Changeset 221 for branches/samba-3.3.x/source/rpc_server
- Timestamp:
- May 24, 2009, 7:17:10 AM (16 years ago)
- Location:
- branches/samba-3.3.x/source/rpc_server
- Files:
-
- 6 edited
-
srv_netlog_nt.c (modified) (4 diffs)
-
srv_pipe_hnd.c (modified) (1 diff)
-
srv_samr_nt.c (modified) (1 diff)
-
srv_spoolss_nt.c (modified) (13 diffs)
-
srv_srvsvc_nt.c (modified) (1 diff)
-
srv_svcctl_nt.c (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
branches/samba-3.3.x/source/rpc_server/srv_netlog_nt.c
r206 r221 475 475 struct netr_Credential srv_chal_out; 476 476 477 /* We use this as the key to store the creds: */ 478 /* r->in.computer_name */ 479 480 if (!p->dc || !p->dc->challenge_sent) { 481 DEBUG(0,("_netr_ServerAuthenticate2: no challenge sent to client %s\n", 482 r->in.computer_name)); 483 return NT_STATUS_ACCESS_DENIED; 484 } 485 486 if ( (lp_server_schannel() == true) && 487 ((*r->in.negotiate_flags & NETLOGON_NEG_SCHANNEL) == 0) ) { 488 489 /* schannel must be used, but client did not offer it. */ 490 DEBUG(0,("_netr_ServerAuthenticate2: schannel required but client failed " 491 "to offer it. Client was %s\n", 492 r->in.account_name)); 493 return NT_STATUS_ACCESS_DENIED; 494 } 495 496 status = get_md4pw((char *)p->dc->mach_pw, 497 r->in.account_name, 498 r->in.secure_channel_type); 499 if (!NT_STATUS_IS_OK(status)) { 500 DEBUG(0,("_netr_ServerAuthenticate2: failed to get machine password for " 501 "account %s: %s\n", 502 r->in.account_name, nt_errstr(status) )); 503 /* always return NT_STATUS_ACCESS_DENIED */ 504 return NT_STATUS_ACCESS_DENIED; 505 } 506 507 /* From the client / server challenges and md4 password, generate sess key */ 508 creds_server_init(*r->in.negotiate_flags, 509 p->dc, 510 &p->dc->clnt_chal, /* Stored client chal. */ 511 &p->dc->srv_chal, /* Stored server chal. */ 512 p->dc->mach_pw, 513 &srv_chal_out); 514 515 /* Check client credentials are valid. */ 516 if (!netlogon_creds_server_check(p->dc, r->in.credentials)) { 517 DEBUG(0,("_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth " 518 "request from client %s machine account %s\n", 519 r->in.computer_name, 520 r->in.account_name)); 521 return NT_STATUS_ACCESS_DENIED; 522 } 477 /* According to Microsoft (see bugid #6099) 478 * Windows 7 looks at the negotiate_flags 479 * returned in this structure *even if the 480 * call fails with access denied ! So in order 481 * to allow Win7 to connect to a Samba NT style 482 * PDC we set the flags before we know if it's 483 * an error or not. 484 */ 523 485 524 486 /* 0x000001ff */ … … 537 499 } 538 500 501 *r->out.negotiate_flags = srv_flgs; 502 503 /* We use this as the key to store the creds: */ 504 /* r->in.computer_name */ 505 506 if (!p->dc || !p->dc->challenge_sent) { 507 DEBUG(0,("_netr_ServerAuthenticate2: no challenge sent to client %s\n", 508 r->in.computer_name)); 509 return NT_STATUS_ACCESS_DENIED; 510 } 511 512 if ( (lp_server_schannel() == true) && 513 ((*r->in.negotiate_flags & NETLOGON_NEG_SCHANNEL) == 0) ) { 514 515 /* schannel must be used, but client did not offer it. */ 516 DEBUG(0,("_netr_ServerAuthenticate2: schannel required but client failed " 517 "to offer it. Client was %s\n", 518 r->in.account_name)); 519 return NT_STATUS_ACCESS_DENIED; 520 } 521 522 status = get_md4pw((char *)p->dc->mach_pw, 523 r->in.account_name, 524 r->in.secure_channel_type); 525 if (!NT_STATUS_IS_OK(status)) { 526 DEBUG(0,("_netr_ServerAuthenticate2: failed to get machine password for " 527 "account %s: %s\n", 528 r->in.account_name, nt_errstr(status) )); 529 /* always return NT_STATUS_ACCESS_DENIED */ 530 return NT_STATUS_ACCESS_DENIED; 531 } 532 533 /* From the client / server challenges and md4 password, generate sess key */ 534 creds_server_init(*r->in.negotiate_flags, 535 p->dc, 536 &p->dc->clnt_chal, /* Stored client chal. */ 537 &p->dc->srv_chal, /* Stored server chal. */ 538 p->dc->mach_pw, 539 &srv_chal_out); 540 541 /* Check client credentials are valid. */ 542 if (!netlogon_creds_server_check(p->dc, r->in.credentials)) { 543 DEBUG(0,("_netr_ServerAuthenticate2: netlogon_creds_server_check failed. Rejecting auth " 544 "request from client %s machine account %s\n", 545 r->in.computer_name, 546 r->in.account_name)); 547 return NT_STATUS_ACCESS_DENIED; 548 } 539 549 /* set up the LSA AUTH 2 response */ 540 550 memcpy(r->out.return_credentials->data, &srv_chal_out.data, 541 551 sizeof(r->out.return_credentials->data)); 542 *r->out.negotiate_flags = srv_flgs;543 552 544 553 fstrcpy(p->dc->mach_acct, r->in.account_name); … … 689 698 690 699 memcpy(r->out.return_authenticator, &cred_out, 691 sizeof( r->out.return_authenticator));700 sizeof(*(r->out.return_authenticator))); 692 701 693 702 TALLOC_FREE(sampass); … … 1163 1172 ****************************************************************/ 1164 1173 1165 WERROR _netr_NETRLOGONDUMMYROUTINE1(pipes_struct *p, 1166 struct netr_NETRLOGONDUMMYROUTINE1 *r) 1167 { 1168 p->rng_fault_state = true; 1169 return WERR_NOT_SUPPORTED; 1174 NTSTATUS _netr_LogonGetCapabilities(pipes_struct *p, 1175 struct netr_LogonGetCapabilities *r) 1176 { 1177 return NT_STATUS_NOT_IMPLEMENTED; 1170 1178 } 1171 1179 -
branches/samba-3.3.x/source/rpc_server/srv_pipe_hnd.c
r206 r221 583 583 */ 584 584 585 if(prs_offset(&p->in_data.data) + data_len > 15*1024*1024) {585 if(prs_offset(&p->in_data.data) + data_len > MAX_RPC_DATA_SIZE) { 586 586 DEBUG(0,("process_request_pdu: rpc data buffer too large (%u) + (%u)\n", 587 587 (unsigned int)prs_data_size(&p->in_data.data), (unsigned int)data_len )); -
branches/samba-3.3.x/source/rpc_server/srv_samr_nt.c
r206 r221 1178 1178 *r->out.sam = samr_array; 1179 1179 *r->out.num_entries = num_groups; 1180 /* this was missing, IMHO:1181 1180 *r->out.resume_handle = num_groups + *r->in.resume_handle; 1182 */1183 1181 1184 1182 DEBUG(5,("_samr_EnumDomainGroups: %d\n", __LINE__)); -
branches/samba-3.3.x/source/rpc_server/srv_spoolss_nt.c
r206 r221 4730 4730 } 4731 4731 4732 if (offered > MAX_RPC_DATA_SIZE) { 4733 return WERR_INVALID_PARAM; 4734 } 4735 4732 4736 rpcbuf_move(q_u->buffer, &r_u->buffer); 4733 4737 buffer = r_u->buffer; … … 5084 5088 5085 5089 if (!q_u->buffer && (offered!=0)) { 5090 return WERR_INVALID_PARAM; 5091 } 5092 5093 if (offered > MAX_RPC_DATA_SIZE) { 5086 5094 return WERR_INVALID_PARAM; 5087 5095 } … … 5745 5753 5746 5754 if (!q_u->buffer && (offered!=0)) { 5755 return WERR_INVALID_PARAM; 5756 } 5757 5758 if (offered > MAX_RPC_DATA_SIZE) { 5747 5759 return WERR_INVALID_PARAM; 5748 5760 } … … 6822 6834 } 6823 6835 6836 if (offered > MAX_RPC_DATA_SIZE) { 6837 return WERR_INVALID_PARAM; 6838 } 6839 6824 6840 rpcbuf_move(q_u->buffer, &r_u->buffer); 6825 6841 buffer = r_u->buffer; … … 7198 7214 } 7199 7215 7216 if (offered > MAX_RPC_DATA_SIZE) { 7217 return WERR_INVALID_PARAM; 7218 } 7219 7200 7220 rpcbuf_move(q_u->buffer, &r_u->buffer); 7201 7221 buffer = r_u->buffer; … … 7265 7285 } 7266 7286 7287 if (offered > MAX_RPC_DATA_SIZE) { 7288 return WERR_INVALID_PARAM; 7289 } 7290 7267 7291 rpcbuf_move(q_u->buffer, &r_u->buffer); 7268 7292 buffer = r_u->buffer; … … 7670 7694 7671 7695 if (!q_u->buffer && (offered!=0)) { 7696 return WERR_INVALID_PARAM; 7697 } 7698 7699 if (offered > MAX_RPC_DATA_SIZE) { 7672 7700 return WERR_INVALID_PARAM; 7673 7701 } … … 8082 8110 } 8083 8111 8112 if (offered > MAX_RPC_DATA_SIZE) { 8113 return WERR_INVALID_PARAM; 8114 } 8115 8084 8116 rpcbuf_move(q_u->buffer, &r_u->buffer); 8085 8117 buffer = r_u->buffer; … … 8709 8741 } 8710 8742 8743 if (offered > MAX_RPC_DATA_SIZE) { 8744 return WERR_INVALID_PARAM; 8745 } 8746 8711 8747 rpcbuf_move(q_u->buffer, &r_u->buffer); 8712 8748 buffer = r_u->buffer; … … 8788 8824 } 8789 8825 8826 if (offered > MAX_RPC_DATA_SIZE) { 8827 return WERR_INVALID_PARAM; 8828 } 8829 8790 8830 rpcbuf_move(q_u->buffer, &r_u->buffer); 8791 8831 buffer = r_u->buffer; … … 8913 8953 8914 8954 if (!q_u->buffer && (offered!=0)) { 8955 return WERR_INVALID_PARAM; 8956 } 8957 8958 if (offered > MAX_RPC_DATA_SIZE) { 8915 8959 return WERR_INVALID_PARAM; 8916 8960 } … … 9089 9133 9090 9134 if (!q_u->buffer && (offered!=0)) { 9135 return WERR_INVALID_PARAM; 9136 } 9137 9138 if (offered > MAX_RPC_DATA_SIZE) { 9091 9139 return WERR_INVALID_PARAM; 9092 9140 } … … 9733 9781 } 9734 9782 9783 if (offered > MAX_RPC_DATA_SIZE) { 9784 return WERR_INVALID_PARAM; 9785 } 9786 9735 9787 rpcbuf_move(q_u->buffer, &r_u->buffer); 9736 9788 buffer = r_u->buffer; -
branches/samba-3.3.x/source/rpc_server/srv_srvsvc_nt.c
r206 r221 2323 2323 /*allow one struct srvsvc_NetDiskInfo0 for null terminator*/ 2324 2324 2325 r->out.info->count = 0; 2326 2325 2327 for(i = 0; i < MAX_SERVER_DISK_ENTRIES -1 && (disk_name = next_server_disk_enum(&resume)); i++) { 2326 2328 -
branches/samba-3.3.x/source/rpc_server/srv_svcctl_nt.c
r206 r221 140 140 size_t i = 0; 141 141 SEC_DESC *sd; 142 SEC_ACL * acl;142 SEC_ACL *theacl; 143 143 size_t sd_size; 144 144 … … 156 156 /* create the security descriptor */ 157 157 158 if ( !( acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )158 if ( !(theacl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) ) 159 159 return NULL; 160 160 161 161 if ( !(sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1, 162 162 SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, 163 acl, &sd_size)) )163 theacl, &sd_size)) ) 164 164 return NULL; 165 165
Note:
See TracChangeset
for help on using the changeset viewer.
