BOOL authenticated;
char *account_name;
char *computer_name; /* for logging only */
- uint32 acct_flags;
- uint16 sec_chan_type;
+ uint32_t acct_flags;
+ uint16_t sec_chan_type;
struct creds_CredentialState *creds;
};
+
+/*
+ a client has connected to the netlogon server using schannel, so we need
+ to re-establish the credentials state
+*/
+static NTSTATUS netlogon_schannel_setup(struct dcesrv_call_state *dce_call)
+{
+ struct server_pipe_state *state;
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx;
+
+ mem_ctx = talloc_init("netlogon_bind");
+ if (!mem_ctx) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ state = talloc_p(mem_ctx, struct server_pipe_state);
+ if (state == NULL) {
+ talloc_destroy(mem_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+ ZERO_STRUCTP(state);
+ state->mem_ctx = mem_ctx;
+ state->authenticated = True;
+
+ if (dce_call->conn->auth_state.session_info == NULL) {
+ talloc_destroy(mem_ctx);
+ smb_panic("No session info provided by schannel level setup!");
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+
+ status = dcerpc_schannel_creds(dce_call->conn->auth_state.gensec_security,
+ mem_ctx,
+ &state->creds);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(3, ("getting schannel credentials failed with %s\n", nt_errstr(status)));
+ talloc_destroy(mem_ctx);
+ return status;
+ }
+
+ dce_call->conn->private = state;
+
+ return NT_STATUS_OK;
+}
+
+/*
+ a hook for bind on the netlogon pipe
+*/
static NTSTATUS netlogon_bind(struct dcesrv_call_state *dce_call, const struct dcesrv_interface *di)
{
dce_call->conn->private = NULL;
+ /* if this is a schannel bind then we need to reconstruct the pipe state */
+ if (dce_call->conn->auth_state.auth_info &&
+ dce_call->conn->auth_state.auth_info->auth_type == DCERPC_AUTH_TYPE_SCHANNEL) {
+ NTSTATUS status;
+
+ DEBUG(5, ("schannel bind on netlogon\n"));
+
+ status = netlogon_schannel_setup(dce_call);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(3, ("schannel bind on netlogon failed with %s\n", nt_errstr(status)));
+ return status;
+ }
+ }
+
return NT_STATUS_OK;
}
{
struct server_pipe_state *pipe_state = conn->private;
- if (pipe_state)
+ if (pipe_state) {
talloc_destroy(pipe_state->mem_ctx);
-
+ }
+
conn->private = NULL;
}
#define DCESRV_INTERFACE_NETLOGON_BIND netlogon_bind
#define DCESRV_INTERFACE_NETLOGON_UNBIND netlogon_unbind
-/*
- netr_ServerReqChallenge
-
- NTSTATUS netr_ServerReqChallenge(
- [in] unistr *server_name,
- [in] unistr computer_name,
- [in][out] netr_Credential credentials
- );
-
-*/
static NTSTATUS netr_ServerReqChallenge(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct netr_ServerReqChallenge *r)
{
struct server_pipe_state *pipe_state = dce_call->conn->private;
TALLOC_CTX *pipe_mem_ctx;
- ZERO_STRUCT(r->out.credentials);
+ ZERO_STRUCTP(r->out.credentials);
/* destroyed on pipe shutdown */
pipe_state->account_name = NULL;
pipe_state->computer_name = NULL;
- pipe_state->client_challenge = r->in.credentials;
+ pipe_state->client_challenge = *r->in.credentials;
generate_random_buffer(pipe_state->server_challenge.data,
- sizeof(pipe_state->server_challenge.data),
- False);
+ sizeof(pipe_state->server_challenge.data));
- r->out.credentials = pipe_state->server_challenge;
+ *r->out.credentials = pipe_state->server_challenge;
dce_call->conn->private = pipe_state;
return NT_STATUS_OK;
}
-
-/*
- netr_ServerAuthenticate
-
- secure channel types:
-
- const int SEC_CHAN_WKSTA = 2;
- const int SEC_CHAN_DOMAIN = 4;
- const int SEC_CHAN_BDC = 6;
-
- NTSTATUS netr_ServerAuthenticate(
- [in] unistr *server_name,
- [in] unistr username,
- [in] uint16 secure_channel_type,
- [in] unistr computer_name,
- [in,out] netr_Credential credentials
- );
-
-
-*/
-
-static NTSTATUS netr_ServerAuthenticateInternals(struct server_pipe_state *pipe_state,
- TALLOC_CTX *mem_ctx,
- const char *account_name,
- const char *computer_name,
- uint16 secure_channel_type,
- uint32 in_flags,
- const struct netr_Credential *client_credentials,
- struct netr_Credential *server_credentials,
- uint32 *out_flags)
+static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_ServerAuthenticate3 *r)
{
+ struct server_pipe_state *pipe_state = dce_call->conn->private;
void *sam_ctx;
- uint8 *mach_pwd;
- uint16 acct_flags;
+ struct samr_Password *mach_pwd;
+ uint16_t acct_flags;
int num_records;
struct ldb_message **msgs;
NTSTATUS nt_status;
+ const char *attrs[] = {"unicodePwd", "lmPwdHash", "ntPwdHash", "userAccountControl",
+ "objectSid", NULL};
- const char *attrs[] = {"unicodePwd", "lmPwdHash", "ntPwdHash",
- "userAccountControl", NULL
- };
-
- ZERO_STRUCTP(server_credentials);
- if (out_flags) {
- *out_flags = 0;
- }
+ ZERO_STRUCTP(r->out.credentials);
+ *r->out.rid = 0;
+ *r->out.negotiate_flags = *r->in.negotiate_flags;
if (!pipe_state) {
- DEBUG(1, ("No challange requested by client, cannot authenticate\n"));
+ DEBUG(1, ("No challenge requested by client, cannot authenticate\n"));
return NT_STATUS_ACCESS_DENIED;
}
- sam_ctx = samdb_connect();
+ sam_ctx = samdb_connect(mem_ctx);
if (sam_ctx == NULL) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
/* pull the user attributes */
num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
"(&(sAMAccountName=%s)(objectclass=user))",
- account_name);
+ r->in.account_name);
if (num_records == 0) {
- DEBUG(3,("Couldn't find user [%s] in passdb file.\n",
- account_name));
- samdb_close(sam_ctx);
+ DEBUG(3,("Couldn't find user [%s] in samdb.\n",
+ r->in.account_name));
return NT_STATUS_NO_SUCH_USER;
}
if (num_records > 1) {
- DEBUG(1,("Found %d records matching user [%s]\n", num_records, account_name));
- samdb_close(sam_ctx);
+ DEBUG(0,("Found %d records matching user [%s]\n", num_records, r->in.account_name));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
"userAccountControl");
if (acct_flags & ACB_DISABLED) {
- DEBUG(1, ("Account [%s] is disabled\n", account_name));
+ DEBUG(1, ("Account [%s] is disabled\n", r->in.account_name));
return NT_STATUS_ACCESS_DENIED;
}
- if (secure_channel_type == SEC_CHAN_WKSTA) {
+ if (r->in.secure_channel_type == SEC_CHAN_WKSTA) {
if (!(acct_flags & ACB_WSTRUST)) {
DEBUG(1, ("Client asked for a workstation secure channel, but is not a workstation (member server) acb flags: 0x%x\n", acct_flags));
return NT_STATUS_ACCESS_DENIED;
}
- } else if (secure_channel_type == SEC_CHAN_DOMAIN) {
+ } else if (r->in.secure_channel_type == SEC_CHAN_DOMAIN) {
if (!(acct_flags & ACB_DOMTRUST)) {
DEBUG(1, ("Client asked for a trusted domain secure channel, but is not a trusted domain: acb flags: 0x%x\n", acct_flags));
return NT_STATUS_ACCESS_DENIED;
}
- } else if (secure_channel_type == SEC_CHAN_BDC) {
+ } else if (r->in.secure_channel_type == SEC_CHAN_BDC) {
if (!(acct_flags & ACB_SVRTRUST)) {
DEBUG(1, ("Client asked for a server secure channel, but is not a server (domain controller): acb flags: 0x%x\n", acct_flags));
return NT_STATUS_ACCESS_DENIED;
}
} else {
- DEBUG(1, ("Client asked for an invalid secure channel type: %d\n", secure_channel_type));
+ DEBUG(1, ("Client asked for an invalid secure channel type: %d\n",
+ r->in.secure_channel_type));
return NT_STATUS_ACCESS_DENIED;
}
pipe_state->acct_flags = acct_flags;
- pipe_state->sec_chan_type = secure_channel_type;
+ pipe_state->sec_chan_type = r->in.secure_channel_type;
+
+ *r->out.rid = samdb_result_rid_from_sid(mem_ctx, msgs[0], "objectSid", 0);
- if (!NT_STATUS_IS_OK(nt_status = samdb_result_passwords(mem_ctx, msgs[0],
- NULL, &mach_pwd))) {
- samdb_close(sam_ctx);
+ nt_status = samdb_result_passwords(mem_ctx, msgs[0], NULL, &mach_pwd);
+ if (!NT_STATUS_IS_OK(nt_status) || mach_pwd == NULL) {
return NT_STATUS_ACCESS_DENIED;
}
- samdb_close(sam_ctx);
-
if (!pipe_state->creds) {
- pipe_state->creds = talloc_p(mem_ctx, struct creds_CredentialState);
+ pipe_state->creds = talloc_p(pipe_state->mem_ctx, struct creds_CredentialState);
if (!pipe_state->creds) {
return NT_STATUS_NO_MEMORY;
}
creds_server_init(pipe_state->creds, &pipe_state->client_challenge,
&pipe_state->server_challenge, mach_pwd,
- server_credentials);
-
- if (!creds_server_check(pipe_state->creds, client_credentials)) {
+ r->out.credentials,
+ *r->in.negotiate_flags);
+
+ if (!creds_server_check(pipe_state->creds, r->in.credentials)) {
return NT_STATUS_ACCESS_DENIED;
}
if (pipe_state->account_name) {
/* We don't want a memory leak on this long-lived talloc context */
- talloc_free(pipe_state->mem_ctx, pipe_state->account_name);
+ talloc_free(pipe_state->account_name);
}
- pipe_state->account_name = talloc_strdup(pipe_state->mem_ctx, account_name);
+ pipe_state->account_name = talloc_strdup(pipe_state->mem_ctx, r->in.account_name);
if (pipe_state->computer_name) {
/* We don't want a memory leak on this long-lived talloc context */
- talloc_free(pipe_state->mem_ctx, pipe_state->account_name);
+ talloc_free(pipe_state->account_name);
}
- pipe_state->computer_name = talloc_strdup(pipe_state->mem_ctx, computer_name);
-
- if (out_flags) {
- *out_flags = NETLOGON_NEG_AUTH2_FLAGS;
- }
+ pipe_state->computer_name = talloc_strdup(pipe_state->mem_ctx, r->in.computer_name);
- return NT_STATUS_OK;
+ /* remember this session key state */
+ nt_status = schannel_store_session_key(mem_ctx, pipe_state->computer_name, pipe_state->creds);
+
+ return nt_status;
}
-
static NTSTATUS netr_ServerAuthenticate(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct netr_ServerAuthenticate *r)
{
- struct server_pipe_state *pipe_state = dce_call->conn->private;
+ struct netr_ServerAuthenticate3 r3;
+ uint32_t rid = 0;
+ /* TODO:
+ * negotiate_flags is used as an [in] parameter
+ * so it need to be initialised.
+ *
+ * (I think ... = 0; seems wrong here --metze)
+ */
+ uint32 negotiate_flags = 0;
+
+ r3.in.server_name = r->in.server_name;
+ r3.in.account_name = r->in.account_name;
+ r3.in.secure_channel_type = r->in.secure_channel_type;
+ r3.in.computer_name = r->in.computer_name;
+ r3.in.credentials = r->in.credentials;
+ r3.out.credentials = r->out.credentials;
+ r3.in.negotiate_flags = &negotiate_flags;
+ r3.out.negotiate_flags = &negotiate_flags;
+ r3.out.rid = &rid;
- return netr_ServerAuthenticateInternals(pipe_state,
- mem_ctx,
- r->in.username,
- r->in.computer_name,
- r->in.secure_channel_type,
- 0,
- &r->in.credentials,
- &r->out.credentials,
- NULL);
+ return netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
}
static NTSTATUS netr_ServerAuthenticate2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct netr_ServerAuthenticate2 *r)
+ struct netr_ServerAuthenticate2 *r)
{
- struct server_pipe_state *pipe_state = dce_call->conn->private;
+ struct netr_ServerAuthenticate3 r3;
+ uint32 rid = 0;
+
+ r3.in.server_name = r->in.server_name;
+ r3.in.account_name = r->in.account_name;
+ r3.in.secure_channel_type = r->in.secure_channel_type;
+ r3.in.computer_name = r->in.computer_name;
+ r3.in.credentials = r->in.credentials;
+ r3.out.credentials = r->out.credentials;
+ r3.in.negotiate_flags = r->in.negotiate_flags;
+ r3.out.negotiate_flags = r->out.negotiate_flags;
+ r3.out.rid = &rid;
- return netr_ServerAuthenticateInternals(pipe_state,
- mem_ctx,
- r->in.username,
- r->in.computer_name,
- r->in.secure_channel_type,
- *r->in.negotiate_flags,
- &r->in.credentials,
- &r->out.credentials,
- r->out.negotiate_flags);
+ return netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
}
-/*
- netr_ServerPasswordSet
- NTSTATUS netr_ServerPasswordSet(
- [in] unistr *server_name,
- [in] unistr username,
- [in] uint16 secure_channel_type,
- [in] unistr computer_name,
- [in] netr_Authenticator credential,
- [in] netr_Password new_password,
- [out] netr_Authenticator return_authenticator
- );
+static BOOL netr_creds_server_step_check(struct server_pipe_state *pipe_state,
+ struct netr_Authenticator *received_authenticator,
+ struct netr_Authenticator *return_authenticator)
+{
+ if (!pipe_state->authenticated) {
+ return False;
+ }
+ return creds_server_step_check(pipe_state->creds,
+ received_authenticator,
+ return_authenticator);
+}
+
-*/
static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct netr_ServerPasswordSet *r)
{
+ struct server_pipe_state *pipe_state = dce_call->conn->private;
- DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+ void *sam_ctx;
+ int num_records;
+ int num_records_domain;
+ int ret;
+ struct ldb_message **msgs;
+ struct ldb_message **msgs_domain;
+ NTSTATUS nt_status;
+ struct ldb_message mod, *msg_set_pw = &mod;
+ const char *domain_dn;
+ const char *domain_sid;
+
+ const char *attrs[] = {"objectSid", NULL };
+
+ const char **domain_attrs = attrs;
+ ZERO_STRUCT(mod);
+
+ if (!pipe_state) {
+ DEBUG(1, ("No challenge requested by client, cannot authenticate\n"));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ if (!netr_creds_server_step_check(pipe_state, &r->in.credential, &r->out.return_authenticator)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ sam_ctx = samdb_connect(mem_ctx);
+ if (sam_ctx == NULL) {
+ return NT_STATUS_INVALID_SYSTEM_SERVICE;
+ }
+ /* pull the user attributes */
+ num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
+ "(&(sAMAccountName=%s)(objectclass=user))",
+ pipe_state->account_name);
+
+ if (num_records == 0) {
+ DEBUG(3,("Couldn't find user [%s] in samdb.\n",
+ pipe_state->account_name));
+ return NT_STATUS_NO_SUCH_USER;
+ }
+
+ if (num_records > 1) {
+ DEBUG(0,("Found %d records matching user [%s]\n", num_records,
+ pipe_state->account_name));
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ domain_sid = samdb_result_sid_prefix(mem_ctx, msgs[0], "objectSid");
+ if (!domain_sid) {
+ DEBUG(0,("no objectSid in user record\n"));
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ /* find the domain's DN */
+ num_records_domain = samdb_search(sam_ctx, mem_ctx, NULL,
+ &msgs_domain, domain_attrs,
+ "(&(objectSid=%s)(objectclass=domain))",
+ domain_sid);
+
+ if (num_records_domain == 0) {
+ DEBUG(3,("check_sam_security: Couldn't find domain [%s] in passdb file.\n",
+ domain_sid));
+ return NT_STATUS_NO_SUCH_USER;
+ }
+
+ if (num_records_domain > 1) {
+ DEBUG(0,("Found %d records matching domain [%s]\n",
+ num_records_domain, domain_sid));
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ domain_dn = msgs_domain[0]->dn;
+ mod.dn = talloc_strdup(mem_ctx, msgs[0]->dn);
+ if (!mod.dn) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ creds_des_decrypt(pipe_state->creds, &r->in.new_password);
+
+ /* set the password - samdb needs to know both the domain and user DNs,
+ so the domain password policy can be used */
+ nt_status = samdb_set_password(sam_ctx, mem_ctx,
+ msgs[0]->dn, domain_dn,
+ msg_set_pw,
+ NULL, /* Don't have plaintext */
+ NULL, &r->in.new_password,
+ False /* This is not considered a password change */,
+ NULL);
+
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
+ }
+ ret = samdb_replace(sam_ctx, mem_ctx, msg_set_pw);
+ if (ret != 0) {
+ /* we really need samdb.c to return NTSTATUS */
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ return NT_STATUS_OK;
}
netr_LogonUasLogon
*/
static WERROR netr_LogonUasLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct netr_LogonUasLogon *r)
+ struct netr_LogonUasLogon *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
- netr_LogonSamLogon
+ netr_LogonSamLogonWithFlags
+
+*/
+static NTSTATUS netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_LogonSamLogonWithFlags *r)
+{
+ struct server_pipe_state *pipe_state = dce_call->conn->private;
+
+ struct auth_context *auth_context;
+ struct auth_usersupplied_info *user_info;
+ struct auth_serversupplied_info *server_info;
+ NTSTATUS nt_status;
+ const uint8_t *chal;
+ static const char zeros[16];
+ struct netr_SamBaseInfo *sam;
+ struct netr_SamInfo2 *sam2;
+ struct netr_SamInfo3 *sam3;
+ struct netr_SamInfo6 *sam6;
+
+ if (!pipe_state) {
+ DEBUG(1, ("No challenge requested by client, cannot authenticate\n"));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ r->out.return_authenticator = talloc_p(mem_ctx, struct netr_Authenticator);
+ if (!r->out.return_authenticator) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ if (!netr_creds_server_step_check(pipe_state, r->in.credential, r->out.return_authenticator)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ switch (r->in.logon_level) {
+ case 1:
+ case 3:
+ case 5:
+ creds_arcfour_crypt(pipe_state->creds,
+ r->in.logon.password->lmpassword.hash,
+ sizeof(r->in.logon.password->lmpassword.hash));
+ creds_arcfour_crypt(pipe_state->creds,
+ r->in.logon.password->ntpassword.hash,
+ sizeof(r->in.logon.password->ntpassword.hash));
+
+ nt_status = make_auth_context_subsystem(&auth_context);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
+ }
+
+ chal = auth_context->get_ntlm_challenge(auth_context);
+ nt_status = make_user_info_netlogon_interactive(&user_info,
+ r->in.logon.password->identity_info.account_name.string,
+ r->in.logon.password->identity_info.domain_name.string,
+ r->in.logon.password->identity_info.workstation.string,
+ chal,
+ &r->in.logon.password->lmpassword,
+ &r->in.logon.password->ntpassword);
+ break;
+
+ case 2:
+ case 6:
+ nt_status = make_auth_context_fixed(&auth_context, r->in.logon.network->challenge);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
+ }
+ nt_status = make_user_info_netlogon_network(&user_info,
+ r->in.logon.network->identity_info.account_name.string,
+ r->in.logon.network->identity_info.domain_name.string,
+ r->in.logon.network->identity_info.workstation.string,
+ r->in.logon.network->lm.data, r->in.logon.network->lm.length,
+ r->in.logon.network->nt.data, r->in.logon.network->nt.length);
+ break;
+ default:
+ free_auth_context(&auth_context);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
+ }
+
+ nt_status = auth_context->check_ntlm_password(auth_context,
+ user_info,
+ &server_info);
+
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ free_auth_context(&auth_context);
+ return nt_status;
+ }
+ free_auth_context(&auth_context);
+
+ sam = talloc_p(mem_ctx, struct netr_SamBaseInfo);
+
+ ZERO_STRUCTP(sam);
+
+ sam->last_logon = server_info->last_logon;
+ sam->last_logoff = server_info->last_logoff;
+ sam->acct_expiry = server_info->acct_expiry;
+ sam->last_password_change = server_info->last_password_change;
+ sam->allow_password_change = server_info->allow_password_change;
+ sam->force_password_change = server_info->force_password_change;
+
+ sam->account_name.string = talloc_strdup(mem_ctx, server_info->account_name);
+ sam->full_name.string = talloc_strdup(mem_ctx, server_info->full_name);
+ sam->logon_script.string = talloc_strdup(mem_ctx, server_info->logon_script);
+ sam->profile_path.string = talloc_strdup(mem_ctx, server_info->profile_path);
+ sam->home_directory.string = talloc_strdup(mem_ctx, server_info->home_directory);
+ sam->home_drive.string = talloc_strdup(mem_ctx, server_info->home_drive);
+
+ sam->logon_count = server_info->logon_count;
+ sam->bad_password_count = sam->bad_password_count;
+ sam->rid = server_info->user_sid->sub_auths[server_info->user_sid->num_auths-1];
+ sam->primary_gid = server_info->primary_group_sid->sub_auths[server_info->primary_group_sid->num_auths-1];
+ sam->group_count = 0;
+ sam->groupids = NULL;
+ sam->user_flags = 0; /* TODO: w2k3 uses 0x120 - what is this? */
+ sam->acct_flags = server_info->acct_flags;
+ sam->logon_server.string = lp_netbios_name();
+
+ sam->domain.string = talloc_strdup(mem_ctx, server_info->domain);
+
+ sam->domain_sid = dom_sid_dup(mem_ctx, server_info->user_sid);
+ sam->domain_sid->num_auths--;
+
+ if (server_info->user_session_key.length == sizeof(sam->key.key)) {
+ memcpy(sam->key.key, server_info->user_session_key.data, sizeof(sam->key.key));
+ } else {
+ ZERO_STRUCT(sam->key.key);
+ }
+
+ /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
+ if (memcmp(sam->key.key, zeros,
+ sizeof(sam->key.key)) != 0) {
+ creds_arcfour_crypt(pipe_state->creds,
+ sam->key.key,
+ sizeof(sam->key.key));
+ }
+
+ if (server_info->lm_session_key.length == sizeof(sam->LMSessKey.key)) {
+ memcpy(sam->LMSessKey.key, server_info->lm_session_key.data,
+ sizeof(sam->LMSessKey.key));
+ } else {
+ ZERO_STRUCT(sam->LMSessKey.key);
+ }
+
+ /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
+ if (memcmp(sam->LMSessKey.key, zeros,
+ sizeof(sam->LMSessKey.key)) != 0) {
+ creds_arcfour_crypt(pipe_state->creds,
+ sam->LMSessKey.key,
+ sizeof(sam->LMSessKey.key));
+ }
+
+ switch (r->in.validation_level) {
+ case 2:
+ sam2 = talloc_p(mem_ctx, struct netr_SamInfo2);
+ ZERO_STRUCTP(sam2);
+ sam2->base = *sam;
+ r->out.validation.sam2 = sam2;
+ break;
+
+ case 3:
+ sam3 = talloc_p(mem_ctx, struct netr_SamInfo3);
+ ZERO_STRUCTP(sam3);
+ sam3->base = *sam;
+ r->out.validation.sam3 = sam3;
+ break;
+
+ case 6:
+ sam6 = talloc_p(mem_ctx, struct netr_SamInfo6);
+ ZERO_STRUCTP(sam6);
+ sam6->base = *sam;
+ sam6->forest.string = lp_realm();
+ sam6->principle.string = talloc_asprintf(mem_ctx, "%s@%s",
+ sam->account_name.string, sam6->forest.string);
+ r->out.validation.sam6 = sam6;
+ break;
+
+ default:
+ break;
+ }
+ r->out.authoritative = 1;
+
+ return NT_STATUS_OK;
+}
+
+/*
+ netr_LogonSamLogon
*/
static NTSTATUS netr_LogonSamLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct netr_LogonSamLogon *r)
+ struct netr_LogonSamLogon *r)
{
- DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+ struct netr_LogonSamLogonWithFlags r2;
+ NTSTATUS status;
+
+ ZERO_STRUCT(r2);
+
+ r2.in.server_name = r->in.server_name;
+ r2.in.workstation = r->in.workstation;
+ r2.in.credential = r->in.credential;
+ r2.in.return_authenticator = r->in.return_authenticator;
+ r2.in.logon_level = r->in.logon_level;
+ r2.in.logon = r->in.logon;
+ r2.in.validation_level = r->in.validation_level;
+ r2.in.flags = 0;
+
+ status = netr_LogonSamLogonWithFlags(dce_call, mem_ctx, &r2);
+
+ r->out.return_authenticator = r2.out.return_authenticator;
+ r->out.validation = r2.out.validation;
+ r->out.authoritative = r2.out.authoritative;
+
+ return status;
}
}
+/*
+ netr_NETRENUMERATETRUSTEDDOMAINS
+*/
+static WERROR netr_NETRENUMERATETRUSTEDDOMAINS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRENUMERATETRUSTEDDOMAINS *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_DSRGETDCNAME
+*/
+static WERROR netr_DSRGETDCNAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_DSRGETDCNAME *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRLOGONDUMMYROUTINE1
+*/
+static WERROR netr_NETRLOGONDUMMYROUTINE1(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRLOGONDUMMYROUTINE1 *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRLOGONSETSERVICEBITS
+*/
+static WERROR netr_NETRLOGONSETSERVICEBITS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRLOGONSETSERVICEBITS *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRLOGONGETTRUSTRID
+*/
+static WERROR netr_NETRLOGONGETTRUSTRID(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRLOGONGETTRUSTRID *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRLOGONCOMPUTESERVERDIGEST
+*/
+static WERROR netr_NETRLOGONCOMPUTESERVERDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRLOGONCOMPUTESERVERDIGEST *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRLOGONCOMPUTECLIENTDIGEST
+*/
+static WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_DSRGETDCNAMEX
+*/
+static WERROR netr_DSRGETDCNAMEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_DSRGETDCNAMEX *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_DSRGETSITENAME
+*/
+static WERROR netr_DSRGETSITENAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_DSRGETSITENAME *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ fill in a netr_DomainTrustInfo from a ldb search result
+*/
+static NTSTATUS fill_domain_trust_info(TALLOC_CTX *mem_ctx, struct ldb_message *res,
+ struct netr_DomainTrustInfo *info)
+{
+ ZERO_STRUCTP(info);
+
+ info->domainname.string = samdb_result_string(res, "flatName", NULL);
+ if (info->domainname.string == NULL) {
+ info->domainname.string = samdb_result_string(res, "name", NULL);
+ info->fulldomainname.string = samdb_result_string(res, "dnsDomain", NULL);
+ } else {
+ info->fulldomainname.string = samdb_result_string(res, "name", NULL);
+ }
+
+ /* TODO: we need proper forest support */
+ info->forest.string = info->fulldomainname.string;
+
+ info->guid = samdb_result_guid(res, "objectGUID");
+ info->sid = samdb_result_dom_sid(mem_ctx, res, "objectSid");
+
+ return NT_STATUS_OK;
+}
+
+/*
+ netr_LogonGetDomainInfo
+ this is called as part of the ADS domain logon procedure.
+*/
+static NTSTATUS netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_LogonGetDomainInfo *r)
+{
+ struct server_pipe_state *pipe_state = dce_call->conn->private;
+ const char * const attrs[] = { "name", "dnsDomain", "objectSid",
+ "objectGUID", "flatName", NULL };
+ void *sam_ctx;
+ struct ldb_message **res1, **res2;
+ struct netr_DomainInfo1 *info1;
+ int ret1, ret2, i;
+ NTSTATUS status;
+
+ if (!pipe_state) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ if (!netr_creds_server_step_check(pipe_state,
+ r->in.credential, r->out.credential)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ sam_ctx = samdb_connect(mem_ctx);
+ if (sam_ctx == NULL) {
+ return NT_STATUS_INVALID_SYSTEM_SERVICE;
+ }
+
+ /* we need to do two searches. The first will pull our primary
+ domain and the second will pull any trusted domains. Our
+ primary domain is also a "trusted" domain, so we need to
+ put the primary domain into the lists of returned trusts as
+ well */
+ ret1 = samdb_search(sam_ctx, mem_ctx, NULL, &res1, attrs, "(objectClass=domainDNS)");
+ if (ret1 != 1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ ret2 = samdb_search(sam_ctx, mem_ctx, NULL, &res2, attrs, "(objectClass=trustedDomain)");
+ if (ret2 == -1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ info1 = talloc_p(mem_ctx, struct netr_DomainInfo1);
+ if (info1 == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ ZERO_STRUCTP(info1);
+
+ info1->num_trusts = ret2 + 1;
+ info1->trusts = talloc_array_p(mem_ctx, struct netr_DomainTrustInfo,
+ info1->num_trusts);
+ if (info1->trusts == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ status = fill_domain_trust_info(mem_ctx, res1[0], &info1->domaininfo);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ status = fill_domain_trust_info(mem_ctx, res1[0], &info1->trusts[0]);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ for (i=0;i<ret2;i++) {
+ status = fill_domain_trust_info(mem_ctx, res2[i], &info1->trusts[i+1]);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ }
+
+ r->out.info.info1 = info1;
+
+ return NT_STATUS_OK;
+}
+
+
+/*
+ netr_NETRSERVERPASSWORDSET2
+*/
+static WERROR netr_NETRSERVERPASSWORDSET2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRSERVERPASSWORDSET2 *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRSERVERPASSWORDGET
+*/
+static WERROR netr_NETRSERVERPASSWORDGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRSERVERPASSWORDGET *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRLOGONSENDTOSAM
+*/
+static WERROR netr_NETRLOGONSENDTOSAM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRLOGONSENDTOSAM *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_DSRADDRESSTOSITENAMESW
+*/
+static WERROR netr_DSRADDRESSTOSITENAMESW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_DSRADDRESSTOSITENAMESW *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_DSRGETDCNAMEEX2
+*/
+static WERROR netr_DSRGETDCNAMEEX2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_DSRGETDCNAMEEX2 *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN
+*/
+static WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRENUMERATETRUSTEDDOMAINSEX
+*/
+static WERROR netr_NETRENUMERATETRUSTEDDOMAINSEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRENUMERATETRUSTEDDOMAINSEX *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_DSRADDRESSTOSITENAMESEXW
+*/
+static WERROR netr_DSRADDRESSTOSITENAMESEXW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_DSRADDRESSTOSITENAMESEXW *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_DSRGETDCSITECOVERAGEW
+*/
+static WERROR netr_DSRGETDCSITECOVERAGEW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_DSRGETDCSITECOVERAGEW *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRLOGONSAMLOGONEX
+*/
+static WERROR netr_NETRLOGONSAMLOGONEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRLOGONSAMLOGONEX *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_DsrEnumerateDomainTrusts
+*/
+static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_DsrEnumerateDomainTrusts *r)
+{
+ struct netr_DomainTrust *trusts;
+ void *sam_ctx;
+ int ret, i;
+ struct ldb_message **res;
+ const char * const attrs[] = { "name", "dnsDomain", "objectSid", "objectGUID", NULL };
+
+ ZERO_STRUCT(r->out);
+
+ sam_ctx = samdb_connect(mem_ctx);
+ if (sam_ctx == NULL) {
+ return WERR_GENERAL_FAILURE;
+ }
+
+ ret = samdb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(objectClass=domainDNS)");
+ if (ret == -1) {
+ return WERR_GENERAL_FAILURE;
+ }
+
+ if (ret == 0) {
+ return WERR_OK;
+ }
+
+ trusts = talloc_array_p(mem_ctx, struct netr_DomainTrust, ret);
+ if (trusts == NULL) {
+ return WERR_NOMEM;
+ }
+
+ r->out.count = ret;
+ r->out.trusts = trusts;
+
+ /* TODO: add filtering by trust_flags, and correct trust_type
+ and attributes */
+ for (i=0;i<ret;i++) {
+ trusts[i].netbios_name = samdb_result_string(res[i], "name", NULL);
+ trusts[i].dns_name = samdb_result_string(res[i], "dnsDomain", NULL);
+ trusts[i].trust_flags =
+ NETR_TRUST_FLAG_TREEROOT |
+ NETR_TRUST_FLAG_IN_FOREST |
+ NETR_TRUST_FLAG_PRIMARY;
+ trusts[i].parent_index = 0;
+ trusts[i].trust_type = 2;
+ trusts[i].trust_attributes = 0;
+ trusts[i].sid = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
+ trusts[i].guid = samdb_result_guid(res[i], "objectGUID");
+ }
+
+
+ return WERR_OK;
+}
+
+
+/*
+ netr_DSRDEREGISTERDNSHOSTRECORDS
+*/
+static WERROR netr_DSRDEREGISTERDNSHOSTRECORDS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_DSRDEREGISTERDNSHOSTRECORDS *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRSERVERTRUSTPASSWORDSGET
+*/
+static WERROR netr_NETRSERVERTRUSTPASSWORDSGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRSERVERTRUSTPASSWORDSGET *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_DSRGETFORESTTRUSTINFORMATION
+*/
+static WERROR netr_DSRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_DSRGETFORESTTRUSTINFORMATION *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRGETFORESTTRUSTINFORMATION
+*/
+static WERROR netr_NETRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRGETFORESTTRUSTINFORMATION *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/*
+ netr_NETRSERVERGETTRUSTINFO
+*/
+static WERROR netr_NETRSERVERGETTRUSTINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct netr_NETRSERVERGETTRUSTINFO *r)
+{
+ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
/* include the generated boilerplate */
#include "librpc/gen_ndr/ndr_netlogon_s.c"