From e357d9106895b165bfa3f8331b9f186004c9a6cd Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 9 Nov 1997 17:30:10 +0000 Subject: attempting to mark up 32 bit error codes, needed for NT domains. separated out smb server-mode password validation into a separate file. added called and calling netbios names to client gen state: referenced section in rfc1002.txt. created workstation trust account checking code in ntclient.c there might be a bug in reply_session_setup_andX. i indented and added { } around single-line if statements: the lm password checking code now doesn't look right (around the GUEST_SESSSETUP bits). *no code semantics have been changed by the indentation process*. (This used to be commit f27966957fa7f16d337a4a58719239d036deab4c) --- source3/client/client.c | 2 +- source3/client/ntclient.c | 127 +++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 116 insertions(+), 13 deletions(-) (limited to 'source3/client') diff --git a/source3/client/client.c b/source3/client/client.c index 52f4b837a6..082118e0ba 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -3900,7 +3900,7 @@ static void usage(char *pname) { if (!cli_send_login(NULL,NULL,True,True)) return(1); - do_nt_login(desthost, myhostname, Client, cnum); + do_nt_login(dest_ip, desthost, myhostname, Client, cnum); cli_send_logout(); close_sockets(); diff --git a/source3/client/ntclient.c b/source3/client/ntclient.c index 7e360981c0..a32f6e690d 100644 --- a/source3/client/ntclient.c +++ b/source3/client/ntclient.c @@ -25,6 +25,7 @@ #endif #include "includes.h" +#include "nterr.h" extern int DEBUGLEVEL; extern pstring username; @@ -35,11 +36,110 @@ extern pstring workgroup; #ifdef NTDOMAIN +/************************************************************************ + check workstation trust account status + ************************************************************************/ +BOOL wksta_trust_account_check(struct in_addr dest_ip, char *dest_host, + char *myhostname, char *domain) +{ + pstring tmp; + struct cli_state wksta_trust; + fstring mach_acct; + fstring mach_pwd; + fstring new_mach_pwd; + uchar lm_owf_mach_pwd[16]; + uchar nt_owf_mach_pwd[16]; + uchar lm_sess_pwd[24]; + uchar nt_sess_pwd[24]; + BOOL right_error_code = False; + + char *start_mach_pwd; + char *change_mach_pwd; + + fstrcpy(mach_acct, myhostname); + strlower(mach_pwd); + + fstrcpy(mach_pwd , myhostname); + strcat(mach_acct, "$"); + strupper(mach_acct); + + sprintf(tmp, "Enter Workstation Trust Account password for [%s].\nDefault is [%s]. Password: ", + mach_acct, mach_pwd); + + start_mach_pwd = (char*)getpass(tmp); + + if (start_mach_pwd[0] != 0) + { + fstrcpy(mach_pwd, start_mach_pwd); + } + + sprintf(tmp, "Enter new Workstation Trust Account password for [%s]\nPress Return to leave at old value. Password: ", + mach_acct); + + change_mach_pwd = (char*)getpass(tmp); + + fstrcpy(new_mach_pwd, change_mach_pwd); + + if (!cli_initialise(&wksta_trust)) + { + DEBUG(1,("cli_initialise failed for wksta_trust\n")); + return False; + } + + if (!server_connect_init(&wksta_trust, myhostname, dest_ip, dest_host)) + { + int err_cls; + int err_num; + cli_error(&wksta_trust, &err_cls, &err_num); + DEBUG(1,("server_connect_init failed (%s)\n", cli_errstr(&wksta_trust))); + + cli_shutdown(&wksta_trust); + return False; + } + + nt_lm_owf_gen(mach_pwd, nt_owf_mach_pwd, lm_owf_mach_pwd); + + DEBUG(5,("generating nt owf from initial machine pwd: %s\n", mach_pwd)); + SMBOWFencrypt(nt_owf_mach_pwd, wksta_trust.cryptkey, nt_sess_pwd); + SMBOWFencrypt(lm_owf_mach_pwd, wksta_trust.cryptkey, lm_sess_pwd); + + right_error_code = False; + + if (!server_validate2(&wksta_trust, mach_acct, domain, + lm_sess_pwd, sizeof(lm_sess_pwd), + nt_sess_pwd, sizeof(nt_sess_pwd))) + { + int err_cls; + int err_num; + cli_error(&wksta_trust, &err_cls, &err_num); + + if (err_cls == 0xC000 && err_num == NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT) + { + DEBUG(1,("server_validate: valid workstation trust account exists\n")); + right_error_code = True; + } + + if (err_cls == 0xC000 && err_num == NT_STATUS_NO_SUCH_USER) + { + DEBUG(1,("server_validate: workstation trust account does not exist\n")); + right_error_code = False; + } + } + + if (!right_error_code) + { + DEBUG(1,("server_validate failed (%s)\n", cli_errstr(&wksta_trust))); + } + + cli_shutdown(&wksta_trust); + return right_error_code; +} /**************************************************************************** experimental nt login. ****************************************************************************/ -BOOL do_nt_login(char *desthost, char *myhostname, +BOOL do_nt_login(struct in_addr dest_ip, char *dest_host, + char *myhostname, int Client, int cnum) { DOM_CHAL clnt_chal; @@ -66,9 +166,12 @@ BOOL do_nt_login(char *desthost, char *myhostname, uchar sess_key[8]; char nt_owf_mach_pwd[16]; + + fstring server_name; fstring mach_acct; + fstring mach_pwd; - fstring server_name; + fstring new_mach_pwd; RPC_IFACE abstract; RPC_IFACE transfer; @@ -88,6 +191,8 @@ BOOL do_nt_login(char *desthost, char *myhostname, uint32 call_id = 0; char *inbuf,*outbuf; + /******************** initialise ********************************/ + zerotime.time = 0; inbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN); @@ -99,6 +204,10 @@ BOOL do_nt_login(char *desthost, char *myhostname, return False; } + /************ check workstation trust account *******************/ + + wksta_trust_account_check(dest_ip, dest_host, myhostname, workgroup); + /******************* open the \PIPE\lsarpc file *****************/ if ((fnum = rpc_pipe_open(inbuf, outbuf, PIPE_LSARPC, Client, cnum)) == 0xffff) @@ -216,17 +325,11 @@ BOOL do_nt_login(char *desthost, char *myhostname, /******************* Request Challenge ********************/ - fstrcpy(mach_acct, myhostname); - strlower(mach_pwd); - - fstrcpy(mach_pwd , myhostname); - strcat(mach_acct, "$"); - SIVAL(clnt_chal.data, 0, 0x11111111); SIVAL(clnt_chal.data, 4, 0x22222222); /* send a client challenge; receive a server challenge */ - if (!do_lsa_req_chal(fnum, ++call_id, desthost, myhostname, &clnt_chal, &srv_chal)) + if (!do_lsa_req_chal(fnum, ++call_id, dest_host, myhostname, &clnt_chal, &srv_chal)) { cli_smb_close(inbuf, outbuf, Client, cnum, fnum); free(inbuf); free(outbuf); @@ -268,7 +371,7 @@ BOOL do_nt_login(char *desthost, char *myhostname, cred_create(sess_key, &clnt_chal, zerotime, &(clnt_cred.challenge)); /* send client auth-2 challenge; receive an auth-2 challenge */ - if (!do_lsa_auth2(fnum, ++call_id, desthost, mach_acct, 2, myhostname, + if (!do_lsa_auth2(fnum, ++call_id, dest_host, mach_acct, 2, myhostname, &(clnt_cred.challenge), 0x000001ff, &auth2_srv_chal)) { cli_smb_close(inbuf, outbuf, Client, cnum, fnum); @@ -311,7 +414,7 @@ BOOL do_nt_login(char *desthost, char *myhostname, /* send client sam-logon challenge; receive a sam-logon challenge */ if (!do_lsa_sam_logon(fnum, ++call_id, sess_key, &clnt_cred, - desthost, mach_acct, + dest_host, mach_acct, &sam_logon_clnt_cred, &sam_logon_rtn_cred, 1, 1, &id1, &user_info1, &sam_logon_srv_cred)) @@ -332,7 +435,7 @@ BOOL do_nt_login(char *desthost, char *myhostname, /* send client sam-logoff challenge; receive a sam-logoff challenge */ if (!do_lsa_sam_logoff(fnum, ++call_id, sess_key, &clnt_cred, - desthost, mach_acct, + dest_host, mach_acct, &sam_logoff_clnt_cred, &sam_logoff_rtn_cred, 1, 1, &id1, &sam_logoff_srv_cred)) -- cgit