From a5b913dd31cc3c4d01458e6fcc0a03852a2738a2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
Date: Fri, 29 Aug 2008 00:02:54 +0200
Subject: [PATCH] netlogon: "re-run make idl" - implement
 netr_ServerPasswordSet2 client.

Guenther
---
 source/rpc_client/cli_netlogon.c | 50 ++++++++++++++++++++
 source/rpc_parse/parse_net.c     | 80 ++++++++++++++++++++++++++++++++
 2 files changed, 130 insertions(+)

diff --git a/source/rpc_client/cli_netlogon.c b/source/rpc_client/cli_netlogon.c
index fb8c5cf037d..3c7759768a6 100644
--- a/source/rpc_client/cli_netlogon.c
+++ b/source/rpc_client/cli_netlogon.c
@@ -1082,3 +1082,53 @@ NTSTATUS rpccli_net_srv_pwset(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
 
 	return result;
 }
+
+/***************************************************************************
+LSA Server Password Set2.
+****************************************************************************/
+
+NTSTATUS rpccli_net_srv_pwset2(struct rpc_pipe_client *cli,
+			       TALLOC_CTX *mem_ctx,
+			       const char *machine_name,
+			       const char *clear_text_mach_pwd)
+{
+	prs_struct rbuf;
+	prs_struct qbuf;
+	DOM_CRED clnt_creds;
+	NET_Q_SRV_PWSET2 q;
+	NET_R_SRV_PWSET2 r;
+	uint16 sec_chan_type = 2;
+	NTSTATUS result;
+
+	creds_client_step(cli->dc, &clnt_creds);
+
+	DEBUG(4,("cli_net_srv_pwset2: srv:%s acct:%s sc: %d mc: %s\n",
+		 cli->dc->remote_machine, cli->dc->mach_acct, sec_chan_type, machine_name));
+
+        /* store the parameters */
+	init_q_srv_pwset2(&q, cli->dc->remote_machine, (const char *)cli->dc->sess_key,
+			  cli->dc->mach_acct, sec_chan_type, machine_name,
+			  &clnt_creds, clear_text_mach_pwd);
+
+	CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SRVPWSET2,
+		q, r,
+		qbuf, rbuf,
+		net_io_q_srv_pwset2,
+		net_io_r_srv_pwset2,
+		NT_STATUS_UNSUCCESSFUL);
+
+	result = r.status;
+
+	if (!NT_STATUS_IS_OK(result)) {
+		/* report error code */
+		DEBUG(0,("cli_net_srv_pwset2: %s\n", nt_errstr(result)));
+	}
+
+	/* Always check returned credentials. */
+	if (!creds_client_check(cli->dc, &r.srv_cred.challenge)) {
+		DEBUG(0,("rpccli_net_srv_pwset2: credentials chain check failed\n"));
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	return result;
+}
diff --git a/source/rpc_parse/parse_net.c b/source/rpc_parse/parse_net.c
index 693de2d584d..708f5ba0639 100644
--- a/source/rpc_parse/parse_net.c
+++ b/source/rpc_parse/parse_net.c
@@ -996,6 +996,86 @@ BOOL net_io_r_srv_pwset(const char *desc, NET_R_SRV_PWSET *r_s, prs_struct *ps,
 	return True;
 }
 
+/*******************************************************************
+ Inits a NET_Q_SRV_PWSET2.
+********************************************************************/
+
+void init_q_srv_pwset2(NET_Q_SRV_PWSET2 *q_s,
+		       const char *logon_srv,
+		       const char *sess_key,
+		       const char *acct_name,
+		       uint16 sec_chan,
+		       const char *comp_name,
+		       DOM_CRED *cred,
+		       const char *clear_text_mach_pwd)
+{
+	uint8_t password_buf[516];
+	NET_CRYPT_PWD new_password;
+
+	DEBUG(5,("init_q_srv_pwset2\n"));
+
+	/* Process the new password. */
+
+	encode_pw_buffer(password_buf, clear_text_mach_pwd, STR_UNICODE);
+
+	SamOEMhash(password_buf, (const unsigned char *)sess_key, 516);
+	memcpy(new_password.data, password_buf, 512);
+	new_password.length = IVAL(password_buf, 512);
+
+	init_clnt_info(&q_s->clnt_id, logon_srv, acct_name, sec_chan, comp_name, cred);
+
+	memcpy(&q_s->pwd, &new_password, sizeof(q_s->pwd));
+}
+
+/*******************************************************************
+ Reads or writes a structure.
+********************************************************************/
+
+BOOL net_io_q_srv_pwset2(const char *desc, NET_Q_SRV_PWSET2 *q_s, prs_struct *ps, int depth)
+{
+	if (q_s == NULL)
+		return False;
+
+	prs_debug(ps, depth, desc, "net_io_q_srv_pwset2");
+	depth++;
+
+	if(!prs_align(ps))
+		return False;
+
+	if(!smb_io_clnt_info("", &q_s->clnt_id, ps, depth)) /* client identification/authentication info */
+		return False;
+	if(!prs_uint8s(False, "pwd.data", ps, depth, q_s->pwd.data, 516)) /* new password - undocumented */
+		return False;
+	if(!prs_uint32("pwd.length", ps, depth, &q_s->pwd.length)) /* new password - undocumented */
+		return False;
+
+	return True;
+}
+
+/*******************************************************************
+ Reads or writes a structure.
+********************************************************************/
+
+BOOL net_io_r_srv_pwset2(const char *desc, NET_R_SRV_PWSET2 *r_s, prs_struct *ps, int depth)
+{
+	if (r_s == NULL)
+		return False;
+
+	prs_debug(ps, depth, desc, "net_io_r_srv_pwset2");
+	depth++;
+
+	if(!prs_align(ps))
+		return False;
+
+	if(!smb_io_cred("", &r_s->srv_cred, ps, depth)) /* server challenge */
+		return False;
+
+	if(!prs_ntstatus("status", ps, depth, &r_s->status))
+		return False;
+
+	return True;
+}
+
 /*************************************************************************
  Init DOM_SID2 array from a string containing multiple sids
  *************************************************************************/