diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2006-01-12 09:33:49 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:50:55 -0500 |
| commit | a5a79e8b8cbdf24d5c2db45ece4110ed5d85e58f (patch) | |
| tree | 71b27ab4d11e2fc537b0ccf5d4e9c75dcc9757eb /source4/libnet/libnet_samdump.c | |
| parent | 4c6b9c79ff5d35e1d03ad5eb543db4b6b906b5ce (diff) | |
| download | samba-a5a79e8b8cbdf24d5c2db45ece4110ed5d85e58f.tar.gz samba-a5a79e8b8cbdf24d5c2db45ece4110ed5d85e58f.tar.bz2 samba-a5a79e8b8cbdf24d5c2db45ece4110ed5d85e58f.zip | |
r12865: Upgrade the librpc and libnet code.
In librpc, always try SMB level authentication, even if trying
schannel, but allow fallback to anonymous. This should better
function with servers that set restrict anonymous.
There are too many parts of Samba that get, parse and modify the
binding parameters. Avoid the extra work, and add a binding element
to the struct dcerpc_pipe
The libnet vampire code has been refactored, to reduce extra layers
and to better conform with the standard argument pattern. Also, take
advantage of the new libnet_Lookup code, so we don't require the silly
'password server' smb.conf parameter.
To better support forcing traffic to be sealed for the vampire
operation, the dcerpc_bind_auth() function now takes an auth level
parameter.
Andrew Bartlett
(This used to be commit d65b354959842326fdd4bd7eb7fbeea0390f4afa)
Diffstat (limited to 'source4/libnet/libnet_samdump.c')
| -rw-r--r-- | source4/libnet/libnet_samdump.c | 71 |
1 files changed, 24 insertions, 47 deletions
diff --git a/source4/libnet/libnet_samdump.c b/source4/libnet/libnet_samdump.c index 52513fa1b1..e094293916 100644 --- a/source4/libnet/libnet_samdump.c +++ b/source4/libnet/libnet_samdump.c @@ -151,7 +151,7 @@ static NTSTATUS libnet_samdump_fn(TALLOC_CTX *mem_ctx, return nt_status; } -static NTSTATUS libnet_SamDump_netlogon(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct libnet_SamDump *r) +NTSTATUS libnet_SamDump(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct libnet_SamDump *r) { NTSTATUS nt_status; struct libnet_SamSync r2; @@ -164,15 +164,16 @@ static NTSTATUS libnet_SamDump_netlogon(struct libnet_context *ctx, TALLOC_CTX * return NT_STATUS_NO_MEMORY; } - samdump_state->secrets = NULL; + samdump_state->secrets = NULL; samdump_state->trusted_domains = NULL; - r2.error_string = NULL; - r2.delta_fn = libnet_samdump_fn; - r2.fn_ctx = samdump_state; - r2.machine_account = NULL; /* TODO: Create a machine account, fill this in, and the delete it */ - nt_status = libnet_SamSync_netlogon(ctx, samdump_state, &r2); - r->error_string = r2.error_string; + r2.out.error_string = NULL; + r2.in.binding_string = r->in.binding_string; + r2.in.delta_fn = libnet_samdump_fn; + r2.in.fn_ctx = samdump_state; + r2.in.machine_account = r->in.machine_account; + nt_status = libnet_SamSync_netlogon(ctx, samdump_state, &r2); + r->out.error_string = r2.out.error_string; if (!NT_STATUS_IS_OK(nt_status)) { talloc_free(samdump_state); @@ -183,49 +184,25 @@ static NTSTATUS libnet_SamDump_netlogon(struct libnet_context *ctx, TALLOC_CTX * for (t=samdump_state->trusted_domains; t; t=t->next) { char *secret_name = talloc_asprintf(mem_ctx, "G$$%s", t->name); for (s=samdump_state->secrets; s; s=s->next) { - if (strcasecmp_m(s->name, secret_name) == 0) { - char *secret_string; - if (convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, - s->secret.data, s->secret.length, - (void **)&secret_string) == -1) { - r->error_string = talloc_asprintf(mem_ctx, - "Could not convert secret for domain %s to a string\n", - t->name); - talloc_free(samdump_state); - return NT_STATUS_INVALID_PARAMETER; - } - printf("%s\t%s\t%s\n", - t->name, dom_sid_string(mem_ctx, t->sid), - secret_string); + char *secret_string; + if (strcasecmp_m(s->name, secret_name) != 0) { + continue; + } + if (convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, + s->secret.data, s->secret.length, + (void **)&secret_string) == -1) { + r->out.error_string = talloc_asprintf(mem_ctx, + "Could not convert secret for domain %s to a string\n", + t->name); + talloc_free(samdump_state); + return NT_STATUS_INVALID_PARAMETER; } + printf("%s\t%s\t%s\n", + t->name, dom_sid_string(mem_ctx, t->sid), + secret_string); } } talloc_free(samdump_state); return nt_status; } - - -static NTSTATUS libnet_SamDump_generic(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct libnet_SamDump *r) -{ - NTSTATUS nt_status; - struct libnet_SamDump r2; - r2.level = LIBNET_SAMDUMP_NETLOGON; - r2.error_string = NULL; - nt_status = libnet_SamDump(ctx, mem_ctx, &r2); - r->error_string = r2.error_string; - - return nt_status; -} - -NTSTATUS libnet_SamDump(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct libnet_SamDump *r) -{ - switch (r->level) { - case LIBNET_SAMDUMP_GENERIC: - return libnet_SamDump_generic(ctx, mem_ctx, r); - case LIBNET_SAMDUMP_NETLOGON: - return libnet_SamDump_netlogon(ctx, mem_ctx, r); - } - - return NT_STATUS_INVALID_LEVEL; -} |