r4286: Give back 8 byte lm_session_key in Netrsamlogon-reply.

The old #ifdef JRATEST-block was copying 16 bytes and thus overwriting
acct_flags with bizarre values, breaking a lot of things.

This patch is successfully running in a production environment for quite
some time now and is required to finally allow Exchange 5.5 to access
another Exchange Server when both are running on NT4 in a
samba-controlled domain. This also allows Exchange Replication to take
place, Exchange Administrator to access other Servers in the network,
etc. Fixes Bugzilla #1136.

Thanks abartlet for helping me with that one.

Guenther

diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c
index d985c0a54fcadb4af27427a49d28a8fa4f97c280..2eacc2b0d1022af714f0d64bafb3addf8f9fd68e 100644 (file)
--- a/source/auth/auth_util.c
+++ b/source/auth/auth_util.c
@@ -1324,11 +1324,12 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
                (*server_info)->user_session_key = data_blob(info3->user_sess_key, sizeof(info3->user_sess_key));
        }
 
-       if (memcmp(info3->padding, zeros, sizeof(zeros)) == 0) {
+       if (memcmp(info3->lm_sess_key, zeros, 8) == 0) {
                (*server_info)->lm_session_key = data_blob(NULL, 0);
        } else {
-               (*server_info)->lm_session_key = data_blob(info3->padding, 16);
-       }
+               (*server_info)->lm_session_key = data_blob(info3->lm_sess_key, sizeof(info3->lm_sess_key));
+       } 
+
        return NT_STATUS_OK;
 }
 

diff --git a/source/include/rpc_netlogon.h b/source/include/rpc_netlogon.h
index 44beb2b8c82e81bec2c0584811fbd816f37987ba..97b2523d72cfd231fe31acbefb0246d43466057b 100644 (file)
--- a/source/include/rpc_netlogon.h
+++ b/source/include/rpc_netlogon.h
@@ -168,7 +168,9 @@ typedef struct net_user_info_3
        UNIHDR hdr_logon_dom; /* logon domain unicode string header */
 
        uint32 buffer_dom_id; /* undocumented logon domain id pointer */
-       uint8 padding[40];    /* unused padding bytes.  expansion room */
+       uint8 lm_sess_key[8];   /* lm session key */
+       uint32 acct_flags;      /* account flags */
+       uint32 unknown[7];      /* unknown */
 
        uint32 num_other_sids; /* number of foreign/trusted domain sids */
        uint32 buffer_other_sids;

diff --git a/source/nsswitch/winbindd_pam.c b/source/nsswitch/winbindd_pam.c
index f7d3ac5aa41747ab8295edd5aa66d7c48127a852..cb44ec98d76d929a9d654fe3928366b91803ff1d 100644 (file)
--- a/source/nsswitch/winbindd_pam.c
+++ b/source/nsswitch/winbindd_pam.c
@@ -612,7 +612,7 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state)
                        memcpy(state->response.data.auth.user_session_key, info3.user_sess_key, sizeof(state->response.data.auth.user_session_key) /* 16 */);
                }
                if (state->request.flags & WBFLAG_PAM_LMKEY) {
-                       memcpy(state->response.data.auth.first_8_lm_hash, info3.padding, sizeof(state->response.data.auth.first_8_lm_hash) /* 8 */);
+                       memcpy(state->response.data.auth.first_8_lm_hash, info3.lm_sess_key, sizeof(state->response.data.auth.first_8_lm_hash) /* 8 */);
                }
        }
 

diff --git a/source/rpc_client/cli_netlogon.c b/source/rpc_client/cli_netlogon.c
index 3fb032234f5936a70e59da89eab3a6f72f8f0246..b88753a7ed046c7c4b3c24eeb2c1d82adaed7bdf 100644 (file)
--- a/source/rpc_client/cli_netlogon.c
+++ b/source/rpc_client/cli_netlogon.c
@@ -654,6 +654,7 @@ NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_c
        char *workstation_name_slash;
        uint8 netlogon_sess_key[16];
        static uint8 zeros[16];
+       int i;
        
        ZERO_STRUCT(q);
        ZERO_STRUCT(r);
@@ -716,10 +717,15 @@ NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_c
                memset(info3->user_sess_key, '\0', 16);
        }
 
-       if (memcmp(zeros, info3->padding, 16) != 0) {
-               SamOEMhash(info3->padding, netlogon_sess_key, 16);
+       if (memcmp(zeros, info3->lm_sess_key, 8) != 0) {
+               SamOEMhash(info3->lm_sess_key, netlogon_sess_key, 8);
        } else {
-               memset(info3->padding, '\0', 16);
+               memset(info3->lm_sess_key, '\0', 8);
+       }
+
+       memset(&info3->acct_flags, '\0', 4);
+       for (i=0; i < 7; i++) {
+               memset(&info3->unknown[i], '\0', 4);
        }
 
         /* Return results */

diff --git a/source/rpc_parse/parse_net.c b/source/rpc_parse/parse_net.c
index 97ca0d406b4dffde898bd16e1698cc99688c24bd..7e5eec3e6d84a7aa9e6ee7f039ca3ad69f240deb 100644 (file)
--- a/source/rpc_parse/parse_net.c
+++ b/source/rpc_parse/parse_net.c
@@ -1454,12 +1454,16 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr,
 
        usr->buffer_dom_id = dom_sid ? 1 : 0; /* yes, we're bothering to put a domain SID in */
 
-       memset((char *)usr->padding, '\0', sizeof(usr->padding));
+       memset((char *)usr->lm_sess_key, '\0', sizeof(usr->lm_sess_key));
+       memset(&usr->acct_flags, '\0', sizeof(usr->acct_flags));
 
-#if 0 /* JRATEST - exchange auth test. */
-       if (lm_session_key != NULL) 
-               memcpy(usr->padding, lm_session_key, sizeof(usr->user_sess_key));
-#endif
+       for (i=0; i<7; i++) {
+               memset(&usr->unknown[i], '\0', sizeof(usr->unknown));
+       }
+
+       if (lm_session_key != NULL) {
+               memcpy(usr->lm_sess_key, lm_session_key, sizeof(usr->lm_sess_key));
+       }
 
        num_other_sids = init_dom_sid2s(ctx, other_sids, &usr->other_sids);
 
@@ -1580,9 +1584,19 @@ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
 
        if(!prs_uint32("buffer_dom_id ", ps, depth, &usr->buffer_dom_id)) /* undocumented logon domain id pointer */
                return False;
-       if(!prs_uint8s (False, "padding       ", ps, depth, usr->padding, 40)) /* unused padding bytes? */
+
+       if(!prs_uint8s(False, "lm_sess_key", ps, depth, usr->lm_sess_key, 8)) /* lm session key */
                return False;
 
+       if(!prs_uint32("acct_flags ", ps, depth, &usr->acct_flags)) /* Account flags  */
+               return False;
+
+       for (i = 0; i < 7; i++)
+       {
+               if (!prs_uint32("unkown", ps, depth, &usr->unknown[i])) /* unknown */
+                        return False;
+       }
+
        if (validation_level == 3) {
                if(!prs_uint32("num_other_sids", ps, depth, &usr->num_other_sids)) /* 0 - num_sids */
                        return False;