2 * Unix SMB/Netbios implementation.
4 * RPC Pipe client / server routines
5 * Copyright (C) Andrew Tridgell 1992-1997,
6 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
7 * Copyright (C) Paul Ashton 1997.
8 * Copyright (C) Jeremy Allison 1998.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
32 extern int DEBUGLEVEL;
33 extern pstring global_myname;
34 extern fstring global_myworkgroup;
36 /****************************************************************************
37 do a LSA Logon Control2
38 ****************************************************************************/
40 BOOL do_net_logon_ctrl2(struct cli_state *cli, uint32 status_level)
44 NET_Q_LOGON_CTRL2 q_l;
47 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
48 prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
50 /* create and send a MSRPC command with api NET_LOGON_CTRL2 */
52 DEBUG(4,("do_net_logon_ctrl2 from %s status level:%x\n",
53 global_myname, status_level));
55 /* store the parameters */
56 make_q_logon_ctrl2(&q_l, cli->srv_name_slash, status_level);
58 /* turn parameters into data stream */
59 net_io_q_logon_ctrl2("", &q_l, &buf, 0);
61 /* send the data on \PIPE\ */
62 if (rpc_api_pipe_req(cli, NET_LOGON_CTRL2, &buf, &rbuf))
64 NET_R_LOGON_CTRL2 r_l;
66 net_io_r_logon_ctrl2("", &r_l, &rbuf, 0);
67 ok = (rbuf.offset != 0);
69 if (ok && r_l.status != 0)
71 /* report error code */
72 DEBUG(0,("do_net_logon_ctrl2: Error %s\n", get_nt_error_msg(r_l.status)));
73 cli->nt_error = r_l.status;
84 /****************************************************************************
87 Send the client credential, receive back a server credential.
88 Ensure that the server credential returned matches the session key
89 encrypt of the server challenge originally received. JRA.
90 ****************************************************************************/
92 BOOL cli_net_auth2(struct cli_state *cli, uint16 sec_chan,
93 uint32 neg_flags, DOM_CHAL *srv_chal)
100 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
101 prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
103 /* create and send a MSRPC command with api NET_AUTH2 */
105 DEBUG(4,("cli_net_auth2: srv:%s acct:%s sc:%x mc: %s chal %s neg: %lx\n",
106 cli->srv_name_slash, cli->mach_acct, sec_chan, global_myname,
107 credstr(cli->clnt_cred.challenge.data), neg_flags));
109 /* store the parameters */
110 make_q_auth_2(&q_a, cli->srv_name_slash, cli->mach_acct, sec_chan, global_myname,
111 &cli->clnt_cred.challenge, neg_flags);
113 /* turn parameters into data stream */
114 net_io_q_auth_2("", &q_a, &buf, 0);
116 /* send the data on \PIPE\ */
117 if (rpc_api_pipe_req(cli, NET_AUTH2, &buf, &rbuf))
121 net_io_r_auth_2("", &r_a, &rbuf, 0);
122 ok = (rbuf.offset != 0);
124 if (ok && r_a.status != 0)
126 /* report error code */
127 DEBUG(0,("cli_net_auth2: Error %s\n", get_nt_error_msg(r_a.status)));
128 cli->nt_error = r_a.status;
135 * Check the returned value using the initial
136 * server received challenge.
141 if(cred_assert( &r_a.srv_chal, cli->sess_key, srv_chal, zerotime) == 0) {
143 * Server replied with bad credential. Fail.
145 DEBUG(0,("cli_net_auth2: server %s replied with bad credential (bad machine \
146 password ?).\n", cli->desthost ));
151 if (ok && r_a.srv_flgs.neg_flags != q_a.clnt_flgs.neg_flags)
153 /* report different neg_flags */
154 DEBUG(0,("cli_net_auth2: error neg_flags (q,r) differ - (%lx,%lx)\n",
155 q_a.clnt_flgs.neg_flags, r_a.srv_flgs.neg_flags));
167 /****************************************************************************
168 LSA Request Challenge. Sends our challenge to server, then gets
169 server response. These are used to generate the credentials.
170 ****************************************************************************/
172 BOOL cli_net_req_chal(struct cli_state *cli, DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal)
177 BOOL valid_chal = False;
179 if (srv_chal == NULL || clnt_chal == NULL)
182 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
183 prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
185 /* create and send a MSRPC command with api NET_REQCHAL */
187 DEBUG(4,("cli_net_req_chal: LSA Request Challenge from %s to %s: %s\n",
188 cli->desthost, global_myname, credstr(clnt_chal->data)));
190 /* store the parameters */
191 make_q_req_chal(&q_c, cli->srv_name_slash, global_myname, clnt_chal);
193 /* turn parameters into data stream */
194 net_io_q_req_chal("", &q_c, &buf, 0);
196 /* send the data on \PIPE\ */
197 if (rpc_api_pipe_req(cli, NET_REQCHAL, &buf, &rbuf))
202 net_io_r_req_chal("", &r_c, &rbuf, 0);
203 ok = (rbuf.offset != 0);
205 if (ok && r_c.status != 0)
207 /* report error code */
208 DEBUG(0,("cli_net_req_chal: Error %s\n", get_nt_error_msg(r_c.status)));
209 cli->nt_error = r_c.status;
215 /* ok, at last: we're happy. return the challenge */
216 memcpy(srv_chal, r_c.srv_chal.data, sizeof(srv_chal->data));
228 /***************************************************************************
229 do a LSA Server Password Set
230 ****************************************************************************/
232 BOOL do_net_srv_pwset(struct cli_state *cli, uint16 fnum,
233 uchar sess_key[16], DOM_CRED *sto_clnt_cred,
234 char *logon_srv, char *mach_acct, uint16 sec_chan_type,
235 char *comp_name, DOM_CRED *clnt_cred, DOM_CRED *srv_cred,
236 uint8 nt_owf_new_mach_pwd[16])
241 BOOL valid_cred = False;
243 if (srv_cred == NULL || clnt_cred == NULL)
246 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
247 prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
250 /* create and send a MSRPC command with api NET_SRV_PWSET */
252 DEBUG(4,("LSA Server Password Set: srv:%s acct:%s sc: %d mc: %s clnt %s %lx\n",
253 cli->srv_name_slash, mach_acct, sec_chan_type, comp_name,
254 credstr(clnt_cred->challenge.data), clnt_cred->timestamp.time));
256 /* store the parameters */
257 make_q_srv_pwset(&q_s, sess_key, logon_srv, mach_acct, sec_chan_type,
258 comp_name, clnt_cred, nt_owf_new_mach_pwd);
260 /* turn parameters into data stream */
261 net_io_q_srv_pwset("", &q_s, &buf, 0);
263 /* send the data on \PIPE\ */
264 if (rpc_api_pipe_req(cli, NET_SRVPWSET, &buf, &rbuf))
269 net_io_r_srv_pwset("", &r_s, &rbuf, 0);
270 ok = (rbuf.offset != 0);
272 if (ok && r_s.status != 0)
274 /* report error code */
275 DEBUG(0,("NET_R_SRV_PWSET: %s\n", get_nt_error_msg(r_s.status)));
276 cli->nt_error = r_s.status;
282 if (clnt_deal_with_creds(sess_key, sto_clnt_cred, &(r_s.srv_cred)))
284 DEBUG(5, ("do_net_srv_pwset: server credential check OK\n"));
285 /* ok, at last: we're happy. return the challenge */
286 memcpy(srv_cred, &(r_s.srv_cred), sizeof(r_s.srv_cred));
291 DEBUG(5, ("do_net_srv_pwset: server credential check failed\n"));
303 /***************************************************************************
305 ****************************************************************************/
307 BOOL cli_net_sam_logon(struct cli_state *cli, NET_ID_INFO_CTR *ctr,
308 NET_USER_INFO_3 *user_info3)
310 DOM_CRED new_clnt_cred;
313 uint16 validation_level = 3;
318 * Create the new client credentials.
321 cli->clnt_cred.timestamp.time = time(NULL);
323 memcpy(&new_clnt_cred, &cli->clnt_cred, sizeof(new_clnt_cred));
325 /* Calculate the new credentials. */
326 cred_create(cli->sess_key, &(cli->clnt_cred.challenge),
327 new_clnt_cred.timestamp, &(new_clnt_cred.challenge));
329 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
330 prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
332 /* create and send a MSRPC command with api NET_SAMLOGON */
334 DEBUG(4,("cli_net_sam_logon: srv:%s mc:%s clnt %s %lx ll: %d\n",
335 cli->srv_name_slash, global_myname,
336 credstr(new_clnt_cred.challenge.data), cli->clnt_cred.timestamp.time,
339 /* store the parameters */
340 make_sam_info(&(q_s.sam_id), cli->srv_name_slash, global_myname,
341 &new_clnt_cred, NULL, ctr->switch_value, ctr, validation_level);
343 /* turn parameters into data stream */
344 net_io_q_sam_logon("", &q_s, &buf, 0);
346 /* send the data on \PIPE\ */
347 if (rpc_api_pipe_req(cli, NET_SAMLOGON, &buf, &rbuf))
351 r_s.user = user_info3;
353 net_io_r_sam_logon("", &r_s, &rbuf, 0);
354 ok = (rbuf.offset != 0);
356 if (ok && r_s.status != 0)
358 /* report error code */
359 DEBUG(0,("cli_net_sam_logon: %s\n", get_nt_error_msg(r_s.status)));
360 cli->nt_error = r_s.status;
364 /* Update the credentials. */
365 if (clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), &(r_s.srv_creds)) == 0)
368 * Server replied with bad credential. Fail.
370 DEBUG(0,("cli_net_sam_logon: server %s replied with bad credential (bad machine \
371 password ?).\n", cli->desthost ));
375 if (ok && r_s.switch_value != 3)
377 /* report different switch_value */
378 DEBUG(0,("cli_net_sam_logon: switch_value of 3 expected %x\n",
390 /***************************************************************************
392 ****************************************************************************/
394 BOOL cli_net_sam_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr)
396 DOM_CRED new_clnt_cred;
399 NET_Q_SAM_LOGOFF q_s;
400 uint16 validation_level = 3;
404 * Create the new client credentials.
407 cli->clnt_cred.timestamp.time = time(NULL);
409 memcpy(&new_clnt_cred, &cli->clnt_cred, sizeof(new_clnt_cred));
411 /* Calculate the new credentials. */
412 cred_create(cli->sess_key, &(cli->clnt_cred.challenge),
413 new_clnt_cred.timestamp, &(new_clnt_cred.challenge));
415 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
416 prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True );
418 /* create and send a MSRPC command with api NET_SAMLOGOFF */
420 DEBUG(4,("cli_net_sam_logoff: srv:%s mc:%s clnt %s %lx ll: %d\n",
421 cli->srv_name_slash, global_myname,
422 credstr(new_clnt_cred.challenge.data), new_clnt_cred.timestamp.time,
425 /* store the parameters */
426 make_sam_info(&(q_s.sam_id), cli->srv_name_slash, global_myname,
427 &new_clnt_cred, NULL, ctr->switch_value, ctr, validation_level);
429 /* turn parameters into data stream */
430 net_io_q_sam_logoff("", &q_s, &buf, 0);
432 /* send the data on \PIPE\ */
433 if (rpc_api_pipe_req(cli, NET_SAMLOGOFF, &buf, &rbuf))
435 NET_R_SAM_LOGOFF r_s;
437 net_io_r_sam_logoff("", &r_s, &rbuf, 0);
438 ok = (rbuf.offset != 0);
440 if (ok && r_s.status != 0)
442 /* report error code */
443 DEBUG(0,("cli_net_sam_logoff: %s\n", get_nt_error_msg(r_s.status)));
444 cli->nt_error = r_s.status;
448 /* Update the credentials. */
449 if (clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), &(r_s.srv_creds)) == 0)
452 * Server replied with bad credential. Fail.
454 DEBUG(0,("cli_net_sam_logoff: server %s replied with bad credential (bad machine \
455 password ?).\n", cli->desthost ));