summaryrefslogtreecommitdiff
path: root/source3/libads
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libads')
-rw-r--r--source3/libads/cldap.c147
-rw-r--r--source3/libads/krb5_setpw.c59
2 files changed, 110 insertions, 96 deletions
diff --git a/source3/libads/cldap.c b/source3/libads/cldap.c
index 7180464d47..8f9a8ff213 100644
--- a/source3/libads/cldap.c
+++ b/source3/libads/cldap.c
@@ -24,10 +24,10 @@
/*
do a cldap netlogon query
*/
-static int send_cldap_netlogon(int sock, const char *domain,
+static int send_cldap_netlogon(TALLOC_CTX *mem_ctx, int sock, const char *domain,
const char *hostname, unsigned ntversion)
{
- ASN1_DATA data;
+ ASN1_DATA *data;
char ntver[4];
#ifdef CLDAP_USER_QUERY
char aac[4];
@@ -36,69 +36,72 @@ static int send_cldap_netlogon(int sock, const char *domain,
#endif
SIVAL(ntver, 0, ntversion);
- memset(&data, 0, sizeof(data));
+ data = asn1_init(mem_ctx);
+ if (data == NULL) {
+ return -1;
+ }
- asn1_push_tag(&data,ASN1_SEQUENCE(0));
- asn1_write_Integer(&data, 4);
- asn1_push_tag(&data, ASN1_APPLICATION(3));
- asn1_write_OctetString(&data, NULL, 0);
- asn1_write_enumerated(&data, 0);
- asn1_write_enumerated(&data, 0);
- asn1_write_Integer(&data, 0);
- asn1_write_Integer(&data, 0);
- asn1_write_BOOLEAN(&data, False);
- asn1_push_tag(&data, ASN1_CONTEXT(0));
+ asn1_push_tag(data,ASN1_SEQUENCE(0));
+ asn1_write_Integer(data, 4);
+ asn1_push_tag(data, ASN1_APPLICATION(3));
+ asn1_write_OctetString(data, NULL, 0);
+ asn1_write_enumerated(data, 0);
+ asn1_write_enumerated(data, 0);
+ asn1_write_Integer(data, 0);
+ asn1_write_Integer(data, 0);
+ asn1_write_BOOLEAN(data, False);
+ asn1_push_tag(data, ASN1_CONTEXT(0));
if (domain) {
- asn1_push_tag(&data, ASN1_CONTEXT(3));
- asn1_write_OctetString(&data, "DnsDomain", 9);
- asn1_write_OctetString(&data, domain, strlen(domain));
- asn1_pop_tag(&data);
+ asn1_push_tag(data, ASN1_CONTEXT(3));
+ asn1_write_OctetString(data, "DnsDomain", 9);
+ asn1_write_OctetString(data, domain, strlen(domain));
+ asn1_pop_tag(data);
}
- asn1_push_tag(&data, ASN1_CONTEXT(3));
- asn1_write_OctetString(&data, "Host", 4);
- asn1_write_OctetString(&data, hostname, strlen(hostname));
- asn1_pop_tag(&data);
+ asn1_push_tag(data, ASN1_CONTEXT(3));
+ asn1_write_OctetString(data, "Host", 4);
+ asn1_write_OctetString(data, hostname, strlen(hostname));
+ asn1_pop_tag(data);
#ifdef CLDAP_USER_QUERY
- asn1_push_tag(&data, ASN1_CONTEXT(3));
- asn1_write_OctetString(&data, "User", 4);
- asn1_write_OctetString(&data, "SAMBA$", 6);
- asn1_pop_tag(&data);
-
- asn1_push_tag(&data, ASN1_CONTEXT(3));
- asn1_write_OctetString(&data, "AAC", 4);
- asn1_write_OctetString(&data, aac, 4);
- asn1_pop_tag(&data);
+ asn1_push_tag(data, ASN1_CONTEXT(3));
+ asn1_write_OctetString(data, "User", 4);
+ asn1_write_OctetString(data, "SAMBA$", 6);
+ asn1_pop_tag(data);
+
+ asn1_push_tag(data, ASN1_CONTEXT(3));
+ asn1_write_OctetString(data, "AAC", 4);
+ asn1_write_OctetString(data, aac, 4);
+ asn1_pop_tag(data);
#endif
- asn1_push_tag(&data, ASN1_CONTEXT(3));
- asn1_write_OctetString(&data, "NtVer", 5);
- asn1_write_OctetString(&data, ntver, 4);
- asn1_pop_tag(&data);
+ asn1_push_tag(data, ASN1_CONTEXT(3));
+ asn1_write_OctetString(data, "NtVer", 5);
+ asn1_write_OctetString(data, ntver, 4);
+ asn1_pop_tag(data);
- asn1_pop_tag(&data);
+ asn1_pop_tag(data);
- asn1_push_tag(&data,ASN1_SEQUENCE(0));
- asn1_write_OctetString(&data, "NetLogon", 8);
- asn1_pop_tag(&data);
- asn1_pop_tag(&data);
- asn1_pop_tag(&data);
+ asn1_push_tag(data,ASN1_SEQUENCE(0));
+ asn1_write_OctetString(data, "NetLogon", 8);
+ asn1_pop_tag(data);
+ asn1_pop_tag(data);
+ asn1_pop_tag(data);
- if (data.has_error) {
- DEBUG(2,("Failed to build cldap netlogon at offset %d\n", (int)data.ofs));
- asn1_free(&data);
+ if (data->has_error) {
+ DEBUG(2,("Failed to build cldap netlogon at offset %d\n", (int)data->ofs));
+ asn1_free(data);
return -1;
}
- if (write(sock, data.data, data.length) != (ssize_t)data.length) {
+ if (write(sock, data->data, data->length) != (ssize_t)data->length) {
DEBUG(2,("failed to send cldap query (%s)\n", strerror(errno)));
- asn1_free(&data);
+ asn1_free(data);
return -1;
}
- asn1_free(&data);
+ asn1_free(data);
return 0;
}
@@ -123,7 +126,7 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx,
struct netlogon_samlogon_response **reply)
{
int ret;
- ASN1_DATA data;
+ ASN1_DATA *data;
DATA_BLOB blob = data_blob_null;
DATA_BLOB os1 = data_blob_null;
DATA_BLOB os2 = data_blob_null;
@@ -160,28 +163,34 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx,
}
blob.length = ret;
- asn1_load(&data, blob);
- asn1_start_tag(&data, ASN1_SEQUENCE(0));
- asn1_read_Integer(&data, &i1);
- asn1_start_tag(&data, ASN1_APPLICATION(4));
- asn1_read_OctetString(&data, NULL, &os1);
- asn1_start_tag(&data, ASN1_SEQUENCE(0));
- asn1_start_tag(&data, ASN1_SEQUENCE(0));
- asn1_read_OctetString(&data, NULL, &os2);
- asn1_start_tag(&data, ASN1_SET);
- asn1_read_OctetString(&data, NULL, &os3);
- asn1_end_tag(&data);
- asn1_end_tag(&data);
- asn1_end_tag(&data);
- asn1_end_tag(&data);
- asn1_end_tag(&data);
-
- if (data.has_error) {
+ data = asn1_init(mem_ctx);
+ if (data == NULL) {
+ data_blob_free(&blob);
+ return -1;
+ }
+
+ asn1_load(data, blob);
+ asn1_start_tag(data, ASN1_SEQUENCE(0));
+ asn1_read_Integer(data, &i1);
+ asn1_start_tag(data, ASN1_APPLICATION(4));
+ asn1_read_OctetString(data, NULL, &os1);
+ asn1_start_tag(data, ASN1_SEQUENCE(0));
+ asn1_start_tag(data, ASN1_SEQUENCE(0));
+ asn1_read_OctetString(data, NULL, &os2);
+ asn1_start_tag(data, ASN1_SET);
+ asn1_read_OctetString(data, NULL, &os3);
+ asn1_end_tag(data);
+ asn1_end_tag(data);
+ asn1_end_tag(data);
+ asn1_end_tag(data);
+ asn1_end_tag(data);
+
+ if (data->has_error) {
data_blob_free(&blob);
data_blob_free(&os1);
data_blob_free(&os2);
data_blob_free(&os3);
- asn1_free(&data);
+ asn1_free(data);
DEBUG(1,("Failed to parse cldap reply\n"));
return -1;
}
@@ -193,6 +202,7 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx,
data_blob_free(&os2);
data_blob_free(&os3);
data_blob_free(&blob);
+ asn1_free(data);
return -1;
}
@@ -202,6 +212,7 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx,
data_blob_free(&os2);
data_blob_free(&os3);
data_blob_free(&blob);
+ asn1_free(data);
TALLOC_FREE(r);
return -1;
}
@@ -212,8 +223,8 @@ static int recv_cldap_netlogon(TALLOC_CTX *mem_ctx,
data_blob_free(&os2);
data_blob_free(&os3);
data_blob_free(&blob);
-
- asn1_free(&data);
+
+ asn1_free(data);
if (reply) {
*reply = r;
@@ -244,7 +255,7 @@ bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx,
return False;
}
- ret = send_cldap_netlogon(sock, realm, global_myname(), nt_version);
+ ret = send_cldap_netlogon(mem_ctx, sock, realm, global_myname(), nt_version);
if (ret != 0) {
close(sock);
return False;
diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c
index 0ff9f2ba32..04ee6ee62a 100644
--- a/source3/libads/krb5_setpw.c
+++ b/source3/libads/krb5_setpw.c
@@ -65,7 +65,7 @@ static DATA_BLOB encode_krb5_setpw(const char *principal, const char *password)
char* c;
char* princ;
- ASN1_DATA req;
+ ASN1_DATA *req;
DATA_BLOB ret;
@@ -90,40 +90,43 @@ static DATA_BLOB encode_krb5_setpw(const char *principal, const char *password)
return data_blob_null;
}
- memset(&req, 0, sizeof(req));
-
- asn1_push_tag(&req, ASN1_SEQUENCE(0));
- asn1_push_tag(&req, ASN1_CONTEXT(0));
- asn1_write_OctetString(&req, password, strlen(password));
- asn1_pop_tag(&req);
+ req = asn1_init(talloc_tos());
+ if (req == NULL) {
+ return data_blob_null;
+ }
- asn1_push_tag(&req, ASN1_CONTEXT(1));
- asn1_push_tag(&req, ASN1_SEQUENCE(0));
+ asn1_push_tag(req, ASN1_SEQUENCE(0));
+ asn1_push_tag(req, ASN1_CONTEXT(0));
+ asn1_write_OctetString(req, password, strlen(password));
+ asn1_pop_tag(req);
- asn1_push_tag(&req, ASN1_CONTEXT(0));
- asn1_write_Integer(&req, 1);
- asn1_pop_tag(&req);
+ asn1_push_tag(req, ASN1_CONTEXT(1));
+ asn1_push_tag(req, ASN1_SEQUENCE(0));
- asn1_push_tag(&req, ASN1_CONTEXT(1));
- asn1_push_tag(&req, ASN1_SEQUENCE(0));
+ asn1_push_tag(req, ASN1_CONTEXT(0));
+ asn1_write_Integer(req, 1);
+ asn1_pop_tag(req);
+
+ asn1_push_tag(req, ASN1_CONTEXT(1));
+ asn1_push_tag(req, ASN1_SEQUENCE(0));
if (princ_part1) {
- asn1_write_GeneralString(&req, princ_part1);
+ asn1_write_GeneralString(req, princ_part1);
}
- asn1_write_GeneralString(&req, princ_part2);
- asn1_pop_tag(&req);
- asn1_pop_tag(&req);
- asn1_pop_tag(&req);
- asn1_pop_tag(&req);
-
- asn1_push_tag(&req, ASN1_CONTEXT(2));
- asn1_write_GeneralString(&req, realm);
- asn1_pop_tag(&req);
- asn1_pop_tag(&req);
-
- ret = data_blob(req.data, req.length);
- asn1_free(&req);
+ asn1_write_GeneralString(req, princ_part2);
+ asn1_pop_tag(req);
+ asn1_pop_tag(req);
+ asn1_pop_tag(req);
+ asn1_pop_tag(req);
+
+ asn1_push_tag(req, ASN1_CONTEXT(2));
+ asn1_write_GeneralString(req, realm);
+ asn1_pop_tag(req);
+ asn1_pop_tag(req);
+
+ ret = data_blob(req->data, req->length);
+ asn1_free(req);
free(princ);