summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/libnet/libnet_samsync_keytab.c.orig305
1 files changed, 0 insertions, 305 deletions
diff --git a/source3/libnet/libnet_samsync_keytab.c.orig b/source3/libnet/libnet_samsync_keytab.c.orig
deleted file mode 100644
index 134922392c..0000000000
--- a/source3/libnet/libnet_samsync_keytab.c.orig
+++ /dev/null
@@ -1,305 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- dump the remote SAM using rpc samsync operations
-
- Copyright (C) Guenther Deschner 2008.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "smb_krb5.h"
-#include "ads.h"
-#include "libnet/libnet_keytab.h"
-#include "libnet/libnet_samsync.h"
-
-#if defined(HAVE_ADS) && defined(ENCTYPE_ARCFOUR_HMAC)
-
-/****************************************************************
-****************************************************************/
-
-static NTSTATUS keytab_ad_connect(TALLOC_CTX *mem_ctx,
- const char *domain_name,
- const char *username,
- const char *password,
- struct libnet_keytab_context *ctx)
-{
- NTSTATUS status;
- ADS_STATUS ad_status;
- ADS_STRUCT *ads;
- struct netr_DsRGetDCNameInfo *info = NULL;
- const char *dc;
-
- status = dsgetdcname(mem_ctx, NULL, domain_name, NULL, NULL, 0, &info);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- dc = strip_hostname(info->dc_unc);
-
- ads = ads_init(NULL, domain_name, dc);
- NT_STATUS_HAVE_NO_MEMORY(ads);
-
- if (getenv(KRB5_ENV_CCNAME) == NULL) {
- setenv(KRB5_ENV_CCNAME, "MEMORY:libnet_samsync_keytab", 1);
- }
-
- ads->auth.user_name = SMB_STRDUP(username);
- ads->auth.password = SMB_STRDUP(password);
-
- ad_status = ads_connect_user_creds(ads);
- if (!ADS_ERR_OK(ad_status)) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- ctx->ads = ads;
-
- ctx->dns_domain_name = talloc_strdup_upper(mem_ctx, ads->config.realm);
- NT_STATUS_HAVE_NO_MEMORY(ctx->dns_domain_name);
-
- return NT_STATUS_OK;
-}
-
-/****************************************************************
-****************************************************************/
-
-static NTSTATUS fetch_sam_entry_keytab(TALLOC_CTX *mem_ctx,
- enum netr_SamDatabaseID database_id,
- uint32_t rid,
- struct netr_DELTA_USER *r,
- struct libnet_keytab_context *ctx)
-{
- NTSTATUS status;
- uint32_t kvno = 0;
- DATA_BLOB blob;
-
- if (memcmp(r->ntpassword.hash, ctx->zero_buf, 16) == 0) {
- return NT_STATUS_OK;
- }
-
- kvno = ads_get_kvno(ctx->ads, r->account_name.string);
- blob = data_blob_const(r->ntpassword.hash, 16);
-
- status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx,
- kvno,
- r->account_name.string,
- NULL,
- ENCTYPE_ARCFOUR_HMAC,
- blob);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- return NT_STATUS_OK;
-}
-
-/****************************************************************
-****************************************************************/
-
-static NTSTATUS init_keytab(TALLOC_CTX *mem_ctx,
- struct samsync_context *ctx,
- enum netr_SamDatabaseID database_id,
- uint64_t *sequence_num)
-{
- krb5_error_code ret = 0;
- NTSTATUS status;
- struct libnet_keytab_context *keytab_ctx = NULL;
- struct libnet_keytab_entry *entry;
- uint64_t old_sequence_num = 0;
- const char *principal = NULL;
-
- ret = libnet_keytab_init(mem_ctx, ctx->output_filename, &keytab_ctx);
- if (ret) {
- return krb5_to_nt_status(ret);
- }
-
- keytab_ctx->clean_old_entries = ctx->clean_old_entries;
- ctx->private_data = keytab_ctx;
-
- status = keytab_ad_connect(mem_ctx,
- ctx->domain_name,
- ctx->username,
- ctx->password,
- keytab_ctx);
- if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(keytab_ctx);
- return status;
- }
-
- principal = talloc_asprintf(mem_ctx, "SEQUENCE_NUM@%s",
- keytab_ctx->dns_domain_name);
- NT_STATUS_HAVE_NO_MEMORY(principal);
-
- entry = libnet_keytab_search(keytab_ctx, principal, 0, ENCTYPE_NULL,
- mem_ctx);
- if (entry && (entry->password.length == 8)) {
- old_sequence_num = BVAL(entry->password.data, 0);
- }
-
- if (sequence_num) {
- *sequence_num = old_sequence_num;
- }
-
- return status;
-}
-
-/****************************************************************
-****************************************************************/
-
-static NTSTATUS fetch_sam_entries_keytab(TALLOC_CTX *mem_ctx,
- enum netr_SamDatabaseID database_id,
- struct netr_DELTA_ENUM_ARRAY *r,
- uint64_t *sequence_num,
- struct samsync_context *ctx)
-{
- struct libnet_keytab_context *keytab_ctx =
- (struct libnet_keytab_context *)ctx->private_data;
-
- NTSTATUS status = NT_STATUS_OK;
- int i;
-
- for (i = 0; i < r->num_deltas; i++) {
-
- switch (r->delta_enum[i].delta_type) {
- case NETR_DELTA_USER:
- break;
- case NETR_DELTA_DOMAIN:
- if (sequence_num) {
- *sequence_num =
- r->delta_enum[i].delta_union.domain->sequence_num;
- }
- continue;
- case NETR_DELTA_MODIFY_COUNT:
- if (sequence_num) {
- *sequence_num =
- *r->delta_enum[i].delta_union.modified_count;
- }
- continue;
- default:
- continue;
- }
-
- status = fetch_sam_entry_keytab(mem_ctx, database_id,
- r->delta_enum[i].delta_id_union.rid,
- r->delta_enum[i].delta_union.user,
- keytab_ctx);
- if (!NT_STATUS_IS_OK(status)) {
- goto out;
- }
- }
- out:
- return status;
-}
-
-/****************************************************************
-****************************************************************/
-
-static NTSTATUS close_keytab(TALLOC_CTX *mem_ctx,
- struct samsync_context *ctx,
- enum netr_SamDatabaseID database_id,
- uint64_t sequence_num)
-{
- struct libnet_keytab_context *keytab_ctx =
- (struct libnet_keytab_context *)ctx->private_data;
- krb5_error_code ret;
- NTSTATUS status;
- struct libnet_keytab_entry *entry;
- uint64_t old_sequence_num = 0;
- const char *principal = NULL;
-
- principal = talloc_asprintf(mem_ctx, "SEQUENCE_NUM@%s",
- keytab_ctx->dns_domain_name);
- NT_STATUS_HAVE_NO_MEMORY(principal);
-
-
- entry = libnet_keytab_search(keytab_ctx, principal, 0, ENCTYPE_NULL,
- mem_ctx);
- if (entry && (entry->password.length == 8)) {
- old_sequence_num = BVAL(entry->password.data, 0);
- }
-
-
- if (sequence_num > old_sequence_num) {
- DATA_BLOB blob;
- blob = data_blob_talloc_zero(mem_ctx, 8);
- SBVAL(blob.data, 0, sequence_num);
-
- status = libnet_keytab_add_to_keytab_entries(mem_ctx, keytab_ctx,
- 0,
- "SEQUENCE_NUM",
- NULL,
- ENCTYPE_NULL,
- blob);
- if (!NT_STATUS_IS_OK(status)) {
- goto done;
- }
- }
-
- ret = libnet_keytab_add(keytab_ctx);
- if (ret) {
- status = krb5_to_nt_status(ret);
- ctx->error_message = talloc_asprintf(ctx,
- "Failed to add entries to keytab %s: %s",
- keytab_ctx->keytab_name, error_message(ret));
- TALLOC_FREE(keytab_ctx);
- return status;
- }
-
- ctx->result_message = talloc_asprintf(ctx,
- "Vampired %d accounts to keytab %s",
- keytab_ctx->count,
- keytab_ctx->keytab_name);
-
- status = NT_STATUS_OK;
-
- done:
- TALLOC_FREE(keytab_ctx);
-
- return status;
-}
-
-#else
-
-static NTSTATUS init_keytab(TALLOC_CTX *mem_ctx,
- struct samsync_context *ctx,
- enum netr_SamDatabaseID database_id,
- uint64_t *sequence_num)
-{
- return NT_STATUS_NOT_SUPPORTED;
-}
-
-static NTSTATUS fetch_sam_entries_keytab(TALLOC_CTX *mem_ctx,
- enum netr_SamDatabaseID database_id,
- struct netr_DELTA_ENUM_ARRAY *r,
- uint64_t *sequence_num,
- struct samsync_context *ctx)
-{
- return NT_STATUS_NOT_SUPPORTED;
-}
-
-static NTSTATUS close_keytab(TALLOC_CTX *mem_ctx,
- struct samsync_context *ctx,
- enum netr_SamDatabaseID database_id,
- uint64_t sequence_num)
-{
- return NT_STATUS_NOT_SUPPORTED;
-}
-
-#endif /* defined(HAVE_ADS) && defined(ENCTYPE_ARCFOUR_HMAC) */
-
-const struct samsync_ops libnet_samsync_keytab_ops = {
- .startup = init_keytab,
- .process_objects = fetch_sam_entries_keytab,
- .finish = close_keytab
-};