various: Remove references to about to be deleted thirdparty/dnspython

[bbaumbach/samba-autobuild/.git] / python / samba / emulate / traffic_packets.py

diff --git a/python/samba/emulate/traffic_packets.py b/python/samba/emulate/traffic_packets.py
index 390041b95137667fe739464d54b10eea4243c45e..518bffac390581864ce46b6a00bc1193e42bbc67 100644 (file)
--- a/python/samba/emulate/traffic_packets.py
+++ b/python/samba/emulate/traffic_packets.py
@@ -35,11 +35,10 @@ from samba.ntstatus import (
     NT_STATUS_OBJECT_NAME_NOT_FOUND,
     NT_STATUS_NO_SUCH_DOMAIN
 )
-from samba.dcerpc.misc import SEC_CHAN_WKSTA
 import samba
-samba.ensure_third_party_module("dns", "dnspython")
 import dns.resolver
 
+
 def uint32(v):
     return ctypes.c_uint32(v).value
 
@@ -48,7 +47,7 @@ def check_runtime_error(runtime, val):
     if runtime is None:
         return False
 
-    err32 = uint32(runtime[0])
+    err32 = uint32(runtime.args[0])
     if err32 == val:
         return True
 
@@ -242,7 +241,13 @@ def packet_drsuapi_12(packet, conversation, context):
 def packet_drsuapi_13(packet, conversation, context):
     # DsWriteAccountSpn
     req = drsuapi.DsWriteAccountSpnRequest1()
-    req.operation = drsuapi.DRSUAPI_DS_SPN_OPERATION_ADD
+    req.operation = drsuapi.DRSUAPI_DS_SPN_OPERATION_REPLACE
+    req.unknown1 = 0  # Unused, must be 0
+    req.object_dn = context.user_dn
+    req.count = 1  # only 1 name
+    spn_name = drsuapi.DsNameString()
+    spn_name.str = 'foo/{}'.format(context.username)
+    req.spn_names = [spn_name]
     (drs, handle) = context.get_drsuapi_connection_pair()
     (level, res) = drs.DsWriteAccountSpn(handle, 1, req)
     return True
@@ -558,14 +563,16 @@ def packet_rpc_netlogon_30(packet, conversation, context):
     # subsequent runs
     newpass = context.machine_creds.get_password().encode('utf-16-le')
     pwd_len = len(newpass)
-    filler  = [ord(x) for x in os.urandom(DATA_LEN - pwd_len)]
+    filler  = [x if isinstance(x, int) else ord(x) for x in os.urandom(DATA_LEN - pwd_len)]
     pwd = netlogon.netr_CryptPassword()
     pwd.length = pwd_len
-    pwd.data = filler + [ord(x) for x in newpass]
+    pwd.data = filler + [x if isinstance(x, int) else ord(x) for x in newpass]
     context.machine_creds.encrypt_netr_crypt_password(pwd)
     c.netr_ServerPasswordSet2(context.server,
-                              context.machine_creds.get_workstation(),
-                              SEC_CHAN_WKSTA,
+                              # must ends with $, so use get_username instead
+                              # of get_workstation here
+                              context.machine_creds.get_username(),
+                              context.machine_creds.get_secure_channel_type(),
                               context.netbios_name,
                               auth,
                               pwd)
@@ -637,10 +644,11 @@ def samlogon_logon_info(domain_name, computer_name, creds):
 
     logon = netlogon.netr_NetworkInfo()
 
-    logon.challenge     = [ord(x) for x in challenge]
+    logon.challenge     = [x if isinstance(x, int) else ord(x) for x in challenge]
     logon.nt            = netlogon.netr_ChallengeResponse()
     logon.nt.length     = len(response["nt_response"])
-    logon.nt.data       = [ord(x) for x in response["nt_response"]]
+    logon.nt.data       = [x if isinstance(x, int) else ord(x) for x in response["nt_response"]]
+
     logon.identity_info = netlogon.netr_IdentityInfo()
 
     (username, domain)  = creds.get_ntlm_username_domain()
@@ -928,16 +936,32 @@ def packet_srvsvc_16(packet, conversation, context):
     # NetShareGetInfo
     s = context.get_srvsvc_connection()
     server_unc = "\\\\" + context.server
-    share_name = "netlogon"
+    share_name = "IPC$"
     level = 1
     s.NetShareGetInfo(server_unc, share_name, level)
     return True
 
 
 def packet_srvsvc_21(packet, conversation, context):
-    # NetSrvGetInfo
+    """NetSrvGetInfo
+
+    FIXME: Level changed from 102 to 101 here, to bypass Windows error.
+
+    Level 102 will cause WERR_ACCESS_DENIED error against Windows, because:
+
+        > If the level is 102 or 502, the Windows implementation checks whether
+        > the caller is a member of one of the groups previously mentioned or
+        > is a member of the Power Users local group.
+
+    It passed against Samba since this check is not implemented by Samba yet.
+
+    refer to:
+
+        https://msdn.microsoft.com/en-us/library/cc247297.aspx#Appendix_A_80
+
+    """
     srvsvc = context.get_srvsvc_connection()
     server_unc = "\\\\" + context.server
-    level = 102
+    level = 101
     srvsvc.NetSrvGetInfo(server_unc, level)
     return True