/*
- * Unix SMB/Netbios implementation.
- * Version 1.9.
+ * Unix SMB/CIFS implementation.
* RPC Pipe client / server routines
* Copyright (C) Andrew Tridgell 1992-1998
* Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
#include "includes.h"
-extern int DEBUGLEVEL;
-
static void NTLMSSPcalc_p( pipes_struct *p, unsigned char *data, int len)
{
unsigned char *hash = p->ntlmssp_hash;
int nt_pw_len;
int lm_pw_len;
fstring user_name;
- fstring pipe_user_name;
fstring domain;
fstring wks;
- BOOL guest_user = False;
- SAM_ACCOUNT *sampass = NULL;
- uchar null_smb_passwd[16];
- uchar *smb_passwd_ptr = NULL;
-
+
+ NTSTATUS nt_status;
+
+ struct auth_context *auth_context = NULL;
+ auth_usersupplied_info *user_info = NULL;
+ auth_serversupplied_info *server_info = NULL;
+
+ uid_t uid;
+ uid_t gid;
+
DEBUG(5,("api_pipe_ntlmssp_verify: checking user details\n"));
memset(p->user_name, '\0', sizeof(p->user_name));
/* Set up for non-authenticated user. */
delete_nt_token(&p->pipe_user.nt_user_token);
p->pipe_user.ngroups = 0;
- safe_free( p->pipe_user.groups);
+ SAFE_FREE( p->pipe_user.groups);
/*
* Setup an empty password for a guest user.
*/
- memset(null_smb_passwd,0,16);
-
/*
* We always negotiate UNICODE.
*/
rpcstr_pull(domain, ntlmssp_resp->domain, sizeof(fstring), ntlmssp_resp->hdr_domain.str_str_len*2, 0);
rpcstr_pull(wks, ntlmssp_resp->wks, sizeof(fstring), ntlmssp_resp->hdr_wks.str_str_len*2, 0);
} else {
- fstrcpy(user_name, ntlmssp_resp->user);
- fstrcpy(domain, ntlmssp_resp->domain);
- fstrcpy(wks, ntlmssp_resp->wks);
+ pull_ascii_fstring(user_name, ntlmssp_resp->user);
+ pull_ascii_fstring(domain, ntlmssp_resp->domain);
+ pull_ascii_fstring(wks, ntlmssp_resp->wks);
}
DEBUG(5,("user: %s domain: %s wks: %s\n", user_name, domain, wks));
* Allow guest access. Patch from Shirish Kalele <kalele@veritas.com>.
*/
- if((strlen(user_name) == 0) &&
- (ntlmssp_resp->hdr_nt_resp.str_str_len==0))
- {
- guest_user = True;
-
- fstrcpy(pipe_user_name, lp_guestaccount(-1));
- DEBUG(100,("Null user in NTLMSSP verification. Using guest = %s\n", pipe_user_name));
-
- smb_passwd_ptr = null_smb_passwd;
-
- } else {
-
- /*
- * Pass the user through the NT -> unix user mapping
- * function.
- */
-
- fstrcpy(pipe_user_name, user_name);
- (void)map_username(pipe_user_name);
+ if (*user_name) {
/*
* Do the length checking only if user is not NULL.
return False;
}
+
+ make_auth_context_fixed(&auth_context, (uchar*)p->challenge);
- if(!guest_user) {
-
- become_root();
-
- p->ntlmssp_auth_validated =
- NT_STATUS_IS_OK(pass_check_smb_with_chal(pipe_user_name, NULL, domain,
- (uchar*)p->challenge,
- lm_owf, lm_pw_len,
- nt_owf, nt_pw_len));
- if (!p->ntlmssp_auth_validated) {
- DEBUG(1,("api_pipe_ntlmssp_verify: User %s\\%s from machine %s \
-failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name ));
- unbecome_root();
- return False;
- }
-
- pdb_init_sam(&sampass);
-
- if(!pdb_getsampwnam(sampass, pipe_user_name)) {
- DEBUG(1,("api_pipe_ntlmssp_verify: Cannot find user %s in smb passwd database.\n",
- pipe_user_name));
- pdb_free_sam(sampass);
- unbecome_root();
- return False;
- }
-
- unbecome_root();
-
- /* Quit if the account was disabled. */
- if((pdb_get_acct_ctrl(sampass) & ACB_DISABLED) || !pdb_get_lanman_passwd(sampass)) {
- DEBUG(1,("Account for user '%s' was disabled.\n", pipe_user_name));
- pdb_free_sam(sampass);
- return False;
- }
-
- if(!pdb_get_nt_passwd(sampass)) {
- DEBUG(1,("Account for user '%s' has no NT password hash.\n", pipe_user_name));
- pdb_free_sam(sampass);
- return False;
- }
-
- smb_passwd_ptr = pdb_get_lanman_passwd(sampass);
+ if (!make_user_info_netlogon_network(&user_info,
+ user_name, domain, wks,
+ lm_owf, lm_pw_len,
+ nt_owf, nt_pw_len)) {
+ DEBUG(0,("make_user_info_netlogon_network failed! Failing authenticaion.\n"));
+ return False;
+ }
+
+ nt_status = auth_context->check_ntlm_password(auth_context, user_info, &server_info);
+
+ (auth_context->free)(&auth_context);
+ free_user_info(&user_info);
+
+ p->ntlmssp_auth_validated = NT_STATUS_IS_OK(nt_status);
+
+ if (!p->ntlmssp_auth_validated) {
+ DEBUG(1,("api_pipe_ntlmssp_verify: User [%s]\\[%s] from machine %s \
+failed authentication on named pipe %s.\n", domain, user_name, wks, p->name ));
+ free_server_info(&server_info);
+ return False;
}
/*
{
uchar p24[24];
- NTLMSSPOWFencrypt(smb_passwd_ptr, lm_owf, p24);
+ NTLMSSPOWFencrypt(server_info->first_8_lm_hash, lm_owf, p24);
{
unsigned char j = 0;
int ind;
}
fstrcpy(p->user_name, user_name);
- fstrcpy(p->pipe_user_name, pipe_user_name);
+ fstrcpy(p->pipe_user_name, pdb_get_username(server_info->sam_account));
fstrcpy(p->domain, domain);
fstrcpy(p->wks, wks);
* Store the UNIX credential data (uid/gid pair) in the pipe structure.
*/
- p->pipe_user.uid = pdb_get_uid(sampass);
- p->pipe_user.gid = pdb_get_gid(sampass);
+ if (!IS_SAM_UNIX_USER(server_info->sam_account)) {
+ DEBUG(0,("Attempted authenticated pipe with invalid user. No uid/gid in SAM_ACCOUNT\n"));
+ free_server_info(&server_info);
+ return False;
+ }
+
+ memcpy(p->session_key, server_info->session_key, sizeof(p->session_key));
+
+ uid = pdb_get_uid(server_info->sam_account);
+ gid = pdb_get_gid(server_info->sam_account);
+
+ p->pipe_user.uid = uid;
+ p->pipe_user.gid = gid;
/* Set up pipe user group membership. */
- initialise_groups(pipe_user_name, p->pipe_user.uid, p->pipe_user.gid);
+ initialise_groups(p->pipe_user_name, p->pipe_user.uid, p->pipe_user.gid);
get_current_groups( &p->pipe_user.ngroups, &p->pipe_user.groups);
+ if (server_info->ptok)
+ add_supplementary_nt_login_groups(&p->pipe_user.ngroups, &p->pipe_user.groups, &server_info->ptok);
+
/* Create an NT_USER_TOKEN struct for this user. */
p->pipe_user.nt_user_token = create_nt_token(p->pipe_user.uid,p->pipe_user.gid,
- p->pipe_user.ngroups, p->pipe_user.groups,
- guest_user);
+ p->pipe_user.ngroups, p->pipe_user.groups,
+ server_info->guest, server_info->ptok);
p->ntlmssp_auth_validated = True;
- pdb_free_sam(sampass);
+ pdb_free_sam(&server_info->sam_account);
return True;
}
{
int i = 0;
BOOL ret = False;
- BOOL changed_user_id = False;
if (p->ntlmssp_auth_validated) {
prs_mem_free(&p->out_data.rdata);
return False;
}
-
- changed_user_id = True;
}
for (i = 0; api_fd_commands[i].pipe_clnt_name; i++) {
}
}
- if(changed_user_id)
- unbecome_authenticated_pipe_user(p);
+ if(p->ntlmssp_auth_validated)
+ unbecome_authenticated_pipe_user();
return ret;
}
return False;
}
+ if (p->bad_handle_fault_state) {
+ DEBUG(4,("api_rpcTNP: bad handle fault return.\n"));
+ p->bad_handle_fault_state = False;
+ setup_fault_pdu(p, NT_STATUS(0x1C00001A));
+ return True;
+ }
+
slprintf(name, sizeof(name)-1, "out_%s", rpc_name);
offset2 = prs_offset(&p->out_data.rdata);
prs_set_offset(&p->out_data.rdata, offset1);
if (data) {
prs_uint8s(False, "", &p->in_data.data, 0, (unsigned char *)data,
data_len);
- free(data);
+ SAFE_FREE(data);
}
}