int i;
/*
- * Errors are of two kinds - smb errors,
- * dealt with by cli_smb_errstr, and rap
- * errors, whose error code is in cli.error.
+ * Errors are of three kinds - smb errors,
+ * dealt with by cli_smb_errstr, NT errors,
+ * whose code is in cli.nt_error, and rap
+ * errors, whose error code is in cli.rap_error.
*/
cli_error(cli, &errclass, &errnum);
if(errclass != 0)
return cli_smb_errstr(cli);
-
- sprintf(error_message, "code %d", cli->error);
+
+ /*
+ * Was it an NT error ?
+ */
+
+ if(cli->nt_error) {
+ char *nt_msg = get_nt_error_msg(cli->nt_error);
+
+ if(nt_msg == NULL)
+ sprintf(error_message, "NT code %d", cli->nt_error);
+ else
+ fstrcpy(error_message, nt_msg);
+
+ return error_message;
+ }
+
+ /*
+ * Must have been a rap error.
+ */
+
+ sprintf(error_message, "code %d", cli->rap_error);
for(i = 0; rap_errmap[i].message != NULL; i++) {
- if (rap_errmap[i].err == cli->error) {
+ if (rap_errmap[i].err == cli->rap_error) {
fstrcpy( error_message, rap_errmap[i].message);
break;
}
****************************************************************************/
static void cli_setup_packet(struct cli_state *cli)
{
+ cli->rap_error = 0;
+ cli->nt_error = 0;
SSVAL(cli->outbuf,smb_pid,cli->pid);
SSVAL(cli->outbuf,smb_uid,cli->uid);
SSVAL(cli->outbuf,smb_mid,cli->mid);
SSVAL(p, 0, BUFFER_SIZE);
p += 2;
- cli->error = -1;
-
if (cli_api(cli,
param, PTR_DIFF(p,param),1024, /* param, length, max */
NULL, 0, BUFFER_SIZE, /* data, length, max */
&rparam, &rprcnt, /* return params, return size */
&rdata, &rdrcnt /* return data, return size */
)) {
- cli->error = SVAL(rparam,0);
+ cli->rap_error = SVAL(rparam,0);
p = rdata;
- if (cli->error == 0) {
+ if (cli->rap_error == 0) {
DEBUG(4,("NetWkstaUserLogon success\n"));
cli->privilages = SVAL(p, 24);
fstrcpy(cli->eff_name,p+2);
} else {
- DEBUG(1,("NetwkstaUserLogon gave error %d\n", cli->error));
+ DEBUG(1,("NetwkstaUserLogon gave error %d\n", cli->rap_error));
}
}
if (rparam) free(rparam);
if (rdata) free(rdata);
- return cli->error == 0;
+ return (cli->rap_error == 0);
}
char *rdata = NULL;
int rprcnt, rdrcnt;
- cli->error = -1;
-
if(strlen(user) >= sizeof(fstring)-1) {
DEBUG(0,("cli_oem_change_password: user name %s is too long.\n", user));
return False;
&rparam, &rprcnt,
&rdata, &rdrcnt)) {
if(rparam)
- cli->error = SVAL(rparam,0);
+ cli->rap_error = SVAL(rparam,0);
}
if (rparam)
if (rdata)
free(rdata);
- return (cli->error == 0);
+ return (cli->rap_error == 0);
}
/****************************************************************************
return False;
if (CVAL(cli->inbuf,0) != 0x82) {
- cli->error = CVAL(cli->inbuf,0);
+ /* This is the wrong place to put the error... JRA. */
+ cli->rap_error = CVAL(cli->inbuf,0);
return False;
}
return(True);
/*******************************************************************
makes a NET_ID_INFO_1 structure.
+
+This is an interactive logon packet. The log_id parameters
+are what an NT server would generate for LUID once the
+user is logged on. I don't think we care about them.
+
+Note that this passes the actual NT and LM hashed passwords
+over the secure channel. This is not the preferred logon
+method from a Samba domain client as it exposes the password
+hashes to anyone who has compromised the secure channel. JRA.
********************************************************************/
+
void make_id_info1(NET_ID_INFO_1 *id, char *domain_name,
uint32 param_ctrl, uint32 log_id_low, uint32 log_id_high,
char *user_name, char *wksta_name,
/*******************************************************************
makes a NET_ID_INFO_2 structure.
+
+This is a network logon packet. The log_id parameters
+are what an NT server would generate for LUID once the
+user is logged on. I don't think we care about them.
+
+Note that this has no access to the NT and LM hashed passwords,
+so it forwards the challenge, and the NT and LM responses (24
+bytes each) over the secure channel to the Domain controller
+for it to say yea or nay. This is the preferred method of
+checking for a logon as it doesn't export the password
+hashes to anyone who has compromised the secure channel. JRA.
********************************************************************/
+
void make_id_info2(NET_ID_INFO_2 *id, char *domain_name,
uint32 param_ctrl, uint32 log_id_low, uint32 log_id_high,
char *user_name, char *wksta_name,
git.samba.org / samba.git / commitdiff