Changeset 228 for branches/samba-3.2.x/source/libnet/libnet_join.c
- Timestamp:
- May 26, 2009, 9:44:50 AM (16 years ago)
- File:
-
- 1 edited
-
branches/samba-3.2.x/source/libnet/libnet_join.c (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
branches/samba-3.2.x/source/libnet/libnet_join.c
r141 r228 358 358 spn_array[0] = spn; 359 359 360 if (name_to_fqdn(my_fqdn, r->in.machine_name) && 361 !strequal(my_fqdn, r->in.machine_name)) { 362 363 strlower_m(my_fqdn); 360 if (!name_to_fqdn(my_fqdn, r->in.machine_name) 361 || (strchr(my_fqdn, '.') == NULL)) { 362 fstr_sprintf(my_fqdn, "%s.%s", r->in.machine_name, 363 r->out.dns_domain_name); 364 } 365 366 strlower_m(my_fqdn); 367 368 if (!strequal(my_fqdn, r->in.machine_name)) { 364 369 spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn); 365 370 if (!spn) { … … 730 735 uint32_t user_rid; 731 736 uint32_t acct_flags = ACB_WSTRUST; 732 uchar pwbuf[532];733 struct MD5Context md5ctx;734 uchar md5buffer[16];735 DATA_BLOB digested_session_key;736 uchar md4_trust_password[16];737 737 struct samr_Ids user_rids; 738 738 struct samr_Ids name_types; 739 739 union samr_UserInfo user_info; 740 741 struct samr_CryptPassword crypt_pwd; 742 struct samr_CryptPasswordEx crypt_pwd_ex; 740 743 741 744 ZERO_STRUCT(sam_pol); … … 866 869 } 867 870 868 /* Create a random machine account password and generate the hash */869 870 E_md4hash(r->in.machine_password, md4_trust_password);871 encode_pw_buffer(pwbuf, r->in.machine_password, STR_UNICODE);872 873 generate_random_buffer((uint8_t*)md5buffer, sizeof(md5buffer));874 digested_session_key = data_blob_talloc(mem_ctx, 0, 16);875 876 MD5Init(&md5ctx);877 MD5Update(&md5ctx, md5buffer, sizeof(md5buffer));878 MD5Update(&md5ctx, cli->user_session_key.data,879 cli->user_session_key.length);880 MD5Final(digested_session_key.data, &md5ctx);881 882 SamOEMhashBlob(pwbuf, sizeof(pwbuf), &digested_session_key);883 memcpy(&pwbuf[516], md5buffer, sizeof(md5buffer));884 885 871 /* Fill in the additional account flags now */ 886 872 … … 893 879 } 894 880 895 /* Set password and account flags on machine account */ 896 897 ZERO_STRUCT(user_info.info25); 898 899 user_info.info25.info.fields_present = ACCT_NT_PWD_SET | 900 ACCT_LM_PWD_SET | 901 SAMR_FIELD_ACCT_FLAGS; 902 903 user_info.info25.info.acct_flags = acct_flags; 904 memcpy(&user_info.info25.password.data, pwbuf, sizeof(pwbuf)); 881 /* Set account flags on machine account */ 882 ZERO_STRUCT(user_info.info16); 883 user_info.info16.acct_flags = acct_flags; 905 884 906 885 status = rpccli_samr_SetUserInfo(pipe_hnd, mem_ctx, 907 886 &user_pol, 908 25,887 16, 909 888 &user_info); 910 889 890 if (!NT_STATUS_IS_OK(status)) { 891 892 rpccli_samr_DeleteUser(pipe_hnd, mem_ctx, 893 &user_pol); 894 895 libnet_join_set_error_string(mem_ctx, r, 896 "Failed to set account flags for machine account (%s)\n", 897 nt_errstr(status)); 898 goto done; 899 } 900 901 /* Set password on machine account - first try level 26 */ 902 903 init_samr_CryptPasswordEx(r->in.machine_password, 904 &cli->user_session_key, 905 &crypt_pwd_ex); 906 907 init_samr_user_info26(&user_info.info26, &crypt_pwd_ex, 908 PASS_DONT_CHANGE_AT_NEXT_LOGON); 909 910 status = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx, 911 &user_pol, 912 26, 913 &user_info); 914 911 915 if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) { 912 916 913 uchar pwbuf2[516];914 915 encode_pw_buffer(pwbuf2, r->in.machine_password, STR_UNICODE);916 917 917 /* retry with level 24 */ 918 init_samr_user_info24(&user_info.info24, pwbuf2, 24); 919 920 SamOEMhashBlob(user_info.info24.password.data, 516, 921 &cli->user_session_key); 918 919 init_samr_CryptPassword(r->in.machine_password, 920 &cli->user_session_key, 921 &crypt_pwd); 922 923 init_samr_user_info24(&user_info.info24, &crypt_pwd, 924 PASS_DONT_CHANGE_AT_NEXT_LOGON); 922 925 923 926 status = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
Note:
See TracChangeset
for help on using the changeset viewer.
