summaryrefslogtreecommitdiff
path: root/source3/smbd/password.c
AgeCommit message (Collapse)AuthorFilesLines
2000-02-15Added replacement functions sys_popen and sys_pclose. These are basedJeremy Allison1-5/+1
on the glibc source code and are safer than the traditional popen as they don't use a shell to exec the requested command. Now we have these functions they can be tightened up (environment etc.) as required to make a safe popen. It should now be safe to add the environement variable loading code to loadparm.c Jeremy. (This used to be commit b52e92b09d4ca3b66e534f520468dee27065d048)
2000-01-07this looks like a big commit, but it isn't really :)Andrew Tridgell1-1/+0
This fixes our netbios scope handling. We now have a 'netbios scope' option in smb.conf and the scope option is removed from make_nmb_name() this was prompted by a bug in our PDC finding code where it didn't append the scope to the query of the '*' name. (This used to be commit b563be824b8c3141c49558eced7829b48d4ab26f)
2000-01-04Fixed getgrent() recurse problem.Jeremy Allison1-8/+45
Jeremy. (This used to be commit b5420f6152d5df415231cb3fdf614542dbbd7db3)
2000-01-03added suppport for unexpected udp/138 packetsAndrew Tridgell1-75/+88
I also fixed up the lookup_pdc_name() code so that it now works, even with a NT server that insists on replying to udp/138. The method I used to match packets was to use the mailslot string as a datagram ID. The true dgm_id doesn't work as NT doesn't set it correctly. uggh. PS: Jeremy, I had to change your code quite a bit, are you sure this worked with a Samba PDC?? The code looked broken, it got the offsets wrong in the SMB portion of the packet and filled in the IP incorrectly. (This used to be commit 32f66f4ea63038cb4b3785bdf1762abdde076f5d)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-88/+954
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-12-12changed function name of get_home_dir() to get_unixhome_dir(), to stopLuke Leighton1-1/+1
clash with gnu readline library. fixed issue with [homes] service not being there - call lp_add_home() just before starting the msrpc processing. (This used to be commit 054195df9b6187c663ede5cf4489499abbdc29fc)
1999-12-12final part of "first" phase converting over to msrpc daemon architecture.Luke Leighton1-129/+0
done a minimal amout of clean-up in the Makefile, removing unnecessary modules from the link stage. this is not complete, yet, and will involve some changes, for example to smbd, to remove dependencies on the password database API that shouldn't be there. for example, smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa API. this first implementation has minor problems with not reinstantiating the same services as the caller. the "homes" service is a good example. (This used to be commit caa50525220b0d0250fa139367593c2de2c12135)
1999-12-12delineation between smb and msrpc more marked. smbd now constructsLuke Leighton1-5/+5
pdus, and then feeds them over either a "local" function call or a "remote" function call to an msrpc service. the "remote" msrpc daemon, on the other side of a unix socket, then calls the same "local" function that smbd would, if the msrpc service were being run from inside smbd. this allows a transition from local msrpc services (inside the same smbd process) to remote (over a unix socket). removed reference to pipes_struct in msrpc services. all msrpc processing functions take rpcsrv_struct which is a structure containing state info for the msrpc functions to decode and create pdus. created become_vuser() which does everything not related to connection_struct that become_user() does. removed, as best i could, connection_struct dependencies from the nt spoolss printing code. todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific info on a per-connection basis, and if the connection dies then so does the info, and that's a fairly serious problem. had to put pretty much everything that is in user_struct into parse_creds.c to feed unix user info over to the msrpc daemons. why? because it's expensive to do unix password/group database lookups, and it's definitely expensive to do nt user profile lookups, not to mention pretty difficult and if you did either of these it would introduce a complication / unnecessary interdependency. so, send uid/gid/num_groups/gid_t* + SID+num_rids+domain_group_rids* + unix username + nt username + nt domain + user session key etc. this is the MINIMUM info identified so far that's actually implemented. missing bits include the called and calling netbios names etc. (basically, anything that can be loaded into standard_sub() and standard_sub_basic()...) (This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
1999-12-06the first independent msrpc daemon - lsarpcd.Luke Leighton1-501/+0
one horrible cut / paste job from smbd, plus a code split of shared components between the two. the job is not _yet_ complete, as i need to be able to do a become_user() call for security reasons. i picked lsarpcd first because you don't _need_ security on it (microsoft botched so badly on this one, it's not real. at least they fixed this in nt5 with restrictanonymous=0x2). fixing this involves sending the current smb and unix credentials down the unix pipe so that the daemon it eventually goes to can pick them up at the other end. i can't believe this all worked!!! (This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)
1999-12-02domain_client_validate() no longer takes serverlist, it callsLuke Leighton1-3/+10
get_any_dc_name(). (This used to be commit e21367c0ebdc5e202cdc39d50950bff089bf67f8)
1999-12-01cli_session_setup() now takes an extra argument (host name). hey, whatLuke Leighton1-2/+4
the heck is a cli_session_setup() call doing in here??? this should use cli_establish_connection()server! (This used to be commit fa054c96c62ed0f0a0c6649a7ad7a143fe09694b)
1999-11-29attempting to resolve the issue that multiple servers often specified inLuke Leighton1-53/+11
parameters to connect to \PIPE\NETLOGON. (This used to be commit d1986ade30bdcac1f49707221a3e5a5ae597ce62)
1999-11-21implement server-side generation of NTLMv2 session key. YESSS :-)Luke Leighton1-11/+26
(This used to be commit 1092b4f6fbdf3770c0dab756b982a562def1738e)
1999-11-21hmmm... have to add client-side support in domain_client_validate() toLuke Leighton1-2/+3
_use_ user session key. (This used to be commit be6a6b13939798a9c7242b38864f0ce842391a74)
1999-11-21adding user session key into network netlogon response.Luke Leighton1-12/+12
(This used to be commit c73f6b0d02fa7700319ba696f54296006167e5d1)
1999-11-20oops, #ifdef'd cli_shutdown out, as the fun has _already_ started:Luke Leighton1-2/+1
NT refuses to play nice, and establish a trust relationship. (This used to be commit 98c42764fba365d612a8ae4b3172b03367066112)
1999-11-20attempting to establish inter-domain trust relationships. modifiedLuke Leighton1-0/+2
smbpasswd so it can be used to set up inter-domain trust account. (This used to be commit 99ec0620c3bf4af96440c684f880d414659de2e9)
1999-11-20modified domain_client_validate to take trust account name / type. thisLuke Leighton1-5/+10
is to pass DOMAIN_NAME$ and SEC_CHAN_DOMAIN instead of WKSTA_NAME$ and SEC_CHAN_WKSTA. modified check_domain_security to determine if domain name is own domain, and to use wksta trust account if so, otherwise check "trusting domains" parameter and use inter-domain trust account if so, otherwise return False. (This used to be commit 97ec74e1fa99d773812d2df402251fafb76b181c)
1999-10-29cli_nt_setup_creds() returns uint32 NT status code not a BOOL.Luke Leighton1-3/+4
removed all comparisons to if (fn() == False), replaced with if (!fn()). (This used to be commit fdef97eb7c20a33b26104661cd010baebcb4bdcd)
1999-10-21various. debug levels changed. nmbd doesn't need libsmb/clienttrust.c.Luke Leighton1-1/+1
samr_lookup_rids() moved to a dynamic memory structure not a static one limited to 32 RIDs. cli_pipe.c reading wasn't checking ERRmoredata when DOS error codes negotiated (this terminates MSRPC code with prejudice). (This used to be commit 8976eca2db43576c32069dcda017e8777048e007)
1999-07-16NTLMv2 check being actioned when NT password response was only 24 chars.Luke Leighton1-1/+1
added check to ensure response is more than 24 chars before bothering to do an NTLMv2 check. (This used to be commit 7a58895ff26fcad09ee45de99086739bf5761fd9)
1999-07-16copy of password struct needed to be made prior to calling copy_passwd_structLuke Leighton1-6/+8
found by Bertl <bs@vpnet.at>. (This used to be commit 93298bca1c573532c5250c84bac39cf9214ba3b5)
1999-07-15added %d %d to error message, try to track down the uid / smb_uid mismatchLuke Leighton1-2/+2
(This used to be commit ec918ba144e7c1bd1689007143ca2b8bee604768)
1999-07-07oops, refused lm when ntlmv2 was true not false/auto. oops!Luke Leighton1-1/+1
(This used to be commit 6b4b24d2208b1b076dfc2f7202917ca0acaeb398)
1999-07-06smb_password_ok() checking incorrectly whether lm password exists.Luke Leighton1-13/+16
when lmcompatibilitylevel=0x2 on nt sp4+ clients, lm# is not sent. (This used to be commit e655e68474dd0234b49c23a07d9cb8bdd8f6016a)
1999-06-29improving authentication code (tidyup).Luke Leighton1-45/+102
(This used to be commit ab1a6aa42db5217f025941fb5107436556bc23b7)
1999-06-13Moved code that changes the pw_passwd entry (i.e shadow password andTim Potter1-2/+2
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug. Note that the Get_Pwnam() function now returns a const struct passwd * as a hint to other developers not to change entries in the struct passwd. (This used to be commit 36d7cb4ccc42268e8e6a7b783c945d1853624958)
1999-05-06Jani Jaakkola's "getpwuid() / getpwnam()" hash-cache-hackLuke Leighton1-1/+1
(This used to be commit 899fc053c50448db65092d9f25fea99433cfb29f)
1999-03-25SAM database "set user info".Luke Leighton1-13/+24
---------------------------- - removed DOM_RID4 - removed SAMR_UNKNOWN_32 - added SAMR_SET_USERINFO (opcode 0x32) - added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user) - fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - added mod_sam21pwd_entry() - preparing to call mod_sam21pwd_entry() - added "user session key" to user_struct.dc. this is md4(nt#) and is needed to decode user's clear-text passwords in SAMR_SET_USERINFO. - split code out in chgpasswd.c to decode 516 byte password buffers. (This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)
1999-03-19going to start adding inter-domain trust logons soon.Luke Leighton1-123/+130
(This used to be commit f9f594c03e220a0d902c5c3c5835948348b19fee)
1999-03-12cli_setup_creds new arguments added.Luke Leighton1-1/+3
(This used to be commit 5fa3a3f710cfd3a51641d560a96bd08f92afca32)
1998-12-14server_cryptkey() now calling cli_connectserverlist(). stupid microsoftLuke Leighton1-74/+4
idiotic *SMBSERVER connectionism added to cli_connect_serverlist(). also added check for protocol < LANMAN2. (This used to be commit c2bcb3a286f22ed4f0f55da2a3eb2bff17906fb1)
1998-12-07removed nt_pipe_fnum from struct cli_state. need to be able to callLuke Leighton1-9/+10
LsaLookupSids etc from within SamrQueryAliasMembers, for example. fnum is now a parameter to client functions. thanks to mike black for starting the ball rolling. (This used to be commit bee8f7fa6b0f7f995f71303f4e14a4aaed0c2437)
1998-12-03moved get_unixgroups it will be needed by the unix instance of the groupLuke Leighton1-49/+0
DB API (This used to be commit ef58e48bc9af338ed6c734205d4faf82371284ac)
1998-11-29weekend work. user / group database API.Luke Leighton1-6/+6
- split sam_passwd and smb_passwd into separate higher-order function tables - renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user" plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd password databases to fill in the blank entries that are not obtained from whatever password database API instance is being used. NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c for the only example outside of the password database APIs i could find. - added query_useraliases code to rpcclient. - dealt with some nasty interdependencies involving non-smbd programs and the password database API. this is still not satisfactorily resolved completelely, but it's the best i can do for now. - #ifdef'd out some password database options so that people don't mistakenly set them unless they recompile to _use_ those options. lots of debugging done, it's still not finished. the unix/NT uid/gid and user-rid/group-rid issues are better, but not perfect. the "BUILTIN" domain is still missing: users cannot be added to "BUILTIN" groups yet, as we only have an "alias" db API and a "group" db API but not "builtin-alias" db API... (This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
1998-11-21try to use *SMBSERVER to connect to password server if the firstAndrew Tridgell1-13/+11
session_request fails. (This used to be commit ab2370e7ac770f1e32b8d726ab955457fcc8c2d7)
1998-11-21smbd/password.c: Added *SMBSERVER fix is name is too long.Jeremy Allison1-1/+9
web/swat.c: Changed '?' to help. Jeremy. (This used to be commit 631913ea856926a77304692c74a1bd27faead179)
1998-11-17Added the same open()/fopen()/creat()/mmap() -> sys_XXX calls.Jeremy Allison1-1/+1
Tidied up some of the mess (no other word for it). Still doesn't compile cleanly. There are calls with incorrect parameters that don't seem to be doing the right thing. This code still needs surgery :-(. Jeremy. (This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-106/+8
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-11-09converted smbclient to use clientgen.c rather than clientutil.cAndrew Tridgell1-1/+0
I did this when I saw yet another bug report complaining about smbclient intermittently missing files. Rather than applying more patches to smbclient it was better to move to the more robust clientgen.c code. The conversion wasn't perfect, I probably lost some features of smbclient while doing it, but at least smbclient should be consistent now. It if fails it should _always_ fail rather than giving people the false impression of a reliable utility. the tar stuff seems to work, but hasn't had much testing as I never use it myself. I'm sure someone will find bugs in my conversion of smbtar.c. It was quite tricky as it did a lot of its own SMB calls. It now uses clientgen.c exclusively. smbclient is still quite messy, but at least it doesn't build its own SMB packets. I haven't touched smbmount as I never use it. Mike, do you want to convert smbmount to use clientgen.c? (This used to be commit e14ca7765ace1b721dad8eca4a527a4e4a8f1ab8)
1998-11-07codepages/codepage_def.936: Updated comment.Jeremy Allison1-89/+73
param/loadparm.c: Removed "networkstation user login", "domain controller", and "domain sid" parameters. passdb/passdb.c: Removed "networkstation user login" code and changed bug test code to only check once for a bad password server. This will stop the complaints of many "bad login" audit records in NT PDC logs. utils/smbpasswd.c: Removed check for "domain controller". Jeremy. (This used to be commit d6e6e936b5dd90dd8fc38d9404efbe5c546c15e5)
1998-10-21Fixed mainly signed/unsigned issues found by SGI cc in -fullwarn mode.Jeremy Allison1-3/+4
smbd/chgpasswd.c: Fixed (my) stupid bug where I was returning stack based variables. Doh ! smbd/trans2.c: Allows SETFILEINFO as well as QFILEINFO on directory handles. Jeremy. (This used to be commit 0b44d27d0b5cc3948a6c2d78370ccddf1a84cd80)
1998-10-19- dce/rpc codeLuke Leighton1-7/+16
- removed debug info in struni2 and unistr2 (security risk) - rpc_pipe function was getting pointer to data then calling realloc *dur* - password check function, the start of "credential checking", user, wks, domain, pass as the credentials (not just user,pass which is incorrect in a domain context) - cli_write needs to return ssize_t not size_t, because total can be -1 if the write fails. - fixed signed / unsigned warnings (how come i don't get those any more when i compile with gcc???) - nt password change added in smbd. yes, jeremy, i verified that the SMBtrans2 version still works. (This used to be commit fcfb40d2b0fc565ee4f66b3a3761c246366a2ef3)
1998-10-16!pass -> pass != NULL is wrong: !pass -> pass == NULL is correct. oops.Luke Leighton1-2/+2
(This used to be commit 866e1018180a70ff2ffa39e6a5ce5f187eca2764)
1998-10-16made pass_check_smb() available for dce/rpc use.Luke Leighton1-25/+34
(This used to be commit 95e8a910c5d9ba0ef57669fb1256eaa932e0bb09)
1998-10-16cli_nt_session_open() encrypt arg removedLuke Leighton1-1/+1
(This used to be commit 63def717992695ed4a4933c2605abe26086fb8c7)
1998-10-16setup_groups() - code clarification. no functional change.Luke Leighton1-13/+19
(This used to be commit dae7c5ea9a139552e1722357172fa1ad0c4a7143)
1998-10-15rpcclient interactive login (with trust account changing if you are root)Luke Leighton1-23/+2
cli_session_setup handles null sessions correctly (This used to be commit 60c0f22a4e84703467006dfe1971384a6294a9aa)
1998-10-15config: Fix crypt prototype on RedHat Linux.Jeremy Allison1-4/+10
include/includes.h: Fix crypt prototype on RedHat Linux. smbd/fileio.c: Fix mmap bug found by WinCE client. smbd/ipc.c: Fix WinCE wierdness with pipes being opened as \server\pipe\lanman smbd/password.c: Fix encrypted null passwords. Jeremy. (This used to be commit 475992730c0ecbf31c09b3518df2f0354cec61da)
1998-10-14dce/rpcLuke Leighton1-4/+4
(This used to be commit 69f5f9f88935de1f63ffc9aa19c0629b395e66e6)