summaryrefslogtreecommitdiff
path: root/source3/libnet/libnet_samsync.c
AgeCommit message (Collapse)AuthorFilesLines
2009-04-14Make Samba3 use the new common libcli/auth codeAndrew Bartlett1-4/+4
This is particuarly in the netlogon client (but not server at this stage)
2009-04-14Use common samsync delta decryption functions in libnet_samsync.cAndrew Bartlett1-157/+7
Andrew Bartlett
2009-04-14Adapt to common crypto functions: sam_pwd_hash() -> sam_rid_crypt()Andrew Bartlett1-8/+9
2009-04-14Rework Samba3 to use new libcli/auth code (partial)Andrew Bartlett1-8/+9
This commit is mostly to cope with the removal of SamOemHash (replaced by arcfour_crypt()) and other collisions (such as changed function arguments compared to Samba3). We still provide creds_hash3 until Samba3 uses the credentials code in netlogon server Andrew Bartlett
2009-03-25s3-libnet: Fix Bug #6193: avoid messing with sync_context in ↵Günther Deschner1-3/+0
libnet_samsync_delta(). We absolutely need to avoid messing with the sync_context as that breaks the stream of replication data coming from the DC (only replicates ~350 instead of ~4000 groups). Guenther
2008-12-09s3-libnet: fix build warning (missing prototype).Günther Deschner1-2/+2
Guenther
2008-11-18s3-libnet-samsync: refactor libnet_samsync.Günther Deschner1-57/+66
Guenther
2008-11-18s3-libnet-samsync: use netr_DatabaseDeltas unless full replication enforced.Günther Deschner1-1/+12
Guenther
2008-11-18s3-libnet-samsync: pass sequence number pointer to process routine.Günther Deschner1-0/+1
Guenther
2008-11-18s3-libnet-samsync: move all modules to startup,process,finish callbacks.Günther Deschner1-1/+0
Guenther
2008-11-18s3-libnet-samsync: call init and close ops function where appropriate.Günther Deschner1-1/+23
Guenther
2008-11-18s3-libnet-samsync: use samsync_ops.Günther Deschner1-3/+4
Guenther
2008-11-18s3-libnet-samsync: add support for partial replication.Günther Deschner1-12/+107
Guenther
2008-10-22Fix net rpc vampire, based on an *amazing* piece of debugging work by ↵Jeremy Allison1-21/+32
"Cooper S. Blake" <the_analogkid@yahoo.com>. "I believe I have found two bugs in the 3.2 code and one bug that carried on to the 3.3 branch. In the 3.2 code, everything is located in the utils/net_rpc_samsync.c file. What I believe is the first problem is that fetch_database() is calling samsync_fix_delta_array() with rid_crypt set to true, which means the password hashes are unencrypted from the RID encryption. However, I believe this call is redundant, and the corresponding call for samdump has rid_crypt set to false. So I think the rid_crypt param should be false in fetch_database(). If you follow the code, it makes its way to sam_account_from_delta() where the password hashes are decrypted a second time by calling sam_pwd_hash(). I believe this is what is scrambling my passwords. These methods were refactored somewhere in the 3.3 branch. Now the net_rpc_samsync.c class calls rpc_vampire_internals, which calls libnet/libnet_samsync.c, which calls samsync_fix_delta_array() with rid_crypt always set to false. I think that's correct. But the second bug has carried through in the sam_account_from_delta() function: 208 if (memcmp(r->ntpassword.hash, zero_buf, 16) != 0) { 209 sam_pwd_hash(r->rid, r->ntpassword.hash, lm_passwd, 0); 210 pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED); 211 } 212 213 if (memcmp(r->lmpassword.hash, zero_buf, 16) != 0) { 214 sam_pwd_hash(r->rid, r->lmpassword.hash, nt_passwd, 0); 215 pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED); If you look closely you'll see that the nt hash is going into the lm_passwd variable and the decrypted value is being set in the lanman hash, and the lanman hash is being decrypted and put into the nt hash field. So the LanMan and NT hashes look like they're being put in the opposite fields." Fix this by removing the rid_crypt parameter. Jeremy.
2008-09-23s3-nbt: fix remaining callers of ndr_push/pull_struct_blob.Günther Deschner1-2/+2
Guenther
2008-07-30build: fix some no previous prototype warnings.Günther Deschner1-1/+1
Guenther (This used to be commit 51062534fd58d7a914a6bbac2e52bb44e71363b7)
2008-06-27net_vampire: use bool for last_query information in samsync.Günther Deschner1-1/+2
Guenther (This used to be commit fa1976e23a33bd3fab17c3f6ab5573ee1fdf9e31)
2008-06-24net_vampire: add code to vampire a SAM database to a keytab file.Günther Deschner1-0/+3
Guenther (This used to be commit ee6e422c0e035aa4779fa718bb6f142827cc2de0)
2008-06-23net_vampire: more libnet_samsync restructuring.Günther Deschner1-16/+8
Guenther (This used to be commit 3bcda522f025aff249678a8a086218679fc19c6b)
2008-06-23net_vampire: prepend libnet_ to the public samsync functions.Günther Deschner1-17/+17
Guenther (This used to be commit f020c947cfb1482176af8827ed9c361d7c21e26f)
2008-06-23net_vampire: move pull_netr_AcctLockStr() to libnet.Günther Deschner1-0/+38
Guenther (This used to be commit 8ec64a96e43d2e55e81f725fe693178ecdc65e88)
2008-06-17net_vampire: add error and result_message to samsync_context.Günther Deschner1-22/+44
Guenther (This used to be commit e0b117200441f842fbc11cc817ab2cde4d63a22e)
2008-06-17net_vampire: add domain_name to samsync_context.Günther Deschner1-0/+4
Guenther (This used to be commit 7e7f07ec59d23e909809ed32adc8fc399826310d)
2008-06-17net_vampire: fix samsync_process_database().Günther Deschner1-1/+1
Turns out the password hashes are not rid encrypted in the samsync reply. Guenther (This used to be commit 7d8d60bcbae79f3cdd55b27217145ffbd19f161d)
2008-06-17net_vampire: fix build warning.Günther Deschner1-1/+0
Guenther (This used to be commit eb4232fec05cd87ea85a781b84a3fbe85f469703)
2008-06-17net_vampire: move some samsync functions to libnet.Günther Deschner1-0/+164
Guenther (This used to be commit b3b6af0a3e25fab0a14c9c802dbabd3d03448ebe)
2008-06-13samsync: add samsync_fix_delta_array()Günther Deschner1-0/+188
This code is vastly based on samba4 code. Guenther (cherry picked from commit 5b68be96996a710988b1fd1c176cd5dff0f2c6af) (This used to be commit 2c53d87de4ecc5ac9c43bc7488a03bceecf35140)