/*
ioctl - used for job query
*/
static NTSTATUS print_ioctl(struct ntvfs_module_context *ntvfs,
struct ntvfs_request *req, union smb_ioctl *io)
{
char *p;
if (io->generic.level != RAW_IOCTL_IOCTL) {
return NT_STATUS_NOT_IMPLEMENTED;
}
if (io->ioctl.in.request == IOCTL_QUERY_JOB_INFO) {
/* a request for the print job id of an open print job */
io->ioctl.out.blob = data_blob_talloc(req, NULL, 32);
data_blob_clear(&io->ioctl.out.blob);
p = (char *)io->ioctl.out.blob.data;
SSVAL(p,0, 1 /* REWRITE: fsp->rap_print_jobid */);
push_string(p+2, lpcfg_netbios_name(ntvfs->ctx->lp_ctx), 15, STR_TERMINATE|STR_ASCII);
push_string(p+18, ntvfs->ctx->config->name, 13, STR_TERMINATE|STR_ASCII);
return NT_STATUS_OK;
}
return NT_STATUS_INVALID_PARAMETER;
}
static void test_scan_call(struct torture_context *tctx, const struct ndr_interface_table *iface, int opnum)
{
DATA_BLOB stub_in, stub_out;
int i;
NTSTATUS status;
struct dcerpc_pipe *p = NULL;
struct policy_handle handle;
reopen(tctx, &p, iface);
get_policy_handle(p, tctx, &handle);
/* work out the minimum amount of input data */
for (i=0;i<2000;i++) {
stub_in = data_blob(NULL, i);
data_blob_clear(&stub_in);
status = dcerpc_request(p, NULL, opnum, tctx, &stub_in, &stub_out);
if (NT_STATUS_IS_OK(status)) {
printf("opnum %d min_input %d - output %d\n",
opnum, (int)stub_in.length, (int)stub_out.length);
dump_data(0, stub_out.data, stub_out.length);
talloc_free(p);
test_ptr_scan(tctx, iface, opnum, &stub_in, 0, stub_in.length, 0);
return;
}
fill_blob_handle(&stub_in, tctx, &handle);
status = dcerpc_request(p, NULL, opnum, tctx, &stub_in, &stub_out);
if (NT_STATUS_IS_OK(status)) {
printf("opnum %d min_input %d - output %d (with handle)\n",
opnum, (int)stub_in.length, (int)stub_out.length);
dump_data(0, stub_out.data, stub_out.length);
talloc_free(p);
test_ptr_scan(tctx, iface, opnum, &stub_in, 0, stub_in.length, 0);
return;
}
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
printf("opnum %d size %d fault %s\n", opnum, i, dcerpc_errstr(tctx, p->last_fault_code));
if (p->last_fault_code == 5) {
reopen(tctx, &p, iface);
}
continue;
}
printf("opnum %d size %d error %s\n", opnum, i, nt_errstr(status));
}
printf("opnum %d minimum not found!?\n", opnum);
talloc_free(p);
}
static bool test_clear(struct torture_context *tctx)
{
int i;
DATA_BLOB z = data_blob("lalala", 6);
torture_assert_int_equal(tctx, z.length, 6, "length");
data_blob_clear(&z);
for (i = 0; i < z.length; i++)
torture_assert_int_equal(tctx, z.data[i], 0, "contents");
data_blob_free(&z);
return true;
}
/*
push a DATA_BLOB onto the wire.
*/
_PUBLIC_ enum ndr_err_code ndr_push_DATA_BLOB(struct ndr_push *ndr, int ndr_flags, DATA_BLOB blob)
{
if (ndr->flags & LIBNDR_ALIGN_FLAGS) {
if (ndr->flags & LIBNDR_FLAG_ALIGN2) {
blob.length = NDR_ALIGN(ndr, 2);
} else if (ndr->flags & LIBNDR_FLAG_ALIGN4) {
blob.length = NDR_ALIGN(ndr, 4);
} else if (ndr->flags & LIBNDR_FLAG_ALIGN8) {
blob.length = NDR_ALIGN(ndr, 8);
}
NDR_PUSH_ALLOC_SIZE(ndr, blob.data, blob.length);
data_blob_clear(&blob);
} else if (!(ndr->flags & LIBNDR_FLAG_REMAINING)) {
NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, blob.length));
}
NDR_CHECK(ndr_push_bytes(ndr, blob.data, blob.length));
return NDR_ERR_SUCCESS;
}
static void try_expand(struct torture_context *tctx, const struct ndr_interface_table *iface,
int opnum, DATA_BLOB *base_in, int insert_ofs, int depth)
{
DATA_BLOB stub_in, stub_out;
int n;
NTSTATUS status;
struct dcerpc_pipe *p = NULL;
reopen(tctx, &p, iface);
/* work out how much to expand to get a non fault */
for (n=0;n<2000;n++) {
stub_in = data_blob(NULL, base_in->length + n);
data_blob_clear(&stub_in);
memcpy(stub_in.data, base_in->data, insert_ofs);
memcpy(stub_in.data+insert_ofs+n, base_in->data+insert_ofs, base_in->length-insert_ofs);
status = dcerpc_request(p, NULL, opnum, tctx, &stub_in, &stub_out);
if (!NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
print_depth(depth);
printf("expand by %d gives %s\n", n, nt_errstr(status));
if (n >= 4) {
test_ptr_scan(tctx, iface, opnum, &stub_in,
insert_ofs, insert_ofs+n, depth+1);
}
return;
} else {
#if 0
print_depth(depth);
printf("expand by %d gives fault %s\n", n, dcerpc_errstr(tctx, p->last_fault_code));
#endif
}
if (p->last_fault_code == 5) {
reopen(tctx, &p, iface);
}
}
talloc_free(p);
}
static NTSTATUS auth_domain_admin_user_info_dc(TALLOC_CTX *mem_ctx,
const char *netbios_name,
const char *domain_name,
struct dom_sid *domain_sid,
struct auth_user_info_dc **_user_info_dc)
{
struct auth_user_info_dc *user_info_dc;
struct auth_user_info *info;
user_info_dc = talloc(mem_ctx, struct auth_user_info_dc);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc);
user_info_dc->num_sids = 7;
user_info_dc->sids = talloc_array(user_info_dc, struct dom_sid, user_info_dc->num_sids);
user_info_dc->sids[PRIMARY_USER_SID_INDEX] = *domain_sid;
sid_append_rid(&user_info_dc->sids[PRIMARY_USER_SID_INDEX], DOMAIN_RID_ADMINISTRATOR);
user_info_dc->sids[PRIMARY_GROUP_SID_INDEX] = *domain_sid;
sid_append_rid(&user_info_dc->sids[PRIMARY_USER_SID_INDEX], DOMAIN_RID_USERS);
user_info_dc->sids[2] = global_sid_Builtin_Administrators;
user_info_dc->sids[3] = *domain_sid;
sid_append_rid(&user_info_dc->sids[3], DOMAIN_RID_ADMINS);
user_info_dc->sids[4] = *domain_sid;
sid_append_rid(&user_info_dc->sids[4], DOMAIN_RID_ENTERPRISE_ADMINS);
user_info_dc->sids[5] = *domain_sid;
sid_append_rid(&user_info_dc->sids[5], DOMAIN_RID_POLICY_ADMINS);
user_info_dc->sids[6] = *domain_sid;
sid_append_rid(&user_info_dc->sids[6], DOMAIN_RID_SCHEMA_ADMINS);
/* What should the session key be?*/
user_info_dc->user_session_key = data_blob_talloc(user_info_dc, NULL, 16);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->user_session_key.data);
user_info_dc->lm_session_key = data_blob_talloc(user_info_dc, NULL, 16);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->lm_session_key.data);
data_blob_clear(&user_info_dc->user_session_key);
data_blob_clear(&user_info_dc->lm_session_key);
user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info);
info->account_name = talloc_strdup(info, "Administrator");
NT_STATUS_HAVE_NO_MEMORY(info->account_name);
info->domain_name = talloc_strdup(info, domain_name);
NT_STATUS_HAVE_NO_MEMORY(info->domain_name);
info->full_name = talloc_strdup(info, "Administrator");
NT_STATUS_HAVE_NO_MEMORY(info->full_name);
info->logon_script = talloc_strdup(info, "");
NT_STATUS_HAVE_NO_MEMORY(info->logon_script);
info->profile_path = talloc_strdup(info, "");
NT_STATUS_HAVE_NO_MEMORY(info->profile_path);
info->home_directory = talloc_strdup(info, "");
NT_STATUS_HAVE_NO_MEMORY(info->home_directory);
info->home_drive = talloc_strdup(info, "");
NT_STATUS_HAVE_NO_MEMORY(info->home_drive);
info->logon_server = talloc_strdup(info, netbios_name);
NT_STATUS_HAVE_NO_MEMORY(info->logon_server);
info->last_logon = 0;
info->last_logoff = 0;
info->acct_expiry = 0;
info->last_password_change = 0;
info->allow_password_change = 0;
info->force_password_change
NTSTATUS auth_system_user_info_dc(TALLOC_CTX *mem_ctx, const char *netbios_name,
struct auth_user_info_dc **_user_info_dc)
{
struct auth_user_info_dc *user_info_dc;
struct auth_user_info *info;
user_info_dc = talloc(mem_ctx, struct auth_user_info_dc);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc);
/* This returns a pointer to a struct dom_sid, which is the
* same as a 1 element list of struct dom_sid */
user_info_dc->num_sids = 1;
user_info_dc->sids = dom_sid_parse_talloc(user_info_dc, SID_NT_SYSTEM);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->sids);
/* annoying, but the Anonymous really does have a session key,
and it is all zeros! */
user_info_dc->user_session_key = data_blob_talloc(user_info_dc, NULL, 16);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->user_session_key.data);
user_info_dc->lm_session_key = data_blob_talloc(user_info_dc, NULL, 16);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->lm_session_key.data);
data_blob_clear(&user_info_dc->user_session_key);
data_blob_clear(&user_info_dc->lm_session_key);
user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info);
info->account_name = talloc_strdup(info, "SYSTEM");
NT_STATUS_HAVE_NO_MEMORY(info->account_name);
info->domain_name = talloc_strdup(info, "NT AUTHORITY");
NT_STATUS_HAVE_NO_MEMORY(info->domain_name);
info->full_name = talloc_strdup(info, "System");
NT_STATUS_HAVE_NO_MEMORY(info->full_name);
info->logon_script = talloc_strdup(info, "");
NT_STATUS_HAVE_NO_MEMORY(info->logon_script);
info->profile_path = talloc_strdup(info, "");
NT_STATUS_HAVE_NO_MEMORY(info->profile_path);
info->home_directory = talloc_strdup(info, "");
NT_STATUS_HAVE_NO_MEMORY(info->home_directory);
info->home_drive = talloc_strdup(info, "");
NT_STATUS_HAVE_NO_MEMORY(info->home_drive);
info->logon_server = talloc_strdup(info, netbios_name);
NT_STATUS_HAVE_NO_MEMORY(info->logon_server);
info->last_logon = 0;
info->last_logoff = 0;
info->acct_expiry = 0;
info->last_password_change = 0;
info->allow_password_change = 0;
info->force_password_change = 0;
info->logon_count = 0;
info->bad_password_count = 0;
info->acct_flags = ACB_NORMAL;
info->authenticated = true;
*_user_info_dc = user_info_dc;
return NT_STATUS_OK;
}
static NTSTATUS name_to_ntstatus_check_password(struct auth_method_context *ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
struct auth_user_info_dc **_user_info_dc)
{
NTSTATUS nt_status;
struct auth_user_info_dc *user_info_dc;
struct auth_user_info *info;
uint32_t error_num;
const char *user;
user = user_info->client.account_name;
if (strncasecmp("NT_STATUS", user, strlen("NT_STATUS")) == 0) {
nt_status = nt_status_string_to_code(user);
} else {
error_num = strtoul(user, NULL, 16);
DEBUG(5,("name_to_ntstatus_check_password: Error for user %s was 0x%08X\n", user, error_num));
nt_status = NT_STATUS(error_num);
}
NT_STATUS_NOT_OK_RETURN(nt_status);
user_info_dc = talloc(mem_ctx, struct auth_user_info_dc);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc);
/* This returns a pointer to a struct dom_sid, which is the
* same as a 1 element list of struct dom_sid */
user_info_dc->num_sids = 1;
user_info_dc->sids = dom_sid_parse_talloc(user_info_dc, SID_NT_ANONYMOUS);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->sids);
/* annoying, but the Anonymous really does have a session key,
and it is all zeros! */
user_info_dc->user_session_key = data_blob_talloc(user_info_dc, NULL, 16);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->user_session_key.data);
user_info_dc->lm_session_key = data_blob_talloc(user_info_dc, NULL, 16);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->lm_session_key.data);
data_blob_clear(&user_info_dc->user_session_key);
data_blob_clear(&user_info_dc->lm_session_key);
user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info);
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info);
info->account_name = talloc_asprintf(user_info_dc, "NAME TO NTSTATUS %s ANONYMOUS LOGON", user);
NT_STATUS_HAVE_NO_MEMORY(info->account_name);
info->domain_name = talloc_strdup(user_info_dc, "NT AUTHORITY");
NT_STATUS_HAVE_NO_MEMORY(info->domain_name);
info->full_name = talloc_asprintf(user_info_dc, "NAME TO NTSTATUS %s Anonymous Logon", user);
NT_STATUS_HAVE_NO_MEMORY(info->full_name);
info->logon_script = talloc_strdup(user_info_dc, "");
NT_STATUS_HAVE_NO_MEMORY(info->logon_script);
info->profile_path = talloc_strdup(user_info_dc, "");
NT_STATUS_HAVE_NO_MEMORY(info->profile_path);
info->home_directory = talloc_strdup(user_info_dc, "");
NT_STATUS_HAVE_NO_MEMORY(info->home_directory);
info->home_drive = talloc_strdup(user_info_dc, "");
NT_STATUS_HAVE_NO_MEMORY(info->home_drive);
info->last_logon = 0;
info->last_logoff = 0;
info->acct_expiry = 0;
info->last_password_change = 0;
info->allow_password_change = 0;
info->force_password_change = 0;
info->logon_count = 0;
info->bad_password_count = 0;
info->acct_flags = ACB_NORMAL;
info->authenticated = true;
*_user_info_dc = user_info_dc;
return nt_status;
}
void data_blob_clear_free(DATA_BLOB *d)
{
data_blob_clear(d);
data_blob_free(d);
}
_PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
const char *netbios_name,
struct auth_serversupplied_info **_server_info)
{
struct auth_serversupplied_info *server_info;
server_info = talloc(mem_ctx, struct auth_serversupplied_info);
NT_STATUS_HAVE_NO_MEMORY(server_info);
server_info->account_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS);
NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
/* is this correct? */
server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_BUILTIN_GUESTS);
NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
server_info->n_domain_groups = 0;
server_info->domain_groups = NULL;
/* annoying, but the Anonymous really does have a session key... */
server_info->user_session_key = data_blob_talloc(server_info, NULL, 16);
NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data);
server_info->lm_session_key = data_blob_talloc(server_info, NULL, 16);
NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data);
/* and it is all zeros! */
data_blob_clear(&server_info->user_session_key);
data_blob_clear(&server_info->lm_session_key);
server_info->account_name = talloc_strdup(server_info, "ANONYMOUS LOGON");
NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
server_info->domain_name = talloc_strdup(server_info, "NT AUTHORITY");
NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
server_info->full_name = talloc_strdup(server_info, "Anonymous Logon");
NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
server_info->logon_script = talloc_strdup(server_info, "");
NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
server_info->profile_path = talloc_strdup(server_info, "");
NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
server_info->home_directory = talloc_strdup(server_info, "");
NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
server_info->home_drive = talloc_strdup(server_info, "");
NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
server_info->logon_server = talloc_strdup(server_info, netbios_name);
NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
server_info->last_logon = 0;
server_info->last_logoff = 0;
server_info->acct_expiry = 0;
server_info->last_password_change = 0;
server_info->allow_password_change = 0;
server_info->force_password_change = 0;
server_info->logon_count = 0;
server_info->bad_password_count = 0;
server_info->acct_flags = ACB_NORMAL;
server_info->authenticated = false;
*_server_info = server_info;
return NT_STATUS_OK;
}
