Author: vlendec Date: 2007-05-23 15:17:49 +0000 (Wed, 23 May 2007) New Revision: 23091
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23091 Log: Add rpccli_netlogon_sam_network_logon_ex, fix its parsing. This does not use the credential chain and only works over netlogon, but it would allow multiple outstanding auth requests for a single workstation account. Modified: branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c branches/SAMBA_3_0/source/rpc_parse/parse_misc.c branches/SAMBA_3_0/source/rpc_parse/parse_net.c branches/SAMBA_3_0_26/source/rpc_client/cli_netlogon.c branches/SAMBA_3_0_26/source/rpc_parse/parse_misc.c branches/SAMBA_3_0_26/source/rpc_parse/parse_net.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c =================================================================== --- branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c 2007-05-23 07:44:51 UTC (rev 23090) +++ branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c 2007-05-23 15:17:49 UTC (rev 23091) @@ -946,6 +946,98 @@ return result; } +NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + uint32 logon_parameters, + const char *server, + const char *username, + const char *domain, + const char *workstation, + const uint8 chal[8], + DATA_BLOB lm_response, + DATA_BLOB nt_response, + NET_USER_INFO_3 *info3) +{ + prs_struct qbuf, rbuf; + NET_Q_SAM_LOGON_EX q; + NET_R_SAM_LOGON_EX r; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + NET_ID_INFO_CTR ctr; + int validation_level = 3; + const char *workstation_name_slash; + const char *server_name_slash; + static uint8 zeros[16]; + int i; + + ZERO_STRUCT(q); + ZERO_STRUCT(r); + + if (server[0] != '\\' && server[1] != '\\') { + server_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", server); + } else { + server_name_slash = server; + } + + if (workstation[0] != '\\' && workstation[1] != '\\') { + workstation_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", workstation); + } else { + workstation_name_slash = workstation; + } + + if (!workstation_name_slash || !server_name_slash) { + DEBUG(0, ("talloc_asprintf failed!\n")); + return NT_STATUS_NO_MEMORY; + } + + /* Initialise input parameters */ + + q.validation_level = validation_level; + + ctr.switch_value = NET_LOGON_TYPE; + + init_id_info2(&ctr.auth.id2, domain, + logon_parameters, /* param_ctrl */ + 0xdead, 0xbeef, /* LUID? */ + username, workstation_name_slash, (const uchar*)chal, + lm_response.data, lm_response.length, nt_response.data, + nt_response.length); + + init_sam_info_ex(&q.sam_id, server_name_slash, global_myname(), + NET_LOGON_TYPE, &ctr); + + r.user = info3; + + /* Marshall data and send request */ + + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON_EX, + q, r, qbuf, rbuf, + net_io_q_sam_logon_ex, + net_io_r_sam_logon_ex, + NT_STATUS_UNSUCCESSFUL); + + if (memcmp(zeros, info3->user_sess_key, 16) != 0) { + SamOEMhash(info3->user_sess_key, cli->dc->sess_key, 16); + } else { + memset(info3->user_sess_key, '\0', 16); + } + + if (memcmp(zeros, info3->lm_sess_key, 8) != 0) { + SamOEMhash(info3->lm_sess_key, cli->dc->sess_key, 8); + } else { + memset(info3->lm_sess_key, '\0', 8); + } + + for (i=0; i < 7; i++) { + memset(&info3->unknown[i], '\0', 4); + } + + /* Return results */ + + result = r.status; + + return result; +} + /*************************************************************************** LSA Server Password Set. ****************************************************************************/ Modified: branches/SAMBA_3_0/source/rpc_parse/parse_misc.c =================================================================== --- branches/SAMBA_3_0/source/rpc_parse/parse_misc.c 2007-05-23 07:44:51 UTC (rev 23090) +++ branches/SAMBA_3_0/source/rpc_parse/parse_misc.c 2007-05-23 15:17:49 UTC (rev 23091) @@ -1337,7 +1337,8 @@ Inits a DOM_CLNT_SRV structure. ********************************************************************/ -static void init_clnt_srv(DOM_CLNT_SRV *logcln, const char *logon_srv, const char *comp_name) +void init_clnt_srv(DOM_CLNT_SRV *logcln, const char *logon_srv, + const char *comp_name) { DEBUG(5,("init_clnt_srv: %d\n", __LINE__)); Modified: branches/SAMBA_3_0/source/rpc_parse/parse_net.c =================================================================== --- branches/SAMBA_3_0/source/rpc_parse/parse_net.c 2007-05-23 07:44:51 UTC (rev 23090) +++ branches/SAMBA_3_0/source/rpc_parse/parse_net.c 2007-05-23 15:17:49 UTC (rev 23091) @@ -1376,6 +1376,21 @@ } /******************************************************************* + Inits a DOM_SAM_INFO structure. +********************************************************************/ + +void init_sam_info_ex(DOM_SAM_INFO_EX *sam, + const char *logon_srv, const char *comp_name, + uint16 logon_level, NET_ID_INFO_CTR *ctr) +{ + DEBUG(5,("init_sam_info_ex: %d\n", __LINE__)); + + init_clnt_srv(&sam->client, logon_srv, comp_name); + sam->logon_level = logon_level; + sam->ctr = ctr; +} + +/******************************************************************* Reads or writes a DOM_SAM_INFO structure. ********************************************************************/ @@ -1993,6 +2008,9 @@ if(!prs_uint16("validation_level", ps, depth, &q_l->validation_level)) return False; + if (!prs_align(ps)) + return False; + if(!prs_uint32("flags ", ps, depth, &q_l->flags)) return False; Modified: branches/SAMBA_3_0_26/source/rpc_client/cli_netlogon.c =================================================================== --- branches/SAMBA_3_0_26/source/rpc_client/cli_netlogon.c 2007-05-23 07:44:51 UTC (rev 23090) +++ branches/SAMBA_3_0_26/source/rpc_client/cli_netlogon.c 2007-05-23 15:17:49 UTC (rev 23091) @@ -908,6 +908,98 @@ return result; } +NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + uint32 logon_parameters, + const char *server, + const char *username, + const char *domain, + const char *workstation, + const uint8 chal[8], + DATA_BLOB lm_response, + DATA_BLOB nt_response, + NET_USER_INFO_3 *info3) +{ + prs_struct qbuf, rbuf; + NET_Q_SAM_LOGON_EX q; + NET_R_SAM_LOGON_EX r; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + NET_ID_INFO_CTR ctr; + int validation_level = 3; + const char *workstation_name_slash; + const char *server_name_slash; + static uint8 zeros[16]; + int i; + + ZERO_STRUCT(q); + ZERO_STRUCT(r); + + if (server[0] != '\\' && server[1] != '\\') { + server_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", server); + } else { + server_name_slash = server; + } + + if (workstation[0] != '\\' && workstation[1] != '\\') { + workstation_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", workstation); + } else { + workstation_name_slash = workstation; + } + + if (!workstation_name_slash || !server_name_slash) { + DEBUG(0, ("talloc_asprintf failed!\n")); + return NT_STATUS_NO_MEMORY; + } + + /* Initialise input parameters */ + + q.validation_level = validation_level; + + ctr.switch_value = NET_LOGON_TYPE; + + init_id_info2(&ctr.auth.id2, domain, + logon_parameters, /* param_ctrl */ + 0xdead, 0xbeef, /* LUID? */ + username, workstation_name_slash, (const uchar*)chal, + lm_response.data, lm_response.length, nt_response.data, + nt_response.length); + + init_sam_info_ex(&q.sam_id, server_name_slash, global_myname(), + NET_LOGON_TYPE, &ctr); + + r.user = info3; + + /* Marshall data and send request */ + + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON_EX, + q, r, qbuf, rbuf, + net_io_q_sam_logon_ex, + net_io_r_sam_logon_ex, + NT_STATUS_UNSUCCESSFUL); + + if (memcmp(zeros, info3->user_sess_key, 16) != 0) { + SamOEMhash(info3->user_sess_key, cli->dc->sess_key, 16); + } else { + memset(info3->user_sess_key, '\0', 16); + } + + if (memcmp(zeros, info3->lm_sess_key, 8) != 0) { + SamOEMhash(info3->lm_sess_key, cli->dc->sess_key, 8); + } else { + memset(info3->lm_sess_key, '\0', 8); + } + + for (i=0; i < 7; i++) { + memset(&info3->unknown[i], '\0', 4); + } + + /* Return results */ + + result = r.status; + + return result; +} + /*************************************************************************** LSA Server Password Set. ****************************************************************************/ Modified: branches/SAMBA_3_0_26/source/rpc_parse/parse_misc.c =================================================================== --- branches/SAMBA_3_0_26/source/rpc_parse/parse_misc.c 2007-05-23 07:44:51 UTC (rev 23090) +++ branches/SAMBA_3_0_26/source/rpc_parse/parse_misc.c 2007-05-23 15:17:49 UTC (rev 23091) @@ -1384,7 +1384,8 @@ Inits a DOM_CLNT_SRV structure. ********************************************************************/ -static void init_clnt_srv(DOM_CLNT_SRV *logcln, const char *logon_srv, const char *comp_name) +void init_clnt_srv(DOM_CLNT_SRV *logcln, const char *logon_srv, + const char *comp_name) { DEBUG(5,("init_clnt_srv: %d\n", __LINE__)); Modified: branches/SAMBA_3_0_26/source/rpc_parse/parse_net.c =================================================================== --- branches/SAMBA_3_0_26/source/rpc_parse/parse_net.c 2007-05-23 07:44:51 UTC (rev 23090) +++ branches/SAMBA_3_0_26/source/rpc_parse/parse_net.c 2007-05-23 15:17:49 UTC (rev 23091) @@ -1292,6 +1292,21 @@ } /******************************************************************* + Inits a DOM_SAM_INFO structure. +********************************************************************/ + +void init_sam_info_ex(DOM_SAM_INFO_EX *sam, + const char *logon_srv, const char *comp_name, + uint16 logon_level, NET_ID_INFO_CTR *ctr) +{ + DEBUG(5,("init_sam_info_ex: %d\n", __LINE__)); + + init_clnt_srv(&sam->client, logon_srv, comp_name); + sam->logon_level = logon_level; + sam->ctr = ctr; +} + +/******************************************************************* Reads or writes a DOM_SAM_INFO structure. ********************************************************************/ @@ -1909,6 +1924,9 @@ if(!prs_uint16("validation_level", ps, depth, &q_l->validation_level)) return False; + if (!prs_align(ps)) + return False; + if(!prs_uint32("flags ", ps, depth, &q_l->flags)) return False;