summaryrefslogtreecommitdiffstats
path: root/source
diff options
context:
space:
mode:
authorLuke Leighton <lkcl@samba.org>2000-03-09 04:30:57 +0000
committerLuke Leighton <lkcl@samba.org>2000-03-09 04:30:57 +0000
commit4ba2096a0390529bcfb01fc1fd0569d2ea27850d (patch)
tree138962bc1eb3dee955ed42e59389f7f0ff29691e /source
parent68323cbbea6279df8b46763350713116fcf062a9 (diff)
downloadsamba-4ba2096a0390529bcfb01fc1fd0569d2ea27850d.tar.gz
samba-4ba2096a0390529bcfb01fc1fd0569d2ea27850d.tar.xz
samba-4ba2096a0390529bcfb01fc1fd0569d2ea27850d.zip
login validation level 2 and 3 negotiated from netr_auth2 neg_flags.
Diffstat (limited to 'source')
-rw-r--r--source/include/proto.h202
-rw-r--r--source/include/rpc_client_proto.h36
-rw-r--r--source/include/rpc_parse_proto.h1
-rw-r--r--source/include/rpc_samr.h12
-rw-r--r--source/include/winbindd_proto.h1
-rw-r--r--source/rpc_client/cli_login.c61
-rw-r--r--source/rpc_client/msrpc_netlogon.c17
-rw-r--r--source/rpc_client/msrpc_samr.c4
-rw-r--r--source/rpc_parse/parse_prs.c2
-rw-r--r--source/rpc_parse/parse_samr.c88
-rw-r--r--source/rpcclient/cmd_netlogon.c9
-rw-r--r--source/samrd/srv_samr_dom_tdb.c5
-rw-r--r--source/samrd/srv_samr_passdb.c5
13 files changed, 299 insertions, 144 deletions
diff --git a/source/include/proto.h b/source/include/proto.h
index 3b6c2dd4fd8..a0d3587f32d 100644
--- a/source/include/proto.h
+++ b/source/include/proto.h
@@ -2167,7 +2167,8 @@ uint32 cli_nt_setup_creds(const char *srv_name,
const char *domain,
const char *myhostname,
const char *trust_acct,
- const uchar trust_pwd[16], uint16 sec_chan);
+ const uchar trust_pwd[16], uint16 sec_chan,
+ uint16 *validation_level);
BOOL cli_nt_srv_pwset(const char *srv_name, const char *myhostname,
const char *trust_acct,
const uchar * new_hashof_trust_pwd, uint16 sec_chan);
@@ -2175,22 +2176,27 @@ BOOL cli_nt_login_general(const char *srv_name, const char *myhostname,
const char *domain, const char *username,
uint32 luid_low,
const char *general,
- NET_ID_INFO_CTR * ctr, NET_USER_INFO_3 * user_info3);
+ NET_ID_INFO_CTR * ctr,
+ uint16 validation_level,
+ NET_USER_INFO_3 * user_info3);
uint32 cli_nt_login_interactive(const char *srv_name, const char *myhostname,
- const char *domain, const char *username,
- uint32 luid_low,
- const uchar * lm_owf_user_pwd,
- const uchar * nt_owf_user_pwd,
- NET_ID_INFO_CTR * ctr,
- NET_USER_INFO_3 * user_info3);
+ const char *domain, const char *username,
+ uint32 luid_low,
+ const uchar * lm_owf_user_pwd,
+ const uchar * nt_owf_user_pwd,
+ NET_ID_INFO_CTR * ctr,
+ uint16 validation_level,
+ NET_USER_INFO_3 * user_info3);
uint32 cli_nt_login_network(const char *srv_name, const char *myhostname,
- const char *domain, const char *username,
- uint32 luid_low, const char lm_chal[8],
- const char *lm_chal_resp,
- int lm_chal_len,
- const char *nt_chal_resp,
- int nt_chal_len,
- NET_ID_INFO_CTR * ctr, NET_USER_INFO_3 * user_info3);
+ const char *domain, const char *username,
+ uint32 luid_low, const char lm_chal[8],
+ const char *lm_chal_resp,
+ int lm_chal_len,
+ const char *nt_chal_resp,
+ int nt_chal_len,
+ NET_ID_INFO_CTR * ctr,
+ uint16 validation_level,
+ NET_USER_INFO_3 * user_info3);
BOOL cli_nt_logoff(const char *srv_name, const char *myhostname,
NET_ID_INFO_CTR * ctr);
BOOL net_sam_sync(const char *srv_name,
@@ -4435,70 +4441,110 @@ void smbd_process(void);
/*The following definitions come from smbd/reply.c */
-int reply_special(char *inbuf,char *outbuf);
-int reply_tcon(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize);
-int reply_unknown(char *inbuf,char *outbuf);
-int reply_ioctl(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize);
-int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize);
-int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize);
-int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize);
-int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz);
-int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize);
-int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,int dum_buffsize);
-int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize);
-int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_exit(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_close(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_writeclose(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_lock(connection_struct *conn,
- char *inbuf,char *outbuf, int length, int dum_buffsize);
-int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_tdis(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_echo(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_printopen(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_printclose(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_printqueue(connection_struct *conn,
- char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int rename_internals(connection_struct *conn,
- char *inbuf, char *outbuf, char *name,
+int reply_special(char *inbuf, char *outbuf);
+int reply_tcon(connection_struct * conn,
+ char *inbuf, char *outbuf, int dum_size, int dum_buffsize);
+int reply_tcon_and_X(connection_struct * conn, char *inbuf, char *outbuf,
+ int length, int bufsize);
+int reply_unknown(char *inbuf, char *outbuf);
+int reply_ioctl(connection_struct * conn,
+ char *inbuf, char *outbuf, int dum_size, int dum_buffsize);
+int reply_sesssetup_and_X(connection_struct * conn, char *inbuf, char *outbuf,
+ int length, int bufsize);
+int reply_chkpth(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_getatr(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_setatr(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_dskattr(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_search(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_fclose(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_open(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_open_and_X(connection_struct * conn, char *inbuf, char *outbuf,
+ int length, int bufsize);
+int reply_ulogoffX(connection_struct * conn, char *inbuf, char *outbuf,
+ int length, int bufsize);
+int reply_mknew(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_ctemp(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_unlink(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_readbraw(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_lockread(connection_struct * conn, char *inbuf, char *outbuf,
+ int length, int dum_buffsiz);
+int reply_read(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_read_and_X(connection_struct * conn, char *inbuf, char *outbuf,
+ int length, int bufsize);
+int reply_writebraw(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_writeunlock(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_write(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_write_and_X(connection_struct * conn, char *inbuf, char *outbuf,
+ int length, int bufsize);
+int reply_lseek(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_flush(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_exit(connection_struct * conn,
+ char *inbuf, char *outbuf, int dum_size, int dum_buffsize);
+int reply_close(connection_struct * conn,
+ char *inbuf, char *outbuf, int dum_size, int dum_buffsize);
+int reply_writeclose(connection_struct * conn,
+ char *inbuf, char *outbuf, int dum_size,
+ int dum_buffsize);
+int reply_lock(connection_struct * conn,
+ char *inbuf, char *outbuf, int length, int dum_buffsize);
+int reply_unlock(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_tdis(connection_struct * conn,
+ char *inbuf, char *outbuf, int dum_size, int dum_buffsize);
+int reply_echo(connection_struct * conn,
+ char *inbuf, char *outbuf, int dum_size, int dum_buffsize);
+int reply_printopen(connection_struct * conn,
+ char *inbuf, char *outbuf, int dum_size, int dum_buffsize);
+int reply_printclose(connection_struct * conn,
+ char *inbuf, char *outbuf, int dum_size,
+ int dum_buffsize);
+int reply_printqueue(connection_struct * conn,
+ char *inbuf, char *outbuf, int dum_size,
+ int dum_buffsize);
+int reply_printwrite(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_mkdir(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_rmdir(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int rename_internals(connection_struct * conn,
+ char *inbuf, char *outbuf, char *name,
char *newname, BOOL replace_if_exists);
-int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize);
-int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize);
-int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
-int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize);
+int reply_mv(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_copy(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_setdir(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_lockingX(connection_struct * conn, char *inbuf, char *outbuf,
+ int length, int bufsize);
+int reply_readbmpx(connection_struct * conn, char *inbuf, char *outbuf,
+ int length, int bufsize);
+int reply_writebmpx(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_writebs(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_setattrE(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
+int reply_getattrE(connection_struct * conn, char *inbuf, char *outbuf,
+ int dum_size, int dum_buffsize);
/*The following definitions come from smbd/server.c */
diff --git a/source/include/rpc_client_proto.h b/source/include/rpc_client_proto.h
index 9dfc89fc204..897265ffad6 100644
--- a/source/include/rpc_client_proto.h
+++ b/source/include/rpc_client_proto.h
@@ -83,7 +83,8 @@ uint32 cli_nt_setup_creds(const char *srv_name,
const char *domain,
const char *myhostname,
const char *trust_acct,
- const uchar trust_pwd[16], uint16 sec_chan);
+ const uchar trust_pwd[16], uint16 sec_chan,
+ uint16 *validation_level);
BOOL cli_nt_srv_pwset(const char *srv_name, const char *myhostname,
const char *trust_acct,
const uchar * new_hashof_trust_pwd, uint16 sec_chan);
@@ -91,22 +92,27 @@ BOOL cli_nt_login_general(const char *srv_name, const char *myhostname,
const char *domain, const char *username,
uint32 luid_low,
const char *general,
- NET_ID_INFO_CTR * ctr, NET_USER_INFO_3 * user_info3);
+ NET_ID_INFO_CTR * ctr,
+ uint16 validation_level,
+ NET_USER_INFO_3 * user_info3);
uint32 cli_nt_login_interactive(const char *srv_name, const char *myhostname,
- const char *domain, const char *username,
- uint32 luid_low,
- const uchar * lm_owf_user_pwd,
- const uchar * nt_owf_user_pwd,
- NET_ID_INFO_CTR * ctr,
- NET_USER_INFO_3 * user_info3);
+ const char *domain, const char *username,
+ uint32 luid_low,
+ const uchar * lm_owf_user_pwd,
+ const uchar * nt_owf_user_pwd,
+ NET_ID_INFO_CTR * ctr,
+ uint16 validation_level,
+ NET_USER_INFO_3 * user_info3);
uint32 cli_nt_login_network(const char *srv_name, const char *myhostname,
- const char *domain, const char *username,
- uint32 luid_low, const char lm_chal[8],
- const char *lm_chal_resp,
- int lm_chal_len,
- const char *nt_chal_resp,
- int nt_chal_len,
- NET_ID_INFO_CTR * ctr, NET_USER_INFO_3 * user_info3);
+ const char *domain, const char *username,
+ uint32 luid_low, const char lm_chal[8],
+ const char *lm_chal_resp,
+ int lm_chal_len,
+ const char *nt_chal_resp,
+ int nt_chal_len,
+ NET_ID_INFO_CTR * ctr,
+ uint16 validation_level,
+ NET_USER_INFO_3 * user_info3);
BOOL cli_nt_logoff(const char *srv_name, const char *myhostname,
NET_ID_INFO_CTR * ctr);
BOOL net_sam_sync(const char *srv_name,
diff --git a/source/include/rpc_parse_proto.h b/source/include/rpc_parse_proto.h
index 1aac58e4023..b5fc732a9c1 100644
--- a/source/include/rpc_parse_proto.h
+++ b/source/include/rpc_parse_proto.h
@@ -436,6 +436,7 @@ BOOL samr_io_q_query_dom_info(char *desc, SAMR_Q_QUERY_DOMAIN_INFO * q_u,
BOOL make_unk_info3(SAM_UNK_INFO_3 * u_3);
BOOL make_unk_info6(SAM_UNK_INFO_6 * u_6);
BOOL make_unk_info7(SAM_UNK_INFO_7 * u_7);
+BOOL make_unk_info12(SAM_UNK_INFO_12 * u_12);
BOOL make_unk_info2(SAM_UNK_INFO_2 * u_2, char *domain, char *server);
BOOL make_unk_info1(SAM_UNK_INFO_1 * u_1);
BOOL make_samr_r_query_dom_info(SAMR_R_QUERY_DOMAIN_INFO * r_u,
diff --git a/source/include/rpc_samr.h b/source/include/rpc_samr.h
index 5f1fc20268e..68e0e85e462 100644
--- a/source/include/rpc_samr.h
+++ b/source/include/rpc_samr.h
@@ -439,6 +439,17 @@ typedef struct sam_unknown_info_7_info
} SAM_UNK_INFO_7;
+typedef struct sam_unknown_info_12_inf
+{
+ uint32 unknown_0; /* 0xcf1d cc00 */
+ uint32 unknown_1; /* 0xffff fffb */
+ uint32 unknown_2; /* 0xcf1d cc00 */
+ uint32 unknown_3; /* 0xffff fffb */
+
+ uint32 unknown_4; /* 0x8a88 0000 */
+
+} SAM_UNK_INFO_12;
+
typedef struct sam_unknown_info_2_inf
{
uint32 unknown_0; /* 0x0000 0000 */
@@ -488,6 +499,7 @@ typedef struct sam_unknown_ctr_info
SAM_UNK_INFO_3 inf3;
SAM_UNK_INFO_6 inf6;
SAM_UNK_INFO_7 inf7;
+ SAM_UNK_INFO_12 inf12;
} info;
diff --git a/source/include/winbindd_proto.h b/source/include/winbindd_proto.h
index a79c8b2e598..881b69097ac 100644
--- a/source/include/winbindd_proto.h
+++ b/source/include/winbindd_proto.h
@@ -2170,6 +2170,7 @@ BOOL samr_io_q_query_dom_info(char *desc, SAMR_Q_QUERY_DOMAIN_INFO * q_u,
BOOL make_unk_info3(SAM_UNK_INFO_3 * u_3);
BOOL make_unk_info6(SAM_UNK_INFO_6 * u_6);
BOOL make_unk_info7(SAM_UNK_INFO_7 * u_7);
+BOOL make_unk_info12(SAM_UNK_INFO_12 * u_12);
BOOL make_unk_info2(SAM_UNK_INFO_2 * u_2, char *domain, char *server);
BOOL make_unk_info1(SAM_UNK_INFO_1 * u_1);
BOOL make_samr_r_query_dom_info(SAMR_R_QUERY_DOMAIN_INFO * r_u,
diff --git a/source/rpc_client/cli_login.c b/source/rpc_client/cli_login.c
index 9316e61f0fa..9a7f0cbddd6 100644
--- a/source/rpc_client/cli_login.c
+++ b/source/rpc_client/cli_login.c
@@ -34,7 +34,8 @@ uint32 cli_nt_setup_creds(const char *srv_name,
const char *domain,
const char *myhostname,
const char *trust_acct,
- const uchar trust_pwd[16], uint16 sec_chan)
+ const uchar trust_pwd[16], uint16 sec_chan,
+ uint16 * validation_level)
{
DOM_CHAL clnt_chal;
DOM_CHAL srv_chal;
@@ -49,7 +50,8 @@ uint32 cli_nt_setup_creds(const char *srv_name,
generate_random_buffer(clnt_chal.data, 8, False);
/* send a client challenge; receive a server challenge */
- status = cli_net_req_chal(srv_name, myhostname, &clnt_chal, &srv_chal);
+ status =
+ cli_net_req_chal(srv_name, myhostname, &clnt_chal, &srv_chal);
if (status != 0)
{
DEBUG(1, ("cli_nt_setup_creds: request challenge failed\n"));
@@ -78,7 +80,7 @@ uint32 cli_nt_setup_creds(const char *srv_name,
* Receive an auth-2 challenge response and check it.
*/
status = cli_net_auth2(srv_name, trust_acct, myhostname,
- sec_chan, &neg_flags, &srv_chal);
+ sec_chan, &neg_flags, &srv_chal);
if (status != 0x0)
{
DEBUG(1,
@@ -118,6 +120,16 @@ uint32 cli_nt_setup_creds(const char *srv_name,
return NT_STATUS_ACCESS_DENIED | 0xC0000000;
}
}
+
+ if (IS_BITS_SET_ALL(neg_flags, 0x40))
+ {
+ (*validation_level) = 3;
+ }
+ else
+ {
+ (*validation_level) = 2;
+ }
+
return status;
}
@@ -150,12 +162,14 @@ BOOL cli_nt_login_general(const char *srv_name, const char *myhostname,
const char *domain, const char *username,
uint32 luid_low,
const char *general,
- NET_ID_INFO_CTR * ctr, NET_USER_INFO_3 * user_info3)
+ NET_ID_INFO_CTR * ctr,
+ uint16 validation_level,
+ NET_USER_INFO_3 * user_info3)
{
uint8 sess_key[16];
NET_USER_INFO_CTR user_ctr;
uint32 status;
- user_ctr.switch_value = 2;
+ user_ctr.switch_value = validation_level;
DEBUG(5, ("cli_nt_login_general: %d\n", __LINE__));
@@ -195,17 +209,18 @@ password equivalents, protected by the session key) is inherently insecure
given the current design of the NT Domain system. JRA.
****************************************************************************/
uint32 cli_nt_login_interactive(const char *srv_name, const char *myhostname,
- const char *domain, const char *username,
- uint32 luid_low,
- const uchar * lm_owf_user_pwd,
- const uchar * nt_owf_user_pwd,
- NET_ID_INFO_CTR * ctr,
- NET_USER_INFO_3 * user_info3)
+ const char *domain, const char *username,
+ uint32 luid_low,
+ const uchar * lm_owf_user_pwd,
+ const uchar * nt_owf_user_pwd,
+ NET_ID_INFO_CTR * ctr,
+ uint16 validation_level,
+ NET_USER_INFO_3 * user_info3)
{
uint32 status;
uint8 sess_key[16];
NET_USER_INFO_CTR user_ctr;
- user_ctr.switch_value = 2;
+ user_ctr.switch_value = validation_level;
DEBUG(5, ("cli_nt_login_interactive: %d\n", __LINE__));
@@ -250,18 +265,20 @@ password equivalents over the network. JRA.
****************************************************************************/
uint32 cli_nt_login_network(const char *srv_name, const char *myhostname,
- const char *domain, const char *username,
- uint32 luid_low, const char lm_chal[8],
- const char *lm_chal_resp,
- int lm_chal_len,
- const char *nt_chal_resp,
- int nt_chal_len,
- NET_ID_INFO_CTR * ctr, NET_USER_INFO_3 * user_info3)
+ const char *domain, const char *username,
+ uint32 luid_low, const char lm_chal[8],
+ const char *lm_chal_resp,
+ int lm_chal_len,
+ const char *nt_chal_resp,
+ int nt_chal_len,
+ NET_ID_INFO_CTR * ctr,
+ uint16 validation_level,
+ NET_USER_INFO_3 * user_info3)
{
uint8 sess_key[16];
uint32 status;
NET_USER_INFO_CTR user_ctr;
- user_ctr.switch_value = 2;
+ user_ctr.switch_value = validation_level;
DEBUG(5, ("cli_nt_login_network: %d\n", __LINE__));
@@ -327,6 +344,7 @@ BOOL net_sam_sync(const char *srv_name,
SAM_DELTA_CTR deltas[MAX_SAM_DELTAS], uint32 * num_deltas)
{
BOOL res = True;
+ uint16 validation_level;
*num_deltas = 0;
@@ -335,7 +353,8 @@ BOOL net_sam_sync(const char *srv_name,
res = res ? cli_nt_setup_creds(srv_name, domain, myhostname,
trust_acct,
trust_passwd,
- SEC_CHAN_BDC) == 0x0 : False;
+ SEC_CHAN_BDC,
+ &validation_level) == 0x0 : False;
memset(trust_passwd, 0, 16);
diff --git a/source/rpc_client/msrpc_netlogon.c b/source/rpc_client/msrpc_netlogon.c
index d42406aaa4b..afb58874ad3 100644
--- a/source/rpc_client/msrpc_netlogon.c
+++ b/source/rpc_client/msrpc_netlogon.c
@@ -43,12 +43,14 @@ BOOL modify_trust_password(const char *domain, const char *srv_name,
uint16 sec_chan)
{
fstring trust_acct;
+ uint16 validation_level;
fstrcpy(trust_acct, global_myname);
fstrcat(trust_acct, "$");
if (cli_nt_setup_creds(srv_name, domain, global_myname, trust_acct,
- orig_trust_passwd_hash, sec_chan) != 0x0)
+ orig_trust_passwd_hash, sec_chan,
+ &validation_level) != 0x0)
{
return False;
}
@@ -82,6 +84,7 @@ static uint32 domain_client_validate(const char *user, const char *domain,
fstring trust_acct;
fstring srv_name;
fstring sec_name;
+ uint16 validation_level;
BOOL cleartext = smb_apasslen != 0 && smb_apasslen != 24 &&
smb_ntpasslen == 0;
@@ -131,7 +134,8 @@ static uint32 domain_client_validate(const char *user, const char *domain,
status =
cli_nt_setup_creds(srv_name, domain, global_myname,
- trust_acct, trust_passwd, acct_type);
+ trust_acct, trust_passwd, acct_type,
+ &validation_level);
if (status != 0x0)
{
DEBUG(0, ("domain_client_validate: credentials failed (%s)\n",
@@ -149,7 +153,8 @@ static uint32 domain_client_validate(const char *user, const char *domain,
domain, user,
smb_uid_low,
smb_apasswd, smb_ntpasswd,
- &ctr, info3);
+ &ctr, validation_level,
+ info3);
}
else if (challenge == NULL)
{
@@ -157,7 +162,8 @@ static uint32 domain_client_validate(const char *user, const char *domain,
global_myname,
domain, user,
smb_uid_low,
- smb_apasswd, &ctr, info3);
+ smb_apasswd, &ctr,
+ validation_level, info3);
}
else
{
@@ -169,7 +175,8 @@ static uint32 domain_client_validate(const char *user, const char *domain,
(const uchar *)smb_apasswd,
smb_apasslen,
(const uchar *)smb_ntpasswd,
- smb_ntpasslen, &ctr, info3);
+ smb_ntpasslen, &ctr,
+ validation_level, info3);
}
if (status ==
diff --git a/source/rpc_client/msrpc_samr.c b/source/rpc_client/msrpc_samr.c
index 7815e173a94..320789afb34 100644
--- a/source/rpc_client/msrpc_samr.c
+++ b/source/rpc_client/msrpc_samr.c
@@ -2,8 +2,8 @@
Unix SMB/Netbios implementation.
Version 1.9.
NT Domain Authentication SMB / MSRPC client
- Copyright (C) Andrew Tridgell 1994-1999
- Copyright (C) Luke Kenneth Casson Leighton 1996-1999
+ Copyright (C) Andrew Tridgell 1994-2000
+ Copyright (C) Luke Kenneth Casson Leighton 1996-2000
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
diff --git a/source/rpc_parse/parse_prs.c b/source/rpc_parse/parse_prs.c
index e8f30d32f7d..2a2d4ebe98b 100644
--- a/source/rpc_parse/parse_prs.c
+++ b/source/rpc_parse/parse_prs.c
@@ -292,7 +292,7 @@ void prs_free_data(prs_struct * buf)
if (buf->data != NULL)
{
CHECK_STRUCT(buf);
- free(buf->data); /* delete data in this structure */
+ safe_free(buf->data); /* delete data in this structure */
buf->data = NULL;
}
buf->data_size = 0;
diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c
index 3af6b51d144..eaeffb2a737 100644
--- a/source/rpc_parse/parse_samr.c
+++ b/source/rpc_parse/parse_samr.c
@@ -556,6 +556,47 @@ static BOOL sam_io_unk_info7(char *desc, SAM_UNK_INFO_7 * u_7,
/*******************************************************************
makes a structure.
********************************************************************/
+BOOL make_unk_info12(SAM_UNK_INFO_12 * u_12)
+{
+ if (u_12 == NULL)
+ return False;
+
+ u_12->unknown_0 = 0xcf1dcc00;
+ u_12->unknown_1 = 0xfffffffb;
+ u_12->unknown_2 = 0xcf1dcc00;
+ u_12->unknown_3 = 0xfffffffb;
+
+ u_12->unknown_4 = 0x8a880000;
+
+ return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+static BOOL sam_io_unk_info12(char *desc, SAM_UNK_INFO_12 * u_12,
+ prs_struct * ps, int depth)
+{
+ if (u_12 == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "sam_io_unk_info12");
+ depth++;
+
+ prs_uint32("unknown_0", ps, depth, &u_12->unknown_0);
+ prs_uint32("unknown_1", ps, depth, &u_12->unknown_1);
+ prs_uint32("unknown_2", ps, depth, &u_12->unknown_2);
+ prs_uint32("unknown_3", ps, depth, &u_12->unknown_3);
+ prs_uint32("unknown_4", ps, depth, &u_12->unknown_4);
+
+ prs_align(ps);
+
+ return True;
+}
+
+/*******************************************************************
+makes a structure.
+********************************************************************/
BOOL make_unk_info2(SAM_UNK_INFO_2 * u_2, char *domain, char *server)
{
int len_domain = strlen(domain);
@@ -602,35 +643,35 @@ static BOOL sam_io_unk_info2(char *desc, SAM_UNK_INFO_2 * u_2,
prs_debug(ps, depth, desc, "sam_io_unk_info2");
depth++;
- prs_uint32("unknown_0", ps, depth, &u_2->unknown_0); /* 0x0000 0000 */
- prs_uint32("unknown_1", ps, depth, &u_2->unknown_1); /* 0x8000 0000 */
- prs_uint32("unknown_2", ps, depth, &u_2->unknown_2); /* 0x0000 0000 */
+ prs_uint32("unknown_0", ps, depth, &u_2->unknown_0); /* 0x0000 0000 */
+ prs_uint32("unknown_1", ps, depth, &u_2->unknown_1); /* 0x8000 0000 */
+ prs_uint32("unknown_2", ps, depth, &u_2->unknown_2); /* 0x0000 0000 */
- prs_uint32("ptr_0", ps, depth, &u_2->ptr_0); /* pointer to unknown structure */
- smb_io_unihdr("hdr_domain", &u_2->hdr_domain, ps, depth); /* domain name unicode header */
- smb_io_unihdr("hdr_server", &u_2->hdr_server, ps, depth); /* server name unicode header */
+ prs_uint32("ptr_0", ps, depth, &u_2->ptr_0);
+ smb_io_unihdr("hdr_domain", &u_2->hdr_domain, ps, depth);
+ smb_io_unihdr("hdr_server", &u_2->hdr_server, ps, depth);
/* put all the data in here, at the moment, including what the above
pointer is referring to
*/
- prs_uint32("seq_num ", ps, depth, &u_2->seq_num); /* 0x0000 0099 or 0x1000 0000 */
- prs_uint32("unknown_3 ", ps, depth, &u_2->unknown_3); /* 0x0000 0000 */
+ prs_uint32("seq_num ", ps, depth, &u_2->seq_num); /* 0x0000 0099 or 0x1000 0000 */
+ prs_uint32("unknown_3 ", ps, depth, &u_2->unknown_3); /* 0x0000 0000 */
- prs_uint32("unknown_4 ", ps, depth, &u_2->unknown_4); /* 0x0000 0001 */
- prs_uint32("unknown_5 ", ps, depth, &u_2->unknown_5); /* 0x0000 0003 */
- prs_uint32("unknown_6 ", ps, depth, &u_2->unknown_6); /* 0x0000 0001 */
- prs_uint32("num_domain_usrs ", ps, depth, &u_2->num_domain_usrs); /* 0x0000 0008 */
- prs_uint32("num_domain_grps", ps, depth, &u_2->num_domain_grps); /* 0x0000 0003 */
- prs_uint32("num_local_grps", ps, depth, &u_2->num_local_grps); /* 0x0000 0003 */
+ prs_uint32("unknown_4 ", ps, depth, &u_2->unknown_4); /* 0x0000 0001 */
+ prs_uint32("unknown_5 ", ps, depth, &u_2->unknown_5); /* 0x0000 0003 */
+ prs_uint32("unknown_6 ", ps, depth, &u_2->unknown_6); /* 0x0000 0001 */
+ prs_uint32("num_domain_usrs ", ps, depth, &u_2->num_domain_usrs);
+ prs_uint32("num_domain_grps", ps, depth, &u_2->num_domain_grps);
+ prs_uint32("num_local_grps", ps, depth, &u_2->num_local_grps);
- prs_uint8s(False, "padding", ps, depth, u_2->padding, sizeof(u_2->padding)); /* 12 bytes zeros */
+ prs_uint8s(False, "padding", ps, depth, u_2->padding, sizeof(u_2->padding));
smb_io_unistr2("uni_domain", &u_2->uni_domain, u_2->hdr_domain.buffer,
- ps, depth); /* domain name unicode string */
+ ps, depth);
prs_align(ps);
smb_io_unistr2("uni_server", &u_2->uni_server, u_2->hdr_server.buffer,
- ps, depth); /* server name unicode string */
+ ps, depth);
prs_align(ps);
@@ -665,10 +706,10 @@ static BOOL sam_io_unk_info1(char *desc, SAM_UNK_INFO_1 * u_1,
prs_debug(ps, depth, desc, "sam_io_unk_info1");
depth++;
- prs_uint8s(False, "padding", ps, depth, u_1->padding, sizeof(u_1->padding)); /* 12 bytes zeros */
+ prs_uint8s(False, "padding", ps, depth, u_1->padding, sizeof(u_1->padding));
- prs_uint32("unknown_1", ps, depth, &u_1->unknown_1); /* 0x8000 0000 */
- prs_uint32("unknown_2", ps, depth, &u_1->unknown_2); /* 0x0000 0000 */
+ prs_uint32("unknown_1", ps, depth, &u_1->unknown_1); /* 0x8000 0000 */
+ prs_uint32("unknown_2", ps, depth, &u_1->unknown_2); /* 0x0000 0000 */
prs_align(ps);
@@ -724,6 +765,13 @@ BOOL samr_io_r_query_dom_info(char *desc, SAMR_R_QUERY_DOMAIN_INFO * r_u,
switch (r_u->switch_value)
{
+ case 0x0c:
+ {
+ sam_io_unk_info12("unk_inf12",
+ &r_u->ctr->info.inf12, ps,
+ depth);
+ break;
+ }
case 0x07:
{
sam_io_unk_info7("unk_inf7",
diff --git a/source/rpcclient/cmd_netlogon.c b/source/rpcclient/cmd_netlogon.c
index 9565c79df27..b6d36d844b2 100644
--- a/source/rpcclient/cmd_netlogon.c
+++ b/source/rpcclient/cmd_netlogon.c
@@ -52,6 +52,7 @@ void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[])
fstring trust_acct;
fstring domain;
char *p;
+ uint16 validation_level;
fstring wks_name;
fstring srv_name;
@@ -158,7 +159,8 @@ void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[])
res = res ? cli_nt_setup_creds(srv_name, domain, info->myhostname,
trust_acct,
trust_passwd,
- SEC_CHAN_WKSTA) == 0x0 : False;
+ SEC_CHAN_WKSTA,
+ &validation_level) == 0x0 : False;
memset(trust_passwd, 0, 16);
@@ -168,6 +170,7 @@ void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[])
domain, nt_user_name,
getuid(), lm_pw, nt_pw,
&info->dom.ctr,
+ validation_level,
&info->dom.user_info3) ==
0x0) : False;
@@ -197,6 +200,7 @@ void cmd_netlogon_domain_test(struct client_info *info, int argc,
fstring inter_dom_acct;
fstring trust_sec_name;
fstring domain;
+ uint16 validation_level;
fstring wks_name;
fstring srv_name;
@@ -250,7 +254,8 @@ void cmd_netlogon_domain_test(struct client_info *info, int argc,
res = res ? cli_nt_setup_creds(srv_name, domain,
info->myhostname, inter_dom_acct,
trust_passwd,
- SEC_CHAN_DOMAIN) == 0x0 : False;
+ SEC_CHAN_DOMAIN,
+ &validation_level) == 0x0 : False;
memset(trust_passwd, 0, 16);
diff --git a/source/samrd/srv_samr_dom_tdb.c b/source/samrd/srv_samr_dom_tdb.c
index 78a762dfdfe..260a0c176a7 100644
--- a/source/samrd/srv_samr_dom_tdb.c
+++ b/source/samrd/srv_samr_dom_tdb.c
@@ -861,6 +861,11 @@ uint32 _samr_query_dom_info(const POLICY_HND *domain_pol,
switch (switch_value)
{
+ case 0x0c:
+ {
+ make_unk_info12(&(ctr->info.inf12));
+ break;
+ }
case 0x07:
{
make_unk_info7(&(ctr->info.inf7));
diff --git a/source/samrd/srv_samr_passdb.c b/source/samrd/srv_samr_passdb.c
index ebac22c4463..d577ea05f23 100644
--- a/source/samrd/srv_samr_passdb.c
+++ b/source/samrd/srv_samr_passdb.c
@@ -2310,6 +2310,11 @@ uint32 _samr_query_dom_info(const POLICY_HND *domain_pol,
switch (switch_value)
{
+ case 0x0c:
+ {
+ make_unk_info12(&(ctr->info.inf12));
+ break;
+ }
case 0x07:
{
make_unk_info7(&(ctr->info.inf7));