#define CLIENT_TIMEOUT (30*1000)
-#ifdef NTDOMAIN
-
-
/****************************************************************************
experimental nt login.
****************************************************************************/
-BOOL do_nt_login(char *desthost, char *myhostname,
+BOOL client_do_nt_login(char *desthost, char *myhostname,
int Client, int cnum)
{
DOM_CHAL clnt_chal;
return True;
}
-#endif /* NTDOMAIN */
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ SMB parameters and setup
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _NT_DOMAIN_H /* _NT_DOMAIN_H */
+#define _NT_DOMAIN_H
+
+
+/* dce/rpc support */
+#include "lib/rpc/include/rpc_dce.h"
+
+/* miscellaneous structures / defines */
+#include "lib/rpc/include/rpc_misc.h"
+
+/* different dce/rpc pipes */
+#include "lib/rpc/include/rpc_lsa.h"
+#include "lib/rpc/include/rpc_netlogon.h"
+#include "lib/rpc/include/rpc_reg.h"
+#include "lib/rpc/include/rpc_samr.h"
+#include "lib/rpc/include/rpc_srvsvc.h"
+#include "lib/rpc/include/rpc_wkssvc.h"
+
+/*
+ * A bunch of stuff that was put into smb.h
+ * in the NTDOM branch - it didn't belong there.
+ */
+
+typedef struct
+{
+ struct mem_buf *data; /* memory buffer */
+ uint32 offset; /* offset currently being accessed in memory buffer */
+ uint8 align; /* data alignment */
+ BOOL io; /* parsing in or out of data stream */
+
+} prs_struct;
+
+typedef struct
+{
+ int cnum;
+ int uid;
+ BOOL open; /* open connection */
+ uint16 device_state;
+ fstring name;
+ fstring pipe_srv_name;
+
+ prs_struct rhdr; /* output header */
+ prs_struct rdata; /* output data */
+ prs_struct rauth; /* output authentication verifier */
+
+ RPC_HDR hdr;
+ RPC_HDR_BA hdr_ba;
+ RPC_HDR_RB hdr_rb;
+ RPC_HDR_RR hdr_rr;
+
+ RPC_AUTH_NTLMSSP_REQ ntlmssp_req;
+ RPC_AUTH_NTLMSSP_RESP ntlmssp_resp;
+
+ uint32 max_rdata_len;
+ uint32 hdr_offsets;
+
+} pipes_struct;
+
+struct acct_info
+{
+ fstring acct_name; /* account name */
+ uint32 smb_userid; /* domain-relative RID */
+};
+
+struct api_struct
+{
+ char *name;
+ uint8 opnum;
+ void (*fn) (int uid, prs_struct*, prs_struct*);
+};
+
+struct mem_desc
+{
+ /* array memory offsets */
+ uint32 start;
+ uint32 end;
+};
+
+struct mem_buf
+{
+ BOOL dynamic; /* True iff data has been dynamically allocated
+ (and therefore can be freed) */
+ char *data;
+ uint32 data_size;
+ uint32 data_used;
+
+ uint32 margin; /* safety margin when reallocing. */
+ /* this can be abused quite nicely */
+ uint8 align; /* alignment of data structures (smb, dce/rpc, udp etc) */
+
+ struct mem_desc offset;
+
+ struct mem_buf *next;
+};
+
+typedef struct
+{
+ uint32 rid;
+ char *name;
+
+} rid_name;
+
+#endif /* _NT_DOMAIN_H */
+
#define NT_STATUS_INVALID_INFO_CLASS (3)
#define NT_STATUS_INFO_LENGTH_MISMATCH (4)
#define NT_STATUS_ACCESS_VIOLATION (5)
+#define STATUS_BUFFER_OVERFLOW (5)
#define NT_STATUS_IN_PAGE_ERROR (6)
#define NT_STATUS_PAGEFILE_QUOTA (7)
#define NT_STATUS_INVALID_HANDLE (8)
void interpret_coding_system(char *str);
void initialize_multibyte_vectors( int client_codepage);
+/*The following definitions come from lib/rpc/parse/parse_lsa.c */
+
+void make_lsa_trans_name(LSA_TRANS_NAME *trn, uint32 sid_name_use, char *name, uint32 idx);
+void lsa_io_trans_name(char *desc, LSA_TRANS_NAME *trn, prs_struct *ps, int depth);
+void lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int depth);
+void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, uint32 sec_qos);
+void lsa_io_obj_attr(char *desc, LSA_OBJ_ATTR *attr, prs_struct *ps, int depth);
+void make_q_open_pol(LSA_Q_OPEN_POL *r_q, char *server_name,
+ uint32 attributes, uint32 sec_qos,
+ uint32 desired_access);
+void lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth);
+void lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int depth);
+void make_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class);
+void lsa_io_q_query(char *desc, LSA_Q_QUERY_INFO *q_q, prs_struct *ps, int depth);
+void lsa_io_q_enum_trust_dom(char *desc, LSA_Q_ENUM_TRUST_DOM *q_e, prs_struct *ps, int depth);
+void make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e,
+ uint32 enum_context, char *domain_name, char *domain_sid,
+ uint32 status);
+void lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth);
+void make_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd);
+void lsa_io_q_close(char *desc, LSA_Q_CLOSE *q_c, prs_struct *ps, int depth);
+void make_lsa_r_close(LSA_R_CLOSE *q_r, POLICY_HND *hnd);
+void lsa_io_r_close(char *desc, LSA_R_CLOSE *r_c, prs_struct *ps, int depth);
+void lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth);
+void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, prs_struct *ps, int depth);
+void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth);
+void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn, prs_struct *ps, int depth);
+void lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth);
+void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, int depth);
+void lsa_io_r_lookup_rids(char *desc, LSA_R_LOOKUP_RIDS *r_r, prs_struct *ps, int depth);
+
+/*The following definitions come from lib/rpc/parse/parse_misc.c */
+
+void smb_io_utime(char *desc, UTIME *t, prs_struct *ps, int depth);
+void smb_io_time(char *desc, NTTIME *nttime, prs_struct *ps, int depth);
+void smb_io_lookup_level(char *desc, LOOKUP_LEVEL *level, prs_struct *ps, int depth);
+uint32 get_enum_hnd(ENUM_HND *enh);
+void make_enum_hnd(ENUM_HND *enh, uint32 hnd);
+void smb_io_enum_hnd(char *desc, ENUM_HND *hnd, prs_struct *ps, int depth);
+void make_dom_sid(DOM_SID *sid, char *str_sid);
+void smb_io_dom_sid(char *desc, DOM_SID *sid, prs_struct *ps, int depth);
+void make_dom_sid2(DOM_SID2 *sid, char *str_sid);
+void smb_io_dom_sid2(char *desc, DOM_SID2 *sid, prs_struct *ps, int depth);
+void make_str_hdr(STRHDR *hdr, int max_len, int len, uint32 buffer);
+void smb_io_strhdr(char *desc, STRHDR *hdr, prs_struct *ps, int depth);
+void make_uni_hdr(UNIHDR *hdr, int max_len, int len, uint32 buffer);
+void smb_io_unihdr(char *desc, UNIHDR *hdr, prs_struct *ps, int depth);
+void make_uni_hdr2(UNIHDR2 *hdr, int max_len, int len, uint16 terminate);
+void smb_io_unihdr2(char *desc, UNIHDR2 *hdr2, prs_struct *ps, int depth);
+void make_unistr(UNISTR *str, char *buf);
+void smb_io_unistr(char *desc, UNISTR *uni, prs_struct *ps, int depth);
+void make_uninotstr2(UNINOTSTR2 *str, char *buf, int len);
+void smb_io_uninotstr2(char *desc, UNINOTSTR2 *uni2, uint32 buffer, prs_struct *ps, int depth);
+void make_buf_unistr2(UNISTR2 *str, uint32 *ptr, char *buf);
+void copy_unistr2(UNISTR2 *str, UNISTR2 *from);
+void make_string2(STRING2 *str, char *buf, int len);
+void smb_io_string2(char *desc, STRING2 *str2, uint32 buffer, prs_struct *ps, int depth);
+void make_unistr2(UNISTR2 *str, char *buf, int len);
+void smb_io_unistr2(char *desc, UNISTR2 *uni2, uint32 buffer, prs_struct *ps, int depth);
+void make_dom_rid2(DOM_RID2 *rid2, uint32 rid);
+void smb_io_dom_rid2(char *desc, DOM_RID2 *rid2, prs_struct *ps, int depth);
+void make_dom_rid3(DOM_RID3 *rid3, uint32 rid);
+void smb_io_dom_rid3(char *desc, DOM_RID3 *rid3, prs_struct *ps, int depth);
+void make_dom_rid4(DOM_RID4 *rid4, uint16 unknown, uint16 attr, uint32 rid);
+void smb_io_dom_rid4(char *desc, DOM_RID4 *rid4, prs_struct *ps, int depth);
+void make_clnt_srv(DOM_CLNT_SRV *log, char *logon_srv, char *comp_name);
+void smb_io_clnt_srv(char *desc, DOM_CLNT_SRV *log, prs_struct *ps, int depth);
+void make_log_info(DOM_LOG_INFO *log, char *logon_srv, char *acct_name,
+ uint16 sec_chan, char *comp_name);
+void smb_io_log_info(char *desc, DOM_LOG_INFO *log, prs_struct *ps, int depth);
+void smb_io_chal(char *desc, DOM_CHAL *chal, prs_struct *ps, int depth);
+void smb_io_cred(char *desc, DOM_CRED *cred, prs_struct *ps, int depth);
+void make_clnt_info2(DOM_CLNT_INFO2 *clnt,
+ char *logon_srv, char *comp_name,
+ DOM_CRED *clnt_cred);
+void smb_io_clnt_info2(char *desc, DOM_CLNT_INFO2 *clnt, prs_struct *ps, int depth);
+void make_clnt_info(DOM_CLNT_INFO *clnt,
+ char *logon_srv, char *acct_name,
+ uint16 sec_chan, char *comp_name,
+ DOM_CRED *cred);
+void smb_io_clnt_info(char *desc, DOM_CLNT_INFO *clnt, prs_struct *ps, int depth);
+void make_logon_id(DOM_LOGON_ID *log, uint32 log_id_low, uint32 log_id_high);
+void smb_io_logon_id(char *desc, DOM_LOGON_ID *log, prs_struct *ps, int depth);
+void make_arc4_owf(ARC4_OWF *hash, uint8 data[16]);
+void smb_io_arc4_owf(char *desc, ARC4_OWF *hash, prs_struct *ps, int depth);
+void smb_io_gid(char *desc, DOM_GID *gid, prs_struct *ps, int depth);
+void smb_io_pol_hnd(char *desc, POLICY_HND *pol, prs_struct *ps, int depth);
+void smb_io_dom_query_3(char *desc, DOM_QUERY_3 *d_q, prs_struct *ps, int depth);
+void smb_io_dom_query_5(char *desc, DOM_QUERY_3 *d_q, prs_struct *ps, int depth);
+void smb_io_dom_query(char *desc, DOM_QUERY *d_q, prs_struct *ps, int depth);
+void smb_io_dom_name(char *desc, DOM_NAME *name, prs_struct *ps, int depth);
+
+/*The following definitions come from lib/rpc/parse/parse_net.c */
+
+void net_io_neg_flags(char *desc, NEG_FLAGS *neg, prs_struct *ps, int depth);
+void make_netinfo_3(NETLOGON_INFO_3 *info, uint32 flags, uint32 logon_attempts);
+void net_io_netinfo_3(char *desc, NETLOGON_INFO_3 *info, prs_struct *ps, int depth);
+void make_netinfo_1(NETLOGON_INFO_1 *info, uint32 flags, uint32 pdc_status);
+void net_io_netinfo_1(char *desc, NETLOGON_INFO_1 *info, prs_struct *ps, int depth);
+void make_netinfo_2(NETLOGON_INFO_2 *info, uint32 flags, uint32 pdc_status,
+ uint32 tc_status, char *trusted_dc_name);
+void net_io_netinfo_2(char *desc, NETLOGON_INFO_2 *info, prs_struct *ps, int depth);
+void make_q_logon_ctrl2(NET_Q_LOGON_CTRL2 *q_l, char *server_name,
+ uint32 function_code);
+void net_io_q_logon_ctrl2(char *desc, NET_Q_LOGON_CTRL2 *q_l, prs_struct *ps, int depth);
+void make_r_logon_ctrl2(NET_R_LOGON_CTRL2 *r_l, uint32 query_level,
+ uint32 flags, uint32 pdc_status, uint32 logon_attempts,
+ uint32 tc_status, char *trusted_domain_name);
+void net_io_r_logon_ctrl2(char *desc, NET_R_LOGON_CTRL2 *r_l, prs_struct *ps, int depth);
+void make_r_trust_dom(NET_R_TRUST_DOM_LIST *r_t,
+ uint32 num_doms, char *dom_name);
+void net_io_r_trust_dom(char *desc, NET_R_TRUST_DOM_LIST *r_t, prs_struct *ps, int depth);
+void make_q_trust_dom(NET_Q_TRUST_DOM_LIST *q_l, char *server_name,
+ uint32 function_code);
+void net_io_q_trust_dom(char *desc, NET_Q_TRUST_DOM_LIST *q_l, prs_struct *ps, int depth);
+void make_q_req_chal(NET_Q_REQ_CHAL *q_c,
+ char *logon_srv, char *logon_clnt,
+ DOM_CHAL *clnt_chal);
+void net_io_q_req_chal(char *desc, NET_Q_REQ_CHAL *q_c, prs_struct *ps, int depth);
+void net_io_r_req_chal(char *desc, NET_R_REQ_CHAL *r_c, prs_struct *ps, int depth);
+void make_q_auth_2(NET_Q_AUTH_2 *q_a,
+ char *logon_srv, char *acct_name, uint16 sec_chan, char *comp_name,
+ DOM_CHAL *clnt_chal, uint32 clnt_flgs);
+void net_io_q_auth_2(char *desc, NET_Q_AUTH_2 *q_a, prs_struct *ps, int depth);
+void net_io_r_auth_2(char *desc, NET_R_AUTH_2 *r_a, prs_struct *ps, int depth);
+void make_q_srv_pwset(NET_Q_SRV_PWSET *q_s, char sess_key[16],
+ char *logon_srv, char *acct_name, uint16 sec_chan, char *comp_name,
+ DOM_CRED *cred, char nt_cypher[16]);
+void net_io_q_srv_pwset(char *desc, NET_Q_SRV_PWSET *q_s, prs_struct *ps, int depth);
+void net_io_r_srv_pwset(char *desc, NET_R_SRV_PWSET *r_s, prs_struct *ps, int depth);
+void make_id_info1(NET_ID_INFO_1 *id, char *domain_name,
+ uint32 param_ctrl, uint32 log_id_low, uint32 log_id_high,
+ char *user_name, char *wksta_name,
+ char sess_key[16],
+ unsigned char lm_cypher[16], unsigned char nt_cypher[16]);
+void net_io_id_info1(char *desc, NET_ID_INFO_1 *id, prs_struct *ps, int depth);
+void make_id_info2(NET_ID_INFO_2 *id, char *domain_name,
+ uint32 param_ctrl, uint32 log_id_low, uint32 log_id_high,
+ char *user_name, char *wksta_name,
+ unsigned char lm_challenge[8],
+ unsigned char lm_chal_resp[24],
+ unsigned char nt_chal_resp[24]);
+void net_io_id_info2(char *desc, NET_ID_INFO_2 *id, prs_struct *ps, int depth);
+void make_sam_info(DOM_SAM_INFO *sam,
+ char *logon_srv, char *comp_name, DOM_CRED *clnt_cred,
+ DOM_CRED *rtn_cred, uint16 logon_level,
+ NET_ID_INFO_CTR *ctr, uint16 validation_level);
+void net_io_id_info_ctr(char *desc, NET_ID_INFO_CTR *ctr, prs_struct *ps, int depth);
+void smb_io_sam_info(char *desc, DOM_SAM_INFO *sam, prs_struct *ps, int depth);
+void make_net_user_info3(NET_USER_INFO_3 *usr,
+
+ NTTIME *logon_time,
+ NTTIME *logoff_time,
+ NTTIME *kickoff_time,
+ NTTIME *pass_last_set_time,
+ NTTIME *pass_can_change_time,
+ NTTIME *pass_must_change_time,
+
+ char *user_name,
+ char *full_name,
+ char *logon_script,
+ char *profile_path,
+ char *home_dir,
+ char *dir_drive,
+
+ uint16 logon_count,
+ uint16 bad_pw_count,
+
+ uint32 user_id,
+ uint32 group_id,
+ uint32 num_groups,
+ DOM_GID *gids,
+ uint32 user_flgs,
+
+ char sess_key[16],
+
+ char *logon_srv,
+ char *logon_dom,
+
+ char *dom_sid,
+ char *other_sids);
+void net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, int depth);
+void net_io_q_sam_logon(char *desc, NET_Q_SAM_LOGON *q_l, prs_struct *ps, int depth);
+void net_io_r_sam_logon(char *desc, NET_R_SAM_LOGON *r_l, prs_struct *ps, int depth);
+void net_io_q_sam_logoff(char *desc, NET_Q_SAM_LOGOFF *q_l, prs_struct *ps, int depth);
+void net_io_r_sam_logoff(char *desc, NET_R_SAM_LOGOFF *r_l, prs_struct *ps, int depth);
+
+/*The following definitions come from lib/rpc/parse/parse_prs.c */
+
+void prs_debug(prs_struct *ps, int depth, char *desc, char *fn_name);
+void prs_init(prs_struct *ps, uint32 size,
+ uint8 align, uint32 margin,
+ BOOL io);
+void prs_mem_free(prs_struct *ps);
+void prs_align(prs_struct *ps);
+BOOL prs_grow(prs_struct *ps);
+BOOL prs_uint8(char *name, prs_struct *ps, int depth, uint8 *data8);
+BOOL prs_uint16(char *name, prs_struct *ps, int depth, uint16 *data16);
+BOOL prs_uint32(char *name, prs_struct *ps, int depth, uint32 *data32);
+BOOL prs_uint8s(BOOL charmode, char *name, prs_struct *ps, int depth, uint8 *data8s, int len);
+BOOL prs_uint16s(BOOL charmode, char *name, prs_struct *ps, int depth, uint16 *data16s, int len);
+BOOL prs_uint32s(BOOL charmode, char *name, prs_struct *ps, int depth, uint32 *data32s, int len);
+BOOL prs_uninotstr2(BOOL charmode, char *name, prs_struct *ps, int depth, UNINOTSTR2 *str);
+BOOL prs_string2(BOOL charmode, char *name, prs_struct *ps, int depth, STRING2 *str);
+BOOL prs_unistr2(BOOL charmode, char *name, prs_struct *ps, int depth, UNISTR2 *str);
+BOOL prs_unistr(char *name, prs_struct *ps, int depth, UNISTR *str);
+BOOL prs_string(char *name, prs_struct *ps, int depth, char *str, uint16 len);
+
+/*The following definitions come from lib/rpc/parse/parse_reg.c */
+
+void make_reg_q_open_policy(REG_Q_OPEN_POLICY *r_q,
+ uint16 unknown_0, uint32 level, uint16 unknown_1);
+void reg_io_q_open_policy(char *desc, REG_Q_OPEN_POLICY *r_q, prs_struct *ps, int depth);
+void make_reg_r_open_policy(REG_R_OPEN_POLICY *r_r,
+ POLICY_HND *pol, uint32 status);
+void reg_io_r_open_policy(char *desc, REG_R_OPEN_POLICY *r_r, prs_struct *ps, int depth);
+void reg_io_q_close(char *desc, REG_Q_CLOSE *q_u, prs_struct *ps, int depth);
+void reg_io_r_close(char *desc, REG_R_CLOSE *r_u, prs_struct *ps, int depth);
+void make_reg_q_info(REG_Q_INFO *r_q,
+ POLICY_HND *pol, char *product_type,
+ NTTIME *prod_time, uint8 major_version, uint8 minor_version,
+ uint32 unknown);
+void reg_io_q_info(char *desc, REG_Q_INFO *r_q, prs_struct *ps, int depth);
+void make_reg_r_info(REG_R_INFO *r_r,
+ uint32 level, char *os_type,
+ uint32 unknown_0, uint32 unknown_1,
+ uint32 status);
+void reg_io_r_info(char *desc, REG_R_INFO *r_r, prs_struct *ps, int depth);
+void make_reg_q_open_entry(REG_Q_OPEN_ENTRY *r_q,
+ POLICY_HND *pol, char *name,
+ uint32 unknown_0, uint32 unknown_1, uint16 unknown_2);
+void reg_io_q_open_entry(char *desc, REG_Q_OPEN_ENTRY *r_q, prs_struct *ps, int depth);
+void make_reg_r_open_entry(REG_R_OPEN_ENTRY *r_r,
+ POLICY_HND *pol, uint32 status);
+void reg_io_r_open_entry(char *desc, REG_R_OPEN_ENTRY *r_r, prs_struct *ps, int depth);
+
+/*The following definitions come from lib/rpc/parse/parse_rpc.c */
+
+void make_rpc_hdr(RPC_HDR *hdr, enum RPC_PKT_TYPE pkt_type, uint8 flags,
+ uint32 call_id, int data_len, int auth_len);
+void smb_io_rpc_hdr(char *desc, RPC_HDR *rpc, prs_struct *ps, int depth);
+void make_rpc_iface(RPC_IFACE *ifc, char data[16], uint32 version);
+void smb_io_rpc_iface(char *desc, RPC_IFACE *ifc, prs_struct *ps, int depth);
+void make_rpc_addr_str(RPC_ADDR_STR *str, char *name);
+void smb_io_rpc_addr_str(char *desc, RPC_ADDR_STR *str, prs_struct *ps, int depth);
+void make_rpc_hdr_bba(RPC_HDR_BBA *bba, uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid);
+void smb_io_rpc_hdr_bba(char *desc, RPC_HDR_BBA *rpc, prs_struct *ps, int depth);
+void make_rpc_hdr_rb(RPC_HDR_RB *rpc,
+ uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid,
+ uint32 num_elements, uint16 context_id, uint8 num_syntaxes,
+ RPC_IFACE *abstract, RPC_IFACE *transfer);
+void smb_io_rpc_hdr_rb(char *desc, RPC_HDR_RB *rpc, prs_struct *ps, int depth);
+void make_rpc_results(RPC_RESULTS *res,
+ uint8 num_results, uint16 result, uint16 reason);
+void smb_io_rpc_results(char *desc, RPC_RESULTS *res, prs_struct *ps, int depth);
+void make_rpc_hdr_ba(RPC_HDR_BA *rpc,
+ uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid,
+ char *pipe_addr,
+ uint8 num_results, uint16 result, uint16 reason,
+ RPC_IFACE *transfer);
+void smb_io_rpc_hdr_ba(char *desc, RPC_HDR_BA *rpc, prs_struct *ps, int depth);
+void make_rpc_hdr_rr(RPC_HDR_RR *hdr, uint32 data_len, uint8 opnum);
+void smb_io_rpc_hdr_rr(char *desc, RPC_HDR_RR *rpc, prs_struct *ps, int depth);
+void make_rpc_auth_ntlmssp_req(RPC_AUTH_NTLMSSP_REQ *req,
+ fstring ntlmssp_str, uint32 ntlmssp_ver,
+ uint32 unknown_0, fstring myname, fstring domain);
+void smb_io_rpc_auth_ntlmssp_req(char *desc, RPC_AUTH_NTLMSSP_REQ *req, prs_struct *ps, int depth);
+void make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
+ uint8 auth_type, uint8 auth_level, uint8 stub_type_len,
+ fstring ntlmssp_str, uint32 ntlmssp_ver,
+ uint32 unknown_1, uint32 unknown_2, uint32 unknown_3,
+ uint8 data[16]);
+void smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth);
+
+/*The following definitions come from lib/rpc/parse/parse_samr.c */
+
+void make_samr_q_close_hnd(SAMR_Q_CLOSE_HND *q_c, POLICY_HND *hnd);
+void samr_io_q_close_hnd(char *desc, SAMR_Q_CLOSE_HND *q_u, prs_struct *ps, int depth);
+void samr_io_r_close_hnd(char *desc, SAMR_R_CLOSE_HND *r_u, prs_struct *ps, int depth);
+void make_samr_q_open_domain(SAMR_Q_OPEN_DOMAIN *q_u,
+ POLICY_HND *connect_pol, uint32 rid, char *sid);
+void samr_io_q_open_domain(char *desc, SAMR_Q_OPEN_DOMAIN *q_u, prs_struct *ps, int depth);
+void samr_io_r_open_domain(char *desc, SAMR_R_OPEN_DOMAIN *r_u, prs_struct *ps, int depth);
+void make_samr_q_unknown_8(SAMR_Q_UNKNOWN_8 *q_u,
+ POLICY_HND *domain_pol, uint16 switch_value);
+void samr_io_q_unknown_8(char *desc, SAMR_Q_UNKNOWN_8 *q_u, prs_struct *ps, int depth);
+void make_samr_q_unknown_3(SAMR_Q_UNKNOWN_3 *q_u,
+ POLICY_HND *user_pol, uint16 switch_value);
+void samr_io_q_unknown_3(char *desc, SAMR_Q_UNKNOWN_3 *q_u, prs_struct *ps, int depth);
+void make_dom_sid3(DOM_SID3 *sid3, uint16 unk_0, uint16 unk_1, char *sid);
+void sam_io_dom_sid3(char *desc, DOM_SID3 *sid3, prs_struct *ps, int depth);
+void make_sam_sid_stuff(SAM_SID_STUFF *stf,
+ uint16 unknown_2, uint16 unknown_3,
+ uint32 unknown_4, uint16 unknown_6, uint16 unknown_7,
+ int num_sid3s, DOM_SID3 sid3[MAX_SAM_SIDS]);
+void sam_io_sid_stuff(char *desc, SAM_SID_STUFF *stf, prs_struct *ps, int depth);
+void make_samr_r_unknown_3(SAMR_R_UNKNOWN_3 *r_u,
+ uint16 unknown_2, uint16 unknown_3,
+ uint32 unknown_4, uint16 unknown_6, uint16 unknown_7,
+ int num_sid3s, DOM_SID3 sid3[MAX_SAM_SIDS],
+ uint32 status);
+void samr_io_r_unknown_3(char *desc, SAMR_R_UNKNOWN_3 *r_u, prs_struct *ps, int depth);
+void make_sam_str1(SAM_STR1 *sam, char *sam_acct, char *sam_name, char *sam_desc);
+void sam_io_sam_str1(char *desc, SAM_STR1 *sam, uint32 acct_buf, uint32 name_buf, uint32 desc_buf, prs_struct *ps, int depth);
+void make_sam_entry1(SAM_ENTRY1 *sam, uint32 user_idx,
+ uint32 len_sam_name, uint32 len_sam_full, uint32 len_sam_desc,
+ uint32 rid_user, uint16 acb_info);
+void sam_io_sam_entry1(char *desc, SAM_ENTRY1 *sam, prs_struct *ps, int depth);
+void make_sam_str2(SAM_STR2 *sam, char *sam_acct, char *sam_desc);
+void sam_io_sam_str2(char *desc, SAM_STR2 *sam, uint32 acct_buf, uint32 desc_buf, prs_struct *ps, int depth);
+void make_sam_entry2(SAM_ENTRY2 *sam, uint32 user_idx,
+ uint32 len_sam_name, uint32 len_sam_desc,
+ uint32 rid_user, uint16 acb_info);
+void sam_io_sam_entry2(char *desc, SAM_ENTRY2 *sam, prs_struct *ps, int depth);
+void make_sam_str3(SAM_STR3 *sam, char *grp_acct, char *grp_desc);
+void sam_io_sam_str3(char *desc, SAM_STR3 *sam, uint32 acct_buf, uint32 desc_buf, prs_struct *ps, int depth);
+void make_sam_entry3(SAM_ENTRY3 *sam, uint32 grp_idx,
+ uint32 len_grp_name, uint32 len_grp_desc, uint32 rid_grp);
+void sam_io_sam_entry3(char *desc, SAM_ENTRY3 *sam, prs_struct *ps, int depth);
+void make_sam_entry(SAM_ENTRY *sam, uint32 len_sam_name, uint32 rid);
+void sam_io_sam_entry(char *desc, SAM_ENTRY *sam, prs_struct *ps, int depth);
+void make_samr_q_enum_dom_users(SAMR_Q_ENUM_DOM_USERS *q_e, POLICY_HND *pol,
+ uint16 req_num_entries, uint16 unk_0,
+ uint16 acb_mask, uint16 unk_1, uint32 size);
+void samr_io_q_enum_dom_users(char *desc, SAMR_Q_ENUM_DOM_USERS *q_e, prs_struct *ps, int depth);
+void make_samr_r_enum_dom_users(SAMR_R_ENUM_DOM_USERS *r_u,
+ uint16 total_num_entries, uint16 unk_0,
+ uint32 num_sam_entries, SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES], uint32 status);
+void samr_io_r_enum_dom_users(char *desc, SAMR_R_ENUM_DOM_USERS *r_u, prs_struct *ps, int depth);
+void make_samr_q_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_e, POLICY_HND *pol, uint32 size);
+void samr_io_q_enum_dom_aliases(char *desc, SAMR_Q_ENUM_DOM_ALIASES *q_e, prs_struct *ps, int depth);
+void make_samr_r_enum_dom_aliases(SAMR_R_ENUM_DOM_ALIASES *r_u,
+ uint32 num_sam_entries, SAM_USER_INFO_21 grps[MAX_SAM_ENTRIES],
+ uint32 status);
+void samr_io_r_enum_dom_aliases(char *desc, SAMR_R_ENUM_DOM_ALIASES *r_u, prs_struct *ps, int depth);
+void make_samr_q_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_e, POLICY_HND *pol,
+ uint16 switch_level, uint32 start_idx, uint32 size);
+void samr_io_q_query_dispinfo(char *desc, SAMR_Q_QUERY_DISPINFO *q_e, prs_struct *ps, int depth);
+void make_sam_info_2(SAM_INFO_2 *sam, uint32 acb_mask,
+ uint32 start_idx, uint32 num_sam_entries,
+ SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES]);
+void sam_io_sam_info_2(char *desc, SAM_INFO_2 *sam, prs_struct *ps, int depth);
+void make_sam_info_1(SAM_INFO_1 *sam, uint32 acb_mask,
+ uint32 start_idx, uint32 num_sam_entries,
+ SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES]);
+void sam_io_sam_info_1(char *desc, SAM_INFO_1 *sam, prs_struct *ps, int depth);
+void make_samr_r_query_dispinfo(SAMR_R_QUERY_DISPINFO *r_u,
+ uint16 switch_level, SAM_INFO_CTR *ctr, uint32 status);
+void samr_io_r_query_dispinfo(char *desc, SAMR_R_QUERY_DISPINFO *r_u, prs_struct *ps, int depth);
+void make_samr_q_enum_dom_groups(SAMR_Q_ENUM_DOM_GROUPS *q_e, POLICY_HND *pol,
+ uint16 switch_level, uint32 start_idx, uint32 size);
+void samr_io_q_enum_dom_groups(char *desc, SAMR_Q_ENUM_DOM_GROUPS *q_e, prs_struct *ps, int depth);
+void make_samr_r_enum_dom_groups(SAMR_R_ENUM_DOM_GROUPS *r_u,
+ uint32 start_idx, uint32 num_sam_entries,
+ SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES],
+ uint32 status);
+void samr_io_r_enum_dom_groups(char *desc, SAMR_R_ENUM_DOM_GROUPS *r_u, prs_struct *ps, int depth);
+void make_samr_q_query_aliasinfo(SAMR_Q_QUERY_ALIASINFO *q_e,
+ POLICY_HND *pol,
+ uint16 switch_level);
+void samr_io_q_query_aliasinfo(char *desc, SAMR_Q_QUERY_ALIASINFO *q_e, prs_struct *ps, int depth);
+void make_samr_r_query_aliasinfo(SAMR_R_QUERY_ALIASINFO *r_u,
+ uint16 switch_value, char *acct_desc,
+ uint32 status);
+void samr_io_r_query_aliasinfo(char *desc, SAMR_R_QUERY_ALIASINFO *r_u, prs_struct *ps, int depth);
+void samr_io_q_lookup_ids(char *desc, SAMR_Q_LOOKUP_IDS *q_u, prs_struct *ps, int depth);
+void make_samr_r_lookup_ids(SAMR_R_LOOKUP_IDS *r_u,
+ uint32 num_rids, uint32 *rid, uint32 status);
+void samr_io_r_lookup_ids(char *desc, SAMR_R_LOOKUP_IDS *r_u, prs_struct *ps, int depth);
+void samr_io_q_lookup_names(char *desc, SAMR_Q_LOOKUP_NAMES *q_u, prs_struct *ps, int depth);
+void make_samr_r_lookup_names(SAMR_R_LOOKUP_NAMES *r_u,
+ uint32 num_rids, uint32 *rid, uint32 status);
+void samr_io_r_lookup_names(char *desc, SAMR_R_LOOKUP_NAMES *r_u, prs_struct *ps, int depth);
+void make_samr_q_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
+ POLICY_HND *pol, uint32 rid,
+ uint32 num_gids, uint32 *gid);
+void samr_io_q_unknown_12(char *desc, SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, int depth);
+void make_samr_r_unknown_12(SAMR_R_UNKNOWN_12 *r_u,
+ uint32 num_aliases, fstring *als_name, uint32 *num_als_usrs,
+ uint32 status);
+void samr_io_r_unknown_12(char *desc, SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, int depth);
+void make_samr_q_open_user(SAMR_Q_OPEN_USER *q_u,
+ POLICY_HND *pol,
+ uint32 unk_0, uint32 rid);
+void samr_io_q_open_user(char *desc, SAMR_Q_OPEN_USER *q_u, prs_struct *ps, int depth);
+void samr_io_r_open_user(char *desc, SAMR_R_OPEN_USER *r_u, prs_struct *ps, int depth);
+void make_samr_q_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
+ POLICY_HND *hnd);
+void samr_io_q_query_usergroups(char *desc, SAMR_Q_QUERY_USERGROUPS *q_u, prs_struct *ps, int depth);
+void make_samr_r_query_usergroups(SAMR_R_QUERY_USERGROUPS *r_u,
+ uint32 num_gids, DOM_GID *gid, uint32 status);
+void samr_io_r_query_usergroups(char *desc, SAMR_R_QUERY_USERGROUPS *r_u, prs_struct *ps, int depth);
+void make_samr_q_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
+ POLICY_HND *hnd, uint16 switch_value);
+void samr_io_q_query_userinfo(char *desc, SAMR_Q_QUERY_USERINFO *q_u, prs_struct *ps, int depth);
+void sam_io_logon_hrs(char *desc, LOGON_HRS *hrs, prs_struct *ps, int depth);
+void make_sam_user_info11(SAM_USER_INFO_11 *usr,
+ NTTIME *expiry,
+ char *mach_acct,
+ uint32 rid_user,
+ uint32 rid_group,
+ uint16 acct_ctrl);
+void sam_io_user_info11(char *desc, SAM_USER_INFO_11 *usr, prs_struct *ps, int depth);
+void make_sam_user_info21(SAM_USER_INFO_21 *usr,
+
+ NTTIME *logon_time,
+ NTTIME *logoff_time,
+ NTTIME *kickoff_time,
+ NTTIME *pass_last_set_time,
+ NTTIME *pass_can_change_time,
+ NTTIME *pass_must_change_time,
+
+ char *user_name,
+ char *full_name,
+ char *home_dir,
+ char *dir_drive,
+ char *logon_script,
+ char *profile_path,
+ char *description,
+ char *workstations,
+ char *unknown_str,
+ char *munged_dial,
+
+ uint32 user_rid,
+ uint32 group_rid,
+ uint16 acb_info,
+
+ uint32 unknown_3,
+ uint16 logon_divs,
+ LOGON_HRS *hrs,
+ uint32 unknown_5,
+ uint32 unknown_6);
+void sam_io_user_info21(char *desc, SAM_USER_INFO_21 *usr, prs_struct *ps, int depth);
+void make_samr_r_query_userinfo(SAMR_R_QUERY_USERINFO *r_u,
+ uint16 switch_value, void *info, uint32 status);
+void samr_io_r_query_userinfo(char *desc, SAMR_R_QUERY_USERINFO *r_u, prs_struct *ps, int depth);
+void make_samr_q_unknown_21(SAMR_Q_UNKNOWN_21 *q_c,
+ POLICY_HND *hnd, uint16 unk_1, uint16 unk_2);
+void samr_io_q_unknown_21(char *desc, SAMR_Q_UNKNOWN_21 *q_u, prs_struct *ps, int depth);
+void make_samr_q_unknown_13(SAMR_Q_UNKNOWN_13 *q_c,
+ POLICY_HND *hnd, uint16 unk_1, uint16 unk_2);
+void samr_io_q_unknown_13(char *desc, SAMR_Q_UNKNOWN_13 *q_u, prs_struct *ps, int depth);
+void samr_io_q_unknown_32(char *desc, SAMR_Q_UNKNOWN_32 *q_u, prs_struct *ps, int depth);
+void samr_io_r_unknown_32(char *desc, SAMR_R_UNKNOWN_32 *r_u, prs_struct *ps, int depth);
+void make_samr_q_connect(SAMR_Q_CONNECT *q_u,
+ char *srv_name, uint32 unknown_0);
+void samr_io_q_connect(char *desc, SAMR_Q_CONNECT *q_u, prs_struct *ps, int depth);
+void samr_io_r_connect(char *desc, SAMR_R_CONNECT *r_u, prs_struct *ps, int depth);
+void make_samr_q_open_alias(SAMR_Q_OPEN_ALIAS *q_u,
+ uint32 unknown_0, uint32 rid);
+void samr_io_q_open_alias(char *desc, SAMR_Q_OPEN_ALIAS *q_u, prs_struct *ps, int depth);
+void samr_io_r_open_alias(char *desc, SAMR_R_OPEN_ALIAS *r_u, prs_struct *ps, int depth);
+void make_samr_q_unknown_38(SAMR_Q_UNKNOWN_38 *q_u, char *srv_name);
+void samr_io_q_unknown_38(char *desc, SAMR_Q_UNKNOWN_38 *q_u, prs_struct *ps, int depth);
+void make_samr_r_unknown_38(SAMR_R_UNKNOWN_38 *r_u,
+ uint16 level, uint32 status);
+void samr_io_r_unknown_38(char *desc, SAMR_R_UNKNOWN_38 *r_u, prs_struct *ps, int depth);
+void samr_io_enc_passwd(char *desc, SAMR_ENC_PASSWD *pwd, prs_struct *ps, int depth);
+void samr_io_enc_hash(char *desc, SAMR_ENC_HASH *hsh, prs_struct *ps, int depth);
+
+/*The following definitions come from lib/rpc/parse/parse_srv.c */
+
+void make_srv_share_info1_str(SH_INFO_1_STR *sh1, char *net_name, char *remark);
+void srv_io_share_info1_str(char *desc, SH_INFO_1_STR *sh1, prs_struct *ps, int depth);
+void make_srv_share_info1(SH_INFO_1 *sh1, char *net_name, uint32 type, char *remark);
+void srv_io_share_info1(char *desc, SH_INFO_1 *sh1, prs_struct *ps, int depth);
+void srv_io_srv_share_info_1(char *desc, SRV_SHARE_INFO_1 *ctr, prs_struct *ps, int depth);
+void make_srv_share_info2_str(SH_INFO_2_STR *sh2,
+ char *net_name, char *remark,
+ char *path, char *passwd);
+void srv_io_share_info2_str(char *desc, SH_INFO_2_STR *sh2, prs_struct *ps, int depth);
+void make_srv_share_info2(SH_INFO_2 *sh2,
+ char *net_name, uint32 type, char *remark,
+ uint32 perms, uint32 max_uses, uint32 num_uses,
+ char *path, char *passwd);
+void srv_io_share_info2(char *desc, SH_INFO_2 *sh2, prs_struct *ps, int depth);
+void srv_io_srv_share_info_2(char *desc, SRV_SHARE_INFO_2 *ctr, prs_struct *ps, int depth);
+void srv_io_srv_share_ctr(char *desc, SRV_SHARE_INFO_CTR *ctr, prs_struct *ps, int depth);
+void make_srv_q_net_share_enum(SRV_Q_NET_SHARE_ENUM *q_n,
+ char *srv_name,
+ uint32 share_level, SRV_SHARE_INFO_CTR *ctr,
+ uint32 preferred_len,
+ ENUM_HND *hnd);
+void srv_io_q_net_share_enum(char *desc, SRV_Q_NET_SHARE_ENUM *q_n, prs_struct *ps, int depth);
+void srv_io_r_net_share_enum(char *desc, SRV_R_NET_SHARE_ENUM *r_n, prs_struct *ps, int depth);
+void make_srv_sess_info0_str(SESS_INFO_0_STR *ss0, char *name);
+void srv_io_sess_info0_str(char *desc, SESS_INFO_0_STR *ss0, prs_struct *ps, int depth);
+void make_srv_sess_info0(SESS_INFO_0 *ss0, char *name);
+void srv_io_sess_info0(char *desc, SESS_INFO_0 *ss0, prs_struct *ps, int depth);
+void srv_io_srv_sess_info_0(char *desc, SRV_SESS_INFO_0 *ss0, prs_struct *ps, int depth);
+void make_srv_sess_info1_str(SESS_INFO_1_STR *ss1, char *name, char *user);
+void srv_io_sess_info1_str(char *desc, SESS_INFO_1_STR *ss1, prs_struct *ps, int depth);
+void make_srv_sess_info1(SESS_INFO_1 *ss1,
+ char *name, char *user,
+ uint32 num_opens, uint32 open_time, uint32 idle_time,
+ uint32 user_flags);
+void srv_io_sess_info1(char *desc, SESS_INFO_1 *ss1, prs_struct *ps, int depth);
+void srv_io_srv_sess_info_1(char *desc, SRV_SESS_INFO_1 *ss1, prs_struct *ps, int depth);
+void srv_io_srv_sess_ctr(char *desc, SRV_SESS_INFO_CTR *ctr, prs_struct *ps, int depth);
+void make_srv_q_net_sess_enum(SRV_Q_NET_SESS_ENUM *q_n,
+ char *srv_name, char *qual_name,
+ uint32 sess_level, SRV_SESS_INFO_CTR *ctr,
+ uint32 preferred_len,
+ ENUM_HND *hnd);
+void srv_io_q_net_sess_enum(char *desc, SRV_Q_NET_SESS_ENUM *q_n, prs_struct *ps, int depth);
+void srv_io_r_net_sess_enum(char *desc, SRV_R_NET_SESS_ENUM *r_n, prs_struct *ps, int depth);
+void make_srv_conn_info0(CONN_INFO_0 *ss0, uint32 id);
+void srv_io_conn_info0(char *desc, CONN_INFO_0 *ss0, prs_struct *ps, int depth);
+void srv_io_srv_conn_info_0(char *desc, SRV_CONN_INFO_0 *ss0, prs_struct *ps, int depth);
+void make_srv_conn_info1_str(CONN_INFO_1_STR *ss1, char *usr_name, char *net_name);
+void srv_io_conn_info1_str(char *desc, CONN_INFO_1_STR *ss1, prs_struct *ps, int depth);
+void make_srv_conn_info1(CONN_INFO_1 *ss1,
+ uint32 id, uint32 type,
+ uint32 num_opens, uint32 num_users, uint32 open_time,
+ char *usr_name, char *net_name);
+void srv_io_conn_info1(char *desc, CONN_INFO_1 *ss1, prs_struct *ps, int depth);
+void srv_io_srv_conn_info_1(char *desc, SRV_CONN_INFO_1 *ss1, prs_struct *ps, int depth);
+void srv_io_srv_conn_ctr(char *desc, SRV_CONN_INFO_CTR *ctr, prs_struct *ps, int depth);
+void make_srv_q_net_conn_enum(SRV_Q_NET_CONN_ENUM *q_n,
+ char *srv_name, char *qual_name,
+ uint32 conn_level, SRV_CONN_INFO_CTR *ctr,
+ uint32 preferred_len,
+ ENUM_HND *hnd);
+void srv_io_q_net_conn_enum(char *desc, SRV_Q_NET_CONN_ENUM *q_n, prs_struct *ps, int depth);
+void srv_io_r_net_conn_enum(char *desc, SRV_R_NET_CONN_ENUM *r_n, prs_struct *ps, int depth);
+void make_srv_file_info3_str(FILE_INFO_3_STR *fi3, char *user_name, char *path_name);
+void srv_io_file_info3_str(char *desc, FILE_INFO_3_STR *sh1, prs_struct *ps, int depth);
+void make_srv_file_info3(FILE_INFO_3 *fl3,
+ uint32 id, uint32 perms, uint32 num_locks,
+ char *path_name, char *user_name);
+void srv_io_file_info3(char *desc, FILE_INFO_3 *fl3, prs_struct *ps, int depth);
+void srv_io_srv_file_info_3(char *desc, SRV_FILE_INFO_3 *fl3, prs_struct *ps, int depth);
+void srv_io_srv_file_ctr(char *desc, SRV_FILE_INFO_CTR *ctr, prs_struct *ps, int depth);
+void make_srv_q_net_file_enum(SRV_Q_NET_FILE_ENUM *q_n,
+ char *srv_name, char *qual_name,
+ uint32 file_level, SRV_FILE_INFO_CTR *ctr,
+ uint32 preferred_len,
+ ENUM_HND *hnd);
+void srv_io_q_net_file_enum(char *desc, SRV_Q_NET_FILE_ENUM *q_n, prs_struct *ps, int depth);
+void srv_io_r_net_file_enum(char *desc, SRV_R_NET_FILE_ENUM *r_n, prs_struct *ps, int depth);
+void make_srv_info_101(SRV_INFO_101 *sv101, uint32 platform_id, char *name,
+ uint32 ver_major, uint32 ver_minor,
+ uint32 srv_type, char *comment);
+void srv_io_info_101(char *desc, SRV_INFO_101 *sv101, prs_struct *ps, int depth);
+void make_srv_info_102(SRV_INFO_102 *sv102, uint32 platform_id, char *name,
+ char *comment, uint32 ver_major, uint32 ver_minor,
+ uint32 srv_type, uint32 users, uint32 disc, uint32 hidden,
+ uint32 announce, uint32 ann_delta, uint32 licenses,
+ char *usr_path);
+void srv_io_info_102(char *desc, SRV_INFO_102 *sv102, prs_struct *ps, int depth);
+void srv_io_info_ctr(char *desc, SRV_INFO_CTR *ctr, prs_struct *ps, int depth);
+void make_srv_q_net_srv_get_info(SRV_Q_NET_SRV_GET_INFO *srv,
+ char *server_name, uint32 switch_value);
+void srv_io_q_net_srv_get_info(char *desc, SRV_Q_NET_SRV_GET_INFO *q_n, prs_struct *ps, int depth);
+void make_srv_r_net_srv_get_info(SRV_R_NET_SRV_GET_INFO *srv,
+ uint32 switch_value, SRV_INFO_CTR *ctr, uint32 status);
+void srv_io_r_net_srv_get_info(char *desc, SRV_R_NET_SRV_GET_INFO *r_n, prs_struct *ps, int depth);
+void make_srv_q_net_srv_set_info(SRV_Q_NET_SRV_SET_INFO *srv,
+ uint32 switch_value, SRV_INFO_CTR *ctr);
+void srv_io_q_net_srv_set_info(char *desc, SRV_Q_NET_SRV_SET_INFO *q_n, prs_struct *ps, int depth);
+void make_srv_r_net_srv_set_info(SRV_R_NET_SRV_SET_INFO *srv,
+ uint32 switch_value, SRV_INFO_CTR *ctr, uint32 status);
+void srv_io_r_net_srv_set_info(char *desc, SRV_R_NET_SRV_SET_INFO *r_n, prs_struct *ps, int depth);
+
+/*The following definitions come from lib/rpc/parse/parse_wks.c */
+
+void make_wks_q_query_info(WKS_Q_QUERY_INFO *q_u,
+ char *server, uint16 switch_value) ;
+void wks_io_q_query_info(char *desc, WKS_Q_QUERY_INFO *q_u, prs_struct *ps, int depth);
+void make_wks_info_100(WKS_INFO_100 *inf,
+ uint32 platform_id, uint32 ver_major, uint32 ver_minor,
+ char *my_name, char *domain_name);
+void wks_io_wks_info_100(char *desc, WKS_INFO_100 *inf, prs_struct *ps, int depth);
+void make_wks_r_query_info(WKS_R_QUERY_INFO *r_u,
+ uint32 switch_value, WKS_INFO_100 *wks100,
+ int status) ;
+void wks_io_r_query_info(char *desc, WKS_R_QUERY_INFO *r_u, prs_struct *ps, int depth);
+
+/*The following definitions come from lib/rpc/server/srv_lsa.c */
+
+BOOL api_ntlsa_rpc(pipes_struct *p, prs_struct *data);
+
+/*The following definitions come from lib/rpc/server/srv_lsa_hnd.c */
+
+void create_pol_hnd(POLICY_HND *hnd);
+void init_lsa_policy_hnd(void);
+BOOL open_lsa_policy_hnd(POLICY_HND *hnd);
+int find_lsa_policy_by_hnd(POLICY_HND *hnd);
+BOOL set_lsa_policy_samr_rid(POLICY_HND *hnd, uint32 rid);
+BOOL set_lsa_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status);
+BOOL set_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid);
+uint32 get_lsa_policy_samr_rid(POLICY_HND *hnd);
+BOOL set_lsa_policy_reg_name(POLICY_HND *hnd, fstring name);
+BOOL get_lsa_policy_reg_name(POLICY_HND *hnd, fstring name);
+BOOL close_lsa_policy_hnd(POLICY_HND *hnd);
+
+/*The following definitions come from lib/rpc/server/srv_netlog.c */
+
+BOOL api_netlog_rpc(pipes_struct *p, prs_struct *data);
+
+/*The following definitions come from lib/rpc/server/srv_pipe_hnd.c */
+
+void reset_chain_pnum(void);
+void set_chain_pnum(int new_pnum);
+void init_rpc_pipe_hnd(void);
+int open_rpc_pipe_hnd(char *pipe_name, int cnum, uint16 vuid);
+int read_pipe(uint16 pnum, char *data, uint32 pos, int n);
+BOOL get_rpc_pipe(int pnum, pipes_struct **p);
+char *get_rpc_pipe_hnd_name(int pnum);
+BOOL set_rpc_pipe_hnd_state(pipes_struct *p, uint16 device_state);
+BOOL close_rpc_pipe_hnd(int pnum, int cnum);
+int get_rpc_pipe_num(char *buf, int where);
+
+/*The following definitions come from lib/rpc/server/srv_reg.c */
+
+BOOL api_reg_rpc(pipes_struct *p, prs_struct *data);
+
+/*The following definitions come from lib/rpc/server/srv_samr.c */
+
+BOOL api_samr_rpc(pipes_struct *p, prs_struct *data);
+
+/*The following definitions come from lib/rpc/server/srv_srvsvc.c */
+
+BOOL api_srvsvc_rpc(pipes_struct *p, prs_struct *data);
+
+/*The following definitions come from lib/rpc/server/srv_util.c */
+
+int make_dom_gids(char *gids_str, DOM_GID *gids);
+void get_domain_user_groups(char *domain_groups, char *user);
+BOOL create_rpc_reply(pipes_struct *p,
+ uint32 data_start, uint32 data_end);
+BOOL api_rpcTNP(pipes_struct *p, char *rpc_name, struct api_struct *api_rpc_cmds,
+ prs_struct *data);
+uint32 lookup_group_name(uint32 rid, char *group_name, uint32 *type);
+uint32 lookup_alias_name(uint32 rid, char *alias_name, uint32 *type);
+uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type);
+uint32 lookup_group_rid(char *group_name, uint32 *rid);
+uint32 lookup_alias_rid(char *alias_name, uint32 *rid);
+uint32 lookup_user_rid(char *user_name, uint32 *rid);
+BOOL name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid);
+
+/*The following definitions come from lib/rpc/server/srv_wkssvc.c */
+
+BOOL api_wkssvc_rpc(pipes_struct *p, prs_struct *data);
+
/*The following definitions come from loadparm.c */
char *lp_string(char *s);
void smb_mem_set_multiplier(int multiplier);
void *smb_mem_resize(void *ptr,size_t newsize);
+/*The following definitions come from membuffer.c */
+
+void mem_init(struct mem_buf *buf, int margin);
+void mem_create(struct mem_buf *buf, char *data, int size, int margin, BOOL dynamic);
+void mem_take(struct mem_buf *mem_to, struct mem_buf *mem_from);
+BOOL mem_alloc_data(struct mem_buf *buf, int size);
+BOOL mem_buf_copy(char *copy_into, struct mem_buf *buf,
+ uint32 offset, uint32 len);
+BOOL mem_buf_init(struct mem_buf **buf, uint32 margin);
+void mem_buf_free(struct mem_buf **buf);
+void mem_free_chain(struct mem_buf **buf);
+void mem_free_data(struct mem_buf *buf);
+BOOL mem_realloc_data(struct mem_buf *buf, int new_size);
+BOOL mem_grow_data(struct mem_buf **buf, BOOL io, int new_size);
+BOOL mem_find(struct mem_buf **buf, uint32 offset);
+uint32 mem_buf_len(struct mem_buf *buf);
+char *mem_data(struct mem_buf **buf, uint32 offset);
+
/*The following definitions come from message.c */
int reply_sends(char *inbuf,char *outbuf);
BOOL send_packet(struct packet_struct *p);
struct packet_struct *receive_packet(int fd,enum packet_type type,int t);
-/*The following definitions come from ntclient.c */
-
-BOOL do_nt_login(char *desthost, char *myhostname,
- int Client, int cnum);
-
/*The following definitions come from params.c */
BOOL pm_process( char *FileName,
void dfs_unlogin(void);
BOOL password_check(char *password);
BOOL smb_password_check(char *password, unsigned char *part_passwd, unsigned char *c8);
+BOOL smb_password_ok(struct smb_passwd *smb_pass,
+ uchar lm_pass[24], uchar nt_pass[24]);
BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd);
BOOL user_ok(char *user,int snum);
BOOL authorise_login(int snum,char *user,char *password, int pwlen,
/*The following definitions come from pipes.c */
int reply_open_pipe_and_X(char *inbuf,char *outbuf,int length,int bufsize);
+int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize);
int reply_pipe_close(char *inbuf,char *outbuf);
-BOOL api_LsarpcSNPHS(int pnum, int cnum, char *param);
-BOOL api_LsarpcTNP(int cnum,int uid, char *param,char *data,
- int mdrcnt,int mprcnt,
- char **rdata,char **rparam,
- int *rdata_len,int *rparam_len);
/*The following definitions come from predict.c */
int reply_setattrE(char *inbuf,char *outbuf);
int reply_getattrE(char *inbuf,char *outbuf);
-/*The following definitions come from rpc_pipes/lsa_hnd.c */
-
-void init_lsa_policy_hnd(void);
-BOOL open_lsa_policy_hnd(LSA_POL_HND *hnd);
-BOOL set_lsa_policy_samr_rid(LSA_POL_HND *hnd, uint32 rid);
-BOOL set_lsa_policy_samr_pol_status(LSA_POL_HND *hnd, uint32 pol_status);
-BOOL set_lsa_policy_samr_sid(LSA_POL_HND *hnd, DOM_SID *sid);
-uint32 get_lsa_policy_samr_rid(LSA_POL_HND *hnd);
-BOOL close_lsa_policy_hnd(LSA_POL_HND *hnd);
-
-/*The following definitions come from rpc_pipes/lsaparse.c */
-
-void make_q_open_pol(LSA_Q_OPEN_POL *r_q, char *server_name,
- uint32 attributes, uint32 sec_qos,
- uint16 desired_access);
-char* lsa_io_q_open_pol(BOOL io, LSA_Q_OPEN_POL *r_q, char *q, char *base, int align, int depth);
-char* lsa_io_r_open_pol(BOOL io, LSA_R_OPEN_POL *r_p, char *q, char *base, int align, int depth);
-void make_q_query(LSA_Q_QUERY_INFO *q_q, LSA_POL_HND *hnd, uint16 info_class);
-char* lsa_io_q_query(BOOL io, LSA_Q_QUERY_INFO *q_q, char *q, char *base, int align, int depth);
-char* lsa_io_q_enum_trust_dom(BOOL io, LSA_Q_ENUM_TRUST_DOM *q_e, char *q, char *base, int align, int depth);
-void make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e, LSA_POL_HND *hnd, uint32 status);
-char* lsa_io_r_enum_trust_dom(BOOL io, LSA_R_ENUM_TRUST_DOM *r_e, char *q, char *base, int align, int depth);
-void make_q_close(LSA_Q_CLOSE *q_c, LSA_POL_HND *hnd);
-char* lsa_io_q_close(BOOL io, LSA_Q_CLOSE *q_c, char *q, char *base, int align, int depth);
-void make_r_close(LSA_R_CLOSE *q_r, LSA_POL_HND *hnd);
-char* lsa_io_r_close(BOOL io, LSA_R_CLOSE *r_c, char *q, char *base, int align, int depth);
-char* lsa_io_r_query(BOOL io, LSA_R_QUERY_INFO *r_q, char *q, char *base, int align, int depth);
-char* lsa_io_q_lookup_sids(BOOL io, LSA_Q_LOOKUP_SIDS *q_s, char *q, char *base, int align, int depth);
-char* lsa_io_r_lookup_sids(BOOL io, LSA_R_LOOKUP_SIDS *r_s, char *q, char *base, int align, int depth);
-char* lsa_io_q_lookup_rids(BOOL io, LSA_Q_LOOKUP_RIDS *q_r, char *q, char *base, int align, int depth);
-char* lsa_io_r_lookup_rids(BOOL io, LSA_R_LOOKUP_RIDS *r_r, char *q, char *base, int align, int depth);
-void make_q_req_chal(LSA_Q_REQ_CHAL *q_c,
- char *logon_srv, char *logon_clnt,
- DOM_CHAL *clnt_chal);
-char* lsa_io_q_req_chal(BOOL io, LSA_Q_REQ_CHAL *q_c, char *q, char *base, int align, int depth);
-char* lsa_io_r_req_chal(BOOL io, LSA_R_REQ_CHAL *r_c, char *q, char *base, int align, int depth);
-void make_q_auth_2(LSA_Q_AUTH_2 *q_a,
- char *logon_srv, char *acct_name, uint16 sec_chan, char *comp_name,
- DOM_CHAL *clnt_chal, uint32 clnt_flgs);
-char* lsa_io_q_auth_2(BOOL io, LSA_Q_AUTH_2 *q_a, char *q, char *base, int align, int depth);
-char* lsa_io_r_auth_2(BOOL io, LSA_R_AUTH_2 *r_a, char *q, char *base, int align, int depth);
-void make_q_srv_pwset(LSA_Q_SRV_PWSET *q_s, char sess_key[8],
- char *logon_srv, char *acct_name, uint16 sec_chan, char *comp_name,
- DOM_CRED *cred, char nt_cypher[16]);
-char* lsa_io_q_srv_pwset(BOOL io, LSA_Q_SRV_PWSET *q_s, char *q, char *base, int align, int depth);
-char* lsa_io_r_srv_pwset(BOOL io, LSA_R_SRV_PWSET *r_s, char *q, char *base, int align, int depth);
-char* lsa_io_user_info(BOOL io, LSA_USER_INFO *usr, char *q, char *base, int align, int depth);
-char* lsa_io_q_sam_logon(BOOL io, LSA_Q_SAM_LOGON *q_l, char *q, char *base, int align, int depth);
-char* lsa_io_r_sam_logon(BOOL io, LSA_R_SAM_LOGON *r_l, char *q, char *base, int align, int depth);
-char* lsa_io_q_sam_logoff(BOOL io, LSA_Q_SAM_LOGOFF *q_l, char *q, char *base, int align, int depth);
-char* lsa_io_r_sam_logoff(BOOL io, LSA_R_SAM_LOGOFF *r_l, char *q, char *base, int align, int depth);
-
-/*The following definitions come from rpc_pipes/ntclientlsa.c */
-
-BOOL do_lsa_open_policy(uint16 fnum, uint32 call_id,
- char *server_name, LSA_POL_HND *hnd);
-BOOL do_lsa_query_info_pol(uint16 fnum, uint32 call_id,
- LSA_POL_HND *hnd, uint16 info_class,
- fstring domain_name, pstring domain_sid);
-BOOL do_lsa_close(uint16 fnum, uint32 call_id,
- LSA_POL_HND *hnd);
-
-/*The following definitions come from rpc_pipes/ntclientnet.c */
-
-BOOL do_lsa_req_chal(uint16 fnum, uint32 call_id,
- char *desthost, char *myhostname,
- DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal);
-BOOL do_lsa_auth2(uint16 fnum, uint32 call_id,
- char *logon_srv, char *acct_name, uint16 sec_chan, char *comp_name,
- DOM_CHAL *clnt_chal, uint32 neg_flags, DOM_CHAL *srv_chal);
-BOOL do_lsa_srv_pwset(uint16 fnum, uint32 call_id,
- uchar sess_key[8],
- char *logon_srv, char *mach_acct, uint16 sec_chan_type, char *comp_name,
- DOM_CRED *clnt_cred, DOM_CRED *srv_cred,
- char nt_owf_new_mach_pwd[16]);
-BOOL do_lsa_sam_logon(uint16 fnum, uint32 call_id,
- uchar sess_key[8], DOM_CRED *sto_clnt_cred,
- char *logon_srv, char *comp_name,
- DOM_CRED *clnt_cred, DOM_CRED *rtn_cred,
- uint16 logon_level, uint16 switch_value, DOM_ID_INFO_1 *id1,
- LSA_USER_INFO *user_info,
- DOM_CRED *srv_cred);
-BOOL do_lsa_sam_logoff(uint16 fnum, uint32 call_id,
- uchar sess_key[8], DOM_CRED *sto_clnt_cred,
- char *logon_srv, char *comp_name,
- DOM_CRED *clnt_cred, DOM_CRED *rtn_cred,
- uint16 logon_level, uint16 switch_value, DOM_ID_INFO_1 *id1,
- DOM_CRED *srv_cred);
-
-/*The following definitions come from rpc_pipes/ntclientpipe.c */
-
-uint16 rpc_pipe_open(char *inbuf, char *outbuf, char *rname, int Client, int cnum);
-BOOL rpc_pipe_set_hnd_state(char *pipe_name, uint16 fnum, uint16 device_state);
-BOOL rpc_pipe_bind(char *pipe_name, uint16 fnum, uint32 call_id,
- RPC_IFACE *abstract, RPC_IFACE *transfer);
-
-/*The following definitions come from rpc_pipes/pipe_hnd.c */
-
-void reset_chain_pnum(void);
-void init_rpc_pipe_hnd(void);
-int open_rpc_pipe_hnd(char *pipe_name, int cnum);
-char *get_rpc_pipe_hnd_name(int pnum);
-BOOL set_rpc_pipe_hnd_state(int pnum, int cnum, uint16 device_state);
-BOOL close_rpc_pipe_hnd(int pnum, int cnum);
-int get_rpc_pipe_num(char *buf, int where);
-
-/*The following definitions come from rpc_pipes/pipenetlog.c */
-
-BOOL api_netlogrpcTNP(int cnum,int uid, char *param,char *data,
- int mdrcnt,int mprcnt,
- char **rdata,char **rparam,
- int *rdata_len,int *rparam_len);
-
-/*The following definitions come from rpc_pipes/pipentlsa.c */
-
-BOOL api_ntLsarpcTNP(int cnum,int uid, char *param,char *data,
- int mdrcnt,int mprcnt,
- char **rdata,char **rparam,
- int *rdata_len,int *rparam_len);
-
-/*The following definitions come from rpc_pipes/pipesamr.c */
-
-BOOL api_samrTNP(int cnum,int uid, char *param,char *data,
- int mdrcnt,int mprcnt,
- char **rdata,char **rparam,
- int *rdata_len,int *rparam_len);
-
-/*The following definitions come from rpc_pipes/pipesrvsvc.c */
-
-BOOL api_srvsvcTNP(int cnum,int uid, char *param,char *data,
- int mdrcnt,int mprcnt,
- char **rdata,char **rparam,
- int *rdata_len,int *rparam_len);
-
-/*The following definitions come from rpc_pipes/pipeutil.c */
-
-void initrpcreply(char *inbuf, char *q);
-void endrpcreply(char *inbuf, char *q, int datalen, int rtnval, int *rlen);
-BOOL name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid);
-char *dom_sid_to_string(DOM_SID *sid);
-int make_dom_sids(char *sids_str, DOM_SID *sids, int max_sids);
-int make_dom_gids(char *gids_str, DOM_GID *gids);
-int create_rpc_request(uint32 call_id, uint8 op_num, char *q, int data_len);
-int create_rpc_reply(uint32 call_id, char *q, int data_len);
-
-/*The following definitions come from rpc_pipes/pipewkssvc.c */
-
-BOOL api_wkssvcTNP(int cnum,int uid, char *param,char *data,
- int mdrcnt,int mprcnt,
- char **rdata,char **rparam,
- int *rdata_len,int *rparam_len);
-
-/*The following definitions come from rpc_pipes/samrparse.c */
-
-char* samr_io_q_close(BOOL io, SAMR_Q_CLOSE *q_u, char *q, char *base, int align, int depth);
-char* samr_io_r_close(BOOL io, SAMR_R_CLOSE *r_u, char *q, char *base, int align, int depth);
-char* samr_io_q_open_secret(BOOL io, SAMR_Q_OPEN_SECRET *q_u, char *q, char *base, int align, int depth);
-char* samr_io_r_open_secret(BOOL io, SAMR_R_OPEN_SECRET *r_u, char *q, char *base, int align, int depth);
-char* samr_io_q_lookup_rids(BOOL io, SAMR_Q_LOOKUP_RIDS *q_u, char *q, char *base, int align, int depth);
-void make_samr_r_lookup_rids(SAMR_R_LOOKUP_RIDS *r_u,
- uint32 num_rids, uint32 rid, uint32 status);
-char* samr_io_r_lookup_rids(BOOL io, SAMR_R_LOOKUP_RIDS *r_u, char *q, char *base, int align, int depth);
-char* samr_io_q_unknown_22(BOOL io, SAMR_Q_UNKNOWN_22 *q_u, char *q, char *base, int align, int depth);
-char* samr_io_r_unknown_22(BOOL io, SAMR_R_UNKNOWN_22 *r_u, char *q, char *base, int align, int depth);
-char* samr_io_q_unknown_24(BOOL io, SAMR_Q_UNKNOWN_24 *q_u, char *q, char *base, int align, int depth);
-void make_samr_r_unknown_24(SAMR_R_UNKNOWN_24 *r_u,
- uint16 unknown_0, NTTIME *expiry, char *mach_acct,
- uint32 unknown_id_0, uint32 status);
-char* samr_io_r_unknown_24(BOOL io, SAMR_R_UNKNOWN_24 *r_u, char *q, char *base, int align, int depth);
-char* samr_io_q_unknown_32(BOOL io, SAMR_Q_UNKNOWN_32 *q_u, char *q, char *base, int align, int depth);
-char* samr_io_r_unknown_32(BOOL io, SAMR_R_UNKNOWN_32 *r_u, char *q, char *base, int align, int depth);
-char* samr_io_q_open_policy(BOOL io, SAMR_Q_OPEN_POLICY *q_u, char *q, char *base, int align, int depth);
-char* samr_io_r_open_policy(BOOL io, SAMR_R_OPEN_POLICY *r_u, char *q, char *base, int align, int depth);
-
-/*The following definitions come from rpc_pipes/smbparse.c */
-
-char* smb_io_utime(BOOL io, UTIME *t, char *q, char *base, int align, int depth);
-char* smb_io_time(BOOL io, NTTIME *nttime, char *q, char *base, int align, int depth);
-void make_dom_sid(DOM_SID *sid, char *domsid);
-char* smb_io_dom_sid(BOOL io, DOM_SID *sid, char *q, char *base, int align, int depth);
-void make_uni_hdr(UNIHDR *hdr, int max_len, int len, uint16 terminate);
-char* smb_io_unihdr(BOOL io, UNIHDR *hdr, char *q, char *base, int align, int depth);
-void make_uni_hdr2(UNIHDR2 *hdr, int max_len, int len, uint16 terminate);
-char* smb_io_unihdr2(BOOL io, UNIHDR2 *hdr2, char *q, char *base, int align, int depth);
-void make_unistr(UNISTR *str, char *buf);
-char* smb_io_unistr(BOOL io, UNISTR *uni, char *q, char *base, int align, int depth);
-void make_unistr2(UNISTR2 *str, char *buf, int len);
-char* smb_io_unistr2(BOOL io, UNISTR2 *uni2, char *q, char *base, int align, int depth);
-void make_dom_sid2(DOM_SID2 *sid2, char *sid_str);
-char* smb_io_dom_sid2(BOOL io, DOM_SID2 *sid2, char *q, char *base, int align, int depth);
-void make_dom_rid2(DOM_RID2 *rid2, uint32 rid);
-char* smb_io_dom_rid2(BOOL io, DOM_RID2 *rid2, char *q, char *base, int align, int depth);
-void make_dom_rid3(DOM_RID3 *rid3, uint32 rid);
-char* smb_io_dom_rid3(BOOL io, DOM_RID3 *rid3, char *q, char *base, int align, int depth);
-void make_clnt_srv(DOM_CLNT_SRV *log, char *logon_srv, char *comp_name);
-char* smb_io_clnt_srv(BOOL io, DOM_CLNT_SRV *log, char *q, char *base, int align, int depth);
-void make_log_info(DOM_LOG_INFO *log, char *logon_srv, char *acct_name,
- uint16 sec_chan, char *comp_name);
-char* smb_io_log_info(BOOL io, DOM_LOG_INFO *log, char *q, char *base, int align, int depth);
-char* smb_io_chal(BOOL io, DOM_CHAL *chal, char *q, char *base, int align, int depth);
-char* smb_io_cred(BOOL io, DOM_CRED *cred, char *q, char *base, int align, int depth);
-void make_clnt_info2(DOM_CLNT_INFO2 *clnt,
- char *logon_srv, char *comp_name,
- DOM_CRED *clnt_cred);
-char* smb_io_clnt_info2(BOOL io, DOM_CLNT_INFO2 *clnt, char *q, char *base, int align, int depth);
-char* make_clnt_info(DOM_CLNT_INFO *clnt,
- char *logon_srv, char *acct_name,
- uint16 sec_chan, char *comp_name,
- DOM_CRED *cred);
-char* smb_io_clnt_info(BOOL io, DOM_CLNT_INFO *clnt, char *q, char *base, int align, int depth);
-void make_logon_id(DOM_LOGON_ID *log, uint32 log_id_low, uint32 log_id_high);
-char* smb_io_logon_id(BOOL io, DOM_LOGON_ID *log, char *q, char *base, int align, int depth);
-void make_arc4_owf(ARC4_OWF *hash, char data[16]);
-char* smb_io_arc4_owf(BOOL io, ARC4_OWF *hash, char *q, char *base, int align, int depth);
-void make_id_info1(DOM_ID_INFO_1 *id, char *domain_name,
- uint32 param_ctrl, uint32 log_id_low, uint32 log_id_high,
- char *user_name, char *wksta_name,
- char *sess_key,
- unsigned char lm_cypher[16], unsigned char nt_cypher[16]);
-char* smb_io_id_info1(BOOL io, DOM_ID_INFO_1 *id, char *q, char *base, int align, int depth);
-void make_sam_info(DOM_SAM_INFO *sam,
- char *logon_srv, char *comp_name, DOM_CRED *clnt_cred,
- DOM_CRED *rtn_cred, uint16 logon_level, uint16 switch_value,
- DOM_ID_INFO_1 *id1);
-char* smb_io_sam_info(BOOL io, DOM_SAM_INFO *sam, char *q, char *base, int align, int depth);
-char* smb_io_gid(BOOL io, DOM_GID *gid, char *q, char *base, int align, int depth);
-void make_rpc_hdr(RPC_HDR *hdr, enum RPC_PKT_TYPE pkt_type, uint8 frag,
- uint32 call_id, int data_len);
-char* smb_io_rpc_hdr(BOOL io, RPC_HDR *rpc, char *q, char *base, int align, int depth);
-void make_rpc_iface(RPC_IFACE *ifc, char data[16], uint32 version);
-char* smb_io_rpc_iface(BOOL io, RPC_IFACE *ifc, char *q, char *base, int align, int depth);
-void make_rpc_addr_str(RPC_ADDR_STR *str, char *name);
-char* smb_io_rpc_addr_str(BOOL io, RPC_ADDR_STR *str, char *q, char *base, int align, int depth);
-void make_rpc_hdr_bba(RPC_HDR_BBA *bba, uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid);
-char* smb_io_rpc_hdr_bba(BOOL io, RPC_HDR_BBA *rpc, char *q, char *base, int align, int depth);
-void make_rpc_hdr_rb(RPC_HDR_RB *rpc,
- uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid,
- uint32 num_elements, uint16 context_id, uint8 num_syntaxes,
- RPC_IFACE *abstract, RPC_IFACE *transfer);
-char* smb_io_rpc_hdr_rb(BOOL io, RPC_HDR_RB *rpc, char *q, char *base, int align, int depth);
-void make_rpc_results(RPC_RESULTS *res,
- uint8 num_results, uint16 result, uint16 reason);
-char* smb_io_rpc_results(BOOL io, RPC_RESULTS *res, char *q, char *base, int align, int depth);
-void make_rpc_hdr_ba(RPC_HDR_BA *rpc,
- uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid,
- char *pipe_addr,
- uint8 num_results, uint16 result, uint16 reason,
- RPC_IFACE *transfer);
-char* smb_io_rpc_hdr_ba(BOOL io, RPC_HDR_BA *rpc, char *q, char *base, int align, int depth);
-void make_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, uint32 sec_qos);
-char* smb_io_obj_attr(BOOL io, LSA_OBJ_ATTR *attr, char *q, char *base, int align, int depth);
-void make_rpc_hdr_rr(RPC_HDR_RR *hdr, enum RPC_PKT_TYPE pkt_type,
- uint32 call_id, int data_len, uint8 opnum);
-char* smb_io_rpc_hdr_rr(BOOL io, RPC_HDR_RR *rpc, char *q, char *base, int align, int depth);
-char* smb_io_pol_hnd(BOOL io, LSA_POL_HND *pol, char *q, char *base, int align, int depth);
-char* smb_io_dom_query_3(BOOL io, DOM_QUERY_3 *d_q, char *q, char *base, int align, int depth);
-char* smb_io_dom_query_5(BOOL io, DOM_QUERY_3 *d_q, char *q, char *base, int align, int depth);
-char* smb_io_dom_query(BOOL io, DOM_QUERY *d_q, char *q, char *base, int align, int depth);
-char* smb_io_dom_r_ref(BOOL io, DOM_R_REF *r_r, char *q, char *base, int align, int depth);
-char* smb_io_dom_name(BOOL io, DOM_NAME *name, char *q, char *base, int align, int depth);
-char* smb_io_neg_flags(BOOL io, NEG_FLAGS *neg, char *q, char *base, int align, int depth);
-
-/*The following definitions come from rpc_pipes/srvparse.c */
-
-char* srv_io_share_info1_str(BOOL io, SH_INFO_1_STR *sh1, char *q, char *base, int align, int depth);
-char* srv_io_share_info1(BOOL io, SH_INFO_1 *sh1, char *q, char *base, int align, int depth);
-char* srv_io_share_1_ctr(BOOL io, SHARE_INFO_1_CTR *ctr, char *q, char *base, int align, int depth);
-char* srv_io_q_net_share_enum(BOOL io, SRV_Q_NET_SHARE_ENUM *q_n, char *q, char *base, int align, int depth);
-char* srv_io_r_net_share_enum(BOOL io, SRV_R_NET_SHARE_ENUM *r_n, char *q, char *base, int align, int depth);
-
-/*The following definitions come from rpc_pipes/wksparse.c */
-
-char* wks_io_q_unknown_0(BOOL io, WKS_Q_UNKNOWN_0 *q_u, char *q, char *base, int align, int depth);
-char* wks_io_r_unknown_0(BOOL io, WKS_R_UNKNOWN_0 *r_u, char *q, char *base, int align, int depth);
-
/*The following definitions come from server.c */
void *dflt_sig(void);
/*The following definitions come from smbpass.c */
-int pw_file_lock(char *name, int type, int secs);
+int pw_file_lock(int fd, int type, int secs);
int pw_file_unlock(int fd);
+FILE *startsmbpwent(BOOL update);
+void endsmbpwent(FILE *fp);
+struct smb_passwd *getsmbpwent(FILE *fp);
struct smb_passwd *get_smbpwd_entry(char *name, int smb_userid);
-BOOL add_smbpwd_entry(struct smb_passwd* pwd);
+BOOL add_smbpwd_entry(struct smb_passwd *newpwd);
BOOL mod_smbpwd_entry(struct smb_passwd* pwd);
/*The following definitions come from status.c */
time_t make_unix_date(void *date_ptr);
time_t make_unix_date2(void *date_ptr);
time_t make_unix_date3(void *date_ptr);
+char *http_timestring(time_t t);
char *timestring(void );
time_t get_create_time(struct stat *st);
void print_asc(int level, unsigned char *buf,int len);
void dump_data(int level,char *buf1,int len);
char *tab_depth(int depth);
+char *dom_sid_to_string(DOM_SID *sid);
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ SMB parameters and setup
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _DCE_RPC_H /* _DCE_RPC_H */
+#define _DCE_RPC_H
+
+#include "rpc_misc.h" /* this only pulls in STRHDR */
+
+
+/* DCE/RPC packet types */
+
+enum RPC_PKT_TYPE
+{
+ RPC_REQUEST = 0x00,
+ RPC_RESPONSE = 0x02,
+ RPC_BIND = 0x0B,
+ RPC_BINDACK = 0x0C
+};
+
+/* DCE/RPC flags */
+#define RPC_FLG_FIRST 0x01
+#define RPC_FLG_LAST 0x02
+
+
+/* RPC_IFACE */
+typedef struct rpc_iface_info
+{
+ uint8 data[16]; /* 16 bytes of rpc interface identification */
+ uint32 version; /* the interface version number */
+
+} RPC_IFACE;
+
+struct pipe_id_info
+{
+ /* the names appear not to matter: the syntaxes _do_ matter */
+
+ char *client_pipe;
+ RPC_IFACE abstr_syntax; /* this one is the abstract syntax id */
+
+ char *server_pipe; /* this one is the secondary syntax name */
+ RPC_IFACE trans_syntax; /* this one is the primary syntax id */
+};
+
+/* RPC_HDR - dce rpc header */
+typedef struct rpc_hdr_info
+{
+ uint8 major; /* 5 - RPC major version */
+ uint8 minor; /* 0 - RPC minor version */
+ uint8 pkt_type; /* RPC_PKT_TYPE - RPC response packet */
+ uint8 flags; /* DCE/RPC flags */
+ uint32 pack_type; /* 0x1000 0000 - packed data representation */
+ uint16 frag_len; /* fragment length - data size (bytes) inc header and tail. */
+ uint16 auth_len; /* 0 - authentication length */
+ uint32 call_id; /* call identifier. matches 12th uint32 of incoming RPC data. */
+
+} RPC_HDR;
+
+/* RPC_HDR_RR - ms request / response rpc header */
+typedef struct rpc_hdr_rr_info
+{
+ uint32 alloc_hint; /* allocation hint - data size (bytes) minus header and tail. */
+ uint8 context_id; /* 0 - presentation context identifier */
+ uint8 cancel_count; /* 0 - cancel count */
+ uint8 opnum; /* opnum */
+ uint8 reserved; /* 0 - reserved. */
+
+} RPC_HDR_RR;
+
+/* this seems to be the same string name depending on the name of the pipe,
+ * but is more likely to be linked to the interface name
+ * "srvsvc", "\\PIPE\\ntsvcs"
+ * "samr", "\\PIPE\\lsass"
+ * "wkssvc", "\\PIPE\\wksvcs"
+ * "NETLOGON", "\\PIPE\\NETLOGON"
+ */
+/* RPC_ADDR_STR */
+typedef struct rpc_addr_info
+{
+ uint16 len; /* length of the string including null terminator */
+ fstring str; /* the string above in single byte, null terminated form */
+
+} RPC_ADDR_STR;
+
+/* RPC_HDR_BBA */
+typedef struct rpc_hdr_bba_info
+{
+ uint16 max_tsize; /* maximum transmission fragment size (0x1630) */
+ uint16 max_rsize; /* max receive fragment size (0x1630) */
+ uint32 assoc_gid; /* associated group id (0x0) */
+
+} RPC_HDR_BBA;
+
+/* RPC_BIND_REQ - ms req bind */
+typedef struct rpc_bind_req_info
+{
+ RPC_HDR_BBA bba;
+
+ uint32 num_elements; /* the number of elements (0x1) */
+ uint16 context_id; /* presentation context identifier (0x0) */
+ uint8 num_syntaxes; /* the number of syntaxes (has always been 1?)(0x1) */
+
+ RPC_IFACE abstract; /* num and vers. of interface client is using */
+ RPC_IFACE transfer; /* num and vers. of interface to use for replies */
+
+} RPC_HDR_RB;
+
+/* RPC_RESULTS - can only cope with one reason, right now... */
+typedef struct rpc_results_info
+{
+/* uint8[] # 4-byte alignment padding, against SMB header */
+
+ uint8 num_results; /* the number of results (0x01) */
+
+/* uint8[] # 4-byte alignment padding, against SMB header */
+
+ uint16 result; /* result (0x00 = accept) */
+ uint16 reason; /* reason (0x00 = no reason specified) */
+
+} RPC_RESULTS;
+
+/* RPC_HDR_BA */
+typedef struct rpc_hdr_ba_info
+{
+ RPC_HDR_BBA bba;
+
+ RPC_ADDR_STR addr ; /* the secondary address string, as described earlier */
+ RPC_RESULTS res ; /* results and reasons */
+ RPC_IFACE transfer; /* the transfer syntax from the request */
+
+} RPC_HDR_BA;
+
+/* this is TEMPORARY */
+/* RPC_AUTH_VERIFIER */
+typedef struct rpc_auth_verif_info
+{
+ fstring ssp_str;
+ uint32 ssp_ver;
+
+} RPC_AUTH_VERIFIER;
+
+/* this is TEMPORARILY coded up as a specific structure */
+/* this structure comes after the bind request */
+/* RPC_AUTH_NTLMSSP_REQ */
+typedef struct rpc_auth_ntlmssp_req_info
+{
+ fstring ntlmssp_str; /* "NTLMSSP" */
+ uint32 ntlmssp_ver; /* 0x0000 0001 */
+
+ uint32 unknown_0; /* 0x00b2b3 */
+ STRHDR hdr_myname; /* offset is against START of this structure */
+ STRHDR hdr_domain; /* offset is against START of this structure */
+
+ fstring myname; /* calling workstation's name */
+ fstring domain; /* calling workstations's domain */
+
+} RPC_AUTH_NTLMSSP_REQ;
+
+/* this is TEMPORARILY coded up as a specific structure */
+/* this structure comes after the bind acknowledgement */
+/* RPC_AUTH_NTLMSSP_RESP */
+typedef struct rpc_auth_ntlmssp_resp_info
+{
+ uint8 auth_type; /* 0x0a */
+ uint8 auth_level; /* 0x06 */
+ uint8 stub_type_len; /* don't know */
+ uint8 padding; /* padding */
+
+ uint32 ptr_0; /* non-zero pointer to something */
+
+ fstring ntlmssp_str; /* "NTLMSSP" */
+ uint32 ntlmssp_ver; /* 0x0000 0002 */
+
+ uint32 unknown_1; /* 0x0000 0000 */
+ uint32 unknown_2; /* 0x00b2b3 */
+ uint32 unknown_3; /* 0x0082b1 */
+
+ uint8 data[16]; /* 0x10 bytes of something */
+
+} RPC_AUTH_NTLMSSP_RESP;
+
+/* attached to the end of encrypted rpc requests and responses */
+/* RPC_AUTH_NTLMSSP_CHK */
+typedef struct rpc_auth_ntlmssp_chk_info
+{
+ uint32 ver; /* 0x1 */
+ uint8 data[12];
+
+} RPC_AUTH_NTLMSSP_CHK;
+
+#endif /* _DCE_RPC_H */
+
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ SMB parameters and setup
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _RPC_LSA_H /* _RPC_LSA_H */
+#define _RPC_LSA_H
+
+#include "rpc_misc.h"
+
+enum SID_NAME_USE
+{
+ SID_NAME_USER = 1,
+ SID_NAME_DOM_GRP = 2, /* domain group */
+ SID_NAME_WKN_GRP = 5 /* well-known group */
+};
+
+/* ntlsa pipe */
+#define LSA_OPENPOLICY 0x2c
+#define LSA_QUERYINFOPOLICY 0x07
+#define LSA_ENUMTRUSTDOM 0x0d
+#define LSA_CLOSE 0x00
+#define LSA_OPENSECRET 0x1C
+#define LSA_LOOKUPSIDS 0x0f
+
+/* XXXX these are here to get a compile! */
+#define LSA_LOOKUPRIDS 0xFD
+#define LSA_LOOKUPNAMES 0xFC
+
+#define LSA_MAX_GROUPS 32
+#define LSA_MAX_SIDS 32
+
+/* DOM_QUERY - info class 3 and 5 LSA Query response */
+typedef struct dom_query_info
+{
+ uint16 uni_dom_max_len; /* domain name string length * 2 */
+ uint16 uni_dom_str_len; /* domain name string length * 2 */
+ uint32 buffer_dom_name; /* undocumented domain name string buffer pointer */
+ uint32 buffer_dom_sid; /* undocumented domain SID string buffer pointer */
+ UNISTR2 uni_domain_name; /* domain name (unicode string) */
+ DOM_SID2 dom_sid; /* domain SID */
+
+} DOM_QUERY;
+
+/* level 5 is same as level 3. we hope. */
+typedef DOM_QUERY DOM_QUERY_3;
+typedef DOM_QUERY DOM_QUERY_5;
+
+
+typedef struct obj_attr_info
+{
+ uint32 len; /* 0x18 - length (in bytes) inc. the length field. */
+ uint32 ptr_root_dir; /* 0 - root directory (pointer) */
+ uint32 ptr_obj_name; /* 0 - object name (pointer) */
+ uint32 attributes; /* 0 - attributes (undocumented) */
+ uint32 ptr_sec_desc; /* 0 - security descriptior (pointer) */
+ uint32 sec_qos; /* 0 - security quality of service */
+
+} LSA_OBJ_ATTR;
+
+/* LSA_Q_OPEN_POL - LSA Query Open Policy */
+typedef struct lsa_q_open_pol_info
+{
+ uint32 ptr; /* undocumented buffer pointer */
+ UNISTR2 uni_server_name; /* server name, starting with two '\'s */
+ LSA_OBJ_ATTR attr ; /* object attributes */
+
+ uint32 des_access; /* desired access attributes */
+
+} LSA_Q_OPEN_POL;
+
+/* LSA_R_OPEN_POL - response to LSA Open Policy */
+typedef struct lsa_r_open_pol_info
+{
+ POLICY_HND pol; /* policy handle */
+ uint32 status; /* return code */
+
+} LSA_R_OPEN_POL;
+
+/* LSA_Q_QUERY_INFO - LSA query info policy */
+typedef struct lsa_query_info
+{
+ POLICY_HND pol; /* policy handle */
+ uint16 info_class; /* info class */
+
+} LSA_Q_QUERY_INFO;
+
+/* LSA_R_QUERY_INFO - response to LSA query info policy */
+typedef struct lsa_r_query_info
+{
+ uint32 undoc_buffer; /* undocumented buffer pointer */
+ uint16 info_class; /* info class (same as info class in request) */
+
+ union
+ {
+ DOM_QUERY_3 id3;
+ DOM_QUERY_5 id5;
+
+ } dom;
+
+ uint32 status; /* return code */
+
+} LSA_R_QUERY_INFO;
+
+/* LSA_Q_ENUM_TRUST_DOM - LSA enumerate trusted domains */
+typedef struct lsa_enum_trust_dom_info
+{
+ POLICY_HND pol; /* policy handle */
+ uint32 enum_context; /* enumeration context handle */
+ uint32 preferred_len; /* preferred maximum length */
+
+} LSA_Q_ENUM_TRUST_DOM;
+
+/* LSA_R_ENUM_TRUST_DOM - response to LSA enumerate trusted domains */
+typedef struct lsa_r_enum_trust_dom_info
+{
+ uint32 enum_context; /* enumeration context handle */
+ uint32 num_domains; /* number of domains */
+ uint32 ptr_enum_domains; /* buffer pointer to num domains */
+
+ /* this lot is only added if ptr_enum_domains is non-NULL */
+ uint32 num_domains2; /* number of domains */
+ UNIHDR2 hdr_domain_name;
+ UNISTR2 uni_domain_name;
+ DOM_SID2 other_domain_sid;
+
+ uint32 status; /* return code */
+
+} LSA_R_ENUM_TRUST_DOM;
+
+/* LSA_Q_CLOSE */
+typedef struct lsa_q_close_info
+{
+ POLICY_HND pol; /* policy handle */
+
+} LSA_Q_CLOSE;
+
+/* LSA_R_CLOSE */
+typedef struct lsa_r_close_info
+{
+ POLICY_HND pol; /* policy handle. should be all zeros. */
+
+ uint32 status; /* return code */
+
+} LSA_R_CLOSE;
+
+
+#define MAX_REF_DOMAINS 10
+
+/* DOM_R_REF */
+typedef struct dom_ref_info
+{
+ uint32 undoc_buffer; /* undocumented buffer pointer. */
+ uint32 num_ref_doms_1; /* num referenced domains? */
+ uint32 buffer_dom_name; /* undocumented domain name buffer pointer. */
+ uint32 max_entries; /* 32 - max number of entries */
+ uint32 num_ref_doms_2; /* 4 - num referenced domains? */
+
+ UNIHDR2 hdr_dom_name; /* domain name unicode string header */
+ UNIHDR2 hdr_ref_dom[MAX_REF_DOMAINS]; /* referenced domain unicode string headers */
+
+ UNISTR uni_dom_name; /* domain name unicode string */
+ DOM_SID2 ref_dom[MAX_REF_DOMAINS]; /* referenced domain SIDs */
+
+} DOM_R_REF;
+
+/* LSA_TRANS_NAME - translated name */
+typedef struct lsa_trans_name_info
+{
+ uint32 sid_name_use; /* value is 5 for a well-known group; 2 for a domain group; 1 for a user... */
+
+ UNIHDR hdr_name;
+ UNISTR2 uni_name;
+
+ uint32 domain_idx;
+
+} LSA_TRANS_NAME;
+
+#define MAX_LOOKUP_SIDS 10
+
+/* LSA_TRANS_NAME_ENUM - LSA Translated Name Enumeration container */
+typedef struct lsa_trans_name_enum_info
+{
+ uint32 num_entries;
+ uint32 ptr_trans_names;
+ uint32 num_entries2;
+
+ uint32 ptr_name[MAX_LOOKUP_SIDS]; /* translated name pointers */
+ LSA_TRANS_NAME name [MAX_LOOKUP_SIDS]; /* translated names */
+
+} LSA_TRANS_NAME_ENUM;
+
+/* LSA_SID_ENUM - LSA SID enumeration container */
+typedef struct lsa_sid_enum_info
+{
+ uint32 num_entries;
+ uint32 ptr_sid_enum;
+ uint32 num_entries2;
+
+ uint32 ptr_sid[MAX_LOOKUP_SIDS]; /* domain SID pointers to be looked up. */
+ DOM_SID2 sid [MAX_LOOKUP_SIDS]; /* domain SIDs to be looked up. */
+
+} LSA_SID_ENUM;
+
+/* LSA_Q_LOOKUP_SIDS - LSA Lookup SIDs */
+typedef struct lsa_q_lookup_sids
+{
+ POLICY_HND pol_hnd; /* policy handle */
+ LSA_SID_ENUM sids;
+ LSA_TRANS_NAME_ENUM names;
+ LOOKUP_LEVEL level;
+ uint32 mapped_count;
+
+} LSA_Q_LOOKUP_SIDS;
+
+/* LSA_R_LOOKUP_SIDS - response to LSA Lookup SIDs */
+typedef struct lsa_r_lookup_sids
+{
+ DOM_R_REF *dom_ref; /* domain reference info */
+ LSA_TRANS_NAME_ENUM *names;
+ uint32 mapped_count;
+
+ uint32 status; /* return code */
+
+} LSA_R_LOOKUP_SIDS;
+
+/* DOM_NAME - XXXX not sure about this structure */
+typedef struct dom_name_info
+{
+ uint32 uni_str_len;
+ UNISTR str;
+
+} DOM_NAME;
+
+
+#define UNKNOWN_LEN 1
+
+/* LSA_Q_LOOKUP_RIDS - LSA Lookup RIDs */
+typedef struct lsa_q_lookup_rids
+{
+ POLICY_HND pol_hnd; /* policy handle */
+ uint32 num_entries;
+ uint32 num_entries2;
+ uint32 buffer_dom_sid; /* undocumented domain SID buffer pointer */
+ uint32 buffer_dom_name; /* undocumented domain name buffer pointer */
+ DOM_NAME lookup_name[MAX_LOOKUP_SIDS]; /* names to be looked up */
+ uint8 undoc[UNKNOWN_LEN]; /* completely undocumented bytes of unknown length */
+
+} LSA_Q_LOOKUP_RIDS;
+
+/* LSA_R_LOOKUP_RIDS - response to LSA Lookup RIDs by name */
+typedef struct lsa_r_lookup_rids
+{
+ DOM_R_REF dom_ref; /* domain reference info */
+
+ uint32 num_entries;
+ uint32 undoc_buffer; /* undocumented buffer pointer */
+
+ uint32 num_entries2;
+ DOM_RID2 dom_rid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */
+
+ uint32 num_entries3;
+
+ uint32 status; /* return code */
+
+} LSA_R_LOOKUP_RIDS;
+
+
+#endif /* _RPC_LSA_H */
+
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ SMB parameters and setup
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _RPC_MISC_H /* _RPC_MISC_H */
+#define _RPC_MISC_H
+
+
+#include "rpc_dce.h"
+
+/* pipe string names */
+#define PIPE_SRVSVC "\\PIPE\\srvsvc"
+#define PIPE_SAMR "\\PIPE\\samr"
+#define PIPE_WINREG "\\PIPE\\winreg"
+#define PIPE_WKSSVC "\\PIPE\\wkssvc"
+#define PIPE_NETLOGON "\\PIPE\\NETLOGON"
+#define PIPE_NTLSA "\\PIPE\\ntlsa"
+#define PIPE_NTSVCS "\\PIPE\\ntsvcs"
+#define PIPE_LSASS "\\PIPE\\lsass"
+#define PIPE_LSARPC "\\PIPE\\lsarpc"
+
+/* well-known RIDs - Relative IDs */
+
+/* RIDs - Well-known users ... */
+#define DOMAIN_USER_RID_ADMIN (0x000001F4L)
+#define DOMAIN_USER_RID_GUEST (0x000001F5L)
+
+/* RIDs - well-known groups ... */
+#define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
+#define DOMAIN_GROUP_RID_USERS (0x00000201L)
+#define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
+
+/* RIDs - well-known aliases ... */
+#define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
+#define DOMAIN_ALIAS_RID_USERS (0x00000221L)
+#define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
+#define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
+
+#define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
+#define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
+#define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
+#define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
+
+#define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
+
+/* ENUM_HND */
+typedef struct enum_hnd_info
+{
+ uint32 ptr_hnd; /* pointer to enumeration handle */
+ uint32 handle; /* enumeration handle */
+
+} ENUM_HND;
+
+/* LOOKUP_LEVEL - switch value */
+typedef struct lookup_level_info
+{
+ uint16 value;
+
+} LOOKUP_LEVEL;
+
+#define MAXSUBAUTHS 15 /* max sub authorities in a SID */
+
+/* DOM_SID - security id */
+typedef struct sid_info
+{
+ uint8 sid_rev_num; /* SID revision number */
+ uint8 num_auths; /* number of sub-authorities */
+ uint8 id_auth[6]; /* Identifier Authority */
+ uint32 sub_auths[MAXSUBAUTHS]; /* pointer to sub-authorities. */
+
+} DOM_SID;
+
+/* DOM_SID2 - security id */
+typedef struct sid_info_2
+{
+ uint32 num_auths; /* length, bytes, including length of len :-) */
+
+ DOM_SID sid;
+
+} DOM_SID2;
+
+/* STRHDR - string header */
+typedef struct header_info
+{
+ uint16 str_max_len;
+ uint16 str_str_len;
+ uint32 buffer; /* non-zero */
+
+} STRHDR;
+
+/* UNIHDR - unicode string header */
+typedef struct unihdr_info
+{
+ uint16 uni_max_len;
+ uint16 uni_str_len;
+ uint32 buffer; /* usually has a value of 4 */
+
+} UNIHDR;
+
+/* UNIHDR2 - unicode string header and undocumented buffer */
+typedef struct unihdr2_info
+{
+ UNIHDR unihdr;
+ uint32 buffer; /* 32 bit buffer pointer */
+
+} UNIHDR2;
+
+/* clueless as to what maximum length should be */
+#define MAX_UNISTRLEN 256
+#define MAX_STRINGLEN 256
+
+/* UNISTR - unicode string size and buffer */
+typedef struct unistr_info
+{
+ uint16 buffer[MAX_UNISTRLEN]; /* unicode characters. ***MUST*** be null-terminated */
+
+} UNISTR;
+
+/* UNINOTSTR2 - unicode string, size (in uint8 ascii chars) and buffer */
+/* pathetic. some stupid team of \PIPE\winreg writers got the concept */
+/* of a unicode string different from the other \PIPE\ writers */
+typedef struct uninotstr2_info
+{
+ uint32 uni_max_len;
+ uint32 undoc;
+ uint32 uni_buf_len;
+ uint16 buffer[MAX_UNISTRLEN]; /* unicode characters. **NOT** necessarily null-terminated */
+
+} UNINOTSTR2;
+
+/* UNISTR2 - unicode string size (in uint16 unicode chars) and buffer */
+typedef struct unistr2_info
+{
+ uint32 uni_max_len;
+ uint32 undoc;
+ uint32 uni_str_len;
+ uint16 buffer[MAX_UNISTRLEN]; /* unicode characters. **NOT** necessarily null-terminated */
+
+} UNISTR2;
+
+/* STRING2 - string size (in uint8 chars) and buffer */
+typedef struct string2_info
+{
+ uint32 str_max_len;
+ uint32 undoc;
+ uint32 str_str_len;
+ uint8 buffer[MAX_STRINGLEN]; /* uint8 characters. **NOT** necessarily null-terminated */
+
+} STRING2;
+
+
+/* DOM_RID2 - domain RID structure for ntlsa pipe */
+typedef struct domrid2_info
+{
+ uint32 type; /* value is 5 */
+ uint32 undoc; /* value is non-zero */
+ uint32 rid;
+ uint32 rid_idx; /* don't know what this is */
+
+} DOM_RID2;
+
+/* DOM_RID3 - domain RID structure for samr pipe */
+typedef struct domrid3_info
+{
+ uint32 rid; /* domain-relative (to a SID) id */
+ uint32 type1; /* value is 0x1 */
+ uint32 ptr_type; /* undocumented pointer */
+ uint32 type2; /* value is 0x1 */
+
+} DOM_RID3;
+
+/* DOM_RID4 - rid + user attributes */
+typedef struct domrid4_info
+{
+ uint32 unknown;
+ uint16 attr;
+ uint32 rid; /* user RID */
+
+} DOM_RID4;
+
+/* DOM_CLNT_SRV - client / server names */
+typedef struct clnt_srv_info
+{
+ uint32 undoc_buffer; /* undocumented 32 bit buffer pointer */
+ UNISTR2 uni_logon_srv; /* logon server name */
+ uint32 undoc_buffer2; /* undocumented 32 bit buffer pointer */
+ UNISTR2 uni_comp_name; /* client machine name */
+
+} DOM_CLNT_SRV;
+
+/* DOM_LOG_INFO - login info */
+typedef struct log_info
+{
+ uint32 undoc_buffer; /* undocumented 32 bit buffer pointer */
+ UNISTR2 uni_logon_srv; /* logon server name */
+ UNISTR2 uni_acct_name; /* account name */
+ uint16 sec_chan; /* secure channel type */
+ UNISTR2 uni_comp_name; /* client machine name */
+
+} DOM_LOG_INFO;
+
+/* DOM_CLNT_INFO - client info */
+typedef struct clnt_info
+{
+ DOM_LOG_INFO login;
+ DOM_CRED cred;
+
+} DOM_CLNT_INFO;
+
+/* DOM_CLNT_INFO2 - client info */
+typedef struct clnt_info2
+{
+ DOM_CLNT_SRV login;
+ uint32 ptr_cred;
+ DOM_CRED cred;
+
+} DOM_CLNT_INFO2;
+
+/* DOM_LOGON_ID - logon id */
+typedef struct logon_info
+{
+ uint32 low;
+ uint32 high;
+
+} DOM_LOGON_ID;
+
+/* ARC4_OWF */
+typedef struct arc4_owf_info
+{
+ uint8 data[16];
+
+} ARC4_OWF;
+
+
+/* DOM_GID - group id + user attributes */
+typedef struct gid_info
+{
+ uint32 g_rid; /* a group RID */
+ uint32 attr;
+
+} DOM_GID;
+
+#define POL_HND_SIZE 20
+
+/* POLICY_HND */
+typedef struct lsa_policy_info
+{
+ uint8 data[POL_HND_SIZE]; /* policy handle */
+
+} POLICY_HND;
+
+#endif /* _RPC_MISC_H */
+
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ SMB parameters and setup
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _RPC_NETLOGON_H /* _RPC_NETLOGON_H */
+#define _RPC_NETLOGON_H
+
+
+/* NETLOGON pipe */
+#define NET_REQCHAL 0x04
+#define NET_SRVPWSET 0x06
+#define NET_SAMLOGON 0x02
+#define NET_SAMLOGOFF 0x03
+#define NET_AUTH2 0x0f
+#define NET_LOGON_CTRL2 0x0e
+#define NET_TRUST_DOM_LIST 0x13
+
+/* Secure Channel types. used in NetrServerAuthenticate negotiation */
+#define SEC_CHAN_WKSTA 2
+#define SEC_CHAN_DOMAIN 4
+
+
+/* NET_USER_INFO_3 */
+typedef struct net_user_info_3
+{
+ uint32 ptr_user_info;
+
+ NTTIME logon_time; /* logon time */
+ NTTIME logoff_time; /* logoff time */
+ NTTIME kickoff_time; /* kickoff time */
+ NTTIME pass_last_set_time; /* password last set time */
+ NTTIME pass_can_change_time; /* password can change time */
+ NTTIME pass_must_change_time; /* password must change time */
+
+ UNIHDR hdr_user_name; /* username unicode string header */
+ UNIHDR hdr_full_name; /* user's full name unicode string header */
+ UNIHDR hdr_logon_script; /* logon script unicode string header */
+ UNIHDR hdr_profile_path; /* profile path unicode string header */
+ UNIHDR hdr_home_dir; /* home directory unicode string header */
+ UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
+
+ uint16 logon_count; /* logon count */
+ uint16 bad_pw_count; /* bad password count */
+
+ uint32 user_id; /* User ID */
+ uint32 group_id; /* Group ID */
+ uint32 num_groups; /* num groups */
+ uint32 buffer_groups; /* undocumented buffer pointer to groups. */
+ uint32 user_flgs; /* user flags */
+
+ uint8 user_sess_key[16]; /* unused user session key */
+
+ UNIHDR hdr_logon_srv; /* logon server unicode string header */
+ UNIHDR hdr_logon_dom; /* logon domain unicode string header */
+
+ uint32 buffer_dom_id; /* undocumented logon domain id pointer */
+ uint8 padding[40]; /* unused padding bytes. expansion room */
+
+ uint32 num_other_sids; /* 0 - num_sids */
+ uint32 buffer_other_sids; /* NULL - undocumented pointer to SIDs. */
+
+ UNISTR2 uni_user_name; /* username unicode string */
+ UNISTR2 uni_full_name; /* user's full name unicode string */
+ UNISTR2 uni_logon_script; /* logon script unicode string */
+ UNISTR2 uni_profile_path; /* profile path unicode string */
+ UNISTR2 uni_home_dir; /* home directory unicode string */
+ UNISTR2 uni_dir_drive; /* home directory drive unicode string */
+
+ uint32 num_groups2; /* num groups */
+ DOM_GID gids[LSA_MAX_GROUPS]; /* group info */
+
+ UNISTR2 uni_logon_srv; /* logon server unicode string */
+ UNISTR2 uni_logon_dom; /* logon domain unicode string */
+
+ DOM_SID2 dom_sid; /* domain SID */
+ DOM_SID2 other_sids[LSA_MAX_SIDS]; /* undocumented - domain SIDs */
+
+} NET_USER_INFO_3;
+
+
+/********************************************************
+ Logon Control Query
+
+ query_level 0x1 - pdc status
+ query_level 0x3 - number of logon attempts.
+
+ ********************************************************/
+/* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2*/
+typedef struct net_q_logon_ctrl2_info
+{
+ uint32 ptr; /* undocumented buffer pointer */
+ UNISTR2 uni_server_name; /* server name, starting with two '\'s */
+
+ uint32 function_code; /* 0x1 */
+ uint32 query_level; /* 0x1, 0x3 */
+ uint32 switch_value; /* 0x1 */
+
+} NET_Q_LOGON_CTRL2;
+
+/* NETLOGON_INFO_1 - pdc status info, i presume */
+typedef struct netlogon_1_info
+{
+ uint32 flags; /* 0x0 - undocumented */
+ uint32 pdc_status; /* 0x0 - undocumented */
+
+} NETLOGON_INFO_1;
+
+/* NETLOGON_INFO_2 - pdc status info, plus trusted domain info */
+typedef struct netlogon_2_info
+{
+ uint32 flags; /* 0x0 - undocumented */
+ uint32 pdc_status; /* 0x0 - undocumented */
+ uint32 ptr_trusted_dc_name; /* pointer to trusted domain controller name */
+ uint32 tc_status; /* 0x051f - ERROR_NO_LOGON_SERVERS */
+ UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */
+
+} NETLOGON_INFO_2;
+
+/* NETLOGON_INFO_3 - logon status info, i presume */
+typedef struct netlogon_3_info
+{
+ uint32 flags; /* 0x0 - undocumented */
+ uint32 logon_attempts; /* number of logon attempts */
+ uint32 reserved_1; /* 0x0 - undocumented */
+ uint32 reserved_2; /* 0x0 - undocumented */
+ uint32 reserved_3; /* 0x0 - undocumented */
+ uint32 reserved_4; /* 0x0 - undocumented */
+ uint32 reserved_5; /* 0x0 - undocumented */
+
+} NETLOGON_INFO_3;
+
+/*******************************************************
+ Logon Control Response
+
+ switch_value is same as query_level in request
+ *******************************************************/
+
+/* NET_R_LOGON_CTRL2 - response to LSA Logon Control2 */
+typedef struct net_r_logon_ctrl2_info
+{
+ uint32 switch_value; /* 0x1, 0x3 */
+ uint32 ptr;
+
+ union
+ {
+ NETLOGON_INFO_1 info1;
+ NETLOGON_INFO_2 info2;
+ NETLOGON_INFO_3 info3;
+
+ } logon;
+
+ uint32 status; /* return code */
+
+} NET_R_LOGON_CTRL2;
+
+/* NET_Q_TRUST_DOM_LIST - LSA Query Trusted Domains */
+typedef struct net_q_trust_dom_info
+{
+ uint32 ptr; /* undocumented buffer pointer */
+ UNISTR2 uni_server_name; /* server name, starting with two '\'s */
+
+ uint32 function_code; /* 0x31 */
+
+} NET_Q_TRUST_DOM_LIST;
+
+#define MAX_TRUST_DOMS 1
+
+/* NET_R_TRUST_DOM_LIST - response to LSA Trusted Domains */
+typedef struct net_r_trust_dom_info
+{
+ UNISTR2 uni_trust_dom_name[MAX_TRUST_DOMS];
+
+ uint32 status; /* return code */
+
+} NET_R_TRUST_DOM_LIST;
+
+
+/* NEG_FLAGS */
+typedef struct neg_flags_info
+{
+ uint32 neg_flags; /* negotiated flags */
+
+} NEG_FLAGS;
+
+
+/* NET_Q_REQ_CHAL */
+typedef struct net_q_req_chal_info
+{
+ uint32 undoc_buffer; /* undocumented buffer pointer */
+ UNISTR2 uni_logon_srv; /* logon server unicode string */
+ UNISTR2 uni_logon_clnt; /* logon client unicode string */
+ DOM_CHAL clnt_chal; /* client challenge */
+
+} NET_Q_REQ_CHAL;
+
+
+/* NET_R_REQ_CHAL */
+typedef struct net_r_req_chal_info
+{
+ DOM_CHAL srv_chal; /* server challenge */
+
+ uint32 status; /* return code */
+
+} NET_R_REQ_CHAL;
+
+
+
+/* NET_Q_AUTH_2 */
+typedef struct net_q_auth2_info
+{
+ DOM_LOG_INFO clnt_id; /* client identification info */
+ DOM_CHAL clnt_chal; /* client-calculated credentials */
+
+ NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
+
+} NET_Q_AUTH_2;
+
+
+/* NET_R_AUTH_2 */
+typedef struct net_r_auth2_info
+{
+ DOM_CHAL srv_chal; /* server-calculated credentials */
+ NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
+
+ uint32 status; /* return code */
+
+} NET_R_AUTH_2;
+
+
+/* NET_Q_SRV_PWSET */
+typedef struct net_q_srv_pwset_info
+{
+ DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
+ uint8 pwd[16]; /* new password - undocumented. */
+
+} NET_Q_SRV_PWSET;
+
+/* NET_R_SRV_PWSET */
+typedef struct net_r_srv_pwset_info
+{
+ DOM_CRED srv_cred; /* server-calculated credentials */
+
+ uint32 status; /* return code */
+
+} NET_R_SRV_PWSET;
+
+/* NET_ID_INFO_2 */
+typedef struct net_network_info_2
+{
+ uint32 ptr_id_info2; /* pointer to id_info_2 */
+ UNIHDR hdr_domain_name; /* domain name unicode header */
+ uint32 param_ctrl; /* param control (0x2) */
+ DOM_LOGON_ID logon_id; /* logon ID */
+ UNIHDR hdr_user_name; /* user name unicode header */
+ UNIHDR hdr_wksta_name; /* workstation name unicode header */
+ uint8 lm_chal[8]; /* lan manager 8 byte challenge */
+ STRHDR hdr_nt_chal_resp; /* nt challenge response */
+ STRHDR hdr_lm_chal_resp; /* lm challenge response */
+
+ UNISTR2 uni_domain_name; /* domain name unicode string */
+ UNISTR2 uni_user_name; /* user name unicode string */
+ UNISTR2 uni_wksta_name; /* workgroup name unicode string */
+ STRING2 nt_chal_resp; /* nt challenge response */
+ STRING2 lm_chal_resp; /* lm challenge response */
+
+} NET_ID_INFO_2;
+
+/* NET_ID_INFO_1 */
+typedef struct id_info_1
+{
+ uint32 ptr_id_info1; /* pointer to id_info_1 */
+ UNIHDR hdr_domain_name; /* domain name unicode header */
+ uint32 param_ctrl; /* param control */
+ DOM_LOGON_ID logon_id; /* logon ID */
+ UNIHDR hdr_user_name; /* user name unicode header */
+ UNIHDR hdr_wksta_name; /* workstation name unicode header */
+ ARC4_OWF arc4_lm_owf; /* arc4 LM OWF Password */
+ ARC4_OWF arc4_nt_owf; /* arc4 NT OWF Password */
+ UNISTR2 uni_domain_name; /* domain name unicode string */
+ UNISTR2 uni_user_name; /* user name unicode string */
+ UNISTR2 uni_wksta_name; /* workgroup name unicode string */
+
+} NET_ID_INFO_1;
+
+/* NET_ID_INFO_CTR */
+typedef struct net_id_info_ctr_info
+{
+ uint16 switch_value;
+
+ union
+ {
+ NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
+ NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
+
+ } auth;
+
+} NET_ID_INFO_CTR;
+
+/* SAM_INFO - sam logon/off id structure */
+typedef struct sam_info
+{
+ DOM_CLNT_INFO2 client;
+ uint32 ptr_rtn_cred; /* pointer to return credentials */
+ DOM_CRED rtn_cred; /* return credentials */
+ uint16 logon_level;
+ NET_ID_INFO_CTR *ctr;
+ uint16 validation_level;
+
+} DOM_SAM_INFO;
+
+/* NET_Q_SAM_LOGON */
+typedef struct net_q_sam_logon_info
+{
+ DOM_SAM_INFO sam_id;
+
+} NET_Q_SAM_LOGON;
+
+/* NET_R_SAM_LOGON */
+typedef struct net_r_sam_logon_info
+{
+ uint32 buffer_creds; /* undocumented buffer pointer */
+ DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
+
+ uint16 switch_value; /* 3 - indicates type of USER INFO */
+ NET_USER_INFO_3 *user;
+
+ uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
+
+ uint32 status; /* return code */
+
+} NET_R_SAM_LOGON;
+
+
+/* NET_Q_SAM_LOGOFF */
+typedef struct net_q_sam_logoff_info
+{
+ DOM_SAM_INFO sam_id;
+
+} NET_Q_SAM_LOGOFF;
+
+/* NET_R_SAM_LOGOFF */
+typedef struct net_r_sam_logoff_info
+{
+ uint32 buffer_creds; /* undocumented buffer pointer */
+ DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
+
+ uint32 status; /* return code */
+
+} NET_R_SAM_LOGOFF;
+
+
+#endif /* _RPC_NETLOGON_H */
+
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ SMB parameters and setup
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _RPC_REG_H /* _RPC_REG_H */
+#define _RPC_REG_H
+
+
+/* winreg pipe defines */
+#define REG_OPEN_POLICY 0x02
+#define REG_OPEN_ENTRY 0x0f
+#define REG_INFO 0x11
+#define REG_CLOSE 0x05
+
+/* REG_Q_OPEN_POLICY */
+typedef struct q_reg_open_policy_info
+{
+ uint32 ptr;
+ uint16 unknown_0; /* 0x5da0 - 16 bit unknown */
+ uint32 level; /* 0x0000 0001 - 32 bit unknown */
+ uint16 unknown_1; /* 0x0200 - 16 bit unknown */
+
+} REG_Q_OPEN_POLICY;
+
+/* REG_R_OPEN_POLICY */
+typedef struct r_reg_open_policy_info
+{
+ POLICY_HND pol; /* policy handle */
+ uint32 status; /* return status */
+
+} REG_R_OPEN_POLICY;
+
+
+/* REG_Q_CLOSE */
+typedef struct reg_q_close_info
+{
+ POLICY_HND pol; /* policy handle */
+
+} REG_Q_CLOSE;
+
+/* REG_R_CLOSE */
+typedef struct reg_r_close_info
+{
+ POLICY_HND pol; /* policy handle. should be all zeros. */
+
+ uint32 status; /* return code */
+
+} REG_R_CLOSE;
+
+
+/* REG_Q_INFO */
+typedef struct q_reg_info_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ UNIHDR hdr_type; /* unicode product type header */
+ UNISTR2 uni_type; /* unicode product type - "ProductType" */
+
+ uint32 ptr1; /* pointer */
+ NTTIME time; /* current time? */
+ uint8 major_version1; /* 0x4 - os major version? */
+ uint8 minor_version1; /* 0x1 - os minor version? */
+ uint8 pad1[10]; /* padding - zeros */
+
+ uint32 ptr2; /* pointer */
+ uint8 major_version2; /* 0x4 - os major version? */
+ uint8 minor_version2; /* 0x1 - os minor version? */
+ uint8 pad2[2]; /* padding - zeros */
+
+ uint32 ptr3; /* pointer */
+ uint32 unknown; /* 0x0000 0000 */
+
+} REG_Q_INFO;
+
+/* REG_R_INFO */
+typedef struct r_reg_info_info
+{
+ uint32 ptr1; /* buffer pointer */
+ uint32 level; /* 0x1 - info level? */
+
+ uint32 ptr_type; /* pointer to o/s type */
+ UNINOTSTR2 uni_type; /* unicode string o/s type - "LanmanNT" */
+
+ uint32 ptr2; /* pointer to unknown_0 */
+ uint32 unknown_0; /* 0x12 */
+
+ uint32 ptr3; /* pointer to unknown_1 */
+ uint32 unknown_1; /* 0x12 */
+
+ uint32 status; /* return status */
+
+} REG_R_INFO;
+
+
+/* REG_Q_OPEN_ENTRY */
+typedef struct q_reg_open_entry_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ UNIHDR hdr_name; /* unicode registry string header */
+ UNISTR2 uni_name; /* unicode registry string name */
+
+ uint32 unknown_0; /* 32 bit unknown - 0x0000 0000 */
+ uint16 unknown_1; /* 16 bit unknown - 0x0000 */
+ uint16 unknown_2; /* 16 bit unknown - 0x0200 */
+
+} REG_Q_OPEN_ENTRY;
+
+
+
+/* REG_R_OPEN_ENTRY */
+typedef struct r_reg_open_entry_info
+{
+ POLICY_HND pol; /* policy handle */
+ uint32 status; /* return status */
+
+} REG_R_OPEN_ENTRY;
+
+
+
+#endif /* _RPC_REG_H */
+
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ SMB parameters and setup
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _RPC_SAMR_H /* _RPC_SAMR_H */
+#define _RPC_SAMR_H
+
+
+#include "rpc_misc.h"
+
+
+/*******************************************************************
+ the following information comes from a QuickView on samsrv.dll,
+ and gives an idea of exactly what is needed:
+
+SamrAddMemberToAlias
+SamrAddMemberToGroup
+SamrAddMultipleMembersToAlias
+SamrChangePasswordUser
+x SamrCloseHandle
+x SamrConnect
+SamrCreateAliasInDomain
+SamrCreateGroupInDomain
+SamrCreateUserInDomain
+SamrDeleteAlias
+SamrDeleteGroup
+SamrDeleteUser
+x SamrEnumerateAliasesInDomain
+SamrEnumerateDomainsInSamServer
+x SamrEnumerateGroupsInDomain
+x SamrEnumerateUsersInDomain
+SamrGetUserDomainPasswordInformation
+SamrLookupDomainInSamServer
+? SamrLookupIdsInDomain
+x SamrLookupNamesInDomain
+x SamrOpenAlias
+x SamrOpenDomain
+SamrOpenGroup
+x SamrOpenUser
+x SamrQueryDisplayInformation
+x SamrQueryInformationAlias
+SamrQueryInformationDomain
+? SamrQueryInformationUser
+SamrQuerySecurityObject
+SamrRemoveMemberFromAlias
+SamrRemoveMemberFromForiegnDomain
+SamrRemoveMemberFromGroup
+SamrRemoveMultipleMembersFromAlias
+SamrSetInformationAlias
+SamrSetInformationDomain
+SamrSetInformationGroup
+SamrSetInformationUser
+SamrSetMemberAttributesOfGroup
+SamrSetSecurityObject
+SamrShutdownSamServer
+SamrTestPrivateFunctionsDomain
+SamrTestPrivateFunctionsUser
+
+********************************************************************/
+
+#define SAMR_CLOSE_HND 0x01
+#define SAMR_OPEN_DOMAIN 0x07
+#define SAMR_UNKNOWN_8 0x08
+#define SAMR_LOOKUP_IDS 0x10
+#define SAMR_LOOKUP_NAMES 0x11
+#define SAMR_UNKNOWN_3 0x03
+#define SAMR_QUERY_DISPINFO 0x28
+#define SAMR_OPEN_USER 0x22
+#define SAMR_QUERY_USERINFO 0x24
+#define SAMR_QUERY_USERGROUPS 0x27
+#define SAMR_UNKNOWN_12 0x12
+#define SAMR_UNKNOWN_21 0x21
+#define SAMR_UNKNOWN_32 0x32
+#define SAMR_UNKNOWN_34 0x34
+#define SAMR_CONNECT 0x39
+#define SAMR_OPEN_ALIAS 0x1b
+#define SAMR_QUERY_ALIASINFO 0x1c
+#define SAMR_ENUM_DOM_USERS 0x0d
+#define SAMR_ENUM_DOM_ALIASES 0x0f
+#define SAMR_ENUM_DOM_GROUPS 0x30
+
+
+typedef struct logon_hours_info
+{
+ uint32 len; /* normally 21 bytes */
+ uint8 hours[32];
+
+} LOGON_HRS;
+
+/* SAM_USER_INFO_21 */
+typedef struct sam_user_info_21
+{
+ NTTIME logon_time; /* logon time */
+ NTTIME logoff_time; /* logoff time */
+ NTTIME kickoff_time; /* kickoff time */
+ NTTIME pass_last_set_time; /* password last set time */
+ NTTIME pass_can_change_time; /* password can change time */
+ NTTIME pass_must_change_time; /* password must change time */
+
+ UNIHDR hdr_user_name; /* username unicode string header */
+ UNIHDR hdr_full_name; /* user's full name unicode string header */
+ UNIHDR hdr_home_dir; /* home directory unicode string header */
+ UNIHDR hdr_dir_drive; /* home drive unicode string header */
+ UNIHDR hdr_logon_script; /* logon script unicode string header */
+ UNIHDR hdr_profile_path; /* profile path unicode string header */
+ UNIHDR hdr_acct_desc ; /* user description */
+ UNIHDR hdr_workstations; /* comma-separated workstations user can log in from */
+ UNIHDR hdr_unknown_str ; /* don't know what this is, yet. */
+ UNIHDR hdr_munged_dial ; /* munged path name and dial-back tel number */
+
+ uint8 lm_pwd[16]; /* lm user passwords */
+ uint8 nt_pwd[16]; /* nt user passwords */
+
+ uint32 user_rid; /* Primary User ID */
+ uint32 group_rid; /* Primary Group ID */
+
+ uint16 acb_info; /* account info (ACB_xxxx bit-mask) */
+ /* uint8 pad[2] */
+
+ uint32 unknown_3; /* 0x00ff ffff */
+
+ uint16 logon_divs; /* 0x0000 00a8 which is 168 which is num hrs in a week */
+ /* uint8 pad[2] */
+ uint32 ptr_logon_hrs; /* unknown pointer */
+
+ uint32 unknown_5; /* 0x0002 0000 */
+
+ uint8 padding1[8];
+
+ UNISTR2 uni_user_name; /* username unicode string */
+ UNISTR2 uni_full_name; /* user's full name unicode string */
+ UNISTR2 uni_home_dir; /* home directory unicode string */
+ UNISTR2 uni_dir_drive; /* home directory drive unicode string */
+ UNISTR2 uni_logon_script; /* logon script unicode string */
+ UNISTR2 uni_profile_path; /* profile path unicode string */
+ UNISTR2 uni_acct_desc ; /* user description unicode string */
+ UNISTR2 uni_workstations; /* login from workstations unicode string */
+ UNISTR2 uni_unknown_str ; /* don't know what this is, yet. */
+ UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel number */
+
+ uint32 unknown_6; /* 0x0000 04ec */
+ uint32 padding4;
+
+ LOGON_HRS logon_hrs;
+
+} SAM_USER_INFO_21;
+
+
+/* SAM_USER_INFO_11 */
+typedef struct sam_user_info_11
+{
+ uint8 padding_0[16]; /* 0 - padding 16 bytes */
+ NTTIME expiry; /* expiry time or something? */
+ uint8 padding_1[24]; /* 0 - padding 24 bytes */
+
+ UNIHDR hdr_mach_acct; /* unicode header for machine account */
+ uint32 padding_2; /* 0 - padding 4 bytes */
+
+ uint32 ptr_1; /* pointer */
+ uint8 padding_3[32]; /* 0 - padding 32 bytes */
+ uint32 padding_4; /* 0 - padding 4 bytes */
+
+ uint32 ptr_2; /* pointer */
+ uint32 padding_5; /* 0 - padding 4 bytes */
+
+ uint32 ptr_3; /* pointer */
+ uint8 padding_6[32]; /* 0 - padding 32 bytes */
+
+ uint32 rid_user; /* user RID */
+ uint32 rid_group; /* group RID */
+
+ uint16 acct_ctrl; /* 0080 - ACB_XXXX */
+ uint16 unknown_3; /* 16 bit padding */
+
+ uint16 unknown_4; /* 0x003f - 16 bit unknown */
+ uint16 unknown_5; /* 0x003c - 16 bit unknown */
+
+ uint8 padding_7[16]; /* 0 - padding 16 bytes */
+ uint32 padding_8; /* 0 - padding 4 bytes */
+
+ UNISTR2 uni_mach_acct; /* unicode string for machine account */
+
+ uint8 padding_9[48]; /* 0 - padding 48 bytes */
+
+} SAM_USER_INFO_11;
+
+
+/* SAM_USER_INFO_10 */
+typedef struct sam_user_info_10
+{
+ uint32 rid_group;
+
+} SAM_USER_INFO_10;
+
+
+
+/* SAMR_Q_CLOSE_HND - probably a policy handle close */
+typedef struct q_samr_close_hnd_info
+{
+ POLICY_HND pol; /* policy handle */
+
+} SAMR_Q_CLOSE_HND;
+
+
+/* SAMR_R_CLOSE_HND - probably a policy handle close */
+typedef struct r_samr_close_hnd_info
+{
+ POLICY_HND pol; /* policy handle */
+ uint32 status; /* return status */
+
+} SAMR_R_CLOSE_HND;
+
+
+/****************************************************************************
+SAMR_Q_UNKNOWN_3 - info level 4. returns SIDs.
+*****************************************************************************/
+
+/* SAMR_Q_UNKNOWN_3 - probably get domain info... */
+typedef struct q_samr_unknown_3_info
+{
+ POLICY_HND user_pol; /* policy handle */
+ uint16 switch_value; /* 0x0000 0004 */
+ /* uint8 pad[2] */
+
+} SAMR_Q_UNKNOWN_3;
+
+/* DOM_SID3 example:
+ 0x14 0x035b 0x0002 S-1-1
+ 0x18 0x07ff 0x000f S-1-5-20-DOMAIN_ALIAS_RID_ADMINS
+ 0x18 0x07ff 0x000f S-1-5-20-DOMAIN_ALIAS_RID_ACCOUNT_OPS
+ 0x24 0x0044 0x0002 S-1-5-21-nnn-nnn-nnn-0x03f1
+ */
+
+/* DOM_SID3 example:
+ 0x24 0x0044 0x0002 S-1-5-21-nnn-nnn-nnn-0x03ee
+ 0x18 0x07ff 0x000f S-1-5-20-DOMAIN_ALIAS_RID_ADMINS
+ 0x14 0x035b 0x0002 S-1-1
+ */
+
+/* DOM_SID3 - security id */
+typedef struct sid_info_3
+{
+ uint16 len; /* length, bytes, including length of len :-) */
+ /* uint8 pad[2]; */
+
+ DOM_SID sid;
+
+} DOM_SID3;
+
+
+#define MAX_SAM_SIDS 15
+
+/* SAM_SID_STUFF */
+typedef struct sid_stuff_info
+{
+ uint16 unknown_2; /* 0x0001 */
+ uint16 unknown_3; /* 0x8004 */
+
+ uint8 padding1[8];
+
+ uint32 unknown_4; /* 0x0000 0014 */
+ uint32 unknown_5; /* 0x0000 0014 */
+
+ uint16 unknown_6; /* 0x0002 */
+ uint16 unknown_7; /* 0x5800 */
+
+ uint32 num_sids;
+
+ uint16 padding2;
+
+ DOM_SID3 sid[MAX_SAM_SIDS];
+
+} SAM_SID_STUFF;
+
+/* SAMR_R_UNKNOWN_3 - probably an open */
+typedef struct r_samr_unknown_3_info
+{
+ uint32 ptr_0;
+ uint32 sid_stuff_len0;
+
+ uint32 ptr_1;
+ uint32 sid_stuff_len1;
+
+ SAM_SID_STUFF sid_stuff;
+
+ uint32 status; /* return status */
+
+} SAMR_R_UNKNOWN_3;
+
+
+/****************************************************************************
+SAMR_Q_UNKNOWN_8 - probably a query on domain group info.
+*****************************************************************************/
+
+/* SAMR_Q_UNKNOWN_8 - */
+typedef struct q_samr_unknown_8_info
+{
+ POLICY_HND domain_pol; /* policy handle */
+ uint16 switch_value; /* 0x0002 */
+
+} SAMR_Q_UNKNOWN_8;
+
+typedef struct sam_unkown_info_2_info
+{
+ uint32 unknown_0; /* 0x0000 0000 */
+ uint32 unknown_1; /* 0x0000 0000 */
+ uint32 unknown_2; /* 0x8000 0000 */
+ uint32 unknown_3; /* 0x0000 0000 */
+
+ uint32 ptr_0; /* pointer to unknown structure */
+ UNIHDR hdr_domain; /* domain name unicode header */
+ UNIHDR hdr_server; /* server name unicode header */
+
+ /* put all the data in here, at the moment, including what the above
+ pointer is referring to
+ */
+
+ uint32 unknown_4; /* 0x0000 0099 */
+ uint32 unknown_5; /* 0x0000 0000 */
+
+ uint32 unknown_6 ; /* 0x0000 0001 */
+ uint32 unknown_7 ; /* 0x0000 0003 */
+ uint32 unknown_8 ; /* 0x0000 0001 */
+ uint32 unknown_9 ; /* 0x0000 0008 */
+ uint32 unknown_10; /* 0x0000 0003 */
+
+ uint8 padding[16]; /* 16 bytes zeros */
+
+ UNISTR2 uni_domain; /* domain name unicode string */
+ UNISTR2 uni_server; /* server name unicode string */
+
+} SAM_UNK_INFO_2;
+
+
+typedef struct sam_unknown_ctr_info
+{
+ union
+ {
+ SAM_UNK_INFO_2 inf2;
+
+ } info;
+
+} SAM_UNK_CTR;
+
+
+/* SAMR_R_UNKNOWN_8 - */
+typedef struct r_samr_unknown_8_info
+{
+ uint32 ptr_1;
+ uint16 switch_value; /* same as in query */
+
+ SAM_UNK_CTR *ctr;
+
+ uint32 status; /* return status */
+
+} SAMR_R_UNKNOWN_8;
+
+
+/****************************************************************************
+SAMR_Q_OPEN_DOMAIN - unknown_0 values seen associated with SIDs:
+
+0x0000 03f1 and a specific domain sid - S-1-5-21-44c01ca6-797e5c3d-33f83fd0
+0x0000 0200 and a specific domain sid - S-1-5-21-44c01ca6-797e5c3d-33f83fd0
+*****************************************************************************/
+
+/* SAMR_Q_OPEN_DOMAIN */
+typedef struct q_samr_open_domain_info
+{
+ POLICY_HND connect_pol; /* policy handle */
+ uint32 rid; /* 0x2000 0000; 0x0000 0211; 0x0000 0280; 0x0000 0200 - a RID? */
+ DOM_SID2 dom_sid; /* domain SID */
+
+} SAMR_Q_OPEN_DOMAIN;
+
+
+/* SAMR_R_OPEN_DOMAIN - probably an open */
+typedef struct r_samr_open_domain_info
+{
+ POLICY_HND domain_pol; /* policy handle associated with the SID */
+ uint32 status; /* return status */
+
+} SAMR_R_OPEN_DOMAIN;
+
+
+#define MAX_SAM_ENTRIES 250
+
+typedef struct samr_entry_info
+{
+ uint32 rid;
+ UNIHDR hdr_name;
+
+} SAM_ENTRY;
+
+/* SAMR_Q_ENUM_DOM_USERS - SAM rids and names */
+typedef struct q_samr_enum_dom_users_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ uint16 req_num_entries; /* number of values (0 indicates unlimited?) */
+ uint16 unknown_0; /* enumeration context? */
+ uint16 acb_mask; /* 0x0000 indicates all */
+ uint16 unknown_1; /* 0x0000 */
+
+ uint32 max_size; /* 0x0000 ffff */
+
+} SAMR_Q_ENUM_DOM_USERS;
+
+
+/* SAMR_R_ENUM_DOM_USERS - SAM rids and names */
+typedef struct r_samr_enum_dom_users_info
+{
+ uint16 total_num_entries; /* number of entries that match without the acb mask */
+ uint16 unknown_0; /* same as unknown_0 (enum context?) in request */
+ uint32 ptr_entries1; /* actual number of entries to follow, having masked some out */
+
+ uint32 num_entries2;
+ uint32 ptr_entries2;
+
+ uint32 num_entries3;
+
+ SAM_ENTRY sam[MAX_SAM_ENTRIES];
+ UNISTR2 uni_acct_name[MAX_SAM_ENTRIES];
+
+ uint32 num_entries4;
+
+ uint32 status;
+
+} SAMR_R_ENUM_DOM_USERS;
+
+
+typedef struct samr_entry_info3
+{
+ uint32 grp_idx;
+
+ uint32 rid_grp;
+ uint32 attr;
+
+ UNIHDR hdr_grp_name;
+ UNIHDR hdr_grp_desc;
+
+} SAM_ENTRY3;
+
+typedef struct samr_str_entry_info3
+{
+ UNISTR2 uni_grp_name;
+ UNISTR2 uni_grp_desc;
+
+} SAM_STR3;
+
+/* SAMR_Q_ENUM_DOM_GROUPS - SAM rids and names */
+typedef struct q_samr_enum_dom_groups_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ /* these are possibly an enumeration context handle... */
+ uint16 switch_level; /* 0x0003 */
+ uint16 unknown_0; /* 0x0000 */
+ uint32 start_idx; /* presumably the start enumeration index */
+ uint32 unknown_1; /* 0x0000 07d0 */
+
+ uint32 max_size; /* 0x0000 7fff */
+
+} SAMR_Q_ENUM_DOM_GROUPS;
+
+
+/* SAMR_R_ENUM_DOM_GROUPS - SAM rids and names */
+typedef struct r_samr_enum_dom_groups_info
+{
+ uint32 unknown_0; /* 0x0000 0492 or 0x0000 00be */
+ uint32 unknown_1; /* 0x0000 049a or 0x0000 00be */
+ uint32 switch_level; /* 0x0000 0003 */
+
+ uint32 num_entries;
+ uint32 ptr_entries;
+
+ uint32 num_entries2;
+
+ SAM_ENTRY3 sam[MAX_SAM_ENTRIES];
+ SAM_STR3 str[MAX_SAM_ENTRIES];
+
+ uint32 status;
+
+} SAMR_R_ENUM_DOM_GROUPS;
+
+
+
+/* SAMR_Q_ENUM_DOM_ALIASES - SAM rids and names */
+typedef struct q_samr_enum_dom_aliases_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ /* this is possibly an enumeration context handle... */
+ uint32 unknown_0; /* 0x0000 0000 */
+
+ uint32 max_size; /* 0x0000 ffff */
+
+} SAMR_Q_ENUM_DOM_ALIASES;
+
+/* SAMR_R_ENUM_DOM_ALIASES - SAM rids and names */
+typedef struct r_samr_enum_dom_aliases_info
+{
+ uint32 num_entries;
+ uint32 ptr_entries;
+
+ uint32 num_entries2;
+ uint32 ptr_entries2;
+
+ uint32 num_entries3;
+
+ SAM_ENTRY sam[MAX_SAM_ENTRIES];
+ UNISTR2 uni_grp_name[MAX_SAM_ENTRIES];
+
+ uint32 num_entries4;
+
+ uint32 status;
+
+} SAMR_R_ENUM_DOM_ALIASES;
+
+
+
+/* SAMR_Q_QUERY_DISPINFO - SAM rids, names and descriptions */
+typedef struct q_samr_query_disp_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ uint16 switch_level; /* 0x0001 and 0x0002 seen */
+ uint16 unknown_0; /* 0x0000 and 0x2000 seen */
+ uint32 start_idx; /* presumably the start enumeration index */
+ uint32 unknown_1; /* 0x0000 07d0, 0x0000 0400 and 0x0000 0200 seen */
+
+ uint32 max_size; /* 0x0000 7fff, 0x0000 7ffe and 0x0000 3fff seen*/
+
+} SAMR_Q_QUERY_DISPINFO;
+
+typedef struct samr_entry_info1
+{
+ uint32 user_idx;
+
+ uint32 rid_user;
+ uint16 acb_info;
+ uint16 pad;
+
+ UNIHDR hdr_acct_name;
+ UNIHDR hdr_user_name;
+ UNIHDR hdr_user_desc;
+
+} SAM_ENTRY1;
+
+typedef struct samr_str_entry_info1
+{
+ UNISTR2 uni_acct_name;
+ UNISTR2 uni_full_name;
+ UNISTR2 uni_acct_desc;
+
+} SAM_STR1;
+
+typedef struct sam_entry_info_1
+{
+ uint32 num_entries;
+ uint32 ptr_entries;
+ uint32 num_entries2;
+
+ SAM_ENTRY1 sam[MAX_SAM_ENTRIES];
+ SAM_STR1 str[MAX_SAM_ENTRIES];
+
+
+} SAM_INFO_1;
+
+typedef struct samr_entry_info2
+{
+ uint32 user_idx;
+
+ uint32 rid_user;
+ uint16 acb_info;
+ uint16 pad;
+
+ UNIHDR hdr_srv_name;
+ UNIHDR hdr_srv_desc;
+
+} SAM_ENTRY2;
+
+typedef struct samr_str_entry_info2
+{
+ UNISTR2 uni_srv_name;
+ UNISTR2 uni_srv_desc;
+
+} SAM_STR2;
+
+typedef struct sam_entry_info_2
+{
+ uint32 num_entries;
+ uint32 ptr_entries;
+ uint32 num_entries2;
+
+ SAM_ENTRY2 sam[MAX_SAM_ENTRIES];
+ SAM_STR2 str[MAX_SAM_ENTRIES];
+
+} SAM_INFO_2;
+
+typedef struct sam_info_ctr_info
+{
+ union
+ {
+ SAM_INFO_1 *info1; /* server info */
+ SAM_INFO_2 *info2; /* user info */
+ void *info; /* allows assignment without typecasting, */
+
+ } sam;
+
+} SAM_INFO_CTR;
+
+/* SAMR_R_QUERY_DISPINFO - SAM rids, names and descriptions */
+typedef struct r_samr_query_dispinfo_info
+{
+ uint32 unknown_0; /* container length? 0x0000 0492 or 0x0000 00be */
+ uint32 unknown_1; /* container length? 0x0000 049a or 0x0000 00be */
+ uint16 switch_level; /* 0x0001 or 0x0002 */
+ /*uint8 pad[2] */
+
+ SAM_INFO_CTR *ctr;
+
+ uint32 status;
+
+} SAMR_R_QUERY_DISPINFO;
+
+
+
+/* SAMR_Q_QUERY_ALIASINFO - SAM Alias Info */
+typedef struct q_samr_enum_alias_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ uint16 switch_level; /* 0x0003 seen */
+
+} SAMR_Q_QUERY_ALIASINFO;
+
+typedef struct samr_alias_info3
+{
+ UNIHDR hdr_acct_desc;
+ UNISTR2 uni_acct_desc;
+
+} ALIAS_INFO3;
+
+/* SAMR_R_QUERY_ALIASINFO - SAM rids, names and descriptions */
+typedef struct r_samr_query_aliasinfo_info
+{
+ uint32 ptr;
+ uint16 switch_value; /* 0x0003 */
+ /* uint8[2] padding */
+
+ union
+ {
+ ALIAS_INFO3 info3;
+
+ } alias;
+
+ uint32 status;
+
+} SAMR_R_QUERY_ALIASINFO;
+
+
+/* SAMR_Q_QUERY_USERGROUPS - */
+typedef struct q_samr_query_usergroup_info
+{
+ POLICY_HND pol; /* policy handle associated with unknown id */
+
+} SAMR_Q_QUERY_USERGROUPS;
+
+/* SAMR_R_QUERY_USERGROUPS - probably a get sam info */
+typedef struct r_samr_query_usergroup_info
+{
+ uint32 ptr_0; /* pointer */
+ uint32 num_entries; /* number of RID groups */
+ uint32 ptr_1; /* pointer */
+ uint32 num_entries2; /* number of RID groups */
+
+ DOM_GID *gid; /* group info */
+
+ uint32 status; /* return status */
+
+} SAMR_R_QUERY_USERGROUPS;
+
+
+/* SAMR_Q_QUERY_USERINFO - probably a get sam info */
+typedef struct q_samr_query_user_info
+{
+ POLICY_HND pol; /* policy handle associated with unknown id */
+ uint16 switch_value; /* 0x0015, 0x0011 or 0x0010 - 16 bit unknown */
+
+} SAMR_Q_QUERY_USERINFO;
+
+/* SAMR_R_QUERY_USERINFO - probably a get sam info */
+typedef struct r_samr_query_user_info
+{
+ uint32 ptr; /* pointer */
+ uint16 switch_value; /* 0x0015, 0x0011 or 0x0010 - same as in query */
+ /* uint8[2] padding. */
+
+ union
+ {
+ SAM_USER_INFO_10 *id10; /* auth-level 0x10 */
+ SAM_USER_INFO_11 *id11; /* auth-level 0x11 */
+ SAM_USER_INFO_21 *id21; /* auth-level 21 */
+ void* id; /* to make typecasting easy */
+
+ } info;
+
+ uint32 status; /* return status */
+
+} SAMR_R_QUERY_USERINFO;
+
+
+/****************************************************************************
+SAMR_Q_LOOKUP_IDS - do a conversion from name to RID.
+
+the policy handle allocated by an "samr open secret" call is associated
+with a SID. this policy handle is what is queried here, *not* the SID
+itself. the response to the lookup rids is relative to this SID.
+*****************************************************************************/
+/* SAMR_Q_LOOKUP_IDS */
+typedef struct q_samr_lookup_ids_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ uint32 num_sids1; /* number of rids being looked up */
+ uint32 ptr; /* buffer pointer */
+ uint32 num_sids2; /* number of rids being looked up */
+
+ uint32 ptr_sid[MAX_LOOKUP_SIDS]; /* pointers to sids to be looked up */
+ DOM_SID2 sid [MAX_LOOKUP_SIDS]; /* sids to be looked up. */
+
+} SAMR_Q_LOOKUP_IDS;
+
+
+/* SAMR_R_LOOKUP_IDS */
+typedef struct r_samr_lookup_ids_info
+{
+ uint32 num_entries;
+ uint32 ptr; /* undocumented buffer pointer */
+
+ uint32 num_entries2;
+ uint32 rid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */
+
+ uint32 status; /* return code */
+
+} SAMR_R_LOOKUP_IDS;
+
+
+/****************************************************************************
+SAMR_Q_LOOKUP_NAMES - do a conversion from SID to RID.
+
+the policy handle allocated by an "samr open secret" call is associated
+with a SID. this policy handle is what is queried here, *not* the SID
+itself. the response to the lookup rids is relative to this SID.
+*****************************************************************************/
+/* SAMR_Q_LOOKUP_NAMES */
+typedef struct q_samr_lookup_names_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ uint32 num_rids1; /* number of rids being looked up */
+ uint32 rid; /* 0x0000 03e8 - RID of the server doing the query? */
+ uint32 ptr; /* 0x0000 0000 - 32 bit unknown */
+ uint32 num_rids2; /* number of rids being looked up */
+
+ UNIHDR hdr_user_name[MAX_LOOKUP_SIDS]; /* unicode account name header */
+ UNISTR2 uni_user_name[MAX_LOOKUP_SIDS]; /* unicode account name string */
+
+} SAMR_Q_LOOKUP_NAMES;
+
+
+/* SAMR_R_LOOKUP_NAMES */
+typedef struct r_samr_lookup_names_info
+{
+ uint32 num_entries;
+ uint32 undoc_buffer; /* undocumented buffer pointer */
+
+ uint32 num_entries2;
+ DOM_RID3 dom_rid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */
+
+ uint32 num_entries3;
+
+ uint32 status; /* return code */
+
+} SAMR_R_LOOKUP_NAMES;
+
+
+/****************************************************************************
+SAMR_Q_UNKNOWN_12 - do a conversion from RID groups to something.
+
+called to resolve domain RID groups.
+*****************************************************************************/
+/* SAMR_Q_UNKNOWN_12 */
+typedef struct q_samr_unknown_12_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ uint32 num_gids1; /* number of rids being looked up */
+ uint32 rid; /* 0x0000 03e8 - RID of the server doing the query? */
+ uint32 ptr; /* 0x0000 0000 - 32 bit unknown */
+ uint32 num_gids2; /* number of rids being looked up */
+
+ uint32 gid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */
+
+} SAMR_Q_UNKNOWN_12;
+
+
+/****************************************************************************
+SAMR_R_UNKNOWN_12 - do a conversion from group RID to names
+
+*****************************************************************************/
+/* SAMR_R_UNKNOWN_12 */
+typedef struct r_samr_unknown_12_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ uint32 num_aliases1; /* number of aliases being looked up */
+ uint32 ptr_aliases; /* pointer to aliases */
+ uint32 num_aliases2; /* number of aliases being looked up */
+
+ UNIHDR hdr_als_name[MAX_LOOKUP_SIDS]; /* unicode account name header */
+ UNISTR2 uni_als_name[MAX_LOOKUP_SIDS]; /* unicode account name string */
+
+ uint32 num_als_usrs1; /* number of users in aliases being looked up */
+ uint32 ptr_als_usrs; /* pointer to users in aliases */
+ uint32 num_als_usrs2; /* number of users in aliases being looked up */
+
+ uint32 num_als_usrs[MAX_LOOKUP_SIDS]; /* number of users per group */
+
+ uint32 status;
+
+} SAMR_R_UNKNOWN_12;
+
+
+/* SAMR_Q_OPEN_USER - probably an open */
+typedef struct q_samr_open_user_info
+{
+ POLICY_HND domain_pol; /* policy handle */
+ uint32 unknown_0; /* 32 bit unknown - 0x02011b */
+ uint32 user_rid; /* user RID */
+
+} SAMR_Q_OPEN_USER;
+
+
+/* SAMR_R_OPEN_USER - probably an open */
+typedef struct r_samr_open_user_info
+{
+ POLICY_HND user_pol; /* policy handle associated with unknown id */
+ uint32 status; /* return status */
+
+} SAMR_R_OPEN_USER;
+
+
+/* SAMR_Q_UNKNOWN_13 - probably an open alias in domain */
+typedef struct q_samr_unknown_13_info
+{
+ POLICY_HND alias_pol; /* policy handle */
+
+ uint16 unknown_1; /* 16 bit unknown - 0x0200 */
+ uint16 unknown_2; /* 16 bit unknown - 0x0000 */
+
+} SAMR_Q_UNKNOWN_13;
+
+
+/* SAMR_Q_UNKNOWN_21 - probably an open group in domain */
+typedef struct q_samr_unknown_21_info
+{
+ POLICY_HND group_pol; /* policy handle */
+
+ uint16 unknown_1; /* 16 bit unknown - 0x0477 */
+ uint16 unknown_2; /* 16 bit unknown - 0x0000 */
+
+} SAMR_Q_UNKNOWN_21;
+
+
+/* SAMR_Q_UNKNOWN_32 - probably a "create SAM entry" */
+typedef struct q_samr_unknown_32_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ UNIHDR hdr_mach_acct; /* unicode machine account name header */
+ UNISTR2 uni_mach_acct; /* unicode machine account name */
+
+ uint32 acct_ctrl; /* 32 bit ACB_XXXX */
+ uint16 unknown_1; /* 16 bit unknown - 0x00B0 */
+ uint16 unknown_2; /* 16 bit unknown - 0xe005 */
+
+} SAMR_Q_UNKNOWN_32;
+
+
+/* SAMR_R_UNKNOWN_32 - probably a "create SAM entry" */
+typedef struct r_samr_unknown_32_info
+{
+ POLICY_HND pol; /* policy handle */
+
+ /* rid4.unknown - fail: 0030 success: 0x03ff */
+ DOM_RID4 rid4; /* rid and attributes */
+
+ uint32 status; /* return status - fail: 0xC000 0099: user exists */
+
+} SAMR_R_UNKNOWN_32;
+
+
+/* SAMR_Q_OPEN_ALIAS - probably an open */
+typedef struct q_samr_open_alias_info
+{
+ uint32 unknown_0; /* 0x0000 0008 */
+ uint32 rid_alias; /* rid */
+
+} SAMR_Q_OPEN_ALIAS;
+
+
+/* SAMR_R_OPEN_ALIAS - probably an open */
+typedef struct r_samr_open_alias_info
+{
+ POLICY_HND pol; /* policy handle */
+ uint32 status; /* return status */
+
+} SAMR_R_OPEN_ALIAS;
+
+
+/* SAMR_Q_CONNECT - probably an open */
+typedef struct q_samr_connect_info
+{
+ uint32 ptr_srv_name; /* pointer (to server name?) */
+ UNISTR2 uni_srv_name; /* unicode server name starting with '\\' */
+
+ uint32 unknown_0; /* 32 bit unknown */
+
+} SAMR_Q_CONNECT;
+
+
+/* SAMR_R_CONNECT - probably an open */
+typedef struct r_samr_connect_info
+{
+ POLICY_HND connect_pol; /* policy handle */
+ uint32 status; /* return status */
+
+} SAMR_R_CONNECT;
+
+/* SAMR_Q_UNKNOWN_38 */
+typedef struct q_samr_unknown_38
+{
+ uint32 ptr;
+ UNIHDR hdr_srv_name;
+ UNISTR2 uni_srv_name;
+
+} SAMR_Q_UNKNOWN_38;
+
+/* SAMR_R_UNKNOWN_38 */
+typedef struct r_samr_unknown_38
+{
+ LOOKUP_LEVEL level; /* 0x0006 */
+ uint32 ptr_0; /* 0x0000 0000 */
+ uint32 status;
+
+} SAMR_R_UNKNOWN_38;
+
+/* SAMR_ENC_PASSWD */
+typedef struct enc_passwd_info
+{
+ uint32 ptr;
+ uint8 pass[516];
+
+} SAMR_ENC_PASSWD;
+
+/* SAMR_ENC_HASH */
+typedef struct enc_hash_info
+{
+ uint32 ptr;
+ uint8 hash[16];
+
+} SAMR_ENC_HASH;
+
+/* SAMR_Q_CHGPASSWD_USER */
+typedef struct q_samr_chgpasswd_user_info
+{
+ uint32 ptr_0;
+
+ UNIHDR hdr_server; /* server name unicode header */
+ UNISTR2 uni_server; /* server name unicode string */
+
+ UNIHDR hdr_user_name; /* username unicode string header */
+ UNISTR2 uni_user_name; /* username unicode string */
+
+ SAMR_ENC_PASSWD nt_newpass;
+ SAMR_ENC_HASH nt_oldhash;
+
+ uint32 unknown_1; /* seems to always contain 0001 */
+
+ SAMR_ENC_PASSWD lm_newpass;
+ SAMR_ENC_HASH lm_oldhash;
+
+} SAMR_Q_CHGPASSWD_USER;
+
+/* SAMR_R_CHGPASSWD_USER */
+typedef struct r_samr_chgpasswd_user_info
+{
+ uint32 result; /* 0 == OK, C000006A (NT_STATUS_WRONG_PASSWORD) */
+
+} SAMR_R_CHGPASSWD_USER;
+
+#endif /* _RPC_SAMR_H */
+
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ SMB parameters and setup
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _RPC_SRVSVC_H /* _RPC_SRVSVC_H */
+#define _RPC_SRVSVC_H
+
+
+/* srvsvc pipe */
+#define SRV_NETCONNENUM 0x08
+#define SRV_NETFILEENUM 0x09
+#define SRV_NETSESSENUM 0x0c
+#define SRV_NETSHAREENUM 0x0f
+#define SRV_NET_SRV_GET_INFO 0x15
+#define SRV_NET_SRV_SET_INFO 0x16
+
+
+/* SESS_INFO_0 (pointers to level 0 session info strings) */
+typedef struct ptr_sess_info0
+{
+ uint32 ptr_name; /* pointer to name. */
+
+} SESS_INFO_0;
+
+/* SESS_INFO_0_STR (level 0 session info strings) */
+typedef struct str_sess_info0
+{
+ UNISTR2 uni_name; /* unicode string of name */
+
+} SESS_INFO_0_STR;
+
+/* oops - this is going to take up a *massive* amount of stack. */
+/* the UNISTR2s already have 1024 uint16 chars in them... */
+#define MAX_SESS_ENTRIES 32
+
+/* SRV_SESS_INFO_0 */
+typedef struct srv_sess_info_0_info
+{
+ uint32 num_entries_read; /* EntriesRead */
+ uint32 ptr_sess_info; /* Buffer */
+ uint32 num_entries_read2; /* EntriesRead */
+
+ SESS_INFO_0 info_0 [MAX_SESS_ENTRIES]; /* session entry pointers */
+ SESS_INFO_0_STR info_0_str[MAX_SESS_ENTRIES]; /* session entry strings */
+
+} SRV_SESS_INFO_0;
+
+/* SESS_INFO_1 (pointers to level 1 session info strings) */
+typedef struct ptr_sess_info1
+{
+ uint32 ptr_name; /* pointer to name. */
+ uint32 ptr_user; /* pointer to user name. */
+
+ uint32 num_opens;
+ uint32 open_time;
+ uint32 idle_time;
+ uint32 user_flags;
+
+} SESS_INFO_1;
+
+/* SESS_INFO_1_STR (level 1 session info strings) */
+typedef struct str_sess_info1
+{
+ UNISTR2 uni_name; /* unicode string of name */
+ UNISTR2 uni_user; /* unicode string of user */
+
+} SESS_INFO_1_STR;
+
+/* SRV_SESS_INFO_1 */
+typedef struct srv_sess_info_1_info
+{
+ uint32 num_entries_read; /* EntriesRead */
+ uint32 ptr_sess_info; /* Buffer */
+ uint32 num_entries_read2; /* EntriesRead */
+
+ SESS_INFO_1 info_1 [MAX_SESS_ENTRIES]; /* session entry pointers */
+ SESS_INFO_1_STR info_1_str[MAX_SESS_ENTRIES]; /* session entry strings */
+
+} SRV_SESS_INFO_1;
+
+/* SRV_SESS_INFO_CTR */
+typedef struct srv_sess_info_ctr_info
+{
+ uint32 switch_value; /* switch value */
+ uint32 ptr_sess_ctr; /* pointer to sess info union */
+ union
+ {
+ SRV_SESS_INFO_0 info0; /* session info level 0 */
+ SRV_SESS_INFO_1 info1; /* session info level 1 */
+
+ } sess;
+
+} SRV_SESS_INFO_CTR;
+
+
+/* SRV_Q_NET_SESS_ENUM */
+typedef struct q_net_sess_enum_info
+{
+ uint32 ptr_srv_name; /* pointer (to server name?) */
+ UNISTR2 uni_srv_name; /* server name */
+
+ uint32 ptr_qual_name; /* pointer (to qualifier name) */
+ UNISTR2 uni_qual_name; /* qualifier name "\\qualifier" */
+
+ uint32 sess_level; /* session level */
+
+ SRV_SESS_INFO_CTR *ctr;
+
+ uint32 preferred_len; /* preferred maximum length (0xffff ffff) */
+ ENUM_HND enum_hnd;
+
+} SRV_Q_NET_SESS_ENUM;
+
+/* SRV_R_NET_SESS_ENUM */
+typedef struct r_net_sess_enum_info
+{
+ uint32 sess_level; /* share level */
+
+ SRV_SESS_INFO_CTR *ctr;
+
+ uint32 total_entries; /* total number of entries */
+ ENUM_HND enum_hnd;
+
+ uint32 status; /* return status */
+
+} SRV_R_NET_SESS_ENUM;
+
+/* CONN_INFO_0 (pointers to level 0 connection info strings) */
+typedef struct ptr_conn_info0
+{
+ uint32 id; /* connection id. */
+
+} CONN_INFO_0;
+
+/* oops - this is going to take up a *massive* amount of stack. */
+/* the UNISTR2s already have 1024 uint16 chars in them... */
+#define MAX_CONN_ENTRIES 32
+
+/* SRV_CONN_INFO_0 */
+typedef struct srv_conn_info_0_info
+{
+ uint32 num_entries_read; /* EntriesRead */
+ uint32 ptr_conn_info; /* Buffer */
+ uint32 num_entries_read2; /* EntriesRead */
+
+ CONN_INFO_0 info_0 [MAX_CONN_ENTRIES]; /* connection entry pointers */
+
+} SRV_CONN_INFO_0;
+
+/* CONN_INFO_1 (pointers to level 1 connection info strings) */
+typedef struct ptr_conn_info1
+{
+ uint32 id; /* connection id */
+ uint32 type; /* 0x3 */
+ uint32 num_opens;
+ uint32 num_users;
+ uint32 open_time;
+
+ uint32 ptr_usr_name; /* pointer to user name. */
+ uint32 ptr_net_name; /* pointer to network name (e.g IPC$). */
+
+} CONN_INFO_1;
+
+/* CONN_INFO_1_STR (level 1 connection info strings) */
+typedef struct str_conn_info1
+{
+ UNISTR2 uni_usr_name; /* unicode string of user */
+ UNISTR2 uni_net_name; /* unicode string of name */
+
+} CONN_INFO_1_STR;
+
+/* SRV_CONN_INFO_1 */
+typedef struct srv_conn_info_1_info
+{
+ uint32 num_entries_read; /* EntriesRead */
+ uint32 ptr_conn_info; /* Buffer */
+ uint32 num_entries_read2; /* EntriesRead */
+
+ CONN_INFO_1 info_1 [MAX_CONN_ENTRIES]; /* connection entry pointers */
+ CONN_INFO_1_STR info_1_str[MAX_CONN_ENTRIES]; /* connection entry strings */
+
+} SRV_CONN_INFO_1;
+
+/* SRV_CONN_INFO_CTR */
+typedef struct srv_conn_info_ctr_info
+{
+ uint32 switch_value; /* switch value */
+ uint32 ptr_conn_ctr; /* pointer to conn info union */
+ union
+ {
+ SRV_CONN_INFO_0 info0; /* connection info level 0 */
+ SRV_CONN_INFO_1 info1; /* connection info level 1 */
+
+ } conn;
+
+} SRV_CONN_INFO_CTR;
+
+
+/* SRV_Q_NET_CONN_ENUM */
+typedef struct q_net_conn_enum_info
+{
+ uint32 ptr_srv_name; /* pointer (to server name) */
+ UNISTR2 uni_srv_name; /* server name "\\server" */
+
+ uint32 ptr_qual_name; /* pointer (to qualifier name) */
+ UNISTR2 uni_qual_name; /* qualifier name "\\qualifier" */
+
+ uint32 conn_level; /* connection level */
+
+ SRV_CONN_INFO_CTR *ctr;
+
+ uint32 preferred_len; /* preferred maximum length (0xffff ffff) */
+ ENUM_HND enum_hnd;
+
+} SRV_Q_NET_CONN_ENUM;
+
+/* SRV_R_NET_CONN_ENUM */
+typedef struct r_net_conn_enum_info
+{
+ uint32 conn_level; /* share level */
+
+ SRV_CONN_INFO_CTR *ctr;
+
+ uint32 total_entries; /* total number of entries */
+ ENUM_HND enum_hnd;
+
+ uint32 status; /* return status */
+
+} SRV_R_NET_CONN_ENUM;
+
+/* oops - this is going to take up a *massive* amount of stack. */
+/* the UNISTR2s already have 1024 uint16 chars in them... */
+#define MAX_SHARE_ENTRIES 32
+
+/* SH_INFO_1 (pointers to level 1 share info strings) */
+typedef struct ptr_share_info1
+{
+ uint32 ptr_netname; /* pointer to net name. */
+ uint32 type; /* ipc, print, disk ... */
+ uint32 ptr_remark; /* pointer to comment. */
+
+} SH_INFO_1;
+
+/* SH_INFO_1_STR (level 1 share info strings) */
+typedef struct str_share_info1
+{
+ UNISTR2 uni_netname; /* unicode string of net name */
+ UNISTR2 uni_remark; /* unicode string of comment */
+
+} SH_INFO_1_STR;
+
+/* SRV_SHARE_INFO_1 */
+typedef struct share_info_1_info
+{
+ uint32 num_entries_read; /* EntriesRead */
+ uint32 ptr_share_info; /* Buffer */
+ uint32 num_entries_read2; /* EntriesRead */
+
+ SH_INFO_1 info_1 [MAX_SHARE_ENTRIES]; /* share entry pointers */
+ SH_INFO_1_STR info_1_str[MAX_SHARE_ENTRIES]; /* share entry strings */
+
+} SRV_SHARE_INFO_1;
+
+/* SH_INFO_2 (pointers to level 2 share info strings) */
+typedef struct ptr_share_info2
+{
+ uint32 ptr_netname; /* pointer to net name. */
+ uint32 type; /* ipc, print, disk ... */
+ uint32 ptr_remark; /* pointer to comment. */
+ uint32 perms; /* permissions */
+ uint32 max_uses; /* maximum uses */
+ uint32 num_uses; /* current uses */
+ uint32 ptr_path; /* pointer to path name */
+ uint32 ptr_passwd; /* pointer to password */
+
+} SH_INFO_2;
+
+/* SH_INFO_2_STR (level 2 share info strings) */
+typedef struct str_share_info2
+{
+ UNISTR2 uni_netname; /* unicode string of net name (e.g NETLOGON) */
+ UNISTR2 uni_remark; /* unicode string of comment (e.g "Logon server share") */
+ UNISTR2 uni_path; /* unicode string of local path (e.g c:\winnt\system32\repl\import\scripts) */
+ UNISTR2 uni_passwd; /* unicode string of password - presumably for share level security (e.g NULL) */
+
+} SH_INFO_2_STR;
+
+/* SRV_SHARE_INFO_2 */
+typedef struct share_info_2_info
+{
+ uint32 num_entries_read; /* EntriesRead */
+ uint32 ptr_share_info; /* Buffer */
+ uint32 num_entries_read2; /* EntriesRead */
+
+ SH_INFO_2 info_2 [MAX_SHARE_ENTRIES]; /* share entry pointers */
+ SH_INFO_2_STR info_2_str[MAX_SHARE_ENTRIES]; /* share entry strings */
+
+} SRV_SHARE_INFO_2;
+
+/* SRV_SHARE_INFO_CTR */
+typedef struct srv_share_info_1_info
+{
+ uint32 switch_value; /* switch value */
+ uint32 ptr_share_ctr; /* pointer to share info union */
+ union
+ {
+ SRV_SHARE_INFO_1 info1; /* share info level 1 */
+ SRV_SHARE_INFO_2 info2; /* share info level 2 */
+
+ } share;
+
+} SRV_SHARE_INFO_CTR;
+
+/* SRV_Q_NET_SHARE_ENUM */
+typedef struct q_net_share_enum_info
+{
+ uint32 ptr_srv_name; /* pointer (to server name?) */
+ UNISTR2 uni_srv_name; /* server name */
+
+ uint32 share_level; /* share level */
+
+ SRV_SHARE_INFO_CTR *ctr; /* share info container */
+
+ uint32 preferred_len; /* preferred maximum length (0xffff ffff) */
+
+ ENUM_HND enum_hnd;
+
+} SRV_Q_NET_SHARE_ENUM;
+
+
+/* SRV_R_NET_SHARE_ENUM */
+typedef struct r_net_share_enum_info
+{
+ uint32 share_level; /* share level */
+ SRV_SHARE_INFO_CTR *ctr; /* share info container */
+
+ uint32 total_entries; /* total number of entries */
+ ENUM_HND enum_hnd;
+
+ uint32 status; /* return status */
+
+} SRV_R_NET_SHARE_ENUM;
+
+/* FILE_INFO_3 (level 3 file info strings) */
+typedef struct file_info3_info
+{
+ uint32 id; /* file index */
+ uint32 perms; /* file permissions. don't know what format */
+ uint32 num_locks; /* file locks */
+ uint32 ptr_path_name; /* file name */
+ uint32 ptr_user_name; /* file owner */
+
+} FILE_INFO_3;
+
+/* FILE_INFO_3_STR (level 3 file info strings) */
+typedef struct str_file_info3_info
+{
+ UNISTR2 uni_path_name; /* unicode string of file name */
+ UNISTR2 uni_user_name; /* unicode string of file owner. */
+
+} FILE_INFO_3_STR;
+
+/* oops - this is going to take up a *massive* amount of stack. */
+/* the UNISTR2s already have 1024 uint16 chars in them... */
+#define MAX_FILE_ENTRIES 32
+
+/* SRV_FILE_INFO_3 */
+typedef struct srv_file_info_3
+{
+ uint32 num_entries_read; /* EntriesRead */
+ uint32 ptr_file_info; /* Buffer */
+
+ uint32 num_entries_read2; /* EntriesRead */
+
+ FILE_INFO_3 info_3 [MAX_FILE_ENTRIES]; /* file entry details */
+ FILE_INFO_3_STR info_3_str[MAX_FILE_ENTRIES]; /* file entry strings */
+
+} SRV_FILE_INFO_3;
+
+/* SRV_FILE_INFO_CTR */
+typedef struct srv_file_info_3_info
+{
+ uint32 switch_value; /* switch value */
+ uint32 ptr_file_ctr; /* pointer to file info union */
+ union
+ {
+ SRV_FILE_INFO_3 info3; /* file info with 0 entries */
+
+ } file;
+
+} SRV_FILE_INFO_CTR;
+
+
+/* SRV_Q_NET_FILE_ENUM */
+typedef struct q_net_file_enum_info
+{
+ uint32 ptr_srv_name; /* pointer (to server name?) */
+ UNISTR2 uni_srv_name; /* server name */
+
+ uint32 ptr_qual_name; /* pointer (to qualifier name) */
+ UNISTR2 uni_qual_name; /* qualifier name "\\qualifier" */
+
+ uint32 file_level; /* file level */
+
+ SRV_FILE_INFO_CTR *ctr;
+
+ uint32 preferred_len; /* preferred maximum length (0xffff ffff) */
+ ENUM_HND enum_hnd;
+
+} SRV_Q_NET_FILE_ENUM;
+
+
+/* SRV_R_NET_FILE_ENUM */
+typedef struct r_net_file_enum_info
+{
+ uint32 file_level; /* file level */
+
+ SRV_FILE_INFO_CTR *ctr;
+
+ uint32 total_entries; /* total number of files */
+ ENUM_HND enum_hnd;
+
+ uint32 status; /* return status */
+
+} SRV_R_NET_FILE_ENUM;
+
+/* SRV_INFO_101 */
+typedef struct srv_info_101_info
+{
+ uint32 platform_id; /* 0x500 */
+ uint32 ptr_name; /* pointer to server name */
+ uint32 ver_major; /* 0x4 */
+ uint32 ver_minor; /* 0x2 */
+ uint32 srv_type; /* browse etc type */
+ uint32 ptr_comment; /* pointer to server comment */
+
+ UNISTR2 uni_name; /* server name "server" */
+ UNISTR2 uni_comment; /* server comment "samba x.x.x blah" */
+
+} SRV_INFO_101;
+
+/* SRV_INFO_102 */
+typedef struct srv_info_102_info
+{
+ uint32 platform_id; /* 0x500 */
+ uint32 ptr_name; /* pointer to server name */
+ uint32 ver_major; /* 0x4 */
+ uint32 ver_minor; /* 0x2 */
+ uint32 srv_type; /* browse etc type */
+ uint32 ptr_comment; /* pointer to server comment */
+ uint32 users; /* 0xffff ffff*/
+ uint32 disc; /* 0xf */
+ uint32 hidden; /* 0x0 */
+ uint32 announce; /* 240 */
+ uint32 ann_delta; /* 3000 */
+ uint32 licenses; /* 0 */
+ uint32 ptr_usr_path; /* pointer to user path */
+
+ UNISTR2 uni_name; /* server name "server" */
+ UNISTR2 uni_comment; /* server comment "samba x.x.x blah" */
+ UNISTR2 uni_usr_path; /* "c:\" (eh?) */
+
+} SRV_INFO_102;
+
+
+/* SRV_INFO_CTR */
+typedef struct srv_info_ctr_info
+{
+ uint32 switch_value; /* switch value */
+ uint32 ptr_srv_ctr; /* pointer to server info */
+ union
+ {
+ SRV_INFO_102 sv102; /* server info level 102 */
+ SRV_INFO_101 sv101; /* server info level 101 */
+
+ } srv;
+
+} SRV_INFO_CTR;
+
+/* SRV_Q_NET_SRV_GET_INFO */
+typedef struct q_net_srv_get_info
+{
+ uint32 ptr_srv_name;
+ UNISTR2 uni_srv_name; /* "\\server" */
+ uint32 switch_value;
+
+} SRV_Q_NET_SRV_GET_INFO;
+
+/* SRV_R_NET_SRV_GET_INFO */
+typedef struct r_net_srv_get_info
+{
+ SRV_INFO_CTR *ctr;
+
+ uint32 status; /* return status */
+
+} SRV_R_NET_SRV_GET_INFO;
+
+/* SRV_Q_NET_SRV_SET_INFO */
+typedef struct q_net_srv_set_info
+{
+ uint32 ptr_srv_name;
+ UNISTR2 uni_srv_name; /* "\\server" */
+ uint32 switch_value;
+
+ SRV_INFO_CTR *ctr;
+
+} SRV_Q_NET_SRV_SET_INFO;
+
+
+/* SRV_R_NET_SRV_SET_INFO */
+typedef struct r_net_srv_set_info
+{
+ uint32 switch_value; /* switch value */
+
+ uint32 status; /* return status */
+
+} SRV_R_NET_SRV_SET_INFO;
+
+
+#endif /* _RPC_SRVSVC_H */
+
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ SMB parameters and setup
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _RPC_WKS_H /* _RPC_WKS_H */
+#define _RPC_WKS_H
+
+
+/* wkssvc pipe */
+#define WKS_QUERY_INFO 0x00
+
+
+/* WKS_Q_QUERY_INFO - probably a capabilities request */
+typedef struct q_wks_query_info_info
+{
+ uint32 ptr_srv_name; /* pointer (to server name?) */
+ UNISTR2 uni_srv_name; /* unicode server name starting with '\\' */
+
+ uint16 switch_value; /* info level 100 (0x64) */
+
+} WKS_Q_QUERY_INFO;
+
+
+/* WKS_INFO_100 - level 100 info */
+typedef struct wks_info_100_info
+{
+ uint32 platform_id; /* 0x0000 01f4 - unknown */
+ uint32 ptr_compname; /* pointer to server name */
+ uint32 ptr_lan_grp ; /* pointer to domain name */
+ uint32 ver_major; /* 4 - unknown */
+ uint32 ver_minor; /* 0 - unknown */
+
+ UNISTR2 uni_compname; /* unicode server name */
+ UNISTR2 uni_lan_grp ; /* unicode domain name */
+
+} WKS_INFO_100;
+
+
+/* WKS_R_QUERY_INFO - probably a capabilities request */
+typedef struct r_wks_query_info_info
+{
+ uint16 switch_value; /* 100 (0x64) - switch value */
+
+ /* for now, only level 100 is supported. this should be an enum container */
+ uint32 ptr_1; /* pointer 1 */
+ WKS_INFO_100 *wks100; /* workstation info level 100 */
+
+ uint32 status; /* return status */
+
+} WKS_R_QUERY_INFO;
+
+
+#endif /* _RPC_WKS_H */
+
#define BOOLSTR(b) ((b) ? "Yes" : "No")
#define BITSETB(ptr,bit) ((((char *)ptr)[0] & (1<<(bit)))!=0)
#define BITSETW(ptr,bit) ((SVAL(ptr,0) & (1<<(bit)))!=0)
+
+#define IS_BITS_SET_ALL(var,bit) (((var)&(bit))==(bit))
+#define IS_BITS_SET_SOME(var,bit) (((var)&(bit))!=0)
+#define IS_BITS_CLR_ALL(var,bit) (((var)&(~(bit)))==0)
+
#define PTR_DIFF(p1,p2) ((ptrdiff_t)(((char *)(p1)) - (char *)(p2)))
typedef int BOOL;
#define PIPE_LSASS "\\PIPE\\lsass"
#define PIPE_LSARPC "\\PIPE\\lsarpc"
-/* NETLOGON opcodes and data structures */
-
-enum RPC_PKT_TYPE
-{
- RPC_REQUEST = 0x00,
- RPC_RESPONSE = 0x02,
- RPC_BIND = 0x0B,
- RPC_BINDACK = 0x0C
-};
-
-#define NET_QUERYFORPDC 7 /* Query for PDC */
-#define NET_QUERYFORPDC_R 12 /* Response to Query for PDC */
-#define NET_SAMLOGON 18
-#define NET_SAMLOGON_R 19
-
-/* Allowable account control bits */
-#define ACB_DISABLED 1 /* 1 = User account disabled */
-#define ACB_HOMDIRREQ 2 /* 1 = Home directory required */
-#define ACB_PWNOTREQ 4 /* 1 = User password not required */
-#define ACB_TEMPDUP /* 1 = Temporary duplicate account */
-#define ACB_NORMAL /* 1 = Normal user account */
-#define ACB_MNS /* 1 = MNS logon user account */
-#define ACB_DOMTRUST /* 1 = Interdomain trust account */
-#define ACB_WSTRUST /* 1 = Workstation trust account */
-#define ACB_SVRTRUST /* 1 = Server trust account */
-#define ACB_PWNOEXP /* 1 = User password does not expire */
-#define ACB_AUTOLOCK /* 1 = Account auto locked */
-
-#define SAMR_CLOSE 0x01
-#define SAMR_OPEN_SECRET 0x07
-#define SAMR_LOOKUP_RIDS 0x11
-#define SAMR_UNKNOWN_3 0x03
-#define SAMR_UNKNOWN_22 0x22
-#define SAMR_UNKNOWN_24 0x24
-#define SAMR_UNKNOWN_34 0x34
-#define SAMR_OPEN_POLICY 0x39
-
-#define LSA_OPENPOLICY 0x2c
-#define LSA_QUERYINFOPOLICY 0x07
-#define LSA_ENUMTRUSTDOM 0x0d
-#define LSA_REQCHAL 0x04
-#define LSA_SRVPWSET 0x06
-#define LSA_SAMLOGON 0x02
-#define LSA_SAMLOGOFF 0x03
-#define LSA_AUTH2 0x0f
-#define LSA_CLOSE 0x00
-
-/* XXXX these are here to get a compile! */
-
-#define LSA_OPENSECRET 0xFF
-#define LSA_LOOKUPSIDS 0xFE
-#define LSA_LOOKUPRIDS 0xFD
-#define LSA_LOOKUPNAMES 0xFC
-
-/* srvsvc pipe */
-#define NETSERVERGETINFO 0x15
-#define NETSHAREENUM 0x0f
-
-/* well-known RIDs - Relative IDs */
-
-/* RIDs - Well-known users ... */
-#define DOMAIN_USER_RID_ADMIN (0x000001F4L)
-#define DOMAIN_USER_RID_GUEST (0x000001F5L)
-
-/* RIDs - well-known groups ... */
-#define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
-#define DOMAIN_GROUP_RID_USERS (0x00000201L)
-#define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
-
-/* RIDs - well-known aliases ... */
-#define DOMAIN_ALIAS_RID_ADMINS (0x00000220L)
-#define DOMAIN_ALIAS_RID_USERS (0x00000221L)
-#define DOMAIN_ALIAS_RID_GUESTS (0x00000222L)
-#define DOMAIN_ALIAS_RID_POWER_USERS (0x00000223L)
-
-#define DOMAIN_ALIAS_RID_ACCOUNT_OPS (0x00000224L)
-#define DOMAIN_ALIAS_RID_SYSTEM_OPS (0x00000225L)
-#define DOMAIN_ALIAS_RID_PRINT_OPS (0x00000226L)
-#define DOMAIN_ALIAS_RID_BACKUP_OPS (0x00000227L)
-
-#define DOMAIN_ALIAS_RID_REPLICATOR (0x00000228L)
-
-
-
/* 32 bit time (sec) since 01jan1970 - cifs6.txt, section 3.5, page 30 */
typedef struct time_info
{
uint32 high;
} NTTIME;
-
-
-#define MAXSUBAUTHS 15 /* max sub authorities in a SID */
-
-/* DOM_SID - security id */
-typedef struct sid_info
-{
- uint8 sid_rev_num; /* SID revision number */
- uint8 num_auths; /* number of sub-authorities */
- uint8 id_auth[6]; /* Identifier Authority */
- uint32 sub_auths[MAXSUBAUTHS]; /* pointer to sub-authorities. */
-
-} DOM_SID;
-
-/* UNIHDR - unicode string header */
-typedef struct unihdr_info
-{
- uint16 uni_max_len;
- uint16 uni_str_len;
- uint32 undoc; /* usually has a value of 4 */
-
-} UNIHDR;
-
-/* UNIHDR2 - unicode string header and undocumented buffer */
-typedef struct unihdr2_info
-{
- UNIHDR unihdr;
- uint32 undoc_buffer; /* undocumented 32 bit buffer pointer */
-
-} UNIHDR2;
-
-/* clueless as to what maximum length should be */
-#define MAX_UNISTRLEN 1024
-
-/* UNISTR - unicode string size and buffer */
-typedef struct unistr_info
-{
- uint16 buffer[MAX_UNISTRLEN]; /* unicode characters. ***MUST*** be null-terminated */
-
-} UNISTR;
-
-/* UNISTR2 - unicode string size and buffer */
-typedef struct unistr2_info
-{
- uint32 uni_max_len;
- uint32 undoc;
- uint32 uni_str_len;
- uint16 buffer[MAX_UNISTRLEN]; /* unicode characters. **NOT** necessarily null-terminated */
-
-} UNISTR2;
-
-/* DOM_SID2 - domain SID structure - SIDs stored in unicode */
-typedef struct domsid2_info
-{
- uint32 type; /* value is 5 */
- uint32 undoc; /* value is 0 */
-
- UNIHDR2 hdr; /* XXXX conflict between hdr and str for length */
- UNISTR str; /* XXXX conflict between hdr and str for length */
-
-} DOM_SID2;
-
-/* DOM_RID2 - domain RID structure for ntlsa pipe */
-typedef struct domrid2_info
-{
- uint32 type; /* value is 5 */
- uint32 undoc; /* value is non-zero */
- uint32 rid;
- uint32 rid_idx; /* don't know what this is */
-
-} DOM_RID2;
-
-/* DOM_RID3 - domain RID structure for samr pipe */
-typedef struct domrid3_info
-{
- uint32 rid; /* domain-relative (to a SID) id */
- uint32 type1; /* value is 0x1 */
- uint32 ptr_type; /* undocumented pointer */
- uint32 type2; /* value is 0x1 */
-
-} DOM_RID3;
-
-/* DOM_CLNT_SRV - client / server names */
-typedef struct clnt_srv_info
-{
- uint32 undoc_buffer; /* undocumented 32 bit buffer pointer */
- UNISTR2 uni_logon_srv; /* logon server name */
- uint32 undoc_buffer2; /* undocumented 32 bit buffer pointer */
- UNISTR2 uni_comp_name; /* client machine name */
-
-} DOM_CLNT_SRV;
-
-/* DOM_LOG_INFO - login info */
-typedef struct log_info
-{
- uint32 undoc_buffer; /* undocumented 32 bit buffer pointer */
- UNISTR2 uni_logon_srv; /* logon server name */
- UNISTR2 uni_acct_name; /* account name */
- uint16 sec_chan; /* secure channel type */
- UNISTR2 uni_comp_name; /* client machine name */
-
-} DOM_LOG_INFO;
-
-/* DOM_CHAL - challenge info */
-typedef struct chal_info
-{
- uchar data[8]; /* credentials */
-} DOM_CHAL;
-
-/* DOM_CREDs - timestamped client or server credentials */
-typedef struct cred_info
-{
- DOM_CHAL challenge; /* credentials */
- UTIME timestamp; /* credential time-stamp */
-
-} DOM_CRED;
-
-/* DOM_CLNT_INFO - client info */
-typedef struct clnt_info
-{
- DOM_LOG_INFO login;
- DOM_CRED cred;
-
-} DOM_CLNT_INFO;
-
-/* DOM_CLNT_INFO2 - client info */
-typedef struct clnt_info2
-{
- DOM_CLNT_SRV login;
- uint32 ptr_cred;
- DOM_CRED cred;
-
-} DOM_CLNT_INFO2;
-
-/* DOM_LOGON_ID - logon id */
-typedef struct logon_info
-{
- uint32 low;
- uint32 high;
-
-} DOM_LOGON_ID;
-
-/* ARC4_OWF */
-typedef struct arc4_owf_info
-{
- uint8 data[16];
-
-} ARC4_OWF;
-
-
-/* DOM_ID_INFO_1 */
-typedef struct id_info_1
-{
- uint32 ptr_id_info1; /* pointer to id_info_1 */
- UNIHDR hdr_domain_name; /* domain name unicode header */
- uint32 param_ctrl; /* param control */
- DOM_LOGON_ID logon_id; /* logon ID */
- UNIHDR hdr_user_name; /* user name unicode header */
- UNIHDR hdr_wksta_name; /* workgroup name unicode header */
- ARC4_OWF arc4_lm_owf; /* arc4 LM OWF Password */
- ARC4_OWF arc4_nt_owf; /* arc4 NT OWF Password */
- UNISTR2 uni_domain_name; /* domain name unicode string */
- UNISTR2 uni_user_name; /* user name unicode string */
- UNISTR2 uni_wksta_name; /* workgroup name unicode string */
-
-} DOM_ID_INFO_1;
-
-/* SAM_INFO - sam logon/off id structure */
-typedef struct sam_info
-{
- DOM_CLNT_INFO2 client;
- uint32 ptr_rtn_cred; /* pointer to return credentials */
- DOM_CRED rtn_cred; /* return credentials */
- uint16 logon_level;
- uint16 switch_value;
-
- union
- {
- DOM_ID_INFO_1 *id1; /* auth-level 1 */
-
- } auth;
-
-} DOM_SAM_INFO;
-
-/* DOM_GID - group id + user attributes */
-typedef struct gid_info
-{
- uint32 g_rid; /* a group RID */
- uint32 attr;
-
-} DOM_GID;
-
-/* RPC_HDR - ms rpc header */
-typedef struct rpc_hdr_info
-{
- uint8 major; /* 5 - RPC major version */
- uint8 minor; /* 0 - RPC minor version */
- uint8 pkt_type; /* 2 - RPC response packet */
- uint8 frag; /* 3 - first frag + last frag */
- uint32 pack_type; /* 0x1000 0000 - packed data representation */
- uint16 frag_len; /* fragment length - data size (bytes) inc header and tail. */
- uint16 auth_len; /* 0 - authentication length */
- uint32 call_id; /* call identifier. matches 12th uint32 of incoming RPC data. */
-
-} RPC_HDR;
-
-/* RPC_HDR_RR - ms request / response rpc header */
-typedef struct rpc_hdr_rr_info
-{
- RPC_HDR hdr;
-
- uint32 alloc_hint; /* allocation hint - data size (bytes) minus header and tail. */
- uint16 context_id; /* 0 - presentation context identifier */
- uint8 cancel_count; /* 0 - cancel count */
- uint8 opnum; /* request: 0 - reserved. response: opnum */
-
-} RPC_HDR_RR;
-
-/* the interfaces are numbered. as yet I haven't seen more than one interface
- * used on the same pipe name
- * srvsvc
- * abstract (0x4B324FC8, 0x01D31670, 0x475A7812, 0x88E16EBF, 0x00000003)
- * transfer (0x8A885D04, 0x11C91CEB, 0x0008E89F, 0x6048102B, 0x00000002)
- */
-/* RPC_IFACE */
-typedef struct rpc_iface_info
-{
- uint8 data[16]; /* 16 bytes of number */
- uint32 version; /* the interface number */
-
-} RPC_IFACE;
-
-
-/* this seems to be the same string name depending on the name of the pipe,
- * but is more likely to be linked to the interface name
- * "srvsvc", "\\PIPE\\ntsvcs"
- * "samr", "\\PIPE\\lsass"
- * "wkssvc", "\\PIPE\\wksvcs"
- * "NETLOGON", "\\PIPE\\NETLOGON"
- */
-/* RPC_ADDR_STR */
-typedef struct rpc_addr_info
-{
- uint16 len; /* length of the string including null terminator */
- fstring str; /* the string above in single byte, null terminated form */
-
-} RPC_ADDR_STR;
-
-/* RPC_HDR_BBA */
-typedef struct rpc_hdr_bba_info
-{
- uint16 max_tsize; /* maximum transmission fragment size (0x1630) */
- uint16 max_rsize; /* max receive fragment size (0x1630) */
- uint32 assoc_gid; /* associated group id (0x0) */
-
-} RPC_HDR_BBA;
-
-/* RPC_BIND_REQ - ms req bind */
-typedef struct rpc_bind_req_info
-{
- RPC_HDR_BBA bba;
-
- uint32 num_elements; /* the number of elements (0x1) */
- uint16 context_id; /* presentation context identifier (0x0) */
- uint8 num_syntaxes; /* the number of syntaxes (has always been 1?)(0x1) */
-
- RPC_IFACE abstract; /* num and vers. of interface client is using */
- RPC_IFACE transfer; /* num and vers. of interface to use for replies */
-
-} RPC_HDR_RB;
-
-/* RPC_RESULTS - can only cope with one reason, right now... */
-typedef struct rpc_results_info
-{
-/* uint8[] # 4-byte alignment padding, against SMB header */
-
- uint8 num_results; /* the number of results (0x01) */
-
-/* uint8[] # 4-byte alignment padding, against SMB header */
-
- uint16 result; /* result (0x00 = accept) */
- uint16 reason; /* reason (0x00 = no reason specified) */
-
-} RPC_RESULTS;
-
-/* RPC_HDR_BA */
-typedef struct rpc_hdr_ba_info
-{
- RPC_HDR_BBA bba;
-
- RPC_ADDR_STR addr ; /* the secondary address string, as described earlier */
- RPC_RESULTS res ; /* results and reasons */
- RPC_IFACE transfer; /* the transfer syntax from the request */
-
-} RPC_HDR_BA;
-
-
-/* DOM_QUERY - info class 3 and 5 LSA Query response */
-typedef struct dom_query_info
-{
- uint16 uni_dom_max_len; /* domain name string length * 2 */
- uint16 uni_dom_str_len; /* domain name string length * 2 */
- uint32 buffer_dom_name; /* undocumented domain name string buffer pointer */
- uint32 buffer_dom_sid; /* undocumented domain SID string buffer pointer */
- UNISTR2 uni_domain_name; /* domain name (unicode string) */
- DOM_SID dom_sid; /* domain SID */
-
-} DOM_QUERY;
-
-/* level 5 is same as level 3. we hope. */
-typedef DOM_QUERY DOM_QUERY_3;
-typedef DOM_QUERY DOM_QUERY_5;
-
-#define POL_HND_SIZE 20
-
-/* LSA_POL_HND */
-typedef struct lsa_policy_info
-{
- uint8 data[POL_HND_SIZE]; /* policy handle */
-
-} LSA_POL_HND;
-
-/* OBJ_ATTR (object attributes) */
-typedef struct object_attributes_info
-{
- uint32 len; /* 0x18 - length (in bytes) inc. the length field. */
- uint32 ptr_root_dir; /* 0 - root directory (pointer) */
- uint32 ptr_obj_name; /* 0 - object name (pointer) */
- uint32 attributes; /* 0 - attributes (undocumented) */
- uint32 ptr_sec_desc; /* 0 - security descriptior (pointer) */
- uint32 sec_qos; /* 0 - security quality of service */
-
-} LSA_OBJ_ATTR;
-
-/* LSA_Q_OPEN_POL - LSA Query Open Policy */
-typedef struct lsa_q_open_pol_info
-{
- uint32 ptr; /* undocumented buffer pointer */
- UNISTR2 uni_server_name; /* server name, starting with two '\'s */
- LSA_OBJ_ATTR attr ; /* object attributes */
-
- uint32 des_access; /* desired access attributes */
-
-} LSA_Q_OPEN_POL;
-
-/* LSA_R_OPEN_POL - response to LSA Open Policy */
-typedef struct lsa_r_open_pol_info
-{
- LSA_POL_HND pol; /* policy handle */
-
- uint32 status; /* return code */
-
-} LSA_R_OPEN_POL;
-
-/* LSA_Q_QUERY_INFO - LSA query info policy */
-typedef struct lsa_query_info
-{
- LSA_POL_HND pol; /* policy handle */
- uint16 info_class; /* info class */
-
-} LSA_Q_QUERY_INFO;
-
-/* LSA_R_QUERY_INFO - response to LSA query info policy */
-typedef struct lsa_r_query_info
-{
- uint32 undoc_buffer; /* undocumented buffer pointer */
- uint16 info_class; /* info class (same as info class in request) */
-
- union
- {
- DOM_QUERY_3 id3;
- DOM_QUERY_5 id5;
-
- } dom;
-
- uint32 status; /* return code */
-
-} LSA_R_QUERY_INFO;
-
-/* LSA_Q_ENUM_TRUST_DOM - LSA enumerate trusted domains */
-typedef struct lsa_enum_trust_dom_info
-{
- LSA_POL_HND pol; /* policy handle */
- uint32 enum_context; /* enumeration context handle */
- uint32 preferred_len; /* preferred maximum length */
-
-} LSA_Q_ENUM_TRUST_DOM;
-
-/* LSA_R_ENUM_TRUST_DOM - response to LSA enumerate trusted domains */
-typedef struct lsa_r_enum_trust_dom_info
-{
- LSA_POL_HND pol; /* policy handle */
-
- uint32 status; /* return code */
-
-} LSA_R_ENUM_TRUST_DOM;
-
-/* LSA_Q_CLOSE */
-typedef struct lsa_q_close_info
-{
- LSA_POL_HND pol; /* policy handle */
-
-} LSA_Q_CLOSE;
-
-/* LSA_R_CLOSE */
-typedef struct lsa_r_close_info
-{
- LSA_POL_HND pol; /* policy handle. should be all zeros. */
-
- uint32 status; /* return code */
-
-} LSA_R_CLOSE;
-
-
-#define MAX_REF_DOMAINS 10
-
-/* DOM_R_REF */
-typedef struct dom_ref_info
-{
- uint32 undoc_buffer; /* undocumented buffer pointer. */
- uint32 num_ref_doms_1; /* num referenced domains? */
- uint32 buffer_dom_name; /* undocumented domain name buffer pointer. */
- uint32 max_entries; /* 32 - max number of entries */
- uint32 num_ref_doms_2; /* 4 - num referenced domains? */
-
- UNIHDR2 hdr_dom_name; /* domain name unicode string header */
- UNIHDR2 hdr_ref_dom[MAX_REF_DOMAINS]; /* referenced domain unicode string headers */
-
- UNISTR uni_dom_name; /* domain name unicode string */
- DOM_SID ref_dom[MAX_REF_DOMAINS]; /* referenced domain SIDs */
-
-} DOM_R_REF;
-
-#define MAX_LOOKUP_SIDS 10
-
-/* LSA_Q_LOOKUP_SIDS - LSA Lookup SIDs */
-typedef struct lsa_q_lookup_sids
-{
- LSA_POL_HND pol_hnd; /* policy handle */
- uint32 num_entries;
- uint32 buffer_dom_sid; /* undocumented domain SID buffer pointer */
- uint32 buffer_dom_name; /* undocumented domain name buffer pointer */
- uint32 buffer_lookup_sids[MAX_LOOKUP_SIDS]; /* undocumented domain SID pointers to be looked up. */
- DOM_SID dom_sids[MAX_LOOKUP_SIDS]; /* domain SIDs to be looked up. */
- uint8 undoc[16]; /* completely undocumented 16 bytes */
-
-} LSA_Q_LOOKUP_SIDS;
-
-/* LSA_R_LOOKUP_SIDS - response to LSA Lookup SIDs */
-typedef struct lsa_r_lookup_sids
-{
- DOM_R_REF dom_ref; /* domain reference info */
-
- uint32 num_entries;
- uint32 undoc_buffer; /* undocumented buffer pointer */
- uint32 num_entries2;
-
- DOM_SID2 dom_sid[MAX_LOOKUP_SIDS]; /* domain SIDs being looked up */
-
- uint32 num_entries3;
-
- uint32 status; /* return code */
-
-} LSA_R_LOOKUP_SIDS;
-
-/* DOM_NAME - XXXX not sure about this structure */
-typedef struct dom_name_info
-{
- uint32 uni_str_len;
- UNISTR str;
-
-} DOM_NAME;
-
-
-#define UNKNOWN_LEN 1
-
-/* LSA_Q_LOOKUP_RIDS - LSA Lookup RIDs */
-typedef struct lsa_q_lookup_rids
-{
-
- LSA_POL_HND pol_hnd; /* policy handle */
- uint32 num_entries;
- uint32 num_entries2;
- uint32 buffer_dom_sid; /* undocumented domain SID buffer pointer */
- uint32 buffer_dom_name; /* undocumented domain name buffer pointer */
- DOM_NAME lookup_name[MAX_LOOKUP_SIDS]; /* names to be looked up */
- uint8 undoc[UNKNOWN_LEN]; /* completely undocumented bytes of unknown length */
-
-} LSA_Q_LOOKUP_RIDS;
-
-/* LSA_R_LOOKUP_RIDS - response to LSA Lookup RIDs by name */
-typedef struct lsa_r_lookup_rids
-{
- DOM_R_REF dom_ref; /* domain reference info */
-
- uint32 num_entries;
- uint32 undoc_buffer; /* undocumented buffer pointer */
-
- uint32 num_entries2;
- DOM_RID2 dom_rid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */
-
- uint32 num_entries3;
-
- uint32 status; /* return code */
-
-} LSA_R_LOOKUP_RIDS;
-
-
-
-/* NEG_FLAGS */
-typedef struct lsa_neg_flags_info
-{
- uint32 neg_flags; /* negotiated flags */
-
-} NEG_FLAGS;
-
-
-/* LSA_Q_REQ_CHAL */
-typedef struct lsa_q_req_chal_info
-{
- uint32 undoc_buffer; /* undocumented buffer pointer */
- UNISTR2 uni_logon_srv; /* logon server unicode string */
- UNISTR2 uni_logon_clnt; /* logon client unicode string */
- DOM_CHAL clnt_chal; /* client challenge */
-
-} LSA_Q_REQ_CHAL;
-
-
-/* LSA_R_REQ_CHAL */
-typedef struct lsa_r_req_chal_info
-{
- DOM_CHAL srv_chal; /* server challenge */
-
- uint32 status; /* return code */
-
-} LSA_R_REQ_CHAL;
-
-
-
-/* LSA_Q_AUTH_2 */
-typedef struct lsa_q_auth2_info
-{
- DOM_LOG_INFO clnt_id; /* client identification info */
- DOM_CHAL clnt_chal; /* client-calculated credentials */
-
- NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
-
-} LSA_Q_AUTH_2;
-
-
-/* LSA_R_AUTH_2 */
-typedef struct lsa_r_auth2_info
-{
- DOM_CHAL srv_chal; /* server-calculated credentials */
- NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
-
- uint32 status; /* return code */
-
-} LSA_R_AUTH_2;
-
-
-/* LSA_Q_SRV_PWSET */
-typedef struct lsa_q_srv_pwset_info
-{
- DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
- char pwd[16]; /* new password - undocumented. */
-
-} LSA_Q_SRV_PWSET;
-
-/* LSA_R_SRV_PWSET */
-typedef struct lsa_r_srv_pwset_info
-{
- DOM_CRED srv_cred; /* server-calculated credentials */
-
- uint32 status; /* return code */
-
-} LSA_R_SRV_PWSET;
-
-#define LSA_MAX_GROUPS 32
-#define LSA_MAX_SIDS 32
-
-/* LSA_USER_INFO */
-typedef struct lsa_q_user_info
-{
- uint32 ptr_user_info;
-
- NTTIME logon_time; /* logon time */
- NTTIME logoff_time; /* logoff time */
- NTTIME kickoff_time; /* kickoff time */
- NTTIME pass_last_set_time; /* password last set time */
- NTTIME pass_can_change_time; /* password can change time */
- NTTIME pass_must_change_time; /* password must change time */
-
- UNIHDR hdr_user_name; /* username unicode string header */
- UNIHDR hdr_full_name; /* user's full name unicode string header */
- UNIHDR hdr_logon_script; /* logon script unicode string header */
- UNIHDR hdr_profile_path; /* profile path unicode string header */
- UNIHDR hdr_home_dir; /* home directory unicode string header */
- UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
-
- uint16 logon_count; /* logon count */
- uint16 bad_pw_count; /* bad password count */
-
- uint32 user_id; /* User ID */
- uint32 group_id; /* Group ID */
- uint32 num_groups; /* num groups */
- uint32 buffer_groups; /* undocumented buffer pointer to groups. */
- uint32 user_flgs; /* user flags */
-
- char user_sess_key[16]; /* unused user session key */
-
- UNIHDR hdr_logon_srv; /* logon server unicode string header */
- UNIHDR hdr_logon_dom; /* logon domain unicode string header */
-
- uint32 buffer_dom_id; /* undocumented logon domain id pointer */
- char padding[40]; /* unused padding bytes. expansion room */
-
- uint32 num_other_sids; /* 0 - num_sids */
- uint32 buffer_other_sids; /* NULL - undocumented pointer to SIDs. */
-
- UNISTR2 uni_user_name; /* username unicode string */
- UNISTR2 uni_full_name; /* user's full name unicode string */
- UNISTR2 uni_logon_script; /* logon script unicode string */
- UNISTR2 uni_profile_path; /* profile path unicode string */
- UNISTR2 uni_home_dir; /* home directory unicode string */
- UNISTR2 uni_dir_drive; /* home directory drive unicode string */
-
- uint32 num_groups2; /* num groups */
- DOM_GID gids[LSA_MAX_GROUPS]; /* group info */
-
- UNISTR2 uni_logon_srv; /* logon server unicode string */
- UNISTR2 uni_logon_dom; /* logon domain unicode string */
-
- DOM_SID dom_sid; /* domain SID */
- DOM_SID other_sids[LSA_MAX_SIDS]; /* undocumented - domain SIDs */
-
-} LSA_USER_INFO;
-
-
-/* LSA_Q_SAM_LOGON */
-typedef struct lsa_q_sam_logon_info
-{
- DOM_SAM_INFO sam_id;
-
-} LSA_Q_SAM_LOGON;
-
-/* LSA_R_SAM_LOGON */
-typedef struct lsa_r_sam_logon_info
-{
- uint32 buffer_creds; /* undocumented buffer pointer */
- DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
-
- uint16 switch_value; /* 3 - indicates type of USER INFO */
- LSA_USER_INFO *user;
-
- uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
-
- uint32 status; /* return code */
-
-} LSA_R_SAM_LOGON;
-
-
-/* LSA_Q_SAM_LOGOFF */
-typedef struct lsa_q_sam_logoff_info
-{
- DOM_SAM_INFO sam_id;
-
-} LSA_Q_SAM_LOGOFF;
-
-/* LSA_R_SAM_LOGOFF */
-typedef struct lsa_r_sam_logoff_info
-{
- uint32 buffer_creds; /* undocumented buffer pointer */
- DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
-
- uint32 status; /* return code */
-
-} LSA_R_SAM_LOGOFF;
-
-
-/* SH_INFO_1 (pointers to level 1 share info strings) */
-typedef struct ptr_share_info1
-{
- uint32 ptr_netname; /* pointer to net name. */
- uint32 type; /* type of share. 0 - undocumented. */
- uint32 ptr_remark; /* pointer to comment. */
-
-} SH_INFO_1;
-
-/* SH_INFO_1_STR (level 1 share info strings) */
-typedef struct str_share_info1
-{
- UNISTR2 uni_netname; /* unicode string of net name */
- UNISTR2 uni_remark; /* unicode string of comment. */
-
-} SH_INFO_1_STR;
-
-/* oops - this is going to take up a *massive* amount of stack. */
-/* the UNISTR2s already have 1024 uint16 chars in them... */
-#define MAX_SHARE_ENTRIES 32
-
-/* SHARE_INFO_1_CONTAINER */
-typedef struct share_info_ctr
-{
- uint32 num_entries_read; /* EntriesRead */
- uint32 ptr_share_info; /* Buffer */
- uint32 num_entries_read2; /* EntriesRead */
- SH_INFO_1 info_1 [MAX_SHARE_ENTRIES]; /* share entry pointers */
- SH_INFO_1_STR info_1_str[MAX_SHARE_ENTRIES]; /* share entry strings */
- uint32 num_entries_read3; /* EntriesRead2 */
- uint32 padding; /* padding */
-
-} SHARE_INFO_1_CTR;
-
-
-/* SRV_Q_NET_SHARE_ENUM */
-typedef struct q_net_share_enum_info
-{
- uint32 ptr_srv_name; /* pointer (to server name?) */
- UNISTR2 uni_srv_name; /* server name */
-
- uint32 share_level; /* share level */
- uint32 switch_value; /* switch value */
-
- uint32 ptr_share_info; /* pointer to SHARE_INFO_1_CTR */
-
- union
- {
- SHARE_INFO_1_CTR info1; /* share info with 0 entries */
-
- } share;
-
- uint32 preferred_len; /* preferred maximum length (0xffff ffff) */
-
-} SRV_Q_NET_SHARE_ENUM;
-
-
-/* SRV_R_NET_SHARE_ENUM */
-typedef struct r_net_share_enum_info
-{
- uint32 share_level; /* share level */
- uint32 switch_value; /* switch value */
-
- uint32 ptr_share_info; /* pointer to SHARE_INFO_1_CTR */
- union
- {
- SHARE_INFO_1_CTR info1; /* share info container */
-
- } share;
-
- uint32 status; /* return status */
-
-} SRV_R_NET_SHARE_ENUM;
-
-
-/* SAMR_Q_CLOSE - probably a policy handle close */
-typedef struct q_samr_close_info
-{
- LSA_POL_HND pol; /* policy handle */
-
-} SAMR_Q_CLOSE;
-
-
-/* SAMR_R_CLOSE - probably a policy handle close */
-typedef struct r_samr_close_info
-{
- LSA_POL_HND pol; /* policy handle */
- uint32 status; /* return status */
-
-} SAMR_R_CLOSE;
-
-
-/****************************************************************************
-SAMR_Q_OPEN_SECRET - unknown_0 values seen associated with SIDs:
-
-0x0000 0200 and a specific domain sid - S-1-5-21-44c01ca6-797e5c3d-33f83fd0
-0x0000 0280 and a well-known domain sid - S-1-5-20
-0x2000 0000 and a well-known domain sid - S-1-5-20
-0x2000 0000 and a specific domain sid - S-1-5-21-44c01ca6-797e5c3d-33f83fd0
-*****************************************************************************/
-
-/* SAMR_Q_OPEN_SECRET - probably an open secret */
-typedef struct q_samr_open_secret_info
-{
- LSA_POL_HND pol; /* policy handle */
- uint32 unknown_0; /* 0x2000 0000; 0x0000 0211; 0x0000 0280; 0x0000 0200 - unknown */
- DOM_SID dom_sid; /* domain SID */
-
-} SAMR_Q_OPEN_SECRET;
-
-
-/* SAMR_R_OPEN_SECRET - probably an open */
-typedef struct r_samr_open_secret_info
-{
- LSA_POL_HND pol; /* policy handle associated with the SID */
- uint32 status; /* return status */
-
-} SAMR_R_OPEN_SECRET;
-
-
-/****************************************************************************
-SAMR_Q_LOOKUP_RIDS - do a conversion (only one!) from name to RID.
-
-the policy handle allocated by an "samr open secret" call is associated
-with a SID. this policy handle is what is queried here, *not* the SID
-itself. the response to the lookup rids is relative to this SID.
-*****************************************************************************/
-/* SAMR_Q_LOOKUP_RIDS - probably a "read SAM entry" */
-typedef struct q_samr_lookup_names_info
-{
- LSA_POL_HND pol; /* policy handle */
-
- uint32 num_rids1; /* 1 - number of rids being looked up */
- uint32 rid; /* 0000 03e8 - RID of the server being queried? */
- uint32 ptr; /* 0 - 32 bit unknown */
- uint32 num_rids2; /* 1 - number of rids being looked up */
-
- UNIHDR hdr_mach_acct; /* unicode machine account name header */
- UNISTR2 uni_mach_acct; /* unicode machine account name */
-
-} SAMR_Q_LOOKUP_RIDS;
-
-
-/* SAMR_R_LOOKUP_RIDS - probably an open */
-typedef struct r_samr_lookup_names_info
-{
- uint32 num_entries;
- uint32 undoc_buffer; /* undocumented buffer pointer */
-
- uint32 num_entries2;
- DOM_RID3 dom_rid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */
-
- uint32 num_entries3;
-
- uint32 status; /* return code */
-
-} SAMR_R_LOOKUP_RIDS;
-
-
-/* SAMR_Q_UNKNOWN_22 - probably an open */
-typedef struct q_samr_unknown_22_info
-{
- LSA_POL_HND pol; /* policy handle */
- uint32 unknown_id_0; /* 0x0000 03E8 - 32 bit unknown id */
-
-} SAMR_Q_UNKNOWN_22;
-
-
-/* SAMR_R_UNKNOWN_22 - probably an open */
-typedef struct r_samr_unknown_22_info
-{
- LSA_POL_HND pol; /* policy handle associated with unknown id */
- uint32 status; /* return status */
-
-} SAMR_R_UNKNOWN_22;
-
-
-/* SAMR_Q_UNKNOWN_24 - probably a get sam info */
-typedef struct q_samr_unknown_24_info
-{
- LSA_POL_HND pol; /* policy handle associated with unknown id */
- uint16 unknown_0; /* 0x0015 or 0x0011 - 16 bit unknown */
-
-} SAMR_Q_UNKNOWN_24;
-
-
-/* SAMR_R_UNKNOWN_24 - probably a get sam info */
-typedef struct r_samr_unknown_24_info
-{
- uint32 ptr; /* pointer */
- uint16 unknown_0; /* 0x0015 or 0x0011 - 16 bit unknown (same as above) */
- uint16 unknown_1; /* 0x8b73 - 16 bit unknown */
- uint8 padding_0[16]; /* 0 - padding 16 bytes */
- NTTIME expiry; /* expiry time or something? */
- uint8 padding_1[24]; /* 0 - padding 24 bytes */
-
- UNIHDR hdr_mach_acct; /* unicode header for machine account */
- uint32 padding_2; /* 0 - padding 4 bytes */
-
- uint32 ptr_1; /* pointer */
- uint8 padding_3[32]; /* 0 - padding 32 bytes */
- uint32 padding_4; /* 0 - padding 4 bytes */
-
- uint32 ptr_2; /* pointer */
- uint32 padding_5; /* 0 - padding 4 bytes */
-
- uint32 ptr_3; /* pointer */
- uint8 padding_6[32]; /* 0 - padding 32 bytes */
-
- uint32 unknown_id_0; /* unknown id associated with policy handle */
- uint16 unknown_2; /* 0x0201 - 16 bit unknown */
- uint32 unknown_3; /* 0x0000 0080 - 32 bit unknown */
- uint16 unknown_4; /* 0x003f - 16 bit unknown */
- uint16 unknown_5; /* 0x003c - 16 bit unknown */
-
- uint8 padding_7[16]; /* 0 - padding 16 bytes */
- uint32 padding_8; /* 0 - padding 4 bytes */
-
- UNISTR2 uni_mach_acct; /* unicode string for machine account */
-
- uint8 padding_9[48]; /* 0 - padding 48 bytes */
-
- uint32 status; /* return status */
-
-} SAMR_R_UNKNOWN_24;
-
-
-/* SAMR_Q_UNKNOWN_32 - probably a "create SAM entry" */
-typedef struct q_samr_unknown_32_info
-{
- LSA_POL_HND pol; /* policy handle */
-
- UNIHDR hdr_mach_acct; /* unicode machine account name header */
- UNISTR2 uni_mach_acct; /* unicode machine account name */
-
- uint32 unknown_0; /* 32 bit unknown */
- uint16 unknown_1; /* 16 bit unknown */
- uint16 unknown_2; /* 16 bit unknown */
-
-} SAMR_Q_UNKNOWN_32;
-
-
-/* SAMR_R_UNKNOWN_32 - probably a "create SAM entry" */
-typedef struct r_samr_unknown_32_info
-{
- LSA_POL_HND pol; /* policy handle */
- uint32 unknown_0; /* 0x0000 0030 - 32 bit unknown */
- uint32 padding; /* 0 - 4 byte padding */
-
- uint32 status; /* return status - 0xC000 0099: user exists */
-
-} SAMR_R_UNKNOWN_32;
-
-
-/* SAMR_Q_OPEN_POLICY - probably an open */
-typedef struct q_samr_open_policy_info
-{
- uint32 ptr_srv_name; /* pointer (to server name?) */
- UNISTR2 uni_srv_name; /* unicode server name starting with '\\' */
-
- uint32 unknown_0; /* 32 bit unknown */
-
-} SAMR_Q_OPEN_POLICY;
-
-
-/* SAMR_R_OPEN_POLICY - probably an open */
-typedef struct r_samr_open_policy_info
-{
- LSA_POL_HND pol; /* policy handle */
- uint32 status; /* return status */
-
-} SAMR_R_OPEN_POLICY;
-
-
-/* WKS_Q_UNKNOWN_0 - probably a capabilities request */
-typedef struct q_wks_unknown_0_info
-{
- uint32 ptr_srv_name; /* pointer (to server name?) */
- UNISTR2 uni_srv_name; /* unicode server name starting with '\\' */
-
- uint32 unknown_0; /* 0x64 - 32 bit unknown */
- uint16 unknown_1; /* 16 bit unknown */
-
-} WKS_Q_UNKNOWN_0;
-
-
-/* WKS_R_UNKNOWN_0 - probably a capabilities request */
-typedef struct r_wks_unknown_0_info
-{
- uint32 unknown_0; /* 64 - unknown */
- uint32 ptr_1; /* pointer 1 */
- uint32 unknown_1; /* 0x0000 01f4 - unknown */
- uint32 ptr_srv_name; /* pointer to server name */
- uint32 ptr_dom_name; /* pointer to domain name */
- uint32 unknown_2; /* 4 - unknown */
- uint32 unknown_3; /* 0 - unknown */
-
- UNISTR2 uni_srv_name; /* unicode server name */
- UNISTR2 uni_dom_name; /* unicode domainn name */
- uint32 status; /* return status */
-
-} WKS_R_UNKNOWN_0;
-
+/* Allowable account control bits */
+#define ACB_DISABLED 0x0001 /* 1 = User account disabled */
+#define ACB_HOMDIRREQ 0x0002 /* 1 = Home directory required */
+#define ACB_PWNOTREQ 0x0004 /* 1 = User password not required */
+#define ACB_TEMPDUP 0x0008 /* 1 = Temporary duplicate account */
+#define ACB_NORMAL 0x0010 /* 1 = Normal user account */
+#define ACB_MNS 0x0020 /* 1 = MNS logon user account */
+#define ACB_DOMTRUST 0x0040 /* 1 = Interdomain trust account */
+#define ACB_WSTRUST 0x0080 /* 1 = Workstation trust account */
+#define ACB_SVRTRUST 0x0100 /* 1 = Server trust account */
+#define ACB_PWNOEXP 0x0200 /* 1 = User password does not expire */
+#define ACB_AUTOLOCK 0x0400 /* 1 = Account auto locked */
+
struct smb_passwd
{
int smb_userid;
unsigned char *smb_passwd; /* Null if no password */
unsigned char *smb_nt_passwd; /* Null if no password */
/* Other fields / flags may be added later */
+ uint16 acct_ctrl;
};
struct cli_state {
} connection_struct;
+/* DOM_CHAL - challenge info */
+typedef struct chal_info
+{
+ uchar data[8]; /* credentials */
+} DOM_CHAL;
+
+/* DOM_CREDs - timestamped client or server credentials */
+typedef struct cred_info
+{
+ DOM_CHAL challenge; /* credentials */
+ UTIME timestamp; /* credential time-stamp */
+
+} DOM_CRED;
+
/* Domain controller authentication protocol info */
struct dcinfo
{
#define BROWSER_ELECTION_VERSION 0x010f
#define BROWSER_CONSTANT 0xaa55
+/* NT Flags2 bits - cifs6.txt section 3.1.2 */
+
+#define FLAGS2_LONG_PATH_COMPONENTS 0x0001
+#define FLAGS2_EXTENDED_ATTRIBUTES 0x0002
+#define FLAGS2_DFS_PATHNAMES 0x1000
+#define FLAGS2_READ_PERMIT_NO_EXECUTE 0x2000
+#define FLAGS2_32_BIT_ERROR_CODES 0x4000
+#define FLAGS2_UNICODE_STRINGS 0x8000
/* Capabilities. see ftp.microsoft.com/developr/drg/cifs/cifs/cifs4.txt */
#define UID_FIELD_INVALID 0
#define VUID_OFFSET 100 /* Amount to bias returned vuid numbers */
-#endif
-
/* Defines needed for multi-codepage support. */
#define MSDOS_LATIN_1_CODEPAGE 850
#define KANJI_CODEPAGE 932
#define CMD_REPLY 0x8000
+#endif /* _SMB_H */
+
+#include "ntdomain.h"
+
/* _SMB_H */
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ Samba memory buffer functions
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+/*******************************************************************
+ *
+ * Description: memory buffer / stream management.
+ * Author : Luke K C Leighton
+ * Created : Dec 1997
+ *
+
+ * this module is intended for use in streaming data in and out of
+ * buffers. it is intended that a single data stream be subdivided
+ * into manageable sections.
+
+ * for example, an rpc header contains a length field, but until the
+ * data has been created, the length is unknown. using this module,
+ * the header section can be tacked onto the front of the data memory
+ * list once the size of the data section preceding it is known.
+
+ * the "margin" can be used to over-run and retrospectively lengthen
+ * the buffer. this is to save time in some of the loops, where it is
+ * not particularly desirable to realloc data by 1, 2 or 4 bytes
+ * repetitively...
+
+ * each memory buffer contains a start and end offset. the end of
+ * one buffer should equal to the start of the next in the chain.
+ * (end - start = len, instead of end - start + 1 = len)
+
+ * the debug log levels are very high in some of the routines: you
+ * have no idea how boring it gets staring at debug output from these
+
+ ********************************************************************/
+
+
+#include "includes.h"
+
+extern int DEBUGLEVEL;
+
+/*******************************************************************
+ initialise a memory buffer.
+ ********************************************************************/
+void mem_init(struct mem_buf *buf, int margin)
+{
+ buf->dynamic = True;
+ buf->data = NULL;
+ buf->data_size = 0;
+ buf->data_used = 0;
+
+ buf->margin = margin;
+
+ buf->next = NULL;
+
+ buf->offset.start = 0;
+ buf->offset.end = 0;
+}
+
+/*******************************************************************
+ initialise a memory buffer.
+
+ dynamic indicates memory has been dynamically allocated.
+ if mem_free is called, the memory will be freed.
+ ********************************************************************/
+void mem_create(struct mem_buf *buf, char *data, int size, int margin, BOOL dynamic)
+{
+ buf->dynamic = dynamic;
+ buf->data = data;
+ buf->data_size = size;
+ buf->data_used = size;
+
+ buf->margin = margin;
+
+ buf->next = NULL;
+
+ buf->offset.start = 0;
+ buf->offset.end = size;
+}
+
+/*******************************************************************
+ takes a memory buffer out of one structure: puts it in the other.
+ NULLs the one that the buffer is being stolen from.
+ ********************************************************************/
+void mem_take(struct mem_buf *mem_to, struct mem_buf *mem_from)
+{
+ memcpy(mem_to, mem_from, sizeof(*mem_to));
+
+ mem_init(mem_from, mem_from->margin);
+}
+
+/*******************************************************************
+ allocate a memory buffer. assume it's empty
+ ********************************************************************/
+BOOL mem_alloc_data(struct mem_buf *buf, int size)
+{
+ if (!buf->dynamic)
+ {
+ DEBUG(3,("mem_alloc_data: warning - memory buffer type is set to static\n"));
+ }
+
+ buf->data_size = size + buf->margin;
+ buf->data_used = size;
+
+ buf->data = malloc(buf->data_size);
+
+ if (buf->data == NULL)
+ {
+ DEBUG(3,("mem_alloc: could not malloc size %d\n",
+ buf->data_size));
+ mem_init(buf, buf->margin);
+
+ return False;
+ }
+
+ bzero(buf->data, buf->data_size);
+
+ return True;
+}
+
+/*******************************************************************
+ allocates a memory buffer structure
+ ********************************************************************/
+BOOL mem_buf_copy(char *copy_into, struct mem_buf *buf,
+ uint32 offset, uint32 len)
+{
+ uint32 end = offset + len;
+ char *q = NULL;
+ uint32 data_len = mem_buf_len(buf);
+ uint32 start_offset = offset;
+ struct mem_buf **bcp = &buf;
+
+ if (buf == NULL || copy_into == NULL) return False;
+
+ DEBUG(200,("mem_buf_copy: data[%d..%d] offset %d len %d\n",
+ buf->offset.start, data_len, offset, len));
+
+ /* there's probably an off-by-one bug, here, and i haven't even tested the code :-) */
+ while (offset < end && ((q = mem_data(bcp, offset)) != NULL))
+ {
+ uint32 copy_len = (*bcp)->offset.end - offset;
+
+ DEBUG(200,("\tdata[%d..%d] - offset %d len %d\n",
+ (*bcp)->offset.start, (*bcp)->offset.end,
+ offset, copy_len));
+
+ memcpy(copy_into, q, copy_len);
+
+ offset += copy_len;
+ copy_into += copy_len;
+ }
+
+ if ((*bcp) != NULL)
+ {
+ DEBUG(200,("mem_buf_copy: copied %d bytes\n", offset - start_offset));
+ }
+ else
+ {
+ DEBUG(200,("mem_buf_copy: failed\n"));
+ }
+
+ return buf != NULL;
+}
+
+/*******************************************************************
+ allocates a memory buffer structure
+ ********************************************************************/
+BOOL mem_buf_init(struct mem_buf **buf, uint32 margin)
+{
+ if (buf == NULL) return False;
+
+ if ((*buf) == NULL)
+ {
+ (*buf) = malloc(sizeof(**buf));
+ if ((*buf) != NULL)
+ {
+ mem_init((*buf), margin);
+ return True;
+ }
+ }
+ else
+ {
+ (*buf)->margin = margin;
+ return True;
+ }
+ return False;
+}
+
+/*******************************************************************
+ frees up a memory buffer.
+ ********************************************************************/
+void mem_buf_free(struct mem_buf **buf)
+{
+ if (buf == NULL) return;
+ if ((*buf) == NULL) return;
+
+ mem_free_data(*buf); /* delete memory data */
+ free(*buf); /* delete item */
+ (*buf) = NULL;
+}
+
+/*******************************************************************
+ frees a memory buffer chain. assumes that all items are malloced.
+ ********************************************************************/
+void mem_free_chain(struct mem_buf **buf)
+{
+ if (buf == NULL) return;
+ if ((*buf) == NULL) return;
+
+ if ((*buf)->next != NULL)
+ {
+ mem_free_chain(&((*buf)->next)); /* delete all other items in chain */
+ }
+ mem_buf_free(buf);
+}
+
+/*******************************************************************
+ frees a memory buffer.
+ ********************************************************************/
+void mem_free_data(struct mem_buf *buf)
+{
+ if (buf == NULL) return;
+
+ if (buf->data != NULL && buf->dynamic)
+ {
+ free(buf->data); /* delete data in this structure */
+ }
+ mem_init(buf, buf->margin);
+}
+
+/*******************************************************************
+ reallocate a memory buffer, including a safety margin
+ ********************************************************************/
+BOOL mem_realloc_data(struct mem_buf *buf, int new_size)
+{
+ char *new_data;
+
+ if (!buf->dynamic)
+ {
+ DEBUG(3,("mem_realloc_data: memory buffer has not been dynamically allocated!\n"));
+ return False;
+ }
+
+ if (new_size == 0)
+ {
+ mem_free_data(buf);
+ return True;
+ }
+
+ new_data = Realloc(buf->data, new_size + buf->margin);
+
+ if (new_data != NULL)
+ {
+ buf->data = new_data;
+ buf->data_size = new_size + buf->margin;
+ buf->data_used = new_size;
+ }
+ else if (buf->data_size <= new_size)
+ {
+ DEBUG(3,("mem_realloc: warning - could not realloc to %d(+%d)\n",
+ new_size, buf->margin));
+
+ buf->data_used = new_size;
+ }
+ else
+ {
+ DEBUG(3,("mem_realloc: error - could not realloc to %d\n",
+ new_size));
+
+ mem_free_data(buf);
+ return False;
+ }
+
+ return True;
+}
+
+/*******************************************************************
+ reallocate a memory buffer, retrospectively :-)
+ ********************************************************************/
+BOOL mem_grow_data(struct mem_buf **buf, BOOL io, int new_size)
+{
+ if (new_size + (*buf)->margin >= (*buf)->data_size)
+ {
+ if (io)
+ {
+ DEBUG(3,("mem_grow_data: cannot resize when reading from a data stream\n"));
+ }
+ else
+ {
+ return mem_realloc_data((*buf), new_size);
+ return False;
+ }
+ }
+ return True;
+}
+
+/*******************************************************************
+ search for a memory buffer that falls within the specified offset
+ ********************************************************************/
+BOOL mem_find(struct mem_buf **buf, uint32 offset)
+{
+ struct mem_buf *f;
+ if (buf == NULL) return False;
+
+ f = *buf;
+
+ DEBUG(200,("mem_find: data[%d..%d] offset: %d\n",
+ f->offset.start, f->offset.end, offset));
+
+ while (f != NULL && offset >= f->offset.end)
+ {
+ f = f->next;
+
+ DEBUG(200,("mem_find: next[%d..%d]\n",
+ f->offset.start, f->offset.end));
+ }
+
+ (*buf) = f;
+
+ DEBUG(200,("mem_find: found data[%d..%d]\n",
+ (*buf)->offset.start,(*buf)->offset.end));
+
+ return f != NULL;
+}
+
+
+/*******************************************************************
+ add up the lengths of all sections.
+ ********************************************************************/
+uint32 mem_buf_len(struct mem_buf *buf)
+{
+ int len = 0;
+ while (buf != NULL)
+ {
+ len += buf->offset.end - buf->offset.start;
+ buf = buf->next;
+ }
+ return len;
+}
+
+
+/*******************************************************************
+ return the memory location specified by offset. may return NULL.
+ ********************************************************************/
+char *mem_data(struct mem_buf **buf, uint32 offset)
+{
+ if (mem_find(buf, offset))
+ {
+ return &((*buf)->data[offset - (*buf)->offset.start]);
+ }
+ return NULL;
+}
+
+
return spaces;
}
+/*****************************************************************
+ Convert a domain SID to an ascii string. (non-reentrant).
+*****************************************************************/
+/* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
+char *dom_sid_to_string(DOM_SID *sid)
+{
+ static pstring sidstr;
+ char subauth[16];
+ int i;
+ uint32 ia = (sid->id_auth[5]) +
+ (sid->id_auth[4] << 8 ) +
+ (sid->id_auth[3] << 16) +
+ (sid->id_auth[2] << 24);
+
+ sprintf(sidstr, "S-%d-%d", sid->sid_rev_num, ia);
+
+ for (i = 0; i < sid->num_auths; i++)
+ {
+ sprintf(subauth, "-%d", sid->sub_auths[i]);
+ strcat(sidstr, subauth);
+ }
+
+ DEBUG(7,("dom_sid_to_string returning %s\n", sidstr));
+ return sidstr;
+}
--- /dev/null
+
+/*
+ * Unix SMB/Netbios implementation.
+ * Version 1.9.
+ * RPC Pipe client / server routines
+ * Copyright (C) Andrew Tridgell 1992-1997,
+ * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+
+#include "includes.h"
+
+
+extern int DEBUGLEVEL;
+
+#ifndef MAX_OPEN_POLS
+#define MAX_OPEN_POLS 50
+#endif
+
+struct reg_info
+{
+ /* for use by \PIPE\winreg */
+ fstring name; /* name of registry key */
+};
+
+struct samr_info
+{
+ /* for use by the \PIPE\samr policy */
+ DOM_SID sid;
+ uint32 rid; /* relative id associated with the pol_hnd */
+ uint32 status; /* some sort of flag. best to record it. comes from opnum 0x39 */
+};
+
+static struct
+{
+ BOOL open;
+ POLICY_HND pol_hnd;
+
+ union
+ {
+ struct samr_info samr;
+ struct reg_info reg;
+
+ } dev;
+
+} Policy[MAX_OPEN_POLS];
+
+
+#define VALID_POL(pnum) (((pnum) >= 0) && ((pnum) < MAX_OPEN_POLS))
+#define OPEN_POL(pnum) (VALID_POL(pnum) && Policy[pnum].open)
+
+/****************************************************************************
+ create a unique policy handle
+****************************************************************************/
+void create_pol_hnd(POLICY_HND *hnd)
+{
+ static uint32 pol_hnd_low = 0;
+ static uint32 pol_hnd_high = 0;
+
+ if (hnd == NULL) return;
+
+ /* i severely doubt that pol_hnd_high will ever be non-zero... */
+ pol_hnd_low++;
+ if (pol_hnd_low == 0) pol_hnd_high++;
+
+ SIVAL(hnd->data, 0 , 0x0); /* first bit must be null */
+ SIVAL(hnd->data, 4 , pol_hnd_low ); /* second bit is incrementing */
+ SIVAL(hnd->data, 8 , pol_hnd_high); /* second bit is incrementing */
+ SIVAL(hnd->data, 12, time(NULL)); /* something random */
+ SIVAL(hnd->data, 16, getpid()); /* something more random */
+}
+
+/****************************************************************************
+ initialise policy handle states...
+****************************************************************************/
+void init_lsa_policy_hnd(void)
+{
+ int i;
+ for (i = 0; i < MAX_OPEN_POLS; i++)
+ {
+ Policy[i].open = False;
+ }
+
+ return;
+}
+
+/****************************************************************************
+ find first available policy slot. creates a policy handle for you.
+****************************************************************************/
+BOOL open_lsa_policy_hnd(POLICY_HND *hnd)
+{
+ int i;
+
+ for (i = 0; i < MAX_OPEN_POLS; i++)
+ {
+ if (!Policy[i].open)
+ {
+ Policy[i].open = True;
+
+ create_pol_hnd(hnd);
+ memcpy(&(Policy[i].pol_hnd), hnd, sizeof(*hnd));
+
+ DEBUG(4,("Opened policy hnd[%x] ", i));
+ dump_data(4, hnd->data, sizeof(hnd->data));
+
+ return True;
+ }
+ }
+
+ /* i love obscure error messages. */
+#if TERRY_PRATCHET_INTERESTING_TIMES
+ DEBUG(1,("+++ OUT OF CHEESE ERROR +++ REDO FROM START ... @?!*@@\n"));
+#else
+ DEBUG(1,("ERROR - open_lsa_policy_hnd: out of Policy Handles!\n"));
+#endif
+
+ return False;
+}
+
+/****************************************************************************
+ find policy index by handle
+****************************************************************************/
+int find_lsa_policy_by_hnd(POLICY_HND *hnd)
+{
+ int i;
+
+ for (i = 0; i < MAX_OPEN_POLS; i++)
+ {
+ if (memcmp(&(Policy[i].pol_hnd), hnd, sizeof(*hnd)) == 0)
+ {
+ DEBUG(4,("Found policy hnd[%x] ", i));
+ dump_data(4, hnd->data, sizeof(hnd->data));
+
+ return i;
+ }
+ }
+
+ DEBUG(4,("Policy not found: "));
+ dump_data(4, hnd->data, sizeof(hnd->data));
+
+ return -1;
+}
+
+/****************************************************************************
+ set samr rid
+****************************************************************************/
+BOOL set_lsa_policy_samr_rid(POLICY_HND *hnd, uint32 rid)
+{
+ int pnum = find_lsa_policy_by_hnd(hnd);
+
+ if (OPEN_POL(pnum))
+ {
+ DEBUG(3,("%s Setting policy device rid=%x pnum=%x\n",
+ timestring(), rid, pnum));
+
+ Policy[pnum].dev.samr.rid = rid;
+ return True;
+ }
+ else
+ {
+ DEBUG(3,("%s Error setting policy rid=%x (pnum=%x)\n",
+ timestring(), rid, pnum));
+ return False;
+ }
+}
+
+/****************************************************************************
+ set samr pol status. absolutely no idea what this is.
+****************************************************************************/
+BOOL set_lsa_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status)
+{
+ int pnum = find_lsa_policy_by_hnd(hnd);
+
+ if (OPEN_POL(pnum))
+ {
+ DEBUG(3,("%s Setting policy status=%x pnum=%x\n",
+ timestring(), pol_status, pnum));
+
+ Policy[pnum].dev.samr.status = pol_status;
+ return True;
+ }
+ else
+ {
+ DEBUG(3,("%s Error setting policy status=%x (pnum=%x)\n",
+ timestring(), pol_status, pnum));
+ return False;
+ }
+}
+
+/****************************************************************************
+ set samr sid
+****************************************************************************/
+BOOL set_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid)
+{
+ int pnum = find_lsa_policy_by_hnd(hnd);
+
+ if (OPEN_POL(pnum))
+ {
+ DEBUG(3,("%s Setting policy sid=%s pnum=%x\n",
+ timestring(), dom_sid_to_string(sid), pnum));
+
+ memcpy(&(Policy[pnum].dev.samr.sid), sid, sizeof(*sid));
+ return True;
+ }
+ else
+ {
+ DEBUG(3,("%s Error setting policy sid=%s (pnum=%x)\n",
+ timestring(), dom_sid_to_string(sid), pnum));
+ return False;
+ }
+}
+
+/****************************************************************************
+ set samr rid
+****************************************************************************/
+uint32 get_lsa_policy_samr_rid(POLICY_HND *hnd)
+{
+ int pnum = find_lsa_policy_by_hnd(hnd);
+
+ if (OPEN_POL(pnum))
+ {
+ uint32 rid = Policy[pnum].dev.samr.rid;
+ DEBUG(3,("%s Getting policy device rid=%x pnum=%x\n",
+ timestring(), rid, pnum));
+
+ return rid;
+ }
+ else
+ {
+ DEBUG(3,("%s Error getting policy (pnum=%x)\n",
+ timestring(), pnum));
+ return 0xffffffff;
+ }
+}
+
+/****************************************************************************
+ set reg name
+****************************************************************************/
+BOOL set_lsa_policy_reg_name(POLICY_HND *hnd, fstring name)
+{
+ int pnum = find_lsa_policy_by_hnd(hnd);
+
+ if (OPEN_POL(pnum))
+ {
+ DEBUG(3,("%s Setting policy pnum=%x name=%s\n",
+ timestring(), pnum, name));
+
+ fstrcpy(Policy[pnum].dev.reg.name, name);
+ return True;
+ }
+ else
+ {
+ DEBUG(3,("%s Error setting policy (pnum=%x) name=%s\n",
+ timestring(), pnum, name));
+ return False;
+ }
+}
+
+/****************************************************************************
+ get reg name
+****************************************************************************/
+BOOL get_lsa_policy_reg_name(POLICY_HND *hnd, fstring name)
+{
+ int pnum = find_lsa_policy_by_hnd(hnd);
+
+ if (OPEN_POL(pnum))
+ {
+ fstrcpy(name, Policy[pnum].dev.reg.name);
+
+ DEBUG(3,("%s Getting policy pnum=%x name=%s\n",
+ timestring(), pnum, name));
+
+ return True;
+ }
+ else
+ {
+ DEBUG(3,("%s Error getting policy (pnum=%x)\n",
+ timestring(), pnum));
+ return False;
+ }
+}
+
+/****************************************************************************
+ close an lsa policy
+****************************************************************************/
+BOOL close_lsa_policy_hnd(POLICY_HND *hnd)
+{
+ int pnum = find_lsa_policy_by_hnd(hnd);
+
+ if (OPEN_POL(pnum))
+ {
+ DEBUG(3,("%s Closed policy name pnum=%x\n", timestring(), pnum));
+ Policy[pnum].open = False;
+ return True;
+ }
+ else
+ {
+ DEBUG(3,("%s Error closing policy pnum=%x\n", timestring(), pnum));
+ return False;
+ }
+}
+
--- /dev/null
+
+/*
+ * Unix SMB/Netbios implementation.
+ * Version 1.9.
+ * RPC Pipe client / server routines
+ * Copyright (C) Andrew Tridgell 1992-1997,
+ * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
+ * Copyright (C) Paul Ashton 1997.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+
+#include "includes.h"
+#include "nterr.h"
+
+extern int DEBUGLEVEL;
+
+
+/***************************************************************************
+lsa_reply_open_policy
+ ***************************************************************************/
+static void lsa_reply_open_policy(prs_struct *rdata)
+{
+ int i;
+ LSA_R_OPEN_POL r_o;
+
+ /* set up the LSA QUERY INFO response */
+ bzero(&(r_o.pol.data), POL_HND_SIZE);
+ for (i = 4; i < POL_HND_SIZE; i++)
+ {
+ r_o.pol.data[i] = i;
+ }
+ r_o.status = 0x0;
+
+ /* store the response in the SMB stream */
+ lsa_io_r_open_pol("", &r_o, rdata, 0);
+}
+
+/***************************************************************************
+make_dom_query
+ ***************************************************************************/
+static void make_dom_query(DOM_QUERY *d_q, char *dom_name, char *dom_sid)
+{
+ int domlen = strlen(dom_name);
+
+ d_q->uni_dom_max_len = domlen * 2;
+ d_q->uni_dom_str_len = domlen * 2;
+
+ d_q->buffer_dom_name = 4; /* domain buffer pointer */
+ d_q->buffer_dom_sid = 2; /* domain sid pointer */
+
+ /* this string is supposed to be character short */
+ make_unistr2(&(d_q->uni_domain_name), dom_name, domlen);
+
+ make_dom_sid2(&(d_q->dom_sid), dom_sid);
+}
+
+/***************************************************************************
+lsa_reply_query_info
+ ***************************************************************************/
+static void lsa_reply_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
+ prs_struct *rdata,
+ uint32 enum_context, char *dom_name, char *dom_sid)
+{
+ LSA_R_ENUM_TRUST_DOM r_e;
+
+ /* set up the LSA QUERY INFO response */
+ make_r_enum_trust_dom(&r_e, enum_context, dom_name, dom_sid,
+ dom_name != NULL ? 0x0 : 0x80000000 | NT_STATUS_UNABLE_TO_FREE_VM);
+
+ /* store the response in the SMB stream */
+ lsa_io_r_enum_trust_dom("", &r_e, rdata, 0);
+}
+
+/***************************************************************************
+lsa_reply_query_info
+ ***************************************************************************/
+static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata,
+ char *dom_name, char *dom_sid)
+{
+ LSA_R_QUERY_INFO r_q;
+
+ /* set up the LSA QUERY INFO response */
+
+ r_q.undoc_buffer = 0x22000000; /* bizarre */
+ r_q.info_class = q_q->info_class;
+
+ make_dom_query(&r_q.dom.id5, dom_name, dom_sid);
+
+ r_q.status = 0x0;
+
+ /* store the response in the SMB stream */
+ lsa_io_r_query("", &r_q, rdata, 0);
+}
+
+/***************************************************************************
+make_dom_ref
+
+ pretty much hard-coded choice of "other" sids, unfortunately...
+
+ ***************************************************************************/
+static void make_dom_ref(DOM_R_REF *ref,
+ char *dom_name, char *dom_sid,
+ char *other_sid1, char *other_sid2, char *other_sid3)
+{
+ int len_dom_name = strlen(dom_name);
+ int len_other_sid1 = strlen(other_sid1);
+ int len_other_sid2 = strlen(other_sid2);
+ int len_other_sid3 = strlen(other_sid3);
+
+ ref->undoc_buffer = 1;
+ ref->num_ref_doms_1 = 4;
+ ref->buffer_dom_name = 1;
+ ref->max_entries = 32;
+ ref->num_ref_doms_2 = 4;
+
+ make_uni_hdr2(&(ref->hdr_dom_name ), len_dom_name , len_dom_name , 0);
+ make_uni_hdr2(&(ref->hdr_ref_dom[0]), len_other_sid1, len_other_sid1, 0);
+ make_uni_hdr2(&(ref->hdr_ref_dom[1]), len_other_sid2, len_other_sid2, 0);
+ make_uni_hdr2(&(ref->hdr_ref_dom[2]), len_other_sid3, len_other_sid3, 0);
+
+ if (dom_name != NULL)
+ {
+ make_unistr(&(ref->uni_dom_name), dom_name);
+ }
+
+ make_dom_sid2(&(ref->ref_dom[0]), dom_sid );
+ make_dom_sid2(&(ref->ref_dom[1]), other_sid1);
+ make_dom_sid2(&(ref->ref_dom[2]), other_sid2);
+ make_dom_sid2(&(ref->ref_dom[3]), other_sid3);
+}
+
+/***************************************************************************
+make_reply_lookup_rids
+ ***************************************************************************/
+static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
+ int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
+ char *dom_name, char *dom_sid,
+ char *other_sid1, char *other_sid2, char *other_sid3)
+{
+ int i;
+
+ make_dom_ref(&(r_l->dom_ref), dom_name, dom_sid,
+ other_sid1, other_sid2, other_sid3);
+
+ r_l->num_entries = num_entries;
+ r_l->undoc_buffer = 1;
+ r_l->num_entries2 = num_entries;
+
+ for (i = 0; i < num_entries; i++)
+ {
+ make_dom_rid2(&(r_l->dom_rid[i]), dom_rids[i]);
+ }
+
+ r_l->num_entries3 = num_entries;
+}
+
+/***************************************************************************
+make_lsa_trans_names
+ ***************************************************************************/
+static void make_lsa_trans_names(LSA_TRANS_NAME_ENUM *trn,
+ int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
+ uint32 *total)
+{
+ uint32 status = 0x0;
+ int i;
+ (*total) = 0;
+
+ for (i = 0; i < num_entries; i++)
+ {
+ uint32 rid = 0xffffffff;
+ uint8 num_auths = sid[i].sid.num_auths;
+ fstring name;
+ uint32 type;
+
+ trn->ptr_name[i] = 0;
+ trn->ptr_name[(*total)] = 0;
+
+ /* find the rid to look up */
+ if (num_auths != 0)
+ {
+ rid = sid[i].sid.sub_auths[num_auths-1];
+
+ status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
+
+ status = (status != 0x0) ? lookup_user_name (rid, name, &type) : status;
+ status = (status != 0x0) ? lookup_group_name(rid, name, &type) : status;
+ status = (status != 0x0) ? lookup_alias_name(rid, name, &type) : status;
+ }
+
+ if (status == 0x0)
+ {
+ trn->ptr_name[i] = 1;
+ make_lsa_trans_name(&(trn->name[(*total)]), type, name, (*total));
+ (*total)++;
+ }
+ }
+
+ trn->num_entries = (*total);
+ trn->ptr_trans_names = 1;
+ trn->num_entries2 = (*total);
+}
+
+/***************************************************************************
+make_reply_lookup_sids
+ ***************************************************************************/
+static void make_reply_lookup_sids(LSA_R_LOOKUP_SIDS *r_l,
+ DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *names,
+ uint32 mapped_count, uint32 status)
+{
+ r_l->dom_ref = ref;
+ r_l->names = names;
+ r_l->mapped_count = mapped_count;
+ r_l->status = status;
+}
+
+/***************************************************************************
+lsa_reply_lookup_sids
+ ***************************************************************************/
+static void lsa_reply_lookup_sids(prs_struct *rdata,
+ int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
+ char *dom_name, char *dom_sid,
+ char *other_sid1, char *other_sid2, char *other_sid3)
+{
+ LSA_R_LOOKUP_SIDS r_l;
+ DOM_R_REF ref;
+ LSA_TRANS_NAME_ENUM names;
+ uint32 mapped_count = 0;
+
+ /* set up the LSA Lookup SIDs response */
+ make_dom_ref(&ref, dom_name, dom_sid, other_sid1, other_sid2, other_sid3);
+ make_lsa_trans_names(&names, num_entries, sid, &mapped_count);
+ make_reply_lookup_sids(&r_l, &ref, &names, mapped_count, 0x0);
+
+ /* store the response in the SMB stream */
+ lsa_io_r_lookup_sids("", &r_l, rdata, 0);
+}
+
+/***************************************************************************
+lsa_reply_lookup_rids
+ ***************************************************************************/
+static void lsa_reply_lookup_rids(prs_struct *rdata,
+ int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
+ char *dom_name, char *dom_sid,
+ char *other_sid1, char *other_sid2, char *other_sid3)
+{
+ LSA_R_LOOKUP_RIDS r_l;
+
+ /* set up the LSA Lookup RIDs response */
+ make_reply_lookup_rids(&r_l, num_entries, dom_rids,
+ dom_name, dom_sid, other_sid1, other_sid2, other_sid3);
+ r_l.status = 0x0;
+
+ /* store the response in the SMB stream */
+ lsa_io_r_lookup_rids("", &r_l, rdata, 0);
+}
+
+/***************************************************************************
+api_lsa_open_policy
+ ***************************************************************************/
+static void api_lsa_open_policy( int uid, prs_struct *data,
+ prs_struct *rdata )
+{
+ LSA_Q_OPEN_POL q_o;
+
+ /* grab the server, object attributes and desired access flag...*/
+ lsa_io_q_open_pol("", &q_o, data, 0);
+
+ /* lkclXXXX having decoded it, ignore all fields in the open policy! */
+
+ /* return a 20 byte policy handle */
+ lsa_reply_open_policy(rdata);
+}
+
+/***************************************************************************
+api_lsa_enum_trust_dom
+ ***************************************************************************/
+static void api_lsa_enum_trust_dom( int uid, prs_struct *data,
+ prs_struct *rdata )
+{
+ LSA_Q_ENUM_TRUST_DOM q_e;
+
+ /* grab the enum trust domain context etc. */
+ lsa_io_q_enum_trust_dom("", &q_e, data, 0);
+
+ /* construct reply. return status is always 0x0 */
+ lsa_reply_enum_trust_dom(&q_e, rdata,
+ 0, NULL, NULL);
+}
+
+/***************************************************************************
+api_lsa_query_info
+ ***************************************************************************/
+static void api_lsa_query_info( int uid, prs_struct *data,
+ prs_struct *rdata )
+{
+ LSA_Q_QUERY_INFO q_i;
+ pstring dom_name;
+ pstring dom_sid;
+
+ /* grab the info class and policy handle */
+ lsa_io_q_query("", &q_i, data, 0);
+
+ pstrcpy(dom_name, lp_workgroup());
+ pstrcpy(dom_sid , lp_domain_sid());
+
+ /* construct reply. return status is always 0x0 */
+ lsa_reply_query_info(&q_i, rdata, dom_name, dom_sid);
+}
+
+/***************************************************************************
+api_lsa_lookup_sids
+ ***************************************************************************/
+static void api_lsa_lookup_sids( int uid, prs_struct *data,
+ prs_struct *rdata )
+{
+ LSA_Q_LOOKUP_SIDS q_l;
+ pstring dom_name;
+ pstring dom_sid;
+
+ /* grab the info class and policy handle */
+ lsa_io_q_lookup_sids("", &q_l, data, 0);
+
+ pstrcpy(dom_name, lp_workgroup());
+ pstrcpy(dom_sid , lp_domain_sid());
+
+ /* construct reply. return status is always 0x0 */
+ lsa_reply_lookup_sids(rdata,
+ q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
+ dom_name, dom_sid, /* domain name, domain SID */
+ "S-1-1", "S-1-3", "S-1-5"); /* the three other SIDs */
+}
+
+/***************************************************************************
+api_lsa_lookup_names
+ ***************************************************************************/
+static void api_lsa_lookup_names( int uid, prs_struct *data,
+ prs_struct *rdata )
+{
+ int i;
+ LSA_Q_LOOKUP_RIDS q_l;
+ pstring dom_name;
+ pstring dom_sid;
+ uint32 dom_rids[MAX_LOOKUP_SIDS];
+ uint32 dummy_g_rid;
+
+ /* grab the info class and policy handle */
+ lsa_io_q_lookup_rids("", &q_l, data, 0);
+
+ pstrcpy(dom_name, lp_workgroup());
+ pstrcpy(dom_sid , lp_domain_sid());
+
+ /* convert received RIDs to strings, so we can do them. */
+ for (i = 0; i < q_l.num_entries; i++)
+ {
+ char *user_name = unistr2(q_l.lookup_name[i].str.buffer);
+ if (!name_to_rid(user_name, &dom_rids[i], &dummy_g_rid))
+ {
+ /* WHOOPS! we should really do something about this... */
+ dom_rids[i] = 0;
+ }
+ }
+
+ /* construct reply. return status is always 0x0 */
+ lsa_reply_lookup_rids(rdata,
+ q_l.num_entries, dom_rids, /* text-converted SIDs */
+ dom_name, dom_sid, /* domain name, domain SID */
+ "S-1-1", "S-1-3", "S-1-5"); /* the three other SIDs */
+}
+
+/***************************************************************************
+ api_lsa_close
+ ***************************************************************************/
+static void api_lsa_close( int uid, prs_struct *data,
+ prs_struct *rdata)
+{
+ /* XXXX this is NOT good */
+ char *q = mem_data(&(rdata->data), rdata->offset);
+
+ SIVAL(q, 0, 0); q += 4;
+ SIVAL(q, 0, 0); q += 4;
+ SIVAL(q, 0, 0); q += 4;
+ SIVAL(q, 0, 0); q += 4;
+ SIVAL(q, 0, 0); q += 4;
+ SIVAL(q, 0, 0); q += 4;
+
+ rdata->offset += 24;
+}
+
+/***************************************************************************
+ api_lsa_open_secret
+ ***************************************************************************/
+static void api_lsa_open_secret( int uid, prs_struct *data,
+ prs_struct *rdata)
+{
+ /* XXXX this is NOT good */
+ char *q = mem_data(&(rdata->data), rdata->offset);
+
+ SIVAL(q, 0, 0); q += 4;
+ SIVAL(q, 0, 0); q += 4;
+ SIVAL(q, 0, 0); q += 4;
+ SIVAL(q, 0, 0); q += 4;
+ SIVAL(q, 0, 0); q += 4;
+ SIVAL(q, 0, 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND); q += 4;
+
+ rdata->offset += 24;
+}
+
+/***************************************************************************
+ \PIPE\ntlsa commands
+ ***************************************************************************/
+static struct api_struct api_lsa_cmds[] =
+{
+ { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy },
+ { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info },
+ { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom },
+ { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close },
+ { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret },
+ { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids },
+ { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names },
+ { NULL , 0 , NULL }
+};
+
+/***************************************************************************
+ api_ntLsarpcTNP
+ ***************************************************************************/
+BOOL api_ntlsa_rpc(pipes_struct *p, prs_struct *data)
+{
+ return api_rpcTNP(p, "api_ntlsa_rpc", api_lsa_cmds, data);
+}
+
* Let's ignore the SID.
*/
- strcpy(ascuser, unistr(uniuser));
+ pstrcpy(ascuser, unistr(uniuser));
DEBUG(3,("process_logon_packet: SAMLOGON user %s\n", ascuser));
strcpy(reply_name,"\\\\"); /* Here it wants \\LOGONSERVER. */
smb_pass = get_smbpwd_entry(ascuser, 0);
- if(!smb_pass)
+ if(!smb_pass )
{
DEBUG(3,("process_logon_packet: SAMLOGON request from %s(%s) for %s, not in password file\n",
unistr(unicomp),inet_ntoa(p->ip), ascuser));
return;
}
+ else if(smb_pass->acct_ctrl & ACB_DISABLED)
+ {
+ DEBUG(3,("process_logon_packet: SAMLOGON request from %s(%s) for %s, accound disabled.\n",
+ unistr(unicomp),inet_ntoa(p->ip), ascuser));
+ return;
+ }
else
{
DEBUG(3,("process_logon_packet: SAMLOGON request from %s(%s) for %s, returning logon svr %s domain %s code %x token=%x\n",
struct subnet_record *get_next_subnet_maybe_unicast_or_wins_server(struct subnet_record *subrec)
{
if(subrec == unicast_subnet)
+ {
if(wins_server_subnet)
return wins_server_subnet;
else
return NULL;
+ }
if(wins_server_subnet && subrec == wins_server_subnet)
return NULL;
}
}
- for(; i < namerec->num_ips; i++)
+ for(j = 0; j < namerec->num_ips; j++)
{
- if(i == same_net_index)
+ if(j == same_net_index)
continue;
set_nb_flags(&prdata[i*6],namerec->nb_flags);
- putip((char *)&prdata[2+(i*6)], &namerec->ip[i]);
+ putip((char *)&prdata[2+(i*6)], &namerec->ip[j]);
+ i++;
}
reply_data_len = namerec->num_ips * 6;
{"passwd chat", P_STRING, P_GLOBAL, &Globals.szPasswdChat, NULL, NULL, 0},
{"valid chars", P_STRING, P_GLOBAL, &Globals.szValidChars, handle_valid_chars, NULL, 0},
{"workgroup", P_USTRING, P_GLOBAL, &Globals.szWorkGroup, NULL, NULL, FLAG_BASIC},
-#ifdef NTDOMAIN
+
{"domain sid", P_USTRING, P_GLOBAL, &Globals.szDomainSID, NULL, NULL, 0},
{"domain other sids",P_STRING, P_GLOBAL, &Globals.szDomainOtherSIDs, NULL, NULL, 0},
{"domain groups", P_STRING, P_GLOBAL, &Globals.szDomainGroups, NULL, NULL, 0},
{"domain allow hosts",P_STRING, P_GLOBAL, &Globals.szDomainHostsallow, NULL, NULL, 0},
{"domain hosts deny", P_STRING, P_GLOBAL, &Globals.szDomainHostsdeny, NULL, NULL, 0},
{"domain deny hosts", P_STRING, P_GLOBAL, &Globals.szDomainHostsdeny, NULL, NULL, 0},
-#endif /* NTDOMAIN */
+
{"username map", P_STRING, P_GLOBAL, &Globals.szUsernameMap, NULL, NULL, 0},
{"character set", P_STRING, P_GLOBAL, &Globals.szCharacterSet, handle_character_set, NULL, 0},
{"logon script", P_STRING, P_GLOBAL, &Globals.szLogonScript, NULL, NULL, 0},
FN_GLOBAL_STRING(lp_netbios_aliases,&Globals.szNetbiosAliases)
FN_GLOBAL_STRING(lp_driverfile,&Globals.szDriverFile)
-#ifdef NTDOMAIN
FN_GLOBAL_STRING(lp_domain_sid,&Globals.szDomainSID)
FN_GLOBAL_STRING(lp_domain_other_sids,&Globals.szDomainOtherSIDs)
FN_GLOBAL_STRING(lp_domain_groups,&Globals.szDomainGroups)
FN_GLOBAL_STRING(lp_domain_guest_users,&Globals.szDomainGuestUsers)
FN_GLOBAL_STRING(lp_domain_hostsallow,&Globals.szDomainHostsallow)
FN_GLOBAL_STRING(lp_domain_hostsdeny,&Globals.szDomainHostsdeny)
-#endif /* NTDOMAIN */
FN_GLOBAL_BOOL(lp_dns_proxy,&Globals.bDNSproxy)
FN_GLOBAL_BOOL(lp_wins_support,&Globals.bWINSsupport)
#include "includes.h"
-extern int DEBUGLEVEL;
+extern int DEBUGLEVEL;
-int gotalarm;
+static int gotalarm;
+static char s_readbuf[16 * 1024];
-void
-gotalarm_sig()
+/***************************************************************
+ Signal function to tell us we timed out.
+****************************************************************/
+
+static void gotalarm_sig()
{
- gotalarm = 1;
+ gotalarm = 1;
}
-int
-do_pw_lock(int fd, int waitsecs, int type)
+/***************************************************************
+ Lock or unlock a fd for a known lock type. Abandon after waitsecs
+ seconds.
+****************************************************************/
+
+static int do_pw_lock(int fd, int waitsecs, int type)
{
- struct flock lock;
- int ret;
-
- gotalarm = 0;
- signal(SIGALRM, SIGNAL_CAST gotalarm_sig);
-
- lock.l_type = type;
- lock.l_whence = SEEK_SET;
- lock.l_start = 0;
- lock.l_len = 1;
- lock.l_pid = 0;
-
- alarm(5);
- ret = fcntl(fd, F_SETLKW, &lock);
- alarm(0);
- signal(SIGALRM, SIGNAL_CAST SIG_DFL);
-
- if (gotalarm) {
- DEBUG(0, ("do_pw_lock: failed to %s SMB passwd file.\n",
- type == F_UNLCK ? "unlock" : "lock"));
- return -1;
- }
- return ret;
+ struct flock lock;
+ int ret;
+
+ gotalarm = 0;
+ signal(SIGALRM, SIGNAL_CAST gotalarm_sig);
+
+ lock.l_type = type;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = 0;
+ lock.l_len = 1;
+ lock.l_pid = 0;
+
+ alarm(5);
+ ret = fcntl(fd, F_SETLKW, &lock);
+ alarm(0);
+ signal(SIGALRM, SIGNAL_CAST SIG_DFL);
+
+ if (gotalarm) {
+ DEBUG(0, ("do_pw_lock: failed to %s SMB passwd file.\n",
+ type == F_UNLCK ? "unlock" : "lock"));
+ return -1;
+ }
+ return ret;
}
-int pw_file_lock(char *name, int type, int secs)
+/***************************************************************
+ Lock an fd. Abandon after waitsecs seconds.
+****************************************************************/
+
+int pw_file_lock(int fd, int type, int secs)
{
- int fd = open(name, O_RDWR | O_CREAT, 0600);
- if (fd < 0)
- return (-1);
- if (do_pw_lock(fd, secs, type)) {
- close(fd);
- return -1;
- }
- return fd;
+ if (fd < 0)
+ return (-1);
+ if (do_pw_lock(fd, secs, type)) {
+ return -1;
+ }
+ return fd;
}
+/***************************************************************
+ Unlock an fd. Abandon after waitsecs seconds.
+****************************************************************/
+
int pw_file_unlock(int fd)
{
- do_pw_lock(fd, 5, F_UNLCK);
- return close(fd);
+ return do_pw_lock(fd, 5, F_UNLCK);
}
-/*
- * Routine to get the next 32 hex characters and turn them
- * into a 16 byte array.
- */
+/***************************************************************
+ Open the smbpasswd file - get ready to enumerate it.
+****************************************************************/
+
+FILE *startsmbpwent(BOOL update)
+{
+ FILE *fp = NULL;
+ char *pfile = lp_smb_passwd_file();
+
+ if (!*pfile) {
+ DEBUG(0, ("startsmbpwent: No SMB password file set\n"));
+ return (NULL);
+ }
+ DEBUG(10, ("startsmbpwent: opening file %s\n", pfile));
+
+ fp = fopen(pfile, update ? "r+b" : "rb");
+
+ if (fp == NULL) {
+ DEBUG(0, ("startsmbpwent: unable to open file %s\n", pfile));
+ return NULL;
+ }
+
+ /* Set a 16k buffer to do more efficient reads */
+ setvbuf(fp, s_readbuf, _IOFBF, sizeof(s_readbuf));
+
+ if ((pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0), 5)) < 0) {
+ DEBUG(0, ("startsmbpwent: unable to lock file %s\n", pfile));
+ fclose(fp);
+ return NULL;
+ }
+
+ /* Make sure it is only rw by the owner */
+ chmod(pfile, 0600);
+
+ /* We have a lock on the file. */
+ return fp;
+}
+
+/***************************************************************
+ Close the smbpasswd file - end enumeration.
+****************************************************************/
+
+void endsmbpwent(FILE *fp)
+{
+ pw_file_unlock(fileno(fp));
+ fclose(fp);
+ DEBUG(7, ("endsmbpwent: closed password file.\n"));
+}
+
+/*************************************************************
+ Routine to get the next 32 hex characters and turn them
+ into a 16 byte array.
+**************************************************************/
static int gethexpwd(char *p, char *pwd)
{
- int i;
- unsigned char lonybble, hinybble;
- char *hexchars = "0123456789ABCDEF";
- char *p1, *p2;
-
- for (i = 0; i < 32; i += 2) {
- hinybble = toupper(p[i]);
- lonybble = toupper(p[i + 1]);
+ int i;
+ unsigned char lonybble, hinybble;
+ char *hexchars = "0123456789ABCDEF";
+ char *p1, *p2;
+
+ for (i = 0; i < 32; i += 2) {
+ hinybble = toupper(p[i]);
+ lonybble = toupper(p[i + 1]);
- p1 = strchr(hexchars, hinybble);
- p2 = strchr(hexchars, lonybble);
- if (!p1 || !p2)
- return (False);
- hinybble = PTR_DIFF(p1, hexchars);
- lonybble = PTR_DIFF(p2, hexchars);
+ p1 = strchr(hexchars, hinybble);
+ p2 = strchr(hexchars, lonybble);
+ if (!p1 || !p2)
+ return (False);
+ hinybble = PTR_DIFF(p1, hexchars);
+ lonybble = PTR_DIFF(p2, hexchars);
- pwd[i / 2] = (hinybble << 4) | lonybble;
- }
- return (True);
+ pwd[i / 2] = (hinybble << 4) | lonybble;
+ }
+ return (True);
}
/*************************************************************************
- Routine to search the smbpasswd file for an entry matching the username
- or user id. if the name is NULL, then the smb_uid is used instead.
+ Routine to return the next entry in the smbpasswd file.
*************************************************************************/
-struct smb_passwd *get_smbpwd_entry(char *name, int smb_userid)
+
+struct smb_passwd *getsmbpwent(FILE *fp)
{
- /* Static buffers we will return. */
- static struct smb_passwd pw_buf;
- static pstring user_name;
- static unsigned char smbpwd[16];
- static unsigned char smbntpwd[16];
- char linebuf[256];
- char readbuf[16 * 1024];
- unsigned char c;
- unsigned char *p;
- long uidval;
- long linebuf_len;
- FILE *fp;
- int lockfd;
- char *pfile = lp_smb_passwd_file();
-
- if (!*pfile) {
- DEBUG(0, ("No SMB password file set\n"));
- return (NULL);
- }
- DEBUG(10, ("get_smbpwd_entry: opening file %s\n", pfile));
-
- if (name != NULL)
- {
- DEBUG(10, ("get_smbpwd_entry: search by name: %s\n", name));
- }
- else
- {
- DEBUG(10, ("get_smbpwd_entry: search by smb_userid: %x\n", smb_userid));
- }
-
- fp = fopen(pfile, "r");
-
- if (fp == NULL) {
- DEBUG(0, ("get_smbpwd_entry: unable to open file %s\n", pfile));
- return NULL;
- }
- /* Set a 16k buffer to do more efficient reads */
- setvbuf(fp, readbuf, _IOFBF, sizeof(readbuf));
-
- if ((lockfd = pw_file_lock(pfile, F_RDLCK, 5)) < 0) {
- DEBUG(0, ("get_smbpwd_entry: unable to lock file %s\n", pfile));
- fclose(fp);
- return NULL;
- }
- /* make sure it is only rw by the owner */
- chmod(pfile, 0600);
-
- /* We have a read lock on the file. */
- /*
- * Scan the file, a line at a time and check if the name matches.
- */
- while (!feof(fp)) {
- linebuf[0] = '\0';
-
- fgets(linebuf, 256, fp);
- if (ferror(fp)) {
- fclose(fp);
- pw_file_unlock(lockfd);
- return NULL;
- }
- /*
- * Check if the string is terminated with a newline - if not
- * then we must keep reading and discard until we get one.
- */
- linebuf_len = strlen(linebuf);
- if (linebuf[linebuf_len - 1] != '\n') {
- c = '\0';
- while (!ferror(fp) && !feof(fp)) {
- c = fgetc(fp);
- if (c == '\n')
- break;
- }
- } else
- linebuf[linebuf_len - 1] = '\0';
+ /* Static buffers we will return. */
+ static struct smb_passwd pw_buf;
+ static pstring user_name;
+ static unsigned char smbpwd[16];
+ static unsigned char smbntpwd[16];
+ char linebuf[256];
+ unsigned char c;
+ unsigned char *p;
+ long uidval;
+ long linebuf_len;
+
+ if(fp == NULL) {
+ DEBUG(0,("getsmbpwent: Bad password file pointer.\n"));
+ return NULL;
+ }
+
+ /*
+ * Scan the file, a line at a time and check if the name matches.
+ */
+ while (!feof(fp)) {
+ linebuf[0] = '\0';
+
+ fgets(linebuf, 256, fp);
+ if (ferror(fp)) {
+ return NULL;
+ }
+
+ /*
+ * Check if the string is terminated with a newline - if not
+ * then we must keep reading and discard until we get one.
+ */
+ linebuf_len = strlen(linebuf);
+ if (linebuf[linebuf_len - 1] != '\n') {
+ c = '\0';
+ while (!ferror(fp) && !feof(fp)) {
+ c = fgetc(fp);
+ if (c == '\n')
+ break;
+ }
+ } else
+ linebuf[linebuf_len - 1] = '\0';
#ifdef DEBUG_PASSWORD
- DEBUG(100, ("get_smbpwd_entry: got line |%s|\n", linebuf));
+ DEBUG(100, ("getsmbpwent: got line |%s|\n", linebuf));
#endif
- if ((linebuf[0] == 0) && feof(fp)) {
- DEBUG(4, ("get_smbpwd_entry: end of file reached\n"));
- break;
- }
- /*
- * The line we have should be of the form :-
- *
- * username:uid:[32hex bytes]:....other flags presently
- * ignored....
- *
- * or,
- *
- * username:uid:[32hex bytes]:[32hex bytes]:....ignored....
- *
- * if Windows NT compatible passwords are also present.
- */
-
- if (linebuf[0] == '#' || linebuf[0] == '\0') {
- DEBUG(6, ("get_smbpwd_entry: skipping comment or blank line\n"));
- continue;
- }
- p = (unsigned char *) strchr(linebuf, ':');
- if (p == NULL) {
- DEBUG(0, ("get_smbpwd_entry: malformed password entry (no :)\n"));
- continue;
- }
- /*
- * As 256 is shorter than a pstring we don't need to check
- * length here - if this ever changes....
- */
- strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
- user_name[PTR_DIFF(p, linebuf)] = '\0';
-
- /* get smb uid */
-
- p++; /* Go past ':' */
- if (!isdigit(*p)) {
- DEBUG(0, ("get_smbpwd_entry: malformed password entry (uid not number)\n"));
- continue;
- }
-
- uidval = atoi((char *) p);
-
- while (*p && isdigit(*p))
- {
- p++;
- }
-
- if (*p != ':')
- {
- DEBUG(0, ("get_smbpwd_entry: malformed password entry (no : after uid)\n"));
- continue;
- }
-
- if (name != NULL)
- {
- /* search is by user name */
- if (!strequal(user_name, name)) continue;
- DEBUG(10, ("get_smbpwd_entry: found by name: %s\n", user_name));
- }
- else
- {
- /* search is by user id */
- if (uidval != smb_userid) continue;
- DEBUG(10, ("get_smbpwd_entry: found by smb_userid: %x\n", uidval));
- }
-
- /* if we're here, the entry has been found (either by name or uid) */
-
- /*
- * Now get the password value - this should be 32 hex digits
- * which are the ascii representations of a 16 byte string.
- * Get two at a time and put them into the password.
- */
-
- /* skip the ':' */
- p++;
-
- if (*p == '*' || *p == 'X')
- {
- /* Password deliberately invalid - end here. */
- DEBUG(10, ("get_smbpwd_entry: entry invalidated for user %s\n", user_name));
- fclose(fp);
- pw_file_unlock(lockfd);
- return NULL;
- }
-
- if (linebuf_len < (PTR_DIFF(p, linebuf) + 33))
- {
- DEBUG(0, ("get_smbpwd_entry: malformed password entry (passwd too short)\n"));
- fclose(fp);
- pw_file_unlock(lockfd);
- return (False);
- }
-
- if (p[32] != ':')
- {
- DEBUG(0, ("get_smbpwd_entry: malformed password entry (no terminating :)\n"));
- fclose(fp);
- pw_file_unlock(lockfd);
- return NULL;
- }
-
- if (!strncasecmp((char *) p, "NO PASSWORD", 11))
- {
- pw_buf.smb_passwd = NULL;
- }
- else
- {
- if (!gethexpwd((char *)p, (char *)smbpwd))
- {
- DEBUG(0, ("Malformed Lanman password entry (non hex chars)\n"));
- fclose(fp);
- pw_file_unlock(lockfd);
- return NULL;
- }
- pw_buf.smb_passwd = smbpwd;
- }
-
- pw_buf.smb_name = user_name;
- pw_buf.smb_userid = uidval;
- pw_buf.smb_nt_passwd = NULL;
-
- /* Now check if the NT compatible password is
- available. */
- p += 33; /* Move to the first character of the line after
- the lanman password. */
- if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) {
- if (*p != '*' && *p != 'X') {
- if(gethexpwd((char *)p,(char *)smbntpwd))
- pw_buf.smb_nt_passwd = smbntpwd;
- }
- }
-
- fclose(fp);
- pw_file_unlock(lockfd);
- DEBUG(5, ("get_smbpwd_entrye: returning passwd entry for user %s, uid %d\n",
+ if ((linebuf[0] == 0) && feof(fp)) {
+ DEBUG(4, ("getsmbpwent: end of file reached\n"));
+ break;
+ }
+ /*
+ * The line we have should be of the form :-
+ *
+ * username:uid:[32hex bytes]:....other flags presently
+ * ignored....
+ *
+ * or,
+ *
+ * username:uid:[32hex bytes]:[32hex bytes]:....ignored....
+ *
+ * if Windows NT compatible passwords are also present.
+ */
+
+ if (linebuf[0] == '#' || linebuf[0] == '\0') {
+ DEBUG(6, ("getsmbpwent: skipping comment or blank line\n"));
+ continue;
+ }
+ p = (unsigned char *) strchr(linebuf, ':');
+ if (p == NULL) {
+ DEBUG(0, ("getsmbpwent: malformed password entry (no :)\n"));
+ continue;
+ }
+ /*
+ * As 256 is shorter than a pstring we don't need to check
+ * length here - if this ever changes....
+ */
+ strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
+ user_name[PTR_DIFF(p, linebuf)] = '\0';
+
+ /* Get smb uid. */
+
+ p++; /* Go past ':' */
+ if (!isdigit(*p)) {
+ DEBUG(0, ("getsmbpwent: malformed password entry (uid not number)\n"));
+ continue;
+ }
+
+ uidval = atoi((char *) p);
+
+ while (*p && isdigit(*p))
+ p++;
+
+ if (*p != ':') {
+ DEBUG(0, ("getsmbpwent: malformed password entry (no : after uid)\n"));
+ continue;
+ }
+
+ pw_buf.smb_name = user_name;
+ pw_buf.smb_userid = uidval;
+
+ /*
+ * Now get the password value - this should be 32 hex digits
+ * which are the ascii representations of a 16 byte string.
+ * Get two at a time and put them into the password.
+ */
+
+ /* Skip the ':' */
+ p++;
+
+ if (*p == '*' || *p == 'X') {
+ /* Password deliberately invalid - end here. */
+ DEBUG(10, ("getsmbpwent: entry invalidated for user %s\n", user_name));
+ pw_buf.smb_nt_passwd = NULL;
+ pw_buf.smb_passwd = NULL;
+ pw_buf.acct_ctrl |= ACB_DISABLED;
+ return &pw_buf;
+ }
+
+ if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
+ DEBUG(0, ("getsmbpwent: malformed password entry (passwd too short)\n"));
+ continue;
+ }
+
+ if (p[32] != ':') {
+ DEBUG(0, ("getsmbpwent: malformed password entry (no terminating :)\n"));
+ continue;
+ }
+
+ if (!strncasecmp((char *) p, "NO PASSWORD", 11)) {
+ pw_buf.smb_passwd = NULL;
+ pw_buf.acct_ctrl |= ACB_PWNOTREQ;
+ } else {
+ if (!gethexpwd((char *)p, (char *)smbpwd)) {
+ DEBUG(0, ("getsmbpwent: Malformed Lanman password entry (non hex chars)\n"));
+ continue;
+ }
+ pw_buf.smb_passwd = smbpwd;
+ }
+
+ /*
+ * Now check if the NT compatible password is
+ * available.
+ */
+ pw_buf.smb_nt_passwd = NULL;
+
+ p += 33; /* Move to the first character of the line after
+ the lanman password. */
+ if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) {
+ if (*p != '*' && *p != 'X') {
+ if(gethexpwd((char *)p,(char *)smbntpwd))
+ pw_buf.smb_nt_passwd = smbntpwd;
+ }
+ p += 33; /* Move to the first character of the line after
+ the NT password. */
+ }
+
+ DEBUG(5, ("getsmbpwent: returning passwd entry for user %s, uid %d\n",
user_name, uidval));
- return &pw_buf;
- }
- fclose(fp);
- pw_file_unlock(lockfd);
- return NULL;
+ /*
+ * Check if the account type bits have been encoded after the
+ * NT password (in the form [NDHTUWSLXI]).
+ */
+
+ if (*p == '[') {
+ BOOL finished = False;
+
+ pw_buf.acct_ctrl = 0;
+
+ for(p++;*p && !finished; p++) {
+ switch (*p) {
+ case 'N':
+ /* 'N'o password. */
+ pw_buf.acct_ctrl |= ACB_PWNOTREQ;
+ break;
+ case 'D':
+ /* 'D'isabled. */
+ pw_buf.acct_ctrl |= ACB_DISABLED;
+ break;
+ case 'H':
+ /* 'H'omedir required. */
+ pw_buf.acct_ctrl |= ACB_HOMDIRREQ;
+ break;
+ case 'T':
+ /* 'T'emp account. */
+ pw_buf.acct_ctrl |= ACB_TEMPDUP;
+ break;
+ case 'U':
+ /* 'U'ser account (normal). */
+ pw_buf.acct_ctrl |= ACB_NORMAL;
+ break;
+ case 'M':
+ /* 'M'NS logon user account. What is this ? */
+ pw_buf.acct_ctrl |= ACB_MNS;
+ break;
+ case 'W':
+ /* 'W'orkstation account. */
+ pw_buf.acct_ctrl |= ACB_WSTRUST;
+ break;
+ case 'S':
+ /* 'S'erver account. */
+ pw_buf.acct_ctrl |= ACB_SVRTRUST;
+ break;
+ case 'L':
+ /* 'L'ocked account. */
+ pw_buf.acct_ctrl |= ACB_AUTOLOCK;
+ break;
+ case 'X':
+ /* No 'X'piry. */
+ pw_buf.acct_ctrl |= ACB_PWNOEXP;
+ break;
+ case 'I':
+ /* 'I'nterdomain trust account. */
+ pw_buf.acct_ctrl |= ACB_DOMTRUST;
+ break;
+
+ case ':':
+ case '\n':
+ case '\0':
+ case ']':
+ default:
+ finished = True;
+ }
+ }
+
+ /* Must have some account type set. */
+ if(pw_buf.acct_ctrl == 0)
+ pw_buf.acct_ctrl = ACB_NORMAL;
+
+ } else {
+ /* 'Old' style file. Fake up based on user name. */
+ /*
+ * Currently machine accounts are kept in the same
+ * password file as 'normal accounts'. If this changes
+ * we will have to fix this code. JRA.
+ */
+ if(pw_buf.smb_name[strlen(pw_buf.smb_name) - 1] == '$')
+ pw_buf.acct_ctrl = ACB_WSTRUST;
+ else
+ pw_buf.acct_ctrl = ACB_NORMAL;
+ }
+
+ return &pw_buf;
+ }
+
+ DEBUG(5,("getsmbpwent: end of file reached.\n"));
+ return NULL;
}
-/*
- * Routine to search the smbpasswd file for an entry matching the username.
- */
-BOOL add_smbpwd_entry(struct smb_passwd* pwd)
+/*************************************************************************
+ Routine to search the smbpasswd file for an entry matching the username
+ or user id. if the name is NULL, then the smb_uid is used instead.
+ *************************************************************************/
+
+struct smb_passwd *get_smbpwd_entry(char *name, int smb_userid)
{
- /* Static buffers we will return. */
- static pstring user_name;
-
- char linebuf[256];
- char readbuf[16 * 1024];
- unsigned char c;
- unsigned char *p;
- long linebuf_len;
- FILE *fp;
- int lockfd;
- char *pfile = lp_smb_passwd_file();
-
- int i;
- int wr_len;
-
- int fd;
- int new_entry_length;
- char *new_entry;
- long offpos;
-
- if (!*pfile)
- {
- DEBUG(0, ("No SMB password file set\n"));
- return False;
- }
- DEBUG(10, ("add_smbpwd_entry: opening file %s\n", pfile));
-
- fp = fopen(pfile, "r+");
-
- if (fp == NULL)
- {
- DEBUG(0, ("add_smbpwd_entry: unable to open file %s\n", pfile));
- return False;
- }
- /* Set a 16k buffer to do more efficient reads */
- setvbuf(fp, readbuf, _IOFBF, sizeof(readbuf));
-
- if ((lockfd = pw_file_lock(pfile, F_RDLCK | F_WRLCK, 5)) < 0)
- {
- DEBUG(0, ("add_smbpwd_entry: unable to lock file %s\n", pfile));
- fclose(fp);
- return False;
- }
- /* make sure it is only rw by the owner */
- chmod(pfile, 0600);
-
- /* We have a write lock on the file. */
- /*
- * Scan the file, a line at a time and check if the name matches.
- */
- while (!feof(fp))
- {
- linebuf[0] = '\0';
-
- fgets(linebuf, 256, fp);
- if (ferror(fp))
- {
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- /*
- * Check if the string is terminated with a newline - if not
- * then we must keep reading and discard until we get one.
- */
- linebuf_len = strlen(linebuf);
- if (linebuf[linebuf_len - 1] != '\n')
- {
- c = '\0';
- while (!ferror(fp) && !feof(fp))
- {
- c = fgetc(fp);
- if (c == '\n')
- {
- break;
- }
- }
- }
- else
- {
- linebuf[linebuf_len - 1] = '\0';
- }
+ struct smb_passwd *pwd = NULL;
+ FILE *fp = NULL;
+
+ if (name != NULL) {
+ DEBUG(10, ("get_smbpwd_entry: search by name: %s\n", name));
+ } else {
+ DEBUG(10, ("get_smbpwd_entry: search by smb_userid: %x\n", smb_userid));
+ }
+
+ /* Open the smbpassword file - not for update. */
+ fp = startsmbpwent(False);
+
+ if (fp == NULL) {
+ DEBUG(0, ("get_smbpwd_entry: unable to open password file.\n"));
+ return NULL;
+ }
+
+ /*
+ * Scan the file, a line at a time and check if the name
+ * or uid matches.
+ */
+
+ while ((pwd = getsmbpwent(fp)) != NULL) {
+ if (name != NULL) {
+ /* Search is by user name */
+ if (!strequal(pwd->smb_name, name))
+ continue;
+ DEBUG(10, ("get_smbpwd_entry: found by name: %s\n", name));
+ break;
+ } else {
+ /* Search is by user id */
+ if (pwd->smb_userid != smb_userid)
+ continue;
+ DEBUG(10, ("get_smbpwd_entry: found by smb_userid: %x\n", smb_userid));
+ break;
+ }
+ }
+
+ endsmbpwent(fp);
+ return pwd;
+}
-#ifdef DEBUG_PASSWORD
- DEBUG(100, ("add_smbpwd_entry: got line |%s|\n", linebuf));
-#endif
+/************************************************************************
+ Routine to add an entry to the smbpasswd file.
+*************************************************************************/
- if ((linebuf[0] == 0) && feof(fp))
- {
- DEBUG(4, ("add_smbpwd_entry: end of file reached\n"));
- break;
- }
-
- /*
- * The line we have should be of the form :-
- *
- * username:uid:[32hex bytes]:....other flags presently
- * ignored....
- *
- * or,
- *
- * username:uid:[32hex bytes]:[32hex bytes]:....ignored....
- *
- * if Windows NT compatible passwords are also present.
- */
-
- if (linebuf[0] == '#' || linebuf[0] == '\0')
- {
- DEBUG(6, ("add_smbpwd_entry: skipping comment or blank line\n"));
- continue;
- }
-
- p = (unsigned char *) strchr(linebuf, ':');
-
- if (p == NULL)
- {
- DEBUG(0, ("add_smbpwd_entry: malformed password entry (no :)\n"));
- continue;
- }
-
- /*
- * As 256 is shorter than a pstring we don't need to check
- * length here - if this ever changes....
- */
- strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
- user_name[PTR_DIFF(p, linebuf)] = '\0';
- if (strequal(user_name, pwd->smb_name))
- {
- DEBUG(6, ("add_smbpwd_entry: entry already exists\n"));
- return False;
- }
- }
-
- /* ok - entry doesn't exist. we can add it */
-
- /* Create a new smb passwd entry and set it to the given password. */
- /* The add user write needs to be atomic - so get the fd from
- the fp and do a raw write() call.
- */
- fd = fileno(fp);
-
- if((offpos = lseek(fd, 0, SEEK_END)) == -1)
- {
- DEBUG(0, ("add_smbpwd_entry(lseek): Failed to add entry for user %s to file %s. \
+BOOL add_smbpwd_entry(struct smb_passwd *newpwd)
+{
+ char *pfile = lp_smb_passwd_file();
+ struct smb_passwd *pwd = NULL;
+ FILE *fp = NULL;
+
+ int i;
+ int wr_len;
+
+ int fd;
+ int new_entry_length;
+ char *new_entry;
+ long offpos;
+ unsigned char *p;
+
+ /* Open the smbpassword file - for update. */
+ fp = startsmbpwent(True);
+
+ if (fp == NULL) {
+ DEBUG(0, ("add_smbpwd_entry: unable to open file.\n"));
+ return False;
+ }
+
+ /*
+ * Scan the file, a line at a time and check if the name matches.
+ */
+
+ while ((pwd = getsmbpwent(fp)) != NULL) {
+ if (strequal(newpwd->smb_name, pwd->smb_name)) {
+ DEBUG(0, ("add_smbpwd_entry: entry with name %s already exists\n", pwd->smb_name));
+ endsmbpwent(fp);
+ return False;
+ }
+ }
+
+ /* Ok - entry doesn't exist. We can add it */
+
+ /* Create a new smb passwd entry and set it to the given password. */
+ /*
+ * The add user write needs to be atomic - so get the fd from
+ * the fp and do a raw write() call.
+ */
+ fd = fileno(fp);
+
+ if((offpos = lseek(fd, 0, SEEK_END)) == -1) {
+ DEBUG(0, ("add_smbpwd_entry(lseek): Failed to add entry for user %s to file %s. \
Error was %s\n", pwd->smb_name, pfile, strerror(errno)));
+ endsmbpwent(fp);
+ return False;
+ }
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- new_entry_length = strlen(pwd->smb_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + 2;
+ new_entry_length = strlen(pwd->smb_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + 2;
- if((new_entry = (char *)malloc( new_entry_length )) == 0)
- {
- DEBUG(0, ("add_smbpwd_entry(malloc): Failed to add entry for user %s to file %s. \
-Error was %s\n",
- pwd->smb_name, pfile, strerror(errno)));
+ if((new_entry = (char *)malloc( new_entry_length )) == NULL) {
+ DEBUG(0, ("add_smbpwd_entry(malloc): Failed to add entry for user %s to file %s. \
+Error was %s\n", pwd->smb_name, pfile, strerror(errno)));
+ endsmbpwent(fp);
+ return False;
+ }
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
+ sprintf(new_entry, "%s:%u:", pwd->smb_name, (unsigned)pwd->smb_userid);
+ p = (unsigned char *)&new_entry[strlen(new_entry)];
- sprintf(new_entry, "%s:%u:", pwd->smb_name, (unsigned)pwd->smb_userid);
- p = (unsigned char *)&new_entry[strlen(new_entry)];
+ for( i = 0; i < 16; i++) {
+ sprintf((char *)&p[i*2], "%02X", pwd->smb_passwd[i]);
+ }
- for( i = 0; i < 16; i++)
- {
- sprintf((char *)&p[i*2], "%02X", pwd->smb_passwd[i]);
- }
- p += 32;
+ p += 32;
- *p++ = ':';
+ *p++ = ':';
- for( i = 0; i < 16; i++)
- {
- sprintf((char *)&p[i*2], "%02X", pwd->smb_nt_passwd[i]);
- }
- p += 32;
+ for( i = 0; i < 16; i++) {
+ sprintf((char *)&p[i*2], "%02X", pwd->smb_nt_passwd[i]);
+ }
+ p += 32;
- *p++ = ':';
- sprintf((char *)p,"\n");
+ *p++ = ':';
+ sprintf((char *)p,"\n");
#ifdef DEBUG_PASSWORD
- DEBUG(100, ("add_smbpwd_entry(%d): new_entry_len %d entry_len %d made line |%s|\n",
+ DEBUG(100, ("add_smbpwd_entry(%d): new_entry_len %d entry_len %d made line |%s|\n",
fd, new_entry_length, strlen(new_entry), new_entry));
#endif
- if ((wr_len = write(fd, new_entry, strlen(new_entry))) != strlen(new_entry))
- {
- DEBUG(0, ("add_smbpwd_entry(write): %d Failed to add entry for user %s to file %s. \
+ if ((wr_len = write(fd, new_entry, strlen(new_entry))) != strlen(new_entry)) {
+ DEBUG(0, ("add_smbpwd_entry(write): %d Failed to add entry for user %s to file %s. \
Error was %s\n", wr_len, pwd->smb_name, pfile, strerror(errno)));
- /* Remove the entry we just wrote. */
- if(ftruncate(fd, offpos) == -1)
- {
- DEBUG(0, ("add_smbpwd_entry: ERROR failed to ftruncate file %s. \
+ /* Remove the entry we just wrote. */
+ if(ftruncate(fd, offpos) == -1) {
+ DEBUG(0, ("add_smbpwd_entry: ERROR failed to ftruncate file %s. \
Error was %s. Password file may be corrupt ! Please examine by hand !\n",
- pwd->smb_name, strerror(errno)));
- }
+ pwd->smb_name, strerror(errno)));
+ }
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
+ endsmbpwent(fp);
+ return False;
+ }
- fclose(fp);
- pw_file_unlock(lockfd);
- return True;
+ endsmbpwent(fp);
+ return True;
}
-/*
- * Routine to search the smbpasswd file for an entry matching the username.
- * and then modify its password entry
- */
+
+/************************************************************************
+ Routine to search the smbpasswd file for an entry matching the username.
+ and then modify its password entry. We can't use the startsmbpwent()/
+ getsmbpwent()/endsmbpwent() interfaces here as we depend on looking
+ in the actual file to decide how much room we have to write data.
+************************************************************************/
+
BOOL mod_smbpwd_entry(struct smb_passwd* pwd)
{
- /* Static buffers we will return. */
- static pstring user_name;
-
- char linebuf[256];
- char readbuf[16 * 1024];
- unsigned char c;
- char ascii_p16[66];
- unsigned char *p = NULL;
- long linebuf_len = 0;
- FILE *fp;
- int lockfd;
- char *pfile = lp_smb_passwd_file();
- BOOL found_entry = False;
-
- long pwd_seekpos = 0;
-
- int i;
- int wr_len;
- int fd;
-
- if (!*pfile)
- {
- DEBUG(0, ("No SMB password file set\n"));
- return False;
- }
- DEBUG(10, ("mod_smbpwd_entry: opening file %s\n", pfile));
-
- fp = fopen(pfile, "r+");
-
- if (fp == NULL)
- {
- DEBUG(0, ("mod_smbpwd_entry: unable to open file %s\n", pfile));
- return False;
- }
- /* Set a 16k buffer to do more efficient reads */
- setvbuf(fp, readbuf, _IOFBF, sizeof(readbuf));
-
- if ((lockfd = pw_file_lock(pfile, F_RDLCK | F_WRLCK, 5)) < 0)
- {
- DEBUG(0, ("mod_smbpwd_entry: unable to lock file %s\n", pfile));
- fclose(fp);
- return False;
- }
- /* make sure it is only rw by the owner */
- chmod(pfile, 0600);
-
- /* We have a write lock on the file. */
- /*
- * Scan the file, a line at a time and check if the name matches.
- */
- while (!feof(fp))
- {
- pwd_seekpos = ftell(fp);
-
- linebuf[0] = '\0';
-
- fgets(linebuf, 256, fp);
- if (ferror(fp))
- {
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- /*
- * Check if the string is terminated with a newline - if not
- * then we must keep reading and discard until we get one.
- */
- linebuf_len = strlen(linebuf);
- if (linebuf[linebuf_len - 1] != '\n')
- {
- c = '\0';
- while (!ferror(fp) && !feof(fp))
- {
- c = fgetc(fp);
- if (c == '\n')
- {
- break;
- }
- }
- }
- else
- {
- linebuf[linebuf_len - 1] = '\0';
- }
+ /* Static buffers we will return. */
+ static pstring user_name;
+
+ char linebuf[256];
+ char readbuf[16 * 1024];
+ unsigned char c;
+ char ascii_p16[66];
+ unsigned char *p = NULL;
+ long linebuf_len = 0;
+ FILE *fp;
+ int lockfd;
+ char *pfile = lp_smb_passwd_file();
+ BOOL found_entry = False;
+
+ long pwd_seekpos = 0;
+
+ int i;
+ int wr_len;
+ int fd;
+
+ if (!*pfile) {
+ DEBUG(0, ("No SMB password file set\n"));
+ return False;
+ }
+ DEBUG(10, ("mod_smbpwd_entry: opening file %s\n", pfile));
+
+ fp = fopen(pfile, "r+");
+
+ if (fp == NULL) {
+ DEBUG(0, ("mod_smbpwd_entry: unable to open file %s\n", pfile));
+ return False;
+ }
+ /* Set a 16k buffer to do more efficient reads */
+ setvbuf(fp, readbuf, _IOFBF, sizeof(readbuf));
+
+ if ((lockfd = pw_file_lock(fileno(fp), F_RDLCK | F_WRLCK, 5)) < 0) {
+ DEBUG(0, ("mod_smbpwd_entry: unable to lock file %s\n", pfile));
+ fclose(fp);
+ return False;
+ }
+
+ /* Make sure it is only rw by the owner */
+ chmod(pfile, 0600);
+
+ /* We have a write lock on the file. */
+ /*
+ * Scan the file, a line at a time and check if the name matches.
+ */
+ while (!feof(fp)) {
+ pwd_seekpos = ftell(fp);
+
+ linebuf[0] = '\0';
+
+ fgets(linebuf, 256, fp);
+ if (ferror(fp)) {
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ /*
+ * Check if the string is terminated with a newline - if not
+ * then we must keep reading and discard until we get one.
+ */
+ linebuf_len = strlen(linebuf);
+ if (linebuf[linebuf_len - 1] != '\n') {
+ c = '\0';
+ while (!ferror(fp) && !feof(fp)) {
+ c = fgetc(fp);
+ if (c == '\n') {
+ break;
+ }
+ }
+ } else {
+ linebuf[linebuf_len - 1] = '\0';
+ }
#ifdef DEBUG_PASSWORD
- DEBUG(100, ("mod_smbpwd_entry: got line |%s|\n", linebuf));
+ DEBUG(100, ("mod_smbpwd_entry: got line |%s|\n", linebuf));
#endif
- if ((linebuf[0] == 0) && feof(fp))
- {
- DEBUG(4, ("mod_smbpwd_entry: end of file reached\n"));
- break;
- }
-
- /*
- * The line we have should be of the form :-
- *
- * username:uid:[32hex bytes]:....other flags presently
- * ignored....
- *
- * or,
- *
- * username:uid:[32hex bytes]:[32hex bytes]:....ignored....
- *
- * if Windows NT compatible passwords are also present.
- */
-
- if (linebuf[0] == '#' || linebuf[0] == '\0')
- {
- DEBUG(6, ("mod_smbpwd_entry: skipping comment or blank line\n"));
- continue;
- }
-
- p = (unsigned char *) strchr(linebuf, ':');
-
- if (p == NULL)
- {
- DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no :)\n"));
- continue;
- }
-
- /*
- * As 256 is shorter than a pstring we don't need to check
- * length here - if this ever changes....
- */
- strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
- user_name[PTR_DIFF(p, linebuf)] = '\0';
- if (strequal(user_name, pwd->smb_name))
- {
- found_entry = True;
- break;
- }
- }
-
- if (!found_entry) return False;
-
- DEBUG(6, ("mod_smbpwd_entry: entry exists\n"));
-
- /* User name matches - get uid and password */
- p++; /* Go past ':' */
-
- if (!isdigit(*p))
- {
- DEBUG(0, ("mod_smbpwd_entry: malformed password entry (uid not number)\n"));
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- while (*p && isdigit(*p))
- p++;
- if (*p != ':')
- {
- DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no : after uid)\n"));
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
- /*
- * Now get the password value - this should be 32 hex digits
- * which are the ascii representations of a 16 byte string.
- * Get two at a time and put them into the password.
- */
- p++;
-
- /* record exact password position */
- pwd_seekpos += PTR_DIFF(p, linebuf);
-
- if (*p == '*' || *p == 'X')
- {
- /* Password deliberately invalid - end here. */
- DEBUG(10, ("get_smbpwd_entry: entry invalidated for user %s\n", user_name));
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- if (linebuf_len < (PTR_DIFF(p, linebuf) + 33))
- {
- DEBUG(0, ("mod_smbpwd_entry: malformed password entry (passwd too short)\n"));
- fclose(fp);
- pw_file_unlock(lockfd);
- return (False);
- }
-
- if (p[32] != ':')
- {
- DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no terminating :)\n"));
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- if (*p == '*' || *p == 'X')
- {
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
- if (!strncasecmp((char *) p, "NO PASSWORD", 11))
- {
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- /* Now check if the NT compatible password is
- available. */
- p += 33; /* Move to the first character of the line after
- the lanman password. */
- if (linebuf_len < (PTR_DIFF(p, linebuf) + 33))
- {
- DEBUG(0, ("mod_smbpwd_entry: malformed password entry (passwd too short)\n"));
- fclose(fp);
- pw_file_unlock(lockfd);
- return (False);
- }
-
- if (p[32] != ':')
- {
- DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no terminating :)\n"));
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- /* The following check is wrong - the NT hash is optional. */
-#if 0
- if (*p == '*' || *p == 'X')
- {
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-#endif
-
- /* whew. entry is correctly formed. */
-
- /*
- * Do an atomic write into the file at the position defined by
- * seekpos.
- */
-
- /* The mod user write needs to be atomic - so get the fd from
- the fp and do a raw write() call.
- */
-
- fd = fileno(fp);
-
- if (lseek(fd, pwd_seekpos - 1, SEEK_SET) != pwd_seekpos - 1)
- {
- DEBUG(1, ("mod_smbpwd_entry: seek fail on file %s.\n", pfile));
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- /* Sanity check - ensure the character is a ':' */
- if (read(fd, &c, 1) != 1)
- {
- DEBUG(1, ("mod_smbpwd_entry: read fail on file %s.\n", pfile));
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- if (c != ':')
- {
- DEBUG(1, ("mod_smbpwd_entry: check on passwd file %s failed.\n", pfile));
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
+ if ((linebuf[0] == 0) && feof(fp)) {
+ DEBUG(4, ("mod_smbpwd_entry: end of file reached\n"));
+ break;
+ }
+
+ /*
+ * The line we have should be of the form :-
+ *
+ * username:uid:[32hex bytes]:....other flags presently
+ * ignored....
+ *
+ * or,
+ *
+ * username:uid:[32hex bytes]:[32hex bytes]:....ignored....
+ *
+ * if Windows NT compatible passwords are also present.
+ */
+
+ if (linebuf[0] == '#' || linebuf[0] == '\0') {
+ DEBUG(6, ("mod_smbpwd_entry: skipping comment or blank line\n"));
+ continue;
+ }
+
+ p = (unsigned char *) strchr(linebuf, ':');
+
+ if (p == NULL) {
+ DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no :)\n"));
+ continue;
+ }
+
+ /*
+ * As 256 is shorter than a pstring we don't need to check
+ * length here - if this ever changes....
+ */
+ strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
+ user_name[PTR_DIFF(p, linebuf)] = '\0';
+ if (strequal(user_name, pwd->smb_name)) {
+ found_entry = True;
+ break;
+ }
+ }
+
+ if (!found_entry) return False;
+
+ DEBUG(6, ("mod_smbpwd_entry: entry exists\n"));
+
+ /* User name matches - get uid and password */
+ p++; /* Go past ':' */
+
+ if (!isdigit(*p)) {
+ DEBUG(0, ("mod_smbpwd_entry: malformed password entry (uid not number)\n"));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ while (*p && isdigit(*p))
+ p++;
+ if (*p != ':') {
+ DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no : after uid)\n"));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ /*
+ * Now get the password value - this should be 32 hex digits
+ * which are the ascii representations of a 16 byte string.
+ * Get two at a time and put them into the password.
+ */
+ p++;
+
+ /* Record exact password position */
+ pwd_seekpos += PTR_DIFF(p, linebuf);
+
+ if (*p == '*' || *p == 'X') {
+ /* Password deliberately invalid - end here. */
+ DEBUG(10, ("get_smbpwd_entry: entry invalidated for user %s\n", user_name));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
+ DEBUG(0, ("mod_smbpwd_entry: malformed password entry (passwd too short)\n"));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return (False);
+ }
+
+ if (p[32] != ':') {
+ DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no terminating :)\n"));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ if (*p == '*' || *p == 'X') {
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ if (!strncasecmp((char *) p, "NO PASSWORD", 11)) {
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ /* Now check if the NT compatible password is
+ available. */
+ p += 33; /* Move to the first character of the line after
+ the lanman password. */
+ if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) {
+ DEBUG(0, ("mod_smbpwd_entry: malformed password entry (passwd too short)\n"));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return (False);
+ }
+
+ if (p[32] != ':') {
+ DEBUG(0, ("mod_smbpwd_entry: malformed password entry (no terminating :)\n"));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ /* Entry is correctly formed. */
+
+ /*
+ * Do an atomic write into the file at the position defined by
+ * seekpos.
+ */
+
+ /* The mod user write needs to be atomic - so get the fd from
+ the fp and do a raw write() call.
+ */
+
+ fd = fileno(fp);
+
+ if (lseek(fd, pwd_seekpos - 1, SEEK_SET) != pwd_seekpos - 1) {
+ DEBUG(0, ("mod_smbpwd_entry: seek fail on file %s.\n", pfile));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ /* Sanity check - ensure the character is a ':' */
+ if (read(fd, &c, 1) != 1) {
+ DEBUG(0, ("mod_smbpwd_entry: read fail on file %s.\n", pfile));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ if (c != ':') {
+ DEBUG(0, ("mod_smbpwd_entry: check on passwd file %s failed.\n", pfile));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
- /* Create the 32 byte representation of the new p16 */
- for (i = 0; i < 16; i++)
- {
- sprintf(&ascii_p16[i*2], "%02X", (uchar) pwd->smb_passwd[i]);
- }
- /* Add on the NT md4 hash */
- ascii_p16[32] = ':';
- wr_len = 65;
- if (pwd->smb_nt_passwd != NULL)
- {
- for (i = 0; i < 16; i++)
- {
- sprintf(&ascii_p16[(i*2)+33], "%02X", (uchar) pwd->smb_nt_passwd[i]);
- }
- }
- else
- {
- /* No NT hash - write out an 'invalid' string. */
- strcpy(&ascii_p16[33], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
- }
+ /* Create the 32 byte representation of the new p16 */
+ for (i = 0; i < 16; i++) {
+ sprintf(&ascii_p16[i*2], "%02X", (uchar) pwd->smb_passwd[i]);
+ }
+
+ /* Add on the NT md4 hash */
+ ascii_p16[32] = ':';
+ wr_len = 65;
+ if (pwd->smb_nt_passwd != NULL) {
+ for (i = 0; i < 16; i++) {
+ sprintf(&ascii_p16[(i*2)+33], "%02X", (uchar) pwd->smb_nt_passwd[i]);
+ }
+ } else {
+ /* No NT hash - write out an 'invalid' string. */
+ strcpy(&ascii_p16[33], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
+ }
#ifdef DEBUG_PASSWORD
- DEBUG(100,("mod_smbpwd_entry: "));
- dump_data(100, ascii_p16, wr_len);
+ DEBUG(100,("mod_smbpwd_entry: "));
+ dump_data(100, ascii_p16, wr_len);
#endif
- if (write(fd, ascii_p16, wr_len) != wr_len)
- {
- DEBUG(1, ("mod_smbpwd_entry: write failed in passwd file %s\n", pfile));
- fclose(fp);
- pw_file_unlock(lockfd);
- return False;
- }
-
- fclose(fp);
- pw_file_unlock(lockfd);
- return True;
+ if (write(fd, ascii_p16, wr_len) != wr_len) {
+ DEBUG(0, ("mod_smbpwd_entry: write failed in passwd file %s\n", pfile));
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return False;
+ }
+
+ fclose(fp);
+ pw_file_unlock(lockfd);
+ return True;
}
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ NT Domain Authentication SMB / MSRPC client
+ Copyright (C) Andrew Tridgell 1994-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+
+
+#ifdef SYSLOG
+#undef SYSLOG
+#endif
+
+#include "includes.h"
+#include "nterr.h"
+
+extern int DEBUGLEVEL;
+
+
+#if 0
+ if (!cli_initialise(cli, t_idx))
+ {
+ DEBUG(1,("do_nt_session_open: cli_initialise failed\n"));
+ return False;
+ }
+
+ DEBUG(1,("do_nt_session_open: server connect initialisation\n"));
+
+ if (!server_connect_init(cli, t_idx, myhostname, dest_ip, dest_host))
+ {
+ uint8 err_cls;
+ uint32 err_num;
+ cli_error(cli, t_idx, &err_cls, &err_num);
+ DEBUG(1,("server_connect_init failed (%s)\n", cli_errstr(cli, t_idx)));
+
+ return False;
+ }
+
+ DEBUG(1,("do_nt_session_open: server connect initialisation succeeded\n"));
+
+ if (!cli_session_setup(cli, t_idx, "", "", 1, NULL, 0, workgroup))
+ {
+ uint8 err_cls;
+ uint32 err_num;
+ cli_error(cli, t_idx, &err_cls, &err_num);
+ DEBUG(1,("session setup failed (%s)\n", cli_errstr(cli, t_idx)));
+
+ return False;
+ }
+
+ DEBUG(1,("do_nt_session_open: server session setup succeeded\n"));
+
+ if (!cli_send_tconX(cli, t_idx, "IPC$", "IPC", "", 1))
+ {
+ uint8 err_cls;
+ uint32 err_num;
+ cli_error(cli, t_idx, &err_cls, &err_num);
+ DEBUG(1,("cli_send_tconX failed (%s)\n", cli_errstr(cli, t_idx)));
+
+ return False;
+ }
+
+ DEBUG(1,("do_nt_session_open: server IPC$ connection succeeded\n"));
+#endif
+
+
+/****************************************************************************
+experimental nt login.
+
+****************************************************************************/
+BOOL do_nt_session_open(struct cli_state *cli, int t_idx, uint16 *fnum,
+ char *dest_host, char *myhostname,
+ char *mach_acct,
+ char *username, char *workgroup,
+ uchar sess_key[16], DOM_CRED *clnt_cred)
+{
+ DOM_CHAL clnt_chal;
+ DOM_CHAL srv_chal;
+
+ DOM_CHAL auth2_srv_chal;
+
+ UTIME zerotime;
+
+ char nt_owf_mach_pwd[16];
+ char nt_owf_prev_mpd[16];
+
+ RPC_IFACE abstract;
+ RPC_IFACE transfer;
+
+ fstring mach_pwd;
+ fstring prev_mpd;
+ fstring dest_srv;
+
+ /******************** initialise ********************************/
+
+ zerotime.time = 0;
+
+ DEBUG(1,("do_nt_session_open: %d\n", __LINE__));
+
+ /******************* open the \PIPE\NETLOGON file *****************/
+
+ if (((*fnum) = cli_open(cli, t_idx, PIPE_NETLOGON, O_CREAT, DENY_NONE,
+ NULL, NULL, NULL)) == 0xffff)
+ {
+ DEBUG(1,("do_nt_session_open: cli_open failed\n"));
+ return False;
+ }
+
+ /**************** Set Named Pipe State ***************/
+ if (!rpc_pipe_set_hnd_state(cli, t_idx, PIPE_NETLOGON, *fnum, 0x4300))
+ {
+ DEBUG(1,("do_nt_session_open: pipe hnd state failed\n"));
+ return False;
+ }
+
+ /******************* bind request on \PIPE\NETLOGON *****************/
+
+ if (!rpc_pipe_bind(cli, t_idx, PIPE_NETLOGON, *fnum,
+ &abstract, &transfer,
+ False, NULL, NULL))
+ {
+ DEBUG(1,("do_nt_session_open: rpc bind failed\n"));
+ return False;
+ }
+
+ /************ Check workstation trust account *******************/
+
+ /* default machine password is lower-case machine name (really secure) */
+ fstrcpy(mach_pwd, myhostname);
+ strlower(mach_pwd);
+
+ /* default machine password is lower-case machine name (really secure) */
+ fstrcpy(prev_mpd, myhostname);
+ strlower(prev_mpd);
+
+ /******************* Request Challenge ********************/
+
+ SIVAL(clnt_chal.data, 0, 0x11111111);
+ SIVAL(clnt_chal.data, 4, 0x22222222);
+
+ strcpy(dest_srv, "\\\\");
+ strcat(dest_srv, dest_host);
+ strupper(dest_srv);
+
+ /* send a client challenge; receive a server challenge */
+ if (!do_net_req_chal(cli, t_idx, *fnum, dest_srv, myhostname, &clnt_chal, &srv_chal))
+ {
+ DEBUG(1,("do_nt_session_open: request challenge failed\n"));
+ return False;
+ }
+
+ /**************** Long-term Session key **************/
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("generating nt owf from initial machine pwd: %s\n", mach_pwd));
+#endif
+ nt_owf_gen( mach_pwd, nt_owf_mach_pwd);
+
+#ifdef DEBUG_PASSWORD
+ dump_data(6, nt_owf_mach_pwd, 16);
+#endif
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("generating nt owf from previous machine pwd: %s\n", prev_mpd));
+#endif
+ nt_owf_gen( mach_pwd, nt_owf_prev_mpd);
+
+#ifdef DEBUG_PASSWORD
+ dump_data(6, nt_owf_prev_mpd, 16);
+#endif
+
+ /* calculate the session key */
+ cred_session_key(&clnt_chal, &srv_chal, nt_owf_mach_pwd, sess_key);
+#if 0
+ cred_session_key(&clnt_chal, &srv_chal, nt_owf_prev_mpd, sess_key+8);
+#else
+ bzero(sess_key+8, 8);
+#endif
+
+ /******************* Authenticate 2 ********************/
+
+ /* calculate auth-2 credentials */
+ cred_create(sess_key, &clnt_chal, zerotime, &(clnt_cred->challenge));
+
+ /* send client auth-2 challenge; receive an auth-2 challenge */
+ if (!do_net_auth2(cli, t_idx, *fnum,
+ dest_srv, mach_acct,
+ SEC_CHAN_WKSTA, myhostname,
+ &(clnt_cred->challenge), 0x000001ff, &auth2_srv_chal))
+ {
+ DEBUG(1,("do_nt_session_open: request challenge failed\n"));
+ return False;
+ }
+
+ return True;
+}
+
+/****************************************************************************
+ server password set
+ ****************************************************************************/
+BOOL do_nt_srv_pwset(struct cli_state *cli, int t_idx, uint16 fnum,
+ uint8 sess_key[16], DOM_CRED *clnt_cred, DOM_CRED *rtn_cred,
+ char *new_mach_pwd,
+ char *dest_host, char *mach_acct, char *myhostname)
+{
+ /**************** Net Server Password Set **************/
+
+ DOM_CRED cred;
+ char nt_cypher[16];
+ uint8 mode = 1;
+ char nt_owf_new_mach_pwd[16];
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("generating nt owf from new machine pwd: %s\n", new_mach_pwd));
+#endif
+ nt_owf_gen(new_mach_pwd, nt_owf_new_mach_pwd);
+
+#ifdef DEBUG_PASSWORD
+dump_data(6, nt_owf_new_mach_pwd, 16);
+#endif
+
+ if (!obfuscate_pwd(nt_cypher, nt_owf_new_mach_pwd, mode))
+ {
+ DEBUG(5,("do_nt_srv_pwset: encrypt mach pwd failed\n"));
+ return False;
+ }
+
+ clnt_cred->timestamp.time = time(NULL);
+
+ memcpy(&cred, clnt_cred, sizeof(cred));
+
+ /* calculate credentials */
+ cred_create(sess_key, &(clnt_cred->challenge),
+ cred.timestamp,
+ &(cred.challenge));
+
+ /* send client srv_pwset challenge */
+ return do_net_srv_pwset(cli, t_idx, fnum, sess_key, clnt_cred,
+ dest_host, mach_acct, 2, myhostname,
+ &cred, rtn_cred,
+ nt_cypher);
+}
+
+/****************************************************************************
+ make interactive sam login info
+ ****************************************************************************/
+void make_nt_login_interactive(NET_ID_INFO_CTR *ctr,
+ uchar sess_key[16],
+ char *workgroup, char *myhostname,
+ uint32 smb_userid, char *username)
+{
+ /****************** SAM Info Preparation *******************/
+
+ char *smb_user_passwd = getpass("Enter NT Login Password:");
+
+ char lm_owf_user_pwd[16];
+ char nt_owf_user_pwd[16];
+
+ nt_lm_owf_gen(smb_user_passwd, nt_owf_user_pwd, lm_owf_user_pwd);
+
+#ifdef DEBUG_PASSWORD
+
+ DEBUG(100,("nt owf of user password: "));
+ dump_data(100, lm_owf_user_pwd, 16);
+
+ DEBUG(100,("nt owf of user password: "));
+ dump_data(100, nt_owf_user_pwd, 16);
+
+#endif
+
+ /* indicate an "interactive" login */
+ ctr->switch_value = 1;
+
+ /* this is used in both the SAM Logon and the SAM Logoff */
+ make_id_info1(&ctr->auth.id1, workgroup, 0,
+ smb_userid, 0,
+ username, myhostname,
+ sess_key, lm_owf_user_pwd, nt_owf_user_pwd);
+}
+
+/****************************************************************************
+experimental nt login.
+****************************************************************************/
+BOOL do_nt_login(struct cli_state *cli, int t_idx, uint16 fnum,
+ uint8 sess_key[16], DOM_CRED *clnt_cred, DOM_CRED *rtn_cred,
+ NET_ID_INFO_CTR *ctr, char *dest_host, char *myhostname,
+ NET_USER_INFO_3 *user_info3)
+{
+ DOM_CRED sam_logon_rtn_cred;
+ DOM_CRED cred;
+ fstring dest_srv;
+ fstring my_host_name;
+
+ DEBUG(5,("do_nt_login: %d\n", __LINE__));
+
+ /*********************** SAM Logon **********************/
+
+ clnt_cred->timestamp.time = time(NULL);
+
+ memcpy(&cred, clnt_cred, sizeof(cred));
+
+ /* calculate sam logon credentials */
+ cred_create(sess_key, &(clnt_cred->challenge),
+ cred.timestamp,
+ &(cred.challenge));
+
+ strcpy(dest_srv, "\\\\");
+ strcat(dest_srv, dest_host);
+ strupper(dest_srv);
+
+ fstrcpy(my_host_name, myhostname);
+ strupper(my_host_name);
+
+ /* send client sam-logon challenge */
+ return do_net_sam_logon(cli, t_idx, fnum, sess_key, clnt_cred,
+ dest_srv, my_host_name,
+ &cred, &sam_logon_rtn_cred,
+ ctr->switch_value, ctr, 3, user_info3,
+ rtn_cred);
+}
+
+/****************************************************************************
+nt sam logoff
+****************************************************************************/
+BOOL do_nt_logoff(struct cli_state *cli, int t_idx, uint16 fnum,
+ uint8 sess_key[16], DOM_CRED *clnt_cred, DOM_CRED *rtn_cred,
+ NET_ID_INFO_CTR *ctr, char *dest_host, char *myhostname)
+{
+ DOM_CRED sam_logoff_rtn_cred;
+ DOM_CRED cred;
+ fstring dest_srv;
+ fstring my_host_name;
+
+ DEBUG(5,("do_nt_logoff: %d\n", __LINE__));
+
+ /*********************** SAM Logoff *********************/
+
+ clnt_cred->timestamp.time = time(NULL);
+
+ memcpy(&cred, clnt_cred, sizeof(cred));
+
+ /* calculate sam logoff credentials */
+ cred_create(sess_key, &(clnt_cred->challenge),
+ cred.timestamp,
+ &(cred.challenge));
+
+ strcpy(dest_srv, "\\\\");
+ strcat(dest_srv, dest_host);
+ strupper(dest_srv);
+
+ fstrcpy(my_host_name, myhostname);
+ strupper(my_host_name);
+
+ /* send client sam-logoff challenge; receive a sam-logoff challenge */
+ return do_net_sam_logoff(cli, t_idx, fnum, sess_key, clnt_cred,
+ dest_srv, my_host_name,
+ &cred, &sam_logoff_rtn_cred,
+ ctr->switch_value, ctr, 3,
+ rtn_cred);
+}
+
+#if 0
+ /* free memory used in all rpc transactions, above */
+ cli_shutdown(cli, t_idx);
+#endif
+
+/****************************************************************************
+experimental nt login.
+****************************************************************************/
+void do_nt_session_close(struct cli_state *cli, int t_idx, uint16 fnum)
+{
+ /******************** close the \PIPE\NETLOGON file **************/
+ if (fnum != 0xffff)
+ {
+ cli_close(cli, t_idx, fnum, 0);
+ }
+
+}
+
+
--- /dev/null
+
+/*
+ * Unix SMB/Netbios implementation.
+ * Version 1.9.
+ * RPC Pipe client / server routines
+ * Copyright (C) Andrew Tridgell 1992-1997,
+ * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
+ * Copyright (C) Paul Ashton 1997.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+
+#ifdef SYSLOG
+#undef SYSLOG
+#endif
+
+#include "includes.h"
+
+extern int DEBUGLEVEL;
+
+
+/****************************************************************************
+do a LSA Open Policy
+****************************************************************************/
+BOOL do_lsa_open_policy(struct cli_state *cli, int t_idx, uint16 fnum,
+ char *server_name, POLICY_HND *hnd)
+{
+ prs_struct rbuf;
+ prs_struct buf;
+ LSA_Q_OPEN_POL q_o;
+ BOOL valid_pol = False;
+
+ if (hnd == NULL) return False;
+
+ prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
+ prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
+
+ /* create and send a MSRPC command with api LSA_OPENPOLICY */
+
+ DEBUG(4,("LSA Open Policy\n"));
+
+ /* store the parameters */
+ make_q_open_pol(&q_o, server_name, 0, 0, 0x1);
+
+ /* turn parameters into data stream */
+ lsa_io_q_open_pol("", &q_o, &buf, 0);
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, t_idx, fnum, LSA_OPENPOLICY, &buf, &rbuf))
+ {
+ LSA_R_OPEN_POL r_o;
+ BOOL p;
+
+ lsa_io_r_open_pol("", &r_o, &rbuf, 0);
+ p = rbuf.offset != 0;
+
+ if (p && r_o.status != 0)
+ {
+ /* report error code */
+ DEBUG(0,("LSA_OPENPOLICY: %s\n", get_nt_error_msg(r_o.status)));
+ p = False;
+ }
+
+ if (p)
+ {
+ /* ok, at last: we're happy. return the policy handle */
+ memcpy(hnd, r_o.pol.data, sizeof(hnd->data));
+ valid_pol = True;
+ }
+ }
+
+ prs_mem_free(&rbuf);
+ prs_mem_free(&buf );
+
+ return valid_pol;
+}
+
+/****************************************************************************
+do a LSA Query Info Policy
+****************************************************************************/
+BOOL do_lsa_query_info_pol(struct cli_state *cli, int t_idx, uint16 fnum,
+ POLICY_HND *hnd, uint16 info_class,
+ fstring domain_name, fstring domain_sid)
+{
+ prs_struct rbuf;
+ prs_struct buf;
+ LSA_Q_QUERY_INFO q_q;
+ BOOL valid_response = False;
+
+ if (hnd == NULL || domain_name == NULL || domain_sid == NULL) return False;
+
+ prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
+ prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
+
+ /* create and send a MSRPC command with api LSA_QUERYINFOPOLICY */
+
+ DEBUG(4,("LSA Query Info Policy\n"));
+
+ /* store the parameters */
+ make_q_query(&q_q, hnd, info_class);
+
+ /* turn parameters into data stream */
+ lsa_io_q_query("", &q_q, &buf, 0);
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, t_idx, fnum, LSA_QUERYINFOPOLICY, &buf, &rbuf))
+ {
+ LSA_R_QUERY_INFO r_q;
+ BOOL p;
+
+ lsa_io_r_query("", &r_q, &rbuf, 0);
+ p = rbuf.offset != 0;
+
+ if (p && r_q.status != 0)
+ {
+ /* report error code */
+ DEBUG(0,("LSA_QUERYINFOPOLICY: %s\n", get_nt_error_msg(r_q.status)));
+ p = False;
+ }
+
+ if (p && r_q.info_class != q_q.info_class)
+ {
+ /* report different info classes */
+ DEBUG(0,("LSA_QUERYINFOPOLICY: error info_class (q,r) differ - (%x,%x)\n",
+ q_q.info_class, r_q.info_class));
+ p = False;
+ }
+
+ if (p)
+ {
+ /* ok, at last: we're happy. */
+ switch (r_q.info_class)
+ {
+ case 3:
+ {
+ char *dom_name = unistrn2(r_q.dom.id3.uni_domain_name.buffer,
+ r_q.dom.id3.uni_domain_name.uni_str_len);
+ char *dom_sid = dom_sid_to_string(&(r_q.dom.id3.dom_sid.sid));
+ fstrcpy(domain_name, dom_name);
+ pstrcpy(domain_sid , dom_sid);
+
+ valid_response = True;
+ break;
+ }
+ case 5:
+ {
+ char *dom_name = unistrn2(r_q.dom.id5.uni_domain_name.buffer,
+ r_q.dom.id5.uni_domain_name.uni_str_len);
+ char *dom_sid = dom_sid_to_string(&(r_q.dom.id5.dom_sid.sid));
+ fstrcpy(domain_name, dom_name);
+ pstrcpy(domain_sid , dom_sid);
+
+ valid_response = True;
+ break;
+ }
+ default:
+ {
+ DEBUG(3,("LSA_QUERYINFOPOLICY: unknown info class\n"));
+ domain_name[0] = 0;
+ domain_sid [0] = 0;
+
+ break;
+ }
+ }
+ DEBUG(3,("LSA_QUERYINFOPOLICY (level %x): domain:%s domain sid:%s\n",
+ r_q.info_class, domain_name, domain_sid));
+ }
+ }
+
+ prs_mem_free(&rbuf);
+ prs_mem_free(&buf );
+
+ return valid_response;
+}
+
+/****************************************************************************
+do a LSA Close
+****************************************************************************/
+BOOL do_lsa_close(struct cli_state *cli, int t_idx, uint16 fnum, POLICY_HND *hnd)
+{
+ prs_struct rbuf;
+ prs_struct buf;
+ LSA_Q_CLOSE q_c;
+ BOOL valid_close = False;
+
+ if (hnd == NULL) return False;
+
+ /* create and send a MSRPC command with api LSA_OPENPOLICY */
+
+ prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
+ prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
+
+ DEBUG(4,("LSA Close\n"));
+
+ /* store the parameters */
+ make_lsa_q_close(&q_c, hnd);
+
+ /* turn parameters into data stream */
+ lsa_io_q_close("", &q_c, &buf, 0);
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, t_idx, fnum, LSA_CLOSE, &buf, &rbuf))
+ {
+ LSA_R_CLOSE r_c;
+ BOOL p;
+
+ lsa_io_r_close("", &r_c, &rbuf, 0);
+ p = rbuf.offset != 0;
+
+ if (p && r_c.status != 0)
+ {
+ /* report error code */
+ DEBUG(0,("LSA_CLOSE: %s\n", get_nt_error_msg(r_c.status)));
+ p = False;
+ }
+
+ if (p)
+ {
+ /* check that the returned policy handle is all zeros */
+ int i;
+ valid_close = True;
+
+ for (i = 0; i < sizeof(r_c.pol.data); i++)
+ {
+ if (r_c.pol.data[i] != 0)
+ {
+ valid_close = False;
+ break;
+ }
+ }
+ if (!valid_close)
+ {
+ DEBUG(0,("LSA_CLOSE: non-zero handle returned\n"));
+ }
+ }
+ }
+
+ prs_mem_free(&rbuf);
+ prs_mem_free(&buf );
+
+ return valid_close;
+}
--- /dev/null
+
+/*
+ * Unix SMB/Netbios implementation.
+ * Version 1.9.
+ * RPC Pipe client / server routines
+ * Copyright (C) Andrew Tridgell 1992-1997,
+ * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
+ * Copyright (C) Paul Ashton 1997.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+
+#ifdef SYSLOG
+#undef SYSLOG
+#endif
+
+#include "includes.h"
+
+extern int DEBUGLEVEL;
+extern pstring username;
+extern pstring workgroup;
+
+#define CLIENT_TIMEOUT (30*1000)
+
+
+/****************************************************************************
+do a LSA Logon Control2
+****************************************************************************/
+BOOL do_net_logon_ctrl2(struct cli_state *cli, int t_idx, uint16 fnum,
+ char *host_name, uint32 status_level)
+{
+ prs_struct rbuf;
+ prs_struct buf;
+ NET_Q_LOGON_CTRL2 q_l;
+ BOOL valid_ctrl2 = False;
+ fstring acct_name;
+
+ prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
+ prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
+
+ if (host_name == NULL) return False;
+
+ strcpy(acct_name, "\\\\");
+ strcat(acct_name, host_name);
+
+ /* create and send a MSRPC command with api NET_LOGON_CTRL2 */
+
+ DEBUG(4,("LSA Logon Control2 from %s status level:%x\n",
+ host_name, status_level));
+
+ /* store the parameters */
+ make_q_logon_ctrl2(&q_l, acct_name, status_level);
+
+ /* turn parameters into data stream */
+ net_io_q_logon_ctrl2("", &q_l, &buf, 0);
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, t_idx, fnum, NET_LOGON_CTRL2, &buf, &rbuf))
+ {
+ NET_R_LOGON_CTRL2 r_l;
+ BOOL p;
+
+ net_io_r_logon_ctrl2("", &r_l, &rbuf, 0);
+ p = rbuf.offset != 0;
+
+ if (p && r_l.status != 0)
+ {
+ /* report error code */
+ DEBUG(0,("NET_R_LOGON_CTRL: %s\n", get_nt_error_msg(r_l.status)));
+ p = False;
+ }
+
+ if (p)
+ {
+ valid_ctrl2 = True;
+ }
+ }
+
+ prs_mem_free(&rbuf);
+ prs_mem_free(&buf );
+
+
+ return valid_ctrl2;
+}
+
+/****************************************************************************
+do a LSA Authenticate 2
+****************************************************************************/
+BOOL do_net_auth2(struct cli_state *cli, int t_idx, uint16 fnum,
+ char *logon_srv, char *acct_name, uint16 sec_chan, char *comp_name,
+ DOM_CHAL *clnt_chal, uint32 neg_flags, DOM_CHAL *srv_chal)
+{
+ prs_struct rbuf;
+ prs_struct buf;
+ NET_Q_AUTH_2 q_a;
+ BOOL valid_chal = False;
+
+ prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
+ prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
+
+ if (srv_chal == NULL || clnt_chal == NULL) return False;
+
+ /* create and send a MSRPC command with api NET_AUTH2 */
+
+ DEBUG(4,("LSA Authenticate 2: srv:%s acct:%s sc:%x mc: %s chal %s neg: %lx\n",
+ logon_srv, acct_name, sec_chan, comp_name,
+ credstr(clnt_chal->data), neg_flags));
+
+ /* store the parameters */
+ make_q_auth_2(&q_a, logon_srv, acct_name, sec_chan, comp_name,
+ clnt_chal, neg_flags);
+
+ /* turn parameters into data stream */
+ net_io_q_auth_2("", &q_a, &buf, 0);
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, t_idx, fnum, NET_AUTH2, &buf, &rbuf))
+ {
+ NET_R_AUTH_2 r_a;
+ BOOL p;
+
+ net_io_r_auth_2("", &r_a, &rbuf, 0);
+ p = rbuf.offset != 0;
+
+ if (p && r_a.status != 0)
+ {
+ /* report error code */
+ DEBUG(0,("NET_AUTH2: %s\n", get_nt_error_msg(r_a.status)));
+ p = False;
+ }
+
+ if (p && r_a.srv_flgs.neg_flags != q_a.clnt_flgs.neg_flags)
+ {
+ /* report different neg_flags */
+ DEBUG(0,("NET_AUTH2: error neg_flags (q,r) differ - (%lx,%lx)\n",
+ q_a.clnt_flgs.neg_flags, r_a.srv_flgs.neg_flags));
+ p = False;
+ }
+
+ if (p)
+ {
+ /* ok, at last: we're happy. return the challenge */
+ memcpy(srv_chal, r_a.srv_chal.data, sizeof(srv_chal->data));
+ valid_chal = True;
+ }
+ }
+
+ prs_mem_free(&rbuf);
+ prs_mem_free(&buf );
+
+
+ return valid_chal;
+}
+
+/****************************************************************************
+do a LSA Request Challenge
+****************************************************************************/
+BOOL do_net_req_chal(struct cli_state *cli, int t_idx, uint16 fnum,
+ char *desthost, char *myhostname,
+ DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal)
+{
+ prs_struct rbuf;
+ prs_struct buf;
+ NET_Q_REQ_CHAL q_c;
+ BOOL valid_chal = False;
+
+ prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
+ prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
+
+ if (srv_chal == NULL || clnt_chal == NULL) return False;
+
+ /* create and send a MSRPC command with api NET_REQCHAL */
+
+ DEBUG(4,("LSA Request Challenge from %s to %s: %s\n",
+ desthost, myhostname, credstr(clnt_chal->data)));
+
+ /* store the parameters */
+ make_q_req_chal(&q_c, desthost, myhostname, clnt_chal);
+
+ /* turn parameters into data stream */
+ net_io_q_req_chal("", &q_c, &buf, 0);
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, t_idx, fnum, NET_REQCHAL, &buf, &rbuf))
+ {
+ NET_R_REQ_CHAL r_c;
+ BOOL p;
+
+ net_io_r_req_chal("", &r_c, &rbuf, 0);
+ p = rbuf.offset != 0;
+
+ if (p && r_c.status != 0)
+ {
+ /* report error code */
+ DEBUG(0,("NET_REQ_CHAL: %s\n", get_nt_error_msg(r_c.status)));
+ p = False;
+ }
+
+ if (p)
+ {
+ /* ok, at last: we're happy. return the challenge */
+ memcpy(srv_chal, r_c.srv_chal.data, sizeof(srv_chal->data));
+ valid_chal = True;
+ }
+ }
+
+ prs_mem_free(&rbuf);
+ prs_mem_free(&buf );
+
+
+ return valid_chal;
+}
+
+/***************************************************************************
+do a LSA Server Password Set
+****************************************************************************/
+BOOL do_net_srv_pwset(struct cli_state *cli, int t_idx, uint16 fnum,
+ uchar sess_key[16], DOM_CRED *sto_clnt_cred,
+ char *logon_srv, char *mach_acct, uint16 sec_chan_type, char *comp_name,
+ DOM_CRED *clnt_cred, DOM_CRED *srv_cred,
+ uint8 nt_owf_new_mach_pwd[16])
+{
+ prs_struct rbuf;
+ prs_struct buf;
+ NET_Q_SRV_PWSET q_s;
+ BOOL valid_cred = False;
+
+ prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
+ prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
+
+ if (srv_cred == NULL || clnt_cred == NULL) return False;
+
+ /* create and send a MSRPC command with api NET_SRV_PWSET */
+
+ DEBUG(4,("LSA Server Password Set: srv:%s acct:%s sc: %d mc: %s clnt %s %lx\n",
+ logon_srv, mach_acct, sec_chan_type, comp_name,
+ credstr(clnt_cred->challenge.data), clnt_cred->timestamp.time));
+
+ /* store the parameters */
+ make_q_srv_pwset(&q_s,
+ sess_key,
+ logon_srv, mach_acct, sec_chan_type, comp_name,
+ clnt_cred,
+ nt_owf_new_mach_pwd);
+
+ /* turn parameters into data stream */
+ net_io_q_srv_pwset("", &q_s, &buf, 0);
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, t_idx, fnum, NET_SRVPWSET, &buf, &rbuf))
+ {
+ NET_R_SRV_PWSET r_s;
+ BOOL p;
+
+ net_io_r_srv_pwset("", &r_s, &rbuf, 0);
+ p = rbuf.offset != 0;
+
+ if (p && r_s.status != 0)
+ {
+ /* report error code */
+ DEBUG(0,("NET_R_SRV_PWSET: %s\n", get_nt_error_msg(r_s.status)));
+ p = False;
+ }
+
+ if (p)
+ {
+ if (clnt_deal_with_creds(sess_key, sto_clnt_cred, &(r_s.srv_cred)))
+ {
+ DEBUG(5, ("do_net_srv_pwset: server credential check OK\n"));
+ /* ok, at last: we're happy. return the challenge */
+ memcpy(srv_cred, &(r_s.srv_cred), sizeof(r_s.srv_cred));
+ valid_cred = True;
+ }
+ else
+ {
+ DEBUG(5, ("do_net_srv_pwset: server credential check failed\n"));
+ }
+ }
+ }
+
+ prs_mem_free(&rbuf);
+ prs_mem_free(&buf );
+
+
+ return valid_cred;
+}
+
+/***************************************************************************
+do a LSA SAM Logon
+****************************************************************************/
+BOOL do_net_sam_logon(struct cli_state *cli, int t_idx, uint16 fnum,
+ uchar sess_key[8], DOM_CRED *sto_clnt_cred,
+ char *logon_srv, char *comp_name,
+ DOM_CRED *clnt_cred, DOM_CRED *rtn_cred,
+ uint16 logon_level, NET_ID_INFO_CTR *ctr, uint16 validation_level,
+ NET_USER_INFO_3 *user_info3,
+ DOM_CRED *srv_cred)
+{
+ prs_struct rbuf;
+ prs_struct buf;
+ NET_Q_SAM_LOGON q_s;
+ BOOL valid_cred = False;
+
+ prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
+ prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
+
+ if (srv_cred == NULL || clnt_cred == NULL || rtn_cred == NULL || user_info3 == NULL) return False;
+
+ /* create and send a MSRPC command with api NET_SAMLOGON */
+
+ DEBUG(4,("LSA SAM Logon: srv:%s mc:%s clnt %s %lx rtn: %s %lx ll: %d\n",
+ logon_srv, comp_name,
+ credstr(clnt_cred->challenge.data), clnt_cred->timestamp.time,
+ credstr(rtn_cred->challenge.data), rtn_cred ->timestamp.time,
+ logon_level));
+
+ /* store the parameters */
+ make_sam_info(&(q_s.sam_id), logon_srv, comp_name,
+ clnt_cred, rtn_cred,
+ logon_level, ctr, validation_level);
+
+ /* turn parameters into data stream */
+ net_io_q_sam_logon("", &q_s, &buf, 0);
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, t_idx, fnum, NET_SAMLOGON, &buf, &rbuf))
+ {
+ NET_R_SAM_LOGON r_s;
+ BOOL p;
+
+ r_s.user = user_info3;
+
+ net_io_r_sam_logon("", &r_s, &rbuf, 0);
+ p = rbuf.offset != 0;
+
+ if (p && r_s.status != 0)
+ {
+ /* report error code */
+ DEBUG(0,("NET_SAMLOGON: %s\n", get_nt_error_msg(r_s.status)));
+ p = False;
+ }
+
+ if (p && r_s.switch_value != 3)
+ {
+ /* report different switch_value */
+ DEBUG(0,("NET_SAMLOGON: switch_value of 3 expected %x\n",
+ r_s.switch_value));
+ p = False;
+ }
+
+ if (p)
+ {
+ if (clnt_deal_with_creds(sess_key, sto_clnt_cred, &(r_s.srv_creds)))
+ {
+ DEBUG(5, ("do_net_sam_logon: server credential check OK\n"));
+ /* ok, at last: we're happy. return the challenge */
+ memcpy(srv_cred, &(r_s.srv_creds), sizeof(r_s.srv_creds));
+ valid_cred = True;
+ }
+ else
+ {
+ DEBUG(5, ("do_net_sam_logon: server credential check failed\n"));
+ }
+ }
+ }
+
+ prs_mem_free(&rbuf);
+ prs_mem_free(&buf );