sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-11 16:58:40 +03:00
Code
samba-mirror/source3/client/ntclient.c

351 lines
9.3 KiB
C
Raw Normal View History

nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
/*
Unix SMB/Netbios implementation.
Version 1.9.
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
NT Domain Authentication SMB / MSRPC client
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
Copyright (C) Andrew Tridgell 1994-1997
This is *not* a big change (although it looks like one). This is merely updating the Copyright statements from 1997 to 1998. It's a once a year thing :-). NO OTHER CHANGES WERE MADE. Jeremy. (This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c)
1998-01-22 13:27:43 +00:00
Copyright (C) Luke Kenneth Casson Leighton 1996-1998
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifdef SYSLOG
#undef SYSLOG
#endif
#include "includes.h"
extern int DEBUGLEVEL;
got the SAM logon request generated, and received a SAM logon response back. YEAH! need to add: - client-side credential calculation - client-side parsing of the SAM logon response. (This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
1997-10-25 15:49:27 +00:00
extern pstring username;
added code that _uses_ arcfour. arcfour itself, or anything remotely like it, has *not* been added. this is the client and server side of the SAM Logon NT and LM OWF password obfuscation (rc4 with the long-term session key). (This used to be commit 4cf4dd696714492f8e51661cab4736d66ab2916b)
1997-11-03 15:47:03 +00:00
extern pstring smb_login_passwd;
got the SAM logon request generated, and received a SAM logon response back. YEAH! need to add: - client-side credential calculation - client-side parsing of the SAM logon response. (This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
1997-10-25 15:49:27 +00:00
extern pstring workgroup;
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
#define CLIENT_TIMEOUT (30*1000)
/****************************************************************************
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
experimental nt login.
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
****************************************************************************/
"For I have laboured mightily on Luke's code, and hath broken all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)
1998-03-11 21:11:04 +00:00
BOOL client_do_nt_login(char *desthost, char *myhostname,
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
int Client, int cnum)
{
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
DOM_CHAL clnt_chal;
DOM_CHAL srv_chal;
hooray. hooray some more. hooray a lot. got the client-side working. Q/R LSA_REQ_CHAL; Q/R LSA_AUTH2; Q/R LSA_SAMLOGON; Q/R LSA_SAMLOGOFF. the last (non-essential right now) bit is the LSA_SRV_PWSET. the next stage is to do LSA_OPENPOLICY; add the pipe binds (missing right now); then we can test against an NT Server. (This used to be commit 0a549e62fbf11a3ff1f1de663176e30006553e08)
1997-10-26 18:42:47 +00:00
DOM_CRED clnt_cred;
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
DOM_CHAL auth2_srv_chal;
hooray. hooray some more. hooray a lot. got the client-side working. Q/R LSA_REQ_CHAL; Q/R LSA_AUTH2; Q/R LSA_SAMLOGON; Q/R LSA_SAMLOGOFF. the last (non-essential right now) bit is the LSA_SRV_PWSET. the next stage is to do LSA_OPENPOLICY; add the pipe binds (missing right now); then we can test against an NT Server. (This used to be commit 0a549e62fbf11a3ff1f1de663176e30006553e08)
1997-10-26 18:42:47 +00:00
DOM_CRED sam_logon_clnt_cred;
DOM_CRED sam_logon_rtn_cred;
DOM_CRED sam_logon_srv_cred;
DOM_CRED sam_logoff_clnt_cred;
DOM_CRED sam_logoff_rtn_cred;
DOM_CRED sam_logoff_srv_cred;
got the SAM logon request generated, and received a SAM logon response back. YEAH! need to add: - client-side credential calculation - client-side parsing of the SAM logon response. (This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
1997-10-25 15:49:27 +00:00
DOM_ID_INFO_1 id1;
hooray. hooray some more. hooray a lot. got the client-side working. Q/R LSA_REQ_CHAL; Q/R LSA_AUTH2; Q/R LSA_SAMLOGON; Q/R LSA_SAMLOGOFF. the last (non-essential right now) bit is the LSA_SRV_PWSET. the next stage is to do LSA_OPENPOLICY; add the pipe binds (missing right now); then we can test against an NT Server. (This used to be commit 0a549e62fbf11a3ff1f1de663176e30006553e08)
1997-10-26 18:42:47 +00:00
LSA_USER_INFO user_info1;
added LSA Open Policy query and response processing to smbclient (This used to be commit 16cc27852bf54999db4b0a3665b0743d9fe0e74a)
1997-10-27 15:09:23 +00:00
LSA_POL_HND pol;
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
int i;
got the SAM logon request generated, and received a SAM logon response back. YEAH! need to add: - client-side credential calculation - client-side parsing of the SAM logon response. (This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
1997-10-25 15:49:27 +00:00
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
UTIME zerotime;
convert the credentials code back to uchar[8] from uint32[2] This should fix the byte order problems (maybe!) (This used to be commit 21878e7d8628d05786c3c76f2943e31df1096577)
1997-11-02 04:01:57 +00:00
uchar sess_key[8];
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
char nt_owf_mach_pwd[16];
fstring mach_acct;
fstring mach_pwd;
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
fstring server_name;
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
RPC_IFACE abstract;
RPC_IFACE transfer;
static char abs_data[16];
static char trn_data[16];
added LSA_Q_CLOSE and LSA_R_CLOSE (also to smb.h). implemented in smbclient. updated Query Info Policy to report domain name and domain sid for info levels 3 and 5. fixed bug in dom_sid_to_string (idauths decoded wrong). fixed bug in DOM_SID: subauths are 32 bit not 16. (This used to be commit 2f3cca23e2465ca6a3a31fda005af1fd74f6af92)
1997-10-27 19:00:38 +00:00
/* received from LSA Query Info Policy, level 5 */
fstring level5_domain_name;
pstring level5_domain_sid;
/* received from LSA Query Info Policy, level 3 */
fstring level3_domain_name;
pstring level3_domain_sid;
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
uint16 fnum;
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
uint32 call_id = 0;
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
char *inbuf,*outbuf;
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
zerotime.time = 0;
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
inbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
outbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
if (!inbuf || !outbuf)
{
DEBUG(0,("out of memory\n"));
return False;
}
added LSA Open Policy query and response processing to smbclient (This used to be commit 16cc27852bf54999db4b0a3665b0743d9fe0e74a)
1997-10-27 15:09:23 +00:00
/******************* open the \PIPE\lsarpc file *****************/
added a client-side "set named pipe handle state" function. not known exactly when you call this (before or after a bind). can sort that out later. (This used to be commit a64ba16db615f83739c147a521ccff3f7c42987b)
1997-10-30 22:21:49 +00:00
if ((fnum = rpc_pipe_open(inbuf, outbuf, PIPE_LSARPC, Client, cnum)) == 0xffff)
added LSA Open Policy query and response processing to smbclient (This used to be commit 16cc27852bf54999db4b0a3665b0743d9fe0e74a)
1997-10-27 15:09:23 +00:00
{
free(inbuf); free(outbuf);
return False;
}
client.c clientutil.c proto.h rpc_pipes/ntclientlsa.c rpc_pipes/ntclientnet.c rpc_pipes/ntclientpipe.c : added extra argument to cli_call_api() to allow specifying the length of the \PIPE\ name. it appears that, like when the name of the pipe is NULL and OS-2 requires two extra bytes _after_ the NULL name, that NT requires two bytes after the NULL-terminated name "\PIPE\". these two bytes vary, but values seen so far are: 0x72 0x70; 0x63 0x65; 0x44 0x65; 0x4E 0x00. there appears not to be much logic to this. purpose unknown. ntclient.c: put Set Named Pipe Handle State call directly after SMBopenX call. (This used to be commit 54c245be152e5fa8f5b535c93f8d11c5f591e23f)
1997-11-01 19:20:29 +00:00
/**************** Set Named Pipe State ***************/
if (!rpc_pipe_set_hnd_state(PIPE_LSARPC, fnum, 0x4300))
{
free(inbuf); free(outbuf);
return False;
}
byteorder.h : added mode for printing debug array data as chars not uint8/16/32s. only really useful for (uint8) strings or (uint16) unicode strings lsaparse.c smbparse.c smb.h : rpc bind and rpc bind ack structures and parsing and creation functions. ipc.c pipes.c pipenetlog.c pipentlsa.c pipesrvsvc.c : using rpc bind / bind ack parsing routines instead of incorrect use of api_LsarpcTNP1 function. ntclient.c : creation of do_rpc_bind() function. THAT'S IT, FOLKS! (This used to be commit 21c89e2f17c51939fd6b53dddbe3072419eb0db2)
1997-10-29 00:04:14 +00:00
/******************* bind request on \PIPE\lsarpc *****************/
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
/* create and send a MSRPC command with api LSA_OPENPOLICY */
removed mechanism that created actual files NETLOGON, lsarpc and the like, which are pipes on the IPC$ connection. created mechanism to record pipe names in a separate pipes_struct. it is planned to expand this, to return sensible things like interface structures, and policy handles (RPC_IFACE and LSA_POL_HND). and the like. (This used to be commit 33cce5fac0e2f818a19a6c4e6a797ef44f3b5c75)
1997-10-30 01:05:13 +00:00
DEBUG(4,("LSA RPC Bind[%x]\n", fnum));
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
for (i = 0; i < sizeof(trn_data); i++)
{
trn_data[i] = 2 * i;
}
for (i = 0; i < sizeof(abs_data); i++)
{
abs_data[i] = i;
}
/* create interface UUIDs. */
make_rpc_iface(&abstract, abs_data, 0x0);
make_rpc_iface(&transfer, trn_data, 0x2);
added a client-side "set named pipe handle state" function. not known exactly when you call this (before or after a bind). can sort that out later. (This used to be commit a64ba16db615f83739c147a521ccff3f7c42987b)
1997-10-30 22:21:49 +00:00
if (!rpc_pipe_bind(PIPE_LSARPC, fnum, ++call_id, &abstract, &transfer))
{
free(inbuf); free(outbuf);
return False;
}
added LSA Open Policy query and response processing to smbclient (This used to be commit 16cc27852bf54999db4b0a3665b0743d9fe0e74a)
1997-10-27 15:09:23 +00:00
/******************* Open Policy ********************/
fstrcpy(server_name, ("\\\\"));
fstrcpy(&server_name[2], myhostname);
/* send an open policy request; receive a policy handle */
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
if (!do_lsa_open_policy(fnum, ++call_id, server_name, &pol))
added LSA Open Policy query and response processing to smbclient (This used to be commit 16cc27852bf54999db4b0a3665b0743d9fe0e74a)
1997-10-27 15:09:23 +00:00
{
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
added LSA Query Info Policy. fixed a problem with byte ordering (doing an SIVAL of the setup parameters which was _also_ being done in the creation of the SMB header. oops). (This used to be commit 541fb82895008cc30477019cdcafed9fdbbeac43)
1997-10-27 17:04:15 +00:00
free(inbuf); free(outbuf);
return False;
}
added LSA_Q_CLOSE and LSA_R_CLOSE (also to smb.h). implemented in smbclient. updated Query Info Policy to report domain name and domain sid for info levels 3 and 5. fixed bug in dom_sid_to_string (idauths decoded wrong). fixed bug in DOM_SID: subauths are 32 bit not 16. (This used to be commit 2f3cca23e2465ca6a3a31fda005af1fd74f6af92)
1997-10-27 19:00:38 +00:00
/**************** Query Info Policy, level 3 ********************/
/* send a query info policy at level 3; receive an info policy */
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
if (!do_lsa_query_info_pol(fnum, ++call_id, &pol, 0x3,
added LSA_Q_CLOSE and LSA_R_CLOSE (also to smb.h). implemented in smbclient. updated Query Info Policy to report domain name and domain sid for info levels 3 and 5. fixed bug in dom_sid_to_string (idauths decoded wrong). fixed bug in DOM_SID: subauths are 32 bit not 16. (This used to be commit 2f3cca23e2465ca6a3a31fda005af1fd74f6af92)
1997-10-27 19:00:38 +00:00
level3_domain_name, level3_domain_sid))
{
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
free(inbuf); free(outbuf);
return False;
}
/**************** Query Info Policy, level 5 ********************/
added LSA Query Info Policy. fixed a problem with byte ordering (doing an SIVAL of the setup parameters which was _also_ being done in the creation of the SMB header. oops). (This used to be commit 541fb82895008cc30477019cdcafed9fdbbeac43)
1997-10-27 17:04:15 +00:00
/* send a query info policy at level 5; receive an info policy */
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
if (!do_lsa_query_info_pol(fnum, ++call_id, &pol, 0x5,
added LSA_Q_CLOSE and LSA_R_CLOSE (also to smb.h). implemented in smbclient. updated Query Info Policy to report domain name and domain sid for info levels 3 and 5. fixed bug in dom_sid_to_string (idauths decoded wrong). fixed bug in DOM_SID: subauths are 32 bit not 16. (This used to be commit 2f3cca23e2465ca6a3a31fda005af1fd74f6af92)
1997-10-27 19:00:38 +00:00
level5_domain_name, level5_domain_sid))
{
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
free(inbuf); free(outbuf);
return False;
}
/******************* Open Policy ********************/
/* send a close policy request; receive a close pol response */
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
if (!do_lsa_close(fnum, ++call_id, &pol))
added LSA Query Info Policy. fixed a problem with byte ordering (doing an SIVAL of the setup parameters which was _also_ being done in the creation of the SMB header. oops). (This used to be commit 541fb82895008cc30477019cdcafed9fdbbeac43)
1997-10-27 17:04:15 +00:00
{
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
added LSA Open Policy query and response processing to smbclient (This used to be commit 16cc27852bf54999db4b0a3665b0743d9fe0e74a)
1997-10-27 15:09:23 +00:00
free(inbuf); free(outbuf);
return False;
}
/******************* close the \PIPE\lsarpc file *******************/
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
added correct client-side credential generation / checking to the LSA SAM Logon query. i think i even got the client-side checking of the response credentials right! (This used to be commit f14c111835e18e361468cc6a1666a02654afe743)
1997-10-25 17:38:37 +00:00
/******************* open the \PIPE\NETLOGON file *****************/
added a client-side "set named pipe handle state" function. not known exactly when you call this (before or after a bind). can sort that out later. (This used to be commit a64ba16db615f83739c147a521ccff3f7c42987b)
1997-10-30 22:21:49 +00:00
if ((fnum = rpc_pipe_open(inbuf, outbuf, PIPE_NETLOGON, Client, cnum)) == 0xffff)
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
{
free(inbuf); free(outbuf);
return False;
}
client.c clientutil.c proto.h rpc_pipes/ntclientlsa.c rpc_pipes/ntclientnet.c rpc_pipes/ntclientpipe.c : added extra argument to cli_call_api() to allow specifying the length of the \PIPE\ name. it appears that, like when the name of the pipe is NULL and OS-2 requires two extra bytes _after_ the NULL name, that NT requires two bytes after the NULL-terminated name "\PIPE\". these two bytes vary, but values seen so far are: 0x72 0x70; 0x63 0x65; 0x44 0x65; 0x4E 0x00. there appears not to be much logic to this. purpose unknown. ntclient.c: put Set Named Pipe Handle State call directly after SMBopenX call. (This used to be commit 54c245be152e5fa8f5b535c93f8d11c5f591e23f)
1997-11-01 19:20:29 +00:00
/**************** Set Named Pipe State ***************/
if (!rpc_pipe_set_hnd_state(PIPE_NETLOGON, fnum, 0x4300))
added a client-side "set named pipe handle state" function. not known exactly when you call this (before or after a bind). can sort that out later. (This used to be commit a64ba16db615f83739c147a521ccff3f7c42987b)
1997-10-30 22:21:49 +00:00
{
free(inbuf); free(outbuf);
return False;
}
client.c clientutil.c proto.h rpc_pipes/ntclientlsa.c rpc_pipes/ntclientnet.c rpc_pipes/ntclientpipe.c : added extra argument to cli_call_api() to allow specifying the length of the \PIPE\ name. it appears that, like when the name of the pipe is NULL and OS-2 requires two extra bytes _after_ the NULL name, that NT requires two bytes after the NULL-terminated name "\PIPE\". these two bytes vary, but values seen so far are: 0x72 0x70; 0x63 0x65; 0x44 0x65; 0x4E 0x00. there appears not to be much logic to this. purpose unknown. ntclient.c: put Set Named Pipe Handle State call directly after SMBopenX call. (This used to be commit 54c245be152e5fa8f5b535c93f8d11c5f591e23f)
1997-11-01 19:20:29 +00:00
/******************* bind request on \PIPE\NETLOGON *****************/
if (!rpc_pipe_bind(PIPE_NETLOGON, fnum, ++call_id, &abstract, &transfer))
byteorder.h : added mode for printing debug array data as chars not uint8/16/32s. only really useful for (uint8) strings or (uint16) unicode strings lsaparse.c smbparse.c smb.h : rpc bind and rpc bind ack structures and parsing and creation functions. ipc.c pipes.c pipenetlog.c pipentlsa.c pipesrvsvc.c : using rpc bind / bind ack parsing routines instead of incorrect use of api_LsarpcTNP1 function. ntclient.c : creation of do_rpc_bind() function. THAT'S IT, FOLKS! (This used to be commit 21c89e2f17c51939fd6b53dddbe3072419eb0db2)
1997-10-29 00:04:14 +00:00
{
free(inbuf); free(outbuf);
return False;
}
added correct client-side credential generation / checking to the LSA SAM Logon query. i think i even got the client-side checking of the response credentials right! (This used to be commit f14c111835e18e361468cc6a1666a02654afe743)
1997-10-25 17:38:37 +00:00
/******************* Request Challenge ********************/
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
fstrcpy(mach_acct, myhostname);
strlower(mach_pwd);
fstrcpy(mach_pwd , myhostname);
strcat(mach_acct, "$");
convert the credentials code back to uchar[8] from uint32[2] This should fix the byte order problems (maybe!) (This used to be commit 21878e7d8628d05786c3c76f2943e31df1096577)
1997-11-02 04:01:57 +00:00
SIVAL(clnt_chal.data, 0, 0x11111111);
SIVAL(clnt_chal.data, 4, 0x22222222);
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
/* send a client challenge; receive a server challenge */
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
if (!do_lsa_req_chal(fnum, ++call_id, desthost, myhostname, &clnt_chal, &srv_chal))
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
{
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
free(inbuf); free(outbuf);
return False;
}
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
/************ Long-term Session key (default) **********/
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
#if 0
/* DAMN! can't get the machine password - need become_root() to do it! */
/* get the machine password */
if (!get_md4pw(mach_acct, nt_owf_mach_pwd))
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
{
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
free(inbuf); free(outbuf);
return False;
}
got the SAM logon request generated, and received a SAM logon response back. YEAH! need to add: - client-side credential calculation - client-side parsing of the SAM logon response. (This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
1997-10-25 15:49:27 +00:00
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
DEBUG(5,("got nt owf from smbpasswd entry: %s\n", mach_pwd));
#else
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
{
char lm_owf_mach_pwd[16];
nt_lm_owf_gen(mach_pwd, nt_owf_mach_pwd, lm_owf_mach_pwd);
DEBUG(5,("generating nt owf from initial machine pwd: %s\n", mach_pwd));
}
added correct client-side credential generation / checking to the LSA SAM Logon query. i think i even got the client-side checking of the response credentials right! (This used to be commit f14c111835e18e361468cc6a1666a02654afe743)
1997-10-25 17:38:37 +00:00
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
#endif
dump_data(6, nt_owf_mach_pwd, 16);
/* calculate the session key */
cred_session_key(&clnt_chal, &srv_chal, nt_owf_mach_pwd, sess_key);
/******************* Authenticate 2 ********************/
/* calculate auth-2 credentials */
cred_create(sess_key, &clnt_chal, zerotime, &(clnt_cred.challenge));
/* send client auth-2 challenge; receive an auth-2 challenge */
if (!do_lsa_auth2(fnum, ++call_id, desthost, mach_acct, 2, myhostname,
&(clnt_cred.challenge), 0x000001ff, &auth2_srv_chal))
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
{
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
free(inbuf); free(outbuf);
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
return False;
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
}
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
/*********************** SAM Info ***********************/
added correct client-side credential generation / checking to the LSA SAM Logon query. i think i even got the client-side checking of the response credentials right! (This used to be commit f14c111835e18e361468cc6a1666a02654afe743)
1997-10-25 17:38:37 +00:00
added code that _uses_ arcfour. arcfour itself, or anything remotely like it, has *not* been added. this is the client and server side of the SAM Logon NT and LM OWF password obfuscation (rc4 with the long-term session key). (This used to be commit 4cf4dd696714492f8e51661cab4736d66ab2916b)
1997-11-03 15:47:03 +00:00
{
char lm_owf_user_pwd[16];
char nt_owf_user_pwd[16];
nt_lm_owf_gen(smb_login_passwd, nt_owf_user_pwd, lm_owf_user_pwd);
#ifdef DEBUG_PASSWORD
DEBUG(100,("nt owf of user password: "));
dump_data(100, lm_owf_user_pwd, 16);
DEBUG(100,("nt owf of user password: "));
dump_data(100, nt_owf_user_pwd, 16);
#endif
/* this is used in both the SAM Logon and the SAM Logoff */
make_id_info1(&id1, workgroup, 0,
got the SAM logon request generated, and received a SAM logon response back. YEAH! need to add: - client-side credential calculation - client-side parsing of the SAM logon response. (This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
1997-10-25 15:49:27 +00:00
getuid(), 0,
username, myhostname,
added code that _uses_ arcfour. arcfour itself, or anything remotely like it, has *not* been added. this is the client and server side of the SAM Logon NT and LM OWF password obfuscation (rc4 with the long-term session key). (This used to be commit 4cf4dd696714492f8e51661cab4736d66ab2916b)
1997-11-03 15:47:03 +00:00
sess_key, lm_owf_user_pwd, nt_owf_user_pwd);
}
got the SAM logon request generated, and received a SAM logon response back. YEAH! need to add: - client-side credential calculation - client-side parsing of the SAM logon response. (This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
1997-10-25 15:49:27 +00:00
added correct client-side credential generation / checking to the LSA SAM Logon query. i think i even got the client-side checking of the response credentials right! (This used to be commit f14c111835e18e361468cc6a1666a02654afe743)
1997-10-25 17:38:37 +00:00
/*********************** SAM Logon **********************/
hooray. hooray some more. hooray a lot. got the client-side working. Q/R LSA_REQ_CHAL; Q/R LSA_AUTH2; Q/R LSA_SAMLOGON; Q/R LSA_SAMLOGOFF. the last (non-essential right now) bit is the LSA_SRV_PWSET. the next stage is to do LSA_OPENPOLICY; add the pipe binds (missing right now); then we can test against an NT Server. (This used to be commit 0a549e62fbf11a3ff1f1de663176e30006553e08)
1997-10-26 18:42:47 +00:00
clnt_cred.timestamp.time = sam_logon_clnt_cred.timestamp.time = time(NULL);
added correct client-side credential generation / checking to the LSA SAM Logon query. i think i even got the client-side checking of the response credentials right! (This used to be commit f14c111835e18e361468cc6a1666a02654afe743)
1997-10-25 17:38:37 +00:00
/* calculate sam logon credentials, using the auth2 client challenge */
hooray. hooray some more. hooray a lot. got the client-side working. Q/R LSA_REQ_CHAL; Q/R LSA_AUTH2; Q/R LSA_SAMLOGON; Q/R LSA_SAMLOGOFF. the last (non-essential right now) bit is the LSA_SRV_PWSET. the next stage is to do LSA_OPENPOLICY; add the pipe binds (missing right now); then we can test against an NT Server. (This used to be commit 0a549e62fbf11a3ff1f1de663176e30006553e08)
1997-10-26 18:42:47 +00:00
cred_create(sess_key, &(clnt_cred.challenge), sam_logon_clnt_cred.timestamp,
&(sam_logon_clnt_cred.challenge));
added correct client-side credential generation / checking to the LSA SAM Logon query. i think i even got the client-side checking of the response credentials right! (This used to be commit f14c111835e18e361468cc6a1666a02654afe743)
1997-10-25 17:38:37 +00:00
got the SAM logon request generated, and received a SAM logon response back. YEAH! need to add: - client-side credential calculation - client-side parsing of the SAM logon response. (This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
1997-10-25 15:49:27 +00:00
/* send client sam-logon challenge; receive a sam-logon challenge */
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
if (!do_lsa_sam_logon(fnum, ++call_id, sess_key, &clnt_cred,
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
desthost, mach_acct,
hooray. hooray some more. hooray a lot. got the client-side working. Q/R LSA_REQ_CHAL; Q/R LSA_AUTH2; Q/R LSA_SAMLOGON; Q/R LSA_SAMLOGOFF. the last (non-essential right now) bit is the LSA_SRV_PWSET. the next stage is to do LSA_OPENPOLICY; add the pipe binds (missing right now); then we can test against an NT Server. (This used to be commit 0a549e62fbf11a3ff1f1de663176e30006553e08)
1997-10-26 18:42:47 +00:00
&sam_logon_clnt_cred, &sam_logon_rtn_cred,
1, 1, &id1, &user_info1,
&sam_logon_srv_cred))
got the SAM logon request generated, and received a SAM logon response back. YEAH! need to add: - client-side credential calculation - client-side parsing of the SAM logon response. (This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
1997-10-25 15:49:27 +00:00
{
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
free(inbuf); free(outbuf);
return False;
}
hooray. hooray some more. hooray a lot. got the client-side working. Q/R LSA_REQ_CHAL; Q/R LSA_AUTH2; Q/R LSA_SAMLOGON; Q/R LSA_SAMLOGOFF. the last (non-essential right now) bit is the LSA_SRV_PWSET. the next stage is to do LSA_OPENPOLICY; add the pipe binds (missing right now); then we can test against an NT Server. (This used to be commit 0a549e62fbf11a3ff1f1de663176e30006553e08)
1997-10-26 18:42:47 +00:00
/*********************** SAM Logoff *********************/
clnt_cred.timestamp.time = sam_logoff_clnt_cred.timestamp.time = time(NULL);
/* calculate sam logoff credentials, using the sam logon return challenge */
cred_create(sess_key, &(clnt_cred.challenge),
sam_logoff_clnt_cred.timestamp,
&(sam_logoff_clnt_cred.challenge));
/* send client sam-logoff challenge; receive a sam-logoff challenge */
split ntclient.c down into appropriate modules. (This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
1997-10-29 13:24:42 +00:00
if (!do_lsa_sam_logoff(fnum, ++call_id, sess_key, &clnt_cred,
Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-10 19:23:17 +00:00
desthost, mach_acct,
hooray. hooray some more. hooray a lot. got the client-side working. Q/R LSA_REQ_CHAL; Q/R LSA_AUTH2; Q/R LSA_SAMLOGON; Q/R LSA_SAMLOGOFF. the last (non-essential right now) bit is the LSA_SRV_PWSET. the next stage is to do LSA_OPENPOLICY; add the pipe binds (missing right now); then we can test against an NT Server. (This used to be commit 0a549e62fbf11a3ff1f1de663176e30006553e08)
1997-10-26 18:42:47 +00:00
&sam_logoff_clnt_cred, &sam_logoff_rtn_cred,
1, 1, &id1,
&sam_logoff_srv_cred))
{
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
free(inbuf); free(outbuf);
return False;
}
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
added LSA Open Policy query and response processing to smbclient (This used to be commit 16cc27852bf54999db4b0a3665b0743d9fe0e74a)
1997-10-27 15:09:23 +00:00
/******************** close the \PIPE\NETLOGON file **************/
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
cli_smb_close(inbuf, outbuf, Client, cnum, fnum);
added LSA Open Policy query and response processing to smbclient (This used to be commit 16cc27852bf54999db4b0a3665b0743d9fe0e74a)
1997-10-27 15:09:23 +00:00
/* free memory used in all rpc transactions, above */
Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-25 10:58:18 +00:00
free(inbuf); free(outbuf);
return True;
nterr.c : added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-24 13:15:34 +00:00
}
Copy Permalink