Age | Commit message (Collapse) | Author | Files | Lines |
|
(-> LsarQuerySecret) on client side, including rpcclient command
"querysecret" for others to play with.
The major obstacle is working out the encryption algorithm used
for the secret value. It definitely uses the NT hash as part of the
key, and it seems the block size is 64 bits - probably DES based -
but I can't work out what's done in between. Help required.
(This used to be commit 365fa3b5fbf551670acc91f593138a7e91a5f7fa)
|
|
(This used to be commit 65b0abe8b7594ff6c662da86dc2e35bd83a2d13d)
|
|
(This used to be commit 97a0b24955b45e434e34510f65afdde7bfdf3183)
|
|
last count (probably an ENUM / resume handle) should always be returned
even if there are no items being returned.
- got fed up of seven intendation levels in cmd_samr.c, maximum recommended
in *any* code is three! made some sub-fns instead.
(This used to be commit 1c330d568225759950401cfb98fe9e99db81419c)
|
|
(This used to be commit e0b5a866ce2628a5e152af3ef817ee3124e60500)
|
|
rpcclient [-m messsage] [-t timeout] [-r or --reboot].
(This used to be commit 8b859797aaa1b88cb1a932fed97b4c3ea2dbdde2)
|
|
(you can do "lookupdomain MYDOMAIN" and "lookupdomain BUILTIN" and the
results won't be too surprising), but it will come in useful testing the
new password database code I'm working on.
(This used to be commit d1cc33bcb61305cc9a6e21886237fa291eda9427)
|
|
* Added SAMR_LOOKUP_DOMAIN (-> SamrLookupDomainInSamServer)
* Added real SAMR_ENUM_DOM_GROUPS (corresponding to
SamrEnumerateGroupsInDomain). The existing one is just an alias for
SamrQueryDisplayInformation (see below).
* Added three extra info levels to SAMR_QUERY_DISPINFO. Info level 3 is
what was previously SAMR_ENUM_DOM_GROUPS; info levels 4 and 5 are
simple user/group list requests used by Win9x and I suspect (haven't
checked) the "low speed connection" User Manager.
* Added another two aliases for SAMR_QUERY_DISPINFO, opcodes 0x30 and
0x33. Usually the first is with info level 3 and the second 4 but there is
some overlap so indeed these should be implemented as just aliases.
* Return ERRDOS/ERRmoredata on extra data instead of
STATUS_BUFFER_OVERFLOW for Win95's benefit. On a named pipe this results
in an SMBreadX as usual.
Still need to fix SAMR_QUERY_DOMAIN_INFO which has a hard-coded number of
users and groups - which Win95 proceeds to truncate at.
(This used to be commit 7d03e6e21908f3a759a4e65c5edd850622335e3e)
|
|
(This used to be commit ec1b7000fd88c5a08e438c7033f60e49b9ec44a8)
|
|
(This used to be commit 59f081069a58f6a070ed6016c06153d5e695da93)
|
|
(This used to be commit ba5919bcaefa792bae503c7ab19d4b7bbf9bb954)
|
|
Also some string length and sizeof(pointer) corrections.
(This used to be commit ce24191939b82985d09eabe945199f38b0fea486)
|
|
(This used to be commit 9ea91d89d2a1baa67f5143ecc08eb60c93213242)
|
|
No more ugly static library buffers and all functions take a destination
string length (especially unistrcpy was rather dangerous; we were only
saved by the fact that datagrams are limited in size).
(This used to be commit a1d39af1ce1d451b811dbd7c2ba391214851b87e)
|
|
as you need to make multiple enum dom users calls.
(This used to be commit b5396d3c6de4b8cb0e981bab10367e5838f78a53)
|
|
(This used to be commit d77de868588b6291353fa7a426b6e5da4b5f2c49)
|
|
which is more appropriate.
(This used to be commit ac72fe1ab3d10f64a5945ccbd4ed3817e30f9f7b)
|
|
also needed to use start index properly and generate next index.
both client and server code need to recognise error code 0x105
when there's not enough room to store all the users in one call.
sort this out another time.
(This used to be commit ad58cdfac6b85d9431216e32e532ad4d60f9c6dd)
|
|
(This used to be commit a022710f1e3996ecbe6bbe035e1df0bc4c050b34)
|
|
(This used to be commit f4dd8f6b566961890b2933b7a413241bf9b93797)
|
|
cmd_svcctl.c tests got put into cvs by mistake.
(This used to be commit 0ed70972d72533558f0fdd43e6ec95ac2102b9d0)
|
|
needed this for some tests.
- removed code that said "if lm password is not encrypted then encrypt both
lm and nt passwords". actually it said "if lm password length is not 24
bytes and we're in security=user mode..."
it didn't bother to check whether the nt password was NULL or not, and
doing the encryption inside cli_session_setup is the wrong place.
- checked all instances where cli_session_setup is called with cleartext
passwords that are expected to then be encrypted (see above) with the
test "if pwlen != 24...". there was only one: all the others either
provide encrypted passwords, do null sessions or use
cli_establish_connection.
* recommendation: use cli_establish_connection() in smbwrapper/smbw.c
(This used to be commit 2a509e9606f8aefbefa6e7b49878726464dbed44)
|
|
(This used to be commit 0b2095e092d747f741e78a3349f0b81a72811629)
|
|
(This used to be commit dacf5b152bf74cc3ee9a816911384a5eb0e77afa)
|
|
(This used to be commit e5ee965f8d8452ab694bc5d88e474c4b91dce5b0)
|
|
(This used to be commit d06d6369942828ec89e90f99bd0d0d3f91d61d13)
|
|
(This used to be commit 57e025494692b1e54d4d83192e6c15d4d1454353)
|
|
(This used to be commit 8a85d7abed317fd06e3e0026d4b9e088311eede4)
|
|
LsaLookupSids etc from within SamrQueryAliasMembers, for example.
fnum is now a parameter to client functions. thanks to mike black
for starting the ball rolling.
(This used to be commit bee8f7fa6b0f7f995f71303f4e14a4aaed0c2437)
|
|
attempt at taking lib/uid.c and getting a unix security context
change module that is independent of "cnums" and "snums".
a security context is needed for pipes, not just IPC$ or other
services.
- group database API
added add_group/alias_member, del_group/alias_member,
del_group/alias_entry functions. del_builtin_entry() is
deliberately set to NULL to cause an exception, you cannot
delete builtin aliases.
- parse_lsa.c srv_lsa.c
fixed lookup_names code, it was a load of trash and didn't do
anything.
- cmd_samr.c rpcclient.c srv_samr.c
added "deletegroup", "deletealias", "delaliasmem", "delgroupmem",
"addgroupmem", "addaliasmem", "createalias", "creategroup", to
both client and server code.
server code calls into unix stubs right now, which don't actually
do anything. the only instance where they are expected to do
anything is in appliance mode NOT even in the ldap code or anything.
client code modified to call samr_lookup_names() for group code
(because we can) and lsa_lookup_names() for alias code (because
we have to).
- srv_lookup.c
oops, lookup on unsplit name, we got lookup on DOMAIN, DOMAIN\name
instead of DOMAIN, name.
(This used to be commit b8175702ef61b8b37b078f38e81452c00a5e2986)
|
|
needed a flags fields as you get 0x0000 0010 and 0x0000 001f unknown
values for different purposes, no-one's going to tell us what they
are and i don't CARE!
(This used to be commit aabb4b3bc5119ef317b5697ae6fcf5d36c2d474e)
|
|
- samr_enum_dom_users, the first 4 bytes is some sort of garbage,
nt5-beta2 clears them out to zeros whereas nt4 does not.
fixed bug where we were assuming that the first 4 bytes of a
response _had_ to be non-zero.
- cli_lsarpc.c: forgot to append the rid on the lsa_lookup_names()
client call.
- added in "addaliasmem" and "addgroupmem" commands. the addaliasmem
command actually turned out to be a "delaliasmem" :-) :-)
- parse_lsa.c: moved assert array check to after the size of useable
array space is set...
(This used to be commit 165b15a8cacc4bc7cf8cc0b9aaabb6b92cef7fdb)
|
|
- renamed do_lsa_xxx to lsa_xxx
- added "enumgroups [-m]" command, enumerates groups, shows members.
- added cmd_sam_add_groupmem(), need to call these in rpcclient.c
- added cmd_sam_add_aliasmem(), need to call these in rpcclient.c
- modified "enumaliases [-m]" command
- improved "enumgroups" and "enumaliases" to display names not just RIDS/SIDs.
- renamed "samr_unknown_12" to "samr_lookup_rids".
- added the following client-side functions:
get_samr_query_groupmem()
get_samr_query_aliasmem()
get_samr_query_groupinfo()
samr_enum_dom_groups()
samr_enum_dom_aliases()
samr_add_aliasmem()
samr_add_groupmem()
- improved display output (display.c)
(This used to be commit eacc5e581af2b4de24186b9be3238b352c54effe)
|
|
(This used to be commit 4771d5451b49375cc2fd4246d7d746b0d03cd5ba)
|
|
renamed do_samr_xxxx to samr_xxxx.
(This used to be commit 1e5d81c154740349a2cda4c1892b33a21c0683a8)
|
|
- lib/sids.c:
generate_sam_sid() modified to take a domain name: it now
generates "DOMAIN_NAME.SID". reasons:
1) if you run multiple samba servers on the same machine
under different netbios names as members of a domain,
they won't all use the same SID, which is a _big_ mistake
but it would happen _by default_.
2) we have (had) a problem with sid_to_string() and string_to_sid()
which cause SIDs to be incorrectly read. one of the major
reasons for *NOT* making this change was so as not to disrupt
existing users. but as they will be anyway by this bug,
we might as well go ahead.
- passdb/smbpass.c:
wanted to change the meaning of the name in the smbpasswd
file to an "nt" name not a "unix" name. this is probably
not a good idea: reverted this.
- output formatting / bug-fixing in rpcclient query_useraliases code.
(This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
|
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
(This used to be commit 68342a29a892e515cf2b22d759476d61944bcd59)
|
|
UNIXWARE.
groupdb/aliasdb.c groupdb/aliasfile.c groupdb/groupfile.c: Don't use snprinf, use slprintf.
include/includes.h: Fix YP problem.
include/smb.h: Fix ZERO_STRUCTP.
lib/util_sock.c: Added strerror() in debugs.
passdb/ldap.c: Don't use snprinf, use slprintf.
rpc_client/cli_lsarpc.c rpc_client/cli_pipe.c rpc_parse/parse_sec.c rpc_server/srv_pipe.c: Don't use snprinf, use slprintf.
script/installman.sh: DGUX changes.
smbd/open.c smbd/oplock.c: Fixed gcc warnings.
web/swat.c: Changes USER to SWAT_USER.
(This used to be commit 4c2b5a00983501e5d4aad1456ba8b5ab0dfd9b4c)
|
|
data needed" message gets treated as a serious error code (which it isn't)
so the client code terminates.
(This used to be commit d9b59580dcd5076d3027e364964dcd624300fe45)
|
|
kanji const char* warnings.
(This used to be commit 06abdfd68e1d7fa8741afc3f56ec7a13b5fa4ccc)
|
|
security descriptor testing. hey wow, you can get a SD then send it back!
(This used to be commit 7466c3113ef8f8a89b8496efadfeb611c9f3e069)
|
|
(This used to be commit 22ef5160bf79b968f5bdd3393535177b9d30e178)
|
|
(This used to be commit abdc9d790b7d27b70aaf88451f5c82c99c94ca6e)
|
|
sorted lookupsids command
(This used to be commit 13a0ee851fe0ce9acddfe57f9aba19fc78085c39)
|
|
this is just so unbelievably simple to do...
(This used to be commit c05254a15076711d382a58b85b5f08bf81cb1560)
|
|
(This used to be commit ddfdb6534671a0e9bbbefe555a92925d41abaddf)
|
|
- renamed open_unk_4 to open_hku
- fixed createkey issue spotted by phil cox
(This used to be commit 7df85b956787f02d022b34ef8cfc13fc967ae89c)
|
|
(This used to be commit 20987b6105d42f3404ff009cc27e73a1823cd495)
|
|
opcode 0xb added to do this. a likely candidate name is "RegFlushKey".
(This used to be commit 5e9567e3c7d4ee8624a448fcccfcd8003913dbbf)
|