2 Unix SMB/Netbios implementation.
4 Main SMB server routines
5 Copyright (C) Andrew Tridgell 1992-2000
6 Copyright (C) Luke Kenneth Casson Leighton 1996-2000
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpc_client.h"
29 pstring servicesf
= CONFIGFILE
;
30 extern pstring debugf
;
31 extern BOOL append_log
;
32 extern int DEBUGLEVEL
;
34 /*****************************************************************************
35 initialise srv_auth_fns array
36 *****************************************************************************/
37 static void auth_init(rpcsrv_struct
* l
)
41 static void service_init(char *service_name
)
43 add_msrpc_command_processor(pipe_name
, service_name
, api_ntlsa_rpc
);
45 if (!pwdb_initialise(True
))
50 if (!secret_init_db())
56 /****************************************************************************
57 reload the services file
58 **************************************************************************/
59 static void update_trust_account(void)
61 BOOL trust_pwd_needs_changing
= False
;
64 uint32 s2
= NT_STATUS_NOPROBLEMO
;
65 uint32 s1
= NT_STATUS_NOPROBLEMO
;
66 uint32 s
= NT_STATUS_NOPROBLEMO
;
73 char *name
= "$MACHINE.ACC";
74 extern fstring global_myworkgroup
;
77 uchar user_sess_key
[16];
79 make_unistr2(&uni_sec_name
, name
, strlen(name
));
81 s
= _lsa_open_policy2(NULL
, &lsa_pol
, NULL
,
82 SEC_RIGHTS_MAXIMUM_ALLOWED
);
84 if (s
== NT_STATUS_NOPROBLEMO
)
86 s1
= _lsa_open_secret(&lsa_pol
, &uni_sec_name
,
87 SEC_RIGHTS_MAXIMUM_ALLOWED
, &pol_sec
);
91 DEBUG(0, ("_lsa_open_policy2 failed with 0x%x\n", s
));
95 if (s1
== NT_STATUS_NOPROBLEMO
)
97 if (!pol_get_usr_sesskey(get_global_hnd_cache(), &pol_sec
,
100 s2
= NT_STATUS_INVALID_HANDLE
;
105 DEBUG(0, ("_lsa_open_secret failed with 0x%x\n", s1
));
106 _lsa_close(&lsa_pol
);
110 if (s2
== NT_STATUS_NOPROBLEMO
)
112 s2
= _lsa_query_secret(&pol_sec
, &encsec
, &ntlct
, NULL
, NULL
);
114 if (s2
== NT_STATUS_NOPROBLEMO
)
116 if (!nt_decrypt_string2(&secret
, &encsec
, user_sess_key
))
118 s2
= NT_STATUS_INVALID_PARAMETER
;
121 if (s2
== NT_STATUS_NOPROBLEMO
)
123 if (secret_to_nt_owf(old_trust
, &secret
))
125 dump_data_pw("$MACHINE.ACC-hashed:", old_trust
, 16);
129 DEBUG(0,("old secret to OWF: failed\n"));
133 cur_time
= time(NULL
);
134 sec_time
= nt_time_to_unix(&ntlct
);
138 DEBUG(100, ("secret time: %s\n", http_timestring(sec_time
)));
139 DEBUG(100, ("current time: %s\n", http_timestring(cur_time
)));
142 if (s2
== NT_STATUS_NOPROBLEMO
143 && cur_time
> sec_time
+ lp_machine_password_timeout())
145 DEBUG(1, ("$MACHINE.ACC password being updated.\n"));
146 trust_pwd_needs_changing
= True
;
149 if (trust_pwd_needs_changing
)
151 unsigned char trust_passwd
[16];
152 unsigned char trust_passwd_hash
[16];
156 res2
= get_any_dc_name(global_myworkgroup
, srv_name
);
158 generate_random_buffer(trust_passwd
, 16, True
);
159 secret_store_data(&secret
, trust_passwd
, 16);
161 res2
= res2
? secret_to_nt_owf(trust_passwd_hash
, &secret
) :
164 res2
= res2
? nt_encrypt_string2(&encsec
, &secret
,
165 user_sess_key
) : False
;
167 if (!strequal("\\\\.", srv_name
))
170 modify_trust_password(global_myworkgroup
,
173 SEC_CHAN_WKSTA
) : False
;
178 s2
= _lsa_set_secret(&pol_sec
, &encsec
, 0x0);
180 if (s2
!= NT_STATUS_NOPROBLEMO
)
182 DEBUG(0, ("$MACHINE.ACC password update FAILED\n"));
186 if (s1
== NT_STATUS_NOPROBLEMO
)
188 _lsa_close(&pol_sec
);
190 if (s
== NT_STATUS_NOPROBLEMO
)
192 _lsa_close(&lsa_pol
);
194 DEBUG(10,("update_trust_account: %d\n", __LINE__
));
197 /****************************************************************************
198 reload the services file
199 **************************************************************************/
200 static BOOL
reload_msrpc(BOOL test
)
207 pstrcpy(fname
, lp_configfile());
208 if (file_exist(fname
, NULL
) && !strcsequal(fname
, servicesf
))
210 pstrcpy(servicesf
, fname
);
217 if (test
&& !lp_file_list_changed())
222 ret
= lp_load(servicesf
, False
, False
, True
);
224 /* perhaps the config filename is now set */
235 /****************************************************************************
237 ****************************************************************************/
238 static int main_init(int argc
, char *argv
[])
240 #ifdef HAVE_SET_AUTH_PARAMETERS
241 set_auth_parameters(argc
, argv
);
245 /* needed for SecureWare on SCO */
253 fstrcpy(pipe_name
, "lsarpc");
254 setup_logging(argv
[0], False
);
255 slprintf(debugf
, sizeof(debugf
), "%s/log.%s", LOGFILEBASE
, pipe_name
);
260 static msrpc_service_fns fn_table
= {
268 msrpc_service_fns
*get_service_fns(void)