2 Unix SMB/CIFS implementation.
4 module to store/fetch session keys for the schannel server
6 Copyright (C) Andrew Tridgell 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "lib/events/events.h"
24 #include "lib/ldb/include/ldb.h"
25 #include "lib/ldb/include/ldb_errors.h"
26 #include "dsdb/samdb/samdb.h"
28 #include "util/util_ldb.h"
29 #include "libcli/auth/libcli_auth.h"
30 #include "auth/auth.h"
31 #include "param/param.h"
34 connect to the schannel ldb
36 struct ldb_context
*schannel_db_connect(TALLOC_CTX
*mem_ctx
, struct event_context
*ev_ctx
,
37 struct loadparm_context
*lp_ctx
)
40 struct ldb_context
*ldb
;
42 const char *init_ldif
=
44 "computerName: CASE_INSENSITIVE\n" \
45 "flatname: CASE_INSENSITIVE\n";
47 path
= smbd_tmp_path(mem_ctx
, lp_ctx
, "schannel.ldb");
52 existed
= file_exist(path
);
54 ldb
= ldb_wrap_connect(mem_ctx
, ev_ctx
, lp_ctx
, path
,
55 system_session(mem_ctx
, lp_ctx
),
56 NULL
, LDB_FLG_NOSYNC
, NULL
);
63 gendb_add_ldif(ldb
, init_ldif
);
70 remember an established session key for a netr server authentication
71 use a simple ldb structure
73 NTSTATUS
schannel_store_session_key_ldb(TALLOC_CTX
*mem_ctx
,
74 struct ldb_context
*ldb
,
75 struct creds_CredentialState
*creds
)
77 struct ldb_message
*msg
;
78 struct ldb_val val
, seed
, client_state
, server_state
;
83 f
= talloc_asprintf(mem_ctx
, "%u", (unsigned int)creds
->negotiate_flags
);
86 return NT_STATUS_NO_MEMORY
;
89 sct
= talloc_asprintf(mem_ctx
, "%u", (unsigned int)creds
->secure_channel_type
);
92 return NT_STATUS_NO_MEMORY
;
95 msg
= ldb_msg_new(ldb
);
97 return NT_STATUS_NO_MEMORY
;
100 msg
->dn
= ldb_dn_new_fmt(msg
, ldb
, "computerName=%s", creds
->computer_name
);
102 return NT_STATUS_NO_MEMORY
;
105 val
.data
= creds
->session_key
;
106 val
.length
= sizeof(creds
->session_key
);
108 seed
.data
= creds
->seed
.data
;
109 seed
.length
= sizeof(creds
->seed
.data
);
111 client_state
.data
= creds
->client
.data
;
112 client_state
.length
= sizeof(creds
->client
.data
);
113 server_state
.data
= creds
->server
.data
;
114 server_state
.length
= sizeof(creds
->server
.data
);
116 ldb_msg_add_string(msg
, "objectClass", "schannelState");
117 ldb_msg_add_value(msg
, "sessionKey", &val
, NULL
);
118 ldb_msg_add_value(msg
, "seed", &seed
, NULL
);
119 ldb_msg_add_value(msg
, "clientState", &client_state
, NULL
);
120 ldb_msg_add_value(msg
, "serverState", &server_state
, NULL
);
121 ldb_msg_add_string(msg
, "negotiateFlags", f
);
122 ldb_msg_add_string(msg
, "secureChannelType", sct
);
123 ldb_msg_add_string(msg
, "accountName", creds
->account_name
);
124 ldb_msg_add_string(msg
, "computerName", creds
->computer_name
);
125 ldb_msg_add_string(msg
, "flatname", creds
->domain
);
126 samdb_msg_add_dom_sid(ldb
, mem_ctx
, msg
, "objectSid", creds
->sid
);
128 ldb_delete(ldb
, msg
->dn
);
130 ret
= ldb_add(ldb
, msg
);
133 DEBUG(0,("Unable to add %s to session key db - %s\n",
134 ldb_dn_get_linearized(msg
->dn
), ldb_errstring(ldb
)));
135 return NT_STATUS_INTERNAL_DB_CORRUPTION
;
141 NTSTATUS
schannel_store_session_key(TALLOC_CTX
*mem_ctx
,
142 struct event_context
*ev_ctx
,
143 struct loadparm_context
*lp_ctx
,
144 struct creds_CredentialState
*creds
)
146 struct ldb_context
*ldb
;
150 ldb
= schannel_db_connect(mem_ctx
, ev_ctx
, lp_ctx
);
152 return NT_STATUS_ACCESS_DENIED
;
155 ret
= ldb_transaction_start(ldb
);
158 return NT_STATUS_INTERNAL_DB_CORRUPTION
;
161 nt_status
= schannel_store_session_key_ldb(mem_ctx
, ldb
, creds
);
163 if (NT_STATUS_IS_OK(nt_status
)) {
164 ret
= ldb_transaction_commit(ldb
);
166 ret
= ldb_transaction_cancel(ldb
);
170 DEBUG(0,("Unable to commit adding credentials for %s to schannel key db - %s\n",
171 creds
->computer_name
, ldb_errstring(ldb
)));
173 return NT_STATUS_INTERNAL_DB_CORRUPTION
;
181 read back a credentials back for a computer
183 NTSTATUS
schannel_fetch_session_key_ldb(TALLOC_CTX
*mem_ctx
,
184 struct ldb_context
*ldb
,
185 const char *computer_name
,
187 struct creds_CredentialState
**creds
)
189 struct ldb_result
*res
;
191 const struct ldb_val
*val
;
193 *creds
= talloc_zero(mem_ctx
, struct creds_CredentialState
);
195 return NT_STATUS_NO_MEMORY
;
198 ret
= ldb_search(ldb
, mem_ctx
, &res
,
199 NULL
, LDB_SCOPE_SUBTREE
, NULL
,
200 "(&(computerName=%s)(flatname=%s))", computer_name
, domain
);
201 if (ret
!= LDB_SUCCESS
) {
202 DEBUG(3,("schannel: Failed to find a record for client %s: %s\n", computer_name
, ldb_errstring(ldb
)));
203 return NT_STATUS_INVALID_HANDLE
;
205 if (res
->count
!= 1) {
206 DEBUG(3,("schannel: Failed to find a record for client: %s (found %d records)\n", computer_name
, res
->count
));
208 return NT_STATUS_INVALID_HANDLE
;
211 val
= ldb_msg_find_ldb_val(res
->msgs
[0], "sessionKey");
212 if (val
== NULL
|| val
->length
!= 16) {
213 DEBUG(1,("schannel: record in schannel DB must contain a sessionKey of length 16, when searching for client: %s\n", computer_name
));
215 return NT_STATUS_INTERNAL_ERROR
;
218 memcpy((*creds
)->session_key
, val
->data
, 16);
220 val
= ldb_msg_find_ldb_val(res
->msgs
[0], "seed");
221 if (val
== NULL
|| val
->length
!= 8) {
222 DEBUG(1,("schannel: record in schannel DB must contain a vaid seed of length 8, when searching for client: %s\n", computer_name
));
224 return NT_STATUS_INTERNAL_ERROR
;
227 memcpy((*creds
)->seed
.data
, val
->data
, 8);
229 val
= ldb_msg_find_ldb_val(res
->msgs
[0], "clientState");
230 if (val
== NULL
|| val
->length
!= 8) {
231 DEBUG(1,("schannel: record in schannel DB must contain a vaid clientState of length 8, when searching for client: %s\n", computer_name
));
233 return NT_STATUS_INTERNAL_ERROR
;
235 memcpy((*creds
)->client
.data
, val
->data
, 8);
237 val
= ldb_msg_find_ldb_val(res
->msgs
[0], "serverState");
238 if (val
== NULL
|| val
->length
!= 8) {
239 DEBUG(1,("schannel: record in schannel DB must contain a vaid serverState of length 8, when searching for client: %s\n", computer_name
));
241 return NT_STATUS_INTERNAL_ERROR
;
243 memcpy((*creds
)->server
.data
, val
->data
, 8);
245 (*creds
)->negotiate_flags
= ldb_msg_find_attr_as_int(res
->msgs
[0], "negotiateFlags", 0);
247 (*creds
)->secure_channel_type
= ldb_msg_find_attr_as_int(res
->msgs
[0], "secureChannelType", 0);
249 (*creds
)->account_name
= talloc_strdup(*creds
, ldb_msg_find_attr_as_string(res
->msgs
[0], "accountName", NULL
));
250 if ((*creds
)->account_name
== NULL
) {
252 return NT_STATUS_NO_MEMORY
;
255 (*creds
)->computer_name
= talloc_strdup(*creds
, ldb_msg_find_attr_as_string(res
->msgs
[0], "computerName", NULL
));
256 if ((*creds
)->computer_name
== NULL
) {
258 return NT_STATUS_NO_MEMORY
;
261 (*creds
)->domain
= talloc_strdup(*creds
, ldb_msg_find_attr_as_string(res
->msgs
[0], "flatname", NULL
));
262 if ((*creds
)->domain
== NULL
) {
264 return NT_STATUS_NO_MEMORY
;
267 (*creds
)->sid
= samdb_result_dom_sid(*creds
, res
->msgs
[0], "objectSid");
273 NTSTATUS
schannel_fetch_session_key(TALLOC_CTX
*mem_ctx
,
274 struct event_context
*ev_ctx
,
275 struct loadparm_context
*lp_ctx
,
276 const char *computer_name
,
278 struct creds_CredentialState
**creds
)
281 struct ldb_context
*ldb
;
283 ldb
= schannel_db_connect(mem_ctx
, ev_ctx
, lp_ctx
);
285 return NT_STATUS_ACCESS_DENIED
;
288 nt_status
= schannel_fetch_session_key_ldb(mem_ctx
, ldb
,
289 computer_name
, domain
,