summaryrefslogtreecommitdiff
path: root/source3/libsmb
AgeCommit message (Collapse)AuthorFilesLines
1999-11-25previous commit added an abstraction function that didn't even haveLuke Leighton2-8/+5
struct cli_state, uint16 fnum into the code: rpc_hnd_api_req(). modified cli_lsarpc.c to use this. the rest is const issues. (This used to be commit c1ea396de21309c4cf19fd92f2573f5257c24588)
1999-11-24ok. *whew*. this is the first completed part of the restructure.Luke Leighton2-31/+48
verified that lsaquery, lsalookupsids work, and found some bugs in the parameters of these commands :-) soo... we now have an lsa_* api that has the same arguments as the nt Lsa* api! cool! the only significant coding difference is the introduction of a user_credentials structure, containing user, domain, pass and ntlmssp flags. (This used to be commit 57bff6fe82d777e599d535f076efb2328ba1188b)
1999-11-24first stages of removing struct cli_state* and uint16 fnum from allLuke Leighton1-3/+4
msrpc client code. the intent is to hide / abstract / associate connection info behind policy handles. this makes the msrpc functions look more and more like their nt equivalents. who-hou! (This used to be commit c01b18e632aede6fce7264ef6971d7ddba945cfb)
1999-11-21implement server-side generation of NTLMv2 session key. YESSS :-)Luke Leighton2-14/+31
(This used to be commit 1092b4f6fbdf3770c0dab756b982a562def1738e)
1999-11-21you know what? this sort of thing makes me laugh. hmm, what functionsLuke Leighton3-4/+40
have we got. and what data do we have. hmm.. i wonder what the NTLMv2 user session key can be... hmmm... weell.... there's some hidden data here, generated from the user password that doesn't go over-the-wire, so that's _got_ to be involved. and... that bit of data took a lot of computation to produce, so it's probably _also_ involved... and md4 no, md5? no, how about hmac_md5 yes let's try that one (the other's didn't work) oh goodie, it worked! i love it when this sort of thing happens. took all of fifteen minutes to guess it. tried concatenating client and server challenges. tried concatenating _random_ bits of client and server challenges. tried md5 of the above. tried hmac_md5 of the above. eventually, it boils down to this: kr = MD4(NT#,username,domainname) hmacntchal=hmac_md5(kr, nt server challenge) sess_key = hmac_md5(kr, hmacntchal); (This used to be commit ab174759cd210fe1be888d0c589a5b2669f7ff1e)
1999-11-19The First Necessary UNICODE String Support.Luke Leighton1-19/+67
the random workstation trust account password is TOTAL garbage. i mean, complete garbage. it's nowhere CLOSE to being a UNICODE string. therefore we can't just take every second character. created nt_owf_genW() which creates NT#(password) instead of NT#(Unicode(pw)). followed through to the password setting in srv_samr.c (This used to be commit 172601b84ae94044b27ded917d4e0e21e47a5a66)
1999-11-18added regqueryval command (experimental) to get reg_io_q_info() andLuke Leighton1-1/+1
reg_io_r_info() working properly. previously they weren't well understood (well, they were the first of the registry functions i did, back in december 97, ok??? :-) set ntversion to 0x1 in SAMQUERY, so that we reply same as NT4 srv. (This used to be commit 98ddeaf442cb30972cb281bf0489a6e5f7eb2883)
1999-11-05experimental spoolss rpcclient commandsLuke Leighton1-0/+6
(This used to be commit c86edef90e7c96d5a99be29e2d2a3679ed26d97d)
1999-11-04samuserset <username> -p password. YESSSSS :)Luke Leighton1-0/+11
you have to use "ntlmv1" at the moment (i.e set client ntlmv2 = no). (This used to be commit f52504c553becc64b89d546a57b1bd9cf1bc5b5c)
1999-11-04adding experimental set user password command to rpcclient, it returnsLuke Leighton1-0/+66
error wrong password against nt. ???? (This used to be commit b3f16e6b5aa5ba1b6afa38ad698646c8e765ec90)
1999-10-25the new CAP_EXTENDED_SECURITY code needed to support NTLMv2. also removedLuke Leighton1-1/+1
switching on CAP_STATUS32 from non-CAP_EXTENDED_SECURITY code (enabled for test purposes only) (This used to be commit 96d8e14f50fda8047d209fa0b94b98a95ce51f21)
1999-10-25one of those wonderful moments when running against a different MSRPCLuke Leighton1-5/+13
implementation (NT5) when you discover that your code is trash. samr_enum_dom_users(), samr_enum_dom_aliases() and samr_enum_dom_groups() all take a HANDLE for multiple-call enumeration purposes. (This used to be commit 19490d8b4fb8a103f3df4e6104f6f22937b0c518)
1999-10-21split modify_trust_account_password into a separate module.Luke Leighton1-0/+211
(This used to be commit 479fc93bd03fb961dd1e8093a911cf0a3be7071f)
1999-10-19need status codes from cli_net_req_chal() and cli_net_auth2().Luke Leighton1-1/+2
this format is what i would like _all_ these functions to be (returning status codes, not BOOL) but that's a horrendous amount of work at the moment :) (This used to be commit 02f240604241367f146b26934ad1a1b2563430de)
1999-10-14const issuesLuke Leighton1-1/+1
(This used to be commit 858f79b362dce8aa06013533209bc982cb99d33d)
1999-10-14adding CAP_EXTENDED_SECURITY support in a hurry last week. forgot toLuke Leighton1-0/+29
deal with linking issues in other binaries (This used to be commit 57f95a01988fb4035b2e4448f4fd3ef0d652c106)
1999-10-07- added rudimentary CAP_UNICODE support because i thought it was part ofLuke Leighton2-70/+417
a problem i was having. - added rudimentary CAP_STATUS32 support for same reason. - added hard-coded, copy-the-same-data-from-over-the-wire version of CAP_EXTENDED_SECURITY, which is a security-blob to encapsulate GSSAPI which encodes SPNEGO which is used to negotiate Kerberos or NTLMSSP. i have implemented NTLMSSP which negotiates NTLMv1 or NTLMv2 and 40-bit or 128-bit etc. i have implemented NTLMv1 / 40-bit. *whew*. (This used to be commit e5b80bd2f76fda70e41e4a9007eb035dab92ed8e)
1999-09-16reading in smb server domain name from SMBnegprot responseLuke Leighton1-5/+26
(This used to be commit 25025f450531c66c0fd9f7eed886cb288d76d025)
1999-09-15#defines for port 445 to SMB_PORT2Luke Leighton1-2/+2
(This used to be commit a8d4560e0064a67a234eae89a564b79d2426d9a9)
1999-08-18debug info display (netbios layer).Luke Leighton1-4/+12
(This used to be commit 5c974cc4a4cdcb9fd3fe01e93aa577b81cf2d18b)
1999-08-03bug-fix in connection to port 445. cool! it works!Luke Leighton1-0/+1
(This used to be commit 062b9302c1c7a21df74571ead5f89ce002820d53)
1999-08-03attempting a connection to port 445 first, followed by a connection to 139Luke Leighton1-6/+23
if this fails. (This used to be commit 5f821e65015c27f5306c3a707841cd0228509974)
1999-08-03close socket issues:Luke Leighton1-11/+33
- ssl close from cli_reestablish_connection() not called. - ntlmv2 fall-back to ntlmv1 failed. (This used to be commit fdc275353de85fde0c348320e4d64ba66365b73b)
1999-07-22BDC support.Matthew Chapman1-0/+13
Algorithm based on previous work of Jeremy's. (This used to be commit f0c71a804dc869a73eb6af6e0ac9f4fb64dd1f68)
1999-07-21BDC support.Luke Leighton1-1/+5
(This used to be commit 2331aa32ab36c3ee5fd8cfbe972e57299939e33d)
1999-07-11anon passwd connection: passlen=1; ntpasslen=0.Luke Leighton1-3/+4
(This used to be commit 12ee037d44a603ce50982d5b90e08c30339de750)
1999-07-09When making anonymous connections, must pass pointers to real ntTim Potter1-5/+5
password and password length variables not constants. (This used to be commit 236022071f2f6df0c583fd88d9802d9b3ea6f73e)
1999-07-08fixed problem with NULL ntpasswd parameters causing crash inLuke Leighton1-9/+43
static cli_calc_session_pwds(). this code used to be inside cli_session_setup() itself and worked on non-NULL local variables. (This used to be commit 7aff19ba57fd91572da7cbe16f118d11226590e3)
1999-06-29removed old code/comments.Luke Leighton1-66/+0
(This used to be commit bc8c46bc088298d6247830b673790032e59d7f6a)
1999-06-29smbclient modified to use cli_establish_connection(). smbclient thereforeLuke Leighton2-5/+22
now uses improved authentication. smbclient now "broken" for "scripts" based on DEBUG() output. cli_establish_connection() requires modification to support old scripts. (This used to be commit b0539d43407cb2b0bab7977908de09b21b145218)
1999-06-29improving authentication code (tidyup).Luke Leighton3-129/+483
(This used to be commit ab1a6aa42db5217f025941fb5107436556bc23b7)
1999-06-24use nmb_safe_namestr.Luke Leighton1-3/+8
(This used to be commit de9a38b0bcb5adcb6e502f2200d3e84bdcbdfc48)
1999-06-24safe string version of nmb_namestr.Luke Leighton1-4/+13
(This used to be commit 250621b3cec5fc463d348432d1d0ff5fb59e7a29)
1999-06-24safe string error reporting functions (found a potential buffer overflowLuke Leighton3-62/+93
of a pstrcpy into an fstring). (This used to be commit ac0060443de800fec9042b69b299ff2e9128a31c)
1999-04-23Adding scheduler control pipe (\atsvc), client-side routines, and rpcclientMatthew Chapman1-1/+2
command "at" (compatible with NT's "at" command - see rpcclient commit) - useful for remote NT administration. (This used to be commit cf30a472f702d7b50c3a85e2cf2f55b46a2bd452)
1999-03-25fixed issues with "Welcome to SAMBA Domain" for when admin user/pass isLuke Leighton1-1/+1
used to add workstation to domain. unix account db not modified: only SAM password db is used. (This used to be commit 129a9a4d4b74897ed753a697a3aed9b194c25568)
1999-03-24NULL pointer handling in nt_lm_owf_genLuke Leighton1-1/+4
(This used to be commit 68841eeb64df5958a90a6471fd17e6e56fba7c67)
1999-03-23ERRmoredata is informational and should not be treated as a hard errorMatthew Chapman1-7/+6
anywhere. (This used to be commit 71b861f7468d7950bedb61dd18a4b9d830bf8628)
1999-03-19const char* instead of char* for inputLuke Leighton1-1/+1
(This used to be commit b51574174c5bbc554eb1c697cb22b2b73af44306)
1999-03-19return type of nt_decrypt_string2 set to BOOL.Luke Leighton1-4/+3
(This used to be commit 674e4a3a73cd601c647a5069e2af943a6321ac06)
1999-03-19Implemented encryption algorithm used for a number of RPC buffers.Matthew Chapman2-1/+46
(actually, decryption only currently because I need to get some sleep). Basically another Microsoft twist on DES; the "master key" is the user's NT hash MD4'd and subsets of this are chosen as the 56-bit DES keys. (This used to be commit f09388fa6f41a13ca035b5b2ff40be804608f619)
1999-03-01Benjamin Kuit's MYSQL SAM Database implementation.Luke Leighton1-0/+2
Copyright (C) Benjamin Kuit <bj@mcs.uts.edu.au> 1999. (This used to be commit fdf61e1dabc2c977ee5cf1e9d60e3380f19840da)
1999-02-12UNICODE cleanup (see lib/util_unistr.c).Matthew Chapman1-1/+1
No more ugly static library buffers and all functions take a destination string length (especially unistrcpy was rather dangerous; we were only saved by the fact that datagrams are limited in size). (This used to be commit a1d39af1ce1d451b811dbd7c2ba391214851b87e)
1999-02-11the UNICODE issue...Luke Leighton2-2/+2
(This used to be commit 73db80f34183324845407b00f58462ff2d7b47ea)
1999-02-08UNICODE byte ordering issue: typecast to uint16* replaced with SSVAL()Luke Leighton1-1/+1
(This used to be commit 9084b7e33dfe717bd8d5604ee71d137e3baef0f5)
1999-02-01Must set password length to 24 after we encrypt a password.Matthew Chapman1-0/+2
(This used to be commit af83778abc5fae0df53ed1874181e33bc8de8d94)
1999-01-28returned cli_session_setup to previous behaviour. added a couple ofLuke Leighton1-7/+22
validation checks and also added capability to send plaintext passwords. send "ntpasslen" of zero to do this. sending same plaintext password for pass and ntpass arguments will result in previous behaviour of encrypting password if server supports it. (This used to be commit 17f4c5a785cf20901bcb76510e5ea9b0a6928115)
1999-01-27- got client code cleartext passwords working again in cli_session_setup.Luke Leighton1-20/+26
needed this for some tests. - removed code that said "if lm password is not encrypted then encrypt both lm and nt passwords". actually it said "if lm password length is not 24 bytes and we're in security=user mode..." it didn't bother to check whether the nt password was NULL or not, and doing the encryption inside cli_session_setup is the wrong place. - checked all instances where cli_session_setup is called with cleartext passwords that are expected to then be encrypted (see above) with the test "if pwlen != 24...". there was only one: all the others either provide encrypted passwords, do null sessions or use cli_establish_connection. * recommendation: use cli_establish_connection() in smbwrapper/smbw.c (This used to be commit 2a509e9606f8aefbefa6e7b49878726464dbed44)
1999-01-25Putting back the -p flag in smbclient.Richard Sharpe1-1/+17
However, it seems that the -s flag in smbclient is also ignored :-( (This used to be commit f6c78192664d611d4663ed7459a2789315861eec)
1999-01-18In security=user mode we must allow cli_connect_serverlist to connect to ourMatthew Chapman1-1/+1
own smbd process, rather than complaining about a password server loop. (This used to be commit 63d7822b9d87d085194de6895d3e271cedcd3c9a)