The branch, v3-6-test has been updated via a1f5754 s3-rpc_client: Added dcerpc_try_samr_connects. via 68afebf s3-rpc_client: Rename get_query_dispinfo_params. (cherry picked from commit 089c25cbbb44547bbb03d54ec4e2c1f5ebd10f86) via 7e6fcf8 s3-rpc_client: Added dcerpc_samr_chgpasswd_user3. (cherry picked from commit e6475f2151eb94b2e9010f9e0f4d3d8c2c315b81) via cf21b02 s3-rpc_client: Added dcerpc_samr_chng_pswd_auth_crap. (cherry picked from commit 200772653ae295b4c5142d943faf7a2c878121a9) via ab1ea9a s3-rpc_client: Added dcerpc_samr_chgpasswd_user2. (cherry picked from commit 3de564b9b6559690578ca649f8acf52d82bc592e) via 5bbabae s3-rpc_client: Added dcerpc_samr_chgpasswd_user. (cherry picked from commit 78c4f72c311fb23ab37ed892fe67b75421736803) via ef46a0f s3-rpc_client: Added header information to cli_samr.h. (cherry picked from commit 8b1ffc770c50b789ce923f585b20a74d9b42f2ee) via ba7dcd0 s3-rpc_client: Added header information to cli_lsarpc.h. (cherry picked from commit 1efa9b1cbd5576e1985a909afa43d24cc3fa2bb0) from 3f8b53e s3:printing: use dcerpc_spoolss_X() functions
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log ----------------------------------------------------------------- commit a1f5754ce6b33c80d73fdbf3408bd258a88bfb6a Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 12 15:51:49 2011 +0100 s3-rpc_client: Added dcerpc_try_samr_connects. Autobuild-User: Andreas Schneider <a...@samba.org> Autobuild-Date: Fri Jan 21 15:19:01 CET 2011 on sn-devel-104 (cherry picked from commit 5db115a3041faee7c924cf26c1635f6028ae7df8) commit 68afebf217797188fab785afc2d08d66ce073b93 Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 12 15:36:19 2011 +0100 s3-rpc_client: Rename get_query_dispinfo_params. (cherry picked from commit 089c25cbbb44547bbb03d54ec4e2c1f5ebd10f86) commit 7e6fcf81e2ef8c4bb1163dedbeb6b56913d2a6e3 Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 12 15:14:35 2011 +0100 s3-rpc_client: Added dcerpc_samr_chgpasswd_user3. (cherry picked from commit e6475f2151eb94b2e9010f9e0f4d3d8c2c315b81) commit cf21b02ee5f53351a6e8825f4841ed61e4d8c90b Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 12 09:04:19 2011 +0100 s3-rpc_client: Added dcerpc_samr_chng_pswd_auth_crap. (cherry picked from commit 200772653ae295b4c5142d943faf7a2c878121a9) commit ab1ea9ac59edf53f6baf9ad6519cba59915c6b7f Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 12 08:46:28 2011 +0100 s3-rpc_client: Added dcerpc_samr_chgpasswd_user2. (cherry picked from commit 3de564b9b6559690578ca649f8acf52d82bc592e) commit 5bbabae6f74b18c82d56c79606ae980a3e635e31 Author: Andreas Schneider <a...@samba.org> Date: Tue Jan 11 13:07:02 2011 +0100 s3-rpc_client: Added dcerpc_samr_chgpasswd_user. (cherry picked from commit 78c4f72c311fb23ab37ed892fe67b75421736803) commit ef46a0f61901983196ba74c0141639232a6c8128 Author: Andreas Schneider <a...@samba.org> Date: Tue Jan 11 12:56:44 2011 +0100 s3-rpc_client: Added header information to cli_samr.h. (cherry picked from commit 8b1ffc770c50b789ce923f585b20a74d9b42f2ee) commit ba7dcd0aab61d5937951e9a3c4c04a622cd98b62 Author: Andreas Schneider <a...@samba.org> Date: Tue Jan 11 12:56:08 2011 +0100 s3-rpc_client: Added header information to cli_lsarpc.h. (cherry picked from commit 1efa9b1cbd5576e1985a909afa43d24cc3fa2bb0) ----------------------------------------------------------------------- Summary of changes: source3/rpc_client/cli_lsarpc.h | 30 +++++ source3/rpc_client/cli_samr.c | 236 +++++++++++++++++++++++++++++++-------- source3/rpc_client/cli_samr.h | 197 ++++++++++++++++++++++++++++++++- source3/rpcclient/cmd_samr.c | 2 +- source3/utils/net_rpc.c | 4 +- source3/winbindd/winbindd_rpc.c | 6 +- 6 files changed, 422 insertions(+), 53 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_client/cli_lsarpc.h b/source3/rpc_client/cli_lsarpc.h index 26fcb75..a26193e 100644 --- a/source3/rpc_client/cli_lsarpc.h +++ b/source3/rpc_client/cli_lsarpc.h @@ -1,3 +1,32 @@ +/* + * Unix SMB/CIFS implementation. + * + * LSARPC client routines + * + * Copyright (c) 2000-2001 Tim Potter + * Copyright (c) 1992-2000 Andrew Tridgell + * Copyright (c) 2002 Rafal Szczesniak + * Copyright (c) 2005 Jeremy Allison + * Copyright (c) 2007 Michael Adam + * Copyright (c) 2008 Guenther Deschner + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef _CLI_LSARPC_H +#define _CLI_LSARPC_H + /* The following definitions come from rpc_client/cli_lsarpc.c */ /** @@ -178,3 +207,4 @@ NTSTATUS rpccli_lsa_lookup_names4(struct rpc_pipe_client *cli, bool fetch_domain_sid( char *domain, char *remote_machine, struct dom_sid *psid); +#endif /* _CLI_LSARPC_H */ diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c index 7f5e6fc..2716a74 100644 --- a/source3/rpc_client/cli_samr.c +++ b/source3/rpc_client/cli_samr.c @@ -30,13 +30,14 @@ /* User change password */ -NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, +NTSTATUS dcerpc_samr_chgpasswd_user(struct dcerpc_binding_handle *h, TALLOC_CTX *mem_ctx, struct policy_handle *user_handle, const char *newpassword, - const char *oldpassword) + const char *oldpassword, + NTSTATUS *presult) { - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + NTSTATUS status; struct samr_Password hash1, hash2, hash3, hash4, hash5, hash6; uchar old_nt_hash[16]; @@ -64,7 +65,8 @@ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, E_old_pw_hash(old_lm_hash, new_nt_hash, hash5.hash); E_old_pw_hash(old_nt_hash, new_lm_hash, hash6.hash); - result = rpccli_samr_ChangePasswordUser(cli, mem_ctx, + status = dcerpc_samr_ChangePasswordUser(h, + mem_ctx, user_handle, true, &hash1, @@ -75,35 +77,59 @@ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, true, &hash5, true, - &hash6); + &hash6, + presult); - return result; + return status; } +NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + struct policy_handle *user_handle, + const char *newpassword, + const char *oldpassword) +{ + NTSTATUS status; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + + status = dcerpc_samr_chgpasswd_user(cli->binding_handle, + mem_ctx, + user_handle, + newpassword, + oldpassword, + &result); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return result; +} /* User change password */ -NTSTATUS rpccli_samr_chgpasswd_user2(struct rpc_pipe_client *cli, +NTSTATUS dcerpc_samr_chgpasswd_user2(struct dcerpc_binding_handle *h, TALLOC_CTX *mem_ctx, + const char *srv_name_slash, const char *username, const char *newpassword, - const char *oldpassword) + const char *oldpassword, + NTSTATUS *presult) { - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + NTSTATUS status; struct samr_CryptPassword new_nt_password; struct samr_CryptPassword new_lm_password; struct samr_Password old_nt_hash_enc; struct samr_Password old_lanman_hash_enc; - uchar old_nt_hash[16]; - uchar old_lanman_hash[16]; - uchar new_nt_hash[16]; - uchar new_lanman_hash[16]; + uint8_t old_nt_hash[16]; + uint8_t old_lanman_hash[16]; + uint8_t new_nt_hash[16]; + uint8_t new_lanman_hash[16]; struct lsa_String server, account; DEBUG(10,("rpccli_samr_chgpasswd_user2\n")); - init_lsa_String(&server, cli->srv_name_slash); + init_lsa_String(&server, srv_name_slash); init_lsa_String(&account, username); /* Calculate the MD4 hash (NT compatible) of the password */ @@ -132,29 +158,56 @@ NTSTATUS rpccli_samr_chgpasswd_user2(struct rpc_pipe_client *cli, arcfour_crypt(new_nt_password.data, old_nt_hash, 516); E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash); - result = rpccli_samr_ChangePasswordUser2(cli, mem_ctx, + status = dcerpc_samr_ChangePasswordUser2(h, + mem_ctx, &server, &account, &new_nt_password, &old_nt_hash_enc, true, &new_lm_password, - &old_lanman_hash_enc); + &old_lanman_hash_enc, + presult); + + return status; +} + +NTSTATUS rpccli_samr_chgpasswd_user2(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *username, + const char *newpassword, + const char *oldpassword) +{ + NTSTATUS status; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + + status = dcerpc_samr_chgpasswd_user2(cli->binding_handle, + mem_ctx, + cli->srv_name_slash, + username, + newpassword, + oldpassword, + &result); + if (!NT_STATUS_IS_OK(status)) { + return status; + } return result; } /* User change password given blobs */ -NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli, +NTSTATUS dcerpc_samr_chng_pswd_auth_crap(struct dcerpc_binding_handle *h, TALLOC_CTX *mem_ctx, + const char *srv_name_slash, const char *username, DATA_BLOB new_nt_password_blob, DATA_BLOB old_nt_hash_enc_blob, DATA_BLOB new_lm_password_blob, - DATA_BLOB old_lm_hash_enc_blob) + DATA_BLOB old_lm_hash_enc_blob, + NTSTATUS *presult) { - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + NTSTATUS status; struct samr_CryptPassword new_nt_password; struct samr_CryptPassword new_lm_password; struct samr_Password old_nt_hash_enc; @@ -163,7 +216,7 @@ NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli, DEBUG(10,("rpccli_samr_chng_pswd_auth_crap\n")); - init_lsa_String(&server, cli->srv_name_slash); + init_lsa_String(&server, srv_name_slash); init_lsa_String(&account, username); if (new_nt_password_blob.length > 0) { @@ -190,27 +243,58 @@ NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli, ZERO_STRUCT(old_lm_hash_enc); } - result = rpccli_samr_ChangePasswordUser2(cli, mem_ctx, + status = dcerpc_samr_ChangePasswordUser2(h, + mem_ctx, &server, &account, &new_nt_password, &old_nt_hash_enc, true, &new_lm_password, - &old_lm_hash_enc); - return result; + &old_lm_hash_enc, + presult); + + return status; } +NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *username, + DATA_BLOB new_nt_password_blob, + DATA_BLOB old_nt_hash_enc_blob, + DATA_BLOB new_lm_password_blob, + DATA_BLOB old_lm_hash_enc_blob) +{ + NTSTATUS status; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + + status = dcerpc_samr_chng_pswd_auth_crap(cli->binding_handle, + mem_ctx, + cli->srv_name_slash, + username, + new_nt_password_blob, + old_nt_hash_enc_blob, + new_lm_password_blob, + old_lm_hash_enc_blob, + &result); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return result; +} /* change password 3 */ -NTSTATUS rpccli_samr_chgpasswd_user3(struct rpc_pipe_client *cli, +NTSTATUS dcerpc_samr_chgpasswd_user3(struct dcerpc_binding_handle *h, TALLOC_CTX *mem_ctx, + const char *srv_name_slash, const char *username, const char *newpassword, const char *oldpassword, struct samr_DomInfo1 **dominfo1, - struct userPwdChangeFailureInformation **reject) + struct userPwdChangeFailureInformation **reject, + NTSTATUS *presult) { NTSTATUS status; @@ -219,16 +303,16 @@ NTSTATUS rpccli_samr_chgpasswd_user3(struct rpc_pipe_client *cli, struct samr_Password old_nt_hash_enc; struct samr_Password old_lanman_hash_enc; - uchar old_nt_hash[16]; - uchar old_lanman_hash[16]; - uchar new_nt_hash[16]; - uchar new_lanman_hash[16]; + uint8_t old_nt_hash[16]; + uint8_t old_lanman_hash[16]; + uint8_t new_nt_hash[16]; + uint8_t new_lanman_hash[16]; struct lsa_String server, account; DEBUG(10,("rpccli_samr_chgpasswd_user3\n")); - init_lsa_String(&server, cli->srv_name_slash); + init_lsa_String(&server, srv_name_slash); init_lsa_String(&account, username); /* Calculate the MD4 hash (NT compatible) of the password */ @@ -257,7 +341,8 @@ NTSTATUS rpccli_samr_chgpasswd_user3(struct rpc_pipe_client *cli, arcfour_crypt(new_nt_password.data, old_nt_hash, 516); E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash); - status = rpccli_samr_ChangePasswordUser3(cli, mem_ctx, + status = dcerpc_samr_ChangePasswordUser3(h, + mem_ctx, &server, &account, &new_nt_password, @@ -267,17 +352,47 @@ NTSTATUS rpccli_samr_chgpasswd_user3(struct rpc_pipe_client *cli, &old_lanman_hash_enc, NULL, dominfo1, - reject); + reject, + presult); + return status; } +NTSTATUS rpccli_samr_chgpasswd_user3(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *username, + const char *newpassword, + const char *oldpassword, + struct samr_DomInfo1 **dominfo1, + struct userPwdChangeFailureInformation **reject) +{ + NTSTATUS status; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + + status = dcerpc_samr_chgpasswd_user3(cli->binding_handle, + mem_ctx, + cli->srv_name_slash, + username, + newpassword, + oldpassword, + dominfo1, + reject, + &result); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return result; +} + /* This function returns the bizzare set of (max_entries, max_size) required for the QueryDisplayInfo RPC to actually work against a domain controller with large (10k and higher) numbers of users. These values were obtained by inspection using ethereal and NT4 running User Manager. */ -void get_query_dispinfo_params(int loop_count, uint32 *max_entries, - uint32 *max_size) +void dcerpc_get_query_dispinfo_params(int loop_count, + uint32_t *max_entries, + uint32_t *max_size) { switch(loop_count) { case 0: @@ -303,10 +418,12 @@ void get_query_dispinfo_params(int loop_count, uint32 *max_entries, } } -NTSTATUS rpccli_try_samr_connects(struct rpc_pipe_client *cli, +NTSTATUS dcerpc_try_samr_connects(struct dcerpc_binding_handle *h, TALLOC_CTX *mem_ctx, + const char *srv_name_slash, uint32_t access_mask, - struct policy_handle *connect_pol) + struct policy_handle *connect_pol, + NTSTATUS *presult) { NTSTATUS status; union samr_ConnectInfo info_in, info_out; @@ -318,31 +435,60 @@ NTSTATUS rpccli_try_samr_connects(struct rpc_pipe_client *cli, info1.client_version = SAMR_CONNECT_W2K; info_in.info1 = info1; - status = rpccli_samr_Connect5(cli, mem_ctx, - cli->srv_name_slash, + status = dcerpc_samr_Connect5(h, + mem_ctx, + srv_name_slash, access_mask, 1, &info_in, &lvl_out, &info_out, - connect_pol); + connect_pol, + presult); if (NT_STATUS_IS_OK(status)) { return status; } - status = rpccli_samr_Connect4(cli, mem_ctx, - cli->srv_name_slash, + status = dcerpc_samr_Connect4(h, + mem_ctx, + srv_name_slash, SAMR_CONNECT_W2K, access_mask, - connect_pol); + connect_pol, + presult); if (NT_STATUS_IS_OK(status)) { return status; } - status = rpccli_samr_Connect2(cli, mem_ctx, - cli->srv_name_slash, + status = dcerpc_samr_Connect2(h, + mem_ctx, + srv_name_slash, access_mask, - connect_pol); + connect_pol, + presult); + return status; } +NTSTATUS rpccli_try_samr_connects(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + uint32_t access_mask, + struct policy_handle *connect_pol) +{ + NTSTATUS status; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + + status = dcerpc_try_samr_connects(cli->binding_handle, + mem_ctx, + cli->srv_name_slash, + access_mask, + connect_pol, + &result); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return result; +} + +/* vim: set ts=8 sw=8 noet cindent: */ diff --git a/source3/rpc_client/cli_samr.h b/source3/rpc_client/cli_samr.h index da0be18..76993fb 100644 --- a/source3/rpc_client/cli_samr.h +++ b/source3/rpc_client/cli_samr.h @@ -1,15 +1,131 @@ +/* + * Unix SMB/CIFS implementation. + * + * SAMR client routines + * + * Copyright (c) 2000-2001 Tim Potter + * Copyright (c) 1992-2000 Andrew Tridgell + * Copyright (c) 2002 Rafal Szczesniak + * Copyright (c) 2005 Jeremy Allison + * Copyright (c) 2007 Michael Adam + * Copyright (c) 2008 Guenther Deschner + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef _CLI_SAMR_H +#define _CLI_SAMR_H + /* The following definitions come from rpc_client/cli_samr.c */ +/** + * @brief Change the password of a user. + * + * @param[in] h The dcerpc binding hanlde to use. + * + * @param[in] mem_ctx The memory context to use. + * + * @param[in] user_handle The password of the user to chang the handle + * + * @param[in] newpassword The new password to set. + * + * @param[in] oldpassword The old password for verification + * + * @param[out] presult A pointer for the NDR NTSTATUS error code. + * + * @return A corresponding NTSTATUS error code for the connection. + */ -- Samba Shared Repository