diff options
-rw-r--r-- | source3/rpc_server/srv_netlog.c | 24 | ||||
-rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 58 |
2 files changed, 19 insertions, 63 deletions
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 791752c5d0..60688d201d 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -126,29 +126,7 @@ static bool api_net_auth_2(pipes_struct *p) static bool api_net_srv_pwset(pipes_struct *p) { - NET_Q_SRV_PWSET q_u; - NET_R_SRV_PWSET r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the challenge and encrypted password ... */ - if(!net_io_q_srv_pwset("", &q_u, data, 0)) { - DEBUG(0,("api_net_srv_pwset: Failed to unmarshall NET_Q_SRV_PWSET.\n")); - return False; - } - - r_u.status = _net_srv_pwset(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!net_io_r_srv_pwset("", &r_u, rdata, 0)) { - DEBUG(0,("api_net_srv_pwset: Failed to marshall NET_R_SRV_PWSET.\n")); - return False; - } - - return True; + return proxy_netr_call(p, NDR_NETR_SERVERPASSWORDSET); } /************************************************************************* diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 3cfab7843d..bb346650f2 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -255,21 +255,6 @@ WERROR _netr_NetrEnumerateTrustedDomains(pipes_struct *p, return WERR_OK; } -/*********************************************************************************** - init_net_r_srv_pwset: - ***********************************************************************************/ - -static void init_net_r_srv_pwset(NET_R_SRV_PWSET *r_s, - DOM_CRED *srv_cred, NTSTATUS status) -{ - DEBUG(5,("init_net_r_srv_pwset: %d\n", __LINE__)); - - memcpy(&r_s->srv_cred, srv_cred, sizeof(r_s->srv_cred)); - r_s->status = status; - - DEBUG(5,("init_net_r_srv_pwset: %d\n", __LINE__)); -} - /****************************************************************** gets a machine password entry. checks access rights of the host. ******************************************************************/ @@ -577,31 +562,32 @@ NTSTATUS _net_auth_2(pipes_struct *p, NET_Q_AUTH_2 *q_u, NET_R_AUTH_2 *r_u) } /************************************************************************* - _net_srv_pwset + _netr_ServerPasswordSet *************************************************************************/ -NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_u) +NTSTATUS _netr_ServerPasswordSet(pipes_struct *p, + struct netr_ServerPasswordSet *r) { + NTSTATUS status = NT_STATUS_OK; fstring remote_machine; struct samu *sampass=NULL; bool ret = False; unsigned char pwd[16]; int i; uint32 acct_ctrl; - DOM_CRED cred_out; + struct netr_Authenticator cred_out; const uchar *old_pw; - DEBUG(5,("_net_srv_pwset: %d\n", __LINE__)); + DEBUG(5,("_netr_ServerPasswordSet: %d\n", __LINE__)); /* We need the remote machine name for the creds lookup. */ - rpcstr_pull(remote_machine,q_u->clnt_id.login.uni_comp_name.buffer, - sizeof(remote_machine),q_u->clnt_id.login.uni_comp_name.uni_str_len*2,0); + fstrcpy(remote_machine, r->in.computer_name); if ( (lp_server_schannel() == True) && (p->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL) ) { /* 'server schannel = yes' should enforce use of schannel, the client did offer it in auth2, but obviously did not use it. */ - DEBUG(0,("_net_srv_pwset: client %s not using schannel for netlogon\n", + DEBUG(0,("_netr_ServerPasswordSet: client %s not using schannel for netlogon\n", remote_machine )); return NT_STATUS_ACCESS_DENIED; } @@ -622,12 +608,12 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET * return NT_STATUS_INVALID_HANDLE; } - DEBUG(3,("_net_srv_pwset: Server Password Set by remote machine:[%s] on account [%s]\n", + DEBUG(3,("_netr_ServerPasswordSet: Server Password Set by remote machine:[%s] on account [%s]\n", remote_machine, p->dc->mach_acct)); /* Step the creds chain forward. */ - if (!creds_server_step(p->dc, &q_u->clnt_id.cred, &cred_out)) { - DEBUG(2,("_net_srv_pwset: creds_server_step failed. Rejecting auth " + if (!netlogon_creds_server_step(p->dc, r->in.credential, &cred_out)) { + DEBUG(2,("_netr_ServerPasswordSet: netlogon_creds_server_step failed. Rejecting auth " "request from client %s machine account %s\n", remote_machine, p->dc->mach_acct )); return NT_STATUS_INVALID_PARAMETER; @@ -668,9 +654,9 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET * } /* Woah - what does this to to the credential chain ? JRA */ - cred_hash3( pwd, q_u->pwd, p->dc->sess_key, 0); + cred_hash3(pwd, r->in.new_password->hash, p->dc->sess_key, 0); - DEBUG(100,("Server password set : new given value was :\n")); + DEBUG(100,("_netr_ServerPasswordSet: new given value was :\n")); for(i = 0; i < sizeof(pwd); i++) DEBUG(100,("%02X ", pwd[i])); DEBUG(100,("\n")); @@ -702,15 +688,17 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET * } become_root(); - r_u->status = pdb_update_sam_account(sampass); + status = pdb_update_sam_account(sampass); unbecome_root(); } /* set up the LSA Server Password Set response */ - init_net_r_srv_pwset(r_u, &cred_out, r_u->status); + + memcpy(r->out.return_authenticator, &cred_out, + sizeof(r->out.return_authenticator)); TALLOC_FREE(sampass); - return r_u->status; + return status; } /************************************************************************* @@ -1283,16 +1271,6 @@ NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _netr_ServerPasswordSet(pipes_struct *p, - struct netr_ServerPasswordSet *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _netr_DatabaseDeltas(pipes_struct *p, struct netr_DatabaseDeltas *r) { |