#include "secrets.h"
#include "rpc_client/init_lsa.h"
#include "libsmb/libsmb.h"
+#include "../libcli/smb/smbXcli_base.h"
/* Macro for checking RPC error codes to make things more readable */
*
**/
NTSTATUS net_rpc_join_ok(struct net_context *c, const char *domain,
- const char *server, struct sockaddr_storage *pss)
+ const char *server,
+ const struct sockaddr_storage *server_ss)
{
enum security_types sec;
unsigned int conn_flags = NET_FLAGS_PDC;
}
/* Connect to remote machine */
- ntret = net_make_ipc_connection_ex(c, domain, server, pss, conn_flags,
- &cli);
+ ntret = net_make_ipc_connection_ex(c, domain, server, server_ss,
+ conn_flags, &cli);
if (!NT_STATUS_IS_OK(ntret)) {
return ntret;
}
} else {
DEBUG(0,("net_rpc_join_ok: failed to get schannel session "
"key from server %s for domain %s. Error was %s\n",
- cli->desthost, domain, nt_errstr(ntret) ));
+ smbXcli_conn_remote_name(cli->conn), domain, nt_errstr(ntret) ));
cli_shutdown(cli);
return ntret;
}
if (!NT_STATUS_IS_OK(ntret)) {
DEBUG(0,("net_rpc_join_ok: failed to open schannel session "
"on netlogon pipe to server %s for domain %s. Error was %s\n",
- cli->desthost, domain, nt_errstr(ntret) ));
+ smbXcli_conn_remote_name(cli->conn), domain, nt_errstr(ntret) ));
/*
* Note: here, we have:
* (pipe_hnd != NULL) if and only if NT_STATUS_IS_OK(ntret)
/* Password stuff */
+ DATA_BLOB session_key = data_blob_null;
char *clear_trust_password = NULL;
struct samr_CryptPassword crypt_pwd;
uchar md4_trust_password[16];
b = pipe_hnd->binding_handle;
+ status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("Error getting session_key of SAM pipe. Error was %s\n",
+ nt_errstr(status)));
+ goto done;
+ }
+
CHECK_DCERPC_ERR(dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
SAMR_ACCESS_ENUM_DOMAINS
"could not open domain");
/* Create domain user */
- if ((acct_name = talloc_asprintf(mem_ctx, "%s$", global_myname())) == NULL) {
+ if ((acct_name = talloc_asprintf(mem_ctx, "%s$", lp_netbios_name())) == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
- strlower_m(acct_name);
+ if (!strlower_m(acct_name)) {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto done;
+ }
init_lsa_String(&lsa_acct_name, acct_name);
/* Set password on machine account */
init_samr_CryptPassword(clear_trust_password,
- &cli->user_session_key,
+ &session_key,
&crypt_pwd);
set_info.info24.password = crypt_pwd;
}
status = rpccli_netlogon_setup_creds(pipe_hnd,
- cli->desthost, /* server name */
+ pipe_hnd->desthost, /* server name */
domain, /* domain */
- global_myname(), /* client name */
- global_myname(), /* machine account name */
+ lp_netbios_name(), /* client name */
+ lp_netbios_name(), /* machine account name */
md4_trust_password,
sec_channel_type,
&neg_flags);
d_fprintf(stderr, _("Please make sure that no computer "
"account\nnamed like this machine "
"(%s) exists in the domain\n"),
- global_myname());
+ lp_netbios_name());
}
goto done;
"computer account\nnamed "
"like this machine (%s) "
"exists in the domain\n"),
- global_myname());
+ lp_netbios_name());
}
goto done;
/* Now store the secret in the secrets database */
- strupper_m(discard_const_p(char, domain));
+ if (!strupper_m(discard_const_p(char, domain))) {
+ DEBUG(0, ("strupper_m %s failed\n", domain));
+ goto done;
+ }
if (!secrets_store_domain_sid(domain, domain_sid)) {
DEBUG(0, ("error storing domain sid for %s\n", domain));
}
/* double-check, connection from scratch */
- status = net_rpc_join_ok(c, domain, cli->desthost, &cli->dest_ss);
+ status = net_rpc_join_ok(c, domain, smbXcli_conn_remote_name(cli->conn),
+ smbXcli_conn_remote_sockaddr(cli->conn));
retval = NT_STATUS_IS_OK(status) ? 0 : -1;
done:
cli_shutdown(cli);
TALLOC_FREE(clear_trust_password);
+ data_blob_clear_free(&session_key);
return retval;
}