diff options
Diffstat (limited to 'source3/libsmb')
| -rw-r--r-- | source3/libsmb/async_smb.c | 4 | ||||
| -rw-r--r-- | source3/libsmb/clidgram.c | 93 | ||||
| -rw-r--r-- | source3/libsmb/clientgen.c | 4 | ||||
| -rw-r--r-- | source3/libsmb/clierror.c | 140 | ||||
| -rw-r--r-- | source3/libsmb/cliquota.c | 50 | ||||
| -rw-r--r-- | source3/libsmb/dsgetdcname.c | 418 | ||||
| -rw-r--r-- | source3/libsmb/libsmb_xattr.c | 2 | ||||
| -rw-r--r-- | source3/libsmb/ntlmssp_sign.c | 4 | ||||
| -rw-r--r-- | source3/libsmb/samlogon_cache.c | 4 | ||||
| -rw-r--r-- | source3/libsmb/smbencrypt.c | 2 | ||||
| -rw-r--r-- | source3/libsmb/trusts_util.c | 108 |
11 files changed, 142 insertions, 687 deletions
diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index fb35ecbe1f..68495076b6 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -924,7 +924,7 @@ static void cli_state_handler(struct event_context *event_ctx, } cli->evt_inbuf = tmp; - res = recv(cli->fd, cli->evt_inbuf + old_size, available, 0); + res = sys_recv(cli->fd, cli->evt_inbuf + old_size, available, 0); if (res == -1) { DEBUG(10, ("recv failed: %s\n", strerror(errno))); status = map_nt_error_from_unix(errno); @@ -970,7 +970,7 @@ static void cli_state_handler(struct event_context *event_ctx, return; } - sent = send(cli->fd, req->outbuf + req->sent, + sent = sys_send(cli->fd, req->outbuf + req->sent, to_send - req->sent, 0); if (sent < 0) { diff --git a/source3/libsmb/clidgram.c b/source3/libsmb/clidgram.c index 8b35a69def..611ae0870c 100644 --- a/source3/libsmb/clidgram.c +++ b/source3/libsmb/clidgram.c @@ -136,8 +136,8 @@ bool send_getdc_request(TALLOC_CTX *mem_ctx, struct in_addr dc_ip; const char *my_acct_name = NULL; const char *my_mailslot = NULL; - struct nbt_ntlogon_packet packet; - struct nbt_ntlogon_sam_logon *s; + struct nbt_netlogon_packet packet; + struct NETLOGON_SAM_LOGON_REQUEST *s; enum ndr_err_code ndr_err; DATA_BLOB blob; struct dom_sid my_sid; @@ -164,7 +164,7 @@ bool send_getdc_request(TALLOC_CTX *mem_ctx, return false; } - packet.command = NTLOGON_SAM_LOGON; + packet.command = LOGON_SAM_LOGON_REQUEST; s = &packet.req.logon; s->request_count = 0; @@ -178,11 +178,11 @@ bool send_getdc_request(TALLOC_CTX *mem_ctx, s->lm20_token = 0xffff; if (DEBUGLEVEL >= 10) { - NDR_PRINT_DEBUG(nbt_ntlogon_packet, &packet); + NDR_PRINT_DEBUG(nbt_netlogon_packet, &packet); } - ndr_err = ndr_push_struct_blob(&blob, mem_ctx, &packet, - (ndr_push_flags_fn_t)ndr_push_nbt_ntlogon_packet); + ndr_err = ndr_push_struct_blob(&blob, mem_ctx, NULL, &packet, + (ndr_push_flags_fn_t)ndr_push_nbt_netlogon_packet); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return false; } @@ -199,15 +199,16 @@ bool receive_getdc_response(TALLOC_CTX *mem_ctx, const char *domain_name, uint32_t *nt_version, const char **dc_name, - union nbt_cldap_netlogon **reply) + struct netlogon_samlogon_response **_r) { struct packet_struct *packet; const char *my_mailslot = NULL; struct in_addr dc_ip; DATA_BLOB blob; - union nbt_cldap_netlogon r; + struct netlogon_samlogon_response r; union dgram_message_body p; enum ndr_err_code ndr_err; + NTSTATUS status; const char *returned_dc = NULL; const char *returned_domain = NULL; @@ -266,66 +267,20 @@ bool receive_getdc_response(TALLOC_CTX *mem_ctx, blob = p.smb.body.trans.data; - if (!pull_mailslot_cldap_reply(mem_ctx, &blob, - &r, nt_version)) - { + ZERO_STRUCT(r); + + status = pull_netlogon_samlogon_response(&blob, mem_ctx, NULL, &r); + if (!NT_STATUS_IS_OK(status)) { return false; } - switch (*nt_version) { - case 1: - case 16: - case 17: - - returned_domain = r.logon1.domain_name; - returned_dc = r.logon1.pdc_name; - break; - case 2: - case 3: - case 18: - case 19: - returned_domain = r.logon3.domain_name; - returned_dc = r.logon3.pdc_name; - break; - case 4: - case 5: - case 6: - case 7: - returned_domain = r.logon5.domain; - returned_dc = r.logon5.pdc_name; - break; - case 8: - case 9: - case 10: - case 11: - case 12: - case 13: - case 14: - case 15: - returned_domain = r.logon13.domain; - returned_dc = r.logon13.pdc_name; - break; - case 20: - case 21: - case 22: - case 23: - case 24: - case 25: - case 26: - case 27: - case 28: - returned_domain = r.logon15.domain; - returned_dc = r.logon15.pdc_name; - break; - case 29: - case 30: - case 31: - returned_domain = r.logon29.domain; - returned_dc = r.logon29.pdc_name; - break; - default: - return false; - } + map_netlogon_samlogon_response(&r); + + /* do we still need this ? */ + *nt_version = r.ntver; + + returned_domain = r.data.nt5_ex.domain; + returned_dc = r.data.nt5_ex.pdc_name; if (!strequal(returned_domain, domain_name)) { DEBUG(3, ("GetDC: Expected domain %s, got %s\n", @@ -341,10 +296,10 @@ bool receive_getdc_response(TALLOC_CTX *mem_ctx, if (**dc_name == '\\') *dc_name += 1; if (**dc_name == '\\') *dc_name += 1; - if (reply) { - *reply = (union nbt_cldap_netlogon *)talloc_memdup( - mem_ctx, &r, sizeof(union nbt_cldap_netlogon)); - if (!*reply) { + if (_r) { + *_r = (struct netlogon_samlogon_response *)talloc_memdup( + mem_ctx, &r, sizeof(struct netlogon_samlogon_response)); + if (!*_r) { return false; } } diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 9d65fb4e94..8a5aedfde5 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -464,13 +464,11 @@ struct cli_state *cli_initialise(void) return NULL; } - cli = talloc(NULL, struct cli_state); + cli = TALLOC_ZERO_P(NULL, struct cli_state); if (!cli) { return NULL; } - ZERO_STRUCTP(cli); - cli->port = 0; cli->fd = -1; cli->cnum = -1; diff --git a/source3/libsmb/clierror.c b/source3/libsmb/clierror.c index 36746419f7..54f8a7a43c 100644 --- a/source3/libsmb/clierror.c +++ b/source3/libsmb/clierror.c @@ -236,142 +236,6 @@ void cli_dos_error(struct cli_state *cli, uint8 *eclass, uint32 *ecode) *ecode = SVAL(cli->inbuf,smb_err); } -/* Return a UNIX errno from a NT status code */ -static const struct { - NTSTATUS status; - int error; -} nt_errno_map[] = { - {NT_STATUS_ACCESS_VIOLATION, EACCES}, - {NT_STATUS_INVALID_HANDLE, EBADF}, - {NT_STATUS_ACCESS_DENIED, EACCES}, - {NT_STATUS_OBJECT_NAME_NOT_FOUND, ENOENT}, - {NT_STATUS_OBJECT_PATH_NOT_FOUND, ENOENT}, - {NT_STATUS_SHARING_VIOLATION, EBUSY}, - {NT_STATUS_OBJECT_PATH_INVALID, ENOTDIR}, - {NT_STATUS_OBJECT_NAME_COLLISION, EEXIST}, - {NT_STATUS_PATH_NOT_COVERED, ENOENT}, - {NT_STATUS_UNSUCCESSFUL, EINVAL}, - {NT_STATUS_NOT_IMPLEMENTED, ENOSYS}, - {NT_STATUS_IN_PAGE_ERROR, EFAULT}, - {NT_STATUS_BAD_NETWORK_NAME, ENOENT}, -#ifdef EDQUOT - {NT_STATUS_PAGEFILE_QUOTA, EDQUOT}, - {NT_STATUS_QUOTA_EXCEEDED, EDQUOT}, - {NT_STATUS_REGISTRY_QUOTA_LIMIT, EDQUOT}, - {NT_STATUS_LICENSE_QUOTA_EXCEEDED, EDQUOT}, -#endif -#ifdef ETIME - {NT_STATUS_TIMER_NOT_CANCELED, ETIME}, -#endif - {NT_STATUS_INVALID_PARAMETER, EINVAL}, - {NT_STATUS_NO_SUCH_DEVICE, ENODEV}, - {NT_STATUS_NO_SUCH_FILE, ENOENT}, -#ifdef ENODATA - {NT_STATUS_END_OF_FILE, ENODATA}, -#endif -#ifdef ENOMEDIUM - {NT_STATUS_NO_MEDIA_IN_DEVICE, ENOMEDIUM}, - {NT_STATUS_NO_MEDIA, ENOMEDIUM}, -#endif - {NT_STATUS_NONEXISTENT_SECTOR, ESPIPE}, - {NT_STATUS_NO_MEMORY, ENOMEM}, - {NT_STATUS_CONFLICTING_ADDRESSES, EADDRINUSE}, - {NT_STATUS_NOT_MAPPED_VIEW, EINVAL}, - {NT_STATUS_UNABLE_TO_FREE_VM, EADDRINUSE}, - {NT_STATUS_ACCESS_DENIED, EACCES}, - {NT_STATUS_BUFFER_TOO_SMALL, ENOBUFS}, - {NT_STATUS_WRONG_PASSWORD, EACCES}, - {NT_STATUS_LOGON_FAILURE, EACCES}, - {NT_STATUS_INVALID_WORKSTATION, EACCES}, - {NT_STATUS_INVALID_LOGON_HOURS, EACCES}, - {NT_STATUS_PASSWORD_EXPIRED, EACCES}, - {NT_STATUS_ACCOUNT_DISABLED, EACCES}, - {NT_STATUS_DISK_FULL, ENOSPC}, - {NT_STATUS_INVALID_PIPE_STATE, EPIPE}, - {NT_STATUS_PIPE_BUSY, EPIPE}, - {NT_STATUS_PIPE_DISCONNECTED, EPIPE}, - {NT_STATUS_PIPE_NOT_AVAILABLE, ENOSYS}, - {NT_STATUS_FILE_IS_A_DIRECTORY, EISDIR}, - {NT_STATUS_NOT_SUPPORTED, ENOSYS}, - {NT_STATUS_NOT_A_DIRECTORY, ENOTDIR}, - {NT_STATUS_DIRECTORY_NOT_EMPTY, ENOTEMPTY}, - {NT_STATUS_NETWORK_UNREACHABLE, ENETUNREACH}, - {NT_STATUS_HOST_UNREACHABLE, EHOSTUNREACH}, - {NT_STATUS_CONNECTION_ABORTED, ECONNABORTED}, - {NT_STATUS_CONNECTION_REFUSED, ECONNREFUSED}, - {NT_STATUS_TOO_MANY_LINKS, EMLINK}, - {NT_STATUS_NETWORK_BUSY, EBUSY}, - {NT_STATUS_DEVICE_DOES_NOT_EXIST, ENODEV}, -#ifdef ELIBACC - {NT_STATUS_DLL_NOT_FOUND, ELIBACC}, -#endif - {NT_STATUS_PIPE_BROKEN, EPIPE}, - {NT_STATUS_REMOTE_NOT_LISTENING, ECONNREFUSED}, - {NT_STATUS_NETWORK_ACCESS_DENIED, EACCES}, - {NT_STATUS_TOO_MANY_OPENED_FILES, EMFILE}, -#ifdef EPROTO - {NT_STATUS_DEVICE_PROTOCOL_ERROR, EPROTO}, -#endif - {NT_STATUS_FLOAT_OVERFLOW, ERANGE}, - {NT_STATUS_FLOAT_UNDERFLOW, ERANGE}, - {NT_STATUS_INTEGER_OVERFLOW, ERANGE}, - {NT_STATUS_MEDIA_WRITE_PROTECTED, EROFS}, - {NT_STATUS_PIPE_CONNECTED, EISCONN}, - {NT_STATUS_MEMORY_NOT_ALLOCATED, EFAULT}, - {NT_STATUS_FLOAT_INEXACT_RESULT, ERANGE}, - {NT_STATUS_ILL_FORMED_PASSWORD, EACCES}, - {NT_STATUS_PASSWORD_RESTRICTION, EACCES}, - {NT_STATUS_ACCOUNT_RESTRICTION, EACCES}, - {NT_STATUS_PORT_CONNECTION_REFUSED, ECONNREFUSED}, - {NT_STATUS_NAME_TOO_LONG, ENAMETOOLONG}, - {NT_STATUS_REMOTE_DISCONNECT, ESHUTDOWN}, - {NT_STATUS_CONNECTION_DISCONNECTED, ECONNABORTED}, - {NT_STATUS_CONNECTION_RESET, ENETRESET}, -#ifdef ENOTUNIQ - {NT_STATUS_IP_ADDRESS_CONFLICT1, ENOTUNIQ}, - {NT_STATUS_IP_ADDRESS_CONFLICT2, ENOTUNIQ}, -#endif - {NT_STATUS_PORT_MESSAGE_TOO_LONG, EMSGSIZE}, - {NT_STATUS_PROTOCOL_UNREACHABLE, ENOPROTOOPT}, - {NT_STATUS_ADDRESS_ALREADY_EXISTS, EADDRINUSE}, - {NT_STATUS_PORT_UNREACHABLE, EHOSTUNREACH}, - {NT_STATUS_IO_TIMEOUT, ETIMEDOUT}, - {NT_STATUS_RETRY, EAGAIN}, -#ifdef ENOTUNIQ - {NT_STATUS_DUPLICATE_NAME, ENOTUNIQ}, -#endif -#ifdef ECOMM - {NT_STATUS_NET_WRITE_FAULT, ECOMM}, -#endif -#ifdef EXDEV - {NT_STATUS_NOT_SAME_DEVICE, EXDEV}, -#endif - {NT_STATUS(0), 0} -}; - -/**************************************************************************** - The following mappings need tidying up and moving into libsmb/errormap.c... -****************************************************************************/ - -static int cli_errno_from_nt(NTSTATUS status) -{ - int i; - DEBUG(10,("cli_errno_from_nt: 32 bit codes: code=%08x\n", NT_STATUS_V(status))); - - /* Status codes without this bit set are not errors */ - - if (!(NT_STATUS_V(status) & 0xc0000000)) { - return 0; - } - - for (i=0;nt_errno_map[i].error;i++) { - if (NT_STATUS_V(nt_errno_map[i].status) == - NT_STATUS_V(status)) return nt_errno_map[i].error; - } - - /* for all other cases - a default code */ - return EINVAL; -} /* Return a UNIX errno appropriate for the error received in the last packet. */ @@ -382,7 +246,7 @@ int cli_errno(struct cli_state *cli) if (cli_is_nt_error(cli)) { status = cli_nt_error(cli); - return cli_errno_from_nt(status); + return map_errno_from_nt_status(status); } if (cli_is_dos_error(cli)) { @@ -391,7 +255,7 @@ int cli_errno(struct cli_state *cli) cli_dos_error(cli, &eclass, &ecode); status = dos_to_ntstatus(eclass, ecode); - return cli_errno_from_nt(status); + return map_errno_from_nt_status(status); } /* diff --git a/source3/libsmb/cliquota.c b/source3/libsmb/cliquota.c index f369d28dff..dcdfec241d 100644 --- a/source3/libsmb/cliquota.c +++ b/source3/libsmb/cliquota.c @@ -2,17 +2,17 @@ Unix SMB/CIFS implementation. client quota functions Copyright (C) Stefan (metze) Metzmacher 2003 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -25,7 +25,7 @@ bool cli_get_quota_handle(struct cli_state *cli, int *quota_fnum) 0x00000016, DESIRED_ACCESS_PIPE, 0x00000000, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0x00000000, 0x03); - + if (*quota_fnum == (-1)) { return False; } @@ -37,7 +37,7 @@ void free_ntquota_list(SMB_NTQUOTA_LIST **qt_list) { if (!qt_list) return; - + if ((*qt_list)->mem_ctx) talloc_destroy((*qt_list)->mem_ctx); @@ -60,7 +60,7 @@ static bool parse_user_quota_record(const char *rdata, unsigned int rdata_count, if (rdata_count < 40) { return False; } - + /* offset to next quota record. * 4 bytes IVAL(rdata,0) * unused here... @@ -116,7 +116,7 @@ static bool parse_user_quota_record(const char *rdata, unsigned int rdata_count, return False; } #endif /* LARGE_SMB_OFF_T */ - + sid_parse(rdata+40,sid_len,&qt.sid); qt.qtype = SMB_USER_QUOTA_TYPE; @@ -149,13 +149,13 @@ bool cli_get_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_STRUC SIVAL(params, 4,0x00000024); SIVAL(params, 8,0x00000000); SIVAL(params,12,0x00000024); - + sid_len = ndr_size_dom_sid(&pqt->sid, 0); data_len = sid_len+8; SIVAL(data, 0, 0x00000000); SIVAL(data, 4, sid_len); sid_linearize(data+8, sid_len, &pqt->sid); - + if (!cli_send_nt_trans(cli, NT_TRANSACT_GET_USER_QUOTA, 0, @@ -204,7 +204,7 @@ bool cli_set_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_STRUC unsigned int rparam_count=0, rdata_count=0; unsigned int sid_len; memset(data,'\0',112); - + if (!cli||!pqt) { smb_panic("cli_set_user_quota() called with NULL Pointer!"); } @@ -221,7 +221,7 @@ bool cli_set_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_STRUC SBIG_UINT(data,24,pqt->softlim); SBIG_UINT(data,32,pqt->hardlim); sid_linearize(data+40, sid_len, &pqt->sid); - + if (!cli_send_nt_trans(cli, NT_TRANSACT_SET_USER_QUOTA, 0, @@ -278,7 +278,7 @@ bool cli_list_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_LIST SIVAL(params, 4,0x00000000); SIVAL(params, 8,0x00000000); SIVAL(params,12,0x00000000); - + if (!cli_send_nt_trans(cli, NT_TRANSACT_GET_USER_QUOTA, 0, @@ -353,7 +353,7 @@ bool cli_list_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_LIST DEBUG(1,("Failed to send NT_TRANSACT_GET_USER_QUOTA\n")); goto cleanup; } - + SAFE_FREE(rparam); SAFE_FREE(rdata); if (!cli_receive_nt_trans(cli, @@ -369,7 +369,7 @@ bool cli_list_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_LIST } else { ret = True; } - + if (rdata_count == 0) { break; } @@ -389,26 +389,26 @@ bool cli_list_user_quota(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_LIST talloc_destroy(mem_ctx); goto cleanup; } - + if ((tmp_list_ent->quotas=TALLOC_ZERO_P(mem_ctx,SMB_NTQUOTA_STRUCT))==NULL) { DEBUG(0,("TALLOC_ZERO() failed\n")); talloc_destroy(mem_ctx); goto cleanup; } - + memcpy(tmp_list_ent->quotas,&qt,sizeof(qt)); tmp_list_ent->mem_ctx = mem_ctx; - + DLIST_ADD((*pqt_list),tmp_list_ent); } } - + ret = True; cleanup: SAFE_FREE(rparam); SAFE_FREE(rdata); - + return ret; } @@ -427,9 +427,9 @@ bool cli_get_fs_quota_info(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_ST } setup = TRANSACT2_QFSINFO; - + SSVAL(param,0,SMB_FS_QUOTA_INFORMATION); - + if (!cli_send_trans(cli, SMBtrans2, NULL, 0, 0, @@ -438,7 +438,7 @@ bool cli_get_fs_quota_info(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_ST NULL, 0, 560)) { goto cleanup; } - + if (!cli_receive_trans(cli, SMBtrans2, &rparam, &rparam_count, &rdata, &rdata_count)) { @@ -455,7 +455,7 @@ bool cli_get_fs_quota_info(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_ST if (rdata_count < 48) { goto cleanup; } - + /* unknown_1 24 NULL bytes in pdata*/ /* the soft quotas 8 bytes (SMB_BIG_UINT)*/ @@ -541,7 +541,7 @@ bool cli_set_fs_quota_info(struct cli_state *cli, int quota_fnum, SMB_NTQUOTA_ST data, 48, 0)) { goto cleanup; } - + if (!cli_receive_trans(cli, SMBtrans2, &rparam, &rparam_count, &rdata, &rdata_count)) { @@ -604,7 +604,7 @@ void dump_ntquota(SMB_NTQUOTA_STRUCT *qt, bool _verbose, bool _numeric, void (*_ case SMB_USER_QUOTA_TYPE: { fstring username_str = {0}; - + if (_sidtostring) { _sidtostring(username_str,&qt->sid,_numeric); } else { diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c index 2a445cbd5a..08ab8cad14 100644 --- a/source3/libsmb/dsgetdcname.c +++ b/source3/libsmb/dsgetdcname.c @@ -35,8 +35,7 @@ struct ip_service_name { static NTSTATUS make_dc_info_from_cldap_reply(TALLOC_CTX *mem_ctx, uint32_t flags, struct sockaddr_storage *ss, - uint32_t nt_version, - union nbt_cldap_netlogon *r, + struct NETLOGON_SAM_LOGON_RESPONSE_EX *r, struct netr_DsRGetDCNameInfo **info); /**************************************************************** @@ -186,176 +185,51 @@ static NTSTATUS dsgetdcname_cache_store(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ -#define SET_STRING(x) \ - talloc_strdup(mem_ctx, x); \ - NT_STATUS_HAVE_NO_MEMORY(x); - -static NTSTATUS map_logon29_from_cldap_reply(TALLOC_CTX *mem_ctx, - uint32_t flags, - struct sockaddr_storage *ss, - uint32_t nt_version, - union nbt_cldap_netlogon *r, - struct nbt_cldap_netlogon_29 *p) -{ - char addr[INET6_ADDRSTRLEN]; - - ZERO_STRUCTP(p); - - print_sockaddr(addr, sizeof(addr), ss); - - /* FIXME */ - p->dc_sock_addr_size = 0x10; /* the w32 winsock addr size */ - p->dc_sock_addr.family = 2; /* AF_INET */ - p->dc_sock_addr.pdc_ip = talloc_strdup(mem_ctx, addr); - - switch (nt_version & 0x0000001f) { - case 0: - return NT_STATUS_INVALID_PARAMETER; - case 1: - case 16: - case 17: - p->pdc_name = SET_STRING(r->logon1.pdc_name); - p->domain = SET_STRING(r->logon1.domain_name); - - if (flags & DS_PDC_REQUIRED) { - p->server_type = NBT_SERVER_WRITABLE | - NBT_SERVER_PDC; - } - break; - case 2: - case 3: - case 18: - case 19: - p->pdc_name = SET_STRING(r->logon3.pdc_name); - p->domain = SET_STRING(r->logon3.domain_name); - p->pdc_dns_name = SET_STRING(r->logon3.pdc_dns_name); - p->dns_domain = SET_STRING(r->logon3.dns_domain); - p->server_type = r->logon3.server_type; - p->forest = SET_STRING(r->logon3.forest); - p->domain_uuid = r->logon3.domain_uuid; - - break; - case 4: - case 5: - case 6: - case 7: - p->pdc_name = SET_STRING(r->logon5.pdc_name); - p->domain = SET_STRING(r->logon5.domain); - p->pdc_dns_name = SET_STRING(r->logon5.pdc_dns_name); - p->dns_domain = SET_STRING(r->logon5.dns_domain); - p->server_type = r->logon5.server_type; - p->forest = SET_STRING(r->logon5.forest); - p->domain_uuid = r->logon5.domain_uuid; - p->server_site = SET_STRING(r->logon5.server_site); - p->client_site = SET_STRING(r->logon5.client_site); - - break; - case 8: - case 9: - case 10: - case 11: - case 12: - case 13: - case 14: - case 15: - p->pdc_name = SET_STRING(r->logon13.pdc_name); - p->domain = SET_STRING(r->logon13.domain); - p->pdc_dns_name = SET_STRING(r->logon13.pdc_dns_name); - p->dns_domain = SET_STRING(r->logon13.dns_domain); - p->server_type = r->logon13.server_type; - p->forest = SET_STRING(r->logon13.forest); - p->domain_uuid = r->logon13.domain_uuid; - p->server_site = SET_STRING(r->logon13.server_site); - p->client_site = SET_STRING(r->logon13.client_site); - - break; - case 20: - case 21: - case 22: - case 23: - case 24: - case 25: - case 26: - case 27: - case 28: - p->pdc_name = SET_STRING(r->logon15.pdc_name); - p->domain = SET_STRING(r->logon15.domain); - p->pdc_dns_name = SET_STRING(r->logon15.pdc_dns_name); - p->dns_domain = SET_STRING(r->logon15.dns_domain); - p->server_type = r->logon15.server_type; - p->forest = SET_STRING(r->logon15.forest); - p->domain_uuid = r->logon15.domain_uuid; - p->server_site = SET_STRING(r->logon15.server_site); - p->client_site = SET_STRING(r->logon15.client_site); - - break; - case 29: - case 30: - case 31: - p->pdc_name = SET_STRING(r->logon29.pdc_name); - p->domain = SET_STRING(r->logon29.domain); - p->pdc_dns_name = SET_STRING(r->logon29.pdc_dns_name); - p->dns_domain = SET_STRING(r->logon29.dns_domain); - p->server_type = r->logon29.server_type; - p->forest = SET_STRING(r->logon29.forest); - p->domain_uuid = r->logon29.domain_uuid; - p->server_site = SET_STRING(r->logon29.server_site); - p->client_site = SET_STRING(r->logon29.client_site); - p->next_closest_site = SET_STRING(r->logon29.next_closest_site); - - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } - - return NT_STATUS_OK; -} - -/**************************************************************** -****************************************************************/ - static NTSTATUS store_cldap_reply(TALLOC_CTX *mem_ctx, uint32_t flags, struct sockaddr_storage *ss, uint32_t nt_version, - union nbt_cldap_netlogon *r) + struct NETLOGON_SAM_LOGON_RESPONSE_EX *r) { DATA_BLOB blob; enum ndr_err_code ndr_err; NTSTATUS status; - struct nbt_cldap_netlogon_29 logon29; + char addr[INET6_ADDRSTRLEN]; - status = map_logon29_from_cldap_reply(mem_ctx, flags, ss, - nt_version, r, &logon29); - if (!NT_STATUS_IS_OK(status)) { - return status; - } + print_sockaddr(addr, sizeof(addr), ss); + + /* FIXME */ + r->sockaddr_size = 0x10; /* the w32 winsock addr size */ + r->sockaddr.sockaddr_family = 2; /* AF_INET */ + r->sockaddr.pdc_ip = talloc_strdup(mem_ctx, addr); - ndr_err = ndr_push_struct_blob(&blob, mem_ctx, &logon29, - (ndr_push_flags_fn_t)ndr_push_nbt_cldap_netlogon_29); + ndr_err = ndr_push_struct_blob(&blob, mem_ctx, NULL, r, + (ndr_push_flags_fn_t)ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return ndr_map_error2ntstatus(ndr_err); } - if (logon29.domain) { - status = dsgetdcname_cache_store(mem_ctx, logon29.domain, &blob); + if (r->domain) { + status = dsgetdcname_cache_store(mem_ctx, r->domain, &blob); if (!NT_STATUS_IS_OK(status)) { goto done; } - if (logon29.client_site) { - sitename_store(logon29.domain, logon29.client_site); + if (r->client_site) { + sitename_store(r->domain, r->client_site); } } - if (logon29.dns_domain) { - status = dsgetdcname_cache_store(mem_ctx, logon29.dns_domain, &blob); + if (r->dns_domain) { + status = dsgetdcname_cache_store(mem_ctx, r->dns_domain, &blob); if (!NT_STATUS_IS_OK(status)) { goto done; } - if (logon29.client_site) { - sitename_store(logon29.dns_domain, logon29.client_site); + if (r->client_site) { + sitename_store(r->dns_domain, r->client_site); } } + status = NT_STATUS_OK; + done: data_blob_free(&blob); @@ -387,7 +261,7 @@ static NTSTATUS dsgetdcname_cache_refresh(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ -static uint32_t get_cldap_reply_server_flags(union nbt_cldap_netlogon *r, +static uint32_t get_cldap_reply_server_flags(struct netlogon_samlogon_response *r, uint32_t nt_version) { switch (nt_version & 0x0000001f) { @@ -400,12 +274,12 @@ static uint32_t get_cldap_reply_server_flags(union nbt_cldap_netlogon *r, case 3: case 18: case 19: - return r->logon3.server_type; + return r->data.nt5.server_type; case 4: case 5: case 6: case 7: - return r->logon5.server_type; + return r->data.nt5_ex.server_type; case 8: case 9: case 10: @@ -414,7 +288,7 @@ static uint32_t get_cldap_reply_server_flags(union nbt_cldap_netlogon *r, case 13: case 14: case 15: - return r->logon13.server_type; + return r->data.nt5_ex.server_type; case 20: case 21: case 22: @@ -424,11 +298,11 @@ static uint32_t get_cldap_reply_server_flags(union nbt_cldap_netlogon *r, case 26: case 27: case 28: - return r->logon15.server_type; + return r->data.nt5_ex.server_type; case 29: case 30: case 31: - return r->logon29.server_type; + return r->data.nt5_ex.server_type; default: return 0; } @@ -486,8 +360,7 @@ static NTSTATUS dsgetdcname_cache_fetch(TALLOC_CTX *mem_ctx, DATA_BLOB blob; enum ndr_err_code ndr_err; struct netr_DsRGetDCNameInfo *info; - union nbt_cldap_netlogon p; - struct nbt_cldap_netlogon_29 r; + struct NETLOGON_SAM_LOGON_RESPONSE_EX r; NTSTATUS status; if (!gencache_init()) { @@ -508,8 +381,8 @@ static NTSTATUS dsgetdcname_cache_fetch(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &r, - (ndr_pull_flags_fn_t)ndr_pull_nbt_cldap_netlogon_29); + ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, &r, + (ndr_pull_flags_fn_t)ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_EX); data_blob_free(&blob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -517,11 +390,8 @@ static NTSTATUS dsgetdcname_cache_fetch(TALLOC_CTX *mem_ctx, return ndr_map_error2ntstatus(ndr_err); } - p.logon29 = r; - status = make_dc_info_from_cldap_reply(mem_ctx, flags, NULL, - 29, - &p, &info); + &r, &info); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -916,8 +786,7 @@ static void map_dc_and_domain_names(uint32_t flags, static NTSTATUS make_dc_info_from_cldap_reply(TALLOC_CTX *mem_ctx, uint32_t flags, struct sockaddr_storage *ss, - uint32_t nt_version, - union nbt_cldap_netlogon *r, + struct NETLOGON_SAM_LOGON_RESPONSE_EX *r, struct netr_DsRGetDCNameInfo **info) { const char *dc_hostname = NULL; @@ -938,163 +807,28 @@ static NTSTATUS make_dc_info_from_cldap_reply(TALLOC_CTX *mem_ctx, dc_address_type = DS_ADDRESS_TYPE_INET; } - switch (nt_version & 0x0000001f) { - case 0: - case 1: - case 16: - case 17: - if (!ss) { - dc_address = r->logon1.pdc_name; - dc_address_type = DS_ADDRESS_TYPE_NETBIOS; - } - - map_dc_and_domain_names(flags, - r->logon1.pdc_name, - r->logon1.domain_name, - NULL, - NULL, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - if (flags & DS_PDC_REQUIRED) { - dc_flags = NBT_SERVER_WRITABLE | NBT_SERVER_PDC; - } - break; - case 2: - case 3: - case 18: - case 19: - if (!ss) { - dc_address = r->logon3.pdc_ip; - dc_address_type = DS_ADDRESS_TYPE_INET; - } - - map_dc_and_domain_names(flags, - r->logon3.pdc_name, - r->logon3.domain_name, - r->logon3.pdc_dns_name, - r->logon3.dns_domain, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - dc_flags |= r->logon3.server_type; - dc_forest = r->logon3.forest; - dc_domain_guid = &r->logon3.domain_uuid; - - break; - case 4: - case 5: - case 6: - case 7: - if (!ss) { - dc_address = r->logon5.pdc_name; - dc_address_type = DS_ADDRESS_TYPE_NETBIOS; - } - - map_dc_and_domain_names(flags, - r->logon5.pdc_name, - r->logon5.domain, - r->logon5.pdc_dns_name, - r->logon5.dns_domain, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - dc_flags |= r->logon5.server_type; - dc_forest = r->logon5.forest; - dc_domain_guid = &r->logon5.domain_uuid; - dc_server_site = r->logon5.server_site; - dc_client_site = r->logon5.client_site; - - break; - case 8: - case 9: - case 10: - case 11: - case 12: - case 13: - case 14: - case 15: - if (!ss) { - dc_address = r->logon13.dc_sock_addr.pdc_ip; - dc_address_type = DS_ADDRESS_TYPE_INET; - } - - map_dc_and_domain_names(flags, - r->logon13.pdc_name, - r->logon13.domain, - r->logon13.pdc_dns_name, - r->logon13.dns_domain, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - dc_flags |= r->logon13.server_type; - dc_forest = r->logon13.forest; - dc_domain_guid = &r->logon13.domain_uuid; - dc_server_site = r->logon13.server_site; - dc_client_site = r->logon13.client_site; - - break; - case 20: - case 21: - case 22: - case 23: - case 24: - case 25: - case 26: - case 27: - case 28: - if (!ss) { - dc_address = r->logon15.pdc_name; - dc_address_type = DS_ADDRESS_TYPE_NETBIOS; - } + if (!ss && r->sockaddr.pdc_ip) { + dc_address = r->sockaddr.pdc_ip; + dc_address_type = DS_ADDRESS_TYPE_INET; + } else { + dc_address = r->pdc_name; + dc_address_type = DS_ADDRESS_TYPE_NETBIOS; + } - map_dc_and_domain_names(flags, - r->logon15.pdc_name, - r->logon15.domain, - r->logon15.pdc_dns_name, - r->logon15.dns_domain, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - dc_flags |= r->logon15.server_type; - dc_forest = r->logon15.forest; - dc_domain_guid = &r->logon15.domain_uuid; - dc_server_site = r->logon15.server_site; - dc_client_site = r->logon15.client_site; - - break; - case 29: - case 30: - case 31: - if (!ss) { - dc_address = r->logon29.dc_sock_addr.pdc_ip; - dc_address_type = DS_ADDRESS_TYPE_INET; - } + map_dc_and_domain_names(flags, + r->pdc_name, + r->domain, + r->pdc_dns_name, + r->dns_domain, + &dc_flags, + &dc_hostname, + &dc_domain_name); - map_dc_and_domain_names(flags, - r->logon29.pdc_name, - r->logon29.domain, - r->logon29.pdc_dns_name, - r->logon29.dns_domain, - &dc_flags, - &dc_hostname, - &dc_domain_name); - - dc_flags |= r->logon29.server_type; - dc_forest = r->logon29.forest; - dc_domain_guid = &r->logon29.domain_uuid; - dc_server_site = r->logon29.server_site; - dc_client_site = r->logon29.client_site; - - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } + dc_flags |= r->server_type; + dc_forest = r->forest; + dc_domain_guid = &r->domain_uuid; + dc_server_site = r->server_site; + dc_client_site = r->client_site; return make_domain_controller_info(mem_ctx, dc_hostname, @@ -1117,19 +851,19 @@ static uint32_t map_ds_flags_to_nt_version(uint32_t flags) uint32_t nt_version = 0; if (flags & DS_PDC_REQUIRED) { - nt_version |= NETLOGON_VERSION_PDC; + nt_version |= NETLOGON_NT_VERSION_PDC; } if (flags & DS_GC_SERVER_REQUIRED) { - nt_version |= NETLOGON_VERSION_GC; + nt_version |= NETLOGON_NT_VERSION_GC; } if (flags & DS_TRY_NEXTCLOSEST_SITE) { - nt_version |= NETLOGON_VERSION_WITH_CLOSEST_SITE; + nt_version |= NETLOGON_NT_VERSION_WITH_CLOSEST_SITE; } if (flags & DS_IP_REQUIRED) { - nt_version |= NETLOGON_VERSION_IP; + nt_version |= NETLOGON_NT_VERSION_IP; } return nt_version; @@ -1147,9 +881,9 @@ static NTSTATUS process_dc_dns(TALLOC_CTX *mem_ctx, { int i = 0; bool valid_dc = false; - union nbt_cldap_netlogon *r = NULL; - uint32_t nt_version = NETLOGON_VERSION_5 | - NETLOGON_VERSION_5EX; + struct netlogon_samlogon_response *r = NULL; + uint32_t nt_version = NETLOGON_NT_VERSION_5 | + NETLOGON_NT_VERSION_5EX; uint32_t ret_flags = 0; NTSTATUS status; @@ -1161,9 +895,10 @@ static NTSTATUS process_dc_dns(TALLOC_CTX *mem_ctx, if (ads_cldap_netlogon(mem_ctx, dclist[i].hostname, domain_name, - &nt_version, + nt_version, &r)) { + nt_version = r->ntver; ret_flags = get_cldap_reply_server_flags(r, nt_version); if (check_cldap_reply_required_flags(ret_flags, flags)) { @@ -1180,10 +915,10 @@ static NTSTATUS process_dc_dns(TALLOC_CTX *mem_ctx, } status = make_dc_info_from_cldap_reply(mem_ctx, flags, &dclist[i].ss, - nt_version, r, info); + &r->data.nt5_ex, info); if (NT_STATUS_IS_OK(status)) { return store_cldap_reply(mem_ctx, flags, &dclist[i].ss, - nt_version, r); + nt_version, &r->data.nt5_ex); } return status; @@ -1234,11 +969,11 @@ static NTSTATUS process_dc_netbios(TALLOC_CTX *mem_ctx, int i; const char *dc_name = NULL; fstring tmp_dc_name; - union nbt_cldap_netlogon *r = NULL; + struct netlogon_samlogon_response *r = NULL; bool store_cache = false; - uint32_t nt_version = NETLOGON_VERSION_1 | - NETLOGON_VERSION_5 | - NETLOGON_VERSION_5EX_WITH_IP; + uint32_t nt_version = NETLOGON_NT_VERSION_1 | + NETLOGON_NT_VERSION_5 | + NETLOGON_NT_VERSION_5EX_WITH_IP; if (!msg_ctx) { msg_ctx = msg_context(mem_ctx); @@ -1288,21 +1023,22 @@ static NTSTATUS process_dc_netbios(TALLOC_CTX *mem_ctx, &dclist[i].ss, tmp_dc_name)) { - struct nbt_cldap_netlogon_1 logon1; + struct NETLOGON_SAM_LOGON_RESPONSE_NT40 logon1; - r = TALLOC_ZERO_P(mem_ctx, union nbt_cldap_netlogon); + r = TALLOC_ZERO_P(mem_ctx, struct netlogon_samlogon_response); NT_STATUS_HAVE_NO_MEMORY(r); ZERO_STRUCT(logon1); - nt_version = NETLOGON_VERSION_1; + nt_version = NETLOGON_NT_VERSION_1; logon1.nt_version = nt_version; - logon1.pdc_name = tmp_dc_name; - logon1.domain_name = talloc_strdup_upper(mem_ctx, domain_name); - NT_STATUS_HAVE_NO_MEMORY(logon1.domain_name); + logon1.server = tmp_dc_name; + logon1.domain = talloc_strdup_upper(mem_ctx, domain_name); + NT_STATUS_HAVE_NO_MEMORY(logon1.domain); - r->logon1 = logon1; + r->data.nt4 = logon1; + r->ntver = nt_version; namecache_store(tmp_dc_name, NBT_NAME_SERVER, 1, &ip_list); @@ -1315,10 +1051,10 @@ static NTSTATUS process_dc_netbios(TALLOC_CTX *mem_ctx, make_reply: status = make_dc_info_from_cldap_reply(mem_ctx, flags, &dclist[i].ss, - nt_version, r, info); + &r->data.nt5_ex, info); if (NT_STATUS_IS_OK(status) && store_cache) { return store_cldap_reply(mem_ctx, flags, &dclist[i].ss, - nt_version, r); + nt_version, &r->data.nt5_ex); } return status; diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c index f1b3d1415e..ea2c46953c 100644 --- a/source3/libsmb/libsmb_xattr.c +++ b/source3/libsmb/libsmb_xattr.c @@ -266,7 +266,7 @@ parse_ace(struct cli_state *ipc_cli, unsigned int aflags; unsigned int amask; DOM_SID sid; - SEC_ACCESS mask; + uint32_t mask; const struct perm_value *v; struct perm_value { const char *perm; diff --git a/source3/libsmb/ntlmssp_sign.c b/source3/libsmb/ntlmssp_sign.c index 8413c8066b..1abdf61b7f 100644 --- a/source3/libsmb/ntlmssp_sign.c +++ b/source3/libsmb/ntlmssp_sign.c @@ -117,7 +117,7 @@ static NTSTATUS ntlmssp_make_packet_signature(NTLMSSP_STATE *ntlmssp_state, } else { uint32 crc; - crc = crc32_calc_buffer((const char *)data, length); + crc = crc32_calc_buffer(data, length); if (!msrpc_gen(sig, "dddd", NTLMSSP_SIGN_VERSION, 0, crc, ntlmssp_state->ntlmv1_seq_num)) { return NT_STATUS_NO_MEMORY; } @@ -265,7 +265,7 @@ NTSTATUS ntlmssp_seal_packet(NTLMSSP_STATE *ntlmssp_state, } } else { uint32 crc; - crc = crc32_calc_buffer((const char *)data, length); + crc = crc32_calc_buffer(data, length); if (!msrpc_gen(sig, "dddd", NTLMSSP_SIGN_VERSION, 0, crc, ntlmssp_state->ntlmv1_seq_num)) { return NT_STATUS_NO_MEMORY; } diff --git a/source3/libsmb/samlogon_cache.c b/source3/libsmb/samlogon_cache.c index 4abe5bb6de..af4986fa9d 100644 --- a/source3/libsmb/samlogon_cache.c +++ b/source3/libsmb/samlogon_cache.c @@ -141,7 +141,7 @@ bool netsamlogon_cache_store(const char *username, struct netr_SamInfo3 *info3) NDR_PRINT_DEBUG(netsamlogoncache_entry, &r); } - ndr_err = ndr_push_struct_blob(&blob, mem_ctx, &r, + ndr_err = ndr_push_struct_blob(&blob, mem_ctx, NULL, &r, (ndr_push_flags_fn_t)ndr_push_netsamlogoncache_entry); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { DEBUG(0,("netsamlogon_cache_store: failed to push entry to cache\n")); @@ -197,7 +197,7 @@ struct netr_SamInfo3 *netsamlogon_cache_get(TALLOC_CTX *mem_ctx, const DOM_SID * blob = data_blob_const(data.dptr, data.dsize); - ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &r, + ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, &r, (ndr_pull_flags_fn_t)ndr_pull_netsamlogoncache_entry); if (DEBUGLEVEL >= 10) { diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index 0742976635..05fd808a32 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -847,7 +847,7 @@ DATA_BLOB decrypt_drsuapi_blob(TALLOC_CTX *mem_ctx, * of the remaining bytes */ crc32_given = IVAL(dec_buffer.data, 0); - crc32_calc = crc32_calc_buffer((const char *)dec_buffer.data + 4 , dec_buffer.length - 4); + crc32_calc = crc32_calc_buffer(dec_buffer.data + 4 , dec_buffer.length - 4); if (crc32_given != crc32_calc) { DEBUG(1,("CRC32: given[0x%08X] calc[0x%08X]\n", crc32_given, crc32_calc)); diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c index 08a49930b4..2f336f14e6 100644 --- a/source3/libsmb/trusts_util.c +++ b/source3/libsmb/trusts_util.c @@ -22,104 +22,6 @@ /********************************************************* Change the domain password on the PDC. - - Just changes the password betwen the two values specified. - - Caller must have the cli connected to the netlogon pipe - already. -**********************************************************/ - -static NTSTATUS just_change_the_password(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - const unsigned char orig_trust_passwd_hash[16], - const char *new_trust_pwd_cleartext, - const unsigned char new_trust_passwd_hash[16], - uint32 sec_channel_type) -{ - NTSTATUS result; - uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; - - result = rpccli_netlogon_setup_creds(cli, - cli->desthost, /* server name */ - lp_workgroup(), /* domain */ - global_myname(), /* client name */ - global_myname(), /* machine account name */ - orig_trust_passwd_hash, - sec_channel_type, - &neg_flags); - - if (!NT_STATUS_IS_OK(result)) { - DEBUG(3,("just_change_the_password: unable to setup creds (%s)!\n", - nt_errstr(result))); - return result; - } - - if (neg_flags & NETLOGON_NEG_PASSWORD_SET2) { - - struct netr_Authenticator clnt_creds, srv_cred; - struct netr_CryptPassword new_password; - struct samr_CryptPassword password_buf; - - netlogon_creds_client_step(cli->dc, &clnt_creds); - - encode_pw_buffer(password_buf.data, new_trust_pwd_cleartext, STR_UNICODE); - - SamOEMhash(password_buf.data, cli->dc->sess_key, 516); - memcpy(new_password.data, password_buf.data, 512); - new_password.length = IVAL(password_buf.data, 512); - - result = rpccli_netr_ServerPasswordSet2(cli, mem_ctx, - cli->dc->remote_machine, - cli->dc->mach_acct, - sec_channel_type, - global_myname(), - &clnt_creds, - &srv_cred, - &new_password); - - /* Always check returned credentials. */ - if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) { - DEBUG(0,("rpccli_netr_ServerPasswordSet2: " - "credentials chain check failed\n")); - return NT_STATUS_ACCESS_DENIED; - } - - } else { - - struct netr_Authenticator clnt_creds, srv_cred; - struct samr_Password new_password; - - netlogon_creds_client_step(cli->dc, &clnt_creds); - - cred_hash3(new_password.hash, - new_trust_passwd_hash, - cli->dc->sess_key, 1); - - result = rpccli_netr_ServerPasswordSet(cli, mem_ctx, - cli->dc->remote_machine, - cli->dc->mach_acct, - sec_channel_type, - global_myname(), - &clnt_creds, - &srv_cred, - &new_password); - - /* Always check returned credentials. */ - if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) { - DEBUG(0,("rpccli_netr_ServerPasswordSet: " - "credentials chain check failed\n")); - return NT_STATUS_ACCESS_DENIED; - } - } - - if (!NT_STATUS_IS_OK(result)) { - DEBUG(0,("just_change_the_password: unable to change password (%s)!\n", - nt_errstr(result))); - } - return result; -} - -/********************************************************* - Change the domain password on the PDC. Store the password ourselves, but use the supplied password Caller must have already setup the connection to the NETLOGON pipe **********************************************************/ @@ -144,11 +46,11 @@ NTSTATUS trust_pw_change_and_store_it(struct rpc_pipe_client *cli, TALLOC_CTX *m E_md4hash(new_trust_passwd, new_trust_passwd_hash); - nt_status = just_change_the_password(cli, mem_ctx, - orig_trust_passwd_hash, - new_trust_passwd, - new_trust_passwd_hash, - sec_channel_type); + nt_status = rpccli_netlogon_set_trust_password(cli, mem_ctx, + orig_trust_passwd_hash, + new_trust_passwd, + new_trust_passwd_hash, + sec_channel_type); if (NT_STATUS_IS_OK(nt_status)) { DEBUG(3,("%s : trust_pw_change_and_store_it: Changed password.\n", |