From 5e42dcfe467d48fa7e8d87b88ae2bb2f54e5d28d Mon Sep 17 00:00:00 2001
From: Jim McDonough <jmcd@samba.org>
Date: Tue, 6 Aug 2002 18:02:56 +0000
Subject: [PATCH] Add SAMR 0x3e, which is samr_connect4.  Seems to be the same
 as our existing connect (which I've been told is really connect2), with one
 extra dword.  We've only seen 0x00000002 there... (This used to be commit
 266344634944dff30f56453f9d86c490e7ac7a55)

---
 source3/include/rpc_samr.h       | 19 +++++++++++-
 source3/rpc_parse/parse_samr.c   | 62 ++++++++++++++++++++++++++++++++++++++--
 source3/rpc_server/srv_samr.c    | 40 ++++++++++++++++++++++++--
 source3/rpc_server/srv_samr_nt.c | 60 +++++++++++++++++++++++++++++++++++---
 4 files changed, 171 insertions(+), 10 deletions(-)

diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index 78d5c244a6f..d9707c2ebfb 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -4,7 +4,10 @@
    Copyright (C) Andrew Tridgell              1992-2000
    Copyright (C) Luke Kenneth Casson Leighton 1996-2000
    Copyright (C) Paul Ashton                  1997-2000
-   Copyright (C) Jean François Micouleau      1998-2001.
+   Copyright (C) Jean François Micouleau      1998-2001
+   Copyright (C) Anthony Liguori              2002
+   Copyright (C) Jim McDonough                2002
+   
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -144,6 +147,7 @@ SamrTestPrivateFunctionsUser
 #define SAMR_GET_DOM_PWINFO    0x38
 #define SAMR_CONNECT           0x39
 #define SAMR_SET_USERINFO      0x3A
+#define SAMR_CONNECT4          0x3E
 
 /* Access bits to the SAM-object */
 
@@ -1870,6 +1874,19 @@ typedef struct r_samr_connect_info
 
 } SAMR_R_CONNECT;
 
+/* SAMR_Q_CONNECT4 */
+typedef struct q_samr_connect4_info
+{
+	uint32 ptr_srv_name; /* pointer to server name */
+	UNISTR2 uni_srv_name;
+
+	uint32 unk_0; /* possible server name type, 1 for IP num, 2 for name */
+	uint32 access_mask;
+} SAMR_Q_CONNECT4;
+
+/* SAMR_R_CONNECT4 - same format as connect */
+typedef struct r_samr_connect_info SAMR_R_CONNECT4;       
+
 /* SAMR_Q_GET_DOM_PWINFO */
 typedef struct q_samr_get_dom_pwinfo
 {
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index 36ce59b7f26..5131f3b4f23 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -5,8 +5,10 @@
  *  Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
  *  Copyright (C) Paul Ashton                  1997-2000,
  *  Copyright (C) Elrond                            2000,
- *  Copyright (C) Jeremy Allison                    2001
- *  Copyright (C) Jean François Micouleau      1998-2001.
+ *  Copyright (C) Jeremy Allison                    2001,
+ *  Copyright (C) Jean François Micouleau      1998-2001,
+ *  Copyright (C) Anthony Liguori                   2002,
+ *  Copyright (C) Jim McDonough                     2002.
  *  
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -6717,6 +6719,62 @@ BOOL samr_io_r_connect(char *desc, SAMR_R_CONNECT * r_u,
 }
 
 /*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
+BOOL samr_io_q_connect4(char *desc, SAMR_Q_CONNECT4 * q_u,
+			prs_struct *ps, int depth)
+{
+	if (q_u == NULL)
+		return False;
+
+	prs_debug(ps, depth, desc, "samr_io_q_connect4");
+	depth++;
+
+	if(!prs_align(ps))
+		return False;
+
+	if(!prs_uint32("ptr_srv_name", ps, depth, &q_u->ptr_srv_name))
+		return False;
+	if(!smb_io_unistr2("", &q_u->uni_srv_name, q_u->ptr_srv_name, ps, depth))
+		return False;
+
+	if(!prs_align(ps))
+		return False;
+	if(!prs_uint32("unk_0", ps, depth, &q_u->unk_0))
+		return False;
+	if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask))
+		return False;
+
+	return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
+BOOL samr_io_r_connect4(char *desc, SAMR_R_CONNECT4 * r_u,
+			prs_struct *ps, int depth)
+{
+	if (r_u == NULL)
+		return False;
+
+	prs_debug(ps, depth, desc, "samr_io_r_connect4");
+	depth++;
+
+	if(!prs_align(ps))
+		return False;
+
+	if(!smb_io_pol_hnd("connect_pol", &r_u->connect_pol, ps, depth))
+		return False;
+
+	if(!prs_ntstatus("status", ps, depth, &r_u->status))
+		return False;
+
+	return True;
+}
+
+/*******************************************************************
 inits a SAMR_Q_CONNECT_ANON structure.
 ********************************************************************/
 
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index f002a7d1c92..bc3b8970d6e 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -3,9 +3,11 @@
  *  RPC Pipe client / server routines
  *  Copyright (C) Andrew Tridgell              1992-1997,
  *  Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
- *  Copyright (C) Paul Ashton                       1997.
- *  Copyright (C) Marc Jacobsen			    1999.
- *  Copyright (C) Jean François Micouleau      1998-2001.
+ *  Copyright (C) Paul Ashton                       1997,
+ *  Copyright (C) Marc Jacobsen			    1999,
+ *  Copyright (C) Jean François Micouleau      1998-2001,
+ *  Copyright (C) Anthony Liguori                   2002,
+ *  Copyright (C) Jim McDonough                     2002.
  *	
  * 	Split into interface and implementation modules by, 
  *
@@ -652,6 +654,37 @@ static BOOL api_samr_connect(pipes_struct *p)
 	return True;
 }
 
+/*******************************************************************
+ api_samr_connect4
+ ********************************************************************/
+
+static BOOL api_samr_connect4(pipes_struct *p)
+{
+	SAMR_Q_CONNECT4 q_u;
+	SAMR_R_CONNECT4 r_u;
+	prs_struct *data = &p->in_data.data;
+	prs_struct *rdata = &p->out_data.rdata;
+
+	ZERO_STRUCT(q_u);
+	ZERO_STRUCT(r_u);
+
+	/* grab the samr open policy */
+	if(!samr_io_q_connect4("", &q_u, data, 0)) {
+		DEBUG(0,("api_samr_connect4: unable to unmarshall SAMR_Q_CONNECT4.\n"));
+		return False;
+	}
+
+	r_u.status = _samr_connect4(p, &q_u, &r_u);
+
+	/* store the response in the SMB stream */
+	if(!samr_io_r_connect4("", &r_u, rdata, 0)) {
+		DEBUG(0,("api_samr_connect4: unable to marshall SAMR_R_CONNECT4.\n"));
+		return False;
+	}
+
+	return True;
+}
+
 /**********************************************************************
  api_samr_lookup_domain
  **********************************************************************/
@@ -1465,6 +1498,7 @@ static struct api_struct api_samr_cmds [] =
 	{"SAMR_GET_USRDOM_PWINFO" , SAMR_GET_USRDOM_PWINFO, api_samr_get_usrdom_pwinfo},
 	{"SAMR_UNKNOWN_2E"        , SAMR_UNKNOWN_2E       , api_samr_unknown_2e       },
 	{"SAMR_SET_DOMAIN_INFO"   , SAMR_SET_DOMAIN_INFO  , api_samr_set_dom_info     },
+	{"SAMR_CONNECT4"          , SAMR_CONNECT4         , api_samr_connect4         },
 	{NULL                     , 0                     , NULL                      }
 };
 
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 2a7a5518cdd..f427eb70462 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -3,10 +3,12 @@
  *  RPC Pipe client / server routines
  *  Copyright (C) Andrew Tridgell              1992-1997,
  *  Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
- *  Copyright (C) Paul Ashton                       1997.
- *  Copyright (C) Marc Jacobsen			    1999.
- *  Copyright (C) Jeremy Allison               2001-2002.
- *  Copyright (C) Jean François Micouleau      1998-2001.
+ *  Copyright (C) Paul Ashton                       1997,
+ *  Copyright (C) Marc Jacobsen			    1999,
+ *  Copyright (C) Jeremy Allison               2001-2002,
+ *  Copyright (C) Jean François Micouleau      1998-2001,
+ *  Copyright (C) Anthony Liguori                   2002,
+ *  Copyright (C) Jim McDonough                     2002.
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -2449,6 +2451,56 @@ NTSTATUS _samr_connect(pipes_struct *p, SAMR_Q_CONNECT *q_u, SAMR_R_CONNECT *r_u
 	return r_u->status;
 }
 
+/*******************************************************************
+ samr_connect4
+ ********************************************************************/
+
+NTSTATUS _samr_connect4(pipes_struct *p, SAMR_Q_CONNECT4 *q_u, SAMR_R_CONNECT4 *r_u)
+{
+	struct samr_info *info = NULL;
+	SEC_DESC *psd = NULL;
+	uint32    acc_granted;
+	uint32    des_access = q_u->access_mask;
+	size_t    sd_size;
+	NTSTATUS  nt_status;
+
+
+	DEBUG(5,("_samr_connect4: %d\n", __LINE__));
+
+	/* Access check */
+
+	if (!pipe_access_check(p)) {
+		DEBUG(3, ("access denied to samr_connect4\n"));
+		r_u->status = NT_STATUS_ACCESS_DENIED;
+		return r_u->status;
+	}
+
+	samr_make_sam_obj_sd(p->mem_ctx, &psd, &sd_size);
+	se_map_generic(&des_access, &sam_generic_mapping);
+	if (!NT_STATUS_IS_OK(nt_status = 
+			     access_check_samr_object(psd, p->pipe_user.nt_user_token, 
+						      des_access, &acc_granted, "_samr_connect"))) {
+		return nt_status;
+	}
+
+	r_u->status = NT_STATUS_OK;
+
+	/* associate the user's SID and access granted with the new handle. */
+	if ((info = get_samr_info_by_sid(NULL)) == NULL)
+		return NT_STATUS_NO_MEMORY;
+
+	info->acc_granted = acc_granted;
+	info->status = q_u->access_mask;
+
+	/* get a (unique) handle.  open a policy on it. */
+	if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info))
+		return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+
+	DEBUG(5,("_samr_connect: %d\n", __LINE__));
+
+	return r_u->status;
+}
+
 /**********************************************************************
  api_samr_lookup_domain
  **********************************************************************/
-- 
2.11.4.GIT