Rework Samba3 to use new libcli/auth code (partial)

This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).

We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server

Andrew Bartlett

5 files changed, 21 insertions, 16 deletions

diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index 5f115e537b..00d7f8515b 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -21,6 +21,7 @@
 */
 
 #include "includes.h"
+#include "../libcli/auth/libcli_auth.h"
 
 /****************************************************************************
  Wrapper function that uses the auth and auth2 calls to set up a NETLOGON
@@ -40,7 +41,7 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
 	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 	struct netr_Credential clnt_chal_send;
 	struct netr_Credential srv_chal_recv;
-	struct dcinfo *dc;
+	struct netr_Credentials *dc;
 	bool retried = false;
 
 	SMB_ASSERT(ndr_syntax_id_equal(&cli->abstract_syntax,
@@ -203,9 +204,9 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
 		memcpy(key, cli->dc->sess_key, 8);
 
 		memcpy(lm_owf, lm_owf_user_pwd, 16);
-		SamOEMhash(lm_owf, key, 16);
+		arcfour_crypt(lm_owf, key, 16);
 		memcpy(nt_owf, nt_owf_user_pwd, 16);
-		SamOEMhash(nt_owf, key, 16);
+		arcfour_crypt(nt_owf, key, 16);
 
 #ifdef DEBUG_PASSWORD
 		DEBUG(100,("encrypt of lm owf password:"));
@@ -408,12 +409,12 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
 	}
 
 	if (memcmp(zeros, validation.sam3->base.key.key, 16) != 0) {
-		SamOEMhash(validation.sam3->base.key.key,
+		arcfour_crypt(validation.sam3->base.key.key,
 			   cli->dc->sess_key, 16);
 	}
 
 	if (memcmp(zeros, validation.sam3->base.LMSessKey.key, 8) != 0) {
-		SamOEMhash(validation.sam3->base.LMSessKey.key,
+		arcfour_crypt(validation.sam3->base.LMSessKey.key,
 			   cli->dc->sess_key, 8);
 	}
 
@@ -525,12 +526,12 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
 	}
 
 	if (memcmp(zeros, validation.sam3->base.key.key, 16) != 0) {
-		SamOEMhash(validation.sam3->base.key.key,
+		arcfour_crypt(validation.sam3->base.key.key,
 			   cli->dc->sess_key, 16);
 	}
 
 	if (memcmp(zeros, validation.sam3->base.LMSessKey.key, 8) != 0) {
-		SamOEMhash(validation.sam3->base.LMSessKey.key,
+		arcfour_crypt(validation.sam3->base.LMSessKey.key,
 			   cli->dc->sess_key, 8);
 	}
 
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index a8cc33f585..2832a6d1c3 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -18,6 +18,7 @@
  */
 
 #include "includes.h"
+#include "../libcli/auth/libcli_auth.h"
 #include "librpc/gen_ndr/cli_epmapper.h"
 
 #undef DBGC_CLASS
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index 86bc041374..5a0dff2965 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -22,6 +22,7 @@
 */
 
 #include "includes.h"
+#include "../libcli/auth/libcli_auth.h"
 
 /* User change password */
 
@@ -115,7 +116,7 @@ NTSTATUS rpccli_samr_chgpasswd_user2(struct rpc_pipe_client *cli,
 
 		encode_pw_buffer(new_lm_password.data, newpassword, STR_UNICODE);
 
-		SamOEMhash(new_lm_password.data, old_nt_hash, 516);
+		arcfour_crypt(new_lm_password.data, old_nt_hash, 516);
 		E_old_pw_hash(new_nt_hash, old_lanman_hash, old_lanman_hash_enc.hash);
 	} else {
 		ZERO_STRUCT(new_lm_password);
@@ -124,7 +125,7 @@ NTSTATUS rpccli_samr_chgpasswd_user2(struct rpc_pipe_client *cli,
 
 	encode_pw_buffer(new_nt_password.data, newpassword, STR_UNICODE);
 
-	SamOEMhash(new_nt_password.data, old_nt_hash, 516);
+	arcfour_crypt(new_nt_password.data, old_nt_hash, 516);
 	E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash);
 
 	result = rpccli_samr_ChangePasswordUser2(cli, mem_ctx,
@@ -221,7 +222,7 @@ NTSTATUS rpccli_samr_chgpasswd_user3(struct rpc_pipe_client *cli,
 
 		encode_pw_buffer(new_lm_password.data, newpassword, STR_UNICODE);
 
-		SamOEMhash(new_lm_password.data, old_nt_hash, 516);
+		arcfour_crypt(new_lm_password.data, old_nt_hash, 516);
 		E_old_pw_hash(new_nt_hash, old_lanman_hash, old_lanman_hash_enc.hash);
 	} else {
 		ZERO_STRUCT(new_lm_password);
@@ -230,7 +231,7 @@ NTSTATUS rpccli_samr_chgpasswd_user3(struct rpc_pipe_client *cli,
 
 	encode_pw_buffer(new_nt_password.data, newpassword, STR_UNICODE);
 
-	SamOEMhash(new_nt_password.data, old_nt_hash, 516);
+	arcfour_crypt(new_nt_password.data, old_nt_hash, 516);
 	E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash);
 
 	status = rpccli_samr_ChangePasswordUser3(cli, mem_ctx,
diff --git a/source3/rpc_client/init_netlogon.c b/source3/rpc_client/init_netlogon.c
index 793b9c7de5..cb49381eac 100644
--- a/source3/rpc_client/init_netlogon.c
+++ b/source3/rpc_client/init_netlogon.c
@@ -18,6 +18,7 @@
  */
 
 #include "includes.h"
+#include "../libcli/auth/libcli_auth.h"
 
 /*******************************************************************
  inits a structure.
@@ -259,7 +260,7 @@ NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
 		       MIN(sizeof(user_session_key.key),
 			   server_info->user_session_key.length));
 		if (pipe_session_key) {
-			SamOEMhash(user_session_key.key, pipe_session_key, 16);
+			arcfour_crypt(user_session_key.key, pipe_session_key, 16);
 		}
 	}
 	if (server_info->lm_session_key.length) {
@@ -268,7 +269,7 @@ NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
 		       MIN(sizeof(lm_session_key.key),
 			   server_info->lm_session_key.length));
 		if (pipe_session_key) {
-			SamOEMhash(lm_session_key.key, pipe_session_key, 8);
+			arcfour_crypt(lm_session_key.key, pipe_session_key, 8);
 		}
 	}
 
@@ -418,7 +419,7 @@ void init_netr_CryptPassword(const char *pwd,
 
 	encode_pw_buffer(password_buf.data, pwd, STR_UNICODE);
 
-	SamOEMhash(password_buf.data, session_key, 516);
+	arcfour_crypt(password_buf.data, session_key, 516);
 	memcpy(pwd_buf->data, password_buf.data, 512);
 	pwd_buf->length = IVAL(password_buf.data, 512);
 }
diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c
index ecc6310510..6843869965 100644
--- a/source3/rpc_client/init_samr.c
+++ b/source3/rpc_client/init_samr.c
@@ -18,6 +18,7 @@
  */
 
 #include "includes.h"
+#include "../libcli/auth/libcli_auth.h"
 
 /*************************************************************************
  inits a samr_CryptPasswordEx structure
@@ -44,7 +45,7 @@ void init_samr_CryptPasswordEx(const char *pwd,
 			    session_key->length);
 	MD5Final(confounded_session_key.data, &md5_ctx);
 
-	SamOEMhashBlob(pwbuf, 516, &confounded_session_key);
+	arcfour_crypt_blob(pwbuf, 516, &confounded_session_key);
 	memcpy(&pwbuf[516], confounder, 16);
 
 	memcpy(pwd_buf->data, pwbuf, sizeof(pwbuf));
@@ -62,5 +63,5 @@ void init_samr_CryptPassword(const char *pwd,
 	/* samr_CryptPassword */
 
 	encode_pw_buffer(pwd_buf->data, pwd, STR_UNICODE);
-	SamOEMhashBlob(pwd_buf->data, 516, session_key);
+	arcfour_crypt_blob(pwd_buf->data, 516, session_key);
 }