diff options
author | Matthew Chapman <matty@samba.org> | 1999-06-02 03:19:20 +0000 |
---|---|---|
committer | Matthew Chapman <matty@samba.org> | 1999-06-02 03:19:20 +0000 |
commit | 99e42c0656d3e1e3b8e06437a8a9082c12df22d2 (patch) | |
tree | db75fd259f749760beca37872888246158438ca9 | |
parent | c2919e499a755014ade1381552f4d808f443d89f (diff) | |
download | samba-99e42c0656d3e1e3b8e06437a8a9082c12df22d2.tar.gz samba-99e42c0656d3e1e3b8e06437a8a9082c12df22d2.tar.bz2 samba-99e42c0656d3e1e3b8e06437a8a9082c12df22d2.zip |
Some more BDC-related fixes, mainly to the NET_SAM_SYNC RPC with respect
to alignment, missing fields, etc. - it should now work correctly.
There is still the problem of decoding the private data field.
(This used to be commit c3c25e762fbc30d5663323f23449c913f2ce4b0e)
-rw-r--r-- | source3/include/proto.h | 3 | ||||
-rw-r--r-- | source3/include/rpc_netlogon.h | 50 | ||||
-rw-r--r-- | source3/rpc_client/cli_netlogon.c | 89 | ||||
-rw-r--r-- | source3/rpc_parse/parse_net.c | 97 | ||||
-rw-r--r-- | source3/rpc_server/srv_netlog.c | 2 | ||||
-rw-r--r-- | source3/rpcclient/cmd_netlogon.c | 23 |
6 files changed, 186 insertions, 78 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 12958baa3a..4efc7f803c 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1708,9 +1708,10 @@ BOOL cli_net_srv_pwset(struct cli_state *cli, uint16 nt_pipe_fnum, BOOL cli_net_sam_logon(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3); BOOL cli_net_sam_logoff(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_CTR *ctr); -BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id); +BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id, uint32 *num_deltas, SAM_DELTA_HDR *hdr_deltas, SAM_DELTA_CTR *deltas); BOOL change_trust_account_password(char *domain, char *remote_machine_list, uint16 sec_chan); +BOOL do_sam_sync(struct cli_state *cli); /*The following definitions come from rpc_client/cli_pipe.c */ diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h index 2d8f5ae1b7..2c02e96d18 100644 --- a/source3/include/rpc_netlogon.h +++ b/source3/include/rpc_netlogon.h @@ -460,30 +460,38 @@ typedef struct sam_account_info_info UNIHDR hdr_dir_drive; UNIHDR hdr_logon_script; UNIHDR hdr_acct_desc; + UNIHDR hdr_workstations; - NTTIME time_1; - NTTIME time_2; - NTTIME time_3; + NTTIME logon_time; + NTTIME logoff_time; uint32 logon_divs; /* 0xA8 */ uint32 ptr_logon_hrs; - /* N.B. 8-byte alignment */ - NTTIME time_4; - NTTIME time_5; + uint16 bad_pwd_count; + uint16 logon_count; + NTTIME pwd_last_set_time; + NTTIME acct_expiry_time; + uint32 acb_info; - char reserved[36]; + uint8 nt_pwd[16]; + uint8 lm_pwd[16]; + uint8 nt_pwd_present; + uint8 lm_pwd_present; + uint8 pwd_expired; UNIHDR hdr_comment; - char unknown1[12]; + UNIHDR hdr_parameters; + uint16 country; + uint16 codepage; - BUFHDR2 hdr_pwd_info; + BUFHDR2 hdr_priv_data; BUFHDR2 hdr_sec_desc; /* security descriptor */ - UNIHDR hdr_profile; - char unknown2[24]; - NTTIME time_6; /* *** HIGH/LOW DWORDS THE WRONG WAY!!! *** */ - char unknown3[8]; + UNIHDR hdr_profile; + UNIHDR hdr_reserved[3]; /* space for more strings */ + uint32 dw_reserved[4]; /* space for more data - first two seem to + be an NTTIME */ UNISTR2 uni_acct_name; UNISTR2 uni_full_name; @@ -491,13 +499,15 @@ typedef struct sam_account_info_info UNISTR2 uni_dir_drive; UNISTR2 uni_logon_script; UNISTR2 uni_acct_desc; + UNISTR2 uni_workstations; - uint32 unknown4; /* 0x4EC */ - uint32 unknown5; /* 0 */ + uint32 unknown1; /* 0x4EC */ + uint32 unknown2; /* 0 */ BUFFER4 buf_logon_hrs; UNISTR2 uni_comment; - BUFFER4 buf_pwd_info; + UNISTR2 uni_parameters; + BUFFER4 buf_priv_data; BUFFER4 buf_sec_desc; UNISTR2 uni_profile; @@ -571,8 +581,8 @@ typedef struct net_r_sam_sync_info uint32 ptr_deltas2; uint32 num_deltas2; - SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS]; - SAM_DELTA_CTR deltas[MAX_SAM_DELTAS]; + SAM_DELTA_HDR *hdr_deltas; + SAM_DELTA_CTR *deltas; uint32 status; @@ -605,8 +615,8 @@ typedef struct net_r_sam_deltas_info uint32 ptr_deltas; uint32 num_deltas2; - SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS]; - SAM_DELTA_CTR deltas[MAX_SAM_DELTAS]; + SAM_DELTA_HDR *hdr_deltas; + SAM_DELTA_CTR *deltas; uint32 status; diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index 9bd7d695d2..e9a8582d10 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -476,7 +476,7 @@ password ?).\n", cli->desthost )); /*************************************************************************** Synchronise SAM Database (requires SEC_CHAN_BDC). ****************************************************************************/ -BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id) +BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id, uint32 *num_deltas, SAM_DELTA_HDR *hdr_deltas, SAM_DELTA_CTR *deltas) { NET_Q_SAM_SYNC q_s; prs_struct rbuf; @@ -501,11 +501,14 @@ BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 databas if (rpc_api_pipe_req(cli, nt_pipe_fnum, NET_SAM_SYNC, &buf, &rbuf)) { NET_R_SAM_SYNC r_s; - + + r_s.hdr_deltas = hdr_deltas; + r_s.deltas = deltas; + net_io_r_sam_sync("", &r_s, &rbuf, 0); ok = (rbuf.offset != 0); - - if (ok && r_s.status != 0) + + if (ok && r_s.status != 0 && r_s.status != NT_STATUS_MORE_ENTRIES) { /* report error code */ DEBUG(0,("cli_net_sam_sync: %s\n", get_nt_error_msg(r_s.status))); @@ -519,6 +522,16 @@ BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 databas DEBUG(0,("cli_net_sam_sync: server %s replied with bad credential (bad machine password ?).\n", cli->desthost)); ok = False; } + + if (ok) + { + *num_deltas = r_s.num_deltas2; + + if (r_s.status == NT_STATUS_MORE_ENTRIES) + { + DEBUG(2, ("(More entries)\n")); + } + } } prs_mem_free(&rbuf); @@ -708,3 +721,71 @@ domain %s.\n", timestring(), domain)); domain %s.\n", timestring(), domain)); return False; } + +BOOL do_sam_sync(struct cli_state *cli) +{ + uint16 nt_pipe_fnum; + BOOL res = True; + unsigned char trust_passwd[16]; + int i, j; + + SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS]; + SAM_DELTA_CTR deltas[MAX_SAM_DELTAS]; + uint32 num_deltas; + fstring name; + char *data; + + DEBUG(2,("Attempting SAM synchronisation with PDC\n")); + + res = res ? trust_get_passwd(trust_passwd, cli->domain, global_myname) : False; + + /* open NETLOGON session. negotiate credentials */ + res = res ? cli_nt_session_open(cli, PIPE_NETLOGON, &nt_pipe_fnum) : False; + + res = res ? cli_nt_setup_creds(cli, nt_pipe_fnum, cli->mach_acct, + trust_passwd, SEC_CHAN_BDC) : False; + + res = res ? cli_net_sam_sync(cli, nt_pipe_fnum, 0, &num_deltas, hdr_deltas, deltas) : False; + + memset(trust_passwd, 0, 16); + + /* close the session */ + cli_nt_session_close(cli, nt_pipe_fnum); + + if (!res) + { + DEBUG(0, ("SAM synchronisation FAILED\n")); + return False; + } + + DEBUG(0, ("SAM synchronisation returned %d entries\n", num_deltas)); + + for (i = 0; i < num_deltas; i++) + { + switch (hdr_deltas[i].type) + { + case 1: + unistr2_to_ascii(name, &(deltas[i].domain_info.uni_dom_name), sizeof(fstring)-1); + DEBUG(0, ("Domain: %s\n", name)); + break; + + case 2: + unistr2_to_ascii(name, &(deltas[i].group_info.uni_grp_name), sizeof(fstring)-1); + DEBUG(0, ("Group: %s\n", name)); + break; + + case 5: + unistr2_to_ascii(name, &(deltas[i].account_info.uni_acct_name), sizeof(fstring)-1); + DEBUG(0, ("Account: %s\n", name)); + + data = deltas[i].account_info.buf_priv_data.buffer; + for (j = 0; j < deltas[i].account_info.buf_priv_data.buf_len; j++) + { + snprintf(&name[2*j], 3, "%02X", data[j]); + } + DEBUG(0, ("Private Data: %s\n", name)); + } + } + + return True; +} diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c index 083816771f..271ac3afeb 100644 --- a/source3/rpc_parse/parse_net.c +++ b/source3/rpc_parse/parse_net.c @@ -1221,6 +1221,7 @@ static void net_io_sam_domain_info(char *desc, SAM_DOMAIN_INFO *info, prs_struct smb_io_bufhdr2("hdr_sec_desc", &(info->hdr_sec_desc) , ps, depth); smb_io_unihdr ("hdr_unknown" , &(info->hdr_unknown) , ps, depth); + ps->offset += 40; smb_io_unistr2("uni_dom_name", &(info->uni_dom_name), info->hdr_dom_name.buffer, ps, depth); @@ -1252,7 +1253,7 @@ static void net_io_sam_group_info(char *desc, SAM_GROUP_INFO *info, prs_struct * smb_io_unistr2("uni_grp_name", &(info->uni_grp_name), info->hdr_grp_name.buffer, ps, depth); smb_io_unistr2("uni_grp_desc", &(info->uni_grp_desc), - info->hdr_grp_name.buffer, ps, depth); + info->hdr_grp_desc.buffer, ps, depth); smb_io_buffer4("buf_sec_desc", &(info->buf_sec_desc), info->hdr_sec_desc.buffer, ps, depth); } @@ -1284,25 +1285,34 @@ void make_sam_account_info(SAM_ACCOUNT_INFO *info, char *user_name, make_uni_hdr(&(info->hdr_profile ), len_profile ); /* not present */ + make_uni_hdr(&(info->hdr_workstations), 0); make_uni_hdr(&(info->hdr_comment), 0); - make_bufhdr2(&(info->hdr_pwd_info), 0, 0, 0); + make_uni_hdr(&(info->hdr_parameters), 0); + make_bufhdr2(&(info->hdr_priv_data), 0, 0, 0); make_bufhdr2(&(info->hdr_sec_desc), 0, 0, 0); info->user_rid = user_rid; info->group_rid = group_rid; - init_nt_time(&(info->time_1)); - init_nt_time(&(info->time_2)); - init_nt_time(&(info->time_3)); - init_nt_time(&(info->time_4)); - init_nt_time(&(info->time_5)); + init_nt_time(&(info->logon_time)); + init_nt_time(&(info->logoff_time)); + init_nt_time(&(info->pwd_last_set_time)); + init_nt_time(&(info->acct_expiry_time)); info->logon_divs = 0xA8; info->ptr_logon_hrs = 0; /* Don't care right now */ + info->bad_pwd_count = 0; + info->logon_count = 0; info->acb_info = acb_info; - info->unknown4 = 0x4EC; - info->unknown5 = 0; + info->nt_pwd_present = 0; + info->lm_pwd_present = 0; + info->pwd_expired = 0; + info->country = 0; + info->codepage = 0; + + info->unknown1 = 0x4EC; + info->unknown2 = 0; make_unistr2(&(info->uni_acct_name), user_name, len_user_name+1); make_unistr2(&(info->uni_full_name), full_name, len_full_name+1); @@ -1318,6 +1328,8 @@ reads or writes a structure. ********************************************************************/ static void net_io_sam_account_info(char *desc, SAM_ACCOUNT_INFO *info, prs_struct *ps, int depth) { + int i; + if (info == NULL) return; prs_debug(ps, depth, desc, "net_io_sam_account_info"); @@ -1333,26 +1345,44 @@ static void net_io_sam_account_info(char *desc, SAM_ACCOUNT_INFO *info, prs_stru smb_io_unihdr("hdr_dir_drive" , &(info->hdr_dir_drive), ps, depth); smb_io_unihdr("hdr_logon_script", &(info->hdr_logon_script), ps, depth); smb_io_unihdr("hdr_acct_desc" , &(info->hdr_acct_desc), ps, depth); + smb_io_unihdr("hdr_workstations", &(info->hdr_workstations), ps, depth); - smb_io_time("time_1", &(info->time_1), ps, depth); - smb_io_time("time_2", &(info->time_2), ps, depth); - smb_io_time("time_3", &(info->time_3), ps, depth); + smb_io_time("logon_time" , &(info->logon_time ), ps, depth); + smb_io_time("logoff_time", &(info->logoff_time), ps, depth); prs_uint32("logon_divs ", ps, depth, &(info->logon_divs )); prs_uint32("ptr_logon_hrs", ps, depth, &(info->ptr_logon_hrs)); - smb_io_time("time_4", &(info->time_4), ps, depth); - smb_io_time("time_5", &(info->time_5), ps, depth); - prs_uint32("acb_info", ps, depth, &(info->acb_info)); - ps->offset += 36; + prs_uint16("bad_pwd_count", ps, depth, &(info->bad_pwd_count)); + prs_uint16("logon_count" , ps, depth, &(info->logon_count )); + smb_io_time("pwd_last_set_time", &(info->pwd_last_set_time), ps, depth); + smb_io_time("acct_expiry_time" , &(info->acct_expiry_time ), ps, depth); - smb_io_unihdr("hdr_comment", &(info->hdr_comment), ps, depth); - ps->offset += 12; + prs_uint32("acb_info", ps, depth, &(info->acb_info)); + prs_uint8s(False, "nt_pwd", ps, depth, info->nt_pwd, 16); + prs_uint8s(False, "lm_pwd", ps, depth, info->lm_pwd, 16); + prs_uint8("lm_pwd_present", ps, depth, &(info->lm_pwd_present)); + prs_uint8("nt_pwd_present", ps, depth, &(info->nt_pwd_present)); + prs_uint8("pwd_expired" , ps, depth, &(info->pwd_expired )); + + smb_io_unihdr("hdr_comment" , &(info->hdr_comment ), ps, depth); + smb_io_unihdr("hdr_parameters", &(info->hdr_parameters), ps, depth); + prs_uint16("country" , ps, depth, &(info->country )); + prs_uint16("codepage", ps, depth, &(info->codepage)); + + smb_io_bufhdr2("hdr_priv_data", &(info->hdr_priv_data), ps, depth); + smb_io_bufhdr2("hdr_sec_desc" , &(info->hdr_sec_desc) , ps, depth); + smb_io_unihdr ("hdr_profile" , &(info->hdr_profile) , ps, depth); + + for (i = 0; i < 3; i++) + { + smb_io_unihdr("hdr_reserved", &(info->hdr_reserved[i]), ps, depth); + } - smb_io_bufhdr2("hdr_pwd_info", &(info->hdr_pwd_info), ps, depth); - smb_io_bufhdr2("hdr_sec_desc", &(info->hdr_sec_desc), ps, depth); - smb_io_unihdr ("hdr_profile ", &(info->hdr_profile) , ps, depth); - ps->offset += 36; /* includes that stupid NTTIME, ignore for now */ + for (i = 0; i < 4; i++) + { + prs_uint32("dw_reserved", ps, depth, &(info->dw_reserved[i])); + } smb_io_unistr2("uni_acct_name", &(info->uni_acct_name), info->hdr_acct_name.buffer, ps, depth); @@ -1366,19 +1396,23 @@ static void net_io_sam_account_info(char *desc, SAM_ACCOUNT_INFO *info, prs_stru info->hdr_logon_script.buffer, ps, depth); smb_io_unistr2("uni_acct_desc", &(info->uni_acct_desc), info->hdr_acct_desc.buffer, ps, depth); + smb_io_unistr2("uni_workstations", &(info->uni_workstations), + info->hdr_workstations.buffer, ps, depth); - prs_uint32("unknown4", ps, depth, &(info->unknown4)); - prs_uint32("unknown5", ps, depth, &(info->unknown5)); + prs_uint32("unknown1", ps, depth, &(info->unknown1)); + prs_uint32("unknown2", ps, depth, &(info->unknown2)); - smb_io_buffer4("buf_logon_hrs", &(info->buf_logon_hrs), + smb_io_buffer4("buf_logon_hrs" , &(info->buf_logon_hrs ), info->ptr_logon_hrs, ps, depth); - smb_io_unistr2("uni_comment" , &(info->uni_comment ), + smb_io_unistr2("uni_comment" , &(info->uni_comment ), info->hdr_comment.buffer, ps, depth); - smb_io_buffer4("buf_pwd_info" , &(info->buf_pwd_info ), - info->hdr_pwd_info.buffer, ps, depth); - smb_io_buffer4("buf_sec_desc" , &(info->buf_sec_desc ), + smb_io_unistr2("uni_parameters", &(info->uni_parameters), + info->hdr_parameters.buffer, ps, depth); + smb_io_buffer4("buf_priv_data" , &(info->buf_priv_data ), + info->hdr_priv_data.buffer, ps, depth); + smb_io_buffer4("buf_sec_desc" , &(info->buf_sec_desc ), info->hdr_sec_desc.buffer, ps, depth); - smb_io_unistr2("uni_profile" , &(info->uni_profile ), + smb_io_unistr2("uni_profile" , &(info->uni_profile ), info->hdr_profile.buffer, ps, depth); } @@ -1517,7 +1551,7 @@ static void net_io_sam_alias_mem_info(char *desc, SAM_ALIAS_MEM_INFO *info, prs_ /******************************************************************* reads or writes a structure. ********************************************************************/ -static void net_io_sam_delta_ctr(char *desc, SAM_DELTA_CTR *delta, uint32 type, prs_struct *ps, int depth) +static void net_io_sam_delta_ctr(char *desc, SAM_DELTA_CTR *delta, uint16 type, prs_struct *ps, int depth) { if (delta == NULL) return; @@ -1592,5 +1626,6 @@ void net_io_r_sam_sync(char *desc, NET_R_SAM_SYNC *r_s, prs_struct *ps, int dept } } + prs_align(ps); prs_uint32("status", ps, depth, &(r_s->status)); } diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 44ad4fd064..7ee45ada16 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -251,6 +251,8 @@ static void net_reply_sam_sync(NET_Q_SAM_SYNC *q_s, prs_struct *rdata, pwd->group_rid, pwd->home_dir, pwd->dir_drive, pwd->logon_script, pwd->acct_desc, pwd->acct_ctrl, pwd->profile_path); + + i++; } endsmbpwent(vp); diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c index be5bf8596a..def5dba297 100644 --- a/source3/rpcclient/cmd_netlogon.c +++ b/source3/rpcclient/cmd_netlogon.c @@ -179,26 +179,5 @@ experimental SAM synchronisation. ****************************************************************************/ void cmd_sam_sync(struct client_info *info) { - uint16 nt_pipe_fnum; - BOOL res = True; - unsigned char trust_passwd[16]; - - DEBUG(5,("Attempting SAM Synchronisation with PDC\n")); - - res = res ? trust_get_passwd(trust_passwd, smb_cli->domain, info->myhostname) : False; - - /* open NETLOGON session. negotiate credentials */ - res = res ? cli_nt_session_open(smb_cli, PIPE_NETLOGON, &nt_pipe_fnum) : False; - - res = res ? cli_nt_setup_creds(smb_cli, nt_pipe_fnum, smb_cli->mach_acct, - trust_passwd, SEC_CHAN_BDC) : False; - - res = res ? cli_net_sam_sync(smb_cli, nt_pipe_fnum, 0) : False; - - memset(trust_passwd, 0, 16); - - /* close the session */ - cli_nt_session_close(smb_cli, nt_pipe_fnum); - - fprintf(out_hnd,"cmd_sam_sync: test succeeded: %s\n", BOOLSTR(res)); + do_sam_sync(smb_cli); } |