diff options
-rw-r--r-- | source3/client/ntclient.c | 348 |
1 files changed, 0 insertions, 348 deletions
diff --git a/source3/client/ntclient.c b/source3/client/ntclient.c deleted file mode 100644 index cb2f6ecf1a..0000000000 --- a/source3/client/ntclient.c +++ /dev/null @@ -1,348 +0,0 @@ -/* - Unix SMB/Netbios implementation. - Version 1.9. - NT Domain Authentication SMB / MSRPC client - Copyright (C) Andrew Tridgell 1994-1997 - Copyright (C) Luke Kenneth Casson Leighton 1996-1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#define NO_SYSLOG - -#include "includes.h" - -extern int DEBUGLEVEL; -extern pstring username; -extern pstring smb_login_passwd; -extern pstring workgroup; - -#define CLIENT_TIMEOUT (30*1000) - -/**************************************************************************** -experimental nt login. -****************************************************************************/ -BOOL client_do_nt_login(char *desthost, char *myhostname, - int Client, int cnum) -{ - DOM_CHAL clnt_chal; - DOM_CHAL srv_chal; - - DOM_CRED clnt_cred; - - DOM_CHAL auth2_srv_chal; - - DOM_CRED sam_logon_clnt_cred; - DOM_CRED sam_logon_rtn_cred; - DOM_CRED sam_logon_srv_cred; - - DOM_CRED sam_logoff_clnt_cred; - DOM_CRED sam_logoff_rtn_cred; - DOM_CRED sam_logoff_srv_cred; - - DOM_ID_INFO_1 id1; - LSA_USER_INFO user_info1; - LSA_POL_HND pol; - int i; - - UTIME zerotime; - - uchar sess_key[8]; - char nt_owf_mach_pwd[16]; - fstring mach_acct; - fstring mach_pwd; - fstring server_name; - - RPC_IFACE abstract; - RPC_IFACE transfer; - - static char abs_data[16]; - static char trn_data[16]; - - /* received from LSA Query Info Policy, level 5 */ - fstring level5_domain_name; - pstring level5_domain_sid; - - /* received from LSA Query Info Policy, level 3 */ - fstring level3_domain_name; - pstring level3_domain_sid; - - uint16 fnum; - uint32 call_id = 0; - char *inbuf,*outbuf; - - zerotime.time = 0; - - inbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN); - outbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN); - - if (!inbuf || !outbuf) - { - DEBUG(0,("out of memory\n")); - return False; - } - - /******************* open the \PIPE\lsarpc file *****************/ - - if ((fnum = rpc_pipe_open(inbuf, outbuf, PIPE_LSARPC, Client, cnum)) == 0xffff) - { - free(inbuf); free(outbuf); - return False; - } - - /**************** Set Named Pipe State ***************/ - if (!rpc_pipe_set_hnd_state(PIPE_LSARPC, fnum, 0x4300)) - { - free(inbuf); free(outbuf); - return False; - } - - /******************* bind request on \PIPE\lsarpc *****************/ - - /* create and send a MSRPC command with api LSA_OPENPOLICY */ - - DEBUG(4,("LSA RPC Bind[%x]\n", fnum)); - - for (i = 0; i < sizeof(trn_data); i++) - { - trn_data[i] = 2 * i; - } - - for (i = 0; i < sizeof(abs_data); i++) - { - abs_data[i] = i; - } - - /* create interface UUIDs. */ - make_rpc_iface(&abstract, abs_data, 0x0); - make_rpc_iface(&transfer, trn_data, 0x2); - - if (!rpc_pipe_bind(PIPE_LSARPC, fnum, ++call_id, &abstract, &transfer)) - { - free(inbuf); free(outbuf); - return False; - } - - /******************* Open Policy ********************/ - - fstrcpy(server_name, ("\\\\")); - fstrcpy(&server_name[2], myhostname); - - /* send an open policy request; receive a policy handle */ - if (!do_lsa_open_policy(fnum, ++call_id, server_name, &pol)) - { - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - free(inbuf); free(outbuf); - return False; - } - - /**************** Query Info Policy, level 3 ********************/ - - /* send a query info policy at level 3; receive an info policy */ - if (!do_lsa_query_info_pol(fnum, ++call_id, &pol, 0x3, - level3_domain_name, level3_domain_sid)) - { - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - free(inbuf); free(outbuf); - return False; - } - - /**************** Query Info Policy, level 5 ********************/ - - /* send a query info policy at level 5; receive an info policy */ - if (!do_lsa_query_info_pol(fnum, ++call_id, &pol, 0x5, - level5_domain_name, level5_domain_sid)) - { - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - free(inbuf); free(outbuf); - return False; - } - - /******************* Open Policy ********************/ - - /* send a close policy request; receive a close pol response */ - if (!do_lsa_close(fnum, ++call_id, &pol)) - { - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - free(inbuf); free(outbuf); - return False; - } - - /******************* close the \PIPE\lsarpc file *******************/ - - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - - - - /******************* open the \PIPE\NETLOGON file *****************/ - - if ((fnum = rpc_pipe_open(inbuf, outbuf, PIPE_NETLOGON, Client, cnum)) == 0xffff) - { - free(inbuf); free(outbuf); - return False; - } - - /**************** Set Named Pipe State ***************/ - if (!rpc_pipe_set_hnd_state(PIPE_NETLOGON, fnum, 0x4300)) - { - free(inbuf); free(outbuf); - return False; - } - - /******************* bind request on \PIPE\NETLOGON *****************/ - - if (!rpc_pipe_bind(PIPE_NETLOGON, fnum, ++call_id, &abstract, &transfer)) - { - free(inbuf); free(outbuf); - return False; - } - - /******************* Request Challenge ********************/ - - fstrcpy(mach_acct, myhostname); - strlower(mach_pwd); - - fstrcpy(mach_pwd , myhostname); - fstrcat(mach_acct, "$"); - - SIVAL(clnt_chal.data, 0, 0x11111111); - SIVAL(clnt_chal.data, 4, 0x22222222); - - /* send a client challenge; receive a server challenge */ - if (!do_lsa_req_chal(fnum, ++call_id, desthost, myhostname, &clnt_chal, &srv_chal)) - { - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - free(inbuf); free(outbuf); - return False; - } - - /************ Long-term Session key (default) **********/ - -#if 0 - /* DAMN! can't get the machine password - need become_root() to do it! */ - /* get the machine password */ - if (!get_md4pw(mach_acct, nt_owf_mach_pwd)) - { - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - free(inbuf); free(outbuf); - return False; - } - - DEBUG(5,("got nt owf from smbpasswd entry: %s\n", mach_pwd)); -#else - - { - char lm_owf_mach_pwd[16]; - nt_lm_owf_gen(mach_pwd, nt_owf_mach_pwd, lm_owf_mach_pwd); - DEBUG(5,("generating nt owf from initial machine pwd: %s\n", mach_pwd)); - } - -#endif - - dump_data(6, nt_owf_mach_pwd, 16); - - /* calculate the session key */ - cred_session_key(&clnt_chal, &srv_chal, nt_owf_mach_pwd, sess_key); - - - /******************* Authenticate 2 ********************/ - - /* calculate auth-2 credentials */ - cred_create(sess_key, &clnt_chal, zerotime, &(clnt_cred.challenge)); - - /* send client auth-2 challenge; receive an auth-2 challenge */ - if (!do_lsa_auth2(fnum, ++call_id, desthost, mach_acct, 2, myhostname, - &(clnt_cred.challenge), 0x000001ff, &auth2_srv_chal)) - { - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - free(inbuf); free(outbuf); - return False; - } - - - /*********************** SAM Info ***********************/ - - { - char lm_owf_user_pwd[16]; - char nt_owf_user_pwd[16]; - nt_lm_owf_gen(smb_login_passwd, nt_owf_user_pwd, lm_owf_user_pwd); - -#ifdef DEBUG_PASSWORD - - DEBUG(100,("nt owf of user password: ")); - dump_data(100, lm_owf_user_pwd, 16); - - DEBUG(100,("nt owf of user password: ")); - dump_data(100, nt_owf_user_pwd, 16); - -#endif - - /* this is used in both the SAM Logon and the SAM Logoff */ - make_id_info1(&id1, workgroup, 0, - getuid(), 0, - username, myhostname, - sess_key, lm_owf_user_pwd, nt_owf_user_pwd); - } - - /*********************** SAM Logon **********************/ - - clnt_cred.timestamp.time = sam_logon_clnt_cred.timestamp.time = time(NULL); - - /* calculate sam logon credentials, using the auth2 client challenge */ - cred_create(sess_key, &(clnt_cred.challenge), sam_logon_clnt_cred.timestamp, - &(sam_logon_clnt_cred.challenge)); - - /* send client sam-logon challenge; receive a sam-logon challenge */ - if (!do_lsa_sam_logon(fnum, ++call_id, sess_key, &clnt_cred, - desthost, mach_acct, - &sam_logon_clnt_cred, &sam_logon_rtn_cred, - 1, 1, &id1, &user_info1, - &sam_logon_srv_cred)) - { - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - free(inbuf); free(outbuf); - return False; - } - - /*********************** SAM Logoff *********************/ - - clnt_cred.timestamp.time = sam_logoff_clnt_cred.timestamp.time = time(NULL); - - /* calculate sam logoff credentials, using the sam logon return challenge */ - cred_create(sess_key, &(clnt_cred.challenge), - sam_logoff_clnt_cred.timestamp, - &(sam_logoff_clnt_cred.challenge)); - - /* send client sam-logoff challenge; receive a sam-logoff challenge */ - if (!do_lsa_sam_logoff(fnum, ++call_id, sess_key, &clnt_cred, - desthost, mach_acct, - &sam_logoff_clnt_cred, &sam_logoff_rtn_cred, - 1, 1, &id1, - &sam_logoff_srv_cred)) - { - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - free(inbuf); free(outbuf); - return False; - } - - /******************** close the \PIPE\NETLOGON file **************/ - - cli_smb_close(inbuf, outbuf, Client, cnum, fnum); - - /* free memory used in all rpc transactions, above */ - free(inbuf); free(outbuf); - - return True; -} |