* Copyright (C) Paul Ashton 1997.
* Copyright (C) Jeremy Allison 1998-2001.
* Copyright (C) Andrew Bartlett 2001.
- * Copyright (C) Guenther Deschner 2008.
+ * Copyright (C) Guenther Deschner 2008-2009.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
#include "includes.h"
#include "../libcli/auth/libcli_auth.h"
#include "../libcli/auth/schannel_state.h"
+#include "../libcli/auth/schannel.h"
extern userdom_struct current_user_info;
return _netr_LogonControl2Ex(p, &l);
}
+/*************************************************************************
+ *************************************************************************/
+
+static bool wb_change_trust_creds(const char *domain, WERROR *tc_status)
+{
+ wbcErr result;
+ struct wbcAuthErrorInfo *error = NULL;
+
+ result = wbcChangeTrustCredentials(domain, &error);
+ switch (result) {
+ case WBC_ERR_WINBIND_NOT_AVAILABLE:
+ return false;
+ case WBC_ERR_DOMAIN_NOT_FOUND:
+ *tc_status = WERR_NO_SUCH_DOMAIN;
+ return true;
+ case WBC_ERR_SUCCESS:
+ *tc_status = WERR_OK;
+ return true;
+ default:
+ break;
+ }
+
+ if (error && error->nt_status != 0) {
+ *tc_status = ntstatus_to_werror(NT_STATUS(error->nt_status));
+ } else {
+ *tc_status = WERR_TRUST_FAILURE;
+ }
+ wbcFreeMemory(error);
+ return true;
+}
+
+/*************************************************************************
+ *************************************************************************/
+
+static bool wb_check_trust_creds(const char *domain, WERROR *tc_status)
+{
+ wbcErr result;
+ struct wbcAuthErrorInfo *error = NULL;
+
+ result = wbcCheckTrustCredentials(domain, &error);
+ switch (result) {
+ case WBC_ERR_WINBIND_NOT_AVAILABLE:
+ return false;
+ case WBC_ERR_DOMAIN_NOT_FOUND:
+ *tc_status = WERR_NO_SUCH_DOMAIN;
+ return true;
+ case WBC_ERR_SUCCESS:
+ *tc_status = WERR_OK;
+ return true;
+ default:
+ break;
+ }
+
+ if (error && error->nt_status != 0) {
+ *tc_status = ntstatus_to_werror(NT_STATUS(error->nt_status));
+ } else {
+ *tc_status = WERR_TRUST_FAILURE;
+ }
+ wbcFreeMemory(error);
+ return true;
+}
+
/****************************************************************
_netr_LogonControl2Ex
****************************************************************/
struct netr_NETLOGON_INFO_1 *info1;
struct netr_NETLOGON_INFO_2 *info2;
struct netr_NETLOGON_INFO_3 *info3;
+ struct netr_NETLOGON_INFO_4 *info4;
const char *fn;
+ uint32_t acct_ctrl;
switch (p->hdr_req.opnum) {
- case NDR_NETR_LOGONCONTROL:
- fn = "_netr_LogonControl";
- break;
- case NDR_NETR_LOGONCONTROL2:
- fn = "_netr_LogonControl2";
- break;
- case NDR_NETR_LOGONCONTROL2EX:
- fn = "_netr_LogonControl2Ex";
- break;
- default:
- return WERR_INVALID_PARAM;
+ case NDR_NETR_LOGONCONTROL:
+ fn = "_netr_LogonControl";
+ break;
+ case NDR_NETR_LOGONCONTROL2:
+ fn = "_netr_LogonControl2";
+ break;
+ case NDR_NETR_LOGONCONTROL2EX:
+ fn = "_netr_LogonControl2Ex";
+ break;
+ default:
+ return WERR_INVALID_PARAM;
+ }
+
+ acct_ctrl = pdb_get_acct_ctrl(p->server_info->sam_account);
+
+ switch (r->in.function_code) {
+ case NETLOGON_CONTROL_TC_VERIFY:
+ case NETLOGON_CONTROL_CHANGE_PASSWORD:
+ case NETLOGON_CONTROL_REDISCOVER:
+ if ((geteuid() != sec_initial_uid()) &&
+ !nt_token_check_domain_rid(p->server_info->ptok, DOMAIN_RID_ADMINS) &&
+ !nt_token_check_sid(&global_sid_Builtin_Administrators, p->server_info->ptok) &&
+ !(acct_ctrl & (ACB_WSTRUST | ACB_SVRTRUST))) {
+ return WERR_ACCESS_DENIED;
+ }
+ break;
+ default:
+ break;
}
tc_status = WERR_NO_SUCH_DOMAIN;
switch (r->in.function_code) {
- case NETLOGON_CONTROL_TC_QUERY:
- domain = r->in.data->domain;
+ case NETLOGON_CONTROL_QUERY:
+ tc_status = WERR_OK;
+ break;
+ case NETLOGON_CONTROL_REPLICATE:
+ case NETLOGON_CONTROL_SYNCHRONIZE:
+ case NETLOGON_CONTROL_PDC_REPLICATE:
+ case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
+ case NETLOGON_CONTROL_BREAKPOINT:
+ if (acct_ctrl & ACB_NORMAL) {
+ return WERR_NOT_SUPPORTED;
+ } else if (acct_ctrl & (ACB_WSTRUST | ACB_SVRTRUST)) {
+ return WERR_ACCESS_DENIED;
+ } else {
+ return WERR_ACCESS_DENIED;
+ }
+ case NETLOGON_CONTROL_TRUNCATE_LOG:
+ if (acct_ctrl & ACB_NORMAL) {
+ break;
+ } else if (acct_ctrl & (ACB_WSTRUST | ACB_SVRTRUST)) {
+ return WERR_ACCESS_DENIED;
+ } else {
+ return WERR_ACCESS_DENIED;
+ }
- if ( !is_trusted_domain( domain ) )
- break;
+ case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
+ case NETLOGON_CONTROL_FORCE_DNS_REG:
+ case NETLOGON_CONTROL_QUERY_DNS_REG:
+ return WERR_NOT_SUPPORTED;
+ case NETLOGON_CONTROL_FIND_USER:
+ if (!r->in.data || !r->in.data->user) {
+ return WERR_NOT_SUPPORTED;
+ }
+ break;
+ case NETLOGON_CONTROL_SET_DBFLAG:
+ if (!r->in.data) {
+ return WERR_NOT_SUPPORTED;
+ }
+ break;
+ case NETLOGON_CONTROL_TC_VERIFY:
+ if (!r->in.data || !r->in.data->domain) {
+ return WERR_NOT_SUPPORTED;
+ }
- if ( !get_dc_name( domain, NULL, dc_name2, &dc_ss ) ) {
- tc_status = WERR_NO_LOGON_SERVERS;
- break;
- }
+ if (!wb_check_trust_creds(r->in.data->domain, &tc_status)) {
+ return WERR_NOT_SUPPORTED;
+ }
+ break;
+ case NETLOGON_CONTROL_TC_QUERY:
+ if (!r->in.data || !r->in.data->domain) {
+ return WERR_NOT_SUPPORTED;
+ }
- dc_name = talloc_asprintf(p->mem_ctx, "\\\\%s", dc_name2);
- if (!dc_name) {
- return WERR_NOMEM;
- }
+ domain = r->in.data->domain;
- tc_status = WERR_OK;
+ if (!is_trusted_domain(domain)) {
+ break;
+ }
+ if (!get_dc_name(domain, NULL, dc_name2, &dc_ss)) {
+ tc_status = WERR_NO_LOGON_SERVERS;
break;
+ }
- case NETLOGON_CONTROL_REDISCOVER:
- domain = r->in.data->domain;
+ dc_name = talloc_asprintf(p->mem_ctx, "\\\\%s", dc_name2);
+ if (!dc_name) {
+ return WERR_NOMEM;
+ }
- if ( !is_trusted_domain( domain ) )
- break;
+ tc_status = WERR_OK;
- if ( !get_dc_name( domain, NULL, dc_name2, &dc_ss ) ) {
- tc_status = WERR_NO_LOGON_SERVERS;
- break;
- }
+ break;
- dc_name = talloc_asprintf(p->mem_ctx, "\\\\%s", dc_name2);
- if (!dc_name) {
- return WERR_NOMEM;
- }
+ case NETLOGON_CONTROL_REDISCOVER:
+ if (!r->in.data || !r->in.data->domain) {
+ return WERR_NOT_SUPPORTED;
+ }
- tc_status = WERR_OK;
+ domain = r->in.data->domain;
+ if (!is_trusted_domain(domain)) {
break;
+ }
- default:
- /* no idea what this should be */
- DEBUG(0,("%s: unimplemented function level [%d]\n",
- fn, r->in.function_code));
- return WERR_UNKNOWN_LEVEL;
+ if (!get_dc_name(domain, NULL, dc_name2, &dc_ss)) {
+ tc_status = WERR_NO_LOGON_SERVERS;
+ break;
+ }
+
+ dc_name = talloc_asprintf(p->mem_ctx, "\\\\%s", dc_name2);
+ if (!dc_name) {
+ return WERR_NOMEM;
+ }
+
+ tc_status = WERR_OK;
+
+ break;
+
+ case NETLOGON_CONTROL_CHANGE_PASSWORD:
+ if (!r->in.data || !r->in.data->domain) {
+ return WERR_NOT_SUPPORTED;
+ }
+
+ if (!wb_change_trust_creds(r->in.data->domain, &tc_status)) {
+ return WERR_NOT_SUPPORTED;
+ }
+ break;
+
+ default:
+ /* no idea what this should be */
+ DEBUG(0,("%s: unimplemented function level [%d]\n",
+ fn, r->in.function_code));
+ return WERR_UNKNOWN_LEVEL;
}
/* prepare the response */
switch (r->in.level) {
- case 1:
- info1 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_1);
- W_ERROR_HAVE_NO_MEMORY(info1);
+ case 1:
+ info1 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_1);
+ W_ERROR_HAVE_NO_MEMORY(info1);
- info1->flags = flags;
- info1->pdc_connection_status = pdc_connection_status;
+ info1->flags = flags;
+ info1->pdc_connection_status = pdc_connection_status;
- r->out.query->info1 = info1;
- break;
- case 2:
- info2 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_2);
- W_ERROR_HAVE_NO_MEMORY(info2);
+ r->out.query->info1 = info1;
+ break;
+ case 2:
+ info2 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_2);
+ W_ERROR_HAVE_NO_MEMORY(info2);
- info2->flags = flags;
- info2->pdc_connection_status = pdc_connection_status;
- info2->trusted_dc_name = dc_name;
- info2->tc_connection_status = tc_status;
+ info2->flags = flags;
+ info2->pdc_connection_status = pdc_connection_status;
+ info2->trusted_dc_name = dc_name;
+ info2->tc_connection_status = tc_status;
- r->out.query->info2 = info2;
- break;
- case 3:
- info3 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_3);
- W_ERROR_HAVE_NO_MEMORY(info3);
+ r->out.query->info2 = info2;
+ break;
+ case 3:
+ info3 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_3);
+ W_ERROR_HAVE_NO_MEMORY(info3);
- info3->flags = flags;
- info3->logon_attempts = logon_attempts;
+ info3->flags = flags;
+ info3->logon_attempts = logon_attempts;
- r->out.query->info3 = info3;
- break;
- default:
- return WERR_UNKNOWN_LEVEL;
+ r->out.query->info3 = info3;
+ break;
+ case 4:
+ info4 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_4);
+ W_ERROR_HAVE_NO_MEMORY(info4);
+
+ info4->trusted_dc_name = dc_name;
+ info4->trusted_domain_name = r->in.data->domain;
+
+ r->out.query->info4 = info4;
+ break;
+ default:
+ return WERR_UNKNOWN_LEVEL;
}
if (lp_server_role() == ROLE_DOMAIN_BDC) {
WERROR _netr_NetrEnumerateTrustedDomains(pipes_struct *p,
struct netr_NetrEnumerateTrustedDomains *r)
{
- struct netr_Blob trusted_domains_blob;
+ NTSTATUS status;
DATA_BLOB blob;
+ struct trustdom_info **domains;
+ uint32_t num_domains;
+ const char **trusted_domains;
+ int i;
DEBUG(6,("_netr_NetrEnumerateTrustedDomains: %d\n", __LINE__));
/* set up the Trusted Domain List response */
- blob = data_blob_talloc_zero(p->mem_ctx, 2);
- trusted_domains_blob.data = blob.data;
- trusted_domains_blob.length = blob.length;
+ become_root();
+ status = pdb_enum_trusteddoms(p->mem_ctx, &num_domains, &domains);
+ unbecome_root();
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return ntstatus_to_werror(status);
+ }
- DEBUG(6,("_netr_NetrEnumerateTrustedDomains: %d\n", __LINE__));
+ trusted_domains = talloc_zero_array(p->mem_ctx, const char *, num_domains + 1);
+ if (!trusted_domains) {
+ return WERR_NOMEM;
+ }
+
+ for (i = 0; i < num_domains; i++) {
+ trusted_domains[i] = talloc_strdup(trusted_domains, domains[i]->name);
+ if (!trusted_domains[i]) {
+ TALLOC_FREE(trusted_domains);
+ return WERR_NOMEM;
+ }
+ }
+
+ if (!push_reg_multi_sz(trusted_domains, &blob, trusted_domains)) {
+ TALLOC_FREE(trusted_domains);
+ return WERR_NOMEM;
+ }
+
+ r->out.trusted_domains_blob->data = blob.data;
+ r->out.trusted_domains_blob->length = blob.length;
- *r->out.trusted_domains_blob = trusted_domains_blob;
+ DEBUG(6,("_netr_NetrEnumerateTrustedDomains: %d\n", __LINE__));
return WERR_OK;
}
******************************************************************/
static NTSTATUS get_md4pw(struct samr_Password *md4pw, const char *mach_acct,
- uint16_t sec_chan_type, struct dom_sid *sid)
+ enum netr_SchannelType sec_chan_type, struct dom_sid *sid)
{
struct samu *sampass = NULL;
const uint8 *pass;
struct tdb_context *tdb;
bool schannel_global_required = (lp_server_schannel() == true) ? true:false;
bool schannel_in_use = (p->auth.auth_type == PIPE_AUTH_TYPE_SCHANNEL) ? true:false; /* &&
- (p->auth.auth_level == PIPE_AUTH_LEVEL_INTEGRITY ||
- p->auth.auth_level == PIPE_AUTH_LEVEL_PRIVACY); */
+ (p->auth.auth_level == DCERPC_AUTH_LEVEL_INTEGRITY ||
+ p->auth.auth_level == DCERPC_AUTH_LEVEL_PRIVACY); */
tdb = open_schannel_session_store(mem_ctx);
if (!tdb) {
struct samu *sampass;
DATA_BLOB plaintext;
struct samr_CryptPassword password_buf;
+ struct samr_Password nt_hash;
become_root();
status = netr_creds_server_step_check(p, p->mem_ctx,
return NT_STATUS_WRONG_PASSWORD;
}
+ mdfour(nt_hash.hash, plaintext.data, plaintext.length);
+
status = netr_find_machine_account(p->mem_ctx,
creds->account_name,
&sampass);
status = netr_set_machine_account_password(sampass,
sampass,
- &plaintext,
NULL,
+ &nt_hash,
NULL);
TALLOC_FREE(sampass);
return status;
return NT_STATUS_NO_MEMORY;
}
break;
+ case 6:
+ r->out.validation->sam6 = TALLOC_ZERO_P(p->mem_ctx, struct netr_SamInfo6);
+ if (!r->out.validation->sam6) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ break;
default:
DEBUG(0,("%s: bad validation_level value %d.\n",
fn, (int)r->in.validation_level));
switch (r->in.logon_level) {
case NetlogonInteractiveInformation:
+ case NetlogonServiceInformation:
+ case NetlogonInteractiveTransitiveInformation:
+ case NetlogonServiceTransitiveInformation:
nt_username = logon->password->identity_info.account_name.string;
nt_domain = logon->password->identity_info.domain_name.string;
nt_workstation = logon->password->identity_info.workstation.string;
DEBUG(3,("SAM Logon (Interactive). Domain:[%s]. ", lp_workgroup()));
break;
case NetlogonNetworkInformation:
+ case NetlogonNetworkTransitiveInformation:
nt_username = logon->network->identity_info.account_name.string;
nt_domain = logon->network->identity_info.domain_name.string;
nt_workstation = logon->network->identity_info.workstation.string;
switch (r->in.logon_level) {
case NetlogonNetworkInformation:
+ case NetlogonNetworkTransitiveInformation:
{
const char *wksname = nt_workstation;
break;
}
case NetlogonInteractiveInformation:
+ case NetlogonServiceInformation:
+ case NetlogonInteractiveTransitiveInformation:
+ case NetlogonServiceTransitiveInformation:
+
/* 'Interactive' authentication, supplies the password in its
MD4 form, encrypted with the session key. We will convert
this to challenge/response for the auth subsystem to chew
|| (p->auth.a_u.schannel_auth == NULL)) {
return NT_STATUS_INVALID_HANDLE;
}
- memcpy(pipe_session_key, p->auth.a_u.schannel_auth->sess_key, 16);
+ memcpy(pipe_session_key, p->auth.a_u.schannel_auth->creds->session_key, 16);
}
switch (r->in.validation_level) {
status = serverinfo_to_SamInfo3(server_info, pipe_session_key, 16,
r->out.validation->sam3);
break;
+ case 6:
+ status = serverinfo_to_SamInfo6(server_info, pipe_session_key, 16,
+ r->out.validation->sam6);
+ break;
}
TALLOC_FREE(server_info);
/****************************************************************
****************************************************************/
+static bool wb_getdcname(TALLOC_CTX *mem_ctx,
+ const char *domain,
+ const char **dcname,
+ uint32_t flags,
+ WERROR *werr)
+{
+ wbcErr result;
+ struct wbcDomainControllerInfo *dc_info = NULL;
+
+ result = wbcLookupDomainController(domain,
+ flags,
+ &dc_info);
+ switch (result) {
+ case WBC_ERR_SUCCESS:
+ break;
+ case WBC_ERR_WINBIND_NOT_AVAILABLE:
+ return false;
+ case WBC_ERR_DOMAIN_NOT_FOUND:
+ *werr = WERR_NO_SUCH_DOMAIN;
+ return true;
+ default:
+ *werr = WERR_DOMAIN_CONTROLLER_NOT_FOUND;
+ return true;
+ }
+
+ *dcname = talloc_strdup(mem_ctx, dc_info->dc_name);
+ wbcFreeMemory(dc_info);
+ if (!*dcname) {
+ *werr = WERR_NOMEM;
+ return false;
+ }
+
+ *werr = WERR_OK;
+
+ return true;
+}
+
+/****************************************************************
+ _netr_GetDcName
+****************************************************************/
+
WERROR _netr_GetDcName(pipes_struct *p,
struct netr_GetDcName *r)
{
- p->rng_fault_state = true;
- return WERR_NOT_SUPPORTED;
+ NTSTATUS status;
+ WERROR werr;
+ uint32_t flags;
+ struct netr_DsRGetDCNameInfo *info;
+ bool ret;
+
+ ret = wb_getdcname(p->mem_ctx,
+ r->in.domainname,
+ r->out.dcname,
+ WBC_LOOKUP_DC_IS_FLAT_NAME |
+ WBC_LOOKUP_DC_RETURN_FLAT_NAME |
+ WBC_LOOKUP_DC_PDC_REQUIRED,
+ &werr);
+ if (ret == true) {
+ return werr;
+ }
+
+ flags = DS_PDC_REQUIRED | DS_IS_FLAT_NAME | DS_RETURN_FLAT_NAME;
+
+ status = dsgetdcname(p->mem_ctx,
+ smbd_messaging_context(),
+ r->in.domainname,
+ NULL,
+ NULL,
+ flags,
+ &info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return ntstatus_to_werror(status);
+ }
+
+ *r->out.dcname = talloc_strdup(p->mem_ctx, info->dc_unc);
+ talloc_free(info);
+ if (!*r->out.dcname) {
+ return WERR_NOMEM;
+ }
+
+ return WERR_OK;
}
/****************************************************************
+ _netr_GetAnyDCName
****************************************************************/
WERROR _netr_GetAnyDCName(pipes_struct *p,
struct netr_GetAnyDCName *r)
{
- p->rng_fault_state = true;
- return WERR_NOT_SUPPORTED;
+ NTSTATUS status;
+ WERROR werr;
+ uint32_t flags;
+ struct netr_DsRGetDCNameInfo *info;
+ bool ret;
+
+ ret = wb_getdcname(p->mem_ctx,
+ r->in.domainname,
+ r->out.dcname,
+ WBC_LOOKUP_DC_IS_FLAT_NAME |
+ WBC_LOOKUP_DC_RETURN_FLAT_NAME,
+ &werr);
+ if (ret == true) {
+ return werr;
+ }
+
+ flags = DS_IS_FLAT_NAME | DS_RETURN_FLAT_NAME;
+
+ status = dsgetdcname(p->mem_ctx,
+ smbd_messaging_context(),
+ r->in.domainname,
+ NULL,
+ NULL,
+ flags,
+ &info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return ntstatus_to_werror(status);
+ }
+
+ *r->out.dcname = talloc_strdup(p->mem_ctx, info->dc_unc);
+ talloc_free(info);
+ if (!*r->out.dcname) {
+ return WERR_NOMEM;
+ }
+
+ return WERR_OK;
}
/****************************************************************
git.samba.org / ira / wip.git / blobdiff