summaryrefslogtreecommitdiff
path: root/source4/libnet/libnet_join.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/libnet/libnet_join.c')
-rw-r--r--source4/libnet/libnet_join.c68
1 files changed, 40 insertions, 28 deletions
diff --git a/source4/libnet/libnet_join.c b/source4/libnet/libnet_join.c
index 5776888cb0..0ed5e8ae26 100644
--- a/source4/libnet/libnet_join.c
+++ b/source4/libnet/libnet_join.c
@@ -27,7 +27,7 @@
#include "param/secrets.h"
#include "dsdb/samdb/samdb.h"
#include "ldb_wrap.h"
-#include "util/util_ldb.h"
+#include "../lib/util/util_ldb.h"
#include "libcli/security/security.h"
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
@@ -162,13 +162,19 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J
ZERO_STRUCT(r_crack_names);
r_crack_names.in.bind_handle = &drsuapi_bind_handle;
r_crack_names.in.level = 1;
- r_crack_names.in.req.req1.codepage = 1252; /* western european */
- r_crack_names.in.req.req1.language = 0x00000407; /* german */
- r_crack_names.in.req.req1.count = 1;
- r_crack_names.in.req.req1.names = names;
- r_crack_names.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
- r_crack_names.in.req.req1.format_offered= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
- r_crack_names.in.req.req1.format_desired= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
+ r_crack_names.in.req = talloc(r, union drsuapi_DsNameRequest);
+ if (!r_crack_names.in.req) {
+ r->out.error_string = NULL;
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+ r_crack_names.in.req->req1.codepage = 1252; /* western european */
+ r_crack_names.in.req->req1.language = 0x00000407; /* german */
+ r_crack_names.in.req->req1.count = 1;
+ r_crack_names.in.req->req1.names = names;
+ r_crack_names.in.req->req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
+ r_crack_names.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
+ r_crack_names.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
names[0].str = dom_sid_string(tmp_ctx, r->out.account_sid);
if (!names[0].str) {
r->out.error_string = NULL;
@@ -176,6 +182,14 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J
return NT_STATUS_NO_MEMORY;
}
+ r_crack_names.out.ctr = talloc(r, union drsuapi_DsNameCtr);
+ r_crack_names.out.level_out = talloc(r, int32_t);
+ if (!r_crack_names.out.ctr || !r_crack_names.out.level_out) {
+ r->out.error_string = NULL;
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
status = dcerpc_drsuapi_DsCrackNames(drsuapi_pipe, tmp_ctx, &r_crack_names);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
@@ -201,24 +215,24 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J
"DsCrackNames failed - %s", win_errstr(r_crack_names.out.result));
talloc_free(tmp_ctx);
return NT_STATUS_UNSUCCESSFUL;
- } else if (r_crack_names.out.level != 1
- || !r_crack_names.out.ctr.ctr1
- || r_crack_names.out.ctr.ctr1->count != 1) {
+ } else if (*r_crack_names.out.level_out != 1
+ || !r_crack_names.out.ctr->ctr1
+ || r_crack_names.out.ctr->ctr1->count != 1) {
r->out.error_string = talloc_asprintf(r, "DsCrackNames failed");
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_PARAMETER;
- } else if (r_crack_names.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
- r->out.error_string = talloc_asprintf(r, "DsCrackNames failed: %d", r_crack_names.out.ctr.ctr1->array[0].status);
+ } else if (r_crack_names.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
+ r->out.error_string = talloc_asprintf(r, "DsCrackNames failed: %d", r_crack_names.out.ctr->ctr1->array[0].status);
talloc_free(tmp_ctx);
return NT_STATUS_UNSUCCESSFUL;
- } else if (r_crack_names.out.ctr.ctr1->array[0].result_name == NULL) {
+ } else if (r_crack_names.out.ctr->ctr1->array[0].result_name == NULL) {
r->out.error_string = talloc_asprintf(r, "DsCrackNames failed: no result name");
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_PARAMETER;
}
/* Store the DN of our machine account. */
- account_dn_str = r_crack_names.out.ctr.ctr1->array[0].result_name;
+ account_dn_str = r_crack_names.out.ctr->ctr1->array[0].result_name;
/* Now we know the user's DN, open with LDAP, read and modify a few things */
@@ -248,8 +262,8 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J
}
/* search for the user's record */
- ret = ldb_search(remote_ldb, account_dn, LDB_SCOPE_BASE,
- NULL, attrs, &res);
+ ret = ldb_search(remote_ldb, tmp_ctx, &res,
+ account_dn, LDB_SCOPE_BASE, attrs, NULL);
if (ret != LDB_SUCCESS) {
r->out.error_string = talloc_asprintf(r, "ldb_search for %s failed - %s",
account_dn_str, ldb_errstring(remote_ldb));
@@ -257,8 +271,6 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J
return NT_STATUS_UNSUCCESSFUL;
}
- talloc_steal(tmp_ctx, res);
-
if (res->count != 1) {
r->out.error_string = talloc_asprintf(r, "ldb_search for %s failed - found %d entries",
account_dn_str, res->count);
@@ -330,8 +342,8 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J
}
/* DsCrackNames to find out the DN of the domain. */
- r_crack_names.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
- r_crack_names.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
+ r_crack_names.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
+ r_crack_names.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
names[0].str = talloc_asprintf(tmp_ctx, "%s\\", r->out.domain_name);
if (!names[0].str) {
r->out.error_string = NULL;
@@ -364,11 +376,11 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J
"DsCrackNames failed - %s", win_errstr(r_crack_names.out.result));
talloc_free(tmp_ctx);
return NT_STATUS_UNSUCCESSFUL;
- } else if (r_crack_names.out.level != 1
- || !r_crack_names.out.ctr.ctr1
- || r_crack_names.out.ctr.ctr1->count != 1
- || !r_crack_names.out.ctr.ctr1->array[0].result_name
- || r_crack_names.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
+ } else if (*r_crack_names.out.level_out != 1
+ || !r_crack_names.out.ctr->ctr1
+ || r_crack_names.out.ctr->ctr1->count != 1
+ || !r_crack_names.out.ctr->ctr1->array[0].result_name
+ || r_crack_names.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
r->out.error_string = talloc_asprintf(r, "DsCrackNames failed");
talloc_free(tmp_ctx);
return NT_STATUS_UNSUCCESSFUL;
@@ -379,8 +391,8 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J
talloc_steal(r, account_dn_str);
/* Store the domain DN. */
- r->out.domain_dn_str = r_crack_names.out.ctr.ctr1->array[0].result_name;
- talloc_steal(r, r_crack_names.out.ctr.ctr1->array[0].result_name);
+ r->out.domain_dn_str = r_crack_names.out.ctr->ctr1->array[0].result_name;
+ talloc_steal(r, r_crack_names.out.ctr->ctr1->array[0].result_name);
/* Store the KVNO of the account, critical for some kerberos
* operations */
generated by cgit (git 2.34.1) at 2024-07-20 04:53:45 +0000