diff options
Diffstat (limited to 'source3/libnet')
-rw-r--r-- | source3/libnet/libnet_conf.c | 385 | ||||
-rw-r--r-- | source3/libnet/libnet_join.c | 139 | ||||
-rw-r--r-- | source3/libnet/libnet_join.h | 12 |
3 files changed, 318 insertions, 218 deletions
diff --git a/source3/libnet/libnet_conf.c b/source3/libnet/libnet_conf.c index 1069abcfbd..c8e55a70b2 100644 --- a/source3/libnet/libnet_conf.c +++ b/source3/libnet/libnet_conf.c @@ -1,7 +1,7 @@ /* * Unix SMB/CIFS implementation. * libnet smbconf registry Support - * Copyright (C) Michael Adam 2007 + * Copyright (C) Michael Adam 2007-2008 * Copyright (C) Guenther Deschner 2007 * * This program is free software; you can redistribute it and/or modify @@ -21,6 +21,11 @@ #include "includes.h" #include "libnet/libnet.h" +/* + * yuck - static variable to keep track of the registry initialization. + */ +static bool registry_initialized = false; + /********************************************************************** * * Helper functions (mostly registry related) @@ -31,12 +36,11 @@ /** * add a string to a talloced array of strings. */ -static WERROR libnet_smbconf_add_string_to_array(TALLOC_CTX *mem_ctx, - char ***array, - uint32_t count, - const char *string) +static WERROR libnet_conf_add_string_to_array(TALLOC_CTX *mem_ctx, + char ***array, + uint32_t count, + const char *string) { - WERROR werr = WERR_OK; char **new_array = NULL; if ((array == NULL) || (string == NULL)) { @@ -55,31 +59,65 @@ static WERROR libnet_smbconf_add_string_to_array(TALLOC_CTX *mem_ctx, return WERR_OK; } -/* - * Open a subkey of KEY_SMBCONF (i.e a service) +static WERROR libnet_conf_reg_initialize(void) +{ + WERROR werr = WERR_OK; + + if (registry_initialized) { + goto done; + } + + if (!registry_init_regdb()) { + werr = WERR_REG_IO_FAILURE; + goto done; + } + + registry_initialized = true; + +done: + return werr; +} + +/** + * Open a registry key specified by "path" */ -static WERROR libnet_smbconf_reg_open_path(TALLOC_CTX *ctx, - const char *subkeyname, - uint32 desired_access, - struct registry_key **key) +static WERROR libnet_conf_reg_open_path(TALLOC_CTX *mem_ctx, + const char *path, + uint32 desired_access, + struct registry_key **key) { WERROR werr = WERR_OK; - char *path = NULL; NT_USER_TOKEN *token; + TALLOC_CTX *tmp_ctx = NULL; - if (!(token = registry_create_admin_token(ctx))) { - DEBUG(1, ("Error creating admin token\n")); + if (path == NULL) { + DEBUG(1, ("Error: NULL path string given\n")); + werr = WERR_INVALID_PARAM; goto done; } - if (subkeyname == NULL) { - path = talloc_strdup(ctx, KEY_SMBCONF); - } else { - path = talloc_asprintf(ctx, "%s\\%s", KEY_SMBCONF, subkeyname); + tmp_ctx = talloc_new(mem_ctx); + if (tmp_ctx == NULL) { + werr = WERR_NOMEM; + goto done; } - werr = reg_open_path(ctx, path, desired_access, - token, key); + werr = libnet_conf_reg_initialize(); + if (!W_ERROR_IS_OK(werr)) { + DEBUG(1, ("Error initializing registry: %s\n", + dos_errstr(werr))); + goto done; + } + + token = registry_create_admin_token(tmp_ctx); + if (token == NULL) { + DEBUG(1, ("Error creating admin token\n")); + /* what is the appropriate error code here? */ + werr = WERR_CAN_NOT_COMPLETE; + goto done; + } + + werr = reg_open_path(mem_ctx, path, desired_access, token, key); if (!W_ERROR_IS_OK(werr)) { DEBUG(1, ("Error opening registry path '%s': %s\n", @@ -87,42 +125,51 @@ static WERROR libnet_smbconf_reg_open_path(TALLOC_CTX *ctx, } done: - TALLOC_FREE(path); + TALLOC_FREE(tmp_ctx); return werr; } -/* - * open the base key KEY_SMBCONF +/** + * Open a subkey of KEY_SMBCONF (i.e a service) */ -static WERROR libnet_smbconf_reg_open_basepath(TALLOC_CTX *ctx, +static WERROR libnet_conf_reg_open_service_key(TALLOC_CTX *ctx, + const char *servicename, uint32 desired_access, struct registry_key **key) { - return libnet_smbconf_reg_open_path(ctx, NULL, desired_access, key); -} - -/* - * check if a subkey of KEY_SMBCONF of a given name exists - */ -bool libnet_smbconf_key_exists(const char *subkeyname) -{ - bool ret = false; WERROR werr = WERR_OK; - TALLOC_CTX *mem_ctx = talloc_stackframe(); - struct registry_key *key = NULL; + char *path = NULL; - werr = libnet_smbconf_reg_open_path(mem_ctx, subkeyname, REG_KEY_READ, - &key); - if (W_ERROR_IS_OK(werr)) { - ret = true; + if (servicename == NULL) { + DEBUG(3, ("Error: NULL servicename given.\n")); + werr = WERR_INVALID_PARAM; + goto done; } - TALLOC_FREE(mem_ctx); - return ret; + path = talloc_asprintf(ctx, "%s\\%s", KEY_SMBCONF, servicename); + + werr = libnet_conf_reg_open_path(ctx, path, desired_access, key); + +done: + TALLOC_FREE(path); + return werr; +} + +/** + * open the base key KEY_SMBCONF + */ +static WERROR libnet_conf_reg_open_base_key(TALLOC_CTX *ctx, + uint32 desired_access, + struct registry_key **key) +{ + return libnet_conf_reg_open_path(ctx, KEY_SMBCONF, desired_access, key); } -static bool libnet_smbconf_value_exists(struct registry_key *key, - const char *param) +/** + * check if a value exists in a given registry key + */ +static bool libnet_conf_value_exists(struct registry_key *key, + const char *param) { bool ret = false; WERROR werr = WERR_OK; @@ -138,12 +185,12 @@ static bool libnet_smbconf_value_exists(struct registry_key *key, return ret; } -/* +/** * create a subkey of KEY_SMBCONF */ -WERROR libnet_smbconf_reg_createkey_internal(TALLOC_CTX *ctx, - const char * subkeyname, - struct registry_key **newkey) +static WERROR libnet_conf_reg_create_service_key(TALLOC_CTX *ctx, + const char * subkeyname, + struct registry_key **newkey) { WERROR werr = WERR_OK; struct registry_key *create_parent = NULL; @@ -158,8 +205,8 @@ WERROR libnet_smbconf_reg_createkey_internal(TALLOC_CTX *ctx, goto done; } - werr = libnet_smbconf_reg_open_basepath(create_ctx, REG_KEY_WRITE, - &create_parent); + werr = libnet_conf_reg_open_base_key(create_ctx, REG_KEY_WRITE, + &create_parent); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -167,12 +214,12 @@ WERROR libnet_smbconf_reg_createkey_internal(TALLOC_CTX *ctx, werr = reg_createkey(ctx, create_parent, subkeyname, REG_KEY_WRITE, newkey, &action); if (W_ERROR_IS_OK(werr) && (action != REG_CREATED_NEW_KEY)) { - d_fprintf(stderr, "Key '%s' already exists.\n", subkeyname); + DEBUG(10, ("Key '%s' already exists.\n", subkeyname)); werr = WERR_ALREADY_EXISTS; } if (!W_ERROR_IS_OK(werr)) { - d_fprintf(stderr, "Error creating key %s: %s\n", - subkeyname, dos_errstr(werr)); + DEBUG(5, ("Error creating key %s: %s\n", + subkeyname, dos_errstr(werr))); } done: @@ -180,12 +227,12 @@ done: return werr; } -/* +/** * add a value to a key. */ -WERROR libnet_smbconf_reg_setvalue_internal(struct registry_key *key, - const char *valname, - const char *valstr) +static WERROR libnet_conf_reg_set_value(struct registry_key *key, + const char *valname, + const char *valstr) { struct registry_value val; WERROR werr = WERR_OK; @@ -198,11 +245,11 @@ WERROR libnet_smbconf_reg_setvalue_internal(struct registry_key *key, &canon_valstr)) { if (canon_valname == NULL) { - d_fprintf(stderr, "invalid parameter '%s' given\n", - valname); + DEBUG(5, ("invalid parameter '%s' given\n", + valname)); } else { - d_fprintf(stderr, "invalid value '%s' given for " - "parameter '%s'\n", valstr, valname); + DEBUG(5, ("invalid value '%s' given for " + "parameter '%s'\n", valstr, valname)); } werr = WERR_INVALID_PARAM; goto done; @@ -215,16 +262,16 @@ WERROR libnet_smbconf_reg_setvalue_internal(struct registry_key *key, val.v.sz.len = strlen(canon_valstr) + 1; if (registry_smbconf_valname_forbidden(canon_valname)) { - d_fprintf(stderr, "Parameter '%s' not allowed in registry.\n", - canon_valname); + DEBUG(5, ("Parameter '%s' not allowed in registry.\n", + canon_valname)); werr = WERR_INVALID_PARAM; goto done; } subkeyname = strrchr_m(key->key->name, '\\'); if ((subkeyname == NULL) || (*(subkeyname +1) == '\0')) { - d_fprintf(stderr, "Invalid registry key '%s' given as " - "smbconf section.\n", key->key->name); + DEBUG(5, ("Invalid registry key '%s' given as " + "smbconf section.\n", key->key->name)); werr = WERR_INVALID_PARAM; goto done; } @@ -232,19 +279,18 @@ WERROR libnet_smbconf_reg_setvalue_internal(struct registry_key *key, if (!strequal(subkeyname, GLOBAL_NAME) && lp_parameter_is_global(valname)) { - d_fprintf(stderr, "Global paramter '%s' not allowed in " + DEBUG(5, ("Global paramter '%s' not allowed in " "service definition ('%s').\n", canon_valname, - subkeyname); + subkeyname)); werr = WERR_INVALID_PARAM; goto done; } werr = reg_setvalue(key, canon_valname, &val); if (!W_ERROR_IS_OK(werr)) { - d_fprintf(stderr, - "Error adding value '%s' to " + DEBUG(5, ("Error adding value '%s' to " "key '%s': %s\n", - canon_valname, key->key->name, dos_errstr(werr)); + canon_valname, key->key->name, dos_errstr(werr))); } done: @@ -258,8 +304,8 @@ done: * which are ar stored as REG_SZ values, so the incomplete * handling should be ok. */ -static char *libnet_smbconf_format_registry_value(TALLOC_CTX *mem_ctx, - struct registry_value *value) +static char *libnet_conf_format_registry_value(TALLOC_CTX *mem_ctx, + struct registry_value *value) { char *result = NULL; @@ -299,11 +345,11 @@ static char *libnet_smbconf_format_registry_value(TALLOC_CTX *mem_ctx, * Get the values of a key as a list of value names * and a list of value strings (ordered) */ -static WERROR libnet_smbconf_reg_get_values(TALLOC_CTX *mem_ctx, - struct registry_key *key, - uint32_t *num_values, - char ***value_names, - char ***value_strings) +static WERROR libnet_conf_reg_get_values(TALLOC_CTX *mem_ctx, + struct registry_key *key, + uint32_t *num_values, + char ***value_names, + char ***value_strings) { TALLOC_CTX *tmp_ctx = NULL; WERROR werr = WERR_OK; @@ -333,19 +379,19 @@ static WERROR libnet_smbconf_reg_get_values(TALLOC_CTX *mem_ctx, { char *valstring; - werr = libnet_smbconf_add_string_to_array(tmp_ctx, - &tmp_valnames, - count, valname); + werr = libnet_conf_add_string_to_array(tmp_ctx, + &tmp_valnames, + count, valname); if (!W_ERROR_IS_OK(werr)) { goto done; } - valstring = libnet_smbconf_format_registry_value(tmp_ctx, - valvalue); - werr = libnet_smbconf_add_string_to_array(tmp_ctx, - &tmp_valstrings, - count, - valstring); + valstring = libnet_conf_format_registry_value(tmp_ctx, + valvalue); + werr = libnet_conf_add_string_to_array(tmp_ctx, + &tmp_valstrings, + count, + valstring); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -379,22 +425,15 @@ done: /** * Drop the whole configuration (restarting empty). */ -WERROR libnet_smbconf_drop(void) +WERROR libnet_conf_drop(void) { char *path, *p; WERROR werr = WERR_OK; - NT_USER_TOKEN *token; struct registry_key *parent_key = NULL; struct registry_key *new_key = NULL; TALLOC_CTX* mem_ctx = talloc_stackframe(); enum winreg_CreateAction action; - if (!(token = registry_create_admin_token(mem_ctx))) { - /* what is the appropriate error code here? */ - werr = WERR_CAN_NOT_COMPLETE; - goto done; - } - path = talloc_strdup(mem_ctx, KEY_SMBCONF); if (path == NULL) { werr = WERR_NOMEM; @@ -402,7 +441,8 @@ WERROR libnet_smbconf_drop(void) } p = strrchr(path, '\\'); *p = '\0'; - werr = reg_open_path(mem_ctx, path, REG_KEY_WRITE, token, &parent_key); + werr = libnet_conf_reg_open_path(mem_ctx, path, REG_KEY_WRITE, + &parent_key); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -431,9 +471,9 @@ done: * param_names : list of lists of parameter names for each share * param_values : list of lists of parameter values for each share */ -WERROR libnet_smbconf_get_config(TALLOC_CTX *mem_ctx, uint32_t *num_shares, - char ***share_names, uint32_t **num_params, - char ****param_names, char ****param_values) +WERROR libnet_conf_get_config(TALLOC_CTX *mem_ctx, uint32_t *num_shares, + char ***share_names, uint32_t **num_params, + char ****param_names, char ****param_values) { WERROR werr = WERR_OK; TALLOC_CTX *tmp_ctx = NULL; @@ -458,8 +498,8 @@ WERROR libnet_smbconf_get_config(TALLOC_CTX *mem_ctx, uint32_t *num_shares, goto done; } - werr = libnet_smbconf_get_share_names(tmp_ctx, &tmp_num_shares, - &tmp_share_names); + werr = libnet_conf_get_share_names(tmp_ctx, &tmp_num_shares, + &tmp_share_names); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -476,10 +516,10 @@ WERROR libnet_smbconf_get_config(TALLOC_CTX *mem_ctx, uint32_t *num_shares, } for (count = 0; count < tmp_num_shares; count++) { - werr = libnet_smbconf_getshare(mem_ctx, tmp_share_names[count], - &tmp_num_params[count], - &tmp_param_names[count], - &tmp_param_values[count]); + werr = libnet_conf_get_share(mem_ctx, tmp_share_names[count], + &tmp_num_params[count], + &tmp_param_names[count], + &tmp_param_values[count]); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -509,8 +549,8 @@ done: /** * get the list of share names defined in the configuration. */ -WERROR libnet_smbconf_get_share_names(TALLOC_CTX *mem_ctx, uint32_t *num_shares, - char ***share_names) +WERROR libnet_conf_get_share_names(TALLOC_CTX *mem_ctx, uint32_t *num_shares, + char ***share_names) { uint32_t count; uint32_t added_count = 0; @@ -532,19 +572,18 @@ WERROR libnet_smbconf_get_share_names(TALLOC_CTX *mem_ctx, uint32_t *num_shares, } /* make sure "global" is always listed first */ - if (libnet_smbconf_key_exists(GLOBAL_NAME)) { - werr = libnet_smbconf_add_string_to_array(tmp_ctx, - &tmp_share_names, - 0, GLOBAL_NAME); + if (libnet_conf_share_exists(GLOBAL_NAME)) { + werr = libnet_conf_add_string_to_array(tmp_ctx, + &tmp_share_names, + 0, GLOBAL_NAME); if (!W_ERROR_IS_OK(werr)) { goto done; } added_count++; } - werr = libnet_smbconf_reg_open_basepath(tmp_ctx, - SEC_RIGHTS_ENUM_SUBKEYS, - &key); + werr = libnet_conf_reg_open_base_key(tmp_ctx, SEC_RIGHTS_ENUM_SUBKEYS, + &key); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -558,10 +597,10 @@ WERROR libnet_smbconf_get_share_names(TALLOC_CTX *mem_ctx, uint32_t *num_shares, continue; } - werr = libnet_smbconf_add_string_to_array(tmp_ctx, - &tmp_share_names, - added_count, - subkey_name); + werr = libnet_conf_add_string_to_array(tmp_ctx, + &tmp_share_names, + added_count, + subkey_name); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -585,23 +624,64 @@ done: } /** + * check if a share/service of a given name exists + */ +bool libnet_conf_share_exists(const char *servicename) +{ + bool ret = false; + WERROR werr = WERR_OK; + TALLOC_CTX *mem_ctx = talloc_stackframe(); + struct registry_key *key = NULL; + + werr = libnet_conf_reg_open_service_key(mem_ctx, servicename, + REG_KEY_READ, &key); + if (W_ERROR_IS_OK(werr)) { + ret = true; + } + + TALLOC_FREE(mem_ctx); + return ret; +} + +/** + * Add a service if it does not already exist. + */ +WERROR libnet_conf_create_share(const char *servicename) +{ + WERROR werr; + TALLOC_CTX *mem_ctx = talloc_stackframe(); + struct registry_key *key = NULL; + + if (libnet_conf_share_exists(servicename)) { + werr = WERR_ALREADY_EXISTS; + goto done; + } + + werr = libnet_conf_reg_create_service_key(mem_ctx, servicename, &key); + +done: + TALLOC_FREE(mem_ctx); + return werr; +} + +/** * get a definition of a share (service) from configuration. */ -WERROR libnet_smbconf_getshare(TALLOC_CTX *mem_ctx, const char *servicename, - uint32_t *num_params, char ***param_names, - char ***param_values) +WERROR libnet_conf_get_share(TALLOC_CTX *mem_ctx, const char *servicename, + uint32_t *num_params, char ***param_names, + char ***param_values) { WERROR werr = WERR_OK; struct registry_key *key = NULL; - werr = libnet_smbconf_reg_open_path(mem_ctx, servicename, REG_KEY_READ, - &key); + werr = libnet_conf_reg_open_service_key(mem_ctx, servicename, + REG_KEY_READ, &key); if (!W_ERROR_IS_OK(werr)) { goto done; } - werr = libnet_smbconf_reg_get_values(mem_ctx, key, num_params, - param_names, param_values); + werr = libnet_conf_reg_get_values(mem_ctx, key, num_params, + param_names, param_values); done: TALLOC_FREE(key); @@ -611,13 +691,13 @@ done: /** * delete a service from configuration */ -WERROR libnet_smbconf_delshare(const char *servicename) +WERROR libnet_conf_delete_share(const char *servicename) { WERROR werr = WERR_OK; struct registry_key *key = NULL; TALLOC_CTX *ctx = talloc_stackframe(); - werr = libnet_smbconf_reg_open_basepath(ctx, REG_KEY_WRITE, &key); + werr = libnet_conf_reg_open_base_key(ctx, REG_KEY_WRITE, &key); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -632,26 +712,26 @@ done: /** * set a configuration parameter to the value provided. */ -WERROR libnet_smbconf_setparm(const char *service, - const char *param, - const char *valstr) +WERROR libnet_conf_set_parameter(const char *service, + const char *param, + const char *valstr) { WERROR werr; struct registry_key *key = NULL; TALLOC_CTX *mem_ctx = talloc_stackframe(); - if (!libnet_smbconf_key_exists(service)) { - werr = libnet_smbconf_reg_createkey_internal(mem_ctx, service, - &key); - } else { - werr = libnet_smbconf_reg_open_path(mem_ctx, service, - REG_KEY_WRITE, &key); + if (!libnet_conf_share_exists(service)) { + werr = WERR_NO_SUCH_SERVICE; + goto done; } + + werr = libnet_conf_reg_open_service_key(mem_ctx, service, REG_KEY_WRITE, + &key); if (!W_ERROR_IS_OK(werr)) { goto done; } - werr = libnet_smbconf_reg_setvalue_internal(key, param, valstr); + werr = libnet_conf_reg_set_value(key, param, valstr); done: TALLOC_FREE(mem_ctx); @@ -661,10 +741,10 @@ done: /** * get the value of a configuration parameter as a string */ -WERROR libnet_smbconf_getparm(TALLOC_CTX *mem_ctx, - const char *service, - const char *param, - char **valstr) +WERROR libnet_conf_get_parameter(TALLOC_CTX *mem_ctx, + const char *service, + const char *param, + char **valstr) { WERROR werr = WERR_OK; struct registry_key *key = NULL; @@ -675,18 +755,18 @@ WERROR libnet_smbconf_getparm(TALLOC_CTX *mem_ctx, goto done; } - if (!libnet_smbconf_key_exists(service)) { + if (!libnet_conf_share_exists(service)) { werr = WERR_NO_SUCH_SERVICE; goto done; } - werr = libnet_smbconf_reg_open_path(mem_ctx, service, REG_KEY_READ, - &key); + werr = libnet_conf_reg_open_service_key(mem_ctx, service, REG_KEY_READ, + &key); if (!W_ERROR_IS_OK(werr)) { goto done; } - if (!libnet_smbconf_value_exists(key, param)) { + if (!libnet_conf_value_exists(key, param)) { werr = WERR_INVALID_PARAM; goto done; } @@ -696,7 +776,7 @@ WERROR libnet_smbconf_getparm(TALLOC_CTX *mem_ctx, goto done; } - *valstr = libnet_smbconf_format_registry_value(mem_ctx, value); + *valstr = libnet_conf_format_registry_value(mem_ctx, value); if (*valstr == NULL) { werr = WERR_NOMEM; @@ -711,23 +791,23 @@ done: /** * delete a parameter from configuration */ -WERROR libnet_smbconf_delparm(const char *service, - const char *param) +WERROR libnet_conf_delete_parameter(const char *service, const char *param) { struct registry_key *key = NULL; WERROR werr = WERR_OK; TALLOC_CTX *mem_ctx = talloc_stackframe(); - if (!libnet_smbconf_key_exists(service)) { + if (!libnet_conf_share_exists(service)) { return WERR_NO_SUCH_SERVICE; } - werr = libnet_smbconf_reg_open_path(mem_ctx, service, REG_KEY_ALL, &key); + werr = libnet_conf_reg_open_service_key(mem_ctx, service, REG_KEY_ALL, + &key); if (!W_ERROR_IS_OK(werr)) { goto done; } - if (!libnet_smbconf_value_exists(key, param)) { + if (!libnet_conf_value_exists(key, param)) { werr = WERR_INVALID_PARAM; goto done; } @@ -746,9 +826,8 @@ done: * **********************************************************************/ -WERROR libnet_smbconf_set_global_param(const char *param, - const char *val) +WERROR libnet_conf_set_global_parameter(const char *param, const char *val) { - return libnet_smbconf_setparm(GLOBAL_NAME, param, val); + return libnet_conf_set_parameter(GLOBAL_NAME, param, val); } diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 6edcdb8945..95b643ffa6 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -2,7 +2,7 @@ * Unix SMB/CIFS implementation. * libnet Join Support * Copyright (C) Gerald (Jerry) Carter 2006 - * Copyright (C) Guenther Deschner 2007 + * Copyright (C) Guenther Deschner 2007-2008 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -22,12 +22,30 @@ #include "libnet/libnet_join.h" #include "libnet/libnet_proto.h" -static NTSTATUS do_DomainJoin(TALLOC_CTX *mem_ctx, - struct libnet_JoinCtx *r) +static bool libnet_join_joindomain_store_secrets(TALLOC_CTX *mem_ctx, + struct libnet_JoinCtx *r) +{ + if (!secrets_store_domain_sid(r->out.netbios_domain_name, + r->out.domain_sid)) + { + return false; + } + + if (!secrets_store_machine_password(r->in.machine_password, + r->out.netbios_domain_name, + SEC_CHAN_WKSTA)) + { + return false; + } + + return true; +} + +static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, + struct libnet_JoinCtx *r) { struct cli_state *cli = NULL; struct rpc_pipe_client *pipe_hnd = NULL; - const char *password = NULL; POLICY_HND sam_pol, domain_pol, user_pol, lsa_pol; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; char *acct_name; @@ -46,17 +64,20 @@ static NTSTATUS do_DomainJoin(TALLOC_CTX *mem_ctx, DATA_BLOB digested_session_key; uchar md4_trust_password[16]; - password = talloc_strdup(mem_ctx, - generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH)); - NT_STATUS_HAVE_NO_MEMORY(password); + if (!r->in.machine_password) { + r->in.machine_password = talloc_strdup(mem_ctx, generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH)); + NT_STATUS_HAVE_NO_MEMORY(r->in.machine_password); + } - status = cli_full_connection(&cli, NULL, r->in.server_name, + status = cli_full_connection(&cli, NULL, + r->in.dc_name, NULL, 0, "IPC$", "IPC", r->in.admin_account, - NULL, //r->in.domain_name, - r->in.password, - 0, Undefined, NULL); + NULL, + r->in.admin_password, + 0, + Undefined, NULL); if (!NT_STATUS_IS_OK(status)) { goto done; @@ -152,15 +173,16 @@ static NTSTATUS do_DomainJoin(TALLOC_CTX *mem_ctx, goto done; } - E_md4hash(r->in.password, md4_trust_password); - encode_pw_buffer(pwbuf, r->in.password, STR_UNICODE); + E_md4hash(r->in.machine_password, md4_trust_password); + encode_pw_buffer(pwbuf, r->in.machine_password, STR_UNICODE); generate_random_buffer((uint8*)md5buffer, sizeof(md5buffer)); digested_session_key = data_blob_talloc(mem_ctx, 0, 16); MD5Init(&md5ctx); MD5Update(&md5ctx, md5buffer, sizeof(md5buffer)); - MD5Update(&md5ctx, cli->user_session_key.data, cli->user_session_key.length); + MD5Update(&md5ctx, cli->user_session_key.data, + cli->user_session_key.length); MD5Final(digested_session_key.data, &md5ctx); SamOEMhashBlob(pwbuf, sizeof(pwbuf), &digested_session_key); @@ -194,21 +216,6 @@ static NTSTATUS do_DomainJoin(TALLOC_CTX *mem_ctx, rpccli_samr_close(pipe_hnd, mem_ctx, &user_pol); cli_rpc_pipe_close(pipe_hnd); - if (!secrets_store_domain_sid(r->out.netbios_domain_name, - r->out.domain_sid)) - { - status = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - - if (!secrets_store_machine_password(password, - r->out.netbios_domain_name, - SEC_CHAN_WKSTA)) - { - status = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - status = NT_STATUS_OK; done: if (cli) { @@ -218,8 +225,22 @@ static NTSTATUS do_DomainJoin(TALLOC_CTX *mem_ctx, return status; } -static NTSTATUS do_DomainUnjoin(TALLOC_CTX *mem_ctx, - struct libnet_UnjoinCtx *r) +static bool libnet_join_unjoindomain_remove_secrets(TALLOC_CTX *mem_ctx, + struct libnet_UnjoinCtx *r) +{ + if (!secrets_delete_machine_password_ex(lp_workgroup())) { + return false; + } + + if (!secrets_delete_domain_sid(lp_workgroup())) { + return false; + } + + return true; +} + +static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx, + struct libnet_UnjoinCtx *r) { struct cli_state *cli = NULL; struct rpc_pipe_client *pipe_hnd = NULL; @@ -233,12 +254,13 @@ static NTSTATUS do_DomainUnjoin(TALLOC_CTX *mem_ctx, SAM_USERINFO_CTR ctr, *qctr = NULL; SAM_USER_INFO_16 p16; - status = cli_full_connection(&cli, NULL, r->in.server_name, + status = cli_full_connection(&cli, NULL, + r->in.dc_name, NULL, 0, "IPC$", "IPC", r->in.admin_account, - NULL, //r->in.domain_name, - r->in.password, + NULL, + r->in.admin_password, 0, Undefined, NULL); if (!NT_STATUS_IS_OK(status)) { @@ -308,21 +330,12 @@ static NTSTATUS do_DomainUnjoin(TALLOC_CTX *mem_ctx, rpccli_samr_close(pipe_hnd, mem_ctx, &user_pol); - if (!secrets_delete_machine_password_ex(lp_workgroup())) { - status = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - - if (!secrets_delete_domain_sid(lp_workgroup())) { - status = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - done: - rpccli_samr_close(pipe_hnd, mem_ctx, &domain_pol); - rpccli_samr_close(pipe_hnd, mem_ctx, &sam_pol); - - cli_rpc_pipe_close(pipe_hnd); + if (pipe_hnd) { + rpccli_samr_close(pipe_hnd, mem_ctx, &domain_pol); + rpccli_samr_close(pipe_hnd, mem_ctx, &sam_pol); + cli_rpc_pipe_close(pipe_hnd); + } if (cli) { cli_shutdown(cli); @@ -338,11 +351,11 @@ static WERROR do_join_modify_vals_config(struct libnet_JoinCtx *r) if (!(r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE)) { - werr = libnet_smbconf_set_global_param("security", "user"); + werr = libnet_conf_set_global_parameter("security", "user"); W_ERROR_NOT_OK_RETURN(werr); - werr = libnet_smbconf_set_global_param("workgroup", - r->in.domain_name); + werr = libnet_conf_set_global_parameter("workgroup", + r->in.domain_name); return werr; } @@ -350,18 +363,18 @@ static WERROR do_join_modify_vals_config(struct libnet_JoinCtx *r) is_ad = true; } - werr = libnet_smbconf_set_global_param("security", "domain"); + werr = libnet_conf_set_global_parameter("security", "domain"); W_ERROR_NOT_OK_RETURN(werr); - werr = libnet_smbconf_set_global_param("workgroup", - r->out.netbios_domain_name); + werr = libnet_conf_set_global_parameter("workgroup", + r->out.netbios_domain_name); W_ERROR_NOT_OK_RETURN(werr); if (is_ad) { - werr = libnet_smbconf_set_global_param("security", "ads"); + werr = libnet_conf_set_global_parameter("security", "ads"); W_ERROR_NOT_OK_RETURN(werr); - werr = libnet_smbconf_set_global_param("realm", + werr = libnet_conf_set_global_parameter("realm", r->out.dns_domain_name); W_ERROR_NOT_OK_RETURN(werr); } @@ -375,11 +388,11 @@ static WERROR do_unjoin_modify_vals_config(struct libnet_UnjoinCtx *r) if (r->in.unjoin_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) { - werr = libnet_smbconf_set_global_param("security", "user"); + werr = libnet_conf_set_global_parameter("security", "user"); W_ERROR_NOT_OK_RETURN(werr); } - werr = libnet_smbconf_delparm("GLOBAL", "realm"); + werr = libnet_conf_delete_parameter(GLOBAL_NAME, "realm"); return werr; } @@ -481,13 +494,17 @@ WERROR libnet_Join(TALLOC_CTX *mem_ctx, if (r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) { - status = do_DomainJoin(mem_ctx, r); + status = libnet_join_joindomain_rpc(mem_ctx, r); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) { return WERR_SETUP_ALREADY_JOINED; } return ntstatus_to_werror(status); } + + if (!libnet_join_joindomain_store_secrets(mem_ctx, r)) { + return WERR_SETUP_NOT_JOINED; + } } werr = do_JoinConfig(r); @@ -510,13 +527,15 @@ WERROR libnet_Unjoin(TALLOC_CTX *mem_ctx, if (r->in.unjoin_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) { - status = do_DomainUnjoin(mem_ctx, r); + status = libnet_join_unjoindomain_rpc(mem_ctx, r); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)) { return WERR_SETUP_NOT_JOINED; } return ntstatus_to_werror(status); } + + libnet_join_unjoindomain_remove_secrets(mem_ctx, r); } werr = do_UnjoinConfig(r); diff --git a/source3/libnet/libnet_join.h b/source3/libnet/libnet_join.h index 46ab27e8b0..9e7b8a9813 100644 --- a/source3/libnet/libnet_join.h +++ b/source3/libnet/libnet_join.h @@ -1,7 +1,7 @@ /* * Unix SMB/CIFS implementation. * libnet Join Support - * Copyright (C) Guenther Deschner 2007 + * Copyright (C) Guenther Deschner 2007-2008 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -22,11 +22,13 @@ struct libnet_JoinCtx { struct { - const char *server_name; + const char *dc_name; + const char *machine_name; const char *domain_name; const char *account_ou; const char *admin_account; - const char *password; + const char *admin_password; + const char *machine_password; uint32_t join_flags; const char *os_version; const char *os_string; @@ -47,10 +49,10 @@ struct libnet_JoinCtx { struct libnet_UnjoinCtx { struct { - const char *server_name; + const char *dc_name; const char *domain_name; const char *admin_account; - const char *password; + const char *admin_password; uint32_t unjoin_flags; bool modify_config; struct dom_sid *domain_sid; |