Author: metze Date: 2005-01-10 16:12:41 +0000 (Mon, 10 Jan 2005) New Revision: 4648
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=4648 Log: fix netr_ServerPasswordSet() bugs metze Modified: branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c Changeset: Modified: branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c =================================================================== --- branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c 2005-01-10 15:56:37 UTC (rev 4647) +++ branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c 2005-01-10 16:12:41 UTC (rev 4648) @@ -314,19 +314,15 @@ struct ldb_message **msgs; struct ldb_message **msgs_domain; NTSTATUS nt_status; - struct ldb_message mod, *msg_set_pw = &mod; - const char *domain_dn; + struct ldb_message *mod; const char *domain_sid; const char *attrs[] = {"objectSid", NULL }; const char **domain_attrs = attrs; - ZERO_STRUCT(mod); nt_status = netr_creds_server_step_check(pipe_state, &r->in.credential, &r->out.return_authenticator); - if (NT_STATUS_IS_OK(nt_status)) { - return nt_status; - } + NT_STATUS_NOT_OK_RETURN(nt_status); sam_ctx = samdb_connect(mem_ctx); if (sam_ctx == NULL) { @@ -336,6 +332,9 @@ num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs, "(&(sAMAccountName=%s)(objectclass=user))", pipe_state->creds->account_name); + if (num_records == -1) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } if (num_records == 0) { DEBUG(3,("Couldn't find user [%s] in samdb.\n", @@ -360,6 +359,9 @@ &msgs_domain, domain_attrs, "(&(objectSid=%s)(objectclass=domain))", domain_sid); + if (num_records_domain == -1) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } if (num_records_domain == 0) { DEBUG(3,("check_sam_security: Couldn't find domain [%s] in passdb file.\n", @@ -373,30 +375,25 @@ return NT_STATUS_INTERNAL_DB_CORRUPTION; } - domain_dn = msgs_domain[0]->dn; - - mod.dn = talloc_strdup(mem_ctx, msgs[0]->dn); - if (!mod.dn) { - return NT_STATUS_NO_MEMORY; - } - + mod = talloc_zero(mem_ctx, struct ldb_message); + NT_STATUS_HAVE_NO_MEMORY(mod); + mod->dn = talloc_reference(mod, msgs[0]->dn); + creds_des_decrypt(pipe_state->creds, &r->in.new_password); /* set the password - samdb needs to know both the domain and user DNs, so the domain password policy can be used */ - nt_status = samdb_set_password(sam_ctx, mem_ctx, - msgs[0]->dn, domain_dn, - msg_set_pw, + nt_status = samdb_set_password(sam_ctx, mod, + msgs[0]->dn, + msgs_domain[0]->dn, + mod, NULL, /* Don't have plaintext */ NULL, &r->in.new_password, False /* This is not considered a password change */, NULL); - - if (!NT_STATUS_IS_OK(nt_status)) { - return nt_status; - } + NT_STATUS_NOT_OK_RETURN(nt_status); - ret = samdb_replace(sam_ctx, mem_ctx, msg_set_pw); + ret = samdb_replace(sam_ctx, mem_ctx, mod); if (ret != 0) { /* we really need samdb.c to return NTSTATUS */ return NT_STATUS_UNSUCCESSFUL; @@ -651,7 +648,6 @@ r->out.validation = r2.out.validation; r->out.authoritative = r2.out.authoritative; r->out.flags = r2.out.flags; - r->out.flags = r2.out.flags; return nt_status; }
