h b/source/librpc/gen_ndr/samr.h
index a60cfae..f3925d9 100644
--- a/source/librpc/gen_ndr/samr.h
+++ b/source/librpc/gen_ndr/samr.h
@@ -524,7 +524,7 @@ struct samr_UserInfo23 {
struct samr_UserInfo24 {
struct samr_CryptPassword password;
- uint8_t pw_len;
+ uint8_t password_expired;
};
struct samr_CryptPasswordEx {
@@ -538,7 +538,7 @@ struct samr_UserInfo25 {
struct samr_UserInfo26 {
struct samr_CryptPasswordEx password;
- uint8_t pw_len;
+ uint8_t password_expired;
};
union samr_UserInfo {
diff --git a/source/librpc/idl/samr.idl b/source/librpc/idl/samr.idl
index 43019b6..4c70898 100644
--- a/source/librpc/idl/samr.idl
+++ b/source/librpc/idl/samr.idl
@@ -959,7 +959,7 @@ import "misc.idl", "lsa.idl", "security.idl";
typedef struct {
samr_CryptPassword password;
- uint8 pw_len;
+ uint8 password_expired;
} samr_UserInfo24;
typedef [flag(NDR_PAHEX)] struct {
@@ -973,7 +973,7 @@ import "misc.idl", "lsa.idl", "security.idl";
typedef struct {
samr_CryptPasswordEx password;
- uint8 pw_len;
+ uint8 password_expired;
} samr_UserInfo26;
typedef [switch_type(uint16)] union {
diff --git a/source/rpc_client/init_samr.c b/source/rpc_client/init_samr.c
index 2e75753..0e6c277 100644
--- a/source/rpc_client/init_samr.c
+++ b/source/rpc_client/init_samr.c
@@ -410,8 +410,7 @@ void init_samr_user_info23(struct samr_UserInfo23 *r,
uint8_t nt_password_set,
uint8_t lm_password_set,
uint8_t password_expired,
- uint8_t data[516],
- uint8_t pw_len)
+ struct samr_CryptPassword *pwd_buf)
{
memset(r, '\0', sizeof(*r));
init_samr_user_info21(&r->info,
@@ -444,7 +443,7 @@ void init_samr_user_info23(struct samr_UserInfo23 *r,
lm_password_set,
password_expired);
- memcpy(r->password.data, data, sizeof(r->password.data));
+ r->password = *pwd_buf;
}
/*************************************************************************
@@ -452,13 +451,98 @@ void init_samr_user_info23(struct samr_UserInfo23 *r,
*************************************************************************/
void init_samr_user_info24(struct samr_UserInfo24 *r,
- uint8_t data[516],
- uint8_t pw_len)
+ struct samr_CryptPassword *pwd_buf,
+ uint8_t password_expired)
{
DEBUG(10, ("init_samr_user_info24:\n"));
- memcpy(r->password.data, data, sizeof(r->password.data));
- r->pw_len = pw_len;
+ r->password = *pwd_buf;
+ r->password_expired = password_expired;
+}
+
+/*************************************************************************
+ init_samr_user_info25
+ *************************************************************************/
+
+void init_samr_user_info25(struct samr_UserInfo25 *r,
+ NTTIME last_logon,
+ NTTIME last_logoff,
+ NTTIME last_password_change,
+ NTTIME acct_expiry,
+ NTTIME allow_password_change,
+ NTTIME force_password_change,
+ const char *account_name,
+ const char *full_name,
+ const char *home_directory,
+ const char *home_drive,
+ const char *logon_script,
+ const char *profile_path,
+ const char *description,
+ const char *workstations,
+ const char *comment,
+ struct lsa_BinaryString *parameters,
+ uint32_t rid,
+ uint32_t primary_gid,
+ uint32_t acct_flags,
+ uint32_t fields_present,
+ struct samr_LogonHours logon_hours,
+ uint16_t bad_password_count,
+ uint16_t logon_count,
+ uint16_t country_code,
+ uint16_t code_page,
+ uint8_t nt_password_set,
+ uint8_t lm_password_set,
+ uint8_t password_expired,
+ struct samr_CryptPasswordEx *pwd_buf)
+{
+ DEBUG(10, ("init_samr_user_info25:\n"));
+
+ memset(r, '\0', sizeof(*r));
+ init_samr_user_info21(&r->info,
+ last_logon,
+ last_logoff,
+ last_password_change,
+ acct_expiry,
+ allow_password_change,
+ force_password_change,
+ account_name,
+ full_name,
+ home_directory,
+ home_drive,
+ logon_script,
+ profile_path,
+ description,
+ workstations,
+ comment,
+ parameters,
+ rid,
+ primary_gid,
+ acct_flags,
+ fields_present,
+ logon_hours,
+ bad_password_count,
+ logon_count,
+ country_code,
+ code_page,
+ nt_password_set,
+ lm_password_set,
+ password_expired);
+
+ r->password = *pwd_buf;
+}
+
+/*************************************************************************
+ init_samr_user_info26
+ *************************************************************************/
+
+void init_samr_user_info26(struct samr_UserInfo26 *r,
+ struct samr_CryptPasswordEx *pwd_buf,
+ uint8_t password_expired)
+{
+ DEBUG(10, ("init_samr_user_info26:\n"));
+
+ r->password = *pwd_buf;
+ r->password_expired = password_expired;
}
/*************************************************************************
diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c
index fb3002e..5b16801 100644
--- a/source/utils/net_rpc.c
+++ b/source/utils/net_rpc.c
@@ -5257,7 +5257,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
0, 0, ACB_DOMTRUST, SAMR_FIELD_ACCT_FLAGS,
hours,
0, 0, 0, 0, 0, 0, 0,
- crypt_pwd.data, 24);
+ &crypt_pwd);
result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
diff --git a/source/utils/net_rpc_join.c b/source/utils/net_rpc_join.c
index 5bc38f9..d8641bf 100644
--- a/source/utils/net_rpc_join.c
+++ b/source/utils/net_rpc_join.c
@@ -343,7 +343,8 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv)
&cli->user_session_key,
&crypt_pwd);
- init_samr_user_info24(&set_info.info24, crypt_pwd.data, 24);
+ init_samr_user_info24(&set_info.info24, &crypt_pwd,
+ PASS_DONT_CHANGE_AT_NEXT_LOGON);
CHECK_RPC_ERR(rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
--
Samba Shared Repository
More information about the samba-cvs
mailing list