diff options
author | Luke Leighton <lkcl@samba.org> | 1999-12-08 21:43:03 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 1999-12-08 21:43:03 +0000 |
commit | 4ab9d91428b66bd2fe407b0dba94f4130160b576 (patch) | |
tree | 2733683a3097225f44e459d2fe73e1ac880b7aba /source3/utils | |
parent | a0ba234cf9b40adf6b5390e4e67730163a42883f (diff) | |
download | samba-4ab9d91428b66bd2fe407b0dba94f4130160b576.tar.gz samba-4ab9d91428b66bd2fe407b0dba94f4130160b576.tar.bz2 samba-4ab9d91428b66bd2fe407b0dba94f4130160b576.zip |
ABOUT TIME!!!!!!!!
damn, this one is bad.
started, at least two days ago, to add an authentication mechanism to
the smbd<->msrpc redirector/relay, such that sufficient unix / nt
information could be transferred across the unix socket to do a
become_user() on the other side of the socket.
it is necessary that the msrpc daemon inherit the same unix and nt
credentials as the smbd process from which it was spawned, until
such time as the msrpc daemon receives an authentication request
of its own, whereupon the msrpc daemon is responsible for authenticating
the new credentials and doing yet another become_user() etc sequence.
(This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489)
Diffstat (limited to 'source3/utils')
-rw-r--r-- | source3/utils/smb-agent.c | 69 |
1 files changed, 28 insertions, 41 deletions
diff --git a/source3/utils/smb-agent.c b/source3/utils/smb-agent.c index 96c43cadaf..2ecfdba7e2 100644 --- a/source3/utils/smb-agent.c +++ b/source3/utils/smb-agent.c @@ -53,23 +53,25 @@ static void free_sock(void *sock) } } + static struct cli_state *init_client_connection(int c) { pstring buf; - uchar ntpw[16]; - uchar lmpw[16]; - fstring srv_name; - struct user_credentials usr; - char *p = buf; + struct user_creds usr; int rl; uint32 len; - uint16 version; - uint16 command; BOOL new_con = False; + CREDS_CMD cmd; + prs_struct ps; + BOOL reuse = False; + + ZERO_STRUCT(usr); + ZERO_STRUCT(cmd); + cmd.cred = &usr; ZERO_STRUCT(usr); - DEBUG(10,("first request\n")); + DEBUG(10,("init_client_connection: first request\n")); rl = read(c, &buf, sizeof(len)); @@ -99,39 +101,26 @@ static struct cli_state *init_client_connection(int c) #ifdef DEBUG_PASSWORD dump_data(100, buf, rl); #endif - version = SVAL(p, 0); - p += 2; - command = SVAL(p, 0); - p += 2; - - fstrcpy(srv_name, p); - p = skip_string(p, 1); - fstrcpy(usr.user_name, p); - p = skip_string(p, 1); - fstrcpy(usr.domain, p); - p = skip_string(p, 1); - - if (PTR_DIFF(p, buf) < rl) - { - memcpy(lmpw, p, 16); - p += 16; - memcpy(ntpw, p, 16); - p += 16; - pwd_set_lm_nt_16(&usr.pwd, lmpw, ntpw); - } - else + /* make a static data parsing structure from the api_fd_reply data */ + prs_init(&ps, 0, 4, 0, True); + mem_create(ps.data, buf, 0, len, 0, False); + + if (!creds_io_cmd("creds", &cmd, &ps, 0)) { - pwd_set_nullpwd(&usr.pwd); + DEBUG(0,("Unable to parse credentials\n")); + mem_free_data(ps.data); + return NULL; } - if (PTR_DIFF(p, buf) != rl) + mem_free_data(ps.data); + + if (ps.offset != rl) { - DEBUG(0,("Buffer size %d %d!\n", - PTR_DIFF(p, buf), rl)); + DEBUG(0,("Buffer size %d %d!\n", ps.offset, rl)); return NULL; } - switch (command) + switch (cmd.command) { case AGENT_CMD_CON: { @@ -141,12 +130,12 @@ static struct cli_state *init_client_connection(int c) case AGENT_CMD_CON_REUSE: { new_con = True; - usr.reuse = True; + reuse = True; break; } default: { - DEBUG(0,("unknown command %d\n", command)); + DEBUG(0,("unknown command %d\n", cmd.command)); return NULL; } } @@ -154,11 +143,11 @@ static struct cli_state *init_client_connection(int c) if (new_con) { struct cli_state *n; - n = cli_net_use_add(srv_name, &usr, False); + n = cli_net_use_add(cmd.name, &usr.ntc, False, reuse); if (n == NULL) { - DEBUG(0,("Unable to connect to %s\n", srv_name)); + DEBUG(0,("Unable to connect to %s\n", cmd.name)); return NULL; } @@ -173,7 +162,7 @@ static struct cli_state *init_client_connection(int c) if (write(c, n, sizeof(*n)) < 0) { DEBUG(0,("Could not write connection down pipe.\n")); - cli_net_use_del(srv_name, &usr, False, NULL); + cli_net_use_del(cmd.name, &usr.ntc, False, NULL); return NULL; } return n; @@ -305,8 +294,6 @@ static BOOL process_srv_sock(struct sock_redir **socks, uint32 num_socks, static int get_agent_sock(char *id) { - int s; - struct sockaddr_un sa; fstring path; fstring dir; |