2 Unix SMB/CIFS implementation.
3 NT Domain Authentication SMB / MSRPC client
4 Copyright (C) Andrew Tridgell 1994-1997
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 /************************************************************************
26 check workstation trust account status
27 ************************************************************************/
28 BOOL trust_account_check(struct in_addr dest_ip, char *dest_host,
29 char *hostname, char *domain, fstring mach_acct,
34 struct cli_state cli_trust;
35 uchar lm_owf_mach_pwd[16];
36 uchar nt_owf_mach_pwd[16];
37 uchar lm_sess_pwd[24];
38 uchar nt_sess_pwd[24];
40 BOOL right_error_code = False;
45 char *change_mach_pwd;
47 /* initial machine password */
48 fstrcpy(mach_pwd, hostname);
51 slprintf(tmp, sizeof(tmp) - 1,"Enter Workstation Trust Account password for [%s].\nDefault is [%s].\nPassword:",
54 start_mach_pwd = (char*)getpass(tmp);
56 if (start_mach_pwd[0] != 0)
58 fstrcpy(mach_pwd, start_mach_pwd);
61 slprintf(tmp, sizeof(tmp)-1, "Enter new Workstation Trust Account password for [%s]\nPress Return to leave at old value.\nNew Password:",
64 change_mach_pwd = (char*)getpass(tmp);
66 if (change_mach_pwd[0] != 0)
68 fstrcpy(new_mach_pwd, change_mach_pwd);
72 DEBUG(1,("trust_account_check: password change not requested\n"));
73 change_mach_pwd[0] = 0;
76 DEBUG(1,("initialise cli_trust connection\n"));
78 if (!cli_initialise(&cli_trust))
80 DEBUG(1,("cli_initialise failed for cli_trust\n"));
84 DEBUG(1,("server connect for cli_trust\n"));
86 if (!server_connect_init(&cli_trust, hostname, dest_ip, dest_host))
88 cli_error(&cli_trust, &err_cls, &err_num, NULL);
89 DEBUG(1,("server_connect_init failed (%s)\n", cli_errstr(&cli_trust)));
91 cli_shutdown(&cli_trust);
95 DEBUG(1,("server connect cli_trust succeeded\n"));
97 nt_lm_owf_gen(mach_pwd, nt_owf_mach_pwd, lm_owf_mach_pwd);
99 DEBUG(5,("generating nt owf from initial machine pwd: %s\n", mach_pwd));
101 #ifdef DEBUG_PASSWORD
102 DEBUG(100,("client cryptkey: "));
103 dump_data(100, cli_trust.cryptkey, sizeof(cli_trust.cryptkey));
106 SMBencrypt(nt_owf_mach_pwd, cli_trust.cryptkey, nt_sess_pwd);
108 #ifdef DEBUG_PASSWORD
109 DEBUG(100,("nt_owf_mach_pwd: "));
110 dump_data(100, nt_owf_mach_pwd, sizeof(lm_owf_mach_pwd));
111 DEBUG(100,("nt_sess_pwd: "));
112 dump_data(100, nt_sess_pwd, sizeof(nt_sess_pwd));
115 SMBencrypt(lm_owf_mach_pwd, cli_trust.cryptkey, lm_sess_pwd);
117 #ifdef DEBUG_PASSWORD
118 DEBUG(100,("lm_owf_mach_pwd: "));
119 dump_data(100, lm_owf_mach_pwd, sizeof(lm_owf_mach_pwd));
120 DEBUG(100,("lm_sess_pwd: "));
121 dump_data(100, lm_sess_pwd, sizeof(lm_sess_pwd));
124 right_error_code = False;
126 if (cli_session_setup(&cli_trust, mach_acct,
127 nt_owf_mach_pwd, sizeof(nt_owf_mach_pwd),
128 nt_owf_mach_pwd, sizeof(nt_owf_mach_pwd), domain))
130 DEBUG(0,("cli_session_setup: NO ERROR! AAAGH! BUG IN SERVER DETECTED!!!\n"));
131 cli_shutdown(&cli_trust);
136 cli_error(&cli_trust, &err_cls, &err_num, NULL);
138 if (err_num == (0xC0000000 | NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT))
140 DEBUG(1,("cli_send_tconX: valid workstation trust account exists\n"));
141 right_error_code = True;
144 if (err_num == (0xC0000000 | NT_STATUS_NO_SUCH_USER))
146 DEBUG(1,("cli_send_tconX: workstation trust account does not exist\n"));
147 right_error_code = False;
150 if (!right_error_code)
152 DEBUG(1,("server_validate failed (%s)\n", cli_errstr(&cli_trust)));
155 cli_shutdown(&cli_trust);
156 return right_error_code;