From 4ab9d91428b66bd2fe407b0dba94f4130160b576 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 8 Dec 1999 21:43:03 +0000 Subject: ABOUT TIME!!!!!!!! damn, this one is bad. started, at least two days ago, to add an authentication mechanism to the smbd<->msrpc redirector/relay, such that sufficient unix / nt information could be transferred across the unix socket to do a become_user() on the other side of the socket. it is necessary that the msrpc daemon inherit the same unix and nt credentials as the smbd process from which it was spawned, until such time as the msrpc daemon receives an authentication request of its own, whereupon the msrpc daemon is responsible for authenticating the new credentials and doing yet another become_user() etc sequence. (This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489) --- source3/lsarpcd/lsarpcd_process.c | 117 ++++++++++++++++++++++++++++++++++---- 1 file changed, 107 insertions(+), 10 deletions(-) (limited to 'source3/lsarpcd') diff --git a/source3/lsarpcd/lsarpcd_process.c b/source3/lsarpcd/lsarpcd_process.c index f54c41bcb4..47a4f9a86c 100644 --- a/source3/lsarpcd/lsarpcd_process.c +++ b/source3/lsarpcd/lsarpcd_process.c @@ -290,15 +290,122 @@ void process_smb(char *inbuf, char *outbuf) } +BOOL get_user_creds(struct user_creds *usr) +{ + pstring buf; + int rl; + uint32 len; + BOOL new_con = False; + extern int Client; + uint32 status; + + CREDS_CMD cmd; + prs_struct ps; + + ZERO_STRUCTP(usr); + ZERO_STRUCT(cmd); + cmd.cred = usr; + + DEBUG(10,("get_user_creds: first request\n")); + + rl = read(Client, &buf, sizeof(len)); + + if (rl != sizeof(len)) + { + DEBUG(0,("Unable to read length\n")); + dump_data(0, buf, sizeof(len)); + return False; + } + + len = IVAL(buf, 0); + + if (len > sizeof(buf)) + { + DEBUG(0,("length %d too long\n", len)); + return False; + } + + rl = read(Client, buf, len); + + if (rl < 0) + { + DEBUG(0,("Unable to read from connection\n")); + return False; + } + +#ifdef DEBUG_PASSWORD + dump_data(100, buf, rl); +#endif + + /* make a static data parsing structure from the api_fd_reply data */ + prs_init(&ps, 0, 4, 0, True); + mem_create(ps.data, buf, 0, len, 0, False); + + if (!creds_io_cmd("creds", &cmd, &ps, 0)) + { + DEBUG(0,("Unable to parse credentials\n")); + mem_free_data(ps.data); + return False; + } + + mem_free_data(ps.data); + + if (ps.offset != rl) + { + DEBUG(0,("Buffer size %d %d!\n", ps.offset, rl)); + return False; + } + + switch (cmd.command) + { + case AGENT_CMD_CON: + case AGENT_CMD_CON_ANON: + { + new_con = True; + break; + } + case AGENT_CMD_CON_REUSE: + { + new_con = True; + break; + } + default: + { + DEBUG(0,("unknown command %d\n", cmd.command)); + return False; + } + } + + status = new_con ? 0x0 : 0x1; + + if (write(Client, &status, sizeof(status)) != + sizeof(status)) + { + return False; + } + + return new_con; +} /**************************************************************************** process commands from the client ****************************************************************************/ void lsarpcd_process(void) { + struct user_creds usr; + ZERO_STRUCT(static_pipe); fstrcpy(static_pipe.name, "lsarpc"); + + if (!get_user_creds(&usr)) + { + DEBUG(0,("authentication failed\n")); + free_user_creds(&usr); + return; + } + + free_user_creds(&usr); InBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN); OutBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN); @@ -308,7 +415,6 @@ void lsarpcd_process(void) InBuffer += SMB_ALIGNMENT; OutBuffer += SMB_ALIGNMENT; - max_recv = MIN(lp_maxxmit(),BUFFER_SIZE); /* re-initialise the timezone */ @@ -316,19 +422,10 @@ void lsarpcd_process(void) while (True) { - int deadtime = lp_deadtime()*60; int counter; int service_load_counter = 0; BOOL got_smb = False; - if (deadtime <= 0) - deadtime = DEFAULT_SMBD_TIMEOUT; - -#if USE_READ_PREDICTION - if (lp_readprediction()) - do_read_prediction(); -#endif - errno = 0; for (counter=SMBD_SELECT_LOOP; -- cgit