summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>1998-05-18 21:30:57 +0000
committerJeremy Allison <jra@samba.org>1998-05-18 21:30:57 +0000
commitffab54750f0eec202895670dd9293ee4aa3eb475 (patch)
treec02d4fb266021f7e0f608b8b22af98338acbf315 /source3/smbd
parent29644e4b35c50047d95f188e6dfbc4b9f0811620 (diff)
downloadsamba-ffab54750f0eec202895670dd9293ee4aa3eb475.tar.gz
samba-ffab54750f0eec202895670dd9293ee4aa3eb475.tar.bz2
samba-ffab54750f0eec202895670dd9293ee4aa3eb475.zip
chgpasswd.c: Changed back to getsmb... from getsam...
ldap.c: Stoped dummy_function being prototyped. loadparm.c: Fixed slprintf sizes. nisppass.c: Fixed safe_strcpy sizes. nmbd_processlogon.c: Changed back to getsmb... from getsam... nttrans.c: Just a dump of new code. passdb.c: Moved stuff around a lot - stopped any lookups by rid. This needs to be indirected through a function table (soon). password.c: Changed back to getsmb... from getsam... reply.c: Changed back to getsmb... from getsam... slprintf.c: Fixed prototype problems. smb.h: Fixed prototype problems. smbpass.c: Changed to getsmbfile.... smbpasswd.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup. lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam... Jeremy. (This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/chgpasswd.c78
-rw-r--r--source3/smbd/nttrans.c127
-rw-r--r--source3/smbd/password.c12
-rw-r--r--source3/smbd/reply.c14
4 files changed, 179 insertions, 52 deletions
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index ece3107257..e8f3abc4f1 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -440,56 +440,56 @@ BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root)
************************************************************/
BOOL check_lanman_password(char *user, unsigned char *pass1,
- unsigned char *pass2, struct smb_passwd **psampw)
+ unsigned char *pass2, struct smb_passwd **psmbpw)
{
unsigned char unenc_new_pw[16];
unsigned char unenc_old_pw[16];
unsigned char null_pw[16];
- struct smb_passwd *sampw;
+ struct smb_passwd *smbpw;
- *psampw = NULL;
+ *psmbpw = NULL;
become_root(0);
- sampw = getsampwnam(user);
+ smbpw = getsmbpwnam(user);
unbecome_root(0);
- if(sampw == NULL)
+ if(smbpw == NULL)
{
- DEBUG(0,("check_lanman_password: getsampwnam returned NULL\n"));
+ DEBUG(0,("check_lanman_password: getsmbpwnam returned NULL\n"));
return False;
}
- if(sampw->acct_ctrl & ACB_DISABLED)
+ if(smbpw->acct_ctrl & ACB_DISABLED)
{
DEBUG(0,("check_lanman_password: account %s disabled.\n", user));
return False;
}
- if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ))
+ if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ))
{
unsigned char no_pw[14];
memset(no_pw, '\0', 14);
E_P16((uchar *)no_pw, (uchar *)null_pw);
- sampw->smb_passwd = null_pw;
- } else if (sampw->smb_passwd == NULL) {
+ smbpw->smb_passwd = null_pw;
+ } else if (smbpw->smb_passwd == NULL) {
DEBUG(0,("check_lanman_password: no lanman password !\n"));
return False;
}
/* Get the new lanman hash. */
- D_P16(sampw->smb_passwd, pass2, unenc_new_pw);
+ D_P16(smbpw->smb_passwd, pass2, unenc_new_pw);
/* Use this to get the old lanman hash. */
D_P16(unenc_new_pw, pass1, unenc_old_pw);
/* Check that the two old passwords match. */
- if(memcmp(sampw->smb_passwd, unenc_old_pw, 16))
+ if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16))
{
DEBUG(0,("check_lanman_password: old password doesn't match.\n"));
return False;
}
- *psampw = sampw;
+ *psmbpw = smbpw;
return True;
}
@@ -499,44 +499,44 @@ BOOL check_lanman_password(char *user, unsigned char *pass1,
no longer be valid.
************************************************************/
-BOOL change_lanman_password(struct smb_passwd *sampw, unsigned char *pass1, unsigned char *pass2)
+BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsigned char *pass2)
{
unsigned char unenc_new_pw[16];
unsigned char null_pw[16];
BOOL ret;
- if(sampw == NULL)
+ if(smbpw == NULL)
{
DEBUG(0,("change_lanman_password: no smb password entry.\n"));
return False;
}
- if(sampw->acct_ctrl & ACB_DISABLED)
+ if(smbpw->acct_ctrl & ACB_DISABLED)
{
- DEBUG(0,("change_lanman_password: account %s disabled.\n", sampw->smb_name));
+ DEBUG(0,("change_lanman_password: account %s disabled.\n", smbpw->smb_name));
return False;
}
- if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ))
+ if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ))
{
unsigned char no_pw[14];
memset(no_pw, '\0', 14);
E_P16((uchar *)no_pw, (uchar *)null_pw);
- sampw->smb_passwd = null_pw;
- } else if (sampw->smb_passwd == NULL) {
+ smbpw->smb_passwd = null_pw;
+ } else if (smbpw->smb_passwd == NULL) {
DEBUG(0,("change_lanman_password: no lanman password !\n"));
return False;
}
/* Get the new lanman hash. */
- D_P16(sampw->smb_passwd, pass2, unenc_new_pw);
+ D_P16(smbpw->smb_passwd, pass2, unenc_new_pw);
- sampw->smb_passwd = unenc_new_pw;
- sampw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */
+ smbpw->smb_passwd = unenc_new_pw;
+ smbpw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */
/* Now write it into the file. */
become_root(0);
- ret = mod_sampwd_entry(sampw,False);
+ ret = mod_smbpwd_entry(smbpw,False);
unbecome_root(0);
return ret;
@@ -547,10 +547,10 @@ BOOL change_lanman_password(struct smb_passwd *sampw, unsigned char *pass1, unsi
************************************************************/
BOOL check_oem_password(char *user, unsigned char *data,
- struct smb_passwd **psampw, char *new_passwd,
+ struct smb_passwd **psmbpw, char *new_passwd,
int new_passwd_size)
{
- struct smb_passwd *sampw = NULL;
+ struct smb_passwd *smbpw = NULL;
int new_pw_len;
fstring upper_case_new_passwd;
unsigned char new_p16[16];
@@ -558,28 +558,28 @@ BOOL check_oem_password(char *user, unsigned char *data,
unsigned char null_pw[16];
become_root(0);
- *psampw = sampw = getsampwnam(user);
+ *psmbpw = smbpw = getsmbpwnam(user);
unbecome_root(0);
- if(sampw == NULL)
+ if(smbpw == NULL)
{
- DEBUG(0,("check_oem_password: getsampwnam returned NULL\n"));
+ DEBUG(0,("check_oem_password: getsmbpwnam returned NULL\n"));
return False;
}
- if(sampw->acct_ctrl & ACB_DISABLED)
+ if(smbpw->acct_ctrl & ACB_DISABLED)
{
DEBUG(0,("check_lanman_password: account %s disabled.\n", user));
return False;
}
- if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ))
+ if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ))
{
unsigned char no_pw[14];
memset(no_pw, '\0', 14);
E_P16((uchar *)no_pw, (uchar *)null_pw);
- sampw->smb_passwd = null_pw;
- } else if (sampw->smb_passwd == NULL) {
+ smbpw->smb_passwd = null_pw;
+ } else if (smbpw->smb_passwd == NULL) {
DEBUG(0,("check_oem_password: no lanman password !\n"));
return False;
}
@@ -587,7 +587,7 @@ BOOL check_oem_password(char *user, unsigned char *data,
/*
* Call the hash function to get the new password.
*/
- SamOEMhash( (unsigned char *)data, (unsigned char *)sampw->smb_passwd, True);
+ SamOEMhash( (unsigned char *)data, (unsigned char *)smbpw->smb_passwd, True);
/*
* The length of the new password is in the last 4 bytes of
@@ -619,7 +619,7 @@ BOOL check_oem_password(char *user, unsigned char *data,
*/
D_P16(new_p16, &data[516], unenc_old_pw);
- if(memcmp(sampw->smb_passwd, unenc_old_pw, 16)) {
+ if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) {
DEBUG(0,("check_oem_password: old password doesn't match.\n"));
return False;
}
@@ -636,7 +636,7 @@ BOOL check_oem_password(char *user, unsigned char *data,
override = True, override XXXXXXXXXX'd password
************************************************************/
-BOOL change_oem_password(struct smb_passwd *sampw, char *new_passwd, BOOL override)
+BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL override)
{
int ret;
fstring upper_case_new_passwd;
@@ -649,14 +649,14 @@ BOOL change_oem_password(struct smb_passwd *sampw, char *new_passwd, BOOL overri
E_P16((uchar *)upper_case_new_passwd, new_p16);
- sampw->smb_passwd = new_p16;
+ smbpw->smb_passwd = new_p16;
E_md4hash((uchar *) new_passwd, new_nt_p16);
- sampw->smb_nt_passwd = new_nt_p16;
+ smbpw->smb_nt_passwd = new_nt_p16;
/* Now write it into the file. */
become_root(0);
- ret = mod_sampwd_entry(sampw,override);
+ ret = mod_smbpwd_entry(smbpw,override);
unbecome_root(0);
memset(upper_case_new_passwd, '\0', strlen(upper_case_new_passwd));
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 73f6786a04..81aa578daf 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -43,6 +43,133 @@ static char *known_nt_pipes[] = {
NULL
};
+/****************************************************************************
+ reply to an NT create and X call.
+****************************************************************************/
+
+THIS IS JUST CRIBBED FROM REPLY.C AT PRESENT AND IS A WORK
+IN PROGRESS. JRA.
+
+int reply_ntcreate_and_X(char *inbuf,char *outbuf,int length,int bufsize)
+{
+ pstring fname;
+ int cnum = SVAL(inbuf,smb_tid);
+ int fnum = -1;
+ int smb_mode = SVAL(inbuf,smb_vwv3);
+ int smb_attr = SVAL(inbuf,smb_vwv5);
+ /* Breakout the oplock request bits so we can set the
+ reply bits separately. */
+ BOOL ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf);
+ BOOL core_oplock_request = CORE_OPLOCK_REQUEST(inbuf);
+ BOOL oplock_request = ex_oplock_request | core_oplock_request;
+#if 0
+ int open_flags = SVAL(inbuf,smb_vwv2);
+ int smb_sattr = SVAL(inbuf,smb_vwv4);
+ uint32 smb_time = make_unix_date3(inbuf+smb_vwv6);
+#endif
+ int smb_ofun = SVAL(inbuf,smb_vwv8);
+ int unixmode;
+ int size=0,fmode=0,mtime=0,rmode=0;
+ struct stat sbuf;
+ int smb_action = 0;
+ BOOL bad_path = False;
+ files_struct *fsp;
+
+ /* If it's an IPC, pass off the pipe handler. */
+ if (IS_IPC(cnum))
+ return reply_open_pipe_and_X(inbuf,outbuf,length,bufsize);
+
+ /* XXXX we need to handle passed times, sattr and flags */
+
+ pstrcpy(fname,smb_buf(inbuf));
+ unix_convert(fname,cnum,0,&bad_path);
+
+ fnum = find_free_file();
+ if (fnum < 0)
+ return(ERROR(ERRSRV,ERRnofids));
+ if (!check_name(fname,cnum))
+ {
+ if((errno == ENOENT) && bad_path)
+ {
+ unix_ERR_class = ERRDOS;
+ unix_ERR_code = ERRbadpath;
+ }
+ Files[fnum].reserved = False;
+ return(UNIXERROR(ERRDOS,ERRnoaccess));
+ }
+
+ unixmode = unix_mode(cnum,smb_attr | aARCH);
+
+ open_file_shared(fnum,cnum,fname,smb_mode,smb_ofun,unixmode,
+ oplock_request, &rmode,&smb_action);
+
+ fsp = &Files[fnum];
+
+ if (!fsp->open)
+ {
+ if((errno == ENOENT) && bad_path)
+ {
+ unix_ERR_class = ERRDOS;
+ unix_ERR_code = ERRbadpath;
+ }
+ Files[fnum].reserved = False;
+ return(UNIXERROR(ERRDOS,ERRnoaccess));
+ }
+
+ if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) {
+ close_file(fnum,False);
+ return(ERROR(ERRDOS,ERRnoaccess));
+ }
+
+ size = sbuf.st_size;
+ fmode = dos_mode(cnum,fname,&sbuf);
+ mtime = sbuf.st_mtime;
+ if (fmode & aDIR) {
+ close_file(fnum,False);
+ return(ERROR(ERRDOS,ERRnoaccess));
+ }
+
+ /* If the caller set the extended oplock request bit
+ and we granted one (by whatever means) - set the
+ correct bit for extended oplock reply.
+ */
+
+ if (ex_oplock_request && lp_fake_oplocks(SNUM(cnum))) {
+ smb_action |= EXTENDED_OPLOCK_GRANTED;
+ }
+
+ if(ex_oplock_request && fsp->granted_oplock) {
+ smb_action |= EXTENDED_OPLOCK_GRANTED;
+ }
+
+ /* If the caller set the core oplock request bit
+ and we granted one (by whatever means) - set the
+ correct bit for core oplock reply.
+ */
+
+ if (core_oplock_request && lp_fake_oplocks(SNUM(cnum))) {
+ CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED;
+ }
+
+ if(core_oplock_request && fsp->granted_oplock) {
+ CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED;
+ }
+
+ set_message(outbuf,15,0,True);
+ SSVAL(outbuf,smb_vwv2,fnum);
+ SSVAL(outbuf,smb_vwv3,fmode);
+ if(lp_dos_filetime_resolution(SNUM(cnum)) )
+ put_dos_date3(outbuf,smb_vwv4,mtime & ~1);
+ else
+ put_dos_date3(outbuf,smb_vwv4,mtime);
+ SIVAL(outbuf,smb_vwv6,size);
+ SSVAL(outbuf,smb_vwv8,rmode);
+ SSVAL(outbuf,smb_vwv11,smb_action);
+
+ chain_fnum = fnum;
+
+ return chain_reply(inbuf,outbuf,length,bufsize);
+}
/****************************************************************************
reply to an unsolicited SMBNTtranss - just ignore it!
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 3040775e03..a8d9ece557 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -429,21 +429,21 @@ update the encrypted smbpasswd file from the plaintext username and password
*****************************************************************************/
BOOL update_smbpassword_file( char *user, fstring password)
{
- struct smb_passwd *sampw;
+ struct smb_passwd *smbpw;
BOOL ret;
become_root(0);
- sampw = getsampwnam(user);
+ smbpw = getsmbpwnam(user);
unbecome_root(0);
- if(sampw == NULL)
+ if(smbpw == NULL)
{
- DEBUG(0,("update_smbpassword_file: getsampwnam returned NULL\n"));
+ DEBUG(0,("update_smbpassword_file: getsmbpwnam returned NULL\n"));
return False;
}
/* Here, the flag is one, because we want to ignore the XXXXXXX'd out password */
- ret = change_oem_password( sampw, password, True);
+ ret = change_oem_password( smbpw, password, True);
if (ret == False)
DEBUG(3,("update_smbpasswd_file: change_oem_password returned False\n"));
@@ -1131,7 +1131,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd)
return(False);
}
- smb_pass = getsampwnam(user);
+ smb_pass = getsmbpwnam(user);
if (!smb_pass)
{
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 21a20b0712..4cde83cefe 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -377,10 +377,10 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user,
char *smb_passwd, int smb_passlen,
char *smb_nt_passwd, int smb_nt_passlen)
{
- struct smb_passwd *sam_trust_acct = NULL; /* check if trust account exists */
+ struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */
if (lp_security() == SEC_USER)
{
- sam_trust_acct = getsampwnam(user);
+ smb_trust_acct = getsmbpwnam(user);
}
else
{
@@ -389,7 +389,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user,
return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE));
}
- if (sam_trust_acct == NULL)
+ if (smb_trust_acct == NULL)
{
/* lkclXXXX: workstation entry doesn't exist */
DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user));
@@ -405,28 +405,28 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user,
return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE));
}
- if (!smb_password_ok(sam_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd))
+ if (!smb_password_ok(smb_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd))
{
DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user));
SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES);
return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE));
}
- if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_DOMTRUST))
+ if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_DOMTRUST))
{
DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user));
SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES);
return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT));
}
- if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_SVRTRUST))
+ if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_SVRTRUST))
{
DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user));
SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES);
return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT));
}
- if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_WSTRUST))
+ if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_WSTRUST))
{
DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user));
SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES);
generated by cgit (git 2.34.1) at 2024-07-27 15:36:15 +0000