Age | Commit message (Collapse) | Author | Files | Lines |
|
Changes all over the shop, but all towards:
- NTLM2 support in the server
- KEY_EXCH support in the server
- variable length session keys.
In detail:
- NTLM2 is an extension of NTLMv1, that is compatible with existing
domain controllers (unlike NTLMv2, which requires a DC upgrade).
* This is known as 'NTLMv2 session security' *
(This is not yet implemented on the RPC pipes however, so there may
well still be issues for PDC setups, particuarly around password
changes. We do not fully understand the sign/seal implications of
NTLM2 on RPC pipes.)
This requires modifications to our authentication subsystem, as we
must handle the 'challege' input into the challenge-response algorithm
being changed. This also needs to be turned off for
'security=server', which does not support this.
- KEY_EXCH is another 'security' mechanism, whereby the session key
actually used by the server is sent by the client, rather than being
the shared-secret directly or indirectly.
- As both these methods change the session key, the auth subsystem
needed to be changed, to 'override' session keys provided by the
backend.
- There has also been a major overhaul of the NTLMSSP subsystem, to
merge the 'client' and 'server' functions, so they both operate on a
single structure. This should help the SPNEGO implementation.
- The 'names blob' in NTLMSSP is always in unicode - never in ascii.
Don't make an ascii version ever.
- The other big change is to allow variable length session keys. We
have always assumed that session keys are 16 bytes long - and padded
to this length if shorter. However, Kerberos session keys are 8 bytes
long, when the krb5 login uses DES.
* This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. *
- Add better DEBUG() messages to ntlm_auth, warning administrators of
misconfigurations that prevent access to the privileged pipe. This
should help reduce some of the 'it just doesn't work' issues.
- Fix data_blob_talloc() to behave the same way data_blob() does when
passed a NULL data pointer. (just allocate)
REMEMBER to make clean after this commit - I have changed plenty of
data structures...
Andrew Bartlett
(This used to be commit 57a895aaabacc0c9147344d097d333793b77c947)
|
|
This eliminates RPC_UUID. It creates the following struct:
struct uuid
{
uint32 time_low;
uint16 time_mid;
uint16 time_hi_and_version;
uint8 clock_seq[2];
uint8 node[6];
};
which replaces RPC_UUID and various random struct uuid definitions
and a flat version:
#define UUID_FLAT_SIZE 16
typedef struct uuid_flat
{
uint8 info[UUID_FLAT_SIZE];
} UUID_FLAT;
which pretty much looks like GUID (which I will start eliminating).
I want us to use the FLAT one only on the wire (perhaps in files, too?), and
I want it to be obvious to the coder that it is the FLAT version.
This leaves a couple of compiler warnings, where GUID isn't completely
replaced by FLAT_UUID yet...I'll get to those soon.
(This used to be commit 1532b5d2e3c61df232b16394acedf6eac387588b)
|
|
#534
(This used to be commit 99f4fa54497ba1c0fc0ba39d51b3ce201a8e6cd2)
|
|
(This used to be commit 041c17bd665ea5fa771b111d7008036fb3e7b72f)
|
|
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
|
|
requests and responses and is only compiled in when --enable-developer
is passed to configure. It includes server and client side code for
generating and responding to functions on this pipe. The functions are:
- AddOne: add one to the uint32 argument and return ig
- EchoData: echo back a variable sized char array to the caller
- SourceData: request a variable sized char array
- SinkData: send a variable sized char array and throw it away
There's a win32 implementation of the client and server in the
junkcode CVS repository in the rpcecho-win32 subdirectory.
(This used to be commit 4ccd34ef836eba05f81dc2da73fd7cfaac201798)
|
|
for doc purposes right now (you can see it in the debug logs).
(This used to be commit 046c2087a11b9ce7a02aece34ffb129ce0d66b08)
|
|
TNG. Actually, it exists in the main Samba cvs tree in APPLIANCE_TNG
as I found out later :-)
It adds a new parameter: server schannel = yes/auto/no defaulting to
auto.
What does this mean to the user: No requireSignOrSeal registry patch
for XP anymore.
Many thanks for this code to Luke Leighton, Elrond and anybody else I
forgot to mention.
My next thing will be to see if this applies cleanly to 3_0.
Please test and comment!
Volker
(This used to be commit e1f953241eb020f19fe657f29afdae28dcf5a03b)
|
|
This patch makes Samba compile cleanly with -Wwrite-strings.
- That is, all string literals are marked as 'const'. These strings are
always read only, this just marks them as such for passing to other functions.
What is most supprising is that I didn't need to change more than a few lines of code (all
in 'net', which got a small cleanup of net.h and extern variables). The rest
is just adding a lot of 'const'.
As far as I can tell, I have not added any new warnings - apart from making all
of tdbutil.c's function const (so they warn for adding that const string to
struct).
Andrew Bartlett
(This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
|
|
(This used to be commit f70caa25e4ee198151b915cf2bc0a26b2d0e243d)
|
|
the (now static) global_sam_sid.
The only place it was being used was to return global_sid_NULL to some
uid->sid functions - and I'm not convinced this is correct in any case.
Andrew Bartlett
(This used to be commit e2a76a7fc94dd59c09bba3cda91446fad9f8c0e0)
|
|
(This used to be commit a7fa0733badad66ae610eac5e01569cf264976f3)
|
|
Andrew Bartlett
(This used to be commit a9edcc1cb7c5f2692bc1931f0a2059a91891f178)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
Jeremy.
(This used to be commit 0db93d8752197e213f0974edae53e2dafdd77b51)
|
|
This time its the pdb_getsampwuid() function - which was only being used by the
SAMR rpc subsystem to gain a 'user session key'. This 'user session key' is
actually generated at login time, and the other changes here simply move that
data around.
This also means that (when I check some details) we will be able to use the
user session key, even when we are not actually the DC, becouse its one of the
components of the info3 struct returned on logon.
Andrew Bartlett
(This used to be commit 799ac01fe08a338e4e94289f5d6767ebf905c1fa)
|
|
degree of seperation betwen reading/writing the raw NamedPipe SMB packets
and the matching operations inside smbd's RPC components.
This patch is designed for no change in behaviour, and my tests hold that to be
true. This patch does however allow for the future loadable modules interface
to specify function pointers in replacement of the fixed state.
The pipes_struct has been split into two peices, with smb_np_struct taking the
information that should be generic to where the data ends up.
Some other minor changes are made: we get another small helper function in
util_sock.c and some of the original code has better failure debugs and
variable use. (As per on-list comments).
Andrew Bartlett
(This used to be commit 8ef13cabdddf58b741886782297fb64b2fb7e489)
|
|
(This used to be commit 06c619b395f212ec3122cf1c804b27afba04e79d)
|
|
(This used to be commit 2eb28b3d516325725678a67f8b0030aec8ec61d7)
|
|
rpc_server/srv_lsa_hnd.c: Remove back pointer from policy handle list as the pipe
that opened the handle may have been closed. We were dereferencing
into something that had been closed.
rpc_parse/parse_spoolss.c: Sync up with Gerald's changes in 2.2.
lib/replace.c: Don't do proto on setlinebuf as it differs between systems.
Jeremy.
(This used to be commit 887ef3e12dc56b89b2284d42b16a81f03e15110b)
|
|
Jeremy.
(This used to be commit a24b248a77ccac364832ff7d4df083d437caf9ed)
|
|
now in pipe struct (where used) rather than user_struct.
Secured machine account password changing in srv_netlog_nt.c - ensure
that only the given machine can change its own password. May need to
free this up later for NT admin tools, but this is a fail-safe secure
position for now.
Jeremy.
(This used to be commit 46b12f2275dcd4b3114085160cd456441f9e921e)
|
|
RPC code to merge with new passdb code.
Currently rpcclient doesn't compile. I'm working on it...
Jeremy.
(This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
|
|
We were reading the endainness in the RPC header and then never propagating
it to the internal parse_structs used to parse the data.
Also removed the "align" argument to prs_init as it was *always* set to
4, and if needed can be set differently on a case by case basis.
Now ready for AS/U testing when Herb gets it set up :-).
Jeremy.
(This used to be commit 0cd37c831d79a12a10e479bf4fa89ffe64c1292a)
|
|
in the RPC code. This change was prompted by trying to save a long (>256)
character comment in the printer properties page.
The new system associates a TALLOC_CTX with the pipe struct, and frees
the pool on return of a complete PDU.
A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx
code, and is freed in the main loop.
This code works with insure, and seems to be free of memory leaks and
crashes (so far) but there are probably the occasional problem with
code that uses UNISTRxx structs on the stack and expects them to contain
storage without doing a init_unistrXX().
This means that rpcclient will probably be horribly broken.
A TALLOC_CTX also needed associating with the struct cli_state also,
to make the prs_xx code there work.
The main interface change is the addition of a TALLOC_CTX to the
prs_init calls - used for dynamic allocation in the prs_XXX calls.
Now this is in place it should make dynamic allocation of all RPC
memory on unmarshall *much* easier to fix.
Jeremy.
(This used to be commit 0ff2ce543ee54f7364e6d839db6d06e7ef1edcf4)
|
|
functions work now:
- spoolenum
- spoolopen
- spoolgetprinter
- spoolgetprinterdriver
Items todo:
- track down memory bug with spoolenumdata
- fix spoolgetprinterdriverdir
- fix spoolgetdata
- fix display_job_info_ctr in spooljobs
All part of the ongoing rpcclient work.
Also included a new generic list ADT. Cleaner and simplier
than the stuff in util_array.c i think (but then that's why I wrote it).
--jerry
(This used to be commit 381aba2c9a63faa53728f0520ac316478bc7a1c3)
|
|
and a few changes to ntdomain for rpcclient printing functions
--jerry
(This used to be commit eb3f545f54eabb8b2b9a735808ebf49808ea85eb)
|
|
* fixes some readline bugs from the merge
* first attempt at commands (spoolenum almost works)
* no changes to existing functions in HEAD; only additions
of new functions. I'll weed out what I can as I go.
--jerry
(This used to be commit 61d2aad5dc2b212b11c981f1eca47efa627e9fc8)
|
|
(This used to be commit 3c4a5f624bfa69eb81d998530d9227e158edd109)
|
|
structure so authenticated pipe users can have their unix groups set when
become_authenticated_pipe_user() is called.
(This used to be commit 55c9bf124dc661df43bfe582ef14b1297aeaf0fa)
|
|
semi-connection and a rpcclient prompt, but no functionality there yet.
Will be a few more days on that.
The changes to the header files were minor. A few struct's and a few
additional fields to existing ones. No deletions. **minimal change
necessary** :-) Well, maybe not minimal, but I tried.
All other programs compile, link and run ok from what I can tell so
I don;t think I broke anything.
--jerry
(This used to be commit cd7f0b0b91afd3331c0607ba2fcb3ccdd41ecebf)
|
|
instead of two prs_data pointers.
(This used to be commit 73e4466fc30fee149f51a5aa45c26beb783306c5)
|
|
on the samba server.
(This used to be commit 15e7d8f6c5cddf6ce409ee2505744250d181ec34)
|
|
the buffer
(This used to be commit 725889869ca2eb66000efe8a77cde52d9737a814)
|
|
it is now at the stage that winbindd can compile in the head branch,
but not link
(This used to be commit d178c00aae77710ae6ff20a7f54a30e3bd8232bb)
|
|
head/tng merge.
It goes something like this:
- headers from tng get copied over one at a time
- the old headers get renamed to *_old.h
- server side code that used the old headers gets a
#define OLD_NTDOMAIN 1
#undef OLD_NTDOMAIN
at the start and end of the code
- mkproto.awk recognises these special defines and does magic stuff so
that each .c file sees the right headers
- we start moving the rpc client libraries from tng to head.
if this goes OK then, in theory, we should be able to move the client
side rpc code from tng to head without disturbing the existing head
server side code. Then when that works we can consider merging the
server side.
it remains to be seen if this scheme will work. So far I've moved
rpc_samr.h and don't seem to have broken anything.
Note this this is still a very delicate operation, as at every step of
the way I want to keep head fully functional. Please don't take part
unless you discuss it with me first.
(This used to be commit f76c037255a6a79d11bec65e863e009a41a4f0fd)
|
|
functions that need to access the vuid, it can be obtained from the
current_user global.
Did some whitespace cleanup.
(This used to be commit 738b307bd7053ede369431da7b1349befaa523d9)
|
|
-Wpointer-arith -Wcast-qual
Partially implemented rpc daemon redirect (needs more work).
Jeremy.
(This used to be commit a462191698fa589ceac4afd14c652adf699eccad)
|
|
and the printer functions.
Also tidied up some header includes and got the order right so you
can now do a :
make proto
make clean
make
Jeremy.
(This used to be commit 833cd9fba92e4ad5297b235d108dd2be8c17079b)
|
|
nmbd/nmbd_processlogon.c: Use "True" and "False" instead of 1 and 0.
Others - preparing for multiple pdu write code.
Jeremy.
(This used to be commit 9f879ec396230deba34fbe5e82d8a65f92137c54)
|
|
J.F.
(This used to be commit 853a1a3027dde7608027dc78f6e15789d5fc9152)
|
|
to using internal msrpc code in smbd.
(This used to be commit 8976e26d46cb991710bc77463f7f928ac00dd4d8)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service. the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.
this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).
removed reference to pipes_struct in msrpc services. all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.
created become_vuser() which does everything not related to connection_struct
that become_user() does.
removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.
todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.
had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons. why? because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency. so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc. this is the MINIMUM info identified so far that's
actually implemented. missing bits include the called and calling
netbios names etc. (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
(This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
|
|
one horrible cut / paste job from smbd, plus a code split of shared
components between the two.
the job is not _yet_ complete, as i need to be able to do a become_user()
call for security reasons. i picked lsarpcd first because you don't
_need_ security on it (microsoft botched so badly on this one, it's not
real. at least they fixed this in nt5 with restrictanonymous=0x2).
fixing this involves sending the current smb and unix credentials down
the unix pipe so that the daemon it eventually goes to can pick them
up at the other end.
i can't believe this all worked!!!
(This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)
|
|
(This used to be commit 50dc709fa95e86ebe2b3132176241cb3a2cc4e36)
|
|
found out that getopt() _must_ have optind set to 0 before reuse.
still haven't decided what to do with the net* api yet...
(This used to be commit 29c480085e786905bfd92ea3cd93658f94e96e47)
|
|
believe the XXXX that MIGHT be involved in getting nt5rc2 to join
a samba domain...
(This used to be commit 569babb3935950c1b64396955541abf276cc1d92)
|
|
for which a PDC is responsible. typical answers are:
<Name of Domain> plus <Builtin>.
against a hierarchical, down-level-compatible NT5 PDC, there's likely to
be more than these two entries!!!!!
(This used to be commit 3146aa6b6049a0d996e9abbe7dbee8526550e7e0)
|
|
- disabled (AGAIN) the GETDC "if (MAILSLOT\NTLOGON)" code that will get
NT5rc2 to work but WILL break win95 (AGAIN). this needs _not_ to be
re-enabled but to be replaced with a better mechanism.
- added SMBwrite support (note: SMBwriteX already existed) as NT5rc2 is
sending DCE/RPC over SMBwrite not SMBwriteX.
(This used to be commit 25c70e3c984c4fed19763ed405741e83fe14f87e)
|