summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
1999-12-09OK. This code works on a RedHat 6.0 system. However smbpasswdGerald Carter4-5/+16
time out of sending the session setup on Solaris 2.6. No idea. I'll work on it some tomorrow. This is to fix the "Unable to setup password vectors" thingy. Also changed an inet_aton() to inet_addr() as the former is not very portable :-) Luke, I set the redir flag to false because the connection to the smb-agent was failing and smbpasswd bombed. Double check me on this one. -jc (This used to be commit e1d2b174caf5f0c48a8fac25778f72a868ec6eb7)
1999-12-08jerry spotted that get_domain_sids() was being called with the wrongLuke Leighton4-17/+6
arguments: get_any_dc_name() was being called with a server name not a domain name. oops. (This used to be commit 631814302d6992138cfe024ba7bd456cc7e0d3bf)
1999-12-08moved sys/un.h to after sys/socket.h. done a gnu autoconf around sys/un.hLuke Leighton4-662/+578
(This used to be commit b2ea37a8f1a28a825719b46354a1244b359aca2c)
1999-12-08parsing code for transferring unix and nt security credentials over-the-wire.Luke Leighton2-0/+582
at present, a unix password is missing from the unix credentials, but is not _actually_ expected to be needed. weeelll... maybe :-) this is used to transfer credentials between smbd and msrpc daemons, down a unix socket, so that the unix and nt credentials can be inherited by an msrpc daemon called up from smbd. (This used to be commit 5e68403bbb6f18e754679d967fee9e259d24211c)
1999-12-08ABOUT TIME!!!!!!!!Luke Leighton22-348/+423
damn, this one is bad. started, at least two days ago, to add an authentication mechanism to the smbd<->msrpc redirector/relay, such that sufficient unix / nt information could be transferred across the unix socket to do a become_user() on the other side of the socket. it is necessary that the msrpc daemon inherit the same unix and nt credentials as the smbd process from which it was spawned, until such time as the msrpc daemon receives an authentication request of its own, whereupon the msrpc daemon is responsible for authenticating the new credentials and doing yet another become_user() etc sequence. (This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489)
1999-12-06the first independent msrpc daemon - lsarpcd.Luke Leighton18-550/+1904
one horrible cut / paste job from smbd, plus a code split of shared components between the two. the job is not _yet_ complete, as i need to be able to do a become_user() call for security reasons. i picked lsarpcd first because you don't _need_ security on it (microsoft botched so badly on this one, it's not real. at least they fixed this in nt5 with restrictanonymous=0x2). fixing this involves sending the current smb and unix credentials down the unix pipe so that the daemon it eventually goes to can pick them up at the other end. i can't believe this all worked!!! (This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)
1999-12-05reenabled retry_time (commented out accidentally in name_status)Luke Leighton1-1/+1
(This used to be commit bf9422832c335c8d283273eb1d0008ac15cd3531)
1999-12-05first version of msrpc agent redirector code. client-side only.Luke Leighton8-6/+953
(This used to be commit 5e5a1dceee0b6088822697284d3e0af04d197477)
1999-12-05created create_pipe_socket() function.Luke Leighton5-102/+77
(This used to be commit a3af3b4312144943413894b18b5845b56474ebb5)
1999-12-04argh! how horrible! spent ages working out why packets weren't beingLuke Leighton3-27/+50
received properly when a UDP "retry" occurs. it's because reads and writes must be interleaved / matched. scenario: nmblookup connects to agent, sends request. agent receives request, broadcasts it on 137. agent RECEIVES 137 broadcast, sends it to nmblookup agent receives RESPONSE to 137 broadcast, sends it to nmblookup. if reads are not equally interspersed with writes, then second send will fail. if you think this is odd behaviour and that the agent should be filtering its own UDP traffic, think again. agent will be, potentially, redirecting nmbd traffic (including WINS server) not just client programs. (This used to be commit 43e158c4261e51678d6e7f77ceb4a1c7281a2525)
1999-12-04argh. trying to get the nmb agent code to filter out "self" packets.Luke Leighton1-9/+3
(This used to be commit 84d7cc63239ea67481f6382da58d0678a21011fb)
1999-12-04even more cool! nmb-agent moved over to new vagent style, too!Luke Leighton1-229/+46
(This used to be commit 49c157eae4bb24164f0f976d1bf6cf0cfc068863)
1999-12-04cool! created higher-order function table for agent redirection.Luke Leighton6-216/+340
(This used to be commit 7bb2e55d0d3a00a97bba99ebed722a4adf84093c)
1999-12-04more similar agent codeLuke Leighton2-47/+43
(This used to be commit 2c778313b8c2b4535f16e11aea81a61edb3b2d45)
1999-12-04nmb agent memory free problemsLuke Leighton1-7/+6
(This used to be commit b4306cbf06f70dd9d2760bb005e15059d6f904f0)
1999-12-04trying to make redirector agent code same base.Luke Leighton2-62/+78
(This used to be commit 9ba9df453abab1085b5537580b1da87d1dcdb7de)
1999-12-04jeremy is going to hate me for this.Luke Leighton11-51/+785
created an "nmb-agent" utility that, yes: it connects to the 137 socket and accepts unix socket connections which it redirects onto port 137. it uses the name_trn_id field to filter requests to the correct location. name_query() and name_status() are the first victims to use this feature (by specifying a file descriptor of -1). (This used to be commit d923bc8da2cf996408194d98381409191dd81a16)
1999-12-04argh! you wouldn't believe what i had to do: use the mid (multiplex id)Luke Leighton3-15/+99
to redirect multiple socket-based connnections onto a single client state. argh! (This used to be commit 06390e792cd8aa57a91c3a3d1d267fd1bcdc17a1)
1999-12-03argh! smb-agent redirection client reusage is a nightmare!Luke Leighton4-149/+251
moved smb-agent over to a single-process model instead of fork() in order to reuse client connections. except, of course, you can't do a select() on the same socket connections! argh! (This used to be commit e9e5a34de8e8f9a69e817aceb8c16284334d4642)
1999-12-03starting "connection reuse" system in smb-agent. added version numberLuke Leighton6-76/+164
which isn't actually used right now :-) (This used to be commit d54a64ae3ab7cdc1ac67fb49f7255e6a106d624e)
1999-12-03i always get caught out with non-gnu-readline code mods :-)Luke Leighton1-1/+1
(This used to be commit a47cc6447036d0a8b8e3e096d7b51a37d10d3325)
1999-12-03smb-agent improvements. added -D (daemon) option. smb agent isLuke Leighton2-18/+76
restricted to connections from the current user (socket is created with current user uid). (This used to be commit 5af076e4b7ee13eebe0b89748e3f5a1ef21f8c73)
1999-12-03cool! a unix socket smb redirector. code based on smbfilter andLuke Leighton9-6/+487
ideas from ssh-agent. the intent is to be able to share smb sessions using cli_net_use_add() across multiple processes, where one process knows the target server name, user name and domain, but not the smb password. (This used to be commit 294b653f2e9cdc1864ec638ae8b4300df25723cf)
1999-12-03promptline undefined (pline)Luke Leighton1-1/+1
(This used to be commit f33e4ca930f8299c00f861215c5231eef9ecef94)
1999-12-02new get_any_dc_name() function allows lookups of trusted domains fromLuke Leighton2-15/+19
lp_trusted_domains() parameter, so trusted domain logins should work, right, if you put user = TRUSTED_DOMAIN\NTuser in "domain name map", right? right - as _long_ as you're not using NTLMv2, because the damn NT username gets mapped to the damn unix name too early, and NTLMv2 challenge-responses are based on the client's user name, client's domain name, client's host name etc damn etc. so it becomes necessary to stop using char* username because this allows for massive amounts of confusion as to which username is being referred to. the underlying unix username on the local unix system that is associated with the smbd process that represents the NT username? or the NT username itself? (This used to be commit dd3ccdd7d996c107766cdad3c403e8b8947b9e65)
1999-12-02domain_client_validate() no longer takes serverlist, it callsLuke Leighton3-14/+12
get_any_dc_name(). (This used to be commit e21367c0ebdc5e202cdc39d50950bff089bf67f8)
1999-12-02cleaning up: removing those horrible references to server listLuke Leighton8-148/+23
functions (cli_net_use_addlist()). needed originally because there was no get_dc_any_name() function. (This used to be commit 3a2b920ea2e6704b2574f404e1e41c7cfc0f96b2)
1999-12-02added get_any_dc_name() function.Luke Leighton4-33/+147
(This used to be commit 455e17dbb7d451b462004f302f5c68770f17b65e)
1999-12-02need a domain resolving function, but get_trusted_serverlist() will do.Luke Leighton3-30/+41
this is horrible. (This used to be commit 9df973fe711f322075d86d6792d6c0b8539c1d00)
1999-12-02oops, pwdb_initialise() called unnecessarily from here (failure to readLuke Leighton1-2/+0
trusted domains may cause rpcclient to fail). (This used to be commit 12e2b973216c0798a939f68220b0e6a60acd5c01)
1999-12-02default SID map now reads in "trusted domains" from smb.conf.Luke Leighton7-27/+147
(This used to be commit f0946d1ccafeb5f541935b41f2d54bcbc06797ed)
1999-12-02improved enumdomains added -i option.Luke Leighton5-31/+41
(This used to be commit 50dc709fa95e86ebe2b3132176241cb3a2cc4e36)
1999-12-02clearing up connection-related stuff. password credentials were messingLuke Leighton3-18/+27
up. added a complicated prompt which i don't like, but it tells you domain\user@hostname$ (This used to be commit 338d08f69b0eeefa0f3f2c0217ef17ea3e815e1f)
1999-12-01added net use (actually net -S srv -U user -W dom) and net del (actuallyLuke Leighton1-17/+147
same as net use but with -d and -f) command options (This used to be commit 586db87ea31ebb1b090527f61a4989461f626b1a)
1999-12-01more cli_session_setup() calls. what the heck are these doing???Luke Leighton5-46/+48
they should all be replaced with cli_establish_connection(). created cli_use_wait_keyboard() which waits on multiple cli_states and swallows session keepalives. (This used to be commit fcc39b3f4f2f8d04d3fab09db048b4f3dc1e97d5)
1999-12-01cli_session_setup() now takes an extra argument (host name). hey, whatLuke Leighton1-2/+4
the heck is a cli_session_setup() call doing in here??? this should use cli_establish_connection()server! (This used to be commit fa054c96c62ed0f0a0c6649a7ad7a143fe09694b)
1999-12-01make sure domain and name to generate trust account .mac file are upper case.Luke Leighton1-0/+3
(This used to be commit fbfb350bdf17e84b512b745527886d942904b67d)
1999-12-01damn, that took a while. nt login password was being stored incorrectlyLuke Leighton8-29/+31
in private .mac file (oops). ntlogin test now works. (This used to be commit c98c66690683965612e9631d77c2dff91ec8a872)
1999-12-01fixing joining to domain plus something weird going down with nt logins...Luke Leighton9-62/+101
(This used to be commit cef258f1c931ecb7c2dda9d5c9977153e4c1dc73)
1999-12-01improving createuser account command to be able to add workstationsLuke Leighton7-33/+163
and then set a default random password. (This used to be commit 7846818432a93295651c8c67445a2d6a0f3b21d8)
1999-12-011) when no domain used in ntlogin test command, should use default oneLuke Leighton7-38/+142
from previous lsaquery command. over-ridden from DOMAIN\username 2) initialisation of cli_state is a little more specific: sets use_ntlmv2 to Auto. this can always be over-ridden. 3) fixed reusage of ntlmssp_cli_flgs which was being a pain 4) added pwd_compare() function then fixed bug in cli_use where NULL domain name was making connections multiply unfruitfully 5) type-casting of mallocs and Reallocs that cause ansi-c compilers to bitch (This used to be commit 301a6efaf67ddc96e6dcfd21b45a82863ff8f39a)
1999-12-01sys_select added one more argument (read, write selectors).Luke Leighton22-216/+323
(This used to be commit e4d92ff9dfc51735e6932748f66a7c20b2c1cb6a)
1999-12-01split display.c into modules.Luke Leighton12-3109/+3343
(This used to be commit 5b5719d6a08130db1062bfa24123cedcdc692bff)
1999-11-30added failed connections to the net use array, even though they'd beenLuke Leighton1-6/+14
freed / cleaned up. oops, dat bad, cos they get freed again when u quit. (This used to be commit 3c4a6256dd790413ce96d208689e13c649787c4c)
1999-11-30ok. this is where it gets interesting. client states are now maintainedLuke Leighton1-2/+29
by cli_net_use_add() and cli_net_use_del(). MSRPC connections are established with cli_connection_init(), and automatically unlinked with cli_connection_unlink. client states are _reused_ by cli_connection_init. (This used to be commit 0fcd8ce0967169362bd126a28aa309401abdf17d)
1999-11-29bug-fixLuke Leighton3-4/+4
(This used to be commit 1abdf9a45ff2e1d903a08891fbec0794349a9546)
1999-11-29this is going to sound _really_ weird, ok, but i had to implementLuke Leighton6-69/+397
equivalents of NetUseAdd and NetUseDel! (This used to be commit 86f4b1d3cc3887c4bb7bd6433f5f932f7db1b88e)
1999-11-29sam sync - one of the files that use multiple connection server listLuke Leighton1-16/+2
to \PIPE\NETLOGON. (This used to be commit 2ae9ee148582cc0ba9e067be3d6338079aea49a1)
1999-11-29attempting to resolve the issue that multiple servers often specified inLuke Leighton8-98/+105
parameters to connect to \PIPE\NETLOGON. (This used to be commit d1986ade30bdcac1f49707221a3e5a5ae597ce62)
1999-11-29ok. got ntlogin command working. argh, it maintains a connection toLuke Leighton5-53/+151
the remote machine, because i don't know what to _do_ with it!!!! argh!!! (This used to be commit 85cc680736f17e3f879895be5dac8f1427653919)