diff options
| author | Luke Leighton <lkcl@samba.org> | 1999-03-12 05:47:06 +0000 |
|---|---|---|
| committer | Luke Leighton <lkcl@samba.org> | 1999-03-12 05:47:06 +0000 |
| commit | 6e88171bace32ea2f01367e86d87e1c70892084b (patch) | |
| tree | 59f5c7672a929b0cabf11dc6572080a06a796a4f /source3/rpc_client | |
| parent | 0aaf5a368c1b654a7560b19095481199a426530e (diff) | |
| download | samba-6e88171bace32ea2f01367e86d87e1c70892084b.tar.gz samba-6e88171bace32ea2f01367e86d87e1c70892084b.tar.bz2 samba-6e88171bace32ea2f01367e86d87e1c70892084b.zip | |
new "domtrust" test command. r&d into inter-domain trust accounts.
(This used to be commit 65b0abe8b7594ff6c662da86dc2e35bd83a2d13d)
Diffstat (limited to 'source3/rpc_client')
| -rw-r--r-- | source3/rpc_client/cli_login.c | 15 | ||||
| -rw-r--r-- | source3/rpc_client/cli_netlogon.c | 10 |
2 files changed, 15 insertions, 10 deletions
diff --git a/source3/rpc_client/cli_login.c b/source3/rpc_client/cli_login.c index 4520607898..3769f44e18 100644 --- a/source3/rpc_client/cli_login.c +++ b/source3/rpc_client/cli_login.c @@ -29,7 +29,10 @@ extern int DEBUGLEVEL; Initialize domain session credentials. ****************************************************************************/ -BOOL cli_nt_setup_creds(struct cli_state *cli, uint16 fnum, unsigned char mach_pwd[16]) +BOOL cli_nt_setup_creds(struct cli_state *cli, uint16 fnum, + const char* trust_acct, + unsigned char trust_pwd[16], + uint16 sec_chan) { DOM_CHAL clnt_chal; DOM_CHAL srv_chal; @@ -50,7 +53,7 @@ BOOL cli_nt_setup_creds(struct cli_state *cli, uint16 fnum, unsigned char mach_p /**************** Long-term Session key **************/ /* calculate the session key */ - cred_session_key(&clnt_chal, &srv_chal, (char *)mach_pwd, cli->sess_key); + cred_session_key(&clnt_chal, &srv_chal, (char *)trust_pwd, cli->sess_key); bzero(cli->sess_key+8, 8); /******************* Authenticate 2 ********************/ @@ -64,7 +67,7 @@ BOOL cli_nt_setup_creds(struct cli_state *cli, uint16 fnum, unsigned char mach_p * Receive an auth-2 challenge response and check it. */ - if (!cli_net_auth2(cli, fnum, SEC_CHAN_WKSTA, 0x000001ff, &srv_chal)) + if (!cli_net_auth2(cli, fnum, trust_acct, sec_chan, 0x000001ff, &srv_chal)) { DEBUG(0,("cli_nt_setup_creds: auth2 challenge failed\n")); return False; @@ -77,18 +80,18 @@ BOOL cli_nt_setup_creds(struct cli_state *cli, uint16 fnum, unsigned char mach_p Set machine password. ****************************************************************************/ -BOOL cli_nt_srv_pwset(struct cli_state *cli, uint16 fnum, unsigned char *new_hashof_mach_pwd) +BOOL cli_nt_srv_pwset(struct cli_state *cli, uint16 fnum, unsigned char *new_hashof_trust_pwd) { unsigned char processed_new_pwd[16]; DEBUG(5,("cli_nt_srv_pwset: %d\n", __LINE__)); #ifdef DEBUG_PASSWORD - dump_data(6, new_hashof_mach_pwd, 16); + dump_data(6, new_hashof_trust_pwd, 16); #endif /* Process the new password. */ - cred_hash3( processed_new_pwd, new_hashof_mach_pwd, cli->sess_key, 1); + cred_hash3( processed_new_pwd, new_hashof_trust_pwd, cli->sess_key, 1); /* send client srv_pwset challenge */ return cli_net_srv_pwset(cli, fnum, processed_new_pwd); diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index 750265483c..ff9fc3c5ed 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -110,8 +110,9 @@ Ensure that the server credential returned matches the session key encrypt of the server challenge originally received. JRA. ****************************************************************************/ -BOOL cli_net_auth2(struct cli_state *cli, uint16 nt_pipe_fnum, uint16 sec_chan, - uint32 neg_flags, DOM_CHAL *srv_chal) +BOOL cli_net_auth2(struct cli_state *cli, uint16 nt_pipe_fnum, + const char *trust_acct, uint16 sec_chan, + uint32 neg_flags, DOM_CHAL *srv_chal) { prs_struct rbuf; prs_struct buf; @@ -128,7 +129,7 @@ BOOL cli_net_auth2(struct cli_state *cli, uint16 nt_pipe_fnum, uint16 sec_chan, credstr(cli->clnt_cred.challenge.data), neg_flags)); /* store the parameters */ - make_q_auth_2(&q_a, cli->srv_name_slash, cli->mach_acct, sec_chan, global_myname, + make_q_auth_2(&q_a, cli->srv_name_slash, trust_acct, sec_chan, global_myname, &cli->clnt_cred.challenge, neg_flags); /* turn parameters into data stream */ @@ -573,7 +574,8 @@ machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli))); return False; } - if(cli_nt_setup_creds(&cli, nt_pipe_fnum, orig_trust_passwd_hash) == False) { + if(cli_nt_setup_creds(&cli, nt_pipe_fnum, + cli.mach_acct, orig_trust_passwd_hash, SEC_CHAN_WKSTA) == False) { DEBUG(0,("modify_trust_password: unable to setup the PDC credentials to machine \ %s. Error was : %s.\n", remote_machine, cli_errstr(&cli))); cli_nt_session_close(&cli, nt_pipe_fnum); |