*/
#include "includes.h"
-#include "libnet/libnet.h"
+#include "smb_krb5.h"
+#include "ads.h"
+#include "libnet/libnet_dssync.h"
+#include "libnet/libnet_keytab.h"
#include "librpc/gen_ndr/ndr_drsblobs.h"
-#if defined(HAVE_ADS) && defined(ENCTYPE_ARCFOUR_HMAC)
-
-/**
- * Internal helper function to add data to the list
- * of keytab entries. It builds the prefix from the input.
- */
-static NTSTATUS add_to_keytab_entries(TALLOC_CTX *mem_ctx,
- struct libnet_keytab_context *ctx,
- uint32_t kvno,
- const char *name,
- const char *prefix,
- const krb5_enctype enctype,
- DATA_BLOB blob)
-{
- struct libnet_keytab_entry entry;
-
- entry.kvno = kvno;
- entry.name = talloc_strdup(mem_ctx, name);
- entry.principal = talloc_asprintf(mem_ctx, "%s%s%s@%s",
- prefix ? prefix : "",
- prefix ? "/" : "",
- name, ctx->dns_domain_name);
- entry.enctype = enctype;
- entry.password = blob;
- NT_STATUS_HAVE_NO_MEMORY(entry.name);
- NT_STATUS_HAVE_NO_MEMORY(entry.principal);
- NT_STATUS_HAVE_NO_MEMORY(entry.password.data);
-
- ADD_TO_ARRAY(mem_ctx, struct libnet_keytab_entry, entry,
- &ctx->entries, &ctx->count);
- NT_STATUS_HAVE_NO_MEMORY(ctx->entries);
-
- return NT_STATUS_OK;
-}
+#if defined(HAVE_ADS)
static NTSTATUS keytab_startup(struct dssync_context *ctx, TALLOC_CTX *mem_ctx,
struct replUpToDateVectorBlob **pold_utdv)
enum ndr_err_code ndr_err;
old_utdv = talloc(mem_ctx, struct replUpToDateVectorBlob);
- ndr_err = ndr_pull_struct_blob(&entry->password, old_utdv,
- old_utdv,
+ ndr_err = ndr_pull_struct_blob(&entry->password, old_utdv, old_utdv,
(ndr_pull_flags_fn_t)ndr_pull_replUpToDateVectorBlob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
- ctx->error_message = talloc_asprintf(mem_ctx,
+ ctx->error_message = talloc_asprintf(ctx,
"Failed to pull UpToDateVector: %s",
nt_errstr(status));
return status;
(ndr_push_flags_fn_t)ndr_push_replUpToDateVectorBlob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
status = ndr_map_error2ntstatus(ndr_err);
- ctx->error_message = talloc_asprintf(mem_ctx,
+ ctx->error_message = talloc_asprintf(ctx,
"Failed to push UpToDateVector: %s",
nt_errstr(status));
goto done;
}
- status = add_to_keytab_entries(mem_ctx, keytab_ctx, 0,
- ctx->nc_dn, "UTDV",
- ENCTYPE_NULL,
- blob);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, keytab_ctx, 0,
+ ctx->nc_dn, "UTDV",
+ ENCTYPE_NULL,
+ blob);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
ret = libnet_keytab_add(keytab_ctx);
if (ret) {
status = krb5_to_nt_status(ret);
- ctx->error_message = talloc_asprintf(mem_ctx,
+ ctx->error_message = talloc_asprintf(ctx,
"Failed to add entries to keytab %s: %s",
keytab_ctx->keytab_name, error_message(ret));
goto done;
}
- ctx->result_message = talloc_asprintf(mem_ctx,
+ ctx->result_message = talloc_asprintf(ctx,
"Vampired %d accounts to keytab %s",
keytab_ctx->count,
keytab_ctx->keytab_name);
goto done;
}
- pkb = TALLOC_ZERO_P(mem_ctx, struct package_PrimaryKerberosBlob);
+ pkb = talloc_zero(mem_ctx, struct package_PrimaryKerberosBlob);
if (!pkb) {
status = NT_STATUS_NO_MEMORY;
goto done;
attr = &cur->object.attribute_ctr.attributes[i];
- if (attr->attid == DRSUAPI_ATTRIBUTE_servicePrincipalName) {
+ if (attr->attid == DRSUAPI_ATTID_servicePrincipalName) {
uint32_t count;
num_spns = attr->value_ctr.num_values;
- spn = TALLOC_ARRAY(mem_ctx, char *, num_spns);
+ spn = talloc_array(mem_ctx, char *, num_spns);
for (count = 0; count < num_spns; count++) {
blob = attr->value_ctr.values[count].blob;
pull_string_talloc(spn, NULL, 0,
blob = attr->value_ctr.values[0].blob;
switch (attr->attid) {
- case DRSUAPI_ATTRIBUTE_unicodePwd:
+ case DRSUAPI_ATTID_unicodePwd:
if (blob->length != 16) {
break;
}
kvno = cur->meta_data_ctr->meta_data[i].version;
break;
- case DRSUAPI_ATTRIBUTE_ntPwdHistory:
+ case DRSUAPI_ATTID_ntPwdHistory:
pwd_history_len = blob->length / 16;
pwd_history = blob->data;
break;
- case DRSUAPI_ATTRIBUTE_userPrincipalName:
+ case DRSUAPI_ATTID_userPrincipalName:
pull_string_talloc(mem_ctx, NULL, 0, &upn,
blob->data, blob->length,
STR_UNICODE);
break;
- case DRSUAPI_ATTRIBUTE_sAMAccountName:
+ case DRSUAPI_ATTID_sAMAccountName:
pull_string_talloc(mem_ctx, NULL, 0, &name,
blob->data, blob->length,
STR_UNICODE);
break;
- case DRSUAPI_ATTRIBUTE_sAMAccountType:
+ case DRSUAPI_ATTID_sAMAccountType:
sam_type = IVAL(blob->data, 0);
break;
- case DRSUAPI_ATTRIBUTE_userAccountControl:
+ case DRSUAPI_ATTID_userAccountControl:
uacc = IVAL(blob->data, 0);
break;
- case DRSUAPI_ATTRIBUTE_supplementalCredentials:
+ case DRSUAPI_ATTID_supplementalCredentials:
status = parse_supplemental_credentials(mem_ctx,
blob,
&pkb3,
}
if (name) {
- status = add_to_keytab_entries(mem_ctx, ctx, 0, object_dn,
- "SAMACCOUNTNAME",
- ENCTYPE_NULL,
- data_blob_talloc(mem_ctx, name,
- strlen(name) + 1));
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, 0, object_dn,
+ "SAMACCOUNTNAME",
+ ENCTYPE_NULL,
+ data_blob_talloc(mem_ctx, name,
+ strlen(name) + 1));
if (!NT_STATUS_IS_OK(status)) {
return status;
}
}
DEBUGADD(1,("\n"));
- status = add_to_keytab_entries(mem_ctx, ctx, kvno, name, NULL,
- ENCTYPE_ARCFOUR_HMAC,
- data_blob_talloc(mem_ctx, nt_passwd, 16));
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno, name, NULL,
+ ENCTYPE_ARCFOUR_HMAC,
+ data_blob_talloc(mem_ctx, nt_passwd, 16));
if (!NT_STATUS_IS_OK(status)) {
return status;
if (!pkb4->keys[i].value) {
continue;
}
- status = add_to_keytab_entries(mem_ctx, ctx, kvno,
- name,
- NULL,
- pkb4->keys[i].keytype,
- *pkb4->keys[i].value);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno,
+ name,
+ NULL,
+ pkb4->keys[i].keytype,
+ *pkb4->keys[i].value);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (!pkb4->old_keys[i].value) {
continue;
}
- status = add_to_keytab_entries(mem_ctx, ctx, kvno - 1,
- name,
- NULL,
- pkb4->old_keys[i].keytype,
- *pkb4->old_keys[i].value);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno - 1,
+ name,
+ NULL,
+ pkb4->old_keys[i].keytype,
+ *pkb4->old_keys[i].value);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (!pkb4->older_keys[i].value) {
continue;
}
- status = add_to_keytab_entries(mem_ctx, ctx, kvno - 2,
- name,
- NULL,
- pkb4->older_keys[i].keytype,
- *pkb4->older_keys[i].value);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno - 2,
+ name,
+ NULL,
+ pkb4->older_keys[i].keytype,
+ *pkb4->older_keys[i].value);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (!pkb3->keys[i].value) {
continue;
}
- status = add_to_keytab_entries(mem_ctx, ctx, kvno, name,
- NULL,
- pkb3->keys[i].keytype,
- *pkb3->keys[i].value);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno, name,
+ NULL,
+ pkb3->keys[i].keytype,
+ *pkb3->keys[i].value);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (!pkb3->old_keys[i].value) {
continue;
}
- status = add_to_keytab_entries(mem_ctx, ctx, kvno - 1,
- name,
- NULL,
- pkb3->old_keys[i].keytype,
- *pkb3->old_keys[i].value);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno - 1,
+ name,
+ NULL,
+ pkb3->old_keys[i].keytype,
+ *pkb3->old_keys[i].value);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
}
for (; i<pwd_history_len; i++) {
- status = add_to_keytab_entries(mem_ctx, ctx, kvno--, name, NULL,
- ENCTYPE_ARCFOUR_HMAC,
- data_blob_talloc(mem_ctx, &pwd_history[i*16], 16));
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno--, name, NULL,
+ ENCTYPE_ARCFOUR_HMAC,
+ data_blob_talloc(mem_ctx, &pwd_history[i*16], 16));
if (!NT_STATUS_IS_OK(status)) {
break;
}
{
return NT_STATUS_NOT_SUPPORTED;
}
-#endif /* defined(HAVE_ADS) && defined(ENCTYPE_ARCFOUR_HMAC) */
+#endif /* defined(HAVE_ADS) */
const struct dssync_ops libnet_dssync_keytab_ops = {
.startup = keytab_startup,