From bd529d7a83c35be233baca09bc79aa911ad443ce Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 6 Nov 1997 23:03:58 +0000 Subject: following a cvs error, i am rewriting this monster-commit. with bad grace. Modified Files: --------------- Makefile: adding extra files ipc.c : send_trans_reply() - alignment issue. this makes the alignment the same as that in NT. this should be looked at by people who understand the SMB stuff better than i. api_fd_commands[] - added samr and wkssvc pipes. loadparm.c : lp_domain_controller() changed to mean "samba is a domain controller". it's a "yes/no" parameter, now. no, it isn't used _anywhere_. namedbwork.c nameelect.c : if "domain controller = yes" then add SV_TYPE_DOMAIN_CTRL to the host _and_ workgroup announcements. yes, you must do both: nt does. namelogon.c : important NETLOGON bug in SAMLOGON request parsing, which may be the source of some people's problems with logging on to the Samba PDC. password.c : get_smbpwnam() renamed to get_smbpwd_entry(). pipes.c : added samr and wkssvc pipes. proto.h : usual. can we actually _remove_ proto.h from the cvs tree, and have it as one of the Makefile dependencies, or something? reply.c : get_smbpwnam() renamed to get_smbpwd_entry() - also changed response error code when logging in from a WORKSTATION$ account. yes, paul is right: we need to know when to return the right error code, and why. server.c : added call to reset_chain_pnum(). #ifdef NTDOMAIN added call to init_lsa_policy_hnd() #endif. jeremy, you'd be proud: i did a compile without NTDOMAIN, and caught a link error for this function. smb.h : defines and structures for samr and wkssvc pipes. smbpass.c : modified get_smbpwnam() to get_smbpwd_entry() and it now takes two arguments. one for the name; if this is null, it looks up by smb_userid instead. oh, by the way, smb_userids are actually domain relative ids (RIDs). concatenate a RID with the domain SID, and you have an internet globally unique way of identifying a user. we're using RIDs in the wrong way.... added mod_smbpwnam() function. this was based on code in smbpasswd.c rpc_pipes/lsaparse.c : added enum trusted domain parsing. this is incomplete: i need a packet trace to write it properly. rpc_pipes/pipe_hnd.c : added reset_chain_pnum() function. rpc_pipes/pipenetlog.c : get_smbpwnam() function renamed to get_smbpwd_entry(). arcfour() issues. removed capability of get_md4pw() function to automatically add workstation accounts. this should either be done using smbpasswd -add MACHINE$, or by using \PIPE\samr. rpc_pipes/pipe_util.c : create_pol_hnd() - creates a unique LSA Policy Handle. overkill function: uses a 64 bit sequence number; current unix time and the smbd pid. rpc_pipes/smbparse.c : arcfour() issues. smb_io_unistr2() should advance by uni_str_len not uni_max_len. smb_io_smb_hdr_rb() - request bind uses uint16 for the context id, and uint8 for the num_syntaxes. oops, i put these both as uint32s. Added Files: ------------ rpc_pipes/lsa_hnd.c : on the samr pipe, allocate and associate an LSA Policy Handle with a SID. you receive queries with the LSA Policy Handle, and have to turn this back into a SID in order to answer the query... rpc_pipes/pipesamr.c rpc_pipes/samrparse.c \PIPE\samr processing. samr i presume is the SAM Replication pipe. rpc_pipes/pipewkssvc.c rpc_pipes/wksparse.c \PIPE\wkssvc processing. the Workstation Service pipe? holy cow. (This used to be commit 1bd084b3e690eb26a1006d616075e53d711ecd2f) --- source3/smbd/ipc.c | 4 +++- source3/smbd/password.c | 3 ++- source3/smbd/pipes.c | 4 ++++ source3/smbd/reply.c | 14 +++++++++----- source3/smbd/server.c | 6 ++++++ 5 files changed, 24 insertions(+), 7 deletions(-) (limited to 'source3/smbd') diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index 1943129ba6..ce14ccd9bc 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -144,7 +144,7 @@ static void send_trans_reply(char *outbuf,char *data,char *param,uint16 *setup, this_lparam = MIN(lparam,max_send - (500+lsetup*SIZEOFWORD)); /* hack */ this_ldata = MIN(ldata,max_send - (500+lsetup*SIZEOFWORD+this_lparam)); - align = (this_lparam%4); + align = (this_lparam%4)+1; set_message(outbuf,10+lsetup,align+this_ldata+this_lparam,True); if (this_lparam) @@ -2872,7 +2872,9 @@ struct { #ifdef NTDOMAIN { "TransactNmPipe", "lsarpc", "lsass", 0x26, api_ntLsarpcTNP }, + { "TransactNmPipe", "samr", "lsass", 0x26, api_samrTNP }, { "TransactNmPipe", "srvsvc", "lsass", 0x26, api_srvsvcTNP }, + { "TransactNmPipe", "wkssvc", "ntsvcs", 0x26, api_wkssvcTNP }, { "TransactNmPipe", "NETLOGON", "NETLOGON", 0x26, api_netlogrpcTNP }, { NULL, NULL, NULL, -1, (BOOL (*)())api_Unsupported } #else diff --git a/source3/smbd/password.c b/source3/smbd/password.c index b759f68430..185fc68f5a 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -887,7 +887,8 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) return(False); } - smb_pass = get_smbpwnam(user); + /* non-null username indicates search by username not smb userid */ + smb_pass = get_smbpwd_entry(user, 0); if (!smb_pass) { DEBUG(3,("Couldn't find user %s in smb_passwd file.\n", user)); diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c index 4a2e185cb4..e2f704e6af 100644 --- a/source3/smbd/pipes.c +++ b/source3/smbd/pipes.c @@ -57,6 +57,8 @@ char * known_pipes [] = #if NTDOMAIN "NETLOGON", "srvsvc", + "wkssvc", + "samr", #endif NULL }; @@ -139,6 +141,8 @@ int reply_pipe_close(char *inbuf,char *outbuf) int cnum = SVAL(inbuf,smb_tid); int outsize = set_message(outbuf,0,0,True); + DEBUG(5,("reply_pipe_close: pnum:%x cnum:%x\n", pnum, cnum)); + if (!close_rpc_pipe_hnd(pnum, cnum)) return(ERROR(ERRDOS,ERRbadfid)); return(outsize); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 46425861d4..e8d79b098c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -498,7 +498,8 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* If name ends in $ then I think it's asking about whether a */ /* computer with that name (minus the $) has access. For now */ /* say yes to everything ending in $. */ - if (user[strlen(user) - 1] == '$') { + if (user[strlen(user) - 1] == '$') + { #ifdef NTDOMAIN struct smb_passwd *smb_pass; /* To check if machine account exists */ /* @@ -511,15 +512,18 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) a domain. This may be the source of future bugs if we cannot be sure whether to reject this or not. */ - smb_pass = get_smbpwnam(user); - if(smb_pass) + /* non-null user name indicates search by username not by smb userid */ + smb_pass = get_smbpwd_entry(user, 0); + + if (!smb_pass) { /* PAXX: This is the NO LOGON workstation trust account stuff */ - DEBUG(4,("Rejecting workstation trust account %s",user)); + DEBUG(4,("No Workstation trust account %s",user)); SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ - return(ERROR(NT_STATUS_ALLOTTED_SPACE_EXCEEDED, 0xc000)); /* 0x99 NT error, 0xc00 */ + return(ERROR(NT_STATUS_LOGON_FAILURE, 0xc000)); /* 0x109 NT error, 0xc000 */ } + computer_id = True; #else /* not NTDOMAIN, leave this in. PAXX: Someone get rid of this */ user[strlen(user) - 1] = '\0'; diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 3c128872e6..e4e5872035 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -4732,6 +4732,7 @@ int construct_reply(char *inbuf,char *outbuf,int size,int bufsize) chain_size = 0; chain_fnum = -1; + reset_chain_pnum(); bzero(outbuf,smb_size); @@ -4943,6 +4944,11 @@ static void init_structs(void ) /* for RPC pipes */ init_rpc_pipe_hnd(); +#ifdef NTDOMAIN + /* for LSA handles */ + init_lsa_policy_hnd(); +#endif + init_dptrs(); } -- cgit