summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_netlog_nt.c
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2009-10-17 10:36:33 -0700
committerJeremy Allison <jra@samba.org>2009-10-17 10:36:33 -0700
commit7c51fa6d699a653cafa90df8e44911b576118ebd (patch)
tree543bf9ca698e03eff81104898b33e77f1abed319 /source3/rpc_server/srv_netlog_nt.c
parentcc3a6770c77ec8fe1cd63bf4c682853c56201f0c (diff)
parent3e3214fd91471bca5b6c4d3782e922d252d588fb (diff)
downloadsamba-7c51fa6d699a653cafa90df8e44911b576118ebd.tar.gz
samba-7c51fa6d699a653cafa90df8e44911b576118ebd.tar.bz2
samba-7c51fa6d699a653cafa90df8e44911b576118ebd.zip
Merge branch 'master' of ssh://jra@git.samba.org/data/git/samba
Diffstat (limited to 'source3/rpc_server/srv_netlog_nt.c')
-rw-r--r--source3/rpc_server/srv_netlog_nt.c186
1 files changed, 109 insertions, 77 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 9169c74534..491754f76a 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -116,103 +116,105 @@ WERROR _netr_LogonControl2Ex(pipes_struct *p,
const char *fn;
switch (p->hdr_req.opnum) {
- case NDR_NETR_LOGONCONTROL:
- fn = "_netr_LogonControl";
- break;
- case NDR_NETR_LOGONCONTROL2:
- fn = "_netr_LogonControl2";
- break;
- case NDR_NETR_LOGONCONTROL2EX:
- fn = "_netr_LogonControl2Ex";
- break;
- default:
- return WERR_INVALID_PARAM;
+ case NDR_NETR_LOGONCONTROL:
+ fn = "_netr_LogonControl";
+ break;
+ case NDR_NETR_LOGONCONTROL2:
+ fn = "_netr_LogonControl2";
+ break;
+ case NDR_NETR_LOGONCONTROL2EX:
+ fn = "_netr_LogonControl2Ex";
+ break;
+ default:
+ return WERR_INVALID_PARAM;
}
tc_status = WERR_NO_SUCH_DOMAIN;
switch (r->in.function_code) {
- case NETLOGON_CONTROL_TC_QUERY:
- domain = r->in.data->domain;
+ case NETLOGON_CONTROL_TC_QUERY:
+ domain = r->in.data->domain;
- if ( !is_trusted_domain( domain ) )
- break;
+ if (!is_trusted_domain(domain)) {
+ break;
+ }
- if ( !get_dc_name( domain, NULL, dc_name2, &dc_ss ) ) {
- tc_status = WERR_NO_LOGON_SERVERS;
- break;
- }
+ if (!get_dc_name(domain, NULL, dc_name2, &dc_ss)) {
+ tc_status = WERR_NO_LOGON_SERVERS;
+ break;
+ }
- dc_name = talloc_asprintf(p->mem_ctx, "\\\\%s", dc_name2);
- if (!dc_name) {
- return WERR_NOMEM;
- }
+ dc_name = talloc_asprintf(p->mem_ctx, "\\\\%s", dc_name2);
+ if (!dc_name) {
+ return WERR_NOMEM;
+ }
- tc_status = WERR_OK;
+ tc_status = WERR_OK;
- break;
+ break;
- case NETLOGON_CONTROL_REDISCOVER:
- domain = r->in.data->domain;
+ case NETLOGON_CONTROL_REDISCOVER:
+ domain = r->in.data->domain;
- if ( !is_trusted_domain( domain ) )
- break;
+ if (!is_trusted_domain(domain)) {
+ break;
+ }
- if ( !get_dc_name( domain, NULL, dc_name2, &dc_ss ) ) {
- tc_status = WERR_NO_LOGON_SERVERS;
- break;
- }
+ if (!get_dc_name(domain, NULL, dc_name2, &dc_ss)) {
+ tc_status = WERR_NO_LOGON_SERVERS;
+ break;
+ }
- dc_name = talloc_asprintf(p->mem_ctx, "\\\\%s", dc_name2);
- if (!dc_name) {
- return WERR_NOMEM;
- }
+ dc_name = talloc_asprintf(p->mem_ctx, "\\\\%s", dc_name2);
+ if (!dc_name) {
+ return WERR_NOMEM;
+ }
- tc_status = WERR_OK;
+ tc_status = WERR_OK;
- break;
+ break;
- default:
- /* no idea what this should be */
- DEBUG(0,("%s: unimplemented function level [%d]\n",
- fn, r->in.function_code));
- return WERR_UNKNOWN_LEVEL;
+ default:
+ /* no idea what this should be */
+ DEBUG(0,("%s: unimplemented function level [%d]\n",
+ fn, r->in.function_code));
+ return WERR_UNKNOWN_LEVEL;
}
/* prepare the response */
switch (r->in.level) {
- case 1:
- info1 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_1);
- W_ERROR_HAVE_NO_MEMORY(info1);
+ case 1:
+ info1 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_1);
+ W_ERROR_HAVE_NO_MEMORY(info1);
- info1->flags = flags;
- info1->pdc_connection_status = pdc_connection_status;
+ info1->flags = flags;
+ info1->pdc_connection_status = pdc_connection_status;
- r->out.query->info1 = info1;
- break;
- case 2:
- info2 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_2);
- W_ERROR_HAVE_NO_MEMORY(info2);
+ r->out.query->info1 = info1;
+ break;
+ case 2:
+ info2 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_2);
+ W_ERROR_HAVE_NO_MEMORY(info2);
- info2->flags = flags;
- info2->pdc_connection_status = pdc_connection_status;
- info2->trusted_dc_name = dc_name;
- info2->tc_connection_status = tc_status;
+ info2->flags = flags;
+ info2->pdc_connection_status = pdc_connection_status;
+ info2->trusted_dc_name = dc_name;
+ info2->tc_connection_status = tc_status;
- r->out.query->info2 = info2;
- break;
- case 3:
- info3 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_3);
- W_ERROR_HAVE_NO_MEMORY(info3);
+ r->out.query->info2 = info2;
+ break;
+ case 3:
+ info3 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_3);
+ W_ERROR_HAVE_NO_MEMORY(info3);
- info3->flags = flags;
- info3->logon_attempts = logon_attempts;
+ info3->flags = flags;
+ info3->logon_attempts = logon_attempts;
- r->out.query->info3 = info3;
- break;
- default:
- return WERR_UNKNOWN_LEVEL;
+ r->out.query->info3 = info3;
+ break;
+ default:
+ return WERR_UNKNOWN_LEVEL;
}
if (lp_server_role() == ROLE_DOMAIN_BDC) {
@@ -229,20 +231,47 @@ WERROR _netr_LogonControl2Ex(pipes_struct *p,
WERROR _netr_NetrEnumerateTrustedDomains(pipes_struct *p,
struct netr_NetrEnumerateTrustedDomains *r)
{
- struct netr_Blob trusted_domains_blob;
+ NTSTATUS status;
DATA_BLOB blob;
+ struct trustdom_info **domains;
+ uint32_t num_domains;
+ const char **trusted_domains;
+ int i;
DEBUG(6,("_netr_NetrEnumerateTrustedDomains: %d\n", __LINE__));
/* set up the Trusted Domain List response */
- blob = data_blob_talloc_zero(p->mem_ctx, 2);
- trusted_domains_blob.data = blob.data;
- trusted_domains_blob.length = blob.length;
+ become_root();
+ status = pdb_enum_trusteddoms(p->mem_ctx, &num_domains, &domains);
+ unbecome_root();
- DEBUG(6,("_netr_NetrEnumerateTrustedDomains: %d\n", __LINE__));
+ if (!NT_STATUS_IS_OK(status)) {
+ return ntstatus_to_werror(status);
+ }
+
+ trusted_domains = talloc_zero_array(p->mem_ctx, const char *, num_domains + 1);
+ if (!trusted_domains) {
+ return WERR_NOMEM;
+ }
+
+ for (i = 0; i < num_domains; i++) {
+ trusted_domains[i] = talloc_strdup(trusted_domains, domains[i]->name);
+ if (!trusted_domains[i]) {
+ TALLOC_FREE(trusted_domains);
+ return WERR_NOMEM;
+ }
+ }
+
+ if (!push_reg_multi_sz(trusted_domains, &blob, trusted_domains)) {
+ TALLOC_FREE(trusted_domains);
+ return WERR_NOMEM;
+ }
- *r->out.trusted_domains_blob = trusted_domains_blob;
+ r->out.trusted_domains_blob->data = blob.data;
+ r->out.trusted_domains_blob->length = blob.length;
+
+ DEBUG(6,("_netr_NetrEnumerateTrustedDomains: %d\n", __LINE__));
return WERR_OK;
}
@@ -252,7 +281,7 @@ WERROR _netr_NetrEnumerateTrustedDomains(pipes_struct *p,
******************************************************************/
static NTSTATUS get_md4pw(struct samr_Password *md4pw, const char *mach_acct,
- uint16_t sec_chan_type, struct dom_sid *sid)
+ enum netr_SchannelType sec_chan_type, struct dom_sid *sid)
{
struct samu *sampass = NULL;
const uint8 *pass;
@@ -798,6 +827,7 @@ NTSTATUS _netr_ServerPasswordSet2(pipes_struct *p,
struct samu *sampass;
DATA_BLOB plaintext;
struct samr_CryptPassword password_buf;
+ struct samr_Password nt_hash;
become_root();
status = netr_creds_server_step_check(p, p->mem_ctx,
@@ -823,6 +853,8 @@ NTSTATUS _netr_ServerPasswordSet2(pipes_struct *p,
return NT_STATUS_WRONG_PASSWORD;
}
+ mdfour(nt_hash.hash, plaintext.data, plaintext.length);
+
status = netr_find_machine_account(p->mem_ctx,
creds->account_name,
&sampass);
@@ -832,8 +864,8 @@ NTSTATUS _netr_ServerPasswordSet2(pipes_struct *p,
status = netr_set_machine_account_password(sampass,
sampass,
- &plaintext,
NULL,
+ &nt_hash,
NULL);
TALLOC_FREE(sampass);
return status;