From d3832506b2583130c4f4ba4b3edeabca987b7cbb Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 29 Apr 1998 00:02:57 +0000
Subject: This is the checkin that adds the security=domain functionality.

WARNING - so far this has only been tested against a Samba PDC
(still waiting for IS to add me the machine accounts :-).

Still missing is the code in smbpasswd that will add a machine
account password and change it on the domain controller, but
this is not hard, and I will check it in soon.

Jeremy.
(This used to be commit 17b94a7084621b3f0106dd4d3386f05cdfc56d19)
---
 source3/include/proto.h        | 46 ++++++++++++++++++++++++++++++++++++++----
 source3/include/rpc_netlogon.h |  3 +++
 source3/include/smb.h          |  8 ++------
 3 files changed, 47 insertions(+), 10 deletions(-)

(limited to 'source3/include')

diff --git a/source3/include/proto.h b/source3/include/proto.h
index b999e6a4b6..60f04bde87 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -60,6 +60,7 @@ BOOL cli_api_pipe(struct cli_state *cli, char *pipe_name, int pipe_name_len,
                   char **rparam, uint32 *rparam_count,
                   char **rdata, uint32 *rdata_count);
 BOOL cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation);
+BOOL cli_RNetShareEnum(struct cli_state *cli, void (*fn)(char *, uint32, char *));
 BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype,
 		       void (*fn)(char *, uint32, char *));
 BOOL cli_session_setup(struct cli_state *cli, 
@@ -222,6 +223,44 @@ int reply_trans(char *inbuf,char *outbuf, int size, int bufsize);
 void interpret_coding_system(char *str);
 void initialize_multibyte_vectors( int client_codepage);
 
+/*The following definitions come from  lib/rpc/client/cli_login.c  */
+
+BOOL cli_nt_setup_creds(struct cli_state *cli, unsigned char mach_pwd[16]);
+BOOL cli_nt_srv_pwset(struct cli_state *cli, unsigned char *new_hashof_mach_pwd);
+BOOL cli_nt_login_interactive(struct cli_state *cli, char *domain, char *username, 
+                              uint32 smb_userid_low, char *password,
+                              NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3);
+BOOL cli_nt_login_network(struct cli_state *cli, char *domain, char *username, 
+                          uint32 smb_userid_low, char lm_chal[8], char lm_chal_resp[24],
+                          char nt_chal_resp[24],
+                          NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3);
+BOOL cli_nt_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr);
+
+/*The following definitions come from  lib/rpc/client/cli_netlogon.c  */
+
+BOOL cli_net_logon_ctrl2(struct cli_state *cli, uint32 status_level);
+BOOL cli_net_auth2(struct cli_state *cli, uint16 sec_chan, 
+                   uint32 neg_flags, DOM_CHAL *srv_chal);
+BOOL cli_net_req_chal(struct cli_state *cli, DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal);
+BOOL cli_net_srv_pwset(struct cli_state *cli, uint8 hashed_mach_pwd[16]);
+BOOL cli_net_sam_logon(struct cli_state *cli, NET_ID_INFO_CTR *ctr, 
+                       NET_USER_INFO_3 *user_info3);
+BOOL cli_net_sam_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr);
+
+/*The following definitions come from  lib/rpc/client/cli_pipe.c  */
+
+uint32 get_rpc_call_id(void);
+BOOL rpc_api_pipe(struct cli_state *cli, uint16 cmd, 
+                  prs_struct *param , prs_struct *data,
+                  prs_struct *rparam, prs_struct *rdata);
+BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num,
+                      prs_struct *data, prs_struct *rdata);
+BOOL rpc_pipe_set_hnd_state(struct cli_state *cli, char *pipe_name, uint16 device_state);
+BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name,
+                   RPC_IFACE *abstract, RPC_IFACE *transfer, BOOL ntlmssp_auth);
+BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name, BOOL encrypted);
+void nt_session_close(struct cli_state *cli);
+
 /*The following definitions come from  lib/rpc/parse/parse_lsa.c  */
 
 void make_lsa_trans_name(LSA_TRANS_NAME *trn, uint32 sid_name_use, char *name, uint32 idx);
@@ -347,9 +386,8 @@ void make_q_auth_2(NET_Q_AUTH_2 *q_a,
 		DOM_CHAL *clnt_chal, uint32 clnt_flgs);
 void net_io_q_auth_2(char *desc,  NET_Q_AUTH_2 *q_a, prs_struct *ps, int depth);
 void net_io_r_auth_2(char *desc,  NET_R_AUTH_2 *r_a, prs_struct *ps, int depth);
-void make_q_srv_pwset(NET_Q_SRV_PWSET *q_s, char sess_key[16],
-		char *logon_srv, char *acct_name, uint16 sec_chan, char *comp_name,
-		DOM_CRED *cred, char nt_cypher[16]);
+void make_q_srv_pwset(NET_Q_SRV_PWSET *q_s, char *logon_srv, char *acct_name, 
+                uint16 sec_chan, char *comp_name, DOM_CRED *cred, char nt_cypher[16]);
 void net_io_q_srv_pwset(char *desc,  NET_Q_SRV_PWSET *q_s, prs_struct *ps, int depth);
 void net_io_r_srv_pwset(char *desc,  NET_R_SRV_PWSET *r_s, prs_struct *ps, int depth);
 void make_id_info1(NET_ID_INFO_1 *id, char *domain_name,
@@ -1707,7 +1745,7 @@ void D_P16(unsigned char *p14, unsigned char *in, unsigned char *out);
 void E_old_pw_hash( unsigned char *p14, unsigned char *in, unsigned char *out);
 void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key);
 void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key);
-void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key);
+void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int forw);
 void SamOEMhash( unsigned char *data, unsigned char *key, int val);
 
 /*The following definitions come from  smbencrypt.c  */
diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h
index 1fc6596821..ca8231fc5b 100644
--- a/source3/include/rpc_netlogon.h
+++ b/source3/include/rpc_netlogon.h
@@ -301,6 +301,9 @@ typedef struct id_info_1
 
 } NET_ID_INFO_1;
 
+#define INTERACTIVE_LOGON_TYPE 1
+#define NET_LOGON_TYPE 2
+
 /* NET_ID_INFO_CTR */
 typedef struct net_id_info_ctr_info
 {
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 1bf5b318b3..33b38706df 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -335,8 +335,8 @@ struct cli_state {
   uint16 nt_pipe_fnum;               /* Pipe handle. */
   unsigned char sess_key[16];        /* Current session key. */
   DOM_CRED clnt_cred;                /* Client credential. */
-  fstring mach_acct;
-  fstring srv_name;
+  fstring mach_acct;                 /* MYNAME$. */
+  fstring srv_name_slash;            /* \\remote server. */
 };
 
 
@@ -1070,11 +1070,7 @@ char *Strstr(char *s, char *p);
 enum protocol_types {PROTOCOL_NONE,PROTOCOL_CORE,PROTOCOL_COREPLUS,PROTOCOL_LANMAN1,PROTOCOL_LANMAN2,PROTOCOL_NT1};
 
 /* security levels */
-#ifdef DOMAIN_CLIENT
 enum security_types {SEC_SHARE,SEC_USER,SEC_SERVER,SEC_DOMAIN};
-#else /* DOMAIN_CLIENT */
-enum security_types {SEC_SHARE,SEC_USER,SEC_SERVER};
-#endif /* DOMAIN_CLIENT */
 
 /* printing types */
 enum printing_types {PRINT_BSD,PRINT_SYSV,PRINT_AIX,PRINT_HPUX,
-- 
cgit