本文整理汇总了C++中NT_STATUS_IS_OK函数的典型用法代码示例。如果您正苦于以下问题:C++ NT_STATUS_IS_OK函数的具体用法?C++ NT_STATUS_IS_OK怎么用?C++ NT_STATUS_IS_OK使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了NT_STATUS_IS_OK函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: start_epmd
void start_epmd(struct tevent_context *ev_ctx,
struct messaging_context *msg_ctx)
{
struct rpc_srv_callbacks epmapper_cb;
NTSTATUS status;
pid_t pid;
bool ok;
int rc;
epmapper_cb.init = NULL;
epmapper_cb.shutdown = epmapper_shutdown_cb;
epmapper_cb.private_data = NULL;
DEBUG(1, ("Forking Endpoint Mapper Daemon\n"));
pid = fork();
if (pid == -1) {
DEBUG(0, ("Failed to fork Endpoint Mapper [%s], aborting ...\n",
strerror(errno)));
exit(1);
}
if (pid) {
/* parent */
return;
}
status = smbd_reinit_after_fork(msg_ctx, ev_ctx, true);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("reinit_after_fork() failed\n"));
smb_panic("reinit_after_fork() failed");
}
prctl_set_comment("epmd");
epmd_reopen_logs();
epmd_setup_sig_term_handler(ev_ctx);
epmd_setup_sig_hup_handler(ev_ctx, msg_ctx);
ok = serverid_register(messaging_server_id(msg_ctx),
FLAG_MSG_GENERAL |
FLAG_MSG_PRINT_GENERAL);
if (!ok) {
DEBUG(0, ("Failed to register serverid in epmd!\n"));
exit(1);
}
messaging_register(msg_ctx,
ev_ctx,
MSG_SMB_CONF_UPDATED,
epmd_smb_conf_updated);
status = rpc_epmapper_init(&epmapper_cb);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Failed to register epmd rpc interface! (%s)\n",
nt_errstr(status)));
exit(1);
}
status = rpc_setup_tcpip_sockets(ev_ctx,
msg_ctx,
&ndr_table_epmapper,
NULL,
135);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Failed to open epmd tcpip sockets!\n"));
exit(1);
}
ok = setup_dcerpc_ncalrpc_socket(ev_ctx,
msg_ctx,
"EPMAPPER",
srv_epmapper_delete_endpoints);
if (!ok) {
DEBUG(0, ("Failed to open epmd ncalrpc pipe!\n"));
exit(1);
}
ok = setup_named_pipe_socket("epmapper", ev_ctx, msg_ctx);
if (!ok) {
DEBUG(0, ("Failed to open epmd named pipe!\n"));
exit(1);
}
DEBUG(1, ("Endpoint Mapper Daemon Started (%u)\n", (unsigned int)getpid()));
/* loop forever */
rc = tevent_loop_wait(ev_ctx);
/* should not be reached */
DEBUG(0,("background_queue: tevent_loop_wait() exited with %d - %s\n",
rc, (rc == 0) ? "out of events" : strerror(errno)));
exit(1);
}
开发者ID:Gazzonyx,项目名称:samba,代码行数:97,代码来源:epmd.c
示例2: rpc_name_to_sid
/* convert a single name to a sid in a domain */
NTSTATUS rpc_name_to_sid(TALLOC_CTX *mem_ctx,
struct rpc_pipe_client *lsa_pipe,
struct policy_handle *lsa_policy,
const char *domain_name,
const char *name,
uint32_t flags,
struct dom_sid *sid,
enum lsa_SidType *type)
{
enum lsa_SidType *types = NULL;
struct dom_sid *sids = NULL;
char *full_name = NULL;
char *mapped_name = NULL;
NTSTATUS status;
if (name == NULL || name[0] == '\0') {
full_name = talloc_asprintf(mem_ctx, "%s", domain_name);
} else if (domain_name == NULL || domain_name[0] == '\0') {
full_name = talloc_asprintf(mem_ctx, "%s", name);
} else {
full_name = talloc_asprintf(mem_ctx, "%s\\%s", domain_name, name);
}
if (full_name == NULL) {
return NT_STATUS_NO_MEMORY;
}
status = normalize_name_unmap(mem_ctx, full_name, &mapped_name);
/* Reset the full_name pointer if we mapped anything */
if (NT_STATUS_IS_OK(status) ||
NT_STATUS_EQUAL(status, NT_STATUS_FILE_RENAMED)) {
full_name = mapped_name;
}
DEBUG(3,("name_to_sid: %s for domain %s\n",
full_name ? full_name : "", domain_name ));
/*
* We don't run into deadlocks here, cause winbind_off() is
* called in the main function.
*/
status = rpccli_lsa_lookup_names(lsa_pipe,
mem_ctx,
lsa_policy,
1, /* num_names */
(const char **) &full_name,
NULL, /* domains */
1, /* level */
&sids,
&types);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(2,("name_to_sid: failed to lookup name: %s\n",
nt_errstr(status)));
return status;
}
sid_copy(sid, &sids[0]);
*type = types[0];
return NT_STATUS_OK;
}
开发者ID:Alexandr-Galko,项目名称:samba,代码行数:62,代码来源:winbindd_rpc.c
示例3: do_quota
static int do_quota(struct cli_state *cli,
enum SMB_QUOTA_TYPE qtype,
uint16 cmd,
const char *username_str,
SMB_NTQUOTA_STRUCT *pqt)
{
uint32 fs_attrs = 0;
uint16_t quota_fnum = 0;
SMB_NTQUOTA_LIST *qtl = NULL;
SMB_NTQUOTA_STRUCT qt;
NTSTATUS status;
ZERO_STRUCT(qt);
status = cli_get_fs_attr_info(cli, &fs_attrs);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Failed to get the filesystem attributes %s.\n",
nt_errstr(status));
return -1;
}
if (!(fs_attrs & FILE_VOLUME_QUOTAS)) {
d_printf("Quotas are not supported by the server.\n");
return 0;
}
status = cli_get_quota_handle(cli, "a_fnum);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Quotas are not enabled on this share.\n");
d_printf("Failed to open %s %s.\n",
FAKE_FILE_NAME_QUOTA_WIN32,
nt_errstr(status));
return -1;
}
switch(qtype) {
case SMB_USER_QUOTA_TYPE:
if (!StringToSid(&qt.sid, username_str)) {
d_printf("StringToSid() failed for [%s]\n",username_str);
return -1;
}
switch(cmd) {
case QUOTA_GET:
status = cli_get_user_quota(
cli, quota_fnum, &qt);
if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_get_user_quota %s\n",
nt_errstr(status),
username_str);
return -1;
}
dump_ntquota(&qt,verbose,numeric,SidToString);
break;
case QUOTA_SETLIM:
pqt->sid = qt.sid;
status = cli_set_user_quota(
cli, quota_fnum, pqt);
if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_set_user_quota %s\n",
nt_errstr(status),
username_str);
return -1;
}
status = cli_get_user_quota(
cli, quota_fnum, &qt);
if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_get_user_quota %s\n",
nt_errstr(status),
username_str);
return -1;
}
dump_ntquota(&qt,verbose,numeric,SidToString);
break;
case QUOTA_LIST:
status = cli_list_user_quota(
cli, quota_fnum, &qtl);
if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_set_user_quota %s\n",
nt_errstr(status),
username_str);
return -1;
}
dump_ntquota_list(&qtl,verbose,numeric,SidToString);
free_ntquota_list(&qtl);
break;
default:
d_printf("Unknown Error\n");
return -1;
}
break;
case SMB_USER_FS_QUOTA_TYPE:
switch(cmd) {
case QUOTA_GET:
status = cli_get_fs_quota_info(
cli, quota_fnum, &qt);
if (!NT_STATUS_IS_OK(status)) {
d_printf("%s cli_get_fs_quota_info\n",
nt_errstr(status));
return -1;
//.........这里部分代码省略.........
开发者ID:Alexandr-Galko,项目名称:samba,代码行数:101,代码来源:smbcquotas.c
示例4: bind
/*
perform a LDAP/SASL/SPNEGO/NTLMSSP bind (just how many layers can
we fit on one socket??)
*/
static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads)
{
DATA_BLOB msg1 = data_blob_null;
DATA_BLOB blob = data_blob_null;
DATA_BLOB blob_in = data_blob_null;
DATA_BLOB blob_out = data_blob_null;
struct berval cred, *scred = NULL;
int rc;
NTSTATUS nt_status;
ADS_STATUS status;
int turn = 1;
struct auth_generic_state *auth_generic_state;
nt_status = auth_generic_client_prepare(NULL, &auth_generic_state);
if (!NT_STATUS_IS_OK(nt_status)) {
return ADS_ERROR_NT(nt_status);
}
if (!NT_STATUS_IS_OK(nt_status = auth_generic_set_username(auth_generic_state, ads->auth.user_name))) {
return ADS_ERROR_NT(nt_status);
}
if (!NT_STATUS_IS_OK(nt_status = auth_generic_set_domain(auth_generic_state, ads->auth.realm))) {
return ADS_ERROR_NT(nt_status);
}
if (!NT_STATUS_IS_OK(nt_status = auth_generic_set_password(auth_generic_state, ads->auth.password))) {
return ADS_ERROR_NT(nt_status);
}
switch (ads->ldap.wrap_type) {
case ADS_SASLWRAP_TYPE_SEAL:
gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SIGN);
gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SEAL);
break;
case ADS_SASLWRAP_TYPE_SIGN:
if (ads->auth.flags & ADS_AUTH_SASL_FORCE) {
gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SIGN);
} else {
/*
* windows servers are broken with sign only,
* so we need to use seal here too
*/
gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SIGN);
gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SEAL);
ads->ldap.wrap_type = ADS_SASLWRAP_TYPE_SEAL;
}
break;
case ADS_SASLWRAP_TYPE_PLAIN:
break;
}
nt_status = auth_generic_client_start(auth_generic_state, GENSEC_OID_NTLMSSP);
if (!NT_STATUS_IS_OK(nt_status)) {
return ADS_ERROR_NT(nt_status);
}
blob_in = data_blob_null;
do {
nt_status = gensec_update(auth_generic_state->gensec_security,
talloc_tos(), NULL, blob_in, &blob_out);
data_blob_free(&blob_in);
if ((NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)
|| NT_STATUS_IS_OK(nt_status))
&& blob_out.length) {
if (turn == 1) {
const char *OIDs_ntlm[] = {OID_NTLMSSP, NULL};
/* and wrap it in a SPNEGO wrapper */
msg1 = spnego_gen_negTokenInit(talloc_tos(),
OIDs_ntlm, &blob_out, NULL);
} else {
/* wrap it in SPNEGO */
msg1 = spnego_gen_auth(talloc_tos(), blob_out);
}
data_blob_free(&blob_out);
cred.bv_val = (char *)msg1.data;
cred.bv_len = msg1.length;
scred = NULL;
rc = ldap_sasl_bind_s(ads->ldap.ld, NULL, "GSS-SPNEGO", &cred, NULL, NULL, &scred);
data_blob_free(&msg1);
if ((rc != LDAP_SASL_BIND_IN_PROGRESS) && (rc != 0)) {
if (scred) {
ber_bvfree(scred);
}
TALLOC_FREE(auth_generic_state);
return ADS_ERROR(rc);
}
if (scred) {
blob = data_blob(scred->bv_val, scred->bv_len);
ber_bvfree(scred);
} else {
blob = data_blob_null;
}
//.........这里部分代码省略.........
开发者ID:rchicoli,项目名称:samba,代码行数:101,代码来源:sasl.c
示例5: smbcli_list_old
int smbcli_list_old(struct smbcli_tree *tree, const char *Mask, uint16_t attribute,
void (*fn)(struct clilist_file_info *, const char *, void *),
void *caller_state)
{
union smb_search_first first_parms;
union smb_search_next next_parms;
struct search_private state; /* for callbacks */
const int num_asked = 500;
int received = 0;
bool first = true;
int num_received = 0;
char *mask;
int i;
/* initialize state for search */
state.mem_ctx = talloc_init("smbcli_list_old");
state.dirlist_len = 0;
state.total_received = 0;
state.data_level = RAW_SEARCH_DATA_SEARCH;
state.dirlist = talloc_array(state.mem_ctx, struct clilist_file_info,
0);
mask = talloc_strdup(state.mem_ctx, Mask);
while (1) {
state.ff_searchcount = 0;
if (first) {
NTSTATUS status;
first_parms.search_first.level = RAW_SEARCH_SEARCH;
first_parms.search_first.data_level = RAW_SEARCH_DATA_SEARCH;
first_parms.search_first.in.max_count = num_asked;
first_parms.search_first.in.search_attrib = attribute;
first_parms.search_first.in.pattern = mask;
status = smb_raw_search_first(tree, state.mem_ctx,
&first_parms,
(void*)&state,
smbcli_list_old_callback);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(state.mem_ctx);
return -1;
}
received = first_parms.search_first.out.count;
if (received <= 0) break;
first = false;
} else {
NTSTATUS status;
next_parms.search_next.level = RAW_SEARCH_SEARCH;
next_parms.search_next.data_level = RAW_SEARCH_DATA_SEARCH;
next_parms.search_next.in.max_count = num_asked;
next_parms.search_next.in.search_attrib = attribute;
next_parms.search_next.in.id = state.id;
status = smb_raw_search_next(tree, state.mem_ctx,
&next_parms,
(void*)&state,
smbcli_list_old_callback);
if (NT_STATUS_EQUAL(status, STATUS_NO_MORE_FILES)) {
break;
}
if (!NT_STATUS_IS_OK(status)) {
talloc_free(state.mem_ctx);
return -1;
}
received = next_parms.search_next.out.count;
if (received <= 0) break;
}
num_received += received;
}
for (i=0;i<state.total_received;i++) {
fn(&state.dirlist[i], Mask, caller_state);
}
talloc_free(state.mem_ctx);
return state.total_received;
}
开发者ID:0x24bin,项目名称:winexe-1,代码行数:84,代码来源:clilist.c
示例6: main
//.........这里部分代码省略.........
if (!(out = samu_new(ctx))) {
fprintf(stderr, "Can't create samu structure.\n");
exit(1);
}
if ((pwd = getpwnam_alloc(ctx, unix_user)) == NULL) {
fprintf(stderr, "Error getting user information for %s\n", unix_user);
exit(1);
}
samu_set_unix(out, pwd);
pdb_set_profile_path(out, "\\\\torture\\profile", PDB_SET);
pdb_set_homedir(out, "\\\\torture\\home", PDB_SET);
pdb_set_logon_script(out, "torture_script.cmd", PDB_SET);
pdb_get_account_policy(AP_PASSWORD_HISTORY, &history);
if (history * PW_HISTORY_ENTRY_LEN < NT_HASH_LEN) {
buf = (uint8 *)TALLOC(ctx, NT_HASH_LEN);
} else {
buf = (uint8 *)TALLOC(ctx, history * PW_HISTORY_ENTRY_LEN);
}
/* Generate some random hashes */
GetTimeOfDay(&tv);
srand(tv.tv_usec);
for (i = 0; i < NT_HASH_LEN; i++) {
buf[i] = (uint8) rand();
}
pdb_set_nt_passwd(out, buf, PDB_SET);
for (i = 0; i < LM_HASH_LEN; i++) {
buf[i] = (uint8) rand();
}
pdb_set_lanman_passwd(out, buf, PDB_SET);
for (i = 0; i < history * PW_HISTORY_ENTRY_LEN; i++) {
buf[i] = (uint8) rand();
}
pdb_set_pw_history(out, buf, history, PDB_SET);
pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire);
pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &min_age);
pdb_set_pass_last_set_time(out, time(NULL), PDB_SET);
if (expire == 0 || expire == (uint32)-1) {
pdb_set_pass_must_change_time(out, get_time_t_max(), PDB_SET);
} else {
pdb_set_pass_must_change_time(out, time(NULL)+expire, PDB_SET);
}
if (min_age == (uint32)-1) {
pdb_set_pass_can_change_time(out, 0, PDB_SET);
} else {
pdb_set_pass_can_change_time(out, time(NULL)+min_age, PDB_SET);
}
/* Create account */
if (!NT_STATUS_IS_OK(rv = pdb->add_sam_account(pdb, out))) {
fprintf(stderr, "Error in add_sam_account: %s\n",
get_friendly_nt_error_msg(rv));
exit(1);
}
if (!(in = samu_new(ctx))) {
fprintf(stderr, "Can't create samu structure.\n");
exit(1);
}
/* Get account information through getsampwnam() */
if (NT_STATUS_IS_ERR(pdb->getsampwnam(pdb, in, out->username))) {
fprintf(stderr, "Error getting sampw of added user %s.\n",
out->username);
if (!NT_STATUS_IS_OK(rv = pdb->delete_sam_account(pdb, out))) {
fprintf(stderr, "Error in delete_sam_account %s\n",
get_friendly_nt_error_msg(rv));
}
TALLOC_FREE(ctx);
}
/* Verify integrity */
if (samu_correct(out, in)) {
printf("User info written correctly\n");
} else {
printf("User info NOT written correctly\n");
error = True;
}
/* Delete account */
if (!NT_STATUS_IS_OK(rv = pdb->delete_sam_account(pdb, out))) {
fprintf(stderr, "Error in delete_sam_account %s\n",
get_friendly_nt_error_msg(rv));
}
TALLOC_FREE(ctx);
if (error) {
return 1;
}
return 0;
}
开发者ID:gojdic,项目名称:samba,代码行数:101,代码来源:pdbtest.c
示例7: smbd_smb2_auth_generic_return
//.........这里部分代码省略.........
x->nonce_low = 0;
}
x->global->application_key = data_blob_dup_talloc(x->global,
x->global->signing_key);
if (x->global->application_key.data == NULL) {
ZERO_STRUCT(session_key);
return NT_STATUS_NO_MEMORY;
}
if (xconn->protocol >= PROTOCOL_SMB2_24) {
struct _derivation *d = &derivation.application;
smb2_key_derivation(session_key, sizeof(session_key),
d->label.data, d->label.length,
d->context.data, d->context.length,
x->global->application_key.data);
}
ZERO_STRUCT(session_key);
x->global->channels[0].signing_key = data_blob_dup_talloc(x->global->channels,
x->global->signing_key);
if (x->global->channels[0].signing_key.data == NULL) {
return NT_STATUS_NO_MEMORY;
}
data_blob_clear_free(&session_info->session_key);
session_info->session_key = data_blob_dup_talloc(session_info,
x->global->application_key);
if (session_info->session_key.data == NULL) {
return NT_STATUS_NO_MEMORY;
}
session->compat = talloc_zero(session, struct user_struct);
if (session->compat == NULL) {
return NT_STATUS_NO_MEMORY;
}
session->compat->session = session;
session->compat->homes_snum = -1;
session->compat->session_info = session_info;
session->compat->session_keystr = NULL;
session->compat->vuid = session->global->session_wire_id;
DLIST_ADD(smb2req->sconn->users, session->compat);
smb2req->sconn->num_users++;
if (security_session_user_level(session_info, NULL) >= SECURITY_USER) {
session->compat->homes_snum =
register_homes_share(session_info->unix_info->unix_name);
}
set_current_user_info(session_info->unix_info->sanitized_username,
session_info->unix_info->unix_name,
session_info->info->domain_name);
reload_services(smb2req->sconn, conn_snum_used, true);
session->status = NT_STATUS_OK;
session->global->auth_session_info = talloc_move(session->global,
&session_info);
session->global->auth_session_info_seqnum += 1;
for (i=0; i < session->global->num_channels; i++) {
struct smbXsrv_channel_global0 *_c =
&session->global->channels[i];
_c->auth_session_info_seqnum =
session->global->auth_session_info_seqnum;
}
session->global->auth_time = timeval_to_nttime(&smb2req->request_time);
session->global->expiration_time = gensec_expire_time(auth->gensec);
if (!session_claim(session)) {
DEBUG(1, ("smb2: Failed to claim session "
"for vuid=%llu\n",
(unsigned long long)session->compat->vuid));
return NT_STATUS_LOGON_FAILURE;
}
TALLOC_FREE(auth);
status = smbXsrv_session_update(session);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("smb2: Failed to update session for vuid=%llu - %s\n",
(unsigned long long)session->compat->vuid,
nt_errstr(status)));
return NT_STATUS_LOGON_FAILURE;
}
/*
* we attach the session to the request
* so that the response can be signed
*/
if (!guest) {
smb2req->do_signing = true;
}
global_client_caps |= (CAP_LEVEL_II_OPLOCKS|CAP_STATUS32);
*out_session_id = session->global->session_wire_id;
return NT_STATUS_OK;
}
开发者ID:vormetriclabs,项目名称:samba,代码行数:101,代码来源:smb2_sesssetup.c
示例8: reply_spnego_negotiate
static int reply_spnego_negotiate(connection_struct *conn,
char *inbuf,
char *outbuf,
int length, int bufsize,
DATA_BLOB blob1)
{
char *OIDs[ASN1_MAX_OIDS];
DATA_BLOB secblob;
int i;
DATA_BLOB chal;
BOOL got_kerberos = False;
NTSTATUS nt_status;
/* parse out the OIDs and the first sec blob */
if (!parse_negTokenTarg(blob1, OIDs, &secblob)) {
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
}
/* only look at the first OID for determining the mechToken --
accoirding to RFC2478, we should choose the one we want
and renegotiate, but i smell a client bug here..
Problem observed when connecting to a member (samba box)
of an AD domain as a user in a Samba domain. Samba member
server sent back krb5/mskrb5/ntlmssp as mechtypes, but the
client (2ksp3) replied with ntlmssp/mskrb5/krb5 and an
NTLMSSP mechtoken. --jerry */
if (strcmp(OID_KERBEROS5, OIDs[0]) == 0 ||
strcmp(OID_KERBEROS5_OLD, OIDs[0]) == 0) {
got_kerberos = True;
}
for (i=0;OIDs[i];i++) {
DEBUG(3,("Got OID %s\n", OIDs[i]));
free(OIDs[i]);
}
DEBUG(3,("Got secblob of size %lu\n", (unsigned long)secblob.length));
#ifdef HAVE_KRB5
if (got_kerberos && (SEC_ADS == lp_security())) {
int ret = reply_spnego_kerberos(conn, inbuf, outbuf,
length, bufsize, &secblob);
data_blob_free(&secblob);
return ret;
}
#endif
if (global_ntlmssp_state) {
auth_ntlmssp_end(&global_ntlmssp_state);
}
nt_status = auth_ntlmssp_start(&global_ntlmssp_state);
if (!NT_STATUS_IS_OK(nt_status)) {
return ERROR_NT(nt_status);
}
nt_status = auth_ntlmssp_update(global_ntlmssp_state,
secblob, &chal);
data_blob_free(&secblob);
/* Foxconn modified start pling 12/29/2011 */
/* Fix Android partial auth issue. */
reply_spnego_ntlmssp(conn, inbuf, outbuf, &global_ntlmssp_state,
&chal, nt_status, True);
/* Foxconn modified end pling 12/29/2011 */
data_blob_free(&chal);
/* already replied */
return -1;
}
开发者ID:hajuuk,项目名称:R7000,代码行数:73,代码来源:sesssetup.c
示例9: reply_sesssetup_and_X_spnego
static int reply_sesssetup_and_X_spnego(connection_struct *conn, char *inbuf,
char *outbuf,
int length,int bufsize)
{
uint8 *p;
DATA_BLOB blob1;
int ret;
size_t bufrem;
fstring native_os, native_lanman, primary_domain;
char *p2;
uint16 data_blob_len = SVAL(inbuf, smb_vwv7);
enum remote_arch_types ra_type = get_remote_arch();
DEBUG(3,("Doing spnego session setup\n"));
if (global_client_caps == 0) {
global_client_caps = IVAL(inbuf,smb_vwv10);
if (!(global_client_caps & CAP_STATUS32)) {
remove_from_common_flags2(FLAGS2_32_BIT_ERROR_CODES);
}
}
p = (uint8 *)smb_buf(inbuf);
if (data_blob_len == 0) {
/* an invalid request */
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
}
bufrem = smb_bufrem(inbuf, p);
/* pull the spnego blob */
blob1 = data_blob(p, MIN(bufrem, data_blob_len));
#if 0
file_save("negotiate.dat", blob1.data, blob1.length);
#endif
p2 = inbuf + smb_vwv13 + data_blob_len;
p2 += srvstr_pull_buf(inbuf, native_os, p2, sizeof(native_os), STR_TERMINATE);
p2 += srvstr_pull_buf(inbuf, native_lanman, p2, sizeof(native_lanman), STR_TERMINATE);
p2 += srvstr_pull_buf(inbuf, primary_domain, p2, sizeof(primary_domain), STR_TERMINATE);
DEBUG(3,("NativeOS=[%s] NativeLanMan=[%s] PrimaryDomain=[%s]\n",
native_os, native_lanman, primary_domain));
if ( ra_type == RA_WIN2K ) {
/* Windows 2003 doesn't set the native lanman string,
but does set primary domain which is a bug I think */
if ( !strlen(native_lanman) )
ra_lanman_string( primary_domain );
else
ra_lanman_string( native_lanman );
}
if (blob1.data[0] == ASN1_APPLICATION(0)) {
/* its a negTokenTarg packet */
ret = reply_spnego_negotiate(conn, inbuf, outbuf, length, bufsize, blob1);
data_blob_free(&blob1);
return ret;
}
if (blob1.data[0] == ASN1_CONTEXT(1)) {
/* its a auth packet */
ret = reply_spnego_auth(conn, inbuf, outbuf, length, bufsize, blob1);
data_blob_free(&blob1);
return ret;
}
/* Foxconn modified start pling 12/29/2011 */
/* Fix Android partial auth issue.
* Port from Samba 3.0.24 (used by WNDR3800) */
if (strncmp((char *)(blob1.data), "NTLMSSP", 7) == 0) {
DATA_BLOB chal;
NTSTATUS nt_status;
if (!global_ntlmssp_state) {
nt_status = auth_ntlmssp_start(&global_ntlmssp_state);
if (!NT_STATUS_IS_OK(nt_status)) {
return ERROR_NT(nt_status_squash(nt_status));
}
}
nt_status = auth_ntlmssp_update(global_ntlmssp_state,
blob1, &chal);
data_blob_free(&blob1);
reply_spnego_ntlmssp(conn, inbuf, outbuf,
&global_ntlmssp_state,
&chal, nt_status, False);
data_blob_free(&chal);
return -1;
}
/* Foxconn added end pling 12/29/2011 */
/* what sort of packet is this? */
DEBUG(1,("Unknown packet in reply_sesssetup_and_X_spnego\n"));
data_blob_free(&blob1);
//.........这里部分代码省略.........
开发者ID:hajuuk,项目名称:R7000,代码行数:101,代码来源:sesssetup.c
示例10: reply_spnego_kerberos
/****************************************************************************
reply to a session setup spnego negotiate packet for kerberos
****************************************************************************/
static int reply_spnego_kerberos(connection_struct *conn,
char *inbuf, char *outbuf,
int length, int bufsize,
DATA_BLOB *secblob)
{
DATA_BLOB ticket;
char *client, *p, *domain;
fstring netbios_domain_name;
struct passwd *pw;
char *user;
int sess_vuid;
NTSTATUS ret;
DATA_BLOB auth_data;
DATA_BLOB ap_rep, ap_rep_wrapped, response;
auth_serversupplied_info *server_info = NULL;
DATA_BLOB session_key = data_blob(NULL, 0);
uint8 tok_id[2];
DATA_BLOB nullblob = data_blob(NULL, 0);
fstring real_username;
ZERO_STRUCT(ticket);
ZERO_STRUCT(auth_data);
ZERO_STRUCT(ap_rep);
ZERO_STRUCT(ap_rep_wrapped);
ZERO_STRUCT(response);
if (!spnego_parse_krb5_wrap(*secblob, &ticket, tok_id)) {
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
}
ret = ads_verify_ticket(lp_realm(), &ticket, &client, &auth_data, &ap_rep, &session_key);
data_blob_free(&ticket);
if (!NT_STATUS_IS_OK(ret)) {
DEBUG(1,("Failed to verify incoming ticket!\n"));
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
}
data_blob_free(&auth_data);
DEBUG(3,("Ticket name is [%s]\n", client));
p = strchr_m(client, '@');
if (!p) {
DEBUG(3,("Doesn't look like a valid principal\n"));
data_blob_free(&ap_rep);
data_blob_free(&session_key);
SAFE_FREE(client);
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
}
*p = 0;
if (!strequal(p+1, lp_realm())) {
DEBUG(3,("Ticket for foreign realm %[email protected]%s\n", client, p+1));
if (!lp_allow_trusted_domains()) {
data_blob_free(&ap_rep);
data_blob_free(&session_key);
SAFE_FREE(client);
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
}
}
/* this gives a fully qualified user name (ie. with full realm).
that leads to very long usernames, but what else can we do? */
domain = p+1;
{
/* If we have winbind running, we can (and must) shorten the
username by using the short netbios name. Otherwise we will
have inconsistent user names. With Kerberos, we get the
fully qualified realm, with ntlmssp we get the short
name. And even w2k3 does use ntlmssp if you for example
connect to an ip address. */
struct winbindd_request wb_request;
struct winbindd_response wb_response;
NSS_STATUS wb_result;
ZERO_STRUCT(wb_request);
ZERO_STRUCT(wb_response);
DEBUG(10, ("Mapping [%s] to short name\n", domain));
fstrcpy(wb_request.domain_name, domain);
wb_result = winbindd_request(WINBINDD_DOMAIN_INFO,
&wb_request, &wb_response);
if (wb_result == NSS_STATUS_SUCCESS) {
fstrcpy(netbios_domain_name,
wb_response.data.domain_info.name);
domain = netbios_domain_name;
DEBUG(10, ("Mapped to [%s]\n", domain));
//.........这里部分代码省略.........
开发者ID:hajuuk,项目名称:R7000,代码行数:101,代码来源:sesssetup.c
示例11: reply_spnego_ntlmssp
/* Fix Android partial auth issue. */
static BOOL reply_spnego_ntlmssp(connection_struct *conn, char *inbuf, char *outbuf,
AUTH_NTLMSSP_STATE **auth_ntlmssp_state,
DATA_BLOB *ntlmssp_blob, NTSTATUS nt_status,
BOOL wrap)
/* Foxconn modified end pling 12/29/2011 */
{
BOOL ret;
DATA_BLOB response;
struct auth_serversupplied_info *server_info = NULL;
if (NT_STATUS_IS_OK(nt_status)) {
server_info = (*auth_ntlmssp_state)->server_info;
} else {
nt_status = do_map_to_guest(nt_status,
&server_info,
(*auth_ntlmssp_state)->ntlmssp_state->user,
(*auth_ntlmssp_state)->ntlmssp_state->domain);
}
if (NT_STATUS_IS_OK(nt_status)) {
int sess_vuid;
DATA_BLOB nullblob = data_blob(NULL, 0);
DATA_BLOB session_key = data_blob((*auth_ntlmssp_state)->ntlmssp_state->session_key.data, (*auth_ntlmssp_state)->ntlmssp_state->session_key.length);
/* register_vuid keeps the server info */
sess_vuid = register_vuid(server_info, session_key, nullblob, (*auth_ntlmssp_state)->ntlmssp_state->user);
(*auth_ntlmssp_state)->server_info = NULL;
if (sess_vuid == -1) {
nt_status = NT_STATUS_LOGON_FAILURE;
} else {
/* current_user_info is changed on new vuid */
reload_services( True );
set_message(outbuf,4,0,True);
SSVAL(outbuf, smb_vwv3, 0);
if (server_info->guest) {
SSVAL(outbuf,smb_vwv2,1);
}
SSVAL(outbuf,smb_uid,sess_vuid);
if (!server_info->guest && !srv_signing_started()) {
/* We need to start the signing engine
* here but a W2K client sends the old
* "BSRSPYL " signature instead of the
* correct one. Subsequent packets will
* be correct.
*/
srv_check_sign_mac(inbuf, False);
}
}
}
/* Foxconn modified start pling 12/29/2011 */
/* Fix Android partial auth issue. */
if (wrap) {
response = spnego_gen_auth_response(ntlmssp_blob, nt_status, OID_NTLMSSP);
} else {
response = *ntlmssp_blob;
}
ret = reply_sesssetup_blob(conn, outbuf, response, nt_status);
if (wrap)
data_blob_free(&response);
/* Foxconn modified end pling 12/29/2011 */
/* NT_STATUS_MORE_PROCESSING_REQUIRED from our NTLMSSP code tells us,
and the other end, that we are not finished yet. */
if (!ret || !NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
auth_ntlmssp_end(auth_ntlmssp_state);
}
return ret;
}
开发者ID:hajuuk,项目名称:R7000,代码行数:79,代码来源:sesssetup.c
示例12: authsam_password_ok
/****************************************************************************
Do a specific test for an smb password being correct, given a smb_password and
the lanman and NT responses.
****************************************************************************/
static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
TALLOC_CTX *mem_ctx,
uint16_t acct_flags,
const struct samr_Password *lm_pwd,
const struct samr_Password *nt_pwd,
const struct auth_usersupplied_info *user_info,
DATA_BLOB *user_sess_key,
DATA_BLOB *lm_sess_key)
{
NTSTATUS status;
switch (user_info->password_state) {
case AUTH_PASSWORD_PLAIN:
{
const struct auth_usersupplied_info *user_info_temp;
status = encrypt_user_info(mem_ctx, auth_context,
AUTH_PASSWORD_HASH,
user_info, &user_info_temp);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to convert plaintext password to password HASH: %s\n", nt_errstr(status)));
return status;
}
user_info = user_info_temp;
/*fall through*/
}
case AUTH_PASSWORD_HASH:
*lm_sess_key = data_blob(NULL, 0);
*user_sess_key = data_blob(NULL, 0);
status = hash_password_check(mem_ctx,
lp_lanman_auth(auth_context->lp_ctx),
user_info->password.hash.lanman,
user_info->password.hash.nt,
user_info->mapped.account_name,
lm_pwd, nt_pwd);
NT_STATUS_NOT_OK_RETURN(status);
break;
case AUTH_PASSWORD_RESPONSE:
status = ntlm_password_check(mem_ctx,
lp_lanman_auth(auth_context->lp_ctx),
lp_ntlm_auth(auth_context->lp_ctx),
user_info->logon_parameters,
&auth_context->challenge.data,
&user_info->password.response.lanman,
&user_info->password.response.nt,
user_info->mapped.account_name,
user_info->client.account_name,
user_info->client.domain_name,
lm_pwd, nt_pwd,
user_sess_key, lm_sess_key);
NT_STATUS_NOT_OK_RETURN(status);
break;
}
if (user_sess_key && user_sess_key->data) {
talloc_steal(auth_context, user_sess_key->data);
}
if (lm_sess_key && lm_sess_key->data) {
talloc_steal(auth_context, lm_sess_key->data);
}
return NT_STATUS_OK;
}
开发者ID:AllardJ,项目名称:Tomato,代码行数:68,代码来源:auth_sam.c
示例13: authsam_check_password_internals
static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info)
{
NTSTATUS nt_status;
const char *account_name = user_info->mapped.account_name;
struct ldb_message *msg;
struct ldb_context *sam_ctx;
struct ldb_dn *domain_dn;
DATA_BLOB user_sess_key, lm_sess_key;
TALLOC_CTX *tmp_ctx;
if (!account_name || !*account_name) {
/* 'not for me' */
return NT_STATUS_NOT_IMPLEMENTED;
}
tmp_ctx = talloc_new(mem_ctx);
if (!tmp_ctx) {
return NT_STATUS_NO_MEMORY;
}
sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->event_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx));
if (sam_ctx == NULL) {
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
domain_dn = ldb_get_default_basedn(sam_ctx);
if (domain_dn == NULL) {
talloc_free(tmp_ctx);
return NT_STATUS_NO_SUCH_DOMAIN;
}
nt_status = authsam_search_account(tmp_ctx, sam_ctx, account_name, domain_dn, &msg);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(tmp_ctx);
return nt_status;
}
nt_status = authsam_authenticate(ctx->auth_ctx, tmp_ctx, sam_ctx, domain_dn, msg, user_info,
&user_sess_key, &lm_sess_key);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(tmp_ctx);
return nt_status;
}
nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, lp_netbios_name(ctx->auth_ctx->lp_ctx),
lp_sam_name(ctx->auth_ctx->lp_ctx),
domain_dn,
msg,
user_sess_key, lm_sess_key,
server_info);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(tmp_ctx);
return nt_status;
}
talloc_steal(mem_ctx, *server_info);
talloc_free(tmp_ctx);
return NT_STATUS_OK;
}
开发者ID:AllardJ,项目名称:Tomato,代码行数:64,代码来源:auth_sam.c
示例14: talloc_zero
_PUBLIC_ struct test_join *torture_join_domain(struct torture_context *tctx,
const char *machine_name,
uint32_t acct_flags,
struct cli_credentials **machine_credentials)
{
NTSTATUS status;
struct libnet_context *libnet_ctx;
struct libnet_JoinDomain *libnet_r;
struct test_join *tj;
struct samr_SetUserInfo s;
union samr_UserInfo u;
const char *binding_str = NULL;
struct dcerpc_binding *binding = NULL;
enum dcerpc_transport_t transport;
tj = talloc_zero(tctx, struct test_join);
if (!tj) return NULL;
binding_str = torture_setting_string(tctx, "binding", NULL);
if (binding_str == NULL) {
const char *host = torture_setting_string(tctx, "host", NULL);
binding_str = talloc_asprintf(tj, "ncacn_np:%s", host);
}
status = dcerpc_parse_binding(tj, binding_str, &binding);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("dcerpc_parse_binding(%s) failed - %s\n",
binding_str, nt_errstr(status)));
talloc_free(tj);
return NULL;
}
transport = dcerpc_binding_get_transport(binding);
switch (transport) {
case NCALRPC:
case NCACN_UNIX_STREAM:
break;
default:
dcerpc_binding_set_transport(binding, NCACN_NP);
dcerpc_binding_set_flags(binding, 0, DCERPC_AUTH_OPTIONS);
break;
}
libnet_r = talloc_zero(tj, struct libnet_JoinDomain);
if (!libnet_r) {
talloc_free(tj);
return NULL;
}
libnet_ctx = libnet_context_init(tctx->ev, tctx->lp_ctx);
if (!libnet_ctx) {
talloc_free(tj);
return NULL;
}
tj->libnet_r = libnet_r;
libnet_ctx->cred = cmdline_credentials;
libnet_r->in.binding = dcerpc_binding_string(libnet_r, binding);
if (libnet_r->in.binding == NULL) {
talloc_free(tj);
return NULL;
}
libnet_r->in.level = LIBNET_JOINDOMAIN_SPECIFIED;
libnet_r->in.netbios_name = machine_name;
libnet_r->in.account_name = talloc_asprintf(libnet_r, "%s$", machine_name);
if (!libnet_r->in.account_name) {
talloc_free(tj);
return NULL;
}
libnet_r->in.acct_type = acct_flags;
libnet_r->in.recreate_account = true;
status = libnet_JoinDomain(libnet_ctx, libnet_r, libnet_r);
if (!NT_STATUS_IS_OK(status)) {
if (libnet_r->out.error_string) {
DEBUG(0, ("Domain join failed - %s\n", libnet_r->out.error_string));
} else {
DEBUG(0, ("Domain join failed - %s\n", nt_errstr(status)));
}
talloc_free(tj);
return NULL;
}
tj->p = libnet_r->out.samr_pipe;
tj->user_handle = *libnet_r->out.user_handle;
tj->dom_sid = libnet_r->out.domain_sid;
talloc_steal(tj, libnet_r->out.domain_sid);
tj->dom_netbios_name = libnet_r->out.domain_name;
talloc_steal(tj, libnet_r->out.domain_name);
tj->dom_dns_name = libnet_r->out.realm;
talloc_steal(tj, libnet_r->out.realm);
tj->user_guid = libnet_r->out.account_guid;
tj->netbios_name = talloc_strdup(tj, machine_name);
if (!tj->netbios_name) {
talloc_free(tj);
return NULL;
}
ZERO_STRUCT(u);
s.in.user_handle = &tj->user_handle;
s.in.info = &u;
//.........这里部分代码省略.........
开发者ID:DanilKorotenko,项目名称:samba,代码行数:101,代码来源:testjoin.c
示例15: reply_sesssetup_and_X
//.........这里部分代码省略.........
sub_set_smb_name(user);
} else {
fstrcpy(sub_user, lp_guestaccount());
}
sub_set_smb_name(sub_user);
reload_services(True);
if (lp_security() == SEC_SHARE) {
/* in share level we should ignore any passwords */
data_blob_free(&lm_resp);
data_blob_free(&nt_resp);
data_blob_clear_free(&plaintext_password);
map_username(sub_user);
add_session_user(sub_user);
/* Then force it to null for the benfit of the code below */
*user = 0;
}
if (!*user) {
nt_status = check_guest_password(&server_info);
} else if (doencrypt) {
if (!negprot_global_auth_context) {
DEBUG(0, ("reply_sesssetup_and_X: Attempted encrypted session setup without negprot denied!\n"));
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
}
nt_status = make_user_info_for_reply_enc(&user_info, user, domain,
lm_resp, nt_resp);
if (NT_STATUS_IS_OK(nt_status)) {
nt_status = negprot_global_auth_context->check_ntlm_password(negprot_global_auth_context,
user_info,
&server_info);
}
} else {
struct auth_context *plaintext_auth_context = NULL;
const uint8 *chal;
if (NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&plaintext_auth_context))) {
chal = plaintext_auth_context->get_ntlm_challenge(plaintext_auth_context);
if (!make_user_info_for_reply(&user_info,
user, domain, chal,
plaintext_password)) {
nt_status = NT_STATUS_NO_MEMORY;
}
if (NT_STATUS_IS_OK(nt_status)) {
nt_status = plaintext_auth_context->check_ntlm_password(plaintext_auth_context,
user_info,
&server_info);
(plaintext_auth_context->free)(&plaintext_auth_context);
}
}
}
free_user_info(&user_info);
if (!NT_STATUS_IS_OK(nt_status)) {
nt_status = do_map_to_guest(nt_status, &server_info, user, domain);
}
开发者ID:hajuuk,项目名称:R7000,代码行数:66,代码来源:sesssetup.c
示例16: NetFileEnum_r
WERROR NetFileEnum_r(struct libnetapi_ctx *ctx,
struct NetFileEnum *r)
{
WERROR werr;
NTSTATUS status;
struct rpc_pipe_client *pipe_cli = NULL;
struct srvsvc_NetFileInfoCtr info_ctr;
struct srvsvc_NetFileCtr2 ctr2;
struct srvsvc_NetFileCtr3 ctr3;
uint32_t num_entries = 0;
uint32_t i;
if (!r->out.buffer) {
return WERR_INVALID_PARAM;
}
switch (r->in.level) {
case 2:
case 3:
break;
default:
return WERR_UNKNOWN_LEVEL;
}
werr = libnetapi_open_pipe(ctx, r->in.server_name,
&ndr_table_srvsvc.syntax_id,
&pipe_cli);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
ZERO_STRUCT(info_ctr);
info_ctr.level = r->in.level;
switch (r->in.level) {
case 2:
ZERO_STRUCT(ctr2);
info_ctr.ctr.ctr2 = &ctr2;
break;
case 3:
ZERO_STRUCT(ctr3);
info_ctr.ctr.ctr3 = &ctr3;
break;
}
status = rpccli_srvsvc_NetFileEnum(pipe_cli, talloc_tos(),
r->in.server_name,
r->in.base_path,
r->in.user_name,
&info_ctr,
r->in.prefmaxlen,
r->out.total_entries,
r->out.resume_handle,
&werr);
if (NT_STATUS_IS_ERR(status)) {
goto done;
}
for (i=0; i < info_ctr.ctr.ctr2->count; i++) {
union srvsvc_NetFileInfo _i;
switch (r->in.level) {
case 2:
_i.info2 = &info_ctr.ctr.ctr2->array[i];
break;
case 3:
_i.info3 = &info_ctr.ctr.ctr3->array[i];
break;
}
status = map_srvsvc_FileInfo_to_FILE_INFO_buffer(ctx,
r->in.level,
&_i,
r->out.buffer,
&num_entries);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto done;
}
}
if (r->out.entries_read) {
*r->out.entries_read = num_entries;
}
if (r->out.total_entries) {
*r->out.total_entries = num_entries;
}
done:
return werr;
}
开发者ID:AllardJ,项目名称:Tomato,代码行数:91,代码来源:file.c
示例17: is_valid_name
static NTSTATUS is_valid_name(const smb_ucs2_t *fname, bool allow_wildcards, b
|
客服电话
APP下载
官方微信
请发表评论