rpcclient/cmd_wkssvc.o \
rpcclient/cmd_samr.o \
rpcclient/cmd_srvsvc.o \
+ rpcclient/cmd_netlogon.o \
$(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \
$(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_OBJ)
-# rpcclient/cmd_netlogon.o
SMBWRAPPER_OBJ = smbwrapper/smbw.o smbwrapper/wrapped.o \
smbwrapper/smbw_dir.o smbwrapper/smbw_stat.o \
BOOL trust_password_delete( char *domain, char *name );
BOOL get_trust_account_password( unsigned char *ret_pwd, time_t *pass_last_set_time);
BOOL set_trust_account_password( unsigned char *md4_new_pwd);
+BOOL trust_get_passwd( unsigned char trust_passwd[16], char *myname, char *domain);
/*The following definitions come from printing/pcap.c */
uint16 sec_chan, char *comp_name, DOM_CRED *cred, char nt_cypher[16]);
void net_io_q_srv_pwset(char *desc, NET_Q_SRV_PWSET *q_s, prs_struct *ps, int depth);
void net_io_r_srv_pwset(char *desc, NET_R_SRV_PWSET *r_s, prs_struct *ps, int depth);
+void make_id_info1(NET_ID_INFO_1 *id, char *domain_name,
+ uint32 param_ctrl, uint32 log_id_low, uint32 log_id_high,
+ char *user_name, char *wksta_name,
+ char sess_key[16],
+ unsigned char lm_cypher[16], unsigned char nt_cypher[16]);
void make_id_info2(NET_ID_INFO_2 *id, char *domain_name,
uint32 param_ctrl, uint32 log_id_low, uint32 log_id_high,
char *user_name, char *wksta_name,
void cmd_lsa_query_info(struct client_info *info);
void cmd_lsa_lookup_sids(struct client_info *info);
+/*The following definitions come from rpcclient/cmd_netlogon.c */
+
+void cmd_netlogon_login_test(struct client_info *info);
+
/*The following definitions come from rpcclient/cmd_samr.c */
void cmd_sam_ntchange_pwd(struct client_info *info);
if (cli->pwd.cleartext || cli->pwd.null_pwd)
{
- /* attempt clear-text session */
-
fstring passwd;
+ int pass_len;
- pwd_get_cleartext(&(cli->pwd), passwd);
+ if (cli->pwd.null_pwd)
+ {
+ /* attempt null session */
+ passwd[0] = 0;
+ pass_len = 1;
+ }
+ else
+ {
+ /* attempt clear-text session */
+ pwd_get_cleartext(&(cli->pwd), passwd);
+ pass_len = strlen(passwd);
+ }
/* attempt clear-text session */
if (!cli_session_setup(cli, cli->user_name,
- passwd, strlen(passwd),
+ passwd, pass_len,
NULL, 0,
cli->domain))
{
pwfile = getpwnam(pw_buf->smb_name);
if (pwfile == NULL)
{
- DEBUG(0,"getsmbfile21pwent: smbpasswd database is corrupt!\n"));
- DEBUG(0,"getsmbfile21pwent: username %s not in unix passwd database!\n", pw_buf->smb_name));
+ DEBUG(0,("getsmbfile21pwent: smbpasswd database is corrupt!\n"));
+ DEBUG(0,("getsmbfile21pwent: username %s not in unix passwd database!\n", pw_buf->smb_name));
return NULL;
}
static int gotalarm;
int pw_file_lock_depth = 0;
+BOOL global_machine_password_needs_changing = False;
+
/***************************************************************
Signal function to tell us we timed out.
****************************************************************/
fflush(mach_passwd_fp);
return True;
}
+
+BOOL trust_get_passwd( unsigned char trust_passwd[16], char *myname, char *domain)
+{
+ time_t lct;
+
+ /*
+ * Get the machine account password.
+ */
+ if(!trust_password_lock( myname, domain, False)) {
+ DEBUG(0,("domain_client_validate: unable to open the machine account password file for \
+machine %s in domain %s.\n", myname, domain ));
+ return False;
+ }
+
+ if(get_trust_account_password( trust_passwd, &lct) == False) {
+ DEBUG(0,("domain_client_validate: unable to read the machine account password for \
+machine %s in domain %s.\n", myname, domain ));
+ trust_password_unlock();
+ return False;
+ }
+
+ trust_password_unlock();
+
+ /*
+ * Here we check the last change time to see if the machine
+ * password needs changing. JRA.
+ */
+
+ if(time(NULL) > lct + lp_machine_password_timeout())
+ {
+ global_machine_password_needs_changing = True;
+ }
+ return True;
+}
{
unsigned char processed_new_pwd[16];
- DEBUG(5,("cli_nt_login_interactive: %d\n", __LINE__));
+ DEBUG(5,("cli_nt_srv_pwset: %d\n", __LINE__));
#ifdef DEBUG_PASSWORD
dump_data(6, new_hashof_mach_pwd, 16);
return cli_net_srv_pwset(cli, processed_new_pwd);
}
-#if UNUSED_CODE
/****************************************************************************
NT login - interactive.
*NEVER* use this code. This method of doing a logon (sending the cleartext
return ret;
}
-#endif
/****************************************************************************
NT login - network.
return cli_net_sam_logon(cli, ctr, user_info3);
}
-#if UNUSED_CODE
/****************************************************************************
NT Logoff.
****************************************************************************/
/* Send client sam-logoff request - update credentials on success. */
return cli_net_sam_logoff(cli, ctr);
}
-#endif
if (sec_qos)
{
make_lsa_sec_qos(&qos, 2, 1, 0, 0x20000000);
- make_q_open_pol(&q_o, server_name, 0, 0, &qos);
+ make_q_open_pol(&q_o, 0x5c, 0, 0, &qos);
}
else
{
- make_q_open_pol(&q_o, server_name, 0, 0x1, NULL);
+ make_q_open_pol(&q_o, 0x5c, 0, 0x1, NULL);
}
/* turn parameters into data stream */
return ok;
}
-#if UNUSED_CODE
/***************************************************************************
LSA SAM Logoff.
return ok;
}
-#endif
/*********************************************************
Change the domain password on the PDC.
unsigned char old_trust_passwd_hash[16];
unsigned char new_trust_passwd_hash[16];
time_t lct;
+ BOOL res;
if(!get_trust_account_password( old_trust_passwd_hash, &lct)) {
DEBUG(0,("change_trust_account_password: unable to read the machine \
* Return the result of trying to write the new password
* back into the trust account file.
*/
- return set_trust_account_password(new_trust_passwd_hash);
+ res = set_trust_account_password(new_trust_passwd_hash);
+ memset(new_trust_passwd_hash, 0, 16);
+ memset(old_trust_passwd_hash, 0, 16);
+ return res;
}
}
+ memset(new_trust_passwd_hash, 0, 16);
+ memset(old_trust_passwd_hash, 0, 16);
+
DEBUG(0,("%s : change_trust_account_password: Failed to change password for \
domain %s.\n", timestring(), domain));
return False;
return count;
}
+/*******************************************************************
+makes a NET_ID_INFO_1 structure.
+********************************************************************/
+void make_id_info1(NET_ID_INFO_1 *id, char *domain_name,
+ uint32 param_ctrl, uint32 log_id_low, uint32 log_id_high,
+ char *user_name, char *wksta_name,
+ char sess_key[16],
+ unsigned char lm_cypher[16], unsigned char nt_cypher[16])
+{
+ int len_domain_name = strlen(domain_name);
+ int len_user_name = strlen(user_name );
+ int len_wksta_name = strlen(wksta_name );
+
+ unsigned char lm_owf[16];
+ unsigned char nt_owf[16];
+
+ if (id == NULL) return;
+
+ DEBUG(5,("make_id_info1: %d\n", __LINE__));
+
+ id->ptr_id_info1 = 1;
+
+ make_uni_hdr(&(id->hdr_domain_name), len_domain_name, len_domain_name, 4);
+
+ id->param_ctrl = param_ctrl;
+ make_logon_id(&(id->logon_id), log_id_low, log_id_high);
+
+ make_uni_hdr(&(id->hdr_user_name ), len_user_name , len_user_name , 4);
+ make_uni_hdr(&(id->hdr_wksta_name ), len_wksta_name , len_wksta_name , 4);
+
+ if (lm_cypher && nt_cypher)
+ {
+ unsigned char key[16];
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("lm cypher:"));
+ dump_data(100, lm_cypher, 16);
+
+ DEBUG(100,("nt cypher:"));
+ dump_data(100, nt_cypher, 16);
+#endif
+
+ memset(key, 0, 16);
+ memcpy(key, sess_key, 16);
+
+ memcpy(lm_cypher, lm_owf, 16);
+ SamOEMhash(lm_owf, key, False);
+ memcpy(lm_cypher, lm_owf, 16);
+ SamOEMhash(nt_owf, key, False);
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("encrypt of lm owf password:"));
+ dump_data(100, lm_owf, 16);
+
+ DEBUG(100,("encrypt of nt owf password:"));
+ dump_data(100, nt_owf, 16);
+#endif
+ /* set up pointers to cypher blocks */
+ lm_cypher = lm_owf;
+ nt_cypher = nt_owf;
+ }
+
+ make_owf_info(&(id->lm_owf), lm_cypher);
+ make_owf_info(&(id->nt_owf), nt_cypher);
+
+ make_unistr2(&(id->uni_domain_name), domain_name, len_domain_name);
+ make_unistr2(&(id->uni_user_name ), user_name , len_user_name );
+ make_unistr2(&(id->uni_wksta_name ), wksta_name , len_wksta_name );
+}
+
/*******************************************************************
reads or writes an NET_ID_INFO_1 structure.
********************************************************************/
****************************************************************************/
void cmd_netlogon_login_test(struct client_info *info)
{
+ extern BOOL global_machine_password_needs_changing;
+
+ fstring nt_user_name;
+ fstring password;
BOOL res = True;
+ char *nt_password;
+ unsigned char trust_passwd[16];
/* machine account passwords */
pstring new_mach_pwd;
/* initialisation */
new_mach_pwd[0] = 0;
- DEBUG(5,("do_nt_login_test: %d\n", __LINE__));
+ if (!next_token(NULL, nt_user_name, NULL, sizeof(nt_user_name)))
+ {
+ fstrcpy(nt_user_name, smb_cli->user_name);
+ if (nt_user_name[0] == 0)
+ {
+ fprintf(out_hnd,"ntlogin: must specify username with anonymous connection\n");
+ return;
+ }
+ }
+
+ if (next_token(NULL, password, NULL, sizeof(password)))
+ {
+ nt_password = password;
+ }
+ else
+ {
+ nt_password = getpass("Enter NT Login password:");
+ }
+
+ DEBUG(5,("do_nt_login_test: username %s\n", nt_user_name));
+
+ res = res ? trust_get_passwd(trust_passwd, info->myhostname, smb_cli->domain) : False;
#if 0
/* check whether the user wants to change their machine password */
info->mach_acct, new_mach_pwd) : False;
#endif
/* open NETLOGON session. negotiate credentials */
- res = res ? do_nt_session_open(smb_cli,
- info->dest_host, info->myhostname,
- info->mach_acct,
- smb_cli->user_name, smb_cli->domain,
- info->dom.sess_key, &info->dom.clnt_cred) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_NETLOGON, False) : False;
+
+ res = res ? cli_nt_setup_creds(smb_cli, trust_passwd) : False;
/* change the machine password? */
- if (new_mach_pwd != NULL && new_mach_pwd[0] != 0)
+ if (global_machine_password_needs_changing)
{
- res = res ? do_nt_srv_pwset(smb_cli, info->dom.lsarpc_fnum,
- info->dom.sess_key, &info->dom.clnt_cred, &info->dom.rtn_cred,
- new_mach_pwd,
- info->dest_host, info->mach_acct, info->myhostname) : False;
+ unsigned char new_trust_passwd[16];
+ generate_random_buffer(new_trust_passwd, 16, True);
+ res = res ? cli_nt_srv_pwset(smb_cli, new_trust_passwd) : False;
+
+ if (res)
+ {
+ global_machine_password_needs_changing = !set_trust_account_password(new_trust_passwd);
+ }
+
+ memset(new_trust_passwd, 0, 16);
}
- /* create the user-identification info */
- make_nt_login_interactive(&info->dom.ctr,
- info->dom.sess_key,
- smb_cli->domain, info->myhostname,
- getuid(), smb_cli->user_name);
+ memset(trust_passwd, 0, 16);
/* do an NT login */
- res = res ? do_nt_login(smb_cli, info->dom.lsarpc_fnum,
- info->dom.sess_key, &info->dom.clnt_cred, &info->dom.rtn_cred,
- &info->dom.ctr, info->dest_host, info->myhostname, &info->dom.user_info3) : False;
+ res = res ? cli_nt_login_interactive(smb_cli,
+ smb_cli->domain, nt_user_name,
+ getuid(), nt_password,
+ &info->dom.ctr, &info->dom.user_info3) : False;
+
+ /*** clear out the password ***/
+ memset(password, 0, sizeof(password));
/* ok! you're logged in! do anything you like, then... */
-
+
/* do an NT logout */
- res = res ? do_nt_logoff(smb_cli, info->dom.lsarpc_fnum,
- info->dom.sess_key, &info->dom.clnt_cred, &info->dom.rtn_cred,
- &info->dom.ctr, info->dest_host, info->myhostname) : False;
+ res = res ? cli_nt_logoff(smb_cli, &info->dom.ctr) : False;
/* close the session */
cli_nt_session_close(smb_cli);
char *description;
} commands[] =
{
-#if 0
- {"ntlogin", cmd_netlogon_login_test, "<username> NT Domain login test"},
-#endif
- {"wksinfo", cmd_wks_query_info, "DCE/RPC - Workstation Query Info"},
- {"srvinfo", cmd_srv_query_info, "DCE/RPC - Server Query Info"},
- {"srvsessions",cmd_srv_enum_sess, "DCE/RPC - List sessions on a server"},
- {"srvshares", cmd_srv_enum_shares, "DCE/RPC - List shares on a server"},
- {"srvconnections",cmd_srv_enum_conn, "DCE/RPC - List connections on a server"},
- {"srvfiles", cmd_srv_enum_files, "DCE/RPC - List files on a server"},
+ {"ntlogin", cmd_netlogon_login_test, "[username] [password] NT Domain login test"},
+ {"wksinfo", cmd_wks_query_info, "Workstation Query Info"},
+ {"srvinfo", cmd_srv_query_info, "Server Query Info"},
+ {"srvsessions",cmd_srv_enum_sess, "List sessions on a server"},
+ {"srvshares", cmd_srv_enum_shares, "List shares on a server"},
+ {"srvconnections",cmd_srv_enum_conn, "List connections on a server"},
+ {"srvfiles", cmd_srv_enum_files, "List files on a server"},
{"lsaquery", cmd_lsa_query_info, "Query Info Policy (domain member or server)"},
{"lookupsids", cmd_lsa_lookup_sids, "Resolve names from SIDs"},
{"enumusers", cmd_sam_enum_users, "SAM User Database Query (experimental!)"},
extern int DEBUGLEVEL;
extern int Protocol;
-BOOL global_machine_pasword_needs_changing;
-
/* users from session setup */
static pstring session_users="";
unsigned char local_lm_response[24];
unsigned char local_nt_reponse[24];
unsigned char trust_passwd[16];
- time_t lct;
fstring remote_machine;
char *p;
struct in_addr dest_ip;
/*
* Get the machine account password.
*/
- if(!trust_password_lock( global_myworkgroup, global_myname, False)) {
- DEBUG(0,("domain_client_validate: unable to open the machine account password file for \
-machine %s in domain %s.\n", global_myname, global_myworkgroup ));
- return False;
- }
-
- if(get_trust_account_password( trust_passwd, &lct) == False) {
- DEBUG(0,("domain_client_validate: unable to read the machine account password for \
-machine %s in domain %s.\n", global_myname, global_myworkgroup ));
- trust_password_unlock();
+ if (!trust_get_passwd( trust_passwd, global_myworkgroup, global_myname))
+ {
return False;
}
- trust_password_unlock();
-
- /*
- * Here we check the last change time to see if the machine
- * password needs changing. JRA.
- */
-
- if(time(NULL) > lct + lp_machine_password_timeout())
- global_machine_pasword_needs_changing = True;
-
/*
* At this point, smb_apasswd points to the lanman response to
* the challenge in local_challenge, and smb_ntpasswd points to
extern char *OutBuffer;
extern int smb_read_error;
extern BOOL reload_after_sighup;
-extern BOOL global_machine_pasword_needs_changing;
+extern BOOL global_machine_password_needs_changing;
extern fstring global_myworkgroup;
extern pstring global_myname;
extern int max_send;
git.samba.org / samba.git / commitdiff