BOOL ntlmssp_auth;
unsigned char ntlmssp_hash[258];
+ fstring user_name;
+ fstring domain;
+ fstring wks;
uint32 file_offset;
uint32 hdr_offsets;
* Now start the NT Domain stuff :-).
*/
- if(cli_nt_session_open(&cli, PIPE_NETLOGON, False) == False) {
+ if(cli_nt_session_open(&cli, PIPE_NETLOGON) == False) {
DEBUG(0,("modify_trust_password: unable to open the domain client session to \
machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli)));
cli_nt_session_close(&cli);
return valid_ack;
}
+/****************************************************************************
+ set ntlmssp negotiation flags
+ ****************************************************************************/
+
+BOOL cli_nt_set_ntlmssp_flgs(struct cli_state *cli, uint32 ntlmssp_flgs)
+{
+ cli->ntlmssp_cli_flgs = ntlmssp_flgs;
+}
+
+
/****************************************************************************
open a session
****************************************************************************/
-BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name, BOOL encrypted)
+BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name)
{
RPC_IFACE abstract;
RPC_IFACE transfer;
/******************* bind request on pipe *****************/
- if (encrypted)
- {
- cli->ntlmssp_cli_flgs = 0xb2b3;
-/* NTLMSSP_NEGOTIATE_UNICODE |
- NTLMSSP_NEGOTIATE_OEM |
-
- NTLMSSP_NEGOTIATE_SIGN |
- NTLMSSP_NEGOTIATE_SEAL |
- NTLMSSP_NEGOTIATE_LM_KEY |
- NTLMSSP_NEGOTIATE_NTLM |
- NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
-
- NTLMSSP_NEGOTIATE_00001000 |
- NTLMSSP_NEGOTIATE_00002000;
- */
- DEBUG(5,("cli_nt_session_open: neg_flags: %x\n",
- cli->ntlmssp_cli_flgs));
- }
-
if (!rpc_pipe_bind(cli, pipe_name,
&abstract, &transfer,
global_myname))
SERIOUSLY ALPHA CODE!
****************************************************************************/
-int write_pipe(pipes_struct *p, char *data, int n)
+ssize_t write_pipe(pipes_struct *p, char *data, size_t n)
{
prs_struct pd;
struct mem_buf data_buf;
pd.io = True;
pd.offset = 0;
- return rpc_command(p, &pd) ? n : -1;
+ return rpc_command(p, &pd) ? ((ssize_t)n) : -1;
}
return p->rhdr.data != NULL && p->rhdr.offset == 0x18;
}
+static BOOL api_pipe_ntlmssp_verify(pipes_struct *p)
+{
+ uchar lm_owf[24];
+ uchar nt_owf[24];
+
+ DEBUG(5,("api_pipe_ntlmssp_verify: checking user details\n"));
+
+ if (p->ntlmssp_resp.hdr_lm_resp.str_str_len == 0) return False;
+ if (p->ntlmssp_resp.hdr_nt_resp.str_str_len == 0) return False;
+ if (p->ntlmssp_resp.hdr_usr .str_str_len == 0) return False;
+ if (p->ntlmssp_resp.hdr_domain .str_str_len == 0) return False;
+ if (p->ntlmssp_resp.hdr_wks .str_str_len == 0) return False;
+
+ memset(p->user_name, 0, sizeof(p->user_name));
+ memset(p->domain , 0, sizeof(p->domain ));
+ memset(p->wks , 0, sizeof(p->wks ));
+
+ if (IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
+ {
+ fstrcpy(p->user_name, unistrn2((uint16*)p->ntlmssp_resp.user , p->ntlmssp_resp.hdr_usr .str_str_len/2));
+ fstrcpy(p->domain , unistrn2((uint16*)p->ntlmssp_resp.domain, p->ntlmssp_resp.hdr_domain.str_str_len/2));
+ fstrcpy(p->wks , unistrn2((uint16*)p->ntlmssp_resp.wks , p->ntlmssp_resp.hdr_wks .str_str_len/2));
+ }
+ else
+ {
+ fstrcpy(p->user_name, p->ntlmssp_resp.user );
+ fstrcpy(p->domain , p->ntlmssp_resp.domain);
+ fstrcpy(p->wks , p->ntlmssp_resp.wks );
+ }
+
+ DEBUG(5,("user: %s domain: %s wks: %s\n", p->user_name, p->domain, p->wks));
+
+ memcpy(lm_owf, p->ntlmssp_resp.lm_resp, sizeof(lm_owf));
+ memcpy(nt_owf, p->ntlmssp_resp.nt_resp, sizeof(nt_owf));
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,"lm, nt owfs:\n"));
+ dump_data(100, lm_owf, sizeof(lm_owf));
+ dump_data(100, nt_owf, sizeof(nt_owf));
+#endif
+ return True;
+#if 0
+ return pass_check_smb(p->user_name, p->domain,
+ p->ntplssp_chal.challenge, lm_owf, nt_owf);
+#endif
+}
static BOOL api_pipe_ntlmssp(pipes_struct *p, prs_struct *pd)
{
case NTLMSSP_AUTH:
{
smb_io_rpc_auth_ntlmssp_resp("", &p->ntlmssp_resp, pd, 0);
+ if (!api_pipe_ntlmssp_verify(p))
+ {
+ pd->offset = 0;
+ }
break;
}
default:
DEBUG(5, ("cmd_lsa_query_info: smb_cli->fd:%d\n", smb_cli->fd));
/* open LSARPC session. */
- res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False;
/* lookup domain controller; receive a policy handle */
res = res ? do_lsa_open_policy(smb_cli,
sids[0] = &sid;
/* open LSARPC session. */
- res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False;
/* lookup domain controller; receive a policy handle */
res = res ? do_lsa_open_policy(smb_cli,
info->mach_acct, new_mach_pwd) : False;
#endif
/* open NETLOGON session. negotiate credentials */
- res = res ? cli_nt_session_open(smb_cli, PIPE_NETLOGON, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_NETLOGON) : False;
res = res ? cli_nt_setup_creds(smb_cli, trust_passwd) : False;
fstring sid;
char *new_passwd;
BOOL res = True;
- char nt_newpass[516];
- char nt_hshhash[16];
- char nt_newhash[16];
- char nt_oldhash[16];
- char lm_newpass[516];
- char lm_newhash[16];
- char lm_hshhash[16];
- char lm_oldhash[16];
+ uchar nt_newpass[516];
+ uchar nt_hshhash[16];
+ uchar nt_newhash[16];
+ uchar nt_oldhash[16];
+ uchar lm_newpass[516];
+ uchar lm_newhash[16];
+ uchar lm_hshhash[16];
+ uchar lm_oldhash[16];
fstrcpy(sid , info->dom.level5_sid);
fstrcpy(domain, info->dom.level5_dom);
E_old_pw_hash(lm_newhash, lm_oldhash, lm_hshhash);
E_old_pw_hash(lm_newhash, nt_oldhash, nt_hshhash);
+ cli_nt_set_ntlmssp_flgs(smb_cli,
+ NTLMSSP_NEGOTIATE_UNICODE |
+ NTLMSSP_NEGOTIATE_OEM |
+ NTLMSSP_NEGOTIATE_SIGN |
+ NTLMSSP_NEGOTIATE_SEAL |
+ NTLMSSP_NEGOTIATE_LM_KEY |
+ NTLMSSP_NEGOTIATE_NTLM |
+ NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
+ NTLMSSP_NEGOTIATE_00001000 |
+ NTLMSSP_NEGOTIATE_00002000);
+
/* open SAMR session. */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, True) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
/* establish a connection. */
res = res ? do_samr_unknown_38(smb_cli, srv_name) : False;
srv_name, smb_cli->user_name,
nt_newpass, nt_hshhash,
lm_newpass, lm_hshhash) : False;
-
/* close the session */
cli_nt_session_close(smb_cli);
fprintf(out_hnd, "SAM Encryption Test\n");
/* open SAMR session. */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, True) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
/* establish a connection. */
res = res ? do_samr_unknown_38(smb_cli, srv_name) : False;
#endif
/* open SAMR session. negotiate credentials */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
/* establish a connection. */
res = res ? do_samr_connect(smb_cli,
info->myhostname, srv_name, domain, sid);
/* open SAMR session. negotiate credentials */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
/* establish a connection. */
res = res ? do_samr_connect(smb_cli,
info->myhostname, srv_name, domain, sid);
/* open SAMR session. negotiate credentials */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
/* establish a connection. */
res = res ? do_samr_connect(smb_cli,
info->myhostname, srv_name, domain, sid);
/* open SAMR session. negotiate credentials */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
/* establish a connection. */
res = res ? do_samr_connect(smb_cli,
DEBUG(5, ("cmd_srv_query_info: smb_cli->fd:%d\n", smb_cli->fd));
/* open LSARPC session. */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC) : False;
/* send info level: receive requested info. hopefully. */
res = res ? do_srv_net_srv_get_info(smb_cli,
DEBUG(5, ("cmd_srv_enum_conn: smb_cli->fd:%d\n", smb_cli->fd));
/* open srvsvc session. */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC) : False;
hnd.ptr_hnd = 1;
hnd.handle = 0;
DEBUG(5, ("cmd_srv_enum_shares: smb_cli->fd:%d\n", smb_cli->fd));
/* open srvsvc session. */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC) : False;
hnd.ptr_hnd = 0;
hnd.handle = 0;
DEBUG(5, ("cmd_srv_enum_sess: smb_cli->fd:%d\n", smb_cli->fd));
/* open srvsvc session. */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC) : False;
hnd.ptr_hnd = 1;
hnd.handle = 0;
DEBUG(5, ("cmd_srv_enum_files: smb_cli->fd:%d\n", smb_cli->fd));
/* open srvsvc session. */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC) : False;
hnd.ptr_hnd = 1;
hnd.handle = 0;
DEBUG(5, ("cmd_wks_query_info: smb_cli->fd:%d\n", smb_cli->fd));
/* open LSARPC session. */
- res = res ? cli_nt_session_open(smb_cli, PIPE_WKSSVC, False) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_WKSSVC) : False;
/* send info level: receive requested info. hopefully. */
res = res ? do_wks_query_info(smb_cli,
git.samba.org / bbaumbach / samba-autobuild / .git / commitdiff