[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-516-gcc65489

Günther Deschner gd at samba.org
Fri Mar 28 13:16:05 GMT 2008 

The branch, v3-2-test has been updated
       via  cc654892c0d76dea001cd8f7bd6f50cf9e89e9c9 (commit)
       via  9e7d673ac44f500863bcbd0198452adc7c5027f9 (commit)
       via  2134d80c05fd7a37f44317335b40d7961c429c7b (commit)
      from  40d1d64c6a2ae128eb3fce0e7f5351b0c5942f30 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit cc654892c0d76dea001cd8f7bd6f50cf9e89e9c9
Author: Günther Deschner <gd at samba.org>
Date:   Fri Mar 28 14:13:27 2008 +0100

    Add Support for DOMAIN\DCNAME syntax in libnetjoin.
    This format is used by Windows to enforce joining to a specific DC.
    
    Guenther

commit 9e7d673ac44f500863bcbd0198452adc7c5027f9
Author: Günther Deschner <gd at samba.org>
Date:   Fri Mar 28 13:53:33 2008 +0100

    Let libnetjoin find the dc in wkssvc NetrJoinDomain2/UnjoinDomain2.
    
    Guenther

commit 2134d80c05fd7a37f44317335b40d7961c429c7b
Author: Günther Deschner <gd at samba.org>
Date:   Fri Mar 28 13:40:13 2008 +0100

    Check for buffer in decode_wkssvc_join_password_buffer.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source/libnet/libnet_join.c       |   58 +++++++++++++++++++++++++++++++++++++
 source/libsmb/smbencrypt.c        |   11 ++++++-
 source/rpc_server/srv_wkssvc_nt.c |   30 -------------------
 3 files changed, 68 insertions(+), 31 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/libnet/libnet_join.c b/source/libnet/libnet_join.c
index 6d5449f..f55d558 100644
--- a/source/libnet/libnet_join.c
+++ b/source/libnet/libnet_join.c
@@ -1314,6 +1314,48 @@ static WERROR libnet_unjoin_config(struct libnet_UnjoinCtx *r)
 /****************************************************************
 ****************************************************************/
 
+static bool libnet_parse_domain_dc(TALLOC_CTX *mem_ctx,
+				   const char *domain_str,
+				   const char **domain_p,
+				   const char **dc_p)
+{
+	char *domain = NULL;
+	char *dc = NULL;
+	const char *p = NULL;
+
+	if (!domain_str || !domain_p || !dc_p) {
+		return false;
+	}
+
+	p = strchr_m(domain_str, '\\');
+
+	if (p != NULL) {
+		domain = talloc_strndup(mem_ctx, domain_str,
+					 PTR_DIFF(p, domain_str));
+		dc = talloc_strdup(mem_ctx, p+1);
+		if (!dc) {
+			return false;
+		}
+	} else {
+		domain = talloc_strdup(mem_ctx, domain_str);
+		dc = NULL;
+	}
+	if (!domain) {
+		return false;
+	}
+
+	*domain_p = domain;
+
+	if (!*dc_p && dc) {
+		*dc_p = dc;
+	}
+
+	return true;
+}
+
+/****************************************************************
+****************************************************************/
+
 static WERROR libnet_join_pre_processing(TALLOC_CTX *mem_ctx,
 					 struct libnet_JoinCtx *r)
 {
@@ -1323,6 +1365,14 @@ static WERROR libnet_join_pre_processing(TALLOC_CTX *mem_ctx,
 		return WERR_INVALID_PARAM;
 	}
 
+	if (!libnet_parse_domain_dc(mem_ctx, r->in.domain_name,
+				    &r->in.domain_name,
+				    &r->in.dc_name)) {
+		libnet_join_set_error_string(mem_ctx, r,
+			"Failed to parse domain name");
+		return WERR_INVALID_PARAM;
+	}
+
 	if (r->in.modify_config && !lp_config_backend_is_registry()) {
 		libnet_join_set_error_string(mem_ctx, r,
 			"Configuration manipulation requested but not "
@@ -1654,6 +1704,14 @@ static WERROR libnet_unjoin_pre_processing(TALLOC_CTX *mem_ctx,
 		return WERR_INVALID_PARAM;
 	}
 
+	if (!libnet_parse_domain_dc(mem_ctx, r->in.domain_name,
+				    &r->in.domain_name,
+				    &r->in.dc_name)) {
+		libnet_unjoin_set_error_string(mem_ctx, r,
+			"Failed to parse domain name");
+		return WERR_INVALID_PARAM;
+	}
+
 	if (r->in.modify_config && !lp_config_backend_is_registry()) {
 		libnet_unjoin_set_error_string(mem_ctx, r,
 			"Configuration manipulation requested but not "
diff --git a/source/libsmb/smbencrypt.c b/source/libsmb/smbencrypt.c
index c547a4a..e7198b8 100644
--- a/source/libsmb/smbencrypt.c
+++ b/source/libsmb/smbencrypt.c
@@ -748,16 +748,24 @@ WERROR decode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
 	struct MD5Context ctx;
 	uint32_t pwd_len;
 
-	DATA_BLOB confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
+	DATA_BLOB confounded_session_key;
 
 	int confounder_len = 8;
 	uint8_t confounder[8];
 
+	*pwd = NULL;
+
+	if (!pwd_buf) {
+		return WERR_BAD_PASSWORD;
+	}
+
 	if (session_key->length != 16) {
 		DEBUG(10,("invalid session key\n"));
 		return WERR_BAD_PASSWORD;
 	}
 
+	confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
+
 	memcpy(&confounder, &pwd_buf->data[0], confounder_len);
 	memcpy(&buffer, &pwd_buf->data[8], 516);
 
@@ -769,6 +777,7 @@ WERROR decode_wkssvc_join_password_buffer(TALLOC_CTX *mem_ctx,
 	SamOEMhashBlob(buffer, 516, &confounded_session_key);
 
 	if (!decode_pw_buffer(mem_ctx, buffer, pwd, &pwd_len, STR_UNICODE)) {
+		data_blob_free(&confounded_session_key);
 		return WERR_BAD_PASSWORD;
 	}
 
diff --git a/source/rpc_server/srv_wkssvc_nt.c b/source/rpc_server/srv_wkssvc_nt.c
index 6d03009..f864aad 100644
--- a/source/rpc_server/srv_wkssvc_nt.c
+++ b/source/rpc_server/srv_wkssvc_nt.c
@@ -292,9 +292,7 @@ WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p,
 	char *admin_domain = NULL;
 	char *admin_account = NULL;
 	WERROR werr;
-	NTSTATUS status;
 	struct nt_user_token *token = p->pipe_user.nt_user_token;
-	struct netr_DsRGetDCNameInfo *info = NULL;
 
 	if (!r->in.domain_name) {
 		return WERR_INVALID_PARAM;
@@ -321,24 +319,11 @@ WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p,
 			  &admin_domain,
 			  &admin_account);
 
-	status = dsgetdcname(p->mem_ctx,
-			     r->in.domain_name,
-			     NULL,
-			     NULL,
-			     DS_DIRECTORY_SERVICE_REQUIRED |
-			     DS_WRITABLE_REQUIRED |
-			     DS_RETURN_DNS_NAME,
-			     &info);
-	if (!NT_STATUS_IS_OK(status)) {
-		return ntstatus_to_werror(status);
-	}
-
 	werr = libnet_init_JoinCtx(p->mem_ctx, &j);
 	if (!W_ERROR_IS_OK(werr)) {
 		return werr;
 	}
 
-	j->in.dc_name		= info->dc_unc;
 	j->in.domain_name	= r->in.domain_name;
 	j->in.account_ou	= r->in.account_ou;
 	j->in.join_flags	= r->in.join_flags;
@@ -372,9 +357,7 @@ WERROR _wkssvc_NetrUnjoinDomain2(pipes_struct *p,
 	char *admin_domain = NULL;
 	char *admin_account = NULL;
 	WERROR werr;
-	NTSTATUS status;
 	struct nt_user_token *token = p->pipe_user.nt_user_token;
-	struct netr_DsRGetDCNameInfo *info = NULL;
 
 	if (!user_has_privileges(token, &se_machine_account) &&
 	    !nt_token_check_domain_rid(token, DOMAIN_GROUP_RID_ADMINS) &&
@@ -397,24 +380,11 @@ WERROR _wkssvc_NetrUnjoinDomain2(pipes_struct *p,
 			  &admin_domain,
 			  &admin_account);
 
-	status = dsgetdcname(p->mem_ctx,
-			     lp_realm(),
-			     NULL,
-			     NULL,
-			     DS_DIRECTORY_SERVICE_REQUIRED |
-			     DS_WRITABLE_REQUIRED |
-			     DS_RETURN_DNS_NAME,
-			     &info);
-	if (!NT_STATUS_IS_OK(status)) {
-		return ntstatus_to_werror(status);
-	}
-
 	werr = libnet_init_UnjoinCtx(p->mem_ctx, &u);
 	if (!W_ERROR_IS_OK(werr)) {
 		return werr;
 	}
 
-	u->in.dc_name		= info->dc_unc;
 	u->in.domain_name	= lp_realm();
 	u->in.unjoin_flags	= r->in.unjoin_flags |
 				  WKSSVC_JOIN_FLAGS_JOIN_TYPE;


-- 
Samba Shared Repository

More information about the samba-cvs mailing list