summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/rpc_server/netlogon/srv_netlog_nt.c261
1 files changed, 257 insertions, 4 deletions
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
index b55c74adfc..f5dace2753 100644
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -37,6 +37,10 @@
#include "rpc_client/init_lsa.h"
#include "rpc_server/rpc_ncacn_np.h"
#include "../libcli/security/security.h"
+#include "../libcli/security/dom_sid.h"
+#include "librpc/gen_ndr/ndr_drsblobs.h"
+#include "lib/crypto/arcfour.h"
+#include "lib/crypto/md4.h"
extern userdom_struct current_user_info;
@@ -2177,21 +2181,270 @@ WERROR _netr_DsRGetForestTrustInformation(struct pipes_struct *p,
/****************************************************************
****************************************************************/
+static NTSTATUS fill_forest_trust_array(TALLOC_CTX *mem_ctx,
+ struct lsa_ForestTrustInformation *info)
+{
+ struct lsa_ForestTrustRecord *e;
+ struct pdb_domain_info *dom_info;
+ struct lsa_ForestTrustDomainInfo *domain_info;
+
+ dom_info = pdb_get_domain_info(mem_ctx);
+ if (dom_info == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ info->count = 2;
+ info->entries = talloc_array(info, struct lsa_ForestTrustRecord *, 2);
+ if (info->entries == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ e = talloc(info, struct lsa_ForestTrustRecord);
+ if (e == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ e->flags = 0;
+ e->type = LSA_FOREST_TRUST_TOP_LEVEL_NAME;
+ e->time = 0; /* so far always 0 in trces. */
+ e->forest_trust_data.top_level_name.string = talloc_steal(info,
+ dom_info->dns_forest);
+
+ info->entries[0] = e;
+
+ e = talloc(info, struct lsa_ForestTrustRecord);
+ if (e == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ /* TODO: check if disabled and set flags accordingly */
+ e->flags = 0;
+ e->type = LSA_FOREST_TRUST_DOMAIN_INFO;
+ e->time = 0; /* so far always 0 in traces. */
+
+ domain_info = &e->forest_trust_data.domain_info;
+ domain_info->domain_sid = dom_sid_dup(info, &dom_info->sid);
+
+ domain_info->dns_domain_name.string = talloc_steal(info,
+ dom_info->dns_domain);
+ domain_info->netbios_domain_name.string = talloc_steal(info,
+ dom_info->name);
+
+ info->entries[1] = e;
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+ _netr_GetForestTrustInformation
+****************************************************************/
+
NTSTATUS _netr_GetForestTrustInformation(struct pipes_struct *p,
struct netr_GetForestTrustInformation *r)
{
- p->rng_fault_state = true;
- return NT_STATUS_NOT_IMPLEMENTED;
+ NTSTATUS status;
+ struct netlogon_creds_CredentialState *creds;
+ struct lsa_ForestTrustInformation *info, **info_ptr;
+
+ /* TODO: check server name */
+
+ status = schannel_check_creds_state(p->mem_ctx, lp_private_dir(),
+ r->in.computer_name,
+ r->in.credential,
+ r->out.return_authenticator,
+ &creds);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ if ((creds->secure_channel_type != SEC_CHAN_DNS_DOMAIN) &&
+ (creds->secure_channel_type != SEC_CHAN_DOMAIN)) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ info_ptr = talloc(p->mem_ctx, struct lsa_ForestTrustInformation *);
+ if (!info_ptr) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ info = talloc_zero(info_ptr, struct lsa_ForestTrustInformation);
+ if (!info) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ status = fill_forest_trust_array(p->mem_ctx, info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ *info_ptr = info;
+ r->out.forest_trust_info = info_ptr;
+
+ return NT_STATUS_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
+static NTSTATUS get_password_from_trustAuth(TALLOC_CTX *mem_ctx,
+ const DATA_BLOB *trustAuth_blob,
+ const DATA_BLOB *session_key,
+ struct samr_Password *current_pw_enc,
+ struct samr_Password *previous_pw_enc)
+{
+ enum ndr_err_code ndr_err;
+ struct trustAuthInOutBlob trustAuth;
+
+ ndr_err = ndr_pull_struct_blob_all(trustAuth_blob, mem_ctx, &trustAuth,
+ (ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+
+ if (trustAuth.count != 0 && trustAuth.current.count != 0 &&
+ trustAuth.current.array[0].AuthType == TRUST_AUTH_TYPE_CLEAR) {
+ mdfour(previous_pw_enc->hash,
+ trustAuth.current.array[0].AuthInfo.clear.password,
+ trustAuth.current.array[0].AuthInfo.clear.size);
+ } else {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ arcfour_crypt_blob(current_pw_enc->hash, sizeof(current_pw_enc->hash),
+ session_key);
+
+ if (trustAuth.previous.count != 0 &&
+ trustAuth.previous.array[0].AuthType == TRUST_AUTH_TYPE_CLEAR) {
+ mdfour(previous_pw_enc->hash,
+ trustAuth.previous.array[0].AuthInfo.clear.password,
+ trustAuth.previous.array[0].AuthInfo.clear.size);
+ } else {
+ mdfour(previous_pw_enc->hash, NULL, 0);
+ }
+ arcfour_crypt_blob(previous_pw_enc->hash, sizeof(previous_pw_enc->hash),
+ session_key);
+
+ return NT_STATUS_OK;
}
/****************************************************************
+ _netr_ServerGetTrustInfo
****************************************************************/
NTSTATUS _netr_ServerGetTrustInfo(struct pipes_struct *p,
struct netr_ServerGetTrustInfo *r)
{
- p->rng_fault_state = true;
- return NT_STATUS_NOT_IMPLEMENTED;
+ NTSTATUS status;
+ struct netlogon_creds_CredentialState *creds;
+ char *account_name;
+ size_t account_name_last;
+ bool trusted;
+ struct netr_TrustInfo *trust_info;
+ struct pdb_trusted_domain *td;
+ DATA_BLOB trustAuth_blob;
+ struct samr_Password *new_owf_enc;
+ struct samr_Password *old_owf_enc;
+ DATA_BLOB session_key;
+
+ /* TODO: check server name */
+
+ status = schannel_check_creds_state(p->mem_ctx, lp_private_dir(),
+ r->in.computer_name,
+ r->in.credential,
+ r->out.return_authenticator,
+ &creds);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ account_name = talloc_strdup(p->mem_ctx, r->in.account_name);
+ if (account_name == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ account_name_last = strlen(account_name);
+ if (account_name_last == 0) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ account_name_last--;
+ if (account_name[account_name_last] == '.') {
+ account_name[account_name_last] = '\0';
+ }
+
+ if ((creds->secure_channel_type != SEC_CHAN_DNS_DOMAIN) &&
+ (creds->secure_channel_type != SEC_CHAN_DOMAIN)) {
+ trusted = false;
+ } else {
+ trusted = true;
+ }
+
+
+ if (trusted) {
+ account_name_last = strlen(account_name);
+ if (account_name_last == 0) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ account_name_last--;
+ if (account_name[account_name_last] == '$') {
+ account_name[account_name_last] = '\0';
+ }
+
+ status = pdb_get_trusted_domain(p->mem_ctx, account_name, &td);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ if (r->out.trust_info != NULL) {
+ trust_info = talloc_zero(p->mem_ctx, struct netr_TrustInfo);
+ if (trust_info == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ trust_info->count = 1;
+
+ trust_info->data = talloc_array(trust_info, uint32_t, 1);
+ if (trust_info->data == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ trust_info->data[0] = td->trust_attributes;
+
+ *r->out.trust_info = trust_info;
+ }
+
+ new_owf_enc = talloc_zero(p->mem_ctx, struct samr_Password);
+ old_owf_enc = talloc_zero(p->mem_ctx, struct samr_Password);
+ if (new_owf_enc == NULL || old_owf_enc == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+/* TODO: which trustAuth shall we use if we have in/out trust or do they have to
+ * be equal ? */
+ if (td->trust_direction & NETR_TRUST_FLAG_INBOUND) {
+ trustAuth_blob = td->trust_auth_incoming;
+ } else if (td->trust_direction & NETR_TRUST_FLAG_OUTBOUND) {
+ trustAuth_blob = td->trust_auth_outgoing;
+ }
+
+ session_key.data = creds->session_key;
+ session_key.length = sizeof(creds->session_key);
+ status = get_password_from_trustAuth(p->mem_ctx, &trustAuth_blob,
+ &session_key,
+ new_owf_enc, old_owf_enc);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ r->out.new_owf_password = new_owf_enc;
+ r->out.old_owf_password = old_owf_enc;
+ } else {
+/* TODO: look for machine password */
+ r->out.new_owf_password = NULL;
+ r->out.old_owf_password = NULL;
+
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ return NT_STATUS_OK;
}
/****************************************************************