search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libcli/smb: add helpers to parse client/server smb3 encryption algorithms into struct...
[Samba.git] / source3 / libnet / libnet_join_offline.c
blob58d941e823068abfed6c366f929e26bf96af9bdf
1 /*
2 * Unix SMB/CIFS implementation.
3 * libnet Join offline support
4 * Copyright (C) Guenther Deschner 2021
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "librpc/gen_ndr/ndr_libnet_join.h"
22 #include "../librpc/gen_ndr/ndr_ODJ.h"
23 #include "libnet/libnet_join_offline.h"
24 #include "libcli/security/dom_sid.h"
25 #include "rpc_client/util_netlogon.h"
26
27 static WERROR libnet_odj_compose_ODJ_WIN7BLOB(TALLOC_CTX *mem_ctx,
28 const struct libnet_JoinCtx *r,
29 struct ODJ_WIN7BLOB *b)
30 {
31 char *samaccount;
32 uint32_t len;
33 struct ODJ_POLICY_DNS_DOMAIN_INFO i;
34
35 ZERO_STRUCTP(b);
36
37 b->lpDomain = talloc_strdup(mem_ctx, r->out.dns_domain_name);
38 if (b->lpDomain == NULL) {
39 return WERR_NOT_ENOUGH_MEMORY;
40 }
41
42 samaccount = talloc_strdup(mem_ctx, r->out.account_name);
43 if (samaccount == NULL) {
44 return WERR_NOT_ENOUGH_MEMORY;
45 }
46 len = strlen(samaccount);
47 if (samaccount[len-1] == '$') {
48 samaccount[len-1] = '\0';
49 }
50 b->lpMachineName = samaccount;
51
52 b->lpMachinePassword = talloc_strdup(mem_ctx, r->in.machine_password);
53 if (b->lpMachinePassword == NULL) {
54 return WERR_NOT_ENOUGH_MEMORY;
55 }
56
57 /* fill up ODJ_POLICY_DNS_DOMAIN_INFO */
58
59 i.Name.string = talloc_strdup(mem_ctx, r->out.netbios_domain_name);
60 if (i.Name.string == NULL) {
61 return WERR_NOT_ENOUGH_MEMORY;
62 }
63
64 i.DnsDomainName.string = talloc_strdup(mem_ctx, r->out.dns_domain_name);
65 if (i.DnsDomainName.string == NULL) {
66 return WERR_NOT_ENOUGH_MEMORY;
67 }
68
69 i.DnsForestName.string = talloc_strdup(mem_ctx, r->out.forest_name);
70 if (i.DnsForestName.string == NULL) {
71 return WERR_NOT_ENOUGH_MEMORY;
72 }
73
74 i.DomainGuid = r->out.domain_guid;
75 i.Sid = dom_sid_dup(mem_ctx, r->out.domain_sid);
76 if (i.Sid == NULL) {
77 return WERR_NOT_ENOUGH_MEMORY;
78 }
79
80 b->DnsDomainInfo = i;
81
82 if (r->out.dcinfo) {
83 struct netr_DsRGetDCNameInfo *p;
84
85 p = talloc_steal(mem_ctx, r->out.dcinfo);
86 if (p == NULL) {
87 return WERR_NOT_ENOUGH_MEMORY;
88 }
89
90 b->DcInfo = *p;
91 }
92
93 /*
94 * According to
95 * https://docs.microsoft.com/en-us/windows/win32/netmgmt/odj-odj_win7blob
96 * it should be 0 but Windows 2019 always sets 6 - gd.
97 */
98 b->Options = 6;
99
100 return WERR_OK;
101 }
102
103 static WERROR libnet_odj_compose_OP_JOINPROV2_PART(TALLOC_CTX *mem_ctx,
104 const struct libnet_JoinCtx *r,
105 struct OP_JOINPROV2_PART **p)
106 {
107 struct OP_JOINPROV2_PART *b;
108
109 b = talloc_zero(mem_ctx, struct OP_JOINPROV2_PART);
110 if (b == NULL) {
111 return WERR_NOT_ENOUGH_MEMORY;
112 }
113
114 /* TODO */
115
116 *p = b;
117
118 return WERR_INVALID_LEVEL;
119 }
120
121 static WERROR libnet_odj_compose_OP_JOINPROV3_PART(TALLOC_CTX *mem_ctx,
122 const struct libnet_JoinCtx *r,
123 struct OP_JOINPROV3_PART **p)
124 {
125 struct OP_JOINPROV3_PART *b;
126 struct dom_sid *sid;
127
128 b = talloc_zero(mem_ctx, struct OP_JOINPROV3_PART);
129 if (b == NULL) {
130 return WERR_NOT_ENOUGH_MEMORY;
131 }
132
133 b->Rid = r->out.account_rid;
134 sid = dom_sid_add_rid(mem_ctx, r->out.domain_sid, r->out.account_rid);
135 if (sid == NULL) {
136 return WERR_NOT_ENOUGH_MEMORY;
137 }
138
139 b->lpSid = dom_sid_string(mem_ctx, sid);
140 if (b->lpSid == NULL) {
141 return WERR_NOT_ENOUGH_MEMORY;
142 }
143
144 *p = b;
145
146 return WERR_OK;
147 }
148
149 static WERROR libnet_odj_compose_OP_PACKAGE_PART(TALLOC_CTX *mem_ctx,
150 const struct libnet_JoinCtx *r,
151 const struct ODJ_WIN7BLOB *win7,
152 const char *join_provider_guid,
153 uint32_t flags,
154 struct OP_PACKAGE_PART *p)
155 {
156 struct GUID guid;
157 uint32_t level;
158 WERROR werr;
159
160 if (!NT_STATUS_IS_OK(GUID_from_string(join_provider_guid, &guid))) {
161 return WERR_NOT_ENOUGH_MEMORY;
162 }
163
164 level = odj_switch_level_from_guid(&guid);
165
166 p->PartType = guid;
167 p->ulFlags = flags;
168 p->part_len = 0; /* autogenerated */
169 p->Part = talloc_zero(mem_ctx, union OP_PACKAGE_PART_u);
170 if (p->Part == NULL) {
171 return WERR_NOT_ENOUGH_MEMORY;
172 }
173
174 switch (level) {
175 case 1: /* ODJ_GUID_JOIN_PROVIDER */
176 p->Part->win7blob = *win7;
177 break;
178 case 2: /* ODJ_GUID_JOIN_PROVIDER2 */
179 werr = libnet_odj_compose_OP_JOINPROV2_PART(mem_ctx, r,
180 &p->Part->join_prov2.p);
181 if (!W_ERROR_IS_OK(werr)) {
182 return werr;
183 }
184 break;
185 case 3: /* ODJ_GUID_JOIN_PROVIDER3 */
186 werr = libnet_odj_compose_OP_JOINPROV3_PART(mem_ctx, r,
187 &p->Part->join_prov3.p);
188 if (!W_ERROR_IS_OK(werr)) {
189 return werr;
190 }
191 break;
192 default:
193 return WERR_INVALID_LEVEL;
194 }
195
196 return WERR_OK;
197 }
198
199 static WERROR libnet_odj_compose_OP_PACKAGE_PART_COLLECTION(TALLOC_CTX *mem_ctx,
200 const struct libnet_JoinCtx *r,
201 const struct ODJ_WIN7BLOB *win7,
202 struct OP_PACKAGE_PART_COLLECTION **pp)
203 {
204 WERROR werr;
205 struct OP_PACKAGE_PART_COLLECTION *p;
206
207 p = talloc_zero(mem_ctx, struct OP_PACKAGE_PART_COLLECTION);
208 if (p == NULL) {
209 return WERR_NOT_ENOUGH_MEMORY;
210 }
211
212 p->cParts = 2;
213 p->pParts = talloc_zero_array(p, struct OP_PACKAGE_PART, p->cParts);
214 if (p->pParts == NULL) {
215 talloc_free(p);
216 return WERR_NOT_ENOUGH_MEMORY;
217 }
218
219 werr = libnet_odj_compose_OP_PACKAGE_PART(p, r, win7,
220 ODJ_GUID_JOIN_PROVIDER,
221 OPSPI_PACKAGE_PART_ESSENTIAL,
222 &p->pParts[0]);
223 if (!W_ERROR_IS_OK(werr)) {
224 talloc_free(p);
225 return werr;
226 }
227
228 werr = libnet_odj_compose_OP_PACKAGE_PART(p, r, NULL,
229 ODJ_GUID_JOIN_PROVIDER3,
230 0,
231 &p->pParts[1]);
232 if (!W_ERROR_IS_OK(werr)) {
233 talloc_free(p);
234 return werr;
235 }
236
237 *pp = p;
238
239 return WERR_OK;
240 }
241
242 static WERROR libnet_odj_compose_OP_PACKAGE(TALLOC_CTX *mem_ctx,
243 const struct libnet_JoinCtx *r,
244 const struct ODJ_WIN7BLOB *win7,
245 struct OP_PACKAGE **pp)
246 {
247 WERROR werr;
248 struct OP_PACKAGE_PART_COLLECTION *c;
249 struct OP_PACKAGE *p;
250
251 p = talloc_zero(mem_ctx, struct OP_PACKAGE);
252 if (p == NULL) {
253 return WERR_NOT_ENOUGH_MEMORY;
254 }
255
256 werr = libnet_odj_compose_OP_PACKAGE_PART_COLLECTION(p, r, win7, &c);
257 if (!W_ERROR_IS_OK(werr)) {
258 talloc_free(p);
259 return werr;
260 }
261
262 p->EncryptionType = GUID_zero();
263
264 p->WrappedPartCollection.cbBlob = 0; /* autogenerated */
265 p->WrappedPartCollection.w = talloc_zero(p,
266 struct OP_PACKAGE_PART_COLLECTION_serialized_ptr);
267 if (p->WrappedPartCollection.w == NULL) {
268 talloc_free(p);
269 return WERR_NOT_ENOUGH_MEMORY;
270 }
271
272 p->WrappedPartCollection.w->s.p = c;
273
274 *pp = p;
275
276 return WERR_OK;
277 }
278
279 WERROR libnet_odj_compose_ODJ_PROVISION_DATA(TALLOC_CTX *mem_ctx,
280 const struct libnet_JoinCtx *r,
281 struct ODJ_PROVISION_DATA **b_p)
282 {
283 WERROR werr;
284 struct ODJ_PROVISION_DATA *b;
285 struct ODJ_WIN7BLOB win7;
286 struct OP_PACKAGE *package;
287
288 b = talloc_zero(mem_ctx, struct ODJ_PROVISION_DATA);
289 if (b == NULL) {
290 return WERR_NOT_ENOUGH_MEMORY;
291 }
292
293 b->ulVersion = 1;
294 b->ulcBlobs = 2;
295 b->pBlobs = talloc_zero_array(b, struct ODJ_BLOB, b->ulcBlobs);
296 if (b->pBlobs == NULL) {
297 talloc_free(b);
298 return WERR_NOT_ENOUGH_MEMORY;
299 }
300
301 werr = libnet_odj_compose_ODJ_WIN7BLOB(b, r, &win7);
302 if (!W_ERROR_IS_OK(werr)) {
303 talloc_free(b);
304 return werr;
305 }
306
307 werr = libnet_odj_compose_OP_PACKAGE(b, r, &win7, &package);
308 if (!W_ERROR_IS_OK(werr)) {
309 talloc_free(b);
310 return werr;
311 }
312
313 b->pBlobs[0].ulODJFormat = ODJ_WIN7_FORMAT;
314 b->pBlobs[0].cbBlob = 0; /* autogenerated */
315 b->pBlobs[0].pBlob = talloc_zero(b, union ODJ_BLOB_u);
316 if (b->pBlobs[0].pBlob == NULL) {
317 talloc_free(b);
318 return WERR_NOT_ENOUGH_MEMORY;
319 }
320 b->pBlobs[0].pBlob->odj_win7blob = win7;
321
322 b->pBlobs[1].ulODJFormat = ODJ_WIN8_FORMAT;
323 b->pBlobs[1].cbBlob = 0; /* autogenerated */
324 b->pBlobs[1].pBlob = talloc_zero(b, union ODJ_BLOB_u);
325 if (b->pBlobs[1].pBlob == NULL) {
326 talloc_free(b);
327 return WERR_NOT_ENOUGH_MEMORY;
328 }
329 b->pBlobs[1].pBlob->op_package.p = package;
330
331 *b_p = b;
332
333 return WERR_OK;
334 }
335
336 WERROR libnet_odj_find_win7blob(const struct ODJ_PROVISION_DATA *r,
337 struct ODJ_WIN7BLOB *win7blob)
338 {
339 int i;
340
341 if (r == NULL) {
342 return WERR_INVALID_PARAMETER;
343 }
344
345 for (i = 0; i < r->ulcBlobs; i++) {
346
347 struct ODJ_BLOB b = r->pBlobs[i];
348
349 switch (b.ulODJFormat) {
350 case ODJ_WIN7_FORMAT:
351 *win7blob = b.pBlob->odj_win7blob;
352 return WERR_OK;
353
354 case ODJ_WIN8_FORMAT: {
355 NTSTATUS status;
356 struct OP_PACKAGE_PART_COLLECTION *col;
357 struct GUID guid;
358 int k;
359
360 if (b.pBlob->op_package.p->WrappedPartCollection.w == NULL) {
361 return WERR_BAD_FORMAT;
362 }
363
364 col = b.pBlob->op_package.p->WrappedPartCollection.w->s.p;
365
366 status = GUID_from_string(ODJ_GUID_JOIN_PROVIDER, &guid);
367 if (!NT_STATUS_IS_OK(status)) {
368 return WERR_NOT_ENOUGH_MEMORY;
369 }
370
371 for (k = 0; k < col->cParts; k++) {
372 if (GUID_equal(&guid, &col->pParts[k].PartType)) {
373 *win7blob = col->pParts[k].Part->win7blob;
374 return WERR_OK;
375 }
376 }
377 break;
378 }
379 default:
380 return WERR_BAD_FORMAT;
381 }
382 }
383
384 return WERR_BAD_FORMAT;
385 }
386
387
388 WERROR libnet_odj_find_joinprov3(const struct ODJ_PROVISION_DATA *r,
389 struct OP_JOINPROV3_PART *joinprov3)
390 {
391 int i;
392
393 if (r == NULL) {
394 return WERR_INVALID_PARAMETER;
395 }
396
397 for (i = 0; i < r->ulcBlobs; i++) {
398
399 struct ODJ_BLOB b = r->pBlobs[i];
400
401 switch (b.ulODJFormat) {
402 case ODJ_WIN7_FORMAT:
403 continue;
404
405 case ODJ_WIN8_FORMAT: {
406 NTSTATUS status;
407 struct OP_PACKAGE_PART_COLLECTION *col;
408 struct GUID guid;
409 int k;
410
411 if (b.pBlob->op_package.p->WrappedPartCollection.w == NULL) {
412 return WERR_BAD_FORMAT;
413 }
414
415 col = b.pBlob->op_package.p->WrappedPartCollection.w->s.p;
416
417 status = GUID_from_string(ODJ_GUID_JOIN_PROVIDER3, &guid);
418 if (!NT_STATUS_IS_OK(status)) {
419 return WERR_NOT_ENOUGH_MEMORY;
420 }
421
422 for (k = 0; k < col->cParts; k++) {
423 if (GUID_equal(&guid, &col->pParts[k].PartType)) {
424 *joinprov3 = *col->pParts[k].Part->join_prov3.p;
425 return WERR_OK;
426 }
427 }
428 break;
429 }
430 default:
431 return WERR_BAD_FORMAT;
432 }
433 }
434
435 return WERR_BAD_FORMAT;
436 }
Samba GIT mirror