diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/proto.h | 4 | ||||
-rw-r--r-- | source3/include/smb.h | 3 | ||||
-rw-r--r-- | source3/libsmb/clientgen.c | 53 | ||||
-rw-r--r-- | source3/rpc_parse/parse_net.c | 22 | ||||
-rw-r--r-- | source3/rpc_server/srv_netlog.c | 2 | ||||
-rw-r--r-- | source3/smbd/password.c | 13 |
6 files changed, 78 insertions, 19 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index adf753ccf5..70f61781ea 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1492,6 +1492,10 @@ BOOL nmb_name_equal(struct nmb_name *n1, struct nmb_name *n2); BOOL send_packet(struct packet_struct *p); struct packet_struct *receive_packet(int fd,enum packet_type type,int t); +/*The following definitions come from nterr.c */ + +char *get_nt_error_msg(uint32 nt_code); + /*The following definitions come from params.c */ BOOL pm_process( char *FileName, diff --git a/source3/include/smb.h b/source3/include/smb.h index 4438024dbd..8d5cc20582 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -298,7 +298,8 @@ struct cli_state { int uid; int protocol; int sec_mode; - int error; + int rap_error; + uint32 nt_error; int privilages; fstring eff_name; fstring desthost; diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 9de6afccee..f23c846cf9 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -71,19 +71,39 @@ char *cli_errstr(struct cli_state *cli) int i; /* - * Errors are of two kinds - smb errors, - * dealt with by cli_smb_errstr, and rap - * errors, whose error code is in cli.error. + * Errors are of three kinds - smb errors, + * dealt with by cli_smb_errstr, NT errors, + * whose code is in cli.nt_error, and rap + * errors, whose error code is in cli.rap_error. */ cli_error(cli, &errclass, &errnum); if(errclass != 0) return cli_smb_errstr(cli); - - sprintf(error_message, "code %d", cli->error); + + /* + * Was it an NT error ? + */ + + if(cli->nt_error) { + char *nt_msg = get_nt_error_msg(cli->nt_error); + + if(nt_msg == NULL) + sprintf(error_message, "NT code %d", cli->nt_error); + else + fstrcpy(error_message, nt_msg); + + return error_message; + } + + /* + * Must have been a rap error. + */ + + sprintf(error_message, "code %d", cli->rap_error); for(i = 0; rap_errmap[i].message != NULL; i++) { - if (rap_errmap[i].err == cli->error) { + if (rap_errmap[i].err == cli->rap_error) { fstrcpy( error_message, rap_errmap[i].message); break; } @@ -97,6 +117,8 @@ setup basics in a outgoing packet ****************************************************************************/ static void cli_setup_packet(struct cli_state *cli) { + cli->rap_error = 0; + cli->nt_error = 0; SSVAL(cli->outbuf,smb_pid,cli->pid); SSVAL(cli->outbuf,smb_uid,cli->uid); SSVAL(cli->outbuf,smb_mid,cli->mid); @@ -382,29 +404,27 @@ BOOL cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation) SSVAL(p, 0, BUFFER_SIZE); p += 2; - cli->error = -1; - if (cli_api(cli, param, PTR_DIFF(p,param),1024, /* param, length, max */ NULL, 0, BUFFER_SIZE, /* data, length, max */ &rparam, &rprcnt, /* return params, return size */ &rdata, &rdrcnt /* return data, return size */ )) { - cli->error = SVAL(rparam,0); + cli->rap_error = SVAL(rparam,0); p = rdata; - if (cli->error == 0) { + if (cli->rap_error == 0) { DEBUG(4,("NetWkstaUserLogon success\n")); cli->privilages = SVAL(p, 24); fstrcpy(cli->eff_name,p+2); } else { - DEBUG(1,("NetwkstaUserLogon gave error %d\n", cli->error)); + DEBUG(1,("NetwkstaUserLogon gave error %d\n", cli->rap_error)); } } if (rparam) free(rparam); if (rdata) free(rdata); - return cli->error == 0; + return (cli->rap_error == 0); } @@ -1357,8 +1377,6 @@ BOOL cli_oem_change_password(struct cli_state *cli, char *user, char *new_passwo char *rdata = NULL; int rprcnt, rdrcnt; - cli->error = -1; - if(strlen(user) >= sizeof(fstring)-1) { DEBUG(0,("cli_oem_change_password: user name %s is too long.\n", user)); return False; @@ -1432,7 +1450,7 @@ BOOL cli_oem_change_password(struct cli_state *cli, char *user, char *new_passwo &rparam, &rprcnt, &rdata, &rdrcnt)) { if(rparam) - cli->error = SVAL(rparam,0); + cli->rap_error = SVAL(rparam,0); } if (rparam) @@ -1440,7 +1458,7 @@ BOOL cli_oem_change_password(struct cli_state *cli, char *user, char *new_passwo if (rdata) free(rdata); - return (cli->error == 0); + return (cli->rap_error == 0); } /**************************************************************************** @@ -1561,7 +1579,8 @@ BOOL cli_session_request(struct cli_state *cli, char *host, int name_type, return False; if (CVAL(cli->inbuf,0) != 0x82) { - cli->error = CVAL(cli->inbuf,0); + /* This is the wrong place to put the error... JRA. */ + cli->rap_error = CVAL(cli->inbuf,0); return False; } return(True); diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c index 529cd37105..c5dd23a00e 100644 --- a/source3/rpc_parse/parse_net.c +++ b/source3/rpc_parse/parse_net.c @@ -569,7 +569,17 @@ static int make_dom_sid2s(char *sids_str, DOM_SID2 *sids, int max_sids) /******************************************************************* makes a NET_ID_INFO_1 structure. + +This is an interactive logon packet. The log_id parameters +are what an NT server would generate for LUID once the +user is logged on. I don't think we care about them. + +Note that this passes the actual NT and LM hashed passwords +over the secure channel. This is not the preferred logon +method from a Samba domain client as it exposes the password +hashes to anyone who has compromised the secure channel. JRA. ********************************************************************/ + void make_id_info1(NET_ID_INFO_1 *id, char *domain_name, uint32 param_ctrl, uint32 log_id_low, uint32 log_id_high, char *user_name, char *wksta_name, @@ -671,7 +681,19 @@ void net_io_id_info1(char *desc, NET_ID_INFO_1 *id, prs_struct *ps, int depth) /******************************************************************* makes a NET_ID_INFO_2 structure. + +This is a network logon packet. The log_id parameters +are what an NT server would generate for LUID once the +user is logged on. I don't think we care about them. + +Note that this has no access to the NT and LM hashed passwords, +so it forwards the challenge, and the NT and LM responses (24 +bytes each) over the secure channel to the Domain controller +for it to say yea or nay. This is the preferred method of +checking for a logon as it doesn't export the password +hashes to anyone who has compromised the secure channel. JRA. ********************************************************************/ + void make_id_info2(NET_ID_INFO_2 *id, char *domain_name, uint32 param_ctrl, uint32 log_id_low, uint32 log_id_high, char *user_name, char *wksta_name, diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 83e590a14b..eb4dfb4a26 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -647,7 +647,7 @@ static void api_net_sam_logon( int uid, { case 1: { - /* interactive login. passwords arcfour'd with session key */ + /* interactive login. */ status = net_login_interactive(&q_l.sam_id.ctr->auth.id1, smb_pass, vuser); break; diff --git a/source3/smbd/password.c b/source3/smbd/password.c index d627edf1cd..11ffe4afd1 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -1886,6 +1886,7 @@ BOOL domain_client_validate( char *user, char *domain, struct in_addr dest_ip; struct cli_state cli; BOOL connected_ok = False; + int fnum; /* * Check that the requested domain is not our own machine name. @@ -2037,6 +2038,18 @@ Error was : %s.\n", remote_machine, cli_errstr(&cli) )); * Now start the NT Domain stuff :-). */ + /* + * First, open the pipe to \PIPE\NETLOGON. + */ + + if((fnum = cli_open(&cli, PIPE_NETLOGON, O_CREAT, DENY_NONE)) == -1) { + DEBUG(0,("domain_client_validate: cli_open on %s on machine %s failed. Error was :%s.\n", + PIPE_NETLOGON, remote_machine, cli_errstr(&cli))); + cli_ulogoff(&cli); + cli_shutdown(&cli); + return False; + } + return False; } #endif /* DOMAIN_CLIENT */ |