references to use samedit instead.
- removed global_machine_password_needs_changing and all code that uses
this: replaced with lsa_query_secret ( pol, NULL, &last_updated_time).
probably better off having this code in lsarpcd, not smbd. hmm...
- fixing up _samr_lookup_names to the new sam tdb format, lots more work
needed here.
libsmb/smberr.o libsmb/credentials.o \
libsmb/pwd_cache.o \
lib/crc32.o lib/md5.o lib/hmacmd5.o \
- lib/util_hnd.o passdb/smbpassfile.o \
+ lib/util_hnd.o \
rpc_parse/parse_creds.o \
rpc_parse/parse_net.o \
rpc_parse/parse_ntlmssp.o rpc_parse/parse_prs.o \
SMBD_OBJ = $(SMBD_OBJ1) $(UNIXPASSDB_OBJ) \
$(RPC_SERVER_OBJ) \
- libsmb/clienttrust.o \
lib/domain_namemap.o \
$(LOCKING_OBJ) \
$(SIDDB_OBJ) \
TESTPRNS_OBJ = utils/testprns.o printing/pcap.o printing/print_svid.o
SMBPASSWD_OBJ = utils/smbpasswd.o libsmb/passchange.o \
- libsmb/clienttrust.o \
rpc_server/srv_lookup.o \
rpc_client/cli_netlogon_sync.o \
$(SIDDB_OBJ) $(STUB_UID_OBJ)
struct policy_cache *get_global_hnd_cache(void);
struct policy_cache *init_policy_cache(int num_pol_hnds);
void free_policy_cache(struct policy_cache *cache);
+BOOL policy_hnd_set_name(struct policy_cache *cache,
+ POLICY_HND *hnd, const char *name);
+const char *policy_hnd_get_name(struct policy_cache *cache,
+ const POLICY_HND *hnd);
BOOL dup_policy_hnd(struct policy_cache *cache,
POLICY_HND *hnd,
const POLICY_HND *from);
BOOL set_policy_state(struct policy_cache *cache, POLICY_HND *hnd,
void(*fn)(void*), void *dev);
void *get_policy_state_info(struct policy_cache *cache, const POLICY_HND *hnd);
+BOOL policy_hnd_set_state_type(struct policy_cache *cache,
+ POLICY_HND *hnd, int type);
+int policy_hnd_get_state_type(struct policy_cache *cache,
+ const POLICY_HND *hnd);
+BOOL policy_hnd_check_state_type(struct policy_cache *cache,
+ const POLICY_HND *hnd, int type);
BOOL close_policy_hnd(struct policy_cache *cache, POLICY_HND *hnd);
BOOL policy_link_key(struct policy_cache *cache, const POLICY_HND *hnd,
POLICY_HND *to);
struct policy_cache *get_global_hnd_cache(void);
struct policy_cache *init_policy_cache(int num_pol_hnds);
void free_policy_cache(struct policy_cache *cache);
+BOOL policy_hnd_set_name(struct policy_cache *cache,
+ POLICY_HND *hnd, const char *name);
+const char *policy_hnd_get_name(struct policy_cache *cache,
+ const POLICY_HND *hnd);
BOOL dup_policy_hnd(struct policy_cache *cache,
POLICY_HND *hnd,
const POLICY_HND *from);
BOOL set_policy_state(struct policy_cache *cache, POLICY_HND *hnd,
void(*fn)(void*), void *dev);
void *get_policy_state_info(struct policy_cache *cache, const POLICY_HND *hnd);
+BOOL policy_hnd_set_state_type(struct policy_cache *cache,
+ POLICY_HND *hnd, int type);
+int policy_hnd_get_state_type(struct policy_cache *cache,
+ const POLICY_HND *hnd);
+BOOL policy_hnd_check_state_type(struct policy_cache *cache,
+ const POLICY_HND *hnd, int type);
BOOL close_policy_hnd(struct policy_cache *cache, POLICY_HND *hnd);
BOOL policy_link_key(struct policy_cache *cache, const POLICY_HND *hnd,
POLICY_HND *to);
/*The following definitions come from lsarpcd/secret_db.c */
-BOOL tdb_delete_secret( TDB_CONTEXT *tdb, const UNISTR2 *uk);
-BOOL tdb_lookup_secret( TDB_CONTEXT *tdb, const UNISTR2 *uk, LSA_SECRET **usr);
-BOOL tdb_store_secret( TDB_CONTEXT *tdb, const UNISTR2 *uk, LSA_SECRET *usr);
+BOOL tdb_delete_secret(TDB_CONTEXT * tdb, const UNISTR2 * uk);
+BOOL tdb_lookup_secret(TDB_CONTEXT * tdb, const UNISTR2 * uk,
+ LSA_SECRET ** usr);
+BOOL tdb_store_secret(TDB_CONTEXT * tdb, const UNISTR2 * uk, LSA_SECRET * usr);
TDB_CONTEXT *open_secret_db(int perms);
BOOL secret_init_db(void);
/*The following definitions come from netlogond/srv_netlogon_nt.c */
-uint32 _net_req_chal( const UNISTR2 *uni_logon_server,
- const UNISTR2 *uni_logon_client,
- const DOM_CHAL *clnt_chal,
- DOM_CHAL *srv_chal,
- uint16 remote_pid ) ;
-uint32 _net_logon_ctrl2(const UNISTR2 *uni_server_name,
- uint32 function_code,
- uint32 query_level,
- uint32 switch_value,
- uint32 *reply_switch_value,
- NETLOGON_INFO *logon_info);
-uint32 _net_trust_dom_list(const UNISTR2 *uni_server_name,
- uint32 function_code,
- BUFFER2 *uni_trust_dom_name);
-uint32 _net_auth(const DOM_LOG_INFO *clnt_id,
- const DOM_CHAL *clnt_chal,
- DOM_CHAL *srv_chal,
- uint16 remote_pid);
-uint32 _net_auth_2(const DOM_LOG_INFO *clnt_id,
- const DOM_CHAL *clnt_chal,
- const NEG_FLAGS *clnt_flgs,
- DOM_CHAL *srv_chal,
- NEG_FLAGS *srv_flgs,
- uint16 remote_pid);
-uint32 _net_srv_pwset(const DOM_CLNT_INFO *clnt_id,
- const uint8 pwd[16],
- DOM_CRED *srv_cred,
- uint16 remote_pid);
-uint32 _net_sam_logon(const DOM_SAM_INFO *sam_id,
- uint16 validation_level,
- DOM_CRED *srv_creds,
- uint16 *switch_value,
- NET_USER_INFO_3 *user,
- uint16 remote_pid);
-uint32 _net_sam_logoff(const DOM_SAM_INFO *sam_id,
- DOM_CRED *srv_creds,
- uint16 remote_pid);
-uint32 _net_sam_sync(const UNISTR2 *uni_srv_name,
- const UNISTR2 *uni_cli_name,
- uint32 database_id,
- uint32 restart_state,
- uint32 *sync_context,
- uint32 max_size,
- uint32 *num_deltas,
- uint32 *num_deltas2,
- SAM_DELTA_HDR *hdr_deltas,
- SAM_DELTA_CTR *deltas);
+uint32 _net_req_chal(const UNISTR2 * uni_logon_server,
+ const UNISTR2 * uni_logon_client,
+ const DOM_CHAL * clnt_chal,
+ DOM_CHAL * srv_chal, uint16 remote_pid);
+uint32 _net_logon_ctrl2(const UNISTR2 * uni_server_name,
+ uint32 function_code,
+ uint32 query_level,
+ uint32 switch_value,
+ uint32 * reply_switch_value,
+ NETLOGON_INFO * logon_info);
+uint32 _net_trust_dom_list(const UNISTR2 * uni_server_name,
+ uint32 function_code, BUFFER2 * uni_trust_dom_name);
+uint32 _net_auth(const DOM_LOG_INFO * clnt_id,
+ const DOM_CHAL * clnt_chal,
+ DOM_CHAL * srv_chal, uint16 remote_pid);
+uint32 _net_auth_2(const DOM_LOG_INFO * clnt_id,
+ const DOM_CHAL * clnt_chal,
+ const NEG_FLAGS * clnt_flgs,
+ DOM_CHAL * srv_chal,
+ NEG_FLAGS * srv_flgs, uint16 remote_pid);
+uint32 _net_srv_pwset(const DOM_CLNT_INFO * clnt_id,
+ const uint8 pwd[16],
+ DOM_CRED * srv_cred, uint16 remote_pid);
+uint32 _net_sam_logon(const DOM_SAM_INFO * sam_id,
+ uint16 validation_level,
+ DOM_CRED * srv_creds,
+ uint16 * switch_value,
+ NET_USER_INFO_3 * user, uint16 remote_pid);
+uint32 _net_sam_logoff(const DOM_SAM_INFO * sam_id,
+ DOM_CRED * srv_creds, uint16 remote_pid);
+uint32 _net_sam_sync(const UNISTR2 * uni_srv_name,
+ const UNISTR2 * uni_cli_name,
+ uint32 database_id,
+ uint32 restart_state,
+ uint32 * sync_context,
+ uint32 max_size,
+ uint32 * num_deltas,
+ uint32 * num_deltas2,
+ SAM_DELTA_HDR * hdr_deltas, SAM_DELTA_CTR * deltas);
/*The following definitions come from nmbd/asyncdns.c */
/*The following definitions come from rpc_client/cli_lsarpc.c */
-BOOL get_domain_sids(const char *domain, DOM_SID *sid3, DOM_SID *sid5);
-BOOL get_trust_sid_and_domain(const char* myname, char *server,
- DOM_SID *sid,
- char *domain, size_t len);
+BOOL get_domain_sids(const char *domain, DOM_SID * sid3, DOM_SID * sid5);
+BOOL get_trust_sid_and_domain(const char *myname, char *server,
+ DOM_SID * sid, char *domain, size_t len);
BOOL lsa_open_policy(const char *system_name, POLICY_HND *hnd,
- BOOL sec_qos, uint32 des_access);
-BOOL lsa_open_policy2( const char *system_name, POLICY_HND *hnd,
- BOOL sec_qos, uint32 des_access);
-BOOL lsa_create_secret( const POLICY_HND *hnd,
- const char *secret_name,
- uint32 des_access,
- POLICY_HND *hnd_secret);
-BOOL lsa_open_secret( const POLICY_HND *hnd,
- const char *secret_name,
- uint32 des_access,
- POLICY_HND *hnd_secret);
-uint32 lsa_set_secret(POLICY_HND *hnd, const STRING2 *secret);
-BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 *secret,
- NTTIME *last_update);
-BOOL lsa_lookup_names( POLICY_HND *hnd,
- int num_names,
- char **names,
- DOM_SID **sids,
- uint32 **types,
- int *num_sids);
+ BOOL sec_qos, uint32 des_access);
+BOOL lsa_open_policy2(const char *system_name, POLICY_HND *hnd,
+ BOOL sec_qos, uint32 des_access);
+BOOL lsa_create_secret(const POLICY_HND *hnd,
+ const char *secret_name,
+ uint32 des_access, POLICY_HND *hnd_secret);
+BOOL lsa_open_secret(const POLICY_HND *hnd,
+ const char *secret_name,
+ uint32 des_access, POLICY_HND *hnd_secret);
+uint32 lsa_set_secret(POLICY_HND *hnd, const STRING2 * secret);
+BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 * secret, NTTIME * last_update);
+BOOL lsa_lookup_names(POLICY_HND *hnd,
+ int num_names,
+ char **names,
+ DOM_SID ** sids, uint32 ** types, int *num_sids);
BOOL lsa_lookup_sids(POLICY_HND *hnd,
- int num_sids,
- DOM_SID **sids,
- char ***names,
- uint32 **types,
- int *num_names);
+ int num_sids,
+ DOM_SID ** sids,
+ char ***names, uint32 ** types, int *num_names);
BOOL lsa_query_info_pol(POLICY_HND *hnd, uint16 info_class,
- fstring domain_name, DOM_SID *domain_sid);
-BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 *enum_ctx,
- uint32 *num_doms, char ***names,
- DOM_SID ***sids);
+ fstring domain_name, DOM_SID * domain_sid);
+BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 * enum_ctx,
+ uint32 * num_doms, char ***names, DOM_SID *** sids);
BOOL lsa_close(POLICY_HND *hnd);
/*The following definitions come from rpc_client/cli_netlogon.c */
uint32 lookup_lsa_names(const char *srv_name,
uint32 num_names, char **names,
- uint32 *num_sids, DOM_SID **sids, uint32 **types);
+ uint32 * num_sids, DOM_SID ** sids, uint32 ** types);
uint32 lookup_lsa_name(const char *domain,
- char *name, DOM_SID *sid, uint32 *type);
+ char *name, DOM_SID * sid, uint32 * type);
uint32 lookup_lsa_sid(const char *domain,
- DOM_SID *sid, char *name, uint32 *type);
-BOOL msrpc_lsa_create_secret(const char* srv_name, const char* secret_name,
- uint32 access_rights);
-BOOL msrpc_lsa_set_secret(const char* srv_name,
- const char* secret_name,
- const char* data, int len);
-BOOL msrpc_lsa_query_secret(const char* srv_name,
- const char* secret_name,
- STRING2 *secret,
- NTTIME *last_update);
-BOOL msrpc_lsa_query_trust_passwd(const char* srv_name,
- const char* secret_name,
- uchar trust_passwd[16]);
+ DOM_SID * sid, char *name, uint32 * type);
+BOOL msrpc_lsa_create_secret(const char *srv_name, const char *secret_name,
+ uint32 access_rights);
+BOOL msrpc_lsa_set_secret(const char *srv_name,
+ const char *secret_name, const char *data, int len);
+BOOL msrpc_lsa_query_secret(const char *srv_name,
+ const char *secret_name,
+ STRING2 * secret, NTTIME * last_update);
+BOOL msrpc_lsa_query_trust_passwd(const char *srv_name,
+ const char *secret_name,
+ uchar trust_passwd[16],
+ NTTIME * last_update);
/*The following definitions come from rpc_client/msrpc_netlogon.c */
-uint32 check_domain_security(const char *orig_user, const char *domain,
- const uchar *challenge,
- const char *smb_apasswd, int smb_apasslen,
- const char *smb_ntpasswd, int smb_ntpasslen,
- NET_USER_INFO_3 *info3);
+uint32 check_domain_security(const char *orig_user, const char *domain,
+ const uchar * challenge,
+ const char *smb_apasswd, int smb_apasslen,
+ const char *smb_ntpasswd, int smb_ntpasslen,
+ NET_USER_INFO_3 * info3);
/*The following definitions come from rpc_client/msrpc_samr.c */
/*The following definitions come from rpcclient/cmd_netlogon.c */
void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[]);
-void cmd_netlogon_domain_test(struct client_info *info, int argc, char *argv[]);
+void cmd_netlogon_domain_test(struct client_info *info, int argc,
+ char *argv[]);
void cmd_sam_sync(struct client_info *info, int argc, char *argv[]);
/*The following definitions come from rpcclient/cmd_reg.c */
/*The following definitions come from samrd/srv_samr_dom_tdb.c */
uint32 _samr_open_domain(const POLICY_HND *connect_pol,
- uint32 ace_perms,
- const DOM_SID *sid,
- POLICY_HND *domain_pol);
-uint32 _samr_enum_dom_users( const POLICY_HND *pol, uint32 *start_idx,
- uint16 acb_mask, uint16 unk_1, uint32 size,
- SAM_ENTRY **sam,
- UNISTR2 **uni_acct_name,
- uint32 *num_sam_users);
+ uint32 ace_perms,
+ const DOM_SID * sid, POLICY_HND *domain_pol);
+uint32 _samr_enum_dom_users(const POLICY_HND *pol, uint32 * start_idx,
+ uint16 acb_mask, uint16 unk_1, uint32 size,
+ SAM_ENTRY ** sam,
+ UNISTR2 ** uni_acct_name, uint32 * num_sam_users);
uint32 _samr_enum_dom_groups(const POLICY_HND *pol,
- uint32 *start_idx, uint32 size,
- SAM_ENTRY **sam,
- UNISTR2 **uni_acct_name,
- uint32 *num_sam_groups);
+ uint32 * start_idx, uint32 size,
+ SAM_ENTRY ** sam,
+ UNISTR2 ** uni_acct_name,
+ uint32 * num_sam_groups);
uint32 _samr_enum_dom_aliases(const POLICY_HND *pol,
- uint32 *start_idx, uint32 size,
- SAM_ENTRY **sam,
- UNISTR2 **uni_acct_name,
- uint32 *num_sam_aliases);
-uint32 _samr_query_dispinfo( const POLICY_HND *domain_pol, uint16 level,
- uint32 start_idx,
- uint32 max_entries,
- uint32 max_size,
- uint32 *data_size,
- uint32 *num_entries,
- SAM_DISPINFO_CTR *ctr);
+ uint32 * start_idx, uint32 size,
+ SAM_ENTRY ** sam,
+ UNISTR2 ** uni_acct_name,
+ uint32 * num_sam_aliases);
+uint32 _samr_query_dispinfo(const POLICY_HND *domain_pol, uint16 level,
+ uint32 start_idx,
+ uint32 max_entries,
+ uint32 max_size,
+ uint32 * data_size,
+ uint32 * num_entries, SAM_DISPINFO_CTR * ctr);
+BOOL dom_user_traverse(const DOM_SID * dom_sid,
+ int (*fn) (TDB_CONTEXT *, void *), void *state);
uint32 _samr_lookup_names(const POLICY_HND *dom_pol,
-
- uint32 num_names,
- uint32 flags,
- uint32 ptr,
- const UNISTR2 *uni_name,
-
- uint32 *num_rids,
- uint32 rid[MAX_SAM_ENTRIES],
- uint32 *num_types,
- uint32 type[MAX_SAM_ENTRIES]);
+ uint32 num_names,
+ uint32 flags,
+ uint32 ptr,
+ const UNISTR2 * uni_name,
+ uint32 * num_rids,
+ uint32 rid[MAX_SAM_ENTRIES],
+ uint32 * num_types, uint32 type[MAX_SAM_ENTRIES]);
uint32 _samr_lookup_rids(const POLICY_HND *dom_pol,
- uint32 num_rids, uint32 flags,
- const uint32 *rids,
- uint32 *num_names,
- UNIHDR **hdr_name, UNISTR2** uni_name,
- uint32 **types);
+ uint32 num_rids, uint32 flags,
+ const uint32 * rids,
+ uint32 * num_names,
+ UNIHDR ** hdr_name, UNISTR2 ** uni_name,
+ uint32 ** types);
uint32 _samr_query_dom_info(const POLICY_HND *domain_pol,
- uint16 switch_value,
- SAM_UNK_CTR *ctr);
-uint32 _samr_unknown_2d(const POLICY_HND *domain_pol, const DOM_SID *sid);
+ uint16 switch_value, SAM_UNK_CTR * ctr);
+uint32 _samr_unknown_2d(const POLICY_HND *domain_pol, const DOM_SID * sid);
/*The following definitions come from samrd/srv_samr_grp_tdb.c */
uint32 _samr_add_groupmem(const POLICY_HND *pol, uint32 rid, uint32 unknown);
uint32 _samr_del_groupmem(const POLICY_HND *pol, uint32 rid);
uint32 _samr_delete_dom_group(POLICY_HND *group_pol);
-uint32 _samr_query_groupmem(const POLICY_HND *group_pol,
- uint32 *num_mem,
- uint32 **rid,
- uint32 **attr);
+uint32 _samr_query_groupmem(const POLICY_HND *group_pol,
+ uint32 * num_mem, uint32 ** rid, uint32 ** attr);
uint32 _samr_set_groupinfo(const POLICY_HND *pol,
- uint16 switch_level,
- const GROUP_INFO_CTR* ctr);
+ uint16 switch_level, const GROUP_INFO_CTR * ctr);
uint32 _samr_query_groupinfo(const POLICY_HND *pol,
- uint16 switch_level,
- GROUP_INFO_CTR* ctr);
+ uint16 switch_level, GROUP_INFO_CTR * ctr);
uint32 _samr_create_dom_group(const POLICY_HND *domain_pol,
- const UNISTR2 *uni_acct_name,
- uint32 access_mask,
- POLICY_HND *group_pol, uint32 *group_rid);
+ const UNISTR2 * uni_acct_name,
+ uint32 access_mask,
+ POLICY_HND *group_pol, uint32 * group_rid);
uint32 _samr_open_group(const POLICY_HND *domain_pol, uint32 access_mask,
- uint32 group_rid,
- POLICY_HND *group_pol);
+ uint32 group_rid, POLICY_HND *group_pol);
/*The following definitions come from samrd/srv_samr_nt5ldap.c */
/*The following definitions come from samrd/srv_samr_tdb.c */
BOOL set_tdbrid(struct policy_cache *cache, POLICY_HND *hnd,
- TDB_CONTEXT *usr_tdb,
- TDB_CONTEXT *grp_tdb,
- TDB_CONTEXT *als_tdb,
- uint32 rid);
+ TDB_CONTEXT * usr_tdb,
+ TDB_CONTEXT * grp_tdb, TDB_CONTEXT * als_tdb, uint32 rid);
BOOL get_tdbrid(struct policy_cache *cache, const POLICY_HND *hnd,
- TDB_CONTEXT **usr_tdb,
- TDB_CONTEXT **grp_tdb,
- TDB_CONTEXT **als_tdb,
- uint32 *rid);
+ TDB_CONTEXT ** usr_tdb,
+ TDB_CONTEXT ** grp_tdb, TDB_CONTEXT ** als_tdb, uint32 * rid);
BOOL set_tdbsam(struct policy_cache *cache, POLICY_HND *hnd,
- TDB_CONTEXT *tdb);
+ TDB_CONTEXT * tdb);
BOOL get_tdbsam(struct policy_cache *cache, const POLICY_HND *hnd,
- TDB_CONTEXT **tdb);
+ TDB_CONTEXT ** tdb);
BOOL set_tdbdomsid(struct policy_cache *cache, POLICY_HND *hnd,
- TDB_CONTEXT *usr_tdb,
- TDB_CONTEXT *usg_tdb,
- TDB_CONTEXT *usa_tdb,
- TDB_CONTEXT *grp_tdb,
- TDB_CONTEXT *als_tdb,
- const DOM_SID *sid);
+ TDB_CONTEXT * usr_tdb,
+ TDB_CONTEXT * usg_tdb,
+ TDB_CONTEXT * usa_tdb,
+ TDB_CONTEXT * grp_tdb,
+ TDB_CONTEXT * als_tdb, const DOM_SID * sid);
BOOL get_tdbdomsid(struct policy_cache *cache, const POLICY_HND *hnd,
- TDB_CONTEXT **usr_tdb,
- TDB_CONTEXT **usg_tdb,
- TDB_CONTEXT **usa_tdb,
- TDB_CONTEXT **grp_tdb,
- TDB_CONTEXT **als_tdb,
- DOM_SID *sid);
+ TDB_CONTEXT ** usr_tdb,
+ TDB_CONTEXT ** usg_tdb,
+ TDB_CONTEXT ** usa_tdb,
+ TDB_CONTEXT ** grp_tdb,
+ TDB_CONTEXT ** als_tdb, DOM_SID * sid);
BOOL set_tdbsid(struct policy_cache *cache, POLICY_HND *hnd,
- TDB_CONTEXT *tdb, const DOM_SID *sid);
+ TDB_CONTEXT * tdb, const DOM_SID * sid);
BOOL get_tdbsid(struct policy_cache *cache, const POLICY_HND *hnd,
- TDB_CONTEXT **tdb, DOM_SID *sid);
-TDB_CONTEXT *open_usr_db(const DOM_SID *sid, uint32 rid, int perms);
-uint32 samr_open_user_tdb( const POLICY_HND *parent_pol,
- const DOM_SID *sid,
- TDB_CONTEXT *usr_tdb,
- POLICY_HND *pol,
- uint32 ace_perms, uint32 rid);
+ TDB_CONTEXT ** tdb, DOM_SID * sid);
+TDB_CONTEXT *open_usr_db(const DOM_SID * sid, uint32 rid, int perms);
+uint32 samr_open_user_tdb(const POLICY_HND *parent_pol,
+ const DOM_SID * sid,
+ TDB_CONTEXT * usr_tdb,
+ POLICY_HND *pol, uint32 ace_perms, uint32 rid);
/*The following definitions come from samrd/srv_samr_tdb_init.c */
-uint32 initialise_dom_tdb(const DOM_SID *sid);
-uint32 initialise_sam_tdb( const char* sam_name, const DOM_SID *sam_sid);
+uint32 initialise_dom_tdb(const DOM_SID * sid);
+uint32 initialise_sam_tdb(const char *sam_name, const DOM_SID * sam_sid);
BOOL pwdbsam_initialise(void);
/*The following definitions come from samrd/srv_samr_usr_nt5ldap.c */
/*The following definitions come from samrd/srv_samr_usr_tdb.c */
-BOOL tdb_lookup_user(TDB_CONTEXT *tdb, SAM_USER_INFO_21 *usr);
+BOOL tdb_lookup_user(TDB_CONTEXT * tdb, SAM_USER_INFO_21 * usr);
uint32 _samr_get_usrdom_pwinfo(const POLICY_HND *user_pol,
- uint32 *unknown_0,
- uint32 *unknown_1);
+ uint32 * unknown_0, uint32 * unknown_1);
uint32 _samr_query_usergroups(const POLICY_HND *pol,
- uint32 *num_groups,
- DOM_GID **gids);
+ uint32 * num_groups, DOM_GID ** gids);
uint32 _samr_query_useraliases(const POLICY_HND *domain_pol,
- const uint32 *ptr_sid, const DOM_SID2 *sid,
- uint32 *num_aliases, uint32 **rid);
+ const uint32 * ptr_sid, const DOM_SID2 * sid,
+ uint32 * num_aliases, uint32 ** rid);
uint32 _samr_open_user(const POLICY_HND *domain_pol,
- uint32 access_mask, uint32 user_rid,
- POLICY_HND *user_pol);
+ uint32 access_mask, uint32 user_rid,
+ POLICY_HND *user_pol);
uint32 _samr_query_userinfo(const POLICY_HND *pol, uint16 switch_value,
- SAM_USERINFO_CTR *ctr);
+ SAM_USERINFO_CTR * ctr);
uint32 _samr_set_userinfo(const POLICY_HND *pol, uint16 switch_value,
- SAM_USERINFO_CTR *ctr);
+ SAM_USERINFO_CTR * ctr);
uint32 _samr_set_userinfo2(const POLICY_HND *pol, uint16 switch_value,
- SAM_USERINFO_CTR *ctr);
+ SAM_USERINFO_CTR * ctr);
uint32 _samr_create_user(const POLICY_HND *domain_pol,
- const UNISTR2 *uni_username,
- uint16 acb_info, uint32 access_mask,
- POLICY_HND *user_pol,
- uint32 *unknown_0, uint32 *user_rid);
+ const UNISTR2 * uni_username,
+ uint16 acb_info, uint32 access_mask,
+ POLICY_HND *user_pol,
+ uint32 * unknown_0, uint32 * user_rid);
uint32 _samr_delete_dom_user(POLICY_HND *user_pol);
/*The following definitions come from smbd/blocking.c */
/*The following definitions come from rpc_client/cli_lsarpc.c */
-BOOL get_domain_sids(const char *domain, DOM_SID *sid3, DOM_SID *sid5);
-BOOL get_trust_sid_and_domain(const char* myname, char *server,
- DOM_SID *sid,
- char *domain, size_t len);
+BOOL get_domain_sids(const char *domain, DOM_SID * sid3, DOM_SID * sid5);
+BOOL get_trust_sid_and_domain(const char *myname, char *server,
+ DOM_SID * sid, char *domain, size_t len);
BOOL lsa_open_policy(const char *system_name, POLICY_HND *hnd,
- BOOL sec_qos, uint32 des_access);
-BOOL lsa_open_policy2( const char *system_name, POLICY_HND *hnd,
- BOOL sec_qos, uint32 des_access);
-BOOL lsa_create_secret( const POLICY_HND *hnd,
- const char *secret_name,
- uint32 des_access,
- POLICY_HND *hnd_secret);
-BOOL lsa_open_secret( const POLICY_HND *hnd,
- const char *secret_name,
- uint32 des_access,
- POLICY_HND *hnd_secret);
-uint32 lsa_set_secret(POLICY_HND *hnd, const STRING2 *secret);
-BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 *secret,
- NTTIME *last_update);
-BOOL lsa_lookup_names( POLICY_HND *hnd,
- int num_names,
- char **names,
- DOM_SID **sids,
- uint32 **types,
- int *num_sids);
+ BOOL sec_qos, uint32 des_access);
+BOOL lsa_open_policy2(const char *system_name, POLICY_HND *hnd,
+ BOOL sec_qos, uint32 des_access);
+BOOL lsa_create_secret(const POLICY_HND *hnd,
+ const char *secret_name,
+ uint32 des_access, POLICY_HND *hnd_secret);
+BOOL lsa_open_secret(const POLICY_HND *hnd,
+ const char *secret_name,
+ uint32 des_access, POLICY_HND *hnd_secret);
+uint32 lsa_set_secret(POLICY_HND *hnd, const STRING2 * secret);
+BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 * secret, NTTIME * last_update);
+BOOL lsa_lookup_names(POLICY_HND *hnd,
+ int num_names,
+ char **names,
+ DOM_SID ** sids, uint32 ** types, int *num_sids);
BOOL lsa_lookup_sids(POLICY_HND *hnd,
- int num_sids,
- DOM_SID **sids,
- char ***names,
- uint32 **types,
- int *num_names);
+ int num_sids,
+ DOM_SID ** sids,
+ char ***names, uint32 ** types, int *num_names);
BOOL lsa_query_info_pol(POLICY_HND *hnd, uint16 info_class,
- fstring domain_name, DOM_SID *domain_sid);
-BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 *enum_ctx,
- uint32 *num_doms, char ***names,
- DOM_SID ***sids);
+ fstring domain_name, DOM_SID * domain_sid);
+BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 * enum_ctx,
+ uint32 * num_doms, char ***names, DOM_SID *** sids);
BOOL lsa_close(POLICY_HND *hnd);
/*The following definitions come from rpc_client/cli_netlogon.c */
uint32 lookup_lsa_names(const char *srv_name,
uint32 num_names, char **names,
- uint32 *num_sids, DOM_SID **sids, uint32 **types);
+ uint32 * num_sids, DOM_SID ** sids, uint32 ** types);
uint32 lookup_lsa_name(const char *domain,
- char *name, DOM_SID *sid, uint32 *type);
+ char *name, DOM_SID * sid, uint32 * type);
uint32 lookup_lsa_sid(const char *domain,
- DOM_SID *sid, char *name, uint32 *type);
-BOOL msrpc_lsa_create_secret(const char* srv_name, const char* secret_name,
- uint32 access_rights);
-BOOL msrpc_lsa_set_secret(const char* srv_name,
- const char* secret_name,
- const char* data, int len);
-BOOL msrpc_lsa_query_secret(const char* srv_name,
- const char* secret_name,
- STRING2 *secret,
- NTTIME *last_update);
-BOOL msrpc_lsa_query_trust_passwd(const char* srv_name,
- const char* secret_name,
- uchar trust_passwd[16]);
+ DOM_SID * sid, char *name, uint32 * type);
+BOOL msrpc_lsa_create_secret(const char *srv_name, const char *secret_name,
+ uint32 access_rights);
+BOOL msrpc_lsa_set_secret(const char *srv_name,
+ const char *secret_name, const char *data, int len);
+BOOL msrpc_lsa_query_secret(const char *srv_name,
+ const char *secret_name,
+ STRING2 * secret, NTTIME * last_update);
+BOOL msrpc_lsa_query_trust_passwd(const char *srv_name,
+ const char *secret_name,
+ uchar trust_passwd[16],
+ NTTIME * last_update);
/*The following definitions come from rpc_client/msrpc_netlogon.c */
-uint32 check_domain_security(const char *orig_user, const char *domain,
- const uchar *challenge,
- const char *smb_apasswd, int smb_apasslen,
- const char *smb_ntpasswd, int smb_ntpasslen,
- NET_USER_INFO_3 *info3);
+uint32 check_domain_security(const char *orig_user, const char *domain,
+ const uchar * challenge,
+ const char *smb_apasswd, int smb_apasslen,
+ const char *smb_ntpasswd, int smb_ntpasslen,
+ NET_USER_INFO_3 * info3);
/*The following definitions come from rpc_client/msrpc_samr.c */
/*The following definitions come from rpc_parse/parse_lsa.c */
-BOOL make_lsa_trans_name(LSA_TRANS_NAME *trn, UNISTR2 *uni_name,
- uint32 sid_name_use, char *name, uint32 idx);
-int make_dom_ref_uni(DOM_R_REF *ref, const UNISTR2 *uni_domname, const DOM_SID *dom_sid);
-int make_dom_ref(DOM_R_REF *ref, const char *domname, const DOM_SID *dom_sid);
-BOOL make_lsa_sec_qos(LSA_SEC_QOS *qos, uint16 imp_lev, uint8 ctxt, uint8 eff,
- uint32 unknown);
-BOOL make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, LSA_SEC_QOS *qos);
-BOOL make_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name,
- uint32 attributes,
- uint32 desired_access,
- LSA_SEC_QOS *qos);
-BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth);
-BOOL lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int depth);
-BOOL make_q_open_pol2(LSA_Q_OPEN_POL2 *r_q, const char *server_name,
- uint32 attributes,
- uint32 desired_access,
- LSA_SEC_QOS *qos);
-BOOL lsa_io_q_open_pol2(char *desc, LSA_Q_OPEN_POL2 *r_q, prs_struct *ps, int depth);
-BOOL lsa_io_r_open_pol2(char *desc, LSA_R_OPEN_POL2 *r_p, prs_struct *ps, int depth);
-BOOL make_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class);
-BOOL lsa_io_q_query(char *desc, LSA_Q_QUERY_INFO *q_q, prs_struct *ps, int depth);
-BOOL make_q_create_secret(LSA_Q_CREATE_SECRET *q_o, const POLICY_HND *pol_hnd,
+BOOL make_lsa_trans_name(LSA_TRANS_NAME * trn, UNISTR2 * uni_name,
+ uint32 sid_name_use, char *name, uint32 idx);
+int make_dom_ref_uni(DOM_R_REF * ref, const UNISTR2 * uni_domname,
+ const DOM_SID * dom_sid);
+int make_dom_ref(DOM_R_REF * ref, const char *domname,
+ const DOM_SID * dom_sid);
+BOOL make_lsa_sec_qos(LSA_SEC_QOS * qos, uint16 imp_lev, uint8 ctxt,
+ uint8 eff, uint32 unknown);
+BOOL make_lsa_obj_attr(LSA_OBJ_ATTR * attr, uint32 attributes,
+ LSA_SEC_QOS * qos);
+BOOL make_q_open_pol(LSA_Q_OPEN_POL * r_q, uint16 system_name,
+ uint32 attributes,
+ uint32 desired_access, LSA_SEC_QOS * qos);
+BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL * r_q, prs_struct * ps,
+ int depth);
+BOOL lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL * r_p, prs_struct * ps,
+ int depth);
+BOOL make_q_open_pol2(LSA_Q_OPEN_POL2 * r_q, const char *server_name,
+ uint32 attributes,
+ uint32 desired_access, LSA_SEC_QOS * qos);
+BOOL lsa_io_q_open_pol2(char *desc, LSA_Q_OPEN_POL2 * r_q, prs_struct * ps,
+ int depth);
+BOOL lsa_io_r_open_pol2(char *desc, LSA_R_OPEN_POL2 * r_p, prs_struct * ps,
+ int depth);
+BOOL make_q_query(LSA_Q_QUERY_INFO * q_q, POLICY_HND *hnd, uint16 info_class);
+BOOL lsa_io_q_query(char *desc, LSA_Q_QUERY_INFO * q_q, prs_struct * ps,
+ int depth);
+BOOL make_q_create_secret(LSA_Q_CREATE_SECRET * q_o,
+ const POLICY_HND *pol_hnd, const char *secret_name,
+ uint32 desired_access);
+BOOL lsa_io_q_create_secret(char *desc, LSA_Q_CREATE_SECRET * q_o,
+ prs_struct * ps, int depth);
+BOOL lsa_io_r_create_secret(char *desc, LSA_R_CREATE_SECRET * r_o,
+ prs_struct * ps, int depth);
+BOOL make_q_open_secret(LSA_Q_OPEN_SECRET * q_o, const POLICY_HND *pol_hnd,
const char *secret_name, uint32 desired_access);
-BOOL lsa_io_q_create_secret(char *desc, LSA_Q_CREATE_SECRET *q_o, prs_struct *ps, int depth);
-BOOL lsa_io_r_create_secret(char *desc, LSA_R_CREATE_SECRET *r_o, prs_struct *ps, int depth);
-BOOL make_q_open_secret(LSA_Q_OPEN_SECRET *q_o, const POLICY_HND *pol_hnd,
- const char *secret_name, uint32 desired_access);
-BOOL lsa_io_q_open_secret(char *desc, LSA_Q_OPEN_SECRET *q_o, prs_struct *ps, int depth);
-BOOL lsa_io_r_open_secret(char *desc, LSA_R_OPEN_SECRET *r_o, prs_struct *ps, int depth);
-BOOL lsa_io_secret_value(char *desc, LSA_SECRET_VALUE *value, prs_struct *ps, int depth);
-BOOL lsa_io_secret_info(char *desc, LSA_SECRET_INFO *info, prs_struct *ps, int depth);
-BOOL lsa_io_secret(char *desc, LSA_SECRET *q_q, prs_struct *ps, int depth);
-BOOL make_q_query_secret(LSA_Q_QUERY_SECRET *q_q, POLICY_HND *pol);
-BOOL lsa_io_q_query_secret(char *desc, LSA_Q_QUERY_SECRET *q_q, prs_struct *ps, int depth);
-BOOL lsa_io_r_query_secret(char *desc, LSA_R_QUERY_SECRET *r_q, prs_struct *ps, int depth);
-BOOL lsa_io_q_set_secret(char *desc, LSA_Q_SET_SECRET *q_q, prs_struct *ps, int depth);
-BOOL lsa_io_r_set_secret(char *desc, LSA_R_SET_SECRET *r_q, prs_struct *ps, int depth);
-BOOL make_q_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
- POLICY_HND *pol,
- uint32 enum_context, uint32 preferred_len);
-BOOL lsa_io_q_enum_trust_dom(char *desc, LSA_Q_ENUM_TRUST_DOM *q_e, prs_struct *ps, int depth);
-BOOL make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e, int32 enum_context,
- uint32 num_domains,
- UNISTR2 *domain_names, DOM_SID **domain_sids,
+BOOL lsa_io_q_open_secret(char *desc, LSA_Q_OPEN_SECRET * q_o,
+ prs_struct * ps, int depth);
+BOOL lsa_io_r_open_secret(char *desc, LSA_R_OPEN_SECRET * r_o,
+ prs_struct * ps, int depth);
+BOOL lsa_io_secret_value(char *desc, LSA_SECRET_VALUE * value,
+ prs_struct * ps, int depth);
+BOOL lsa_io_secret_info(char *desc, LSA_SECRET_INFO * info, prs_struct * ps,
+ int depth);
+BOOL lsa_io_secret(char *desc, LSA_SECRET * q_q, prs_struct * ps, int depth);
+BOOL make_q_query_secret(LSA_Q_QUERY_SECRET * q_q, POLICY_HND *pol,
+ const STRING2 *secret, const NTTIME * update);
+BOOL lsa_io_q_query_secret(char *desc, LSA_Q_QUERY_SECRET * q_q,
+ prs_struct * ps, int depth);
+BOOL lsa_io_r_query_secret(char *desc, LSA_R_QUERY_SECRET * r_q,
+ prs_struct * ps, int depth);
+BOOL lsa_io_q_set_secret(char *desc, LSA_Q_SET_SECRET * q_q, prs_struct * ps,
+ int depth);
+BOOL lsa_io_r_set_secret(char *desc, LSA_R_SET_SECRET * r_q, prs_struct * ps,
+ int depth);
+BOOL make_q_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM * q_e,
+ POLICY_HND *pol,
+ uint32 enum_context, uint32 preferred_len);
+BOOL lsa_io_q_enum_trust_dom(char *desc, LSA_Q_ENUM_TRUST_DOM * q_e,
+ prs_struct * ps, int depth);
+BOOL make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM * r_e, int32 enum_context,
+ uint32 num_domains,
+ UNISTR2 * domain_names, DOM_SID ** domain_sids,
uint32 status);
-BOOL lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth);
-void lsa_free_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e);
-BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth);
-BOOL make_lsa_sid_enum(LSA_SID_ENUM *sen, uint32 num_entries, DOM_SID **sids);
-BOOL make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
- int num_sids, DOM_SID **sids,
- uint16 level);
-BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth);
-BOOL lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth);
-BOOL make_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd,
- uint32 num_names, char **names);
-BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, int depth);
-BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth);
-BOOL make_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd);
-BOOL lsa_io_q_close(char *desc, LSA_Q_CLOSE *q_c, prs_struct *ps, int depth);
-BOOL lsa_io_r_close(char *desc, LSA_R_CLOSE *r_c, prs_struct *ps, int depth);
+BOOL lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM * r_e,
+ prs_struct * ps, int depth);
+void lsa_free_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM * r_e);
+BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO * r_q, prs_struct * ps,
+ int depth);
+BOOL make_lsa_sid_enum(LSA_SID_ENUM * sen, uint32 num_entries,
+ DOM_SID ** sids);
+BOOL make_q_lookup_sids(LSA_Q_LOOKUP_SIDS * q_l, POLICY_HND *hnd,
+ int num_sids, DOM_SID ** sids, uint16 level);
+BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS * q_s,
+ prs_struct * ps, int depth);
+BOOL lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS * r_s,
+ prs_struct * ps, int depth);
+BOOL make_q_lookup_names(LSA_Q_LOOKUP_NAMES * q_l, POLICY_HND *hnd,
+ uint32 num_names, char **names);
+BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES * q_r,
+ prs_struct * ps, int depth);
+BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES * r_r,
+ prs_struct * ps, int depth);
+BOOL make_lsa_q_close(LSA_Q_CLOSE * q_c, POLICY_HND *hnd);
+BOOL lsa_io_q_close(char *desc, LSA_Q_CLOSE * q_c, prs_struct * ps, int depth);
+BOOL lsa_io_r_close(char *desc, LSA_R_CLOSE * r_c, prs_struct * ps, int depth);
/*The following definitions come from rpc_parse/parse_netsec.c */
struct policy_cache *get_global_hnd_cache(void);
struct policy_cache *init_policy_cache(int num_pol_hnds);
void free_policy_cache(struct policy_cache *cache);
+BOOL policy_hnd_set_name(struct policy_cache *cache,
+ POLICY_HND *hnd, const char *name);
+const char *policy_hnd_get_name(struct policy_cache *cache,
+ const POLICY_HND *hnd);
BOOL dup_policy_hnd(struct policy_cache *cache,
POLICY_HND *hnd,
const POLICY_HND *from);
BOOL set_policy_state(struct policy_cache *cache, POLICY_HND *hnd,
void(*fn)(void*), void *dev);
void *get_policy_state_info(struct policy_cache *cache, const POLICY_HND *hnd);
+BOOL policy_hnd_set_state_type(struct policy_cache *cache,
+ POLICY_HND *hnd, int type);
+int policy_hnd_get_state_type(struct policy_cache *cache,
+ const POLICY_HND *hnd);
+BOOL policy_hnd_check_state_type(struct policy_cache *cache,
+ const POLICY_HND *hnd, int type);
BOOL close_policy_hnd(struct policy_cache *cache, POLICY_HND *hnd);
BOOL policy_link_key(struct policy_cache *cache, const POLICY_HND *hnd,
POLICY_HND *to);
/*The following definitions come from rpc_client/cli_lsarpc.c */
-BOOL get_domain_sids(const char *domain, DOM_SID *sid3, DOM_SID *sid5);
-BOOL get_trust_sid_and_domain(const char* myname, char *server,
- DOM_SID *sid,
- char *domain, size_t len);
+BOOL get_domain_sids(const char *domain, DOM_SID * sid3, DOM_SID * sid5);
+BOOL get_trust_sid_and_domain(const char *myname, char *server,
+ DOM_SID * sid, char *domain, size_t len);
BOOL lsa_open_policy(const char *system_name, POLICY_HND *hnd,
- BOOL sec_qos, uint32 des_access);
-BOOL lsa_open_policy2( const char *system_name, POLICY_HND *hnd,
- BOOL sec_qos, uint32 des_access);
-BOOL lsa_create_secret( const POLICY_HND *hnd,
- const char *secret_name,
- uint32 des_access,
- POLICY_HND *hnd_secret);
-BOOL lsa_open_secret( const POLICY_HND *hnd,
- const char *secret_name,
- uint32 des_access,
- POLICY_HND *hnd_secret);
-uint32 lsa_set_secret(POLICY_HND *hnd, const STRING2 *secret);
-BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 *secret,
- NTTIME *last_update);
-BOOL lsa_lookup_names( POLICY_HND *hnd,
- int num_names,
- char **names,
- DOM_SID **sids,
- uint32 **types,
- int *num_sids);
+ BOOL sec_qos, uint32 des_access);
+BOOL lsa_open_policy2(const char *system_name, POLICY_HND *hnd,
+ BOOL sec_qos, uint32 des_access);
+BOOL lsa_create_secret(const POLICY_HND *hnd,
+ const char *secret_name,
+ uint32 des_access, POLICY_HND *hnd_secret);
+BOOL lsa_open_secret(const POLICY_HND *hnd,
+ const char *secret_name,
+ uint32 des_access, POLICY_HND *hnd_secret);
+uint32 lsa_set_secret(POLICY_HND *hnd, const STRING2 * secret);
+BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 * secret, NTTIME * last_update);
+BOOL lsa_lookup_names(POLICY_HND *hnd,
+ int num_names,
+ char **names,
+ DOM_SID ** sids, uint32 ** types, int *num_sids);
BOOL lsa_lookup_sids(POLICY_HND *hnd,
- int num_sids,
- DOM_SID **sids,
- char ***names,
- uint32 **types,
- int *num_names);
+ int num_sids,
+ DOM_SID ** sids,
+ char ***names, uint32 ** types, int *num_names);
BOOL lsa_query_info_pol(POLICY_HND *hnd, uint16 info_class,
- fstring domain_name, DOM_SID *domain_sid);
-BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 *enum_ctx,
- uint32 *num_doms, char ***names,
- DOM_SID ***sids);
+ fstring domain_name, DOM_SID * domain_sid);
+BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 * enum_ctx,
+ uint32 * num_doms, char ***names, DOM_SID *** sids);
BOOL lsa_close(POLICY_HND *hnd);
/*The following definitions come from rpc_client/cli_netlogon.c */
/*The following definitions come from rpc_parse/parse_lsa.c */
-BOOL make_lsa_trans_name(LSA_TRANS_NAME *trn, UNISTR2 *uni_name,
- uint32 sid_name_use, char *name, uint32 idx);
-int make_dom_ref_uni(DOM_R_REF *ref, const UNISTR2 *uni_domname, const DOM_SID *dom_sid);
-int make_dom_ref(DOM_R_REF *ref, const char *domname, const DOM_SID *dom_sid);
-BOOL make_lsa_sec_qos(LSA_SEC_QOS *qos, uint16 imp_lev, uint8 ctxt, uint8 eff,
- uint32 unknown);
-BOOL make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, LSA_SEC_QOS *qos);
-BOOL make_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name,
- uint32 attributes,
- uint32 desired_access,
- LSA_SEC_QOS *qos);
-BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth);
-BOOL lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int depth);
-BOOL make_q_open_pol2(LSA_Q_OPEN_POL2 *r_q, const char *server_name,
- uint32 attributes,
- uint32 desired_access,
- LSA_SEC_QOS *qos);
-BOOL lsa_io_q_open_pol2(char *desc, LSA_Q_OPEN_POL2 *r_q, prs_struct *ps, int depth);
-BOOL lsa_io_r_open_pol2(char *desc, LSA_R_OPEN_POL2 *r_p, prs_struct *ps, int depth);
-BOOL make_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class);
-BOOL lsa_io_q_query(char *desc, LSA_Q_QUERY_INFO *q_q, prs_struct *ps, int depth);
-BOOL make_q_create_secret(LSA_Q_CREATE_SECRET *q_o, const POLICY_HND *pol_hnd,
- const char *secret_name, uint32 desired_access);
-BOOL lsa_io_q_create_secret(char *desc, LSA_Q_CREATE_SECRET *q_o, prs_struct *ps, int depth);
-BOOL lsa_io_r_create_secret(char *desc, LSA_R_CREATE_SECRET *r_o, prs_struct *ps, int depth);
-BOOL make_q_open_secret(LSA_Q_OPEN_SECRET *q_o, const POLICY_HND *pol_hnd,
+BOOL make_lsa_trans_name(LSA_TRANS_NAME * trn, UNISTR2 * uni_name,
+ uint32 sid_name_use, char *name, uint32 idx);
+int make_dom_ref_uni(DOM_R_REF * ref, const UNISTR2 * uni_domname,
+ const DOM_SID * dom_sid);
+int make_dom_ref(DOM_R_REF * ref, const char *domname,
+ const DOM_SID * dom_sid);
+BOOL make_lsa_sec_qos(LSA_SEC_QOS * qos, uint16 imp_lev, uint8 ctxt,
+ uint8 eff, uint32 unknown);
+BOOL make_lsa_obj_attr(LSA_OBJ_ATTR * attr, uint32 attributes,
+ LSA_SEC_QOS * qos);
+BOOL make_q_open_pol(LSA_Q_OPEN_POL * r_q, uint16 system_name,
+ uint32 attributes,
+ uint32 desired_access, LSA_SEC_QOS * qos);
+BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL * r_q, prs_struct * ps,
+ int depth);
+BOOL lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL * r_p, prs_struct * ps,
+ int depth);
+BOOL make_q_open_pol2(LSA_Q_OPEN_POL2 * r_q, const char *server_name,
+ uint32 attributes,
+ uint32 desired_access, LSA_SEC_QOS * qos);
+BOOL lsa_io_q_open_pol2(char *desc, LSA_Q_OPEN_POL2 * r_q, prs_struct * ps,
+ int depth);
+BOOL lsa_io_r_open_pol2(char *desc, LSA_R_OPEN_POL2 * r_p, prs_struct * ps,
+ int depth);
+BOOL make_q_query(LSA_Q_QUERY_INFO * q_q, POLICY_HND *hnd, uint16 info_class);
+BOOL lsa_io_q_query(char *desc, LSA_Q_QUERY_INFO * q_q, prs_struct * ps,
+ int depth);
+BOOL make_q_create_secret(LSA_Q_CREATE_SECRET * q_o,
+ const POLICY_HND *pol_hnd, const char *secret_name,
+ uint32 desired_access);
+BOOL lsa_io_q_create_secret(char *desc, LSA_Q_CREATE_SECRET * q_o,
+ prs_struct * ps, int depth);
+BOOL lsa_io_r_create_secret(char *desc, LSA_R_CREATE_SECRET * r_o,
+ prs_struct * ps, int depth);
+BOOL make_q_open_secret(LSA_Q_OPEN_SECRET * q_o, const POLICY_HND *pol_hnd,
const char *secret_name, uint32 desired_access);
-BOOL lsa_io_q_open_secret(char *desc, LSA_Q_OPEN_SECRET *q_o, prs_struct *ps, int depth);
-BOOL lsa_io_r_open_secret(char *desc, LSA_R_OPEN_SECRET *r_o, prs_struct *ps, int depth);
-BOOL lsa_io_secret_value(char *desc, LSA_SECRET_VALUE *value, prs_struct *ps, int depth);
-BOOL lsa_io_secret_info(char *desc, LSA_SECRET_INFO *info, prs_struct *ps, int depth);
-BOOL lsa_io_secret(char *desc, LSA_SECRET *q_q, prs_struct *ps, int depth);
-BOOL make_q_query_secret(LSA_Q_QUERY_SECRET *q_q, POLICY_HND *pol);
-BOOL lsa_io_q_query_secret(char *desc, LSA_Q_QUERY_SECRET *q_q, prs_struct *ps, int depth);
-BOOL lsa_io_r_query_secret(char *desc, LSA_R_QUERY_SECRET *r_q, prs_struct *ps, int depth);
-BOOL lsa_io_q_set_secret(char *desc, LSA_Q_SET_SECRET *q_q, prs_struct *ps, int depth);
-BOOL lsa_io_r_set_secret(char *desc, LSA_R_SET_SECRET *r_q, prs_struct *ps, int depth);
-BOOL make_q_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
- POLICY_HND *pol,
- uint32 enum_context, uint32 preferred_len);
-BOOL lsa_io_q_enum_trust_dom(char *desc, LSA_Q_ENUM_TRUST_DOM *q_e, prs_struct *ps, int depth);
-BOOL make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e, int32 enum_context,
- uint32 num_domains,
- UNISTR2 *domain_names, DOM_SID **domain_sids,
+BOOL lsa_io_q_open_secret(char *desc, LSA_Q_OPEN_SECRET * q_o,
+ prs_struct * ps, int depth);
+BOOL lsa_io_r_open_secret(char *desc, LSA_R_OPEN_SECRET * r_o,
+ prs_struct * ps, int depth);
+BOOL lsa_io_secret_value(char *desc, LSA_SECRET_VALUE * value,
+ prs_struct * ps, int depth);
+BOOL lsa_io_secret_info(char *desc, LSA_SECRET_INFO * info, prs_struct * ps,
+ int depth);
+BOOL lsa_io_secret(char *desc, LSA_SECRET * q_q, prs_struct * ps, int depth);
+BOOL make_q_query_secret(LSA_Q_QUERY_SECRET * q_q, POLICY_HND *pol,
+ const STRING2 *secret, const NTTIME * update);
+BOOL lsa_io_q_query_secret(char *desc, LSA_Q_QUERY_SECRET * q_q,
+ prs_struct * ps, int depth);
+BOOL lsa_io_r_query_secret(char *desc, LSA_R_QUERY_SECRET * r_q,
+ prs_struct * ps, int depth);
+BOOL lsa_io_q_set_secret(char *desc, LSA_Q_SET_SECRET * q_q, prs_struct * ps,
+ int depth);
+BOOL lsa_io_r_set_secret(char *desc, LSA_R_SET_SECRET * r_q, prs_struct * ps,
+ int depth);
+BOOL make_q_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM * q_e,
+ POLICY_HND *pol,
+ uint32 enum_context, uint32 preferred_len);
+BOOL lsa_io_q_enum_trust_dom(char *desc, LSA_Q_ENUM_TRUST_DOM * q_e,
+ prs_struct * ps, int depth);
+BOOL make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM * r_e, int32 enum_context,
+ uint32 num_domains,
+ UNISTR2 * domain_names, DOM_SID ** domain_sids,
uint32 status);
-BOOL lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth);
-void lsa_free_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e);
-BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth);
-BOOL make_lsa_sid_enum(LSA_SID_ENUM *sen, uint32 num_entries, DOM_SID **sids);
-BOOL make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
- int num_sids, DOM_SID **sids,
- uint16 level);
-BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth);
-BOOL lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth);
-BOOL make_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd,
- uint32 num_names, char **names);
-BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, int depth);
-BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth);
-BOOL make_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd);
-BOOL lsa_io_q_close(char *desc, LSA_Q_CLOSE *q_c, prs_struct *ps, int depth);
-BOOL lsa_io_r_close(char *desc, LSA_R_CLOSE *r_c, prs_struct *ps, int depth);
+BOOL lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM * r_e,
+ prs_struct * ps, int depth);
+void lsa_free_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM * r_e);
+BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO * r_q, prs_struct * ps,
+ int depth);
+BOOL make_lsa_sid_enum(LSA_SID_ENUM * sen, uint32 num_entries,
+ DOM_SID ** sids);
+BOOL make_q_lookup_sids(LSA_Q_LOOKUP_SIDS * q_l, POLICY_HND *hnd,
+ int num_sids, DOM_SID ** sids, uint16 level);
+BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS * q_s,
+ prs_struct * ps, int depth);
+BOOL lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS * r_s,
+ prs_struct * ps, int depth);
+BOOL make_q_lookup_names(LSA_Q_LOOKUP_NAMES * q_l, POLICY_HND *hnd,
+ uint32 num_names, char **names);
+BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES * q_r,
+ prs_struct * ps, int depth);
+BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES * r_r,
+ prs_struct * ps, int depth);
+BOOL make_lsa_q_close(LSA_Q_CLOSE * q_c, POLICY_HND *hnd);
+BOOL lsa_io_q_close(char *desc, LSA_Q_CLOSE * q_c, prs_struct * ps, int depth);
+BOOL lsa_io_r_close(char *desc, LSA_R_CLOSE * r_c, prs_struct * ps, int depth);
/*The following definitions come from rpc_parse/parse_misc.c */
extern int DEBUGLEVEL;
-BOOL tdb_delete_secret( TDB_CONTEXT *tdb, const UNISTR2 *uk)
+BOOL tdb_delete_secret(TDB_CONTEXT * tdb, const UNISTR2 * uk)
{
prs_struct key;
UNISTR2 k;
copy_unistr2(&k, uk);
- unistr2_to_ascii(tmp, uk, sizeof(tmp)-1);
- DEBUG(10,("delete secret %s\n", tmp));
+ unistr2_to_ascii(tmp, uk, sizeof(tmp) - 1);
+ DEBUG(10, ("delete secret %s\n", tmp));
prs_init(&key, 0, 4, False);
if (!smb_io_unistr2("key", &k, 1, &key, 0))
return True;
}
-BOOL tdb_lookup_secret( TDB_CONTEXT *tdb, const UNISTR2 *uk, LSA_SECRET **usr)
+BOOL tdb_lookup_secret(TDB_CONTEXT * tdb, const UNISTR2 * uk,
+ LSA_SECRET ** usr)
{
prs_struct key;
prs_struct data;
ZERO_STRUCTP((*usr));
}
- unistr2_to_ascii(tmp, uk, sizeof(tmp)-1);
- DEBUG(10,("lookup secret %s\n", tmp));
+ unistr2_to_ascii(tmp, uk, sizeof(tmp) - 1);
+ DEBUG(10, ("lookup secret %s\n", tmp));
prs_init(&key, 0, 4, False);
if (!smb_io_unistr2("key", &k, 1, &key, 0))
prs_free_data(&data);
return False;
}
-
+
if (usr != NULL)
{
return True;
}
-BOOL tdb_store_secret( TDB_CONTEXT *tdb, const UNISTR2 *uk, LSA_SECRET *usr)
+BOOL tdb_store_secret(TDB_CONTEXT * tdb, const UNISTR2 * uk, LSA_SECRET * usr)
{
prs_struct key;
prs_struct data;
copy_unistr2(&k, uk);
- unistr2_to_ascii(tmp, uk, sizeof(tmp)-1);
- DEBUG(10,("storing secret %s\n", tmp));
+ unistr2_to_ascii(tmp, uk, sizeof(tmp) - 1);
+ DEBUG(10, ("storing secret %s\n", tmp));
prs_init(&key, 0, 4, False);
if (!smb_io_unistr2("key", &k, 1, &key, 0) ||
!lsa_io_secret("usr", usr, &data, 0) ||
- prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
+ prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
{
prs_free_data(&key);
prs_free_data(&data);
strupper(domname);
strupper(srvname);
- slprintf(domsec, sizeof(domsec)-1, "%s.%s.tdb", domname, srvname);
+ slprintf(domsec, sizeof(domsec) - 1, "%s.%s.tdb", domname, srvname);
return tdb_open(lock_path(domsec), 0, 0, perms, 0600);
}
if (tdb != NULL)
{
- DEBUG(10,("secret_init_db: opened\n"));
+ DEBUG(10, ("secret_init_db: opened\n"));
return True;
}
-
+
tdb = open_secret_db(O_RDWR | O_CREAT);
if (tdb == NULL)
{
- DEBUG(0,("secret_init_db: failed\n"));
+ DEBUG(0, ("secret_init_db: failed\n"));
return False;
}
-
- DEBUG(10,("secret_init_db: opened first time: initialising.\n"));
- if (!trust_get_passwd_time(trust_passwd, domname, srvname, &crt))
- {
- DEBUG(10,("secret_init_db: no old $MACHINE.ACC: creating.\n"));
- generate_random_buffer(trust_passwd, 16, True);
- unix_to_nt_time(&crt, time(NULL));
- }
+ DEBUG(10, ("secret_init_db: opened first time: initialising.\n"));
+
+ generate_random_buffer(trust_passwd, 16, True);
+ unix_to_nt_time(&crt, time(NULL));
make_unistr2(&name, an, strlen(an));
ZERO_STRUCT(sec);
make_strhdr2(&sec.curinfo.value.hdr_secret, 24, 24, 1);
sec.curinfo.value.enc_secret.str_max_len = 24;
- sec.curinfo.value.enc_secret.undoc = 0;
+ sec.curinfo.value.enc_secret.undoc = 0;
sec.curinfo.value.enc_secret.str_str_len = 24;
SIVAL(sec.curinfo.value.enc_secret.buffer, 0, 16);
SIVAL(sec.curinfo.value.enc_secret.buffer, 4, 0x01);
- memcpy(sec.curinfo.value.enc_secret.buffer+8, trust_passwd, 16);
+ memcpy(sec.curinfo.value.enc_secret.buffer + 8, trust_passwd, 16);
sec.oldinfo.ptr_update = 1;
sec.oldinfo.last_update = crt;
return ret;
}
-
/******************************************************************
gets a machine password entry. checks access rights of the host.
******************************************************************/
-static uint32 direct_samr_userinfo(const UNISTR2 *uni_user,
- uint16 level,
- SAM_USERINFO_CTR *ctr,
- DOM_GID **gids,
- uint32 *num_grps,
- BOOL set)
+static uint32 direct_samr_userinfo(const UNISTR2 * uni_user,
+ uint16 level,
+ SAM_USERINFO_CTR * ctr,
+ DOM_GID ** gids,
+ uint32 * num_grps, BOOL set)
{
POLICY_HND sam_pol;
POLICY_HND dom_pol;
if (status_sam == NT_STATUS_NOPROBLEMO)
{
status_dom = _samr_open_domain(&sam_pol, 0x02000000,
- &global_sam_sid, &dom_pol);
+ &global_sam_sid, &dom_pol);
}
if (status_dom == NT_STATUS_NOPROBLEMO)
{
uint32 num_types;
status_usr = _samr_lookup_names(&dom_pol, 1, 0x3e8,
- 1, uni_user,
- &num_rids, &user_rid,
- &num_types, &type);
+ 1, uni_user,
+ &num_rids, &user_rid,
+ &num_types, &type);
if (type != SID_NAME_USER)
{
status_usr = NT_STATUS_ACCESS_DENIED;
if (status_usr == NT_STATUS_NOPROBLEMO)
{
status_usr = _samr_open_user(&dom_pol, 0x02000000,
- user_rid, &usr_pol);
+ user_rid, &usr_pol);
}
if (status_usr == NT_STATUS_NOPROBLEMO)
{
if (set && gids != NULL && num_grps != NULL)
{
status_grp = _samr_query_usergroups(&usr_pol,
- num_grps, gids);
+ num_grps, gids);
}
if (set)
{
}
else
{
- status_pwd = _samr_query_userinfo(&usr_pol, level, ctr);
+ status_pwd =
+ _samr_query_userinfo(&usr_pol, level, ctr);
}
}
- if (status_usr == NT_STATUS_NOPROBLEMO) _samr_close(&usr_pol);
- if (status_dom == NT_STATUS_NOPROBLEMO) _samr_close(&dom_pol);
- if (status_sam == NT_STATUS_NOPROBLEMO) _samr_close(&sam_pol);
+ if (status_usr == NT_STATUS_NOPROBLEMO)
+ _samr_close(&usr_pol);
+ if (status_dom == NT_STATUS_NOPROBLEMO)
+ _samr_close(&dom_pol);
+ if (status_sam == NT_STATUS_NOPROBLEMO)
+ _samr_close(&sam_pol);
if (status_pwd != NT_STATUS_NOPROBLEMO)
{
make_unistr2(&uni_trust_acct, trust_acct, strlen(trust_acct));
#if 0
- /*
- * Currently this code is redundent as we already have a filter
- * by hostname list. What this code really needs to do is to
- * get a hosts allowed/hosts denied list from the SAM database
- * on a per user basis, and make the access decision there.
- * I will leave this code here for now as a reminder to implement
- * this at a later date. JRA.
- */
+ /*
+ * Currently this code is redundent as we already have a filter
+ * by hostname list. What this code really needs to do is to
+ * get a hosts allowed/hosts denied list from the SAM database
+ * on a per user basis, and make the access decision there.
+ * I will leave this code here for now as a reminder to implement
+ * this at a later date. JRA.
+ */
if (!allow_access(lp_domain_hostsdeny(), lp_domain_hostsallow(),
- client_connection_name(), client_connection_addr()))
+ client_connection_name(), client_connection_addr()))
{
- DEBUG(0,("get_md4pw: Workstation %s denied access to domain\n", trust_acct));
+ DEBUG(0,
+ ("get_md4pw: Workstation %s denied access to domain\n",
+ trust_acct));
return False;
}
#endif /* 0 */
if (strequal(trust_name, global_myname))
{
BOOL ret;
- DEBUG(10,("get_md4pw: loop-back, use $MACHINE.ACC\n"));
+ DEBUG(10, ("get_md4pw: loop-back, use $MACHINE.ACC\n"));
ret = msrpc_lsa_query_trust_passwd("\\\\.",
- "$MACHINE.ACC", md4pw);
+ "$MACHINE.ACC", md4pw,
+ NULL);
return ret ? NT_STATUS_ACCESS_DENIED : NT_STATUS_NOPROBLEMO;
}
*/
become_root(True);
status_pwd = direct_samr_userinfo(&uni_trust_acct, 0x12, &ctr,
- NULL, NULL, False);
+ NULL, NULL, False);
unbecome_root(True);
if (status_pwd == NT_STATUS_NOPROBLEMO)
/*************************************************************************
net_login_interactive:
*************************************************************************/
-static uint32 net_login_interactive(NET_ID_INFO_1 *id1,
- struct dcinfo *dc)
+static uint32 net_login_interactive(NET_ID_INFO_1 * id1, struct dcinfo *dc)
{
const UNISTR2 *uni_samusr = &id1->uni_user_name;
uint32 status = NT_STATUS_NOPROBLEMO;
SAM_USERINFO_CTR ctr;
become_root(True);
- status = direct_samr_userinfo(uni_samusr, 0x12, &ctr,
- NULL, NULL, False);
+ status = direct_samr_userinfo(uni_samusr, 0x12, &ctr,
+ NULL, NULL, False);
unbecome_root(True);
if (status != NT_STATUS_NOPROBLEMO)
dump_data_pw("lm owf password:", lm_pwd, 16);
dump_data_pw("nt owf password:", nt_pwd, 16);
- SamOEMhash((uchar *)lm_pwd, key, 0);
- SamOEMhash((uchar *)nt_pwd, key, 0);
+ SamOEMhash((uchar *) lm_pwd, key, 0);
+ SamOEMhash((uchar *) nt_pwd, key, 0);
dump_data_pw("decrypt of lm owf password:", lm_pwd, 16);
dump_data_pw("decrypt of nt owf password:", nt_pwd, 16);
/*************************************************************************
net_login_network:
*************************************************************************/
-static uint32 net_login_general(NET_ID_INFO_4 *id4,
- struct dcinfo *dc,
- char usr_sess_key[16])
+static uint32 net_login_general(NET_ID_INFO_4 * id4,
+ struct dcinfo *dc, char usr_sess_key[16])
{
fstring user;
fstring domain;
int pw_len = id4->str_general.str_str_len;
- unistr2_to_ascii(user , &id4->uni_user_name, sizeof(user)-1);
- unistr2_to_ascii(domain, &id4->uni_domain_name, sizeof(domain)-1);
+ unistr2_to_ascii(user, &id4->uni_user_name, sizeof(user) - 1);
+ unistr2_to_ascii(domain, &id4->uni_domain_name, sizeof(domain) - 1);
general = id4->str_general.buffer;
- DEBUG(5,("net_login_general: user:%s domain:%s", user, domain));
+ DEBUG(5, ("net_login_general: user:%s domain:%s", user, domain));
#ifdef DEBUG_PASSWORD
- DEBUG(100,("password:%s", general));
+ DEBUG(100, ("password:%s", general));
#endif
- DEBUG(5,("\n"));
+ DEBUG(5, ("\n"));
- DEBUG(0,("net_login_general: TODO - \"update encrypted\" disabled\n"));
+ DEBUG(0,
+ ("net_login_general: TODO - \"update encrypted\" disabled\n"));
if (pass_check(user, general, pw_len, NULL,
#if 0
- lp_update_encrypted() ?
- update_smbpassword_file :
+ lp_update_encrypted()? update_smbpassword_file :
#endif
- NULL) )
+ NULL))
{
unsigned char key[16];
memcpy(key, dc->sess_key, 8);
#ifdef DEBUG_PASSWORD
- DEBUG(100,("key:"));
+ DEBUG(100, ("key:"));
dump_data(100, key, 16);
- DEBUG(100,("user sess key:"));
+ DEBUG(100, ("user sess key:"));
dump_data(100, usr_sess_key, 16);
#endif
- SamOEMhash((uchar *)usr_sess_key, key, 0);
+ SamOEMhash((uchar *) usr_sess_key, key, 0);
#ifdef DEBUG_PASSWORD
- DEBUG(100,("encrypt of user session key:"));
+ DEBUG(100, ("encrypt of user session key:"));
dump_data(100, usr_sess_key, 16);
#endif
- return NT_STATUS_NOPROBLEMO;
+ return NT_STATUS_NOPROBLEMO;
}
return NT_STATUS_WRONG_PASSWORD;
/*************************************************************************
net_login_network:
*************************************************************************/
-static uint32 net_login_network(NET_ID_INFO_2 *id2,
+static uint32 net_login_network(NET_ID_INFO_2 * id2,
uint16 acb_info,
struct dcinfo *dc,
- char usr_sess_key[16],
- char lm_pw8[8])
+ char usr_sess_key[16], char lm_pw8[8])
{
const UNISTR2 *uni_samusr = &id2->uni_user_name;
fstring user;
int nt_pw_len = id2->hdr_nt_chal_resp.str_str_len;
int lm_pw_len = id2->hdr_lm_chal_resp.str_str_len;
- unistr2_to_ascii(user , uni_samusr, sizeof(user)-1);
- unistr2_to_ascii(domain, &id2->uni_domain_name, sizeof(domain)-1);
+ unistr2_to_ascii(user, uni_samusr, sizeof(user) - 1);
+ unistr2_to_ascii(domain, &id2->uni_domain_name, sizeof(domain) - 1);
become_root(True);
- status = direct_samr_userinfo(uni_samusr, 0x12, &ctr,
- NULL, NULL, False);
+ status = direct_samr_userinfo(uni_samusr, 0x12, &ctr,
+ NULL, NULL, False);
unbecome_root(True);
if (status != NT_STATUS_NOPROBLEMO)
return status;
}
- DEBUG(5,("net_login_network: lm_len:%d nt_len:%d user:%s domain:%s\n",
- lm_pw_len, nt_pw_len, user, domain));
+ DEBUG(5,
+ ("net_login_network: lm_len:%d nt_len:%d user:%s domain:%s\n",
+ lm_pw_len, nt_pw_len, user, domain));
if (smb_password_ok(acb_info, ctr.info.id12->lm_pwd,
- ctr.info.id12->nt_pwd,
- id2->lm_chal,
- user, domain,
- (const uchar *)id2->lm_chal_resp.buffer, lm_pw_len,
- (const uchar *)id2->nt_chal_resp.buffer, nt_pw_len,
- usr_sess_key))
+ ctr.info.id12->nt_pwd,
+ id2->lm_chal,
+ user, domain,
+ (const uchar *)id2->lm_chal_resp.buffer,
+ lm_pw_len,
+ (const uchar *)id2->nt_chal_resp.buffer,
+ nt_pw_len, usr_sess_key))
{
unsigned char key[16];
dump_data_pw("user sess key:", usr_sess_key, 16);
dump_data_pw("lm_pw8:", lm_pw8, 16);
- SamOEMhash((uchar *)lm_pw8, key, 3);
- SamOEMhash((uchar *)usr_sess_key, key, 0);
+ SamOEMhash((uchar *) lm_pw8, key, 3);
+ SamOEMhash((uchar *) usr_sess_key, key, 0);
- dump_data_pw("encrypt of user session key:", usr_sess_key, 16);
+ dump_data_pw("encrypt of user session key:", usr_sess_key,
+ 16);
dump_data_pw("encrypt of lm_pw8:", lm_pw8, 16);
status = NT_STATUS_NOPROBLEMO;
/*************************************************************************
_net_req_chal
*************************************************************************/
-uint32 _net_req_chal( const UNISTR2 *uni_logon_server,
- const UNISTR2 *uni_logon_client,
- const DOM_CHAL *clnt_chal,
- DOM_CHAL *srv_chal,
- uint16 remote_pid )
+uint32 _net_req_chal(const UNISTR2 * uni_logon_server,
+ const UNISTR2 * uni_logon_client,
+ const DOM_CHAL * clnt_chal,
+ DOM_CHAL * srv_chal, uint16 remote_pid)
{
fstring trust_acct;
fstring trust_name;
ZERO_STRUCT(dc);
- unistr2_to_ascii(trust_acct, uni_logon_client, sizeof(trust_acct)-1);
+ unistr2_to_ascii(trust_acct, uni_logon_client,
+ sizeof(trust_acct) - 1);
fstrcpy(trust_name, trust_acct);
strlower(trust_name);
}
/* copy the client credentials */
- memcpy(dc.clnt_chal.data , clnt_chal->data, sizeof(clnt_chal->data));
- memcpy(dc.clnt_cred.challenge.data, clnt_chal->data, sizeof(clnt_chal->data));
+ memcpy(dc.clnt_chal.data, clnt_chal->data, sizeof(clnt_chal->data));
+ memcpy(dc.clnt_cred.challenge.data, clnt_chal->data,
+ sizeof(clnt_chal->data));
/* create a server challenge for the client */
/* Set these to random values. */
generate_random_buffer(srv_chal->data, sizeof(srv_chal->data), False);
/* copy the server credentials */
- memcpy(dc.srv_chal.data , srv_chal->data, sizeof(srv_chal->data));
- memcpy(dc.srv_cred.challenge.data, srv_chal->data, sizeof(srv_chal->data));
+ memcpy(dc.srv_chal.data, srv_chal->data, sizeof(srv_chal->data));
+ memcpy(dc.srv_cred.challenge.data, srv_chal->data,
+ sizeof(srv_chal->data));
bzero(dc.sess_key, sizeof(dc.sess_key));
/* from client / server challenges and md4 password, generate sess key */
cred_session_key(&(dc.clnt_chal), &(dc.srv_chal),
- (char *)dc.md4pw, dc.sess_key);
+ (char *)dc.md4pw, dc.sess_key);
if (!cred_store(remote_pid, global_sam_name, trust_name, &dc))
{
/*******************************************************************
creates a NETLOGON_INFO_3 structure.
********************************************************************/
-static BOOL make_netinfo_3(NETLOGON_INFO_3 *info, uint32 flags, uint32 logon_attempts)
+static BOOL make_netinfo_3(NETLOGON_INFO_3 * info, uint32 flags,
+ uint32 logon_attempts)
{
- info->flags = flags;
+ info->flags = flags;
info->logon_attempts = logon_attempts;
- info->reserved_1 = 0x0;
- info->reserved_2 = 0x0;
- info->reserved_3 = 0x0;
- info->reserved_4 = 0x0;
- info->reserved_5 = 0x0;
+ info->reserved_1 = 0x0;
+ info->reserved_2 = 0x0;
+ info->reserved_3 = 0x0;
+ info->reserved_4 = 0x0;
+ info->reserved_5 = 0x0;
return True;
}
/*******************************************************************
creates a NETLOGON_INFO_1 structure.
********************************************************************/
-static BOOL make_netinfo_1(NETLOGON_INFO_1 *info, uint32 flags, uint32 pdc_status)
+static BOOL make_netinfo_1(NETLOGON_INFO_1 * info, uint32 flags,
+ uint32 pdc_status)
{
- info->flags = flags;
+ info->flags = flags;
info->pdc_status = pdc_status;
return True;
/*******************************************************************
creates a NETLOGON_INFO_2 structure.
********************************************************************/
-static BOOL make_netinfo_2(NETLOGON_INFO_2 *info, uint32 flags, uint32 pdc_status,
- uint32 tc_status, char *trusted_dc_name)
+static BOOL make_netinfo_2(NETLOGON_INFO_2 * info, uint32 flags,
+ uint32 pdc_status, uint32 tc_status,
+ char *trusted_dc_name)
{
int len_dc_name = strlen(trusted_dc_name);
- info->flags = flags;
+ info->flags = flags;
info->pdc_status = pdc_status;
info->ptr_trusted_dc_name = 1;
- info->tc_status = tc_status;
+ info->tc_status = tc_status;
if (trusted_dc_name != NULL)
{
- make_unistr2(&(info->uni_trusted_dc_name), trusted_dc_name, len_dc_name+1);
+ make_unistr2(&(info->uni_trusted_dc_name), trusted_dc_name,
+ len_dc_name + 1);
}
else
{
/*************************************************************************
_net_logon_ctrl2
*************************************************************************/
-uint32 _net_logon_ctrl2(const UNISTR2 *uni_server_name,
- uint32 function_code,
- uint32 query_level,
- uint32 switch_value,
- uint32 *reply_switch_value,
- NETLOGON_INFO *logon_info)
+uint32 _net_logon_ctrl2(const UNISTR2 * uni_server_name,
+ uint32 function_code,
+ uint32 query_level,
+ uint32 switch_value,
+ uint32 * reply_switch_value,
+ NETLOGON_INFO * logon_info)
{
/* lkclXXXX - guess what - absolutely no idea what these are! */
uint32 flags = 0x0;
{
case 1:
{
- make_netinfo_1(&logon_info->info1, flags, pdc_status);
+ make_netinfo_1(&logon_info->info1, flags, pdc_status);
break;
}
case 2:
{
make_netinfo_2(&logon_info->info2, flags, pdc_status,
- tc_status, trusted_domain);
+ tc_status, trusted_domain);
break;
}
case 3:
{
make_netinfo_3(&logon_info->info3, flags,
- logon_attempts);
+ logon_attempts);
break;
}
default:
/*************************************************************************
_net_trust_dom_list
*************************************************************************/
-uint32 _net_trust_dom_list(const UNISTR2 *uni_server_name,
- uint32 function_code,
- BUFFER2 *uni_trust_dom_name)
+uint32 _net_trust_dom_list(const UNISTR2 * uni_server_name,
+ uint32 function_code, BUFFER2 * uni_trust_dom_name)
{
char **doms = NULL;
uint32 num_doms = 0;
uni_trust_dom_name->buf_len = 0x2;
}
uni_trust_dom_name->undoc = 0x1;
-
+
free_char_array(num_doms, doms);
return NT_STATUS_NOPROBLEMO;
/*************************************************************************
_net_auth
*************************************************************************/
-uint32 _net_auth(const DOM_LOG_INFO *clnt_id,
- const DOM_CHAL *clnt_chal,
- DOM_CHAL *srv_chal,
- uint16 remote_pid)
+uint32 _net_auth(const DOM_LOG_INFO * clnt_id,
+ const DOM_CHAL * clnt_chal,
+ DOM_CHAL * srv_chal, uint16 remote_pid)
{
UTIME srv_time;
fstring trust_name;
srv_time.time = 0;
unistr2_to_ascii(trust_name, &clnt_id->uni_comp_name,
- sizeof(trust_name)-1);
+ sizeof(trust_name) - 1);
if (!cred_get(remote_pid, global_sam_name, trust_name, &dc))
{
}
/* check that the client credentials are valid */
- if (!cred_assert(clnt_chal, dc.sess_key, &(dc.clnt_cred.challenge), srv_time))
+ if (!cred_assert
+ (clnt_chal, dc.sess_key, &(dc.clnt_cred.challenge), srv_time))
{
return NT_STATUS_ACCESS_DENIED;
}
/* create server challenge for inclusion in the reply */
- cred_create(dc.sess_key, &(dc.srv_cred.challenge), srv_time, srv_chal);
+ cred_create(dc.sess_key, &(dc.srv_cred.challenge), srv_time,
+ srv_chal);
/* copy the received client credentials for use next time */
- memcpy(dc.clnt_cred.challenge.data, clnt_chal->data, sizeof(clnt_chal->data));
- memcpy(dc.srv_cred .challenge.data, clnt_chal->data, sizeof(clnt_chal->data));
+ memcpy(dc.clnt_cred.challenge.data, clnt_chal->data,
+ sizeof(clnt_chal->data));
+ memcpy(dc.srv_cred.challenge.data, clnt_chal->data,
+ sizeof(clnt_chal->data));
if (!cred_store(remote_pid, global_sam_name, trust_name, &dc))
{
/*************************************************************************
_net_auth_2
*************************************************************************/
-uint32 _net_auth_2(const DOM_LOG_INFO *clnt_id,
- const DOM_CHAL *clnt_chal,
- const NEG_FLAGS *clnt_flgs,
- DOM_CHAL *srv_chal,
- NEG_FLAGS *srv_flgs,
- uint16 remote_pid)
+uint32 _net_auth_2(const DOM_LOG_INFO * clnt_id,
+ const DOM_CHAL * clnt_chal,
+ const NEG_FLAGS * clnt_flgs,
+ DOM_CHAL * srv_chal,
+ NEG_FLAGS * srv_flgs, uint16 remote_pid)
{
UTIME srv_time;
fstring trust_name;
srv_time.time = 0;
unistr2_to_ascii(trust_name, &(clnt_id->uni_comp_name),
- sizeof(trust_name)-1);
+ sizeof(trust_name) - 1);
if (!cred_get(remote_pid, global_sam_name, trust_name, &dc))
{
/* check that the client credentials are valid */
if (!cred_assert(clnt_chal, dc.sess_key,
- &(dc.clnt_cred.challenge), srv_time))
+ &(dc.clnt_cred.challenge), srv_time))
{
return NT_STATUS_ACCESS_DENIED;
}
/* create server challenge for inclusion in the reply */
- cred_create(dc.sess_key, &(dc.srv_cred.challenge), srv_time, srv_chal);
+ cred_create(dc.sess_key, &(dc.srv_cred.challenge), srv_time,
+ srv_chal);
/* copy the received client credentials for use next time */
- memcpy(dc.clnt_cred.challenge.data, clnt_chal->data, sizeof(clnt_chal->data));
- memcpy(dc.srv_cred .challenge.data, clnt_chal->data, sizeof(clnt_chal->data));
+ memcpy(dc.clnt_cred.challenge.data, clnt_chal->data,
+ sizeof(clnt_chal->data));
+ memcpy(dc.srv_cred.challenge.data, clnt_chal->data,
+ sizeof(clnt_chal->data));
if (!cred_store(remote_pid, global_sam_name, trust_name, &dc))
{
/*************************************************************************
_net_srv_pwset
*************************************************************************/
-uint32 _net_srv_pwset(const DOM_CLNT_INFO *clnt_id,
- const uint8 pwd[16],
- DOM_CRED *srv_cred,
- uint16 remote_pid)
+uint32 _net_srv_pwset(const DOM_CLNT_INFO * clnt_id,
+ const uint8 pwd[16],
+ DOM_CRED * srv_cred, uint16 remote_pid)
{
pstring trust_acct;
unsigned char hash3_pwd[16];
ZERO_STRUCT(dc);
uni_samusr = &(clnt_id->login.uni_comp_name);
- unistr2_to_ascii(trust_name, uni_samusr,
- sizeof(trust_name)-1);
+ unistr2_to_ascii(trust_name, uni_samusr, sizeof(trust_name) - 1);
if (!cred_get(remote_pid, global_sam_name, trust_name, &dc))
{
}
/* checks and updates credentials. creates reply credentials */
- if (!deal_with_creds(dc.sess_key, &(dc.clnt_cred), &(clnt_id->cred), srv_cred))
+ if (!deal_with_creds
+ (dc.sess_key, &(dc.clnt_cred), &(clnt_id->cred), srv_cred))
{
/* lkclXXXX take a guess at a sensible error code to return... */
return NT_STATUS_ACCESS_DENIED;
memcpy(&(dc.srv_cred), &(dc.clnt_cred), sizeof(dc.clnt_cred));
unistr2_to_ascii(trust_acct, &(clnt_id->login.uni_acct_name),
- sizeof(trust_acct)-1);
+ sizeof(trust_acct) - 1);
- DEBUG(3,("Server Password Set Wksta:[%s]\n", trust_acct));
+ DEBUG(3, ("Server Password Set Wksta:[%s]\n", trust_acct));
become_root(True);
- status_pwd = direct_samr_userinfo(uni_samusr, 0x12, &ctr,
- NULL, NULL, False);
+ status_pwd = direct_samr_userinfo(uni_samusr, 0x12, &ctr,
+ NULL, NULL, False);
unbecome_root(True);
acb_info = ctr.info.id12->acb_info;
- if (IS_BITS_SET_SOME(acb_info, ACB_NORMAL|ACB_DISABLED|ACB_PWNOTREQ))
+ if (IS_BITS_SET_SOME
+ (acb_info, ACB_NORMAL | ACB_DISABLED | ACB_PWNOTREQ))
{
return NT_STATUS_ACCESS_DENIED;
}
free_samr_userinfo_ctr(&ctr);
return status_pwd;
}
-
+
/* Some debug output, needed an iterater variable */
{
int i;
- DEBUG(100,("Server password set : new given value was :\n"));
- for(i = 0; i < 16; i++)
+ DEBUG(100, ("Server password set : new given value was :\n"));
+ for (i = 0; i < 16; i++)
{
- DEBUG(100,("%02X ", pwd[i]));
+ DEBUG(100, ("%02X ", pwd[i]));
}
- DEBUG(100,("\n"));
+ DEBUG(100, ("\n"));
}
- cred_hash3( hash3_pwd, pwd, dc.sess_key, 0);
+ cred_hash3(hash3_pwd, pwd, dc.sess_key, 0);
/* lies! nt and lm passwords are _not_ the same: don't care */
memcpy(ctr.info.id12->lm_pwd, hash3_pwd, sizeof(hash3_pwd));
memcpy(ctr.info.id12->nt_pwd, hash3_pwd, sizeof(hash3_pwd));
become_root(True);
- status_pwd = direct_samr_userinfo(uni_samusr, 0x12, &ctr,
- NULL, NULL, True);
+ status_pwd = direct_samr_userinfo(uni_samusr, 0x12, &ctr,
+ NULL, NULL, True);
unbecome_root(True);
if (status_pwd != NT_STATUS_NOPROBLEMO)
{
return status_pwd;
}
-
+
if (!cred_store(remote_pid, global_sam_name, trust_name, &dc))
{
return NT_STATUS_INVALID_HANDLE;
/*************************************************************************
_net_sam_logon
*************************************************************************/
-uint32 _net_sam_logon(const DOM_SAM_INFO *sam_id,
- uint16 validation_level,
- DOM_CRED *srv_creds,
- uint16 *switch_value,
- NET_USER_INFO_3 *user,
- uint16 remote_pid)
+uint32 _net_sam_logon(const DOM_SAM_INFO * sam_id,
+ uint16 validation_level,
+ DOM_CRED * srv_creds,
+ uint16 * switch_value,
+ NET_USER_INFO_3 * user, uint16 remote_pid)
{
UNISTR2 *uni_samusr = NULL;
UNISTR2 *uni_domain = NULL;
uint32 status_pwd = 0x0;
SAM_USERINFO_CTR ctr;
- NTTIME logon_time ;
- NTTIME logoff_time ;
- NTTIME kickoff_time ;
- NTTIME pass_last_set_time ;
- NTTIME pass_can_change_time ;
+ NTTIME logon_time;
+ NTTIME logoff_time;
+ NTTIME kickoff_time;
+ NTTIME pass_last_set_time;
+ NTTIME pass_can_change_time;
NTTIME pass_must_change_time;
- UNISTR2 *uni_nt_name ;
- UNISTR2 *uni_full_name ;
+ UNISTR2 *uni_nt_name;
+ UNISTR2 *uni_full_name;
UNISTR2 *uni_logon_script;
UNISTR2 *uni_profile_path;
- UNISTR2 *uni_home_dir ;
- UNISTR2 *uni_dir_drive ;
+ UNISTR2 *uni_home_dir;
+ UNISTR2 *uni_dir_drive;
- uint32 user_rid ;
+ uint32 user_rid;
uint32 group_rid;
int num_gids = 0;
UNISTR2 uni_sam_name;
unistr2_to_ascii(trust_name, &(sam_id->client.login.uni_comp_name),
- sizeof(trust_name)-1);
+ sizeof(trust_name) - 1);
if (!cred_get(remote_pid, global_sam_name, trust_name, &dc))
{
}
/* checks and updates credentials. creates reply credentials */
- if (!deal_with_creds(dc.sess_key, &dc.clnt_cred,
- &(sam_id->client.cred), srv_creds))
+ if (!deal_with_creds(dc.sess_key, &dc.clnt_cred,
+ &(sam_id->client.cred), srv_creds))
{
return NT_STATUS_ACCESS_DENIED;
}
-
+
memcpy(&dc.srv_cred, &dc.clnt_cred, sizeof(dc.clnt_cred));
/* find the username */
uni_samusr = &(sam_id->ctr->auth.id1.uni_user_name);
uni_domain = &(sam_id->ctr->auth.id1.uni_domain_name);
- DEBUG(3,("SAM Logon (Interactive). Domain:[%s]. ", global_sam_name));
+ DEBUG(3,
+ ("SAM Logon (Interactive). Domain:[%s]. ",
+ global_sam_name));
break;
}
case NETWORK_LOGON_TYPE:
uni_samusr = &(sam_id->ctr->auth.id2.uni_user_name);
uni_domain = &(sam_id->ctr->auth.id2.uni_domain_name);
- DEBUG(3,("SAM Logon (Network). Domain:[%s]. ", global_sam_name));
+ DEBUG(3,
+ ("SAM Logon (Network). Domain:[%s]. ",
+ global_sam_name));
break;
}
case GENERAL_LOGON_TYPE:
uni_samusr = &(sam_id->ctr->auth.id4.uni_user_name);
uni_domain = &(sam_id->ctr->auth.id4.uni_domain_name);
- DEBUG(3,("SAM Logon (General). Domain:[%s]. ", global_sam_name));
+ DEBUG(3,
+ ("SAM Logon (General). Domain:[%s]. ",
+ global_sam_name));
break;
}
default:
{
- DEBUG(2,("SAM Logon: unsupported switch value\n"));
+ DEBUG(2, ("SAM Logon: unsupported switch value\n"));
return NT_STATUS_INVALID_INFO_CLASS;
}
- }
+ }
/* check username exists */
- unistr2_to_ascii(nt_username, uni_samusr,
- sizeof(nt_username)-1);
+ unistr2_to_ascii(nt_username, uni_samusr, sizeof(nt_username) - 1);
- DEBUG(3,("User:[%s]\n", nt_username));
+ DEBUG(3, ("User:[%s]\n", nt_username));
/*
* IMPORTANT: do a General Login BEFORE the others,
{
/* general login. cleartext password */
uint32 status = NT_STATUS_NOPROBLEMO;
- status = net_login_general(&(sam_id->ctr->auth.id4), &dc, usr_sess_key);
+ status =
+ net_login_general(&(sam_id->ctr->auth.id4), &dc,
+ usr_sess_key);
enc_user_sess_key = usr_sess_key;
if (status != NT_STATUS_NOPROBLEMO)
* added by "update encrypted" in general login
*/
become_root(True);
- status_pwd = direct_samr_userinfo(uni_samusr, 21, &ctr,
- &gids, &num_gids, False);
+ status_pwd = direct_samr_userinfo(uni_samusr, 21, &ctr,
+ &gids, &num_gids, False);
unbecome_root(True);
if (status_pwd != NT_STATUS_NOPROBLEMO)
free_samr_userinfo_ctr(&ctr);
return status_pwd;
}
-
+
acb_info = ctr.info.id21->acb_info;
if (IS_BITS_SET_ALL(acb_info, ACB_DISABLED))
{
{
return NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT;
}
-
+
if (IS_BITS_SET_ALL(acb_info, ACB_WSTRUST))
{
return NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT;
}
- logon_time = ctr.info.id21->logon_time;
- logoff_time = ctr.info.id21->logoff_time;
- kickoff_time = ctr.info.id21->kickoff_time;
- pass_last_set_time = ctr.info.id21->pass_last_set_time;
- pass_can_change_time = ctr.info.id21->pass_can_change_time;
+ logon_time = ctr.info.id21->logon_time;
+ logoff_time = ctr.info.id21->logoff_time;
+ kickoff_time = ctr.info.id21->kickoff_time;
+ pass_last_set_time = ctr.info.id21->pass_last_set_time;
+ pass_can_change_time = ctr.info.id21->pass_can_change_time;
pass_must_change_time = ctr.info.id21->pass_must_change_time;
uni_nt_name = &ctr.info.id21->uni_user_name;
uni_logon_script = &ctr.info.id21->uni_logon_script;
uni_profile_path = &ctr.info.id21->uni_profile_path;
- user_rid = ctr.info.id21->user_rid;
+ user_rid = ctr.info.id21->user_rid;
group_rid = ctr.info.id21->group_rid;
/* validate password - if required */
case INTERACTIVE_LOGON_TYPE:
{
/* interactive login. */
- status = net_login_interactive(&(sam_id->ctr->auth.id1), &dc);
+ status =
+ net_login_interactive(&
+ (sam_id->ctr->
+ auth.id1),
+ &dc);
break;
}
case NETWORK_LOGON_TYPE:
{
/* network login. lm challenge and 24 byte responses */
- status = net_login_network(&(sam_id->ctr->auth.id2), acb_info, &dc, usr_sess_key, lm_pw8);
+ status =
+ net_login_network(&
+ (sam_id->ctr->auth.
+ id2), acb_info,
+&dc, usr_sess_key, lm_pw8);
padding = lm_pw8;
enc_user_sess_key = usr_sess_key;
break;
}
/* lkclXXXX this is the point at which, if the login was
- successful, that the SAM Local Security Authority should
- record that the user is logged in to the domain.
- */
+ successful, that the SAM Local Security Authority should
+ record that the user is logged in to the domain.
+ */
/* return the profile plus other bits :-) */
make_unistr2(&uni_myname, global_myname, strlen(global_myname));
make_unistr2(&uni_sam_name, global_sam_name, strlen(global_sam_name));
- make_net_user_info3W(user,
- &logon_time,
- &logoff_time,
- &kickoff_time,
- &pass_last_set_time,
- &pass_can_change_time,
- &pass_must_change_time,
-
- uni_nt_name , /* user_name */
- uni_full_name , /* full_name */
- uni_logon_script , /* logon_script */
- uni_profile_path , /* profile_path */
- uni_home_dir , /* home_dir */
- uni_dir_drive , /* dir_drive */
-
- 0, /* logon_count */
- 0, /* bad_pw_count */
-
- user_rid , /* RID user_id */
- group_rid , /* RID group_id */
- num_gids, /* uint32 num_groups */
- gids , /* DOM_GID *gids */
- 0x20 , /* uint32 user_flgs (?) */
-
- enc_user_sess_key, /* char usr_sess_key[16] */
-
- &uni_myname , /* char *logon_srv */
- &uni_sam_name, /* char *logon_dom */
-
- padding,
-
- &global_sam_sid, /* DOM_SID *dom_sid */
- NULL); /* char *other_sids */
+ make_net_user_info3W(user, &logon_time, &logoff_time, &kickoff_time, &pass_last_set_time, &pass_can_change_time, &pass_must_change_time, uni_nt_name, /* user_name */
+ uni_full_name, /* full_name */
+ uni_logon_script, /* logon_script */
+ uni_profile_path, /* profile_path */
+ uni_home_dir, /* home_dir */
+ uni_dir_drive, /* dir_drive */
+ 0, /* logon_count */
+ 0, /* bad_pw_count */
+ user_rid, /* RID user_id */
+ group_rid, /* RID group_id */
+ num_gids, /* uint32 num_groups */
+ gids, /* DOM_GID *gids */
+ 0x20, /* uint32 user_flgs (?) */
+ enc_user_sess_key, /* char usr_sess_key[16] */
+ &uni_myname, /* char *logon_srv */
+ &uni_sam_name, /* char *logon_dom */
+ padding, &global_sam_sid, /* DOM_SID *dom_sid */
+ NULL); /* char *other_sids */
/* Free any allocated groups array. */
safe_free(gids);
/*************************************************************************
_net_sam_logoff
*************************************************************************/
-uint32 _net_sam_logoff(const DOM_SAM_INFO *sam_id,
- DOM_CRED *srv_creds,
- uint16 remote_pid)
+uint32 _net_sam_logoff(const DOM_SAM_INFO * sam_id,
+ DOM_CRED * srv_creds, uint16 remote_pid)
{
fstring trust_name;
struct dcinfo dc;
ZERO_STRUCT(dc);
unistr2_to_ascii(trust_name, &(sam_id->client.login.uni_comp_name),
- sizeof(trust_name)-1);
+ sizeof(trust_name) - 1);
if (!cred_get(remote_pid, global_sam_name, trust_name, &dc))
{
}
/* checks and updates credentials. creates reply credentials */
- if (!deal_with_creds(dc.sess_key, &(dc.clnt_cred),
- &(sam_id->client.cred), srv_creds))
+ if (!deal_with_creds(dc.sess_key, &(dc.clnt_cred),
+ &(sam_id->client.cred), srv_creds))
{
return NT_STATUS_ACCESS_DENIED;
}
/*************************************************************************
_net_sam_sync
*************************************************************************/
-uint32 _net_sam_sync(const UNISTR2 *uni_srv_name,
- const UNISTR2 *uni_cli_name,
- uint32 database_id,
- uint32 restart_state,
- uint32 *sync_context,
- uint32 max_size,
- uint32 *num_deltas,
- uint32 *num_deltas2,
- SAM_DELTA_HDR *hdr_deltas,
- SAM_DELTA_CTR *deltas)
+uint32 _net_sam_sync(const UNISTR2 * uni_srv_name,
+ const UNISTR2 * uni_cli_name,
+ uint32 database_id,
+ uint32 restart_state,
+ uint32 * sync_context,
+ uint32 max_size,
+ uint32 * num_deltas,
+ uint32 * num_deltas2,
+ SAM_DELTA_HDR * hdr_deltas, SAM_DELTA_CTR * deltas)
{
fstring trust_name;
uint32 num_sam_users = 0;
uint32 idx;
- unistr2_to_ascii(trust_name, uni_cli_name, sizeof(trust_name)-1);
+ unistr2_to_ascii(trust_name, uni_cli_name, sizeof(trust_name) - 1);
(*sync_context) = 1;
return NT_STATUS_ACCESS_DENIED;
}
if (_samr_open_domain(&sam_pol, 0x02000000,
- &global_sam_sid, &dom_pol) != NT_STATUS_NOPROBLEMO)
+ &global_sam_sid,
+ &dom_pol) != NT_STATUS_NOPROBLEMO)
{
_samr_close(&sam_pol);
return NT_STATUS_ACCESS_DENIED;
do
{
enum_status = _samr_enum_dom_users(&dom_pol,
- &start_idx,
- 0x0, 0x0, 0x10000,
- &sam,
- &uni_acct_name,
- &num_sam_users);
+ &start_idx,
+ 0x0, 0x0, 0x10000,
+ &sam,
+ &uni_acct_name,
+ &num_sam_users);
- } while (enum_status == STATUS_MORE_ENTRIES);
+ }
+ while (enum_status == STATUS_MORE_ENTRIES);
for (idx = 0; idx < num_sam_users; idx++)
{
ZERO_STRUCT(ctr);
- status_usr = _samr_open_user(&dom_pol, 0x02000000, sam[idx].rid,
- &usr_pol);
- if (status_usr == NT_STATUS_NOPROBLEMO &&
- _samr_query_userinfo(&usr_pol, 0x21, &ctr) ==
- NT_STATUS_NOPROBLEMO)
+ status_usr =
+ _samr_open_user(&dom_pol, 0x02000000, sam[idx].rid,
+ &usr_pol);
+ if (status_usr == NT_STATUS_NOPROBLEMO
+ && _samr_query_userinfo(&usr_pol, 0x21,
+ &ctr) == NT_STATUS_NOPROBLEMO)
{
SAM_USER_INFO_21 *usr = ctr.info.id21;
make_sam_delta_hdr(&hdr_deltas[i], 5, usr->user_rid);
make_sam_account_info(&deltas[i].account_info,
- &usr->uni_user_name,
- &usr->uni_full_name, usr->user_rid,
- usr->group_rid,
- &usr->uni_home_dir,
- &usr->uni_dir_drive,
- &usr->uni_logon_script,
- &usr->uni_acct_desc,
- usr->acb_info,
- &usr->uni_profile_path,
- &usr->uni_workstations,
- &usr->uni_unknown_str,
- &usr->uni_munged_dial);
+ &usr->uni_user_name,
+ &usr->uni_full_name,
+ usr->user_rid, usr->group_rid,
+ &usr->uni_home_dir,
+ &usr->uni_dir_drive,
+ &usr->uni_logon_script,
+ &usr->uni_acct_desc,
+ usr->acb_info,
+ &usr->uni_profile_path,
+ &usr->uni_workstations,
+ &usr->uni_unknown_str,
+ &usr->uni_munged_dial);
i++;
free_samr_userinfo_ctr(&ctr);
return NT_STATUS_NOPROBLEMO;
}
-
/****************************************************************************
obtain the sid from the PDC. do some verification along the way...
****************************************************************************/
-BOOL get_domain_sids(const char *domain, DOM_SID *sid3, DOM_SID *sid5)
+BOOL get_domain_sids(const char *domain, DOM_SID * sid3, DOM_SID * sid5)
{
POLICY_HND pol;
fstring srv_name;
}
/* lookup domain controller; receive a policy handle */
- res = res ? lsa_open_policy(srv_name, &pol, False, 0x02000000) : False;
+ res =
+ res ? lsa_open_policy(srv_name, &pol, False,
+ 0x02000000) : False;
if (sid3 != NULL)
{
if (res1)
{
pstring sid;
- DEBUG(2,("LSA Query Info Policy\n"));
+ DEBUG(2, ("LSA Query Info Policy\n"));
if (sid3 != NULL)
{
sid_to_string(sid, sid3);
- DEBUG(2,("Domain Member - Domain: %s SID: %s\n", dom3, sid));
+ DEBUG(2,
+ ("Domain Member - Domain: %s SID: %s\n",
+ dom3, sid));
}
if (sid5 != NULL)
{
sid_to_string(sid, sid5);
- DEBUG(2,("Domain Controller - Domain: %s SID: %s\n", dom5, sid));
+ DEBUG(2,
+ ("Domain Controller - Domain: %s SID: %s\n",
+ dom5, sid));
}
}
else
{
- DEBUG(1,("lsa query info failed\n"));
+ DEBUG(1, ("lsa query info failed\n"));
}
return res;
/****************************************************************************
obtain a sid and domain name from a Domain Controller.
****************************************************************************/
-BOOL get_trust_sid_and_domain(const char* myname, char *server,
- DOM_SID *sid,
- char *domain, size_t len)
+BOOL get_trust_sid_and_domain(const char *myname, char *server,
+ DOM_SID * sid, char *domain, size_t len)
{
POLICY_HND pol;
fstring srv_name;
if (!cli_connection_init_list(server, PIPE_LSARPC, &con))
{
- DEBUG(0,("get_trust_sid: unable to initialise client connection.\n"));
+ DEBUG(0,
+ ("get_trust_sid: unable to initialise client connection.\n"));
return False;
}
strupper(srv_name);
/* lookup domain controller; receive a policy handle */
- res = res ? lsa_open_policy(srv_name, &pol, False, 0x02000000) : False;
+ res =
+ res ? lsa_open_policy(srv_name, &pol, False,
+ 0x02000000) : False;
/* send client info query, level 3. receive domain name and sid */
res1 = res ? lsa_query_info_pol(&pol, 3, dom3, &sid3) : False;
if (res1)
{
pstring sid_str;
- DEBUG(2,("LSA Query Info Policy\n"));
+ DEBUG(2, ("LSA Query Info Policy\n"));
sid_to_string(sid_str, &sid3);
- DEBUG(2,("Domain Member - Domain: %s SID: %s\n",
- dom3, sid_str));
+ DEBUG(2, ("Domain Member - Domain: %s SID: %s\n",
+ dom3, sid_str));
sid_to_string(sid_str, &sid5);
- DEBUG(2,("Domain Controller - Domain: %s SID: %s\n",
- dom5, sid_str));
+ DEBUG(2, ("Domain Controller - Domain: %s SID: %s\n",
+ dom5, sid_str));
if (dom5[0] != 0 && sid_equal(&sid3, &sid5))
{
}
else
{
- DEBUG(2,("Server %s is not a PDC\n", server));
+ DEBUG(2, ("Server %s is not a PDC\n", server));
return False;
}
}
else
{
- DEBUG(1,("lsa query info failed\n"));
+ DEBUG(1, ("lsa query info failed\n"));
}
return res1;
do a LSA Open Policy
****************************************************************************/
BOOL lsa_open_policy(const char *system_name, POLICY_HND *hnd,
- BOOL sec_qos, uint32 des_access)
+ BOOL sec_qos, uint32 des_access)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_OPEN_POL q_o;
LSA_SEC_QOS qos;
BOOL valid_pol = False;
return False;
}
- if (hnd == NULL) return False;
+ if (hnd == NULL)
+ return False;
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0, 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
/* create and send a MSRPC command with api LSA_OPENPOLICY */
- DEBUG(4,("LSA Open Policy\n"));
+ DEBUG(4, ("LSA Open Policy\n"));
/* store the parameters */
if (sec_qos)
if (p && r_o.status != 0)
{
/* report error code */
- DEBUG(0,("LSA_OPENPOLICY: %s\n", get_nt_error_msg(r_o.status)));
+ DEBUG(0,
+ ("LSA_OPENPOLICY: %s\n",
+ get_nt_error_msg(r_o.status)));
p = False;
}
{
/* ok, at last: we're happy. return the policy handle */
*hnd = r_o.pol;
-
- valid_pol = register_policy_hnd(get_global_hnd_cache(),
- cli_con_sec_ctx(con),
- hnd, des_access) &&
- set_policy_con(get_global_hnd_cache(),
- hnd, con,
- cli_connection_unlink);
+
+ valid_pol =
+ register_policy_hnd(get_global_hnd_cache(),
+ cli_con_sec_ctx(con), hnd,
+ des_access)
+ && set_policy_con(get_global_hnd_cache(), hnd,
+ con, cli_connection_unlink);
if (valid_pol)
{
policy_hnd_set_name(get_global_hnd_cache(),
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
return valid_pol;
}
/****************************************************************************
do a LSA Open Policy2
****************************************************************************/
-BOOL lsa_open_policy2( const char *system_name, POLICY_HND *hnd,
- BOOL sec_qos, uint32 des_access)
+BOOL lsa_open_policy2(const char *system_name, POLICY_HND *hnd,
+ BOOL sec_qos, uint32 des_access)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_OPEN_POL2 q_o;
LSA_SEC_QOS qos;
BOOL valid_pol = False;
return False;
}
- if (hnd == NULL) return False;
+ if (hnd == NULL)
+ return False;
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0 , 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
/* create and send a MSRPC command with api LSA_OPENPOLICY2 */
- DEBUG(4,("LSA Open Policy2\n"));
+ DEBUG(4, ("LSA Open Policy2\n"));
/* store the parameters */
if (sec_qos)
if (p && r_o.status != 0)
{
/* report error code */
- DEBUG(0,("LSA_OPENPOLICY2: %s\n", get_nt_error_msg(r_o.status)));
+ DEBUG(0,
+ ("LSA_OPENPOLICY2: %s\n",
+ get_nt_error_msg(r_o.status)));
p = False;
}
/* ok, at last: we're happy. return the policy handle */
*hnd = r_o.pol;
- valid_pol = register_policy_hnd(get_global_hnd_cache(),
- cli_con_sec_ctx(con),
- hnd, des_access) &&
- set_policy_con(get_global_hnd_cache(),
- hnd, con,
- cli_connection_unlink);
+ valid_pol =
+ register_policy_hnd(get_global_hnd_cache(),
+ cli_con_sec_ctx(con), hnd,
+ des_access)
+ && set_policy_con(get_global_hnd_cache(), hnd,
+ con, cli_connection_unlink);
}
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
return valid_pol;
}
/****************************************************************************
do a LSA Create Secret
****************************************************************************/
-BOOL lsa_create_secret( const POLICY_HND *hnd,
- const char *secret_name,
- uint32 des_access,
- POLICY_HND *hnd_secret)
+BOOL lsa_create_secret(const POLICY_HND *hnd,
+ const char *secret_name,
+ uint32 des_access, POLICY_HND *hnd_secret)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_CREATE_SECRET q_o;
BOOL valid_pol = False;
- if (hnd == NULL) return False;
+ if (hnd == NULL)
+ return False;
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0, 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
/* create and send a MSRPC command with api LSA_CREATE_SECRET */
- DEBUG(4,("LSA Create Secret\n"));
+ DEBUG(4, ("LSA Create Secret\n"));
make_q_create_secret(&q_o, hnd, secret_name, des_access);
if (p && r_o.status != 0)
{
/* report error code */
- DEBUG(0,("LSA_OPENSECRET: %s\n", get_nt_error_msg(r_o.status)));
+ DEBUG(0,
+ ("LSA_OPENSECRET: %s\n",
+ get_nt_error_msg(r_o.status)));
p = False;
}
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
return valid_pol;
}
/****************************************************************************
do a LSA Open Secret
****************************************************************************/
-BOOL lsa_open_secret( const POLICY_HND *hnd,
- const char *secret_name,
- uint32 des_access,
- POLICY_HND *hnd_secret)
+BOOL lsa_open_secret(const POLICY_HND *hnd,
+ const char *secret_name,
+ uint32 des_access, POLICY_HND *hnd_secret)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_OPEN_SECRET q_o;
BOOL valid_pol = False;
- if (hnd == NULL) return False;
+ if (hnd == NULL)
+ return False;
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0, 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
/* create and send a MSRPC command with api LSA_OPENSECRET */
- DEBUG(4,("LSA Open Secret\n"));
+ DEBUG(4, ("LSA Open Secret\n"));
make_q_open_secret(&q_o, hnd, secret_name, des_access);
if (p && r_o.status != 0)
{
/* report error code */
- DEBUG(0,("LSA_OPENSECRET: %s\n", get_nt_error_msg(r_o.status)));
+ DEBUG(0,
+ ("LSA_OPENSECRET: %s\n",
+ get_nt_error_msg(r_o.status)));
p = False;
}
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
return valid_pol;
}
/****************************************************************************
do a LSA Set Secret
****************************************************************************/
-uint32 lsa_set_secret(POLICY_HND *hnd, const STRING2 *secret)
+uint32 lsa_set_secret(POLICY_HND *hnd, const STRING2 * secret)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_SET_SECRET q_q;
uchar sess_key[16];
uint32 status = NT_STATUS_NOPROBLEMO;
- if (hnd == NULL) return NT_STATUS_INVALID_PARAMETER;
+ if (hnd == NULL)
+ return NT_STATUS_INVALID_PARAMETER;
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0 , 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
/* create and send a MSRPC command with api LSA_SETSECRET */
- DEBUG(4,("LSA Set Secret\n"));
+ DEBUG(4, ("LSA Set Secret\n"));
- memcpy(&q_q.pol, hnd, sizeof(q_q.pol));
+ q_q.pol = *hnd;
q_q.unknown = 0x0;
q_q.value.ptr_secret = 0x1;
make_strhdr2(&q_q.value.hdr_secret, secret->str_str_len,
- secret->str_max_len, 1);
+ secret->str_max_len, 1);
if (!cli_get_usr_sesskey(hnd, sess_key))
{
if (p && r_q.status != 0)
{
/* report error code */
- DEBUG(0,("LSA_SETSECRET: %s\n", get_nt_error_msg(r_q.status)));
+ DEBUG(0,
+ ("LSA_SETSECRET: %s\n",
+ get_nt_error_msg(r_q.status)));
status = NT_STATUS_INVALID_PARAMETER;
}
else
status = NT_STATUS_INVALID_PARAMETER;
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
return status;
}
/****************************************************************************
do a LSA Query Secret
****************************************************************************/
-BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 *secret,
- NTTIME *last_update)
+BOOL lsa_query_secret(POLICY_HND *hnd, STRING2 * secret, NTTIME * last_update)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_QUERY_SECRET q_q;
BOOL valid_info = False;
- if (hnd == NULL) return False;
+ if (hnd == NULL)
+ return False;
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0 , 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
/* create and send a MSRPC command with api LSA_QUERYSECRET */
- DEBUG(4,("LSA Query Secret\n"));
+ DEBUG(4, ("LSA Query Secret\n"));
- make_q_query_secret(&q_q, hnd);
+ make_q_query_secret(&q_q, hnd, secret, last_update);
/* turn parameters into data stream */
if (lsa_io_q_query_secret("", &q_q, &buf, 0) &&
if (p && r_q.status != 0)
{
/* report error code */
- DEBUG(0,("LSA_QUERYSECRET: %s\n", get_nt_error_msg(r_q.status)));
+ DEBUG(0,
+ ("LSA_QUERYSECRET: %s\n",
+ get_nt_error_msg(r_q.status)));
p = False;
}
if (p && (r_q.sec.curinfo.ptr_value != 0) &&
- (r_q.sec.curinfo.value.ptr_secret != 0) &&
- (r_q.sec.curinfo.ptr_update != 0))
+ (r_q.sec.curinfo.value.ptr_secret != 0))
{
uchar sess_key[16];
STRING2 enc_secret;
- memcpy(&enc_secret, &(r_q.sec.curinfo.value.enc_secret), sizeof(STRING2));
- memcpy(last_update, &(r_q.sec.curinfo.last_update), sizeof(NTTIME));
+ memcpy(&enc_secret,
+ &(r_q.sec.curinfo.value.enc_secret),
+ sizeof(STRING2));
if (!cli_get_usr_sesskey(hnd, sess_key))
{
return False;
}
dump_data_pw("sess key:", sess_key, 16);
valid_info = nt_decrypt_string2(secret, &enc_secret,
- sess_key);
+ sess_key);
+ }
+ if (p && last_update != NULL &&
+ (r_q.sec.curinfo.ptr_value != 0) &&
+ (r_q.sec.curinfo.ptr_update != 0))
+ {
+ memcpy(last_update, &(r_q.sec.curinfo.last_update),
+ sizeof(NTTIME));
}
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
return valid_info;
}
/****************************************************************************
do a LSA Lookup Names
****************************************************************************/
-BOOL lsa_lookup_names( POLICY_HND *hnd,
- int num_names,
- char **names,
- DOM_SID **sids,
- uint32 **types,
- int *num_sids)
+BOOL lsa_lookup_names(POLICY_HND *hnd,
+ int num_names,
+ char **names,
+ DOM_SID ** sids, uint32 ** types, int *num_sids)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_LOOKUP_NAMES q_l;
BOOL valid_response = False;
- if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
+ if (hnd == NULL || num_sids == 0 || sids == NULL)
+ return False;
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0 , 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
/* create and send a MSRPC command with api LSA_LOOKUP_NAMES */
- DEBUG(4,("LSA Lookup NAMEs\n"));
+ DEBUG(4, ("LSA Lookup NAMEs\n"));
/* store the parameters */
make_q_lookup_names(&q_l, hnd, num_names, names);
lsa_io_r_lookup_names("", &r_l, &rbuf, 0);
p = rbuf.offset != 0;
-
+
if (p && r_l.status != 0)
{
/* report error code */
- DEBUG(1,("LSA_LOOKUP_NAMES: %s\n", get_nt_error_msg(r_l.status)));
+ DEBUG(1,
+ ("LSA_LOOKUP_NAMES: %s\n",
+ get_nt_error_msg(r_l.status)));
p = False;
}
if (t_rids[i].rid_idx >= ref.num_ref_doms_1 &&
t_rids[i].rid_idx != 0xffffffff)
{
- DEBUG(0,("LSA_LOOKUP_NAMES: domain index %d out of bounds\n",
- t_rids[i].rid_idx));
+ DEBUG(0,
+ ("LSA_LOOKUP_NAMES: domain index %d out of bounds\n",
+ t_rids[i].rid_idx));
valid_response = False;
break;
}
if (types != NULL && valid_response && r_l.num_entries != 0)
{
- (*types) = (uint32*)malloc((*num_sids) * sizeof(uint32));
+ (*types) = (uint32 *) malloc((*num_sids) * sizeof(uint32));
}
if (sids != NULL && valid_response && r_l.num_entries != 0)
{
- (*sids) = (DOM_SID*)malloc((*num_sids) * sizeof(DOM_SID));
+ (*sids) = (DOM_SID *) malloc((*num_sids) * sizeof(DOM_SID));
}
if (sids != NULL && (*sids) != NULL)
DOM_SID *sid = &(*sids)[i];
if (dom_idx != 0xffffffff)
{
- sid_copy(sid, &ref.ref_dom[dom_idx].ref_dom.sid);
+ sid_copy(sid,
+ &ref.ref_dom[dom_idx].
+ ref_dom.sid);
if (dom_rid != 0xffffffff)
{
sid_append_rid(sid, dom_rid);
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
return valid_response;
}
do a LSA Lookup SIDs
****************************************************************************/
BOOL lsa_lookup_sids(POLICY_HND *hnd,
- int num_sids,
- DOM_SID **sids,
- char ***names,
- uint32 **types,
- int *num_names)
+ int num_sids,
+ DOM_SID ** sids,
+ char ***names, uint32 ** types, int *num_names)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_LOOKUP_SIDS q_l;
BOOL valid_response = False;
ZERO_STRUCT(q_l);
- if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
+ if (hnd == NULL || num_sids == 0 || sids == NULL)
+ return False;
if (num_names != NULL)
{
*names = NULL;
}
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0 , 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
/* create and send a MSRPC command with api LSA_LOOKUP_SIDS */
- DEBUG(4,("LSA Lookup SIDs\n"));
+ DEBUG(4, ("LSA Lookup SIDs\n"));
/* store the parameters */
make_q_lookup_sids(&q_l, hnd, num_sids, sids, 1);
BOOL p;
r_l.dom_ref = &ref;
- r_l.names = &t_names;
+ r_l.names = &t_names;
lsa_io_r_lookup_sids("", &r_l, &rbuf, 0);
p = rbuf.offset != 0;
-
+
if (p && r_l.status != 0 &&
- r_l.status != 0x107 &&
- r_l.status != (0xC0000000 | NT_STATUS_NONE_MAPPED))
+ r_l.status != 0x107 &&
+ r_l.status != (0xC0000000 | NT_STATUS_NONE_MAPPED))
{
/* report error code */
- DEBUG(1,("LSA_LOOKUP_SIDS: %s\n", get_nt_error_msg(r_l.status)));
+ DEBUG(1,
+ ("LSA_LOOKUP_SIDS: %s\n",
+ get_nt_error_msg(r_l.status)));
p = False;
}
if (p)
{
- if (t_names.ptr_trans_names != 0 && r_l.ptr_dom_ref != 0)
+ if (t_names.ptr_trans_names != 0
+ && r_l.ptr_dom_ref != 0)
{
valid_response = True;
}
uint32 i;
for (i = 0; i < t_names.num_entries; i++)
{
- if (t_names.name[i].domain_idx >= ref.num_ref_doms_1)
+ if (t_names.name[i].domain_idx >=
+ ref.num_ref_doms_1)
{
- DEBUG(0,("LSA_LOOKUP_SIDS: domain index out of bounds\n"));
+ DEBUG(0,
+ ("LSA_LOOKUP_SIDS: domain index out of bounds\n"));
valid_response = False;
break;
}
if (types != NULL && valid_response && (*num_names) != 0)
{
- (*types) = (uint32*)malloc((*num_names) * sizeof(uint32));
+ (*types) = (uint32 *) malloc((*num_names) * sizeof(uint32));
}
if (names != NULL && valid_response && (*num_names) != 0)
{
- (*names) = (char**)malloc((*num_names) * sizeof(char*));
+ (*names) = (char **)malloc((*num_names) * sizeof(char *));
}
if (names != NULL && (*names) != NULL)
if (dom_idx != 0xffffffff)
{
- unistr2_to_ascii(dom_name, &ref.ref_dom[dom_idx].uni_dom_name, sizeof(dom_name)-1);
- unistr2_to_ascii(name, &t_names.uni_name[i], sizeof(name)-1);
-
- memset(full_name, 0, sizeof(full_name));
-
- slprintf(full_name, sizeof(full_name)-1, "%s\\%s",
- dom_name, name);
+ unistr2_to_ascii(dom_name,
+ &ref.
+ ref_dom[dom_idx].
+ uni_dom_name,
+ sizeof(dom_name) -
+ 1);
+ unistr2_to_ascii(name,
+ &t_names.uni_name[i],
+ sizeof(name) - 1);
+
+ memset(full_name, 0,
+ sizeof(full_name));
+
+ slprintf(full_name,
+ sizeof(full_name) - 1,
+ "%s\\%s", dom_name, name);
(*names)[i] = strdup(full_name);
if (types != NULL && (*types) != NULL)
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
return valid_response;
}
do a LSA Query Info Policy
****************************************************************************/
BOOL lsa_query_info_pol(POLICY_HND *hnd, uint16 info_class,
- fstring domain_name, DOM_SID *domain_sid)
+ fstring domain_name, DOM_SID * domain_sid)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_QUERY_INFO q_q;
BOOL valid_response = False;
ZERO_STRUCTP(domain_sid);
domain_name[0] = 0;
- if (hnd == NULL || domain_name == NULL || domain_sid == NULL) return False;
+ if (hnd == NULL || domain_name == NULL || domain_sid == NULL)
+ return False;
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0 , 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
/* create and send a MSRPC command with api LSA_QUERYINFOPOLICY */
- DEBUG(4,("LSA Query Info Policy\n"));
+ DEBUG(4, ("LSA Query Info Policy\n"));
/* store the parameters */
make_q_query(&q_q, hnd, info_class);
lsa_io_r_query("", &r_q, &rbuf, 0);
p = rbuf.offset != 0;
-
+
if (p && r_q.status != 0)
{
/* report error code */
- DEBUG(0,("LSA_QUERYINFOPOLICY: %s\n", get_nt_error_msg(r_q.status)));
+ DEBUG(0,
+ ("LSA_QUERYINFOPOLICY: %s\n",
+ get_nt_error_msg(r_q.status)));
p = False;
}
if (p && r_q.info_class != q_q.info_class)
{
/* report different info classes */
- DEBUG(0,("LSA_QUERYINFOPOLICY: error info_class (q,r) differ - (%x,%x)\n",
- q_q.info_class, r_q.info_class));
+ DEBUG(0,
+ ("LSA_QUERYINFOPOLICY: error info_class (q,r) differ - (%x,%x)\n",
+ q_q.info_class, r_q.info_class));
p = False;
}
{
if (r_q.dom.id3.buffer_dom_name != 0)
{
- unistr2_to_ascii(domain_name, &r_q.dom.id3.uni_domain_name, sizeof(fstring)-1);
+ unistr2_to_ascii(domain_name,
+ &r_q.dom.id3.
+ uni_domain_name,
+ sizeof
+ (fstring) -
+ 1);
}
if (r_q.dom.id3.buffer_dom_sid != 0)
{
- *domain_sid = r_q.dom.id3.dom_sid.sid;
+ *domain_sid =
+ r_q.dom.id3.dom_sid.
+ sid;
}
valid_response = True;
{
if (r_q.dom.id5.buffer_dom_name != 0)
{
- unistr2_to_ascii(domain_name, &r_q.dom.id5.uni_domain_name, sizeof(fstring)-1);
+ unistr2_to_ascii(domain_name,
+ &r_q.dom.id5.
+ uni_domain_name,
+ sizeof
+ (fstring) -
+ 1);
}
if (r_q.dom.id5.buffer_dom_sid != 0)
{
- *domain_sid = r_q.dom.id5.dom_sid.sid;
+ *domain_sid =
+ r_q.dom.id5.dom_sid.
+ sid;
}
valid_response = True;
}
default:
{
- DEBUG(3,("LSA_QUERYINFOPOLICY: unknown info class\n"));
+ DEBUG(3,
+ ("LSA_QUERYINFOPOLICY: unknown info class\n"));
domain_name[0] = 0;
break;
}
}
-
+
sid_to_string(sid_str, domain_sid);
- DEBUG(3,("LSA_QUERYINFOPOLICY (level %x): domain:%s domain sid:%s\n",
- r_q.info_class, domain_name, sid_str));
+ DEBUG(3,
+ ("LSA_QUERYINFOPOLICY (level %x): domain:%s domain sid:%s\n",
+ r_q.info_class, domain_name, sid_str));
}
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
return valid_response;
}
/****************************************************************************
do a LSA Enumerate Trusted Domain
****************************************************************************/
-BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 *enum_ctx,
- uint32 *num_doms, char ***names,
- DOM_SID ***sids)
+BOOL lsa_enum_trust_dom(POLICY_HND *hnd, uint32 * enum_ctx,
+ uint32 * num_doms, char ***names, DOM_SID *** sids)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_ENUM_TRUST_DOM q_q;
BOOL valid_response = False;
- if (hnd == NULL || num_doms == NULL || names == NULL) return False;
+ if (hnd == NULL || num_doms == NULL || names == NULL)
+ return False;
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0 , 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
/* create and send a MSRPC command with api LSA_ENUMTRUSTDOM */
- DEBUG(4,("LSA Enum Trusted Domains\n"));
+ DEBUG(4, ("LSA Enum Trusted Domains\n"));
/* store the parameters */
make_q_enum_trust_dom(&q_q, hnd, *enum_ctx, 0xffffffff);
lsa_io_r_enum_trust_dom("", &r_q, &rbuf, 0);
p = rbuf.offset != 0;
-
+
if (p && r_q.status != 0)
{
/* report error code */
- DEBUG(0,("LSA_ENUMTRUSTDOM: %s\n", get_nt_error_msg(r_q.status)));
+ DEBUG(0,
+ ("LSA_ENUMTRUSTDOM: %s\n",
+ get_nt_error_msg(r_q.status)));
p = r_q.status == 0x8000001a;
}
{
fstring tmp;
unistr2_to_ascii(tmp, &r_q.uni_domain_name[i],
- sizeof(tmp)-1);
+ sizeof(tmp) - 1);
add_chars_to_array(num_doms, names, tmp);
add_sid_to_array(&num_sids, sids,
- &r_q.domain_sid[i].sid);
+ &r_q.domain_sid[i].sid);
}
if (r_q.status == NT_STATUS_NOPROBLEMO)
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
return valid_response;
}
BOOL lsa_close(POLICY_HND *hnd)
{
prs_struct rbuf;
- prs_struct buf;
+ prs_struct buf;
LSA_Q_CLOSE q_c;
BOOL valid_close = False;
- if (hnd == NULL) return False;
+ if (hnd == NULL)
+ return False;
/* create and send a MSRPC command with api LSA_OPENPOLICY */
- prs_init(&buf , 0, 4, False);
- prs_init(&rbuf, 0 , 4, True );
+ prs_init(&buf, 0, 4, False);
+ prs_init(&rbuf, 0, 4, True);
- DEBUG(4,("LSA Close\n"));
+ DEBUG(4, ("LSA Close\n"));
/* store the parameters */
make_lsa_q_close(&q_c, hnd);
if (p && r_c.status != 0)
{
/* report error code */
- DEBUG(0,("LSA_CLOSE: %s\n", get_nt_error_msg(r_c.status)));
+ DEBUG(0,
+ ("LSA_CLOSE: %s\n",
+ get_nt_error_msg(r_c.status)));
p = False;
}
valid_close = False;
break;
}
- }
+ }
if (!valid_close)
{
- DEBUG(0,("LSA_CLOSE: non-zero handle returned\n"));
+ DEBUG(0,
+ ("LSA_CLOSE: non-zero handle returned\n"));
}
}
}
prs_free_data(&rbuf);
- prs_free_data(&buf );
+ prs_free_data(&buf);
close_policy_hnd(get_global_hnd_cache(), hnd);
return valid_close;
}
-
fstrcat(trust_acct, "$");
if (!msrpc_lsa_query_trust_passwd("\\\\.", "$MACHINE.ACC",
- trust_passwd))
+ trust_passwd, NULL))
{
return False;
}
ret = net_sam_sync(lp_passwordserver(), lp_workgroup(),
- global_myname, trust_acct,
- trust_passwd,
- hdr_deltas, deltas, &num);
+ global_myname, trust_acct,
+ trust_passwd, hdr_deltas, deltas, &num);
if (ret)
{
pwdb_init_smb(&pwd);
pwd.user_rid = acc->user_rid;
- unistr2_to_ascii(nt_name, &(acc->uni_acct_name), sizeof(fstring)-1);
+ unistr2_to_ascii(nt_name, &(acc->uni_acct_name),
+ sizeof(fstring) - 1);
pwd.nt_name = nt_name;
pwd.acct_ctrl = acc->acb_info;
- pwd.pass_last_set_time = nt_time_to_unix(&(acc->pwd_last_set_time));
-
- sam_pwd_hash(acc->user_rid, smb_passwd, acc->pass.buf_lm_pwd, 0);
- sam_pwd_hash(acc->user_rid, smb_nt_passwd, acc->pass.buf_nt_pwd, 0);
+ pwd.pass_last_set_time =
+ nt_time_to_unix(&(acc->pwd_last_set_time));
+
+ sam_pwd_hash(acc->user_rid, smb_passwd,
+ acc->pass.buf_lm_pwd, 0);
+ sam_pwd_hash(acc->user_rid, smb_nt_passwd,
+ acc->pass.buf_nt_pwd, 0);
pwd.smb_passwd = smb_passwd;
pwd.smb_nt_passwd = smb_nt_passwd;
success = add_smbpwd_entry(&pwd);
}
- DEBUG(0, ("Attempted to %s account for %s: %s\n", mode,
- nt_name, success ? "OK" : "FAILED"));
+ DEBUG(0,
+ ("Attempted to %s account for %s: %s\n", mode,
+ nt_name, success ? "OK" : "FAILED"));
}
}
uint32 lookup_lsa_names(const char *srv_name,
uint32 num_names, char **names,
- uint32 *num_sids, DOM_SID **sids, uint32 **types)
+ uint32 * num_sids, DOM_SID ** sids, uint32 ** types)
{
BOOL res1 = True;
BOOL res2 = True;
return NT_STATUS_NONE_MAPPED | 0xC0000000;
}
- res1 = res1 ? lsa_open_policy(srv_name, &lsa_pol, True, 0x02000000) : False;
+ res1 =
+ res1 ? lsa_open_policy(srv_name, &lsa_pol, True,
+ 0x02000000) : False;
res2 = res1 ? lsa_lookup_names(&lsa_pol,
- num_names, names,
+ num_names, names,
sids, types, num_sids) : False;
res1 = res1 ? lsa_close(&lsa_pol) : False;
- if (! res2)
+ if (!res2)
{
return NT_STATUS_NONE_MAPPED | 0xC0000000;
}
uint32 lookup_lsa_name(const char *domain,
- char *name, DOM_SID *sid, uint32 *type)
+ char *name, DOM_SID * sid, uint32 * type)
{
fstring srv_name;
BOOL res3 = True;
char **names = NULL;
uint32 *types = NULL;
int num_names = 0;
- DOM_SID *sids = NULL;
+ DOM_SID *sids = NULL;
int num_sids = 0;
POLICY_HND lsa_pol;
names = &name;
/* lookup domain controller; receive a policy handle */
- res3 = res3 ? lsa_open_policy(srv_name, &lsa_pol, True, 0x02000000) : False;
+ res3 =
+ res3 ? lsa_open_policy(srv_name, &lsa_pol, True,
+ 0x02000000) : False;
/* send lsa lookup sids call */
res4 = res3 ? lsa_lookup_names(&lsa_pol,
- num_names, names,
+ num_names, names,
&sids, &types, &num_sids) : False;
res3 = res3 ? lsa_close(&lsa_pol) : False;
{
free(types);
}
-
+
if (sids != NULL)
{
free(sids);
}
-
+
return 0x0;
}
lookup sids
****************************************************************************/
uint32 lookup_lsa_sid(const char *domain,
- DOM_SID *sid, char *name, uint32 *type)
+ DOM_SID * sid, char *name, uint32 * type)
{
POLICY_HND lsa_pol;
fstring srv_name;
add_sid_to_array(&num_sids, &sids, sid);
/* lookup domain controller; receive a policy handle */
- res = res ? lsa_open_policy( srv_name, &lsa_pol, True, 0x02000000) : False;
+ res =
+ res ? lsa_open_policy(srv_name, &lsa_pol, True,
+ 0x02000000) : False;
/* send lsa lookup sids call */
- res1 = res ? lsa_lookup_sids( &lsa_pol,
- num_sids, sids,
- &names, &types, &num_names) : False;
+ res1 = res ? lsa_lookup_sids(&lsa_pol,
+ num_sids, sids,
+ &names, &types, &num_names) : False;
res = res ? lsa_close(&lsa_pol) : False;
free_sid_array(num_sids, sids);
free_char_array(num_names, names);
-
+
if (types != NULL)
{
free(types);
/****************************************************************************
nt lsa create secret
****************************************************************************/
-BOOL msrpc_lsa_create_secret(const char* srv_name, const char* secret_name,
- uint32 access_rights)
+BOOL msrpc_lsa_create_secret(const char *srv_name, const char *secret_name,
+ uint32 access_rights)
{
BOOL res = True;
BOOL res1;
POLICY_HND lsa_pol;
/* lookup domain controller; receive a policy handle */
- res = res ? lsa_open_policy( srv_name,
- &lsa_pol, True, 0x02000000) : False;
+ res = res ? lsa_open_policy(srv_name,
+ &lsa_pol, True, 0x02000000) : False;
/* lookup domain controller; receive a policy handle */
- res1 = res ? lsa_create_secret( &lsa_pol,
- secret_name, access_rights, &pol_sec) : False;
+ res1 = res ? lsa_create_secret(&lsa_pol,
+ secret_name, access_rights,
+ &pol_sec) : False;
res1 = res1 ? lsa_close(&pol_sec) : False;
/****************************************************************************
nt lsa query secret
****************************************************************************/
-BOOL msrpc_lsa_set_secret(const char* srv_name,
- const char* secret_name,
- const char* data, int len)
+BOOL msrpc_lsa_set_secret(const char *srv_name,
+ const char *secret_name, const char *data, int len)
{
BOOL res = True;
BOOL res1;
ZERO_STRUCT(secret);
- secret.str_max_len = len+8;
- secret.undoc = 0;
- secret.str_str_len = len+8;
+ secret.str_max_len = len + 8;
+ secret.undoc = 0;
+ secret.str_str_len = len + 8;
SIVAL(secret.buffer, 0, len);
SIVAL(secret.buffer, 4, 0x01);
- memcpy(secret.buffer+8, data, len);
+ memcpy(secret.buffer + 8, data, len);
/* lookup domain controller; receive a policy handle */
- res = res ? lsa_open_policy2( srv_name,
- &lsa_pol, True, 0x02000000) : False;
+ res = res ? lsa_open_policy2(srv_name,
+ &lsa_pol, True, 0x02000000) : False;
/* lookup domain controller; receive a policy handle */
- res1 = res ? lsa_open_secret( &lsa_pol,
- secret_name, 0x020003, &pol_sec) : False;
+ res1 = res ? lsa_open_secret(&lsa_pol,
+ secret_name, 0x020003, &pol_sec) : False;
- res2 = res1 ? (lsa_set_secret(&pol_sec, &secret) == NT_STATUS_NOPROBLEMO) : False;
+ res2 =
+ res1 ? (lsa_set_secret(&pol_sec, &secret) ==
+ NT_STATUS_NOPROBLEMO) : False;
res1 = res1 ? lsa_close(&pol_sec) : False;
/****************************************************************************
nt lsa query secret
****************************************************************************/
-BOOL msrpc_lsa_query_secret(const char* srv_name,
- const char* secret_name,
- STRING2 *secret,
- NTTIME *last_update)
+BOOL msrpc_lsa_query_secret(const char *srv_name,
+ const char *secret_name,
+ STRING2 * secret, NTTIME * last_update)
{
BOOL res = True;
BOOL res1;
POLICY_HND lsa_pol;
/* lookup domain controller; receive a policy handle */
- res = res ? lsa_open_policy2( srv_name,
- &lsa_pol, False, 0x02000000) : False;
+ res = res ? lsa_open_policy2(srv_name,
+ &lsa_pol, False, 0x02000000) : False;
/* lookup domain controller; receive a policy handle */
- res1 = res ? lsa_open_secret( &lsa_pol,
- secret_name, 0x02000000, &pol_sec) : False;
+ res1 = res ? lsa_open_secret(&lsa_pol,
+ secret_name, 0x02000000,
+ &pol_sec) : False;
res2 = res1 ? lsa_query_secret(&pol_sec, secret, last_update) : False;
/****************************************************************************
****************************************************************************/
-BOOL msrpc_lsa_query_trust_passwd(const char* srv_name,
- const char* secret_name,
- uchar trust_passwd[16])
+BOOL msrpc_lsa_query_trust_passwd(const char *srv_name,
+ const char *secret_name,
+ uchar trust_passwd[16],
+ NTTIME * last_update)
{
STRING2 secret;
- NTTIME last_update;
if (!msrpc_lsa_query_secret(srv_name, secret_name, &secret,
- &last_update))
+ last_update))
{
return False;
}
{
return False;
}
- memcpy(trust_passwd, secret.buffer+8, 16);
+ memcpy(trust_passwd, secret.buffer + 8, 16);
return True;
}
-
Do the same as security=server, but using NT Domain calls and a session
key from the workstation trust account password.
************************************************************************/
-static uint32 domain_client_validate( const char *user, const char *domain,
- const char *acct_name, uint16 acct_type,
- const char *challenge,
- const char *smb_apasswd, int smb_apasslen,
- const char *smb_ntpasswd, int smb_ntpasslen,
- NET_USER_INFO_3 *info3)
+static uint32 domain_client_validate(const char *user, const char *domain,
+ const char *acct_name, uint16 acct_type,
+ const char *challenge,
+ const char *smb_apasswd,
+ int smb_apasslen,
+ const char *smb_ntpasswd,
+ int smb_ntpasslen,
+ NET_USER_INFO_3 * info3)
{
unsigned char trust_passwd[16];
NET_ID_INFO_CTR ctr;
fstring trust_acct;
fstring srv_name;
BOOL cleartext = smb_apasslen != 0 && smb_apasslen != 24 &&
- smb_ntpasslen == 0;
+ smb_ntpasslen == 0;
- DEBUG(100,("domain_client_validate: %s %s\n", user, domain));
+ DEBUG(100, ("domain_client_validate: %s %s\n", user, domain));
#ifdef DEBUG_PASSWORD
dump_data_pw("lmpw:", smb_apasswd, smb_apasslen);
dump_data_pw("ntpw:", smb_ntpasswd, smb_ntpasslen);
fstrcat(trust_acct, "$");
/*
- * Check that the requested domain is not our own machine name.
- * If it is, we should never check the PDC here, we use our own local
- * password file.
- */
+ * Check that the requested domain is not our own machine name.
+ * If it is, we should never check the PDC here, we use our own local
+ * password file.
+ */
if (!get_any_dc_name(domain, srv_name))
{
- DEBUG(3,("domain_client_validate: could not find domain %s\n",
- domain));
+ DEBUG(3,
+ ("domain_client_validate: could not find domain %s\n",
+ domain));
return False;
}
- if (!msrpc_lsa_query_trust_passwd( "\\\\.", "$MACHINE.ACC",
- trust_passwd))
+ if (!msrpc_lsa_query_trust_passwd("\\\\.", "$MACHINE.ACC",
+ trust_passwd, NULL))
{
return False;
}
*/
/*
- * Ok - we have an anonymous connection to the IPC$ share.
- * Now start the NT Domain stuff :-).
- */
+ * Ok - we have an anonymous connection to the IPC$ share.
+ * Now start the NT Domain stuff :-).
+ */
- status = cli_nt_setup_creds(srv_name, domain, global_myname, trust_acct,
- trust_passwd, acct_type);
+ status =
+ cli_nt_setup_creds(srv_name, domain, global_myname,
+ trust_acct, trust_passwd, acct_type);
if (status != 0x0)
{
- DEBUG(0,("domain_client_validate: credentials failed (%s)\n",
- srv_name));
+ DEBUG(0, ("domain_client_validate: credentials failed (%s)\n",
+ srv_name));
return status;
}
/* We really don't care what LUID we give the user. */
- generate_random_buffer( (unsigned char *)&smb_uid_low, 4, False);
+ generate_random_buffer((unsigned char *)&smb_uid_low, 4, False);
if (challenge == NULL && !cleartext)
{
status = cli_nt_login_interactive(srv_name,
- global_myname,
- domain, user,
- smb_uid_low,
- smb_apasswd, smb_ntpasswd,
- &ctr, info3);
+ global_myname,
+ domain, user,
+ smb_uid_low,
+ smb_apasswd, smb_ntpasswd,
+ &ctr, info3);
}
else if (challenge == NULL)
{
status = cli_nt_login_general(srv_name,
- global_myname,
- domain, user,
- smb_uid_low,
- smb_apasswd,
- &ctr, info3);
+ global_myname,
+ domain, user,
+ smb_uid_low,
+ smb_apasswd, &ctr, info3);
}
else
{
status = cli_nt_login_network(srv_name,
- global_myname,
- domain, user,
- smb_uid_low, (const char *)challenge,
- (const uchar*)smb_apasswd, smb_apasslen,
- (const uchar*)smb_ntpasswd, smb_ntpasslen,
- &ctr, info3);
+ global_myname,
+ domain, user,
+ smb_uid_low,
+ (const char *)challenge,
+ (const uchar *)smb_apasswd,
+ smb_apasslen,
+ (const uchar *)smb_ntpasswd,
+ smb_ntpasslen, &ctr, info3);
}
- if (status == (NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT|0xc0000000))
+ if (status ==
+ (NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT | 0xc0000000))
{
- DEBUG(10,("domain_client_validate: wks trust valid:%s\n",
- user));
+ DEBUG(10, ("domain_client_validate: wks trust valid:%s\n",
+ user));
return status;
}
- if (status == (NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT|0xc0000000))
+ if (status == (NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT | 0xc0000000))
{
- DEBUG(10,("domain_client_validate: srv trust valid:%s\n",
- user));
+ DEBUG(10, ("domain_client_validate: srv trust valid:%s\n",
+ user));
return status;
}
- if (status == (NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT|0xc0000000))
+ if (status ==
+ (NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT | 0xc0000000))
{
- DEBUG(10,("domain_client_validate: interdom trust valid:%s\n",
- user));
+ DEBUG(10,
+ ("domain_client_validate: interdom trust valid:%s\n",
+ user));
return status;
}
if (status != 0x0)
{
- DEBUG(0,("domain_client_validate: unable to validate password for user %s in domain \
- %s to Domain controller %s.\n", user, domain, srv_name));
+ DEBUG(0,
+ ("domain_client_validate: unable to validate password for user %s in domain \
+ %s to Domain controller %s.\n",
+ user, domain, srv_name));
return status;
}
* locked out / disabled" etc!!!!
*/
- DEBUG(10,("domain_client_validate: user %s\%s OK\n", domain, user));
- DEBUG(3,("domain_client_validate: check lockout / pwd expired!\n"));
+ DEBUG(10, ("domain_client_validate: user %s\%s OK\n", domain, user));
+ DEBUG(3, ("domain_client_validate: check lockout / pwd expired!\n"));
return 0x0;
}
/****************************************************************************
Check for a valid username and password in security=domain mode.
****************************************************************************/
-uint32 check_domain_security(const char *orig_user, const char *domain,
- const uchar *challenge,
- const char *smb_apasswd, int smb_apasslen,
- const char *smb_ntpasswd, int smb_ntpasslen,
- NET_USER_INFO_3 *info3)
+uint32 check_domain_security(const char *orig_user, const char *domain,
+ const uchar * challenge,
+ const char *smb_apasswd, int smb_apasslen,
+ const char *smb_ntpasswd, int smb_ntpasslen,
+ NET_USER_INFO_3 * info3)
{
fstring acct_name;
uint16 acct_type = 0;
acct_type = SEC_CHAN_DOMAIN;
}
- DEBUG(10,("check_domain_security: %s(%d)\n", acct_name, acct_type));
+ DEBUG(10, ("check_domain_security: %s(%d)\n", acct_name, acct_type));
- return domain_client_validate(orig_user, domain,
- acct_name, acct_type,
- challenge,
- smb_apasswd, smb_apasslen,
- smb_ntpasswd, smb_ntpasslen,
- info3);
+ return domain_client_validate(orig_user, domain,
+ acct_name, acct_type,
+ challenge,
+ smb_apasswd, smb_apasslen,
+ smb_ntpasswd, smb_ntpasslen, info3);
}
/*******************************************************************
creates a LSA_TRANS_NAME structure.
********************************************************************/
-BOOL make_lsa_trans_name(LSA_TRANS_NAME *trn, UNISTR2 *uni_name,
- uint32 sid_name_use, char *name, uint32 idx)
+BOOL make_lsa_trans_name(LSA_TRANS_NAME * trn, UNISTR2 * uni_name,
+ uint32 sid_name_use, char *name, uint32 idx)
{
int len_name = strlen(name);
/*******************************************************************
reads or writes a LSA_TRANS_NAME structure.
********************************************************************/
-static BOOL lsa_io_trans_name(char *desc, LSA_TRANS_NAME *trn, prs_struct *ps, int depth)
+static BOOL lsa_io_trans_name(char *desc, LSA_TRANS_NAME * trn,
+ prs_struct * ps, int depth)
{
- if (trn == NULL) return False;
+ if (trn == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_trans_name");
depth++;
prs_align(ps);
-
+
prs_uint32("sid_name_use", ps, depth, &(trn->sid_name_use));
- smb_io_unihdr ("hdr_name", &(trn->hdr_name), ps, depth);
- prs_uint32("domain_idx ", ps, depth, &(trn->domain_idx ));
+ smb_io_unihdr("hdr_name", &(trn->hdr_name), ps, depth);
+ prs_uint32("domain_idx ", ps, depth, &(trn->domain_idx));
return True;
}
/***************************************************************************
make_dom_ref - adds a domain if it's not already in, returns the index
***************************************************************************/
-int make_dom_ref_uni(DOM_R_REF *ref, const UNISTR2 *uni_domname, const DOM_SID *dom_sid)
+int make_dom_ref_uni(DOM_R_REF * ref, const UNISTR2 * uni_domname,
+ const DOM_SID * dom_sid)
{
int num = 0;
UNISTR2 uni_tmp;
return -1;
}
- ref->num_ref_doms_1 = num+1;
- ref->ptr_ref_dom = 1;
+ ref->num_ref_doms_1 = num + 1;
+ ref->ptr_ref_dom = 1;
ref->max_entries = MAX_REF_DOMAINS;
- ref->num_ref_doms_2 = num+1;
+ ref->num_ref_doms_2 = num + 1;
make_unihdr_from_unistr2(&(ref->hdr_ref_dom[num].hdr_dom_name),
uni_domname);
return num;
}
-int make_dom_ref(DOM_R_REF *ref, const char *domname, const DOM_SID *dom_sid)
+int make_dom_ref(DOM_R_REF * ref, const char *domname,
+ const DOM_SID * dom_sid)
{
UNISTR2 *uni_domname;
int ret;
/*******************************************************************
reads or writes a DOM_R_REF structure.
********************************************************************/
-static BOOL lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int depth)
+static BOOL lsa_io_dom_r_ref(char *desc, DOM_R_REF * r_r, prs_struct * ps,
+ int depth)
{
uint32 i, s, n;
prs_debug(ps, depth, desc, "smb_io_dom_r_ref");
depth++;
- if (r_r == NULL) return False;
+ if (r_r == NULL)
+ return False;
prs_align(ps);
-
- prs_uint32("num_ref_doms_1", ps, depth, &(r_r->num_ref_doms_1)); /* num referenced domains? */
- prs_uint32("ptr_ref_dom ", ps, depth, &(r_r->ptr_ref_dom )); /* undocumented buffer pointer. */
- prs_uint32("max_entries ", ps, depth, &(r_r->max_entries )); /* 32 - max number of entries */
+
+ prs_uint32("num_ref_doms_1", ps, depth, &(r_r->num_ref_doms_1)); /* num referenced domains? */
+ prs_uint32("ptr_ref_dom ", ps, depth, &(r_r->ptr_ref_dom)); /* undocumented buffer pointer. */
+ prs_uint32("max_entries ", ps, depth, &(r_r->max_entries)); /* 32 - max number of entries */
SMB_ASSERT_ARRAY(r_r->hdr_ref_dom, r_r->num_ref_doms_1);
if (r_r->ptr_ref_dom != 0)
{
- prs_uint32("num_ref_doms_2", ps, depth, &(r_r->num_ref_doms_2)); /* 4 - num referenced domains? */
+ prs_uint32("num_ref_doms_2", ps, depth, &(r_r->num_ref_doms_2)); /* 4 - num referenced domains? */
SMB_ASSERT_ARRAY(r_r->ref_dom, r_r->num_ref_doms_2);
for (i = 0; i < r_r->num_ref_doms_1; i++)
fstring t;
slprintf(t, sizeof(t) - 1, "dom_ref[%d] ", i);
- smb_io_unihdr(t, &(r_r->hdr_ref_dom[i].hdr_dom_name), ps, depth);
+ smb_io_unihdr(t, &(r_r->hdr_ref_dom[i].hdr_dom_name),
+ ps, depth);
slprintf(t, sizeof(t) - 1, "sid_ptr[%d] ", i);
- prs_uint32(t, ps, depth, &(r_r->hdr_ref_dom[i].ptr_dom_sid));
+ prs_uint32(t, ps, depth,
+ &(r_r->hdr_ref_dom[i].ptr_dom_sid));
}
for (i = 0, n = 0, s = 0; i < r_r->num_ref_doms_2; i++)
if (r_r->hdr_ref_dom[i].hdr_dom_name.buffer != 0)
{
slprintf(t, sizeof(t) - 1, "dom_ref[%d] ", i);
- smb_io_unistr2(t, &(r_r->ref_dom[n].uni_dom_name), True, ps, depth); /* domain name unicode string */
+ smb_io_unistr2(t,
+ &(r_r->ref_dom[n].
+ uni_dom_name), True, ps, depth); /* domain name unicode string */
prs_align(ps);
n++;
}
if (r_r->hdr_ref_dom[i].ptr_dom_sid != 0)
{
slprintf(t, sizeof(t) - 1, "sid_ptr[%d] ", i);
- smb_io_dom_sid2("", &(r_r->ref_dom[s].ref_dom), ps, depth); /* referenced domain SIDs */
+ smb_io_dom_sid2("",
+ &(r_r->ref_dom[s].ref_dom),
+ ps, depth); /* referenced domain SIDs */
s++;
}
}
/*******************************************************************
makes an LSA_SEC_QOS structure.
********************************************************************/
-BOOL make_lsa_sec_qos(LSA_SEC_QOS *qos, uint16 imp_lev, uint8 ctxt, uint8 eff,
- uint32 unknown)
+BOOL make_lsa_sec_qos(LSA_SEC_QOS * qos, uint16 imp_lev, uint8 ctxt,
+ uint8 eff, uint32 unknown)
{
- if (qos == NULL) return False;
+ if (qos == NULL)
+ return False;
- DEBUG(5,("make_lsa_sec_qos\n"));
+ DEBUG(5, ("make_lsa_sec_qos\n"));
- qos->len = 0x0c; /* length of quality of service block, in bytes */
+ qos->len = 0x0c; /* length of quality of service block, in bytes */
qos->sec_imp_level = imp_lev;
qos->sec_ctxt_mode = ctxt;
qos->effective_only = eff;
/*******************************************************************
reads or writes an LSA_SEC_QOS structure.
********************************************************************/
-static BOOL lsa_io_sec_qos(char *desc, LSA_SEC_QOS *qos, prs_struct *ps, int depth)
+static BOOL lsa_io_sec_qos(char *desc, LSA_SEC_QOS * qos, prs_struct * ps,
+ int depth)
{
int start;
- if (qos == NULL) return False;
+ if (qos == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_obj_qos");
depth++;
prs_align(ps);
-
+
start = ps->offset;
/* these pointers had _better_ be zero, because we don't know
what they point to!
*/
- prs_uint32("len ", ps, depth, &(qos->len )); /* 0x18 - length (in bytes) inc. the length field. */
- prs_uint16("sec_imp_level ", ps, depth, &(qos->sec_imp_level ));
- prs_uint8 ("sec_ctxt_mode ", ps, depth, &(qos->sec_ctxt_mode ));
- prs_uint8 ("effective_only", ps, depth, &(qos->effective_only));
- prs_uint32("unknown ", ps, depth, &(qos->unknown ));
+ prs_uint32("len ", ps, depth, &(qos->len)); /* 0x18 - length (in bytes) inc. the length field. */
+ prs_uint16("sec_imp_level ", ps, depth, &(qos->sec_imp_level));
+ prs_uint8("sec_ctxt_mode ", ps, depth, &(qos->sec_ctxt_mode));
+ prs_uint8("effective_only", ps, depth, &(qos->effective_only));
+ prs_uint32("unknown ", ps, depth, &(qos->unknown));
if (qos->len != ps->offset - start)
{
- DEBUG(3,("lsa_io_sec_qos: length %x does not match size %x\n",
- qos->len, ps->offset - start));
+ DEBUG(3,
+ ("lsa_io_sec_qos: length %x does not match size %x\n",
+ qos->len, ps->offset - start));
}
return True;
/*******************************************************************
makes an LSA_OBJ_ATTR structure.
********************************************************************/
-BOOL make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, LSA_SEC_QOS *qos)
+BOOL make_lsa_obj_attr(LSA_OBJ_ATTR * attr, uint32 attributes,
+ LSA_SEC_QOS * qos)
{
- if (attr == NULL) return False;
+ if (attr == NULL)
+ return False;
- DEBUG(5,("make_lsa_obj_attr\n"));
+ DEBUG(5, ("make_lsa_obj_attr\n"));
- attr->len = 0x18; /* length of object attribute block, in bytes */
+ attr->len = 0x18; /* length of object attribute block, in bytes */
attr->ptr_root_dir = 0;
attr->ptr_obj_name = 0;
attr->attributes = attributes;
attr->ptr_sec_desc = 0;
-
+
if (qos != NULL)
{
attr->ptr_sec_qos = 1;
/*******************************************************************
reads or writes an LSA_OBJ_ATTR structure.
********************************************************************/
-static BOOL lsa_io_obj_attr(char *desc, LSA_OBJ_ATTR *attr, prs_struct *ps, int depth)
+static BOOL lsa_io_obj_attr(char *desc, LSA_OBJ_ATTR * attr, prs_struct * ps,
+ int depth)
{
int start;
- if (attr == NULL) return False;
+ if (attr == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_obj_attr");
depth++;
prs_align(ps);
-
+
start = ps->offset;
/* these pointers had _better_ be zero, because we don't know
what they point to!
*/
- prs_uint32("len ", ps, depth, &(attr->len )); /* 0x18 - length (in bytes) inc. the length field. */
- prs_uint32("ptr_root_dir", ps, depth, &(attr->ptr_root_dir)); /* 0 - root directory (pointer) */
- prs_uint32("ptr_obj_name", ps, depth, &(attr->ptr_obj_name)); /* 0 - object name (pointer) */
- prs_uint32("attributes ", ps, depth, &(attr->attributes )); /* 0 - attributes (undocumented) */
- prs_uint32("ptr_sec_desc", ps, depth, &(attr->ptr_sec_desc)); /* 0 - security descriptior (pointer) */
- prs_uint32("ptr_sec_qos ", ps, depth, &(attr->ptr_sec_qos )); /* security quality of service (pointer) */
+ prs_uint32("len ", ps, depth, &(attr->len)); /* 0x18 - length (in bytes) inc. the length field. */
+ prs_uint32("ptr_root_dir", ps, depth, &(attr->ptr_root_dir)); /* 0 - root directory (pointer) */
+ prs_uint32("ptr_obj_name", ps, depth, &(attr->ptr_obj_name)); /* 0 - object name (pointer) */
+ prs_uint32("attributes ", ps, depth, &(attr->attributes)); /* 0 - attributes (undocumented) */
+ prs_uint32("ptr_sec_desc", ps, depth, &(attr->ptr_sec_desc)); /* 0 - security descriptior (pointer) */
+ prs_uint32("ptr_sec_qos ", ps, depth, &(attr->ptr_sec_qos)); /* security quality of service (pointer) */
if (attr->len != ps->offset - start)
{
- DEBUG(3,("lsa_io_obj_attr: length %x does not match size %x\n",
- attr->len, ps->offset - start));
+ DEBUG(3,
+ ("lsa_io_obj_attr: length %x does not match size %x\n",
+ attr->len, ps->offset - start));
}
if (attr->ptr_sec_qos != 0 && attr->sec_qos != NULL)
/*******************************************************************
makes an LSA_Q_OPEN_POL structure.
********************************************************************/
-BOOL make_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name,
- uint32 attributes,
- uint32 desired_access,
- LSA_SEC_QOS *qos)
+BOOL make_q_open_pol(LSA_Q_OPEN_POL * r_q, uint16 system_name,
+ uint32 attributes,
+ uint32 desired_access, LSA_SEC_QOS * qos)
{
- if (r_q == NULL) return False;
+ if (r_q == NULL)
+ return False;
- DEBUG(5,("make_open_pol: attr:%d da:%d\n", attributes, desired_access));
+ DEBUG(5,
+ ("make_open_pol: attr:%d da:%d\n", attributes, desired_access));
- r_q->ptr = 1; /* undocumented pointer */
+ r_q->ptr = 1; /* undocumented pointer */
if (qos == NULL)
{
}
r_q->system_name = system_name;
- make_lsa_obj_attr(&(r_q->attr ), attributes, qos);
+ make_lsa_obj_attr(&(r_q->attr), attributes, qos);
return True;
}
/*******************************************************************
reads or writes an LSA_Q_OPEN_POL structure.
********************************************************************/
-BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth)
+BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL * r_q, prs_struct * ps,
+ int depth)
{
- if (r_q == NULL) return False;
+ if (r_q == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_open_pol");
depth++;
- prs_uint32("ptr ", ps, depth, &(r_q->ptr ));
- prs_uint16("system_name", ps, depth, &(r_q->system_name ));
- prs_align ( ps );
+ prs_uint32("ptr ", ps, depth, &(r_q->ptr));
+ prs_uint16("system_name", ps, depth, &(r_q->system_name));
+ prs_align(ps);
- lsa_io_obj_attr("", &(r_q->attr ), ps, depth);
+ lsa_io_obj_attr("", &(r_q->attr), ps, depth);
if (r_q->attr.ptr_sec_qos == 0)
{
/*******************************************************************
reads or writes an LSA_R_OPEN_POL structure.
********************************************************************/
-BOOL lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int depth)
+BOOL lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL * r_p, prs_struct * ps,
+ int depth)
{
- if (r_p == NULL) return False;
+ if (r_p == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_open_pol");
depth++;
/*******************************************************************
makes an LSA_Q_OPEN_POL2 structure.
********************************************************************/
-BOOL make_q_open_pol2(LSA_Q_OPEN_POL2 *r_q, const char *server_name,
- uint32 attributes,
- uint32 desired_access,
- LSA_SEC_QOS *qos)
+BOOL make_q_open_pol2(LSA_Q_OPEN_POL2 * r_q, const char *server_name,
+ uint32 attributes,
+ uint32 desired_access, LSA_SEC_QOS * qos)
{
- if (r_q == NULL) return False;
+ if (r_q == NULL)
+ return False;
- DEBUG(5,("make_open_pol2: attr:%d da:%d\n", attributes, desired_access));
+ DEBUG(5,
+ ("make_open_pol2: attr:%d da:%d\n", attributes,
+ desired_access));
- r_q->ptr = 1; /* undocumented pointer */
+ r_q->ptr = 1; /* undocumented pointer */
if (qos == NULL)
{
r_q->des_access = desired_access;
}
- make_unistr2 (&(r_q->uni_server_name), server_name, strlen(server_name));
- make_lsa_obj_attr(&(r_q->attr ), attributes, qos);
+ make_unistr2(&(r_q->uni_server_name), server_name,
+ strlen(server_name));
+ make_lsa_obj_attr(&(r_q->attr), attributes, qos);
return True;
}
/*******************************************************************
reads or writes an LSA_Q_OPEN_POL2 structure.
********************************************************************/
-BOOL lsa_io_q_open_pol2(char *desc, LSA_Q_OPEN_POL2 *r_q, prs_struct *ps, int depth)
+BOOL lsa_io_q_open_pol2(char *desc, LSA_Q_OPEN_POL2 * r_q, prs_struct * ps,
+ int depth)
{
- if (r_q == NULL) return False;
+ if (r_q == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_open_pol2");
depth++;
- prs_uint32("ptr ", ps, depth, &(r_q->ptr ));
+ prs_uint32("ptr ", ps, depth, &(r_q->ptr));
- smb_io_unistr2 ("", &(r_q->uni_server_name), r_q->ptr, ps, depth);
+ smb_io_unistr2("", &(r_q->uni_server_name), r_q->ptr, ps, depth);
prs_align(ps);
- lsa_io_obj_attr("", &(r_q->attr ), ps, depth);
+ lsa_io_obj_attr("", &(r_q->attr), ps, depth);
if (r_q->attr.ptr_sec_qos == 0)
{
/*******************************************************************
reads or writes an LSA_R_OPEN_POL2 structure.
********************************************************************/
-BOOL lsa_io_r_open_pol2(char *desc, LSA_R_OPEN_POL2 *r_p, prs_struct *ps, int depth)
+BOOL lsa_io_r_open_pol2(char *desc, LSA_R_OPEN_POL2 * r_p, prs_struct * ps,
+ int depth)
{
- if (r_p == NULL) return False;
+ if (r_p == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_open_pol2");
depth++;
/*******************************************************************
makes an LSA_Q_QUERY_INFO structure.
********************************************************************/
-BOOL make_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class)
+BOOL make_q_query(LSA_Q_QUERY_INFO * q_q, POLICY_HND *hnd, uint16 info_class)
{
- if (q_q == NULL || hnd == NULL) return False;
+ if (q_q == NULL || hnd == NULL)
+ return False;
- DEBUG(5,("make_q_query\n"));
+ DEBUG(5, ("make_q_query\n"));
memcpy(&(q_q->pol), hnd, sizeof(q_q->pol));
/*******************************************************************
reads or writes an LSA_Q_QUERY_INFO structure.
********************************************************************/
-BOOL lsa_io_q_query(char *desc, LSA_Q_QUERY_INFO *q_q, prs_struct *ps, int depth)
+BOOL lsa_io_q_query(char *desc, LSA_Q_QUERY_INFO * q_q, prs_struct * ps,
+ int depth)
{
- if (q_q == NULL) return False;
+ if (q_q == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_query");
depth++;
/*******************************************************************
makes an LSA_Q_CREATE_SECRET structure.
********************************************************************/
-BOOL make_q_create_secret(LSA_Q_CREATE_SECRET *q_o, const POLICY_HND *pol_hnd,
- const char *secret_name, uint32 desired_access)
+BOOL make_q_create_secret(LSA_Q_CREATE_SECRET * q_o,
+ const POLICY_HND *pol_hnd, const char *secret_name,
+ uint32 desired_access)
{
int len = strlen(secret_name);
- if (q_o == NULL) return False;
+ if (q_o == NULL)
+ return False;
- DEBUG(5,("make_q_create_secret"));
+ DEBUG(5, ("make_q_create_secret"));
memcpy(&(q_o->pol), pol_hnd, sizeof(q_o->pol));
/*******************************************************************
reads or writes an LSA_Q_CREATE_SECRET structure.
********************************************************************/
-BOOL lsa_io_q_create_secret(char *desc, LSA_Q_CREATE_SECRET *q_o, prs_struct *ps, int depth)
+BOOL lsa_io_q_create_secret(char *desc, LSA_Q_CREATE_SECRET * q_o,
+ prs_struct * ps, int depth)
{
- if (q_o == NULL) return False;
+ if (q_o == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_create_secret");
depth++;
smb_io_pol_hnd("", &(q_o->pol), ps, depth);
prs_align(ps);
- smb_io_unihdr ("", &(q_o->hdr_secret), ps, depth);
+ smb_io_unihdr("", &(q_o->hdr_secret), ps, depth);
smb_io_unistr2("", &(q_o->uni_secret), 1, ps, depth);
prs_align(ps);
/*******************************************************************
reads or writes an LSA_R_CREATE_SECRET structure.
********************************************************************/
-BOOL lsa_io_r_create_secret(char *desc, LSA_R_CREATE_SECRET *r_o, prs_struct *ps, int depth)
+BOOL lsa_io_r_create_secret(char *desc, LSA_R_CREATE_SECRET * r_o,
+ prs_struct * ps, int depth)
{
- if (r_o == NULL) return False;
+ if (r_o == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_create_secret");
depth++;
/*******************************************************************
makes an LSA_Q_OPEN_SECRET structure.
********************************************************************/
-BOOL make_q_open_secret(LSA_Q_OPEN_SECRET *q_o, const POLICY_HND *pol_hnd,
+BOOL make_q_open_secret(LSA_Q_OPEN_SECRET * q_o, const POLICY_HND *pol_hnd,
const char *secret_name, uint32 desired_access)
{
int len = strlen(secret_name);
- if (q_o == NULL) return False;
+ if (q_o == NULL)
+ return False;
- DEBUG(5,("make_q_open_secret"));
+ DEBUG(5, ("make_q_open_secret"));
memcpy(&(q_o->pol), pol_hnd, sizeof(q_o->pol));
/*******************************************************************
reads or writes an LSA_Q_OPEN_SECRET structure.
********************************************************************/
-BOOL lsa_io_q_open_secret(char *desc, LSA_Q_OPEN_SECRET *q_o, prs_struct *ps, int depth)
+BOOL lsa_io_q_open_secret(char *desc, LSA_Q_OPEN_SECRET * q_o,
+ prs_struct * ps, int depth)
{
- if (q_o == NULL) return False;
+ if (q_o == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_open_secret");
depth++;
smb_io_pol_hnd("", &(q_o->pol), ps, depth);
prs_align(ps);
- smb_io_unihdr ("", &(q_o->hdr_secret), ps, depth);
+ smb_io_unihdr("", &(q_o->hdr_secret), ps, depth);
smb_io_unistr2("", &(q_o->uni_secret), 1, ps, depth);
prs_align(ps);
/*******************************************************************
reads or writes an LSA_R_OPEN_SECRET structure.
********************************************************************/
-BOOL lsa_io_r_open_secret(char *desc, LSA_R_OPEN_SECRET *r_o, prs_struct *ps, int depth)
+BOOL lsa_io_r_open_secret(char *desc, LSA_R_OPEN_SECRET * r_o,
+ prs_struct * ps, int depth)
{
- if (r_o == NULL) return False;
+ if (r_o == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_open_secret");
depth++;
/*******************************************************************
reads or writes an LSA_SECRET_VALUE structure.
********************************************************************/
-BOOL lsa_io_secret_value(char *desc, LSA_SECRET_VALUE *value, prs_struct *ps, int depth)
+BOOL lsa_io_secret_value(char *desc, LSA_SECRET_VALUE * value,
+ prs_struct * ps, int depth)
{
- if (value == NULL) return False;
+ if (value == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_secret_value");
depth++;
if (value->ptr_secret != 0)
{
smb_io_strhdr2("hdr_secret", &(value->hdr_secret), ps, depth);
- smb_io_string2("secret" , &(value->enc_secret),
+ smb_io_string2("secret", &(value->enc_secret),
value->hdr_secret.buffer, ps, depth);
}
/*******************************************************************
reads or writes an LSA_SECRET_INFO structure.
********************************************************************/
-BOOL lsa_io_secret_info(char *desc, LSA_SECRET_INFO *info, prs_struct *ps, int depth)
+BOOL lsa_io_secret_info(char *desc, LSA_SECRET_INFO * info, prs_struct * ps,
+ int depth)
{
- if (info == NULL) return False;
+ if (info == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_secret_info");
depth++;
prs_align(ps);
- prs_uint32("ptr_value ", ps, depth, &(info->ptr_value ));
+ prs_uint32("ptr_value ", ps, depth, &(info->ptr_value));
if (info->ptr_value != 0)
{
/*******************************************************************
reads or writes an LSA_SECRET structure.
********************************************************************/
-BOOL lsa_io_secret(char *desc, LSA_SECRET *q_q, prs_struct *ps, int depth)
+BOOL lsa_io_secret(char *desc, LSA_SECRET * q_q, prs_struct * ps, int depth)
{
- if (q_q == NULL) return False;
+ if (q_q == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_secret");
depth++;
/*******************************************************************
makes an LSA_Q_QUERY_SECRET structure.
********************************************************************/
-BOOL make_q_query_secret(LSA_Q_QUERY_SECRET *q_q, POLICY_HND *pol)
+BOOL make_q_query_secret(LSA_Q_QUERY_SECRET * q_q, POLICY_HND *pol,
+ const STRING2 *secret, const NTTIME * update)
{
- if (q_q == NULL) return False;
+ if (q_q == NULL)
+ return False;
- DEBUG(5,("make_q_query_secret\n"));
+ DEBUG(5, ("make_q_query_secret\n"));
memcpy(&(q_q->pol), pol, sizeof(q_q->pol));
/* Want secret */
- q_q->sec.curinfo.ptr_value = 1;
+ q_q->sec.curinfo.ptr_value = secret != NULL ? 1 : 0;
q_q->sec.curinfo.value.ptr_secret = 0;
/* Want last change time */
- q_q->sec.curinfo.ptr_update = 1;
+ q_q->sec.curinfo.ptr_update = update != NULL ? 1 : 0;
/* Don't care about old info */
q_q->sec.oldinfo.ptr_value = 0;
/*******************************************************************
reads or writes an LSA_Q_QUERY_SECRET structure.
********************************************************************/
-BOOL lsa_io_q_query_secret(char *desc, LSA_Q_QUERY_SECRET *q_q, prs_struct *ps, int depth)
+BOOL lsa_io_q_query_secret(char *desc, LSA_Q_QUERY_SECRET * q_q,
+ prs_struct * ps, int depth)
{
- if (q_q == NULL) return False;
+ if (q_q == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_query_secret");
depth++;
/*******************************************************************
reads or writes an LSA_Q_QUERY_SECRET structure.
********************************************************************/
-BOOL lsa_io_r_query_secret(char *desc, LSA_R_QUERY_SECRET *r_q, prs_struct *ps, int depth)
+BOOL lsa_io_r_query_secret(char *desc, LSA_R_QUERY_SECRET * r_q,
+ prs_struct * ps, int depth)
{
- if (r_q == NULL) return False;
+ if (r_q == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_query_secret");
depth++;
/*******************************************************************
reads or writes an LSA_Q_SET_SECRET structure.
********************************************************************/
-BOOL lsa_io_q_set_secret(char *desc, LSA_Q_SET_SECRET *q_q, prs_struct *ps, int depth)
+BOOL lsa_io_q_set_secret(char *desc, LSA_Q_SET_SECRET * q_q, prs_struct * ps,
+ int depth)
{
- if (q_q == NULL) return False;
+ if (q_q == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_set_secret");
depth++;
/*******************************************************************
reads or writes an LSA_Q_SET_SECRET structure.
********************************************************************/
-BOOL lsa_io_r_set_secret(char *desc, LSA_R_SET_SECRET *r_q, prs_struct *ps, int depth)
+BOOL lsa_io_r_set_secret(char *desc, LSA_R_SET_SECRET * r_q, prs_struct * ps,
+ int depth)
{
- if (r_q == NULL) return False;
+ if (r_q == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_set_secret");
depth++;
/*******************************************************************
makes an LSA_Q_ENUM_TRUST_DOM structure.
********************************************************************/
-BOOL make_q_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
- POLICY_HND *pol,
- uint32 enum_context, uint32 preferred_len)
+BOOL make_q_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM * q_e,
+ POLICY_HND *pol,
+ uint32 enum_context, uint32 preferred_len)
{
- if (q_e == NULL) return False;
+ if (q_e == NULL)
+ return False;
- DEBUG(5,("make_q_enum_trust_dom\n"));
+ DEBUG(5, ("make_q_enum_trust_dom\n"));
memcpy(&(q_e->pol), pol, sizeof(q_e->pol));
q_e->enum_context = enum_context;
/*******************************************************************
reads or writes an LSA_Q_ENUM_TRUST_DOM structure.
********************************************************************/
-BOOL lsa_io_q_enum_trust_dom(char *desc, LSA_Q_ENUM_TRUST_DOM *q_e, prs_struct *ps, int depth)
+BOOL lsa_io_q_enum_trust_dom(char *desc, LSA_Q_ENUM_TRUST_DOM * q_e,
+ prs_struct * ps, int depth)
{
- if (q_e == NULL) return False;
+ if (q_e == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_enum_trust_dom");
depth++;
smb_io_pol_hnd("", &(q_e->pol), ps, depth);
- prs_uint32("enum_context ", ps, depth, &(q_e->enum_context ));
+ prs_uint32("enum_context ", ps, depth, &(q_e->enum_context));
prs_uint32("preferred_len", ps, depth, &(q_e->preferred_len));
return True;
/*******************************************************************
makes an LSA_R_ENUM_TRUST_DOM structure.
********************************************************************/
-BOOL make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e, int32 enum_context,
- uint32 num_domains,
- UNISTR2 *domain_names, DOM_SID **domain_sids,
+BOOL make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM * r_e, int32 enum_context,
+ uint32 num_domains,
+ UNISTR2 * domain_names, DOM_SID ** domain_sids,
uint32 status)
{
- if (r_e == NULL) return False;
+ if (r_e == NULL)
+ return False;
- DEBUG(5,("make_r_enum_trust_dom\n"));
+ DEBUG(5, ("make_r_enum_trust_dom\n"));
r_e->enum_context = enum_context;
{
uint32 i;
- r_e->num_domains = num_domains;
+ r_e->num_domains = num_domains;
r_e->ptr_enum_domains = 1;
r_e->num_domains2 = num_domains;
{
make_unihdr2_from_unistr2(&(r_e->hdr_domain_name[i]),
&(domain_names[i]));
- make_dom_sid2(&(r_e->domain_sid[i]),
- domain_sids[i]);
+ make_dom_sid2(&(r_e->domain_sid[i]), domain_sids[i]);
}
}
else
/*******************************************************************
reads or writes an LSA_R_ENUM_TRUST_DOM structure.
********************************************************************/
-BOOL lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth)
+BOOL lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM * r_e,
+ prs_struct * ps, int depth)
{
- if (r_e == NULL) return False;
+ if (r_e == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_enum_trust_dom");
depth++;
- prs_uint32("enum_context ", ps, depth, &(r_e->enum_context ));
- prs_uint32("num_domains ", ps, depth, &(r_e->num_domains ));
+ prs_uint32("enum_context ", ps, depth, &(r_e->enum_context));
+ prs_uint32("num_domains ", ps, depth, &(r_e->num_domains));
prs_uint32("ptr_enum_domains", ps, depth, &(r_e->ptr_enum_domains));
if (r_e->ptr_enum_domains != 0)
for (i = 0; i < num_domains; i++)
{
- smb_io_unihdr2 ("", &(r_e->hdr_domain_name[i]), ps, depth);
+ smb_io_unihdr2("", &(r_e->hdr_domain_name[i]), ps,
+ depth);
}
for (i = 0; i < num_domains; i++)
{
- smb_io_unistr2 ("", &(r_e->uni_domain_name[i] ), r_e->hdr_domain_name[i].buffer, ps, depth);
+ smb_io_unistr2("", &(r_e->uni_domain_name[i]),
+ r_e->hdr_domain_name[i].buffer, ps,
+ depth);
prs_align(ps);
smb_io_dom_sid2("", &(r_e->domain_sid[i]), ps, depth);
}
prs_uint32("status", ps, depth, &(r_e->status));
- if (! ps->io)
+ if (!ps->io)
{
r_e->uni_domain_name = NULL;
lsa_free_r_enum_trust_dom(r_e);
return True;
}
-void lsa_free_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e)
+void lsa_free_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM * r_e)
{
if (r_e == NULL)
{
/*******************************************************************
reads or writes an LSA_R_QUERY_INFO structure.
********************************************************************/
-BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth)
+BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO * r_q, prs_struct * ps,
+ int depth)
{
- if (r_q == NULL) return False;
+ if (r_q == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_query");
depth++;
{
case 3:
{
- smb_io_dom_query_3("", &(r_q->dom.id3), ps, depth);
+ smb_io_dom_query_3("", &(r_q->dom.id3), ps,
+ depth);
break;
}
case 5:
{
- smb_io_dom_query_5("", &(r_q->dom.id3), ps, depth);
+ smb_io_dom_query_5("", &(r_q->dom.id3), ps,
+ depth);
break;
}
default:
/*******************************************************************
makes a LSA_SID_ENUM structure.
********************************************************************/
-BOOL make_lsa_sid_enum(LSA_SID_ENUM *sen, uint32 num_entries, DOM_SID **sids)
+BOOL make_lsa_sid_enum(LSA_SID_ENUM * sen, uint32 num_entries,
+ DOM_SID ** sids)
{
uint32 i, i2;
- if (sen == NULL || sids == NULL) return False;
+ if (sen == NULL || sids == NULL)
+ return False;
- DEBUG(5,("make_lsa_sid_enum\n"));
+ DEBUG(5, ("make_lsa_sid_enum\n"));
- sen->num_entries = num_entries;
+ sen->num_entries = num_entries;
sen->ptr_sid_enum = num_entries != 0 ? 1 : 0;
sen->num_entries2 = num_entries;
/*******************************************************************
reads or writes a LSA_SID_ENUM structure.
********************************************************************/
-static BOOL lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen,
- prs_struct *ps, int depth)
+static BOOL lsa_io_sid_enum(char *desc, LSA_SID_ENUM * sen,
+ prs_struct * ps, int depth)
{
uint32 i;
- if (sen == NULL) return False;
+ if (sen == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_sid_enum");
depth++;
prs_align(ps);
-
+
prs_uint32("num_entries ", ps, depth, &(sen->num_entries));
- prs_uint32("ptr_sid_enum", ps, depth, &(sen->ptr_sid_enum));
- prs_uint32("num_entries2", ps, depth, &(sen->num_entries2));
+ prs_uint32("ptr_sid_enum", ps, depth, &(sen->ptr_sid_enum));
+ prs_uint32("num_entries2", ps, depth, &(sen->num_entries2));
SMB_ASSERT_ARRAY(sen->ptr_sid, sen->num_entries);
for (i = 0; i < sen->num_entries; i++)
- {
+ {
fstring temp;
slprintf(temp, sizeof(temp) - 1, "ptr_sid[%d]", i);
- prs_uint32(temp, ps, depth, &(sen->ptr_sid[i])); /* domain SID pointers to be looked up. */
+ prs_uint32(temp, ps, depth, &(sen->ptr_sid[i])); /* domain SID pointers to be looked up. */
}
SMB_ASSERT_ARRAY(sen->sid, sen->num_entries);
{
fstring temp;
slprintf(temp, sizeof(temp) - 1, "sid[%d]", i);
- smb_io_dom_sid2(temp, &(sen->sid[i]), ps, depth); /* domain SIDs to be looked up. */
+ smb_io_dom_sid2(temp, &(sen->sid[i]), ps, depth); /* domain SIDs to be looked up. */
}
return True;
/*******************************************************************
reads or writes a structure.
********************************************************************/
-static BOOL lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn,
- prs_struct *ps, int depth)
+static BOOL lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM * trn,
+ prs_struct * ps, int depth)
{
uint32 i;
- if (trn == NULL) return False;
+ if (trn == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_trans_names");
depth++;
prs_align(ps);
-
+
prs_uint32("num_entries ", ps, depth, &(trn->num_entries));
prs_uint32("ptr_trans_names", ps, depth, &(trn->ptr_trans_names));
if (trn->ptr_trans_names != 0)
{
- prs_uint32("num_entries2 ", ps, depth, &(trn->num_entries2));
+ prs_uint32("num_entries2 ", ps, depth,
+ &(trn->num_entries2));
SMB_ASSERT_ARRAY(trn->name, trn->num_entries);
for (i = 0; i < trn->num_entries2; i++)
fstring t;
slprintf(t, sizeof(t) - 1, "name[%d] ", i);
- lsa_io_trans_name(t, &(trn->name[i]), ps, depth); /* translated name */
+ lsa_io_trans_name(t, &(trn->name[i]), ps, depth); /* translated name */
}
for (i = 0; i < trn->num_entries2; i++)
fstring t;
slprintf(t, sizeof(t) - 1, "name[%d] ", i);
- smb_io_unistr2(t, &(trn->uni_name[i]), trn->name[i].hdr_name.buffer, ps, depth);
+ smb_io_unistr2(t, &(trn->uni_name[i]),
+ trn->name[i].hdr_name.buffer, ps,
+ depth);
prs_align(ps);
}
}
/*******************************************************************
makes a structure.
********************************************************************/
-BOOL make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
- int num_sids, DOM_SID **sids,
- uint16 level)
+BOOL make_q_lookup_sids(LSA_Q_LOOKUP_SIDS * q_l, POLICY_HND *hnd,
+ int num_sids, DOM_SID ** sids, uint16 level)
{
- if (q_l == NULL) return False;
+ if (q_l == NULL)
+ return False;
- DEBUG(5,("make_q_lookup_sids\n"));
+ DEBUG(5, ("make_q_lookup_sids\n"));
memcpy(&(q_l->pol), hnd, sizeof(q_l->pol));
make_lsa_sid_enum(&(q_l->sids), num_sids, sids);
q_l->names.ptr_trans_names = 0;
- q_l->names.num_entries = 0;
+ q_l->names.num_entries = 0;
q_l->level.value = level;
/*******************************************************************
reads or writes a LSA_Q_LOOKUP_SIDS structure.
********************************************************************/
-BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth)
+BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS * q_s,
+ prs_struct * ps, int depth)
{
- if (q_s == NULL) return False;
+ if (q_s == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_lookup_sids");
depth++;
prs_align(ps);
-
- smb_io_pol_hnd ("pol_hnd", &(q_s->pol), ps, depth); /* policy handle */
- lsa_io_sid_enum ("sids ", &(q_s->sids ), ps, depth); /* sids to be looked up */
- lsa_io_trans_names ("names ", &(q_s->names ), ps, depth); /* translated names */
- smb_io_lookup_level("switch ", &(q_s->level ), ps, depth); /* lookup level */
+
+ smb_io_pol_hnd("pol_hnd", &(q_s->pol), ps, depth); /* policy handle */
+ lsa_io_sid_enum("sids ", &(q_s->sids), ps, depth); /* sids to be looked up */
+ lsa_io_trans_names("names ", &(q_s->names), ps, depth); /* translated names */
+ smb_io_lookup_level("switch ", &(q_s->level), ps, depth); /* lookup level */
prs_uint32("mapped_count", ps, depth, &(q_s->mapped_count));
/*******************************************************************
reads or writes a structure.
********************************************************************/
-BOOL lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth)
+BOOL lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS * r_s,
+ prs_struct * ps, int depth)
{
- if (r_s == NULL) return False;
+ if (r_s == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_lookup_sids");
depth++;
prs_align(ps);
-
+
prs_uint32("ptr_dom_ref", ps, depth, &(r_s->ptr_dom_ref));
if (r_s->ptr_dom_ref != 0)
{
- lsa_io_dom_r_ref ("dom_ref", r_s->dom_ref, ps, depth); /* domain reference info */
+ lsa_io_dom_r_ref("dom_ref", r_s->dom_ref, ps, depth); /* domain reference info */
}
- lsa_io_trans_names("names ", r_s->names , ps, depth); /* translated names */
+ lsa_io_trans_names("names ", r_s->names, ps, depth); /* translated names */
prs_align(ps);
/*******************************************************************
makes a structure.
********************************************************************/
-BOOL make_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd,
- uint32 num_names, char **names)
+BOOL make_q_lookup_names(LSA_Q_LOOKUP_NAMES * q_l, POLICY_HND *hnd,
+ uint32 num_names, char **names)
{
uint32 i;
- if (q_l == NULL) return False;
+ if (q_l == NULL)
+ return False;
- DEBUG(5,("make_q_lookup_names\n"));
+ DEBUG(5, ("make_q_lookup_names\n"));
memcpy(&(q_l->pol), hnd, sizeof(q_l->pol));
- q_l->num_entries = num_names;
- q_l->num_entries2 = num_names;
+ q_l->num_entries = num_names;
+ q_l->num_entries2 = num_names;
SMB_ASSERT_ARRAY(q_l->uni_name, q_l->num_entries);
for (i = 0; i < num_names; i++)
{
- const char* name = names[i];
+ const char *name = names[i];
int len = strlen(name);
make_uni_hdr(&q_l->hdr_name[i], len);
make_unistr2(&q_l->uni_name[i], name, len);
}
- q_l->num_trans_entries = 0;
- q_l->ptr_trans_sids = 0;
+ q_l->num_trans_entries = 0;
+ q_l->ptr_trans_sids = 0;
q_l->lookup_level = 1;
q_l->mapped_count = 0;
/*******************************************************************
reads or writes a structure.
********************************************************************/
-BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, int depth)
+BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES * q_r,
+ prs_struct * ps, int depth)
{
uint32 i;
- if (q_r == NULL) return False;
+ if (q_r == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_lookup_names");
depth++;
prs_align(ps);
-
- smb_io_pol_hnd("", &(q_r->pol), ps, depth); /* policy handle */
+
+ smb_io_pol_hnd("", &(q_r->pol), ps, depth); /* policy handle */
prs_uint32("num_entries ", ps, depth, &(q_r->num_entries));
prs_uint32("num_entries2 ", ps, depth, &(q_r->num_entries2));
for (i = 0; i < q_r->num_entries; i++)
{
- smb_io_unihdr("hdr_name", &(q_r->hdr_name[i]), ps, depth); /* pointer names */
+ smb_io_unihdr("hdr_name", &(q_r->hdr_name[i]), ps, depth); /* pointer names */
}
for (i = 0; i < q_r->num_entries; i++)
{
- smb_io_unistr2("dom_name", &(q_r->uni_name[i]), q_r->hdr_name[i].buffer, ps, depth); /* names to be looked up */
+ smb_io_unistr2("dom_name", &(q_r->uni_name[i]),
+ q_r->hdr_name[i].buffer, ps, depth); /* names to be looked up */
prs_align(ps);
}
- prs_uint32("num_trans_entries ", ps, depth, &(q_r->num_trans_entries));
+ prs_uint32("num_trans_entries ", ps, depth,
+ &(q_r->num_trans_entries));
prs_uint32("ptr_trans_sids ", ps, depth, &(q_r->ptr_trans_sids));
- prs_uint32("lookup_level ", ps, depth, &(q_r->lookup_level ));
- prs_uint32("mapped_count ", ps, depth, &(q_r->mapped_count ));
+ prs_uint32("lookup_level ", ps, depth, &(q_r->lookup_level));
+ prs_uint32("mapped_count ", ps, depth, &(q_r->mapped_count));
return True;
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
-BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth)
+BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES * r_r,
+ prs_struct * ps, int depth)
{
uint32 i;
- if (r_r == NULL) return False;
+ if (r_r == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_lookup_names");
depth++;
prs_align(ps);
-
+
prs_uint32("ptr_dom_ref", ps, depth, &(r_r->ptr_dom_ref));
if (r_r->ptr_dom_ref != 0)
{
for (i = 0; i < r_r->num_entries2; i++)
{
- smb_io_dom_rid2("", &(r_r->dom_rid[i]), ps, depth); /* domain RIDs being looked up */
+ smb_io_dom_rid2("", &(r_r->dom_rid[i]), ps, depth); /* domain RIDs being looked up */
}
}
/*******************************************************************
makes an LSA_Q_CLOSE structure.
********************************************************************/
-BOOL make_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd)
+BOOL make_lsa_q_close(LSA_Q_CLOSE * q_c, POLICY_HND *hnd)
{
- if (q_c == NULL || hnd == NULL) return False;
+ if (q_c == NULL || hnd == NULL)
+ return False;
- DEBUG(5,("make_lsa_q_close\n"));
+ DEBUG(5, ("make_lsa_q_close\n"));
memcpy(&(q_c->pol), hnd, sizeof(q_c->pol));
/*******************************************************************
reads or writes an LSA_Q_CLOSE structure.
********************************************************************/
-BOOL lsa_io_q_close(char *desc, LSA_Q_CLOSE *q_c, prs_struct *ps, int depth)
+BOOL lsa_io_q_close(char *desc, LSA_Q_CLOSE * q_c, prs_struct * ps, int depth)
{
- if (q_c == NULL) return False;
+ if (q_c == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_q_close");
depth++;
/*******************************************************************
reads or writes an LSA_R_CLOSE structure.
********************************************************************/
-BOOL lsa_io_r_close(char *desc, LSA_R_CLOSE *r_c, prs_struct *ps, int depth)
+BOOL lsa_io_r_close(char *desc, LSA_R_CLOSE * r_c, prs_struct * ps, int depth)
{
- if (r_c == NULL) return False;
+ if (r_c == NULL)
+ return False;
prs_debug(ps, depth, desc, "lsa_io_r_close");
depth++;
return True;
}
-
fstrcat(srv_name, info->dest_host);
strupper(srv_name);
+ ZERO_STRUCT(secret);
+
if (argc > 2)
{
report(out_hnd, "querysecret <secret name>\n");
secret_name = argv[1];
- if (msrpc_lsa_query_secret(srv_name, secret_name, &secret, &last_update))
+ if (msrpc_lsa_query_secret(srv_name, secret_name, NULL, &last_update))
{
int i;
report(out_hnd, "\tValue : ");
extern struct user_creds *usr_creds;
-extern FILE* out_hnd;
+extern FILE *out_hnd;
/****************************************************************************
****************************************************************************/
void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[])
{
-#if 0
- extern BOOL global_machine_password_needs_changing;
-#endif
-
fstring nt_user_name;
BOOL res = True;
char *nt_password;
}
if (nt_user_name[0] == 0)
{
- report(out_hnd,"ntlogin: must specify username with anonymous connection\n");
- report(out_hnd,"ntlogin [[DOMAIN\\]user] [password]\n");
+ report(out_hnd,
+ "ntlogin: must specify username with anonymous connection\n");
+ report(out_hnd,
+ "ntlogin [[DOMAIN\\]user] [password]\n");
return;
}
}
if (p != NULL)
{
*p = 0;
- fstrcpy(nt_user_name, p+1);
+ fstrcpy(nt_user_name, p + 1);
}
-
+
}
if (domain[0] == 0)
{
- report(out_hnd,"no domain specified.\n");
+ report(out_hnd, "no domain specified.\n");
}
argc--;
nt_lm_owf_gen(nt_password, nt_pw, lm_pw);
- DEBUG(5,("do_nt_login_test: username %s from: %s\n",
- nt_user_name, info->myhostname));
+ DEBUG(5, ("do_nt_login_test: username %s from: %s\n",
+ nt_user_name, info->myhostname));
fstrcpy(trust_acct, info->myhostname);
fstrcat(trust_acct, "$");
res = res ? msrpc_lsa_query_trust_passwd(wks_name, "$MACHINE.ACC",
- trust_passwd) : False;
+ trust_passwd, NULL) : False;
res = res ? cli_nt_setup_creds(srv_name, domain, info->myhostname,
- trust_acct,
- trust_passwd, SEC_CHAN_WKSTA) == 0x0 : False;
-
-#if 0
- /* change the trust password? */
- if (global_machine_password_needs_changing)
- {
- uchar new_trust_passwd[16];
- generate_random_buffer(new_trust_passwd, 16, True);
- res = res ? cli_nt_srv_pwset(srv_name, info->myhostname, new_trust_passwd, SEC_CHAN_WKSTA) : False;
-
- if (res)
- {
- global_machine_password_needs_changing = !set_trust_account_password(new_trust_passwd);
- }
+ trust_acct,
+ trust_passwd,
+ SEC_CHAN_WKSTA) == 0x0 : False;
- memset(new_trust_passwd, 0, 16);
- }
-#endif
memset(trust_passwd, 0, 16);
/* do an NT login */
res = res ? (cli_nt_login_interactive(srv_name, info->myhostname,
- domain, nt_user_name,
- getuid(), lm_pw, nt_pw,
- &info->dom.ctr, &info->dom.user_info3) == 0x0) : False;
+ domain, nt_user_name,
+ getuid(), lm_pw, nt_pw,
+ &info->dom.ctr,
+ &info->dom.user_info3) ==
+ 0x0) : False;
#if 0
/* ok! you're logged in! do anything you like, then... */
/* do an NT logout */
- res = res ? cli_nt_logoff(srv_name, info->myhostname, &info->dom.ctr) : False;
+ res =
+ res ? cli_nt_logoff(srv_name, info->myhostname,
+ &info->dom.ctr) : False;
#endif
- report(out_hnd,"cmd_nt_login: login (%s) test succeeded: %s\n",
- nt_user_name, BOOLSTR(res));
+ report(out_hnd, "cmd_nt_login: login (%s) test succeeded: %s\n",
+ nt_user_name, BOOLSTR(res));
}
/****************************************************************************
experimental nt login.
****************************************************************************/
-void cmd_netlogon_domain_test(struct client_info *info, int argc, char *argv[])
+void cmd_netlogon_domain_test(struct client_info *info, int argc,
+ char *argv[])
{
char *nt_trust_dom;
BOOL res = True;
if (argc < 2)
{
- report(out_hnd,"domtest: must specify domain name\n");
+ report(out_hnd, "domtest: must specify domain name\n");
return;
}
nt_trust_dom = argv[1];
- DEBUG(5,("do_nt_login_test: domain %s\n", nt_trust_dom));
+ DEBUG(5, ("do_nt_login_test: domain %s\n", nt_trust_dom));
fstrcpy(trust_sec_name, "G$$");
fstrcat(trust_sec_name, nt_trust_dom);
fstrcat(inter_dom_acct, "$");
res = res ? msrpc_lsa_query_trust_passwd(wks_name, trust_sec_name,
- trust_passwd) : False;
+ trust_passwd, NULL) : False;
res = res ? cli_nt_setup_creds(srv_name, domain,
- info->myhostname, inter_dom_acct,
- trust_passwd,
- SEC_CHAN_DOMAIN) == 0x0 : False;
+ info->myhostname, inter_dom_acct,
+ trust_passwd,
+ SEC_CHAN_DOMAIN) == 0x0 : False;
memset(trust_passwd, 0, 16);
- report(out_hnd,"cmd_nt_login: credentials (%s) test succeeded: %s\n",
- nt_trust_dom, BOOLSTR(res));
+ report(out_hnd, "cmd_nt_login: credentials (%s) test succeeded: %s\n",
+ nt_trust_dom, BOOLSTR(res));
}
/****************************************************************************
}
if (!msrpc_lsa_query_trust_passwd(wks_name, "$MACHINE.ACC",
- trust_passwd))
+ trust_passwd, NULL))
{
report(out_hnd, "cmd_sam_sync: no trust account password\n");
return;
}
if (net_sam_sync(srv_name, domain, info->myhostname,
- trust_acct, trust_passwd,
- hdr_deltas, deltas, &num))
+ trust_acct, trust_passwd, hdr_deltas, deltas, &num))
{
- display_sam_sync(out_hnd, ACTION_HEADER , hdr_deltas, deltas, num);
- display_sam_sync(out_hnd, ACTION_ENUMERATE, hdr_deltas, deltas, num);
- display_sam_sync(out_hnd, ACTION_FOOTER , hdr_deltas, deltas, num);
+ display_sam_sync(out_hnd, ACTION_HEADER, hdr_deltas, deltas,
+ num);
+ display_sam_sync(out_hnd, ACTION_ENUMERATE, hdr_deltas,
+ deltas, num);
+ display_sam_sync(out_hnd, ACTION_FOOTER, hdr_deltas, deltas,
+ num);
}
}
uint32 num_names;
BOOL found_one;
-}
-TDB_NAME_INFO;
+} TDB_NAME_INFO;
/******************************************************************
tdb_userlookup_names
TDB_CONTEXT *usr_tdb;
uint32 rid = strtoul(dpname, (char **)NULL, 16);
- DEBUG(10,("dom_user_traverse: %s\n", dpname));
+ DEBUG(10, ("dom_user_traverse: %s\n", dpname));
if (rid == 0)
{
UNISTR2 *uni_name;
uint32 num_rids;
BOOL found_one;
-} TDB_RID_INFO;
+}
+TDB_RID_INFO;
/******************************************************************
tdb_userlookup_rids
********************************************************************/
extern int DEBUGLEVEL;
-static BOOL tdb_lookup_group_mem(TDB_CONTEXT *tdb,
- uint32 rid,
- uint32 *num_rids,
- uint32 **rids,
- uint32 *num_types,
- uint32 **types)
+static BOOL tdb_lookup_group_mem(TDB_CONTEXT * tdb,
+ uint32 rid,
+ uint32 * num_rids,
+ uint32 ** rids,
+ uint32 * num_types, uint32 ** types)
{
prs_struct key;
prs_struct data;
return True;
}
-static BOOL tdb_lookup_group(TDB_CONTEXT *tdb,
- uint32 rid,
- GROUP_INFO1 *grp)
+static BOOL tdb_lookup_group(TDB_CONTEXT * tdb, uint32 rid, GROUP_INFO1 * grp)
{
prs_struct key;
prs_struct data;
return True;
}
-static BOOL tdb_store_group_mem(TDB_CONTEXT *tdb,
+static BOOL tdb_store_group_mem(TDB_CONTEXT * tdb,
uint32 rid,
- uint32 *num_rids,
- uint32 **rids,
- uint32 *num_types,
- uint32 **types)
+ uint32 * num_rids,
+ uint32 ** rids,
+ uint32 * num_types, uint32 ** types)
{
prs_struct key;
prs_struct data;
if (DEBUGLVL(10))
{
- DEBUG(10,("storing group members %x\n", rid));
+ DEBUG(10, ("storing group members %x\n", rid));
}
prs_init(&key, 0, 4, False);
if (!_prs_uint32("sid", &key, 0, &rid) ||
!samr_io_rids("rids", num_rids, rids, &data, 0) ||
!samr_io_rids("types", num_types, types, &data, 0) ||
- prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
+ prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
{
prs_free_data(&key);
prs_free_data(&data);
return True;
}
-static BOOL tdb_store_group(TDB_CONTEXT *tdb, uint32 rid, GROUP_INFO1 *grp)
+static BOOL tdb_store_group(TDB_CONTEXT * tdb, uint32 rid, GROUP_INFO1 * grp)
{
prs_struct key;
prs_struct data;
- DEBUG(10,("storing group %x\n", rid));
+ DEBUG(10, ("storing group %x\n", rid));
prs_init(&key, 0, 4, False);
prs_init(&data, 0, 4, False);
if (!_prs_uint32("rid", &key, 0, &rid) ||
!samr_io_group_info1("grp", grp, &data, 0) ||
- prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
+ prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
{
prs_free_data(&key);
prs_free_data(&data);
return True;
}
-static BOOL tdb_set_groupinfo_4(TDB_CONTEXT *tdb,
- uint32 rid,
- const UNISTR2 *uni_acct_desc)
+static BOOL tdb_set_groupinfo_4(TDB_CONTEXT * tdb,
+ uint32 rid, const UNISTR2 * uni_acct_desc)
{
GROUP_INFO1 grp;
TDB_CONTEXT *tdb = NULL;
/* find the policy handle. open a policy on it. */
- if (!get_tdbrid(get_global_hnd_cache(), pol, NULL, &tdb, NULL, &group_rid))
+ if (!get_tdbrid
+ (get_global_hnd_cache(), pol, NULL, &tdb, NULL, &group_rid))
{
return NT_STATUS_INVALID_HANDLE;
}
TDB_CONTEXT *tdb = NULL;
/* find the policy handle. open a policy on it. */
- if (!get_tdbrid(get_global_hnd_cache(), pol, NULL, &tdb, NULL, &group_rid))
+ if (!get_tdbrid
+ (get_global_hnd_cache(), pol, NULL, &tdb, NULL, &group_rid))
{
return NT_STATUS_INVALID_HANDLE;
}
uint32 group_rid;
TDB_CONTEXT *tdb = NULL;
- DEBUG(5,("samr_delete_dom_group: %d\n", __LINE__));
+ DEBUG(5, ("samr_delete_dom_group: %d\n", __LINE__));
/* find the policy handle. open a policy on it. */
- if (!get_tdbrid(get_global_hnd_cache(), group_pol, NULL, &tdb, NULL, &group_rid))
+ if (!get_tdbrid
+ (get_global_hnd_cache(), group_pol, NULL, &tdb, NULL, &group_rid))
{
return NT_STATUS_INVALID_HANDLE;
}
/*******************************************************************
samr_reply_query_groupmem
********************************************************************/
-uint32 _samr_query_groupmem(const POLICY_HND *group_pol,
- uint32 *num_mem,
- uint32 **rid,
- uint32 **attr)
+uint32 _samr_query_groupmem(const POLICY_HND *group_pol,
+ uint32 * num_mem, uint32 ** rid, uint32 ** attr)
{
TDB_CONTEXT *g_tdb = NULL;
int num_rids = 0;
uint32 group_rid;
- DEBUG(5,("samr_query_groupmem: %d\n", __LINE__));
+ DEBUG(5, ("samr_query_groupmem: %d\n", __LINE__));
(*rid) = NULL;
(*attr) = NULL;
(*num_mem) = 0;
/* find the policy handle. open a policy on it. */
- if (!get_tdbrid(get_global_hnd_cache(), group_pol, NULL, &g_tdb, NULL, &group_rid))
+ if (!get_tdbrid
+ (get_global_hnd_cache(), group_pol, NULL, &g_tdb, NULL,
+ &group_rid))
{
return NT_STATUS_INVALID_HANDLE;
}
- DEBUG(10,("lookup on Domain SID\n"));
+ DEBUG(10, ("lookup on Domain SID\n"));
#if 0
grp = getgrouprid(group_rid, &mem_grp, &num_rids);
#endif
- {
- return NT_STATUS_NO_SUCH_GROUP;
- }
+ {
+ return NT_STATUS_NO_SUCH_GROUP;
+ }
#if 0
if (num_rids > 0)
{
- (*rid) = malloc(num_rids * sizeof(uint32));
+ (*rid) = malloc(num_rids * sizeof(uint32));
(*attr) = malloc(num_rids * sizeof(uint32));
if (mem_grp != NULL && (*rid) != NULL && (*attr) != NULL)
{
int i;
for (i = 0; i < num_rids; i++)
{
- (*rid) [i] = mem_grp[i].rid;
+ (*rid)[i] = mem_grp[i].rid;
(*attr)[i] = mem_grp[i].attr;
}
}
samr_set_groupinfo
********************************************************************/
uint32 _samr_set_groupinfo(const POLICY_HND *pol,
- uint16 switch_level,
- const GROUP_INFO_CTR* ctr)
+ uint16 switch_level, const GROUP_INFO_CTR * ctr)
{
uint32 group_rid;
TDB_CONTEXT *tdb = NULL;
/* find the policy handle. open a policy on it. */
- if (!get_tdbrid(get_global_hnd_cache(), pol, NULL, &tdb, NULL, &group_rid))
+ if (!get_tdbrid
+ (get_global_hnd_cache(), pol, NULL, &tdb, NULL, &group_rid))
{
return NT_STATUS_INVALID_HANDLE;
}
case 4:
{
if (!tdb_set_groupinfo_4(tdb, group_rid,
- &ctr->group.info4.uni_acct_desc))
+ &ctr->group.info4.
+ uni_acct_desc))
{
return NT_STATUS_ACCESS_DENIED;
}
samr_reply_query_groupinfo
********************************************************************/
uint32 _samr_query_groupinfo(const POLICY_HND *pol,
- uint16 switch_level,
- GROUP_INFO_CTR* ctr)
+ uint16 switch_level, GROUP_INFO_CTR * ctr)
{
uint32 group_rid;
TDB_CONTEXT *tdb = NULL;
GROUP_INFO1 grp;
/* find the policy handle. open a policy on it. */
- if (!get_tdbrid(get_global_hnd_cache(), pol, NULL, &tdb, NULL, &group_rid))
+ if (!get_tdbrid
+ (get_global_hnd_cache(), pol, NULL, &tdb, NULL, &group_rid))
{
return NT_STATUS_INVALID_HANDLE;
}
{
ctr->switch_value1 = 4;
copy_unistr2(&ctr->group.info1.uni_acct_desc,
- &grp.uni_acct_desc);
+ &grp.uni_acct_desc);
make_uni_hdr(&ctr->group.info1.hdr_acct_desc,
- grp.uni_acct_desc.uni_str_len);
+ grp.uni_acct_desc.uni_str_len);
break;
}
default:
_samr_create_dom_group
********************************************************************/
uint32 _samr_create_dom_group(const POLICY_HND *domain_pol,
- const UNISTR2 *uni_acct_name,
- uint32 access_mask,
- POLICY_HND *group_pol, uint32 *group_rid)
+ const UNISTR2 * uni_acct_name,
+ uint32 access_mask,
+ POLICY_HND *group_pol, uint32 * group_rid)
{
DOM_SID dom_sid;
DOM_SID grp_sid;
/* find the domain sid associated with the policy handle */
if (!get_tdbdomsid(get_global_hnd_cache(), domain_pol,
- NULL, &tdb_grp, NULL,
- NULL, NULL, &dom_sid))
+ NULL, &tdb_grp, NULL, NULL, NULL, &dom_sid))
{
return NT_STATUS_INVALID_HANDLE;
}
- status1 = _samr_lookup_names(domain_pol, 1, 0x3e8, 1, uni_acct_name,
- &num_rids,
- &rid,
- &num_types,
- &type);
+ status1 = _samr_lookup_names(domain_pol, 1, 0x3e8, 1, uni_acct_name,
+ &num_rids, &rid, &num_types, &type);
if (status1 == NT_STATUS_NOPROBLEMO)
{
switch (type)
{
- case SID_NAME_USER: return NT_STATUS_USER_EXISTS;
- case SID_NAME_ALIAS: return NT_STATUS_ALIAS_EXISTS;
+ case SID_NAME_USER:
+ return NT_STATUS_USER_EXISTS;
+ case SID_NAME_ALIAS:
+ return NT_STATUS_ALIAS_EXISTS;
case SID_NAME_DOM_GRP:
- case SID_NAME_WKN_GRP: return NT_STATUS_GROUP_EXISTS;
- case SID_NAME_DOMAIN: return NT_STATUS_DOMAIN_EXISTS;
+ case SID_NAME_WKN_GRP:
+ return NT_STATUS_GROUP_EXISTS;
+ case SID_NAME_DOMAIN:
+ return NT_STATUS_DOMAIN_EXISTS;
default:
{
- DEBUG(3,("create group: unknown, ignoring\n"));
+ DEBUG(3,
+ ("create group: unknown, ignoring\n"));
break;
}
}
{
fstring grp_name;
- unistr2_to_ascii(grp_name, uni_acct_name, sizeof(grp_name)-1);
+ unistr2_to_ascii(grp_name, uni_acct_name,
+ sizeof(grp_name) - 1);
uxgrp = getgrnam(grp_name);
- DEBUG(10,("create group: %s\n", grp_name));
+ DEBUG(10, ("create group: %s\n", grp_name));
if (uxgrp == NULL)
{
- DEBUG(0,("create group: no unix group named %s\n",
- grp_name));
+ DEBUG(0, ("create group: no unix group named %s\n",
+ grp_name));
return NT_STATUS_ACCESS_DENIED;
}
}
/* create a User SID for the unix group */
if (!sursalg_unixid_to_sam_sid(uxgrp->gr_gid, SID_NAME_DOM_GRP,
- &grp_sid, True))
+ &grp_sid, True))
{
- DEBUG(0,("create group: unix gid %d to RID failed\n",
- uxgrp->gr_gid));
+ DEBUG(0, ("create group: unix gid %d to RID failed\n",
+ uxgrp->gr_gid));
return NT_STATUS_ACCESS_DENIED;
}
sid_copy(&sid, &grp_sid);
- if (!sid_split_rid(&sid, group_rid) ||
- !sid_equal(&dom_sid, &sid))
+ if (!sid_split_rid(&sid, group_rid) || !sid_equal(&dom_sid, &sid))
{
fstring tmp;
- DEBUG(0,("create group: invalid Group SID %s\n",
- sid_to_string(tmp, &grp_sid)));
+ DEBUG(0, ("create group: invalid Group SID %s\n",
+ sid_to_string(tmp, &grp_sid)));
return NT_STATUS_ACCESS_DENIED;
}
}
return samr_open_by_tdbrid(domain_pol, NULL, tdb_grp, NULL,
- group_pol, access_mask, *group_rid);
+ group_pol, access_mask, *group_rid);
#endif
}
_samr_open_group
********************************************************************/
uint32 _samr_open_group(const POLICY_HND *domain_pol, uint32 access_mask,
- uint32 group_rid,
- POLICY_HND *group_pol)
+ uint32 group_rid, POLICY_HND *group_pol)
{
DOM_SID dom_sid;
TDB_CONTEXT *tdb_grp = NULL;
GROUP_INFO1 grp;
if (!get_tdbdomsid(get_global_hnd_cache(), domain_pol,
- NULL, NULL, NULL,
- &tdb_grp, NULL, &dom_sid))
+ NULL, NULL, NULL, &tdb_grp, NULL, &dom_sid))
{
return NT_STATUS_INVALID_HANDLE;
}
return NT_STATUS_NO_SUCH_GROUP;
#if 0
return samr_open_by_tdbrid(domain_pol,
- NULL, tdb_grp, NULL,
- group_pol, access_mask, group_rid);
+ NULL, tdb_grp, NULL,
+ group_pol, access_mask, group_rid);
#endif
}
-
-
struct sam_passwd *sam_pass;
DOM_SID sid;
+ /* set up the SAMR open_user response */
+ bzero(user_pol->data, POL_HND_SIZE);
+
/* find the policy handle. open a policy on it. */
if (!get_policy_samr_sid(get_global_hnd_cache(), domain_pol, &sid))
{
/* check that the RID exists in our domain. */
if (sam_pass == NULL)
{
+ close_policy_hnd(get_global_hnd_cache(), user_pol);
return NT_STATUS_NO_SUCH_USER;
}
TDB_CONTEXT *als_tdb;
DOM_SID sid;
-} TDB_DOM_INFO;
+}
+TDB_DOM_INFO;
typedef struct tdb_sid_info
{
TDB_CONTEXT *tdb;
DOM_SID sid;
-} TDB_SID_INFO;
+}
+TDB_SID_INFO;
typedef struct tdb_rid_info
{
TDB_CONTEXT *als_tdb;
uint32 rid;
-} TDB_RID_INFO;
+}
+TDB_RID_INFO;
typedef struct tdb_sam_info
{
TDB_CONTEXT *tdb;
-} TDB_SAM_INFO;
+}
+TDB_SAM_INFO;
static void free_tdbdom_info(void *dev)
{
- TDB_DOM_INFO *tdbi = (TDB_DOM_INFO *)dev;
- DEBUG(10,("free dom info \n"));
+ TDB_DOM_INFO *tdbi = (TDB_DOM_INFO *) dev;
+ DEBUG(10, ("free dom info \n"));
if (tdbi->usr_tdb != NULL)
{
tdb_close(tdbi->usr_tdb);
static void free_tdbrid_info(void *dev)
{
- TDB_RID_INFO *tdbi = (TDB_RID_INFO *)dev;
- DEBUG(10,("free rid info\n"));
+ TDB_RID_INFO *tdbi = (TDB_RID_INFO *) dev;
+ DEBUG(10, ("free rid info\n"));
if (tdbi->usr_tdb != NULL)
{
tdb_close(tdbi->usr_tdb);
static void free_tdbsam_info(void *dev)
{
- TDB_SAM_INFO *tdbi = (TDB_SAM_INFO *)dev;
- DEBUG(10,("free sam info\n"));
+ TDB_SAM_INFO *tdbi = (TDB_SAM_INFO *) dev;
+ DEBUG(10, ("free sam info\n"));
if (tdbi->tdb != NULL)
{
tdb_close(tdbi->tdb);
static void free_tdbsid_info(void *dev)
{
- TDB_SID_INFO *tdbi = (TDB_SID_INFO *)dev;
- DEBUG(10,("free policy connection\n"));
+ TDB_SID_INFO *tdbi = (TDB_SID_INFO *) dev;
+ DEBUG(10, ("free policy connection\n"));
if (tdbi->tdb != NULL)
{
tdb_close(tdbi->tdb);
set samr rid
****************************************************************************/
BOOL set_tdbrid(struct policy_cache *cache, POLICY_HND *hnd,
- TDB_CONTEXT *usr_tdb,
- TDB_CONTEXT *grp_tdb,
- TDB_CONTEXT *als_tdb,
- uint32 rid)
+ TDB_CONTEXT * usr_tdb,
+ TDB_CONTEXT * grp_tdb, TDB_CONTEXT * als_tdb, uint32 rid)
{
TDB_RID_INFO *dev = malloc(sizeof(*dev));
dev->usr_tdb = usr_tdb;
dev->grp_tdb = grp_tdb;
dev->als_tdb = als_tdb;
- if (set_policy_state(cache, hnd, NULL, /*free_tdbrid_info*/
- (void*)dev))
+ if (set_policy_state(cache, hnd, NULL, /*free_tdbrid_info */
+ (void *)dev))
{
- DEBUG(3,("Service setting policy rid=%x\n", rid));
+ DEBUG(3, ("Service setting policy rid=%x\n", rid));
return True;
}
free(dev);
return False;
}
- DEBUG(3,("Error setting policy rid\n"));
+ DEBUG(3, ("Error setting policy rid\n"));
return False;
}
get samr rid
****************************************************************************/
BOOL get_tdbrid(struct policy_cache *cache, const POLICY_HND *hnd,
- TDB_CONTEXT **usr_tdb,
- TDB_CONTEXT **grp_tdb,
- TDB_CONTEXT **als_tdb,
- uint32 *rid)
+ TDB_CONTEXT ** usr_tdb,
+ TDB_CONTEXT ** grp_tdb, TDB_CONTEXT ** als_tdb, uint32 * rid)
{
- TDB_RID_INFO *dev = (TDB_RID_INFO*)get_policy_state_info(cache, hnd);
+ TDB_RID_INFO *dev =
+ (TDB_RID_INFO *) get_policy_state_info(cache, hnd);
if (dev != NULL)
{
if (rid != NULL)
{
(*rid) = dev->rid;
- DEBUG(3,("Service getting policy rid=%x\n", (*rid)));
+ DEBUG(3, ("Service getting policy rid=%x\n", (*rid)));
}
if (usr_tdb != NULL)
{
return True;
}
- DEBUG(3,("Error getting policy rid\n"));
+ DEBUG(3, ("Error getting policy rid\n"));
return False;
}
set samr sid
****************************************************************************/
BOOL set_tdbsam(struct policy_cache *cache, POLICY_HND *hnd,
- TDB_CONTEXT *tdb)
+ TDB_CONTEXT * tdb)
{
pstring sidstr;
TDB_SAM_INFO *dev = malloc(sizeof(*dev));
{
dev->tdb = tdb;
- if (set_policy_state(cache, hnd, free_tdbsam_info, (void*)dev))
+ if (set_policy_state
+ (cache, hnd, free_tdbsam_info, (void *)dev))
{
- DEBUG(3,("Service setting policy sid=%s\n", sidstr));
+ DEBUG(3, ("Service setting policy sid=%s\n", sidstr));
return True;
}
free(dev);
return False;
}
- DEBUG(3,("Error setting policy sid\n"));
+ DEBUG(3, ("Error setting policy sid\n"));
return False;
}
get samr sid
****************************************************************************/
BOOL get_tdbsam(struct policy_cache *cache, const POLICY_HND *hnd,
- TDB_CONTEXT **tdb)
+ TDB_CONTEXT ** tdb)
{
- TDB_SAM_INFO *dev = (TDB_SAM_INFO*)get_policy_state_info(cache, hnd);
+ TDB_SAM_INFO *dev =
+ (TDB_SAM_INFO *) get_policy_state_info(cache, hnd);
if (dev != NULL)
{
return True;
}
- DEBUG(3,("Error getting policy sid\n"));
+ DEBUG(3, ("Error getting policy sid\n"));
return False;
}
set samr sid
****************************************************************************/
BOOL set_tdbdomsid(struct policy_cache *cache, POLICY_HND *hnd,
- TDB_CONTEXT *usr_tdb,
- TDB_CONTEXT *usg_tdb,
- TDB_CONTEXT *usa_tdb,
- TDB_CONTEXT *grp_tdb,
- TDB_CONTEXT *als_tdb,
- const DOM_SID *sid)
+ TDB_CONTEXT * usr_tdb,
+ TDB_CONTEXT * usg_tdb,
+ TDB_CONTEXT * usa_tdb,
+ TDB_CONTEXT * grp_tdb,
+ TDB_CONTEXT * als_tdb, const DOM_SID * sid)
{
pstring sidstr;
TDB_DOM_INFO *dev;
dev = malloc(sizeof(*dev));
- DEBUG(3,("Setting policy sid=%s\n", sid_to_string(sidstr, sid)));
+ DEBUG(3, ("Setting policy sid=%s\n", sid_to_string(sidstr, sid)));
if (dev != NULL)
{
dev->grp_tdb = grp_tdb;
dev->als_tdb = als_tdb;
- if (set_policy_state(cache, hnd, free_tdbdom_info, (void*)dev))
+ if (set_policy_state
+ (cache, hnd, free_tdbdom_info, (void *)dev))
{
- DEBUG(3,("Service setting policy sid=%s\n", sidstr));
+ DEBUG(3, ("Service setting policy sid=%s\n", sidstr));
return True;
}
free(dev);
return False;
}
- DEBUG(3,("Error setting policy sid\n"));
+ DEBUG(3, ("Error setting policy sid\n"));
return False;
}
get samr sid
****************************************************************************/
BOOL get_tdbdomsid(struct policy_cache *cache, const POLICY_HND *hnd,
- TDB_CONTEXT **usr_tdb,
- TDB_CONTEXT **usg_tdb,
- TDB_CONTEXT **usa_tdb,
- TDB_CONTEXT **grp_tdb,
- TDB_CONTEXT **als_tdb,
- DOM_SID *sid)
+ TDB_CONTEXT ** usr_tdb,
+ TDB_CONTEXT ** usg_tdb,
+ TDB_CONTEXT ** usa_tdb,
+ TDB_CONTEXT ** grp_tdb,
+ TDB_CONTEXT ** als_tdb, DOM_SID * sid)
{
- TDB_DOM_INFO *dev = (TDB_DOM_INFO*)get_policy_state_info(cache, hnd);
+ TDB_DOM_INFO *dev =
+ (TDB_DOM_INFO *) get_policy_state_info(cache, hnd);
if (dev != NULL)
{
pstring tmp;
if (sid != NULL)
- {
+ {
sid_copy(sid, &dev->sid);
- DEBUG(3,("Getting policy sid=%s\n",
- sid_to_string(tmp, sid)));
+ DEBUG(3, ("Getting policy sid=%s\n",
+ sid_to_string(tmp, sid)));
}
if (usr_tdb != NULL)
{
return True;
}
- DEBUG(3,("Error getting policy sid\n"));
+ DEBUG(3, ("Error getting policy sid\n"));
return False;
}
set samr sid
****************************************************************************/
BOOL set_tdbsid(struct policy_cache *cache, POLICY_HND *hnd,
- TDB_CONTEXT *tdb, const DOM_SID *sid)
+ TDB_CONTEXT * tdb, const DOM_SID * sid)
{
pstring sidstr;
TDB_SID_INFO *dev;
dev = malloc(sizeof(*dev));
- DEBUG(3,("Setting policy sid=%s\n", sid_to_string(sidstr, sid)));
+ DEBUG(3, ("Setting policy sid=%s\n", sid_to_string(sidstr, sid)));
if (dev != NULL)
{
sid_copy(&dev->sid, sid);
dev->tdb = tdb;
- if (set_policy_state(cache, hnd, free_tdbsid_info, (void*)dev))
+ if (set_policy_state
+ (cache, hnd, free_tdbsid_info, (void *)dev))
{
- DEBUG(3,("Service setting policy sid=%s\n", sidstr));
+ DEBUG(3, ("Service setting policy sid=%s\n", sidstr));
return True;
}
free(dev);
return False;
}
- DEBUG(3,("Error setting policy sid\n"));
+ DEBUG(3, ("Error setting policy sid\n"));
return False;
}
get samr sid
****************************************************************************/
BOOL get_tdbsid(struct policy_cache *cache, const POLICY_HND *hnd,
- TDB_CONTEXT **tdb, DOM_SID *sid)
+ TDB_CONTEXT ** tdb, DOM_SID * sid)
{
- TDB_SID_INFO *dev = (TDB_SID_INFO*)get_policy_state_info(cache, hnd);
+ TDB_SID_INFO *dev =
+ (TDB_SID_INFO *) get_policy_state_info(cache, hnd);
if (dev != NULL)
{
pstring tmp;
if (sid != NULL)
- {
+ {
sid_copy(sid, &dev->sid);
- DEBUG(3,("Getting policy sid=%s\n",
- sid_to_string(tmp, sid)));
+ DEBUG(3, ("Getting policy sid=%s\n",
+ sid_to_string(tmp, sid)));
}
if (tdb != NULL)
{
return True;
}
- DEBUG(3,("Error getting policy sid\n"));
+ DEBUG(3, ("Error getting policy sid\n"));
return False;
}
-TDB_CONTEXT *open_usr_db(const DOM_SID *sid, uint32 rid, int perms)
+TDB_CONTEXT *open_usr_db(const DOM_SID * sid, uint32 rid, int perms)
{
pstring tmp;
pstring usr;
sid_to_string(tmp, sid);
- slprintf(usr, sizeof(usr)-1, "%s/usr/%x", tmp, rid);
+ slprintf(usr, sizeof(usr) - 1, "%s/usr/%x", tmp, rid);
- return tdb_open(passdb_path(usr),0,0,perms, 0644);
+ return tdb_open(passdb_path(usr), 0, 0, perms, 0644);
}
/*******************************************************************
opens a samr entiry by rid, returns a policy handle.
********************************************************************/
-uint32 samr_open_user_tdb( const POLICY_HND *parent_pol,
- const DOM_SID *sid,
- TDB_CONTEXT *usr_tdb,
- POLICY_HND *pol,
- uint32 ace_perms, uint32 rid)
+uint32 samr_open_user_tdb(const POLICY_HND *parent_pol,
+ const DOM_SID * sid,
+ TDB_CONTEXT * usr_tdb,
+ POLICY_HND *pol, uint32 ace_perms, uint32 rid)
{
/* get a (unique) handle. open a policy on it. */
if (!open_policy_hnd_link(get_global_hnd_cache(),
- parent_pol, pol, ace_perms))
+ parent_pol, pol, ace_perms))
{
return NT_STATUS_ACCESS_DENIED;
}
if (usr_tdb == NULL && ace_perms == SEC_RIGHTS_MAXIMUM_ALLOWED)
{
- DEBUG(10,("samr_open_user_tdb: max perms requested\n"));
+ DEBUG(10, ("samr_open_user_tdb: max perms requested\n"));
usr_tdb = open_usr_db(sid, rid, O_RDWR);
if (usr_tdb == NULL)
BOOL perms_write;
perms_write = IS_BITS_SET_SOME(ace_perms,
- SEC_RIGHTS_WRITE_OWNER|SEC_RIGHTS_WRITE_DAC);
+ SEC_RIGHTS_WRITE_OWNER |
+ SEC_RIGHTS_WRITE_DAC);
perms_read = IS_BITS_SET_ALL(ace_perms, SEC_RIGHTS_READ);
- if (perms_write ) perms = O_WRONLY;
- if (perms_read ) perms = O_RDONLY;
- if (perms_write && perms_read) perms = O_RDWR;
+ if (perms_write)
+ perms = O_WRONLY;
+ if (perms_read)
+ perms = O_RDONLY;
+ if (perms_write && perms_read)
+ perms = O_RDWR;
usr_tdb = open_usr_db(sid, rid, O_RDWR);
}
return NT_STATUS_NOPROBLEMO;
}
-
extern int DEBUGLEVEL;
-uint32 initialise_dom_tdb(const DOM_SID *sid)
+uint32 initialise_dom_tdb(const DOM_SID * sid)
{
pstring usr;
pstring grp;
mkdir(passdb_path(tmp), 0755);
- slprintf(usr, sizeof(usr)-1, "%s/usr", tmp);
+ slprintf(usr, sizeof(usr) - 1, "%s/usr", tmp);
mkdir(passdb_path(usr), 0755);
- slprintf(grp, sizeof(grp)-1, "%s/grp", tmp);
+ slprintf(grp, sizeof(grp) - 1, "%s/grp", tmp);
mkdir(passdb_path(grp), 0755);
- slprintf(als, sizeof(als)-1, "%s/als", tmp);
+ slprintf(als, sizeof(als) - 1, "%s/als", tmp);
mkdir(passdb_path(als), 0755);
return NT_STATUS_NOPROBLEMO;
}
-static BOOL create_domain(TDB_CONTEXT *tdb, const char* domain,
- const DOM_SID *sid)
+static BOOL create_domain(TDB_CONTEXT * tdb, const char *domain,
+ const DOM_SID * sid)
{
prs_struct key;
prs_struct data;
sid_copy(&s, sid);
- DEBUG(10,("creating domain %s\n", domain));
+ DEBUG(10, ("creating domain %s\n", domain));
make_unistr2(&uni_domain, domain, strlen(domain));
if (!smb_io_unistr2("dom", &uni_domain, True, &key, 0) ||
!smb_io_dom_sid("sid", &s, &data, 0) ||
- prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
+ prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
{
prs_free_data(&key);
prs_free_data(&data);
return True;
}
-static uint32 init_dom_tdbs(const DOM_SID *sam_sid)
+static uint32 init_dom_tdbs(const DOM_SID * sam_sid)
{
uint32 status;
- DEBUG(0,("initialise_dom_tdb: TODO - create BUILTIN domain aliases\n"));
+ DEBUG(0,
+ ("initialise_dom_tdb: TODO - create BUILTIN domain aliases\n"));
status = initialise_dom_tdb(sam_sid);
- if (status != 0x0) return status;
+ if (status != 0x0)
+ return status;
status = initialise_dom_tdb(&global_sid_S_1_5_20);
return status;
}
/***************************************************************************
create various sam tdb databases, initialising them as necessary.
***************************************************************************/
-uint32 initialise_sam_tdb( const char* sam_name, const DOM_SID *sam_sid)
+uint32 initialise_sam_tdb(const char *sam_name, const DOM_SID * sam_sid)
{
pstring srv_db_name;
fstring dom_name;
return init_dom_tdbs(sam_sid);
}
- DEBUG(0,("initialise_sam_tdb: creating %s\n", srv_db_name));
+ DEBUG(0, ("initialise_sam_tdb: creating %s\n", srv_db_name));
/* create if not-exist with root-readwrite, all others read */
- sam_tdb = tdb_open(passdb_path("sam.tdb"),0,0,O_RDWR|O_CREAT,0644);
+ sam_tdb =
+ tdb_open(passdb_path("sam.tdb"), 0, 0, O_RDWR | O_CREAT,
+ 0644);
if (sam_tdb == NULL)
{
BOOL pwdbsam_initialise(void)
{
return initialise_sam_tdb(global_sam_name, &global_sam_sid) ==
- NT_STATUS_NOPROBLEMO;
+ NT_STATUS_NOPROBLEMO;
}
extern int DEBUGLEVEL;
#if 0
-static BOOL tdb_lookup_user_als(TDB_CONTEXT *tdb,
- const DOM_SID *sid,
- uint32 *num_rids,
- uint32 **rids)
+static BOOL tdb_lookup_user_als(TDB_CONTEXT * tdb,
+ const DOM_SID * sid,
+ uint32 * num_rids, uint32 ** rids)
{
prs_struct key;
prs_struct data;
return True;
}
-static BOOL tdb_lookup_user_grps(TDB_CONTEXT *tdb,
- uint32 rid,
- uint32 *num_gids,
- DOM_GID **gids)
+static BOOL tdb_lookup_user_grps(TDB_CONTEXT * tdb,
+ uint32 rid,
+ uint32 * num_gids, DOM_GID ** gids)
{
prs_struct key;
prs_struct data;
}
#endif
-BOOL tdb_lookup_user(TDB_CONTEXT *tdb, SAM_USER_INFO_21 *usr)
+BOOL tdb_lookup_user(TDB_CONTEXT * tdb, SAM_USER_INFO_21 * usr)
{
prs_struct key;
prs_struct data;
}
#if 0
-static BOOL tdb_store_user_grps(TDB_CONTEXT *tdb,
- uint32 rid, uint32 num_gids,
- DOM_GID *gids)
+static BOOL tdb_store_user_grps(TDB_CONTEXT * tdb,
+ uint32 rid, uint32 num_gids, DOM_GID * gids)
{
prs_struct key;
prs_struct data;
- DEBUG(10,("storing user group GIDs %x\n", rid));
+ DEBUG(10, ("storing user group GIDs %x\n", rid));
prs_init(&key, 0, 4, False);
prs_init(&data, 0, 4, False);
if (!_prs_uint32("rid", &key, 0, &rid) ||
!samr_io_gids("grps", &num_gids, &gids, &data, 0) ||
- prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
+ prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
{
prs_free_data(&key);
prs_free_data(&data);
return True;
}
-static BOOL tdb_store_user_als(TDB_CONTEXT *tdb,
- const DOM_SID *sid,
- uint32 num_rids,
- uint32 *rids)
+static BOOL tdb_store_user_als(TDB_CONTEXT * tdb,
+ const DOM_SID * sid,
+ uint32 num_rids, uint32 * rids)
{
prs_struct key;
prs_struct data;
if (DEBUGLVL(10))
{
- DEBUG(10,("storing user alias RIDs %s\n",
- sid_to_string(tmp, sid)));
+ DEBUG(10, ("storing user alias RIDs %s\n",
+ sid_to_string(tmp, sid)));
}
prs_init(&key, 0, 4, False);
if (!smb_io_dom_sid("sid", &s, &key, 0) ||
!samr_io_rids("rids", &num_rids, &rids, &data, 0) ||
- prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
+ prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
{
prs_free_data(&key);
prs_free_data(&data);
#endif
-static BOOL tdb_store_user(TDB_CONTEXT *tdb, SAM_USER_INFO_21 *usr)
+static BOOL tdb_store_user(TDB_CONTEXT * tdb, SAM_USER_INFO_21 * usr)
{
prs_struct key;
prs_struct data;
if (!_prs_uint8("usr", &key, 0, &k) ||
!sam_io_user_info21("usr", usr, &data, 0) ||
- prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
+ prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
{
prs_free_data(&key);
prs_free_data(&data);
return True;
}
-static BOOL tdb_set_userinfo_10(TDB_CONTEXT *tdb, uint16 acb_info)
+static BOOL tdb_set_userinfo_10(TDB_CONTEXT * tdb, uint16 acb_info)
{
SAM_USER_INFO_21 usr;
return True;
}
-static BOOL tdb_set_userinfo_pwds(TDB_CONTEXT *tdb,
- const uchar lm_pwd[16], const uchar nt_pwd[16])
+static BOOL tdb_set_userinfo_pwds(TDB_CONTEXT * tdb,
+ const uchar lm_pwd[16],
+ const uchar nt_pwd[16])
{
SAM_USER_INFO_21 usr;
if (tdb_writelock(tdb) != 0)
{
- DEBUG(5,("tdb_set_userinfo_pwds: write lock failed\n"));
+ DEBUG(5, ("tdb_set_userinfo_pwds: write lock failed\n"));
return False;
}
return True;
}
-static BOOL tdb_set_userinfo_23(TDB_CONTEXT *tdb,
- const SAM_USER_INFO_23 *usr23,
- const uchar lm_pwd[16], const uchar nt_pwd[16])
+static BOOL tdb_set_userinfo_23(TDB_CONTEXT * tdb,
+ const SAM_USER_INFO_23 * usr23,
+ const uchar lm_pwd[16],
+ const uchar nt_pwd[16])
{
SAM_USER_INFO_21 usr;
}
if (!make_sam_user_info21W(&usr,
- &usr23->logon_time,
- &usr23->logoff_time,
- &usr23->kickoff_time,
- &usr23->pass_last_set_time,
- &usr23->pass_can_change_time,
- &usr23->pass_must_change_time,
-
- &usr23->uni_user_name,
- &usr23->uni_full_name,
- &usr23->uni_home_dir,
- &usr23->uni_dir_drive,
- &usr23->uni_logon_script,
- &usr23->uni_profile_path,
- &usr23->uni_acct_desc,
- &usr23->uni_workstations,
- &usr23->uni_unknown_str,
- &usr23->uni_munged_dial,
-
- lm_pwd, nt_pwd,
-
- usr.user_rid,
- usr23->group_rid,
- usr23->acb_info,
-
- usr.unknown_3,
- usr23->logon_divs,
- &usr23->logon_hrs,
- usr23->unknown_5,
- usr.unknown_6))
+ &usr23->logon_time,
+ &usr23->logoff_time,
+ &usr23->kickoff_time,
+ &usr23->pass_last_set_time,
+ &usr23->pass_can_change_time,
+ &usr23->pass_must_change_time,
+ &usr23->uni_user_name,
+ &usr23->uni_full_name,
+ &usr23->uni_home_dir,
+ &usr23->uni_dir_drive,
+ &usr23->uni_logon_script,
+ &usr23->uni_profile_path,
+ &usr23->uni_acct_desc,
+ &usr23->uni_workstations,
+ &usr23->uni_unknown_str,
+ &usr23->uni_munged_dial,
+ lm_pwd, nt_pwd,
+ usr.user_rid,
+ usr23->group_rid,
+ usr23->acb_info,
+ usr.unknown_3,
+ usr23->logon_divs,
+ &usr23->logon_hrs,
+ usr23->unknown_5, usr.unknown_6))
{
tdb_writeunlock(tdb);
return False;
samr_reply_get_usrdom_pwinfo
********************************************************************/
uint32 _samr_get_usrdom_pwinfo(const POLICY_HND *user_pol,
- uint32 *unknown_0,
- uint32 *unknown_1)
+ uint32 * unknown_0, uint32 * unknown_1)
{
uint32 rid;
TDB_CONTEXT *tdb = NULL;
/* find the policy handle. open a policy on it. */
if (!get_tdbrid(get_global_hnd_cache(), user_pol, &tdb,
- NULL, NULL, &rid))
+ NULL, NULL, &rid))
{
return NT_STATUS_INVALID_HANDLE;
}
*unknown_0 = 0x00150000;
*unknown_1 = 0x00000000;
- DEBUG(5,("samr_get_usrdom_pwinfo: %d\n", __LINE__));
+ DEBUG(5, ("samr_get_usrdom_pwinfo: %d\n", __LINE__));
return NT_STATUS_NOPROBLEMO;
}
samr_reply_query_usergroups
********************************************************************/
uint32 _samr_query_usergroups(const POLICY_HND *pol,
- uint32 *num_groups,
- DOM_GID **gids)
+ uint32 * num_groups, DOM_GID ** gids)
{
#if 0
uint32 rid;
(*gids) = NULL;
(*num_groups) = 0;
- DEBUG(5,("samr_query_usergroups: %d\n", __LINE__));
+ DEBUG(5, ("samr_query_usergroups: %d\n", __LINE__));
/* find the policy handle. open a policy on it. */
if (!get_tdbsam(get_global_hnd_cache(), pol, &usr_tdb))
return NT_STATUS_NOPROBLEMO;
}
+
/*******************************************************************
samr_reply_query_useraliases
********************************************************************/
uint32 _samr_query_useraliases(const POLICY_HND *domain_pol,
- const uint32 *ptr_sid, const DOM_SID2 *sid,
- uint32 *num_aliases, uint32 **rid)
+ const uint32 * ptr_sid, const DOM_SID2 * sid,
+ uint32 * num_aliases, uint32 ** rid)
{
#if 0
TDB_CONTEXT *tdb = NULL;
DOM_SID dom_sid;
#endif
- DEBUG(5,("samr_query_useraliases: %d\n", __LINE__));
+ DEBUG(5, ("samr_query_useraliases: %d\n", __LINE__));
(*rid) = NULL;
(*num_aliases) = 0;
#if 0
/* find the policy handle. open a policy on it. */
if (!get_tdbsam(get_global_hnd_cache(), domain_pol,
- NULL, NULL, &tdb, NULL, NULL, &dom_sid))
+ NULL, NULL, &tdb, NULL, NULL, &dom_sid))
{
return NT_STATUS_INVALID_HANDLE;
}
samr_reply_open_user
********************************************************************/
uint32 _samr_open_user(const POLICY_HND *domain_pol,
- uint32 access_mask, uint32 user_rid,
- POLICY_HND *user_pol)
+ uint32 access_mask, uint32 user_rid,
+ POLICY_HND *user_pol)
{
DOM_SID dom_sid;
if (!get_tdbdomsid(get_global_hnd_cache(), domain_pol,
- NULL, NULL, NULL,
- NULL, NULL, &dom_sid))
+ NULL, NULL, NULL, NULL, NULL, &dom_sid))
{
return NT_STATUS_INVALID_HANDLE;
}
return samr_open_user_tdb(domain_pol, &dom_sid, NULL,
- user_pol, access_mask, user_rid);
+ user_pol, access_mask, user_rid);
}
/*******************************************************************
samr_reply_query_userinfo
********************************************************************/
uint32 _samr_query_userinfo(const POLICY_HND *pol, uint16 switch_value,
- SAM_USERINFO_CTR *ctr)
+ SAM_USERINFO_CTR * ctr)
{
TDB_CONTEXT *tdb_usr = NULL;
SAM_USER_INFO_21 usr;
return NT_STATUS_NO_SUCH_USER;
}
- DEBUG(5,("samr_reply_query_userinfo\n"));
+ DEBUG(5, ("samr_reply_query_userinfo\n"));
return make_samr_userinfo_ctr_usr21(ctr, switch_value, &usr);
}
/*******************************************************************
set_user_info_24
********************************************************************/
-static BOOL set_user_info_24(TDB_CONTEXT *usr_tdb,
- const SAM_USER_INFO_24 *id24)
+static BOOL set_user_info_24(TDB_CONTEXT * usr_tdb,
+ const SAM_USER_INFO_24 * id24)
{
static uchar nt_hash[16];
static uchar lm_hash[16];
/*******************************************************************
set_user_info_12
********************************************************************/
-static BOOL set_user_info_12(TDB_CONTEXT *usr_tdb,
- const SAM_USER_INFO_12 *id12)
+static BOOL set_user_info_12(TDB_CONTEXT * usr_tdb,
+ const SAM_USER_INFO_12 * id12)
{
return tdb_set_userinfo_pwds(usr_tdb, id12->lm_pwd, id12->nt_pwd);
}
/*******************************************************************
set_user_info_23
********************************************************************/
-static BOOL set_user_info_23(TDB_CONTEXT *usr_tdb,
- const SAM_USER_INFO_23 *id23)
+static BOOL set_user_info_23(TDB_CONTEXT * usr_tdb,
+ const SAM_USER_INFO_23 * id23)
{
static uchar nt_hash[16];
static uchar lm_hash[16];
return False;
}
- if (!decode_pw_buffer(id23->pass, (char*)new_pw.buffer, 256, &len))
+ if (!decode_pw_buffer(id23->pass, (char *)new_pw.buffer, 256, &len))
{
return False;
}
samr_reply_set_userinfo
********************************************************************/
uint32 _samr_set_userinfo(const POLICY_HND *pol, uint16 switch_value,
- SAM_USERINFO_CTR *ctr)
+ SAM_USERINFO_CTR * ctr)
{
TDB_CONTEXT *tdb_usr = NULL;
uchar user_sess_key[16];
- DEBUG(5,("samr_reply_set_userinfo: %d\n", __LINE__));
+ DEBUG(5, ("samr_reply_set_userinfo: %d\n", __LINE__));
/* find the domain rid associated with the policy handle */
if (!get_tdbsam(get_global_hnd_cache(), pol, &tdb_usr))
if (ctr == NULL)
{
- DEBUG(5,("samr_reply_set_userinfo: NULL info level\n"));
+ DEBUG(5, ("samr_reply_set_userinfo: NULL info level\n"));
return NT_STATUS_INVALID_INFO_CLASS;
}
SAM_USER_INFO_12 *id12 = ctr->info.id12;
if (!set_user_info_12(tdb_usr, id12))
{
- DEBUG(10,("_samr_set_userinfo 0x12 failed\n"));
+ DEBUG(10,
+ ("_samr_set_userinfo 0x12 failed\n"));
return NT_STATUS_ACCESS_DENIED;
}
break;
SamOEMhash(id24->pass, user_sess_key, True);
if (!set_user_info_24(tdb_usr, id24))
{
- DEBUG(10,("_samr_set_userinfo 0x18 failed\n"));
+ DEBUG(10,
+ ("_samr_set_userinfo 0x18 failed\n"));
return NT_STATUS_ACCESS_DENIED;
}
break;
SAM_USER_INFO_23 *id23 = ctr->info.id23;
SamOEMhash(id23->pass, user_sess_key, 1);
dump_data_pw("pass buff:\n",
- id23->pass, sizeof(id23->pass));
+ id23->pass, sizeof(id23->pass));
dbgflush();
if (!set_user_info_23(tdb_usr, id23))
/*******************************************************************
set_user_info_10
********************************************************************/
-static BOOL set_user_info_10(TDB_CONTEXT *usr_tdb,
- const SAM_USER_INFO_10 *id16)
+static BOOL set_user_info_10(TDB_CONTEXT * usr_tdb,
+ const SAM_USER_INFO_10 * id16)
{
return tdb_set_userinfo_10(usr_tdb, id16->acb_info);
}
samr_reply_set_userinfo2
********************************************************************/
uint32 _samr_set_userinfo2(const POLICY_HND *pol, uint16 switch_value,
- SAM_USERINFO_CTR *ctr)
+ SAM_USERINFO_CTR * ctr)
{
TDB_CONTEXT *tdb_usr = NULL;
return NT_STATUS_INVALID_HANDLE;
}
- DEBUG(5,("samr_reply_set_userinfo2\n"));
+ DEBUG(5, ("samr_reply_set_userinfo2\n"));
if (ctr == NULL)
{
- DEBUG(5,("samr_reply_set_userinfo2: NULL info level\n"));
+ DEBUG(5, ("samr_reply_set_userinfo2: NULL info level\n"));
return NT_STATUS_INVALID_INFO_CLASS;
}
return NT_STATUS_NOPROBLEMO;
}
-static void create_user_info_21(SAM_USER_INFO_21 *usr,
- const UNISTR2 *uni_user_name,
+static void create_user_info_21(SAM_USER_INFO_21 * usr,
+ const UNISTR2 * uni_user_name,
uint16 acb_info, uint32 user_rid,
uint32 group_rid)
{
usr->user_rid = user_rid;
usr->group_rid = group_rid;
- make_uni_hdr(&(usr->hdr_full_name ), 0);
- make_uni_hdr(&(usr->hdr_home_dir ), 1);
- make_uni_hdr(&(usr->hdr_dir_drive ), 0);
+ make_uni_hdr(&(usr->hdr_full_name), 0);
+ make_uni_hdr(&(usr->hdr_home_dir), 1);
+ make_uni_hdr(&(usr->hdr_dir_drive), 0);
make_uni_hdr(&(usr->hdr_logon_script), 0);
make_uni_hdr(&(usr->hdr_profile_path), 1);
- make_uni_hdr(&(usr->hdr_acct_desc ), 0);
+ make_uni_hdr(&(usr->hdr_acct_desc), 0);
make_uni_hdr(&(usr->hdr_workstations), 0);
- make_uni_hdr(&(usr->hdr_unknown_str ), 0);
- make_uni_hdr(&(usr->hdr_munged_dial ), 0);
+ make_uni_hdr(&(usr->hdr_unknown_str), 0);
+ make_uni_hdr(&(usr->hdr_munged_dial), 0);
- make_unistr2(&(usr->uni_user_name ), "", 0);
- make_unistr2(&(usr->uni_full_name ), "", 0);
- make_unistr2(&(usr->uni_home_dir ), "", 1);
- make_unistr2(&(usr->uni_dir_drive ), "", 0);
+ make_unistr2(&(usr->uni_user_name), "", 0);
+ make_unistr2(&(usr->uni_full_name), "", 0);
+ make_unistr2(&(usr->uni_home_dir), "", 1);
+ make_unistr2(&(usr->uni_dir_drive), "", 0);
make_unistr2(&(usr->uni_logon_script), "", 0);
make_unistr2(&(usr->uni_profile_path), "", 1);
- make_unistr2(&(usr->uni_acct_desc ), "", 0 );
+ make_unistr2(&(usr->uni_acct_desc), "", 0);
make_unistr2(&(usr->uni_workstations), "", 0);
- make_unistr2(&(usr->uni_unknown_str ), "", 0 );
- make_unistr2(&(usr->uni_munged_dial ), "", 0 );
+ make_unistr2(&(usr->uni_unknown_str), "", 0);
+ make_unistr2(&(usr->uni_munged_dial), "", 0);
copy_unistr2(&usr->uni_user_name, uni_user_name);
make_uni_hdr(&usr->hdr_user_name, uni_user_name->uni_str_len);
- usr->unknown_3 = 0xffffff; /* don't know */
- usr->logon_divs = 168; /* hours per week */
+ usr->unknown_3 = 0xffffff; /* don't know */
+ usr->logon_divs = 168; /* hours per week */
usr->ptr_logon_hrs = 1;
usr->logon_hrs.len = 21;
- memset(&usr->logon_hrs.hours, 0xff, sizeof(usr->logon_hrs.hours));
- usr->unknown_5 = 0x00020000; /* don't know */
- usr->unknown_6 = 0x000004ec; /* don't know */
+ memset(&usr->logon_hrs.hours, 0xff, sizeof(usr->logon_hrs.hours));
+ usr->unknown_5 = 0x00020000; /* don't know */
+ usr->unknown_6 = 0x000004ec; /* don't know */
}
/*******************************************************************
_samr_create_user
********************************************************************/
uint32 _samr_create_user(const POLICY_HND *domain_pol,
- const UNISTR2 *uni_username,
- uint16 acb_info, uint32 access_mask,
- POLICY_HND *user_pol,
- uint32 *unknown_0, uint32 *user_rid)
+ const UNISTR2 * uni_username,
+ uint16 acb_info, uint32 access_mask,
+ POLICY_HND *user_pol,
+ uint32 * unknown_0, uint32 * user_rid)
{
DOM_SID dom_sid;
DOM_SID usr_sid;
/* find the domain sid associated with the policy handle */
if (!get_tdbdomsid(get_global_hnd_cache(), domain_pol,
- NULL, NULL, NULL,
- NULL, NULL, &dom_sid))
+ NULL, NULL, NULL, NULL, NULL, &dom_sid))
{
return NT_STATUS_INVALID_HANDLE;
}
- status1 = _samr_lookup_names(domain_pol, 1, 0x3e8, 1, uni_username,
-
- &num_rids,
- &rid,
- &num_types,
- &type);
+ status1 = _samr_lookup_names(domain_pol, 1, 0x3e8, 1, uni_username,
+ &num_rids, &rid, &num_types, &type);
if (status1 == NT_STATUS_NOPROBLEMO)
{
switch (type)
{
- case SID_NAME_USER: return NT_STATUS_USER_EXISTS;
- case SID_NAME_ALIAS: return NT_STATUS_ALIAS_EXISTS;
+ case SID_NAME_USER:
+ return NT_STATUS_USER_EXISTS;
+ case SID_NAME_ALIAS:
+ return NT_STATUS_ALIAS_EXISTS;
case SID_NAME_DOM_GRP:
- case SID_NAME_WKN_GRP: return NT_STATUS_GROUP_EXISTS;
- case SID_NAME_DOMAIN: return NT_STATUS_DOMAIN_EXISTS;
+ case SID_NAME_WKN_GRP:
+ return NT_STATUS_GROUP_EXISTS;
+ case SID_NAME_DOMAIN:
+ return NT_STATUS_DOMAIN_EXISTS;
default:
{
- DEBUG(3,("create user: unknown, ignoring\n"));
+ DEBUG(3,
+ ("create user: unknown, ignoring\n"));
break;
}
}
gid_t *groups = NULL;
#endif
fstring user_name;
- unistr2_to_ascii(user_name, uni_username, sizeof(user_name)-1);
+ unistr2_to_ascii(user_name, uni_username,
+ sizeof(user_name) - 1);
pass = Get_Pwnam(user_name, False);
- DEBUG(10,("create user: %s\n", user_name));
+ DEBUG(10, ("create user: %s\n", user_name));
if (pass == NULL)
{
- DEBUG(0,("create user: no unix user named %s\n",
- user_name));
+ DEBUG(0, ("create user: no unix user named %s\n",
+ user_name));
return NT_STATUS_ACCESS_DENIED;
}
#if 0
- get_unixgroups(user_name,pass->pw_uid,pass->pw_gid,
- &n_groups,
- &groups);
+ get_unixgroups(user_name, pass->pw_uid, pass->pw_gid,
+ &n_groups, &groups);
for (i = 0; i < n_groups; i++)
{
if (sursalg_unixid_to_sam_sid(groups[i],
- SID_NAME_ALIAS,
- &grp_sid,
- True))
+ SID_NAME_ALIAS,
+ &grp_sid, True))
{
uint32 grp_rid = 0xffffffff;
if (!sid_split_rid(&grp_sid, &grp_rid))
}
if (sid_equal(&grp_sid, &dom_sid))
{
- als_rids = g_renew(uint32, als_rids, num_alss+1);
+ als_rids =
+ g_renew(uint32, als_rids,
+ num_alss + 1);
als_rids[num_alss] = grp_rid;
num_alss++;
}
}
if (sursalg_unixid_to_sam_sid(groups[i],
- SID_NAME_DOM_GRP,
- &grp_sid,
- True))
+ SID_NAME_DOM_GRP,
+ &grp_sid, True))
{
uint32 grp_rid = 0xffffffff;
if (!sid_split_rid(&grp_sid, &grp_rid))
}
if (sid_equal(&grp_sid, &global_sam_sid))
{
- gids = g_renew(DOM_GID, gids, num_gids+1);
+ gids =
+ g_renew(DOM_GID, gids,
+ num_gids + 1);
gids[num_gids].g_rid = grp_rid;
- gids[num_gids].attr = 0x7;
+ gids[num_gids].attr = 0x7;
num_gids++;
}
}
/* create a User SID for the unix user */
if (!sursalg_unixid_to_sam_sid(pass->pw_uid, SID_NAME_USER, &usr_sid,
- True))
+ True))
{
- DEBUG(0,("create user: unix uid %d to RID failed\n",
- pass->pw_uid));
+ DEBUG(0, ("create user: unix uid %d to RID failed\n",
+ pass->pw_uid));
return NT_STATUS_ACCESS_DENIED;
}
/* create a Group SID for the unix user */
- if (!sursalg_unixid_to_sam_sid(pass->pw_gid, SID_NAME_DOM_GRP, &grp_sid,
- True))
+ if (!sursalg_unixid_to_sam_sid
+ (pass->pw_gid, SID_NAME_DOM_GRP, &grp_sid, True))
{
- DEBUG(0,("create user: unix uid %d to RID failed\n",
- pass->pw_uid));
+ DEBUG(0, ("create user: unix uid %d to RID failed\n",
+ pass->pw_uid));
return NT_STATUS_ACCESS_DENIED;
}
sid_copy(&sid, &usr_sid);
- if (!sid_split_rid(&sid, user_rid) ||
- !sid_equal(&dom_sid, &sid))
+ if (!sid_split_rid(&sid, user_rid) || !sid_equal(&dom_sid, &sid))
{
fstring tmp;
- DEBUG(0,("create user: invalid User SID %s\n",
- sid_to_string(tmp, &usr_sid)));
+ DEBUG(0, ("create user: invalid User SID %s\n",
+ sid_to_string(tmp, &usr_sid)));
return NT_STATUS_ACCESS_DENIED;
}
!sid_equal(&dom_sid, &grp_sid))
{
fstring tmp;
- DEBUG(0,("create user: invalid Group SID %s\n",
- sid_to_string(tmp, &grp_sid)));
+ DEBUG(0, ("create user: invalid Group SID %s\n",
+ sid_to_string(tmp, &grp_sid)));
return NT_STATUS_ACCESS_DENIED;
}
create_user_info_21(&usr, uni_username, acb_info,
- (*user_rid), group_rid);
+ (*user_rid), group_rid);
tdb_usr = open_usr_db(&dom_sid, (*user_rid), O_RDWR | O_CREAT);
*unknown_0 = 0x000703ff;
return samr_open_user_tdb(domain_pol, &dom_sid, tdb_usr,
- user_pol, access_mask, *user_rid);
+ user_pol, access_mask, *user_rid);
}
/*******************************************************************
********************************************************************/
uint32 _samr_delete_dom_user(POLICY_HND *user_pol)
{
- DEBUG(0,("samr_delete_dom_user: not implemented\n"));
+ DEBUG(0, ("samr_delete_dom_user: not implemented\n"));
return NT_STATUS_ACCESS_DENIED;
}
extern char *OutBuffer;
extern int smb_read_error;
extern BOOL reload_after_sighup;
-extern BOOL global_machine_password_needs_changing;
extern fstring global_myworkgroup;
extern pstring global_myname;
extern int max_send;
int last_keepalive=0;
int service_load_counter = 0;
BOOL got_smb = False;
+ BOOL trust_pwd_needs_changing = False;
+ NTTIME ntlct;
if (deadtime <= 0)
deadtime = DEFAULT_SMBD_TIMEOUT;
return;
}
- if(global_machine_password_needs_changing)
+ if (msrpc_lsa_query_secret("\\\\.", "$MACHINE.ACC", NULL, &ntlct))
+ {
+ if (time(NULL) > nt_time_to_unix(&ntlct) + lp_machine_password_timeout())
+ {
+ trust_pwd_needs_changing = True;
+ }
+ }
+
+ if(trust_pwd_needs_changing)
{
unsigned char trust_passwd_hash[16];
- time_t lct;
- pstring remote_machine_list;
- int sec_chan = SEC_CHAN_WKSTA;
/*
* We're in domain level security, and the code that
* password needs changing.
*/
- /*
- * First, open the machine password file with an exclusive lock.
- */
-
- if(!trust_password_lock( global_myworkgroup, global_myname, True)) {
- DEBUG(0,("process: unable to open the machine account password file for \
-machine %s in domain %s.\n", global_myname, global_myworkgroup ));
- continue;
- }
-
- if(!get_trust_account_password( trust_passwd_hash, &lct)) {
- DEBUG(0,("process: unable to read the machine account password for \
-machine %s in domain %s.\n", global_myname, global_myworkgroup ));
- trust_password_unlock();
- continue;
- }
-
- /*
- * Make sure someone else hasn't already done this.
- */
-
- if(t < lct + lp_machine_password_timeout()) {
- trust_password_unlock();
- global_machine_password_needs_changing = False;
- continue;
- }
-
- pstrcpy(remote_machine_list, lp_passwordserver());
- if (lp_server_role() == ROLE_DOMAIN_BDC)
- sec_chan = SEC_CHAN_BDC;
-
- change_trust_account_password(global_myworkgroup, remote_machine_list,
- sec_chan);
- trust_password_unlock();
- global_machine_password_needs_changing = False;
+ generate_random_buffer( trust_passwd_hash, 16, True);
+ msrpc_lsa_set_secret("\\\\.", "$MACHINE.ACC", trust_passwd_hash, 16);
}
/*
return NT_STATUS_OBJECT_NAME_INVALID;
}
+ /* strikerXXXX Luke, is this line below needed, or does close_policy_hnd()
+ * take care of this? */
+
+ /* set up the REG unknown_1 response */
+ bzero(pol->data, POL_HND_SIZE);
+
return NT_STATUS_NOPROBLEMO;
}
if (getuid() == 0) {
printf(" -R ORDER name resolve order\n");
- printf(" -j DOMAIN join domain name\n");
- printf(" -S synchronise with PDC (if we are BDC)\n");
printf(" -a add user\n");
printf(" -d disable user\n");
printf(" -e enable user\n");
printf(" -n set no password\n");
- printf(" -m workstation trust account\n");
- printf(" -b backup domain controller account\n");
- printf(" -i inter-domain trust account\n");
printf(" -p user cannot change password\n");
printf(" -x user can change password\n");
}
exit(1);
}
-/*********************************************************
-Join a domain.
-**********************************************************/
-static int create_interdomain_trust_acct(char *domain, char *name)
-{
- fstring trust_passwd;
- uchar hash[16];
- uint16 sec_chan;
-
- switch (lp_server_role())
- {
- case ROLE_DOMAIN_PDC:
- {
- DEBUG(0, ("Joining domain - we are PDC\n"));
- sec_chan = SEC_CHAN_DOMAIN;
- break;
- }
- case ROLE_DOMAIN_BDC:
- {
- DEBUG(0, ("Cannot set up inter-domain trust as BDC!\n"));
- return 1;
- }
- default:
- {
- DEBUG(0, ("Cannot set up inter-domain trust as workstation!\n"));
- return 1;
- }
- }
-
-#if 0
- pstrcpy(remote_machine, remote ? remote : lp_passwordserver());
-
- if (!remote_machine[0])
- {
- fprintf(stderr, "You must specify the PDC via 'password server' or -r.");
- return 1;
- }
-#endif
-
- fstrcpy(trust_passwd, name);
- strlower(trust_passwd);
- E_md4hash( (uchar *)trust_passwd, hash);
-
- if (!create_trust_account_file(domain, name, hash))
- {
- return 1;
- }
-
-#if 0
- if(!change_trust_account_password(domain, remote_machine, sec_chan))
- {
- fprintf(stderr,"Unable to join domain %s.\n",domain);
- return 1;
- }
-#endif
- printf("Created Inter-Domain Trust Account for %s.\n",domain);
- return 0;
-}
-
-/*********************************************************
-Join a domain.
-**********************************************************/
-static int join_domain(char *domain, char *remote)
-{
- pstring remote_machine;
- fstring trust_passwd;
- uchar hash[16];
- uint16 sec_chan;
-
- switch (lp_server_role())
- {
- case ROLE_DOMAIN_PDC:
- {
- DEBUG(0, ("Joining Domain as PDC\n"));
- pstrcpy(remote_machine, global_myname);
- sec_chan = SEC_CHAN_WKSTA;
- break;
- }
- case ROLE_DOMAIN_BDC:
- {
- DEBUG(0, ("Joining Domain as BDC\n"));
- pstrcpy(remote_machine, remote ? remote : lp_passwordserver());
-
- sec_chan = SEC_CHAN_BDC;
- break;
- }
- default:
- {
- DEBUG(0, ("Joining Domain as Workstation\n"));
- pstrcpy(remote_machine, remote ? remote : lp_passwordserver());
- sec_chan = SEC_CHAN_WKSTA;
- }
- }
-
- if (!remote_machine[0])
- {
- fprintf(stderr, "You must specify the PDC via 'password server' or -r.");
- return 1;
- }
-
- fstrcpy(trust_passwd, global_myname);
- strlower(trust_passwd);
-
- E_md4hash( (uchar *)trust_passwd, hash);
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("trust account password: %s\n", trust_passwd));
- dump_data(100, hash, 16);
-#endif
-
- if (!create_trust_account_file(domain, global_myname, hash))
- {
- return 1;
- }
-
- if(!trust_password_lock( domain, global_myname, True))
- {
- DEBUG(0,("process: unable to open the trust account password file for \
-machine %s in domain %s.\n", global_myname, global_myworkgroup ));
- return 1;
- }
- if(!change_trust_account_password(domain, remote_machine, sec_chan))
- {
- fprintf(stderr,"Unable to join domain %s.\n",domain);
- return 1;
- }
- trust_password_unlock();
-
- printf("Joined domain %s.\n",domain);
- return 0;
-}
-
static void set_line_buffering(FILE *f)
{
int ch;
uint16 acb_info = 0;
uint16 acb_mask = 0;
- BOOL joining_domain = False;
- BOOL sam_sync = False;
- BOOL wks_trust_account = False;
- BOOL srv_trust_account = False;
- BOOL dom_trust_account = False;
BOOL add_user = False;
BOOL disable_user = False;
BOOL enable_user = False;
BOOL lock_password = False;
BOOL unlock_password = False;
char *user_name = NULL;
- char *new_domain = NULL;
char *new_passwd = NULL;
char *old_passwd = NULL;
char *remote_machine = NULL;
- int ret;
while ((ch = getopt(argc, argv, "abdehimnpxj:Sr:sR:D:U:")) != EOF)
{
}
case 'i':
{
- dom_trust_account = True;
+ fprintf(stderr, "The -i option has been disabled. Please use samedit's createtrust command.\n");
+ exit(-1);
break;
}
case 'b':
{
- srv_trust_account = True;
+ fprintf(stderr, "The -b option is disabled. Please use samedit's createuser account$ -j command.\n");
+ exit(-1);
break;
}
case 'm':
{
- wks_trust_account = True;
+ fprintf(stderr, "The -m option is disabled. Please use samedit's createuser account$ command.\n");
+ exit(-1);
break;
}
case 'j':
{
- new_domain = optarg;
- strupper(new_domain);
- joining_domain = True;
+ fprintf(stderr, "The -j option is disabled. Please use samedit's createuser account$ -j command.\n");
+ exit(-1);
break;
}
case 'S':
{
- sam_sync = True;
+ fprintf(stderr, "The -S option is disabled. Please use samedit's samsync command.\n");
+ exit(-1);
break;
}
case 'U':
argc -= optind;
argv += optind;
- /*
- * Ensure add_user and either remote machine or join domain are
- * not both set.
- */
- if (add_user && ((remote_machine != NULL) || joining_domain))
- {
- usage();
- }
-
- if (sam_sync && lp_server_role() != ROLE_DOMAIN_BDC) {
- fprintf(stderr, "The -S option can only be used on a Backup Domain Controller.\n");
- return 1;
- }
-
- if (joining_domain)
- {
- if (!dom_trust_account)
- {
- if (argc != 0) usage();
- ret = join_domain(new_domain, remote_machine);
-
- if ((ret != 0) || (!sam_sync))
- return ret;
- }
- }
-
- if (sam_sync)
- {
- return synchronise_passdb();
- }
/*
* Deal with root - can add a user, but only locally.
exit(1);
}
- if (wks_trust_account || srv_trust_account || dom_trust_account)
- {
- /* add the $ automatically */
- static fstring buf;
-
- /*
- * Remove any trailing '$' before we
- * generate the initial trust password.
- */
-
- if (user_name[strlen(user_name)-1] == '$') {
- user_name[strlen(user_name)-1] = 0;
- }
-
- if (add_user) {
- new_passwd = xstrdup(user_name);
- strlower(new_passwd);
- }
-
- /*
- * Now ensure the username ends in '$' for
- * the trust add.
- */
-
- slprintf(buf, sizeof(buf)-1, "%s$", user_name);
- user_name = buf;
- }
-
if (!remote_machine && !Get_Pwnam(user_name, True)) {
fprintf(stderr, "User \"%s\" was not found in system password file.\n",
user_name);
exit(1);
}
- if (joining_domain)
- {
- if (dom_trust_account)
- {
- ret = create_interdomain_trust_acct(new_domain,
- global_myworkgroup);
-
- if ((ret != 0) || (!sam_sync))
- return ret;
- }
- }
-
if (remote_machine != NULL) {
old_passwd = get_pass("Old SMB password:",stdin_passwd_get);
}
acb_info &= ~ACB_PWLOCK;
}
- if (wks_trust_account)
- {
- acb_mask |= ACB_WSTRUST;
- acb_info |= ACB_WSTRUST;
- }
- else if (srv_trust_account)
- {
- acb_mask |= ACB_SVRTRUST;
- acb_info |= ACB_SVRTRUST;
- }
- else if (dom_trust_account)
- {
- acb_mask |= ACB_DOMTRUST;
- acb_info |= ACB_DOMTRUST;
- }
- else
- {
- acb_mask |= ACB_NORMAL;
- acb_info |= ACB_NORMAL;
- }
-
if (!password_change(remote_machine, user_name, old_passwd, new_passwd,
add_user, acb_info, acb_mask))
{
git.samba.org / gd / samba / .git / commitdiff