r1030: added server side schannel support

(This used to be commit 2ac79dfba0e64056a680f21d7dd0c007f79d4a70)

5 files changed, 54 insertions, 18 deletions

diff --git a/source4/librpc/idl/dcerpc.idl b/source4/librpc/idl/dcerpc.idl
index 0ee3d7b69b..8805b61da6 100644
--- a/source4/librpc/idl/dcerpc.idl
+++ b/source4/librpc/idl/dcerpc.idl
@@ -23,6 +23,17 @@ interface dcerpc
 		dcerpc_syntax_id transfer_syntaxes[num_transfer_syntaxes];
 	} dcerpc_ctx_list;
 
+	/*
+	  a schannel bind blob - used in auth_info
+	  on a schannel bind
+	*/
+	typedef [public] struct {
+		uint32 unknown1;
+		uint32 unknown2;
+		astring domain;
+		astring hostname;
+	} dcerpc_bind_schannel;
+
 	typedef struct {
 		uint16 max_xmit_frag;
 		uint16 max_recv_frag;
diff --git a/source4/librpc/idl/idl_types.h b/source4/librpc/idl/idl_types.h
index 7f1ba48bc8..d36e51f8be 100644
--- a/source4/librpc/idl/idl_types.h
+++ b/source4/librpc/idl/idl_types.h
@@ -50,6 +50,11 @@
 */
 #define ascstr_noterm        [flag(STR_NOTERM|STR_ASCII|STR_SIZE4|STR_LEN4)]  string
 
+/*
+  a null terminated ascii string
+*/
+#define astring       [flag(STR_ASCII|STR_NULLTERM)]                  string
+
 
 #define NDR_NOALIGN       LIBNDR_FLAG_NOALIGN
 #define NDR_REMAINING     LIBNDR_FLAG_REMAINING
diff --git a/source4/librpc/ndr/ndr_basic.c b/source4/librpc/ndr/ndr_basic.c
index f8315b3af0..ea58a77c47 100644
--- a/source4/librpc/ndr/ndr_basic.c
+++ b/source4/librpc/ndr/ndr_basic.c
@@ -497,6 +497,17 @@ NTSTATUS ndr_pull_string(struct ndr_pull *ndr, int ndr_flags, const char **s)
 		(*s) = as;
 		break;
 
+	case LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM:
+		len1 = strnlen(ndr->data+ndr->offset, (ndr->data_size - ndr->offset));
+		if (len1+1 <= ndr->data_size - ndr->offset) {
+			len1++;
+		}
+		NDR_ALLOC_N(ndr, as, (len1+1));
+		NDR_CHECK(ndr_pull_bytes(ndr, as, len1));
+		as[len1] = 0;
+		(*s) = as;
+		break;
+
 	default:
 		return ndr_pull_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%x\n",
 				      ndr->flags & LIBNDR_STRING_FLAGS);
@@ -639,6 +650,18 @@ NTSTATUS ndr_push_string(struct ndr_push *ndr, int ndr_flags, const char *s)
 		ndr->offset += c_len + 1;
 		break;
 
+	case LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM:
+		NDR_PUSH_NEED_BYTES(ndr, c_len + 1);
+		ret = convert_string(CH_UNIX, CH_DOS, 
+				     s, s_len+1,
+				     ndr->data+ndr->offset, c_len + 1);
+		if (ret == -1) {
+			return ndr_push_error(ndr, NDR_ERR_CHARCNV, 
+					      "Bad character conversion");
+		}
+		ndr->offset += c_len + 1;
+		break;
+
 	default:
 		return ndr_push_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%x\n",
 				      ndr->flags & LIBNDR_STRING_FLAGS);
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c
index ebfcdf7ff3..c271a94bf0 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -173,6 +173,7 @@ NTSTATUS dcerpc_bind_auth_schannel_key(struct dcerpc_pipe *p,
 	uint8_t full_session_key[16];
 	struct schannel_state *schannel_state;
 	const char *workgroup, *workstation;
+	struct dcerpc_bind_schannel bind_schannel;
 
 	memcpy(full_session_key, session_key, 8);
 	memset(full_session_key+8, 0, 8);
@@ -203,21 +204,17 @@ NTSTATUS dcerpc_bind_auth_schannel_key(struct dcerpc_pipe *p,
 	p->auth_info->auth_context_id = random();
 	p->security_state = NULL;
 
-	p->auth_info->credentials = data_blob_talloc(p->mem_ctx, 
-						     NULL,
-						     8 +
-						     strlen(workgroup)+1 +
-						     strlen(workstation)+1);
-	if (!p->auth_info->credentials.data) {
-		return NT_STATUS_NO_MEMORY;
-	}
+	/* TODO: what are these?? */
+	bind_schannel.unknown1 = 0;
+	bind_schannel.unknown2 = 3;
+	bind_schannel.domain = workgroup;
+	bind_schannel.hostname = workstation;
 
-	/* oh, this is ugly! */
-	SIVAL(p->auth_info->credentials.data, 0, 0);
-	SIVAL(p->auth_info->credentials.data, 4, 3);
-	memcpy(p->auth_info->credentials.data+8, workgroup, strlen(workgroup)+1);
-	memcpy(p->auth_info->credentials.data+8+strlen(workgroup)+1, 
-	       workstation, strlen(workstation)+1);
+	status = ndr_push_struct_blob(&p->auth_info->credentials, p->mem_ctx, &bind_schannel,
+				      (ndr_push_flags_fn_t)ndr_push_dcerpc_bind_schannel);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto done;
+	}
 
 	/* send the authenticated bind request */
 	status = dcerpc_bind_byuuid(p, p->mem_ctx, uuid, version);
diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c
index d8da1327d5..623d5ec24a 100644
--- a/source4/librpc/rpc/dcerpc_util.c
+++ b/source4/librpc/rpc/dcerpc_util.c
@@ -483,7 +483,7 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **p,
 	(*p)->flags = binding->flags;
 
 	if (binding->flags & DCERPC_SCHANNEL) {
-		const char *trust_password = secrets_fetch_machine_password();
+		const char *trust_password = NULL; // samdb_fetch_member_password();
 		if (!trust_password) {
 			DEBUG(0,("Unable to fetch machine password\n"));
 			goto done;
@@ -635,9 +635,9 @@ NTSTATUS dcerpc_pipe_connect(struct dcerpc_pipe **p,
 
 
 /*
-  create a secondary dcerpc connection on SMB
-  the secondary connection will be on the same SMB connection, but
-  use a new fnum
+  create a secondary dcerpc connection from a primary SMB connection
+
+  the secondary connection will be on the same SMB connection, but use a new fnum
 */
 NTSTATUS dcerpc_secondary_smb(struct dcerpc_pipe *p, struct dcerpc_pipe **p2,
 			      const char *pipe_name,