diff options
-rw-r--r-- | source4/libcli/dgram/libdgram.h | 1 | ||||
-rw-r--r-- | source4/libcli/dgram/mailslot.c | 20 | ||||
-rw-r--r-- | source4/libcli/dgram/netlogon.c | 8 | ||||
-rw-r--r-- | source4/libcli/dgram/ntlogon.c | 8 | ||||
-rw-r--r-- | source4/librpc/idl/nbt.idl | 3 | ||||
-rw-r--r-- | source4/nbt_server/dgram/ntlogon.c | 41 |
6 files changed, 70 insertions, 11 deletions
diff --git a/source4/libcli/dgram/libdgram.h b/source4/libcli/dgram/libdgram.h index af278d2ab6..b8ca9e2fe5 100644 --- a/source4/libcli/dgram/libdgram.h +++ b/source4/libcli/dgram/libdgram.h @@ -109,6 +109,7 @@ struct dgram_mailslot_handler *dgram_mailslot_temp(struct nbt_dgram_socket *dgms const char *mailslot_name, dgram_mailslot_handler_t handler, void *private); +DATA_BLOB dgram_mailslot_data(struct nbt_dgram_packet *dgram); NTSTATUS dgram_mailslot_send(struct nbt_dgram_socket *dgmsock, diff --git a/source4/libcli/dgram/mailslot.c b/source4/libcli/dgram/mailslot.c index ca9a66a729..d7c0870ded 100644 --- a/source4/libcli/dgram/mailslot.c +++ b/source4/libcli/dgram/mailslot.c @@ -167,7 +167,7 @@ NTSTATUS dgram_mailslot_send(struct nbt_dgram_socket *dgmsock, msg = &packet.data.msg; /* this length calculation is very crude - it should be based on gensize calls */ - msg->length = 138 + strlen(mailslot_name) + request->length; + msg->length = 138 + strlen(mailslot_name) + request->length; msg->offset = 0; msg->source_name = *src_name; @@ -194,3 +194,21 @@ NTSTATUS dgram_mailslot_send(struct nbt_dgram_socket *dgmsock, return status; } + +/* + return the mailslot data portion from a mailslot packet +*/ +DATA_BLOB dgram_mailslot_data(struct nbt_dgram_packet *dgram) +{ + struct smb_trans_body *trans = &dgram->data.msg.body.smb.body.trans; + DATA_BLOB ret = trans->data; + int pad = trans->data_offset - (70 + strlen(trans->mailslot_name)); + + if (pad < 0 || pad > ret.length) { + DEBUG(2,("Badly formatted data in mailslot - pad = %d\n", pad)); + return data_blob(NULL, 0); + } + ret.data += pad; + ret.length -= pad; + return ret; +} diff --git a/source4/libcli/dgram/netlogon.c b/source4/libcli/dgram/netlogon.c index a030ca73c2..208117845b 100644 --- a/source4/libcli/dgram/netlogon.c +++ b/source4/libcli/dgram/netlogon.c @@ -101,16 +101,16 @@ NTSTATUS dgram_mailslot_netlogon_parse(struct dgram_mailslot_handler *dgmslot, struct nbt_dgram_packet *dgram, struct nbt_netlogon_packet *netlogon) { - DATA_BLOB *data = &dgram->data.msg.body.smb.body.trans.data; + DATA_BLOB data = dgram_mailslot_data(dgram); NTSTATUS status; - status = ndr_pull_struct_blob(data, mem_ctx, netlogon, + status = ndr_pull_struct_blob(&data, mem_ctx, netlogon, (ndr_pull_flags_fn_t)ndr_pull_nbt_netlogon_packet); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("Failed to parse netlogon packet of length %d\n", - data->length)); + data.length)); #if 0 - file_save("netlogon.dat", data->data, data->length); + file_save("netlogon.dat", data.data, data.length); #endif } return status; diff --git a/source4/libcli/dgram/ntlogon.c b/source4/libcli/dgram/ntlogon.c index 7f18e8cec6..1c1f138b1e 100644 --- a/source4/libcli/dgram/ntlogon.c +++ b/source4/libcli/dgram/ntlogon.c @@ -101,16 +101,16 @@ NTSTATUS dgram_mailslot_ntlogon_parse(struct dgram_mailslot_handler *dgmslot, struct nbt_dgram_packet *dgram, struct nbt_ntlogon_packet *ntlogon) { - DATA_BLOB *data = &dgram->data.msg.body.smb.body.trans.data; + DATA_BLOB data = dgram_mailslot_data(dgram); NTSTATUS status; - status = ndr_pull_struct_blob(data, mem_ctx, ntlogon, + status = ndr_pull_struct_blob(&data, mem_ctx, ntlogon, (ndr_pull_flags_fn_t)ndr_pull_nbt_ntlogon_packet); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("Failed to parse ntlogon packet of length %d\n", - data->length)); + data.length)); #if 0 - file_save("ntlogon.dat", data->data, data->length); + file_save("ntlogon.dat", data.data, data.length); #endif } return status; diff --git a/source4/librpc/idl/nbt.idl b/source4/librpc/idl/nbt.idl index d7c89966f1..f6c491fe90 100644 --- a/source4/librpc/idl/nbt.idl +++ b/source4/librpc/idl/nbt.idl @@ -259,7 +259,7 @@ [value(strlen(r->mailslot_name)+1+r->data.length)] uint16 byte_count; astring mailslot_name; - [flag(NDR_REMAINING)] DATA_BLOB data; + [flag(NDR_REMAINING)] DATA_BLOB data; } smb_trans_body; typedef [nodiscriminant] union { @@ -435,5 +435,4 @@ nbt_ntlogon_command command; [switch_is(command)] nbt_ntlogon_request req; } nbt_ntlogon_packet; - } diff --git a/source4/nbt_server/dgram/ntlogon.c b/source4/nbt_server/dgram/ntlogon.c index d035c2f00a..17a6c6f0af 100644 --- a/source4/nbt_server/dgram/ntlogon.c +++ b/source4/nbt_server/dgram/ntlogon.c @@ -26,6 +26,44 @@ #include "smbd/service_task.h" #include "lib/socket/socket.h" + +/* + reply to a SAM LOGON request + */ +static void nbtd_ntlogon_sam_logon(struct dgram_mailslot_handler *dgmslot, + struct nbt_dgram_packet *packet, + const char *src_address, int src_port, + struct nbt_ntlogon_packet *ntlogon) +{ + struct nbt_name *name = &packet->data.msg.dest_name; + struct nbt_ntlogon_packet reply; + struct nbt_ntlogon_sam_logon_reply *logon; + + /* only answer sam logon requests on the PDC or LOGON names */ + if (name->type != NBT_NAME_PDC && name->type != NBT_NAME_LOGON) { + return; + } + + /* setup a SAM LOGON reply */ + ZERO_STRUCT(reply); + reply.command = NTLOGON_SAM_LOGON_REPLY; + logon = &reply.req.reply; + + logon->server = talloc_asprintf(packet, "\\\\%s", lp_netbios_name()); + logon->user_name = ntlogon->req.logon.user_name; + logon->domain = lp_workgroup(); + logon->nt_version = 1; + logon->lmnt_token = 0xFFFF; + logon->lm20_token = 0xFFFF; + + packet->data.msg.dest_name.type = 0; + + dgram_mailslot_ntlogon_reply(dgmslot->dgmsock, + packet, + ntlogon->req.logon.mailslot_name, + &reply); +} + /* handle incoming ntlogon mailslot requests */ @@ -60,6 +98,9 @@ void nbtd_mailslot_ntlogon_handler(struct dgram_mailslot_handler *dgmslot, NDR_PRINT_DEBUG(nbt_ntlogon_packet, ntlogon); switch (ntlogon->command) { + case NTLOGON_SAM_LOGON: + nbtd_ntlogon_sam_logon(dgmslot, packet, src_address, src_port, ntlogon); + break; default: DEBUG(2,("unknown ntlogon op %d from %s:%d\n", ntlogon->command, src_address, src_port)); |