From 2945490a0fb3dbcd6088a8825a3cd46d9f91ebf7 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Wed, 23 May 2007 15:17:49 +0000
Subject: r23091: Add rpccli_netlogon_sam_network_logon_ex, fix its parsing.
 This does not use the credential chain and only works over netlogon, but it
 would allow multiple outstanding auth requests for a single workstation
 account. (This used to be commit 123290d0947191abca4a3b3d81718c823c1bc4a0)

---
 source3/rpc_client/cli_netlogon.c | 92 +++++++++++++++++++++++++++++++++++++++
 source3/rpc_parse/parse_misc.c    |  3 +-
 source3/rpc_parse/parse_net.c     | 18 ++++++++
 3 files changed, 112 insertions(+), 1 deletion(-)

(limited to 'source3')

diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index 0fdc476775..6fc2f692fc 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -946,6 +946,98 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
         return result;
 }
 
+NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
+					      TALLOC_CTX *mem_ctx,
+					      uint32 logon_parameters,
+					      const char *server,
+					      const char *username,
+					      const char *domain,
+					      const char *workstation, 
+					      const uint8 chal[8], 
+					      DATA_BLOB lm_response,
+					      DATA_BLOB nt_response,
+					      NET_USER_INFO_3 *info3)
+{
+	prs_struct qbuf, rbuf;
+	NET_Q_SAM_LOGON_EX q;
+	NET_R_SAM_LOGON_EX r;
+	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+	NET_ID_INFO_CTR ctr;
+	int validation_level = 3;
+	const char *workstation_name_slash;
+	const char *server_name_slash;
+	static uint8 zeros[16];
+	int i;
+	
+	ZERO_STRUCT(q);
+	ZERO_STRUCT(r);
+
+	if (server[0] != '\\' && server[1] != '\\') {
+		server_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", server);
+	} else {
+		server_name_slash = server;
+	}
+
+	if (workstation[0] != '\\' && workstation[1] != '\\') {
+		workstation_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", workstation);
+	} else {
+		workstation_name_slash = workstation;
+	}
+
+	if (!workstation_name_slash || !server_name_slash) {
+		DEBUG(0, ("talloc_asprintf failed!\n"));
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	/* Initialise input parameters */
+
+	q.validation_level = validation_level;
+
+        ctr.switch_value = NET_LOGON_TYPE;
+
+	init_id_info2(&ctr.auth.id2, domain,
+		      logon_parameters, /* param_ctrl */
+		      0xdead, 0xbeef, /* LUID? */
+		      username, workstation_name_slash, (const uchar*)chal,
+		      lm_response.data, lm_response.length, nt_response.data,
+		      nt_response.length);
+ 
+        init_sam_info_ex(&q.sam_id, server_name_slash, global_myname(),
+			 NET_LOGON_TYPE, &ctr);
+
+        r.user = info3;
+
+        /* Marshall data and send request */
+
+	CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON_EX,
+		   q, r, qbuf, rbuf,
+		   net_io_q_sam_logon_ex,
+		   net_io_r_sam_logon_ex,
+		   NT_STATUS_UNSUCCESSFUL);
+
+	if (memcmp(zeros, info3->user_sess_key, 16) != 0) {
+		SamOEMhash(info3->user_sess_key, cli->dc->sess_key, 16);
+	} else {
+		memset(info3->user_sess_key, '\0', 16);
+	}
+
+	if (memcmp(zeros, info3->lm_sess_key, 8) != 0) {
+		SamOEMhash(info3->lm_sess_key, cli->dc->sess_key, 8);
+	} else {
+		memset(info3->lm_sess_key, '\0', 8);
+	}
+
+	for (i=0; i < 7; i++) {
+		memset(&info3->unknown[i], '\0', 4);
+	}
+
+        /* Return results */
+
+	result = r.status;
+
+        return result;
+}
+
 /***************************************************************************
 LSA Server Password Set.
 ****************************************************************************/
diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c
index 6838547090..586598db89 100644
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@@ -1337,7 +1337,8 @@ void init_dom_rid4(DOM_RID4 *rid4, uint16 unknown, uint16 attr, uint32 rid)
  Inits a DOM_CLNT_SRV structure.
 ********************************************************************/
 
-static void init_clnt_srv(DOM_CLNT_SRV *logcln, const char *logon_srv, const char *comp_name)
+void init_clnt_srv(DOM_CLNT_SRV *logcln, const char *logon_srv,
+		   const char *comp_name)
 {
 	DEBUG(5,("init_clnt_srv: %d\n", __LINE__));
 
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index 6e2b2b26e7..01d77f4e07 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -1375,6 +1375,21 @@ void init_sam_info(DOM_SAM_INFO *sam,
 	sam->ctr          = ctr;
 }
 
+/*******************************************************************
+ Inits a DOM_SAM_INFO structure.
+********************************************************************/
+
+void init_sam_info_ex(DOM_SAM_INFO_EX *sam,
+		      const char *logon_srv, const char *comp_name,
+		      uint16 logon_level, NET_ID_INFO_CTR *ctr)
+{
+	DEBUG(5,("init_sam_info_ex: %d\n", __LINE__));
+
+	init_clnt_srv(&sam->client, logon_srv, comp_name);
+	sam->logon_level  = logon_level;
+	sam->ctr          = ctr;
+}
+
 /*******************************************************************
  Reads or writes a DOM_SAM_INFO structure.
 ********************************************************************/
@@ -1993,6 +2008,9 @@ BOOL net_io_q_sam_logon_ex(const char *desc, NET_Q_SAM_LOGON_EX *q_l, prs_struct
 	if(!prs_uint16("validation_level", ps, depth, &q_l->validation_level))
 		return False;
 
+	if (!prs_align(ps))
+		return False;
+
 	if(!prs_uint32("flags  ", ps, depth, &q_l->flags))
 		return False;
 
-- 
cgit