summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/client/client.c66
-rw-r--r--source3/client/clientutil.c199
-rw-r--r--source3/include/proto.h1
-rw-r--r--source3/smbd/groupname.c34
4 files changed, 170 insertions, 130 deletions
diff --git a/source3/client/client.c b/source3/client/client.c
index 86de850abf..c48c5500cd 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -3550,12 +3550,12 @@ static void usage(char *pname)
pstring query_host;
BOOL message = False;
BOOL nt_domain_logon = False;
+ BOOL explicit_user = False;
extern char tar_type;
static pstring servicesf = CONFIGFILE;
pstring term_code;
pstring new_name_resolve_order;
char *p;
- int save_debuglevel = -1;
#ifdef KANJI
pstrcpy(term_code, KANJI);
@@ -3575,6 +3575,22 @@ static void usage(char *pname)
TimeInit();
charset_initialise();
+ if(!get_myname(myhostname,NULL))
+ {
+ DEBUG(0,("Failed to get my hostname.\n"));
+ }
+
+ if (!lp_load(servicesf,True,False,False)) {
+ fprintf(stderr, "Can't load %s - run testparm to debug it\n", servicesf);
+ }
+
+ codepage_initialise(lp_client_code_page());
+
+ interpret_coding_system(term_code);
+
+ pstrcpy(workgroup,lp_workgroup());
+
+ load_interfaces();
pid = getpid();
uid = getuid();
gid = getgid();
@@ -3694,12 +3710,15 @@ static void usage(char *pname)
case 'L':
got_pass = True;
pstrcpy(query_host,optarg);
+ if(!explicit_user)
+ *username = '\0';
break;
case 'U':
{
char *lp;
- pstrcpy(username,optarg);
- if ((lp=strchr(username,'%')))
+ explicit_user = True;
+ pstrcpy(username,optarg);
+ if ((lp=strchr(username,'%')))
{
*lp = 0;
pstrcpy(password,lp+1);
@@ -3734,9 +3753,9 @@ static void usage(char *pname)
break;
case 'd':
if (*optarg == 'A')
- save_debuglevel = DEBUGLEVEL = 10000;
+ DEBUGLEVEL = 10000;
else
- save_debuglevel = DEBUGLEVEL = atoi(optarg);
+ DEBUGLEVEL = atoi(optarg);
break;
case 'l':
slprintf(debugf,sizeof(debugf)-1, "%s.client",optarg);
@@ -3763,6 +3782,12 @@ static void usage(char *pname)
exit(1);
}
+ get_myname((*global_myname)?NULL:global_myname,NULL);
+ strupper(global_myname);
+
+ if(*new_name_resolve_order)
+ lp_set_name_resolve_order(new_name_resolve_order);
+
if (!tar_type && !*query_host && !*service && !message)
{
usage(pname);
@@ -3772,37 +3797,6 @@ static void usage(char *pname)
DEBUG(3,("%s client started (version %s)\n",timestring(),VERSION));
- if(!get_myname(myhostname,NULL))
- {
- DEBUG(0,("Failed to get my hostname.\n"));
- }
-
- if (!lp_load(servicesf,True,False,False)) {
- fprintf(stderr, "Can't load %s - run testparm to debug it\n", servicesf);
- }
-
- /*
- * We need to reset the global debuglevel here, as
- * lp_load will reset it from smb.conf.
- */
-
- if(save_debuglevel != -1)
- DEBUGLEVEL = save_debuglevel;
-
- codepage_initialise(lp_client_code_page());
-
- interpret_coding_system(term_code);
-
- if (*workgroup == 0)
- pstrcpy(workgroup,lp_workgroup());
-
- load_interfaces();
- get_myname((*global_myname)?NULL:global_myname,NULL);
- strupper(global_myname);
-
- if(*new_name_resolve_order)
- lp_set_name_resolve_order(new_name_resolve_order);
-
if (tar_type) {
recurse=True;
diff --git a/source3/client/clientutil.c b/source3/client/clientutil.c
index 2da0fbb215..0c60ac0109 100644
--- a/source3/client/clientutil.c
+++ b/source3/client/clientutil.c
@@ -436,6 +436,8 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup,
extern int serverzone;
int crypt_len=0;
char *pass = NULL;
+ uchar enc_ntpass[24];
+ int ntpasslen = 0;
pstring dev;
char *p;
int numprots;
@@ -593,110 +595,119 @@ BOOL cli_send_login(char *inbuf,char *outbuf,BOOL start_session,BOOL use_setup,
*username = 0;
if (Protocol >= PROTOCOL_LANMAN1 && use_setup)
+ {
+ fstring pword;
+ int passlen = strlen(pass)+1;
+ fstrcpy(pword,pass);
+
+ if (doencrypt && *pass)
{
- fstring pword;
- int passlen = strlen(pass)+1;
- fstrcpy(pword,pass);
-
- if (doencrypt && *pass) {
- DEBUG(3,("Using encrypted passwords\n"));
- passlen = 24;
- SMBencrypt((uchar *)pass,(uchar *)cryptkey,(uchar *)pword);
- }
+ DEBUG(3,("Using encrypted passwords\n"));
+ passlen = 24;
+ SMBencrypt((uchar *)pass,(uchar *)cryptkey,(uchar *)pword);
+ ntpasslen = 24;
+ SMBNTencrypt((uchar *)pass,(uchar *)cryptkey,enc_ntpass);
+ }
- /* if in share level security then don't send a password now */
- if (!(opt.sec_mode & 1)) {fstrcpy(pword, "");passlen=1;}
-
- /* send a session setup command */
- bzero(outbuf,smb_size);
-
- if (Protocol < PROTOCOL_NT1) {
- set_message(outbuf,10,1 + strlen(username) + passlen,True);
- CVAL(outbuf,smb_com) = SMBsesssetupX;
- cli_setup_pkt(outbuf);
-
- CVAL(outbuf,smb_vwv0) = 0xFF;
- SSVAL(outbuf,smb_vwv2,max_xmit);
- SSVAL(outbuf,smb_vwv3,2);
- SSVAL(outbuf,smb_vwv4,opt.max_vcs-1);
- SIVAL(outbuf,smb_vwv5,opt.sesskey);
- SSVAL(outbuf,smb_vwv7,passlen);
- p = smb_buf(outbuf);
- memcpy(p,pword,passlen);
- p += passlen;
- pstrcpy(p,username);
- } else {
- if (!doencrypt) passlen--;
- /* for Win95 */
- set_message(outbuf,13,0,True);
- CVAL(outbuf,smb_com) = SMBsesssetupX;
- cli_setup_pkt(outbuf);
-
- CVAL(outbuf,smb_vwv0) = 0xFF;
- SSVAL(outbuf,smb_vwv2,BUFFER_SIZE);
- SSVAL(outbuf,smb_vwv3,2);
- SSVAL(outbuf,smb_vwv4,getpid());
- SIVAL(outbuf,smb_vwv5,opt.sesskey);
- SSVAL(outbuf,smb_vwv7,passlen);
- SSVAL(outbuf,smb_vwv8,0);
- p = smb_buf(outbuf);
- memcpy(p,pword,passlen); p += SVAL(outbuf,smb_vwv7);
- pstrcpy(p,username);p = skip_string(p,1);
- pstrcpy(p,workgroup);p = skip_string(p,1);
- pstrcpy(p,"Unix");p = skip_string(p,1);
- pstrcpy(p,"Samba");p = skip_string(p,1);
- set_message(outbuf,13,PTR_DIFF(p,smb_buf(outbuf)),False);
- }
+ /* if in share level security then don't send a password now */
+ if (!(opt.sec_mode & 1)) {fstrcpy(pword, "");passlen=1;}
- send_smb(Client,outbuf);
- client_receive_smb(Client,inbuf,CLIENT_TIMEOUT);
+ /* send a session setup command */
+ bzero(outbuf,smb_size);
- show_msg(inbuf);
+ if (Protocol < PROTOCOL_NT1)
+ {
+ set_message(outbuf,10,1 + strlen(username) + passlen,True);
+ CVAL(outbuf,smb_com) = SMBsesssetupX;
+ cli_setup_pkt(outbuf);
- if (CVAL(inbuf,smb_rcls) != 0)
- {
- if (! *pass &&
- ((CVAL(inbuf,smb_rcls) == ERRDOS &&
- SVAL(inbuf,smb_err) == ERRnoaccess) ||
- (CVAL(inbuf,smb_rcls) == ERRSRV &&
- SVAL(inbuf,smb_err) == ERRbadpw)))
- {
- got_pass = False;
- DEBUG(3,("resending login\n"));
- if (! no_pass)
- goto get_pass;
- }
-
- DEBUG(0,("Session setup failed for username=%s myname=%s destname=%s %s\n",
- username,global_myname,desthost,smb_errstr(inbuf)));
- DEBUG(0,("You might find the -U, -W or -n options useful\n"));
- DEBUG(0,("Sometimes you have to use `-n USERNAME' (particularly with OS/2)\n"));
- DEBUG(0,("Some servers also insist on uppercase-only passwords\n"));
- if (was_null)
- {
- free(inbuf);
- free(outbuf);
- }
- return(False);
- }
+ CVAL(outbuf,smb_vwv0) = 0xFF;
+ SSVAL(outbuf,smb_vwv2,max_xmit);
+ SSVAL(outbuf,smb_vwv3,2);
+ SSVAL(outbuf,smb_vwv4,opt.max_vcs-1);
+ SIVAL(outbuf,smb_vwv5,opt.sesskey);
+ SSVAL(outbuf,smb_vwv7,passlen);
+ p = smb_buf(outbuf);
+ memcpy(p,pword,passlen);
+ p += passlen;
+ pstrcpy(p,username);
+ }
+ else
+ {
+ if (!doencrypt) passlen--;
+ /* for Win95 */
+ set_message(outbuf,13,0,True);
+ CVAL(outbuf,smb_com) = SMBsesssetupX;
+ cli_setup_pkt(outbuf);
- if (Protocol >= PROTOCOL_NT1) {
- char *domain,*os,*lanman;
- p = smb_buf(inbuf);
- os = p;
- lanman = skip_string(os,1);
- domain = skip_string(lanman,1);
- if (*domain || *os || *lanman)
- DEBUG(1,("Domain=[%s] OS=[%s] Server=[%s]\n",domain,os,lanman));
+ CVAL(outbuf,smb_vwv0) = 0xFF;
+ SSVAL(outbuf,smb_vwv2,BUFFER_SIZE);
+ SSVAL(outbuf,smb_vwv3,2);
+ SSVAL(outbuf,smb_vwv4,getpid());
+ SIVAL(outbuf,smb_vwv5,opt.sesskey);
+ SSVAL(outbuf,smb_vwv7,passlen);
+ SSVAL(outbuf,smb_vwv8,doencrypt ? ntpasslen : 0);
+ p = smb_buf(outbuf);
+ memcpy(p,pword,passlen); p += SVAL(outbuf,smb_vwv7);
+ if(doencrypt)
+ memcpy(p,enc_ntpass,ntpasslen); p += SVAL(outbuf,smb_vwv8);
+ pstrcpy(p,username);p = skip_string(p,1);
+ pstrcpy(p,workgroup);p = skip_string(p,1);
+ pstrcpy(p,"Unix");p = skip_string(p,1);
+ pstrcpy(p,"Samba");p = skip_string(p,1);
+ set_message(outbuf,13,PTR_DIFF(p,smb_buf(outbuf)),False);
+ }
+
+ send_smb(Client,outbuf);
+ client_receive_smb(Client,inbuf,CLIENT_TIMEOUT);
+
+ show_msg(inbuf);
+
+ if (CVAL(inbuf,smb_rcls) != 0)
+ {
+ if (! *pass &&
+ ((CVAL(inbuf,smb_rcls) == ERRDOS &&
+ SVAL(inbuf,smb_err) == ERRnoaccess) ||
+ (CVAL(inbuf,smb_rcls) == ERRSRV &&
+ SVAL(inbuf,smb_err) == ERRbadpw)))
+ {
+ got_pass = False;
+ DEBUG(3,("resending login\n"));
+ if (! no_pass)
+ goto get_pass;
}
+
+ DEBUG(0,("Session setup failed for username=%s myname=%s destname=%s %s\n",
+ username,global_myname,desthost,smb_errstr(inbuf)));
+ DEBUG(0,("You might find the -U, -W or -n options useful\n"));
+ DEBUG(0,("Sometimes you have to use `-n USERNAME' (particularly with OS/2)\n"));
+ DEBUG(0,("Some servers also insist on uppercase-only passwords\n"));
+ if (was_null)
+ {
+ free(inbuf);
+ free(outbuf);
+ }
+ return(False);
+ }
- /* use the returned uid from now on */
- if (SVAL(inbuf,smb_uid) != uid)
- DEBUG(3,("Server gave us a UID of %d. We gave %d\n",
- SVAL(inbuf,smb_uid),uid));
- opt.server_uid = uid = SVAL(inbuf,smb_uid);
+ if (Protocol >= PROTOCOL_NT1)
+ {
+ char *domain,*os,*lanman;
+ p = smb_buf(inbuf);
+ os = p;
+ lanman = skip_string(os,1);
+ domain = skip_string(lanman,1);
+ if (*domain || *os || *lanman)
+ DEBUG(1,("Domain=[%s] OS=[%s] Server=[%s]\n",domain,os,lanman));
}
+ /* use the returned uid from now on */
+ if (SVAL(inbuf,smb_uid) != uid)
+ DEBUG(3,("Server gave us a UID of %d. We gave %d\n",
+ SVAL(inbuf,smb_uid),uid));
+ opt.server_uid = uid = SVAL(inbuf,smb_uid);
+ }
+
if (opt.sec_mode & 1) {
if (SVAL(inbuf, smb_vwv2) & 1)
DEBUG(1,("connected as guest "));
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 6938be6367..5ff9df5a5f 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -203,6 +203,7 @@ char *getsmbpass(char *prompt) ;
/*The following definitions come from groupname.c */
void load_groupname_map(void);
+void map_gid_to_sid( gid_t gid, DOM_SID *psid);
/*The following definitions come from interface.c */
diff --git a/source3/smbd/groupname.c b/source3/smbd/groupname.c
index 4cfd3e98f5..33ce3adbfe 100644
--- a/source3/smbd/groupname.c
+++ b/source3/smbd/groupname.c
@@ -202,3 +202,37 @@ Error was %s.\n", unixname, strerror(errno) ));
fclose(fp);
}
+
+/***********************************************************
+ Lookup a SID entry by gid_t.
+************************************************************/
+
+void map_gid_to_sid( gid_t gid, DOM_SID *psid)
+{
+ groupname_map_entry *gmep;
+
+ /*
+ * Initialize and load if not already loaded.
+ */
+ load_groupname_map();
+
+ for( gmep = (groupname_map_entry *)ubi_slFirst( &groupname_map_list);
+ gmep; gmep = (groupname_map_entry *)ubi_slNext( gmep )) {
+
+ if( gmep->unix_gid == gid) {
+ *psid = gmep->windows_sid;
+ DEBUG(7,("map_gid_to_sid: Mapping unix group %s to windows group %s.\n",
+ gmep->unix_name, gmep->windows_name ));
+ return;
+ }
+ }
+
+ /*
+ * If there's no map, convert the UNIX gid_t
+ * to a rid within this domain SID.
+ */
+ *psid = global_machine_sid;
+ psid->sub_auths[psid->num_auths++] = pdb_gid_to_group_rid(gid);
+
+ return;
+}