diff options
Diffstat (limited to 'source3/passdb')
-rw-r--r-- | source3/passdb/secrets.c | 167 |
1 files changed, 0 insertions, 167 deletions
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index cecf13a7db..0e66e3cf01 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -1187,173 +1187,6 @@ TDB_CONTEXT *open_schannel_session_store(TALLOC_CTX *mem_ctx) return tdb_sc; } -/****************************************************************************** - Store the schannel state after an AUTH2 call. - Note we must be root here. -*******************************************************************************/ - -bool secrets_store_schannel_session_info(TALLOC_CTX *mem_ctx, - const char *remote_machine, - const struct dcinfo *pdc) -{ - TDB_CONTEXT *tdb_sc = NULL; - TDB_DATA value; - bool ret; - char *keystr = talloc_asprintf_strupper_m(mem_ctx, "%s/%s", - SECRETS_SCHANNEL_STATE, - remote_machine); - if (!keystr) { - return False; - } - - /* Work out how large the record is. */ - value.dsize = tdb_pack(NULL, 0, "dBBBBBfff", - pdc->sequence, - 8, pdc->seed_chal.data, - 8, pdc->clnt_chal.data, - 8, pdc->srv_chal.data, - 16, pdc->sess_key, - 16, pdc->mach_pw, - pdc->mach_acct, - pdc->remote_machine, - pdc->domain); - - value.dptr = TALLOC_ARRAY(mem_ctx, uint8, value.dsize); - if (!value.dptr) { - TALLOC_FREE(keystr); - return False; - } - - value.dsize = tdb_pack(value.dptr, value.dsize, "dBBBBBfff", - pdc->sequence, - 8, pdc->seed_chal.data, - 8, pdc->clnt_chal.data, - 8, pdc->srv_chal.data, - 16, pdc->sess_key, - 16, pdc->mach_pw, - pdc->mach_acct, - pdc->remote_machine, - pdc->domain); - - tdb_sc = open_schannel_session_store(mem_ctx); - if (!tdb_sc) { - TALLOC_FREE(keystr); - TALLOC_FREE(value.dptr); - return False; - } - - ret = (tdb_store_bystring(tdb_sc, keystr, value, TDB_REPLACE) == 0 ? True : False); - - DEBUG(3,("secrets_store_schannel_session_info: stored schannel info with key %s\n", - keystr )); - - tdb_close(tdb_sc); - TALLOC_FREE(keystr); - TALLOC_FREE(value.dptr); - return ret; -} - -/****************************************************************************** - Restore the schannel state on a client reconnect. - Note we must be root here. -*******************************************************************************/ - -bool secrets_restore_schannel_session_info(TALLOC_CTX *mem_ctx, - const char *remote_machine, - struct dcinfo **ppdc) -{ - TDB_CONTEXT *tdb_sc = NULL; - TDB_DATA value; - unsigned char *pseed_chal = NULL; - unsigned char *pclnt_chal = NULL; - unsigned char *psrv_chal = NULL; - unsigned char *psess_key = NULL; - unsigned char *pmach_pw = NULL; - uint32 l1, l2, l3, l4, l5; - int ret; - struct dcinfo *pdc = NULL; - char *keystr = talloc_asprintf_strupper_m(mem_ctx, "%s/%s", - SECRETS_SCHANNEL_STATE, - remote_machine); - - *ppdc = NULL; - - if (!keystr) { - return False; - } - - tdb_sc = open_schannel_session_store(mem_ctx); - if (!tdb_sc) { - TALLOC_FREE(keystr); - return False; - } - - value = tdb_fetch_bystring(tdb_sc, keystr); - if (!value.dptr) { - DEBUG(0,("secrets_restore_schannel_session_info: Failed to find entry with key %s\n", - keystr )); - tdb_close(tdb_sc); - return False; - } - - pdc = TALLOC_ZERO_P(mem_ctx, struct dcinfo); - - /* Retrieve the record. */ - ret = tdb_unpack(value.dptr, value.dsize, "dBBBBBfff", - &pdc->sequence, - &l1, &pseed_chal, - &l2, &pclnt_chal, - &l3, &psrv_chal, - &l4, &psess_key, - &l5, &pmach_pw, - &pdc->mach_acct, - &pdc->remote_machine, - &pdc->domain); - - if (ret == -1 || l1 != 8 || l2 != 8 || l3 != 8 || l4 != 16 || l5 != 16) { - /* Bad record - delete it. */ - tdb_delete_bystring(tdb_sc, keystr); - tdb_close(tdb_sc); - TALLOC_FREE(keystr); - TALLOC_FREE(pdc); - SAFE_FREE(pseed_chal); - SAFE_FREE(pclnt_chal); - SAFE_FREE(psrv_chal); - SAFE_FREE(psess_key); - SAFE_FREE(pmach_pw); - SAFE_FREE(value.dptr); - return False; - } - - tdb_close(tdb_sc); - - memcpy(pdc->seed_chal.data, pseed_chal, 8); - memcpy(pdc->clnt_chal.data, pclnt_chal, 8); - memcpy(pdc->srv_chal.data, psrv_chal, 8); - memcpy(pdc->sess_key, psess_key, 16); - memcpy(pdc->mach_pw, pmach_pw, 16); - - /* We know these are true so didn't bother to store them. */ - pdc->challenge_sent = True; - pdc->authenticated = True; - - DEBUG(3,("secrets_restore_schannel_session_info: restored schannel info key %s\n", - keystr )); - - SAFE_FREE(pseed_chal); - SAFE_FREE(pclnt_chal); - SAFE_FREE(psrv_chal); - SAFE_FREE(psess_key); - SAFE_FREE(pmach_pw); - - TALLOC_FREE(keystr); - SAFE_FREE(value.dptr); - - *ppdc = pdc; - - return True; -} - bool secrets_store_generic(const char *owner, const char *key, const char *secret) { char *tdbkey = NULL; |