Changeset 860 for vendor/current/source3/rpc_server
- Timestamp:
- May 12, 2014, 8:58:38 PM (11 years ago)
- Location:
- vendor/current/source3/rpc_server
- Files:
-
- 5 edited
-
netlogon/srv_netlog_nt.c (modified) (1 diff)
-
samr/srv_samr_chgpasswd.c (modified) (4 diffs)
-
samr/srv_samr_nt.c (modified) (2 diffs)
-
spoolss/srv_spoolss_nt.c (modified) (12 diffs)
-
wkssvc/srv_wkssvc_nt.c (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source3/rpc_server/netlogon/srv_netlog_nt.c
r746 r860 587 587 goto out; 588 588 } 589 if ( rids.count != types.count) {589 if (types.count != 1) { 590 590 status = NT_STATUS_INVALID_PARAMETER; 591 591 goto out; -
vendor/current/source3/rpc_server/samr/srv_samr_chgpasswd.c
r740 r860 74 74 75 75 #if defined(HAVE_GRANTPT) 76 #if defined(HAVE_POSIX_OPENPT) 77 master = posix_openpt(O_RDWR|O_NOCTTY); 78 #else 76 79 /* Try to open /dev/ptmx. If that fails, fall through to old method. */ 77 if ((master = sys_open("/dev/ptmx", O_RDWR, 0)) >= 0) { 80 master = sys_open("/dev/ptmx", O_RDWR, 0); 81 #endif 82 if (master >= 0) { 78 83 grantpt(master); 79 84 unlockpt(master); … … 1102 1107 NTSTATUS nt_status; 1103 1108 bool ret = false; 1109 bool updated_badpw = false; 1110 NTSTATUS update_login_attempts_status; 1104 1111 1105 1112 if (!(sampass = samu_new(NULL))) { … … 1115 1122 TALLOC_FREE(sampass); 1116 1123 return NT_STATUS_NO_SUCH_USER; 1124 } 1125 1126 /* Quit if the account was locked out. */ 1127 if (pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK) { 1128 DEBUG(3,("check_sam_security: Account for user %s was locked out.\n", user)); 1129 TALLOC_FREE(sampass); 1130 return NT_STATUS_ACCOUNT_LOCKED_OUT; 1117 1131 } 1118 1132 … … 1125 1139 &new_passwd); 1126 1140 1141 /* 1142 * Notify passdb backend of login success/failure. If not 1143 * NT_STATUS_OK the backend doesn't like the login 1144 */ 1145 update_login_attempts_status = pdb_update_login_attempts(sampass, 1146 NT_STATUS_IS_OK(nt_status)); 1147 1148 if (!NT_STATUS_IS_OK(nt_status)) { 1149 bool increment_bad_pw_count = false; 1150 1151 if (NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD) && 1152 (pdb_get_acct_ctrl(sampass) & ACB_NORMAL) && 1153 NT_STATUS_IS_OK(update_login_attempts_status)) 1154 { 1155 increment_bad_pw_count = true; 1156 } 1157 1158 if (increment_bad_pw_count) { 1159 pdb_increment_bad_password_count(sampass); 1160 updated_badpw = true; 1161 } else { 1162 pdb_update_bad_password_count(sampass, 1163 &updated_badpw); 1164 } 1165 } else { 1166 1167 if ((pdb_get_acct_ctrl(sampass) & ACB_NORMAL) && 1168 (pdb_get_bad_password_count(sampass) > 0)){ 1169 pdb_set_bad_password_count(sampass, 0, PDB_CHANGED); 1170 pdb_set_bad_password_time(sampass, 0, PDB_CHANGED); 1171 updated_badpw = true; 1172 } 1173 } 1174 1175 if (updated_badpw) { 1176 NTSTATUS update_status; 1177 become_root(); 1178 update_status = pdb_update_sam_account(sampass); 1179 unbecome_root(); 1180 1181 if (!NT_STATUS_IS_OK(update_status)) { 1182 DEBUG(1, ("Failed to modify entry: %s\n", 1183 nt_errstr(update_status))); 1184 } 1185 } 1186 1127 1187 if (!NT_STATUS_IS_OK(nt_status)) { 1128 1188 TALLOC_FREE(sampass); -
vendor/current/source3/rpc_server/samr/srv_samr_nt.c
r746 r860 1707 1707 1708 1708 /**************************************************************** 1709 _samr_ChangePasswordUser 1709 _samr_ChangePasswordUser. 1710 1711 So old it is just not worth implementing 1712 because it does not supply a plaintext and so we can't do password 1713 complexity checking and cannot update other services that use a 1714 plaintext password via passwd chat/pam password change/ldap password 1715 sync. 1710 1716 ****************************************************************/ 1711 1717 … … 1713 1719 struct samr_ChangePasswordUser *r) 1714 1720 { 1715 NTSTATUS status; 1716 bool ret = false; 1717 struct samr_user_info *uinfo; 1718 struct samu *pwd; 1719 struct samr_Password new_lmPwdHash, new_ntPwdHash, checkHash; 1720 struct samr_Password lm_pwd, nt_pwd; 1721 1722 uinfo = policy_handle_find(p, r->in.user_handle, 1723 SAMR_USER_ACCESS_SET_PASSWORD, NULL, 1724 struct samr_user_info, &status); 1725 if (!NT_STATUS_IS_OK(status)) { 1726 return status; 1727 } 1728 1729 DEBUG(5,("_samr_ChangePasswordUser: sid:%s\n", 1730 sid_string_dbg(&uinfo->sid))); 1731 1732 if (!(pwd = samu_new(NULL))) { 1733 return NT_STATUS_NO_MEMORY; 1734 } 1735 1736 become_root(); 1737 ret = pdb_getsampwsid(pwd, &uinfo->sid); 1738 unbecome_root(); 1739 1740 if (!ret) { 1741 TALLOC_FREE(pwd); 1742 return NT_STATUS_WRONG_PASSWORD; 1743 } 1744 1745 { 1746 const uint8_t *lm_pass, *nt_pass; 1747 1748 lm_pass = pdb_get_lanman_passwd(pwd); 1749 nt_pass = pdb_get_nt_passwd(pwd); 1750 1751 if (!lm_pass || !nt_pass) { 1752 status = NT_STATUS_WRONG_PASSWORD; 1753 goto out; 1754 } 1755 1756 memcpy(&lm_pwd.hash, lm_pass, sizeof(lm_pwd.hash)); 1757 memcpy(&nt_pwd.hash, nt_pass, sizeof(nt_pwd.hash)); 1758 } 1759 1760 /* basic sanity checking on parameters. Do this before any database ops */ 1761 if (!r->in.lm_present || !r->in.nt_present || 1762 !r->in.old_lm_crypted || !r->in.new_lm_crypted || 1763 !r->in.old_nt_crypted || !r->in.new_nt_crypted) { 1764 /* we should really handle a change with lm not 1765 present */ 1766 status = NT_STATUS_INVALID_PARAMETER_MIX; 1767 goto out; 1768 } 1769 1770 /* decrypt and check the new lm hash */ 1771 D_P16(lm_pwd.hash, r->in.new_lm_crypted->hash, new_lmPwdHash.hash); 1772 D_P16(new_lmPwdHash.hash, r->in.old_lm_crypted->hash, checkHash.hash); 1773 if (memcmp(checkHash.hash, lm_pwd.hash, 16) != 0) { 1774 status = NT_STATUS_WRONG_PASSWORD; 1775 goto out; 1776 } 1777 1778 /* decrypt and check the new nt hash */ 1779 D_P16(nt_pwd.hash, r->in.new_nt_crypted->hash, new_ntPwdHash.hash); 1780 D_P16(new_ntPwdHash.hash, r->in.old_nt_crypted->hash, checkHash.hash); 1781 if (memcmp(checkHash.hash, nt_pwd.hash, 16) != 0) { 1782 status = NT_STATUS_WRONG_PASSWORD; 1783 goto out; 1784 } 1785 1786 /* The NT Cross is not required by Win2k3 R2, but if present 1787 check the nt cross hash */ 1788 if (r->in.cross1_present && r->in.nt_cross) { 1789 D_P16(lm_pwd.hash, r->in.nt_cross->hash, checkHash.hash); 1790 if (memcmp(checkHash.hash, new_ntPwdHash.hash, 16) != 0) { 1791 status = NT_STATUS_WRONG_PASSWORD; 1792 goto out; 1793 } 1794 } 1795 1796 /* The LM Cross is not required by Win2k3 R2, but if present 1797 check the lm cross hash */ 1798 if (r->in.cross2_present && r->in.lm_cross) { 1799 D_P16(nt_pwd.hash, r->in.lm_cross->hash, checkHash.hash); 1800 if (memcmp(checkHash.hash, new_lmPwdHash.hash, 16) != 0) { 1801 status = NT_STATUS_WRONG_PASSWORD; 1802 goto out; 1803 } 1804 } 1805 1806 if (!pdb_set_nt_passwd(pwd, new_ntPwdHash.hash, PDB_CHANGED) || 1807 !pdb_set_lanman_passwd(pwd, new_lmPwdHash.hash, PDB_CHANGED)) { 1808 status = NT_STATUS_ACCESS_DENIED; 1809 goto out; 1810 } 1811 1812 status = pdb_update_sam_account(pwd); 1813 out: 1814 TALLOC_FREE(pwd); 1815 1816 return status; 1721 return NT_STATUS_NOT_IMPLEMENTED; 1817 1722 } 1818 1723 -
vendor/current/source3/rpc_server/spoolss/srv_spoolss_nt.c
r746 r860 1745 1745 result = open_printer_hnd(p, r->out.handle, r->in.printername, 0); 1746 1746 if (!W_ERROR_IS_OK(result)) { 1747 DEBUG( 0,("_spoolss_OpenPrinterEx: Cannot open a printer handle "1747 DEBUG(3,("_spoolss_OpenPrinterEx: Cannot open a printer handle " 1748 1748 "for printer %s\n", r->in.printername)); 1749 1749 ZERO_STRUCTP(r->out.handle); … … 1943 1943 */ 1944 1944 1945 if ((Printer->printer_type != SPLHND_SERVER) &&1946 r->in.devmode_ctr.devmode) {1945 if ((Printer->printer_type != SPLHND_SERVER) 1946 && (r->in.devmode_ctr.devmode != NULL)) { 1947 1947 copy_devicemode(NULL, r->in.devmode_ctr.devmode, 1948 1948 &Printer->devmode); 1949 1949 } 1950 1951 #if 0 /* JERRY -- I'm doubtful this is really effective */1952 /* HACK ALERT!!! Sleep for 1/3 of a second to try trigger a LAN/WAN1953 optimization in Windows 2000 clients --jerry */1954 1955 if ( (r->in.access_mask == PRINTER_ACCESS_ADMINISTER)1956 && (RA_WIN2K == get_remote_arch()) )1957 {1958 DEBUG(10,("_spoolss_OpenPrinterEx: Enabling LAN/WAN hack for Win2k clients.\n"));1959 sys_usleep( 500000 );1960 }1961 #endif1962 1950 1963 1951 return WERR_OK; … … 4038 4026 r->averageppm = info2->averageppm; 4039 4027 4040 copy_devicemode(mem_ctx, info2->devmode, &r->devmode); 4041 if (!r->devmode) { 4028 if (info2->devmode != NULL) { 4029 result = copy_devicemode(mem_ctx, 4030 info2->devmode, 4031 &r->devmode); 4032 if (!W_ERROR_IS_OK(result)) { 4033 return result; 4034 } 4035 } else if (lp_default_devmode(snum)) { 4036 result = spoolss_create_default_devmode(mem_ctx, 4037 info2->printername, 4038 &r->devmode); 4039 if (!W_ERROR_IS_OK(result)) { 4040 return result; 4041 } 4042 } else { 4043 r->devmode = NULL; 4042 4044 DEBUG(8,("Returning NULL Devicemode!\n")); 4043 4045 } … … 4175 4177 { 4176 4178 struct auth_serversupplied_info *session_info; 4177 struct GUID guid;4179 char *printer; 4178 4180 NTSTATUS status; 4179 4180 status = make_session_info_system(mem_ctx, &session_info); 4181 WERROR werr; 4182 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); 4183 if (tmp_ctx == NULL) { 4184 return WERR_NOMEM; 4185 } 4186 4187 status = make_session_info_system(tmp_ctx, &session_info); 4181 4188 if (!NT_STATUS_IS_OK(status)) { 4182 4189 DEBUG(0, ("construct_printer_info7: " 4183 4190 "Could not create system session_info\n")); 4184 return WERR_NOMEM; 4185 } 4186 4187 if (is_printer_published(mem_ctx, session_info, msg_ctx, 4188 servername, 4189 lp_servicename(snum), &guid, NULL)) { 4191 werr = WERR_NOMEM; 4192 goto out_tmp_free; 4193 } 4194 4195 printer = lp_servicename(snum); 4196 if (printer == NULL) { 4197 DEBUG(0, ("invalid printer snum %d\n", snum)); 4198 werr = WERR_INVALID_PARAM; 4199 goto out_tmp_free; 4200 } 4201 4202 if (is_printer_published(tmp_ctx, session_info, msg_ctx, 4203 servername, printer, NULL)) { 4204 struct GUID guid; 4205 werr = nt_printer_guid_get(tmp_ctx, session_info, msg_ctx, 4206 printer, &guid); 4207 if (!W_ERROR_IS_OK(werr)) { 4208 goto out_tmp_free; 4209 } 4190 4210 r->guid = talloc_strdup_upper(mem_ctx, GUID_string2(mem_ctx, &guid)); 4191 4211 r->action = DSPRINT_PUBLISH; … … 4194 4214 r->action = DSPRINT_UNPUBLISH; 4195 4215 } 4196 W_ERROR_HAVE_NO_MEMORY(r->guid); 4197 4198 TALLOC_FREE(session_info); 4199 return WERR_OK; 4216 if (r->guid == NULL) { 4217 werr = WERR_NOMEM; 4218 goto out_tmp_free; 4219 } 4220 4221 werr = WERR_OK; 4222 out_tmp_free: 4223 talloc_free(tmp_ctx); 4224 return werr; 4200 4225 } 4201 4226 … … 4219 4244 } 4220 4245 4221 copy_devicemode(mem_ctx, info2->devmode, &r->devmode); 4222 if (!r->devmode) { 4246 if (info2->devmode != NULL) { 4247 result = copy_devicemode(mem_ctx, 4248 info2->devmode, 4249 &r->devmode); 4250 if (!W_ERROR_IS_OK(result)) { 4251 return result; 4252 } 4253 } else if (lp_default_devmode(snum)) { 4254 result = spoolss_create_default_devmode(mem_ctx, 4255 info2->printername, 4256 &r->devmode); 4257 if (!W_ERROR_IS_OK(result)) { 4258 return result; 4259 } 4260 } else { 4261 r->devmode = NULL; 4223 4262 DEBUG(8,("Returning NULL Devicemode!\n")); 4224 4263 } … … 4427 4466 DEBUG(4,("enum_all_printers_info_1_name\n")); 4428 4467 4429 if ((servername[0] == '\\') && (servername[1] == '\\')) { 4468 if (servername != NULL && 4469 (servername[0] == '\\') && (servername[1] == '\\')) { 4430 4470 s = servername + 2; 4431 4471 } … … 4462 4502 WERR_CAN_NOT_COMPLETE so we should do the same. */ 4463 4503 4464 if (servername[0] == '\\' && servername[1] == '\\') { 4504 if (servername != NULL && 4505 (servername[0] == '\\') && (servername[1] == '\\')) { 4465 4506 s = servername + 2; 4466 4507 } … … 5592 5633 struct printer_handle *printer; 5593 5634 WERROR result; 5635 uint32_t version = r->in.client_major_version; 5594 5636 5595 5637 int snum; … … 5614 5656 if (!get_printer_snum(p, r->in.handle, &snum, NULL)) { 5615 5657 return WERR_BADFID; 5658 } 5659 5660 if (r->in.client_major_version == SPOOLSS_DRIVER_VERSION_2012) { 5661 DEBUG(3,("_spoolss_GetPrinterDriver2: v4 driver requested, " 5662 "downgrading to v3\n")); 5663 version = SPOOLSS_DRIVER_VERSION_200X; 5616 5664 } 5617 5665 … … 5622 5670 snum, printer->servername, 5623 5671 r->in.architecture, 5624 r->in.client_major_version);5672 version); 5625 5673 if (!W_ERROR_IS_OK(result)) { 5626 5674 TALLOC_FREE(r->out.info); … … 5722 5770 5723 5771 if (info_1->datatype) { 5724 if (strcmp(info_1->datatype, "RAW") != 0) { 5772 /* 5773 * The v4 driver model used in Windows 8 declares print jobs 5774 * intended to bypass the XPS processing layer by setting 5775 * datatype to "XPS_PASS" instead of "RAW". 5776 */ 5777 if ((strcmp(info_1->datatype, "RAW") != 0) 5778 && (strcmp(info_1->datatype, "XPS_PASS") != 0)) { 5725 5779 *r->out.job_id = 0; 5726 5780 return WERR_INVALID_DATATYPE; -
vendor/current/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
r746 r860 580 580 r->out.info->level = r->in.info->level; 581 581 *r->out.entries_read = r->out.info->ctr.user0->entries_read; 582 *r->out.resume_handle = 0; 582 if (r->out.resume_handle != NULL) { 583 *r->out.resume_handle = 0; 584 } 583 585 break; 584 586 case 1: … … 589 591 r->out.info->level = r->in.info->level; 590 592 *r->out.entries_read = r->out.info->ctr.user1->entries_read; 591 *r->out.resume_handle = 0; 593 if (r->out.resume_handle != NULL) { 594 *r->out.resume_handle = 0; 595 } 592 596 break; 593 597 default:
Note:
See TracChangeset
for help on using the changeset viewer.
