following a cvs error, i am rewriting this monster-commit. with bad grace.

Modified Files:
---------------

Makefile:

	adding extra files

ipc.c :

	send_trans_reply() - alignment issue.  this makes the alignment
	the same as that in NT.  this should be looked at by people who
	understand the SMB stuff better than i.

	api_fd_commands[] - added samr and wkssvc pipes.

loadparm.c :

	lp_domain_controller() changed to mean "samba is a domain controller".
	it's a "yes/no" parameter, now.  no, it isn't used _anywhere_.

namedbwork.c nameelect.c :

	if "domain controller = yes" then add SV_TYPE_DOMAIN_CTRL to the
	host _and_ workgroup announcements.  yes, you must do both: nt does.

namelogon.c :

	important NETLOGON bug in SAMLOGON request parsing, which may be
	the source of some people's problems with logging on to the Samba PDC.

password.c :

	get_smbpwnam() renamed to get_smbpwd_entry().

pipes.c :

	added samr and wkssvc pipes.

proto.h :

	usual.  can we actually _remove_ proto.h from the cvs tree, and
	have it as one of the Makefile dependencies, or something?

reply.c :

	get_smbpwnam() renamed to get_smbpwd_entry() - also changed response
	error code when logging in from a WORKSTATION$ account.  yes, paul
	is right: we need to know when to return the right error code, and why.

server.c :

	added call to reset_chain_pnum().

	#ifdef NTDOMAIN added call to init_lsa_policy_hnd() #endif.  jeremy,
	you'd be proud: i did a compile without NTDOMAIN, and caught a link
	error for this function.

smb.h :

	defines and structures for samr and wkssvc pipes.

smbpass.c :

	modified get_smbpwnam() to get_smbpwd_entry() and it now takes
	two arguments.  one for the name; if this is null, it looks up
	by smb_userid instead.

	oh, by the way, smb_userids are actually domain relative ids
	(RIDs).  concatenate a RID with the domain SID, and you have
	an internet globally unique way of identifying a user.

	we're using RIDs in the wrong way....

	added mod_smbpwnam() function.  this was based on code in smbpasswd.c

rpc_pipes/lsaparse.c :

	added enum trusted domain parsing.  this is incomplete: i need
	a packet trace to write it properly.

rpc_pipes/pipe_hnd.c :

	added reset_chain_pnum() function.

rpc_pipes/pipenetlog.c :

	get_smbpwnam() function renamed to get_smbpwd_entry().

	arcfour() issues.

	removed capability of get_md4pw() function to automatically add
	workstation accounts.  this should either be done using
	smbpasswd -add MACHINE$, or by using \PIPE\samr.

rpc_pipes/pipe_util.c :

	create_pol_hnd() - creates a unique LSA Policy Handle.  overkill
	function: uses a 64 bit sequence number; current unix time and
	the smbd pid.

rpc_pipes/smbparse.c :

	arcfour() issues.

	smb_io_unistr2() should advance by uni_str_len not uni_max_len.

	smb_io_smb_hdr_rb() - request bind uses uint16 for the context
	id, and uint8 for the num_syntaxes.  oops, i put these both as
	uint32s.


Added Files:
------------

rpc_pipes/lsa_hnd.c :

	on the samr pipe, allocate and associate an LSA Policy Handle
	with a SID.  you receive queries with the LSA Policy Handle,
	and have to turn this back into a SID in order to answer the
	query...

rpc_pipes/pipesamr.c rpc_pipes/samrparse.c

	\PIPE\samr processing.  samr i presume is the SAM Replication pipe.

rpc_pipes/pipewkssvc.c rpc_pipes/wksparse.c

	\PIPE\wkssvc processing.  the Workstation Service pipe?


holy cow.
(This used to be commit 1bd084b3e690eb26a1006d616075e53d711ecd2f)

5 files changed, 24 insertions, 7 deletions

diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 1943129ba6..ce14ccd9bc 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -144,7 +144,7 @@ static void send_trans_reply(char *outbuf,char *data,char *param,uint16 *setup,
   this_lparam = MIN(lparam,max_send - (500+lsetup*SIZEOFWORD)); /* hack */
   this_ldata = MIN(ldata,max_send - (500+lsetup*SIZEOFWORD+this_lparam));
 
-  align = (this_lparam%4);
+  align = (this_lparam%4)+1;
 
   set_message(outbuf,10+lsetup,align+this_ldata+this_lparam,True);
   if (this_lparam)
@@ -2872,7 +2872,9 @@ struct
   {
 #ifdef NTDOMAIN
     { "TransactNmPipe",     "lsarpc",	"lsass",	0x26,	api_ntLsarpcTNP },
+    { "TransactNmPipe",     "samr",	"lsass",	0x26,	api_samrTNP },
     { "TransactNmPipe",     "srvsvc",	"lsass",	0x26,	api_srvsvcTNP },
+    { "TransactNmPipe",     "wkssvc",	"ntsvcs",	0x26,	api_wkssvcTNP },
     { "TransactNmPipe",     "NETLOGON",	"NETLOGON",	0x26,	api_netlogrpcTNP },
     { NULL,		            NULL,       NULL,	-1,	(BOOL (*)())api_Unsupported }
 #else
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index b759f68430..185fc68f5a 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -887,7 +887,8 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd)
 	  return(False);
 	}
 
-      smb_pass = get_smbpwnam(user);
+      /* non-null username indicates search by username not smb userid */
+      smb_pass = get_smbpwd_entry(user, 0);
       if (!smb_pass)
 	{
 	  DEBUG(3,("Couldn't find user %s in smb_passwd file.\n", user));
diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c
index 4a2e185cb4..e2f704e6af 100644
--- a/source3/smbd/pipes.c
+++ b/source3/smbd/pipes.c
@@ -57,6 +57,8 @@ char * known_pipes [] =
 #if NTDOMAIN
   "NETLOGON",
   "srvsvc",
+  "wkssvc",
+  "samr",
 #endif
   NULL
 };
@@ -139,6 +141,8 @@ int reply_pipe_close(char *inbuf,char *outbuf)
   int cnum = SVAL(inbuf,smb_tid);
   int outsize = set_message(outbuf,0,0,True);
 
+  DEBUG(5,("reply_pipe_close: pnum:%x cnum:%x\n", pnum, cnum));
+
   if (!close_rpc_pipe_hnd(pnum, cnum)) return(ERROR(ERRDOS,ERRbadfid));
 
   return(outsize);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 46425861d4..e8d79b098c 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -498,7 +498,8 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
   /* If name ends in $ then I think it's asking about whether a */
   /* computer with that name (minus the $) has access. For now */
   /* say yes to everything ending in $. */
-  if (user[strlen(user) - 1] == '$') {
+  if (user[strlen(user) - 1] == '$')
+  {
 #ifdef NTDOMAIN
     struct smb_passwd *smb_pass; /* To check if machine account exists */
 /* 
@@ -511,15 +512,18 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
    a domain. This may be the source of future bugs if we cannot
    be sure whether to reject this or not.
 */
-   smb_pass = get_smbpwnam(user);
-   if(smb_pass)
+   /* non-null user name indicates search by username not by smb userid */
+   smb_pass = get_smbpwd_entry(user, 0);
+
+   if (!smb_pass)
    {
      /* PAXX: This is the NO LOGON workstation trust account stuff */
-     DEBUG(4,("Rejecting workstation trust account %s",user));
+     DEBUG(4,("No Workstation trust account %s",user));
      SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */
      CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */
-     return(ERROR(NT_STATUS_ALLOTTED_SPACE_EXCEEDED, 0xc000)); /* 0x99 NT error, 0xc00 */
+     return(ERROR(NT_STATUS_LOGON_FAILURE, 0xc000)); /* 0x109 NT error, 0xc000 */
    }
+
    computer_id = True;
 #else /* not NTDOMAIN, leave this in. PAXX: Someone get rid of this */
     user[strlen(user) - 1] = '\0';
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 3c128872e6..e4e5872035 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -4732,6 +4732,7 @@ int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
 
   chain_size = 0;
   chain_fnum = -1;
+  reset_chain_pnum();
 
   bzero(outbuf,smb_size);
 
@@ -4943,6 +4944,11 @@ static void init_structs(void )
   /* for RPC pipes */
   init_rpc_pipe_hnd();
 
+#ifdef NTDOMAIN
+  /* for LSA handles */
+  init_lsa_policy_hnd();
+#endif
+
   init_dptrs();
 }