summaryrefslogtreecommitdiff
path: root/source3/smbd/password.c
AgeCommit message (Collapse)AuthorFilesLines
1998-04-30Added patch from Bruce Tenison <btenison@dibbs.net> to allow encryptedJeremy Allison1-0/+32
passwords to be stored over time, allowing a smbpasswd file migration. Adds new parameter "update encrypted". Will also add to 1.9.18 branch. Docs update to follow. Jeremy. (This used to be commit 5d3e874d780d595415cc27a7f5945fc2e694c3ac)
1998-04-29clientgen.c: Fixed null session setup bug.Jeremy Allison1-5/+13
password.c: Stopped cli_nt_logout call (we don't have it correct yet). Added Luke object-orientation fix :-). smb.h: Added clnt_name_slash to cli_state. lib/rpc/client/cli_login.c: Changed global_myname to clnt_name_slash where needed. lib/rpc/client/cli_netlogon.c: Fixed debug messages, don't check creds on error. lib/rpc/client/cli_pipe.c: Fixed debug messages, Added Luke object-orientation fix. lib/rpc/parse/parse_misc.c: Fixed STRING2 linearization bug that was adding 1. Jeremy. (This used to be commit c6c22df20196cb7f0ae84b1a1dd202a87adb8d4e)
1998-04-29password.c:Luke Leighton1-0/+4
added become_root / unbecome_root around the get machine account password. smbpass.c: cleaning up code. - turning if (BOOL_expr == False) into if (BOOL_expr) what if you test if (BOOL_expr == True) and someone defines True to be -1 on one system and 1 on another? or if you get inconsistent return results between developers - removed if ((FILE*) == 0) and made this if ((FILE*) == NULL) - cannot assume that NULL is zero integer. plus there are typecast issues to deal with - removed return (ret == 0) ? True : False and made this return ret == 0 rely on the compiler to return correct BOOL value: not all developers will return True or False #defines: stick with BOOL test (non-zero). - removed if (ret == False) replaced with if (!ret) - bug where instead of if (sizeof(pstring)-len-len-6 < 0) it had a boolean test if (pstring-len-len-6). - removed "." after debugging of filenames: the "." - a fullstop - looked like it was part of the filename, making things difficult to sort out. still to be resolved: the global_myname isn't set up, such that the machine account password file is named "TEST3..mac". (This used to be commit 315e26c23abf7137684bf084c825ad241076132e)
1998-04-29This is the checkin that adds the security=domain functionality.Jeremy Allison1-19/+78
WARNING - so far this has only been tested against a Samba PDC (still waiting for IS to add me the machine accounts :-). Still missing is the code in smbpasswd that will add a machine account password and change it on the domain controller, but this is not hard, and I will check it in soon. Jeremy. (This used to be commit 17b94a7084621b3f0106dd4d3386f05cdfc56d19)
1998-04-25This looks like a big change but really isn't.Jeremy Allison1-14/+13
It is changing the global variables "myname" and "myworkgroup" to "global_myname" and "global_myworkgroup" respectively. This is to make it very explicit when we are messing with a global (don't ask - it makes the domain client code much clearer :-). Jeremy. (This used to be commit 866406bfe399cf757c8275093dacd5ce4843afa0)
1998-04-23Makefile: Added nterr.c into the mix.Jeremy Allison1-0/+13
clientgen.c: Added nt_error as an entry in the struct client_state. password.c: Open the netlogon pipe. smb.h: Added nt_error as an entry in the struct client_state. lib/rpc/parse/parse_net.c: Added comments on net logon. lib/rpc/server/srv_netlog.c: Added comments on net logon. Jeremy. (This used to be commit 899a9f0dce50c73e03c8da2ebe920957491c8ad7)
1998-04-23clientgen.c: Added rap error codes to cli_error, moved from smbpasswd.cJeremy Allison1-54/+161
password.c: Changed global cli -> pw_cli, removed strtok (bad strtok, bad :-) use in security=server, started to extend security=domain code. smbpasswd.c: Removed rap error code functions. Jeremy. (This used to be commit 0f00b8fce1a5cad7f8c212568fa33f09986e5bd6)
1998-04-23genrand.c: Changed SMB_PASSWD_FILE to lp_smb_passwd_file().Jeremy Allison1-0/+73
password.c: Started the initial code for domain_client_validate(). All bracketed with #ifdef DOMAIN_CLIENT for now. reply.c: Call to domain_client_validate(). All bracketed with #ifdef DOMAIN_CLIENT for now. smbpass.c: New code to get/set machine passwords. Tidied up nesting of lock calls. Jeremy. (This used to be commit 89fe059a6816f32d2cc5c4c04c4089b60590e7e6)
1998-04-22genrand.c: Improved generation of random values, more secure.Jeremy Allison1-3/+36
loadparm.c: Started add of 'security=domain' code. password.c: Fix for security=server NT bugs. reply.c: Started add of 'security=domain' code. server.c: Started add of 'security=domain' code. smb.h: Started add of 'security=domain' code. Jeremy. (This used to be commit e6bda112ebe0d41f54c4249b5c2e1f24011347e1)
1998-04-21Added cli_ulogoff() calls to all the exit code paths in security=server.Jeremy Allison1-0/+5
Jeremy. (This used to be commit 78d87a5bfdfc6d3f4428591d30294fe7d05d0f91)
1998-04-21clientgen.c: Added cli_ulogoff() call.Jeremy Allison1-0/+1
password.c: Added call to cli_ulogoff on successfull sessionsetup. Jeremy. (This used to be commit 77882f002b2a8203aad419e485fc885303d999a0)
1998-04-20Makefile: Added genrand.oJeremy Allison1-0/+10
clientgen.c: Changed to fill change password buffer with random stuff. password.c: Changed to get challenge from genrand.c server.c: Added #ifdef around O_SYNC. version.h: Changed to 1.9.19prealpha. genrand.c: New code to generate (hopefully) good random numbers for use in crypto challenges/session keys etc. PLEASE REVIEW THIS CODE AND SUGGEST IMPROVEMENTS !!!!!! Jeremy. (This used to be commit 608e98546392fd0aac9b33f4feac43615dbb4405)
1998-04-14Modified interfaces to getting smb password entries fromJeremy Allison1-2/+2
get_smbpwd_entry (now an internal function to smbpass.c) to a more UNIX-like : getsmbpwnam() - get entry by name. getsmbpwuid() - get entry by uid. Changed the type returned by the smbpasswd enumeration functions to be a void * so that people don't come to depend on it being a FILE *. These abstractions should make it much easier to replace the smbpasswd file with a better backend in future. Other files changed are to match the above changes. Jeremy. (This used to be commit 1161cfb7f2b0d5a6d3e2b524a14a6f325ce70efb)
1998-04-13Changes to allow Samba to be compiled with -Wstrict-prototypesJeremy Allison1-2/+2
with gcc. (Not a big change although it looks like it :-). Jeremy. (This used to be commit cd2613c57261456485fe4eeecfda209ada70de8e)
1998-04-09Added const cast to struct args to get rid of compile time warning.John Terpstra1-1/+1
(This used to be commit 5d956abb4f4ed22671dfb1c7cb51489ab280463f)
1998-03-17this isn't a big commit, it just looks like it :-)Andrew Tridgell1-11/+11
I needed the client_name() and client_addr() functions in swat so I could tell who was connecting from where. The problem was that these functions didn't take a file descriptor parameter they just used the global "Client". So I needed to change all calls to pass a parameter ... lots of files. (This used to be commit a776058900a727591bd7b69debdaa25c0e31d693)
1998-03-16Adding the same change as was added to 1.9.18 branch to add theJeremy Allison1-5/+4
"name resolve order" parameter. source/Makefile: Re-ordered link for name resolve order code. source/clientgen.c: source/clientutil.c: Added calls to resolve_name(). source/includes.h: Added HPUX zombie fix. source/loadparm.c: Added new name resolve order parameter. source/namequery.c: Re-wrote to include parsing of lmhosts file, new resolve_name() function requested by John. source/nmbd.c: Tell resolve_name not to do WINS lookups if we are the WINS server. source/nmbd_lmhosts.c: Call lmhosts parsing functions in namequery.c source/password.c: Call resolve_name() to lookup security=server name. source/reply.c: source/time.c: source/trans2.c: "fake directory create times" fix from Jim Hague - hague@research.canon.com.au. source/util.c: Removed isalnum() test in Get_Hostname() that seems to cause problems on many systems. Jeremy. (This used to be commit 7f118970da7c43eaddcf92dc056d3e849f1e7d5c)
1998-03-16includes.h: Addition of NetBSD 1.3 fix, fix for HPUX 9.x, 10.x zombieJeremy Allison1-0/+4
problem. password.c: Fix for Thursby to stop Dave clients failing in share mode security (this was their bug - they were interpreting the uid field in share mode which is explicitly denied by the spec but it's easier for us to fix it than them :-). Jeremy. (This used to be commit 39372d9e20803d32c0c5b87226a72b007978baad)
1998-03-12move setup_groups() into password.c so that swat can link withoutAndrew Tridgell1-0/+86
including server.o (This used to be commit 67bb8835c76e3efc43de55493971fe2402c0d709)
1998-03-11"For I have laboured mightily on Luke's code, and hath brokenJeremy Allison1-28/+75
all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)
1998-03-04Adding Korean and Traditional Chinese codepage support.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 2df47cf1bb3428fbaa8dcf45ec114ec3aaafae57)
1998-02-26Makefile, password.c, includes.h: Added KRB4 patches from Johan Hedin ↵Jeremy Allison1-0/+30
<johanh@fusion.kth.se> nmbd_packets.c: Patch for aliased interfaces from Daniel Haun <dhaun@ecf2.puc.edu>. Jeremy. (This used to be commit 60f6302b1972e49159bf6e1a838e691268e4399c)
1998-02-07A small raft of changes, I will sync up with 1.9.18 also.Jeremy Allison1-22/+39
chgpasswd.c: Fixed typo in debug message. includes.h: Fix include for aix. kanji.c: Added cap_to_sj as inverse of sj_to_cap. loadparm.c: local.h: password.c: Added code for "networkstation user login" parameter. - patch from Rob Nielsen <ran@adc.com>. printing.c: Added further aix printing fixes. reply.c: Changed access time fetch to a function. trans2.c: Changed access time fetch to a function. time.c: Changed access time fetch to a function. server.c: Made NT redirector workaround final. util.c: Added debug for write_socket failing. Jeremy. (This used to be commit a031404623c22d62f8de035be2239f609af08112)
1998-01-23Changed code that truncates salt after 2 characters so that it becomesJeremy Allison1-0/+3
HPUX specific. This fixes a bug with FreeBSD md5 crypt implementation that needs all of the password characters. It seems better to make this an HPUX specific thing. Jeremy. (This used to be commit 91a2b746d3fac261d4be3bd7afa3d5bb601b3d27)
1998-01-22This is *not* a big change (although it looks like one).Jeremy Allison1-1/+1
This is merely updating the Copyright statements from 1997 to 1998. It's a once a year thing :-). NO OTHER CHANGES WERE MADE. Jeremy. (This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c)
1998-01-10Following discussions with Cristian Gafton (Red Hat) we have decided to makeJohn Terpstra1-2/+8
PAM silent about it's actions. This reduced error logging for EVERY password validation request. Refer to password.c PAM section for further info. Fiels Affected: password.c (This used to be commit 7a1a8042dd005e26e610a16eaaa693f119b874c7)
1997-12-03allow users to disable the NetWkstaUserLogon call in server levelAndrew Tridgell1-0/+2
security by changing a setting in local.h or adding it to their Makefile. See comment in local.h (This used to be commit cc10fdf7583ec644850445ad96afd8b22b71e86f)
1997-12-02HPUX trusted systems need to use bigcrypt() not crypt()Andrew Tridgell1-0/+4
(This used to be commit 979eaf9e9c4dd58f1371597585d4cd64841febd0)
1997-11-10Rolled back tree state to 11:59pm 8th November 1997 EST toJeremy Allison1-1/+139
remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
1997-11-09attempting to mark up 32 bit error codes, needed for NT domains.Luke Leighton1-139/+1
separated out smb server-mode password validation into a separate file. added called and calling netbios names to client gen state: referenced section in rfc1002.txt. created workstation trust account checking code in ntclient.c there might be a bug in reply_session_setup_andX. i indented and added { } around single-line if statements: the lm password checking code now doesn't look right (around the GUEST_SESSSETUP bits). *no code semantics have been changed by the indentation process*. (This used to be commit f27966957fa7f16d337a4a58719239d036deab4c)
1997-11-06following a cvs error, i am rewriting this monster-commit. with bad grace.Luke Leighton1-1/+2
Modified Files: --------------- Makefile: adding extra files ipc.c : send_trans_reply() - alignment issue. this makes the alignment the same as that in NT. this should be looked at by people who understand the SMB stuff better than i. api_fd_commands[] - added samr and wkssvc pipes. loadparm.c : lp_domain_controller() changed to mean "samba is a domain controller". it's a "yes/no" parameter, now. no, it isn't used _anywhere_. namedbwork.c nameelect.c : if "domain controller = yes" then add SV_TYPE_DOMAIN_CTRL to the host _and_ workgroup announcements. yes, you must do both: nt does. namelogon.c : important NETLOGON bug in SAMLOGON request parsing, which may be the source of some people's problems with logging on to the Samba PDC. password.c : get_smbpwnam() renamed to get_smbpwd_entry(). pipes.c : added samr and wkssvc pipes. proto.h : usual. can we actually _remove_ proto.h from the cvs tree, and have it as one of the Makefile dependencies, or something? reply.c : get_smbpwnam() renamed to get_smbpwd_entry() - also changed response error code when logging in from a WORKSTATION$ account. yes, paul is right: we need to know when to return the right error code, and why. server.c : added call to reset_chain_pnum(). #ifdef NTDOMAIN added call to init_lsa_policy_hnd() #endif. jeremy, you'd be proud: i did a compile without NTDOMAIN, and caught a link error for this function. smb.h : defines and structures for samr and wkssvc pipes. smbpass.c : modified get_smbpwnam() to get_smbpwd_entry() and it now takes two arguments. one for the name; if this is null, it looks up by smb_userid instead. oh, by the way, smb_userids are actually domain relative ids (RIDs). concatenate a RID with the domain SID, and you have an internet globally unique way of identifying a user. we're using RIDs in the wrong way.... added mod_smbpwnam() function. this was based on code in smbpasswd.c rpc_pipes/lsaparse.c : added enum trusted domain parsing. this is incomplete: i need a packet trace to write it properly. rpc_pipes/pipe_hnd.c : added reset_chain_pnum() function. rpc_pipes/pipenetlog.c : get_smbpwnam() function renamed to get_smbpwd_entry(). arcfour() issues. removed capability of get_md4pw() function to automatically add workstation accounts. this should either be done using smbpasswd -add MACHINE$, or by using \PIPE\samr. rpc_pipes/pipe_util.c : create_pol_hnd() - creates a unique LSA Policy Handle. overkill function: uses a 64 bit sequence number; current unix time and the smbd pid. rpc_pipes/smbparse.c : arcfour() issues. smb_io_unistr2() should advance by uni_str_len not uni_max_len. smb_io_smb_hdr_rb() - request bind uses uint16 for the context id, and uint8 for the num_syntaxes. oops, i put these both as uint32s. Added Files: ------------ rpc_pipes/lsa_hnd.c : on the samr pipe, allocate and associate an LSA Policy Handle with a SID. you receive queries with the LSA Policy Handle, and have to turn this back into a SID in order to answer the query... rpc_pipes/pipesamr.c rpc_pipes/samrparse.c \PIPE\samr processing. samr i presume is the SAM Replication pipe. rpc_pipes/pipewkssvc.c rpc_pipes/wksparse.c \PIPE\wkssvc processing. the Workstation Service pipe? holy cow. (This used to be commit 1bd084b3e690eb26a1006d616075e53d711ecd2f)
1997-11-01a simple SMB torture tester. This will allow us to evaluate lockingAndrew Tridgell1-4/+1
techniques more accurately. (This used to be commit 054e3b2ae3a8cfb98fde72becef9b05de34d2ba7)
1997-10-21rewrote the password server code using the new clientgen.c clientAndrew Tridgell1-169/+106
interface The new code uses a source netbios name equal to the Samba servers name, not the client name. It also uses NetWkstaUserLogon to do a full network logon. This means it will honour the servers logon restrictions (such as login times etc). (This used to be commit 11de90f972f6d83974425e80014f54e15d495413)
1997-10-20util.c password.c :Luke Leighton1-35/+0
added automount_server() function which, if -DAUTOMOUNT is in use, returns the server name of the NIS auto.map entry. otherwise, it returns local_server. added use of automount_server() for a new substitution %N for NIS home server. this defaults, via automount_server(), to the same functionality as %L if -DAUTOMOUNT is not used. removed vuser->home_share. moved code that grabbed the servername into the separate function automount_server(). loadparm.c : created "logon drive" (default of "") created "logon home" (default of "\\%N\%U") changed default of "logon path" from NULL to "\\%N\%U\profile". ipc.c pipenetlog.c : use lp_logon_drive(), lp_logon_home() and lp_logon_path() in their now easier-to-use form (don't have to check if *lp_logon_path() and manually substitute a default of \\%L\%U and do a standard_sub_basic() on the result, because the default automatically does this. (This used to be commit c6c28a4c3c9010ff9d5eac4bad091189a786d5a0)
1997-10-20casting cleanupsAndrew Tridgell1-1/+1
(This used to be commit ab849a97821c9e1f199eea8ea2ec477687bed947)
1997-10-16Added Michael Johnsons' PAM modifications <johnsonm@redhat.com>John Terpstra1-12/+12
This patch has been checked over. JHT (This used to be commit c84a043f89ccba001597962cd03e2f2a634c4b08)
1997-10-15force the salt to be a maximum of 2 characters long in callsAndrew Tridgell1-0/+1
to crypt() This might solve some password problems, particulary on HPUX (This used to be commit 45f4ae4327a8836cad22bbf64f1effba6a6eb7f5)
1997-10-10Makefile:Luke Leighton1-45/+52
added credentials.c to smbd credentials.c: using credential structures instead of char* password.c uid.c server.c: added sid and attr to user_struct. smbdes.c: smbhash and str_to_key make public instead of private. pipes.c smb.h: lsa structures, sub-functions. proto.h: usual. (This used to be commit 87a0a944855a673d693d934e446bdc231b1c7f02)
1997-09-30dir.c: more pstrcpys.Jeremy Allison1-14/+31
local.h: Add OPLOCK_BREAK_TIMEOUT. password.c: Fix for paranoia password server security bug. proto.h: Updated. reply.c: Oplock changes. server.c: Massive oplock changes - nearly there.... smb.h: oplock definitions. util.c: Add local message processing queues for oplocks. Jeremy (jallison@whistle.com) (This used to be commit 92f1553db2cdf6f32881eb984a87050cf3e4760b)
1997-09-16add a castAndrew Tridgell1-1/+1
(This used to be commit e712c6ed61abeae5ec2acf99f109ad81e7a19978)
1997-09-16- change generate_challenge() to use md4 instead of desAndrew Tridgell1-11/+18
- move routines about a bit between smbencrypt.c and smbdes.c. Ensure that there is no entry point for normal DES operation - add the following comment: This code is NOT a complete DES implementation. It implements only the minimum necessary for SMB authentication, as used by all SMB products (including every copy of Microsoft Windows95 ever sold) In particular, it can only do a unchained forward DES pass. This means it is not possible to use this code for encryption/decryption of data, instead it is only useful as a "hash" algorithm. There is no entry point into this code that allows normal DES operation. I believe this means that this code does not come under ITAR regulations but this is NOT a legal opinion. If you are concerned about the applicability of ITAR regulations to this code then you should confirm it for yourself (and maybe let me know if you come up with a different answer to the one above) (This used to be commit 35b92e725f351c9a9f2846a6b55f71c234f187c7)
1997-09-14This commit does 3 main things:Andrew Tridgell1-22/+9
1) put the encryption code in by default, with no #ifdef. It is still disabled by default so you need to add "encrypt passwords = yes" in smb.conf but at least all binaries will have it. 2) cleanup the kanji code so it compiles with no warnings 3) get rid of lots of uses of ugly non-portable C code. The main offender being things like "register" but also remove uses of the "const" keyword as there are compilers out there that don't support it and even those that do often complain about its usage. Users don't like warnings :-( There is still some work to do. We need to replace the md4 code with our own implementation. The current code (from rfc1186) is PD but is not very portable. The new RFC (rfc1320) is more portable but adds copyright restrictions. I'll do a from-scratch MD4 soon. We also need to test that what I've implemented is portable. It should be, but I'm too tired right now to test it on anything other than intel linux. (This used to be commit db917c62c14315afe6f0745a8097c1bca25cbf07)
1997-09-04Fix from Frank Varnavas <varnavas@ny.ubs.com>.Jeremy Allison1-3/+17
We cannot use the same name as the client to the NT password server, as NT will drop client connections if the same client name connects twice. Instead, synthesize a name from our pid. and the remote machine name. Jeremy (jallison@whistle.com) (This used to be commit ebf9487a9a68c4d786449490627ee919622e6dbf)
1997-08-11spelling.Samba Release Account1-1/+1
lkcl (This used to be commit 7e326450cf5aeee704df9fb5e298b0fc353dfb8b)
1997-08-05Makefile: Added IRIX 6 target.Samba Release Account1-3/+3
loadparm.c: Fixed stupid static warnings with set_default_server_announce_type. password.c: Fixed char -> uchar cast warnings. nameservreply.c: Fixed group fade out code. Jeremy (jallison@whistle.com) (This used to be commit a2dd5c5a551547e83c707e63c0696c7724035501)
1997-07-28client.c: Added amanda fixes.Samba Release Account1-7/+9
clitar.c: Added amanda fixes. nameannounce.c: Removed redundent code. nameelect.c: Removed redundent code. nameserv.h: Removed redundent code. nameservresp.c: Removed redundent code. namework.c: Removed redundent code. password.c: Prevented crash if getpwnam fails. Jeremy (jallison@whistle.com) (This used to be commit 760fe30353de66e8e6571f8ff4ec1064261b5428)
1997-07-22charset.c: Fixed signed/unsigned issues.Samba Release Account1-0/+14
password.c: Fixed problem with MS-Exchange services. Jeremy (jallison@whistle.com) (This used to be commit e723dd3deec00a91568c5aa546374409ce7ba379)
1997-07-17Makefile: Added krb5 option from Nathan Neulinger <nneul@umr.edu>Samba Release Account1-1/+86
includes.h: Added krb5 option from Nathan Neulinger <nneul@umr.edu>, added SGI5 fix. password.c: Added krb5 option from Nathan Neulinger <nneul@umr.edu> quotas.c: Added inode quote fix. reply.c: removed redundent code. server.c: Changed error debug to 0, removed redundent check. util.c: Added close_low_fd() to become_daemon - fix for rsh from Johnathan Knight. Jeremy (jallison@whistle.com) (This used to be commit 256afb764828b0a6dad5529d62501bc9ea2807ee)
1997-07-03Fixes for UnixWare 2.x with shadow passwords fromSamba Release Account1-0/+9
Warren Young <tkennedy@cyberport.com>. (This used to be commit 885b42b44752249c85bb924c9ceefa5b710225da)
1997-06-18Fixed *really* stupid bug in register_vuid - only a problemSamba Release Account1-1/+1
on multi-user NT systems. Jeremy (jallison@whistle.com) (This used to be commit 6ca5c8ca3294cde56e28558bcb02c144225903d8)