/* Check with a known 'well formed' PAC, from my test server */ static bool torture_pac_saved_check(struct torture_context *tctx) { NTSTATUS nt_status; enum ndr_err_code ndr_err; DATA_BLOB tmp_blob, validate_blob; struct PAC_DATA *pac_data, pac_data2; struct PAC_LOGON_INFO *logon_info; union netr_Validation validation; const char *pac_file, *pac_kdc_key, *pac_member_key; struct auth_user_info_dc *user_info_dc_out; krb5_keyblock server_keyblock; krb5_keyblock krbtgt_keyblock, *krbtgt_keyblock_p; struct samr_Password *krbtgt_bytes, *krbsrv_bytes; krb5_error_code ret; struct smb_krb5_context *smb_krb5_context; const char *principal_string; char *broken_principal_string; krb5_principal client_principal; const char *authtime_string; time_t authtime; TALLOC_CTX *mem_ctx = tctx; torture_assert(tctx, 0 == smb_krb5_init_context(mem_ctx, NULL, tctx->lp_ctx, &smb_krb5_context), "smb_krb5_init_context"); pac_kdc_key = torture_setting_string(tctx, "pac_kdc_key", "B286757148AF7FD252C53603A150B7E7"); pac_member_key = torture_setting_string(tctx, "pac_member_key", "D217FAEAE5E6B5F95CCC94077AB8A5FC"); torture_comment(tctx, "Using pac_kdc_key '%s'\n", pac_kdc_key); torture_comment(tctx, "Using pac_member_key '%s'\n", pac_member_key); /* The krbtgt key in use when the above PAC was generated. * This is an arcfour-hmac-md5 key, extracted with our 'net * samdump' tool. */ if (*pac_kdc_key == 0) { krbtgt_bytes = NULL; } else { krbtgt_bytes = smbpasswd_gethexpwd(mem_ctx, pac_kdc_key); if (!krbtgt_bytes) { torture_fail(tctx, "(saved test) Could not interpret krbtgt key"); } } krbsrv_bytes = smbpasswd_gethexpwd(mem_ctx, pac_member_key); if (!krbsrv_bytes) { torture_fail(tctx, "(saved test) Could not interpret krbsrv key"); } ret = krb5_keyblock_init(smb_krb5_context->krb5_context, ENCTYPE_ARCFOUR_HMAC, krbsrv_bytes->hash, sizeof(krbsrv_bytes->hash), &server_keyblock); torture_assert(tctx, !ret, talloc_asprintf(tctx, "(saved test) Server Keyblock encoding failed: %s", smb_get_krb5_error_message(smb_krb5_context->krb5_context, ret, mem_ctx))); if (krbtgt_bytes) { ret = krb5_keyblock_init(smb_krb5_context->krb5_context, ENCTYPE_ARCFOUR_HMAC, krbtgt_bytes->hash, sizeof(krbtgt_bytes->hash), &krbtgt_keyblock); if (ret) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) Server Keyblock encoding failed: %s", smb_get_krb5_error_message(smb_krb5_context->krb5_context, ret, mem_ctx))); } krbtgt_keyblock_p = &krbtgt_keyblock; } else { krbtgt_keyblock_p = NULL; } pac_file = torture_setting_string(tctx, "pac_file", NULL); if (pac_file) { tmp_blob.data = (uint8_t *)file_load(pac_file, &tmp_blob.length, 0, mem_ctx); torture_comment(tctx, "(saved test) Loaded pac of size %ld from %s\n", (long)tmp_blob.length, pac_file); } else { tmp_blob = data_blob_talloc(mem_ctx, saved_pac, sizeof(saved_pac)); } dump_data(10,tmp_blob.data,tmp_blob.length); principal_string = torture_setting_string(tctx, "pac_client_principal", "[email protected]"); authtime_string = torture_setting_string(tctx, "pac_authtime", "1120440609"); authtime = strtoull(authtime_string, NULL, 0); ret = krb5_parse_name(smb_krb5_context->krb5_context, principal_string, &client_principal); if (ret) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) parsing of client principal [%s] failed: %s", principal_string, smb_get_krb5_error_message(smb_krb5_context->krb5_context, ret, mem_ctx))); } /* Decode and verify the signaure on the PAC */ nt_status = kerberos_decode_pac(mem_ctx, tmp_blob, smb_krb5_context->krb5_context, krbtgt_keyblock_p, &server_keyblock, client_principal, authtime, &pac_data); if (!NT_STATUS_IS_OK(nt_status)) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) PAC decoding failed: %s", nt_errstr(nt_status))); } /* Now check we can read it back (using Heimdal's pac parsing) */ nt_status = kerberos_pac_blob_to_user_info_dc(mem_ctx, tmp_blob, smb_krb5_context->krb5_context, &user_info_dc_out, NULL, NULL); if (!NT_STATUS_IS_OK(nt_status)) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) Heimdal PAC decoding failed: %s", nt_errstr(nt_status))); } if (!pac_file && !dom_sid_equal(dom_sid_parse_talloc(mem_ctx, "S-1-5-21-3048156945-3961193616-3706469200-1005"), user_info_dc_out->sids)) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) Heimdal PAC Decode resulted in *different* domain SID: %s != %s", "S-1-5-21-3048156945-3961193616-3706469200-1005", dom_sid_string(mem_ctx, user_info_dc_out->sids))); } talloc_free(user_info_dc_out); /* Parse the PAC again, for the logon info this time (using Samba4's parsing) */ nt_status = kerberos_pac_logon_info(mem_ctx, tmp_blob, smb_krb5_context->krb5_context, krbtgt_keyblock_p, &server_keyblock, client_principal, authtime, &logon_info); if (!NT_STATUS_IS_OK(nt_status)) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) PAC decoding (for logon info) failed: %s", nt_errstr(nt_status))); } validation.sam3 = &logon_info->info3; nt_status = make_user_info_dc_netlogon_validation(mem_ctx, "", 3, &validation, true, /* This user was authenticated */ &user_info_dc_out); if (!NT_STATUS_IS_OK(nt_status)) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) PAC decoding (make server info) failed: %s", nt_errstr(nt_status))); } if (!pac_file && !dom_sid_equal(dom_sid_parse_talloc(mem_ctx, "S-1-5-21-3048156945-3961193616-3706469200-1005"), user_info_dc_out->sids)) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) PAC Decode resulted in *different* domain SID: %s != %s", "S-1-5-21-3048156945-3961193616-3706469200-1005", dom_sid_string(mem_ctx, user_info_dc_out->sids))); } if (krbtgt_bytes == NULL) { torture_comment(tctx, "skipping PAC encoding tests as non kdc key\n"); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); return true; } ret = kerberos_encode_pac(mem_ctx, pac_data, smb_krb5_context->krb5_context, krbtgt_keyblock_p, &server_keyblock, &validate_blob); if (ret != 0) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, "(saved test) PAC push failed"); } dump_data(10, validate_blob.data, validate_blob.length); /* compare both the length and the data bytes after a * pull/push cycle. This ensures we use the exact same * pointer, padding etc algorithms as win2k3. */ if (tmp_blob.length != validate_blob.length) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) PAC push failed: original buffer length[%u] != created buffer length[%u]", (unsigned)tmp_blob.length, (unsigned)validate_blob.length)); } if (memcmp(tmp_blob.data, validate_blob.data, tmp_blob.length) != 0) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); DEBUG(0, ("tmp_data:\n")); dump_data(0, tmp_blob.data, tmp_blob.length); DEBUG(0, ("validate_blob:\n")); dump_data(0, validate_blob.data, validate_blob.length); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) PAC push failed: length[%u] matches, but data does not", (unsigned)tmp_blob.length)); } ret = kerberos_create_pac(mem_ctx, user_info_dc_out, smb_krb5_context->krb5_context, krbtgt_keyblock_p, &server_keyblock, client_principal, authtime, &validate_blob); if (ret != 0) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, "(saved test) regnerated PAC create failed"); } dump_data(10,validate_blob.data,validate_blob.length); /* compare both the length and the data bytes after a * pull/push cycle. This ensures we use the exact same * pointer, padding etc algorithms as win2k3. */ if (tmp_blob.length != validate_blob.length) { ndr_err = ndr_pull_struct_blob(&validate_blob, mem_ctx, &pac_data2, (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA); nt_status = ndr_map_error2ntstatus(ndr_err); torture_assert_ntstatus_ok(tctx, nt_status, "can't parse the PAC"); NDR_PRINT_DEBUG(PAC_DATA, pac_data); NDR_PRINT_DEBUG(PAC_DATA, &pac_data2); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) PAC regenerate failed: original buffer length[%u] != created buffer length[%u]", (unsigned)tmp_blob.length, (unsigned)validate_blob.length)); } if (memcmp(tmp_blob.data, validate_blob.data, tmp_blob.length) != 0) { ndr_err = ndr_pull_struct_blob(&validate_blob, mem_ctx, &pac_data2, (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA); nt_status = ndr_map_error2ntstatus(ndr_err); torture_assert_ntstatus_ok(tctx, nt_status, "can't parse the PAC"); NDR_PRINT_DEBUG(PAC_DATA, pac_data); NDR_PRINT_DEBUG(PAC_DATA, &pac_data2); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); DEBUG(0, ("tmp_data:\n")); dump_data(0, tmp_blob.data, tmp_blob.length); DEBUG(0, ("validate_blob:\n")); dump_data(0, validate_blob.data, validate_blob.length); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) PAC regenerate failed: length[%u] matches, but data does not", (unsigned)tmp_blob.length)); } /* Break the auth time, to ensure we check this vital detail (not setting this caused all the pain in the first place... */ nt_status = kerberos_decode_pac(mem_ctx, tmp_blob, smb_krb5_context->krb5_context, krbtgt_keyblock_p, &server_keyblock, client_principal, authtime + 1, &pac_data); if (NT_STATUS_IS_OK(nt_status)) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); krb5_free_principal(smb_krb5_context->krb5_context, client_principal); torture_fail(tctx, "(saved test) PAC decoding DID NOT fail on broken auth time (time + 1)"); } /* Break the client principal */ krb5_free_principal(smb_krb5_context->krb5_context, client_principal); broken_principal_string = talloc_strdup(mem_ctx, principal_string); broken_principal_string[0]++; ret = krb5_parse_name(smb_krb5_context->krb5_context, broken_principal_string, &client_principal); if (ret) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); torture_fail(tctx, talloc_asprintf(tctx, "(saved test) parsing of broken client principal failed: %s", smb_get_krb5_error_message(smb_krb5_context->krb5_context, ret, mem_ctx))); } nt_status = kerberos_decode_pac(mem_ctx, tmp_blob, smb_krb5_context->krb5_context, krbtgt_keyblock_p, &server_keyblock, client_principal, authtime, &pac_data); if (NT_STATUS_IS_OK(nt_status)) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); torture_fail(tctx, "(saved test) PAC decoding DID NOT fail on modified principal"); } /* Finally... Bugger up the signature, and check we fail the checksum */ tmp_blob.data[tmp_blob.length - 2]++; nt_status = kerberos_decode_pac(mem_ctx, tmp_blob, smb_krb5_context->krb5_context, krbtgt_keyblock_p, &server_keyblock, client_principal, authtime, &pac_data); if (NT_STATUS_IS_OK(nt_status)) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); torture_fail(tctx, "(saved test) PAC decoding DID NOT fail on broken checksum"); } krb5_free_keyblock_contents(smb_krb5_context->krb5_context, krbtgt_keyblock_p); krb5_free_keyblock_contents(smb_krb5_context->krb5_context, &server_keyblock); return true; }
static void smbXsrv_session_close_loop(struct tevent_req *subreq) { struct smbXsrv_client *client = tevent_req_callback_data(subreq, struct smbXsrv_client); struct smbXsrv_session_table *table = client->session_table; int ret; struct messaging_rec *rec = NULL; struct smbXsrv_session_closeB close_blob; enum ndr_err_code ndr_err; struct smbXsrv_session_close0 *close_info0 = NULL; struct smbXsrv_session *session = NULL; NTSTATUS status; struct timeval tv = timeval_current(); NTTIME now = timeval_to_nttime(&tv); ret = messaging_read_recv(subreq, talloc_tos(), &rec); TALLOC_FREE(subreq); if (ret != 0) { goto next; } ndr_err = ndr_pull_struct_blob(&rec->buf, rec, &close_blob, (ndr_pull_flags_fn_t)ndr_pull_smbXsrv_session_closeB); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); DEBUG(1,("smbXsrv_session_close_loop: " "ndr_pull_struct_blob - %s\n", nt_errstr(status))); goto next; } DEBUG(10,("smbXsrv_session_close_loop: MSG_SMBXSRV_SESSION_CLOSE\n")); if (DEBUGLVL(10)) { NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob); } if (close_blob.version != SMBXSRV_VERSION_0) { DEBUG(0,("smbXsrv_session_close_loop: " "ignore invalid version %u\n", close_blob.version)); NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob); goto next; } close_info0 = close_blob.info.info0; if (close_info0 == NULL) { DEBUG(0,("smbXsrv_session_close_loop: " "ignore NULL info %u\n", close_blob.version)); NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob); goto next; } status = smb2srv_session_lookup_client(client, close_info0->old_session_wire_id, now, &session); if (NT_STATUS_EQUAL(status, NT_STATUS_USER_SESSION_DELETED)) { DEBUG(4,("smbXsrv_session_close_loop: " "old_session_wire_id %llu not found\n", (unsigned long long)close_info0->old_session_wire_id)); if (DEBUGLVL(4)) { NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob); } goto next; } if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) && !NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_SESSION_EXPIRED)) { DEBUG(1,("smbXsrv_session_close_loop: " "old_session_wire_id %llu - %s\n", (unsigned long long)close_info0->old_session_wire_id, nt_errstr(status))); if (DEBUGLVL(1)) { NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob); } goto next; } if (session->global->session_global_id != close_info0->old_session_global_id) { DEBUG(1,("smbXsrv_session_close_loop: " "old_session_wire_id %llu - global %u != %u\n", (unsigned long long)close_info0->old_session_wire_id, session->global->session_global_id, close_info0->old_session_global_id)); if (DEBUGLVL(1)) { NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob); } goto next; } if (session->global->creation_time != close_info0->old_creation_time) { DEBUG(1,("smbXsrv_session_close_loop: " "old_session_wire_id %llu - " "creation %s (%llu) != %s (%llu)\n", (unsigned long long)close_info0->old_session_wire_id, nt_time_string(rec, session->global->creation_time), (unsigned long long)session->global->creation_time, nt_time_string(rec, close_info0->old_creation_time), (unsigned long long)close_info0->old_creation_time)); if (DEBUGLVL(1)) { NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob); } goto next; } subreq = smb2srv_session_shutdown_send(session, client->ev_ctx, session, NULL); if (subreq == NULL) { status = NT_STATUS_NO_MEMORY; DEBUG(0, ("smbXsrv_session_close_loop: " "smb2srv_session_shutdown_send(%llu) failed: %s\n", (unsigned long long)session->global->session_wire_id, nt_errstr(status))); if (DEBUGLVL(1)) { NDR_PRINT_DEBUG(smbXsrv_session_closeB, &close_blob); } goto next; } tevent_req_set_callback(subreq, smbXsrv_session_close_shutdown_done, session); next: TALLOC_FREE(rec); subreq = messaging_read_send(table, client->ev_ctx, client->msg_ctx, MSG_SMBXSRV_SESSION_CLOSE); if (subreq == NULL) { const char *r; r = "messaging_read_send(MSG_SMBXSRV_SESSION_CLOSE) failed"; exit_server_cleanly(r); return; } tevent_req_set_callback(subreq, smbXsrv_session_close_loop, client); }
NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, struct PAC_DATA **pac_data_out, DATA_BLOB blob, krb5_context context, const krb5_keyblock *krbtgt_keyblock, const krb5_keyblock *service_keyblock, krb5_const_principal client_principal, time_t tgs_authtime, krb5_error_code *k5ret) { krb5_error_code ret; NTSTATUS status; enum ndr_err_code ndr_err; struct PAC_SIGNATURE_DATA *srv_sig_ptr = NULL; struct PAC_SIGNATURE_DATA *kdc_sig_ptr = NULL; struct PAC_SIGNATURE_DATA *srv_sig_wipe = NULL; struct PAC_SIGNATURE_DATA *kdc_sig_wipe = NULL; struct PAC_LOGON_INFO *logon_info = NULL; struct PAC_LOGON_NAME *logon_name = NULL; struct PAC_DATA *pac_data; struct PAC_DATA_RAW *pac_data_raw; DATA_BLOB *srv_sig_blob = NULL; DATA_BLOB *kdc_sig_blob = NULL; DATA_BLOB modified_pac_blob; NTTIME tgs_authtime_nttime; krb5_principal client_principal_pac; int i; krb5_clear_error_message(context); if (k5ret) { *k5ret = KRB5_PARSE_MALFORMED; } pac_data = talloc(mem_ctx, struct PAC_DATA); pac_data_raw = talloc(mem_ctx, struct PAC_DATA_RAW); kdc_sig_wipe = talloc(mem_ctx, struct PAC_SIGNATURE_DATA); srv_sig_wipe = talloc(mem_ctx, struct PAC_SIGNATURE_DATA); if (!pac_data_raw || !pac_data || !kdc_sig_wipe || !srv_sig_wipe) { if (k5ret) { *k5ret = ENOMEM; } return NT_STATUS_NO_MEMORY; } ndr_err = ndr_pull_struct_blob(&blob, pac_data, iconv_convenience, pac_data, (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the PAC: %s\n", nt_errstr(status))); return status; } if (pac_data->num_buffers < 4) { /* we need logon_ingo, service_key and kdc_key */ DEBUG(0,("less than 4 PAC buffers\n")); return NT_STATUS_INVALID_PARAMETER; } ndr_err = ndr_pull_struct_blob(&blob, pac_data_raw, iconv_convenience, pac_data_raw, (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA_RAW); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the PAC: %s\n", nt_errstr(status))); return status; } if (pac_data_raw->num_buffers < 4) { /* we need logon_ingo, service_key and kdc_key */ DEBUG(0,("less than 4 PAC buffers\n")); return NT_STATUS_INVALID_PARAMETER; } if (pac_data->num_buffers != pac_data_raw->num_buffers) { /* we need logon_ingo, service_key and kdc_key */ DEBUG(0,("misparse! PAC_DATA has %d buffers while PAC_DATA_RAW has %d\n", pac_data->num_buffers, pac_data_raw->num_buffers)); return NT_STATUS_INVALID_PARAMETER; } for (i=0; i < pac_data->num_buffers; i++) { if (pac_data->buffers[i].type != pac_data_raw->buffers[i].type) { DEBUG(0,("misparse! PAC_DATA buffer %d has type %d while PAC_DATA_RAW has %d\n", i, pac_data->buffers[i].type, pac_data->buffers[i].type)); return NT_STATUS_INVALID_PARAMETER; } switch (pac_data->buffers[i].type) { case PAC_TYPE_LOGON_INFO: if (!pac_data->buffers[i].info) { break; } logon_info = pac_data->buffers[i].info->logon_info.info; break; case PAC_TYPE_SRV_CHECKSUM: if (!pac_data->buffers[i].info) { break; } srv_sig_ptr = &pac_data->buffers[i].info->srv_cksum; srv_sig_blob = &pac_data_raw->buffers[i].info->remaining; break; case PAC_TYPE_KDC_CHECKSUM: if (!pac_data->buffers[i].info) { break; } kdc_sig_ptr = &pac_data->buffers[i].info->kdc_cksum; kdc_sig_blob = &pac_data_raw->buffers[i].info->remaining; break; case PAC_TYPE_LOGON_NAME: logon_name = &pac_data->buffers[i].info->logon_name; break; default: break; } } if (!logon_info) { DEBUG(0,("PAC no logon_info\n")); return NT_STATUS_INVALID_PARAMETER; } if (!logon_name) { DEBUG(0,("PAC no logon_name\n")); return NT_STATUS_INVALID_PARAMETER; } if (!srv_sig_ptr || !srv_sig_blob) { DEBUG(0,("PAC no srv_key\n")); return NT_STATUS_INVALID_PARAMETER; } if (!kdc_sig_ptr || !kdc_sig_blob) { DEBUG(0,("PAC no kdc_key\n")); return NT_STATUS_INVALID_PARAMETER; } /* Find and zero out the signatures, as required by the signing algorithm */ /* We find the data blobs above, now we parse them to get at the exact portion we should zero */ ndr_err = ndr_pull_struct_blob(kdc_sig_blob, kdc_sig_wipe, iconv_convenience, kdc_sig_wipe, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the KDC signature: %s\n", nt_errstr(status))); return status; } ndr_err = ndr_pull_struct_blob(srv_sig_blob, srv_sig_wipe, iconv_convenience, srv_sig_wipe, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the SRV signature: %s\n", nt_errstr(status))); return status; } /* Now zero the decoded structure */ memset(kdc_sig_wipe->signature.data, '\0', kdc_sig_wipe->signature.length); memset(srv_sig_wipe->signature.data, '\0', srv_sig_wipe->signature.length); /* and reencode, back into the same place it came from */ ndr_err = ndr_push_struct_blob(kdc_sig_blob, pac_data_raw, iconv_convenience, kdc_sig_wipe, (ndr_push_flags_fn_t)ndr_push_PAC_SIGNATURE_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't repack the KDC signature: %s\n", nt_errstr(status))); return status; } ndr_err = ndr_push_struct_blob(srv_sig_blob, pac_data_raw, iconv_convenience, srv_sig_wipe, (ndr_push_flags_fn_t)ndr_push_PAC_SIGNATURE_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't repack the SRV signature: %s\n", nt_errstr(status))); return status; } /* push out the whole structure, but now with zero'ed signatures */ ndr_err = ndr_push_struct_blob(&modified_pac_blob, pac_data_raw, iconv_convenience, pac_data_raw, (ndr_push_flags_fn_t)ndr_push_PAC_DATA_RAW); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't repack the RAW PAC: %s\n", nt_errstr(status))); return status; } /* verify by service_key */ ret = check_pac_checksum(mem_ctx, modified_pac_blob, srv_sig_ptr, context, service_keyblock); if (ret) { DEBUG(1, ("PAC Decode: Failed to verify the service signature: %s\n", smb_get_krb5_error_message(context, ret, mem_ctx))); if (k5ret) { *k5ret = ret; } return NT_STATUS_ACCESS_DENIED; } if (krbtgt_keyblock) { ret = check_pac_checksum(mem_ctx, srv_sig_ptr->signature, kdc_sig_ptr, context, krbtgt_keyblock); if (ret) { DEBUG(1, ("PAC Decode: Failed to verify the KDC signature: %s\n", smb_get_krb5_error_message(context, ret, mem_ctx))); if (k5ret) { *k5ret = ret; } return NT_STATUS_ACCESS_DENIED; } } /* Convert to NT time, so as not to loose accuracy in comparison */ unix_to_nt_time(&tgs_authtime_nttime, tgs_authtime); if (tgs_authtime_nttime != logon_name->logon_time) { DEBUG(2, ("PAC Decode: Logon time mismatch between ticket and PAC!\n")); DEBUG(2, ("PAC Decode: PAC: %s\n", nt_time_string(mem_ctx, logon_name->logon_time))); DEBUG(2, ("PAC Decode: Ticket: %s\n", nt_time_string(mem_ctx, tgs_authtime_nttime))); return NT_STATUS_ACCESS_DENIED; } ret = krb5_parse_name_flags(context, logon_name->account_name, KRB5_PRINCIPAL_PARSE_NO_REALM, &client_principal_pac); if (ret) { DEBUG(2, ("Could not parse name from incoming PAC: [%s]: %s\n", logon_name->account_name, smb_get_krb5_error_message(context, ret, mem_ctx))); if (k5ret) { *k5ret = ret; } return NT_STATUS_INVALID_PARAMETER; } if (!krb5_principal_compare_any_realm(context, client_principal, client_principal_pac)) { DEBUG(2, ("Name in PAC [%s] does not match principal name in ticket\n", logon_name->account_name)); return NT_STATUS_ACCESS_DENIED; } #if 0 if (strcasecmp(logon_info->info3.base.account_name.string, "Administrator")== 0) { file_save("tmp_pac_data-admin.dat",blob.data,blob.length); } #endif DEBUG(3,("Found account name from PAC: %s [%s]\n", logon_info->info3.base.account_name.string, logon_info->info3.base.full_name.string)); *pac_data_out = pac_data; return NT_STATUS_OK; }
/* handle recv events on a nbt dgram socket */ static void dgm_socket_recv(struct nbt_dgram_socket *dgmsock) { TALLOC_CTX *tmp_ctx = talloc_new(dgmsock); NTSTATUS status; struct socket_address *src; DATA_BLOB blob; size_t nread, dsize; struct nbt_dgram_packet *packet; const char *mailslot_name; enum ndr_err_code ndr_err; status = socket_pending(dgmsock->sock, &dsize); if (!NT_STATUS_IS_OK(status)) { talloc_free(tmp_ctx); return; } blob = data_blob_talloc(tmp_ctx, NULL, dsize); if (blob.data == NULL) { talloc_free(tmp_ctx); return; } status = socket_recvfrom(dgmsock->sock, blob.data, blob.length, &nread, tmp_ctx, &src); if (!NT_STATUS_IS_OK(status)) { talloc_free(tmp_ctx); return; } blob.length = nread; DEBUG(2,("Received dgram packet of length %d from %s:%d\n", (int)blob.length, src->addr, src->port)); packet = talloc(tmp_ctx, struct nbt_dgram_packet); if (packet == NULL) { talloc_free(tmp_ctx); return; } /* parse the request */ ndr_err = ndr_pull_struct_blob(&blob, packet, dgmsock->iconv_convenience, packet, (ndr_pull_flags_fn_t)ndr_pull_nbt_dgram_packet); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); DEBUG(2,("Failed to parse incoming NBT DGRAM packet - %s\n", nt_errstr(status))); talloc_free(tmp_ctx); return; } /* if this is a mailslot message, then see if we can dispatch it to a handler */ mailslot_name = dgram_mailslot_name(packet); if (mailslot_name) { struct dgram_mailslot_handler *dgmslot; dgmslot = dgram_mailslot_find(dgmsock, mailslot_name); if (dgmslot) { dgmslot->handler(dgmslot, packet, src); } else { DEBUG(2,("No mailslot handler for '%s'\n", mailslot_name)); } } else { /* dispatch if there is a general handler */ if (dgmsock->incoming.handler) { dgmsock->incoming.handler(dgmsock, packet, src); } } talloc_free(tmp_ctx); }
/* add or modify a rdataset */ _PUBLIC_ isc_result_t dlz_addrdataset(const char *name, const char *rdatastr, void *dbdata, void *version) { struct dlz_bind9_data *state = talloc_get_type_abort(dbdata, struct dlz_bind9_data); struct dnsp_DnssrvRpcRecord *rec; struct ldb_dn *dn; isc_result_t result; struct ldb_result *res; const char *attrs[] = { "dnsRecord", NULL }; int ret, i; struct ldb_message_element *el; enum ndr_err_code ndr_err; NTTIME t; if (state->transaction_token != (void*)version) { state->log(ISC_LOG_INFO, "samba_dlz: bad transaction version"); return ISC_R_FAILURE; } rec = talloc_zero(state, struct dnsp_DnssrvRpcRecord); if (rec == NULL) { return ISC_R_NOMEMORY; } unix_to_nt_time(&t, time(NULL)); t /= 10*1000*1000; /* convert to seconds (NT time is in 100ns units) */ t /= 3600; /* convert to hours */ rec->rank = DNS_RANK_ZONE; rec->dwSerial = state->soa_serial; rec->dwTimeStamp = (uint32_t)t; if (!b9_parse(state, rdatastr, rec)) { state->log(ISC_LOG_INFO, "samba_dlz: failed to parse rdataset '%s'", rdatastr); talloc_free(rec); return ISC_R_FAILURE; } /* find the DN of the record */ result = b9_find_name_dn(state, name, rec, &dn); if (result != ISC_R_SUCCESS) { talloc_free(rec); return result; } /* get any existing records */ ret = ldb_search(state->samdb, rec, &res, dn, LDB_SCOPE_BASE, attrs, "objectClass=dnsNode"); if (ret == LDB_ERR_NO_SUCH_OBJECT) { if (!b9_set_session_info(state, name)) { talloc_free(rec); return ISC_R_FAILURE; } result = b9_add_record(state, name, dn, rec); b9_reset_session_info(state); talloc_free(rec); if (result == ISC_R_SUCCESS) { state->log(ISC_LOG_INFO, "samba_dlz: added %s %s", name, rdatastr); } return result; } el = ldb_msg_find_element(res->msgs[0], "dnsRecord"); if (el == NULL) { ret = ldb_msg_add_empty(res->msgs[0], "dnsRecord", LDB_FLAG_MOD_ADD, &el); if (ret != LDB_SUCCESS) { state->log(ISC_LOG_ERROR, "samba_dlz: failed to add dnsRecord for %s", ldb_dn_get_linearized(dn)); talloc_free(rec); return ISC_R_FAILURE; } } /* there are existing records. We need to see if this will * replace a record or add to it */ for (i=0; i<el->num_values; i++) { struct dnsp_DnssrvRpcRecord rec2; ndr_err = ndr_pull_struct_blob(&el->values[i], rec, &rec2, (ndr_pull_flags_fn_t)ndr_pull_dnsp_DnssrvRpcRecord); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { state->log(ISC_LOG_ERROR, "samba_dlz: failed to parse dnsRecord for %s", ldb_dn_get_linearized(dn)); talloc_free(rec); return ISC_R_FAILURE; } if (b9_record_match(state, rec, &rec2)) { break; } } if (i == el->num_values) { /* adding a new value */ el->values = talloc_realloc(el, el->values, struct ldb_val, el->num_values+1); if (el->values == NULL) { talloc_free(rec); return ISC_R_NOMEMORY; } el->num_values++; }
NTSTATUS vfs_default_durable_reconnect(struct connection_struct *conn, struct smb_request *smb1req, struct smbXsrv_open *op, const DATA_BLOB old_cookie, TALLOC_CTX *mem_ctx, files_struct **result, DATA_BLOB *new_cookie) { struct share_mode_lock *lck; struct share_mode_entry *e; struct files_struct *fsp = NULL; NTSTATUS status; bool ok; int ret; int flags = 0; struct file_id file_id; struct smb_filename *smb_fname = NULL; enum ndr_err_code ndr_err; struct vfs_default_durable_cookie cookie; DATA_BLOB new_cookie_blob = data_blob_null; *result = NULL; *new_cookie = data_blob_null; if (!lp_durable_handles(SNUM(conn))) { return NT_STATUS_NOT_SUPPORTED; } /* * the checks for kernel oplocks * and similar things are done * in the vfs_default_durable_cookie() * call below. */ ZERO_STRUCT(cookie); ndr_err = ndr_pull_struct_blob(&old_cookie, talloc_tos(), &cookie, (ndr_pull_flags_fn_t)ndr_pull_vfs_default_durable_cookie); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); return status; } if (strcmp(cookie.magic, VFS_DEFAULT_DURABLE_COOKIE_MAGIC) != 0) { return NT_STATUS_INVALID_PARAMETER; } if (cookie.version != VFS_DEFAULT_DURABLE_COOKIE_VERSION) { return NT_STATUS_INVALID_PARAMETER; } if (!cookie.allow_reconnect) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; } if (strcmp(cookie.servicepath, conn->connectpath) != 0) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; } /* Create an smb_filename with stream_name == NULL. */ smb_fname = synthetic_smb_fname(talloc_tos(), cookie.base_name, NULL, NULL); if (smb_fname == NULL) { return NT_STATUS_NO_MEMORY; } ret = SMB_VFS_LSTAT(conn, smb_fname); if (ret == -1) { status = map_nt_error_from_unix_common(errno); DEBUG(1, ("Unable to lstat stream: %s => %s\n", smb_fname_str_dbg(smb_fname), nt_errstr(status))); return status; } if (!S_ISREG(smb_fname->st.st_ex_mode)) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; } file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st); if (!file_id_equal(&cookie.id, &file_id)) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; } /* * 1. check entry in locking.tdb */ lck = get_existing_share_mode_lock(mem_ctx, file_id); if (lck == NULL) { DEBUG(5, ("vfs_default_durable_reconnect: share-mode lock " "not obtained from db\n")); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } if (lck->data->num_share_modes == 0) { DEBUG(1, ("vfs_default_durable_reconnect: Error: no share-mode " "entry in existing share mode lock\n")); TALLOC_FREE(lck); return NT_STATUS_INTERNAL_DB_ERROR; } if (lck->data->num_share_modes > 1) { /* * It can't be durable if there is more than one handle * on the file. */ DEBUG(5, ("vfs_default_durable_reconnect: more than one " "share-mode entry - can not be durable\n")); TALLOC_FREE(lck); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } e = &lck->data->share_modes[0]; if (!server_id_is_disconnected(&e->pid)) { DEBUG(5, ("vfs_default_durable_reconnect: denying durable " "reconnect for handle that was not marked " "disconnected (e.g. smbd or cluster node died)\n")); TALLOC_FREE(lck); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } if (e->share_file_id != op->global->open_persistent_id) { DEBUG(5, ("vfs_default_durable_reconnect: denying durable " "share_file_id changed %llu != %llu" "(e.g. another client had opened the file)\n", (unsigned long long)e->share_file_id, (unsigned long long)op->global->open_persistent_id)); TALLOC_FREE(lck); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } if ((e->access_mask & (FILE_WRITE_DATA|FILE_APPEND_DATA)) && !CAN_WRITE(conn)) { DEBUG(5, ("vfs_default_durable_reconnect: denying durable " "share[%s] is not writeable anymore\n", lp_servicename(talloc_tos(), SNUM(conn)))); TALLOC_FREE(lck); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } /* * 2. proceed with opening file */ status = fsp_new(conn, conn, &fsp); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("vfs_default_durable_reconnect: failed to create " "new fsp: %s\n", nt_errstr(status))); TALLOC_FREE(lck); return status; } fsp->fh->private_options = e->private_options; fsp->fh->gen_id = smbXsrv_open_hash(op); fsp->file_id = file_id; fsp->file_pid = smb1req->smbpid; fsp->vuid = smb1req->vuid; fsp->open_time = e->time; fsp->access_mask = e->access_mask; fsp->share_access = e->share_access; fsp->can_read = ((fsp->access_mask & (FILE_READ_DATA)) != 0); fsp->can_write = ((fsp->access_mask & (FILE_WRITE_DATA|FILE_APPEND_DATA)) != 0); fsp->fnum = op->local_id; /* * TODO: * Do we need to store the modified flag in the DB? */ fsp->modified = false; /* * no durables for directories */ fsp->is_directory = false; /* * For normal files, can_lock == !is_directory */ fsp->can_lock = true; /* * We do not support aio write behind for smb2 */ fsp->aio_write_behind = false; fsp->oplock_type = e->op_type; fsp->initial_allocation_size = cookie.initial_allocation_size; fsp->fh->position_information = cookie.position_information; fsp->update_write_time_triggered = cookie.update_write_time_triggered; fsp->update_write_time_on_close = cookie.update_write_time_on_close; fsp->write_time_forced = cookie.write_time_forced; fsp->close_write_time = cookie.close_write_time; status = fsp_set_smb_fname(fsp, smb_fname); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(lck); fsp_free(fsp); DEBUG(0, ("vfs_default_durable_reconnect: " "fsp_set_smb_fname failed: %s\n", nt_errstr(status))); return status; } op->compat = fsp; fsp->op = op; e->pid = messaging_server_id(conn->sconn->msg_ctx); e->op_mid = smb1req->mid; e->share_file_id = fsp->fh->gen_id; ok = brl_reconnect_disconnected(fsp); if (!ok) { status = NT_STATUS_INTERNAL_ERROR; DEBUG(1, ("vfs_default_durable_reconnect: " "failed to reopen brlocks: %s\n", nt_errstr(status))); TALLOC_FREE(lck); op->compat = NULL; fsp_free(fsp); return status; } /* * TODO: properly calculate open flags */ if (fsp->can_write && fsp->can_read) { flags = O_RDWR; } else if (fsp->can_write) { flags = O_WRONLY; } else if (fsp->can_read) { flags = O_RDONLY; } status = fd_open(conn, fsp, flags, 0 /* mode */); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(lck); DEBUG(1, ("vfs_default_durable_reconnect: failed to open " "file: %s\n", nt_errstr(status))); op->compat = NULL; fsp_free(fsp); return status; } /* * We now check the stat info stored in the cookie against * the current stat data from the file we just opened. * If any detail differs, we deny the durable reconnect, * because in that case it is very likely that someone * opened the file while the handle was disconnected, * which has to be interpreted as an oplock break. */ ret = SMB_VFS_FSTAT(fsp, &fsp->fsp_name->st); if (ret == -1) { status = map_nt_error_from_unix_common(errno); DEBUG(1, ("Unable to fstat stream: %s => %s\n", smb_fname_str_dbg(smb_fname), nt_errstr(status))); ret = SMB_VFS_CLOSE(fsp); if (ret == -1) { DEBUG(0, ("vfs_default_durable_reconnect: " "SMB_VFS_CLOSE failed (%s) - leaking file " "descriptor\n", strerror(errno))); } TALLOC_FREE(lck); op->compat = NULL; fsp_free(fsp); return status; } if (!S_ISREG(fsp->fsp_name->st.st_ex_mode)) { ret = SMB_VFS_CLOSE(fsp); if (ret == -1) { DEBUG(0, ("vfs_default_durable_reconnect: " "SMB_VFS_CLOSE failed (%s) - leaking file " "descriptor\n", strerror(errno))); } TALLOC_FREE(lck); op->compat = NULL; fsp_free(fsp); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st); if (!file_id_equal(&cookie.id, &file_id)) { ret = SMB_VFS_CLOSE(fsp); if (ret == -1) { DEBUG(0, ("vfs_default_durable_reconnect: " "SMB_VFS_CLOSE failed (%s) - leaking file " "descriptor\n", strerror(errno))); } TALLOC_FREE(lck); op->compat = NULL; fsp_free(fsp); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } ok = vfs_default_durable_reconnect_check_stat(&cookie.stat_info, &fsp->fsp_name->st, fsp_str_dbg(fsp)); if (!ok) { ret = SMB_VFS_CLOSE(fsp); if (ret == -1) { DEBUG(0, ("vfs_default_durable_reconnect: " "SMB_VFS_CLOSE failed (%s) - leaking file " "descriptor\n", strerror(errno))); } TALLOC_FREE(lck); op->compat = NULL; fsp_free(fsp); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } status = set_file_oplock(fsp); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("vfs_default_durable_reconnect failed to set oplock " "after opening file: %s\n", nt_errstr(status))); ret = SMB_VFS_CLOSE(fsp); if (ret == -1) { DEBUG(0, ("vfs_default_durable_reconnect: " "SMB_VFS_CLOSE failed (%s) - leaking file " "descriptor\n", strerror(errno))); } TALLOC_FREE(lck); op->compat = NULL; fsp_free(fsp); return status; } status = vfs_default_durable_cookie(fsp, mem_ctx, &new_cookie_blob); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(lck); DEBUG(1, ("vfs_default_durable_reconnect: " "vfs_default_durable_cookie - %s\n", nt_errstr(status))); op->compat = NULL; fsp_free(fsp); return status; } smb1req->chain_fsp = fsp; smb1req->smb2req->compat_chain_fsp = fsp; DEBUG(10, ("vfs_default_durable_reconnect: opened file '%s'\n", fsp_str_dbg(fsp))); /* * release the sharemode lock: this writes the changes */ lck->data->modified = true; TALLOC_FREE(lck); *result = fsp; *new_cookie = new_cookie_blob; return NT_STATUS_OK; }
static bool get_ea_dos_attribute(connection_struct *conn, struct smb_filename *smb_fname, uint32_t *pattr) { struct xattr_DOSATTRIB dosattrib; enum ndr_err_code ndr_err; DATA_BLOB blob; ssize_t sizeret; fstring attrstr; uint32_t dosattr; if (!lp_store_dos_attributes(SNUM(conn))) { return False; } /* Don't reset pattr to zero as we may already have filename-based attributes we need to preserve. */ sizeret = SMB_VFS_GETXATTR(conn, smb_fname->base_name, SAMBA_XATTR_DOS_ATTRIB, attrstr, sizeof(attrstr)); if (sizeret == -1) { if (errno == ENOSYS #if defined(ENOTSUP) || errno == ENOTSUP) { #else ) { #endif DEBUG(1,("get_ea_dos_attribute: Cannot get attribute " "from EA on file %s: Error = %s\n", smb_fname_str_dbg(smb_fname), strerror(errno))); set_store_dos_attributes(SNUM(conn), False); } return False; } blob.data = (uint8_t *)attrstr; blob.length = sizeret; ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &dosattrib, (ndr_pull_flags_fn_t)ndr_pull_xattr_DOSATTRIB); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { DEBUG(1,("get_ea_dos_attribute: bad ndr decode " "from EA on file %s: Error = %s\n", smb_fname_str_dbg(smb_fname), ndr_errstr(ndr_err))); return false; } DEBUG(10,("get_ea_dos_attribute: %s attr = %s\n", smb_fname_str_dbg(smb_fname), dosattrib.attrib_hex)); switch (dosattrib.version) { case 0xFFFF: dosattr = dosattrib.info.compatinfoFFFF.attrib; break; case 1: dosattr = dosattrib.info.info1.attrib; if (!null_nttime(dosattrib.info.info1.create_time)) { struct timespec create_time = nt_time_to_unix_timespec( dosattrib.info.info1.create_time); update_stat_ex_create_time(&smb_fname->st, create_time); DEBUG(10,("get_ea_dos_attribute: file %s case 1 " "set btime %s\n", smb_fname_str_dbg(smb_fname), time_to_asc(convert_timespec_to_time_t( create_time)) )); } break; case 2: dosattr = dosattrib.info.oldinfo2.attrib; /* Don't know what flags to check for this case. */ break; case 3: dosattr = dosattrib.info.info3.attrib; if ((dosattrib.info.info3.valid_flags & XATTR_DOSINFO_CREATE_TIME) && !null_nttime(dosattrib.info.info3.create_time)) { struct timespec create_time = nt_time_to_unix_timespec( dosattrib.info.info3.create_time); update_stat_ex_create_time(&smb_fname->st, create_time); DEBUG(10,("get_ea_dos_attribute: file %s case 3 " "set btime %s\n", smb_fname_str_dbg(smb_fname), time_to_asc(convert_timespec_to_time_t( create_time)) )); } break; default: DEBUG(1,("get_ea_dos_attribute: Badly formed DOSATTRIB on " "file %s - %s\n", smb_fname_str_dbg(smb_fname), attrstr)); return false; } if (S_ISDIR(smb_fname->st.st_ex_mode)) { dosattr |= FILE_ATTRIBUTE_DIRECTORY; } /* FILE_ATTRIBUTE_SPARSE is valid on get but not on set. */ *pattr = (uint32_t)(dosattr & (SAMBA_ATTRIBUTES_MASK|FILE_ATTRIBUTE_SPARSE)); dos_mode_debug_print(__func__, *pattr); return True; } /**************************************************************************** Set DOS attributes in an EA. Also sets the create time. ****************************************************************************/ static bool set_ea_dos_attribute(connection_struct *conn, struct smb_filename *smb_fname, uint32_t dosmode) { struct xattr_DOSATTRIB dosattrib; enum ndr_err_code ndr_err; DATA_BLOB blob; ZERO_STRUCT(dosattrib); ZERO_STRUCT(blob); dosattrib.version = 3; dosattrib.info.info3.valid_flags = XATTR_DOSINFO_ATTRIB| XATTR_DOSINFO_CREATE_TIME; dosattrib.info.info3.attrib = dosmode; dosattrib.info.info3.create_time = unix_timespec_to_nt_time( smb_fname->st.st_ex_btime); DEBUG(10,("set_ea_dos_attributes: set attribute 0x%x, btime = %s on file %s\n", (unsigned int)dosmode, time_to_asc(convert_timespec_to_time_t(smb_fname->st.st_ex_btime)), smb_fname_str_dbg(smb_fname) )); ndr_err = ndr_push_struct_blob( &blob, talloc_tos(), &dosattrib, (ndr_push_flags_fn_t)ndr_push_xattr_DOSATTRIB); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { DEBUG(5, ("create_acl_blob: ndr_push_xattr_DOSATTRIB failed: %s\n", ndr_errstr(ndr_err))); return false; } if (blob.data == NULL || blob.length == 0) { return false; } if (SMB_VFS_SETXATTR(conn, smb_fname->base_name, SAMBA_XATTR_DOS_ATTRIB, blob.data, blob.length, 0) == -1) { bool ret = false; bool need_close = false; files_struct *fsp = NULL; if((errno != EPERM) && (errno != EACCES)) { if (errno == ENOSYS #if defined(ENOTSUP) || errno == ENOTSUP) { #else ) { #endif DEBUG(1,("set_ea_dos_attributes: Cannot set " "attribute EA on file %s: Error = %s\n", smb_fname_str_dbg(smb_fname), strerror(errno) )); set_store_dos_attributes(SNUM(conn), False); } return false; } /* We want DOS semantics, ie allow non owner with write permission to change the bits on a file. Just like file_ntimes below. */ /* Check if we have write access. */ if(!CAN_WRITE(conn) || !lp_dos_filemode(SNUM(conn))) return false; if (!can_write_to_file(conn, smb_fname)) { return false; } /* * We need to get an open file handle to do the * metadata operation under root. */ if (!NT_STATUS_IS_OK(get_file_handle_for_metadata(conn, smb_fname, &fsp, &need_close))) { return false; } become_root(); if (SMB_VFS_FSETXATTR(fsp, SAMBA_XATTR_DOS_ATTRIB, blob.data, blob.length, 0) == 0) { ret = true; } unbecome_root(); if (need_close) { close_file(NULL, fsp, NORMAL_CLOSE); } return ret; } DEBUG(10,("set_ea_dos_attribute: set EA 0x%x on file %s\n", (unsigned int)dosmode, smb_fname_str_dbg(smb_fname))); return true; } /**************************************************************************** Change a unix mode to a dos mode for an ms dfs link. ****************************************************************************/ uint32_t dos_mode_msdfs(connection_struct *conn, const struct smb_filename *smb_fname) { uint32_t result = 0; DEBUG(8,("dos_mode_msdfs: %s\n", smb_fname_str_dbg(smb_fname))); if (!VALID_STAT(smb_fname->st)) { return 0; } /* First do any modifications that depend on the path name. */ /* hide files with a name starting with a . */ if (lp_hide_dot_files(SNUM(conn))) { const char *p = strrchr_m(smb_fname->base_name, '/'); if (p) { p++; } else { p = smb_fname->base_name; } /* Only . and .. are not hidden. */ if (p[0] == '.' && !((p[1] == '\0') || (p[1] == '.' && p[2] == '\0'))) { result |= FILE_ATTRIBUTE_HIDDEN; } } result |= dos_mode_from_sbuf(conn, smb_fname); /* Optimization : Only call is_hidden_path if it's not already hidden. */ if (!(result & FILE_ATTRIBUTE_HIDDEN) && IS_HIDDEN_PATH(conn, smb_fname->base_name)) { result |= FILE_ATTRIBUTE_HIDDEN; } if (result == 0) { result = FILE_ATTRIBUTE_NORMAL; } result = filter_mode_by_protocol(result); /* * Add in that it is a reparse point */ result |= FILE_ATTRIBUTE_REPARSE_POINT; dos_mode_debug_print(__func__, result); return(result); }
static NTSTATUS dsgetdcname_cache_fetch(TALLOC_CTX *mem_ctx, const char *domain_name, const struct GUID *domain_guid, uint32_t flags, struct netr_DsRGetDCNameInfo **info_p) { char *key; DATA_BLOB blob; enum ndr_err_code ndr_err; struct netr_DsRGetDCNameInfo *info; struct NETLOGON_SAM_LOGON_RESPONSE_EX r; NTSTATUS status; key = dsgetdcname_cache_key(mem_ctx, domain_name); if (!key) { return NT_STATUS_NO_MEMORY; } if (!gencache_get_data_blob(key, NULL, &blob, NULL, NULL)) { return NT_STATUS_NOT_FOUND; } info = talloc_zero(mem_ctx, struct netr_DsRGetDCNameInfo); if (!info) { data_blob_free(&blob); return NT_STATUS_NO_MEMORY; } ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &r, (ndr_pull_flags_fn_t)ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_EX); data_blob_free(&blob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { dsgetdcname_cache_delete(mem_ctx, domain_name); return ndr_map_error2ntstatus(ndr_err); } status = make_dc_info_from_cldap_reply(mem_ctx, flags, NULL, &r, &info); if (!NT_STATUS_IS_OK(status)) { return status; } if (DEBUGLEVEL >= 10) { NDR_PRINT_DEBUG(netr_DsRGetDCNameInfo, info); } /* check flags */ if (!check_cldap_reply_required_flags(info->dc_flags, flags)) { DEBUG(10,("invalid flags\n")); return NT_STATUS_INVALID_PARAMETER; } if ((flags & DS_IP_REQUIRED) && (info->dc_address_type != DS_ADDRESS_TYPE_INET)) { return NT_STATUS_INVALID_PARAMETER_MIX; } *info_p = info; return NT_STATUS_OK; }
NTSTATUS printing_tdb_migrate_driver(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *winreg_pipe, const char *key_name, unsigned char *data, size_t length, bool do_string_conversion) { struct dcerpc_binding_handle *b = winreg_pipe->binding_handle; enum ndr_err_code ndr_err; struct ntprinting_driver r; struct spoolss_AddDriverInfoCtr d; struct spoolss_AddDriverInfo3 d3; struct spoolss_StringArray a; DATA_BLOB blob; WERROR result; const char *driver_name; uint32_t driver_version; blob = data_blob_const(data, length); ZERO_STRUCT(r); if (do_string_conversion) { r.string_flags = LIBNDR_FLAG_STR_ASCII; } ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &r, (ndr_pull_flags_fn_t)ndr_pull_ntprinting_driver); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { DEBUG(2, ("Driver pull failed: %s\n", ndr_errstr(ndr_err))); return NT_STATUS_NO_MEMORY; } DEBUG(2, ("Migrating Printer Driver: %s\n", key_name)); ZERO_STRUCT(d3); ZERO_STRUCT(a); a.string = r.dependent_files; d3.architecture = r.environment; d3.config_file = r.configfile; d3.data_file = r.datafile; d3.default_datatype = r.defaultdatatype; d3.dependent_files = &a; d3.driver_path = r.driverpath; d3.help_file = r.helpfile; d3.monitor_name = r.monitorname; d3.driver_name = r.name; d3.version = r.version; d.level = 3; d.info.info3 = &d3; result = winreg_add_driver(mem_ctx, b, &d, &driver_name, &driver_version); if (!W_ERROR_IS_OK(result)) { return werror_to_ntstatus(result); } return NT_STATUS_OK; }
static NTSTATUS schannel_fetch_session_key_tdb(struct tdb_wrap *tdb_sc, TALLOC_CTX *mem_ctx, const char *computer_name, struct netlogon_creds_CredentialState **pcreds) { NTSTATUS status; TDB_DATA value; enum ndr_err_code ndr_err; DATA_BLOB blob; struct netlogon_creds_CredentialState *creds = NULL; char *keystr = NULL; char *name_upper; *pcreds = NULL; name_upper = strupper_talloc(mem_ctx, computer_name); if (!name_upper) { return NT_STATUS_NO_MEMORY; } keystr = talloc_asprintf(mem_ctx, "%s/%s", SECRETS_SCHANNEL_STATE, name_upper); TALLOC_FREE(name_upper); if (!keystr) { return NT_STATUS_NO_MEMORY; } value = tdb_fetch_bystring(tdb_sc->tdb, keystr); if (!value.dptr) { DEBUG(10,("schannel_fetch_session_key_tdb: Failed to find entry with key %s\n", keystr )); status = NT_STATUS_OBJECT_NAME_NOT_FOUND; goto done; } creds = talloc_zero(mem_ctx, struct netlogon_creds_CredentialState); if (!creds) { status = NT_STATUS_NO_MEMORY; goto done; } blob = data_blob_const(value.dptr, value.dsize); ndr_err = ndr_pull_struct_blob(&blob, creds, creds, (ndr_pull_flags_fn_t)ndr_pull_netlogon_creds_CredentialState); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); goto done; } if (DEBUGLEVEL >= 10) { NDR_PRINT_DEBUG(netlogon_creds_CredentialState, creds); } DEBUG(3,("schannel_fetch_session_key_tdb: restored schannel info key %s\n", keystr)); status = NT_STATUS_OK; done: talloc_free(keystr); SAFE_FREE(value.dptr); if (!NT_STATUS_IS_OK(status)) { talloc_free(creds); return status; } *pcreds = creds; return NT_STATUS_OK; }
NTSTATUS printing_tdb_migrate_printer(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *winreg_pipe, const char *key_name, unsigned char *data, size_t length, bool do_string_conversion) { struct dcerpc_binding_handle *b = winreg_pipe->binding_handle; enum ndr_err_code ndr_err; struct ntprinting_printer r; struct spoolss_SetPrinterInfo2 info2; struct spoolss_DeviceMode dm; struct spoolss_DevmodeContainer devmode_ctr; DATA_BLOB blob; NTSTATUS status; WERROR result; int j; uint32_t info2_mask = (SPOOLSS_PRINTER_INFO_ALL) & ~SPOOLSS_PRINTER_INFO_SECDESC; if (strequal(key_name, "printers")) { return NT_STATUS_OK; } blob = data_blob_const(data, length); ZERO_STRUCT(r); if (do_string_conversion) { r.info.string_flags = LIBNDR_FLAG_STR_ASCII; } ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &r, (ndr_pull_flags_fn_t) ndr_pull_ntprinting_printer); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { DEBUG(2, ("printer pull failed: %s\n", ndr_errstr(ndr_err))); return NT_STATUS_NO_MEMORY; } DEBUG(2, ("Migrating Printer: %s\n", key_name)); ZERO_STRUCT(devmode_ctr); /* Create printer info level 2 */ ZERO_STRUCT(info2); info2.attributes = r.info.attributes; info2.averageppm = r.info.averageppm; info2.cjobs = r.info.cjobs; info2.comment = r.info.comment; info2.datatype = r.info.datatype; info2.defaultpriority = r.info.default_priority; info2.drivername = r.info.drivername; info2.location = r.info.location; info2.parameters = r.info.parameters; info2.portname = r.info.portname; info2.printername = r.info.printername; info2.printprocessor = r.info.printprocessor; info2.priority = r.info.priority; info2.sepfile = r.info.sepfile; info2.sharename = r.info.sharename; info2.starttime = r.info.starttime; info2.status = r.info.status; info2.untiltime = r.info.untiltime; /* Create Device Mode */ if (r.devmode == NULL) { info2_mask &= ~SPOOLSS_PRINTER_INFO_DEVMODE; } else { ZERO_STRUCT(dm); dm.bitsperpel = r.devmode->bitsperpel; dm.collate = r.devmode->collate; dm.color = r.devmode->color; dm.copies = r.devmode->copies; dm.defaultsource = r.devmode->defaultsource; dm.devicename = r.devmode->devicename; dm.displayflags = r.devmode->displayflags; dm.displayfrequency = r.devmode->displayfrequency; dm.dithertype = r.devmode->dithertype; dm.driverversion = r.devmode->driverversion; dm.duplex = r.devmode->duplex; dm.fields = r.devmode->fields; dm.formname = r.devmode->formname; dm.icmintent = r.devmode->icmintent; dm.icmmethod = r.devmode->icmmethod; dm.logpixels = r.devmode->logpixels; dm.mediatype = r.devmode->mediatype; dm.orientation = r.devmode->orientation; dm.panningheight = r.devmode->pelsheight; dm.panningwidth = r.devmode->panningwidth; dm.paperlength = r.devmode->paperlength; dm.papersize = r.devmode->papersize; dm.paperwidth = r.devmode->paperwidth; dm.pelsheight = r.devmode->pelsheight; dm.pelswidth = r.devmode->pelswidth; dm.printquality = r.devmode->printquality; dm.size = r.devmode->size; dm.scale = r.devmode->scale; dm.specversion = r.devmode->specversion; dm.ttoption = r.devmode->ttoption; dm.yresolution = r.devmode->yresolution; if (r.devmode->nt_dev_private != NULL) { dm.driverextra_data.data = r.devmode->nt_dev_private->data; dm.driverextra_data.length = r.devmode->nt_dev_private->length; dm.__driverextra_length = r.devmode->nt_dev_private->length; } devmode_ctr.devmode = &dm; } result = winreg_update_printer(mem_ctx, b, key_name, info2_mask, &info2, &dm, NULL); if (!W_ERROR_IS_OK(result)) { DEBUG(2, ("SetPrinter(%s) level 2 refused -- %s.\n", key_name, win_errstr(result))); status = werror_to_ntstatus(result); goto done; } /* migrate printerdata */ for (j = 0; j < r.count; j++) { char *valuename; const char *keyname; if (r.printer_data[j].type == REG_NONE) { continue; } keyname = r.printer_data[j].name; valuename = strchr(keyname, '\\'); if (valuename == NULL) { continue; } else { valuename[0] = '\0'; valuename++; } result = winreg_set_printer_dataex(mem_ctx, b, key_name, keyname, valuename, r.printer_data[j].type, r.printer_data[j].data.data, r.printer_data[j].data.length); if (!W_ERROR_IS_OK(result)) { DEBUG(2, ("SetPrinterDataEx: printer [%s], keyname [%s], " "valuename [%s] refused -- %s.\n", key_name, keyname, valuename, win_errstr(result))); status = werror_to_ntstatus(result); break; } } status = NT_STATUS_OK; done: return status; }
/* parse NTTRANS_CREATE request */ static NTSTATUS nttrans_create(struct smbsrv_request *req, struct nttrans_op *op) { struct smb_nttrans *trans = op->trans; union smb_open *io; uint16_t fname_len; uint32_t sd_length, ea_length; NTSTATUS status; uint8_t *params; enum ndr_err_code ndr_err; if (trans->in.params.length < 54) { return NT_STATUS_INVALID_PARAMETER; } /* parse the request */ io = talloc(op, union smb_open); NT_STATUS_HAVE_NO_MEMORY(io); io->ntcreatex.level = RAW_OPEN_NTTRANS_CREATE; params = trans->in.params.data; io->ntcreatex.in.flags = IVAL(params, 0); io->ntcreatex.in.root_fid.ntvfs = smbsrv_pull_fnum(req, params, 4); io->ntcreatex.in.access_mask = IVAL(params, 8); io->ntcreatex.in.alloc_size = BVAL(params, 12); io->ntcreatex.in.file_attr = IVAL(params, 20); io->ntcreatex.in.share_access = IVAL(params, 24); io->ntcreatex.in.open_disposition = IVAL(params, 28); io->ntcreatex.in.create_options = IVAL(params, 32); sd_length = IVAL(params, 36); ea_length = IVAL(params, 40); fname_len = IVAL(params, 44); io->ntcreatex.in.impersonation = IVAL(params, 48); io->ntcreatex.in.security_flags = CVAL(params, 52); io->ntcreatex.in.sec_desc = NULL; io->ntcreatex.in.ea_list = NULL; io->ntcreatex.in.query_maximal_access = false; io->ntcreatex.in.query_on_disk_id = false; io->ntcreatex.in.private_flags = 0; req_pull_string(&req->in.bufinfo, &io->ntcreatex.in.fname, params + 53, MIN(fname_len+1, trans->in.params.length - 53), STR_NO_RANGE_CHECK | STR_TERMINATE); if (!io->ntcreatex.in.fname) { return NT_STATUS_INVALID_PARAMETER; } if (sd_length > trans->in.data.length || ea_length > trans->in.data.length || (sd_length+ea_length) > trans->in.data.length) { return NT_STATUS_INVALID_PARAMETER; } /* this call has an optional security descriptor */ if (sd_length != 0) { DATA_BLOB blob; blob.data = trans->in.data.data; blob.length = sd_length; io->ntcreatex.in.sec_desc = talloc(io, struct security_descriptor); if (io->ntcreatex.in.sec_desc == NULL) { return NT_STATUS_NO_MEMORY; } ndr_err = ndr_pull_struct_blob(&blob, io, io->ntcreatex.in.sec_desc, (ndr_pull_flags_fn_t)ndr_pull_security_descriptor); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return ndr_map_error2ntstatus(ndr_err); } }
static bool get_ea_dos_attribute(connection_struct *conn, struct smb_filename *smb_fname, uint32_t *pattr) { struct xattr_DOSATTRIB dosattrib; enum ndr_err_code ndr_err; DATA_BLOB blob; ssize_t sizeret; fstring attrstr; uint32_t dosattr; if (!lp_store_dos_attributes(SNUM(conn))) { return False; } /* Don't reset pattr to zero as we may already have filename-based attributes we need to preserve. */ sizeret = SMB_VFS_GETXATTR(conn, smb_fname->base_name, SAMBA_XATTR_DOS_ATTRIB, attrstr, sizeof(attrstr)); if (sizeret == -1) { DBG_INFO("Cannot get attribute " "from EA on file %s: Error = %s\n", smb_fname_str_dbg(smb_fname), strerror(errno)); return False; } blob.data = (uint8_t *)attrstr; blob.length = sizeret; ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &dosattrib, (ndr_pull_flags_fn_t)ndr_pull_xattr_DOSATTRIB); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { DEBUG(1,("get_ea_dos_attribute: bad ndr decode " "from EA on file %s: Error = %s\n", smb_fname_str_dbg(smb_fname), ndr_errstr(ndr_err))); return false; } DEBUG(10,("get_ea_dos_attribute: %s attr = %s\n", smb_fname_str_dbg(smb_fname), dosattrib.attrib_hex)); switch (dosattrib.version) { case 0xFFFF: dosattr = dosattrib.info.compatinfoFFFF.attrib; break; case 1: dosattr = dosattrib.info.info1.attrib; if (!null_nttime(dosattrib.info.info1.create_time)) { struct timespec create_time = nt_time_to_unix_timespec( dosattrib.info.info1.create_time); update_stat_ex_create_time(&smb_fname->st, create_time); DEBUG(10,("get_ea_dos_attribute: file %s case 1 " "set btime %s\n", smb_fname_str_dbg(smb_fname), time_to_asc(convert_timespec_to_time_t( create_time)) )); } break; case 2: dosattr = dosattrib.info.oldinfo2.attrib; /* Don't know what flags to check for this case. */ break; case 3: dosattr = dosattrib.info.info3.attrib; if ((dosattrib.info.info3.valid_flags & XATTR_DOSINFO_CREATE_TIME) && !null_nttime(dosattrib.info.info3.create_time)) { struct timespec create_time = nt_time_to_unix_timespec( dosattrib.info.info3.create_time); update_stat_ex_create_time(&smb_fname->st, create_time); DEBUG(10,("get_ea_dos_attribute: file %s case 3 " "set btime %s\n", smb_fname_str_dbg(smb_fname), time_to_asc(convert_timespec_to_time_t( create_time)) )); } break; default: DEBUG(1,("get_ea_dos_attribute: Badly formed DOSATTRIB on " "file %s - %s\n", smb_fname_str_dbg(smb_fname), attrstr)); return false; } if (S_ISDIR(smb_fname->st.st_ex_mode)) { dosattr |= FILE_ATTRIBUTE_DIRECTORY; } /* FILE_ATTRIBUTE_SPARSE is valid on get but not on set. */ *pattr |= (uint32_t)(dosattr & (SAMBA_ATTRIBUTES_MASK|FILE_ATTRIBUTE_SPARSE)); dos_mode_debug_print(__func__, *pattr); return True; }
static struct share_mode_data *parse_share_modes(TALLOC_CTX *mem_ctx, const TDB_DATA dbuf) { struct share_mode_data *d; int i; struct server_id *pids; bool *pid_exists; enum ndr_err_code ndr_err; DATA_BLOB blob; d = talloc_zero(mem_ctx, struct share_mode_data); if (d == NULL) { DEBUG(0, ("talloc failed\n")); goto fail; } blob.data = dbuf.dptr; blob.length = dbuf.dsize; ndr_err = ndr_pull_struct_blob( &blob, d, d, (ndr_pull_flags_fn_t)ndr_pull_share_mode_data); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { DEBUG(1, ("ndr_pull_share_mode_lock failed\n")); goto fail; } d->modified = false; d->fresh = false; if (DEBUGLEVEL >= 10) { DEBUG(10, ("parse_share_modes:\n")); NDR_PRINT_DEBUG(share_mode_data, d); } /* * Ensure that each entry has a real process attached. */ pids = talloc_array(talloc_tos(), struct server_id, d->num_share_modes); if (pids == NULL) { DEBUG(0, ("talloc failed\n")); goto fail; } pid_exists = talloc_array(talloc_tos(), bool, d->num_share_modes); if (pid_exists == NULL) { DEBUG(0, ("talloc failed\n")); goto fail; } for (i=0; i<d->num_share_modes; i++) { pids[i] = d->share_modes[i].pid; } if (!serverids_exist(pids, d->num_share_modes, pid_exists)) { DEBUG(0, ("serverid_exists failed\n")); goto fail; } i = 0; while (i < d->num_share_modes) { struct share_mode_entry *e = &d->share_modes[i]; if (!pid_exists[i]) { *e = d->share_modes[d->num_share_modes-1]; d->num_share_modes -= 1; d->modified = True; continue; } i += 1; } TALLOC_FREE(pid_exists); TALLOC_FREE(pids); return d; fail: TALLOC_FREE(d); return NULL; }
static NTSTATUS parse_supplemental_credentials(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, struct package_PrimaryKerberosCtr3 **pkb3, struct package_PrimaryKerberosCtr4 **pkb4) { NTSTATUS status; enum ndr_err_code ndr_err; struct supplementalCredentialsBlob scb; struct supplementalCredentialsPackage *scpk = NULL; DATA_BLOB scpk_blob; struct package_PrimaryKerberosBlob *pkb; bool newer_keys = false; uint32_t j; ndr_err = ndr_pull_struct_blob_all(blob, mem_ctx, &scb, (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); goto done; } if (scb.sub.signature != SUPPLEMENTAL_CREDENTIALS_SIGNATURE) { if (DEBUGLEVEL >= 10) { NDR_PRINT_DEBUG(supplementalCredentialsBlob, &scb); } status = NT_STATUS_INVALID_PARAMETER; goto done; } for (j=0; j < scb.sub.num_packages; j++) { if (strcmp("Primary:Kerberos-Newer-Keys", scb.sub.packages[j].name) == 0) { scpk = &scb.sub.packages[j]; if (!scpk->data || !scpk->data[0]) { scpk = NULL; continue; } newer_keys = true; break; } else if (strcmp("Primary:Kerberos", scb.sub.packages[j].name) == 0) { /* * grab this but don't break here: * there might still be newer-keys ... */ scpk = &scb.sub.packages[j]; if (!scpk->data || !scpk->data[0]) { scpk = NULL; } } } if (!scpk) { /* no data */ status = NT_STATUS_OK; goto done; } scpk_blob = strhex_to_data_blob(mem_ctx, scpk->data); if (!scpk_blob.data) { status = NT_STATUS_NO_MEMORY; goto done; } pkb = talloc_zero(mem_ctx, struct package_PrimaryKerberosBlob); if (!pkb) { status = NT_STATUS_NO_MEMORY; goto done; } ndr_err = ndr_pull_struct_blob(&scpk_blob, mem_ctx, pkb, (ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); goto done; } if (!newer_keys && pkb->version != 3) { status = NT_STATUS_INVALID_PARAMETER; goto done; } if (newer_keys && pkb->version != 4) { status = NT_STATUS_INVALID_PARAMETER; goto done; } if (pkb->version == 4 && pkb4) { *pkb4 = &pkb->ctr.ctr4; } else if (pkb->version == 3 && pkb3) { *pkb3 = &pkb->ctr.ctr3; } status = NT_STATUS_OK; done: return status; }
static void smbXsrv_open_global_verify_record(struct db_record *db_rec, bool *is_free, bool *was_free, TALLOC_CTX *mem_ctx, struct smbXsrv_open_global0 **_g) { TDB_DATA key; TDB_DATA val; DATA_BLOB blob; struct smbXsrv_open_globalB global_blob; enum ndr_err_code ndr_err; struct smbXsrv_open_global0 *global = NULL; bool exists; TALLOC_CTX *frame = talloc_stackframe(); *is_free = false; if (was_free) { *was_free = false; } if (_g) { *_g = NULL; } key = dbwrap_record_get_key(db_rec); val = dbwrap_record_get_value(db_rec); if (val.dsize == 0) { TALLOC_FREE(frame); *is_free = true; if (was_free) { *was_free = true; } return; } blob = data_blob_const(val.dptr, val.dsize); ndr_err = ndr_pull_struct_blob(&blob, frame, &global_blob, (ndr_pull_flags_fn_t)ndr_pull_smbXsrv_open_globalB); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); DEBUG(1,("smbXsrv_open_global_verify_record: " "key '%s' ndr_pull_struct_blob - %s\n", hex_encode_talloc(frame, key.dptr, key.dsize), nt_errstr(status))); TALLOC_FREE(frame); return; } DEBUG(10,("smbXsrv_open_global_verify_record\n")); if (CHECK_DEBUGLVL(10)) { NDR_PRINT_DEBUG(smbXsrv_open_globalB, &global_blob); } if (global_blob.version != SMBXSRV_VERSION_0) { DEBUG(0,("smbXsrv_open_global_verify_record: " "key '%s' use unsupported version %u\n", hex_encode_talloc(frame, key.dptr, key.dsize), global_blob.version)); NDR_PRINT_DEBUG(smbXsrv_open_globalB, &global_blob); TALLOC_FREE(frame); return; } global = global_blob.info.info0; if (server_id_is_disconnected(&global->server_id)) { exists = true; } else { exists = serverid_exists(&global->server_id); } if (!exists) { DEBUG(2,("smbXsrv_open_global_verify_record: " "key '%s' server_id %s does not exist.\n", hex_encode_talloc(frame, key.dptr, key.dsize), server_id_str(frame, &global->server_id))); if (CHECK_DEBUGLVL(2)) { NDR_PRINT_DEBUG(smbXsrv_open_globalB, &global_blob); } TALLOC_FREE(frame); dbwrap_record_delete(db_rec); *is_free = true; return; } if (_g) { *_g = talloc_move(mem_ctx, &global); } TALLOC_FREE(frame); }
static bool test_QueryServiceObjectSecurity(struct torture_context *tctx, struct dcerpc_pipe *p) { struct svcctl_QueryServiceObjectSecurity r; struct policy_handle h, s; struct dcerpc_binding_handle *b = p->binding_handle; uint8_t *buffer = NULL; uint32_t needed; enum ndr_err_code ndr_err; struct security_descriptor sd; DATA_BLOB blob; if (!test_OpenSCManager(b, tctx, &h)) return false; if (!test_OpenService(b, tctx, &h, TORTURE_DEFAULT_SERVICE, &s)) return false; r.in.handle = &s; r.in.security_flags = 0; r.in.offered = 0; r.out.buffer = NULL; r.out.needed = &needed; torture_assert_ntstatus_ok(tctx, dcerpc_svcctl_QueryServiceObjectSecurity_r(b, tctx, &r), "QueryServiceObjectSecurity failed!"); torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAM, "QueryServiceObjectSecurity failed!"); r.in.security_flags = SECINFO_DACL; torture_assert_ntstatus_ok(tctx, dcerpc_svcctl_QueryServiceObjectSecurity_r(b, tctx, &r), "QueryServiceObjectSecurity failed!"); if (W_ERROR_EQUAL(r.out.result, WERR_INSUFFICIENT_BUFFER)) { r.in.offered = needed; buffer = talloc_array(tctx, uint8_t, needed); r.out.buffer = buffer; torture_assert_ntstatus_ok(tctx, dcerpc_svcctl_QueryServiceObjectSecurity_r(b, tctx, &r), "QueryServiceObjectSecurity failed!"); } torture_assert_werr_ok(tctx, r.out.result, "QueryServiceObjectSecurity failed!"); blob = data_blob_const(buffer, needed); ndr_err = ndr_pull_struct_blob(&blob, tctx, &sd, (ndr_pull_flags_fn_t)ndr_pull_security_descriptor); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return false; } if (DEBUGLEVEL >= 1) { NDR_PRINT_DEBUG(security_descriptor, &sd); } if (!test_CloseServiceHandle(b, tctx, &s)) return false; if (!test_CloseServiceHandle(b, tctx, &h)) return false; return true; }
krb5_error_code kerberos_pac_to_user_info_dc(TALLOC_CTX *mem_ctx, krb5_pac pac, krb5_context context, struct auth_user_info_dc **user_info_dc, struct PAC_SIGNATURE_DATA *pac_srv_sig, struct PAC_SIGNATURE_DATA *pac_kdc_sig) { NTSTATUS nt_status; enum ndr_err_code ndr_err; krb5_error_code ret; DATA_BLOB pac_logon_info_in, pac_srv_checksum_in, pac_kdc_checksum_in; krb5_data k5pac_logon_info_in, k5pac_srv_checksum_in, k5pac_kdc_checksum_in; union PAC_INFO info; struct auth_user_info_dc *user_info_dc_out; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); if (!tmp_ctx) { return ENOMEM; } ret = krb5_pac_get_buffer(context, pac, PAC_TYPE_LOGON_INFO, &k5pac_logon_info_in); if (ret != 0) { talloc_free(tmp_ctx); return EINVAL; } pac_logon_info_in = data_blob_const(k5pac_logon_info_in.data, k5pac_logon_info_in.length); ndr_err = ndr_pull_union_blob(&pac_logon_info_in, tmp_ctx, &info, PAC_TYPE_LOGON_INFO, (ndr_pull_flags_fn_t)ndr_pull_PAC_INFO); kerberos_free_data_contents(context, &k5pac_logon_info_in); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err) || !info.logon_info.info) { nt_status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status))); talloc_free(tmp_ctx); return EINVAL; } /* Pull this right into the normal auth sysstem structures */ nt_status = make_user_info_dc_pac(mem_ctx, info.logon_info.info, &user_info_dc_out); if (!NT_STATUS_IS_OK(nt_status)) { talloc_free(tmp_ctx); return EINVAL; } if (pac_srv_sig) { ret = krb5_pac_get_buffer(context, pac, PAC_TYPE_SRV_CHECKSUM, &k5pac_srv_checksum_in); if (ret != 0) { talloc_free(tmp_ctx); return ret; } pac_srv_checksum_in = data_blob_const(k5pac_srv_checksum_in.data, k5pac_srv_checksum_in.length); ndr_err = ndr_pull_struct_blob(&pac_srv_checksum_in, pac_srv_sig, pac_srv_sig, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); kerberos_free_data_contents(context, &k5pac_srv_checksum_in); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the KDC signature: %s\n", nt_errstr(nt_status))); return EINVAL; } } if (pac_kdc_sig) { ret = krb5_pac_get_buffer(context, pac, PAC_TYPE_KDC_CHECKSUM, &k5pac_kdc_checksum_in); if (ret != 0) { talloc_free(tmp_ctx); return ret; } pac_kdc_checksum_in = data_blob_const(k5pac_kdc_checksum_in.data, k5pac_kdc_checksum_in.length); ndr_err = ndr_pull_struct_blob(&pac_kdc_checksum_in, pac_kdc_sig, pac_kdc_sig, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); kerberos_free_data_contents(context, &k5pac_kdc_checksum_in); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the KDC signature: %s\n", nt_errstr(nt_status))); return EINVAL; } } *user_info_dc = user_info_dc_out; return 0; }
krb5_error_code kerberos_pac_to_server_info(TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, krb5_pac pac, krb5_context context, struct auth_serversupplied_info **server_info) { NTSTATUS nt_status; enum ndr_err_code ndr_err; krb5_error_code ret; DATA_BLOB pac_logon_info_in, pac_srv_checksum_in, pac_kdc_checksum_in; krb5_data k5pac_logon_info_in, k5pac_srv_checksum_in, k5pac_kdc_checksum_in; union PAC_INFO info; union netr_Validation validation; struct auth_serversupplied_info *server_info_out; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); if (!tmp_ctx) { return ENOMEM; } ret = krb5_pac_get_buffer(context, pac, PAC_TYPE_LOGON_INFO, &k5pac_logon_info_in); if (ret != 0) { talloc_free(tmp_ctx); return EINVAL; } pac_logon_info_in = data_blob_const(k5pac_logon_info_in.data, k5pac_logon_info_in.length); ndr_err = ndr_pull_union_blob(&pac_logon_info_in, tmp_ctx, iconv_convenience, &info, PAC_TYPE_LOGON_INFO, (ndr_pull_flags_fn_t)ndr_pull_PAC_INFO); krb5_data_free(&k5pac_logon_info_in); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err) || !info.logon_info.info) { nt_status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the PAC LOGON_INFO: %s\n", nt_errstr(nt_status))); talloc_free(tmp_ctx); return EINVAL; } /* Pull this right into the normal auth sysstem structures */ validation.sam3 = &info.logon_info.info->info3; nt_status = make_server_info_netlogon_validation(mem_ctx, "", 3, &validation, &server_info_out); if (!NT_STATUS_IS_OK(nt_status)) { talloc_free(tmp_ctx); return EINVAL; } ret = krb5_pac_get_buffer(context, pac, PAC_TYPE_SRV_CHECKSUM, &k5pac_srv_checksum_in); if (ret != 0) { talloc_free(tmp_ctx); return ret; } pac_srv_checksum_in = data_blob_const(k5pac_srv_checksum_in.data, k5pac_srv_checksum_in.length); ndr_err = ndr_pull_struct_blob(&pac_srv_checksum_in, server_info_out, iconv_convenience, &server_info_out->pac_srv_sig, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); krb5_data_free(&k5pac_srv_checksum_in); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the KDC signature: %s\n", nt_errstr(nt_status))); return EINVAL; } ret = krb5_pac_get_buffer(context, pac, PAC_TYPE_KDC_CHECKSUM, &k5pac_kdc_checksum_in); if (ret != 0) { talloc_free(tmp_ctx); return ret; } pac_kdc_checksum_in = data_blob_const(k5pac_kdc_checksum_in.data, k5pac_kdc_checksum_in.length); ndr_err = ndr_pull_struct_blob(&pac_kdc_checksum_in, server_info_out, iconv_convenience, &server_info_out->pac_kdc_sig, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); krb5_data_free(&k5pac_kdc_checksum_in); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { nt_status = ndr_map_error2ntstatus(ndr_err); DEBUG(0,("can't parse the KDC signature: %s\n", nt_errstr(nt_status))); return EINVAL; } *server_info = server_info_out; return 0; }
/* lookup one record */ static isc_result_t dlz_lookup_types(struct dlz_bind9_data *state, const char *zone, const char *name, dns_sdlzlookup_t *lookup, const char **types) { TALLOC_CTX *tmp_ctx = talloc_new(state); const char *attrs[] = { "dnsRecord", NULL }; int ret = LDB_SUCCESS, i; struct ldb_result *res; struct ldb_message_element *el; struct ldb_dn *dn; for (i=0; zone_prefixes[i]; i++) { dn = ldb_dn_copy(tmp_ctx, ldb_get_default_basedn(state->samdb)); if (dn == NULL) { talloc_free(tmp_ctx); return ISC_R_NOMEMORY; } if (!ldb_dn_add_child_fmt(dn, "DC=%s,DC=%s,%s", name, zone, zone_prefixes[i])) { talloc_free(tmp_ctx); return ISC_R_NOMEMORY; } ret = ldb_search(state->samdb, tmp_ctx, &res, dn, LDB_SCOPE_BASE, attrs, "objectClass=dnsNode"); if (ret == LDB_SUCCESS) { break; } } if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ISC_R_NOTFOUND; } el = ldb_msg_find_element(res->msgs[0], "dnsRecord"); if (el == NULL || el->num_values == 0) { talloc_free(tmp_ctx); return ISC_R_NOTFOUND; } for (i=0; i<el->num_values; i++) { struct dnsp_DnssrvRpcRecord rec; enum ndr_err_code ndr_err; isc_result_t result; ndr_err = ndr_pull_struct_blob(&el->values[i], tmp_ctx, &rec, (ndr_pull_flags_fn_t)ndr_pull_dnsp_DnssrvRpcRecord); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { state->log(ISC_LOG_ERROR, "samba_dlz: failed to parse dnsRecord for %s", ldb_dn_get_linearized(dn)); talloc_free(tmp_ctx); return ISC_R_FAILURE; } result = b9_putrr(state, lookup, &rec, types); if (result != ISC_R_SUCCESS) { talloc_free(tmp_ctx); return result; } } talloc_free(tmp_ctx); return ISC_R_SUCCESS; }
NTSTATUS vfs_default_durable_disconnect(struct files_struct *fsp, const DATA_BLOB old_cookie, TALLOC_CTX *mem_ctx, DATA_BLOB *new_cookie) { struct connection_struct *conn = fsp->conn; NTSTATUS status; enum ndr_err_code ndr_err; struct vfs_default_durable_cookie cookie; DATA_BLOB new_cookie_blob = data_blob_null; struct share_mode_lock *lck; bool ok; *new_cookie = data_blob_null; ZERO_STRUCT(cookie); ndr_err = ndr_pull_struct_blob(&old_cookie, talloc_tos(), &cookie, (ndr_pull_flags_fn_t)ndr_pull_vfs_default_durable_cookie); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); return status; } if (strcmp(cookie.magic, VFS_DEFAULT_DURABLE_COOKIE_MAGIC) != 0) { return NT_STATUS_INVALID_PARAMETER; } if (cookie.version != VFS_DEFAULT_DURABLE_COOKIE_VERSION) { return NT_STATUS_INVALID_PARAMETER; } if (!file_id_equal(&fsp->file_id, &cookie.id)) { return NT_STATUS_INVALID_PARAMETER; } if (!BATCH_OPLOCK_TYPE(fsp->oplock_type)) { return NT_STATUS_NOT_SUPPORTED; } /* * For now let it be simple and do not keep * delete on close files durable open */ if (fsp->initial_delete_on_close) { return NT_STATUS_NOT_SUPPORTED; } if (fsp->delete_on_close) { return NT_STATUS_NOT_SUPPORTED; } if (!VALID_STAT(fsp->fsp_name->st)) { return NT_STATUS_NOT_SUPPORTED; } if (!S_ISREG(fsp->fsp_name->st.st_ex_mode)) { return NT_STATUS_NOT_SUPPORTED; } /* Ensure any pending write time updates are done. */ if (fsp->update_write_time_event) { update_write_time_handler(fsp->conn->sconn->ev_ctx, fsp->update_write_time_event, timeval_current(), (void *)fsp); } /* * The above checks are done in mark_share_mode_disconnected() too * but we want to avoid getting the lock if possible */ lck = get_existing_share_mode_lock(talloc_tos(), fsp->file_id); if (lck != NULL) { struct smb_file_time ft; ZERO_STRUCT(ft); if (fsp->write_time_forced) { ft.mtime = lck->data->changed_write_time; } else if (fsp->update_write_time_on_close) { if (null_timespec(fsp->close_write_time)) { ft.mtime = timespec_current(); } else { ft.mtime = fsp->close_write_time; } } if (!null_timespec(ft.mtime)) { round_timespec(conn->ts_res, &ft.mtime); file_ntimes(conn, fsp->fsp_name, &ft); } ok = mark_share_mode_disconnected(lck, fsp); if (!ok) { TALLOC_FREE(lck); } } if (lck != NULL) { ok = brl_mark_disconnected(fsp); if (!ok) { TALLOC_FREE(lck); } } if (lck == NULL) { return NT_STATUS_NOT_SUPPORTED; } TALLOC_FREE(lck); status = vfs_stat_fsp(fsp); if (!NT_STATUS_IS_OK(status)) { return status; } ZERO_STRUCT(cookie); cookie.allow_reconnect = true; cookie.id = fsp->file_id; cookie.servicepath = conn->connectpath; cookie.base_name = fsp->fsp_name->base_name; cookie.initial_allocation_size = fsp->initial_allocation_size; cookie.position_information = fsp->fh->position_information; cookie.update_write_time_triggered = fsp->update_write_time_triggered; cookie.update_write_time_on_close = fsp->update_write_time_on_close; cookie.write_time_forced = fsp->write_time_forced; cookie.close_write_time = fsp->close_write_time; cookie.stat_info.st_ex_dev = fsp->fsp_name->st.st_ex_dev; cookie.stat_info.st_ex_ino = fsp->fsp_name->st.st_ex_ino; cookie.stat_info.st_ex_mode = fsp->fsp_name->st.st_ex_mode; cookie.stat_info.st_ex_nlink = fsp->fsp_name->st.st_ex_nlink; cookie.stat_info.st_ex_uid = fsp->fsp_name->st.st_ex_uid; cookie.stat_info.st_ex_gid = fsp->fsp_name->st.st_ex_gid; cookie.stat_info.st_ex_rdev = fsp->fsp_name->st.st_ex_rdev; cookie.stat_info.st_ex_size = fsp->fsp_name->st.st_ex_size; cookie.stat_info.st_ex_atime = fsp->fsp_name->st.st_ex_atime; cookie.stat_info.st_ex_mtime = fsp->fsp_name->st.st_ex_mtime; cookie.stat_info.st_ex_ctime = fsp->fsp_name->st.st_ex_ctime; cookie.stat_info.st_ex_btime = fsp->fsp_name->st.st_ex_btime; cookie.stat_info.st_ex_calculated_birthtime = fsp->fsp_name->st.st_ex_calculated_birthtime; cookie.stat_info.st_ex_blksize = fsp->fsp_name->st.st_ex_blksize; cookie.stat_info.st_ex_blocks = fsp->fsp_name->st.st_ex_blocks; cookie.stat_info.st_ex_flags = fsp->fsp_name->st.st_ex_flags; cookie.stat_info.st_ex_mask = fsp->fsp_name->st.st_ex_mask; ndr_err = ndr_push_struct_blob(&new_cookie_blob, mem_ctx, &cookie, (ndr_push_flags_fn_t)ndr_push_vfs_default_durable_cookie); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); return status; } status = fd_close(fsp); if (!NT_STATUS_IS_OK(status)) { data_blob_free(&new_cookie_blob); return status; } *new_cookie = new_cookie_blob; return NT_STATUS_OK; }