summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Potter <tpot@samba.org>2001-10-30 05:38:41 +0000
committerTim Potter <tpot@samba.org>2001-10-30 05:38:41 +0000
commitf441ccd4844915c25b8b3420b2c6c10aa31212bd (patch)
treea837d3bc016dd25a8f43484ef3387883767d1a59
parent560c0c92ad7565337c3db1e23ea60e9c9230b267 (diff)
downloadsamba-f441ccd4844915c25b8b3420b2c6c10aa31212bd.tar.gz
samba-f441ccd4844915c25b8b3420b2c6c10aa31212bd.tar.bz2
samba-f441ccd4844915c25b8b3420b2c6c10aa31212bd.zip
Allow the logon level to be passed to cli_netlogon_sam_logon() rather than
the validation level. This allows us to test interactive or network logons. Interestingly enough a win2k native mode server generates a rpc fault when presented with a network logon! (This used to be commit 0758c0ea845dd0b552e4dab3ce05f0811fa9658e)
-rw-r--r--source3/libsmb/cli_netlogon.c54
1 files changed, 41 insertions, 13 deletions
diff --git a/source3/libsmb/cli_netlogon.c b/source3/libsmb/cli_netlogon.c
index 21a97466a0..45564ae27c 100644
--- a/source3/libsmb/cli_netlogon.c
+++ b/source3/libsmb/cli_netlogon.c
@@ -397,7 +397,7 @@ NTSTATUS cli_netlogon_sam_deltas(struct cli_state *cli, TALLOC_CTX *mem_ctx,
NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
char *username, char *password,
- int validation_level)
+ int logon_type)
{
prs_struct qbuf, rbuf;
NET_Q_SAM_LOGON q;
@@ -406,9 +406,8 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
DOM_CRED clnt_creds, dummy_rtn_creds;
extern pstring global_myname;
NET_ID_INFO_CTR ctr;
- uint8 chal[8];
- unsigned char local_lm_response[24];
- unsigned char local_nt_response[24];
+ NET_USER_INFO_3 user;
+ int validation_level = 3;
ZERO_STRUCT(q);
ZERO_STRUCT(r);
@@ -427,19 +426,46 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
memset(&dummy_rtn_creds, '\0', sizeof(dummy_rtn_creds));
dummy_rtn_creds.timestamp.time = time(NULL);
- generate_random_buffer(chal, 8, False);
+ ctr.switch_value = logon_type;
- SMBencrypt(password, chal, local_lm_response);
- SMBNTencrypt(password, chal, local_nt_response);
+ switch (logon_type) {
+ case INTERACTIVE_LOGON_TYPE: {
+ unsigned char lm_owf_user_pwd[16], nt_owf_user_pwd[16];
- ctr.switch_value = NET_LOGON_TYPE;
- init_id_info2(&ctr.auth.id2, lp_workgroup(), 0,
- 0xdead, 0xbeef, /* LUID? */
- username, global_myname, chal,
- local_lm_response, 24, local_nt_response, 24);
+ nt_lm_owf_gen(password, nt_owf_user_pwd, lm_owf_user_pwd);
+
+ init_id_info1(&ctr.auth.id1, lp_workgroup(), 0,
+ 0xdead, 0xbeef, /* LUID? */
+ username, global_myname,
+ cli->sess_key, lm_owf_user_pwd,
+ nt_owf_user_pwd);
+
+ break;
+ }
+ case NET_LOGON_TYPE: {
+ uint8 chal[8];
+ unsigned char local_lm_response[24];
+ unsigned char local_nt_response[24];
+
+ generate_random_buffer(chal, 8, False);
+
+ SMBencrypt(password, chal, local_lm_response);
+ SMBNTencrypt(password, chal, local_nt_response);
+
+ init_id_info2(&ctr.auth.id2, lp_workgroup(), 0,
+ 0xdead, 0xbeef, /* LUID? */
+ username, global_myname, chal,
+ local_lm_response, 24, local_nt_response, 24);
+ break;
+ }
+ default:
+ DEBUG(0, ("switch value %d not supported\n",
+ ctr.switch_value));
+ break;
+ }
init_sam_info(&q.sam_id, cli->srv_name_slash, global_myname,
- &clnt_creds, &dummy_rtn_creds, ctr.switch_value,
+ &clnt_creds, &dummy_rtn_creds, logon_type,
&ctr);
/* Marshall data and send request */
@@ -452,6 +478,8 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/* Unmarshall response */
+ r.user = &user;
+
if (!net_io_r_sam_logon("", &r, &rbuf, 0)) {
result = NT_STATUS_UNSUCCESSFUL;
goto done;