← Back to branch summary

~ubuntu-branches/ubuntu/vivid/samba/vivid

« back to all changes in this revision

Viewing changes to source3/rpc_server/netlogon/srv_netlog_nt.c

  • Committer: Package Import Robot
  • Author(s): Chuck Short
  • Date: 2011-12-21 13:18:04 UTC
  • mfrom: (0.39.21 sid)
  • Revision ID: package-import@ubuntu.com-20111221131804-xtlr39wx6njehxxr
Tags: 2:3.6.1-3ubuntu1
* Merge from Debian testing.  Remaining changes:
  + debian/patches/VERSION.patch:
    - set SAMBA_VERSION_SUFFIX to Ubuntu.
  + debian/patches/error-trans.fix-276472:
    - Add the translation of Unix Error code -ENOTSUP to NT Error Code
    - NT_STATUS_NOT_SUPPORTED to prevent the Permission denied error.
  + debian/smb.conf:
    - add "(Samba, Ubuntu)" to server string.
    - comment out the default [homes] share, and add a comment about
      "valid users = %S" to show users how to restrict access to
      \\server\username to only username.
    - Set 'usershare allow guests', so that usershare admins are 
      allowed to create public shares in addition to authenticated
      ones.
    - add map to guest = Bad user, maps bad username to guest access.
  + debian/samba-common.config:
    - Do not change priority to high if dhclient3 is installed.
    - Use priority medium instead of high for the workgroup question.
  + debian/control:
    - Don't build against or suggest ctdb.
    - Add dependency on samba-common-bin to samba.
  + Add ufw integration:
    - Created debian/samba.ufw.profile
    - debian/rules, debian/samba.dirs, debian/samba.files: install
      profile
    - debian/control: have samba suggest ufw
  + Add apport hook:
    - Created debian/source_samba.py.
    - debian/rules, debian/samba.dirs, debian/samba-common-bin.files: install
  + Switch to upstart:
    - Add debian/samba.{nmbd,smbd}.upstart.
  + debian/samba.logrotate, debian/samba-common.dhcp, debian/samba.if-up:
    - Make them upstart compatible
  + debian/samba.postinst: 
    - Avoid scary pdbedit warnings on first import.
  + debian/samba-common.postinst: Add more informative error message for
    the case where smb.conf was manually deleted
  + debian/patches/fix-debuglevel-name-conflict.patch: don't use 'debug_level'
    as a global variable name in an NSS module 
  + Dropped:
    - debian/patches/error-trans.fix-276472
    - debian/patches/fix-debuglevel-name-conflict.patch

Show diffs side-by-side

added added

removed removed

Lines of Context:
source3/rpc_server/netlogon/srv_netlog_nt.c
 
1
/*
 
2
 *  Unix SMB/CIFS implementation.
 
3
 *  RPC Pipe client / server routines
 
4
 *  Copyright (C) Andrew Tridgell              1992-1997,
 
5
 *  Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
 
6
 *  Copyright (C) Paul Ashton                       1997.
 
7
 *  Copyright (C) Jeremy Allison               1998-2001.
 
8
 *  Copyright (C) Andrew Bartlett                   2001.
 
9
 *  Copyright (C) Guenther Deschner                 2008-2009.
 
10
 *
 
11
 *  This program is free software; you can redistribute it and/or modify
 
12
 *  it under the terms of the GNU General Public License as published by
 
13
 *  the Free Software Foundation; either version 3 of the License, or
 
14
 *  (at your option) any later version.
 
15
 *
 
16
 *  This program is distributed in the hope that it will be useful,
 
17
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 
18
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 
19
 *  GNU General Public License for more details.
 
20
 *
 
21
 *  You should have received a copy of the GNU General Public License
 
22
 *  along with this program; if not, see <http://www.gnu.org/licenses/>.
 
23
 */
 
24
 
 
25
/* This is the implementation of the netlogon pipe. */
 
26
 
 
27
#include "includes.h"
 
28
#include "ntdomain.h"
 
29
#include "../libcli/auth/schannel.h"
 
30
#include "../librpc/gen_ndr/srv_netlogon.h"
 
31
#include "../librpc/gen_ndr/ndr_samr_c.h"
 
32
#include "../librpc/gen_ndr/ndr_lsa_c.h"
 
33
#include "rpc_client/cli_lsarpc.h"
 
34
#include "../lib/crypto/md4.h"
 
35
#include "rpc_client/init_lsa.h"
 
36
#include "rpc_server/rpc_ncacn_np.h"
 
37
#include "../libcli/security/security.h"
 
38
#include "../libcli/security/dom_sid.h"
 
39
#include "librpc/gen_ndr/ndr_drsblobs.h"
 
40
#include "lib/crypto/arcfour.h"
 
41
#include "lib/crypto/md4.h"
 
42
#include "nsswitch/libwbclient/wbclient.h"
 
43
#include "../libcli/registry/util_reg.h"
 
44
#include "passdb.h"
 
45
#include "auth.h"
 
46
#include "messages.h"
 
47
 
 
48
extern userdom_struct current_user_info;
 
49
 
 
50
#undef DBGC_CLASS
 
51
#define DBGC_CLASS DBGC_RPC_SRV
 
52
 
 
53
struct netlogon_server_pipe_state {
 
54
        struct netr_Credential client_challenge;
 
55
        struct netr_Credential server_challenge;
 
56
};
 
57
 
 
58
/*************************************************************************
 
59
 _netr_LogonControl
 
60
 *************************************************************************/
 
61
 
 
62
WERROR _netr_LogonControl(struct pipes_struct *p,
 
63
                          struct netr_LogonControl *r)
 
64
{
 
65
        struct netr_LogonControl2Ex l;
 
66
 
 
67
        switch (r->in.level) {
 
68
        case 1:
 
69
                break;
 
70
        case 2:
 
71
                return WERR_NOT_SUPPORTED;
 
72
        default:
 
73
                return WERR_UNKNOWN_LEVEL;
 
74
        }
 
75
 
 
76
        l.in.logon_server       = r->in.logon_server;
 
77
        l.in.function_code      = r->in.function_code;
 
78
        l.in.level              = r->in.level;
 
79
        l.in.data               = NULL;
 
80
        l.out.query             = r->out.query;
 
81
 
 
82
        return _netr_LogonControl2Ex(p, &l);
 
83
}
 
84
 
 
85
/****************************************************************************
 
86
Send a message to smbd to do a sam synchronisation
 
87
**************************************************************************/
 
88
 
 
89
static void send_sync_message(struct messaging_context *msg_ctx)
 
90
{
 
91
        DEBUG(3, ("sending sam synchronisation message\n"));
 
92
        message_send_all(msg_ctx, MSG_SMB_SAM_SYNC, NULL, 0, NULL);
 
93
}
 
94
 
 
95
/*************************************************************************
 
96
 _netr_LogonControl2
 
97
 *************************************************************************/
 
98
 
 
99
WERROR _netr_LogonControl2(struct pipes_struct *p,
 
100
                           struct netr_LogonControl2 *r)
 
101
{
 
102
        struct netr_LogonControl2Ex l;
 
103
 
 
104
        l.in.logon_server       = r->in.logon_server;
 
105
        l.in.function_code      = r->in.function_code;
 
106
        l.in.level              = r->in.level;
 
107
        l.in.data               = r->in.data;
 
108
        l.out.query             = r->out.query;
 
109
 
 
110
        return _netr_LogonControl2Ex(p, &l);
 
111
}
 
112
 
 
113
/*************************************************************************
 
114
 *************************************************************************/
 
115
 
 
116
static bool wb_change_trust_creds(const char *domain, WERROR *tc_status)
 
117
{
 
118
        wbcErr result;
 
119
        struct wbcAuthErrorInfo *error = NULL;
 
120
 
 
121
        result = wbcChangeTrustCredentials(domain, &error);
 
122
        switch (result) {
 
123
        case WBC_ERR_WINBIND_NOT_AVAILABLE:
 
124
                return false;
 
125
        case WBC_ERR_DOMAIN_NOT_FOUND:
 
126
                *tc_status = WERR_NO_SUCH_DOMAIN;
 
127
                return true;
 
128
        case WBC_ERR_SUCCESS:
 
129
                *tc_status = WERR_OK;
 
130
                return true;
 
131
        default:
 
132
                break;
 
133
        }
 
134
 
 
135
        if (error && error->nt_status != 0) {
 
136
                *tc_status = ntstatus_to_werror(NT_STATUS(error->nt_status));
 
137
        } else {
 
138
                *tc_status = WERR_TRUST_FAILURE;
 
139
        }
 
140
        wbcFreeMemory(error);
 
141
        return true;
 
142
}
 
143
 
 
144
/*************************************************************************
 
145
 *************************************************************************/
 
146
 
 
147
static bool wb_check_trust_creds(const char *domain, WERROR *tc_status)
 
148
{
 
149
        wbcErr result;
 
150
        struct wbcAuthErrorInfo *error = NULL;
 
151
 
 
152
        result = wbcCheckTrustCredentials(domain, &error);
 
153
        switch (result) {
 
154
        case WBC_ERR_WINBIND_NOT_AVAILABLE:
 
155
                return false;
 
156
        case WBC_ERR_DOMAIN_NOT_FOUND:
 
157
                *tc_status = WERR_NO_SUCH_DOMAIN;
 
158
                return true;
 
159
        case WBC_ERR_SUCCESS:
 
160
                *tc_status = WERR_OK;
 
161
                return true;
 
162
        default:
 
163
                break;
 
164
        }
 
165
 
 
166
        if (error && error->nt_status != 0) {
 
167
                *tc_status = ntstatus_to_werror(NT_STATUS(error->nt_status));
 
168
        } else {
 
169
                *tc_status = WERR_TRUST_FAILURE;
 
170
        }
 
171
        wbcFreeMemory(error);
 
172
        return true;
 
173
}
 
174
 
 
175
/****************************************************************
 
176
 _netr_LogonControl2Ex
 
177
****************************************************************/
 
178
 
 
179
WERROR _netr_LogonControl2Ex(struct pipes_struct *p,
 
180
                             struct netr_LogonControl2Ex *r)
 
181
{
 
182
        uint32_t flags = 0x0;
 
183
        WERROR pdc_connection_status = WERR_OK;
 
184
        uint32_t logon_attempts = 0x0;
 
185
        WERROR tc_status;
 
186
        fstring dc_name2;
 
187
        const char *dc_name = NULL;
 
188
        struct sockaddr_storage dc_ss;
 
189
        const char *domain = NULL;
 
190
        struct netr_NETLOGON_INFO_1 *info1;
 
191
        struct netr_NETLOGON_INFO_2 *info2;
 
192
        struct netr_NETLOGON_INFO_3 *info3;
 
193
        struct netr_NETLOGON_INFO_4 *info4;
 
194
        const char *fn;
 
195
        uint32_t acct_ctrl;
 
196
 
 
197
        switch (p->opnum) {
 
198
        case NDR_NETR_LOGONCONTROL:
 
199
                fn = "_netr_LogonControl";
 
200
                break;
 
201
        case NDR_NETR_LOGONCONTROL2:
 
202
                fn = "_netr_LogonControl2";
 
203
                break;
 
204
        case NDR_NETR_LOGONCONTROL2EX:
 
205
                fn = "_netr_LogonControl2Ex";
 
206
                break;
 
207
        default:
 
208
                return WERR_INVALID_PARAM;
 
209
        }
 
210
 
 
211
        acct_ctrl = p->session_info->info3->base.acct_flags;
 
212
 
 
213
        switch (r->in.function_code) {
 
214
        case NETLOGON_CONTROL_TC_VERIFY:
 
215
        case NETLOGON_CONTROL_CHANGE_PASSWORD:
 
216
        case NETLOGON_CONTROL_REDISCOVER:
 
217
                if ((geteuid() != sec_initial_uid()) &&
 
218
                    !nt_token_check_domain_rid(p->session_info->security_token, DOMAIN_RID_ADMINS) &&
 
219
                    !nt_token_check_sid(&global_sid_Builtin_Administrators, p->session_info->security_token) &&
 
220
                    !(acct_ctrl & (ACB_WSTRUST | ACB_SVRTRUST))) {
 
221
                        return WERR_ACCESS_DENIED;
 
222
                }
 
223
                break;
 
224
        default:
 
225
                break;
 
226
        }
 
227
 
 
228
        tc_status = WERR_NO_SUCH_DOMAIN;
 
229
 
 
230
        switch (r->in.function_code) {
 
231
        case NETLOGON_CONTROL_QUERY:
 
232
                tc_status = WERR_OK;
 
233
                break;
 
234
        case NETLOGON_CONTROL_REPLICATE:
 
235
        case NETLOGON_CONTROL_SYNCHRONIZE:
 
236
        case NETLOGON_CONTROL_PDC_REPLICATE:
 
237
        case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
 
238
        case NETLOGON_CONTROL_BREAKPOINT:
 
239
                if (acct_ctrl & ACB_NORMAL) {
 
240
                        return WERR_NOT_SUPPORTED;
 
241
                } else if (acct_ctrl & (ACB_WSTRUST | ACB_SVRTRUST)) {
 
242
                        return WERR_ACCESS_DENIED;
 
243
                } else {
 
244
                        return WERR_ACCESS_DENIED;
 
245
                }
 
246
        case NETLOGON_CONTROL_TRUNCATE_LOG:
 
247
                if (acct_ctrl & ACB_NORMAL) {
 
248
                        break;
 
249
                } else if (acct_ctrl & (ACB_WSTRUST | ACB_SVRTRUST)) {
 
250
                        return WERR_ACCESS_DENIED;
 
251
                } else {
 
252
                        return WERR_ACCESS_DENIED;
 
253
                }
 
254
 
 
255
        case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
 
256
        case NETLOGON_CONTROL_FORCE_DNS_REG:
 
257
        case NETLOGON_CONTROL_QUERY_DNS_REG:
 
258
                return WERR_NOT_SUPPORTED;
 
259
        case NETLOGON_CONTROL_FIND_USER:
 
260
                if (!r->in.data || !r->in.data->user) {
 
261
                        return WERR_NOT_SUPPORTED;
 
262
                }
 
263
                break;
 
264
        case NETLOGON_CONTROL_SET_DBFLAG:
 
265
                if (!r->in.data) {
 
266
                        return WERR_NOT_SUPPORTED;
 
267
                }
 
268
                break;
 
269
        case NETLOGON_CONTROL_TC_VERIFY:
 
270
                if (!r->in.data || !r->in.data->domain) {
 
271
                        return WERR_NOT_SUPPORTED;
 
272
                }
 
273
 
 
274
                if (!wb_check_trust_creds(r->in.data->domain, &tc_status)) {
 
275
                        return WERR_NOT_SUPPORTED;
 
276
                }
 
277
                break;
 
278
        case NETLOGON_CONTROL_TC_QUERY:
 
279
                if (!r->in.data || !r->in.data->domain) {
 
280
                        return WERR_NOT_SUPPORTED;
 
281
                }
 
282
 
 
283
                domain = r->in.data->domain;
 
284
 
 
285
                if (!is_trusted_domain(domain)) {
 
286
                        break;
 
287
                }
 
288
 
 
289
                if (!get_dc_name(domain, NULL, dc_name2, &dc_ss)) {
 
290
                        tc_status = WERR_NO_LOGON_SERVERS;
 
291
                        break;
 
292
                }
 
293
 
 
294
                dc_name = talloc_asprintf(p->mem_ctx, "\\\\%s", dc_name2);
 
295
                if (!dc_name) {
 
296
                        return WERR_NOMEM;
 
297
                }
 
298
 
 
299
                tc_status = WERR_OK;
 
300
 
 
301
                break;
 
302
 
 
303
        case NETLOGON_CONTROL_REDISCOVER:
 
304
                if (!r->in.data || !r->in.data->domain) {
 
305
                        return WERR_NOT_SUPPORTED;
 
306
                }
 
307
 
 
308
                domain = r->in.data->domain;
 
309
 
 
310
                if (!is_trusted_domain(domain)) {
 
311
                        break;
 
312
                }
 
313
 
 
314
                if (!get_dc_name(domain, NULL, dc_name2, &dc_ss)) {
 
315
                        tc_status = WERR_NO_LOGON_SERVERS;
 
316
                        break;
 
317
                }
 
318
 
 
319
                dc_name = talloc_asprintf(p->mem_ctx, "\\\\%s", dc_name2);
 
320
                if (!dc_name) {
 
321
                        return WERR_NOMEM;
 
322
                }
 
323
 
 
324
                tc_status = WERR_OK;
 
325
 
 
326
                break;
 
327
 
 
328
        case NETLOGON_CONTROL_CHANGE_PASSWORD:
 
329
                if (!r->in.data || !r->in.data->domain) {
 
330
                        return WERR_NOT_SUPPORTED;
 
331
                }
 
332
 
 
333
                if (!wb_change_trust_creds(r->in.data->domain, &tc_status)) {
 
334
                        return WERR_NOT_SUPPORTED;
 
335
                }
 
336
                break;
 
337
 
 
338
        default:
 
339
                /* no idea what this should be */
 
340
                DEBUG(0,("%s: unimplemented function level [%d]\n",
 
341
                        fn, r->in.function_code));
 
342
                return WERR_UNKNOWN_LEVEL;
 
343
        }
 
344
 
 
345
        /* prepare the response */
 
346
 
 
347
        switch (r->in.level) {
 
348
        case 1:
 
349
                info1 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_1);
 
350
                W_ERROR_HAVE_NO_MEMORY(info1);
 
351
 
 
352
                info1->flags                    = flags;
 
353
                info1->pdc_connection_status    = pdc_connection_status;
 
354
 
 
355
                r->out.query->info1 = info1;
 
356
                break;
 
357
        case 2:
 
358
                info2 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_2);
 
359
                W_ERROR_HAVE_NO_MEMORY(info2);
 
360
 
 
361
                info2->flags                    = flags;
 
362
                info2->pdc_connection_status    = pdc_connection_status;
 
363
                info2->trusted_dc_name          = dc_name;
 
364
                info2->tc_connection_status     = tc_status;
 
365
 
 
366
                r->out.query->info2 = info2;
 
367
                break;
 
368
        case 3:
 
369
                info3 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_3);
 
370
                W_ERROR_HAVE_NO_MEMORY(info3);
 
371
 
 
372
                info3->flags                    = flags;
 
373
                info3->logon_attempts           = logon_attempts;
 
374
 
 
375
                r->out.query->info3 = info3;
 
376
                break;
 
377
        case 4:
 
378
                info4 = TALLOC_ZERO_P(p->mem_ctx, struct netr_NETLOGON_INFO_4);
 
379
                W_ERROR_HAVE_NO_MEMORY(info4);
 
380
 
 
381
                info4->trusted_dc_name          = dc_name;
 
382
                info4->trusted_domain_name      = r->in.data->domain;
 
383
 
 
384
                r->out.query->info4 = info4;
 
385
                break;
 
386
        default:
 
387
                return WERR_UNKNOWN_LEVEL;
 
388
        }
 
389
 
 
390
        if (lp_server_role() == ROLE_DOMAIN_BDC) {
 
391
                send_sync_message(p->msg_ctx);
 
392
        }
 
393
 
 
394
        return WERR_OK;
 
395
}
 
396
 
 
397
/*************************************************************************
 
398
 _netr_NetrEnumerateTrustedDomains
 
399
 *************************************************************************/
 
400
 
 
401
NTSTATUS _netr_NetrEnumerateTrustedDomains(struct pipes_struct *p,
 
402
                                           struct netr_NetrEnumerateTrustedDomains *r)
 
403
{
 
404
        NTSTATUS status;
 
405
        NTSTATUS result = NT_STATUS_OK;
 
406
        DATA_BLOB blob;
 
407
        int num_domains = 0;
 
408
        const char **trusted_domains = NULL;
 
409
        struct lsa_DomainList domain_list;
 
410
        struct dcerpc_binding_handle *h = NULL;
 
411
        struct policy_handle pol;
 
412
        uint32_t enum_ctx = 0;
 
413
        int i;
 
414
        uint32_t max_size = (uint32_t)-1;
 
415
 
 
416
        DEBUG(6,("_netr_NetrEnumerateTrustedDomains: %d\n", __LINE__));
 
417
 
 
418
        status = rpcint_binding_handle(p->mem_ctx,
 
419
                                       &ndr_table_lsarpc,
 
420
                                       p->client_id,
 
421
                                       p->session_info,
 
422
                                       p->msg_ctx,
 
423
                                       &h);
 
424
        if (!NT_STATUS_IS_OK(status)) {
 
425
                return status;
 
426
        }
 
427
 
 
428
        status = dcerpc_lsa_open_policy2(h,
 
429
                                         p->mem_ctx,
 
430
                                         NULL,
 
431
                                         true,
 
432
                                         LSA_POLICY_VIEW_LOCAL_INFORMATION,
 
433
                                         &pol,
 
434
                                         &result);
 
435
        if (!NT_STATUS_IS_OK(status)) {
 
436
                goto out;
 
437
        }
 
438
        if (!NT_STATUS_IS_OK(result)) {
 
439
                status = result;
 
440
                goto out;
 
441
        }
 
442
 
 
443
        do {
 
444
                /* Lookup list of trusted domains */
 
445
                status = dcerpc_lsa_EnumTrustDom(h,
 
446
                                                 p->mem_ctx,
 
447
                                                 &pol,
 
448
                                                 &enum_ctx,
 
449
                                                 &domain_list,
 
450
                                                 max_size,
 
451
                                                 &result);
 
452
                if (!NT_STATUS_IS_OK(status)) {
 
453
                        goto out;
 
454
                }
 
455
                if (!NT_STATUS_IS_OK(result) &&
 
456
                    !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
 
457
                    !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
 
458
                        status = result;
 
459
                        goto out;
 
460
                }
 
461
 
 
462
                for (i = 0; i < domain_list.count; i++) {
 
463
                        if (!add_string_to_array(p->mem_ctx, domain_list.domains[i].name.string,
 
464
                                                 &trusted_domains, &num_domains)) {
 
465
                                status = NT_STATUS_NO_MEMORY;
 
466
                                goto out;
 
467
                        }
 
468
                }
 
469
        } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
 
470
 
 
471
        if (num_domains > 0) {
 
472
                /* multi sz terminate */
 
473
                trusted_domains = talloc_realloc(p->mem_ctx, trusted_domains, const char *, num_domains + 1);
 
474
                if (trusted_domains == NULL) {
 
475
                        status = NT_STATUS_NO_MEMORY;
 
476
                        goto out;
 
477
                }
 
478
 
 
479
                trusted_domains[num_domains] = NULL;
 
480
        }
 
481
 
 
482
        if (!push_reg_multi_sz(trusted_domains, &blob, trusted_domains)) {
 
483
                TALLOC_FREE(trusted_domains);
 
484
                status = NT_STATUS_NO_MEMORY;
 
485
                goto out;
 
486
        }
 
487
 
 
488
        r->out.trusted_domains_blob->data = blob.data;
 
489
        r->out.trusted_domains_blob->length = blob.length;
 
490
 
 
491
        DEBUG(6,("_netr_NetrEnumerateTrustedDomains: %d\n", __LINE__));
 
492
 
 
493
        status = NT_STATUS_OK;
 
494
 
 
495
 out:
 
496
        if (h && is_valid_policy_hnd(&pol)) {
 
497
                dcerpc_lsa_Close(h, p->mem_ctx, &pol, &result);
 
498
        }
 
499
 
 
500
        return status;
 
501
}
 
502
 
 
503
/*************************************************************************
 
504
 *************************************************************************/
 
505
 
 
506
static NTSTATUS samr_find_machine_account(TALLOC_CTX *mem_ctx,
 
507
                                          struct dcerpc_binding_handle *b,
 
508
                                          const char *account_name,
 
509
                                          uint32_t access_mask,
 
510
                                          struct dom_sid2 **domain_sid_p,
 
511
                                          uint32_t *user_rid_p,
 
512
                                          struct policy_handle *user_handle)
 
513
{
 
514
        NTSTATUS status;
 
515
        NTSTATUS result = NT_STATUS_OK;
 
516
        struct policy_handle connect_handle, domain_handle;
 
517
        struct lsa_String domain_name;
 
518
        struct dom_sid2 *domain_sid;
 
519
        struct lsa_String names;
 
520
        struct samr_Ids rids;
 
521
        struct samr_Ids types;
 
522
        uint32_t rid;
 
523
 
 
524
        status = dcerpc_samr_Connect2(b, mem_ctx,
 
525
                                      global_myname(),
 
526
                                      SAMR_ACCESS_CONNECT_TO_SERVER |
 
527
                                      SAMR_ACCESS_ENUM_DOMAINS |
 
528
                                      SAMR_ACCESS_LOOKUP_DOMAIN,
 
529
                                      &connect_handle,
 
530
                                      &result);
 
531
        if (!NT_STATUS_IS_OK(status)) {
 
532
                goto out;
 
533
        }
 
534
        if (!NT_STATUS_IS_OK(result)) {
 
535
                status = result;
 
536
                goto out;
 
537
        }
 
538
 
 
539
        init_lsa_String(&domain_name, get_global_sam_name());
 
540
 
 
541
        status = dcerpc_samr_LookupDomain(b, mem_ctx,
 
542
                                          &connect_handle,
 
543
                                          &domain_name,
 
544
                                          &domain_sid,
 
545
                                          &result);
 
546
        if (!NT_STATUS_IS_OK(status)) {
 
547
                goto out;
 
548
        }
 
549
        if (!NT_STATUS_IS_OK(result)) {
 
550
                status = result;
 
551
                goto out;
 
552
        }
 
553
 
 
554
        status = dcerpc_samr_OpenDomain(b, mem_ctx,
 
555
                                        &connect_handle,
 
556
                                        SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
 
557
                                        domain_sid,
 
558
                                        &domain_handle,
 
559
                                        &result);
 
560
        if (!NT_STATUS_IS_OK(status)) {
 
561
                goto out;
 
562
        }
 
563
        if (!NT_STATUS_IS_OK(result)) {
 
564
                status = result;
 
565
                goto out;
 
566
        }
 
567
 
 
568
        init_lsa_String(&names, account_name);
 
569
 
 
570
        status = dcerpc_samr_LookupNames(b, mem_ctx,
 
571
                                         &domain_handle,
 
572
                                         1,
 
573
                                         &names,
 
574
                                         &rids,
 
575
                                         &types,
 
576
                                         &result);
 
577
        if (!NT_STATUS_IS_OK(status)) {
 
578
                goto out;
 
579
        }
 
580
        if (!NT_STATUS_IS_OK(result)) {
 
581
                status = result;
 
582
                goto out;
 
583
        }
 
584
 
 
585
        if (rids.count != 1) {
 
586
                status = NT_STATUS_NO_SUCH_USER;
 
587
                goto out;
 
588
        }
 
589
        if (rids.count != types.count) {
 
590
                status = NT_STATUS_INVALID_PARAMETER;
 
591
                goto out;
 
592
        }
 
593
        if (types.ids[0] != SID_NAME_USER) {
 
594
                status = NT_STATUS_NO_SUCH_USER;
 
595
                goto out;
 
596
        }
 
597
 
 
598
        rid = rids.ids[0];
 
599
 
 
600
        status = dcerpc_samr_OpenUser(b, mem_ctx,
 
601
                                      &domain_handle,
 
602
                                      access_mask,
 
603
                                      rid,
 
604
                                      user_handle,
 
605
                                      &result);
 
606
        if (!NT_STATUS_IS_OK(status)) {
 
607
                goto out;
 
608
        }
 
609
        if (!NT_STATUS_IS_OK(result)) {
 
610
                status = result;
 
611
                goto out;
 
612
        }
 
613
 
 
614
        if (user_rid_p) {
 
615
                *user_rid_p = rid;
 
616
        }
 
617
 
 
618
        if (domain_sid_p) {
 
619
                *domain_sid_p = domain_sid;
 
620
        }
 
621
 
 
622
 out:
 
623
        if (b && is_valid_policy_hnd(&domain_handle)) {
 
624
                dcerpc_samr_Close(b, mem_ctx, &domain_handle, &result);
 
625
        }
 
626
        if (b && is_valid_policy_hnd(&connect_handle)) {
 
627
                dcerpc_samr_Close(b, mem_ctx, &connect_handle, &result);
 
628
        }
 
629
 
 
630
        return status;
 
631
}
 
632
 
 
633
/******************************************************************
 
634
 gets a machine password entry.  checks access rights of the host.
 
635
 ******************************************************************/
 
636
 
 
637
static NTSTATUS get_md4pw(struct samr_Password *md4pw, const char *mach_acct,
 
638
                          enum netr_SchannelType sec_chan_type,
 
639
                          struct dom_sid *sid,
 
640
                          struct messaging_context *msg_ctx)
 
641
{
 
642
        NTSTATUS status;
 
643
        NTSTATUS result = NT_STATUS_OK;
 
644
        TALLOC_CTX *mem_ctx;
 
645
        struct dcerpc_binding_handle *h = NULL;
 
646
        static struct client_address client_id;
 
647
        struct policy_handle user_handle;
 
648
        uint32_t user_rid;
 
649
        struct dom_sid *domain_sid;
 
650
        uint32_t acct_ctrl;
 
651
        union samr_UserInfo *info;
 
652
        struct auth_serversupplied_info *session_info;
 
653
#if 0
 
654
 
 
655
    /*
 
656
     * Currently this code is redundent as we already have a filter
 
657
     * by hostname list. What this code really needs to do is to
 
658
     * get a hosts allowed/hosts denied list from the SAM database
 
659
     * on a per user basis, and make the access decision there.
 
660
     * I will leave this code here for now as a reminder to implement
 
661
     * this at a later date. JRA.
 
662
     */
 
663
 
 
664
        if (!allow_access(lp_domain_hostsdeny(), lp_domain_hostsallow(),
 
665
                          p->client_id.name,
 
666
                          p->client_id.addr)) {
 
667
                DEBUG(0,("get_md4pw: Workstation %s denied access to domain\n", mach_acct));
 
668
                return False;
 
669
        }
 
670
#endif /* 0 */
 
671
 
 
672
        mem_ctx = talloc_stackframe();
 
673
        if (mem_ctx == NULL) {
 
674
                status = NT_STATUS_NO_MEMORY;
 
675
                goto out;
 
676
        }
 
677
 
 
678
        status = make_session_info_system(mem_ctx, &session_info);
 
679
        if (!NT_STATUS_IS_OK(status)) {
 
680
                goto out;
 
681
        }
 
682
 
 
683
        ZERO_STRUCT(user_handle);
 
684
 
 
685
        strlcpy(client_id.addr, "127.0.0.1", sizeof(client_id.addr));
 
686
        client_id.name = "127.0.0.1";
 
687
 
 
688
        status = rpcint_binding_handle(mem_ctx,
 
689
                                       &ndr_table_samr,
 
690
                                       &client_id,
 
691
                                       session_info,
 
692
                                       msg_ctx,
 
693
                                       &h);
 
694
        if (!NT_STATUS_IS_OK(status)) {
 
695
                goto out;
 
696
        }
 
697
 
 
698
        become_root();
 
699
        status = samr_find_machine_account(mem_ctx, h, mach_acct,
 
700
                                           SEC_FLAG_MAXIMUM_ALLOWED,
 
701
                                           &domain_sid, &user_rid,
 
702
                                           &user_handle);
 
703
        unbecome_root();
 
704
        if (!NT_STATUS_IS_OK(status)) {
 
705
                goto out;
 
706
        }
 
707
 
 
708
        status = dcerpc_samr_QueryUserInfo2(h,
 
709
                                            mem_ctx,
 
710
                                            &user_handle,
 
711
                                            UserControlInformation,
 
712
                                            &info,
 
713
                                            &result);
 
714
        if (!NT_STATUS_IS_OK(status)) {
 
715
                goto out;
 
716
        }
 
717
        if (!NT_STATUS_IS_OK(result)) {
 
718
                status = result;
 
719
                goto out;
 
720
        }
 
721
 
 
722
        acct_ctrl = info->info16.acct_flags;
 
723
 
 
724
        if (acct_ctrl & ACB_DISABLED) {
 
725
                DEBUG(0,("get_md4pw: Workstation %s: account is disabled\n", mach_acct));
 
726
                status = NT_STATUS_ACCOUNT_DISABLED;
 
727
                goto out;
 
728
        }
 
729
 
 
730
        if (!(acct_ctrl & ACB_SVRTRUST) &&
 
731
            !(acct_ctrl & ACB_WSTRUST) &&
 
732
            !(acct_ctrl & ACB_DOMTRUST))
 
733
        {
 
734
                DEBUG(0,("get_md4pw: Workstation %s: account is not a trust account\n", mach_acct));
 
735
                status = NT_STATUS_NO_TRUST_SAM_ACCOUNT;
 
736
                goto out;
 
737
        }
 
738
 
 
739
        switch (sec_chan_type) {
 
740
                case SEC_CHAN_BDC:
 
741
                        if (!(acct_ctrl & ACB_SVRTRUST)) {
 
742
                                DEBUG(0,("get_md4pw: Workstation %s: BDC secure channel requested "
 
743
                                         "but not a server trust account\n", mach_acct));
 
744
                                status = NT_STATUS_NO_TRUST_SAM_ACCOUNT;
 
745
                                goto out;
 
746
                        }
 
747
                        break;
 
748
                case SEC_CHAN_WKSTA:
 
749
                        if (!(acct_ctrl & ACB_WSTRUST)) {
 
750
                                DEBUG(0,("get_md4pw: Workstation %s: WORKSTATION secure channel requested "
 
751
                                         "but not a workstation trust account\n", mach_acct));
 
752
                                status = NT_STATUS_NO_TRUST_SAM_ACCOUNT;
 
753
                                goto out;
 
754
                        }
 
755
                        break;
 
756
                case SEC_CHAN_DOMAIN:
 
757
                        if (!(acct_ctrl & ACB_DOMTRUST)) {
 
758
                                DEBUG(0,("get_md4pw: Workstation %s: DOMAIN secure channel requested "
 
759
                                         "but not a interdomain trust account\n", mach_acct));
 
760
                                status = NT_STATUS_NO_TRUST_SAM_ACCOUNT;
 
761
                                goto out;
 
762
                        }
 
763
                        break;
 
764
                default:
 
765
                        break;
 
766
        }
 
767
 
 
768
        become_root();
 
769
        status = dcerpc_samr_QueryUserInfo2(h,
 
770
                                            mem_ctx,
 
771
                                            &user_handle,
 
772
                                            UserInternal1Information,
 
773
                                            &info,
 
774
                                            &result);
 
775
        unbecome_root();
 
776
        if (!NT_STATUS_IS_OK(status)) {
 
777
                goto out;
 
778
        }
 
779
        if (!NT_STATUS_IS_OK(result)) {
 
780
                status = result;
 
781
                goto out;
 
782
        }
 
783
 
 
784
        if (info->info18.nt_pwd_active == 0) {
 
785
                DEBUG(0,("get_md4pw: Workstation %s: account does not have a password\n", mach_acct));
 
786
                status = NT_STATUS_LOGON_FAILURE;
 
787
                goto out;
 
788
        }
 
789
 
 
790
        /* samr gives out nthash unencrypted (!) */
 
791
        memcpy(md4pw->hash, info->info18.nt_pwd.hash, 16);
 
792
 
 
793
        sid_compose(sid, domain_sid, user_rid);
 
794
 
 
795
 out:
 
796
        if (h && is_valid_policy_hnd(&user_handle)) {
 
797
                dcerpc_samr_Close(h, mem_ctx, &user_handle, &result);
 
798
        }
 
799
 
 
800
        talloc_free(mem_ctx);
 
801
 
 
802
        return status;
 
803
}
 
804
 
 
805
/*************************************************************************
 
806
 _netr_ServerReqChallenge
 
807
 *************************************************************************/
 
808
 
 
809
NTSTATUS _netr_ServerReqChallenge(struct pipes_struct *p,
 
810
                                  struct netr_ServerReqChallenge *r)
 
811
{
 
812
        struct netlogon_server_pipe_state *pipe_state =
 
813
                talloc_get_type(p->private_data, struct netlogon_server_pipe_state);
 
814
 
 
815
        if (pipe_state) {
 
816
                DEBUG(10,("_netr_ServerReqChallenge: new challenge requested. Clearing old state.\n"));
 
817
                talloc_free(pipe_state);
 
818
                p->private_data = NULL;
 
819
        }
 
820
 
 
821
        pipe_state = talloc(p, struct netlogon_server_pipe_state);
 
822
        NT_STATUS_HAVE_NO_MEMORY(pipe_state);
 
823
 
 
824
        pipe_state->client_challenge = *r->in.credentials;
 
825
 
 
826
        generate_random_buffer(pipe_state->server_challenge.data,
 
827
                               sizeof(pipe_state->server_challenge.data));
 
828
 
 
829
        *r->out.return_credentials = pipe_state->server_challenge;
 
830
 
 
831
        p->private_data = pipe_state;
 
832
 
 
833
        return NT_STATUS_OK;
 
834
}
 
835
 
 
836
/*************************************************************************
 
837
 _netr_ServerAuthenticate
 
838
 Create the initial credentials.
 
839
 *************************************************************************/
 
840
 
 
841
NTSTATUS _netr_ServerAuthenticate(struct pipes_struct *p,
 
842
                                  struct netr_ServerAuthenticate *r)
 
843
{
 
844
        struct netr_ServerAuthenticate3 a;
 
845
        uint32_t negotiate_flags = 0;
 
846
        uint32_t rid;
 
847
 
 
848
        a.in.server_name                = r->in.server_name;
 
849
        a.in.account_name               = r->in.account_name;
 
850
        a.in.secure_channel_type        = r->in.secure_channel_type;
 
851
        a.in.computer_name              = r->in.computer_name;
 
852
        a.in.credentials                = r->in.credentials;
 
853
        a.in.negotiate_flags            = &negotiate_flags;
 
854
 
 
855
        a.out.return_credentials        = r->out.return_credentials;
 
856
        a.out.rid                       = &rid;
 
857
        a.out.negotiate_flags           = &negotiate_flags;
 
858
 
 
859
        return _netr_ServerAuthenticate3(p, &a);
 
860
 
 
861
}
 
862
 
 
863
/*************************************************************************
 
864
 _netr_ServerAuthenticate3
 
865
 *************************************************************************/
 
866
 
 
867
NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
 
868
                                   struct netr_ServerAuthenticate3 *r)
 
869
{
 
870
        NTSTATUS status;
 
871
        uint32_t srv_flgs;
 
872
        /* r->in.negotiate_flags is an aliased pointer to r->out.negotiate_flags,
 
873
         * so use a copy to avoid destroying the client values. */
 
874
        uint32_t in_neg_flags = *r->in.negotiate_flags;
 
875
        const char *fn;
 
876
        struct dom_sid sid;
 
877
        struct samr_Password mach_pwd;
 
878
        struct netlogon_creds_CredentialState *creds;
 
879
        struct netlogon_server_pipe_state *pipe_state =
 
880
                talloc_get_type(p->private_data, struct netlogon_server_pipe_state);
 
881
 
 
882
        /* According to Microsoft (see bugid #6099)
 
883
         * Windows 7 looks at the negotiate_flags
 
884
         * returned in this structure *even if the
 
885
         * call fails with access denied* ! So in order
 
886
         * to allow Win7 to connect to a Samba NT style
 
887
         * PDC we set the flags before we know if it's
 
888
         * an error or not.
 
889
         */
 
890
 
 
891
        /* 0x000001ff */
 
892
        srv_flgs = NETLOGON_NEG_ACCOUNT_LOCKOUT |
 
893
                   NETLOGON_NEG_PERSISTENT_SAMREPL |
 
894
                   NETLOGON_NEG_ARCFOUR |
 
895
                   NETLOGON_NEG_PROMOTION_COUNT |
 
896
                   NETLOGON_NEG_CHANGELOG_BDC |
 
897
                   NETLOGON_NEG_FULL_SYNC_REPL |
 
898
                   NETLOGON_NEG_MULTIPLE_SIDS |
 
899
                   NETLOGON_NEG_REDO |
 
900
                   NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL |
 
901
                   NETLOGON_NEG_PASSWORD_SET2;
 
902
 
 
903
        /* Ensure we support strong (128-bit) keys. */
 
904
        if (in_neg_flags & NETLOGON_NEG_STRONG_KEYS) {
 
905
                srv_flgs |= NETLOGON_NEG_STRONG_KEYS;
 
906
        }
 
907
 
 
908
        if (lp_server_schannel() != false) {
 
909
                srv_flgs |= NETLOGON_NEG_SCHANNEL;
 
910
        }
 
911
 
 
912
        switch (p->opnum) {
 
913
                case NDR_NETR_SERVERAUTHENTICATE:
 
914
                        fn = "_netr_ServerAuthenticate";
 
915
                        break;
 
916
                case NDR_NETR_SERVERAUTHENTICATE2:
 
917
                        fn = "_netr_ServerAuthenticate2";
 
918
                        break;
 
919
                case NDR_NETR_SERVERAUTHENTICATE3:
 
920
                        fn = "_netr_ServerAuthenticate3";
 
921
                        break;
 
922
                default:
 
923
                        return NT_STATUS_INTERNAL_ERROR;
 
924
        }
 
925
 
 
926
        /* We use this as the key to store the creds: */
 
927
        /* r->in.computer_name */
 
928
 
 
929
        if (!pipe_state) {
 
930
                DEBUG(0,("%s: no challenge sent to client %s\n", fn,
 
931
                        r->in.computer_name));
 
932
                status = NT_STATUS_ACCESS_DENIED;
 
933
                goto out;
 
934
        }
 
935
 
 
936
        if ( (lp_server_schannel() == true) &&
 
937
             ((in_neg_flags & NETLOGON_NEG_SCHANNEL) == 0) ) {
 
938
 
 
939
                /* schannel must be used, but client did not offer it. */
 
940
                DEBUG(0,("%s: schannel required but client failed "
 
941
                        "to offer it. Client was %s\n",
 
942
                        fn, r->in.account_name));
 
943
                status = NT_STATUS_ACCESS_DENIED;
 
944
                goto out;
 
945
        }
 
946
 
 
947
        status = get_md4pw(&mach_pwd,
 
948
                           r->in.account_name,
 
949
                           r->in.secure_channel_type,
 
950
                           &sid, p->msg_ctx);
 
951
        if (!NT_STATUS_IS_OK(status)) {
 
952
                DEBUG(0,("%s: failed to get machine password for "
 
953
                        "account %s: %s\n",
 
954
                        fn, r->in.account_name, nt_errstr(status) ));
 
955
                /* always return NT_STATUS_ACCESS_DENIED */
 
956
                status = NT_STATUS_ACCESS_DENIED;
 
957
                goto out;
 
958
        }
 
959
 
 
960
        /* From the client / server challenges and md4 password, generate sess key */
 
961
        /* Check client credentials are valid. */
 
962
        creds = netlogon_creds_server_init(p->mem_ctx,
 
963
                                           r->in.account_name,
 
964
                                           r->in.computer_name,
 
965
                                           r->in.secure_channel_type,
 
966
                                           &pipe_state->client_challenge,
 
967
                                           &pipe_state->server_challenge,
 
968
                                           &mach_pwd,
 
969
                                           r->in.credentials,
 
970
                                           r->out.return_credentials,
 
971
                                           *r->in.negotiate_flags);
 
972
        if (!creds) {
 
973
                DEBUG(0,("%s: netlogon_creds_server_check failed. Rejecting auth "
 
974
                        "request from client %s machine account %s\n",
 
975
                        fn, r->in.computer_name,
 
976
                        r->in.account_name));
 
977
                status = NT_STATUS_ACCESS_DENIED;
 
978
                goto out;
 
979
        }
 
980
 
 
981
        creds->sid = dom_sid_dup(creds, &sid);
 
982
        if (!creds->sid) {
 
983
                status = NT_STATUS_NO_MEMORY;
 
984
                goto out;
 
985
        }
 
986
 
 
987
        /* Store off the state so we can continue after client disconnect. */
 
988
        become_root();
 
989
        status = schannel_save_creds_state(p->mem_ctx, lp_private_dir(), creds);
 
990
        unbecome_root();
 
991
 
 
992
        if (!NT_STATUS_IS_OK(status)) {
 
993
                goto out;
 
994
        }
 
995
 
 
996
        sid_peek_rid(&sid, r->out.rid);
 
997
 
 
998
        status = NT_STATUS_OK;
 
999
 
 
1000
  out:
 
1001
 
 
1002
        *r->out.negotiate_flags = srv_flgs;
 
1003
        return status;
 
1004
}
 
1005
 
 
1006
/*************************************************************************
 
1007
 _netr_ServerAuthenticate2
 
1008
 *************************************************************************/
 
1009
 
 
1010
NTSTATUS _netr_ServerAuthenticate2(struct pipes_struct *p,
 
1011
                                   struct netr_ServerAuthenticate2 *r)
 
1012
{
 
1013
        struct netr_ServerAuthenticate3 a;
 
1014
        uint32_t rid;
 
1015
 
 
1016
        a.in.server_name                = r->in.server_name;
 
1017
        a.in.account_name               = r->in.account_name;
 
1018
        a.in.secure_channel_type        = r->in.secure_channel_type;
 
1019
        a.in.computer_name              = r->in.computer_name;
 
1020
        a.in.credentials                = r->in.credentials;
 
1021
        a.in.negotiate_flags            = r->in.negotiate_flags;
 
1022
 
 
1023
        a.out.return_credentials        = r->out.return_credentials;
 
1024
        a.out.rid                       = &rid;
 
1025
        a.out.negotiate_flags           = r->out.negotiate_flags;
 
1026
 
 
1027
        return _netr_ServerAuthenticate3(p, &a);
 
1028
}
 
1029
 
 
1030
/*************************************************************************
 
1031
 * If schannel is required for this call test that it actually is available.
 
1032
 *************************************************************************/
 
1033
static NTSTATUS schannel_check_required(struct pipe_auth_data *auth_info,
 
1034
                                        const char *computer_name,
 
1035
                                        bool integrity, bool privacy)
 
1036
{
 
1037
        if (auth_info && auth_info->auth_type == DCERPC_AUTH_TYPE_SCHANNEL) {
 
1038
                if (!privacy && !integrity) {
 
1039
                        return NT_STATUS_OK;
 
1040
                }
 
1041
 
 
1042
                if ((!privacy && integrity) &&
 
1043
                    auth_info->auth_level == DCERPC_AUTH_LEVEL_INTEGRITY) {
 
1044
                        return NT_STATUS_OK;
 
1045
                }
 
1046
 
 
1047
                if ((privacy || integrity) &&
 
1048
                    auth_info->auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
 
1049
                        return NT_STATUS_OK;
 
1050
                }
 
1051
        }
 
1052
 
 
1053
        /* test didn't pass */
 
1054
        DEBUG(0, ("schannel_check_required: [%s] is not using schannel\n",
 
1055
                  computer_name));
 
1056
 
 
1057
        return NT_STATUS_ACCESS_DENIED;
 
1058
}
 
1059
 
 
1060
/*************************************************************************
 
1061
 *************************************************************************/
 
1062
 
 
1063
static NTSTATUS netr_creds_server_step_check(struct pipes_struct *p,
 
1064
                                             TALLOC_CTX *mem_ctx,
 
1065
                                             const char *computer_name,
 
1066
                                             struct netr_Authenticator *received_authenticator,
 
1067
                                             struct netr_Authenticator *return_authenticator,
 
1068
                                             struct netlogon_creds_CredentialState **creds_out)
 
1069
{
 
1070
        NTSTATUS status;
 
1071
        bool schannel_global_required = (lp_server_schannel() == true) ? true:false;
 
1072
 
 
1073
        if (schannel_global_required) {
 
1074
                status = schannel_check_required(&p->auth,
 
1075
                                                 computer_name,
 
1076
                                                 false, false);
 
1077
                if (!NT_STATUS_IS_OK(status)) {
 
1078
                        return status;
 
1079
                }
 
1080
        }
 
1081
 
 
1082
        status = schannel_check_creds_state(mem_ctx, lp_private_dir(),
 
1083
                                            computer_name, received_authenticator,
 
1084
                                            return_authenticator, creds_out);
 
1085
 
 
1086
        return status;
 
1087
}
 
1088
 
 
1089
/*************************************************************************
 
1090
 *************************************************************************/
 
1091
 
 
1092
static NTSTATUS netr_set_machine_account_password(TALLOC_CTX *mem_ctx,
 
1093
                                                  struct auth_serversupplied_info *session_info,
 
1094
                                                  struct messaging_context *msg_ctx,
 
1095
                                                  const char *account_name,
 
1096
                                                  struct samr_Password *nt_hash)
 
1097
{
 
1098
        NTSTATUS status;
 
1099
        NTSTATUS result = NT_STATUS_OK;
 
1100
        struct dcerpc_binding_handle *h = NULL;
 
1101
        static struct client_address client_id;
 
1102
        struct policy_handle user_handle;
 
1103
        uint32_t acct_ctrl;
 
1104
        union samr_UserInfo *info;
 
1105
        struct samr_UserInfo18 info18;
 
1106
        DATA_BLOB in,out;
 
1107
 
 
1108
        ZERO_STRUCT(user_handle);
 
1109
 
 
1110
        strlcpy(client_id.addr, "127.0.0.1", sizeof(client_id.addr));
 
1111
        client_id.name = "127.0.0.1";
 
1112
 
 
1113
        status = rpcint_binding_handle(mem_ctx,
 
1114
                                       &ndr_table_samr,
 
1115
                                       &client_id,
 
1116
                                       session_info,
 
1117
                                       msg_ctx,
 
1118
                                       &h);
 
1119
        if (!NT_STATUS_IS_OK(status)) {
 
1120
                goto out;
 
1121
        }
 
1122
 
 
1123
        status = samr_find_machine_account(mem_ctx,
 
1124
                                           h,
 
1125
                                           account_name,
 
1126
                                           SEC_FLAG_MAXIMUM_ALLOWED,
 
1127
                                           NULL,
 
1128
                                           NULL,
 
1129
                                           &user_handle);
 
1130
        if (!NT_STATUS_IS_OK(status)) {
 
1131
                goto out;
 
1132
        }
 
1133
 
 
1134
        status = dcerpc_samr_QueryUserInfo2(h,
 
1135
                                            mem_ctx,
 
1136
                                            &user_handle,
 
1137
                                            UserControlInformation,
 
1138
                                            &info,
 
1139
                                            &result);
 
1140
        if (!NT_STATUS_IS_OK(status)) {
 
1141
                goto out;
 
1142
        }
 
1143
        if (!NT_STATUS_IS_OK(result)) {
 
1144
                status = result;
 
1145
                goto out;
 
1146
        }
 
1147
 
 
1148
        acct_ctrl = info->info16.acct_flags;
 
1149
 
 
1150
        if (!(acct_ctrl & ACB_WSTRUST ||
 
1151
              acct_ctrl & ACB_SVRTRUST ||
 
1152
              acct_ctrl & ACB_DOMTRUST)) {
 
1153
                status = NT_STATUS_NO_SUCH_USER;
 
1154
                goto out;
 
1155
        }
 
1156
 
 
1157
        if (acct_ctrl & ACB_DISABLED) {
 
1158
                status = NT_STATUS_ACCOUNT_DISABLED;
 
1159
                goto out;
 
1160
        }
 
1161
 
 
1162
        ZERO_STRUCT(info18);
 
1163
 
 
1164
        in = data_blob_const(nt_hash->hash, 16);
 
1165
        out = data_blob_talloc_zero(mem_ctx, 16);
 
1166
        sess_crypt_blob(&out, &in, &session_info->user_session_key, true);
 
1167
        memcpy(info18.nt_pwd.hash, out.data, out.length);
 
1168
 
 
1169
        info18.nt_pwd_active = true;
 
1170
 
 
1171
        info->info18 = info18;
 
1172
 
 
1173
        status = dcerpc_samr_SetUserInfo2(h,
 
1174
                                          mem_ctx,
 
1175
                                          &user_handle,
 
1176
                                          UserInternal1Information,
 
1177
                                          info,
 
1178
                                          &result);
 
1179
        if (!NT_STATUS_IS_OK(status)) {
 
1180
                goto out;
 
1181
        }
 
1182
        if (!NT_STATUS_IS_OK(result)) {
 
1183
                status = result;
 
1184
                goto out;
 
1185
        }
 
1186
 
 
1187
 out:
 
1188
        if (h && is_valid_policy_hnd(&user_handle)) {
 
1189
                dcerpc_samr_Close(h, mem_ctx, &user_handle, &result);
 
1190
        }
 
1191
 
 
1192
        return status;
 
1193
}
 
1194
 
 
1195
/*************************************************************************
 
1196
 _netr_ServerPasswordSet
 
1197
 *************************************************************************/
 
1198
 
 
1199
NTSTATUS _netr_ServerPasswordSet(struct pipes_struct *p,
 
1200
                                 struct netr_ServerPasswordSet *r)
 
1201
{
 
1202
        NTSTATUS status = NT_STATUS_OK;
 
1203
        int i;
 
1204
        struct netlogon_creds_CredentialState *creds;
 
1205
 
 
1206
        DEBUG(5,("_netr_ServerPasswordSet: %d\n", __LINE__));
 
1207
 
 
1208
        become_root();
 
1209
        status = netr_creds_server_step_check(p, p->mem_ctx,
 
1210
                                              r->in.computer_name,
 
1211
                                              r->in.credential,
 
1212
                                              r->out.return_authenticator,
 
1213
                                              &creds);
 
1214
        unbecome_root();
 
1215
 
 
1216
        if (!NT_STATUS_IS_OK(status)) {
 
1217
                DEBUG(2,("_netr_ServerPasswordSet: netlogon_creds_server_step failed. Rejecting auth "
 
1218
                        "request from client %s machine account %s\n",
 
1219
                        r->in.computer_name, creds->computer_name));
 
1220
                TALLOC_FREE(creds);
 
1221
                return status;
 
1222
        }
 
1223
 
 
1224
        DEBUG(3,("_netr_ServerPasswordSet: Server Password Set by remote machine:[%s] on account [%s]\n",
 
1225
                        r->in.computer_name, creds->computer_name));
 
1226
 
 
1227
        netlogon_creds_des_decrypt(creds, r->in.new_password);
 
1228
 
 
1229
        DEBUG(100,("_netr_ServerPasswordSet: new given value was :\n"));
 
1230
        for(i = 0; i < sizeof(r->in.new_password->hash); i++)
 
1231
                DEBUG(100,("%02X ", r->in.new_password->hash[i]));
 
1232
        DEBUG(100,("\n"));
 
1233
 
 
1234
        status = netr_set_machine_account_password(p->mem_ctx,
 
1235
                                                   p->session_info,
 
1236
                                                   p->msg_ctx,
 
1237
                                                   creds->account_name,
 
1238
                                                   r->in.new_password);
 
1239
        return status;
 
1240
}
 
1241
 
 
1242
/****************************************************************
 
1243
 _netr_ServerPasswordSet2
 
1244
****************************************************************/
 
1245
 
 
1246
NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p,
 
1247
                                  struct netr_ServerPasswordSet2 *r)
 
1248
{
 
1249
        NTSTATUS status;
 
1250
        struct netlogon_creds_CredentialState *creds;
 
1251
        DATA_BLOB plaintext;
 
1252
        struct samr_CryptPassword password_buf;
 
1253
        struct samr_Password nt_hash;
 
1254
 
 
1255
        become_root();
 
1256
        status = netr_creds_server_step_check(p, p->mem_ctx,
 
1257
                                              r->in.computer_name,
 
1258
                                              r->in.credential,
 
1259
                                              r->out.return_authenticator,
 
1260
                                              &creds);
 
1261
        unbecome_root();
 
1262
 
 
1263
        if (!NT_STATUS_IS_OK(status)) {
 
1264
                DEBUG(2,("_netr_ServerPasswordSet2: netlogon_creds_server_step "
 
1265
                        "failed. Rejecting auth request from client %s machine account %s\n",
 
1266
                        r->in.computer_name, creds->computer_name));
 
1267
                TALLOC_FREE(creds);
 
1268
                return status;
 
1269
        }
 
1270
 
 
1271
        memcpy(password_buf.data, r->in.new_password->data, 512);
 
1272
        SIVAL(password_buf.data, 512, r->in.new_password->length);
 
1273
        netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
 
1274
 
 
1275
        if (!extract_pw_from_buffer(p->mem_ctx, password_buf.data, &plaintext)) {
 
1276
                return NT_STATUS_WRONG_PASSWORD;
 
1277
        }
 
1278
 
 
1279
        mdfour(nt_hash.hash, plaintext.data, plaintext.length);
 
1280
 
 
1281
        status = netr_set_machine_account_password(p->mem_ctx,
 
1282
                                                   p->session_info,
 
1283
                                                   p->msg_ctx,
 
1284
                                                   creds->account_name,
 
1285
                                                   &nt_hash);
 
1286
        return status;
 
1287
}
 
1288
 
 
1289
/*************************************************************************
 
1290
 _netr_LogonSamLogoff
 
1291
 *************************************************************************/
 
1292
 
 
1293
NTSTATUS _netr_LogonSamLogoff(struct pipes_struct *p,
 
1294
                              struct netr_LogonSamLogoff *r)
 
1295
{
 
1296
        NTSTATUS status;
 
1297
        struct netlogon_creds_CredentialState *creds;
 
1298
 
 
1299
        become_root();
 
1300
        status = netr_creds_server_step_check(p, p->mem_ctx,
 
1301
                                              r->in.computer_name,
 
1302
                                              r->in.credential,
 
1303
                                              r->out.return_authenticator,
 
1304
                                              &creds);
 
1305
        unbecome_root();
 
1306
 
 
1307
        return status;
 
1308
}
 
1309
 
 
1310
static NTSTATUS _netr_LogonSamLogon_check(const struct netr_LogonSamLogonEx *r)
 
1311
{
 
1312
        switch (r->in.logon_level) {
 
1313
        case NetlogonInteractiveInformation:
 
1314
        case NetlogonServiceInformation:
 
1315
        case NetlogonInteractiveTransitiveInformation:
 
1316
        case NetlogonServiceTransitiveInformation:
 
1317
                if (r->in.logon->password == NULL) {
 
1318
                        return NT_STATUS_INVALID_PARAMETER;
 
1319
                }
 
1320
 
 
1321
                switch (r->in.validation_level) {
 
1322
                case NetlogonValidationSamInfo:  /* 2 */
 
1323
                case NetlogonValidationSamInfo2: /* 3 */
 
1324
                        break;
 
1325
                case NetlogonValidationSamInfo4: /* 6 */
 
1326
                        if ((pdb_capabilities() & PDB_CAP_ADS) == 0) {
 
1327
                                DEBUG(10,("Not adding validation info level 6 "
 
1328
                                   "without ADS passdb backend\n"));
 
1329
                                return NT_STATUS_INVALID_INFO_CLASS;
 
1330
                        }
 
1331
                        break;
 
1332
                default:
 
1333
                        return NT_STATUS_INVALID_INFO_CLASS;
 
1334
                }
 
1335
 
 
1336
                break;
 
1337
        case NetlogonNetworkInformation:
 
1338
        case NetlogonNetworkTransitiveInformation:
 
1339
                if (r->in.logon->network == NULL) {
 
1340
                        return NT_STATUS_INVALID_PARAMETER;
 
1341
                }
 
1342
 
 
1343
                switch (r->in.validation_level) {
 
1344
                case NetlogonValidationSamInfo:  /* 2 */
 
1345
                case NetlogonValidationSamInfo2: /* 3 */
 
1346
                        break;
 
1347
                case NetlogonValidationSamInfo4: /* 6 */
 
1348
                        if ((pdb_capabilities() & PDB_CAP_ADS) == 0) {
 
1349
                                DEBUG(10,("Not adding validation info level 6 "
 
1350
                                   "without ADS passdb backend\n"));
 
1351
                                return NT_STATUS_INVALID_INFO_CLASS;
 
1352
                        }
 
1353
                        break;
 
1354
                default:
 
1355
                        return NT_STATUS_INVALID_INFO_CLASS;
 
1356
                }
 
1357
 
 
1358
                break;
 
1359
 
 
1360
        case NetlogonGenericInformation:
 
1361
                if (r->in.logon->generic == NULL) {
 
1362
                        return NT_STATUS_INVALID_PARAMETER;
 
1363
                }
 
1364
 
 
1365
                /* we don't support this here */
 
1366
                return NT_STATUS_INVALID_PARAMETER;
 
1367
#if 0
 
1368
                switch (r->in.validation_level) {
 
1369
                /* TODO: case NetlogonValidationGenericInfo: 4 */
 
1370
                case NetlogonValidationGenericInfo2: /* 5 */
 
1371
                        break;
 
1372
                default:
 
1373
                        return NT_STATUS_INVALID_INFO_CLASS;
 
1374
                }
 
1375
 
 
1376
                break;
 
1377
#endif
 
1378
        default:
 
1379
                return NT_STATUS_INVALID_PARAMETER;
 
1380
        }
 
1381
 
 
1382
        return NT_STATUS_OK;
 
1383
}
 
1384
 
 
1385
/*************************************************************************
 
1386
 _netr_LogonSamLogon_base
 
1387
 *************************************************************************/
 
1388
 
 
1389
static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
 
1390
                                         struct netr_LogonSamLogonEx *r,
 
1391
                                         struct netlogon_creds_CredentialState *creds)
 
1392
{
 
1393
        NTSTATUS status = NT_STATUS_OK;
 
1394
        union netr_LogonLevel *logon = r->in.logon;
 
1395
        const char *nt_username, *nt_domain, *nt_workstation;
 
1396
        struct auth_usersupplied_info *user_info = NULL;
 
1397
        struct auth_serversupplied_info *server_info = NULL;
 
1398
        struct auth_context *auth_context = NULL;
 
1399
        uint8_t pipe_session_key[16];
 
1400
        bool process_creds = true;
 
1401
        const char *fn;
 
1402
 
 
1403
        switch (p->opnum) {
 
1404
                case NDR_NETR_LOGONSAMLOGON:
 
1405
                        process_creds = true;
 
1406
                        fn = "_netr_LogonSamLogon";
 
1407
                        break;
 
1408
                case NDR_NETR_LOGONSAMLOGONWITHFLAGS:
 
1409
                        process_creds = true;
 
1410
                        fn = "_netr_LogonSamLogonWithFlags";
 
1411
                        break;
 
1412
                case NDR_NETR_LOGONSAMLOGONEX:
 
1413
                        process_creds = false;
 
1414
                        fn = "_netr_LogonSamLogonEx";
 
1415
                        break;
 
1416
                default:
 
1417
                        return NT_STATUS_INTERNAL_ERROR;
 
1418
        }
 
1419
 
 
1420
        *r->out.authoritative = true; /* authoritative response */
 
1421
 
 
1422
        switch (r->in.validation_level) {
 
1423
        case 2:
 
1424
                r->out.validation->sam2 = TALLOC_ZERO_P(p->mem_ctx, struct netr_SamInfo2);
 
1425
                if (!r->out.validation->sam2) {
 
1426
                        return NT_STATUS_NO_MEMORY;
 
1427
                }
 
1428
                break;
 
1429
        case 3:
 
1430
                r->out.validation->sam3 = TALLOC_ZERO_P(p->mem_ctx, struct netr_SamInfo3);
 
1431
                if (!r->out.validation->sam3) {
 
1432
                        return NT_STATUS_NO_MEMORY;
 
1433
                }
 
1434
                break;
 
1435
        case 6:
 
1436
                r->out.validation->sam6 = TALLOC_ZERO_P(p->mem_ctx, struct netr_SamInfo6);
 
1437
                if (!r->out.validation->sam6) {
 
1438
                        return NT_STATUS_NO_MEMORY;
 
1439
                }
 
1440
                break;
 
1441
        default:
 
1442
                DEBUG(0,("%s: bad validation_level value %d.\n",
 
1443
                        fn, (int)r->in.validation_level));
 
1444
                return NT_STATUS_INVALID_INFO_CLASS;
 
1445
        }
 
1446
 
 
1447
        switch (r->in.logon_level) {
 
1448
        case NetlogonInteractiveInformation:
 
1449
        case NetlogonServiceInformation:
 
1450
        case NetlogonInteractiveTransitiveInformation:
 
1451
        case NetlogonServiceTransitiveInformation:
 
1452
                nt_username     = logon->password->identity_info.account_name.string ?
 
1453
                                  logon->password->identity_info.account_name.string : "";
 
1454
                nt_domain       = logon->password->identity_info.domain_name.string ?
 
1455
                                  logon->password->identity_info.domain_name.string : "";
 
1456
                nt_workstation  = logon->password->identity_info.workstation.string ?
 
1457
                                  logon->password->identity_info.workstation.string : "";
 
1458
 
 
1459
                DEBUG(3,("SAM Logon (Interactive). Domain:[%s].  ", lp_workgroup()));
 
1460
                break;
 
1461
        case NetlogonNetworkInformation:
 
1462
        case NetlogonNetworkTransitiveInformation:
 
1463
                nt_username     = logon->network->identity_info.account_name.string ?
 
1464
                                  logon->network->identity_info.account_name.string : "";
 
1465
                nt_domain       = logon->network->identity_info.domain_name.string ?
 
1466
                                  logon->network->identity_info.domain_name.string : "";
 
1467
                nt_workstation  = logon->network->identity_info.workstation.string ?
 
1468
                                  logon->network->identity_info.workstation.string : "";
 
1469
 
 
1470
                DEBUG(3,("SAM Logon (Network). Domain:[%s].  ", lp_workgroup()));
 
1471
                break;
 
1472
        default:
 
1473
                DEBUG(2,("SAM Logon: unsupported switch value\n"));
 
1474
                return NT_STATUS_INVALID_INFO_CLASS;
 
1475
        } /* end switch */
 
1476
 
 
1477
        DEBUG(3,("User:[%s@%s] Requested Domain:[%s]\n", nt_username, nt_workstation, nt_domain));
 
1478
        fstrcpy(current_user_info.smb_name, nt_username);
 
1479
        sub_set_smb_name(nt_username);
 
1480
 
 
1481
        DEBUG(5,("Attempting validation level %d for unmapped username %s.\n",
 
1482
                r->in.validation_level, nt_username));
 
1483
 
 
1484
        status = NT_STATUS_OK;
 
1485
 
 
1486
        switch (r->in.logon_level) {
 
1487
        case NetlogonNetworkInformation:
 
1488
        case NetlogonNetworkTransitiveInformation:
 
1489
        {
 
1490
                const char *wksname = nt_workstation;
 
1491
 
 
1492
                status = make_auth_context_fixed(talloc_tos(), &auth_context,
 
1493
                                                 logon->network->challenge);
 
1494
                if (!NT_STATUS_IS_OK(status)) {
 
1495
                        return status;
 
1496
                }
 
1497
 
 
1498
                /* For a network logon, the workstation name comes in with two
 
1499
                 * backslashes in the front. Strip them if they are there. */
 
1500
 
 
1501
                if (*wksname == '\\') wksname++;
 
1502
                if (*wksname == '\\') wksname++;
 
1503
 
 
1504
                /* Standard challenge/response authentication */
 
1505
                if (!make_user_info_netlogon_network(&user_info,
 
1506
                                                     nt_username, nt_domain,
 
1507
                                                     wksname,
 
1508
                                                     logon->network->identity_info.parameter_control,
 
1509
                                                     logon->network->lm.data,
 
1510
                                                     logon->network->lm.length,
 
1511
                                                     logon->network->nt.data,
 
1512
                                                     logon->network->nt.length)) {
 
1513
                        status = NT_STATUS_NO_MEMORY;
 
1514
                }
 
1515
                break;
 
1516
        }
 
1517
        case NetlogonInteractiveInformation:
 
1518
        case NetlogonServiceInformation:
 
1519
        case NetlogonInteractiveTransitiveInformation:
 
1520
        case NetlogonServiceTransitiveInformation:
 
1521
 
 
1522
                /* 'Interactive' authentication, supplies the password in its
 
1523
                   MD4 form, encrypted with the session key.  We will convert
 
1524
                   this to challenge/response for the auth subsystem to chew
 
1525
                   on */
 
1526
        {
 
1527
                uint8_t chal[8];
 
1528
 
 
1529
                status = make_auth_context_subsystem(talloc_tos(),
 
1530
                                                     &auth_context);
 
1531
                if (!NT_STATUS_IS_OK(status)) {
 
1532
                        return status;
 
1533
                }
 
1534
 
 
1535
                auth_context->get_ntlm_challenge(auth_context, chal);
 
1536
 
 
1537
                if (!make_user_info_netlogon_interactive(&user_info,
 
1538
                                                         nt_username, nt_domain,
 
1539
                                                         nt_workstation,
 
1540
                                                         logon->password->identity_info.parameter_control,
 
1541
                                                         chal,
 
1542
                                                         logon->password->lmpassword.hash,
 
1543
                                                         logon->password->ntpassword.hash,
 
1544
                                                         creds->session_key)) {
 
1545
                        status = NT_STATUS_NO_MEMORY;
 
1546
                }
 
1547
                break;
 
1548
        }
 
1549
        default:
 
1550
                DEBUG(2,("SAM Logon: unsupported switch value\n"));
 
1551
                return NT_STATUS_INVALID_INFO_CLASS;
 
1552
        } /* end switch */
 
1553
 
 
1554
        if ( NT_STATUS_IS_OK(status) ) {
 
1555
                status = auth_context->check_ntlm_password(auth_context,
 
1556
                        user_info, &server_info);
 
1557
        }
 
1558
 
 
1559
        TALLOC_FREE(auth_context);
 
1560
        free_user_info(&user_info);
 
1561
 
 
1562
        DEBUG(5,("%s: check_password returned status %s\n",
 
1563
                  fn, nt_errstr(status)));
 
1564
 
 
1565
        /* Check account and password */
 
1566
 
 
1567
        if (!NT_STATUS_IS_OK(status)) {
 
1568
                /* If we don't know what this domain is, we need to
 
1569
                   indicate that we are not authoritative.  This
 
1570
                   allows the client to decide if it needs to try
 
1571
                   a local user.  Fix by jpjanosi@us.ibm.com, #2976 */
 
1572
                if ( NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)
 
1573
                     && !strequal(nt_domain, get_global_sam_name())
 
1574
                     && !is_trusted_domain(nt_domain) )
 
1575
                        *r->out.authoritative = false; /* We are not authoritative */
 
1576
 
 
1577
                TALLOC_FREE(server_info);
 
1578
                return status;
 
1579
        }
 
1580
 
 
1581
        if (server_info->guest) {
 
1582
                /* We don't like guest domain logons... */
 
1583
                DEBUG(5,("%s: Attempted domain logon as GUEST "
 
1584
                         "denied.\n", fn));
 
1585
                TALLOC_FREE(server_info);
 
1586
                return NT_STATUS_LOGON_FAILURE;
 
1587
        }
 
1588
 
 
1589
        /* This is the point at which, if the login was successful, that
 
1590
           the SAM Local Security Authority should record that the user is
 
1591
           logged in to the domain.  */
 
1592
 
 
1593
        if (process_creds) {
 
1594
                /* Get the pipe session key from the creds. */
 
1595
                memcpy(pipe_session_key, creds->session_key, 16);
 
1596
        } else {
 
1597
                struct schannel_state *schannel_auth;
 
1598
                /* Get the pipe session key from the schannel. */
 
1599
                if ((p->auth.auth_type != DCERPC_AUTH_TYPE_SCHANNEL)
 
1600
                    || (p->auth.auth_ctx == NULL)) {
 
1601
                        return NT_STATUS_INVALID_HANDLE;
 
1602
                }
 
1603
 
 
1604
                schannel_auth = talloc_get_type_abort(p->auth.auth_ctx,
 
1605
                                                      struct schannel_state);
 
1606
                memcpy(pipe_session_key, schannel_auth->creds->session_key, 16);
 
1607
        }
 
1608
 
 
1609
        switch (r->in.validation_level) {
 
1610
        case 2:
 
1611
                status = serverinfo_to_SamInfo2(server_info, pipe_session_key, 16,
 
1612
                                                r->out.validation->sam2);
 
1613
                break;
 
1614
        case 3:
 
1615
                status = serverinfo_to_SamInfo3(server_info, pipe_session_key, 16,
 
1616
                                                r->out.validation->sam3);
 
1617
                break;
 
1618
        case 6:
 
1619
                status = serverinfo_to_SamInfo6(server_info, pipe_session_key, 16,
 
1620
                                                r->out.validation->sam6);
 
1621
                break;
 
1622
        }
 
1623
 
 
1624
        TALLOC_FREE(server_info);
 
1625
 
 
1626
        return status;
 
1627
}
 
1628
 
 
1629
/****************************************************************
 
1630
 _netr_LogonSamLogonWithFlags
 
1631
****************************************************************/
 
1632
 
 
1633
NTSTATUS _netr_LogonSamLogonWithFlags(struct pipes_struct *p,
 
1634
                                      struct netr_LogonSamLogonWithFlags *r)
 
1635
{
 
1636
        NTSTATUS status;
 
1637
        struct netlogon_creds_CredentialState *creds;
 
1638
        struct netr_LogonSamLogonEx r2;
 
1639
        struct netr_Authenticator return_authenticator;
 
1640
 
 
1641
        *r->out.authoritative = true;
 
1642
 
 
1643
        r2.in.server_name       = r->in.server_name;
 
1644
        r2.in.computer_name     = r->in.computer_name;
 
1645
        r2.in.logon_level       = r->in.logon_level;
 
1646
        r2.in.logon             = r->in.logon;
 
1647
        r2.in.validation_level  = r->in.validation_level;
 
1648
        r2.in.flags             = r->in.flags;
 
1649
        r2.out.validation       = r->out.validation;
 
1650
        r2.out.authoritative    = r->out.authoritative;
 
1651
        r2.out.flags            = r->out.flags;
 
1652
 
 
1653
        status = _netr_LogonSamLogon_check(&r2);
 
1654
        if (!NT_STATUS_IS_OK(status)) {
 
1655
                return status;
 
1656
        }
 
1657
 
 
1658
        become_root();
 
1659
        status = netr_creds_server_step_check(p, p->mem_ctx,
 
1660
                                              r->in.computer_name,
 
1661
                                              r->in.credential,
 
1662
                                              &return_authenticator,
 
1663
                                              &creds);
 
1664
        unbecome_root();
 
1665
        if (!NT_STATUS_IS_OK(status)) {
 
1666
                return status;
 
1667
        }
 
1668
 
 
1669
        status = _netr_LogonSamLogon_base(p, &r2, creds);
 
1670
 
 
1671
        *r->out.return_authenticator = return_authenticator;
 
1672
 
 
1673
        return status;
 
1674
}
 
1675
 
 
1676
/*************************************************************************
 
1677
 _netr_LogonSamLogon
 
1678
 *************************************************************************/
 
1679
 
 
1680
NTSTATUS _netr_LogonSamLogon(struct pipes_struct *p,
 
1681
                             struct netr_LogonSamLogon *r)
 
1682
{
 
1683
        NTSTATUS status;
 
1684
        struct netr_LogonSamLogonWithFlags r2;
 
1685
        uint32_t flags = 0;
 
1686
 
 
1687
        r2.in.server_name               = r->in.server_name;
 
1688
        r2.in.computer_name             = r->in.computer_name;
 
1689
        r2.in.credential                = r->in.credential;
 
1690
        r2.in.logon_level               = r->in.logon_level;
 
1691
        r2.in.logon                     = r->in.logon;
 
1692
        r2.in.validation_level          = r->in.validation_level;
 
1693
        r2.in.return_authenticator      = r->in.return_authenticator;
 
1694
        r2.in.flags                     = &flags;
 
1695
        r2.out.validation               = r->out.validation;
 
1696
        r2.out.authoritative            = r->out.authoritative;
 
1697
        r2.out.flags                    = &flags;
 
1698
        r2.out.return_authenticator     = r->out.return_authenticator;
 
1699
 
 
1700
        status = _netr_LogonSamLogonWithFlags(p, &r2);
 
1701
 
 
1702
        return status;
 
1703
}
 
1704
 
 
1705
/*************************************************************************
 
1706
 _netr_LogonSamLogonEx
 
1707
 - no credential chaining. Map into net sam logon.
 
1708
 *************************************************************************/
 
1709
 
 
1710
NTSTATUS _netr_LogonSamLogonEx(struct pipes_struct *p,
 
1711
                               struct netr_LogonSamLogonEx *r)
 
1712
{
 
1713
        NTSTATUS status;
 
1714
        struct netlogon_creds_CredentialState *creds = NULL;
 
1715
 
 
1716
        *r->out.authoritative = true;
 
1717
 
 
1718
        status = _netr_LogonSamLogon_check(r);
 
1719
        if (!NT_STATUS_IS_OK(status)) {
 
1720
                return status;
 
1721
        }
 
1722
 
 
1723
        /* Only allow this if the pipe is protected. */
 
1724
        if (p->auth.auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
 
1725
                DEBUG(0,("_netr_LogonSamLogonEx: client %s not using schannel for netlogon\n",
 
1726
                        get_remote_machine_name() ));
 
1727
                return NT_STATUS_INVALID_PARAMETER;
 
1728
        }
 
1729
 
 
1730
        become_root();
 
1731
        status = schannel_get_creds_state(p->mem_ctx, lp_private_dir(),
 
1732
                                          r->in.computer_name, &creds);
 
1733
        unbecome_root();
 
1734
        if (!NT_STATUS_IS_OK(status)) {
 
1735
                return status;
 
1736
        }
 
1737
 
 
1738
        status = _netr_LogonSamLogon_base(p, r, creds);
 
1739
        TALLOC_FREE(creds);
 
1740
 
 
1741
        return status;
 
1742
}
 
1743
 
 
1744
/*************************************************************************
 
1745
 _ds_enum_dom_trusts
 
1746
 *************************************************************************/
 
1747
#if 0   /* JERRY -- not correct */
 
1748
 NTSTATUS _ds_enum_dom_trusts(struct pipes_struct *p, DS_Q_ENUM_DOM_TRUSTS *q_u,
 
1749
                             DS_R_ENUM_DOM_TRUSTS *r_u)
 
1750
{
 
1751
        NTSTATUS status = NT_STATUS_OK;
 
1752
 
 
1753
        /* TODO: According to MSDN, the can only be executed against a
 
1754
           DC or domain member running Windows 2000 or later.  Need
 
1755
           to test against a standalone 2k server and see what it
 
1756
           does.  A windows 2000 DC includes its own domain in the
 
1757
           list.  --jerry */
 
1758
 
 
1759
        return status;
 
1760
}
 
1761
#endif  /* JERRY */
 
1762
 
 
1763
 
 
1764
/****************************************************************
 
1765
****************************************************************/
 
1766
 
 
1767
WERROR _netr_LogonUasLogon(struct pipes_struct *p,
 
1768
                           struct netr_LogonUasLogon *r)
 
1769
{
 
1770
        p->rng_fault_state = true;
 
1771
        return WERR_NOT_SUPPORTED;
 
1772
}
 
1773
 
 
1774
/****************************************************************
 
1775
****************************************************************/
 
1776
 
 
1777
WERROR _netr_LogonUasLogoff(struct pipes_struct *p,
 
1778
                            struct netr_LogonUasLogoff *r)
 
1779
{
 
1780
        p->rng_fault_state = true;
 
1781
        return WERR_NOT_SUPPORTED;
 
1782
}
 
1783
 
 
1784
/****************************************************************
 
1785
****************************************************************/
 
1786
 
 
1787
NTSTATUS _netr_DatabaseDeltas(struct pipes_struct *p,
 
1788
                              struct netr_DatabaseDeltas *r)
 
1789
{
 
1790
        p->rng_fault_state = true;
 
1791
        return NT_STATUS_NOT_IMPLEMENTED;
 
1792
}
 
1793
 
 
1794
/****************************************************************
 
1795
****************************************************************/
 
1796
 
 
1797
NTSTATUS _netr_DatabaseSync(struct pipes_struct *p,
 
1798
                            struct netr_DatabaseSync *r)
 
1799
{
 
1800
        p->rng_fault_state = true;
 
1801
        return NT_STATUS_NOT_IMPLEMENTED;
 
1802
}
 
1803
 
 
1804
/****************************************************************
 
1805
****************************************************************/
 
1806
 
 
1807
NTSTATUS _netr_AccountDeltas(struct pipes_struct *p,
 
1808
                             struct netr_AccountDeltas *r)
 
1809
{
 
1810
        p->rng_fault_state = true;
 
1811
        return NT_STATUS_NOT_IMPLEMENTED;
 
1812
}
 
1813
 
 
1814
/****************************************************************
 
1815
****************************************************************/
 
1816
 
 
1817
NTSTATUS _netr_AccountSync(struct pipes_struct *p,
 
1818
                           struct netr_AccountSync *r)
 
1819
{
 
1820
        p->rng_fault_state = true;
 
1821
        return NT_STATUS_NOT_IMPLEMENTED;
 
1822
}
 
1823
 
 
1824
/****************************************************************
 
1825
****************************************************************/
 
1826
 
 
1827
static bool wb_getdcname(TALLOC_CTX *mem_ctx,
 
1828
                         const char *domain,
 
1829
                         const char **dcname,
 
1830
                         uint32_t flags,
 
1831
                         WERROR *werr)
 
1832
{
 
1833
        wbcErr result;
 
1834
        struct wbcDomainControllerInfo *dc_info = NULL;
 
1835
 
 
1836
        result = wbcLookupDomainController(domain,
 
1837
                                           flags,
 
1838
                                           &dc_info);
 
1839
        switch (result) {
 
1840
        case WBC_ERR_SUCCESS:
 
1841
                break;
 
1842
        case WBC_ERR_WINBIND_NOT_AVAILABLE:
 
1843
                return false;
 
1844
        case WBC_ERR_DOMAIN_NOT_FOUND:
 
1845
                *werr = WERR_NO_SUCH_DOMAIN;
 
1846
                return true;
 
1847
        default:
 
1848
                *werr = WERR_DOMAIN_CONTROLLER_NOT_FOUND;
 
1849
                return true;
 
1850
        }
 
1851
 
 
1852
        *dcname = talloc_strdup(mem_ctx, dc_info->dc_name);
 
1853
        wbcFreeMemory(dc_info);
 
1854
        if (!*dcname) {
 
1855
                *werr = WERR_NOMEM;
 
1856
                return false;
 
1857
        }
 
1858
 
 
1859
        *werr = WERR_OK;
 
1860
 
 
1861
        return true;
 
1862
}
 
1863
 
 
1864
/****************************************************************
 
1865
 _netr_GetDcName
 
1866
****************************************************************/
 
1867
 
 
1868
WERROR _netr_GetDcName(struct pipes_struct *p,
 
1869
                       struct netr_GetDcName *r)
 
1870
{
 
1871
        NTSTATUS status;
 
1872
        WERROR werr;
 
1873
        uint32_t flags;
 
1874
        struct netr_DsRGetDCNameInfo *info;
 
1875
        bool ret;
 
1876
 
 
1877
        ret = wb_getdcname(p->mem_ctx,
 
1878
                           r->in.domainname,
 
1879
                           r->out.dcname,
 
1880
                           WBC_LOOKUP_DC_IS_FLAT_NAME |
 
1881
                           WBC_LOOKUP_DC_RETURN_FLAT_NAME |
 
1882
                           WBC_LOOKUP_DC_PDC_REQUIRED,
 
1883
                           &werr);
 
1884
        if (ret == true) {
 
1885
                return werr;
 
1886
        }
 
1887
 
 
1888
        flags = DS_PDC_REQUIRED | DS_IS_FLAT_NAME | DS_RETURN_FLAT_NAME;
 
1889
 
 
1890
        status = dsgetdcname(p->mem_ctx,
 
1891
                             p->msg_ctx,
 
1892
                             r->in.domainname,
 
1893
                             NULL,
 
1894
                             NULL,
 
1895
                             flags,
 
1896
                             &info);
 
1897
        if (!NT_STATUS_IS_OK(status)) {
 
1898
                return ntstatus_to_werror(status);
 
1899
        }
 
1900
 
 
1901
        *r->out.dcname = talloc_strdup(p->mem_ctx, info->dc_unc);
 
1902
        talloc_free(info);
 
1903
        if (!*r->out.dcname) {
 
1904
                return WERR_NOMEM;
 
1905
        }
 
1906
 
 
1907
        return WERR_OK;
 
1908
}
 
1909
 
 
1910
/****************************************************************
 
1911
 _netr_GetAnyDCName
 
1912
****************************************************************/
 
1913
 
 
1914
WERROR _netr_GetAnyDCName(struct pipes_struct *p,
 
1915
                          struct netr_GetAnyDCName *r)
 
1916
{
 
1917
        NTSTATUS status;
 
1918
        WERROR werr;
 
1919
        uint32_t flags;
 
1920
        struct netr_DsRGetDCNameInfo *info;
 
1921
        bool ret;
 
1922
 
 
1923
        ret = wb_getdcname(p->mem_ctx,
 
1924
                           r->in.domainname,
 
1925
                           r->out.dcname,
 
1926
                           WBC_LOOKUP_DC_IS_FLAT_NAME |
 
1927
                           WBC_LOOKUP_DC_RETURN_FLAT_NAME,
 
1928
                           &werr);
 
1929
        if (ret == true) {
 
1930
                return werr;
 
1931
        }
 
1932
 
 
1933
        flags = DS_IS_FLAT_NAME | DS_RETURN_FLAT_NAME;
 
1934
 
 
1935
        status = dsgetdcname(p->mem_ctx,
 
1936
                             p->msg_ctx,
 
1937
                             r->in.domainname,
 
1938
                             NULL,
 
1939
                             NULL,
 
1940
                             flags,
 
1941
                             &info);
 
1942
        if (!NT_STATUS_IS_OK(status)) {
 
1943
                return ntstatus_to_werror(status);
 
1944
        }
 
1945
 
 
1946
        *r->out.dcname = talloc_strdup(p->mem_ctx, info->dc_unc);
 
1947
        talloc_free(info);
 
1948
        if (!*r->out.dcname) {
 
1949
                return WERR_NOMEM;
 
1950
        }
 
1951
 
 
1952
        return WERR_OK;
 
1953
}
 
1954
 
 
1955
/****************************************************************
 
1956
****************************************************************/
 
1957
 
 
1958
NTSTATUS _netr_DatabaseSync2(struct pipes_struct *p,
 
1959
                             struct netr_DatabaseSync2 *r)
 
1960
{
 
1961
        p->rng_fault_state = true;
 
1962
        return NT_STATUS_NOT_IMPLEMENTED;
 
1963
}
 
1964
 
 
1965
/****************************************************************
 
1966
****************************************************************/
 
1967
 
 
1968
NTSTATUS _netr_DatabaseRedo(struct pipes_struct *p,
 
1969
                            struct netr_DatabaseRedo *r)
 
1970
{
 
1971
        p->rng_fault_state = true;
 
1972
        return NT_STATUS_NOT_IMPLEMENTED;
 
1973
}
 
1974
 
 
1975
/****************************************************************
 
1976
****************************************************************/
 
1977
 
 
1978
WERROR _netr_DsRGetDCName(struct pipes_struct *p,
 
1979
                          struct netr_DsRGetDCName *r)
 
1980
{
 
1981
        p->rng_fault_state = true;
 
1982
        return WERR_NOT_SUPPORTED;
 
1983
}
 
1984
 
 
1985
/****************************************************************
 
1986
****************************************************************/
 
1987
 
 
1988
NTSTATUS _netr_LogonGetCapabilities(struct pipes_struct *p,
 
1989
                                    struct netr_LogonGetCapabilities *r)
 
1990
{
 
1991
        return NT_STATUS_NOT_IMPLEMENTED;
 
1992
}
 
1993
 
 
1994
/****************************************************************
 
1995
****************************************************************/
 
1996
 
 
1997
WERROR _netr_NETRLOGONSETSERVICEBITS(struct pipes_struct *p,
 
1998
                                     struct netr_NETRLOGONSETSERVICEBITS *r)
 
1999
{
 
2000
        p->rng_fault_state = true;
 
2001
        return WERR_NOT_SUPPORTED;
 
2002
}
 
2003
 
 
2004
/****************************************************************
 
2005
****************************************************************/
 
2006
 
 
2007
WERROR _netr_LogonGetTrustRid(struct pipes_struct *p,
 
2008
                              struct netr_LogonGetTrustRid *r)
 
2009
{
 
2010
        p->rng_fault_state = true;
 
2011
        return WERR_NOT_SUPPORTED;
 
2012
}
 
2013
 
 
2014
/****************************************************************
 
2015
****************************************************************/
 
2016
 
 
2017
WERROR _netr_NETRLOGONCOMPUTESERVERDIGEST(struct pipes_struct *p,
 
2018
                                          struct netr_NETRLOGONCOMPUTESERVERDIGEST *r)
 
2019
{
 
2020
        p->rng_fault_state = true;
 
2021
        return WERR_NOT_SUPPORTED;
 
2022
}
 
2023
 
 
2024
/****************************************************************
 
2025
****************************************************************/
 
2026
 
 
2027
WERROR _netr_NETRLOGONCOMPUTECLIENTDIGEST(struct pipes_struct *p,
 
2028
                                          struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r)
 
2029
{
 
2030
        p->rng_fault_state = true;
 
2031
        return WERR_NOT_SUPPORTED;
 
2032
}
 
2033
 
 
2034
/****************************************************************
 
2035
****************************************************************/
 
2036
 
 
2037
WERROR _netr_DsRGetDCNameEx(struct pipes_struct *p,
 
2038
                            struct netr_DsRGetDCNameEx *r)
 
2039
{
 
2040
        p->rng_fault_state = true;
 
2041
        return WERR_NOT_SUPPORTED;
 
2042
}
 
2043
 
 
2044
/****************************************************************
 
2045
****************************************************************/
 
2046
 
 
2047
WERROR _netr_DsRGetSiteName(struct pipes_struct *p,
 
2048
                            struct netr_DsRGetSiteName *r)
 
2049
{
 
2050
        p->rng_fault_state = true;
 
2051
        return WERR_NOT_SUPPORTED;
 
2052
}
 
2053
 
 
2054
/****************************************************************
 
2055
****************************************************************/
 
2056
 
 
2057
NTSTATUS _netr_LogonGetDomainInfo(struct pipes_struct *p,
 
2058
                                  struct netr_LogonGetDomainInfo *r)
 
2059
{
 
2060
        p->rng_fault_state = true;
 
2061
        return NT_STATUS_NOT_IMPLEMENTED;
 
2062
}
 
2063
 
 
2064
/****************************************************************
 
2065
****************************************************************/
 
2066
 
 
2067
WERROR _netr_ServerPasswordGet(struct pipes_struct *p,
 
2068
                               struct netr_ServerPasswordGet *r)
 
2069
{
 
2070
        p->rng_fault_state = true;
 
2071
        return WERR_NOT_SUPPORTED;
 
2072
}
 
2073
 
 
2074
/****************************************************************
 
2075
****************************************************************/
 
2076
 
 
2077
WERROR _netr_NETRLOGONSENDTOSAM(struct pipes_struct *p,
 
2078
                                struct netr_NETRLOGONSENDTOSAM *r)
 
2079
{
 
2080
        p->rng_fault_state = true;
 
2081
        return WERR_NOT_SUPPORTED;
 
2082
}
 
2083
 
 
2084
/****************************************************************
 
2085
****************************************************************/
 
2086
 
 
2087
WERROR _netr_DsRAddressToSitenamesW(struct pipes_struct *p,
 
2088
                                    struct netr_DsRAddressToSitenamesW *r)
 
2089
{
 
2090
        p->rng_fault_state = true;
 
2091
        return WERR_NOT_SUPPORTED;
 
2092
}
 
2093
 
 
2094
/****************************************************************
 
2095
****************************************************************/
 
2096
 
 
2097
WERROR _netr_DsRGetDCNameEx2(struct pipes_struct *p,
 
2098
                             struct netr_DsRGetDCNameEx2 *r)
 
2099
{
 
2100
        p->rng_fault_state = true;
 
2101
        return WERR_NOT_SUPPORTED;
 
2102
}
 
2103
 
 
2104
/****************************************************************
 
2105
****************************************************************/
 
2106
 
 
2107
WERROR _netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(struct pipes_struct *p,
 
2108
                                                 struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
 
2109
{
 
2110
        p->rng_fault_state = true;
 
2111
        return WERR_NOT_SUPPORTED;
 
2112
}
 
2113
 
 
2114
/****************************************************************
 
2115
****************************************************************/
 
2116
 
 
2117
WERROR _netr_NetrEnumerateTrustedDomainsEx(struct pipes_struct *p,
 
2118
                                           struct netr_NetrEnumerateTrustedDomainsEx *r)
 
2119
{
 
2120
        p->rng_fault_state = true;
 
2121
        return WERR_NOT_SUPPORTED;
 
2122
}
 
2123
 
 
2124
/****************************************************************
 
2125
****************************************************************/
 
2126
 
 
2127
WERROR _netr_DsRAddressToSitenamesExW(struct pipes_struct *p,
 
2128
                                      struct netr_DsRAddressToSitenamesExW *r)
 
2129
{
 
2130
        p->rng_fault_state = true;
 
2131
        return WERR_NOT_SUPPORTED;
 
2132
}
 
2133
 
 
2134
/****************************************************************
 
2135
****************************************************************/
 
2136
 
 
2137
WERROR _netr_DsrGetDcSiteCoverageW(struct pipes_struct *p,
 
2138
                                   struct netr_DsrGetDcSiteCoverageW *r)
 
2139
{
 
2140
        p->rng_fault_state = true;
 
2141
        return WERR_NOT_SUPPORTED;
 
2142
}
 
2143
 
 
2144
/****************************************************************
 
2145
****************************************************************/
 
2146
 
 
2147
WERROR _netr_DsrEnumerateDomainTrusts(struct pipes_struct *p,
 
2148
                                      struct netr_DsrEnumerateDomainTrusts *r)
 
2149
{
 
2150
        p->rng_fault_state = true;
 
2151
        return WERR_NOT_SUPPORTED;
 
2152
}
 
2153
 
 
2154
/****************************************************************
 
2155
****************************************************************/
 
2156
 
 
2157
WERROR _netr_DsrDeregisterDNSHostRecords(struct pipes_struct *p,
 
2158
                                         struct netr_DsrDeregisterDNSHostRecords *r)
 
2159
{
 
2160
        p->rng_fault_state = true;
 
2161
        return WERR_NOT_SUPPORTED;
 
2162
}
 
2163
 
 
2164
/****************************************************************
 
2165
****************************************************************/
 
2166
 
 
2167
NTSTATUS _netr_ServerTrustPasswordsGet(struct pipes_struct *p,
 
2168
                                       struct netr_ServerTrustPasswordsGet *r)
 
2169
{
 
2170
        p->rng_fault_state = true;
 
2171
        return NT_STATUS_NOT_IMPLEMENTED;
 
2172
}
 
2173
 
 
2174
/****************************************************************
 
2175
****************************************************************/
 
2176
 
 
2177
WERROR _netr_DsRGetForestTrustInformation(struct pipes_struct *p,
 
2178
                                          struct netr_DsRGetForestTrustInformation *r)
 
2179
{
 
2180
        p->rng_fault_state = true;
 
2181
        return WERR_NOT_SUPPORTED;
 
2182
}
 
2183
 
 
2184
/****************************************************************
 
2185
****************************************************************/
 
2186
 
 
2187
static NTSTATUS fill_forest_trust_array(TALLOC_CTX *mem_ctx,
 
2188
                                        struct lsa_ForestTrustInformation *info)
 
2189
{
 
2190
        struct lsa_ForestTrustRecord *e;
 
2191
        struct pdb_domain_info *dom_info;
 
2192
        struct lsa_ForestTrustDomainInfo *domain_info;
 
2193
 
 
2194
        dom_info = pdb_get_domain_info(mem_ctx);
 
2195
        if (dom_info == NULL) {
 
2196
                return NT_STATUS_NO_MEMORY;
 
2197
        }
 
2198
 
 
2199
        info->count = 2;
 
2200
        info->entries = talloc_array(info, struct lsa_ForestTrustRecord *, 2);
 
2201
        if (info->entries == NULL) {
 
2202
                return NT_STATUS_NO_MEMORY;
 
2203
        }
 
2204
 
 
2205
        e = talloc(info, struct lsa_ForestTrustRecord);
 
2206
        if (e == NULL) {
 
2207
                return NT_STATUS_NO_MEMORY;
 
2208
        }
 
2209
 
 
2210
        e->flags = 0;
 
2211
        e->type = LSA_FOREST_TRUST_TOP_LEVEL_NAME;
 
2212
        e->time = 0; /* so far always 0 in trces. */
 
2213
        e->forest_trust_data.top_level_name.string = talloc_steal(info,
 
2214
                                                                  dom_info->dns_forest);
 
2215
 
 
2216
        info->entries[0] = e;
 
2217
 
 
2218
        e = talloc(info, struct lsa_ForestTrustRecord);
 
2219
        if (e == NULL) {
 
2220
                return NT_STATUS_NO_MEMORY;
 
2221
        }
 
2222
 
 
2223
        /* TODO: check if disabled and set flags accordingly */
 
2224
        e->flags = 0;
 
2225
        e->type = LSA_FOREST_TRUST_DOMAIN_INFO;
 
2226
        e->time = 0; /* so far always 0 in traces. */
 
2227
 
 
2228
        domain_info = &e->forest_trust_data.domain_info;
 
2229
        domain_info->domain_sid = dom_sid_dup(info, &dom_info->sid);
 
2230
 
 
2231
        domain_info->dns_domain_name.string = talloc_steal(info,
 
2232
                                                           dom_info->dns_domain);
 
2233
        domain_info->netbios_domain_name.string = talloc_steal(info,
 
2234
                                                               dom_info->name);
 
2235
 
 
2236
        info->entries[1] = e;
 
2237
 
 
2238
        return NT_STATUS_OK;
 
2239
}
 
2240
 
 
2241
/****************************************************************
 
2242
 _netr_GetForestTrustInformation
 
2243
****************************************************************/
 
2244
 
 
2245
NTSTATUS _netr_GetForestTrustInformation(struct pipes_struct *p,
 
2246
                                         struct netr_GetForestTrustInformation *r)
 
2247
{
 
2248
        NTSTATUS status;
 
2249
        struct netlogon_creds_CredentialState *creds;
 
2250
        struct lsa_ForestTrustInformation *info, **info_ptr;
 
2251
 
 
2252
        /* TODO: check server name */
 
2253
 
 
2254
        status = schannel_check_creds_state(p->mem_ctx, lp_private_dir(),
 
2255
                                            r->in.computer_name,
 
2256
                                            r->in.credential,
 
2257
                                            r->out.return_authenticator,
 
2258
                                            &creds);
 
2259
        if (!NT_STATUS_IS_OK(status)) {
 
2260
                return status;
 
2261
        }
 
2262
 
 
2263
        if ((creds->secure_channel_type != SEC_CHAN_DNS_DOMAIN) &&
 
2264
            (creds->secure_channel_type != SEC_CHAN_DOMAIN)) {
 
2265
                return NT_STATUS_NOT_IMPLEMENTED;
 
2266
        }
 
2267
 
 
2268
        info_ptr = talloc(p->mem_ctx, struct lsa_ForestTrustInformation *);
 
2269
        if (!info_ptr) {
 
2270
                return NT_STATUS_NO_MEMORY;
 
2271
        }
 
2272
        info = talloc_zero(info_ptr, struct lsa_ForestTrustInformation);
 
2273
        if (!info) {
 
2274
                return NT_STATUS_NO_MEMORY;
 
2275
        }
 
2276
 
 
2277
        status = fill_forest_trust_array(p->mem_ctx, info);
 
2278
        if (!NT_STATUS_IS_OK(status)) {
 
2279
                return status;
 
2280
        }
 
2281
 
 
2282
        *info_ptr = info;
 
2283
        r->out.forest_trust_info = info_ptr;
 
2284
 
 
2285
        return NT_STATUS_OK;
 
2286
}
 
2287
 
 
2288
/****************************************************************
 
2289
****************************************************************/
 
2290
 
 
2291
static NTSTATUS get_password_from_trustAuth(TALLOC_CTX *mem_ctx,
 
2292
                                            const DATA_BLOB *trustAuth_blob,
 
2293
                                            const DATA_BLOB *session_key,
 
2294
                                            struct samr_Password *current_pw_enc,
 
2295
                                            struct samr_Password *previous_pw_enc)
 
2296
{
 
2297
        enum ndr_err_code ndr_err;
 
2298
        struct trustAuthInOutBlob trustAuth;
 
2299
 
 
2300
        ndr_err = ndr_pull_struct_blob_all(trustAuth_blob, mem_ctx, &trustAuth,
 
2301
                                           (ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob);
 
2302
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
 
2303
                return NT_STATUS_UNSUCCESSFUL;
 
2304
        }
 
2305
 
 
2306
 
 
2307
        if (trustAuth.count != 0 && trustAuth.current.count != 0 &&
 
2308
            trustAuth.current.array[0].AuthType == TRUST_AUTH_TYPE_CLEAR) {
 
2309
                mdfour(previous_pw_enc->hash,
 
2310
                       trustAuth.current.array[0].AuthInfo.clear.password,
 
2311
                       trustAuth.current.array[0].AuthInfo.clear.size);
 
2312
        } else {
 
2313
                return NT_STATUS_UNSUCCESSFUL;
 
2314
        }
 
2315
 
 
2316
        arcfour_crypt_blob(current_pw_enc->hash, sizeof(current_pw_enc->hash),
 
2317
                           session_key);
 
2318
 
 
2319
        if (trustAuth.previous.count != 0 &&
 
2320
            trustAuth.previous.array[0].AuthType == TRUST_AUTH_TYPE_CLEAR) {
 
2321
                mdfour(previous_pw_enc->hash,
 
2322
                       trustAuth.previous.array[0].AuthInfo.clear.password,
 
2323
                       trustAuth.previous.array[0].AuthInfo.clear.size);
 
2324
        } else {
 
2325
                mdfour(previous_pw_enc->hash, NULL, 0);
 
2326
        }
 
2327
        arcfour_crypt_blob(previous_pw_enc->hash, sizeof(previous_pw_enc->hash),
 
2328
                           session_key);
 
2329
 
 
2330
        return NT_STATUS_OK;
 
2331
}
 
2332
 
 
2333
/****************************************************************
 
2334
 _netr_ServerGetTrustInfo
 
2335
****************************************************************/
 
2336
 
 
2337
NTSTATUS _netr_ServerGetTrustInfo(struct pipes_struct *p,
 
2338
                                  struct netr_ServerGetTrustInfo *r)
 
2339
{
 
2340
        NTSTATUS status;
 
2341
        struct netlogon_creds_CredentialState *creds;
 
2342
        char *account_name;
 
2343
        size_t account_name_last;
 
2344
        bool trusted;
 
2345
        struct netr_TrustInfo *trust_info;
 
2346
        struct pdb_trusted_domain *td;
 
2347
        DATA_BLOB trustAuth_blob;
 
2348
        struct samr_Password *new_owf_enc;
 
2349
        struct samr_Password *old_owf_enc;
 
2350
        DATA_BLOB session_key;
 
2351
 
 
2352
        /* TODO: check server name */
 
2353
 
 
2354
        status = schannel_check_creds_state(p->mem_ctx, lp_private_dir(),
 
2355
                                            r->in.computer_name,
 
2356
                                            r->in.credential,
 
2357
                                            r->out.return_authenticator,
 
2358
                                            &creds);
 
2359
        if (!NT_STATUS_IS_OK(status)) {
 
2360
                return status;
 
2361
        }
 
2362
 
 
2363
        account_name = talloc_strdup(p->mem_ctx, r->in.account_name);
 
2364
        if (account_name == NULL) {
 
2365
                return NT_STATUS_NO_MEMORY;
 
2366
        }
 
2367
 
 
2368
        account_name_last = strlen(account_name);
 
2369
        if (account_name_last == 0) {
 
2370
                return NT_STATUS_INVALID_PARAMETER;
 
2371
        }
 
2372
        account_name_last--;
 
2373
        if (account_name[account_name_last] == '.') {
 
2374
                account_name[account_name_last] = '\0';
 
2375
        }
 
2376
 
 
2377
        if ((creds->secure_channel_type != SEC_CHAN_DNS_DOMAIN) &&
 
2378
            (creds->secure_channel_type != SEC_CHAN_DOMAIN)) {
 
2379
                trusted = false;
 
2380
        } else {
 
2381
                trusted = true;
 
2382
        }
 
2383
 
 
2384
 
 
2385
        if (trusted) {
 
2386
                account_name_last = strlen(account_name);
 
2387
                if (account_name_last == 0) {
 
2388
                        return NT_STATUS_INVALID_PARAMETER;
 
2389
                }
 
2390
                account_name_last--;
 
2391
                if (account_name[account_name_last] == '$') {
 
2392
                        account_name[account_name_last] = '\0';
 
2393
                }
 
2394
 
 
2395
                status = pdb_get_trusted_domain(p->mem_ctx, account_name, &td);
 
2396
                if (!NT_STATUS_IS_OK(status)) {
 
2397
                        return status;
 
2398
                }
 
2399
 
 
2400
                if (r->out.trust_info != NULL) {
 
2401
                        trust_info = talloc_zero(p->mem_ctx, struct netr_TrustInfo);
 
2402
                        if (trust_info == NULL) {
 
2403
                                return NT_STATUS_NO_MEMORY;
 
2404
                        }
 
2405
                        trust_info->count = 1;
 
2406
 
 
2407
                        trust_info->data = talloc_array(trust_info, uint32_t, 1);
 
2408
                        if (trust_info->data == NULL) {
 
2409
                                return NT_STATUS_NO_MEMORY;
 
2410
                        }
 
2411
                        trust_info->data[0] = td->trust_attributes;
 
2412
 
 
2413
                        *r->out.trust_info = trust_info;
 
2414
                }
 
2415
 
 
2416
                new_owf_enc = talloc_zero(p->mem_ctx, struct samr_Password);
 
2417
                old_owf_enc = talloc_zero(p->mem_ctx, struct samr_Password);
 
2418
                if (new_owf_enc == NULL || old_owf_enc == NULL) {
 
2419
                        return NT_STATUS_NO_MEMORY;
 
2420
                }
 
2421
 
 
2422
/* TODO: which trustAuth shall we use if we have in/out trust or do they have to
 
2423
 * be equal ? */
 
2424
                if (td->trust_direction & NETR_TRUST_FLAG_INBOUND) {
 
2425
                        trustAuth_blob = td->trust_auth_incoming;
 
2426
                } else if (td->trust_direction & NETR_TRUST_FLAG_OUTBOUND) {
 
2427
                        trustAuth_blob = td->trust_auth_outgoing;
 
2428
                }
 
2429
 
 
2430
                session_key.data = creds->session_key;
 
2431
                session_key.length = sizeof(creds->session_key);
 
2432
                status = get_password_from_trustAuth(p->mem_ctx, &trustAuth_blob,
 
2433
                                                     &session_key,
 
2434
                                                     new_owf_enc, old_owf_enc);
 
2435
 
 
2436
                if (!NT_STATUS_IS_OK(status)) {
 
2437
                        return status;
 
2438
                }
 
2439
 
 
2440
                r->out.new_owf_password = new_owf_enc;
 
2441
                r->out.old_owf_password = old_owf_enc;
 
2442
        } else {
 
2443
/* TODO: look for machine password */
 
2444
                r->out.new_owf_password = NULL;
 
2445
                r->out.old_owf_password = NULL;
 
2446
 
 
2447
                return NT_STATUS_NOT_IMPLEMENTED;
 
2448
        }
 
2449
 
 
2450
        return NT_STATUS_OK;
 
2451
}
 
2452
 
 
2453
/****************************************************************
 
2454
****************************************************************/
 
2455
 
 
2456
NTSTATUS _netr_Unused47(struct pipes_struct *p,
 
2457
                        struct netr_Unused47 *r)
 
2458
{
 
2459
        p->rng_fault_state = true;
 
2460
        return NT_STATUS_NOT_IMPLEMENTED;
 
2461
}
 
2462
 
 
2463
/****************************************************************
 
2464
****************************************************************/
 
2465
 
 
2466
NTSTATUS _netr_DsrUpdateReadOnlyServerDnsRecords(struct pipes_struct *p,
 
2467
                                                 struct netr_DsrUpdateReadOnlyServerDnsRecords *r)
 
2468
{
 
2469
        p->rng_fault_state = true;
 
2470
        return NT_STATUS_NOT_IMPLEMENTED;
 
2471
}