summaryrefslogtreecommitdiff
path: root/source3/pipenetlog.c
AgeCommit message (Collapse)AuthorFilesLines
1997-10-26hooray. hooray some more. hooray a lot. got the client-side working.Luke Leighton1-6/+16
Q/R LSA_REQ_CHAL; Q/R LSA_AUTH2; Q/R LSA_SAMLOGON; Q/R LSA_SAMLOGOFF. the last (non-essential right now) bit is the LSA_SRV_PWSET. the next stage is to do LSA_OPENPOLICY; add the pipe binds (missing right now); then we can test against an NT Server. (This used to be commit 0a549e62fbf11a3ff1f1de663176e30006553e08)
1997-10-25oops!Luke Leighton1-2/+2
(This used to be commit 2119624010e599359f4829cce6800bb0c55d281e)
1997-10-25got the SAM logon request generated, and received a SAM logon response back.Luke Leighton1-1/+7
YEAH! need to add: - client-side credential calculation - client-side parsing of the SAM logon response. (This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
1997-10-25Makefile :Luke Leighton1-96/+41
adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
1997-10-24nmblib.c :Luke Leighton1-4/+6
adding some debug info pipenetlog.c pipentlsa.c pipesrvsvc.c : using unistrn2 instead of unistr2 in the SAM logon username. wrong offset for command in request (use "reserved" field not cancel_count. AGH i'll get there) (This used to be commit 6d301d2cfd25b18ba18685d926d7a5bc08695b6d)
1997-10-24nterr.c :Luke Leighton1-4/+4
added a structure that wraps nt errors as strings and enums, so we can do a smb_nt_error() function. Makefile ntclient.c : added ntclient.c, broken out nt domain stuff into a separate file. getting fed up of compile-times and size of client.c. fixed the do_lsa_req_chal() function. made it read the response, and return the challenge credentials received from the server. next stop: do_lsa_auth_2(). client.c : removed nt domain logon functions into a separate file. pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c : i'd broken the offsets of the RPC_HDR while trying to sort out the nt client code. fixed it again. added some robustness stuff. util.c : the unistrn2() function was null-terminating the string at one character too many. (This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
1997-10-23general sorting out, from crashes generated by do_lsa_req_chal() in client.cLuke Leighton1-15/+20
trying to set up the data parameters etc and not understanding what's going on. in api_netlogTNP, added smb_io_rpc_hdr() call to decode the header received (and in this instance, generated by do_lsa_req_chal()). and then noticed that it's two bytes out. but i don't know how to do "byte parameters" and it's not the same format as the LSA_REQCHAL received from nt workstations. agh! (This used to be commit 0cc8ce43e1d54b44237bb525f4cf6b77e7ca3ced)
1997-10-22Makefile client.c :Luke Leighton1-7/+10
adding start of undocumented options to do NT domain logons, client-side. starting with LSA_REQCHAL. the code here happily crashes smbd: i'll investigate this further... :-) smbparse.c pipeutil.c lsaparse.c : moved some of the common make_xxxx() functions out of pipeutil.c so that the make_xxxx and (smb/lsa)_io_xxxx functions now sit together. makes sense, really... added a make_q_req_chal() function. restructured make_rpc_reply() and called it make_rpc_hdr(). created functions create_rpc_reply() and create_rpc_response(). pipenetlog.c pipentlsa.c pipesrvsvc.c calling new create_rpc_reply() function instead of old make_rpc_reply(). proto.h : usual. smb.h: added enum for RPC_PACKET_TYPE (This used to be commit b88ee3e16c6b671069f53ca2e9c5694ec8b1c030)
1997-10-22Makefile client.c clientutil.c clitar.c nmbsync.c :Luke Leighton1-11/+18
redid the split that i did a year ago, taking the functions in client.c out into clientutil.c. guess what? we could now do encrypted password NetServerEnum2 calls in nmbd, if we wanted to. i can now use cli_call_api() to send to different pipes. i hope. pipenetlog.c: allow adding to users group _and_ to admin group. if adding to guest group, don't allow adding to users or admin as well. smb.h : added some pipe #defines (\PIPE\NETLOGON \PIPE\srvsvc ...) proto.h : usual. (This used to be commit 6ee065ce6e099acfc7e83ad399ef6e60b4c625c1)
1997-10-22loadparm.c :Luke Leighton1-21/+29
added "domain other sids" parameter pipenetlog.c : using "domain other sids" parameter in SAM Logon response. using new name_to_rid() function for r_uid and r_gid. pipentlsa.c : minor mods to do with new name_to_rid() function. pipesrvsvc.c : in the "net share enum" response, allocate some more space for the buffer. there can be only 32 share entries in the response anyway. this needs to be dealt with. pipeutil.c : modified name_to_rid() function to use new parameters "domain admin users" and "domain guest users", but will otherwise do unix uid + 1000. moved make_dom_gids() here. proto.h: the usual. smb.h smbparse.c : renamed sid_no to sid_rev_num in DOM_SID, and gid to r_gid in DOM_GID. util.c : moved make_dom_gids() from here. created char *unistrn2(uint16* uni_buffer, int max_len) (This used to be commit ec60e48d7982240b7755d246b2f1e8989467f66f)
1997-10-21loadparm.c :Luke Leighton1-1/+26
added "domain admin users" parameter added "domain guest users" parameter these two complement the "domain groups" parameter. the "domain groups" parameter should be for your own groups, and well-known aliases. util.c : added ability to do "domain groups = power_users admin_users backup_ops" which are well-known RID aliases, not well-known RID groups. pipenetlog.c : combine the "domain admin users"; "domain guest users" and "domain groups" parameters to give an array of RID groups to include in the SAM Logon response. ipc.c smb.h : moved REALLOC() into smb.h added RID #defines. proto.h: usual. (This used to be commit f2554f231d1f59f30224adcc02b2b3ca4c24e0dd)
1997-10-20added "domain groups" parameter, allowing you to specify the groups thatLuke Leighton1-2/+6
the user belongs to. it would be nice to know exactly what the domain groups _are_.... (This used to be commit c6e37d8db0cd89a84a54a0cedfeacf50fb3f7a4c)
1997-10-20util.c password.c :Luke Leighton1-14/+5
added automount_server() function which, if -DAUTOMOUNT is in use, returns the server name of the NIS auto.map entry. otherwise, it returns local_server. added use of automount_server() for a new substitution %N for NIS home server. this defaults, via automount_server(), to the same functionality as %L if -DAUTOMOUNT is not used. removed vuser->home_share. moved code that grabbed the servername into the separate function automount_server(). loadparm.c : created "logon drive" (default of "") created "logon home" (default of "\\%N\%U") changed default of "logon path" from NULL to "\\%N\%U\profile". ipc.c pipenetlog.c : use lp_logon_drive(), lp_logon_home() and lp_logon_path() in their now easier-to-use form (don't have to check if *lp_logon_path() and manually substitute a default of \\%L\%U and do a standard_sub_basic() on the result, because the default automatically does this. (This used to be commit c6c28a4c3c9010ff9d5eac4bad091189a786d5a0)
1997-10-19Makefile :Luke Leighton1-4/+11
added srvparse.o and pipesrvsvc.o smb.h : mods to the Net Share Enum stuff srvparse.c : Net Share Enum parsing support. more srvsvc pipe parsing to go here... pipenetlog.c util.c: modified standard_sub_basic() so that you can set a global boolean and use a different string for the %U username substitution. proto.h: the usual. (This used to be commit 22b86b6499b2680d16cb4180a736b4e750147409)
1997-10-17pipenetlog.c lsaparse.c smb.h :Luke Leighton1-10/+20
SAM logon sorting. too many buffer pointers. added in the missing switch value (value of 3). dealing with the buffer pointers to the user info structure in a slightly different way. (This used to be commit 7993e17c9a1edddae6407d3f12790c461def705a)
1997-10-17smbparse.c smb.h :Luke Leighton1-0/+1
uni_max_len and uni_str_len are the other way round, in UNIHDR. util.c : increased the show_msg() data size from 256 bytes to 512 bytes: the LSA SAM Logon response can be about 500 bytes long. pipenetlog.c : forgot to set the authoritative field to 1. (This used to be commit 71c6678cd7ffe30a5da27766cf99147e1921feae)
1997-10-17set the wrong info level (0x0C00 0000 instead of 0xC000 0000) so thatLuke Leighton1-1/+1
nt got confused and thought that the server password had been set instead of refused. this is for the SRV_PWSET response. (This used to be commit f9fbcad42ec20da56466054e1984e391d03b3204)
1997-10-16dealing with some stack overflow bug somewhere around the use ofLuke Leighton1-10/+12
deal_with_credentials() by moving important code to the beginning of the function :-) :-) :-). the new seed (old_cred + time + 1) was getting corrupted. (This used to be commit dab35ce5d61d53bce6ede44e56d9393645c0d67e)
1997-10-16inside the auth 2 response bits, i wasn't storing the received clientLuke Leighton1-3/+3
credentials for the calculation of the next credentials: i was storing the auth 2 calculated credentials. oops. (This used to be commit eb81fae874383f77ad72c0f7686b8c49e645b0b8)
1997-10-15smb.h smbparse.c pipenetlog.c :Luke Leighton1-8/+28
whoops, the SAM Logon structure was wrong. updated this, and cifsntdomain.txt. more debug info in pipenetlog.c. the crash is somewhere around deal_with_credentials(). byteorder.h : put in uint8, uint16 and uint32 typecasts around debug info, because sign extending was resulting in ffffffe8 being displayed instead of e8. credentials.c : some debugging info, because i'm tracking a coredump. without gdb. nothing like making things difficult. reply.c : whoops, missed this (important) bit from paul's code, which tells the NT workstation that the MACHINE$ entry doesn't already exist, and we're going to create a default entry with a password "machine" right now. proto.h: the usual. (This used to be commit ed606bc7d4e6fb1091e527ea70a3e950d50a1db4)
1997-10-15fixed a stack overflow bug in api_lsa_req_chal()Andrew Tridgell1-1/+1
changed the order of arguments to smbhash() in credentials.c. Luke, when you changed from E1() to smbhash() you didn't notice that the arguments are in a different order. This is why your new code was failing. NT logon still fails, but now gets to SAMLOGON. It shouldn't take much to get it working now. (This used to be commit 708edc348f0fb81d9c918e4bf857f339a13a3781)
1997-10-14credentials, query info reply.Luke Leighton1-19/+20
(This used to be commit 9b095887df204393090d7da9a47508685ddd5163)
1997-10-14changed *(uint32*)(clnt_cred) to SIVAL(clnt_cred, ....)Luke Leighton1-1/+4
(This used to be commit 0056b154435e9d2a3fd2be37f7c3afd9e3fbfd87)
1997-10-13put a check around become_user(). doesn't authenticate the user, but doesn'tLuke Leighton1-1/+5
quit the whole pipe, either... (This used to be commit 14f0c2ddb05a690e671efad8c47da9ff1e39c8ce)
1997-10-13resolving some of the confusion over credentials.Luke Leighton1-7/+10
(This used to be commit 9d1f45ca6bbdeeef448ccb55e1275c6f9ec59820)
1997-10-13split pipes.c down into util, netlog and ntlsa.Luke Leighton1-0/+610
(This used to be commit 8fe02c239d70497af449ed0cdf1a32de10021ba1)