s4:schannel merge code with s3
[ira/wip.git] / source4 / rpc_server / netlogon / dcerpc_netlogon.c
1 /*
2    Unix SMB/CIFS implementation.
3
4    endpoint server for the netlogon pipe
5
6    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2008
7    Copyright (C) Stefan Metzmacher <metze@samba.org>  2005
8    Copyright (C) Matthias Dieter Wallnöfer            2009
9
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 3 of the License, or
13    (at your option) any later version.
14
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19
20    You should have received a copy of the GNU General Public License
21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "rpc_server/dcerpc_server.h"
26 #include "auth/auth.h"
27 #include "auth/auth_sam_reply.h"
28 #include "dsdb/samdb/samdb.h"
29 #include "../lib/util/util_ldb.h"
30 #include "../libcli/auth/schannel.h"
31 #include "libcli/security/security.h"
32 #include "param/param.h"
33 #include "lib/messaging/irpc.h"
34 #include "librpc/gen_ndr/ndr_irpc.h"
35
36 struct netlogon_server_pipe_state {
37         struct netr_Credential client_challenge;
38         struct netr_Credential server_challenge;
39 };
40
41 static NTSTATUS dcesrv_netr_ServerReqChallenge(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
42                                         struct netr_ServerReqChallenge *r)
43 {
44         struct netlogon_server_pipe_state *pipe_state =
45                 talloc_get_type(dce_call->context->private_data, struct netlogon_server_pipe_state);
46
47         ZERO_STRUCTP(r->out.return_credentials);
48
49         /* destroyed on pipe shutdown */
50
51         if (pipe_state) {
52                 talloc_free(pipe_state);
53                 dce_call->context->private_data = NULL;
54         }
55
56         pipe_state = talloc(dce_call->context, struct netlogon_server_pipe_state);
57         NT_STATUS_HAVE_NO_MEMORY(pipe_state);
58
59         pipe_state->client_challenge = *r->in.credentials;
60
61         generate_random_buffer(pipe_state->server_challenge.data,
62                                sizeof(pipe_state->server_challenge.data));
63
64         *r->out.return_credentials = pipe_state->server_challenge;
65
66         dce_call->context->private_data = pipe_state;
67
68         return NT_STATUS_OK;
69 }
70
71 static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
72                                          struct netr_ServerAuthenticate3 *r)
73 {
74         struct netlogon_server_pipe_state *pipe_state =
75                 talloc_get_type(dce_call->context->private_data, struct netlogon_server_pipe_state);
76         struct netlogon_creds_CredentialState *creds;
77         struct ldb_context *sam_ctx;
78         struct samr_Password *mach_pwd;
79         uint32_t user_account_control;
80         int num_records;
81         struct ldb_message **msgs;
82         NTSTATUS nt_status;
83         const char *attrs[] = {"unicodePwd", "userAccountControl",
84                                "objectSid", NULL};
85
86         const char *trust_dom_attrs[] = {"flatname", NULL};
87         const char *account_name;
88
89         ZERO_STRUCTP(r->out.return_credentials);
90         *r->out.rid = 0;
91
92         /*
93          * According to Microsoft (see bugid #6099)
94          * Windows 7 looks at the negotiate_flags
95          * returned in this structure *even if the
96          * call fails with access denied!
97          */
98         *r->out.negotiate_flags = NETLOGON_NEG_ACCOUNT_LOCKOUT |
99                                   NETLOGON_NEG_PERSISTENT_SAMREPL |
100                                   NETLOGON_NEG_ARCFOUR |
101                                   NETLOGON_NEG_PROMOTION_COUNT |
102                                   NETLOGON_NEG_CHANGELOG_BDC |
103                                   NETLOGON_NEG_FULL_SYNC_REPL |
104                                   NETLOGON_NEG_MULTIPLE_SIDS |
105                                   NETLOGON_NEG_REDO |
106                                   NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL |
107                                   NETLOGON_NEG_SEND_PASSWORD_INFO_PDC |
108                                   NETLOGON_NEG_GENERIC_PASSTHROUGH |
109                                   NETLOGON_NEG_CONCURRENT_RPC |
110                                   NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL |
111                                   NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL |
112                                   NETLOGON_NEG_STRONG_KEYS |
113                                   NETLOGON_NEG_TRANSITIVE_TRUSTS |
114                                   NETLOGON_NEG_DNS_DOMAIN_TRUSTS |
115                                   NETLOGON_NEG_PASSWORD_SET2 |
116                                   NETLOGON_NEG_GETDOMAININFO |
117                                   NETLOGON_NEG_CROSS_FOREST_TRUSTS |
118                                   NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION |
119                                   NETLOGON_NEG_RODC_PASSTHROUGH |
120                                   NETLOGON_NEG_AUTHENTICATED_RPC_LSASS |
121                                   NETLOGON_NEG_AUTHENTICATED_RPC;
122
123         if (!pipe_state) {
124                 DEBUG(1, ("No challenge requested by client, cannot authenticate\n"));
125                 return NT_STATUS_ACCESS_DENIED;
126         }
127
128         sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx,
129                                 system_session(dce_call->conn->dce_ctx->lp_ctx));
130         if (sam_ctx == NULL) {
131                 return NT_STATUS_INVALID_SYSTEM_SERVICE;
132         }
133
134         if (r->in.secure_channel_type == SEC_CHAN_DNS_DOMAIN) {
135                 char *encoded_account = ldb_binary_encode_string(mem_ctx, r->in.account_name);
136                 const char *flatname;
137                 if (!encoded_account) {
138                         return NT_STATUS_NO_MEMORY;
139                 }
140
141                 /* Kill the trailing dot */
142                 if (encoded_account[strlen(encoded_account)-1] == '.') {
143                         encoded_account[strlen(encoded_account)-1] = '\0';
144                 }
145
146                 /* pull the user attributes */
147                 num_records = gendb_search(sam_ctx, mem_ctx, NULL, &msgs,
148                                            trust_dom_attrs,
149                                            "(&(trustPartner=%s)(objectclass=trustedDomain))",
150                                            encoded_account);
151
152                 if (num_records == 0) {
153                         DEBUG(3,("Couldn't find trust [%s] in samdb.\n",
154                                  encoded_account));
155                         return NT_STATUS_ACCESS_DENIED;
156                 }
157
158                 if (num_records > 1) {
159                         DEBUG(0,("Found %d records matching user [%s]\n", num_records, r->in.account_name));
160                         return NT_STATUS_INTERNAL_DB_CORRUPTION;
161                 }
162
163                 flatname = ldb_msg_find_attr_as_string(msgs[0], "flatname", NULL);
164                 if (!flatname) {
165                         /* No flatname for this trust - we can't proceed */
166                         return NT_STATUS_ACCESS_DENIED;
167                 }
168                 account_name = talloc_asprintf(mem_ctx, "%s$", flatname);
169
170                 if (!account_name) {
171                         return NT_STATUS_NO_MEMORY;
172                 }
173
174         } else {
175                 account_name = r->in.account_name;
176         }
177
178         /* pull the user attributes */
179         num_records = gendb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
180                                    "(&(sAMAccountName=%s)(objectclass=user))",
181                                    ldb_binary_encode_string(mem_ctx, account_name));
182
183         if (num_records == 0) {
184                 DEBUG(3,("Couldn't find user [%s] in samdb.\n",
185                          r->in.account_name));
186                 return NT_STATUS_ACCESS_DENIED;
187         }
188
189         if (num_records > 1) {
190                 DEBUG(0,("Found %d records matching user [%s]\n", num_records, r->in.account_name));
191                 return NT_STATUS_INTERNAL_DB_CORRUPTION;
192         }
193
194         user_account_control = ldb_msg_find_attr_as_uint(msgs[0], "userAccountControl", 0);
195
196         if (user_account_control & UF_ACCOUNTDISABLE) {
197                 DEBUG(1, ("Account [%s] is disabled\n", r->in.account_name));
198                 return NT_STATUS_ACCESS_DENIED;
199         }
200
201         if (r->in.secure_channel_type == SEC_CHAN_WKSTA) {
202                 if (!(user_account_control & UF_WORKSTATION_TRUST_ACCOUNT)) {
203                         DEBUG(1, ("Client asked for a workstation secure channel, but is not a workstation (member server) acb flags: 0x%x\n", user_account_control));
204                         return NT_STATUS_ACCESS_DENIED;
205                 }
206         } else if (r->in.secure_channel_type == SEC_CHAN_DOMAIN ||
207                    r->in.secure_channel_type == SEC_CHAN_DNS_DOMAIN) {
208                 if (!(user_account_control & UF_INTERDOMAIN_TRUST_ACCOUNT)) {
209                         DEBUG(1, ("Client asked for a trusted domain secure channel, but is not a trusted domain: acb flags: 0x%x\n", user_account_control));
210
211                         return NT_STATUS_ACCESS_DENIED;
212                 }
213         } else if (r->in.secure_channel_type == SEC_CHAN_BDC) {
214                 if (!(user_account_control & UF_SERVER_TRUST_ACCOUNT)) {
215                         DEBUG(1, ("Client asked for a server secure channel, but is not a server (domain controller): acb flags: 0x%x\n", user_account_control));
216                         return NT_STATUS_ACCESS_DENIED;
217                 }
218         } else {
219                 DEBUG(1, ("Client asked for an invalid secure channel type: %d\n",
220                           r->in.secure_channel_type));
221                 return NT_STATUS_ACCESS_DENIED;
222         }
223
224         *r->out.rid = samdb_result_rid_from_sid(mem_ctx, msgs[0],
225                                                 "objectSid", 0);
226
227         mach_pwd = samdb_result_hash(mem_ctx, msgs[0], "unicodePwd");
228         if (mach_pwd == NULL) {
229                 return NT_STATUS_ACCESS_DENIED;
230         }
231
232         creds = netlogon_creds_server_init(mem_ctx,
233                                            r->in.account_name,
234                                            r->in.computer_name,
235                                            r->in.secure_channel_type,
236                                            &pipe_state->client_challenge,
237                                            &pipe_state->server_challenge,
238                                            mach_pwd,
239                                            r->in.credentials,
240                                            r->out.return_credentials,
241                                            *r->in.negotiate_flags);
242
243         if (!creds) {
244                 return NT_STATUS_ACCESS_DENIED;
245         }
246
247         creds->sid = samdb_result_dom_sid(creds, msgs[0], "objectSid");
248
249         nt_status = schannel_save_creds_state(mem_ctx,
250                                               lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx),
251                                               lp_private_dir(dce_call->conn->dce_ctx->lp_ctx),
252                                               creds);
253
254         return nt_status;
255 }
256
257 static NTSTATUS dcesrv_netr_ServerAuthenticate(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
258                                         struct netr_ServerAuthenticate *r)
259 {
260         struct netr_ServerAuthenticate3 a;
261         uint32_t rid;
262         /* TODO:
263          * negotiate_flags is used as an [in] parameter
264          * so it need to be initialised.
265          *
266          * (I think ... = 0; seems wrong here --metze)
267          */
268         uint32_t negotiate_flags_in = 0;
269         uint32_t negotiate_flags_out = 0;
270
271         a.in.server_name                = r->in.server_name;
272         a.in.account_name               = r->in.account_name;
273         a.in.secure_channel_type        = r->in.secure_channel_type;
274         a.in.computer_name              = r->in.computer_name;
275         a.in.credentials                = r->in.credentials;
276         a.in.negotiate_flags            = &negotiate_flags_in;
277
278         a.out.return_credentials        = r->out.return_credentials;
279         a.out.rid                       = &rid;
280         a.out.negotiate_flags           = &negotiate_flags_out;
281
282         return dcesrv_netr_ServerAuthenticate3(dce_call, mem_ctx, &a);
283 }
284
285 static NTSTATUS dcesrv_netr_ServerAuthenticate2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
286                                          struct netr_ServerAuthenticate2 *r)
287 {
288         struct netr_ServerAuthenticate3 r3;
289         uint32_t rid = 0;
290
291         r3.in.server_name = r->in.server_name;
292         r3.in.account_name = r->in.account_name;
293         r3.in.secure_channel_type = r->in.secure_channel_type;
294         r3.in.computer_name = r->in.computer_name;
295         r3.in.credentials = r->in.credentials;
296         r3.out.return_credentials = r->out.return_credentials;
297         r3.in.negotiate_flags = r->in.negotiate_flags;
298         r3.out.negotiate_flags = r->out.negotiate_flags;
299         r3.out.rid = &rid;
300
301         return dcesrv_netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
302 }
303
304 /*
305  * NOTE: The following functions are nearly identical to the ones available in
306  * source3/rpc_server/srv_nelog_nt.c
307  * The reason we keep 2 copies is that they use different structures to
308  * represent the auth_info and the decrpc pipes.
309  */
310
311 /*
312  * If schannel is required for this call test that it actually is available.
313  */
314 static NTSTATUS schannel_check_required(struct dcerpc_auth *auth_info,
315                                         const char *computer_name,
316                                         bool integrity, bool privacy)
317 {
318
319         if (auth_info && auth_info->auth_type == DCERPC_AUTH_TYPE_SCHANNEL) {
320                 if (!privacy && !integrity) {
321                         return NT_STATUS_OK;
322                 }
323
324                 if ((!privacy && integrity) &&
325                     auth_info->auth_level == DCERPC_AUTH_LEVEL_INTEGRITY) {
326                         return NT_STATUS_OK;
327                 }
328
329                 if ((privacy || integrity) &&
330                     auth_info->auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
331                         return NT_STATUS_OK;
332                 }
333         }
334
335         /* test didn't pass */
336         DEBUG(0, ("schannel_check_required: [%s] is not using schannel\n",
337                   computer_name));
338
339         return NT_STATUS_ACCESS_DENIED;
340 }
341
342 static NTSTATUS dcesrv_netr_creds_server_step_check(struct dcesrv_call_state *dce_call,
343                                                     TALLOC_CTX *mem_ctx,
344                                                     const char *computer_name,
345                                                     struct netr_Authenticator *received_authenticator,
346                                                     struct netr_Authenticator *return_authenticator,
347                                                     struct netlogon_creds_CredentialState **creds_out)
348 {
349         NTSTATUS nt_status;
350         struct dcerpc_auth *auth_info = dce_call->conn->auth_state.auth_info;
351         bool schannel_global_required = false; /* Should be lp_schannel_server() == true */
352
353         if (schannel_global_required) {
354                 nt_status = schannel_check_required(auth_info,
355                                                     computer_name,
356                                                     true, false);
357                 if (!NT_STATUS_IS_OK(nt_status)) {
358                         return nt_status;
359                 }
360         }
361
362         nt_status = schannel_check_creds_state(mem_ctx,
363                                                lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx),
364                                                lp_private_dir(dce_call->conn->dce_ctx->lp_ctx),
365                                                computer_name,
366                                                received_authenticator,
367                                                return_authenticator,
368                                                creds_out);
369         return nt_status;
370 }
371
372 /*
373   Change the machine account password for the currently connected
374   client.  Supplies only the NT#.
375 */
376
377 static NTSTATUS dcesrv_netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
378                                        struct netr_ServerPasswordSet *r)
379 {
380         struct netlogon_creds_CredentialState *creds;
381         struct ldb_context *sam_ctx;
382         NTSTATUS nt_status;
383
384         nt_status = dcesrv_netr_creds_server_step_check(dce_call,
385                                                         mem_ctx,
386                                                         r->in.computer_name,
387                                                         r->in.credential, r->out.return_authenticator,
388                                                         &creds);
389         NT_STATUS_NOT_OK_RETURN(nt_status);
390
391         sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, system_session(dce_call->conn->dce_ctx->lp_ctx));
392         if (sam_ctx == NULL) {
393                 return NT_STATUS_INVALID_SYSTEM_SERVICE;
394         }
395
396         netlogon_creds_des_decrypt(creds, r->in.new_password);
397
398         /* Using the sid for the account as the key, set the password */
399         nt_status = samdb_set_password_sid(sam_ctx, mem_ctx,
400                                            creds->sid,
401                                            NULL, /* Don't have plaintext */
402                                            NULL, r->in.new_password,
403                                            true, /* Password change */
404                                            NULL, NULL);
405         return nt_status;
406 }
407
408 /*
409   Change the machine account password for the currently connected
410   client.  Supplies new plaintext.
411 */
412 static NTSTATUS dcesrv_netr_ServerPasswordSet2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
413                                        struct netr_ServerPasswordSet2 *r)
414 {
415         struct netlogon_creds_CredentialState *creds;
416         struct ldb_context *sam_ctx;
417         NTSTATUS nt_status;
418         DATA_BLOB new_password;
419
420         struct samr_CryptPassword password_buf;
421
422         nt_status = dcesrv_netr_creds_server_step_check(dce_call,
423                                                         mem_ctx,
424                                                         r->in.computer_name,
425                                                         r->in.credential, r->out.return_authenticator,
426                                                         &creds);
427         NT_STATUS_NOT_OK_RETURN(nt_status);
428
429         sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, system_session(dce_call->conn->dce_ctx->lp_ctx));
430         if (sam_ctx == NULL) {
431                 return NT_STATUS_INVALID_SYSTEM_SERVICE;
432         }
433
434         memcpy(password_buf.data, r->in.new_password->data, 512);
435         SIVAL(password_buf.data, 512, r->in.new_password->length);
436         netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
437
438         if (!extract_pw_from_buffer(mem_ctx, password_buf.data, &new_password)) {
439                 DEBUG(3,("samr: failed to decode password buffer\n"));
440                 return NT_STATUS_WRONG_PASSWORD;
441         }
442
443         /* Using the sid for the account as the key, set the password */
444         nt_status = samdb_set_password_sid(sam_ctx, mem_ctx,
445                                            creds->sid,
446                                            &new_password, /* we have plaintext */
447                                            NULL, NULL,
448                                            true, /* Password change */
449                                            NULL, NULL);
450         return nt_status;
451 }
452
453
454 /*
455   netr_LogonUasLogon
456 */
457 static WERROR dcesrv_netr_LogonUasLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
458                                  struct netr_LogonUasLogon *r)
459 {
460         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
461 }
462
463
464 /*
465   netr_LogonUasLogoff
466 */
467 static WERROR dcesrv_netr_LogonUasLogoff(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
468                        struct netr_LogonUasLogoff *r)
469 {
470         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
471 }
472
473
474 /*
475   netr_LogonSamLogon_base
476
477   This version of the function allows other wrappers to say 'do not check the credentials'
478
479   We can't do the traditional 'wrapping' format completly, as this function must only run under schannel
480 */
481 static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
482                                         struct netr_LogonSamLogonEx *r, struct netlogon_creds_CredentialState *creds)
483 {
484         struct auth_context *auth_context;
485         struct auth_usersupplied_info *user_info;
486         struct auth_serversupplied_info *server_info;
487         NTSTATUS nt_status;
488         static const char zeros[16];
489         struct netr_SamBaseInfo *sam;
490         struct netr_SamInfo2 *sam2;
491         struct netr_SamInfo3 *sam3;
492         struct netr_SamInfo6 *sam6;
493
494         user_info = talloc(mem_ctx, struct auth_usersupplied_info);
495         NT_STATUS_HAVE_NO_MEMORY(user_info);
496
497         user_info->flags = 0;
498         user_info->mapped_state = false;
499         user_info->remote_host = NULL;
500
501         switch (r->in.logon_level) {
502         case NetlogonInteractiveInformation:
503         case NetlogonServiceInformation:
504         case NetlogonInteractiveTransitiveInformation:
505         case NetlogonServiceTransitiveInformation:
506                 if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
507                         netlogon_creds_arcfour_crypt(creds,
508                                             r->in.logon->password->lmpassword.hash,
509                                             sizeof(r->in.logon->password->lmpassword.hash));
510                         netlogon_creds_arcfour_crypt(creds,
511                                             r->in.logon->password->ntpassword.hash,
512                                             sizeof(r->in.logon->password->ntpassword.hash));
513                 } else {
514                         netlogon_creds_des_decrypt(creds, &r->in.logon->password->lmpassword);
515                         netlogon_creds_des_decrypt(creds, &r->in.logon->password->ntpassword);
516                 }
517
518                 /* TODO: we need to deny anonymous access here */
519                 nt_status = auth_context_create(mem_ctx,
520                                                 dce_call->event_ctx, dce_call->msg_ctx,
521                                                 dce_call->conn->dce_ctx->lp_ctx,
522                                                 &auth_context);
523                 NT_STATUS_NOT_OK_RETURN(nt_status);
524
525                 user_info->logon_parameters = r->in.logon->password->identity_info.parameter_control;
526                 user_info->client.account_name = r->in.logon->password->identity_info.account_name.string;
527                 user_info->client.domain_name = r->in.logon->password->identity_info.domain_name.string;
528                 user_info->workstation_name = r->in.logon->password->identity_info.workstation.string;
529
530                 user_info->flags |= USER_INFO_INTERACTIVE_LOGON;
531                 user_info->password_state = AUTH_PASSWORD_HASH;
532
533                 user_info->password.hash.lanman = talloc(user_info, struct samr_Password);
534                 NT_STATUS_HAVE_NO_MEMORY(user_info->password.hash.lanman);
535                 *user_info->password.hash.lanman = r->in.logon->password->lmpassword;
536
537                 user_info->password.hash.nt = talloc(user_info, struct samr_Password);
538                 NT_STATUS_HAVE_NO_MEMORY(user_info->password.hash.nt);
539                 *user_info->password.hash.nt = r->in.logon->password->ntpassword;
540
541                 break;
542         case NetlogonNetworkInformation:
543         case NetlogonNetworkTransitiveInformation:
544
545                 /* TODO: we need to deny anonymous access here */
546                 nt_status = auth_context_create(mem_ctx,
547                                                 dce_call->event_ctx, dce_call->msg_ctx,
548                                                 dce_call->conn->dce_ctx->lp_ctx,
549                                                 &auth_context);
550                 NT_STATUS_NOT_OK_RETURN(nt_status);
551
552                 nt_status = auth_context_set_challenge(auth_context, r->in.logon->network->challenge, "netr_LogonSamLogonWithFlags");
553                 NT_STATUS_NOT_OK_RETURN(nt_status);
554
555                 user_info->logon_parameters = r->in.logon->network->identity_info.parameter_control;
556                 user_info->client.account_name = r->in.logon->network->identity_info.account_name.string;
557                 user_info->client.domain_name = r->in.logon->network->identity_info.domain_name.string;
558                 user_info->workstation_name = r->in.logon->network->identity_info.workstation.string;
559
560                 user_info->password_state = AUTH_PASSWORD_RESPONSE;
561                 user_info->password.response.lanman = data_blob_talloc(mem_ctx, r->in.logon->network->lm.data, r->in.logon->network->lm.length);
562                 user_info->password.response.nt = data_blob_talloc(mem_ctx, r->in.logon->network->nt.data, r->in.logon->network->nt.length);
563
564                 break;
565
566
567         case NetlogonGenericInformation:
568         {
569                 if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
570                         netlogon_creds_arcfour_crypt(creds,
571                                             r->in.logon->generic->data, r->in.logon->generic->length);
572                 } else {
573                         /* Using DES to verify kerberos tickets makes no sense */
574                         return NT_STATUS_INVALID_PARAMETER;
575                 }
576
577                 if (strcmp(r->in.logon->generic->package_name.string, "Kerberos") == 0) {
578                         NTSTATUS status;
579                         struct server_id *kdc;
580                         struct kdc_check_generic_kerberos check;
581                         struct netr_GenericInfo2 *generic = talloc_zero(mem_ctx, struct netr_GenericInfo2);
582                         NT_STATUS_HAVE_NO_MEMORY(generic);
583                         *r->out.authoritative = 1;
584
585                         /* TODO: Describe and deal with these flags */
586                         *r->out.flags = 0;
587
588                         r->out.validation->generic = generic;
589
590                         kdc = irpc_servers_byname(dce_call->msg_ctx, mem_ctx, "kdc_server");
591                         if ((kdc == NULL) || (kdc[0].id == 0)) {
592                                 return NT_STATUS_NO_LOGON_SERVERS;
593                         }
594
595                         check.in.generic_request =
596                                 data_blob_const(r->in.logon->generic->data,
597                                                 r->in.logon->generic->length);
598
599                         status = irpc_call(dce_call->msg_ctx, kdc[0],
600                                            &ndr_table_irpc, NDR_KDC_CHECK_GENERIC_KERBEROS,
601                                            &check, mem_ctx);
602                         if (!NT_STATUS_IS_OK(status)) {
603                                 return status;
604                         }
605                         generic->length = check.out.generic_reply.length;
606                         generic->data = check.out.generic_reply.data;
607                         return NT_STATUS_OK;
608                 }
609
610                 /* Until we get an implemetnation of these other packages */
611                 return NT_STATUS_INVALID_PARAMETER;
612         }
613         default:
614                 return NT_STATUS_INVALID_PARAMETER;
615         }
616
617         nt_status = auth_check_password(auth_context, mem_ctx, user_info, &server_info);
618         NT_STATUS_NOT_OK_RETURN(nt_status);
619
620         nt_status = auth_convert_server_info_sambaseinfo(mem_ctx, server_info, &sam);
621         NT_STATUS_NOT_OK_RETURN(nt_status);
622
623         /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
624         /* It appears that level 6 is not individually encrypted */
625         if ((r->in.validation_level != 6) &&
626             memcmp(sam->key.key, zeros, sizeof(sam->key.key)) != 0) {
627                 /* This key is sent unencrypted without the ARCFOUR flag set */
628                 if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
629                         netlogon_creds_arcfour_crypt(creds,
630                                             sam->key.key,
631                                             sizeof(sam->key.key));
632                 }
633         }
634
635         /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
636         /* It appears that level 6 is not individually encrypted */
637         if ((r->in.validation_level != 6) &&
638             memcmp(sam->LMSessKey.key, zeros, sizeof(sam->LMSessKey.key)) != 0) {
639                 if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
640                         netlogon_creds_arcfour_crypt(creds,
641                                             sam->LMSessKey.key,
642                                             sizeof(sam->LMSessKey.key));
643                 } else {
644                         netlogon_creds_des_encrypt_LMKey(creds,
645                                                 &sam->LMSessKey);
646                 }
647         }
648
649         switch (r->in.validation_level) {
650         case 2:
651                 sam2 = talloc_zero(mem_ctx, struct netr_SamInfo2);
652                 NT_STATUS_HAVE_NO_MEMORY(sam2);
653                 sam2->base = *sam;
654                 r->out.validation->sam2 = sam2;
655                 break;
656
657         case 3:
658                 sam3 = talloc_zero(mem_ctx, struct netr_SamInfo3);
659                 NT_STATUS_HAVE_NO_MEMORY(sam3);
660                 sam3->base = *sam;
661                 r->out.validation->sam3 = sam3;
662                 break;
663
664         case 6:
665                 sam6 = talloc_zero(mem_ctx, struct netr_SamInfo6);
666                 NT_STATUS_HAVE_NO_MEMORY(sam6);
667                 sam6->base = *sam;
668                 sam6->forest.string = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
669                 sam6->principle.string = talloc_asprintf(mem_ctx, "%s@%s",
670                                                          sam->account_name.string, sam6->forest.string);
671                 NT_STATUS_HAVE_NO_MEMORY(sam6->principle.string);
672                 r->out.validation->sam6 = sam6;
673                 break;
674
675         default:
676                 break;
677         }
678
679         *r->out.authoritative = 1;
680
681         /* TODO: Describe and deal with these flags */
682         *r->out.flags = 0;
683
684         return NT_STATUS_OK;
685 }
686
687 static NTSTATUS dcesrv_netr_LogonSamLogonEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
688                                      struct netr_LogonSamLogonEx *r)
689 {
690         NTSTATUS nt_status;
691         struct netlogon_creds_CredentialState *creds;
692
693         nt_status = schannel_get_creds_state(mem_ctx,
694                                              lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx),
695                                              lp_private_dir(dce_call->conn->dce_ctx->lp_ctx),
696                                              r->in.computer_name, &creds);
697         if (!NT_STATUS_IS_OK(nt_status)) {
698                 return nt_status;
699         }
700
701         if (!dce_call->conn->auth_state.auth_info ||
702             dce_call->conn->auth_state.auth_info->auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
703                 return NT_STATUS_ACCESS_DENIED;
704         }
705         return dcesrv_netr_LogonSamLogon_base(dce_call, mem_ctx, r, creds);
706 }
707
708 /*
709   netr_LogonSamLogonWithFlags
710
711 */
712 static NTSTATUS dcesrv_netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
713                                             struct netr_LogonSamLogonWithFlags *r)
714 {
715         NTSTATUS nt_status;
716         struct netlogon_creds_CredentialState *creds;
717         struct netr_LogonSamLogonEx r2;
718
719         struct netr_Authenticator *return_authenticator;
720
721         return_authenticator = talloc(mem_ctx, struct netr_Authenticator);
722         NT_STATUS_HAVE_NO_MEMORY(return_authenticator);
723
724         nt_status = dcesrv_netr_creds_server_step_check(dce_call,
725                                                         mem_ctx,
726                                                         r->in.computer_name,
727                                                         r->in.credential, return_authenticator,
728                                                         &creds);
729         NT_STATUS_NOT_OK_RETURN(nt_status);
730
731         ZERO_STRUCT(r2);
732
733         r2.in.server_name       = r->in.server_name;
734         r2.in.computer_name     = r->in.computer_name;
735         r2.in.logon_level       = r->in.logon_level;
736         r2.in.logon             = r->in.logon;
737         r2.in.validation_level  = r->in.validation_level;
738         r2.in.flags             = r->in.flags;
739         r2.out.validation       = r->out.validation;
740         r2.out.authoritative    = r->out.authoritative;
741         r2.out.flags            = r->out.flags;
742
743         nt_status = dcesrv_netr_LogonSamLogon_base(dce_call, mem_ctx, &r2, creds);
744
745         r->out.return_authenticator     = return_authenticator;
746
747         return nt_status;
748 }
749
750 /*
751   netr_LogonSamLogon
752 */
753 static NTSTATUS dcesrv_netr_LogonSamLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
754                                    struct netr_LogonSamLogon *r)
755 {
756         struct netr_LogonSamLogonWithFlags r2;
757         uint32_t flags = 0;
758         NTSTATUS status;
759
760         ZERO_STRUCT(r2);
761
762         r2.in.server_name = r->in.server_name;
763         r2.in.computer_name = r->in.computer_name;
764         r2.in.credential  = r->in.credential;
765         r2.in.return_authenticator = r->in.return_authenticator;
766         r2.in.logon_level = r->in.logon_level;
767         r2.in.logon = r->in.logon;
768         r2.in.validation_level = r->in.validation_level;
769         r2.in.flags = &flags;
770         r2.out.validation = r->out.validation;
771         r2.out.authoritative = r->out.authoritative;
772         r2.out.flags = &flags;
773
774         status = dcesrv_netr_LogonSamLogonWithFlags(dce_call, mem_ctx, &r2);
775
776         r->out.return_authenticator = r2.out.return_authenticator;
777
778         return status;
779 }
780
781
782 /*
783   netr_LogonSamLogoff
784 */
785 static NTSTATUS dcesrv_netr_LogonSamLogoff(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
786                        struct netr_LogonSamLogoff *r)
787 {
788         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
789 }
790
791
792
793 /*
794   netr_DatabaseDeltas
795 */
796 static NTSTATUS dcesrv_netr_DatabaseDeltas(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
797                        struct netr_DatabaseDeltas *r)
798 {
799         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
800 }
801
802
803 /*
804   netr_DatabaseSync2
805 */
806 static NTSTATUS dcesrv_netr_DatabaseSync2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
807                        struct netr_DatabaseSync2 *r)
808 {
809         /* win2k3 native mode returns  "NOT IMPLEMENTED" for this call */
810         return NT_STATUS_NOT_IMPLEMENTED;
811 }
812
813
814 /*
815   netr_DatabaseSync
816 */
817 static NTSTATUS dcesrv_netr_DatabaseSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
818                        struct netr_DatabaseSync *r)
819 {
820         struct netr_DatabaseSync2 r2;
821         NTSTATUS status;
822
823         ZERO_STRUCT(r2);
824
825         r2.in.logon_server = r->in.logon_server;
826         r2.in.computername = r->in.computername;
827         r2.in.credential = r->in.credential;
828         r2.in.database_id = r->in.database_id;
829         r2.in.restart_state = SYNCSTATE_NORMAL_STATE;
830         r2.in.sync_context = r->in.sync_context;
831         r2.out.sync_context = r->out.sync_context;
832         r2.out.delta_enum_array = r->out.delta_enum_array;
833         r2.in.preferredmaximumlength = r->in.preferredmaximumlength;
834
835         status = dcesrv_netr_DatabaseSync2(dce_call, mem_ctx, &r2);
836
837         return status;
838 }
839
840
841 /*
842   netr_AccountDeltas
843 */
844 static NTSTATUS dcesrv_netr_AccountDeltas(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
845                        struct netr_AccountDeltas *r)
846 {
847         /* w2k3 returns "NOT IMPLEMENTED" for this call */
848         return NT_STATUS_NOT_IMPLEMENTED;
849 }
850
851
852 /*
853   netr_AccountSync
854 */
855 static NTSTATUS dcesrv_netr_AccountSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
856                        struct netr_AccountSync *r)
857 {
858         /* w2k3 returns "NOT IMPLEMENTED" for this call */
859         return NT_STATUS_NOT_IMPLEMENTED;
860 }
861
862
863 /*
864   netr_GetDcName
865 */
866 static WERROR dcesrv_netr_GetDcName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
867                        struct netr_GetDcName *r)
868 {
869         const char * const attrs[] = { NULL };
870         struct ldb_context *sam_ctx;
871         struct ldb_message **res;
872         struct ldb_dn *domain_dn;
873         int ret;
874         const char *dcname;
875
876         sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx,
877                                 dce_call->conn->dce_ctx->lp_ctx,
878                                 dce_call->conn->auth_state.session_info);
879         if (sam_ctx == NULL) {
880                 return WERR_DS_UNAVAILABLE;
881         }
882
883         domain_dn = samdb_domain_to_dn(sam_ctx, mem_ctx,
884                                        r->in.domainname);
885         if (domain_dn == NULL) {
886                 return WERR_DS_UNAVAILABLE;
887         }
888
889         ret = gendb_search_dn(sam_ctx, mem_ctx,
890                               domain_dn, &res, attrs);
891         if (ret != 1) {
892                 return WERR_NO_SUCH_DOMAIN;
893         }
894
895         /* TODO: - return real IP address
896          *       - check all r->in.* parameters (server_unc is ignored by w2k3!)
897          */
898         dcname = talloc_asprintf(mem_ctx, "\\\\%s",
899                                  lp_netbios_name(dce_call->conn->dce_ctx->lp_ctx));
900         W_ERROR_HAVE_NO_MEMORY(dcname);
901
902         *r->out.dcname = dcname;
903         return WERR_OK;
904 }
905
906
907 /*
908   netr_LogonControl2Ex
909 */
910 static WERROR dcesrv_netr_LogonControl2Ex(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
911                        struct netr_LogonControl2Ex *r)
912 {
913         return WERR_NOT_SUPPORTED;
914 }
915
916
917 /*
918   netr_LogonControl
919 */
920 static WERROR dcesrv_netr_LogonControl(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
921                        struct netr_LogonControl *r)
922 {
923         struct netr_LogonControl2Ex r2;
924         WERROR werr;
925
926         if (r->in.level == 0x00000001) {
927                 ZERO_STRUCT(r2);
928
929                 r2.in.logon_server = r->in.logon_server;
930                 r2.in.function_code = r->in.function_code;
931                 r2.in.level = r->in.level;
932                 r2.in.data = NULL;
933                 r2.out.query = r->out.query;
934
935                 werr = dcesrv_netr_LogonControl2Ex(dce_call, mem_ctx, &r2);
936         } else if (r->in.level == 0x00000002) {
937                 werr = WERR_NOT_SUPPORTED;
938         } else {
939                 werr = WERR_UNKNOWN_LEVEL;
940         }
941
942         return werr;
943 }
944
945
946 /*
947   netr_LogonControl2
948 */
949 static WERROR dcesrv_netr_LogonControl2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
950                        struct netr_LogonControl2 *r)
951 {
952         struct netr_LogonControl2Ex r2;
953         WERROR werr;
954
955         ZERO_STRUCT(r2);
956
957         r2.in.logon_server = r->in.logon_server;
958         r2.in.function_code = r->in.function_code;
959         r2.in.level = r->in.level;
960         r2.in.data = r->in.data;
961         r2.out.query = r->out.query;
962
963         werr = dcesrv_netr_LogonControl2Ex(dce_call, mem_ctx, &r2);
964
965         return werr;
966 }
967
968
969 /*
970   netr_GetAnyDCName
971 */
972 static WERROR dcesrv_netr_GetAnyDCName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
973                        struct netr_GetAnyDCName *r)
974 {
975         struct netr_GetDcName r2;
976         WERROR werr;
977
978         ZERO_STRUCT(r2);
979
980         r2.in.logon_server      = r->in.logon_server;
981         r2.in.domainname        = r->in.domainname;
982         r2.out.dcname           = r->out.dcname;
983
984         werr = dcesrv_netr_GetDcName(dce_call, mem_ctx, &r2);
985
986         return werr;
987 }
988
989
990 /*
991   netr_DatabaseRedo
992 */
993 static NTSTATUS dcesrv_netr_DatabaseRedo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
994                        struct netr_DatabaseRedo *r)
995 {
996         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
997 }
998
999
1000 /*
1001   netr_NetrEnumerateTurstedDomains
1002 */
1003 static WERROR dcesrv_netr_NetrEnumerateTrustedDomains(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1004                        struct netr_NetrEnumerateTrustedDomains *r)
1005 {
1006         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1007 }
1008
1009
1010 /*
1011   netr_LogonGetCapabilities
1012 */
1013 static NTSTATUS dcesrv_netr_LogonGetCapabilities(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1014                        struct netr_LogonGetCapabilities *r)
1015 {
1016         /* we don't support AES yet */
1017         return NT_STATUS_NOT_IMPLEMENTED;
1018 }
1019
1020
1021 /*
1022   netr_NETRLOGONSETSERVICEBITS
1023 */
1024 static WERROR dcesrv_netr_NETRLOGONSETSERVICEBITS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1025                        struct netr_NETRLOGONSETSERVICEBITS *r)
1026 {
1027         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1028 }
1029
1030
1031 /*
1032   netr_LogonGetTrustRid
1033 */
1034 static WERROR dcesrv_netr_LogonGetTrustRid(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1035                        struct netr_LogonGetTrustRid *r)
1036 {
1037         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1038 }
1039
1040
1041 /*
1042   netr_NETRLOGONCOMPUTESERVERDIGEST
1043 */
1044 static WERROR dcesrv_netr_NETRLOGONCOMPUTESERVERDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1045                        struct netr_NETRLOGONCOMPUTESERVERDIGEST *r)
1046 {
1047         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1048 }
1049
1050
1051 /*
1052   netr_NETRLOGONCOMPUTECLIENTDIGEST
1053 */
1054 static WERROR dcesrv_netr_NETRLOGONCOMPUTECLIENTDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1055                        struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r)
1056 {
1057         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1058 }
1059
1060
1061
1062 /*
1063   netr_DsRGetSiteName
1064 */
1065 static WERROR dcesrv_netr_DsRGetSiteName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1066                                   struct netr_DsRGetSiteName *r)
1067 {
1068         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1069 }
1070
1071
1072 /*
1073   fill in a netr_OneDomainInfo from a ldb search result
1074 */
1075 static NTSTATUS fill_one_domain_info(TALLOC_CTX *mem_ctx,
1076                                      struct loadparm_context *lp_ctx,
1077                                      struct ldb_context *sam_ctx,
1078                                      struct ldb_message *res,
1079                                      struct netr_OneDomainInfo *info,
1080                                      bool is_local, bool is_trust_list)
1081 {
1082         ZERO_STRUCTP(info);
1083
1084         if (is_trust_list) {
1085                 /* w2k8 only fills this on trusted domains */
1086                 info->trust_extension.info = talloc_zero(mem_ctx, struct netr_trust_extension);
1087                 info->trust_extension.length = 16;
1088                 info->trust_extension.info->flags =
1089                         NETR_TRUST_FLAG_TREEROOT |
1090                         NETR_TRUST_FLAG_IN_FOREST |
1091                         NETR_TRUST_FLAG_PRIMARY |
1092                         NETR_TRUST_FLAG_NATIVE;
1093
1094                 info->trust_extension.info->parent_index = 0; /* should be index into array
1095                                                                  of parent */
1096                 info->trust_extension.info->trust_type = LSA_TRUST_TYPE_UPLEVEL; /* should be based on ldb search for trusts */
1097                 info->trust_extension.info->trust_attributes = 0; /*    TODO: base on ldb search? */
1098         }
1099
1100         if (is_trust_list) {
1101                 /* MS-NRPC 3.5.4.3.9 - must be set to NULL for trust list */
1102                 info->dns_forestname.string = NULL;
1103         } else {
1104                 char *p;
1105                 /* TODO: we need a common function for pulling the forest */
1106                 info->dns_forestname.string = ldb_dn_canonical_string(info, ldb_get_root_basedn(sam_ctx));
1107                 if (!info->dns_forestname.string) {
1108                         return NT_STATUS_NO_SUCH_DOMAIN;
1109                 }
1110                 p = strchr(info->dns_forestname.string, '/');
1111                 if (p) {
1112                         *p = '\0';
1113                 }
1114                 info->dns_forestname.string = talloc_asprintf(mem_ctx, "%s.", info->dns_forestname.string);
1115
1116         }
1117
1118         if (is_local) {
1119                 info->domainname.string = lp_sam_name(lp_ctx);
1120                 info->dns_domainname.string = lp_dnsdomain(lp_ctx);
1121                 info->domain_guid = samdb_result_guid(res, "objectGUID");
1122                 info->domain_sid = samdb_result_dom_sid(mem_ctx, res, "objectSid");
1123         } else {
1124                 info->domainname.string = samdb_result_string(res, "flatName", NULL);
1125                 info->dns_domainname.string = samdb_result_string(res, "trustPartner", NULL);
1126                 info->domain_guid = samdb_result_guid(res, "objectGUID");
1127                 info->domain_sid = samdb_result_dom_sid(mem_ctx, res, "securityIdentifier");
1128         }
1129         if (!is_trust_list) {
1130                 info->dns_domainname.string = talloc_asprintf(mem_ctx, "%s.", info->dns_domainname.string);
1131         }
1132
1133         return NT_STATUS_OK;
1134 }
1135
1136 /*
1137   netr_LogonGetDomainInfo
1138   this is called as part of the ADS domain logon procedure.
1139
1140   It has an important role in convaying details about the client, such
1141   as Operating System, Version, Service Pack etc.
1142 */
1143 static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call,
1144         TALLOC_CTX *mem_ctx, struct netr_LogonGetDomainInfo *r)
1145 {
1146         struct netlogon_creds_CredentialState *creds;
1147         const char * const attrs[] = { "objectSid", "objectGUID", "flatName",
1148                 "securityIdentifier", "trustPartner", NULL };
1149         const char * const attrs2[] = { "dNSHostName",
1150                 "msDS-SupportedEncryptionTypes", NULL };
1151         const char *temp_str;
1152         const char *old_dns_hostname;
1153         struct ldb_context *sam_ctx;
1154         struct ldb_message **res1, **res2, **res3, *new_msg;
1155         struct ldb_dn *workstation_dn;
1156         struct netr_DomainInformation *domain_info;
1157         struct netr_LsaPolicyInformation *lsa_policy_info;
1158         struct netr_OsVersionInfoEx *os_version;
1159         uint32_t default_supported_enc_types = 0xFFFFFFFF;
1160         int ret1, ret2, ret3, i;
1161         NTSTATUS status;
1162
1163         status = dcesrv_netr_creds_server_step_check(dce_call,
1164                                                      mem_ctx,
1165                                                      r->in.computer_name,
1166                                                      r->in.credential,
1167                                                      r->out.return_authenticator,
1168                                                      &creds);
1169         if (!NT_STATUS_IS_OK(status)) {
1170                 DEBUG(0,(__location__ " Bad credentials - error\n"));
1171         }
1172         NT_STATUS_NOT_OK_RETURN(status);
1173
1174         sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx,
1175                 dce_call->conn->dce_ctx->lp_ctx,
1176                 system_session(dce_call->conn->dce_ctx->lp_ctx));
1177         if (sam_ctx == NULL) {
1178                 return NT_STATUS_INVALID_SYSTEM_SERVICE;
1179         }
1180
1181         switch (r->in.level) {
1182         case 1: /* Domain information */
1183
1184                 /* TODO: check NTSTATUS results - and fail also on SAMDB
1185                  * errors (needs some testing against Windows Server 2008) */
1186
1187                 /*
1188                  * Check that the computer name parameter matches as prefix with
1189                  * the DNS hostname in the workstation info structure.
1190                  */
1191                 temp_str = strndup(r->in.query->workstation_info->dns_hostname,
1192                         strcspn(r->in.query->workstation_info->dns_hostname,
1193                         "."));
1194                 if (strcasecmp(r->in.computer_name, temp_str) != 0)
1195                         return NT_STATUS_INVALID_PARAMETER;
1196
1197                 workstation_dn = ldb_dn_new_fmt(mem_ctx, sam_ctx, "<SID=%s>",
1198                         dom_sid_string(mem_ctx, creds->sid));
1199                 NT_STATUS_HAVE_NO_MEMORY(workstation_dn);
1200
1201                 /* Lookup for attributes in workstation object */
1202                 ret1 = gendb_search_dn(sam_ctx, mem_ctx, workstation_dn,
1203                         &res1, attrs2);
1204                 if (ret1 != 1) {
1205                         return NT_STATUS_INTERNAL_DB_CORRUPTION;
1206                 }
1207
1208                 /* Gets the old DNS hostname */
1209                 old_dns_hostname = samdb_result_string(res1[0], "dNSHostName",
1210                         NULL);
1211
1212                 /* Gets host informations and put them in our directory */
1213                 new_msg = ldb_msg_new(mem_ctx);
1214                 NT_STATUS_HAVE_NO_MEMORY(new_msg);
1215
1216                 new_msg->dn = workstation_dn;
1217
1218                 /* Deletes old OS version values */
1219                 samdb_msg_add_delete(sam_ctx, mem_ctx, new_msg,
1220                         "operatingSystemServicePack");
1221                 samdb_msg_add_delete(sam_ctx, mem_ctx, new_msg,
1222                         "operatingSystemVersion");
1223
1224                 if (dsdb_replace(sam_ctx, new_msg, 0) != LDB_SUCCESS) {
1225                         DEBUG(3,("Impossible to update samdb: %s\n",
1226                                 ldb_errstring(sam_ctx)));
1227                 }
1228
1229                 talloc_free(new_msg);
1230
1231                 new_msg = ldb_msg_new(mem_ctx);
1232                 NT_STATUS_HAVE_NO_MEMORY(new_msg);
1233
1234                 new_msg->dn = workstation_dn;
1235
1236                 /* Sets the OS name */
1237                 samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
1238                         "operatingSystem",
1239                         r->in.query->workstation_info->os_name.string);
1240
1241                 /*
1242                  * Sets informations from "os_version". On a empty structure
1243                  * the values are cleared.
1244                  */
1245                 if (r->in.query->workstation_info->os_version.os != NULL) {
1246                         os_version = &r->in.query->workstation_info->os_version.os->os;
1247
1248                         samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
1249                                              "operatingSystemServicePack",
1250                                              os_version->CSDVersion);
1251
1252                         samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
1253                                 "operatingSystemVersion",
1254                                 talloc_asprintf(mem_ctx, "%d.%d (%d)",
1255                                         os_version->MajorVersion,
1256                                         os_version->MinorVersion,
1257                                         os_version->BuildNumber
1258                                 )
1259                         );
1260                 }
1261
1262                 /*
1263                  * Updates the "dNSHostname" and the "servicePrincipalName"s
1264                  * since the client wishes that the server should handle this
1265                  * for him ("NETR_WS_FLAG_HANDLES_SPN_UPDATE" not set).
1266                  * See MS-NRPC section 3.5.4.3.9
1267                  */
1268                 if ((r->in.query->workstation_info->workstation_flags
1269                         & NETR_WS_FLAG_HANDLES_SPN_UPDATE) == 0) {
1270                         samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
1271                                 "dNSHostname",
1272                         r->in.query->workstation_info->dns_hostname);
1273
1274                         samdb_msg_add_string(sam_ctx, mem_ctx, new_msg,
1275                                 "servicePrincipalName",
1276                                 talloc_asprintf(mem_ctx, "HOST/%s",
1277                                 r->in.computer_name)
1278                         );
1279                         samdb_msg_add_string(sam_ctx, mem_ctx, new_msg,
1280                                 "servicePrincipalName",
1281                                 talloc_asprintf(mem_ctx, "HOST/%s",
1282                                 r->in.query->workstation_info->dns_hostname)
1283                         );
1284                 }
1285
1286                 if (dsdb_replace(sam_ctx, new_msg, 0) != LDB_SUCCESS) {
1287                         DEBUG(3,("Impossible to update samdb: %s\n",
1288                                 ldb_errstring(sam_ctx)));
1289                 }
1290
1291                 talloc_free(new_msg);
1292
1293                 /* Writes back the domain information */
1294
1295                 /* We need to do two searches. The first will pull our primary
1296                    domain and the second will pull any trusted domains. Our
1297                    primary domain is also a "trusted" domain, so we need to
1298                    put the primary domain into the lists of returned trusts as
1299                    well. */
1300                 ret2 = gendb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(sam_ctx),
1301                         &res2, attrs);
1302                 if (ret2 != 1) {
1303                         return NT_STATUS_INTERNAL_DB_CORRUPTION;
1304                 }
1305
1306                 ret3 = gendb_search(sam_ctx, mem_ctx, NULL, &res3, attrs,
1307                         "(objectClass=trustedDomain)");
1308                 if (ret3 == -1) {
1309                         return NT_STATUS_INTERNAL_DB_CORRUPTION;
1310                 }
1311
1312                 domain_info = talloc(mem_ctx, struct netr_DomainInformation);
1313                 NT_STATUS_HAVE_NO_MEMORY(domain_info);
1314
1315                 ZERO_STRUCTP(domain_info);
1316
1317                 /* Informations about the local and trusted domains */
1318
1319                 status = fill_one_domain_info(mem_ctx,
1320                         dce_call->conn->dce_ctx->lp_ctx,
1321                         sam_ctx, res2[0], &domain_info->primary_domain,
1322                         true, false);
1323                 NT_STATUS_NOT_OK_RETURN(status);
1324
1325                 domain_info->trusted_domain_count = ret3 + 1;
1326                 domain_info->trusted_domains = talloc_array(mem_ctx,
1327                         struct netr_OneDomainInfo,
1328                         domain_info->trusted_domain_count);
1329                 NT_STATUS_HAVE_NO_MEMORY(domain_info->trusted_domains);
1330
1331                 for (i=0;i<ret3;i++) {
1332                         status = fill_one_domain_info(mem_ctx,
1333                                 dce_call->conn->dce_ctx->lp_ctx,
1334                                 sam_ctx, res3[i],
1335                                 &domain_info->trusted_domains[i],
1336                                 false, true);
1337                         NT_STATUS_NOT_OK_RETURN(status);
1338                 }
1339
1340                 status = fill_one_domain_info(mem_ctx,
1341                         dce_call->conn->dce_ctx->lp_ctx, sam_ctx, res2[0],
1342                         &domain_info->trusted_domains[i], true, true);
1343                 NT_STATUS_NOT_OK_RETURN(status);
1344
1345                 /* Sets the supported encryption types */
1346                 domain_info->supported_enc_types = samdb_result_uint(res1[0],
1347                         "msDS-SupportedEncryptionTypes",
1348                         default_supported_enc_types);
1349
1350                 /* Other host domain informations */
1351
1352                 lsa_policy_info = talloc(mem_ctx,
1353                         struct netr_LsaPolicyInformation);
1354                 NT_STATUS_HAVE_NO_MEMORY(lsa_policy_info);
1355                 ZERO_STRUCTP(lsa_policy_info);
1356
1357                 domain_info->lsa_policy = *lsa_policy_info;
1358
1359                 domain_info->dns_hostname.string = old_dns_hostname;
1360                 domain_info->workstation_flags =
1361                         r->in.query->workstation_info->workstation_flags;
1362
1363                 r->out.info->domain_info = domain_info;
1364         break;
1365         case 2: /* LSA policy information - not used at the moment */
1366                 lsa_policy_info = talloc(mem_ctx,
1367                         struct netr_LsaPolicyInformation);
1368                 NT_STATUS_HAVE_NO_MEMORY(lsa_policy_info);
1369                 ZERO_STRUCTP(lsa_policy_info);
1370
1371                 r->out.info->lsa_policy_info = lsa_policy_info;
1372         break;
1373         default:
1374                 return NT_STATUS_INVALID_LEVEL;
1375         break;
1376         }
1377
1378         return NT_STATUS_OK;
1379 }
1380
1381
1382
1383 /*
1384   netr_ServerPasswordGet
1385 */
1386 static WERROR dcesrv_netr_ServerPasswordGet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1387                        struct netr_ServerPasswordGet *r)
1388 {
1389         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1390 }
1391
1392
1393 /*
1394   netr_NETRLOGONSENDTOSAM
1395 */
1396 static WERROR dcesrv_netr_NETRLOGONSENDTOSAM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1397                        struct netr_NETRLOGONSENDTOSAM *r)
1398 {
1399         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1400 }
1401
1402
1403 /*
1404   netr_DsRAddressToSitenamesW
1405 */
1406 static WERROR dcesrv_netr_DsRAddressToSitenamesW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1407                        struct netr_DsRAddressToSitenamesW *r)
1408 {
1409         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1410 }
1411
1412
1413 /*
1414   netr_DsRGetDCNameEx2
1415 */
1416 static WERROR dcesrv_netr_DsRGetDCNameEx2(struct dcesrv_call_state *dce_call,
1417                                           TALLOC_CTX *mem_ctx,
1418                                           struct netr_DsRGetDCNameEx2 *r)
1419 {
1420         const char * const attrs[] = { "objectGUID", NULL };
1421         struct ldb_context *sam_ctx;
1422         struct ldb_message **res;
1423         struct ldb_dn *domain_dn;
1424         int ret;
1425         struct netr_DsRGetDCNameInfo *info;
1426         struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
1427
1428         ZERO_STRUCTP(r->out.info);
1429
1430         sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, lp_ctx,
1431                                 dce_call->conn->auth_state.session_info);
1432         if (sam_ctx == NULL) {
1433                 return WERR_DS_UNAVAILABLE;
1434         }
1435
1436         /* Windows 7 sends the domain name in the form the user typed, so we
1437          * have to cope  with both the short and long form here */
1438         if (r->in.domain_name != NULL &&
1439             !lp_is_my_domain_or_realm(lp_ctx, r->in.domain_name)) {
1440                 return WERR_NO_SUCH_DOMAIN;
1441         }
1442
1443         domain_dn = ldb_get_default_basedn(sam_ctx);
1444         if (domain_dn == NULL) {
1445                 return WERR_DS_UNAVAILABLE;
1446         }
1447
1448         ret = gendb_search_dn(sam_ctx, mem_ctx,
1449                               domain_dn, &res, attrs);
1450         if (ret != 1) {
1451                 return WERR_GENERAL_FAILURE;
1452         }
1453
1454         info = talloc(mem_ctx, struct netr_DsRGetDCNameInfo);
1455         W_ERROR_HAVE_NO_MEMORY(info);
1456
1457         /* TODO: - return real IP address
1458          *       - check all r->in.* parameters
1459          *       (server_unc is ignored by w2k3!)
1460          */
1461         info->dc_unc = talloc_asprintf(mem_ctx, "\\\\%s.%s",
1462                                        lp_netbios_name(lp_ctx),
1463                                        lp_dnsdomain(lp_ctx));
1464         W_ERROR_HAVE_NO_MEMORY(info->dc_unc);
1465
1466         info->dc_address = talloc_strdup(mem_ctx, "\\\\0.0.0.0");
1467         W_ERROR_HAVE_NO_MEMORY(info->dc_address);
1468
1469         info->dc_address_type = DS_ADDRESS_TYPE_INET;
1470         info->domain_guid = samdb_result_guid(res[0], "objectGUID");
1471         info->domain_name = lp_dnsdomain(lp_ctx);
1472         info->forest_name = lp_dnsdomain(lp_ctx);
1473         info->dc_flags  = DS_DNS_FOREST_ROOT |
1474                           DS_DNS_DOMAIN |
1475                           DS_DNS_CONTROLLER |
1476                           DS_SERVER_WRITABLE |
1477                           DS_SERVER_CLOSEST |
1478                           DS_SERVER_TIMESERV |
1479                           DS_SERVER_KDC |
1480                           DS_SERVER_DS |
1481                           DS_SERVER_LDAP |
1482                           DS_SERVER_GC |
1483                           DS_SERVER_PDC;
1484
1485         info->dc_site_name = samdb_server_site_name(sam_ctx, mem_ctx);
1486         W_ERROR_HAVE_NO_MEMORY(info->dc_site_name);
1487
1488         /* FIXME: Hardcoded site name */
1489         info->client_site_name = talloc_strdup(mem_ctx,
1490                                                "Default-First-Site-Name");
1491         W_ERROR_HAVE_NO_MEMORY(info->client_site_name);
1492
1493         *r->out.info = info;
1494
1495         return WERR_OK;
1496 }
1497
1498 /*
1499   netr_DsRGetDCNameEx
1500 */
1501 static WERROR dcesrv_netr_DsRGetDCNameEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1502                                   struct netr_DsRGetDCNameEx *r)
1503 {
1504         struct netr_DsRGetDCNameEx2 r2;
1505         WERROR werr;
1506
1507         ZERO_STRUCT(r2);
1508
1509         r2.in.server_unc = r->in.server_unc;
1510         r2.in.client_account = NULL;
1511         r2.in.mask = 0;
1512         r2.in.domain_guid = r->in.domain_guid;
1513         r2.in.domain_name = r->in.domain_name;
1514         r2.in.site_name = r->in.site_name;
1515         r2.in.flags = r->in.flags;
1516         r2.out.info = r->out.info;
1517
1518         werr = dcesrv_netr_DsRGetDCNameEx2(dce_call, mem_ctx, &r2);
1519
1520         return werr;
1521 }
1522
1523 /*
1524   netr_DsRGetDCName
1525 */
1526 static WERROR dcesrv_netr_DsRGetDCName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1527                                 struct netr_DsRGetDCName *r)
1528 {
1529         struct netr_DsRGetDCNameEx2 r2;
1530         WERROR werr;
1531
1532         ZERO_STRUCT(r2);
1533
1534         r2.in.server_unc = r->in.server_unc;
1535         r2.in.client_account = NULL;
1536         r2.in.mask = 0;
1537         r2.in.domain_name = r->in.domain_name;
1538         r2.in.domain_guid = r->in.domain_guid;
1539
1540         r2.in.site_name = NULL; /* should fill in from site GUID */
1541         r2.in.flags = r->in.flags;
1542         r2.out.info = r->out.info;
1543
1544         werr = dcesrv_netr_DsRGetDCNameEx2(dce_call, mem_ctx, &r2);
1545
1546         return werr;
1547 }
1548 /*
1549   netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN
1550 */
1551 static WERROR dcesrv_netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1552                        struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
1553 {
1554         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1555 }
1556
1557
1558 /*
1559   netr_NetrEnumerateTrustedDomainsEx
1560 */
1561 static WERROR dcesrv_netr_NetrEnumerateTrustedDomainsEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1562                        struct netr_NetrEnumerateTrustedDomainsEx *r)
1563 {
1564         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1565 }
1566
1567
1568 /*
1569   netr_DsRAddressToSitenamesExW
1570 */
1571 static WERROR dcesrv_netr_DsRAddressToSitenamesExW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1572                                                    struct netr_DsRAddressToSitenamesExW *r)
1573 {
1574         struct netr_DsRAddressToSitenamesExWCtr *ctr;
1575         int i;
1576
1577         /* we should map the provided IPs to site names, once we have
1578          * sites support
1579          */
1580         ctr = talloc(mem_ctx, struct netr_DsRAddressToSitenamesExWCtr);
1581         W_ERROR_HAVE_NO_MEMORY(ctr);
1582
1583         *r->out.ctr = ctr;
1584
1585         ctr->count = r->in.count;
1586         ctr->sitename = talloc_array(ctr, struct lsa_String, ctr->count);
1587         W_ERROR_HAVE_NO_MEMORY(ctr->sitename);
1588         ctr->subnetname = talloc_array(ctr, struct lsa_String, ctr->count);
1589         W_ERROR_HAVE_NO_MEMORY(ctr->subnetname);
1590
1591         for (i=0; i<ctr->count; i++) {
1592                 /* FIXME: Hardcoded site name */
1593                 ctr->sitename[i].string   = "Default-First-Site-Name";
1594                 ctr->subnetname[i].string = NULL;
1595         }
1596
1597         return WERR_OK;
1598 }
1599
1600
1601 /*
1602   netr_DsrGetDcSiteCoverageW
1603 */
1604 static WERROR dcesrv_netr_DsrGetDcSiteCoverageW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1605                        struct netr_DsrGetDcSiteCoverageW *r)
1606 {
1607         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1608 }
1609
1610
1611 #define GET_CHECK_STR(dest, mem, msg, attr) \
1612 do {\
1613         const char *s; \
1614         s = samdb_result_string(msg, attr, NULL); \
1615         if (!s) { \
1616                 DEBUG(0, ("DB Error, TustedDomain entry (%s) " \
1617                           "without flatname\n", \
1618                           ldb_dn_get_linearized(msg->dn))); \
1619                 continue; \
1620         } \
1621         dest = talloc_strdup(mem, s); \
1622         W_ERROR_HAVE_NO_MEMORY(dest); \
1623 } while(0)
1624
1625
1626 static WERROR fill_trusted_domains_array(TALLOC_CTX *mem_ctx,
1627                                          struct ldb_context *sam_ctx,
1628                                          struct netr_DomainTrustList *trusts,
1629                                          uint32_t trust_flags)
1630 {
1631         struct ldb_dn *system_dn;
1632         struct ldb_message **dom_res = NULL;
1633         const char *trust_attrs[] = { "flatname", "trustPartner",
1634                                       "securityIdentifier", "trustDirection",
1635                                       "trustType", "trustAttributes", NULL };
1636         int i, n;
1637         int ret;
1638
1639         if (!(trust_flags & (NETR_TRUST_FLAG_INBOUND |
1640                              NETR_TRUST_FLAG_OUTBOUND))) {
1641                 return WERR_INVALID_FLAGS;
1642         }
1643
1644         system_dn = samdb_search_dn(sam_ctx, mem_ctx,
1645                                     ldb_get_default_basedn(sam_ctx),
1646                                     "(&(objectClass=container)(cn=System))");
1647         if (!system_dn) {
1648                 return WERR_GENERAL_FAILURE;
1649         }
1650
1651         ret = gendb_search(sam_ctx, mem_ctx, system_dn,
1652                            &dom_res, trust_attrs,
1653                            "(objectclass=trustedDomain)");
1654
1655         for (i = 0; i < ret; i++) {
1656                 unsigned int trust_dir;
1657                 uint32_t flags = 0;
1658
1659                 trust_dir = samdb_result_uint(dom_res[i],
1660                                               "trustDirection", 0);
1661
1662                 if (trust_dir & LSA_TRUST_DIRECTION_INBOUND) {
1663                         flags |= NETR_TRUST_FLAG_INBOUND;
1664                 }
1665                 if (trust_dir & LSA_TRUST_DIRECTION_OUTBOUND) {
1666                         flags |= NETR_TRUST_FLAG_OUTBOUND;
1667                 }
1668
1669                 if (!(flags & trust_flags)) {
1670                         /* this trust direction was not requested */
1671                         continue;
1672                 }
1673
1674                 n = trusts->count;
1675                 trusts->array = talloc_realloc(trusts, trusts->array,
1676                                                struct netr_DomainTrust,
1677                                                n + 1);
1678                 W_ERROR_HAVE_NO_MEMORY(trusts->array);
1679
1680                 GET_CHECK_STR(trusts->array[n].netbios_name, trusts,
1681                               dom_res[i], "flatname");
1682                 GET_CHECK_STR(trusts->array[n].dns_name, trusts,
1683                               dom_res[i], "trustPartner");
1684
1685                 trusts->array[n].trust_flags = flags;
1686                 if ((trust_flags & NETR_TRUST_FLAG_IN_FOREST) &&
1687                     !(flags & NETR_TRUST_FLAG_TREEROOT)) {
1688                         /* TODO: find if we have parent in the list */
1689                         trusts->array[n].parent_index = 0;
1690                 }
1691
1692                 trusts->array[n].trust_type =
1693                                 samdb_result_uint(dom_res[i],
1694                                                   "trustType", 0);
1695                 trusts->array[n].trust_attributes =
1696                                 samdb_result_uint(dom_res[i],
1697                                                   "trustAttributes", 0);
1698
1699                 if ((trusts->array[n].trust_type == NETR_TRUST_TYPE_MIT) ||
1700                     (trusts->array[n].trust_type == NETR_TRUST_TYPE_DCE)) {
1701                         struct dom_sid zero_sid;
1702                         ZERO_STRUCT(zero_sid);
1703                         trusts->array[n].sid =
1704                                 dom_sid_dup(trusts, &zero_sid);
1705                 } else {
1706                         trusts->array[n].sid =
1707                                 samdb_result_dom_sid(trusts, dom_res[i],
1708                                                      "securityIdentifier");
1709                 }
1710                 trusts->array[n].guid = GUID_zero();
1711
1712                 trusts->count = n + 1;
1713         }
1714
1715         talloc_free(dom_res);
1716         return WERR_OK;
1717 }
1718
1719 /*
1720   netr_DsrEnumerateDomainTrusts
1721 */
1722 static WERROR dcesrv_netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call,
1723                                                    TALLOC_CTX *mem_ctx,
1724                                                    struct netr_DsrEnumerateDomainTrusts *r)
1725 {
1726         struct netr_DomainTrustList *trusts;
1727         struct ldb_context *sam_ctx;
1728         int ret;
1729         struct ldb_message **dom_res;
1730         const char * const dom_attrs[] = { "objectSid", "objectGUID", NULL };
1731         struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
1732         const char *dnsdomain = lp_dnsdomain(lp_ctx);
1733         const char *p;
1734         WERROR werr;
1735
1736         if (r->in.trust_flags & 0xFFFFFE00) {
1737                 return WERR_INVALID_FLAGS;
1738         }
1739
1740         /* TODO: turn to hard check once we are sure this is 100% correct */
1741         if (!r->in.server_name) {
1742                 DEBUG(3, ("Invalid domain! Expected name in domain [%s]. "
1743                           "But received NULL!\n", dnsdomain));
1744         } else {
1745                 p = strchr(r->in.server_name, '.');
1746                 if (!p) {
1747                         DEBUG(3, ("Invalid domain! Expected name in domain "
1748                                   "[%s]. But received [%s]!\n",
1749                                   dnsdomain, r->in.server_name));
1750                         p = r->in.server_name;
1751                 } else {
1752                         p++;
1753                 }
1754                 if (strcasecmp(p, dnsdomain)) {
1755                         DEBUG(3, ("Invalid domain! Expected name in domain "
1756                                   "[%s]. But received [%s]!\n",
1757                                   dnsdomain, r->in.server_name));
1758                 }
1759         }
1760
1761         ZERO_STRUCT(r->out);
1762
1763         trusts = talloc_zero(mem_ctx, struct netr_DomainTrustList);
1764         W_ERROR_HAVE_NO_MEMORY(trusts);
1765
1766         trusts->count = 0;
1767         r->out.trusts = trusts;
1768
1769         sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, lp_ctx,
1770                                 dce_call->conn->auth_state.session_info);
1771         if (sam_ctx == NULL) {
1772                 return WERR_GENERAL_FAILURE;
1773         }
1774
1775         if ((r->in.trust_flags & NETR_TRUST_FLAG_INBOUND) ||
1776             (r->in.trust_flags & NETR_TRUST_FLAG_OUTBOUND)) {
1777
1778                 werr = fill_trusted_domains_array(mem_ctx, sam_ctx,
1779                                                   trusts, r->in.trust_flags);
1780                 W_ERROR_NOT_OK_RETURN(werr);
1781         }
1782
1783         /* NOTE: we currently are always the root of the forest */
1784         if (r->in.trust_flags & NETR_TRUST_FLAG_IN_FOREST) {
1785                 int n = trusts->count;
1786
1787                 ret = gendb_search_dn(sam_ctx, mem_ctx, NULL,
1788                                       &dom_res, dom_attrs);
1789                 if (ret != 1) {
1790                         return WERR_GENERAL_FAILURE;
1791                 }
1792
1793                 trusts->count = n + 1;
1794                 trusts->array = talloc_realloc(trusts, trusts->array,
1795                                                struct netr_DomainTrust,
1796                                                trusts->count);
1797                 W_ERROR_HAVE_NO_MEMORY(trusts->array);
1798
1799                 trusts->array[n].netbios_name = lp_workgroup(lp_ctx);
1800                 trusts->array[n].dns_name = lp_dnsdomain(lp_ctx);
1801                 trusts->array[n].trust_flags =
1802                         NETR_TRUST_FLAG_NATIVE |
1803                         NETR_TRUST_FLAG_TREEROOT |
1804                         NETR_TRUST_FLAG_IN_FOREST |
1805                         NETR_TRUST_FLAG_PRIMARY;
1806                 /* we are always the root domain for now */
1807                 trusts->array[n].parent_index = 0;
1808                 trusts->array[n].trust_type = NETR_TRUST_TYPE_UPLEVEL;
1809                 trusts->array[n].trust_attributes = 0;
1810                 trusts->array[n].sid = samdb_result_dom_sid(mem_ctx,
1811                                                             dom_res[0],
1812                                                             "objectSid");
1813                 trusts->array[n].guid = samdb_result_guid(dom_res[0],
1814                                                           "objectGUID");
1815                 talloc_free(dom_res);
1816         }
1817
1818         return WERR_OK;
1819 }
1820
1821
1822 /*
1823   netr_DsrDeregisterDNSHostRecords
1824 */
1825 static WERROR dcesrv_netr_DsrDeregisterDNSHostRecords(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1826                        struct netr_DsrDeregisterDNSHostRecords *r)
1827 {
1828         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1829 }
1830
1831
1832 /*
1833   netr_ServerTrustPasswordsGet
1834 */
1835 static NTSTATUS dcesrv_netr_ServerTrustPasswordsGet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1836                        struct netr_ServerTrustPasswordsGet *r)
1837 {
1838         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1839 }
1840
1841
1842 static WERROR fill_forest_trust_array(TALLOC_CTX *mem_ctx,
1843                                       struct ldb_context *sam_ctx,
1844                                       struct loadparm_context *lp_ctx,
1845                                       struct lsa_ForestTrustInformation *info)
1846 {
1847         struct lsa_ForestTrustDomainInfo *domain_info;
1848         struct lsa_ForestTrustRecord *e;
1849         struct ldb_message **dom_res;
1850         const char * const dom_attrs[] = { "objectSid", NULL };
1851         int ret;
1852
1853         /* we need to provide 2 entries:
1854          * 1. the Root Forest name
1855          * 2. the Domain Information
1856          */
1857
1858         info->count = 2;
1859         info->entries = talloc_array(info, struct lsa_ForestTrustRecord *, 2);
1860         W_ERROR_HAVE_NO_MEMORY(info->entries);
1861
1862         /* Forest root info */
1863         e = talloc(info, struct lsa_ForestTrustRecord);
1864         W_ERROR_HAVE_NO_MEMORY(e);
1865
1866         e->flags = 0;
1867         e->level = LSA_FOREST_TRUST_TOP_LEVEL_NAME;
1868         e->time = 0; /* so far always 0 in trces. */
1869         e->forest_trust_data.top_level_name.string = lp_dnsdomain(lp_ctx);
1870
1871         info->entries[0] = e;
1872
1873         /* Domain info */
1874         e = talloc(info, struct lsa_ForestTrustRecord);
1875         W_ERROR_HAVE_NO_MEMORY(e);
1876
1877         /* get our own domain info */
1878         ret = gendb_search_dn(sam_ctx, mem_ctx, NULL, &dom_res, dom_attrs);
1879         if (ret != 1) {
1880                 return WERR_GENERAL_FAILURE;
1881         }
1882
1883         /* TODO: check if disabled and set flags accordingly */
1884         e->flags = 0;
1885         e->level = LSA_FOREST_TRUST_DOMAIN_INFO;
1886         e->time = 0; /* so far always 0 in traces. */
1887
1888         domain_info = &e->forest_trust_data.domain_info;
1889         domain_info->domain_sid = samdb_result_dom_sid(info, dom_res[0],
1890                                                        "objectSid");
1891         domain_info->dns_domain_name.string = lp_dnsdomain(lp_ctx);
1892         domain_info->netbios_domain_name.string = lp_workgroup(lp_ctx);
1893
1894         info->entries[1] = e;
1895
1896         talloc_free(dom_res);
1897
1898         return WERR_OK;
1899 }
1900
1901 /*
1902   netr_DsRGetForestTrustInformation
1903 */
1904 static WERROR dcesrv_netr_DsRGetForestTrustInformation(struct dcesrv_call_state *dce_call,
1905                                                        TALLOC_CTX *mem_ctx,
1906                                                        struct netr_DsRGetForestTrustInformation *r)
1907 {
1908         struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
1909         struct lsa_ForestTrustInformation *info, **info_ptr;
1910         struct ldb_context *sam_ctx;
1911         WERROR werr;
1912
1913         ZERO_STRUCT(r->out);
1914
1915         if (lp_server_role(lp_ctx) != ROLE_DOMAIN_CONTROLLER) {
1916                 return WERR_CALL_NOT_IMPLEMENTED;
1917         }
1918
1919         if (r->in.flags & 0xFFFFFFFE) {
1920                 return WERR_INVALID_FLAGS;
1921         }
1922
1923         sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, lp_ctx,
1924                                 dce_call->conn->auth_state.session_info);
1925         if (sam_ctx == NULL) {
1926                 return WERR_GENERAL_FAILURE;
1927         }
1928
1929         if (r->in.flags & DS_GFTI_UPDATE_TDO) {
1930                 if (!samdb_is_pdc(sam_ctx)) {
1931                         return WERR_NERR_NOTPRIMARY;
1932                 }
1933
1934                 if (r->in.trusted_domain_name == NULL) {
1935                         return WERR_INVALID_FLAGS;
1936                 }
1937
1938                 /* TODO: establish an schannel connection with
1939                  * r->in.trusted_domain_name and perform a
1940                  * netr_GetForestTrustInformation call against it */
1941
1942                 /* for now return not implementd */
1943                 return WERR_CALL_NOT_IMPLEMENTED;
1944         }
1945
1946         /* TODO: check r->in.server_name is our name */
1947
1948         info_ptr = talloc(mem_ctx, struct lsa_ForestTrustInformation *);
1949         W_ERROR_HAVE_NO_MEMORY(info_ptr);
1950
1951         info = talloc_zero(info_ptr, struct lsa_ForestTrustInformation);
1952         W_ERROR_HAVE_NO_MEMORY(info);
1953
1954         werr = fill_forest_trust_array(mem_ctx, sam_ctx, lp_ctx, info);
1955         W_ERROR_NOT_OK_RETURN(werr);
1956
1957         *info_ptr = info;
1958         r->out.forest_trust_info = info_ptr;
1959
1960         return WERR_OK;
1961 }
1962
1963
1964 /*
1965   netr_GetForestTrustInformation
1966 */
1967 static NTSTATUS dcesrv_netr_GetForestTrustInformation(struct dcesrv_call_state *dce_call,
1968                                                       TALLOC_CTX *mem_ctx,
1969                                                       struct netr_GetForestTrustInformation *r)
1970 {
1971         struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
1972         struct netlogon_creds_CredentialState *creds;
1973         struct lsa_ForestTrustInformation *info, **info_ptr;
1974         struct ldb_context *sam_ctx;
1975         NTSTATUS status;
1976         WERROR werr;
1977
1978         if (lp_server_role(lp_ctx) != ROLE_DOMAIN_CONTROLLER) {
1979                 return NT_STATUS_NOT_IMPLEMENTED;
1980         }
1981
1982         ZERO_STRUCT(r->out);
1983
1984         status = dcesrv_netr_creds_server_step_check(dce_call,
1985                                                      mem_ctx,
1986                                                      r->in.computer_name,
1987                                                      r->in.credential,
1988                                                      r->out.return_authenticator,
1989                                                      &creds);
1990         if (!NT_STATUS_IS_OK(status)) {
1991                 return status;
1992         }
1993
1994         if ((creds->secure_channel_type != SEC_CHAN_DNS_DOMAIN) &&
1995             (creds->secure_channel_type != SEC_CHAN_DOMAIN)) {
1996                 return NT_STATUS_NOT_IMPLEMENTED;
1997         }
1998
1999         sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, lp_ctx,
2000                                 dce_call->conn->auth_state.session_info);
2001         if (sam_ctx == NULL) {
2002                 return NT_STATUS_UNSUCCESSFUL;
2003         }
2004
2005         /* TODO: check r->in.server_name is our name */
2006
2007         info_ptr = talloc(mem_ctx, struct lsa_ForestTrustInformation *);
2008         if (!info_ptr) {
2009                 return NT_STATUS_NO_MEMORY;
2010         }
2011         info = talloc_zero(info_ptr, struct lsa_ForestTrustInformation);
2012         if (!info) {
2013                 return NT_STATUS_NO_MEMORY;
2014         }
2015
2016         werr = fill_forest_trust_array(mem_ctx, sam_ctx, lp_ctx, info);
2017         if (!W_ERROR_IS_OK(werr)) {
2018                 return werror_to_ntstatus(werr);
2019         }
2020
2021         *info_ptr = info;
2022         r->out.forest_trust_info = info_ptr;
2023
2024         return NT_STATUS_OK;
2025 }
2026
2027
2028 /*
2029   netr_ServerGetTrustInfo
2030 */
2031 static NTSTATUS dcesrv_netr_ServerGetTrustInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
2032                        struct netr_ServerGetTrustInfo *r)
2033 {
2034         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
2035 }
2036
2037
2038 /* include the generated boilerplate */
2039 #include "librpc/gen_ndr/ndr_netlogon_s.c"