diff options
author | Matthew Chapman <matty@samba.org> | 1999-03-18 05:16:59 +0000 |
---|---|---|
committer | Matthew Chapman <matty@samba.org> | 1999-03-18 05:16:59 +0000 |
commit | e8ac69c16877dd827719134dbce49f4aa3608c9d (patch) | |
tree | 8b2bc2837d284f32b9f871563f7c0e1b5caf6c06 /source3/include | |
parent | 5a6db490ea56d6492f268b8c5fbc2bc017ba87b6 (diff) | |
download | samba-e8ac69c16877dd827719134dbce49f4aa3608c9d.tar.gz samba-e8ac69c16877dd827719134dbce49f4aa3608c9d.tar.bz2 samba-e8ac69c16877dd827719134dbce49f4aa3608c9d.zip |
Adding LSA_OPENSECRET (-> LsarOpenSecret) and LSA_QUERYSECRET
(-> LsarQuerySecret) on client side, including rpcclient command
"querysecret" for others to play with.
The major obstacle is working out the encryption algorithm used
for the secret value. It definitely uses the NT hash as part of the
key, and it seems the block size is 64 bits - probably DES based -
but I can't work out what's done in between. Help required.
(This used to be commit 365fa3b5fbf551670acc91f593138a7e91a5f7fa)
Diffstat (limited to 'source3/include')
-rw-r--r-- | source3/include/proto.h | 53 | ||||
-rw-r--r-- | source3/include/rpc_lsa.h | 60 | ||||
-rw-r--r-- | source3/include/rpc_misc.h | 9 |
3 files changed, 86 insertions, 36 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index af8eaa4074..46dc35b2aa 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1402,41 +1402,6 @@ struct smb_passwd *ldap_getpw(void); BOOL ldap_allocaterid(uint32 *rid); struct smb_passdb_ops *ldap_initialise_password_db(void); -/*The following definitions come from passdb/mysqlpass.c */ - -int mysql_db_lock_connect( MYSQL *handle ); -void *mysql_startpwent( BOOL update ); -void mysql_endpwent( void *ptr ); -SMB_BIG_UINT mysql_getpwpos(void *vp); -BOOL mysql_setpwpos(void *vp, SMB_BIG_UINT pos); -void *mysql_fill_smb_passwd( MYSQL_ROW *row ); -struct smb_passwd *mysql_getsmbpwent(void *vp); -void *mysql_fetch_passwd( void *(*filler)(MYSQL_ROW*), char *where ); -void *mysql_getpwuid(void *(*filler)(MYSQL_ROW *), uid_t uid); -struct smb_passwd *mysql_getsmbpwuid(uid_t uid); -void *mysql_getpwnam(void *(*filler)(MYSQL_ROW *), char *field, const char *name); -struct smb_passwd *mysql_getsmbpwnam(const char *unix_name); -BOOL mysql_del_smb( MYSQL *handle, char *unix_name ); -BOOL mysql_add_smb( MYSQL *handle, struct smb_passwd *smb ); -BOOL mysql_mod_smb( MYSQL *handle, struct smb_passwd *smb, BOOL override ); -BOOL mysql_add_smbpwd_entry(struct smb_passwd *smb); -BOOL mysql_mod_smbpwd_entry(struct smb_passwd *smb, BOOL override); -struct smb_passdb_ops *mysql_initialise_password_db(void); - -/*The following definitions come from passdb/mysqlsampass.c */ - -void *mysql_fill_sam_passwd( MYSQL_ROW *row ); -struct sam_passwd *mysql_getsampwent(void *vp); -struct sam_passwd *mysql_getsampwrid(uint32 rid); -struct sam_passwd *mysql_getsampwuid(uid_t uid); -struct sam_passwd *mysql_getsampwntnam(const char *nt_name); -struct sam_disp_info *mysql_getsamdispntnam(const char *nt_name); -struct sam_disp_info *mysql_getsamdisprid(uint32 rid); -struct sam_disp_info *mysql_getsamdispent(void *vp); -BOOL mysql_add_sampwd_entry(struct sam_passwd *sam); -BOOL mysql_mod_sampwd_entry(struct sam_passwd *sam, BOOL override); -struct sam_passdb_ops *mysql_initialise_sam_password_db(void); - /*The following definitions come from passdb/nispass.c */ struct passdb_ops *nisplus_initialise_password_db(void); @@ -1599,6 +1564,12 @@ BOOL cli_nt_logoff(struct cli_state *cli, uint16 fnum, NET_ID_INFO_CTR *ctr); BOOL lsa_open_policy(struct cli_state *cli, uint16 fnum, char *server_name, POLICY_HND *hnd, BOOL sec_qos); +BOOL lsa_open_secret(struct cli_state *cli, uint16 fnum, + POLICY_HND *hnd_pol, char *secret_name, uint32 des_access, + POLICY_HND *hnd_secret); +BOOL lsa_query_secret(struct cli_state *cli, uint16 fnum, + POLICY_HND *pol, unsigned char secret[24], + NTTIME *lastupdate); BOOL lsa_lookup_names(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd, int num_names, @@ -1885,6 +1856,15 @@ void lsa_io_q_open_pol2(char *desc, LSA_Q_OPEN_POL2 *r_q, prs_struct *ps, int d void lsa_io_r_open_pol2(char *desc, LSA_R_OPEN_POL2 *r_p, prs_struct *ps, int depth); void make_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class); void lsa_io_q_query(char *desc, LSA_Q_QUERY_INFO *q_q, prs_struct *ps, int depth); +void make_q_open_secret(LSA_Q_OPEN_SECRET *q_o, POLICY_HND *pol_hnd, + char *secret_name, uint32 desired_access); +void lsa_io_q_open_secret(char *desc, LSA_Q_OPEN_SECRET *q_o, prs_struct *ps, int depth); +void lsa_io_r_open_secret(char *desc, LSA_R_OPEN_SECRET *r_o, prs_struct *ps, int depth); +void lsa_io_secret_value(char *desc, LSA_SECRET_VALUE *value, prs_struct *ps, int depth); +void lsa_io_secret_info(char *desc, LSA_SECRET_INFO *info, prs_struct *ps, int depth); +void make_q_query_secret(LSA_Q_QUERY_SECRET *q_q, POLICY_HND *pol); +void lsa_io_q_query_secret(char *desc, LSA_Q_QUERY_SECRET *q_q, prs_struct *ps, int depth); +void lsa_io_r_query_secret(char *desc, LSA_R_QUERY_SECRET *r_q, prs_struct *ps, int depth); void lsa_io_q_enum_trust_dom(char *desc, LSA_Q_ENUM_TRUST_DOM *q_e, prs_struct *ps, int depth); void make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e, uint32 enum_context, char *domain_name, DOM_SID *domain_sid, @@ -1917,6 +1897,8 @@ void make_dom_sid2(DOM_SID2 *sid2, DOM_SID *sid); void smb_io_dom_sid2(char *desc, DOM_SID2 *sid, prs_struct *ps, int depth); void make_str_hdr(STRHDR *hdr, int max_len, int len, uint32 buffer); void smb_io_strhdr(char *desc, STRHDR *hdr, prs_struct *ps, int depth); +void make_strhdr2(STRHDR2 *hdr, uint32 max_len, uint32 len, uint32 buffer); +void smb_io_strhdr2(char *desc, STRHDR2 *hdr, prs_struct *ps, int depth); void make_uni_hdr(UNIHDR *hdr, int max_len, int len, uint32 buffer); void smb_io_unihdr(char *desc, UNIHDR *hdr, prs_struct *ps, int depth); void make_buf_hdr(BUFHDR *hdr, int max_len, int len); @@ -2745,6 +2727,7 @@ BOOL api_wkssvc_rpc(pipes_struct *p, prs_struct *data); void cmd_lsa_query_info(struct client_info *info); void cmd_lsa_lookup_names(struct client_info *info); void cmd_lsa_lookup_sids(struct client_info *info); +void cmd_lsa_query_secret(struct client_info *info); /*The following definitions come from rpcclient/cmd_netlogon.c */ diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index fd60423566..6129c3bf01 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -46,7 +46,8 @@ enum SID_NAME_USE #define LSA_LOOKUPSIDS 0x0f #define LSA_OPENPOLICY 0x06 #define LSA_OPENPOLICY2 0x2c -#define LSA_OPENSECRET 0x1C +#define LSA_OPENSECRET 0x1c +#define LSA_QUERYSECRET 0x1e #define LSA_MAX_GROUPS 32 #define LSA_MAX_SIDS 32 @@ -152,6 +153,63 @@ typedef struct lsa_r_query_info } LSA_R_QUERY_INFO; +/* LSA_Q_OPEN_SECRET - LSA Open Secret */ +typedef struct lsa_q_open_secret_info +{ + POLICY_HND pol; + UNIHDR hdr_secret; + UNISTR2 uni_secret; + + uint32 des_access; /* desired access attributes */ + +} LSA_Q_OPEN_SECRET; + +/* LSA_R_OPEN_SECRET - response to LSA Open Secret */ +typedef struct lsa_r_open_secret_info +{ + POLICY_HND pol; + uint32 status; + +} LSA_R_OPEN_SECRET; + +typedef struct lsa_secret_value_info +{ + uint32 ptr_secret; + STRHDR2 hdr_secret; + STRING2 secret; + +} LSA_SECRET_VALUE; + +typedef struct lsa_secret_info_info +{ + uint32 ptr_value; + LSA_SECRET_VALUE value; + + uint32 ptr_update; + NTTIME last_update; /* N.B. 64-bit alignment? */ + +} LSA_SECRET_INFO; + +/* LSA_Q_QUERY_SECRET - LSA Query Secret */ +typedef struct lsa_q_query_secret_info +{ + POLICY_HND pol; + + LSA_SECRET_INFO info; /* [in, out] */ + LSA_SECRET_INFO oldinfo; + +} LSA_Q_QUERY_SECRET; + +/* LSA_R_QUERY_SECRET - response to LSA Query Secret */ +typedef struct lsa_r_query_secret_info +{ + LSA_SECRET_INFO info; + LSA_SECRET_INFO oldinfo; + + uint32 status; + +} LSA_R_QUERY_SECRET; + /* LSA_Q_ENUM_TRUST_DOM - LSA enumerate trusted domains */ typedef struct lsa_enum_trust_dom_info { diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h index ff0d2cc49d..1c5689dd87 100644 --- a/source3/include/rpc_misc.h +++ b/source3/include/rpc_misc.h @@ -96,6 +96,15 @@ typedef struct header_info } STRHDR; +/* STRHDR2 - string header, 32-bit lengths */ +typedef struct header2_info +{ + uint32 str_str_len; + uint32 str_max_len; + uint32 buffer; + +} STRHDR2; + /* UNIHDR - unicode string header */ typedef struct unihdr_info { |