summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/password.c129
-rw-r--r--source3/smbd/reply.c38
-rw-r--r--source3/smbd/server.c11
3 files changed, 3 insertions, 175 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 91f727701c..fa46a74c14 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -606,132 +606,3 @@ use this machine as the password server.\n"));
return(True);
}
-/***********************************************************************
- Do the same as security=server, but using NT Domain calls and a session
- key from the workstation trust account password.
-************************************************************************/
-
-BOOL domain_client_validate( char *user, char *domain,
- char *acct_name, uint16 acct_type,
- char *smb_apasswd, int smb_apasslen,
- char *smb_ntpasswd, int smb_ntpasslen,
- uchar user_sess_key[16])
-{
- unsigned char local_challenge[8];
- unsigned char local_lm_response[24];
- unsigned char local_nt_reponse[24];
- unsigned char trust_passwd[16];
- NET_ID_INFO_CTR ctr;
- NET_USER_INFO_3 info3;
- uint32 smb_uid_low;
- fstring trust_acct;
- fstring srv_name;
-
- fstrcpy(trust_acct, acct_name);
- fstrcat(trust_acct, "$");
-
- /*
- * Check that the requested domain is not our own machine name.
- * If it is, we should never check the PDC here, we use our own local
- * password file.
- */
-
- if(strequal( domain, global_myname))
- {
- DEBUG(3,("domain_client_validate: Requested domain was for this machine.\n"));
- return False;
- }
-
- if (!get_any_dc_name(domain, srv_name))
- {
- DEBUG(3,("domain_client_validate: could not find domain %s\n",
- domain));
- return False;
- }
-
- /*
- * Next, check that the passwords given were encrypted.
- */
-
- if(((smb_apasslen != 24) && (smb_apasslen != 0)) ||
- ((smb_ntpasslen <= 24) && (smb_ntpasslen != 0)))
- {
- /*
- * Not encrypted - do so.
- */
-
- DEBUG(3,("domain_client_validate: User passwords not in encrypted format.\n"));
- generate_random_buffer( local_challenge, 8, False);
- SMBencrypt( (uchar *)smb_apasswd, local_challenge, local_lm_response);
- SMBNTencrypt((uchar *)smb_ntpasswd, local_challenge, local_nt_reponse);
- smb_apasslen = 24;
- smb_ntpasslen = 24;
- smb_apasswd = (char *)local_lm_response;
- smb_ntpasswd = (char *)local_nt_reponse;
- }
- else
- {
- /*
- * Encrypted - get the challenge we sent for these
- * responses.
- */
-
- if (!last_challenge(local_challenge))
- {
- DEBUG(0,("domain_client_validate: no challenge done - password failed\n"));
- return False;
- }
- }
-
- /*
- * Get the workstation trust account password.
- */
- if (!trust_get_passwd( trust_passwd, domain, acct_name))
- {
- return False;
- }
-
- /*
- * At this point, smb_apasswd points to the lanman response to
- * the challenge in local_challenge, and smb_ntpasswd points to
- * the NT response to the challenge in local_challenge. Ship
- * these over the secure channel to a domain controller and
- * see if they were valid.
- */
-
- /*
- * Ok - we have an anonymous connection to the IPC$ share.
- * Now start the NT Domain stuff :-).
- */
-
- if(cli_nt_setup_creds(srv_name, global_myname, trust_acct,
- trust_passwd, acct_type) != 0x0)
- {
- DEBUG(0,("domain_client_validate: unable to setup the PDC credentials to machine \
- %s.\n", srv_name));
- return False;
- }
-
- /* We really don't care what LUID we give the user. */
- generate_random_buffer( (unsigned char *)&smb_uid_low, 4, False);
-
- if (!cli_nt_login_network(srv_name, global_myname,
- domain, user,
- smb_uid_low, (char *)local_challenge,
- ((smb_apasslen != 0) ? smb_apasswd : NULL),
- ((smb_ntpasslen != 0) ? smb_ntpasswd : NULL),
- &ctr, &info3))
- {
- DEBUG(0,("domain_client_validate: unable to validate password for user %s in domain \
- %s to Domain controller %s.\n", user, domain, srv_name));
- return False;
- }
-
- /*
- * Here, if we really want it, we have lots of info about the user in info3.
- * LKCLXXXX - really important to check things like "is this user acct
- * locked out / disabled" etc!!!!
- */
-
- return True;
-}
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 81f2a9beb9..10146c1287 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -496,41 +496,6 @@ static BOOL check_server_security(char *orig_user, char *domain,
}
/****************************************************************************
- Check for a valid username and password in security=domain mode.
-****************************************************************************/
-
-static BOOL check_domain_security(char *orig_user, char *domain,
- char *smb_apasswd, int smb_apasslen,
- char *smb_ntpasswd, int smb_ntpasslen,
- uchar user_sess_key[16])
-{
- fstring acct_name;
- uint16 acct_type = 0;
-
- if (lp_security() == SEC_SHARE || lp_security() == SEC_SERVER)
- {
- return False;
- }
-
- if (lp_security() == SEC_DOMAIN && strequal(domain, global_myworkgroup))
- {
- fstrcpy(acct_name, global_myname);
- acct_type = SEC_CHAN_WKSTA;
- }
- else
- {
- fstrcpy(acct_name, global_myworkgroup);
- acct_type = SEC_CHAN_DOMAIN;
- }
-
- return domain_client_validate(orig_user, domain,
- acct_name, acct_type,
- smb_apasswd, smb_apasslen,
- smb_ntpasswd, smb_ntpasslen,
- user_sess_key);
-}
-
-/****************************************************************************
reply to a session setup command
****************************************************************************/
@@ -552,6 +517,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int
static BOOL done_sesssetup = False;
BOOL doencrypt = SMBENCRYPT();
char *domain = "";
+ uchar last_chal[8];
*smb_apasswd = 0;
*smb_ntpasswd = 0;
@@ -736,7 +702,9 @@ user %s attempted down-level SMB connection\n", user));
!check_server_security(orig_user, domain,
smb_apasswd, smb_apasslen,
smb_ntpasswd, smb_ntpasslen) &&
+ !last_challenge(last_chal) &&
!check_domain_security(orig_user, domain,
+ last_chal,
smb_apasswd, smb_apasslen,
smb_ntpasswd, smb_ntpasslen, user_sess_key) &&
!check_hosts_equiv(user)
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index f6ea8ecb65..bdb2827483 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -480,7 +480,6 @@ static void init_structs(void)
{
exit_server("could not allocate policy handles\n");
}
- init_printer_hnd(); /* for SPOOLSS handles */
init_dptrs();
init_dfs_table();
}
@@ -678,16 +677,6 @@ static void usage(char *pname)
}
#endif /* WITH_SSL */
- start_msrpc_agent("lsarpc");
- add_msrpc_command_processor( "samr", "lsass", api_samr_rpc );
- add_msrpc_command_processor( "srvsvc", "ntsvcs", api_srvsvc_rpc );
- add_msrpc_command_processor( "wkssvc", "ntsvcs", api_wkssvc_rpc );
- add_msrpc_command_processor( "browser", "ntsvcs", api_brs_rpc );
- add_msrpc_command_processor( "svcctl", "ntsvcs", api_svcctl_rpc );
- add_msrpc_command_processor( "NETLOGON", "lsass", api_netlog_rpc );
- add_msrpc_command_processor( "winreg", "winreg", api_reg_rpc );
- add_msrpc_command_processor( "spoolss", "spoolss", api_spoolss_rpc );
-
codepage_initialise(lp_client_code_page());
if (!pwdb_initialise(True))