diff options
Diffstat (limited to 'source3/lib')
| -rw-r--r-- | source3/lib/domain_namemap.c | 4 | ||||
| -rw-r--r-- | source3/lib/msrpc-agent.c | 63 | ||||
| -rw-r--r-- | source3/lib/msrpc-client.c | 127 | ||||
| -rw-r--r-- | source3/lib/msrpc_use.c | 38 |
4 files changed, 123 insertions, 109 deletions
diff --git a/source3/lib/domain_namemap.c b/source3/lib/domain_namemap.c index 551c7290ea..9c94783239 100644 --- a/source3/lib/domain_namemap.c +++ b/source3/lib/domain_namemap.c @@ -882,8 +882,8 @@ static BOOL lookup_remote_ntname(const char *ntname, DOM_SID *sid, uint8 *type) struct cli_state cli; POLICY_HND lsa_pol; fstring srv_name; - extern struct user_credentials *usr_creds; - struct user_credentials usr; + extern struct ntuser_creds *usr_creds; + struct ntuser_creds usr; BOOL res3 = True; BOOL res4 = True; diff --git a/source3/lib/msrpc-agent.c b/source3/lib/msrpc-agent.c index 0bb9429ecb..9fc592d377 100644 --- a/source3/lib/msrpc-agent.c +++ b/source3/lib/msrpc-agent.c @@ -28,7 +28,7 @@ static char packet[BUFFER_SIZE]; /**************************************************************************** terminate sockent connection -***********************************************************<*****************/ +****************************************************************************/ static void free_sock(void *sock) { if (sock != NULL) @@ -41,20 +41,21 @@ static void free_sock(void *sock) static struct msrpc_state *init_client_connection(int c) { pstring buf; - uchar ntpw[16]; - uchar lmpw[16]; fstring pipe_name; - struct user_credentials usr; - char *p = buf; + struct user_creds usr; int rl; uint32 len; - uint16 version; - uint16 command; BOOL new_con = False; + struct msrpc_state *n = NULL; + + CREDS_CMD cmd; + prs_struct ps; ZERO_STRUCT(usr); + ZERO_STRUCT(cmd); + cmd.cred = &usr; - DEBUG(10,("first request\n")); + DEBUG(10,("init_client_connection: first request\n")); rl = read(c, &buf, sizeof(len)); @@ -84,41 +85,30 @@ static struct msrpc_state *init_client_connection(int c) #ifdef DEBUG_PASSWORD dump_data(100, buf, rl); #endif - version = SVAL(p, 0); - p += 2; - command = SVAL(p, 0); - p += 2; - fstrcpy(pipe_name, p); - p = skip_string(p, 1); - fstrcpy(usr.user_name, p); - p = skip_string(p, 1); - fstrcpy(usr.domain, p); - p = skip_string(p, 1); + /* make a static data parsing structure from the api_fd_reply data */ + prs_init(&ps, 0, 4, 0, True); + mem_create(ps.data, buf, 0, len, 0, False); - if (PTR_DIFF(p, buf) < rl) - { - memcpy(lmpw, p, 16); - p += 16; - memcpy(ntpw, p, 16); - p += 16; - pwd_set_lm_nt_16(&usr.pwd, lmpw, ntpw); - } - else + if (!creds_io_cmd("creds", &cmd, &ps, 0)) { - pwd_set_nullpwd(&usr.pwd); + DEBUG(0,("Unable to parse credentials\n")); + mem_free_data(ps.data); + return NULL; } - if (PTR_DIFF(p, buf) != rl) + mem_free_data(ps.data); + + if (ps.offset != rl) { - DEBUG(0,("Buffer size %d %d!\n", - PTR_DIFF(p, buf), rl)); + DEBUG(0,("Buffer size %d %d!\n", ps.offset, rl)); return NULL; } - switch (command) + switch (cmd.command) { case AGENT_CMD_CON: + case AGENT_CMD_CON_ANON: { new_con = True; break; @@ -126,19 +116,17 @@ static struct msrpc_state *init_client_connection(int c) case AGENT_CMD_CON_REUSE: { new_con = True; - usr.reuse = True; break; } default: { - DEBUG(0,("unknown command %d\n", command)); + DEBUG(0,("unknown command %d\n", cmd.command)); return NULL; } } if (new_con) { - struct msrpc_state *n; uint32 status = 0; n = msrpc_use_add(pipe_name, &usr, False); @@ -162,9 +150,9 @@ static struct msrpc_state *init_client_connection(int c) n = NULL; } } - return n; } - return NULL; + free_user_creds(&usr); + return n; } static BOOL process_cli_sock(struct sock_redir **socks, uint32 num_socks, @@ -256,6 +244,7 @@ void start_msrpc_agent(char *pipe_name) if (fork() == 0) { + /* child */ start_agent(&va); } } diff --git a/source3/lib/msrpc-client.c b/source3/lib/msrpc-client.c index fb82c54700..6e80063862 100644 --- a/source3/lib/msrpc-client.c +++ b/source3/lib/msrpc-client.c @@ -134,7 +134,7 @@ BOOL msrpc_connect(struct msrpc_state *msrpc, const char *pipe_name) /**************************************************************************** initialise a msrpcent structure ****************************************************************************/ -void msrpc_init_creds(struct msrpc_state *msrpc, const struct user_credentials *usr) +void msrpc_init_creds(struct msrpc_state *msrpc, const struct user_creds *usr) { copy_user_creds(&msrpc->usr, usr); } @@ -161,58 +161,39 @@ void msrpc_sockopt(struct msrpc_state *msrpc, char *options) } -static BOOL msrpc_init_redirect(struct msrpc_state *msrpc, - const char* pipe_name, - const struct user_credentials *usr) +static BOOL msrpc_authenticate(struct msrpc_state *msrpc, + const struct user_creds *usr) { - int sock; struct msrpc_state msrpc_redir; - fstring path; - pstring data; + int sock = msrpc->fd; + char *data; + prs_struct ps; uint32 len; - char *p; char *in = msrpc->inbuf; char *out = msrpc->outbuf; + uint16 command; - slprintf(path, sizeof(path)-1, "/tmp/.msrpc/.%s/agent", pipe_name); - - sock = open_pipe_sock(path); + command = usr != NULL ? AGENT_CMD_CON : AGENT_CMD_CON_ANON; - if (sock < 0) + if (usr != NULL) { - return False; + usr->ptr_ntc = 1; + usr->ptr_uxc = 1; + usr->ptr_nts = 0; + usr->ptr_uxs = 0; } - ZERO_STRUCT(data); - - p = &data[4]; - SSVAL(p, 0, 0); - p += 2; - - SSVAL(p, 0, usr->reuse ? AGENT_CMD_CON_REUSE : AGENT_CMD_CON); - p += 2; - - safe_strcpy(p, pipe_name, 16); - p = skip_string(p, 1); - safe_strcpy(p, usr != NULL ? usr->user_name : "", 16); - p = skip_string(p, 1); - safe_strcpy(p, usr != NULL ? usr->domain : "", 16); - p = skip_string(p, 1); - - if (usr != NULL && !pwd_is_nullpwd(&usr->pwd)) + if (!create_user_creds(&ps, msrpc->pipe_name, 0x0, command, usr)) { - uchar lm16[16]; - uchar nt16[16]; - - pwd_get_lm_nt_16(&usr->pwd, lm16, nt16); - memcpy(p, lm16, 16); - p += 16; - memcpy(p, nt16, 16); - p += 16; + DEBUG(0,("could not parse credentials\n")); + close(sock); + return False; } - len = PTR_DIFF(p, data); + len = ps.offset; + data = mem_data(&ps.data, 0); + SIVAL(data, 0, len); #ifdef DEBUG_PASSWORD @@ -223,31 +204,67 @@ static BOOL msrpc_init_redirect(struct msrpc_state *msrpc, if (write(sock, data, len) <= 0) { DEBUG(0,("write failed\n")); - close(sock); return False; } - len = read(sock, &msrpc_redir, sizeof(msrpc_redir)); + if (msrpc->redirect) + { + len = read(sock, &msrpc_redir, sizeof(msrpc_redir)); - if (len != sizeof(msrpc_redir)) + if (len != sizeof(msrpc_redir)) + { + DEBUG(0,("read failed\n")); + return False; + } + + memcpy(msrpc, &msrpc_redir, sizeof(msrpc_redir)); + msrpc->inbuf = in; + msrpc->outbuf = out; + msrpc->fd = sock; + msrpc->usr.reuse = False; + } + else + { + uint32 status; + len = read(sock, &status, sizeof(status)); + + return len == sizeof(status) && status == 0x0; + } + return True; +} + +static BOOL msrpc_init_redirect(struct msrpc_state *msrpc, + const char* pipe_name, + const struct user_creds *usr) +{ + int sock; + fstring path; + + slprintf(path, sizeof(path)-1, "/tmp/.msrpc/.%s/agent", pipe_name); + + sock = open_pipe_sock(path); + + if (sock < 0) { - DEBUG(0,("read failed\n")); - close(sock); return False; } - - memcpy(msrpc, &msrpc_redir, sizeof(msrpc_redir)); - msrpc->inbuf = in; - msrpc->outbuf = out; + msrpc->fd = sock; - msrpc->usr.reuse = False; + + if (!msrpc_authenticate(msrpc, usr)) + { + DEBUG(0,("authenticate failed\n")); + close(msrpc->fd); + msrpc->fd = -1; + return False; + } return True; } BOOL msrpc_connect_auth(struct msrpc_state *msrpc, const char* pipename, - const struct user_credentials *usr) + const struct user_creds *usr) { ZERO_STRUCTP(msrpc); if (!msrpc_initialise(msrpc)) @@ -326,7 +343,7 @@ BOOL msrpc_establish_connection(struct msrpc_state *msrpc, { DEBUG(5,("msrpc_establish_connection: connecting to %s (%s) - %s\n", pipe_name, - msrpc->usr.user_name, msrpc->usr.domain)); + msrpc->usr.ntc.user_name, msrpc->usr.ntc.domain)); /* establish connection */ @@ -359,6 +376,14 @@ BOOL msrpc_establish_connection(struct msrpc_state *msrpc, } } + if (!msrpc_authenticate(msrpc, &msrpc->usr)) + { + DEBUG(0,("authenticate failed\n")); + close(msrpc->fd); + msrpc->fd = -1; + return False; + } + return True; } diff --git a/source3/lib/msrpc_use.c b/source3/lib/msrpc_use.c index a8fb009df0..193867e610 100644 --- a/source3/lib/msrpc_use.c +++ b/source3/lib/msrpc_use.c @@ -109,18 +109,18 @@ find client state. server name, user name, domain name and password must all match. ****************************************************************************/ static struct msrpc_use *msrpc_find(const char* pipe_name, - const struct user_credentials *usr_creds) + const struct user_creds *usr_creds) { int i; - struct user_credentials null_usr; + struct user_creds null_usr; copy_user_creds(&null_usr, usr_creds); usr_creds = &null_usr; DEBUG(10,("msrpc_find: %s %s %s\n", pipe_name, - usr_creds->user_name, - usr_creds->domain)); + usr_creds->ntc.user_name, + usr_creds->ntc.domain)); for (i = 0; i < num_msrpcs; i++) { @@ -133,28 +133,28 @@ static struct msrpc_use *msrpc_find(const char* pipe_name, DEBUG(10,("msrpc_find[%d]: %s %s %s\n", i, msrpc_name, - c->cli->usr.user_name, - c->cli->usr.domain)); + c->cli->usr.ntc.user_name, + c->cli->usr.ntc.domain)); if (!strequal(msrpc_name, pipe_name)) { continue; } - if (!strequal(usr_creds->user_name, c->cli->usr.user_name)) + if (!strequal(usr_creds->ntc.user_name, c->cli->usr.ntc.user_name)) { continue; } if (!usr_creds->reuse && - !pwd_compare(&usr_creds->pwd, &c->cli->usr.pwd)) + !pwd_compare(&usr_creds->ntc.pwd, &c->cli->usr.ntc.pwd)) { DEBUG(100,("password doesn't match\n")); continue; } - if (usr_creds->domain[0] == 0) + if (usr_creds->ntc.domain[0] == 0) { return c; } - if (strequal(usr_creds->domain, c->cli->usr.domain)) + if (strequal(usr_creds->ntc.domain, c->cli->usr.ntc.domain)) { return c; } @@ -167,7 +167,7 @@ static struct msrpc_use *msrpc_find(const char* pipe_name, create a new client state from user credentials ****************************************************************************/ static struct msrpc_use *msrpc_use_get(const char* pipe_name, - const struct user_credentials *usr_creds) + const struct user_creds *usr_creds) { struct msrpc_use *cli = (struct msrpc_use*)malloc(sizeof(*cli)); @@ -194,7 +194,7 @@ static struct msrpc_use *msrpc_use_get(const char* pipe_name, init client state ****************************************************************************/ struct msrpc_state *msrpc_use_add(const char* pipe_name, - const struct user_credentials *usr_creds, + const struct user_creds *usr_creds, BOOL redir) { struct msrpc_use *cli = msrpc_find(pipe_name, usr_creds); @@ -236,7 +236,7 @@ struct msrpc_state *msrpc_use_add(const char* pipe_name, delete a client state ****************************************************************************/ BOOL msrpc_use_del(const char* pipe_name, - const struct user_credentials *usr_creds, + const struct user_creds *usr_creds, BOOL force_close, BOOL *connection_closed) { @@ -261,10 +261,10 @@ BOOL msrpc_use_del(const char* pipe_name, if (!strequal(msrpc_name, pipe_name)) continue; - if (strequal(usr_creds->user_name, - msrpcs[i]->cli->usr.user_name) && - strequal(usr_creds->domain, - msrpcs[i]->cli->usr.domain)) + if (strequal(usr_creds->ntc.user_name, + msrpcs[i]->cli->usr.ntc.user_name) && + strequal(usr_creds->ntc.domain, + msrpcs[i]->cli->usr.ntc.domain)) { /* decrement number of users */ msrpcs[i]->num_users--; @@ -311,8 +311,8 @@ void msrpc_net_use_enum(uint32 *num_cons, struct use_info ***use) if (item.connected) { item.srv_name = msrpcs[i]->cli->pipe_name; - item.user_name = msrpcs[i]->cli->usr.user_name; - item.domain = msrpcs[i]->cli->usr.domain; + item.user_name = msrpcs[i]->cli->usr.ntc.user_name; + item.domain = msrpcs[i]->cli->usr.ntc.domain; } add_use_info_to_array(num_cons, use, &item); |