bool secrets_fetch_domain_sid(const char *domain, struct dom_sid *sid) { struct dom_sid *dyn_sid; size_t size = 0; #if _SAMBA_BUILD_ == 4 if (strequal(domain, get_global_sam_name()) && (pdb_capabilities() & PDB_CAP_ADS)) { struct pdb_domain_info *domain_info; domain_info = pdb_get_domain_info(talloc_tos()); if (!domain_info) { /* If we have a ADS-capable passdb backend, we * must never make up our own SID, it will * already be in the directory */ DEBUG(0, ("Unable to fetch a Domain SID from the directory!\n")); return false; } *sid = domain_info->sid; return true; } #endif dyn_sid = (struct dom_sid *)secrets_fetch(domain_sid_keystr(domain), &size); if (dyn_sid == NULL) return False; if (size != sizeof(struct dom_sid)) { SAFE_FREE(dyn_sid); return False; } *sid = *dyn_sid; SAFE_FREE(dyn_sid); return True; }
NTSTATUS serverinfo_to_SamInfo6(struct auth_serversupplied_info *server_info, uint8_t *pipe_session_key, size_t pipe_session_key_len, struct netr_SamInfo6 *sam6) { struct pdb_domain_info *dominfo; struct netr_SamInfo3 *info3; if ((pdb_capabilities() & PDB_CAP_ADS) == 0) { DEBUG(10,("Not adding validation info level 6 " "without ADS passdb backend\n")); return NT_STATUS_INVALID_INFO_CLASS; } dominfo = pdb_get_domain_info(sam6); if (dominfo == NULL) { return NT_STATUS_NO_MEMORY; } info3 = copy_netr_SamInfo3(sam6, server_info->info3); if (!info3) { return NT_STATUS_NO_MEMORY; } if (server_info->user_session_key.length) { memcpy(info3->base.key.key, server_info->user_session_key.data, MIN(sizeof(info3->base.key.key), server_info->user_session_key.length)); if (pipe_session_key) { arcfour_crypt(info3->base.key.key, pipe_session_key, 16); } } if (server_info->lm_session_key.length) { memcpy(info3->base.LMSessKey.key, server_info->lm_session_key.data, MIN(sizeof(info3->base.LMSessKey.key), server_info->lm_session_key.length)); if (pipe_session_key) { arcfour_crypt(info3->base.LMSessKey.key, pipe_session_key, 8); } } sam6->base = info3->base; sam6->sidcount = 0; sam6->sids = NULL; sam6->dns_domainname.string = talloc_strdup(sam6, dominfo->dns_domain); if (sam6->dns_domainname.string == NULL) { return NT_STATUS_NO_MEMORY; } sam6->principle.string = talloc_asprintf(sam6, "%s@%s", sam6->base.account_name.string, sam6->dns_domainname.string); if (sam6->principle.string == NULL) { return NT_STATUS_NO_MEMORY; } return NT_STATUS_OK; }