[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-3442-gff9bcd5
Günther Deschner
gd at samba.org
Wed Jul 30 14:41:28 GMT 2008
The branch, v3-3-test has been updated
via ff9bcd57738aa04c5e18e0e21dd0e788127317c4 (commit)
via c3e4c7cb5f2728a8219789aeb2344bff368713d5 (commit)
via 244ad49e6a993a0e3c56c5a19d38918be9deca3b (commit)
via 6c8ee639ecc789ea9052e999b6e998ac53ac521a (commit)
from 8b3149b4a663f59b504c1458cd7ecafe0c0e0322 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit ff9bcd57738aa04c5e18e0e21dd0e788127317c4
Author: Günther Deschner <gd at samba.org>
Date: Fri Jul 18 20:12:45 2008 +0200
netapi: implement NetUserSetInfo_r() for at least level 1007.
Guenther
commit c3e4c7cb5f2728a8219789aeb2344bff368713d5
Author: Günther Deschner <gd at samba.org>
Date: Fri Jul 18 20:12:13 2008 +0200
netapi: add convert_USER_INFO_X_to_samr_user_info21 fn and use it NetUserAdd.
Guenther
commit 244ad49e6a993a0e3c56c5a19d38918be9deca3b
Author: Günther Deschner <gd at samba.org>
Date: Fri Jul 18 19:40:26 2008 +0200
re-run make idl.
Guenther
commit 6c8ee639ecc789ea9052e999b6e998ac53ac521a
Author: Günther Deschner <gd at samba.org>
Date: Fri Jul 18 19:40:13 2008 +0200
netapi: add USER_INFO_X to IDL.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/lib/netapi/user.c | 299 +++++++++++++++++++++++++++------
source/librpc/gen_ndr/libnetapi.h | 27 +++
source/librpc/gen_ndr/ndr_libnetapi.c | 120 +++++++++++++
source/librpc/gen_ndr/ndr_libnetapi.h | 3 +
source/librpc/idl/libnetapi.idl | 27 +++
5 files changed, 426 insertions(+), 50 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/lib/netapi/user.c b/source/lib/netapi/user.c
index f896dde..fe30b14 100644
--- a/source/lib/netapi/user.c
+++ b/source/lib/netapi/user.c
@@ -27,9 +27,8 @@
/****************************************************************
****************************************************************/
-static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1,
- DATA_BLOB *user_session_key,
- struct samr_UserInfo25 *info25)
+static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX,
+ struct samr_UserInfo21 *info21)
{
uint32_t fields_present = SAMR_FIELD_ACCT_FLAGS;
struct samr_LogonHours zero_logon_hours;
@@ -37,41 +36,41 @@ static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1,
uint32_t acct_flags = 0;
NTTIME password_age;
- ZERO_STRUCTP(info25);
+ ZERO_STRUCTP(info21);
ZERO_STRUCT(zero_logon_hours);
ZERO_STRUCT(zero_parameters);
- if (info1->usri1_name) {
+ if (infoX->usriX_name) {
fields_present |= SAMR_FIELD_FULL_NAME;
}
- if (info1->usri1_password) {
+ if (infoX->usriX_password) {
fields_present |= SAMR_FIELD_PASSWORD;
}
- if (info1->usri1_flags) {
+ if (infoX->usriX_flags) {
fields_present |= SAMR_FIELD_ACCT_FLAGS;
}
- if (info1->usri1_name) {
+ if (infoX->usriX_name) {
fields_present |= SAMR_FIELD_FULL_NAME;
}
- if (info1->usri1_home_dir) {
+ if (infoX->usriX_home_dir) {
fields_present |= SAMR_FIELD_HOME_DIRECTORY;
}
- if (info1->usri1_script_path) {
+ if (infoX->usriX_script_path) {
fields_present |= SAMR_FIELD_LOGON_SCRIPT;
}
- if (info1->usri1_comment) {
+ if (infoX->usriX_comment) {
fields_present |= SAMR_FIELD_DESCRIPTION;
}
- if (info1->usri1_password_age) {
+ if (infoX->usriX_password_age) {
fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE;
}
- acct_flags |= info1->usri1_flags | ACB_NORMAL;
+ acct_flags |= infoX->usriX_flags | ACB_NORMAL;
- unix_to_nt_time_abs(&password_age, info1->usri1_password_age);
+ unix_to_nt_time_abs(&password_age, infoX->usriX_password_age);
- /* TODO: info1->usri1_priv */
- init_samr_user_info21(&info25->info,
+ /* TODO: infoX->usriX_priv */
+ init_samr_user_info21(info21,
0,
0,
0,
@@ -79,12 +78,12 @@ static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1,
0,
password_age,
NULL,
- info1->usri1_name,
- info1->usri1_home_dir,
+ infoX->usriX_name,
+ infoX->usriX_home_dir,
NULL,
- info1->usri1_script_path,
+ infoX->usriX_script_path,
NULL,
- info1->usri1_comment,
+ infoX->usriX_comment,
NULL,
NULL,
&zero_parameters,
@@ -100,29 +99,80 @@ static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1,
0,
0,
0);
+}
- if (info1->usri1_password) {
- uchar pwbuf[532];
- struct MD5Context ctx;
- uint8_t confounder[16];
- DATA_BLOB confounded_session_key = data_blob(NULL, 16);
-
- encode_pw_buffer(pwbuf, info1->usri1_password, STR_UNICODE);
+/****************************************************************
+****************************************************************/
- generate_random_buffer((uint8_t *)confounder, 16);
+static NTSTATUS construct_USER_INFO_X(uint32_t level,
+ uint8_t *buffer,
+ struct USER_INFO_X *uX)
+{
+ struct USER_INFO_0 *u0 = NULL;
+ struct USER_INFO_1 *u1 = NULL;
+ struct USER_INFO_2 *u2 = NULL;
+ struct USER_INFO_1007 *u1007 = NULL;
- MD5Init(&ctx);
- MD5Update(&ctx, confounder, 16);
- MD5Update(&ctx, user_session_key->data,
- user_session_key->length);
- MD5Final(confounded_session_key.data, &ctx);
+ if (!buffer || !uX) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
- SamOEMhashBlob(pwbuf, 516, &confounded_session_key);
- memcpy(&pwbuf[516], confounder, 16);
+ ZERO_STRUCTP(uX);
- memcpy(info25->password.data, pwbuf, sizeof(pwbuf));
- data_blob_free(&confounded_session_key);
+ switch (level) {
+ case 0:
+ u0 = (struct USER_INFO_0 *)buffer;
+ uX->usriX_name = u0->usri0_name;
+ break;
+ case 1:
+ u1 = (struct USER_INFO_1 *)buffer;
+ uX->usriX_name = u1->usri1_name;
+ uX->usriX_password = u1->usri1_password;
+ uX->usriX_password_age = u1->usri1_password_age;
+ uX->usriX_priv = u1->usri1_priv;
+ uX->usriX_home_dir = u1->usri1_home_dir;
+ uX->usriX_comment = u1->usri1_comment;
+ uX->usriX_flags = u1->usri1_flags;
+ uX->usriX_script_path = u1->usri1_script_path;
+ break;
+ case 2:
+ u2 = (struct USER_INFO_2 *)buffer;
+ uX->usriX_name = u2->usri2_name;
+ uX->usriX_password = u2->usri2_password;
+ uX->usriX_password_age = u2->usri2_password_age;
+ uX->usriX_priv = u2->usri2_priv;
+ uX->usriX_home_dir = u2->usri2_home_dir;
+ uX->usriX_comment = u2->usri2_comment;
+ uX->usriX_flags = u2->usri2_flags;
+ uX->usriX_script_path = u2->usri2_script_path;
+ uX->usriX_auth_flags = u2->usri2_auth_flags;
+ uX->usriX_full_name = u2->usri2_full_name;
+ uX->usriX_usr_comment = u2->usri2_usr_comment;
+ uX->usriX_parms = u2->usri2_parms;
+ uX->usriX_workstations = u2->usri2_workstations;
+ uX->usriX_last_logon = u2->usri2_last_logon;
+ uX->usriX_last_logoff = u2->usri2_last_logoff;
+ uX->usriX_acct_expires = u2->usri2_acct_expires;
+ uX->usriX_max_storage = u2->usri2_max_storage;
+ uX->usriX_units_per_week= u2->usri2_units_per_week;
+ uX->usriX_logon_hours = u2->usri2_logon_hours;
+ uX->usriX_bad_pw_count = u2->usri2_bad_pw_count;
+ uX->usriX_num_logons = u2->usri2_num_logons;
+ uX->usriX_logon_server = u2->usri2_logon_server;
+ uX->usriX_country_code = u2->usri2_country_code;
+ uX->usriX_code_page = u2->usri2_code_page;
+ break;
+ case 1007:
+ u1007 = (struct USER_INFO_1007 *)buffer;
+ uX->usriX_comment = u1007->usri1007_comment;
+ break;
+ case 3:
+ case 4:
+ default:
+ return NT_STATUS_INVALID_INFO_CLASS;
}
+
+ return NT_STATUS_OK;
}
/****************************************************************
@@ -138,12 +188,12 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
POLICY_HND connect_handle, domain_handle, user_handle;
struct lsa_String lsa_account_name;
struct dom_sid2 *domain_sid = NULL;
- struct samr_UserInfo25 info25;
+ struct samr_UserInfo21 info21;
union samr_UserInfo *user_info = NULL;
struct samr_PwInfo pw_info;
uint32_t access_granted = 0;
uint32_t rid = 0;
- struct USER_INFO_1 *info1;
+ struct USER_INFO_X uX;
ZERO_STRUCT(connect_handle);
ZERO_STRUCT(domain_handle);
@@ -155,7 +205,6 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
switch (r->in.level) {
case 1:
- info1 = (struct USER_INFO_1 *)r->in.buffer;
break;
case 2:
case 3:
@@ -176,6 +225,12 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
goto done;
}
+ status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX);
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
werr = libnetapi_samr_open_domain(ctx, pipe_cli,
SAMR_ACCESS_ENUM_DOMAINS |
SAMR_ACCESS_OPEN_DOMAIN,
@@ -189,7 +244,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
goto done;
}
- init_lsa_String(&lsa_account_name, info1->usri1_name);
+ init_lsa_String(&lsa_account_name, uX.usriX_name);
status = rpccli_samr_CreateUser2(pipe_cli, ctx,
&domain_handle,
@@ -230,14 +285,36 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
goto done;
}
+ convert_USER_INFO_X_to_samr_user_info21(&uX,
+ &info21);
+
ZERO_STRUCTP(user_info);
- convert_USER_INFO_1_to_samr_user_info25(info1,
- &cli->user_session_key,
- &info25);
+ if (uX.usriX_password) {
+
+ uchar pwbuf[532];
+ struct MD5Context md5_ctx;
+ uint8_t confounder[16];
+ DATA_BLOB confounded_session_key = data_blob(NULL, 16);
+
+ encode_pw_buffer(pwbuf, uX.usriX_password, STR_UNICODE);
+
+ generate_random_buffer((uint8_t *)confounder, 16);
+
+ MD5Init(&md5_ctx);
+ MD5Update(&md5_ctx, confounder, 16);
+ MD5Update(&md5_ctx, cli->user_session_key.data,
+ cli->user_session_key.length);
+ MD5Final(confounded_session_key.data, &md5_ctx);
+
+ SamOEMhashBlob(pwbuf, 516, &confounded_session_key);
+ memcpy(&pwbuf[516], confounder, 16);
+
+ memcpy(user_info->info25.password.data, pwbuf, sizeof(pwbuf));
+ data_blob_free(&confounded_session_key);
+
+ user_info->info25.info = info21;
- if (info1->usri1_password) {
- user_info->info25 = info25;
status = rpccli_samr_SetUserInfo2(pipe_cli, ctx,
&user_handle,
25,
@@ -245,10 +322,10 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) {
- user_info->info23.info = info25.info;
+ user_info->info23.info = info21;
encode_pw_buffer(user_info->info23.password.data,
- info1->usri1_password, STR_UNICODE);
+ uX.usriX_password, STR_UNICODE);
SamOEMhashBlob(user_info->info23.password.data, 516,
&cli->user_session_key);
@@ -258,7 +335,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
user_info);
}
} else {
- user_info->info21 = info25.info;
+ user_info->info21 = info21;
status = rpccli_samr_SetUserInfo(pipe_cli, ctx,
&user_handle,
21,
@@ -1219,7 +1296,129 @@ WERROR NetUserGetInfo_l(struct libnetapi_ctx *ctx,
WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx,
struct NetUserSetInfo *r)
{
- return WERR_NOT_SUPPORTED;
+ struct cli_state *cli = NULL;
+ struct rpc_pipe_client *pipe_cli = NULL;
+ NTSTATUS status;
+ WERROR werr;
+
+ struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle;
+ struct lsa_String lsa_account_name;
+ struct dom_sid2 *domain_sid = NULL;
+ struct samr_Ids user_rids, name_types;
+ union samr_UserInfo user_info;
+
+ struct USER_INFO_X uX;
+
+ ZERO_STRUCT(connect_handle);
+ ZERO_STRUCT(domain_handle);
+ ZERO_STRUCT(builtin_handle);
+ ZERO_STRUCT(user_handle);
+
+ if (!r->in.buffer) {
+ return WERR_INVALID_PARAM;
+ }
+
+ switch (r->in.level) {
+ case 0:
+ case 1007:
+ break;
+ default:
+ werr = WERR_NOT_SUPPORTED;
+ goto done;
+ }
+
+ werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id,
+ &pipe_cli);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ werr = libnetapi_samr_open_domain(ctx, pipe_cli,
+ SAMR_ACCESS_ENUM_DOMAINS |
+ SAMR_ACCESS_OPEN_DOMAIN,
+ SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
+ SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
+ &connect_handle,
+ &domain_handle,
+ &domain_sid);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
+ SAMR_ACCESS_ENUM_DOMAINS |
+ SAMR_ACCESS_OPEN_DOMAIN,
+ SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
+ SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
+ &connect_handle,
+ &builtin_handle);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
+ init_lsa_String(&lsa_account_name, r->in.user_name);
+
+ status = rpccli_samr_LookupNames(pipe_cli, ctx,
+ &domain_handle,
+ 1,
+ &lsa_account_name,
+ &user_rids,
+ &name_types);
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ status = rpccli_samr_OpenUser(pipe_cli, ctx,
+ &domain_handle,
+ SAMR_USER_ACCESS_SET_ATTRIBUTES,
+ user_rids.ids[0],
+ &user_handle);
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX);
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ convert_USER_INFO_X_to_samr_user_info21(&uX, &user_info.info21);
+
+ status = rpccli_samr_SetUserInfo(pipe_cli, ctx,
+ &user_handle,
+ 21,
+ &user_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ werr = ntstatus_to_werror(status);
+ goto done;
+ }
+
+ werr = WERR_OK;
+
+ done:
+ if (!cli) {
+ return werr;
+ }
+
+ if (is_valid_policy_hnd(&user_handle)) {
+ rpccli_samr_Close(pipe_cli, ctx, &user_handle);
+ }
+
+ if (ctx->disable_policy_handle_cache) {
+ libnetapi_samr_close_domain_handle(ctx, &domain_handle);
+ libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
+ libnetapi_samr_close_connect_handle(ctx, &connect_handle);
+ }
+
+ return werr;
}
/****************************************************************
diff --git a/source/librpc/gen_ndr/libnetapi.h b/source/librpc/gen_ndr/libnetapi.h
index 20a3662..75fd947 100644
--- a/source/librpc/gen_ndr/libnetapi.h
+++ b/source/librpc/gen_ndr/libnetapi.h
@@ -204,6 +204,33 @@ struct USER_INFO_1007 {
const char * usri1007_comment;
};
+struct USER_INFO_X {
+ const char * usriX_name;
+ const char * usriX_password;
+ uint32_t usriX_password_age;
+ uint32_t usriX_priv;
+ const char * usriX_home_dir;
+ const char * usriX_comment;
+ uint32_t usriX_flags;
+ const char * usriX_script_path;
+ uint32_t usriX_auth_flags;
+ const char * usriX_full_name;
+ const char * usriX_usr_comment;
+ const char * usriX_parms;
+ const char * usriX_workstations;
+ uint32_t usriX_last_logon;
+ uint32_t usriX_last_logoff;
+ uint32_t usriX_acct_expires;
+ uint32_t usriX_max_storage;
+ uint32_t usriX_units_per_week;
+ uint8_t *usriX_logon_hours;/* [unique] */
+ uint32_t usriX_bad_pw_count;
+ uint32_t usriX_num_logons;
+ const char * usriX_logon_server;
+ uint32_t usriX_country_code;
+ uint32_t usriX_code_page;
+};
+
struct NET_DISPLAY_USER {
const char * usri1_name;
const char * usri1_comment;
diff --git a/source/librpc/gen_ndr/ndr_libnetapi.c b/source/librpc/gen_ndr/ndr_libnetapi.c
index f84fbe4..2fe5b2e 100644
--- a/source/librpc/gen_ndr/ndr_libnetapi.c
+++ b/source/librpc/gen_ndr/ndr_libnetapi.c
@@ -942,6 +942,126 @@ _PUBLIC_ void ndr_print_USER_INFO_1007(struct ndr_print *ndr, const char *name,
ndr->depth--;
}
+_PUBLIC_ enum ndr_err_code ndr_push_USER_INFO_X(struct ndr_push *ndr, int ndr_flags, const struct USER_INFO_X *r)
+{
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_push_align(ndr, 4));
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_name));
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_password));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_password_age));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_priv));
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_home_dir));
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_comment));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_flags));
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_script_path));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_auth_flags));
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_full_name));
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_usr_comment));
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_parms));
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_workstations));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_last_logon));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_last_logoff));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_acct_expires));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_max_storage));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_units_per_week));
+ NDR_CHECK(ndr_push_unique_ptr(ndr, r->usriX_logon_hours));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_bad_pw_count));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_num_logons));
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_logon_server));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_country_code));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_code_page));
--
Samba Shared Repository
More information about the samba-cvs
mailing list