[SCM] Samba Shared Repository - branch master updated - 3656cb2e57d971f8119024dff8eb3594b559592d

[Günther Deschner]

The branch, master has been updated
       via  3656cb2e57d971f8119024dff8eb3594b559592d (commit)
      from  f29d31a7e0f7b397cbcbb83d1b1c0ce233e948e9 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 3656cb2e57d971f8119024dff8eb3594b559592d
Author: Günther Deschner <gd at samba.org>
Date:   Fri Dec 5 16:13:28 2008 +0100

    s3-samr: fix samr_SetUserInfo level 18 server-side.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source3/rpc_server/srv_samr_nt.c |   62 ++++++++++++++++++++++++++++----------
 1 files changed, 46 insertions(+), 16 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 54aa534..5136340 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -3701,29 +3701,58 @@ static bool set_user_info_16(struct samr_UserInfo16 *id16,
  set_user_info_18
  ********************************************************************/
 
-static bool set_user_info_18(struct samr_UserInfo18 *id18,
-			     struct samu *pwd)
+static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18,
+				 TALLOC_CTX *mem_ctx,
+				 DATA_BLOB *session_key,
+				 struct samu *pwd)
 {
 	if (id18 == NULL) {
 		DEBUG(2, ("set_user_info_18: id18 is NULL\n"));
-		return False;
+		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	if (!pdb_set_lanman_passwd (pwd, id18->lm_pwd.hash, PDB_CHANGED)) {
-		return False;
+	if (id18->nt_pwd_active || id18->lm_pwd_active) {
+		if (!session_key->length) {
+			return NT_STATUS_NO_USER_SESSION_KEY;
+		}
 	}
-	if (!pdb_set_nt_passwd     (pwd, id18->nt_pwd.hash, PDB_CHANGED)) {
-		return False;
+
+	if (id18->nt_pwd_active) {
+
+		DATA_BLOB in, out;
+
+		in = data_blob_const(id18->nt_pwd.hash, 16);
+		out = data_blob_talloc_zero(mem_ctx, 16);
+
+		sess_crypt_blob(&out, &in, session_key, false);
+
+		if (!pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED)) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
 	}
- 	if (!pdb_set_pass_last_set_time (pwd, time(NULL), PDB_CHANGED)) {
-		return False;
+
+	if (id18->lm_pwd_active) {
+
+		DATA_BLOB in, out;
+
+		in = data_blob_const(id18->lm_pwd.hash, 16);
+		out = data_blob_talloc_zero(mem_ctx, 16);
+
+		sess_crypt_blob(&out, &in, session_key, false);
+
+		if (!pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED)) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
 	}
 
-	if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
-		return False;
- 	}
+	if (id18->password_expired) {
+		pdb_set_pass_last_set_time(pwd, 0, PDB_CHANGED);
+	} else {
+		/* FIXME */
+		pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
+	}
 
-	return True;
+	return pdb_update_sam_account(pwd);
 }
 
 /*******************************************************************
@@ -4180,9 +4209,10 @@ NTSTATUS _samr_SetUserInfo(pipes_struct *p,
 
 		case 18:
 			/* Used by AS/U JRA. */
-			if (!set_user_info_18(&info->info18, pwd)) {
-				status = NT_STATUS_ACCESS_DENIED;
-			}
+			status = set_user_info_18(&info->info18,
+						  p->mem_ctx,
+						  &p->server_info->user_session_key,
+						  pwd);
 			break;
 
 		case 20:


-- 
Samba Shared Repository