From 4ab9d91428b66bd2fe407b0dba94f4130160b576 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 8 Dec 1999 21:43:03 +0000 Subject: ABOUT TIME!!!!!!!! damn, this one is bad. started, at least two days ago, to add an authentication mechanism to the smbd<->msrpc redirector/relay, such that sufficient unix / nt information could be transferred across the unix socket to do a become_user() on the other side of the socket. it is necessary that the msrpc daemon inherit the same unix and nt credentials as the smbd process from which it was spawned, until such time as the msrpc daemon receives an authentication request of its own, whereupon the msrpc daemon is responsible for authenticating the new credentials and doing yet another become_user() etc sequence. (This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489) --- source3/utils/smb-agent.c | 69 +++++++++++++++++++---------------------------- 1 file changed, 28 insertions(+), 41 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/smb-agent.c b/source3/utils/smb-agent.c index 96c43cadaf..2ecfdba7e2 100644 --- a/source3/utils/smb-agent.c +++ b/source3/utils/smb-agent.c @@ -53,23 +53,25 @@ static void free_sock(void *sock) } } + static struct cli_state *init_client_connection(int c) { pstring buf; - uchar ntpw[16]; - uchar lmpw[16]; - fstring srv_name; - struct user_credentials usr; - char *p = buf; + struct user_creds usr; int rl; uint32 len; - uint16 version; - uint16 command; BOOL new_con = False; + CREDS_CMD cmd; + prs_struct ps; + BOOL reuse = False; + + ZERO_STRUCT(usr); + ZERO_STRUCT(cmd); + cmd.cred = &usr; ZERO_STRUCT(usr); - DEBUG(10,("first request\n")); + DEBUG(10,("init_client_connection: first request\n")); rl = read(c, &buf, sizeof(len)); @@ -99,39 +101,26 @@ static struct cli_state *init_client_connection(int c) #ifdef DEBUG_PASSWORD dump_data(100, buf, rl); #endif - version = SVAL(p, 0); - p += 2; - command = SVAL(p, 0); - p += 2; - - fstrcpy(srv_name, p); - p = skip_string(p, 1); - fstrcpy(usr.user_name, p); - p = skip_string(p, 1); - fstrcpy(usr.domain, p); - p = skip_string(p, 1); - - if (PTR_DIFF(p, buf) < rl) - { - memcpy(lmpw, p, 16); - p += 16; - memcpy(ntpw, p, 16); - p += 16; - pwd_set_lm_nt_16(&usr.pwd, lmpw, ntpw); - } - else + /* make a static data parsing structure from the api_fd_reply data */ + prs_init(&ps, 0, 4, 0, True); + mem_create(ps.data, buf, 0, len, 0, False); + + if (!creds_io_cmd("creds", &cmd, &ps, 0)) { - pwd_set_nullpwd(&usr.pwd); + DEBUG(0,("Unable to parse credentials\n")); + mem_free_data(ps.data); + return NULL; } - if (PTR_DIFF(p, buf) != rl) + mem_free_data(ps.data); + + if (ps.offset != rl) { - DEBUG(0,("Buffer size %d %d!\n", - PTR_DIFF(p, buf), rl)); + DEBUG(0,("Buffer size %d %d!\n", ps.offset, rl)); return NULL; } - switch (command) + switch (cmd.command) { case AGENT_CMD_CON: { @@ -141,12 +130,12 @@ static struct cli_state *init_client_connection(int c) case AGENT_CMD_CON_REUSE: { new_con = True; - usr.reuse = True; + reuse = True; break; } default: { - DEBUG(0,("unknown command %d\n", command)); + DEBUG(0,("unknown command %d\n", cmd.command)); return NULL; } } @@ -154,11 +143,11 @@ static struct cli_state *init_client_connection(int c) if (new_con) { struct cli_state *n; - n = cli_net_use_add(srv_name, &usr, False); + n = cli_net_use_add(cmd.name, &usr.ntc, False, reuse); if (n == NULL) { - DEBUG(0,("Unable to connect to %s\n", srv_name)); + DEBUG(0,("Unable to connect to %s\n", cmd.name)); return NULL; } @@ -173,7 +162,7 @@ static struct cli_state *init_client_connection(int c) if (write(c, n, sizeof(*n)) < 0) { DEBUG(0,("Could not write connection down pipe.\n")); - cli_net_use_del(srv_name, &usr, False, NULL); + cli_net_use_del(cmd.name, &usr.ntc, False, NULL); return NULL; } return n; @@ -305,8 +294,6 @@ static BOOL process_srv_sock(struct sock_redir **socks, uint32 num_socks, static int get_agent_sock(char *id) { - int s; - struct sockaddr_un sa; fstring path; fstring dir; -- cgit