s3-netlogon: support validation level 6 in netr_SamLogon calls.

Guenther

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 007ee9f22378859db6bcf651bdcd4ae5c878c052..4b80ef1cb0a6c1bffbce1bec3b623e789d3898be 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -5620,6 +5620,10 @@ NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
                                uint8_t *pipe_session_key,
                                size_t pipe_session_key_len,
                                struct netr_SamInfo3 *sam3);
+NTSTATUS serverinfo_to_SamInfo6(struct auth_serversupplied_info *server_info,
+                               uint8_t *pipe_session_key,
+                               size_t pipe_session_key_len,
+                               struct netr_SamInfo6 *sam6);
 void init_netr_CryptPassword(const char *pwd,
                             unsigned char session_key[16],
                             struct netr_CryptPassword *pwd_buf);

diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 1982da4f2d0f9a06b2baa1180ea47e39ca1e7d6b..9169c74534acafa757b25dac7c6fb3cc63f40d2e 100644 (file)
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -910,6 +910,12 @@ static NTSTATUS _netr_LogonSamLogon_base(pipes_struct *p,
                        return NT_STATUS_NO_MEMORY;
                }
                break;
+       case 6:
+               r->out.validation->sam6 = TALLOC_ZERO_P(p->mem_ctx, struct netr_SamInfo6);
+               if (!r->out.validation->sam6) {
+                       return NT_STATUS_NO_MEMORY;
+               }
+               break;
        default:
                DEBUG(0,("%s: bad validation_level value %d.\n",
                        fn, (int)r->in.validation_level));
@@ -1075,6 +1081,10 @@ static NTSTATUS _netr_LogonSamLogon_base(pipes_struct *p,
                status = serverinfo_to_SamInfo3(server_info, pipe_session_key, 16,
                                                r->out.validation->sam3);
                break;
+       case 6:
+               status = serverinfo_to_SamInfo6(server_info, pipe_session_key, 16,
+                                               r->out.validation->sam6);
+               break;
        }
 
        TALLOC_FREE(server_info);

diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index b13e34be076c3ab4b29cdee3d589bb4e85fde419..7711d6ced8ff20495b09cd1915d93b9e4bf0ab48 100644 (file)
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -1716,3 +1716,54 @@ NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
 
        return NT_STATUS_OK;
 }
+
+/****************************************************************************
+ inits a netr_SamInfo6 structure from an auth_serversupplied_info. sam6 must
+ already be initialized and is used as the talloc parent for its members.
+*****************************************************************************/
+
+NTSTATUS serverinfo_to_SamInfo6(struct auth_serversupplied_info *server_info,
+                               uint8_t *pipe_session_key,
+                               size_t pipe_session_key_len,
+                               struct netr_SamInfo6 *sam6)
+{
+       NTSTATUS status;
+       struct pdb_domain_info *dominfo;
+
+       if ((pdb_capabilities() & PDB_CAP_ADS) == 0) {
+               DEBUG(10,("Not adding validation info level 6 "
+                          "without ADS passdb backend\n"));
+               return NT_STATUS_INVALID_INFO_CLASS;
+       }
+
+       dominfo = pdb_get_domain_info(sam6);
+       if (dominfo == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       status = serverinfo_to_SamInfo_base(sam6,
+                                           server_info,
+                                           pipe_session_key,
+                                           pipe_session_key_len,
+                                           &sam6->base);
+       if (!NT_STATUS_IS_OK(status)) {
+               return status;
+       }
+
+       sam6->sidcount          = 0;
+       sam6->sids              = NULL;
+
+       sam6->forest.string     = talloc_strdup(sam6, dominfo->dns_forest);
+       if (sam6->forest.string == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       sam6->principle.string  = talloc_asprintf(sam6, "%s@%s",
+                                                 pdb_get_username(server_info->sam_account),
+                                                 dominfo->dns_domain);
+       if (sam6->principle.string == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       return NT_STATUS_OK;
+}