/* ioctl - used for job query */ static NTSTATUS print_ioctl(struct ntvfs_module_context *ntvfs, struct ntvfs_request *req, union smb_ioctl *io) { char *p; if (io->generic.level != RAW_IOCTL_IOCTL) { return NT_STATUS_NOT_IMPLEMENTED; } if (io->ioctl.in.request == IOCTL_QUERY_JOB_INFO) { /* a request for the print job id of an open print job */ io->ioctl.out.blob = data_blob_talloc(req, NULL, 32); data_blob_clear(&io->ioctl.out.blob); p = (char *)io->ioctl.out.blob.data; SSVAL(p,0, 1 /* REWRITE: fsp->rap_print_jobid */); push_string(p+2, lpcfg_netbios_name(ntvfs->ctx->lp_ctx), 15, STR_TERMINATE|STR_ASCII); push_string(p+18, ntvfs->ctx->config->name, 13, STR_TERMINATE|STR_ASCII); return NT_STATUS_OK; } return NT_STATUS_INVALID_PARAMETER; }
static void test_scan_call(struct torture_context *tctx, const struct ndr_interface_table *iface, int opnum) { DATA_BLOB stub_in, stub_out; int i; NTSTATUS status; struct dcerpc_pipe *p = NULL; struct policy_handle handle; reopen(tctx, &p, iface); get_policy_handle(p, tctx, &handle); /* work out the minimum amount of input data */ for (i=0;i<2000;i++) { stub_in = data_blob(NULL, i); data_blob_clear(&stub_in); status = dcerpc_request(p, NULL, opnum, tctx, &stub_in, &stub_out); if (NT_STATUS_IS_OK(status)) { printf("opnum %d min_input %d - output %d\n", opnum, (int)stub_in.length, (int)stub_out.length); dump_data(0, stub_out.data, stub_out.length); talloc_free(p); test_ptr_scan(tctx, iface, opnum, &stub_in, 0, stub_in.length, 0); return; } fill_blob_handle(&stub_in, tctx, &handle); status = dcerpc_request(p, NULL, opnum, tctx, &stub_in, &stub_out); if (NT_STATUS_IS_OK(status)) { printf("opnum %d min_input %d - output %d (with handle)\n", opnum, (int)stub_in.length, (int)stub_out.length); dump_data(0, stub_out.data, stub_out.length); talloc_free(p); test_ptr_scan(tctx, iface, opnum, &stub_in, 0, stub_in.length, 0); return; } if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) { printf("opnum %d size %d fault %s\n", opnum, i, dcerpc_errstr(tctx, p->last_fault_code)); if (p->last_fault_code == 5) { reopen(tctx, &p, iface); } continue; } printf("opnum %d size %d error %s\n", opnum, i, nt_errstr(status)); } printf("opnum %d minimum not found!?\n", opnum); talloc_free(p); }
static bool test_clear(struct torture_context *tctx) { int i; DATA_BLOB z = data_blob("lalala", 6); torture_assert_int_equal(tctx, z.length, 6, "length"); data_blob_clear(&z); for (i = 0; i < z.length; i++) torture_assert_int_equal(tctx, z.data[i], 0, "contents"); data_blob_free(&z); return true; }
/* push a DATA_BLOB onto the wire. */ _PUBLIC_ enum ndr_err_code ndr_push_DATA_BLOB(struct ndr_push *ndr, int ndr_flags, DATA_BLOB blob) { if (ndr->flags & LIBNDR_ALIGN_FLAGS) { if (ndr->flags & LIBNDR_FLAG_ALIGN2) { blob.length = NDR_ALIGN(ndr, 2); } else if (ndr->flags & LIBNDR_FLAG_ALIGN4) { blob.length = NDR_ALIGN(ndr, 4); } else if (ndr->flags & LIBNDR_FLAG_ALIGN8) { blob.length = NDR_ALIGN(ndr, 8); } NDR_PUSH_ALLOC_SIZE(ndr, blob.data, blob.length); data_blob_clear(&blob); } else if (!(ndr->flags & LIBNDR_FLAG_REMAINING)) { NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, blob.length)); } NDR_CHECK(ndr_push_bytes(ndr, blob.data, blob.length)); return NDR_ERR_SUCCESS; }
static void try_expand(struct torture_context *tctx, const struct ndr_interface_table *iface, int opnum, DATA_BLOB *base_in, int insert_ofs, int depth) { DATA_BLOB stub_in, stub_out; int n; NTSTATUS status; struct dcerpc_pipe *p = NULL; reopen(tctx, &p, iface); /* work out how much to expand to get a non fault */ for (n=0;n<2000;n++) { stub_in = data_blob(NULL, base_in->length + n); data_blob_clear(&stub_in); memcpy(stub_in.data, base_in->data, insert_ofs); memcpy(stub_in.data+insert_ofs+n, base_in->data+insert_ofs, base_in->length-insert_ofs); status = dcerpc_request(p, NULL, opnum, tctx, &stub_in, &stub_out); if (!NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) { print_depth(depth); printf("expand by %d gives %s\n", n, nt_errstr(status)); if (n >= 4) { test_ptr_scan(tctx, iface, opnum, &stub_in, insert_ofs, insert_ofs+n, depth+1); } return; } else { #if 0 print_depth(depth); printf("expand by %d gives fault %s\n", n, dcerpc_errstr(tctx, p->last_fault_code)); #endif } if (p->last_fault_code == 5) { reopen(tctx, &p, iface); } } talloc_free(p); }
static NTSTATUS auth_domain_admin_user_info_dc(TALLOC_CTX *mem_ctx, const char *netbios_name, const char *domain_name, struct dom_sid *domain_sid, struct auth_user_info_dc **_user_info_dc) { struct auth_user_info_dc *user_info_dc; struct auth_user_info *info; user_info_dc = talloc(mem_ctx, struct auth_user_info_dc); NT_STATUS_HAVE_NO_MEMORY(user_info_dc); user_info_dc->num_sids = 7; user_info_dc->sids = talloc_array(user_info_dc, struct dom_sid, user_info_dc->num_sids); user_info_dc->sids[PRIMARY_USER_SID_INDEX] = *domain_sid; sid_append_rid(&user_info_dc->sids[PRIMARY_USER_SID_INDEX], DOMAIN_RID_ADMINISTRATOR); user_info_dc->sids[PRIMARY_GROUP_SID_INDEX] = *domain_sid; sid_append_rid(&user_info_dc->sids[PRIMARY_USER_SID_INDEX], DOMAIN_RID_USERS); user_info_dc->sids[2] = global_sid_Builtin_Administrators; user_info_dc->sids[3] = *domain_sid; sid_append_rid(&user_info_dc->sids[3], DOMAIN_RID_ADMINS); user_info_dc->sids[4] = *domain_sid; sid_append_rid(&user_info_dc->sids[4], DOMAIN_RID_ENTERPRISE_ADMINS); user_info_dc->sids[5] = *domain_sid; sid_append_rid(&user_info_dc->sids[5], DOMAIN_RID_POLICY_ADMINS); user_info_dc->sids[6] = *domain_sid; sid_append_rid(&user_info_dc->sids[6], DOMAIN_RID_SCHEMA_ADMINS); /* What should the session key be?*/ user_info_dc->user_session_key = data_blob_talloc(user_info_dc, NULL, 16); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->user_session_key.data); user_info_dc->lm_session_key = data_blob_talloc(user_info_dc, NULL, 16); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->lm_session_key.data); data_blob_clear(&user_info_dc->user_session_key); data_blob_clear(&user_info_dc->lm_session_key); user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info); info->account_name = talloc_strdup(info, "Administrator"); NT_STATUS_HAVE_NO_MEMORY(info->account_name); info->domain_name = talloc_strdup(info, domain_name); NT_STATUS_HAVE_NO_MEMORY(info->domain_name); info->full_name = talloc_strdup(info, "Administrator"); NT_STATUS_HAVE_NO_MEMORY(info->full_name); info->logon_script = talloc_strdup(info, ""); NT_STATUS_HAVE_NO_MEMORY(info->logon_script); info->profile_path = talloc_strdup(info, ""); NT_STATUS_HAVE_NO_MEMORY(info->profile_path); info->home_directory = talloc_strdup(info, ""); NT_STATUS_HAVE_NO_MEMORY(info->home_directory); info->home_drive = talloc_strdup(info, ""); NT_STATUS_HAVE_NO_MEMORY(info->home_drive); info->logon_server = talloc_strdup(info, netbios_name); NT_STATUS_HAVE_NO_MEMORY(info->logon_server); info->last_logon = 0; info->last_logoff = 0; info->acct_expiry = 0; info->last_password_change = 0; info->allow_password_change = 0; info->force_password_change
NTSTATUS auth_system_user_info_dc(TALLOC_CTX *mem_ctx, const char *netbios_name, struct auth_user_info_dc **_user_info_dc) { struct auth_user_info_dc *user_info_dc; struct auth_user_info *info; user_info_dc = talloc(mem_ctx, struct auth_user_info_dc); NT_STATUS_HAVE_NO_MEMORY(user_info_dc); /* This returns a pointer to a struct dom_sid, which is the * same as a 1 element list of struct dom_sid */ user_info_dc->num_sids = 1; user_info_dc->sids = dom_sid_parse_talloc(user_info_dc, SID_NT_SYSTEM); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->sids); /* annoying, but the Anonymous really does have a session key, and it is all zeros! */ user_info_dc->user_session_key = data_blob_talloc(user_info_dc, NULL, 16); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->user_session_key.data); user_info_dc->lm_session_key = data_blob_talloc(user_info_dc, NULL, 16); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->lm_session_key.data); data_blob_clear(&user_info_dc->user_session_key); data_blob_clear(&user_info_dc->lm_session_key); user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info); info->account_name = talloc_strdup(info, "SYSTEM"); NT_STATUS_HAVE_NO_MEMORY(info->account_name); info->domain_name = talloc_strdup(info, "NT AUTHORITY"); NT_STATUS_HAVE_NO_MEMORY(info->domain_name); info->full_name = talloc_strdup(info, "System"); NT_STATUS_HAVE_NO_MEMORY(info->full_name); info->logon_script = talloc_strdup(info, ""); NT_STATUS_HAVE_NO_MEMORY(info->logon_script); info->profile_path = talloc_strdup(info, ""); NT_STATUS_HAVE_NO_MEMORY(info->profile_path); info->home_directory = talloc_strdup(info, ""); NT_STATUS_HAVE_NO_MEMORY(info->home_directory); info->home_drive = talloc_strdup(info, ""); NT_STATUS_HAVE_NO_MEMORY(info->home_drive); info->logon_server = talloc_strdup(info, netbios_name); NT_STATUS_HAVE_NO_MEMORY(info->logon_server); info->last_logon = 0; info->last_logoff = 0; info->acct_expiry = 0; info->last_password_change = 0; info->allow_password_change = 0; info->force_password_change = 0; info->logon_count = 0; info->bad_password_count = 0; info->acct_flags = ACB_NORMAL; info->authenticated = true; *_user_info_dc = user_info_dc; return NT_STATUS_OK; }
static NTSTATUS name_to_ntstatus_check_password(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info, struct auth_user_info_dc **_user_info_dc) { NTSTATUS nt_status; struct auth_user_info_dc *user_info_dc; struct auth_user_info *info; uint32_t error_num; const char *user; user = user_info->client.account_name; if (strncasecmp("NT_STATUS", user, strlen("NT_STATUS")) == 0) { nt_status = nt_status_string_to_code(user); } else { error_num = strtoul(user, NULL, 16); DEBUG(5,("name_to_ntstatus_check_password: Error for user %s was 0x%08X\n", user, error_num)); nt_status = NT_STATUS(error_num); } NT_STATUS_NOT_OK_RETURN(nt_status); user_info_dc = talloc(mem_ctx, struct auth_user_info_dc); NT_STATUS_HAVE_NO_MEMORY(user_info_dc); /* This returns a pointer to a struct dom_sid, which is the * same as a 1 element list of struct dom_sid */ user_info_dc->num_sids = 1; user_info_dc->sids = dom_sid_parse_talloc(user_info_dc, SID_NT_ANONYMOUS); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->sids); /* annoying, but the Anonymous really does have a session key, and it is all zeros! */ user_info_dc->user_session_key = data_blob_talloc(user_info_dc, NULL, 16); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->user_session_key.data); user_info_dc->lm_session_key = data_blob_talloc(user_info_dc, NULL, 16); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->lm_session_key.data); data_blob_clear(&user_info_dc->user_session_key); data_blob_clear(&user_info_dc->lm_session_key); user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info); NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info); info->account_name = talloc_asprintf(user_info_dc, "NAME TO NTSTATUS %s ANONYMOUS LOGON", user); NT_STATUS_HAVE_NO_MEMORY(info->account_name); info->domain_name = talloc_strdup(user_info_dc, "NT AUTHORITY"); NT_STATUS_HAVE_NO_MEMORY(info->domain_name); info->full_name = talloc_asprintf(user_info_dc, "NAME TO NTSTATUS %s Anonymous Logon", user); NT_STATUS_HAVE_NO_MEMORY(info->full_name); info->logon_script = talloc_strdup(user_info_dc, ""); NT_STATUS_HAVE_NO_MEMORY(info->logon_script); info->profile_path = talloc_strdup(user_info_dc, ""); NT_STATUS_HAVE_NO_MEMORY(info->profile_path); info->home_directory = talloc_strdup(user_info_dc, ""); NT_STATUS_HAVE_NO_MEMORY(info->home_directory); info->home_drive = talloc_strdup(user_info_dc, ""); NT_STATUS_HAVE_NO_MEMORY(info->home_drive); info->last_logon = 0; info->last_logoff = 0; info->acct_expiry = 0; info->last_password_change = 0; info->allow_password_change = 0; info->force_password_change = 0; info->logon_count = 0; info->bad_password_count = 0; info->acct_flags = ACB_NORMAL; info->authenticated = true; *_user_info_dc = user_info_dc; return nt_status; }
void data_blob_clear_free(DATA_BLOB *d) { data_blob_clear(d); data_blob_free(d); }
_PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx, const char *netbios_name, struct auth_serversupplied_info **_server_info) { struct auth_serversupplied_info *server_info; server_info = talloc(mem_ctx, struct auth_serversupplied_info); NT_STATUS_HAVE_NO_MEMORY(server_info); server_info->account_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS); NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid); /* is this correct? */ server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_BUILTIN_GUESTS); NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid); server_info->n_domain_groups = 0; server_info->domain_groups = NULL; /* annoying, but the Anonymous really does have a session key... */ server_info->user_session_key = data_blob_talloc(server_info, NULL, 16); NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data); server_info->lm_session_key = data_blob_talloc(server_info, NULL, 16); NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data); /* and it is all zeros! */ data_blob_clear(&server_info->user_session_key); data_blob_clear(&server_info->lm_session_key); server_info->account_name = talloc_strdup(server_info, "ANONYMOUS LOGON"); NT_STATUS_HAVE_NO_MEMORY(server_info->account_name); server_info->domain_name = talloc_strdup(server_info, "NT AUTHORITY"); NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name); server_info->full_name = talloc_strdup(server_info, "Anonymous Logon"); NT_STATUS_HAVE_NO_MEMORY(server_info->full_name); server_info->logon_script = talloc_strdup(server_info, ""); NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script); server_info->profile_path = talloc_strdup(server_info, ""); NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path); server_info->home_directory = talloc_strdup(server_info, ""); NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory); server_info->home_drive = talloc_strdup(server_info, ""); NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive); server_info->logon_server = talloc_strdup(server_info, netbios_name); NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server); server_info->last_logon = 0; server_info->last_logoff = 0; server_info->acct_expiry = 0; server_info->last_password_change = 0; server_info->allow_password_change = 0; server_info->force_password_change = 0; server_info->logon_count = 0; server_info->bad_password_count = 0; server_info->acct_flags = ACB_NORMAL; server_info->authenticated = false; *_server_info = server_info; return NT_STATUS_OK; }