2025-03-08 04:58:40 +03:00 · 2007-02-12 13:34:04 +00:00 · 2007-02-12 13:34:04 +00:00 · eee140d7da
commit eee140d7da
parent f851eb8dc6
5 changed files with 12 additions and 3 deletions
--- a/source4/libnet/libnet_samdump.c
+++ b/source4/libnet/libnet_samdump.c
@ -163,6 +163,7 @@ NTSTATUS libnet_SamDump(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct

 	r2.out.error_string            = NULL;
 	r2.in.binding_string           = r->in.binding_string;
+	r2.in.rid_crypt                = lp_parm_bool(-1, "vampire", "rid decrypt", True);
 	r2.in.init_fn                  = NULL;
 	r2.in.delta_fn                 = libnet_samdump_fn;
 	r2.in.fn_ctx                   = samdump_state;
--- a/source4/libnet/libnet_samdump_keytab.c
+++ b/source4/libnet/libnet_samdump_keytab.c
@ -100,6 +100,7 @@ NTSTATUS libnet_SamDump_keytab(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,

 	r2.out.error_string            = NULL;
 	r2.in.binding_string           = r->in.binding_string;
+	r2.in.rid_crypt                = true;
 	r2.in.init_fn                  = NULL;
 	r2.in.delta_fn                 = libnet_samdump_keytab_fn;
 	r2.in.fn_ctx                   = discard_const(r->in.keytab_name);
--- a/source4/libnet/libnet_samsync_ldb.c
+++ b/source4/libnet/libnet_samsync_ldb.c
@ -1215,6 +1215,7 @@ NTSTATUS libnet_samsync_ldb(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, str

 	r2.out.error_string    = NULL;
 	r2.in.binding_string   = r->in.binding_string;
+	r2.in.rid_crypt	       = true;
 	r2.in.init_fn          = libnet_samsync_ldb_init;
 	r2.in.delta_fn         = libnet_samsync_ldb_fn;
 	r2.in.fn_ctx           = state;
--- a/source4/libnet/libnet_vampire.c
+++ b/source4/libnet/libnet_vampire.c
@ -38,6 +38,7 @@
 */
 static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
 			 struct creds_CredentialState *creds,
+			 bool rid_crypt,
 			 enum netr_SamDatabaseID database,
 			 struct netr_DELTA_ENUM *delta,
 			 char **error_string) 
@ -50,7 +51,7 @@ static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
 	const char *username = user->account_name.string;
 	NTSTATUS nt_status;

-	if (lp_parm_bool(-1, "vampire", "rid_decrypt", True)) {
+	if (rid_crypt) {
 		if (user->lm_password_present) {
 			sam_rid_crypt(rid, user->lmpassword.hash, lm_hash.hash, 0);
 			user->lmpassword = lm_hash;
@ -74,7 +75,7 @@ static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
 		nt_status = ndr_pull_struct_blob(&data, mem_ctx, &keys, (ndr_pull_flags_fn_t)ndr_pull_netr_USER_KEYS);
 		if (NT_STATUS_IS_OK(nt_status)) {
 			if (keys.keys.keys2.lmpassword.length == 16) {
-				if (lp_parm_bool(-1, "vampire", "rid decrypt", True)) {
+				if (rid_crypt) {
 					sam_rid_crypt(rid, keys.keys.keys2.lmpassword.pwd.hash, lm_hash.hash, 0);
 					user->lmpassword = lm_hash;
 				} else {
@ -83,7 +84,7 @@ static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
 				user->lm_password_present = True;
 			}
 			if (keys.keys.keys2.ntpassword.length == 16) {
-				if (lp_parm_bool(-1, "vampire", "rid decrypt", True)) {
+				if (rid_crypt) {
 					sam_rid_crypt(rid, keys.keys.keys2.ntpassword.pwd.hash, nt_hash.hash, 0);
 					user->ntpassword = nt_hash;
 				} else {
@ -91,6 +92,7 @@ static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
 				}
 				user->nt_password_present = True;
 			}
+			/* TODO: rid decrypt history fields */
 		} else {
 			*error_string = talloc_asprintf(mem_ctx, "Failed to parse Sensitive Data for %s:", username);
 			dump_data(10, data.data, data.length);
@ -128,6 +130,7 @@ static NTSTATUS fix_secret(TALLOC_CTX *mem_ctx,

 static NTSTATUS fix_delta(TALLOC_CTX *mem_ctx, 		
 			  struct creds_CredentialState *creds,
+			  bool rid_crypt,
 			  enum netr_SamDatabaseID database,
 			  struct netr_DELTA_ENUM *delta,
 			  char **error_string)
@ -139,6 +142,7 @@ static NTSTATUS fix_delta(TALLOC_CTX *mem_ctx,
 	{
 		nt_status = fix_user(mem_ctx, 
 				     creds,
+				     rid_crypt,
 				     database,
 				     delta,
 				     error_string);
@ -354,6 +358,7 @@ NTSTATUS libnet_SamSync_netlogon(struct libnet_context *ctx, TALLOC_CTX *mem_ctx
 				 * de-obfuscating the data */
 				nt_status = fix_delta(delta_ctx, 
 						      creds, 
+						      r->in.rid_crypt,
 						      dbsync.in.database_id,
 						      &dbsync.out.delta_enum_array->delta_enum[d], 
 						      &error_string);
--- a/source4/libnet/libnet_vampire.h
+++ b/source4/libnet/libnet_vampire.h
@ -33,6 +33,7 @@ struct libnet_SamSync_state {
 struct libnet_SamSync {
 	struct {
 		const char *binding_string;
+		bool rid_crypt;
 		NTSTATUS (*init_fn)(TALLOC_CTX *mem_ctx, 		
 				    void *private,
 				    struct libnet_SamSync_state *samsync_state,