search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
winbindd: Update the calls to ws_name_XX() to reflect API changes.
[Samba.git] / source / libnet / libnet_samsync.c
blobdaf27ffb51c3279f0f7bcc96f7f7676b74fea77a
1 /*
2 Unix SMB/CIFS implementation.
3
4 Extract the user/system database from a remote SamSync server
5
6 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2005
7 Copyright (C) Guenther Deschner <gd@samba.org> 2008
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23
24 #include "includes.h"
25 #include "libnet/libnet.h"
26
27 /**
28 * Decrypt and extract the user's passwords.
29 *
30 * The writes decrypted (no longer 'RID encrypted' or arcfour encrypted)
31 * passwords back into the structure
32 */
33
34 static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
35 DATA_BLOB *session_key,
36 bool rid_crypt,
37 enum netr_SamDatabaseID database_id,
38 struct netr_DELTA_ENUM *delta)
39 {
40
41 uint32_t rid = delta->delta_id_union.rid;
42 struct netr_DELTA_USER *user = delta->delta_union.user;
43 struct samr_Password lm_hash;
44 struct samr_Password nt_hash;
45
46 if (rid_crypt) {
47 if (user->lm_password_present) {
48 sam_pwd_hash(rid, user->lmpassword.hash, lm_hash.hash, 0);
49 user->lmpassword = lm_hash;
50 }
51
52 if (user->nt_password_present) {
53 sam_pwd_hash(rid, user->ntpassword.hash, nt_hash.hash, 0);
54 user->ntpassword = nt_hash;
55 }
56 }
57
58 if (user->user_private_info.SensitiveData) {
59 DATA_BLOB data;
60 struct netr_USER_KEYS keys;
61 enum ndr_err_code ndr_err;
62 data.data = user->user_private_info.SensitiveData;
63 data.length = user->user_private_info.DataLength;
64 SamOEMhashBlob(data.data, data.length, session_key);
65 user->user_private_info.SensitiveData = data.data;
66 user->user_private_info.DataLength = data.length;
67
68 ndr_err = ndr_pull_struct_blob(&data, mem_ctx, &keys,
69 (ndr_pull_flags_fn_t)ndr_pull_netr_USER_KEYS);
70 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
71 dump_data(10, data.data, data.length);
72 return ndr_map_error2ntstatus(ndr_err);
73 }
74
75 if (keys.keys.keys2.lmpassword.length == 16) {
76 if (rid_crypt) {
77 sam_pwd_hash(rid,
78 keys.keys.keys2.lmpassword.pwd.hash,
79 lm_hash.hash, 0);
80 user->lmpassword = lm_hash;
81 } else {
82 user->lmpassword = keys.keys.keys2.lmpassword.pwd;
83 }
84 user->lm_password_present = true;
85 }
86 if (keys.keys.keys2.ntpassword.length == 16) {
87 if (rid_crypt) {
88 sam_pwd_hash(rid,
89 keys.keys.keys2.ntpassword.pwd.hash,
90 nt_hash.hash, 0);
91 user->ntpassword = nt_hash;
92 } else {
93 user->ntpassword = keys.keys.keys2.ntpassword.pwd;
94 }
95 user->nt_password_present = true;
96 }
97 /* TODO: rid decrypt history fields */
98 }
99 return NT_STATUS_OK;
100 }
101
102 /**
103 * Decrypt and extract the secrets
104 *
105 * The writes decrypted secrets back into the structure
106 */
107 static NTSTATUS fix_secret(TALLOC_CTX *mem_ctx,
108 DATA_BLOB *session_key,
109 enum netr_SamDatabaseID database_id,
110 struct netr_DELTA_ENUM *delta)
111 {
112 struct netr_DELTA_SECRET *secret = delta->delta_union.secret;
113
114 SamOEMhashBlob(secret->current_cipher.cipher_data,
115 secret->current_cipher.maxlen,
116 session_key);
117
118 SamOEMhashBlob(secret->old_cipher.cipher_data,
119 secret->old_cipher.maxlen,
120 session_key);
121
122 return NT_STATUS_OK;
123 }
124
125 /**
126 * Fix up the delta, dealing with encryption issues so that the final
127 * callback need only do the printing or application logic
128 */
129
130 static NTSTATUS samsync_fix_delta(TALLOC_CTX *mem_ctx,
131 DATA_BLOB *session_key,
132 bool rid_crypt,
133 enum netr_SamDatabaseID database_id,
134 struct netr_DELTA_ENUM *delta)
135 {
136 NTSTATUS status = NT_STATUS_OK;
137
138 switch (delta->delta_type) {
139 case NETR_DELTA_USER:
140
141 status = fix_user(mem_ctx,
142 session_key,
143 rid_crypt,
144 database_id,
145 delta);
146 break;
147 case NETR_DELTA_SECRET:
148
149 status = fix_secret(mem_ctx,
150 session_key,
151 database_id,
152 delta);
153 break;
154 default:
155 break;
156 }
157
158 return status;
159 }
160
161 /**
162 * Fix up the delta, dealing with encryption issues so that the final
163 * callback need only do the printing or application logic
164 */
165
166 static NTSTATUS samsync_fix_delta_array(TALLOC_CTX *mem_ctx,
167 DATA_BLOB *session_key,
168 bool rid_crypt,
169 enum netr_SamDatabaseID database_id,
170 struct netr_DELTA_ENUM_ARRAY *r)
171 {
172 NTSTATUS status;
173 int i;
174
175 for (i = 0; i < r->num_deltas; i++) {
176
177 status = samsync_fix_delta(mem_ctx,
178 session_key,
179 rid_crypt,
180 database_id,
181 &r->delta_enum[i]);
182 if (!NT_STATUS_IS_OK(status)) {
183 return status;
184 }
185 }
186
187 return NT_STATUS_OK;
188 }
189
190 /**
191 * libnet_samsync_init_context
192 */
193
194 NTSTATUS libnet_samsync_init_context(TALLOC_CTX *mem_ctx,
195 const struct dom_sid *domain_sid,
196 struct samsync_context **ctx_p)
197 {
198 struct samsync_context *ctx;
199
200 *ctx_p = NULL;
201
202 ctx = TALLOC_ZERO_P(mem_ctx, struct samsync_context);
203 NT_STATUS_HAVE_NO_MEMORY(ctx);
204
205 if (domain_sid) {
206 ctx->domain_sid = sid_dup_talloc(mem_ctx, domain_sid);
207 NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid);
208
209 ctx->domain_sid_str = sid_string_talloc(mem_ctx, ctx->domain_sid);
210 NT_STATUS_HAVE_NO_MEMORY(ctx->domain_sid_str);
211 }
212
213 *ctx_p = ctx;
214
215 return NT_STATUS_OK;
216 }
217
218 /**
219 * samsync_database_str
220 */
221
222 static const char *samsync_database_str(enum netr_SamDatabaseID database_id)
223 {
224
225 switch (database_id) {
226 case SAM_DATABASE_DOMAIN:
227 return "DOMAIN";
228 case SAM_DATABASE_BUILTIN:
229 return "BUILTIN";
230 case SAM_DATABASE_PRIVS:
231 return "PRIVS";
232 default:
233 return "unknown";
234 }
235 }
236
237 /**
238 * samsync_debug_str
239 */
240
241 static const char *samsync_debug_str(TALLOC_CTX *mem_ctx,
242 enum net_samsync_mode mode,
243 enum netr_SamDatabaseID database_id)
244 {
245 const char *action = NULL;
246
247 switch (mode) {
248 case NET_SAMSYNC_MODE_DUMP:
249 action = "Dumping (to stdout)";
250 break;
251 case NET_SAMSYNC_MODE_FETCH_PASSDB:
252 action = "Fetching (to passdb)";
253 break;
254 case NET_SAMSYNC_MODE_FETCH_LDIF:
255 action = "Fetching (to ldif)";
256 break;
257 case NET_SAMSYNC_MODE_FETCH_KEYTAB:
258 action = "Fetching (to keytab)";
259 break;
260 default:
261 action = "Unknown";
262 break;
263 }
264
265 return talloc_asprintf(mem_ctx, "%s %s database",
266 action, samsync_database_str(database_id));
267 }
268
269 /**
270 * libnet_samsync
271 */
272
273 NTSTATUS libnet_samsync(enum netr_SamDatabaseID database_id,
274 struct samsync_context *ctx)
275 {
276 NTSTATUS result;
277 TALLOC_CTX *mem_ctx;
278 const char *logon_server = ctx->cli->desthost;
279 const char *computername = global_myname();
280 struct netr_Authenticator credential;
281 struct netr_Authenticator return_authenticator;
282 uint16_t restart_state = 0;
283 uint32_t sync_context = 0;
284 const char *debug_str;
285 DATA_BLOB session_key;
286
287 ZERO_STRUCT(return_authenticator);
288
289 if (!(mem_ctx = talloc_init("libnet_samsync"))) {
290 return NT_STATUS_NO_MEMORY;
291 }
292
293 debug_str = samsync_debug_str(mem_ctx, ctx->mode, database_id);
294 if (debug_str) {
295 d_fprintf(stderr, "%s\n", debug_str);
296 }
297
298 do {
299 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
300 NTSTATUS callback_status;
301
302 netlogon_creds_client_step(ctx->cli->dc, &credential);
303
304 result = rpccli_netr_DatabaseSync2(ctx->cli, mem_ctx,
305 logon_server,
306 computername,
307 &credential,
308 &return_authenticator,
309 database_id,
310 restart_state,
311 &sync_context,
312 &delta_enum_array,
313 0xffff);
314 if (NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED)) {
315 return result;
316 }
317
318 /* Check returned credentials. */
319 if (!netlogon_creds_client_check(ctx->cli->dc,
320 &return_authenticator.cred)) {
321 DEBUG(0,("credentials chain check failed\n"));
322 return NT_STATUS_ACCESS_DENIED;
323 }
324
325 if (NT_STATUS_IS_ERR(result)) {
326 break;
327 }
328
329 session_key = data_blob_const(ctx->cli->dc->sess_key, 16);
330
331 samsync_fix_delta_array(mem_ctx,
332 &session_key,
333 false,
334 database_id,
335 delta_enum_array);
336
337 /* Process results */
338 callback_status = ctx->delta_fn(mem_ctx, database_id,
339 delta_enum_array,
340 NT_STATUS_IS_OK(result), ctx);
341 if (!NT_STATUS_IS_OK(callback_status)) {
342 result = callback_status;
343 goto out;
344 }
345
346 TALLOC_FREE(delta_enum_array);
347
348 /* Increment sync_context */
349 sync_context += 1;
350
351 } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
352
353 out:
354 if (NT_STATUS_IS_ERR(result) && !ctx->error_message) {
355
356 ctx->error_message = talloc_asprintf(ctx,
357 "Failed to fetch %s database: %s",
358 samsync_database_str(database_id),
359 nt_errstr(result));
360
361 if (NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED)) {
362
363 ctx->error_message =
364 talloc_asprintf_append(ctx->error_message,
365 "\nPerhaps %s is a Windows native mode domain?",
366 ctx->domain_name);
367 }
368 }
369
370 talloc_destroy(mem_ctx);
371
372 return result;
373 }
374
375 /**
376 * pull_netr_AcctLockStr
377 */
378
379 NTSTATUS pull_netr_AcctLockStr(TALLOC_CTX *mem_ctx,
380 struct lsa_BinaryString *r,
381 struct netr_AcctLockStr **str_p)
382 {
383 struct netr_AcctLockStr *str;
384 enum ndr_err_code ndr_err;
385 DATA_BLOB blob;
386
387 if (!mem_ctx || !r || !str_p) {
388 return NT_STATUS_INVALID_PARAMETER;
389 }
390
391 *str_p = NULL;
392
393 str = TALLOC_ZERO_P(mem_ctx, struct netr_AcctLockStr);
394 if (!str) {
395 return NT_STATUS_NO_MEMORY;
396 }
397
398 blob = data_blob_const(r->array, r->length);
399
400 ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, str,
401 (ndr_pull_flags_fn_t)ndr_pull_netr_AcctLockStr);
402
403 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
404 return ndr_map_error2ntstatus(ndr_err);
405 }
406
407 *str_p = str;
408
409 return NT_STATUS_OK;
410 }
411
Samba GIT mirror