summaryrefslogtreecommitdiff
path: root/source3/rpc_client
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2008-03-05 19:42:15 +0100
committerJelmer Vernooij <jelmer@samba.org>2008-03-05 19:42:15 +0100
commit63036a6f3380652c0cb54627bdeabcd212fa2f8c (patch)
tree90194f23cb1e6ca483e7773233c326a9b705f85f /source3/rpc_client
parentd41d580c600e3228ff8fee5c16c47580f661a240 (diff)
parent932c287a406048759fa1ac4bf86e29d96991ded1 (diff)
downloadsamba-63036a6f3380652c0cb54627bdeabcd212fa2f8c.tar.gz
samba-63036a6f3380652c0cb54627bdeabcd212fa2f8c.tar.bz2
samba-63036a6f3380652c0cb54627bdeabcd212fa2f8c.zip
Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-test
(This used to be commit 3482cd9b0e81bbc801f1cec33fca82fc45a3ddef)
Diffstat (limited to 'source3/rpc_client')
-rw-r--r--source3/rpc_client/cli_lsarpc.c412
-rw-r--r--source3/rpc_client/cli_netlogon.c816
-rw-r--r--source3/rpc_client/cli_pipe.c1
-rw-r--r--source3/rpc_client/cli_samr.c1
-rw-r--r--source3/rpc_client/cli_srvsvc.c67
-rw-r--r--source3/rpc_client/cli_svcctl.c211
-rw-r--r--source3/rpc_client/init_lsa.c78
-rw-r--r--source3/rpc_client/init_netlogon.c220
-rw-r--r--source3/rpc_client/init_srvsvc.c119
9 files changed, 780 insertions, 1145 deletions
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index c42938d6e9..2759881dd3 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -6,6 +6,7 @@
Copyright (C) Rafal Szczesniak 2002
Copyright (C) Jeremy Allison 2005.
Copyright (C) Michael Adam 2007.
+ Copyright (C) Guenther Deschner 2008.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -128,13 +129,16 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
char **names,
enum lsa_SidType *types)
{
- prs_struct qbuf, rbuf;
- LSA_Q_LOOKUP_SIDS q;
- LSA_R_LOOKUP_SIDS r;
- DOM_R_REF ref;
NTSTATUS result = NT_STATUS_OK;
TALLOC_CTX *tmp_ctx = NULL;
int i;
+ struct lsa_SidArray sid_array;
+ struct lsa_RefDomainList *ref_domains = NULL;
+ struct lsa_TransNameArray lsa_names;
+ uint32_t count = 0;
+ uint16_t level = 1;
+
+ ZERO_STRUCT(lsa_names);
tmp_ctx = talloc_new(mem_ctx);
if (!tmp_ctx) {
@@ -143,38 +147,42 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
goto done;
}
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_q_lookup_sids(tmp_ctx, &q, pol, num_sids, sids, 1);
-
- ZERO_STRUCT(ref);
+ sid_array.num_sids = num_sids;
+ sid_array.sids = TALLOC_ARRAY(mem_ctx, struct lsa_SidPtr, num_sids);
+ if (!sid_array.sids) {
+ return NT_STATUS_NO_MEMORY;
+ }
- r.dom_ref = &ref;
+ for (i = 0; i<num_sids; i++) {
+ sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sids[i]);
+ if (!sid_array.sids[i].sid) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
- CLI_DO_RPC( cli, tmp_ctx, PI_LSARPC, LSA_LOOKUPSIDS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_lookup_sids,
- lsa_io_r_lookup_sids,
- NT_STATUS_UNSUCCESSFUL );
+ result = rpccli_lsa_LookupSids(cli, mem_ctx,
+ pol,
+ &sid_array,
+ &ref_domains,
+ &lsa_names,
+ level,
+ &count);
DEBUG(10, ("LSA_LOOKUPSIDS returned '%s', mapped count = %d'\n",
- nt_errstr(r.status), r.mapped_count));
+ nt_errstr(result), count));
- if (!NT_STATUS_IS_OK(r.status) &&
- !NT_STATUS_EQUAL(r.status, NT_STATUS_NONE_MAPPED) &&
- !NT_STATUS_EQUAL(r.status, STATUS_SOME_UNMAPPED))
+ if (!NT_STATUS_IS_OK(result) &&
+ !NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) &&
+ !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
{
/* An actual error occured */
- result = r.status;
goto done;
}
/* Return output parameters */
- if (NT_STATUS_EQUAL(r.status, NT_STATUS_NONE_MAPPED) ||
- (r.mapped_count == 0))
+ if (NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) ||
+ (count == 0))
{
for (i = 0; i < num_sids; i++) {
(names)[i] = NULL;
@@ -186,21 +194,19 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
}
for (i = 0; i < num_sids; i++) {
- fstring name, dom_name;
- uint32 dom_idx = r.names.name[i].domain_idx;
+ const char *name, *dom_name;
+ uint32_t dom_idx = lsa_names.names[i].sid_index;
/* Translate optimised name through domain index array */
if (dom_idx != 0xffffffff) {
- rpcstr_pull_unistr2_fstring(
- dom_name, &ref.ref_dom[dom_idx].uni_dom_name);
- rpcstr_pull_unistr2_fstring(
- name, &r.names.uni_name[i]);
+ dom_name = ref_domains->domains[dom_idx].name.string;
+ name = lsa_names.names[i].name.string;
(names)[i] = talloc_strdup(mem_ctx, name);
(domains)[i] = talloc_strdup(mem_ctx, dom_name);
- (types)[i] = r.names.name[i].sid_name_use;
+ (types)[i] = lsa_names.names[i].sid_type;
if (((names)[i] == NULL) || ((domains)[i] == NULL)) {
DEBUG(0, ("cli_lsa_lookup_sids_noalloc(): out of memory\n"));
@@ -348,29 +354,32 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
DOM_SID **sids,
enum lsa_SidType **types)
{
- prs_struct qbuf, rbuf;
- LSA_Q_LOOKUP_NAMES q;
- LSA_R_LOOKUP_NAMES r;
- DOM_R_REF ref;
NTSTATUS result;
int i;
+ struct lsa_String *lsa_names = NULL;
+ struct lsa_RefDomainList *domains = NULL;
+ struct lsa_TransSidArray sid_array;
+ uint32_t count = 0;
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- ZERO_STRUCT(ref);
- r.dom_ref = &ref;
+ ZERO_STRUCT(sid_array);
- init_q_lookup_names(mem_ctx, &q, pol, num_names, names, level);
+ lsa_names = TALLOC_ARRAY(mem_ctx, struct lsa_String, num_names);
+ if (!lsa_names) {
+ return NT_STATUS_NO_MEMORY;
+ }
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPNAMES,
- q, r,
- qbuf, rbuf,
- lsa_io_q_lookup_names,
- lsa_io_r_lookup_names,
- NT_STATUS_UNSUCCESSFUL);
+ for (i=0; i<num_names; i++) {
+ init_lsa_String(&lsa_names[i], names[i]);
+ }
- result = r.status;
+ result = rpccli_lsa_LookupNames(cli, mem_ctx,
+ pol,
+ num_names,
+ lsa_names,
+ &domains,
+ &sid_array,
+ level,
+ &count);
if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
NT_STATUS_V(STATUS_SOME_UNMAPPED)) {
@@ -382,7 +391,7 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
/* Return output parameters */
- if (r.mapped_count == 0) {
+ if (count == 0) {
result = NT_STATUS_NONE_MAPPED;
goto done;
}
@@ -417,9 +426,8 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
}
for (i = 0; i < num_names; i++) {
- DOM_RID *t_rids = r.dom_rid;
- uint32 dom_idx = t_rids[i].rid_idx;
- uint32 dom_rid = t_rids[i].rid;
+ uint32_t dom_idx = sid_array.sids[i].sid_index;
+ uint32_t dom_rid = sid_array.sids[i].rid;
DOM_SID *sid = &(*sids)[i];
/* Translate optimised sid through domain index array */
@@ -431,320 +439,26 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
continue;
}
- sid_copy(sid, &ref.ref_dom[dom_idx].ref_dom.sid);
+ sid_copy(sid, domains->domains[dom_idx].sid);
if (dom_rid != 0xffffffff) {
sid_append_rid(sid, dom_rid);
}
- (*types)[i] = t_rids[i].type;
+ (*types)[i] = sid_array.sids[i].sid_type;
if (dom_names == NULL) {
continue;
}
- (*dom_names)[i] = rpcstr_pull_unistr2_talloc(
- *dom_names, &ref.ref_dom[dom_idx].uni_dom_name);
- }
-
- done:
-
- return result;
-}
-
-/** Enumerate list of SIDs */
-
-NTSTATUS rpccli_lsa_enum_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *enum_ctx, uint32 pref_max_length,
- uint32 *num_sids, DOM_SID **sids)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ENUM_ACCOUNTS q;
- LSA_R_ENUM_ACCOUNTS r;
- NTSTATUS result;
- int i;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_lsa_q_enum_accounts(&q, pol, *enum_ctx, pref_max_length);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_ACCOUNTS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_enum_accounts,
- lsa_io_r_enum_accounts,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- if (r.sids.num_entries==0)
- goto done;
-
- /* Return output parameters */
-
- *sids = TALLOC_ARRAY(mem_ctx, DOM_SID, r.sids.num_entries);
- if (!*sids) {
- DEBUG(0, ("(cli_lsa_enum_sids): out of memory\n"));
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- /* Copy across names and sids */
-
- for (i = 0; i < r.sids.num_entries; i++) {
- sid_copy(&(*sids)[i], &r.sids.sid[i].sid);
- }
-
- *num_sids= r.sids.num_entries;
- *enum_ctx = r.enum_context;
-
- done:
-
- return result;
-}
-
-/** Enumerate user privileges
- *
- * @param cli Handle on an initialised SMB connection */
-
-NTSTATUS rpccli_lsa_enum_privsaccount(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *count, LUID_ATTR **set)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ENUMPRIVSACCOUNT q;
- LSA_R_ENUMPRIVSACCOUNT r;
- NTSTATUS result;
- int i;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- init_lsa_q_enum_privsaccount(&q, pol);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMPRIVSACCOUNT,
- q, r,
- qbuf, rbuf,
- lsa_io_q_enum_privsaccount,
- lsa_io_r_enum_privsaccount,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- if (r.count == 0)
- goto done;
-
- if (!((*set = TALLOC_ARRAY(mem_ctx, LUID_ATTR, r.count)))) {
- DEBUG(0, ("(cli_lsa_enum_privsaccount): out of memory\n"));
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- for (i=0; i<r.count; i++) {
- (*set)[i].luid.low = r.set.set[i].luid.low;
- (*set)[i].luid.high = r.set.set[i].luid.high;
- (*set)[i].attr = r.set.set[i].attr;
+ (*dom_names)[i] = domains->domains[dom_idx].name.string;
}
- *count=r.count;
done:
return result;
}
-/** Get a privilege value given its name */
-
-NTSTATUS rpccli_lsa_lookup_priv_value(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, const char *name, LUID *luid)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_LOOKUP_PRIV_VALUE q;
- LSA_R_LOOKUP_PRIV_VALUE r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_lsa_q_lookup_priv_value(&q, pol, name);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPPRIVVALUE,
- q, r,
- qbuf, rbuf,
- lsa_io_q_lookup_priv_value,
- lsa_io_r_lookup_priv_value,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Return output parameters */
-
- (*luid).low=r.luid.low;
- (*luid).high=r.luid.high;
-
- done:
-
- return result;
-}
-
-/* Enumerate account rights This is similar to enum_privileges but
- takes a SID directly, avoiding the open_account call.
-*/
-
-NTSTATUS rpccli_lsa_enum_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, DOM_SID *sid,
- uint32 *count, char ***priv_names)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ENUM_ACCT_RIGHTS q;
- LSA_R_ENUM_ACCT_RIGHTS r;
- NTSTATUS result;
- int i;
- fstring *privileges;
- char **names;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
- init_q_enum_acct_rights(&q, pol, 2, sid);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMACCTRIGHTS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_enum_acct_rights,
- lsa_io_r_enum_acct_rights,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- *count = r.count;
- if (! *count) {
- goto done;
- }
-
-
- privileges = TALLOC_ARRAY( mem_ctx, fstring, *count );
- names = TALLOC_ARRAY( mem_ctx, char *, *count );
-
- if ((privileges == NULL) || (names == NULL)) {
- TALLOC_FREE(privileges);
- TALLOC_FREE(names);
- return NT_STATUS_NO_MEMORY;
- }
-
- for ( i=0; i<*count; i++ ) {
- UNISTR4 *uni_string = &r.rights->strings[i];
-
- if ( !uni_string->string )
- continue;
-
- rpcstr_pull( privileges[i], uni_string->string->buffer, sizeof(privileges[i]), -1, STR_TERMINATE );
-
- /* now copy to the return array */
- names[i] = talloc_strdup( mem_ctx, privileges[i] );
- }
-
- *priv_names = names;
-
-done:
-
- return result;
-}
-
-
-
-/* add account rights to an account. */
-
-NTSTATUS rpccli_lsa_add_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, DOM_SID sid,
- uint32 count, const char **privs_name)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ADD_ACCT_RIGHTS q;
- LSA_R_ADD_ACCT_RIGHTS r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
- init_q_add_acct_rights(&q, pol, &sid, count, privs_name);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ADDACCTRIGHTS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_add_acct_rights,
- lsa_io_r_add_acct_rights,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-done:
-
- return result;
-}
-
-
-/* remove account rights for an account. */
-
-NTSTATUS rpccli_lsa_remove_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, DOM_SID sid, bool removeall,
- uint32 count, const char **privs_name)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_REMOVE_ACCT_RIGHTS q;
- LSA_R_REMOVE_ACCT_RIGHTS r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
- init_q_remove_acct_rights(&q, pol, &sid, removeall?1:0, count, privs_name);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_REMOVEACCTRIGHTS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_remove_acct_rights,
- lsa_io_r_remove_acct_rights,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-done:
-
- return result;
-}
-
-
#if 0
/** An example of how to use the routines in this file. Fetch a DOMAIN
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index a6167bb851..2af514320e 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -1,20 +1,21 @@
-/*
+/*
Unix SMB/CIFS implementation.
NT Domain Authentication SMB / MSRPC client
Copyright (C) Andrew Tridgell 1992-2000
Copyright (C) Jeremy Allison 1998.
Largely re-written by Jeremy Allison (C) 2005.
+ Copyright (C) Guenther Deschner 2008.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -27,57 +28,19 @@
private data. Only call this via rpccli_netlogon_setup_creds(). JRA.
*/
-static NTSTATUS rpccli_net_req_chal(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *server_name,
- const char *clnt_name,
- const DOM_CHAL *clnt_chal_in,
- DOM_CHAL *srv_chal_out)
-{
- prs_struct qbuf, rbuf;
- NET_Q_REQ_CHAL q;
- NET_R_REQ_CHAL r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- /* create and send a MSRPC command with api NET_REQCHAL */
-
- DEBUG(4,("cli_net_req_chal: LSA Request Challenge from %s to %s\n",
- clnt_name, server_name));
-
- /* store the parameters */
- init_q_req_chal(&q, server_name, clnt_name, clnt_chal_in);
-
- /* Marshall data and send request */
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_REQCHAL,
- q, r,
- qbuf, rbuf,
- net_io_q_req_chal,
- net_io_r_req_chal,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- /* Return result */
-
- if (NT_STATUS_IS_OK(result)) {
- /* Store the returned server challenge. */
- *srv_chal_out = r.srv_chal;
- }
-
- return result;
-}
+/* instead of rpccli_net_req_chal() we use rpccli_netr_ServerReqChallenge() now - gd */
#if 0
/****************************************************************************
LSA Authenticate 2
Send the client credential, receive back a server credential.
-Ensure that the server credential returned matches the session key
+Ensure that the server credential returned matches the session key
encrypt of the server challenge originally received. JRA.
****************************************************************************/
- NTSTATUS rpccli_net_auth2(struct rpc_pipe_client *cli,
- uint16 sec_chan,
+ NTSTATUS rpccli_net_auth2(struct rpc_pipe_client *cli,
+ uint16 sec_chan,
uint32 *neg_flags, DOM_CHAL *srv_chal)
{
prs_struct qbuf, rbuf;
@@ -90,7 +53,7 @@ encrypt of the server challenge originally received. JRA.
fstr_sprintf( machine_acct, "%s$", lp_workgroup() );
else
fstrcpy( machine_acct, cli->mach_acct );
-
+
/* create and send a MSRPC command with api NET_AUTH2 */
DEBUG(4,("cli_net_auth2: srv:%s acct:%s sc:%x mc: %s chal %s neg: %x\n",
@@ -99,8 +62,8 @@ encrypt of the server challenge originally received. JRA.
/* store the parameters */
- init_q_auth_2(&q, cli->srv_name_slash, machine_acct,
- sec_chan, global_myname(), &cli->clnt_cred.challenge,
+ init_q_auth_2(&q, cli->srv_name_slash, machine_acct,
+ sec_chan, global_myname(), &cli->clnt_cred.challenge,
*neg_flags);
/* turn parameters into data stream */
@@ -116,7 +79,7 @@ encrypt of the server challenge originally received. JRA.
if (NT_STATUS_IS_OK(result)) {
UTIME zerotime;
-
+
/*
* Check the returned value using the initial
* server received challenge.
@@ -143,106 +106,12 @@ password ?).\n", cli->cli->desthost ));
LSA Authenticate 2
Send the client credential, receive back a server credential.
- The caller *must* ensure that the server credential returned matches the session key
- encrypt of the server challenge originally received. JRA.
-****************************************************************************/
-
-static NTSTATUS rpccli_net_auth2(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *server_name,
- const char *account_name,
- uint16 sec_chan_type,
- const char *computer_name,
- uint32 *neg_flags_inout,
- const DOM_CHAL *clnt_chal_in,
- DOM_CHAL *srv_chal_out)
-{
- prs_struct qbuf, rbuf;
- NET_Q_AUTH_2 q;
- NET_R_AUTH_2 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- /* create and send a MSRPC command with api NET_AUTH2 */
-
- DEBUG(4,("cli_net_auth2: srv:%s acct:%s sc:%x mc: %s neg: %x\n",
- server_name, account_name, sec_chan_type, computer_name,
- *neg_flags_inout));
-
- /* store the parameters */
-
- init_q_auth_2(&q, server_name, account_name, sec_chan_type,
- computer_name, clnt_chal_in, *neg_flags_inout);
-
- /* turn parameters into data stream */
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_AUTH2,
- q, r,
- qbuf, rbuf,
- net_io_q_auth_2,
- net_io_r_auth_2,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (NT_STATUS_IS_OK(result)) {
- *srv_chal_out = r.srv_chal;
- *neg_flags_inout = r.srv_flgs.neg_flags;
- }
-
- return result;
-}
-
-#if 0 /* not currebntly used */
-/****************************************************************************
- LSA Authenticate 3
-
- Send the client credential, receive back a server credential.
- The caller *must* ensure that the server credential returned matches the session key
+ The caller *must* ensure that the server credential returned matches the session key
encrypt of the server challenge originally received. JRA.
****************************************************************************/
-static NTSTATUS rpccli_net_auth3(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *server_name,
- const char *account_name,
- uint16 sec_chan_type,
- const char *computer_name,
- uint32 *neg_flags_inout,
- const DOM_CHAL *clnt_chal_in,
- DOM_CHAL *srv_chal_out)
-{
- prs_struct qbuf, rbuf;
- NET_Q_AUTH_3 q;
- NET_R_AUTH_3 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- /* create and send a MSRPC command with api NET_AUTH2 */
-
- DEBUG(4,("cli_net_auth3: srv:%s acct:%s sc:%x mc: %s chal %s neg: %x\n",
- server_name, account_name, sec_chan_type, computer_name,
- credstr(clnt_chal_in->data), *neg_flags_inout));
-
- /* store the parameters */
- init_q_auth_3(&q, server_name, account_name, sec_chan_type,
- computer_name, clnt_chal_in, *neg_flags_inout);
+/* instead of rpccli_net_auth2() we use rpccli_netr_ServerAuthenticate2() now - gd */
- /* turn parameters into data stream */
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_AUTH3,
- q, r,
- qbuf, rbuf,
- net_io_q_auth_3,
- net_io_r_auth_3,
- NT_STATUS_UNSUCCESSFUL);
-
- if (NT_STATUS_IS_OK(result)) {
- *srv_chal_out = r.srv_chal;
- *neg_flags_inout = r.srv_flgs.neg_flags;
- }
-
- return result;
-}
-#endif /* not currebntly used */
/****************************************************************************
Wrapper function that uses the auth and auth2 calls to set up a NETLOGON
@@ -251,17 +120,17 @@ static NTSTATUS rpccli_net_auth3(struct rpc_pipe_client *cli,
****************************************************************************/
NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
- const char *server_name,
- const char *domain,
- const char *clnt_name,
- const char *machine_account,
- const unsigned char machine_pwd[16],
- uint32 sec_chan_type,
- uint32 *neg_flags_inout)
+ const char *server_name,
+ const char *domain,
+ const char *clnt_name,
+ const char *machine_account,
+ const unsigned char machine_pwd[16],
+ enum netr_SchannelType sec_chan_type,
+ uint32_t *neg_flags_inout)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_CHAL clnt_chal_send;
- DOM_CHAL srv_chal_recv;
+ struct netr_Credential clnt_chal_send;
+ struct netr_Credential srv_chal_recv;
struct dcinfo *dc;
SMB_ASSERT(cli->pipe_idx == PI_NETLOGON);
@@ -288,13 +157,11 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
generate_random_buffer(clnt_chal_send.data, 8);
/* Get the server challenge. */
- result = rpccli_net_req_chal(cli,
- cli->mem_ctx,
- dc->remote_machine,
- clnt_name,
- &clnt_chal_send,
- &srv_chal_recv);
-
+ result = rpccli_netr_ServerReqChallenge(cli, cli->mem_ctx,
+ dc->remote_machine,
+ clnt_name,
+ &clnt_chal_send,
+ &srv_chal_recv);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
@@ -307,20 +174,18 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
machine_pwd,
&clnt_chal_send);
- /*
- * Send client auth-2 challenge and receive server repy.
- */
-
- result = rpccli_net_auth2(cli,
- cli->mem_ctx,
- dc->remote_machine,
- dc->mach_acct,
- sec_chan_type,
- clnt_name,
- neg_flags_inout,
- &clnt_chal_send, /* input. */
- &srv_chal_recv); /* output */
+ /*
+ * Send client auth-2 challenge and receive server repy.
+ */
+ result = rpccli_netr_ServerAuthenticate2(cli, cli->mem_ctx,
+ dc->remote_machine,
+ dc->mach_acct,
+ sec_chan_type,
+ clnt_name,
+ &clnt_chal_send, /* input. */
+ &srv_chal_recv, /* output. */
+ neg_flags_inout);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
@@ -330,7 +195,7 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
* server received challenge.
*/
- if (!creds_client_check(dc, &srv_chal_recv)) {
+ if (!netlogon_creds_client_check(dc, &srv_chal_recv)) {
/*
* Server replied with bad credential. Fail.
*/
@@ -347,143 +212,6 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
return NT_STATUS_OK;
}
-/* Logon Control 2 */
-
-NTSTATUS rpccli_netlogon_logon_ctrl2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- uint32 query_level)
-{
- prs_struct qbuf, rbuf;
- NET_Q_LOGON_CTRL2 q;
- NET_R_LOGON_CTRL2 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- fstring server;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
- init_net_q_logon_ctrl2(&q, server, query_level);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_LOGON_CTRL2,
- q, r,
- qbuf, rbuf,
- net_io_q_logon_ctrl2,
- net_io_r_logon_ctrl2,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
- return result;
-}
-
-/* Sam synchronisation */
-
-NTSTATUS rpccli_netlogon_sam_sync(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- uint32 database_id, uint32 next_rid, uint32 *num_deltas,
- SAM_DELTA_HDR **hdr_deltas,
- SAM_DELTA_CTR **deltas)
-{
- prs_struct qbuf, rbuf;
- NET_Q_SAM_SYNC q;
- NET_R_SAM_SYNC r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_CRED clnt_creds;
- DOM_CRED ret_creds;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- ZERO_STRUCT(ret_creds);
-
- /* Initialise input parameters */
-
- creds_client_step(cli->dc, &clnt_creds);
-
- init_net_q_sam_sync(&q, cli->dc->remote_machine, global_myname(),
- &clnt_creds, &ret_creds, database_id, next_rid);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_COPY_SESS_KEY(cli, mem_ctx, PI_NETLOGON, NET_SAM_SYNC,
- q, r,
- qbuf, rbuf,
- net_io_q_sam_sync,
- net_io_r_sam_sync,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return results */
-
- result = r.status;
- *num_deltas = r.num_deltas2;
- *hdr_deltas = r.hdr_deltas;
- *deltas = r.deltas;
-
- if (!NT_STATUS_IS_ERR(result)) {
- /* Check returned credentials. */
- if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) {
- DEBUG(0,("cli_netlogon_sam_sync: credentials chain check failed\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
- }
-
- return result;
-}
-
-/* Sam synchronisation */
-
-NTSTATUS rpccli_netlogon_sam_deltas(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- uint32 database_id, uint64 seqnum,
- uint32 *num_deltas,
- SAM_DELTA_HDR **hdr_deltas,
- SAM_DELTA_CTR **deltas)
-{
- prs_struct qbuf, rbuf;
- NET_Q_SAM_DELTAS q;
- NET_R_SAM_DELTAS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_CRED clnt_creds;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- creds_client_step(cli->dc, &clnt_creds);
-
- init_net_q_sam_deltas(&q, cli->dc->remote_machine,
- global_myname(), &clnt_creds,
- database_id, seqnum);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAM_DELTAS,
- q, r,
- qbuf, rbuf,
- net_io_q_sam_deltas,
- net_io_r_sam_deltas,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return results */
-
- result = r.status;
- *num_deltas = r.num_deltas2;
- *hdr_deltas = r.hdr_deltas;
- *deltas = r.deltas;
-
- if (!NT_STATUS_IS_ERR(result)) {
- /* Check returned credentials. */
- if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) {
- DEBUG(0,("cli_netlogon_sam_sync: credentials chain check failed\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
- }
-
- return result;
-}
-
/* Logon domain user */
NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
@@ -495,20 +223,23 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
const char *workstation,
int logon_type)
{
- prs_struct qbuf, rbuf;
- NET_Q_SAM_LOGON q;
- NET_R_SAM_LOGON r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_CRED clnt_creds;
- DOM_CRED ret_creds;
- NET_ID_INFO_CTR ctr;
- NET_USER_INFO_3 user;
- int validation_level = 3;
+ struct netr_Authenticator clnt_creds;
+ struct netr_Authenticator ret_creds;
+ union netr_LogonLevel *logon;
+ union netr_Validation validation;
+ uint8_t authoritative;
+ int validation_level = 3;
fstring clnt_name_slash;
+ uint8 zeros[16];
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
ZERO_STRUCT(ret_creds);
+ ZERO_STRUCT(zeros);
+
+ logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
+ if (!logon) {
+ return NT_STATUS_NO_MEMORY;
+ }
if (workstation) {
fstr_sprintf( clnt_name_slash, "\\\\%s", workstation );
@@ -516,85 +247,143 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
fstr_sprintf( clnt_name_slash, "\\\\%s", global_myname() );
}
- /* Initialise input parameters */
+ /* Initialise input parameters */
- creds_client_step(cli->dc, &clnt_creds);
+ netlogon_creds_client_step(cli->dc, &clnt_creds);
- q.validation_level = validation_level;
+ switch (logon_type) {
+ case INTERACTIVE_LOGON_TYPE: {
- ctr.switch_value = logon_type;
+ struct netr_PasswordInfo *password_info;
- switch (logon_type) {
- case INTERACTIVE_LOGON_TYPE: {
- unsigned char lm_owf_user_pwd[16], nt_owf_user_pwd[16];
+ struct samr_Password lmpassword;
+ struct samr_Password ntpassword;
- nt_lm_owf_gen(password, nt_owf_user_pwd, lm_owf_user_pwd);
+ unsigned char lm_owf_user_pwd[16], nt_owf_user_pwd[16];
- init_id_info1(&ctr.auth.id1, domain,
- logon_parameters, /* param_ctrl */
- 0xdead, 0xbeef, /* LUID? */
- username, clnt_name_slash,
- (const char *)cli->dc->sess_key, lm_owf_user_pwd,
- nt_owf_user_pwd);
+ unsigned char lm_owf[16];
+ unsigned char nt_owf[16];
+ unsigned char key[16];
- break;
- }
- case NET_LOGON_TYPE: {
- uint8 chal[8];
- unsigned char local_lm_response[24];
- unsigned char local_nt_response[24];
-
- generate_random_buffer(chal, 8);
-
- SMBencrypt(password, chal, local_lm_response);
- SMBNTencrypt(password, chal, local_nt_response);
-
- init_id_info2(&ctr.auth.id2, domain,
- logon_parameters, /* param_ctrl */
- 0xdead, 0xbeef, /* LUID? */
- username, clnt_name_slash, chal,
- local_lm_response, 24, local_nt_response, 24);
- break;
- }
- default:
- DEBUG(0, ("switch value %d not supported\n",
- ctr.switch_value));
- return NT_STATUS_INVALID_INFO_CLASS;
- }
+ password_info = TALLOC_ZERO_P(mem_ctx, struct netr_PasswordInfo);
+ if (!password_info) {
+ return NT_STATUS_NO_MEMORY;
+ }
- r.user = &user;
+ nt_lm_owf_gen(password, nt_owf_user_pwd, lm_owf_user_pwd);
- init_sam_info(&q.sam_id, cli->dc->remote_machine, global_myname(),
- &clnt_creds, &ret_creds, logon_type,
- &ctr);
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("lm cypher:"));
+ dump_data(100, lm_owf_user_pwd, 16);
- /* Marshall data and send request */
+ DEBUG(100,("nt cypher:"));
+ dump_data(100, nt_owf_user_pwd, 16);
+#endif
+ memset(key, 0, 16);
+ memcpy(key, cli->dc->sess_key, 8);
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON,
- q, r,
- qbuf, rbuf,
- net_io_q_sam_logon,
- net_io_r_sam_logon,
- NT_STATUS_UNSUCCESSFUL);
+ memcpy(lm_owf, lm_owf_user_pwd, 16);
+ SamOEMhash(lm_owf, key, 16);
+ memcpy(nt_owf, nt_owf_user_pwd, 16);
+ SamOEMhash(nt_owf, key, 16);
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("encrypt of lm owf password:"));
+ dump_data(100, lm_owf, 16);
+
+ DEBUG(100,("encrypt of nt owf password:"));
+ dump_data(100, nt_owf, 16);
+#endif
+ memcpy(lmpassword.hash, lm_owf, 16);
+ memcpy(ntpassword.hash, nt_owf, 16);
+
+ init_netr_PasswordInfo(password_info,
+ domain,
+ logon_parameters,
+ 0xdead,
+ 0xbeef,
+ username,
+ clnt_name_slash,
+ lmpassword,
+ ntpassword);
+
+ logon->password = password_info;
+
+ break;
+ }
+ case NET_LOGON_TYPE: {
+ struct netr_NetworkInfo *network_info;
+ uint8 chal[8];
+ unsigned char local_lm_response[24];
+ unsigned char local_nt_response[24];
+ struct netr_ChallengeResponse lm;
+ struct netr_ChallengeResponse nt;
+
+ ZERO_STRUCT(lm);
+ ZERO_STRUCT(nt);
+
+ network_info = TALLOC_ZERO_P(mem_ctx, struct netr_NetworkInfo);
+ if (!network_info) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ generate_random_buffer(chal, 8);
- /* Return results */
+ SMBencrypt(password, chal, local_lm_response);
+ SMBNTencrypt(password, chal, local_nt_response);
- result = r.status;
+ lm.length = 24;
+ lm.data = local_lm_response;
- if (r.buffer_creds) {
+ nt.length = 24;
+ nt.data = local_nt_response;
+
+ init_netr_NetworkInfo(network_info,
+ domain,
+ logon_parameters,
+ 0xdead,
+ 0xbeef,
+ username,
+ clnt_name_slash,
+ chal,
+ nt,
+ lm);
+
+ logon->network = network_info;
+
+ break;
+ }
+ default:
+ DEBUG(0, ("switch value %d not supported\n",
+ logon_type));
+ return NT_STATUS_INVALID_INFO_CLASS;
+ }
+
+ result = rpccli_netr_LogonSamLogon(cli, mem_ctx,
+ cli->dc->remote_machine,
+ global_myname(),
+ &clnt_creds,
+ &ret_creds,
+ logon_type,
+ logon,
+ validation_level,
+ &validation,
+ &authoritative);
+
+ if (memcmp(zeros, &ret_creds.cred.data, sizeof(ret_creds.cred.data)) != 0) {
/* Check returned credentials if present. */
- if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) {
+ if (!netlogon_creds_client_check(cli->dc, &ret_creds.cred)) {
DEBUG(0,("rpccli_netlogon_sam_logon: credentials chain check failed\n"));
return NT_STATUS_ACCESS_DENIED;
}
}
- return result;
+ return result;
}
-/**
- * Logon domain user with an 'network' SAM logon
+/**
+ * Logon domain user with an 'network' SAM logon
*
* @param info3 Pointer to a NET_USER_INFO_3 already allocated by the caller.
**/
@@ -605,31 +394,47 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
const char *server,
const char *username,
const char *domain,
- const char *workstation,
- const uint8 chal[8],
+ const char *workstation,
+ const uint8 chal[8],
DATA_BLOB lm_response,
DATA_BLOB nt_response,
- NET_USER_INFO_3 *info3)
+ struct netr_SamInfo3 **info3)
{
- prs_struct qbuf, rbuf;
- NET_Q_SAM_LOGON q;
- NET_R_SAM_LOGON r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- NET_ID_INFO_CTR ctr;
int validation_level = 3;
const char *workstation_name_slash;
const char *server_name_slash;
uint8 zeros[16];
- DOM_CRED clnt_creds;
- DOM_CRED ret_creds;
- int i;
+ struct netr_Authenticator clnt_creds;
+ struct netr_Authenticator ret_creds;
+ union netr_LogonLevel *logon = NULL;
+ struct netr_NetworkInfo *network_info;
+ uint8_t authoritative;
+ union netr_Validation validation;
+ struct netr_ChallengeResponse lm;
+ struct netr_ChallengeResponse nt;
+ struct netr_UserSessionKey user_session_key;
+ struct netr_LMSessionKey lmsesskey;
+
+ *info3 = NULL;
ZERO_STRUCT(zeros);
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
ZERO_STRUCT(ret_creds);
- creds_client_step(cli->dc, &clnt_creds);
+ ZERO_STRUCT(lm);
+ ZERO_STRUCT(nt);
+
+ logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
+ if (!logon) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ network_info = TALLOC_ZERO_P(mem_ctx, struct netr_NetworkInfo);
+ if (!network_info) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ netlogon_creds_client_step(cli->dc, &clnt_creds);
if (server[0] != '\\' && server[1] != '\\') {
server_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", server);
@@ -650,60 +455,62 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
/* Initialise input parameters */
- q.validation_level = validation_level;
+ lm.data = lm_response.data;
+ lm.length = lm_response.length;
+ nt.data = nt_response.data;
+ nt.length = nt_response.length;
- ctr.switch_value = NET_LOGON_TYPE;
+ init_netr_NetworkInfo(network_info,
+ domain,
+ logon_parameters,
+ 0xdead,
+ 0xbeef,
+ username,
+ workstation_name_slash,
+ (uint8_t *) chal,
+ nt,
+ lm);
- init_id_info2(&ctr.auth.id2, domain,
- logon_parameters, /* param_ctrl */
- 0xdead, 0xbeef, /* LUID? */
- username, workstation_name_slash, (const uchar*)chal,
- lm_response.data, lm_response.length, nt_response.data, nt_response.length);
-
- init_sam_info(&q.sam_id, server_name_slash, global_myname(),
- &clnt_creds, &ret_creds, NET_LOGON_TYPE,
- &ctr);
+ logon->network = network_info;
- r.user = info3;
-
- /* Marshall data and send request */
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON,
- q, r,
- qbuf, rbuf,
- net_io_q_sam_logon,
- net_io_r_sam_logon,
- NT_STATUS_UNSUCCESSFUL);
+ /* Marshall data and send request */
- if (memcmp(zeros, info3->user_sess_key, 16) != 0) {
- SamOEMhash(info3->user_sess_key, cli->dc->sess_key, 16);
- } else {
- memset(info3->user_sess_key, '\0', 16);
+ result = rpccli_netr_LogonSamLogon(cli, mem_ctx,
+ server_name_slash,
+ global_myname(),
+ &clnt_creds,
+ &ret_creds,
+ NET_LOGON_TYPE,
+ logon,
+ validation_level,
+ &validation,
+ &authoritative);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
}
- if (memcmp(zeros, info3->lm_sess_key, 8) != 0) {
- SamOEMhash(info3->lm_sess_key, cli->dc->sess_key, 8);
- } else {
- memset(info3->lm_sess_key, '\0', 8);
- }
+ user_session_key = validation.sam3->base.key;
+ lmsesskey = validation.sam3->base.LMSessKey;
- for (i=0; i < 7; i++) {
- memset(&info3->unknown[i], '\0', 4);
+ if (memcmp(zeros, user_session_key.key, 16) != 0) {
+ SamOEMhash(user_session_key.key, cli->dc->sess_key, 16);
}
- /* Return results */
-
- result = r.status;
+ if (memcmp(zeros, lmsesskey.key, 8) != 0) {
+ SamOEMhash(lmsesskey.key, cli->dc->sess_key, 8);
+ }
- if (r.buffer_creds) {
+ if (memcmp(zeros, ret_creds.cred.data, sizeof(ret_creds.cred.data)) != 0) {
/* Check returned credentials if present. */
- if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) {
+ if (!netlogon_creds_client_check(cli->dc, &ret_creds.cred)) {
DEBUG(0,("rpccli_netlogon_sam_network_logon: credentials chain check failed\n"));
return NT_STATUS_ACCESS_DENIED;
}
}
- return result;
+ *info3 = validation.sam3;
+
+ return result;
}
NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
@@ -712,26 +519,43 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
const char *server,
const char *username,
const char *domain,
- const char *workstation,
- const uint8 chal[8],
+ const char *workstation,
+ const uint8 chal[8],
DATA_BLOB lm_response,
DATA_BLOB nt_response,
- NET_USER_INFO_3 *info3)
+ struct netr_SamInfo3 **info3)
{
- prs_struct qbuf, rbuf;
- NET_Q_SAM_LOGON_EX q;
- NET_R_SAM_LOGON_EX r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- NET_ID_INFO_CTR ctr;
int validation_level = 3;
const char *workstation_name_slash;
const char *server_name_slash;
uint8 zeros[16];
- int i;
+ union netr_LogonLevel *logon = NULL;
+ struct netr_NetworkInfo *network_info;
+ uint8_t authoritative;
+ union netr_Validation validation;
+ struct netr_ChallengeResponse lm;
+ struct netr_ChallengeResponse nt;
+ struct netr_UserSessionKey user_session_key;
+ struct netr_LMSessionKey lmsesskey;
+ uint32_t flags = 0;
+
+ *info3 = NULL;
ZERO_STRUCT(zeros);
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
+
+ ZERO_STRUCT(lm);
+ ZERO_STRUCT(nt);
+
+ logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
+ if (!logon) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ network_info = TALLOC_ZERO_P(mem_ctx, struct netr_NetworkInfo);
+ if (!network_info) {
+ return NT_STATUS_NO_MEMORY;
+ }
if (server[0] != '\\' && server[1] != '\\') {
server_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", server);
@@ -752,97 +576,53 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
/* Initialise input parameters */
- q.validation_level = validation_level;
-
- ctr.switch_value = NET_LOGON_TYPE;
+ lm.data = lm_response.data;
+ lm.length = lm_response.length;
+ nt.data = nt_response.data;
+ nt.length = nt_response.length;
- init_id_info2(&ctr.auth.id2, domain,
- logon_parameters, /* param_ctrl */
- 0xdead, 0xbeef, /* LUID? */
- username, workstation_name_slash, (const uchar*)chal,
- lm_response.data, lm_response.length, nt_response.data,
- nt_response.length);
-
- init_sam_info_ex(&q.sam_id, server_name_slash, global_myname(),
- NET_LOGON_TYPE, &ctr);
+ init_netr_NetworkInfo(network_info,
+ domain,
+ logon_parameters,
+ 0xdead,
+ 0xbeef,
+ username,
+ workstation_name_slash,
+ (uint8_t *) chal,
+ nt,
+ lm);
- r.user = info3;
+ logon->network = network_info;
/* Marshall data and send request */
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON_EX,
- q, r, qbuf, rbuf,
- net_io_q_sam_logon_ex,
- net_io_r_sam_logon_ex,
- NT_STATUS_UNSUCCESSFUL);
-
- if (memcmp(zeros, info3->user_sess_key, 16) != 0) {
- SamOEMhash(info3->user_sess_key, cli->dc->sess_key, 16);
- } else {
- memset(info3->user_sess_key, '\0', 16);
+ result = rpccli_netr_LogonSamLogonEx(cli, mem_ctx,
+ server_name_slash,
+ global_myname(),
+ NET_LOGON_TYPE,
+ logon,
+ validation_level,
+ &validation,
+ &authoritative,
+ &flags);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
}
- if (memcmp(zeros, info3->lm_sess_key, 8) != 0) {
- SamOEMhash(info3->lm_sess_key, cli->dc->sess_key, 8);
- } else {
- memset(info3->lm_sess_key, '\0', 8);
- }
+ user_session_key = validation.sam3->base.key;
+ lmsesskey = validation.sam3->base.LMSessKey;
- for (i=0; i < 7; i++) {
- memset(&info3->unknown[i], '\0', 4);
+ if (memcmp(zeros, user_session_key.key, 16) != 0) {
+ SamOEMhash(user_session_key.key, cli->dc->sess_key, 16);
}
- /* Return results */
-
- result = r.status;
-
- return result;
-}
-
-/***************************************************************************
-LSA Server Password Set.
-****************************************************************************/
-
-NTSTATUS rpccli_net_srv_pwset(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- const char *machine_name, const uint8 hashed_mach_pwd[16])
-{
- prs_struct rbuf;
- prs_struct qbuf;
- DOM_CRED clnt_creds;
- NET_Q_SRV_PWSET q;
- NET_R_SRV_PWSET r;
- uint16 sec_chan_type = 2;
- NTSTATUS result;
-
- creds_client_step(cli->dc, &clnt_creds);
-
- DEBUG(4,("cli_net_srv_pwset: srv:%s acct:%s sc: %d mc: %s\n",
- cli->dc->remote_machine, cli->dc->mach_acct, sec_chan_type, machine_name));
-
- /* store the parameters */
- init_q_srv_pwset(&q, cli->dc->remote_machine, (const char *)cli->dc->sess_key,
- cli->dc->mach_acct, sec_chan_type, machine_name,
- &clnt_creds, hashed_mach_pwd);
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SRVPWSET,
- q, r,
- qbuf, rbuf,
- net_io_q_srv_pwset,
- net_io_r_srv_pwset,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- /* report error code */
- DEBUG(0,("cli_net_srv_pwset: %s\n", nt_errstr(result)));
+ if (memcmp(zeros, lmsesskey.key, 8) != 0) {
+ SamOEMhash(lmsesskey.key, cli->dc->sess_key, 8);
}
- /* Always check returned credentials. */
- if (!creds_client_check(cli->dc, &r.srv_cred.challenge)) {
- DEBUG(0,("rpccli_net_srv_pwset: credentials chain check failed\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
+ *info3 = validation.sam3;
return result;
+
+ return result;
}
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 40d0ac5da9..c89c5531d7 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -1807,6 +1807,7 @@ static NTSTATUS rpc_finish_auth3_bind(struct rpc_pipe_client *cli,
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("rpc_finish_auth3_bind: NTLMSSP update using server blob failed.\n"));
+ data_blob_free(&server_response);
return nt_status;
}
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index c805f00efb..62a5c72d81 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -5,6 +5,7 @@
Copyright (C) Andrew Tridgell 1992-1997,2000,
Copyright (C) Rafal Szczesniak 2002.
Copyright (C) Jeremy Allison 2005.
+ Copyright (C) Guenther Deschner 2008.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
diff --git a/source3/rpc_client/cli_srvsvc.c b/source3/rpc_client/cli_srvsvc.c
index e5d9b4cdad..524678c122 100644
--- a/source3/rpc_client/cli_srvsvc.c
+++ b/source3/rpc_client/cli_srvsvc.c
@@ -24,40 +24,6 @@
#include "includes.h"
-WERROR rpccli_srvsvc_net_srv_get_info(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- uint32 switch_value, SRV_INFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SRV_Q_NET_SRV_GET_INFO q;
- SRV_R_NET_SRV_GET_INFO r;
- WERROR result = W_ERROR(ERRgeneral);
- fstring server;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
- strupper_m(server);
-
- init_srv_q_net_srv_get_info(&q, server, switch_value);
- r.ctr = ctr;
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_SRV_GET_INFO,
- q, r,
- qbuf, rbuf,
- srv_io_q_net_srv_get_info,
- srv_io_r_net_srv_get_info,
- WERR_GENERAL_FAILURE);
-
- result = r.status;
- return result;
-}
-
WERROR rpccli_srvsvc_net_share_enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
uint32 info_level, SRV_SHARE_INFO_CTR *ctr,
int preferred_len, ENUM_HND *hnd)
@@ -464,39 +430,6 @@ WERROR rpccli_srvsvc_net_share_add(struct rpc_pipe_client *cli, TALLOC_CTX *mem_
return result;
}
-WERROR rpccli_srvsvc_net_remote_tod(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- char *server, TIME_OF_DAY_INFO *tod)
-{
- prs_struct qbuf, rbuf;
- SRV_Q_NET_REMOTE_TOD q;
- SRV_R_NET_REMOTE_TOD r;
- WERROR result = W_ERROR(ERRgeneral);
- fstring server_slash;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- slprintf(server_slash, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
- strupper_m(server_slash);
-
- init_srv_q_net_remote_tod(&q, server_slash);
- r.tod = tod;
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_REMOTE_TOD,
- q, r,
- qbuf, rbuf,
- srv_io_q_net_remote_tod,
- srv_io_r_net_remote_tod,
- WERR_GENERAL_FAILURE);
-
- result = r.status;
- return result;
-}
-
WERROR rpccli_srvsvc_net_file_enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
uint32 file_level, const char *user_name,
SRV_FILE_INFO_CTR *ctr, int preferred_len,
diff --git a/source3/rpc_client/cli_svcctl.c b/source3/rpc_client/cli_svcctl.c
index 95673c1565..b21909fd03 100644
--- a/source3/rpc_client/cli_svcctl.c
+++ b/source3/rpc_client/cli_svcctl.c
@@ -57,81 +57,6 @@ const char* svc_status_string( uint32 state )
return talloc_strdup(talloc_tos(), msg);
}
-/********************************************************************
-********************************************************************/
-
-WERROR rpccli_svcctl_open_scm(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hSCM, uint32 access_desired )
-{
- SVCCTL_Q_OPEN_SCMANAGER in;
- SVCCTL_R_OPEN_SCMANAGER out;
- prs_struct qbuf, rbuf;
- fstring server;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- /* leave the database name NULL to get the default service db */
-
- in.database = NULL;
-
- /* set the server name */
-
- if ( !(in.servername = TALLOC_P( mem_ctx, UNISTR2 )) )
- return WERR_NOMEM;
- fstr_sprintf( server, "\\\\%s", cli->cli->desthost );
- init_unistr2( in.servername, server, UNI_STR_TERMINATE );
-
- in.access = access_desired;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_OPEN_SCMANAGER_W,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_open_scmanager,
- svcctl_io_r_open_scmanager,
- WERR_GENERAL_FAILURE );
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- memcpy( hSCM, &out.handle, sizeof(POLICY_HND) );
-
- return out.status;
-}
-
-/********************************************************************
-********************************************************************/
-
-WERROR rpccli_svcctl_open_service( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hSCM, POLICY_HND *hService,
- const char *servicename, uint32 access_desired )
-{
- SVCCTL_Q_OPEN_SERVICE in;
- SVCCTL_R_OPEN_SERVICE out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hSCM, sizeof(POLICY_HND) );
- init_unistr2( &in.servicename, servicename, UNI_STR_TERMINATE );
- in.access = access_desired;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_OPEN_SERVICE_W,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_open_service,
- svcctl_io_r_open_service,
- WERR_GENERAL_FAILURE );
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- memcpy( hService, &out.handle, sizeof(POLICY_HND) );
-
- return out.status;
-}
-
/*******************************************************************
*******************************************************************/
@@ -204,36 +129,6 @@ WERROR rpccli_svcctl_enumerate_services( struct rpc_pipe_client *cli, TALLOC_CTX
/*******************************************************************
*******************************************************************/
-WERROR rpccli_svcctl_query_status( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hService, SERVICE_STATUS *status )
-{
- SVCCTL_Q_QUERY_STATUS in;
- SVCCTL_R_QUERY_STATUS out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hService, sizeof(POLICY_HND) );
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_QUERY_STATUS,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_query_status,
- svcctl_io_r_query_status,
- WERR_GENERAL_FAILURE );
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- memcpy( status, &out.svc_status, sizeof(SERVICE_STATUS) );
-
- return out.status;
-}
-
-/*******************************************************************
-*******************************************************************/
-
WERROR rpccli_svcctl_query_config(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *hService, SERVICE_CONFIG *config )
{
@@ -304,109 +199,3 @@ WERROR rpccli_svcctl_query_config(struct rpc_pipe_client *cli, TALLOC_CTX *mem_c
return out.status;
}
-
-/*******************************************************************
-*******************************************************************/
-
-WERROR rpccli_svcctl_start_service( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hService,
- const char **parm_array, uint32 parmcount )
-{
- SVCCTL_Q_START_SERVICE in;
- SVCCTL_R_START_SERVICE out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hService, sizeof(POLICY_HND) );
-
- in.parmcount = 0;
- in.parameters = NULL;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_START_SERVICE_W,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_start_service,
- svcctl_io_r_start_service,
- WERR_GENERAL_FAILURE );
-
- return out.status;
-}
-
-/*******************************************************************
-*******************************************************************/
-
-WERROR rpccli_svcctl_control_service( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hService, uint32 control,
- SERVICE_STATUS *status )
-{
- SVCCTL_Q_CONTROL_SERVICE in;
- SVCCTL_R_CONTROL_SERVICE out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hService, sizeof(POLICY_HND) );
- in.control = control;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_CONTROL_SERVICE,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_control_service,
- svcctl_io_r_control_service,
- WERR_GENERAL_FAILURE );
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- memcpy( status, &out.svc_status, sizeof(SERVICE_STATUS) );
-
- return out.status;
-}
-
-
-/*******************************************************************
-*******************************************************************/
-
-WERROR rpccli_svcctl_get_dispname( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hService, fstring displayname )
-{
- SVCCTL_Q_GET_DISPLAY_NAME in;
- SVCCTL_R_GET_DISPLAY_NAME out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hService, sizeof(POLICY_HND) );
- in.display_name_len = 0;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_GET_DISPLAY_NAME,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_get_display_name,
- svcctl_io_r_get_display_name,
- WERR_GENERAL_FAILURE );
-
- /* second time with correct buffer size...should be ok */
-
- if ( W_ERROR_EQUAL( out.status, WERR_INSUFFICIENT_BUFFER ) ) {
- in.display_name_len = out.display_name_len;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_GET_DISPLAY_NAME,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_get_display_name,
- svcctl_io_r_get_display_name,
- WERR_GENERAL_FAILURE );
- }
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- rpcstr_pull( displayname, out.displayname.buffer, sizeof(displayname), -1, STR_TERMINATE );
-
- return out.status;
-}
diff --git a/source3/rpc_client/init_lsa.c b/source3/rpc_client/init_lsa.c
index 0af85c0373..2637158fd0 100644
--- a/source3/rpc_client/init_lsa.c
+++ b/source3/rpc_client/init_lsa.c
@@ -46,3 +46,81 @@ void init_lsa_AsciiString(struct lsa_AsciiString *name, const char *s)
name->string = s;
}
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_lsa_AsciiStringLarge(struct lsa_AsciiStringLarge *name, const char *s)
+{
+ name->string = s;
+}
+
+/*******************************************************************
+ Inits an lsa_QosInfo structure.
+********************************************************************/
+
+void init_lsa_sec_qos(struct lsa_QosInfo *r,
+ uint32_t len,
+ uint16_t impersonation_level,
+ uint8_t context_mode,
+ uint8_t effective_only)
+{
+ DEBUG(5, ("init_lsa_sec_qos\n"));
+
+ r->len = len;
+ r->impersonation_level = impersonation_level;
+ r->context_mode = context_mode;
+ r->effective_only = effective_only;
+}
+
+/*******************************************************************
+ Inits an lsa_ObjectAttribute structure.
+********************************************************************/
+
+void init_lsa_obj_attr(struct lsa_ObjectAttribute *r,
+ uint32_t len,
+ uint8_t *root_dir,
+ const char *object_name,
+ uint32_t attributes,
+ struct security_descriptor *sec_desc,
+ struct lsa_QosInfo *sec_qos)
+{
+ DEBUG(5,("init_lsa_obj_attr\n"));
+
+ r->len = len;
+ r->root_dir = root_dir;
+ r->object_name = object_name;
+ r->attributes = attributes;
+ r->sec_desc = sec_desc;
+ r->sec_qos = sec_qos;
+}
+
+/*******************************************************************
+ Inits a lsa_TranslatedSid structure.
+********************************************************************/
+
+void init_lsa_translated_sid(struct lsa_TranslatedSid *r,
+ enum lsa_SidType sid_type,
+ uint32_t rid,
+ uint32_t sid_index)
+{
+ r->sid_type = sid_type;
+ r->rid = rid;
+ r->sid_index = sid_index;
+}
+
+/*******************************************************************
+ Inits a lsa_TranslatedName2 structure.
+********************************************************************/
+
+void init_lsa_translated_name2(struct lsa_TranslatedName2 *r,
+ enum lsa_SidType sid_type,
+ const char *name,
+ uint32_t sid_index,
+ uint32_t unknown)
+{
+ r->sid_type = sid_type;
+ init_lsa_String(&r->name, name);
+ r->sid_index = sid_index;
+ r->unknown = unknown;
+}
diff --git a/source3/rpc_client/init_netlogon.c b/source3/rpc_client/init_netlogon.c
new file mode 100644
index 0000000000..62f1fac626
--- /dev/null
+++ b/source3/rpc_client/init_netlogon.c
@@ -0,0 +1,220 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * RPC Pipe client / server routines
+ * Copyright (C) Guenther Deschner 2008.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_netr_SamBaseInfo(struct netr_SamBaseInfo *r,
+ NTTIME last_logon,
+ NTTIME last_logoff,
+ NTTIME acct_expiry,
+ NTTIME last_password_change,
+ NTTIME allow_password_change,
+ NTTIME force_password_change,
+ const char *account_name,
+ const char *full_name,
+ const char *logon_script,
+ const char *profile_path,
+ const char *home_directory,
+ const char *home_drive,
+ uint16_t logon_count,
+ uint16_t bad_password_count,
+ uint32_t rid,
+ uint32_t primary_gid,
+ struct samr_RidWithAttributeArray groups,
+ uint32_t user_flags,
+ struct netr_UserSessionKey key,
+ const char *logon_server,
+ const char *domain,
+ struct dom_sid2 *domain_sid,
+ struct netr_LMSessionKey LMSessKey,
+ uint32_t acct_flags)
+{
+ r->last_logon = last_logon;
+ r->last_logoff = last_logoff;
+ r->acct_expiry = acct_expiry;
+ r->last_password_change = last_password_change;
+ r->allow_password_change = allow_password_change;
+ r->force_password_change = force_password_change;
+ init_lsa_String(&r->account_name, account_name);
+ init_lsa_String(&r->full_name, full_name);
+ init_lsa_String(&r->logon_script, logon_script);
+ init_lsa_String(&r->profile_path, profile_path);
+ init_lsa_String(&r->home_directory, home_directory);
+ init_lsa_String(&r->home_drive, home_drive);
+ r->logon_count = logon_count;
+ r->bad_password_count = bad_password_count;
+ r->rid = rid;
+ r->primary_gid = primary_gid;
+ r->groups = groups;
+ r->user_flags = user_flags;
+ r->key = key;
+ init_lsa_StringLarge(&r->logon_server, logon_server);
+ init_lsa_StringLarge(&r->domain, domain);
+ r->domain_sid = domain_sid;
+ r->LMSessKey = LMSessKey;
+ r->acct_flags = acct_flags;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_netr_SamInfo3(struct netr_SamInfo3 *r,
+ NTTIME last_logon,
+ NTTIME last_logoff,
+ NTTIME acct_expiry,
+ NTTIME last_password_change,
+ NTTIME allow_password_change,
+ NTTIME force_password_change,
+ const char *account_name,
+ const char *full_name,
+ const char *logon_script,
+ const char *profile_path,
+ const char *home_directory,
+ const char *home_drive,
+ uint16_t logon_count,
+ uint16_t bad_password_count,
+ uint32_t rid,
+ uint32_t primary_gid,
+ struct samr_RidWithAttributeArray groups,
+ uint32_t user_flags,
+ struct netr_UserSessionKey key,
+ const char *logon_server,
+ const char *domain,
+ struct dom_sid2 *domain_sid,
+ struct netr_LMSessionKey LMSessKey,
+ uint32_t acct_flags,
+ uint32_t sidcount,
+ struct netr_SidAttr *sids)
+{
+ init_netr_SamBaseInfo(&r->base,
+ last_logon,
+ last_logoff,
+ acct_expiry,
+ last_password_change,
+ allow_password_change,
+ force_password_change,
+ account_name,
+ full_name,
+ logon_script,
+ profile_path,
+ home_directory,
+ home_drive,
+ logon_count,
+ bad_password_count,
+ rid,
+ primary_gid,
+ groups,
+ user_flags,
+ key,
+ logon_server,
+ domain,
+ domain_sid,
+ LMSessKey,
+ acct_flags);
+ r->sidcount = sidcount;
+ r->sids = sids;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_netr_IdentityInfo(struct netr_IdentityInfo *r,
+ const char *domain_name,
+ uint32_t parameter_control,
+ uint32_t logon_id_low,
+ uint32_t logon_id_high,
+ const char *account_name,
+ const char *workstation)
+{
+ init_lsa_String(&r->domain_name, domain_name);
+ r->parameter_control = parameter_control;
+ r->logon_id_low = logon_id_low;
+ r->logon_id_high = logon_id_high;
+ init_lsa_String(&r->account_name, account_name);
+ init_lsa_String(&r->workstation, workstation);
+}
+
+/*******************************************************************
+ inits a structure.
+ This is a network logon packet. The log_id parameters
+ are what an NT server would generate for LUID once the
+ user is logged on. I don't think we care about them.
+
+ Note that this has no access to the NT and LM hashed passwords,
+ so it forwards the challenge, and the NT and LM responses (24
+ bytes each) over the secure channel to the Domain controller
+ for it to say yea or nay. This is the preferred method of
+ checking for a logon as it doesn't export the password
+ hashes to anyone who has compromised the secure channel. JRA.
+
+********************************************************************/
+
+void init_netr_NetworkInfo(struct netr_NetworkInfo *r,
+ const char *domain_name,
+ uint32_t parameter_control,
+ uint32_t logon_id_low,
+ uint32_t logon_id_high,
+ const char *account_name,
+ const char *workstation,
+ uint8_t challenge[8],
+ struct netr_ChallengeResponse nt,
+ struct netr_ChallengeResponse lm)
+{
+ init_netr_IdentityInfo(&r->identity_info,
+ domain_name,
+ parameter_control,
+ logon_id_low,
+ logon_id_high,
+ account_name,
+ workstation);
+ memcpy(r->challenge, challenge, 8);
+ r->nt = nt;
+ r->lm = lm;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_netr_PasswordInfo(struct netr_PasswordInfo *r,
+ const char *domain_name,
+ uint32_t parameter_control,
+ uint32_t logon_id_low,
+ uint32_t logon_id_high,
+ const char *account_name,
+ const char *workstation,
+ struct samr_Password lmpassword,
+ struct samr_Password ntpassword)
+{
+ init_netr_IdentityInfo(&r->identity_info,
+ domain_name,
+ parameter_control,
+ logon_id_low,
+ logon_id_high,
+ account_name,
+ workstation);
+ r->lmpassword = lmpassword;
+ r->ntpassword = ntpassword;
+}
diff --git a/source3/rpc_client/init_srvsvc.c b/source3/rpc_client/init_srvsvc.c
new file mode 100644
index 0000000000..5e868ffd2b
--- /dev/null
+++ b/source3/rpc_client/init_srvsvc.c
@@ -0,0 +1,119 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * RPC Pipe client / server routines
+ * Copyright (C) Guenther Deschner 2008.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+/*******************************************************************
+ inits a srvsvc_NetSrvInfo102 structure
+********************************************************************/
+
+void init_srvsvc_NetSrvInfo102(struct srvsvc_NetSrvInfo102 *r,
+ enum srvsvc_PlatformId platform_id,
+ const char *server_name,
+ uint32_t version_major,
+ uint32_t version_minor,
+ uint32_t server_type,
+ const char *comment,
+ uint32_t users,
+ uint32_t disc,
+ uint32_t hidden,
+ uint32_t announce,
+ uint32_t anndelta,
+ uint32_t licenses,
+ const char *userpath)
+{
+ r->platform_id = platform_id;
+ r->server_name = server_name;
+ r->version_major = version_major;
+ r->version_minor = version_minor;
+ r->server_type = server_type;
+ r->comment = comment;
+ r->users = users;
+ r->disc = disc;
+ r->hidden = hidden;
+ r->announce = announce;
+ r->anndelta = anndelta;
+ r->licenses = licenses;
+ r->userpath = userpath;
+}
+
+/*******************************************************************
+ inits a srvsvc_NetSrvInfo101 structure
+********************************************************************/
+
+void init_srvsvc_NetSrvInfo101(struct srvsvc_NetSrvInfo101 *r,
+ enum srvsvc_PlatformId platform_id,
+ const char *server_name,
+ uint32_t version_major,
+ uint32_t version_minor,
+ uint32_t server_type,
+ const char *comment)
+{
+ r->platform_id = platform_id;
+ r->server_name = server_name;
+ r->version_major = version_major;
+ r->version_minor = version_minor;
+ r->server_type = server_type;
+ r->comment = comment;
+}
+
+/*******************************************************************
+ inits a srvsvc_NetSrvInfo100 structure
+********************************************************************/
+
+void init_srvsvc_NetSrvInfo100(struct srvsvc_NetSrvInfo100 *r,
+ enum srvsvc_PlatformId platform_id,
+ const char *server_name)
+{
+ r->platform_id = platform_id;
+ r->server_name = server_name;
+}
+
+/*******************************************************************
+ inits a srvsvc_NetRemoteTODInfo structure
+ ********************************************************************/
+
+void init_srvsvc_NetRemoteTODInfo(struct srvsvc_NetRemoteTODInfo *r,
+ uint32_t elapsed,
+ uint32_t msecs,
+ uint32_t hours,
+ uint32_t mins,
+ uint32_t secs,
+ uint32_t hunds,
+ int32_t ttimezone,
+ uint32_t tinterval,
+ uint32_t day,
+ uint32_t month,
+ uint32_t year,
+ uint32_t weekday)
+{
+ r->elapsed = elapsed;
+ r->msecs = msecs;
+ r->hours = hours;
+ r->mins = mins;
+ r->secs = secs;
+ r->hunds = hunds;
+ r->timezone = ttimezone;
+ r->tinterval = tinterval;
+ r->day = day;
+ r->month = month;
+ r->year = year;
+ r->weekday = weekday;
+}
+
generated by cgit (git 2.34.1) at 2024-11-09 04:46:59 +0000