diff options
author | Volker Lendecke <vlendec@samba.org> | 2007-05-23 15:17:49 +0000 |
---|---|---|
committer | Volker Lendecke <vlendec@samba.org> | 2007-05-23 15:17:49 +0000 |
commit | 92c6c6db28007bef1b1a691b5a8e1ce8d6b9a38f (patch) | |
tree | 3e8e05a729480631fc357d781c70c53e9f3e37cb /source | |
parent | 16984a8a69b7d5f82d156ab2b39aa0fdb29298b4 (diff) | |
download | samba-92c6c6db28007bef1b1a691b5a8e1ce8d6b9a38f.tar.gz samba-92c6c6db28007bef1b1a691b5a8e1ce8d6b9a38f.tar.xz samba-92c6c6db28007bef1b1a691b5a8e1ce8d6b9a38f.zip |
r23091: Add rpccli_netlogon_sam_network_logon_ex, fix its parsing. This does not
use the credential chain and only works over netlogon, but it would
allow multiple outstanding auth requests for a single workstation
account.
Diffstat (limited to 'source')
-rw-r--r-- | source/rpc_client/cli_netlogon.c | 92 | ||||
-rw-r--r-- | source/rpc_parse/parse_misc.c | 3 | ||||
-rw-r--r-- | source/rpc_parse/parse_net.c | 18 |
3 files changed, 112 insertions, 1 deletions
diff --git a/source/rpc_client/cli_netlogon.c b/source/rpc_client/cli_netlogon.c index 7296c45ebc4..6099c8dc1b2 100644 --- a/source/rpc_client/cli_netlogon.c +++ b/source/rpc_client/cli_netlogon.c @@ -908,6 +908,98 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli, return result; } +NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + uint32 logon_parameters, + const char *server, + const char *username, + const char *domain, + const char *workstation, + const uint8 chal[8], + DATA_BLOB lm_response, + DATA_BLOB nt_response, + NET_USER_INFO_3 *info3) +{ + prs_struct qbuf, rbuf; + NET_Q_SAM_LOGON_EX q; + NET_R_SAM_LOGON_EX r; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + NET_ID_INFO_CTR ctr; + int validation_level = 3; + const char *workstation_name_slash; + const char *server_name_slash; + static uint8 zeros[16]; + int i; + + ZERO_STRUCT(q); + ZERO_STRUCT(r); + + if (server[0] != '\\' && server[1] != '\\') { + server_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", server); + } else { + server_name_slash = server; + } + + if (workstation[0] != '\\' && workstation[1] != '\\') { + workstation_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", workstation); + } else { + workstation_name_slash = workstation; + } + + if (!workstation_name_slash || !server_name_slash) { + DEBUG(0, ("talloc_asprintf failed!\n")); + return NT_STATUS_NO_MEMORY; + } + + /* Initialise input parameters */ + + q.validation_level = validation_level; + + ctr.switch_value = NET_LOGON_TYPE; + + init_id_info2(&ctr.auth.id2, domain, + logon_parameters, /* param_ctrl */ + 0xdead, 0xbeef, /* LUID? */ + username, workstation_name_slash, (const uchar*)chal, + lm_response.data, lm_response.length, nt_response.data, + nt_response.length); + + init_sam_info_ex(&q.sam_id, server_name_slash, global_myname(), + NET_LOGON_TYPE, &ctr); + + r.user = info3; + + /* Marshall data and send request */ + + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON_EX, + q, r, qbuf, rbuf, + net_io_q_sam_logon_ex, + net_io_r_sam_logon_ex, + NT_STATUS_UNSUCCESSFUL); + + if (memcmp(zeros, info3->user_sess_key, 16) != 0) { + SamOEMhash(info3->user_sess_key, cli->dc->sess_key, 16); + } else { + memset(info3->user_sess_key, '\0', 16); + } + + if (memcmp(zeros, info3->lm_sess_key, 8) != 0) { + SamOEMhash(info3->lm_sess_key, cli->dc->sess_key, 8); + } else { + memset(info3->lm_sess_key, '\0', 8); + } + + for (i=0; i < 7; i++) { + memset(&info3->unknown[i], '\0', 4); + } + + /* Return results */ + + result = r.status; + + return result; +} + /*************************************************************************** LSA Server Password Set. ****************************************************************************/ diff --git a/source/rpc_parse/parse_misc.c b/source/rpc_parse/parse_misc.c index 9fa7c7d674d..5d42315d0d2 100644 --- a/source/rpc_parse/parse_misc.c +++ b/source/rpc_parse/parse_misc.c @@ -1384,7 +1384,8 @@ void init_dom_rid4(DOM_RID4 *rid4, uint16 unknown, uint16 attr, uint32 rid) Inits a DOM_CLNT_SRV structure. ********************************************************************/ -static void init_clnt_srv(DOM_CLNT_SRV *logcln, const char *logon_srv, const char *comp_name) +void init_clnt_srv(DOM_CLNT_SRV *logcln, const char *logon_srv, + const char *comp_name) { DEBUG(5,("init_clnt_srv: %d\n", __LINE__)); diff --git a/source/rpc_parse/parse_net.c b/source/rpc_parse/parse_net.c index 28e10caeec1..382277a273c 100644 --- a/source/rpc_parse/parse_net.c +++ b/source/rpc_parse/parse_net.c @@ -1292,6 +1292,21 @@ void init_sam_info(DOM_SAM_INFO *sam, } /******************************************************************* + Inits a DOM_SAM_INFO structure. +********************************************************************/ + +void init_sam_info_ex(DOM_SAM_INFO_EX *sam, + const char *logon_srv, const char *comp_name, + uint16 logon_level, NET_ID_INFO_CTR *ctr) +{ + DEBUG(5,("init_sam_info_ex: %d\n", __LINE__)); + + init_clnt_srv(&sam->client, logon_srv, comp_name); + sam->logon_level = logon_level; + sam->ctr = ctr; +} + +/******************************************************************* Reads or writes a DOM_SAM_INFO structure. ********************************************************************/ @@ -1909,6 +1924,9 @@ BOOL net_io_q_sam_logon_ex(const char *desc, NET_Q_SAM_LOGON_EX *q_l, prs_struct if(!prs_uint16("validation_level", ps, depth, &q_l->validation_level)) return False; + if (!prs_align(ps)) + return False; + if(!prs_uint32("flags ", ps, depth, &q_l->flags)) return False; |