summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/include/proto.h4
-rw-r--r--source3/include/rpc_misc.h6
-rw-r--r--source3/include/rpc_netlogon.h4
-rw-r--r--source3/lib/util.c4
-rw-r--r--source3/libsmb/clientgen.c2
-rw-r--r--source3/rpc_parse/parse_misc.c12
-rw-r--r--source3/rpc_parse/parse_net.c68
-rw-r--r--source3/rpc_server/srv_netlog.c25
-rw-r--r--source3/smbd/ipc.c3
-rw-r--r--source3/smbd/quotas.c2
-rw-r--r--source3/utils/smbpasswd.c39
11 files changed, 91 insertions, 78 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 209004e90a..a643996d3c 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -293,8 +293,8 @@ void make_clnt_info(DOM_CLNT_INFO *clnt,
void smb_io_clnt_info(char *desc, DOM_CLNT_INFO *clnt, prs_struct *ps, int depth);
void make_logon_id(DOM_LOGON_ID *log, uint32 log_id_low, uint32 log_id_high);
void smb_io_logon_id(char *desc, DOM_LOGON_ID *log, prs_struct *ps, int depth);
-void make_arc4_owf(ARC4_OWF *hash, uint8 data[16]);
-void smb_io_arc4_owf(char *desc, ARC4_OWF *hash, prs_struct *ps, int depth);
+void make_owf_info(OWF_INFO *hash, uint8 data[16]);
+void smb_io_owf_info(char *desc, OWF_INFO *hash, prs_struct *ps, int depth);
void smb_io_gid(char *desc, DOM_GID *gid, prs_struct *ps, int depth);
void smb_io_pol_hnd(char *desc, POLICY_HND *pol, prs_struct *ps, int depth);
void smb_io_dom_query_3(char *desc, DOM_QUERY_3 *d_q, prs_struct *ps, int depth);
diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h
index 5d4e385875..c6e0d8d5ee 100644
--- a/source3/include/rpc_misc.h
+++ b/source3/include/rpc_misc.h
@@ -243,12 +243,12 @@ typedef struct logon_info
} DOM_LOGON_ID;
-/* ARC4_OWF */
-typedef struct arc4_owf_info
+/* OWF INFO */
+typedef struct owf_info
{
uint8 data[16];
-} ARC4_OWF;
+} OWF_INFO;
/* DOM_GID - group id + user attributes */
diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h
index 1808649328..1fc6596821 100644
--- a/source3/include/rpc_netlogon.h
+++ b/source3/include/rpc_netlogon.h
@@ -293,8 +293,8 @@ typedef struct id_info_1
DOM_LOGON_ID logon_id; /* logon ID */
UNIHDR hdr_user_name; /* user name unicode header */
UNIHDR hdr_wksta_name; /* workstation name unicode header */
- ARC4_OWF arc4_lm_owf; /* arc4 LM OWF Password */
- ARC4_OWF arc4_nt_owf; /* arc4 NT OWF Password */
+ OWF_INFO lm_owf; /* LM OWF Password */
+ OWF_INFO nt_owf; /* NT OWF Password */
UNISTR2 uni_domain_name; /* domain name unicode string */
UNISTR2 uni_user_name; /* user name unicode string */
UNISTR2 uni_wksta_name; /* workgroup name unicode string */
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 306e80c307..2d3f8cc916 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -2492,6 +2492,8 @@ BOOL receive_local_message(int fd, char *buffer, int buffer_len, int timeout)
int fromlen = sizeof(from);
int32 msg_len = 0;
+ smb_read_error = 0;
+
if(timeout != 0)
{
struct timeval to;
@@ -2643,6 +2645,8 @@ BOOL receive_message_or_smb(int smbfd, int oplock_fd,
int selrtn;
struct timeval to;
+ smb_read_error = 0;
+
*got_smb = False;
/*
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index dcebf70455..4f57c08a95 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -1280,7 +1280,7 @@ BOOL cli_oem_change_password(struct cli_state *cli, char *user, char *new_passwo
E_P16((uchar *)upper_case_new_pw, new_pw_hash);
- E_old_pw_hash( new_pw_hash, old_pw_hash, &data[516]);
+ E_old_pw_hash( new_pw_hash, old_pw_hash, (uchar *)&data[516]);
data_len = 532;
diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c
index 225754903f..78524201ff 100644
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@@ -848,13 +848,13 @@ void smb_io_logon_id(char *desc, DOM_LOGON_ID *log, prs_struct *ps, int depth)
}
/*******************************************************************
-makes an ARC4_OWF structure.
+makes an OWF_INFO structure.
********************************************************************/
-void make_arc4_owf(ARC4_OWF *hash, uint8 data[16])
+void make_owf_info(OWF_INFO *hash, uint8 data[16])
{
if (hash == NULL) return;
- DEBUG(5,("make_arc4_owf: %d\n", __LINE__));
+ DEBUG(5,("make_owf_info: %d\n", __LINE__));
if (data != NULL)
{
@@ -867,13 +867,13 @@ void make_arc4_owf(ARC4_OWF *hash, uint8 data[16])
}
/*******************************************************************
-reads or writes an ARC4_OWF structure.
+reads or writes an OWF_INFO structure.
********************************************************************/
-void smb_io_arc4_owf(char *desc, ARC4_OWF *hash, prs_struct *ps, int depth)
+void smb_io_owf_info(char *desc, OWF_INFO *hash, prs_struct *ps, int depth)
{
if (hash == NULL) return;
- prs_debug(ps, depth, desc, "smb_io_arc4_owf");
+ prs_debug(ps, depth, desc, "smb_io_owf_info");
depth++;
prs_align(ps);
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index 69d6ac08ed..529cd37105 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -580,8 +580,8 @@ void make_id_info1(NET_ID_INFO_1 *id, char *domain_name,
int len_user_name = strlen(user_name );
int len_wksta_name = strlen(wksta_name );
- unsigned char arc4_lm_owf[16];
- unsigned char arc4_nt_owf[16];
+ unsigned char lm_owf[16];
+ unsigned char nt_owf[16];
if (id == NULL) return;
@@ -597,12 +597,10 @@ void make_id_info1(NET_ID_INFO_1 *id, char *domain_name,
make_uni_hdr(&(id->hdr_user_name ), len_user_name , len_user_name , 4);
make_uni_hdr(&(id->hdr_wksta_name ), len_wksta_name , len_wksta_name , 4);
-#ifdef USE_ARCFOUR
-
if (lm_cypher && nt_cypher)
{
void arcfour(uint8 key[16], uint8 out[16], uint8 in[16]);
- unsigned char arc4_key[16];
+ unsigned char owf_key[16];
#ifdef DEBUG_PASSWORD
DEBUG(100,("lm cypher:"));
dump_data(100, lm_cypher, 16);
@@ -611,43 +609,27 @@ void make_id_info1(NET_ID_INFO_1 *id, char *domain_name,
dump_data(100, nt_cypher, 16);
#endif
- memset(arc4_key, 0, 16);
- memcpy(arc4_key, sess_key, 16);
+ memcpy(owf_key, sess_key, 16);
- arcfour(arc4_key, arc4_lm_owf, lm_cypher);
- arcfour(arc4_key, arc4_nt_owf, nt_cypher);
+ memcpy(lm_owf, lm_cypher, 16);
+ memcpy(nt_owf, nt_cypher, 16);
+ SamOEMhash(lm_owf, owf_key, False);
+ SamOEMhash(nt_owf, owf_key, False);
#ifdef DEBUG_PASSWORD
- DEBUG(100,("arcfour encrypt of lm owf password:"));
- dump_data(100, arc4_lm_owf, 16);
+ DEBUG(100,("hash of lm owf password:"));
+ dump_data(100, lm_owf, 16);
- DEBUG(100,("arcfour encrypt of nt owf password:"));
- dump_data(100, arc4_nt_owf, 16);
+ DEBUG(100,("hash of nt owf password:"));
+ dump_data(100, nt_owf, 16);
#endif
- /* set up pointers to cypher blocks */
- lm_cypher = arc4_lm_owf;
- nt_cypher = arc4_nt_owf;
- }
-
-#else
-
- if (lm_cypher)
- {
- /* oops. can only send what-ever-it-is direct */
- memcpy(arc4_lm_owf, lm_cypher, 16);
- lm_cypher = arc4_lm_owf;
+ /* set up pointers to blocks */
+ lm_cypher = lm_owf;
+ nt_cypher = nt_owf;
}
- if (nt_cypher)
- {
- /* oops. can only send what-ever-it-is direct */
- memcpy(arc4_nt_owf, nt_cypher, 16);
- nt_cypher = arc4_nt_owf;
- }
-
-#endif
- make_arc4_owf(&(id->arc4_lm_owf), lm_cypher);
- make_arc4_owf(&(id->arc4_nt_owf), nt_cypher);
+ make_owf_info(&(id->lm_owf), lm_cypher);
+ make_owf_info(&(id->nt_owf), nt_cypher);
make_unistr2(&(id->uni_domain_name), domain_name, len_domain_name);
make_unistr2(&(id->uni_user_name ), user_name , len_user_name );
@@ -678,8 +660,8 @@ void net_io_id_info1(char *desc, NET_ID_INFO_1 *id, prs_struct *ps, int depth)
smb_io_unihdr("unihdr", &(id->hdr_user_name ), ps, depth);
smb_io_unihdr("unihdr", &(id->hdr_wksta_name ), ps, depth);
- smb_io_arc4_owf("", &(id->arc4_lm_owf), ps, depth);
- smb_io_arc4_owf("", &(id->arc4_nt_owf), ps, depth);
+ smb_io_owf_info("", &(id->lm_owf), ps, depth);
+ smb_io_owf_info("", &(id->nt_owf), ps, depth);
smb_io_unistr2("unistr2", &(id->uni_domain_name), id->hdr_domain_name.buffer, ps, depth);
smb_io_unistr2("unistr2", &(id->uni_user_name ), id->hdr_user_name.buffer, ps, depth);
@@ -701,8 +683,8 @@ void make_id_info2(NET_ID_INFO_2 *id, char *domain_name,
int len_user_name = strlen(user_name );
int len_wksta_name = strlen(wksta_name );
- unsigned char arc4_lm_owf[24];
- unsigned char arc4_nt_owf[24];
+ unsigned char lm_owf[24];
+ unsigned char nt_owf[24];
if (id == NULL) return;
@@ -721,14 +703,14 @@ void make_id_info2(NET_ID_INFO_2 *id, char *domain_name,
if (nt_chal_resp)
{
/* oops. can only send what-ever-it-is direct */
- memcpy(arc4_nt_owf, nt_chal_resp, 24);
- nt_chal_resp = arc4_nt_owf;
+ memcpy(nt_owf, nt_chal_resp, 24);
+ nt_chal_resp = nt_owf;
}
if (lm_chal_resp)
{
/* oops. can only send what-ever-it-is direct */
- memcpy(arc4_lm_owf, lm_chal_resp, 24);
- lm_chal_resp = arc4_lm_owf;
+ memcpy(lm_owf, lm_chal_resp, 24);
+ lm_chal_resp = lm_owf;
}
memcpy(&(id->lm_chal), lm_challenge, sizeof(id->lm_chal));
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index f85330fd3c..d7a1b9e421 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -485,22 +485,22 @@ static uint32 net_login_interactive(NET_ID_INFO_1 *id1,
{
uint32 status = 0x0;
-#ifdef USE_ARCFOUR
- extern void arcfour(uint8 key[16], uint8 out[16], uint8 in[16]);
char nt_pwd[16];
char lm_pwd[16];
- unsigned char arc4_key[16];
- memset(arc4_key, 0, 16);
- memcpy(arc4_key, vuser->dc.sess_key, 8);
+ unsigned char key[16];
+ memset(key, 0, 16);
+ memcpy(key, vuser->dc.sess_key, 8);
- arcfour(arc4_key, lm_pwd, id1->arc4_lm_owf.data);
- arcfour(arc4_key, nt_pwd, id1->arc4_nt_owf.data);
+ memcpy(lm_pwd, id1->lm_owf.data, 16);
+ memcpy(nt_pwd, id1->nt_owf.data, 16);
+ SamOEMhash(lm_pwd, key, False);
+ SamOEMhash(nt_pwd, key, False);
#ifdef DEBUG_PASSWORD
- DEBUG(100,("arcfour decrypt of lm owf password:"));
+ DEBUG(100,("decrypt of lm owf password:"));
dump_data(100, lm_pwd, 16);
- DEBUG(100,("arcfour decrypt of nt owf password:"));
+ DEBUG(100,("decrypt of nt owf password:"));
dump_data(100, nt_pwd, 16);
#endif
@@ -509,13 +509,6 @@ static uint32 net_login_interactive(NET_ID_INFO_1 *id1,
{
status = 0xC0000000 | NT_STATUS_WRONG_PASSWORD;
}
-#else
-/* sorry. have to assume that the password is always ok.
- this _is_ ok, because the LSA SAM Logon is nothing to do
- with SMB connections to shares.
- */
-DEBUG(3,("SAM Logon. Password not being checked\n"));
-#endif
return status;
}
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 89b3e36f52..4798188454 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -1701,7 +1701,8 @@ static BOOL api_SamOEMChangePassword(int cnum,uint16 vuid, char *param,char *dat
fstrcpy(user,p);
p = skip_string(p,1);
- if(check_oem_password( user, data, &smbpw, new_passwd, sizeof(new_passwd)) == False) {
+ if(check_oem_password( user, (unsigned char *)data, &smbpw,
+ new_passwd, (int)sizeof(new_passwd)) == False) {
return True;
}
diff --git a/source3/smbd/quotas.c b/source3/smbd/quotas.c
index 0a366e5ee6..df85f79b9b 100644
--- a/source3/smbd/quotas.c
+++ b/source3/smbd/quotas.c
@@ -115,6 +115,8 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize)
return(False);
}
else {
+ if (D.dqb_bsoftlimit == 0)
+ D.dqb_bsoftlimit = D.dqb_bhardlimit;
*dfree = D.dqb_bsoftlimit - D.dqb_curblocks;
*dsize = D.dqb_bsoftlimit;
}
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
index 5b5f86c5e1..9a244a28b5 100644
--- a/source3/utils/smbpasswd.c
+++ b/source3/utils/smbpasswd.c
@@ -248,6 +248,7 @@ int main(int argc, char **argv)
int pwfd;
char ascii_p16[66];
char c;
+ int ch;
int ret, i, err, writelen;
int lockfd = -1;
char *pfile = SMB_PASSWD_FILE;
@@ -257,6 +258,7 @@ int main(int argc, char **argv)
char *remote_machine = NULL;
BOOL add_user = False;
BOOL got_new_pass = False;
+ BOOL machine_account = False;
pstring servicesf = CONFIGFILE;
new_passwd[0] = '\0';
@@ -290,14 +292,17 @@ int main(int argc, char **argv)
is_root = (real_uid == 0);
- while ((c = getopt(argc, argv, "ahr:")) != EOF) {
- switch(c) {
+ while ((ch = getopt(argc, argv, "ahr:m:")) != EOF) {
+ switch(ch) {
case 'a':
add_user = True;
break;
case 'r':
remote_machine = optarg;
break;
+ case 'm':
+ machine_account = True;
+ break;
case 'h':
default:
usage(prog_name, is_root);
@@ -314,6 +319,14 @@ int main(int argc, char **argv)
if(add_user && (remote_machine != NULL))
usage(prog_name, True);
+ /*
+ * If we are adding a machine account then pretend
+ * we already have the new password, we will be using
+ * the machinename as the password.
+ */
+ if(add_user && machine_account)
+ got_new_pass = True;
+
if( is_root ) {
/*
@@ -488,6 +501,24 @@ int main(int argc, char **argv)
exit(0);
}
+ /*
+ * Check for a machine account flag - make sure the username ends in
+ * a '$' etc....
+ */
+
+ if(machine_account) {
+ int username_len = strlen(user_name);
+ if(username_len >= sizeof(pstring) - 1) {
+ fprintf(stderr, "%s: machine account name too long.\n", user_name);
+ exit(1);
+ }
+
+ if(user_name[username_len] != '$') {
+ user_name[username_len] = '$';
+ user_name[username_len+1] = '\0';
+ }
+ }
+
/* Calculate the MD4 hash (NT compatible) of the old and new passwords */
memset(old_nt_p16, '\0', 16);
E_md4hash((uchar *)old_passwd, old_nt_p16);
@@ -575,13 +606,13 @@ int main(int argc, char **argv)
if((offpos = lseek(fd, 0, SEEK_END)) == -1) {
fprintf(stderr, "%s: Failed to add entry for user %s to file %s. \
-Error was %s\n", prog_name, pwd->pw_name, pfile, strerror(errno));
+Error was %s\n", prog_name, user_name, pfile, strerror(errno));
fclose(fp);
pw_file_unlock(lockfd);
exit(1);
}
- new_entry_length = strlen(pwd->pw_name) + 1 + 15 + 1 +
+ new_entry_length = strlen(user_name) + 1 + 15 + 1 +
32 + 1 + 32 + 1 + strlen(pwd->pw_gecos) +
1 + strlen(pwd->pw_dir) + 1 +
strlen(pwd->pw_shell) + 1;