From 755986764f5a6b0ec25c7f20fde0a80eb4d121ba Mon Sep 17 00:00:00 2001
From: Luke Leighton <lkcl@samba.org>
Date: Fri, 9 Oct 1998 19:05:19 +0000
Subject: dce/rpc (This used to be commit
 32d0f5e4a564686ad6b270dd24423ee49a81f223)

---
 source3/rpc_client/cli_pipe.c | 20 ++++++++++-------
 source3/rpc_client/cli_samr.c | 51 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 63 insertions(+), 8 deletions(-)

(limited to 'source3/rpc_client')

diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index f7060e0f71..761f23f885 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -293,7 +293,7 @@ static BOOL create_rpc_bind_req(prs_struct *rhdr,
                                 prs_struct *auth_ntlm,
 				uint32 call_id,
                                 RPC_IFACE *abstract, RPC_IFACE *transfer,
-                                char *my_name, char *domain)
+                                char *my_name, char *domain, uint32 neg_flags)
 {
 	RPC_HDR_RB           hdr_rb;
 	RPC_HDR              hdr;
@@ -322,7 +322,7 @@ static BOOL create_rpc_bind_req(prs_struct *rhdr,
 		mem_realloc_data(auth_req->data, auth_req->offset);
 
 		make_rpc_auth_ntlmssp_neg(&ntlmssp_neg,
-		                       0x0000b2b3, my_name, domain);
+		                       neg_flags, my_name, domain);
 
 		smb_io_rpc_auth_ntlmssp_neg("ntlmssp_neg", &ntlmssp_neg, auth_req, 0);
 		mem_realloc_data(auth_req->data, auth_req->offset);
@@ -451,7 +451,7 @@ static BOOL create_rpc_request(prs_struct *rhdr, uint8 op_num, int data_len,
 
 	if (auth_len != 0)
 	{
-		alloc_hint = data_len - 0x18 - auth_len - 12;
+		alloc_hint = data_len - 0x18 - auth_len - 10;
 	}
 	else
 	{
@@ -522,7 +522,7 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num,
 		RPC_AUTH_NTLMSSP_CHK chk;
 		RPC_HDR_AUTH         rhdr_auth;
 
-		make_rpc_hdr_auth(&rhdr_auth, 0x0a, 0x06, 0x02);
+		make_rpc_hdr_auth(&rhdr_auth, 0x0a, 0x06, 0x08);
 		smb_io_rpc_hdr_auth("hdr_auth", &rhdr_auth, &hdr_auth, 0);
 
 		make_rpc_auth_ntlmssp_chk(&chk, NTLMSSP_SIGN_VERSION, crc32, 0);
@@ -747,7 +747,8 @@ static BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name,
 	                    ntlmssp_auth ? &auth_req : NULL,
 	                    ntlmssp_auth ? &auth_ntlm : NULL,
 	                    call_id,
-	                    abstract, transfer, global_myname, cli->domain);
+	                    abstract, transfer,
+	                    global_myname, cli->domain, cli->ntlmssp_cli_flgs);
 
 	/* this is a hack due to limitations in rpc_api_pipe */
 	prs_init(&data, mem_buf_len(hdr.data), 4, 0x0, False);
@@ -884,16 +885,19 @@ BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name, BOOL encrypted)
 
 	if (encrypted)
 	{
-		cli->ntlmssp_cli_flgs =
+		cli->ntlmssp_cli_flgs = 
 		                    NTLMSSP_NEGOTIATE_UNICODE |
-		                    NTLMSSP_NEGOTIATE_OEM |
+/*		                    NTLMSSP_NEGOTIATE_OEM |
+ */
 		                    NTLMSSP_NEGOTIATE_SIGN |
 		                    NTLMSSP_NEGOTIATE_SEAL |
 		                    NTLMSSP_NEGOTIATE_LM_KEY |
 		                    NTLMSSP_NEGOTIATE_NTLM |
-		                    NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
+		                    NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
+/*
 		                    NTLMSSP_NEGOTIATE_00001000 |
 		                    NTLMSSP_NEGOTIATE_00002000;
+ */
 		DEBUG(5,("cli_nt_session_open: neg_flags: %lx\n",
 		         cli->ntlmssp_cli_flgs));
 	}
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index c9e806fd21..1428178c26 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -97,6 +97,57 @@ BOOL get_samr_query_userinfo(struct cli_state *cli,
 	return do_samr_close(cli, &pol_open_user);
 }
 
+/****************************************************************************
+do a SAMR unknown 0x38 command
+****************************************************************************/
+BOOL do_samr_unknown_38(struct cli_state *cli, char *srv_name)
+{
+	prs_struct data;
+	prs_struct rdata;
+
+	SAMR_Q_UNKNOWN_38 q_e;
+	BOOL valid_un8 = False;
+
+	/* create and send a MSRPC command with api SAMR_ENUM_DOM_USERS */
+
+	prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
+	prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
+
+	DEBUG(4,("SAMR Unknown 38 server:%s\n", srv_name));
+
+	make_samr_q_unknown_38(&q_e, srv_name);
+
+	/* turn parameters into data stream */
+	samr_io_q_unknown_38("", &q_e, &data, 0);
+
+	/* send the data on \PIPE\ */
+	if (rpc_api_pipe_req(cli, SAMR_UNKNOWN_38, &data, &rdata))
+	{
+		SAMR_R_UNKNOWN_38 r_e;
+		BOOL p;
+
+		samr_io_r_unknown_38("", &r_e, &rdata, 0);
+
+		p = rdata.offset != 0;
+		if (p && r_e.status != 0)
+		{
+			/* report error code */
+			DEBUG(0,("SAMR_R_UNKNOWN_38: %s\n", get_nt_error_msg(r_e.status)));
+			p = False;
+		}
+
+		if (p)
+		{
+			valid_un8 = True;
+		}
+	}
+
+	prs_mem_free(&data   );
+	prs_mem_free(&rdata  );
+
+	return valid_un8;
+}
+
 /****************************************************************************
 do a SAMR unknown 0x8 command
 ****************************************************************************/
-- 
cgit