[SCM] Samba Shared Repository - branch master updated - 3656cb2e57d971f8119024dff8eb3594b559592d

Fri, 05 Dec 2008 07:36:32 -0800 

The branch, master has been updated
       via  3656cb2e57d971f8119024dff8eb3594b559592d (commit)
      from  f29d31a7e0f7b397cbcbb83d1b1c0ce233e948e9 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 3656cb2e57d971f8119024dff8eb3594b559592d
Author: Günther Deschner <[EMAIL PROTECTED]>
Date:   Fri Dec 5 16:13:28 2008 +0100

    s3-samr: fix samr_SetUserInfo level 18 server-side.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source3/rpc_server/srv_samr_nt.c |   62 ++++++++++++++++++++++++++++----------
 1 files changed, 46 insertions(+), 16 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 54aa534..5136340 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -3701,29 +3701,58 @@ static bool set_user_info_16(struct samr_UserInfo16 
*id16,
  set_user_info_18
  ********************************************************************/
 
-static bool set_user_info_18(struct samr_UserInfo18 *id18,
-                            struct samu *pwd)
+static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18,
+                                TALLOC_CTX *mem_ctx,
+                                DATA_BLOB *session_key,
+                                struct samu *pwd)
 {
        if (id18 == NULL) {
                DEBUG(2, ("set_user_info_18: id18 is NULL\n"));
-               return False;
+               return NT_STATUS_INVALID_PARAMETER;
        }
 
-       if (!pdb_set_lanman_passwd (pwd, id18->lm_pwd.hash, PDB_CHANGED)) {
-               return False;
+       if (id18->nt_pwd_active || id18->lm_pwd_active) {
+               if (!session_key->length) {
+                       return NT_STATUS_NO_USER_SESSION_KEY;
+               }
        }
-       if (!pdb_set_nt_passwd     (pwd, id18->nt_pwd.hash, PDB_CHANGED)) {
-               return False;
+
+       if (id18->nt_pwd_active) {
+
+               DATA_BLOB in, out;
+
+               in = data_blob_const(id18->nt_pwd.hash, 16);
+               out = data_blob_talloc_zero(mem_ctx, 16);
+
+               sess_crypt_blob(&out, &in, session_key, false);
+
+               if (!pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED)) {
+                       return NT_STATUS_ACCESS_DENIED;
+               }
        }
-       if (!pdb_set_pass_last_set_time (pwd, time(NULL), PDB_CHANGED)) {
-               return False;
+
+       if (id18->lm_pwd_active) {
+
+               DATA_BLOB in, out;
+
+               in = data_blob_const(id18->lm_pwd.hash, 16);
+               out = data_blob_talloc_zero(mem_ctx, 16);
+
+               sess_crypt_blob(&out, &in, session_key, false);
+
+               if (!pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED)) {
+                       return NT_STATUS_ACCESS_DENIED;
+               }
        }
 
-       if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
-               return False;
-       }
+       if (id18->password_expired) {
+               pdb_set_pass_last_set_time(pwd, 0, PDB_CHANGED);
+       } else {
+               /* FIXME */
+               pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
+       }
 
-       return True;
+       return pdb_update_sam_account(pwd);
 }
 
 /*******************************************************************
@@ -4180,9 +4209,10 @@ NTSTATUS _samr_SetUserInfo(pipes_struct *p,
 
                case 18:
                        /* Used by AS/U JRA. */
-                       if (!set_user_info_18(&info->info18, pwd)) {
-                               status = NT_STATUS_ACCESS_DENIED;
-                       }
+                       status = set_user_info_18(&info->info18,
+                                                 p->mem_ctx,
+                                                 
&p->server_info->user_session_key,
+                                                 pwd);
                        break;
 
                case 20:


-- 
Samba Shared Repository

Reply via email to