/*
do a cldap netlogon query
*/
static int send_cldap_netlogon(int sock, const char *domain,
const char *hostname, unsigned ntversion)
{
ASN1_DATA data;
char ntver[4];
#ifdef CLDAP_USER_QUERY
char aac[4];
SIVAL(aac, 0, 0x00000180);
#endif
SIVAL(ntver, 0, ntversion);
memset(&data, 0, sizeof(data));
asn1_push_tag(&data,ASN1_SEQUENCE(0));
asn1_write_Integer(&data, 4);
asn1_push_tag(&data, ASN1_APPLICATION(3));
asn1_write_OctetString(&data, NULL, 0);
asn1_write_enumerated(&data, 0);
asn1_write_enumerated(&data, 0);
asn1_write_Integer(&data, 0);
asn1_write_Integer(&data, 0);
asn1_write_BOOLEAN2(&data, False);
asn1_push_tag(&data, ASN1_CONTEXT(0));
if (domain) {
asn1_push_tag(&data, ASN1_CONTEXT(3));
asn1_write_OctetString(&data, "DnsDomain", 9);
asn1_write_OctetString(&data, domain, strlen(domain));
asn1_pop_tag(&data);
}
asn1_push_tag(&data, ASN1_CONTEXT(3));
asn1_write_OctetString(&data, "Host", 4);
asn1_write_OctetString(&data, hostname, strlen(hostname));
asn1_pop_tag(&data);
#ifdef CLDAP_USER_QUERY
asn1_push_tag(&data, ASN1_CONTEXT(3));
asn1_write_OctetString(&data, "User", 4);
asn1_write_OctetString(&data, "SAMBA$", 6);
asn1_pop_tag(&data);
asn1_push_tag(&data, ASN1_CONTEXT(3));
asn1_write_OctetString(&data, "AAC", 4);
asn1_write_OctetString(&data, aac, 4);
asn1_pop_tag(&data);
#endif
asn1_push_tag(&data, ASN1_CONTEXT(3));
asn1_write_OctetString(&data, "NtVer", 5);
asn1_write_OctetString(&data, ntver, 4);
asn1_pop_tag(&data);
asn1_pop_tag(&data);
asn1_push_tag(&data,ASN1_SEQUENCE(0));
asn1_write_OctetString(&data, "NetLogon", 8);
asn1_pop_tag(&data);
asn1_pop_tag(&data);
asn1_pop_tag(&data);
if (data.has_error) {
DEBUG(2,("Failed to build cldap netlogon at offset %d\n", (int)data.ofs));
asn1_free(&data);
return -1;
}
if (write(sock, data.data, data.length) != (ssize_t)data.length) {
DEBUG(2,("failed to send cldap query (%s)\n", strerror(errno)));
asn1_free(&data);
return -1;
}
asn1_free(&data);
return 0;
}
static bool write_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenInit *token)
{
asn1_push_tag(asn1, ASN1_CONTEXT(0));
asn1_push_tag(asn1, ASN1_SEQUENCE(0));
/* Write mechTypes */
if (token->mechTypes && *token->mechTypes) {
int i;
asn1_push_tag(asn1, ASN1_CONTEXT(0));
asn1_push_tag(asn1, ASN1_SEQUENCE(0));
for (i = 0; token->mechTypes[i]; i++) {
asn1_write_OID(asn1, token->mechTypes[i]);
}
asn1_pop_tag(asn1);
asn1_pop_tag(asn1);
}
/* write reqFlags */
if (token->reqFlags & SPNEGO_REQ_FLAG) {
int flags = token->reqFlags & ~SPNEGO_REQ_FLAG;
asn1_push_tag(asn1, ASN1_CONTEXT(1));
asn1_write_Integer(asn1, flags);
asn1_pop_tag(asn1);
}
/* write mechToken */
if (token->mechToken.data) {
asn1_push_tag(asn1, ASN1_CONTEXT(2));
asn1_write_OctetString(asn1, token->mechToken.data,
token->mechToken.length);
asn1_pop_tag(asn1);
}
/* write mechListMIC */
if (token->mechListMIC.data) {
asn1_push_tag(asn1, ASN1_CONTEXT(3));
#if 0
/* This is what RFC 2478 says ... */
asn1_write_OctetString(asn1, token->mechListMIC.data,
token->mechListMIC.length);
#else
/* ... but unfortunately this is what Windows
sends/expects */
asn1_push_tag(asn1, ASN1_SEQUENCE(0));
asn1_push_tag(asn1, ASN1_CONTEXT(0));
asn1_push_tag(asn1, ASN1_GENERAL_STRING);
asn1_write(asn1, token->mechListMIC.data,
token->mechListMIC.length);
asn1_pop_tag(asn1);
asn1_pop_tag(asn1);
asn1_pop_tag(asn1);
#endif
asn1_pop_tag(asn1);
}
asn1_pop_tag(asn1);
asn1_pop_tag(asn1);
return !asn1->has_error;
}
/* This implements kerberos password change protocol as specified in
* kerb-chg-password-02.txt and kerberos-set-passwd-02.txt
* as well as microsoft version of the protocol
* as specified in kerberos-set-passwd-00.txt
*/
static DATA_BLOB encode_krb5_setpw(const char *principal, const char *password)
{
char* princ_part1 = NULL;
char* princ_part2 = NULL;
char* realm = NULL;
char* c;
char* princ;
ASN1_DATA *req;
DATA_BLOB ret;
princ = SMB_STRDUP(principal);
if ((c = strchr_m(princ, '/')) == NULL) {
c = princ;
} else {
*c = '\0';
c++;
princ_part1 = princ;
}
princ_part2 = c;
if ((c = strchr_m(c, '@')) != NULL) {
*c = '\0';
c++;
realm = c;
} else {
/* We must have a realm component. */
return data_blob_null;
}
req = asn1_init(talloc_tos());
if (req == NULL) {
return data_blob_null;
}
asn1_push_tag(req, ASN1_SEQUENCE(0));
asn1_push_tag(req, ASN1_CONTEXT(0));
asn1_write_OctetString(req, password, strlen(password));
asn1_pop_tag(req);
asn1_push_tag(req, ASN1_CONTEXT(1));
asn1_push_tag(req, ASN1_SEQUENCE(0));
asn1_push_tag(req, ASN1_CONTEXT(0));
asn1_write_Integer(req, 1);
asn1_pop_tag(req);
asn1_push_tag(req, ASN1_CONTEXT(1));
asn1_push_tag(req, ASN1_SEQUENCE(0));
if (princ_part1) {
asn1_write_GeneralString(req, princ_part1);
}
asn1_write_GeneralString(req, princ_part2);
asn1_pop_tag(req);
asn1_pop_tag(req);
asn1_pop_tag(req);
asn1_pop_tag(req);
asn1_push_tag(req, ASN1_CONTEXT(2));
asn1_write_GeneralString(req, realm);
asn1_pop_tag(req);
asn1_pop_tag(req);
ret = data_blob(req->data, req->length);
asn1_free(req);
free(princ);
return ret;
}
