summaryrefslogtreecommitdiff
path: root/source3/rpc_client
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_client')
-rw-r--r--source3/rpc_client/cli_netlogon.c111
-rw-r--r--source3/rpc_client/cli_pipe.c4
-rw-r--r--source3/rpc_client/cli_svcctl.c76
-rw-r--r--source3/rpc_client/init_netlogon.c17
-rw-r--r--source3/rpc_client/init_samr.c32
-rw-r--r--source3/rpc_client/ndr.c4
6 files changed, 138 insertions, 106 deletions
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index df87ed13d1..5f115e537b 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -146,7 +146,7 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
struct netr_Authenticator clnt_creds;
struct netr_Authenticator ret_creds;
- union netr_LogonInfo *logon;
+ union netr_LogonLevel *logon;
union netr_Validation validation;
uint8_t authoritative;
int validation_level = 3;
@@ -156,7 +156,7 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
ZERO_STRUCT(ret_creds);
ZERO_STRUCT(zeros);
- logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonInfo);
+ logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
if (!logon) {
return NT_STATUS_NO_MEMORY;
}
@@ -172,7 +172,7 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
netlogon_creds_client_step(cli->dc, &clnt_creds);
switch (logon_type) {
- case INTERACTIVE_LOGON_TYPE: {
+ case NetlogonInteractiveInformation: {
struct netr_PasswordInfo *password_info;
@@ -231,7 +231,7 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
break;
}
- case NET_LOGON_TYPE: {
+ case NetlogonNetworkInformation: {
struct netr_NetworkInfo *network_info;
uint8 chal[8];
unsigned char local_lm_response[24];
@@ -327,7 +327,7 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
uint8 zeros[16];
struct netr_Authenticator clnt_creds;
struct netr_Authenticator ret_creds;
- union netr_LogonInfo *logon = NULL;
+ union netr_LogonLevel *logon = NULL;
struct netr_NetworkInfo *network_info;
uint8_t authoritative;
union netr_Validation validation;
@@ -342,7 +342,7 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
ZERO_STRUCT(lm);
ZERO_STRUCT(nt);
- logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonInfo);
+ logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
if (!logon) {
return NT_STATUS_NO_MEMORY;
}
@@ -398,7 +398,7 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
global_myname(),
&clnt_creds,
&ret_creds,
- NET_LOGON_TYPE,
+ NetlogonNetworkInformation,
logon,
validation_level,
&validation,
@@ -447,7 +447,7 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
const char *workstation_name_slash;
const char *server_name_slash;
uint8 zeros[16];
- union netr_LogonInfo *logon = NULL;
+ union netr_LogonLevel *logon = NULL;
struct netr_NetworkInfo *network_info;
uint8_t authoritative;
union netr_Validation validation;
@@ -462,7 +462,7 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
ZERO_STRUCT(lm);
ZERO_STRUCT(nt);
- logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonInfo);
+ logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
if (!logon) {
return NT_STATUS_NO_MEMORY;
}
@@ -514,7 +514,7 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
result = rpccli_netr_LogonSamLogonEx(cli, mem_ctx,
server_name_slash,
global_myname(),
- NET_LOGON_TYPE,
+ NetlogonNetworkInformation,
logon,
validation_level,
&validation,
@@ -538,3 +538,94 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
return result;
}
+
+/*********************************************************
+ Change the domain password on the PDC.
+
+ Just changes the password betwen the two values specified.
+
+ Caller must have the cli connected to the netlogon pipe
+ already.
+**********************************************************/
+
+NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ const unsigned char orig_trust_passwd_hash[16],
+ const char *new_trust_pwd_cleartext,
+ const unsigned char new_trust_passwd_hash[16],
+ uint32_t sec_channel_type)
+{
+ NTSTATUS result;
+ uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
+ struct netr_Authenticator clnt_creds, srv_cred;
+
+ result = rpccli_netlogon_setup_creds(cli,
+ cli->desthost, /* server name */
+ lp_workgroup(), /* domain */
+ global_myname(), /* client name */
+ global_myname(), /* machine account name */
+ orig_trust_passwd_hash,
+ sec_channel_type,
+ &neg_flags);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(3,("rpccli_netlogon_set_trust_password: unable to setup creds (%s)!\n",
+ nt_errstr(result)));
+ return result;
+ }
+
+ netlogon_creds_client_step(cli->dc, &clnt_creds);
+
+ if (neg_flags & NETLOGON_NEG_PASSWORD_SET2) {
+
+ struct netr_CryptPassword new_password;
+
+ init_netr_CryptPassword(new_trust_pwd_cleartext,
+ cli->dc->sess_key,
+ &new_password);
+
+ result = rpccli_netr_ServerPasswordSet2(cli, mem_ctx,
+ cli->dc->remote_machine,
+ cli->dc->mach_acct,
+ sec_channel_type,
+ global_myname(),
+ &clnt_creds,
+ &srv_cred,
+ &new_password);
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(0,("rpccli_netr_ServerPasswordSet2 failed: %s\n",
+ nt_errstr(result)));
+ return result;
+ }
+ } else {
+
+ struct samr_Password new_password;
+
+ cred_hash3(new_password.hash,
+ new_trust_passwd_hash,
+ cli->dc->sess_key, 1);
+
+ result = rpccli_netr_ServerPasswordSet(cli, mem_ctx,
+ cli->dc->remote_machine,
+ cli->dc->mach_acct,
+ sec_channel_type,
+ global_myname(),
+ &clnt_creds,
+ &srv_cred,
+ &new_password);
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(0,("rpccli_netr_ServerPasswordSet failed: %s\n",
+ nt_errstr(result)));
+ return result;
+ }
+ }
+
+ /* Always check returned credentials. */
+ if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) {
+ DEBUG(0,("credentials chain check failed\n"));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ return result;
+}
+
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index f32a33fdb6..ca9d3392e7 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -2810,7 +2810,7 @@ NTSTATUS rpc_pipe_open_ncalrpc(TALLOC_CTX *mem_ctx, const char *socket_path,
result->abstract_syntax = *abstract_syntax;
result->transfer_syntax = ndr_transfer_syntax;
- result->desthost = get_myname(result);
+ result->desthost = talloc_get_myname(result);
result->srv_name_slash = talloc_asprintf_strupper_m(
result, "\\\\%s", result->desthost);
if ((result->desthost == NULL) || (result->srv_name_slash == NULL)) {
@@ -2906,7 +2906,7 @@ static NTSTATUS rpc_pipe_open_np(struct cli_state *cli,
fnum = cli_nt_create(cli, result->trans.np.pipe_name,
DESIRED_ACCESS_PIPE);
if (fnum == -1) {
- DEBUG(1,("rpc_pipe_open_np: cli_nt_create failed on pipe %s "
+ DEBUG(3,("rpc_pipe_open_np: cli_nt_create failed on pipe %s "
"to machine %s. Error was %s\n",
result->trans.np.pipe_name, cli->desthost,
cli_errstr(cli)));
diff --git a/source3/rpc_client/cli_svcctl.c b/source3/rpc_client/cli_svcctl.c
index 3c29dcdee8..51678083d3 100644
--- a/source3/rpc_client/cli_svcctl.c
+++ b/source3/rpc_client/cli_svcctl.c
@@ -90,79 +90,3 @@ WERROR rpccli_svcctl_enumerate_services( struct rpc_pipe_client *cli, TALLOC_CTX
return out.status;
}
-
-/*******************************************************************
-*******************************************************************/
-
-WERROR rpccli_svcctl_query_config(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hService, SERVICE_CONFIG *config )
-{
- SVCCTL_Q_QUERY_SERVICE_CONFIG in;
- SVCCTL_R_QUERY_SERVICE_CONFIG out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hService, sizeof(POLICY_HND) );
- in.buffer_size = 0;
-
-
- CLI_DO_RPC_WERR( cli, mem_ctx, &ndr_table_svcctl.syntax_id,
- SVCCTL_QUERY_SERVICE_CONFIG_W,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_query_service_config,
- svcctl_io_r_query_service_config,
- WERR_GENERAL_FAILURE );
-
- if ( W_ERROR_EQUAL( out.status, WERR_INSUFFICIENT_BUFFER ) ) {
- in.buffer_size = out.needed;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, &ndr_table_svcctl.syntax_id,
- SVCCTL_QUERY_SERVICE_CONFIG_W,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_query_service_config,
- svcctl_io_r_query_service_config,
- WERR_GENERAL_FAILURE );
- }
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- memcpy( config, &out.config, sizeof(SERVICE_CONFIG) );
-
- config->executablepath = TALLOC_ZERO_P( mem_ctx, UNISTR2 );
- config->loadordergroup = TALLOC_ZERO_P( mem_ctx, UNISTR2 );
- config->dependencies = TALLOC_ZERO_P( mem_ctx, UNISTR2 );
- config->startname = TALLOC_ZERO_P( mem_ctx, UNISTR2 );
- config->displayname = TALLOC_ZERO_P( mem_ctx, UNISTR2 );
-
- if ( out.config.executablepath ) {
- config->executablepath = TALLOC_ZERO_P( mem_ctx, UNISTR2 );
- copy_unistr2( config->executablepath, out.config.executablepath );
- }
-
- if ( out.config.loadordergroup ) {
- config->loadordergroup = TALLOC_ZERO_P( mem_ctx, UNISTR2 );
- copy_unistr2( config->loadordergroup, out.config.loadordergroup );
- }
-
- if ( out.config.dependencies ) {
- config->dependencies = TALLOC_ZERO_P( mem_ctx, UNISTR2 );
- copy_unistr2( config->dependencies, out.config.dependencies );
- }
-
- if ( out.config.startname ) {
- config->startname = TALLOC_ZERO_P( mem_ctx, UNISTR2 );
- copy_unistr2( config->startname, out.config.startname );
- }
-
- if ( out.config.displayname ) {
- config->displayname = TALLOC_ZERO_P( mem_ctx, UNISTR2 );
- copy_unistr2( config->displayname, out.config.displayname );
- }
-
- return out.status;
-}
diff --git a/source3/rpc_client/init_netlogon.c b/source3/rpc_client/init_netlogon.c
index 61841953fc..e4c39e739e 100644
--- a/source3/rpc_client/init_netlogon.c
+++ b/source3/rpc_client/init_netlogon.c
@@ -391,3 +391,20 @@ void init_netr_PasswordInfo(struct netr_PasswordInfo *r,
r->lmpassword = lmpassword;
r->ntpassword = ntpassword;
}
+
+/*************************************************************************
+ inits a netr_CryptPassword structure
+ *************************************************************************/
+
+void init_netr_CryptPassword(const char *pwd,
+ unsigned char session_key[16],
+ struct netr_CryptPassword *pwd_buf)
+{
+ struct samr_CryptPassword password_buf;
+
+ encode_pw_buffer(password_buf.data, pwd, STR_UNICODE);
+
+ SamOEMhash(password_buf.data, session_key, 516);
+ memcpy(pwd_buf->data, password_buf.data, 512);
+ pwd_buf->length = IVAL(password_buf.data, 512);
+}
diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c
index 2e757531ce..283be0d98b 100644
--- a/source3/rpc_client/init_samr.c
+++ b/source3/rpc_client/init_samr.c
@@ -41,21 +41,21 @@ void init_samr_DomInfo1(struct samr_DomInfo1 *r,
inits a structure.
********************************************************************/
-void init_samr_DomInfo2(struct samr_DomInfo2 *r,
- NTTIME force_logoff_time,
- const char *comment,
- const char *domain_name,
- const char *primary,
- uint64_t sequence_num,
- uint32_t unknown2,
- enum samr_Role role,
- uint32_t unknown3,
- uint32_t num_users,
- uint32_t num_groups,
- uint32_t num_aliases)
+void init_samr_DomGeneralInformation(struct samr_DomGeneralInformation *r,
+ NTTIME force_logoff_time,
+ const char *oem_information,
+ const char *domain_name,
+ const char *primary,
+ uint64_t sequence_num,
+ uint32_t unknown2,
+ enum samr_Role role,
+ uint32_t unknown3,
+ uint32_t num_users,
+ uint32_t num_groups,
+ uint32_t num_aliases)
{
r->force_logoff_time = force_logoff_time;
- init_lsa_String(&r->comment, comment);
+ init_lsa_String(&r->oem_information, oem_information);
init_lsa_String(&r->domain_name, domain_name);
init_lsa_String(&r->primary, primary);
r->sequence_num = sequence_num;
@@ -81,10 +81,10 @@ void init_samr_DomInfo3(struct samr_DomInfo3 *r,
inits a structure.
********************************************************************/
-void init_samr_DomInfo4(struct samr_DomInfo4 *r,
- const char *comment)
+void init_samr_DomOEMInformation(struct samr_DomOEMInformation *r,
+ const char *oem_information)
{
- init_lsa_String(&r->comment, comment);
+ init_lsa_String(&r->oem_information, oem_information);
}
/*******************************************************************
diff --git a/source3/rpc_client/ndr.c b/source3/rpc_client/ndr.c
index 72a33137a6..9ada47a3f5 100644
--- a/source3/rpc_client/ndr.c
+++ b/source3/rpc_client/ndr.c
@@ -41,7 +41,7 @@ NTSTATUS cli_do_rpc_ndr(struct rpc_pipe_client *cli,
call = &table->calls[opnum];
- push = ndr_push_init_ctx(mem_ctx);
+ push = ndr_push_init_ctx(mem_ctx, NULL);
if (!push) {
return NT_STATUS_NO_MEMORY;
}
@@ -77,7 +77,7 @@ NTSTATUS cli_do_rpc_ndr(struct rpc_pipe_client *cli,
prs_mem_free( &r_ps );
- pull = ndr_pull_init_blob(&blob, mem_ctx);
+ pull = ndr_pull_init_blob(&blob, mem_ctx, NULL);
if (pull == NULL) {
return NT_STATUS_NO_MEMORY;
}
generated by cgit (git 2.34.1) at 2024-12-27 14:25:12 +0000