the first independent msrpc daemon - lsarpcd.

one horrible cut / paste job from smbd, plus a code split of shared
components between the two.

the job is not _yet_ complete, as i need to be able to do a become_user()
call for security reasons.  i picked lsarpcd first because you don't
_need_ security on it (microsoft botched so badly on this one, it's not
real.  at least they fixed this in nt5 with restrictanonymous=0x2).
fixing this involves sending the current smb and unix credentials down
the unix pipe so that the daemon it eventually goes to can pick them
up at the other end.

i can't believe this all worked!!!
(This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)

6 files changed, 547 insertions, 9 deletions

diff --git a/source3/lib/msrpc-agent.c b/source3/lib/msrpc-agent.c
index 4612aae14f..0bb9429ecb 100644
--- a/source3/lib/msrpc-agent.c
+++ b/source3/lib/msrpc-agent.c
@@ -254,8 +254,9 @@ void start_msrpc_agent(char *pipe_name)
 		0
 	};
 	
-	CatchChild();
-
-	start_agent(&va);
+	if (fork() == 0)
+	{
+		start_agent(&va);
+	}
 }
 
diff --git a/source3/lib/msrpc-client.c b/source3/lib/msrpc-client.c
index eacc25341e..fb82c54700 100644
--- a/source3/lib/msrpc-client.c
+++ b/source3/lib/msrpc-client.c
@@ -37,6 +37,54 @@ BOOL msrpc_receive(struct msrpc_state *msrpc)
 /****************************************************************************
   send an smb to a fd and re-establish if necessary
 ****************************************************************************/
+BOOL msrpc_send_prs(struct msrpc_state *msrpc, prs_struct *ps)
+{
+	size_t len = mem_buf_len(ps->data);
+
+	_smb_setlen(msrpc->outbuf, len);
+	mem_buf_copy(&msrpc->outbuf[4], ps->data, 0, len);
+
+	if (msrpc_send(msrpc, True))
+	{
+		prs_mem_free(ps);
+		return True;
+	}
+	return False;
+}
+
+/****************************************************************************
+  receive msrpc packet
+****************************************************************************/
+BOOL msrpc_receive_prs(struct msrpc_state *msrpc, prs_struct *ps)
+{
+	int len;
+	char *data;
+
+	if (!msrpc_receive(msrpc))
+	{
+		return False;
+	}
+
+	len = smb_len(msrpc->inbuf);
+
+	dump_data(10, msrpc->inbuf, len+4);
+
+	prs_init(ps, len, 4, 0, False);
+	ps->offset = len;
+	data = mem_data(&ps->data, 0);
+	if (data == NULL || len <= 0)
+	{
+		return False;
+	}
+
+	memcpy(data, smb_base(msrpc->inbuf), len);
+
+	return True;
+}
+
+/****************************************************************************
+  send an smb to a fd and re-establish if necessary
+****************************************************************************/
 BOOL msrpc_send(struct msrpc_state *msrpc, BOOL show)
 {
 	size_t len;
@@ -62,8 +110,6 @@ BOOL msrpc_send(struct msrpc_state *msrpc, BOOL show)
 	return True;
 }
 
-
-
 /****************************************************************************
 open the msrpcent sockets
 ****************************************************************************/
@@ -115,7 +161,7 @@ void msrpc_sockopt(struct msrpc_state *msrpc, char *options)
 }
 
 
-static int msrpc_init_redirect(struct msrpc_state *msrpc,
+static BOOL msrpc_init_redirect(struct msrpc_state *msrpc,
 				const char* pipe_name, 
 				const struct user_credentials *usr)
 {
@@ -135,7 +181,7 @@ static int msrpc_init_redirect(struct msrpc_state *msrpc,
 
 	if (sock < 0)
 	{
-		return sock;
+		return False;
 	}
 
 	ZERO_STRUCT(data);
@@ -196,7 +242,7 @@ static int msrpc_init_redirect(struct msrpc_state *msrpc,
 	msrpc->fd = sock;
 	msrpc->usr.reuse = False;
 
-	return sock;
+	return True;
 }
 
 BOOL msrpc_connect_auth(struct msrpc_state *msrpc,
diff --git a/source3/lib/passcheck.c b/source3/lib/passcheck.c
new file mode 100644
index 0000000000..195a404ff3
--- /dev/null
+++ b/source3/lib/passcheck.c
@@ -0,0 +1,289 @@
+/* 
+   Unix SMB/Netbios implementation.
+   Version 1.9.
+   Password and authentication handling
+   Copyright (C) Andrew Tridgell 1992-1998
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+extern int DEBUGLEVEL;
+extern int Protocol;
+
+extern pstring scope;
+extern pstring global_myname;
+extern fstring global_myworkgroup;
+
+
+
+/****************************************************************************
+core of smb password checking routine.
+****************************************************************************/
+static BOOL smb_pwd_check_ntlmv1(char *password, unsigned char *part_passwd,
+				unsigned char *c8,
+				uchar sess_key[16])
+{
+  /* Finish the encryption of part_passwd. */
+  unsigned char p24[24];
+
+  if (part_passwd == NULL)
+    DEBUG(10,("No password set - allowing access\n"));
+  /* No password set - always true ! */
+  if (part_passwd == NULL)
+    return True;
+
+  SMBOWFencrypt(part_passwd, c8, p24);
+	if (sess_key != NULL)
+	{
+		SMBsesskeygen_ntv1(part_passwd, NULL, sess_key);
+	}
+
+#if DEBUG_PASSWORD
+	DEBUG(100,("Part password (P16) was |"));
+	dump_data(100, part_passwd, 16);
+	DEBUG(100,("Password from client was |"));
+	dump_data(100, password, 24);
+	DEBUG(100,("Given challenge was |"));
+	dump_data(100, c8, 8);
+	DEBUG(100,("Value from encryption was |"));
+	dump_data(100, p24, 24);
+#endif
+  return (memcmp(p24, password, 24) == 0);
+}
+
+/****************************************************************************
+core of smb password checking routine.
+****************************************************************************/
+static BOOL smb_pwd_check_ntlmv2(char *password, size_t pwd_len,
+				unsigned char *part_passwd,
+				unsigned char const *c8,
+				const char *user, const char *domain,
+				char *sess_key)
+{
+	/* Finish the encryption of part_passwd. */
+	unsigned char kr[16];
+	unsigned char resp[16];
+
+	if (part_passwd == NULL)
+	{
+		DEBUG(10,("No password set - allowing access\n"));
+	}
+	/* No password set - always true ! */
+	if (part_passwd == NULL)
+	{
+		return True;
+	}
+
+	ntv2_owf_gen(part_passwd, user, domain, kr);
+	SMBOWFencrypt_ntv2(kr, c8, 8, password+16, pwd_len-16, resp);
+	if (sess_key != NULL)
+	{
+		SMBsesskeygen_ntv2(kr, resp, sess_key);
+	}
+
+#if DEBUG_PASSWORD
+	DEBUG(100,("Part password (P16) was |"));
+	dump_data(100, part_passwd, 16);
+	DEBUG(100,("Password from client was |"));
+	dump_data(100, password, pwd_len);
+	DEBUG(100,("Given challenge was |"));
+	dump_data(100, c8, 8);
+	DEBUG(100,("Value from encryption was |"));
+	dump_data(100, resp, 16);
+#endif
+
+	return (memcmp(resp, password, 16) == 0);
+}
+
+/****************************************************************************
+ Do a specific test for an smb password being correct, given a smb_password and
+ the lanman and NT responses.
+****************************************************************************/
+BOOL smb_password_ok(struct smb_passwd *smb_pass, uchar challenge[8],
+				const char *user, const char *domain,
+				uchar *lm_pass, size_t lm_pwd_len,
+				uchar *nt_pass, size_t nt_pwd_len,
+				uchar sess_key[16])
+{
+	if (smb_pass == NULL)
+	{
+		return False;
+	}
+
+	DEBUG(4,("Checking SMB password for user %s\n", 
+		 smb_pass->unix_name));
+
+	if (smb_pass->acct_ctrl & ACB_DISABLED)
+	{
+		DEBUG(3,("account for user %s was disabled.\n", 
+			 smb_pass->unix_name));
+		return False;
+	}
+
+	if (challenge == NULL)
+	{
+		DEBUG(1,("no challenge available - password failed\n"));
+		return False;
+	}
+
+	if ((Protocol >= PROTOCOL_NT1) && (smb_pass->smb_nt_passwd != NULL))
+	{
+		/* We have the NT MD4 hash challenge available - see if we can
+		   use it (ie. does it exist in the smbpasswd file).
+		*/
+		if (lp_server_ntlmv2() != False && nt_pwd_len > 24)
+		{
+			DEBUG(4,("smb_password_ok: Check NTLMv2 password\n"));
+			if (smb_pwd_check_ntlmv2(nt_pass, nt_pwd_len,
+				       (uchar *)smb_pass->smb_nt_passwd, 
+					challenge, user, domain,
+			                sess_key))
+			{
+				return True;
+			}
+		}
+		if (lp_server_ntlmv2() != True && nt_pwd_len == 24)
+		{
+			DEBUG(4,("smb_password_ok: Check NT MD4 password\n"));
+			if (smb_pwd_check_ntlmv1((char *)nt_pass, 
+				       (uchar *)smb_pass->smb_nt_passwd, 
+				       challenge,
+			               sess_key))
+			{
+				DEBUG(4,("NT MD4 password check succeeded\n"));
+				return True;
+			}
+		}
+		DEBUG(4,("NT MD4 password check failed\n"));
+	}
+
+	if (lp_server_ntlmv2() == True)
+	{
+		DEBUG(4,("Not checking LM MD4 password\n"));
+		return False;
+	}
+
+	/* Try against the lanman password. smb_pass->smb_passwd == NULL means
+	   no password, allow access. */
+
+	DEBUG(4,("Checking LM MD4 password\n"));
+
+	if ((smb_pass->smb_passwd == NULL) && 
+	   (smb_pass->acct_ctrl & ACB_PWNOTREQ))
+	{
+		DEBUG(4,("no password required for user %s\n",
+			 smb_pass->unix_name));
+		return True;
+	}
+
+	if ((smb_pass->smb_passwd != NULL) && 
+	   smb_pwd_check_ntlmv1((char *)lm_pass, 
+			      (uchar *)smb_pass->smb_passwd,
+				challenge, NULL))
+	{
+		DEBUG(4,("LM MD4 password check succeeded\n"));
+		return(True);
+	}
+
+	DEBUG(4,("LM MD4 password check failed\n"));
+
+	return False;
+}
+
+
+/****************************************************************************
+check if a username/password is OK assuming the password is a 24 byte
+SMB hash
+return True if the password is correct, False otherwise
+****************************************************************************/
+BOOL pass_check_smb(struct smb_passwd *smb_pass, char *domain, uchar *chal,
+		uchar *lm_pwd, size_t lm_pwd_len,
+		uchar *nt_pwd, size_t nt_pwd_len,
+		struct passwd *pwd, uchar user_sess_key[16])
+{
+	const struct passwd *pass;
+	struct passwd pw;
+	char *user = NULL;
+
+	if (smb_pass == NULL)
+	{
+		DEBUG(3,("Couldn't find user %s in smb_passwd file.\n", user));
+		return False;
+	}
+
+	user = smb_pass->unix_name;
+
+	if (lm_pwd == NULL || nt_pwd == NULL)
+	{
+		return False;
+	}
+
+	if (pwd != NULL && user == NULL)
+	{
+		pass = (struct passwd *) pwd;
+		user = pass->pw_name;
+	}
+	else
+	{
+		pass = Get_Pwnam(user,True);
+		if (pass == NULL)
+		{
+			DEBUG(3,("Couldn't find user %s\n",user));
+			return False;
+		}
+		memcpy(&pw, pass, sizeof(struct passwd));
+		pass = &pw;
+	}
+
+	/* Quit if the account was disabled. */
+	if (smb_pass->acct_ctrl & ACB_DISABLED) {
+		DEBUG(3,("account for user %s was disabled.\n", user));
+		return False;
+        }
+
+	/* Ensure the uid's match */
+	if (smb_pass->unix_uid != pass->pw_uid)
+	{
+		DEBUG(3,("Error : UNIX (%d) and SMB (%d) uids in password files do not match !\n", pass->pw_uid, smb_pass->unix_uid));
+		return False;
+	}
+
+	if (lm_pwd[0] == '\0' && IS_BITS_SET_ALL(smb_pass->acct_ctrl, ACB_PWNOTREQ) && lp_null_passwords())
+	{
+		DEBUG(3,("account for user %s has no password and null passwords are allowed.\n", smb_pass->unix_name));
+		return(True);
+	}
+
+	if (smb_password_ok(smb_pass, chal, user, domain,
+	                                    lm_pwd, lm_pwd_len,
+		                            nt_pwd, nt_pwd_len,
+	                                    user_sess_key))
+	{
+		if (user_sess_key != NULL)
+		{
+#ifdef DEBUG_PASSWORD
+		DEBUG(100,("user session key: "));
+		dump_data(100, user_sess_key, 16);
+#endif
+		}
+		return(True);
+	}
+	
+	DEBUG(3,("Error pass_check_smb failed\n"));
+	return False;
+}
+
diff --git a/source3/lib/username.c b/source3/lib/username.c
index 87fe39466f..9f51d06642 100644
--- a/source3/lib/username.c
+++ b/source3/lib/username.c
@@ -566,6 +566,35 @@ static BOOL user_in_group_list(char *user,char *gname)
 }	      
 
 /****************************************************************************
+check if a username is valid
+****************************************************************************/
+BOOL user_ok(char *user,int snum)
+{
+	pstring valid, invalid;
+	BOOL ret;
+
+	StrnCpy(valid, lp_valid_users(snum), sizeof(pstring));
+	StrnCpy(invalid, lp_invalid_users(snum), sizeof(pstring));
+
+	string_sub(valid,"%S",lp_servicename(snum));
+	string_sub(invalid,"%S",lp_servicename(snum));
+	
+	ret = !user_in_list(user,invalid);
+	
+	if (ret && valid && *valid) {
+		ret = user_in_list(user,valid);
+	}
+
+	if (ret && lp_onlyuser(snum)) {
+		char *user_list = lp_username(snum);
+		string_sub(user_list,"%S",lp_servicename(snum));
+		ret = user_in_list(user,user_list);
+	}
+
+	return(ret);
+}
+
+/****************************************************************************
 check if a user is in a user list - can check combinations of UNIX
 and netgroup lists.
 ****************************************************************************/
diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c
index 71e51d2771..d9b0f97259 100644
--- a/source3/lib/util_sock.c
+++ b/source3/lib/util_sock.c
@@ -901,6 +901,9 @@ int create_pipe_socket(char *dir, int dir_perms,
 	int s;
 	struct sockaddr_un sa;
 
+	DEBUG(10,("create_pipe_socket: %s %d %s %d\n",
+	           dir, dir_perms, path, path_perms));
+
 	mkdir(dir, dir_perms);
 
 	if (chmod(dir, dir_perms) < 0)
@@ -912,7 +915,6 @@ int create_pipe_socket(char *dir, int dir_perms,
 	if (!remove(path))
 	{
 		DEBUG(0, ("remove on %s failed\n", path));
-		return -1;
 	}
 		
 	/* start listening on unix socket */
@@ -954,5 +956,7 @@ int create_pipe_socket(char *dir, int dir_perms,
 		return -1;
 	}
 
+	DEBUG(5,("unix socket opened: %s\n", path));
+
 	return s;
 }
diff --git a/source3/lib/vuser.c b/source3/lib/vuser.c
new file mode 100644
index 0000000000..dfad258152
--- /dev/null
+++ b/source3/lib/vuser.c
@@ -0,0 +1,169 @@
+/* 
+   Unix SMB/Netbios implementation.
+   Version 1.9.
+   Password and authentication handling
+   Copyright (C) Andrew Tridgell 1992-1998
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+extern int DEBUGLEVEL;
+
+/* this holds info on user ids that are already validated for this VC */
+static user_struct *validated_users = NULL;
+static int num_validated_users = 0;
+
+/****************************************************************************
+check if a uid has been validated, and return an pointer to the user_struct
+if it has. NULL if not. vuid is biased by an offset. This allows us to
+tell random client vuid's (normally zero) from valid vuids.
+****************************************************************************/
+user_struct *get_valid_user_struct(uint16 vuid)
+{
+  if (vuid == UID_FIELD_INVALID)
+    return NULL;
+  vuid -= VUID_OFFSET;
+  if ((vuid >= (uint16)num_validated_users) || 
+     (validated_users[vuid].uid == (uid_t)-1) || (validated_users[vuid].gid == (gid_t)-1))
+    return NULL;
+  return &validated_users[vuid];
+}
+
+/****************************************************************************
+invalidate a uid
+****************************************************************************/
+void invalidate_vuid(uint16 vuid)
+{
+  user_struct *vuser = get_valid_user_struct(vuid);
+
+  if (vuser == NULL) return;
+
+  vuser->uid = (uid_t)-1;
+  vuser->gid = (gid_t)-1;
+
+  vuser->n_sids = 0;
+
+  /* same number of igroups as groups */
+  vuser->n_groups = 0;
+
+  if (vuser->groups)
+    free((char *)vuser->groups);
+
+  if (vuser->sids)
+    free((char *)vuser->sids);
+
+  vuser->sids    = NULL;
+  vuser->groups  = NULL;
+}
+
+
+/****************************************************************************
+return a validated username
+****************************************************************************/
+char *validated_username(uint16 vuid)
+{
+  user_struct *vuser = get_valid_user_struct(vuid);
+  if (vuser == NULL)
+    return 0;
+  return(vuser->name);
+}
+
+
+
+/****************************************************************************
+register a uid/name pair as being valid and that a valid password
+has been given. vuid is biased by an offset. This allows us to
+tell random client vuid's (normally zero) from valid vuids.
+****************************************************************************/
+uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, BOOL guest, uchar user_sess_key[16])
+{
+  user_struct *vuser;
+  struct passwd *pwfile; /* for getting real name from passwd file */
+
+  /* Ensure no vuid gets registered in share level security. */
+  if(lp_security() == SEC_SHARE)
+    return UID_FIELD_INVALID;
+
+#if 0
+  /*
+   * After observing MS-Exchange services writing to a Samba share
+   * I belive this code is incorrect. Each service does its own
+   * sessionsetup_and_X for the same user, and as each service shuts
+   * down, it does a user_logoff_and_X. As we are consolidating multiple
+   * sessionsetup_and_X's onto the same vuid here, when the first service
+   * shuts down, it invalidates all the open files for the other services.
+   * Hence I am removing this code and forcing each sessionsetup_and_X
+   * to get a new vuid.
+   * Jeremy Allison. (jallison@whistle.com).
+   */
+
+  int i;
+  for(i = 0; i < num_validated_users; i++) {
+    vuser = &validated_users[i];
+    if ( vuser->uid == uid )
+      return (uint16)(i + VUID_OFFSET); /* User already validated */
+  }
+#endif
+
+  validated_users = (user_struct *)Realloc(validated_users,
+			   sizeof(user_struct)*
+			   (num_validated_users+1));
+  
+  if (!validated_users)
+    {
+      DEBUG(0,("Failed to realloc users struct!\n"));
+      num_validated_users = 0;
+      return UID_FIELD_INVALID;
+    }
+
+  vuser = &validated_users[num_validated_users];
+  num_validated_users++;
+
+  vuser->uid = uid;
+  vuser->gid = gid;
+  vuser->guest = guest;
+  fstrcpy(vuser->name,unix_name);
+  fstrcpy(vuser->requested_name,requested_name);
+  memcpy(vuser->dc.user_sess_key, user_sess_key, sizeof(vuser->dc.user_sess_key));
+
+  vuser->n_sids = 0;
+  vuser->sids   = NULL;
+
+  vuser->n_groups = 0;
+  vuser->groups  = NULL;
+
+  /* Find all the groups this uid is in and store them. 
+     Used by become_user() */
+  get_unixgroups(unix_name,uid,gid,
+	       &vuser->n_groups,
+	       &vuser->groups);
+
+  DEBUG(3,("uid %d registered to name %s\n",(int)uid,unix_name));
+
+  DEBUG(3, ("Clearing default real name\n"));
+  fstrcpy(vuser->real_name, "<Full Name>\0");
+  if (lp_unix_realname()) {
+    if ((pwfile=hashed_getpwnam(vuser->name))!= NULL)
+      {
+      DEBUG(3, ("User name: %s\tReal name: %s\n",vuser->name,pwfile->pw_gecos));
+      fstrcpy(vuser->real_name, pwfile->pw_gecos);
+      }
+  }
+
+  return (uint16)((num_validated_users - 1) + VUID_OFFSET);
+}
+