summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorLuke Leighton <lkcl@samba.org>1998-10-16 23:40:59 +0000
committerLuke Leighton <lkcl@samba.org>1998-10-16 23:40:59 +0000
commita785f8d2c90f3db579c781ca5f722cb5b695fcb4 (patch)
treec4927b78c9cc0db63d8c1625bb99e125cc98380d /source3
parentbad4e66489075fd5365e1bfdd8d1b8b633ae0004 (diff)
downloadsamba-a785f8d2c90f3db579c781ca5f722cb5b695fcb4.tar.gz
samba-a785f8d2c90f3db579c781ca5f722cb5b695fcb4.tar.bz2
samba-a785f8d2c90f3db579c781ca5f722cb5b695fcb4.zip
dce/rpc
(This used to be commit 29434f496c18e816d864060d68f357aea6ef5de8)
Diffstat (limited to 'source3')
-rw-r--r--source3/include/ntdomain.h1
-rw-r--r--source3/include/proto.h1
-rw-r--r--source3/include/smb.h3
-rw-r--r--source3/rpc_parse/parse_samr.c13
-rw-r--r--source3/rpc_server/srv_pipe_hnd.c3
-rw-r--r--source3/rpc_server/srv_samr.c76
-rw-r--r--source3/rpc_server/srv_util.c27
-rw-r--r--source3/rpcclient/cmd_samr.c19
8 files changed, 134 insertions, 9 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index 5fb40c5bcc..07d32519bf 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -85,6 +85,7 @@ typedef struct pipes_struct
RPC_AUTH_NTLMSSP_RESP ntlmssp_resp;
BOOL ntlmssp_auth;
+ BOOL ntlmssp_validated;
unsigned char ntlmssp_hash[258];
fstring user_name;
fstring domain;
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 63f4d624dc..a5d6d828f7 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1750,6 +1750,7 @@ void make_samr_q_chgpasswd_user(SAMR_Q_CHGPASSWD_USER *q_u,
char nt_newpass[516], char nt_oldhash[16],
char lm_newpass[516], char lm_oldhash[16]);
void samr_io_q_chgpasswd_user(char *desc, SAMR_Q_CHGPASSWD_USER *q_u, prs_struct *ps, int depth);
+void make_samr_r_chgpasswd_user(SAMR_R_CHGPASSWD_USER *r_u, uint32 status);
void samr_io_r_chgpasswd_user(char *desc, SAMR_R_CHGPASSWD_USER *r_u, prs_struct *ps, int depth);
/*The following definitions come from rpc_parse/parse_srv.c */
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 05ea1bf7c7..4cc5599f44 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -490,6 +490,7 @@ typedef struct connection_struct
name_compare_entry *hide_list; /* Per-share list of files to return as hidden. */
name_compare_entry *veto_list; /* Per-share list of files to veto (never show). */
name_compare_entry *veto_oplock_list; /* Per-share list of files to refuse oplocks on. */
+
} connection_struct;
struct current_user
@@ -497,7 +498,7 @@ struct current_user
connection_struct *conn;
uint16 vuid;
uid_t uid;
- gid_t gid;
+ gid_t gid;
int ngroups;
gid_t *groups;
};
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index eb882a7564..a443191a7a 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -2357,6 +2357,7 @@ void make_samr_q_connect(SAMR_Q_CONNECT *q_u,
DEBUG(5,("make_q_connect\n"));
/* make PDC server name \\server */
+ q_u->ptr_srv_name = len_srv_name > 0 ? 1 : 0;
make_unistr2(&(q_u->uni_srv_name), srv_name, len_srv_name);
/* example values: 0x0000 0002 */
@@ -2751,6 +2752,18 @@ void samr_io_q_chgpasswd_user(char *desc, SAMR_Q_CHGPASSWD_USER *q_u, prs_struct
}
/*******************************************************************
+makes a SAMR_R_CHGPASSWD_USER structure.
+********************************************************************/
+void make_samr_r_chgpasswd_user(SAMR_R_CHGPASSWD_USER *r_u, uint32 status)
+{
+ if (r_u == NULL) return;
+
+ DEBUG(5,("make_r_chgpasswd_user\n"));
+
+ r_u->status = status;
+}
+
+/*******************************************************************
reads or writes a structure.
********************************************************************/
void samr_io_r_chgpasswd_user(char *desc, SAMR_R_CHGPASSWD_USER *r_u, prs_struct *ps, int depth)
diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index 27e156943c..d5c99b89c4 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -137,6 +137,9 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name,
p->frag_len_left = 0;
p->next_frag_start = 0;
+ p->ntlmssp_validated = False;
+ p->ntlmssp_auth = False;
+
fstrcpy(p->name, pipe_name);
DEBUG(4,("Opened pipe %s with handle %x (pipes_open=%d)\n",
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index 11574be9b3..a3d758489c 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -719,6 +719,80 @@ static void api_samr_lookup_names( uint16 vuid, prs_struct *data, prs_struct *rd
samr_reply_lookup_names(&q_u, rdata);
}
+/*******************************************************************
+ samr_reply_chgpasswd_user
+ ********************************************************************/
+static void samr_reply_chgpasswd_user(SAMR_Q_CHGPASSWD_USER *q_u,
+ prs_struct *rdata)
+{
+ SAMR_R_CHGPASSWD_USER r_u;
+ uint32 status = 0x0;
+ fstring user_name;
+ fstring wks;
+
+ fstrcpy(user_name, unistrn2(q_u->uni_user_name.buffer, q_u->uni_user_name.uni_str_len));
+ fstrcpy(wks , unistrn2(q_u->uni_dest_host.buffer, q_u->uni_dest_host.uni_str_len));
+
+ DEBUG(5,("samr_chgpasswd_user: user: %s wks: %s\n", user_name, wks));
+
+ /* oops! */
+ status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
+
+ make_samr_r_chgpasswd_user(&r_u, status);
+
+ /* store the response in the SMB stream */
+ samr_io_r_chgpasswd_user("", &r_u, rdata, 0);
+
+ DEBUG(5,("samr_chgpasswd_user: %d\n", __LINE__));
+}
+
+/*******************************************************************
+ api_samr_chgpasswd_user
+ ********************************************************************/
+static void api_samr_chgpasswd_user( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+ SAMR_Q_CHGPASSWD_USER q_u;
+
+ /* unknown 38 command */
+ samr_io_q_chgpasswd_user("", &q_u, data, 0);
+
+ /* construct reply. */
+ samr_reply_chgpasswd_user(&q_u, rdata);
+}
+
+
+/*******************************************************************
+ samr_reply_unknown_38
+ ********************************************************************/
+static void samr_reply_unknown_38(SAMR_Q_UNKNOWN_38 *q_u,
+ prs_struct *rdata)
+{
+ SAMR_R_UNKNOWN_38 r_u;
+
+ DEBUG(5,("samr_unknown_38: %d\n", __LINE__));
+
+ make_samr_r_unknown_38(&r_u);
+
+ /* store the response in the SMB stream */
+ samr_io_r_unknown_38("", &r_u, rdata, 0);
+
+ DEBUG(5,("samr_unknown_38: %d\n", __LINE__));
+}
+
+/*******************************************************************
+ api_samr_unknown_38
+ ********************************************************************/
+static void api_samr_unknown_38( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+ SAMR_Q_UNKNOWN_38 q_u;
+
+ /* unknown 38 command */
+ samr_io_q_unknown_38("", &q_u, data, 0);
+
+ /* construct reply. always indicate success */
+ samr_reply_unknown_38(&q_u, rdata);
+}
+
/*******************************************************************
samr_reply_unknown_12
@@ -1356,6 +1430,8 @@ static struct api_struct api_samr_cmds [] =
{ "SAMR_QUERY_ALIASINFO" , SAMR_QUERY_ALIASINFO , api_samr_query_aliasinfo },
{ "SAMR_0x32" , 0x32 , api_samr_unknown_32 },
{ "SAMR_UNKNOWN_12" , SAMR_UNKNOWN_12 , api_samr_unknown_12 },
+ { "SAMR_UNKNOWN_38" , SAMR_UNKNOWN_38 , api_samr_unknown_38 },
+ { "SAMR_CHGPASSWD_USER" , SAMR_CHGPASSWD_USER , api_samr_chgpasswd_user },
{ "SAMR_OPEN_ALIAS" , SAMR_OPEN_ALIAS , api_samr_open_alias },
{ "SAMR_OPEN_DOMAIN" , SAMR_OPEN_DOMAIN , api_samr_open_domain },
{ "SAMR_UNKNOWN_3" , SAMR_UNKNOWN_3 , api_samr_unknown_3 },
diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 76f113374d..93640f3445 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -248,11 +248,12 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p)
dump_data(100, lm_owf, sizeof(lm_owf));
dump_data(100, nt_owf, sizeof(nt_owf));
#endif
- return True;
-#if 0
- return pass_check_smb(p->user_name, p->domain,
- p->ntplssp_chal.challenge, lm_owf, nt_owf);
-#endif
+ become_root(True);
+ p->ntlmssp_validated = pass_check_smb(p->user_name, p->domain,
+ p->ntlmssp_chal.challenge, lm_owf, nt_owf, NULL);
+ unbecome_root(True);
+
+ return p->ntlmssp_validated;
}
static BOOL api_pipe_ntlmssp(pipes_struct *p, prs_struct *pd)
@@ -486,10 +487,26 @@ static BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *pd)
return True;
}
+
+static BOOL api_pipe_auth_process(pipes_struct *p, prs_struct *pd)
+{
+ return True;
+}
+
static BOOL api_pipe_request(pipes_struct *p, prs_struct *pd)
{
int i = 0;
+ if (p->ntlmssp_auth && p->ntlmssp_validated)
+ {
+ if (!api_pipe_auth_process(p)) return False;
+
+ DEBUG(0,("api_pipe_request: **** MUST CALL become_user() HERE **** \n"));
+#if 0
+ become_user();
+#endif
+ }
+
for (i = 0; api_fd_commands[i].pipe_clnt_name; i++)
{
if (strequal(api_fd_commands[i].pipe_clnt_name, p->name) &&
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 877abce66e..a3fd579095 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -141,6 +141,17 @@ void cmd_sam_test(struct client_info *info)
fprintf(out_hnd, "SAM Encryption Test\n");
+ cli_nt_set_ntlmssp_flgs(smb_cli,
+ NTLMSSP_NEGOTIATE_UNICODE |
+ NTLMSSP_NEGOTIATE_OEM |
+ NTLMSSP_NEGOTIATE_SIGN |
+ NTLMSSP_NEGOTIATE_SEAL |
+ NTLMSSP_NEGOTIATE_LM_KEY |
+ NTLMSSP_NEGOTIATE_NTLM |
+ NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
+ NTLMSSP_NEGOTIATE_00001000 |
+ NTLMSSP_NEGOTIATE_00002000);
+
/* open SAMR session. */
res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
@@ -527,9 +538,11 @@ void cmd_sam_enum_aliases(struct client_info *info)
fstring alias_names [3];
uint32 num_als_usrs[3];
- fstrcpy(sid , info->dom.level5_sid);
- fstrcpy(domain, info->dom.level5_dom);
-
+ fstrcpy(sid , info->dom.level3_sid);
+ fstrcpy(domain, info->dom.level3_dom);
+#if 0
+ fstrcpy(sid , "S-1-5-20");
+#endif
if (strlen(sid) == 0)
{
fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");