lib/bitmap.o lib/crc32.o lib/util_sid.o lib/snprintf.o \
lib/util_str.o lib/util_unistr.o \
lib/util_file.o mem_man/mem_man.o \
- lib/util_sock.o lib/unix_sec_ctxt.o \
+ lib/util_sock.o \
lib/util_array.o \
lib/vagent.o \
- lib/util_hnd.o \
- lib/passcheck.o
+ lib/util_hnd.o
+
+LIBSRV_OBJ = lib/passcheck.o
UBIQX_OBJ = ubiqx/ubi_BinTree.o ubiqx/ubi_Cache.o ubiqx/ubi_SplayTree.o \
ubiqx/ubi_dLinkList.o ubiqx/ubi_sLinkList.o
rpc_parse/parse_net.o \
rpc_parse/parse_reg.o \
rpc_parse/parse_samr.o rpc_parse/parse_srv.o \
- rpc_parse/parse_wks.o rpc_parse/parse_sec.o \
+ rpc_parse/parse_wks.o \
rpc_parse/parse_svc.o rpc_parse/parse_at.o \
rpc_parse/parse_spoolss.o rpc_parse/parse_eventlog.o \
rpc_parse/parse_brs.o
-RPC_PARSE_OBJ2 = rpc_parse/parse_rpc.o rpc_parse/parse_prs.o \
+RPC_PARSE_OBJ2 = rpc_parse/parse_rpc.o \
+ rpc_parse/parse_prs.o \
rpc_parse/parse_misc.o \
+ rpc_parse/parse_creds.o \
+ rpc_parse/parse_sec.o \
lib/msrpc-agent.o \
lib/msrpc-client.o \
lib/msrpc_use.o \
SMBD_OBJ = $(SMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
$(RPC_SERVER_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
$(LOCKING_OBJ) $(SAMPASSDB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
- $(LIBSTATUS_OBJ) $(PRINTING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ)
+ $(LIBSTATUS_OBJ) $(PRINTING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSRV_OBJ)
LSARPCD_OBJ = $(LSARPCD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
$(UBIQX_OBJ) \
$(RPC_SRVUTIL_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
$(LOCKING_OBJ) $(SAMPASSDB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
- $(LIBSTATUS_OBJ) $(PRINTING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ)
+ $(LIBSTATUS_OBJ) $(PRINTING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSRV_OBJ)
NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
nmbd/nmbd_become_lmb.o nmbd/nmbd_browserdb.o \
time_t t;
};
-struct pwd_info
-{
- BOOL null_pwd;
- BOOL cleartext;
- BOOL crypted;
-
- fstring password;
-
- uchar smb_lm_pwd[16];
- uchar smb_nt_pwd[16];
-
- uchar smb_lm_owf[24];
- uchar smb_nt_owf[128];
- size_t nt_owf_len;
-
- uchar lm_cli_chal[8];
- uchar nt_cli_chal[128];
- size_t nt_cli_chal_len;
-
- uchar sess_key[16];
-};
-
-struct user_credentials
-{
- fstring user_name;
- fstring domain;
- struct pwd_info pwd;
-
- uint32 ntlmssp_flags;
- BOOL reuse;
-};
-
struct cli_state
{
int port;
int rap_error;
int privileges;
- struct user_credentials usr;
+ struct ntuser_creds usr;
+ BOOL retry;
fstring eff_name;
fstring desthost;
BOOL use_ntlmv2;
BOOL redirect;
+ BOOL reuse;
uint32 sesskey;
int serverzone;
BOOL msrpc_receive_prs(struct msrpc_state *msrpc, prs_struct *ps);
BOOL msrpc_send(struct msrpc_state *msrpc, BOOL show);
BOOL msrpc_connect(struct msrpc_state *msrpc, const char *pipe_name);
-void msrpc_init_creds(struct msrpc_state *msrpc, const struct user_credentials *usr);
+void msrpc_init_creds(struct msrpc_state *msrpc, const struct user_creds *usr);
void msrpc_close_socket(struct msrpc_state *msrpc);
void msrpc_sockopt(struct msrpc_state *msrpc, char *options);
BOOL msrpc_connect_auth(struct msrpc_state *msrpc,
const char* pipename,
- const struct user_credentials *usr);
+ const struct user_creds *usr);
struct msrpc_state *msrpc_initialise(struct msrpc_state *msrpc);
void msrpc_shutdown(struct msrpc_state *msrpc);
BOOL msrpc_establish_connection(struct msrpc_state *msrpc,
void init_msrpc_use(void);
void free_msrpc_use(void);
struct msrpc_state *msrpc_use_add(const char* pipe_name,
- const struct user_credentials *usr_creds,
+ const struct user_creds *usr_creds,
BOOL redir);
BOOL msrpc_use_del(const char* pipe_name,
- const struct user_credentials *usr_creds,
+ const struct user_creds *usr_creds,
BOOL force_close,
BOOL *connection_closed);
void msrpc_net_use_enum(uint32 *num_cons, struct use_info ***use);
char *ufc_crypt(char *key,char *salt);
-/*The following definitions come from lib/unix_sec_ctxt.c */
-
-void init_sec_ctxt(void);
-BOOL become_unix_sec_ctxt(struct unix_sec_ctxt const *ctxt);
-BOOL unbecome_unix_sec_ctxt(void);
-void become_unix_root_sec_ctxt(void) ;
-void unbecome_unix_root_sec_ctxt(void);
-
/*The following definitions come from lib/username.c */
struct passwd *hashed_getpwnam(const char *name);
/*The following definitions come from libsmb/clientgen.c */
-void copy_user_creds(struct user_credentials *to,
- const struct user_credentials *from);
int cli_set_port(struct cli_state *cli, int port);
char *cli_errstr(struct cli_state *cli);
void cli_safe_smb_errstr(struct cli_state *cli, char *msg, size_t len);
BOOL cli_session_request(struct cli_state *cli,
struct nmb_name *calling, struct nmb_name *called);
BOOL cli_connect(struct cli_state *cli, const char *host, struct in_addr *ip);
-void cli_init_creds(struct cli_state *cli, const struct user_credentials *usr);
+void cli_init_creds(struct cli_state *cli, const struct ntuser_creds *usr);
struct cli_state *cli_initialise(struct cli_state *cli);
void cli_close_socket(struct cli_state *cli);
void cli_shutdown(struct cli_state *cli);
BOOL cli_connect_auth(struct cli_state *cli,
const char* desthost,
struct in_addr *dest_ip,
- const struct user_credentials *usr);
+ const struct ntuser_creds *usr);
BOOL cli_connect_servers_auth(struct cli_state *cli,
char *p,
- const struct user_credentials *usr);
+ const struct ntuser_creds *usr);
BOOL cli_connect_serverlist(struct cli_state *cli, char *p);
int cli_printjob_del(struct cli_state *cli, int job);
int cli_print_queue(struct cli_state *cli,
void init_cli_use(void);
void free_cli_use(void);
struct cli_state *cli_net_use_add(const char* srv_name,
- const struct user_credentials *usr_creds,
- BOOL redir);
+ const struct ntuser_creds *usr_creds,
+ BOOL redir,
+ BOOL reuse);
BOOL cli_net_use_del(const char* srv_name,
- const struct user_credentials *usr_creds,
+ const struct ntuser_creds *usr_creds,
BOOL force_close,
BOOL *connection_closed);
void cli_net_use_enum(uint32 *num_cons, struct use_info ***use);
int status) ;
BOOL brs_io_r_query_info(char *desc, BRS_R_QUERY_INFO *r_u, prs_struct *ps, int depth);
+/*The following definitions come from rpc_parse/parse_creds.c */
+
+BOOL make_creds_unix(CREDS_UNIX *r_u, const char* user_name);
+BOOL creds_io_unix(char *desc, CREDS_UNIX *r_u, prs_struct *ps, int depth);
+void creds_free_unix(CREDS_UNIX *r_u);
+BOOL make_creds_unix_sec(CREDS_UNIX_SEC *r_u,
+ uint32 uid, uint32 gid, uint32 num_grps, uint32 *grps);
+BOOL creds_io_unix_sec(char *desc, CREDS_UNIX_SEC *r_u, prs_struct *ps, int depth);
+void creds_free_unix_sec(CREDS_UNIX_SEC *r_u);
+BOOL creds_io_nt_sec(char *desc, CREDS_NT_SEC *r_u, prs_struct *ps, int depth);
+void creds_free_nt_sec(CREDS_NT_SEC *r_u);
+BOOL creds_io_pwd_info(char *desc, struct pwd_info *pwd, prs_struct *ps, int depth);
+BOOL creds_io_nt(char *desc, CREDS_NT *r_u, prs_struct *ps, int depth);
+void creds_free_nt(CREDS_NT *r_u);
+BOOL creds_io_hybrid(char *desc, CREDS_HYBRID *r_u, prs_struct *ps, int depth);
+void copy_unix_creds(CREDS_UNIX *to, const CREDS_UNIX *from);
+void copy_nt_sec_creds(CREDS_NT_SEC *to, const CREDS_NT_SEC *from);
+void copy_unix_sec_creds(CREDS_UNIX_SEC *to, const CREDS_UNIX_SEC *from);
+void copy_nt_creds(struct ntuser_creds *to,
+ const struct ntuser_creds *from);
+void copy_user_creds(struct user_creds *to,
+ const struct user_creds *from);
+void free_user_creds(struct user_creds *creds);
+BOOL creds_io_cmd(char *desc, CREDS_CMD *r_u, prs_struct *ps, int depth);
+BOOL create_ntuser_creds( prs_struct *ps,
+ const char* name,
+ uint16 version, uint16 command,
+ const struct ntuser_creds *ntu,
+ BOOL reuse);
+BOOL create_user_creds( prs_struct *ps,
+ const char* name,
+ uint16 version, uint16 command,
+ const struct user_creds *usr);
+
/*The following definitions come from rpc_parse/parse_eventlog.c */
BOOL make_eventlog_q_open(EVENTLOG_Q_OPEN *q_u, const char *journal, char *unk);
/* domain controller */
fstring level3_dom;
fstring level5_dom;
+
};
struct client_info
struct tar_client_info tar;
struct nt_client_info dom;
+
+ BOOL reuse;
};
enum action_type {ACTION_HEADER, ACTION_ENUMERATE, ACTION_FOOTER};
uid_t uid; /* uid of user who *opened* this connection */
gid_t gid; /* gid of user who *opened* this connection */
- uint16 vuid; /* vuid of user who *opened* this connection, or UID_FIELD_INVALID */
-
- /* following groups stuff added by ih */
-
/* This groups info is valid for the user that *opened* the connection */
int ngroups;
gid_t *groups;
+ uint16 vuid; /* vuid of user who *opened* this connection, or UID_FIELD_INVALID */
+
+ /* following groups stuff added by ih */
+
time_t lastused;
BOOL used;
int num_files_open;
} connection_struct;
-struct unix_sec_ctxt
-{
- uid_t uid;
- gid_t gid;
- int ngroups;
- gid_t *groups;
-
- char *name;
-};
-
-struct nt_sec_ctxt
-{
- /* this should (will?) probably become a SEC_DESC */
- DOM_SID user_sid;
- DOM_SID group_sid;
-
- char *name;
- char *domain;
-};
-
-#if 0
-struct sec_ctxt
-{
- struct unix_sec_ctxt unix;
- struct nt_sec_ctxt nt;
-};
-#endif
-
struct current_user
{
connection_struct *conn;
unsigned int name_type;
};
-#include "client.h"
-#include "rpcclient.h"
#include "dfs.h"
};
#define AGENT_CMD_CON 0
+#define AGENT_CMD_CON_ANON 2
#define AGENT_CMD_CON_REUSE 1
#define MAX_MAX_MUX_LIMIT 16
int port;
};
+struct pwd_info
+{
+ BOOL null_pwd;
+ BOOL cleartext;
+ BOOL crypted;
+
+ fstring password;
+
+ uchar smb_lm_pwd[16];
+ uchar smb_nt_pwd[16];
+
+ uchar smb_lm_owf[24];
+ uchar smb_nt_owf[128];
+ size_t nt_owf_len;
+
+ uchar lm_cli_chal[8];
+ uchar nt_cli_chal[128];
+ size_t nt_cli_chal_len;
+
+ uchar sess_key[16];
+};
+
+#include "rpc_creds.h"
+
struct msrpc_state
{
fstring pipe_name;
- struct user_credentials usr;
+ struct user_creds usr;
int fd;
BOOL redirect;
BOOL initialised;
char *outbuf;
};
+#include "client.h"
+#include "rpcclient.h"
+
#endif /* _SMB_H */
/* _SMB_H */
struct cli_state cli;
POLICY_HND lsa_pol;
fstring srv_name;
- extern struct user_credentials *usr_creds;
- struct user_credentials usr;
+ extern struct ntuser_creds *usr_creds;
+ struct ntuser_creds usr;
BOOL res3 = True;
BOOL res4 = True;
/****************************************************************************
terminate sockent connection
-***********************************************************<*****************/
+****************************************************************************/
static void free_sock(void *sock)
{
if (sock != NULL)
static struct msrpc_state *init_client_connection(int c)
{
pstring buf;
- uchar ntpw[16];
- uchar lmpw[16];
fstring pipe_name;
- struct user_credentials usr;
- char *p = buf;
+ struct user_creds usr;
int rl;
uint32 len;
- uint16 version;
- uint16 command;
BOOL new_con = False;
+ struct msrpc_state *n = NULL;
+
+ CREDS_CMD cmd;
+ prs_struct ps;
ZERO_STRUCT(usr);
+ ZERO_STRUCT(cmd);
+ cmd.cred = &usr;
- DEBUG(10,("first request\n"));
+ DEBUG(10,("init_client_connection: first request\n"));
rl = read(c, &buf, sizeof(len));
#ifdef DEBUG_PASSWORD
dump_data(100, buf, rl);
#endif
- version = SVAL(p, 0);
- p += 2;
- command = SVAL(p, 0);
- p += 2;
- fstrcpy(pipe_name, p);
- p = skip_string(p, 1);
- fstrcpy(usr.user_name, p);
- p = skip_string(p, 1);
- fstrcpy(usr.domain, p);
- p = skip_string(p, 1);
+ /* make a static data parsing structure from the api_fd_reply data */
+ prs_init(&ps, 0, 4, 0, True);
+ mem_create(ps.data, buf, 0, len, 0, False);
- if (PTR_DIFF(p, buf) < rl)
- {
- memcpy(lmpw, p, 16);
- p += 16;
- memcpy(ntpw, p, 16);
- p += 16;
- pwd_set_lm_nt_16(&usr.pwd, lmpw, ntpw);
- }
- else
+ if (!creds_io_cmd("creds", &cmd, &ps, 0))
{
- pwd_set_nullpwd(&usr.pwd);
+ DEBUG(0,("Unable to parse credentials\n"));
+ mem_free_data(ps.data);
+ return NULL;
}
- if (PTR_DIFF(p, buf) != rl)
+ mem_free_data(ps.data);
+
+ if (ps.offset != rl)
{
- DEBUG(0,("Buffer size %d %d!\n",
- PTR_DIFF(p, buf), rl));
+ DEBUG(0,("Buffer size %d %d!\n", ps.offset, rl));
return NULL;
}
- switch (command)
+ switch (cmd.command)
{
case AGENT_CMD_CON:
+ case AGENT_CMD_CON_ANON:
{
new_con = True;
break;
case AGENT_CMD_CON_REUSE:
{
new_con = True;
- usr.reuse = True;
break;
}
default:
{
- DEBUG(0,("unknown command %d\n", command));
+ DEBUG(0,("unknown command %d\n", cmd.command));
return NULL;
}
}
if (new_con)
{
- struct msrpc_state *n;
uint32 status = 0;
n = msrpc_use_add(pipe_name, &usr, False);
n = NULL;
}
}
- return n;
}
- return NULL;
+ free_user_creds(&usr);
+ return n;
}
static BOOL process_cli_sock(struct sock_redir **socks, uint32 num_socks,
if (fork() == 0)
{
+ /* child */
start_agent(&va);
}
}
/****************************************************************************
initialise a msrpcent structure
****************************************************************************/
-void msrpc_init_creds(struct msrpc_state *msrpc, const struct user_credentials *usr)
+void msrpc_init_creds(struct msrpc_state *msrpc, const struct user_creds *usr)
{
copy_user_creds(&msrpc->usr, usr);
}
}
-static BOOL msrpc_init_redirect(struct msrpc_state *msrpc,
- const char* pipe_name,
- const struct user_credentials *usr)
+static BOOL msrpc_authenticate(struct msrpc_state *msrpc,
+ const struct user_creds *usr)
{
- int sock;
struct msrpc_state msrpc_redir;
- fstring path;
- pstring data;
+ int sock = msrpc->fd;
+ char *data;
+ prs_struct ps;
uint32 len;
- char *p;
char *in = msrpc->inbuf;
char *out = msrpc->outbuf;
+ uint16 command;
- slprintf(path, sizeof(path)-1, "/tmp/.msrpc/.%s/agent", pipe_name);
-
- sock = open_pipe_sock(path);
+ command = usr != NULL ? AGENT_CMD_CON : AGENT_CMD_CON_ANON;
- if (sock < 0)
+ if (usr != NULL)
{
- return False;
+ usr->ptr_ntc = 1;
+ usr->ptr_uxc = 1;
+ usr->ptr_nts = 0;
+ usr->ptr_uxs = 0;
}
- ZERO_STRUCT(data);
-
- p = &data[4];
- SSVAL(p, 0, 0);
- p += 2;
-
- SSVAL(p, 0, usr->reuse ? AGENT_CMD_CON_REUSE : AGENT_CMD_CON);
- p += 2;
-
- safe_strcpy(p, pipe_name, 16);
- p = skip_string(p, 1);
- safe_strcpy(p, usr != NULL ? usr->user_name : "", 16);
- p = skip_string(p, 1);
- safe_strcpy(p, usr != NULL ? usr->domain : "", 16);
- p = skip_string(p, 1);
-
- if (usr != NULL && !pwd_is_nullpwd(&usr->pwd))
+ if (!create_user_creds(&ps, msrpc->pipe_name, 0x0, command, usr))
{
- uchar lm16[16];
- uchar nt16[16];
-
- pwd_get_lm_nt_16(&usr->pwd, lm16, nt16);
- memcpy(p, lm16, 16);
- p += 16;
- memcpy(p, nt16, 16);
- p += 16;
+ DEBUG(0,("could not parse credentials\n"));
+ close(sock);
+ return False;
}
- len = PTR_DIFF(p, data);
+ len = ps.offset;
+ data = mem_data(&ps.data, 0);
+
SIVAL(data, 0, len);
#ifdef DEBUG_PASSWORD
if (write(sock, data, len) <= 0)
{
DEBUG(0,("write failed\n"));
- close(sock);
return False;
}
- len = read(sock, &msrpc_redir, sizeof(msrpc_redir));
+ if (msrpc->redirect)
+ {
+ len = read(sock, &msrpc_redir, sizeof(msrpc_redir));
- if (len != sizeof(msrpc_redir))
+ if (len != sizeof(msrpc_redir))
+ {
+ DEBUG(0,("read failed\n"));
+ return False;
+ }
+
+ memcpy(msrpc, &msrpc_redir, sizeof(msrpc_redir));
+ msrpc->inbuf = in;
+ msrpc->outbuf = out;
+ msrpc->fd = sock;
+ msrpc->usr.reuse = False;
+ }
+ else
+ {
+ uint32 status;
+ len = read(sock, &status, sizeof(status));
+
+ return len == sizeof(status) && status == 0x0;
+ }
+ return True;
+}
+
+static BOOL msrpc_init_redirect(struct msrpc_state *msrpc,
+ const char* pipe_name,
+ const struct user_creds *usr)
+{
+ int sock;
+ fstring path;
+
+ slprintf(path, sizeof(path)-1, "/tmp/.msrpc/.%s/agent", pipe_name);
+
+ sock = open_pipe_sock(path);
+
+ if (sock < 0)
{
- DEBUG(0,("read failed\n"));
- close(sock);
return False;
}
-
- memcpy(msrpc, &msrpc_redir, sizeof(msrpc_redir));
- msrpc->inbuf = in;
- msrpc->outbuf = out;
+
msrpc->fd = sock;
- msrpc->usr.reuse = False;
+
+ if (!msrpc_authenticate(msrpc, usr))
+ {
+ DEBUG(0,("authenticate failed\n"));
+ close(msrpc->fd);
+ msrpc->fd = -1;
+ return False;
+ }
return True;
}
BOOL msrpc_connect_auth(struct msrpc_state *msrpc,
const char* pipename,
- const struct user_credentials *usr)
+ const struct user_creds *usr)
{
ZERO_STRUCTP(msrpc);
if (!msrpc_initialise(msrpc))
{
DEBUG(5,("msrpc_establish_connection: connecting to %s (%s) - %s\n",
pipe_name,
- msrpc->usr.user_name, msrpc->usr.domain));
+ msrpc->usr.ntc.user_name, msrpc->usr.ntc.domain));
/* establish connection */
}
}
+ if (!msrpc_authenticate(msrpc, &msrpc->usr))
+ {
+ DEBUG(0,("authenticate failed\n"));
+ close(msrpc->fd);
+ msrpc->fd = -1;
+ return False;
+ }
+
return True;
}
match.
****************************************************************************/
static struct msrpc_use *msrpc_find(const char* pipe_name,
- const struct user_credentials *usr_creds)
+ const struct user_creds *usr_creds)
{
int i;
- struct user_credentials null_usr;
+ struct user_creds null_usr;
copy_user_creds(&null_usr, usr_creds);
usr_creds = &null_usr;
DEBUG(10,("msrpc_find: %s %s %s\n",
pipe_name,
- usr_creds->user_name,
- usr_creds->domain));
+ usr_creds->ntc.user_name,
+ usr_creds->ntc.domain));
for (i = 0; i < num_msrpcs; i++)
{
DEBUG(10,("msrpc_find[%d]: %s %s %s\n",
i, msrpc_name,
- c->cli->usr.user_name,
- c->cli->usr.domain));
+ c->cli->usr.ntc.user_name,
+ c->cli->usr.ntc.domain));
if (!strequal(msrpc_name, pipe_name))
{
continue;
}
- if (!strequal(usr_creds->user_name, c->cli->usr.user_name))
+ if (!strequal(usr_creds->ntc.user_name, c->cli->usr.ntc.user_name))
{
continue;
}
if (!usr_creds->reuse &&
- !pwd_compare(&usr_creds->pwd, &c->cli->usr.pwd))
+ !pwd_compare(&usr_creds->ntc.pwd, &c->cli->usr.ntc.pwd))
{
DEBUG(100,("password doesn't match\n"));
continue;
}
- if (usr_creds->domain[0] == 0)
+ if (usr_creds->ntc.domain[0] == 0)
{
return c;
}
- if (strequal(usr_creds->domain, c->cli->usr.domain))
+ if (strequal(usr_creds->ntc.domain, c->cli->usr.ntc.domain))
{
return c;
}
create a new client state from user credentials
****************************************************************************/
static struct msrpc_use *msrpc_use_get(const char* pipe_name,
- const struct user_credentials *usr_creds)
+ const struct user_creds *usr_creds)
{
struct msrpc_use *cli = (struct msrpc_use*)malloc(sizeof(*cli));
init client state
****************************************************************************/
struct msrpc_state *msrpc_use_add(const char* pipe_name,
- const struct user_credentials *usr_creds,
+ const struct user_creds *usr_creds,
BOOL redir)
{
struct msrpc_use *cli = msrpc_find(pipe_name, usr_creds);
delete a client state
****************************************************************************/
BOOL msrpc_use_del(const char* pipe_name,
- const struct user_credentials *usr_creds,
+ const struct user_creds *usr_creds,
BOOL force_close,
BOOL *connection_closed)
{
if (!strequal(msrpc_name, pipe_name)) continue;
- if (strequal(usr_creds->user_name,
- msrpcs[i]->cli->usr.user_name) &&
- strequal(usr_creds->domain,
- msrpcs[i]->cli->usr.domain))
+ if (strequal(usr_creds->ntc.user_name,
+ msrpcs[i]->cli->usr.ntc.user_name) &&
+ strequal(usr_creds->ntc.domain,
+ msrpcs[i]->cli->usr.ntc.domain))
{
/* decrement number of users */
msrpcs[i]->num_users--;
if (item.connected)
{
item.srv_name = msrpcs[i]->cli->pipe_name;
- item.user_name = msrpcs[i]->cli->usr.user_name;
- item.domain = msrpcs[i]->cli->usr.domain;
+ item.user_name = msrpcs[i]->cli->usr.ntc.user_name;
+ item.domain = msrpcs[i]->cli->usr.ntc.domain;
}
add_use_info_to_array(num_cons, use, &item);
* set the port that will be used for connections by the client
*/
-void copy_user_creds(struct user_credentials *to,
- const struct user_credentials *from)
-{
- if (from == NULL)
- {
- to->domain[0] = 0;
- to->user_name[0] = 0;
- pwd_set_nullpwd(&to->pwd);
- to->ntlmssp_flags = 0;
- to->reuse = False;
-
- return;
- }
- safe_strcpy(to->domain , from->domain , sizeof(from->domain )-1);
- safe_strcpy(to->user_name, from->user_name, sizeof(from->user_name)-1);
- memcpy(&to->pwd, &from->pwd, sizeof(from->pwd));
- to->ntlmssp_flags = from->ntlmssp_flags;
- to->reuse = from->reuse;
-};
-
int cli_set_port(struct cli_state *cli, int port)
{
char *p;
BOOL esec = cli->capabilities & CAP_EXTENDED_SECURITY;
- if (cli->usr.reuse)
+ if (cli->reuse)
{
DEBUG(3,("cli_session_setup_x: reuse enabled, skipping SMBsesssetupX\n"));
return True;
BOOL cli_ulogoff(struct cli_state *cli)
{
- if (cli->usr.reuse)
+ if (cli->reuse)
{
DEBUG(3,("cli_ulogoff: reuse enabled, skipping SMBulogoff\n"));
return True;
/****************************************************************************
initialise a client structure
****************************************************************************/
-void cli_init_creds(struct cli_state *cli, const struct user_credentials *usr)
+void cli_init_creds(struct cli_state *cli, const struct ntuser_creds *usr)
{
- copy_user_creds(&cli->usr, usr);
+ copy_nt_creds(&cli->usr, usr);
}
/****************************************************************************
static int cli_init_redirect(struct cli_state *cli,
const char* srv_name, struct in_addr *destip,
- const struct user_credentials *usr)
+ const struct ntuser_creds *usr)
{
int sock;
fstring ip_name;
struct cli_state cli_redir;
fstring path;
- pstring data;
uint32 len;
- char *p;
+ char *data;
char *in = cli->inbuf;
char *out = cli->outbuf;
+ prs_struct ps;
+ uint16 command;
slprintf(path, sizeof(path)-1, "/tmp/.smb.%d/agent", getuid());
return sock;
}
- ZERO_STRUCT(data);
-
- p = &data[4];
- SSVAL(p, 0, 0);
- p += 2;
-
- SSVAL(p, 0, usr->reuse ? AGENT_CMD_CON_REUSE : AGENT_CMD_CON);
- p += 2;
-
- safe_strcpy(p, srv_name, 16);
- p = skip_string(p, 1);
- safe_strcpy(p, usr != NULL ? usr->user_name : "", 16);
- p = skip_string(p, 1);
- safe_strcpy(p, usr != NULL ? usr->domain : "", 16);
- p = skip_string(p, 1);
+ command = usr != NULL ? AGENT_CMD_CON : AGENT_CMD_CON_ANON;
- if (usr != NULL && !pwd_is_nullpwd(&usr->pwd))
+ if (!create_ntuser_creds(&ps, srv_name, 0x0, command, usr, cli->reuse))
{
- uchar lm16[16];
- uchar nt16[16];
-
- pwd_get_lm_nt_16(&usr->pwd, lm16, nt16);
- memcpy(p, lm16, 16);
- p += 16;
- memcpy(p, nt16, 16);
- p += 16;
+ DEBUG(0,("could not parse credentials\n"));
+ close(sock);
+ return False;
}
- len = PTR_DIFF(p, data);
- SIVAL(data, 0, len);
+ len = ps.offset;
+ data = mem_data(&ps.data, 0);
#ifdef DEBUG_PASSWORD
DEBUG(100,("data len: %d\n", len));
dump_data(100, data, len);
#endif
+ SIVAL(data, 0, len);
+
if (write(sock, data, len) <= 0)
{
DEBUG(0,("write failed\n"));
cli->inbuf = in;
cli->outbuf = out;
cli->fd = sock;
- cli->usr.reuse = False;
+ cli->reuse = False;
return sock;
}
BOOL cli_connect_auth(struct cli_state *cli,
const char* desthost,
struct in_addr *dest_ip,
- const struct user_credentials *usr)
+ const struct ntuser_creds *usr)
{
extern pstring global_myname;
extern pstring scope;
****************************************************************************/
BOOL cli_connect_servers_auth(struct cli_state *cli,
char *p,
- const struct user_credentials *usr)
+ const struct ntuser_creds *usr)
{
fstring remote_host;
BOOL connected_ok = False;
}
+BOOL get_user_creds(struct user_creds *usr)
+{
+ pstring buf;
+ int rl;
+ uint32 len;
+ BOOL new_con = False;
+ extern int Client;
+ uint32 status;
+
+ CREDS_CMD cmd;
+ prs_struct ps;
+
+ ZERO_STRUCTP(usr);
+ ZERO_STRUCT(cmd);
+ cmd.cred = usr;
+
+ DEBUG(10,("get_user_creds: first request\n"));
+
+ rl = read(Client, &buf, sizeof(len));
+
+ if (rl != sizeof(len))
+ {
+ DEBUG(0,("Unable to read length\n"));
+ dump_data(0, buf, sizeof(len));
+ return False;
+ }
+
+ len = IVAL(buf, 0);
+
+ if (len > sizeof(buf))
+ {
+ DEBUG(0,("length %d too long\n", len));
+ return False;
+ }
+
+ rl = read(Client, buf, len);
+
+ if (rl < 0)
+ {
+ DEBUG(0,("Unable to read from connection\n"));
+ return False;
+ }
+
+#ifdef DEBUG_PASSWORD
+ dump_data(100, buf, rl);
+#endif
+
+ /* make a static data parsing structure from the api_fd_reply data */
+ prs_init(&ps, 0, 4, 0, True);
+ mem_create(ps.data, buf, 0, len, 0, False);
+
+ if (!creds_io_cmd("creds", &cmd, &ps, 0))
+ {
+ DEBUG(0,("Unable to parse credentials\n"));
+ mem_free_data(ps.data);
+ return False;
+ }
+
+ mem_free_data(ps.data);
+
+ if (ps.offset != rl)
+ {
+ DEBUG(0,("Buffer size %d %d!\n", ps.offset, rl));
+ return False;
+ }
+
+ switch (cmd.command)
+ {
+ case AGENT_CMD_CON:
+ case AGENT_CMD_CON_ANON:
+ {
+ new_con = True;
+ break;
+ }
+ case AGENT_CMD_CON_REUSE:
+ {
+ new_con = True;
+ break;
+ }
+ default:
+ {
+ DEBUG(0,("unknown command %d\n", cmd.command));
+ return False;
+ }
+ }
+
+ status = new_con ? 0x0 : 0x1;
+
+ if (write(Client, &status, sizeof(status)) !=
+ sizeof(status))
+ {
+ return False;
+ }
+
+ return new_con;
+}
/****************************************************************************
process commands from the client
****************************************************************************/
void lsarpcd_process(void)
{
+ struct user_creds usr;
+
ZERO_STRUCT(static_pipe);
fstrcpy(static_pipe.name, "lsarpc");
+
+ if (!get_user_creds(&usr))
+ {
+ DEBUG(0,("authentication failed\n"));
+ free_user_creds(&usr);
+ return;
+ }
+
+ free_user_creds(&usr);
InBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
OutBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
InBuffer += SMB_ALIGNMENT;
OutBuffer += SMB_ALIGNMENT;
-
max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
/* re-initialise the timezone */
while (True)
{
- int deadtime = lp_deadtime()*60;
int counter;
int service_load_counter = 0;
BOOL got_smb = False;
- if (deadtime <= 0)
- deadtime = DEFAULT_SMBD_TIMEOUT;
-
-#if USE_READ_PREDICTION
- if (lp_readprediction())
- do_read_prediction();
-#endif
-
errno = 0;
for (counter=SMBD_SELECT_LOOP;
#include "includes.h"
-struct user_credentials *usr_creds = NULL;
+struct ntuser_creds *usr_creds = NULL;
extern int DEBUGLEVEL;
extern pstring scope;
uint32 num_connections;
char *srv_name;
char *pipe_name;
- struct user_credentials usr_creds;
+ struct ntuser_creds usr_creds;
struct cli_state *cli;
uint16 fnum;
};
}
static struct cli_connection *cli_con_get(const char* srv_name,
- const char* pipe_name)
+ const char* pipe_name, BOOL reuse)
{
struct cli_connection *con = NULL;
con->pipe_name = strdup(pipe_name);
}
- con->cli = cli_net_use_add(srv_name, usr_creds, True);
+ con->cli = cli_net_use_add(srv_name, usr_creds, True, reuse);
if (con->cli == NULL)
{
struct cli_connection **con)
{
BOOL res = True;
+ BOOL reuse = False;
/*
* allocate
*/
- *con = cli_con_get(srv_name, pipe_name);
+ *con = cli_con_get(srv_name, pipe_name, reuse);
if ((*con) == NULL)
{
BOOL res1 = True;
fstring dom3;
fstring dom5;
- extern struct user_credentials *usr_creds;
- struct user_credentials usr;
+ extern struct ntuser_creds *usr_creds;
+ struct ntuser_creds usr;
usr_creds = &usr;
ZERO_STRUCT(usr);
fstring dom3;
fstring dom5;
- extern struct user_credentials *usr_creds;
- struct user_credentials usr;
+ extern struct ntuser_creds *usr_creds;
+ struct ntuser_creds usr;
usr_creds = &usr;
ZERO_STRUCT(usr);
match.
****************************************************************************/
static struct cli_use *cli_find(const char* srv_name,
- const struct user_credentials *usr_creds)
+ const struct ntuser_creds *usr_creds,
+ BOOL reuse)
{
int i;
const char *sv_name = srv_name;
- struct user_credentials null_usr;
+ struct ntuser_creds null_usr;
- copy_user_creds(&null_usr, usr_creds);
+ copy_nt_creds(&null_usr, usr_creds);
usr_creds = &null_usr;
if (strnequal("\\\\", sv_name, 2))
{
continue;
}
- if (!usr_creds->reuse &&
+ if (!reuse &&
!pwd_compare(&usr_creds->pwd, &c->cli->usr.pwd))
{
DEBUG(100,("password doesn't match\n"));
create a new client state from user credentials
****************************************************************************/
static struct cli_use *cli_use_get(const char* srv_name,
- const struct user_credentials *usr_creds)
+ const struct ntuser_creds *usr_creds)
{
struct cli_use *cli = (struct cli_use*)malloc(sizeof(*cli));
init client state
****************************************************************************/
struct cli_state *cli_net_use_add(const char* srv_name,
- const struct user_credentials *usr_creds,
- BOOL redir)
+ const struct ntuser_creds *usr_creds,
+ BOOL redir,
+ BOOL reuse)
{
struct nmb_name calling;
struct nmb_name called;
fstring dest_host;
struct in_addr ip;
- struct cli_use *cli = cli_find(srv_name, usr_creds);
+ struct cli_use *cli = cli_find(srv_name, usr_creds, reuse);
if (cli != NULL)
{
}
/* reuse an existing connection requested, and one was not found */
- if (usr_creds != NULL && usr_creds->reuse && !redir)
+ if (usr_creds != NULL && reuse && !redir)
{
return False;
}
delete a client state
****************************************************************************/
BOOL cli_net_use_del(const char* srv_name,
- const struct user_credentials *usr_creds,
+ const struct ntuser_creds *usr_creds,
BOOL force_close,
BOOL *connection_closed)
{
if (ps->error) return False;
start = (uint8*)mem_data(&(ps->data), ps->offset);
+ DEBUG(120,("_prs_string: string %s len %d max %d\n",
+ str, len, max_buf_size));
+
do
{
char *q;
if (i < len || len == 0)
{
- RW_CVAL(ps->io, q, str[i],0);
+ RW_CVAL(ps->io, q, str[i], 0);
}
else
{
} while (i < max_buf_size && (len == 0 ? str[i] != 0 : i < len) );
+ DEBUG(120,("_prs_string: string %s len %d max %d\n",
+ str, len, max_buf_size));
+
ps->offset += i+1;
dump_data(5+depth, (char *)start, i);
char* process_name,
BOOL (*fn) (pipes_struct *, prs_struct *))
{
- struct api_cmd cmd = { pipe_name, process_name, fn };
+ struct api_cmd cmd;
+ cmd.pipe_clnt_name = pipe_name;
+ cmd.pipe_srv_name = process_name;
+ cmd.fn = fn;
+
add_api_cmd_to_array(&num_cmds, &api_fd_commands, &cmd);
}
#define DEBUG_TESTING
-extern struct user_credentials *usr_creds;
+extern struct ntuser_creds *usr_creds;
extern FILE* out_hnd;
#define DEBUG_TESTING
-extern struct user_credentials *usr_creds;
+extern struct ntuser_creds *usr_creds;
extern FILE* out_hnd;
extern FILE* out_hnd;
-extern struct user_credentials *usr_creds;
+extern struct ntuser_creds *usr_creds;
/****************************************************************************
nt spoolss query
static void cmd_set (struct client_info *info, int argc, char *argv[]);
static void cmd_net (struct client_info *info, int argc, char *argv[]);
-static struct user_credentials usr;
+static struct ntuser_creds usr;
static struct client_info cli_info;
#endif /* HAVE_LIBREADLINE */
-static void set_user_password(struct user_credentials *u,
+static void set_user_password(struct ntuser_creds *u,
BOOL got_pass, char *password)
{
/* set the password cache info */
BOOL net_use = False;
BOOL net_use_add = True;
BOOL force_close = False;
- struct user_credentials u;
+ struct ntuser_creds u;
fstring dest_host;
fstring srv_name;
BOOL null_pwd = False;
BOOL got_pwd = False;
pstring password;
- extern struct user_credentials *usr_creds;
+ extern struct ntuser_creds *usr_creds;
- copy_user_creds(&u, usr_creds);
+ copy_nt_creds(&u, usr_creds);
pstrcpy(dest_host, cli_info.dest_host);
pstrcpy(u.user_name,optarg);
- u.reuse = False;
+ info->reuse = False;
if (argc <= 1)
{
srv_name, u.user_name, u.domain);
report(out_hnd, "Connection:\t");
- if (cli_net_use_add(srv_name, &u, True) != NULL)
+ if (cli_net_use_add(srv_name, &u, True, info->reuse) != NULL)
{
report(out_hnd, "OK\n");
}
static pstring servicesf = CONFIGFILE;
pstring term_code;
pstring password; /* local copy only, if one is entered */
+ info->reuse = False;
#ifdef KANJI
pstrcpy(term_code, KANJI);
*term_code = 0;
#endif /* KANJI */
- usr.reuse = False;
if (argc > 1 && *argv[1] != '-')
{
{
case 'R':
{
- usr.reuse = True;
+ info->reuse = True;
break;
}
}
}
-static void read_user_env(struct user_credentials *u)
+static void read_user_env(struct ntuser_creds *u)
{
pstring password;
****************************************************************************/
int main(int argc,char *argv[])
{
- extern struct user_credentials *usr_creds;
+ extern struct ntuser_creds *usr_creds;
mode_t myumask = 0755;
DEBUGLEVEL = 2;
}
#endif /* WITH_SSL */
-#if 0
start_msrpc_agent("lsarpc");
-#endif
add_msrpc_command_processor( "samr", "lsass", api_samr_rpc );
add_msrpc_command_processor( "srvsvc", "ntsvcs", api_srvsvc_rpc );
add_msrpc_command_processor( "wkssvc", "ntsvcs", api_wkssvc_rpc );
}
}
+
static struct cli_state *init_client_connection(int c)
{
pstring buf;
- uchar ntpw[16];
- uchar lmpw[16];
- fstring srv_name;
- struct user_credentials usr;
- char *p = buf;
+ struct user_creds usr;
int rl;
uint32 len;
- uint16 version;
- uint16 command;
BOOL new_con = False;
+ CREDS_CMD cmd;
+ prs_struct ps;
+ BOOL reuse = False;
+
+ ZERO_STRUCT(usr);
+ ZERO_STRUCT(cmd);
+ cmd.cred = &usr;
ZERO_STRUCT(usr);
- DEBUG(10,("first request\n"));
+ DEBUG(10,("init_client_connection: first request\n"));
rl = read(c, &buf, sizeof(len));
#ifdef DEBUG_PASSWORD
dump_data(100, buf, rl);
#endif
- version = SVAL(p, 0);
- p += 2;
- command = SVAL(p, 0);
- p += 2;
-
- fstrcpy(srv_name, p);
- p = skip_string(p, 1);
- fstrcpy(usr.user_name, p);
- p = skip_string(p, 1);
- fstrcpy(usr.domain, p);
- p = skip_string(p, 1);
-
- if (PTR_DIFF(p, buf) < rl)
- {
- memcpy(lmpw, p, 16);
- p += 16;
- memcpy(ntpw, p, 16);
- p += 16;
- pwd_set_lm_nt_16(&usr.pwd, lmpw, ntpw);
- }
- else
+ /* make a static data parsing structure from the api_fd_reply data */
+ prs_init(&ps, 0, 4, 0, True);
+ mem_create(ps.data, buf, 0, len, 0, False);
+
+ if (!creds_io_cmd("creds", &cmd, &ps, 0))
{
- pwd_set_nullpwd(&usr.pwd);
+ DEBUG(0,("Unable to parse credentials\n"));
+ mem_free_data(ps.data);
+ return NULL;
}
- if (PTR_DIFF(p, buf) != rl)
+ mem_free_data(ps.data);
+
+ if (ps.offset != rl)
{
- DEBUG(0,("Buffer size %d %d!\n",
- PTR_DIFF(p, buf), rl));
+ DEBUG(0,("Buffer size %d %d!\n", ps.offset, rl));
return NULL;
}
- switch (command)
+ switch (cmd.command)
{
case AGENT_CMD_CON:
{
case AGENT_CMD_CON_REUSE:
{
new_con = True;
- usr.reuse = True;
+ reuse = True;
break;
}
default:
{
- DEBUG(0,("unknown command %d\n", command));
+ DEBUG(0,("unknown command %d\n", cmd.command));
return NULL;
}
}
if (new_con)
{
struct cli_state *n;
- n = cli_net_use_add(srv_name, &usr, False);
+ n = cli_net_use_add(cmd.name, &usr.ntc, False, reuse);
if (n == NULL)
{
- DEBUG(0,("Unable to connect to %s\n", srv_name));
+ DEBUG(0,("Unable to connect to %s\n", cmd.name));
return NULL;
}
if (write(c, n, sizeof(*n)) < 0)
{
DEBUG(0,("Could not write connection down pipe.\n"));
- cli_net_use_del(srv_name, &usr, False, NULL);
+ cli_net_use_del(cmd.name, &usr.ntc, False, NULL);
return NULL;
}
return n;
static int get_agent_sock(char *id)
{
- int s;
- struct sockaddr_un sa;
fstring path;
fstring dir;
git.samba.org / amitay / samba.git / commitdiff