# set these to where to find various files
# These can be overridden by command line switches (see smbd(8))
# or in smb.conf (see smb.conf(5))
-SMBLOGFILE = $(VARDIR)/log.smb
-LSARPCLOGFILE = $(VARDIR)/log.lsarpc
-NMBLOGFILE = $(VARDIR)/log.nmb
+LOGFILEBASE = $(VARDIR)
+SMBLOGFILE = $(LOGFILEBASE)/log.smb
+NMBLOGFILE = $(LOGFILEBASE)/log.nmb
CONFIGFILE = $(LIBDIR)/smb.conf
LMHOSTSFILE = $(LIBDIR)/lmhosts
DRIVERFILE = $(LIBDIR)/printers.def
-I$(srcdir)/ubiqx \
-I$(srcdir)/smbwrapper \
$(CPPFLAGS) \
- -DLSARPCLOGFILE=\"$(LSARPCLOGFILE)\" \
+ -DLOGFILEBASE=\"$(LOGFILEBASE)\" \
-DSMBLOGFILE=\"$(SMBLOGFILE)\" \
-DNMBLOGFILE=\"$(NMBLOGFILE)\"
FLAGS2 = -DCONFIGFILE=\"$(CONFIGFILE)\" -DLMHOSTSFILE=\"$(LMHOSTSFILE)\"
FLAGS5 = $(FLAGS1) $(FLAGS2) $(FLAGS3) $(FLAGS4) -DHAVE_INCLUDES_H
FLAGS = $(FLAGS5) $(PASSWD_FLAGS)
-SPROGS = bin/smbd bin/lsarpcd bin/nmbd bin/swat
+SPROGS = bin/smbd bin/lsarpcd bin/svcctld bin/spoolssd bin/samrd \
+ bin/srvsvcd bin/wkssvcd bin/browserd bin/netlogond bin/winregd \
+ bin/nmbd bin/swat
PROGS1 = bin/smbclient bin/testparm bin/testprns bin/smbrun bin/smbstatus
PROGS2 = bin/rpcclient bin/smbpasswd bin/make_smbcodepage bin/debug2html
PROGS3 = @WRAP@ @WRAP32@
RPC_SRVUTIL_OBJ = \
rpc_server/srv_pipe_hnd.o \
- rpc_server/srv_lookup.o \
rpc_server/srv_pipe.o
-RPC_SERVER_OBJ1 = \
- rpc_server/srv_lsa.o \
- rpc_server/srv_netlog.o \
- rpc_server/srv_reg.o \
- rpc_server/srv_samr.o \
- rpc_server/srv_srvsvc.o \
- rpc_server/srv_svcctl.o \
- rpc_server/srv_wkssvc.o \
- rpc_server/srv_brs.o \
- rpc_server/srv_spoolss.o
-
-RPC_SERVER_OBJ = $(RPC_SERVER_OBJ1) $(RPC_SRVUTIL_OBJ)
+RPC_SERVER_OBJ = $(RPC_SRVUTIL_OBJ)
RPC_PARSE_OBJ1 = rpc_parse/parse_lsa.o \
rpc_parse/parse_net.o \
rpc_parse/parse_reg.o \
- rpc_parse/parse_samr.o rpc_parse/parse_srv.o \
+ rpc_parse/parse_samr.o \
+ rpc_parse/parse_srv.o \
rpc_parse/parse_wks.o \
- rpc_parse/parse_svc.o rpc_parse/parse_at.o \
- rpc_parse/parse_spoolss.o rpc_parse/parse_eventlog.o \
+ rpc_parse/parse_svc.o \
+ rpc_parse/parse_at.o \
+ rpc_parse/parse_spoolss.o \
+ rpc_parse/parse_eventlog.o \
rpc_parse/parse_brs.o
RPC_PARSE_OBJ2 = rpc_parse/parse_rpc.o \
RPC_CLIENT_OBJ = \
rpc_client/cli_login.o \
rpc_client/cli_netlogon.o \
- rpc_client/cli_netlogon_sync.o \
rpc_client/cli_reg.o \
rpc_client/cli_pipe.o \
rpc_client/cli_connect.o \
rpc_client/cli_svcctl.o \
rpc_client/cli_samr.o \
rpc_client/msrpc_samr.o \
+ rpc_client/msrpc_netlogon.o \
rpc_client/msrpc_lsarpc.o \
rpc_client/cli_atsvc.o \
rpc_client/cli_eventlog.o \
smbd/$(QUOTAOBJS) smbd/reply.o smbd/ssl.o smbd/trans2.o smbd/uid.o \
smbd/dosmode.o smbd/filename.o smbd/open.o smbd/close.o smbd/blocking.o \
smbd/process.o smbd/oplock.o smbd/service.o smbd/error.o smbd/vfs.o \
- smbd/vfs-wrap.o printing/nt_printing.o smbd/dfs.o \
+ smbd/vfs-wrap.o smbd/dfs.o \
+ rpc_server/srv_lookup.o \
smbd/challenge.o
PRINTING_OBJ = printing/pcap.o printing/print_svid.o printing/printing.o
-LSARPCD_OBJ1 = lsarpcd/lsarpcd.o \
- lsarpcd/lsarpcd_process.o \
- rpc_server/srv_lsa.o \
+MSRPCD_OBJ = msrpc/msrpcd.o \
+ msrpc/msrpcd_process.o \
+ rpc_parse/parse_net.o \
+ rpc_client/cli_login.o \
+ rpc_client/cli_netlogon.o \
+ rpc_client/cli_pipe.o \
+ rpc_client/cli_connect.o \
+ rpc_client/cli_use.o \
+ rpc_client/msrpc_netlogon.o \
smbd/uid.o
+BROWSERD_OBJ1 = browserd/browserd.o \
+ passdb/smbpassfile.o \
+ rpc_parse/parse_brs.o \
+ rpc_server/srv_brs.o
+
+WKSSVCD_OBJ1 = wkssvcd/wkssvcd.o \
+ passdb/smbpassfile.o \
+ rpc_parse/parse_wks.o \
+ rpc_server/srv_wkssvc.o
+
+SRVSVCD_OBJ1 = srvsvcd/srvsvcd.o \
+ passdb/smbpassfile.o \
+ rpc_parse/parse_srv.o \
+ rpc_server/srv_srvsvc.o
+
+WINREGD_OBJ1 = winregd/winregd.o \
+ passdb/smbpassfile.o \
+ rpc_parse/parse_reg.o \
+ rpc_server/srv_reg.o
+
+NETLOGOND_OBJ1 = netlogond/netlogond.o \
+ rpc_server/srv_netlog.o \
+ rpc_server/srv_lookup.o \
+ rpc_client/cli_lsarpc.o \
+ rpc_parse/parse_lsa.o \
+ smbd/chgpasswd.o
+
+SAMRD_OBJ1 = samrd/samrd.o \
+ rpc_server/srv_lookup.o \
+ rpc_parse/parse_samr.o \
+ rpc_client/cli_lsarpc.o \
+ rpc_parse/parse_lsa.o \
+ rpc_server/srv_samr.o smbd/chgpasswd.o
+
+SVCCTLD_OBJ1 = svcctld/svcctld.o \
+ passdb/smbpassfile.o \
+ rpc_parse/parse_svc.o \
+ rpc_server/srv_svcctl.o
+
+LSARPCD_OBJ1 = lsarpcd/lsarpcd.o \
+ rpc_server/srv_lookup.o \
+ rpc_client/cli_lsarpc.o \
+ rpc_parse/parse_lsa.o \
+ rpc_server/srv_lsa.o
+
+SPOOLSSD_OBJ1 = spoolssd/spoolssd.o \
+ rpc_server/srv_spoolss.o \
+ passdb/smbpassfile.o \
+ rpc_parse/parse_spoolss.o \
+ printing/nt_printing.o
+
SMBD_OBJ = $(SMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
$(RPC_SERVER_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
$(LOCKING_OBJ) $(SAMPASSDB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
$(LIBSTATUS_OBJ) $(PRINTING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
$(LIBSRV_OBJ)
+SRVSVCD_OBJ = $(MSRPCD_OBJ) $(SRVSVCD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
+ $(UBIQX_OBJ) \
+ $(RPC_SRVUTIL_OBJ) $(RPC_PARSE_OBJ2) \
+ $(LOCKING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSTATUS_OBJ) $(LIBSRV_OBJ)
+
+WKSSVCD_OBJ = $(MSRPCD_OBJ) $(WKSSVCD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
+ $(UBIQX_OBJ) \
+ $(RPC_SRVUTIL_OBJ) $(RPC_PARSE_OBJ2) \
+ $(LOCKING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSRV_OBJ)
+
+BROWSERD_OBJ = $(MSRPCD_OBJ) $(BROWSERD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
+ $(UBIQX_OBJ) \
+ $(RPC_SRVUTIL_OBJ) $(RPC_PARSE_OBJ2) \
+ $(LOCKING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSRV_OBJ)
+
+WINREGD_OBJ = $(MSRPCD_OBJ) $(WINREGD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
+ $(UBIQX_OBJ) \
+ $(RPC_SRVUTIL_OBJ) $(RPC_PARSE_OBJ2) \
+ $(LOCKING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSRV_OBJ)
-LSARPCD_OBJ = $(LSARPCD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
+SVCCTLD_OBJ = $(MSRPCD_OBJ) $(SVCCTLD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
$(UBIQX_OBJ) \
- $(RPC_SRVUTIL_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
+ $(RPC_SRVUTIL_OBJ) $(RPC_PARSE_OBJ2) \
+ $(LOCKING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSRV_OBJ)
+
+LSARPCD_OBJ = $(MSRPCD_OBJ) $(LSARPCD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
+ $(UBIQX_OBJ) \
+ $(RPC_SRVUTIL_OBJ) $(RPC_PARSE_OBJ2) \
$(LOCKING_OBJ) $(SAMPASSDB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
- $(LIBSTATUS_OBJ) $(PRINTING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSTATUS_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSRV_OBJ)
+
+SPOOLSSD_OBJ = $(MSRPCD_OBJ) $(SPOOLSSD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
+ $(UBIQX_OBJ) $(PRINTING_OBJ) \
+ $(RPC_SRVUTIL_OBJ) $(RPC_PARSE_OBJ2) \
+ $(LOCKING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSRV_OBJ)
+
+NETLOGOND_OBJ = $(MSRPCD_OBJ) $(NETLOGOND_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
+ $(UBIQX_OBJ) \
+ $(RPC_SRVUTIL_OBJ) $(RPC_PARSE_OBJ2) \
+ $(LOCKING_OBJ) $(SAMPASSDB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
+ $(LIBSTATUS_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
+ $(LIBSRV_OBJ)
+
+SAMRD_OBJ = $(MSRPCD_OBJ) $(SAMRD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
+ $(UBIQX_OBJ) \
+ $(RPC_SRVUTIL_OBJ) $(RPC_PARSE_OBJ2) \
+ $(LOCKING_OBJ) $(SAMPASSDB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
+ $(LIBSTATUS_OBJ) $(PROFILE_OBJ) $(LIB_OBJ) \
$(LIBSRV_OBJ)
NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
TESTPRNS_OBJ = utils/testprns.o $(PARAM_OBJ) $(PRINTING_OBJ) $(UBIQX_OBJ) \
$(LIB_OBJ)
-SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
+SMBPASSWD_OBJ = utils/smbpasswd.o rpc_client/cli_netlogon_sync.o \
+ $(PARAM_OBJ) $(LIBSMB_OBJ) \
$(PASSDB_OBJ) \
$(UBIQX_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) $(LIB_OBJ)
$(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
$(PASSDB_OBJ)
-PROTO_OBJ = $(LSARPCD_OBJ) $(SMBD_OBJ) $(NMBD_OBJ) $(SWAT_OBJ) $(CLIENT_OBJ) \
- $(RPCCLIENT_OBJ) $(SMBWRAPPER_OBJ)
+PROTO_OBJ = $(MSRPCD_OBJ) $(SVCCTLD_OBJ1) $(WINREGD_OBJ1) $(SAMRD_OBJ1) \
+ $(SRVSVCD_OBJ1) $(WKSSVCD_OBJ1) $(BROWSERD_OBJ1) \
+ $(SPOOLSSD_OBJ1) $(NETLOGOND_OBJ1) \
+ $(LSARPCD_OBJ1) $(SMBD_OBJ) $(NMBD_OBJ) \
+ $(SWAT_OBJ) $(CLIENT_OBJ) \
+ $(RPCCLIENT_OBJ) $(SMBWRAPPER_OBJ) $(SMBPASSWD_OBJ)
PICOBJS = $(SMBWRAPPER_OBJ:.o=.po)
PICOBJS32 = $(SMBWRAPPER_OBJ:.o=.po32)
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(LDFLAGS) $(LIBS)
+bin/svcctld: $(SVCCTLD_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(SVCCTLD_OBJ) $(LDFLAGS) $(LIBS)
+
bin/lsarpcd: $(LSARPCD_OBJ) bin/.dummy
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(LSARPCD_OBJ) $(LDFLAGS) $(LIBS)
+bin/spoolssd: $(SPOOLSSD_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(SPOOLSSD_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/srvsvcd: $(SRVSVCD_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(SRVSVCD_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/wkssvcd: $(WKSSVCD_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(WKSSVCD_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/browserd: $(BROWSERD_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(BROWSERD_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/winregd: $(WINREGD_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(WINREGD_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/netlogond: $(NETLOGOND_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(NETLOGOND_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/samrd: $(SAMRD_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(SAMRD_OBJ) $(LDFLAGS) $(LIBS)
+
bin/nmbd: $(NMBD_OBJ) bin/.dummy
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(LIBS)
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ Main SMB server routines
+ Copyright (C) Andrew Tridgell 1992-1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+fstring pipe_name;
+
+pstring servicesf = CONFIGFILE;
+extern pstring debugf;
+extern BOOL append_log;
+
+/*************************************************************************
+ initialise an msrpc service
+ *************************************************************************/
+void msrpc_service_init(void)
+{
+}
+
+/****************************************************************************
+ reload the services file
+ **************************************************************************/
+BOOL reload_services(BOOL test)
+{
+ BOOL ret;
+
+ if (lp_loaded()) {
+ pstring fname;
+ pstrcpy(fname,lp_configfile());
+ if (file_exist(fname,NULL) && !strcsequal(fname,servicesf)) {
+ pstrcpy(servicesf,fname);
+ test = False;
+ }
+ }
+
+ reopen_logs();
+
+ if (test && !lp_file_list_changed())
+ return(True);
+
+ lp_killunused(NULL);
+
+ ret = lp_load(servicesf,False,False,True);
+
+ /* perhaps the config filename is now set */
+ if (!test)
+ reload_services(True);
+
+ reopen_logs();
+
+ load_interfaces();
+
+ return(ret);
+}
+
+/****************************************************************************
+ main program
+****************************************************************************/
+ int main(int argc,char *argv[])
+{
+#ifdef HAVE_SET_AUTH_PARAMETERS
+ set_auth_parameters(argc,argv);
+#endif
+
+#ifdef HAVE_SETLUID
+ /* needed for SecureWare on SCO */
+ setluid(0);
+#endif
+
+ append_log = True;
+
+ TimeInit();
+
+ setup_logging(argv[0],False);
+ fstrcpy(pipe_name, "browser");
+ slprintf(debugf, sizeof(debugf), "%s/log.%s", LOGFILEBASE, pipe_name);
+ add_msrpc_command_processor( pipe_name, argv[0], api_brs_rpc );
+
+ return msrpc_main(argc, argv);
+}
/* This file is automatically generated with "make proto". DO NOT EDIT */
+/*The following definitions come from browserd/browserd.c */
+
+void msrpc_service_init(void);
+BOOL reload_services(BOOL test);
+
/*The following definitions come from client/client.c */
void do_list(const char *mask,uint16 attribute,void (*fn)(file_info *),BOOL rec, BOOL dirs);
BOOL reg_split_key(const char *full_keyname, uint32 *reg_type, char *key_name);
BOOL become_user_permanently(uid_t uid, gid_t gid);
char *get_trusted_serverlist(const char* domain);
+char *pwdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length);
+uint16 pwdb_decode_acct_ctrl(const char *p);
+time_t pwdb_get_last_set_time(const char *p);
+void pwdb_set_logon_time(char *p, int max_len, time_t t);
+void pwdb_set_logoff_time(char *p, int max_len, time_t t);
+void pwdb_set_kickoff_time(char *p, int max_len, time_t t);
+void pwdb_set_can_change_time(char *p, int max_len, time_t t);
+void pwdb_set_must_change_time(char *p, int max_len, time_t t);
+void pwdb_set_last_set_time(char *p, int max_len, time_t t);
+void pwdb_sethexpwd(char *p, const char *pwd, uint16 acct_ctrl);
+BOOL pwdb_gethexpwd(const char *p, char *pwd, uint32 *acct_ctrl);
/*The following definitions come from lib/util_array.c */
DOM_SID *sid, uint8 *type);
uint32 lookup_builtin_alias_name(const char *alias_name, const char *domain,
DOM_SID *sid, uint8 *type);
-char *pwdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length);
-uint16 pwdb_decode_acct_ctrl(const char *p);
-time_t pwdb_get_last_set_time(const char *p);
-void pwdb_set_logon_time(char *p, int max_len, time_t t);
-void pwdb_set_logoff_time(char *p, int max_len, time_t t);
-void pwdb_set_kickoff_time(char *p, int max_len, time_t t);
-void pwdb_set_can_change_time(char *p, int max_len, time_t t);
-void pwdb_set_must_change_time(char *p, int max_len, time_t t);
-void pwdb_set_last_set_time(char *p, int max_len, time_t t);
-void pwdb_sethexpwd(char *p, const char *pwd, uint16 acct_ctrl);
-BOOL pwdb_gethexpwd(const char *p, char *pwd, uint32 *acct_ctrl);
BOOL pwdb_initialise(BOOL is_server);
char *lookup_wk_alias_rid(uint32 rid);
char *lookup_wk_user_rid(uint32 rid);
/*The following definitions come from lsarpcd/lsarpcd.c */
+void msrpc_service_init(void);
BOOL reload_services(BOOL test);
-void exit_server(char *reason);
-
-/*The following definitions come from lsarpcd/lsarpcd_process.c */
-
-BOOL receive_next_smb(char *inbuf, int bufsize, int timeout);
-void process_smb(char *inbuf, char *outbuf);
-BOOL get_user_creds(struct user_creds *usr);
-void lsarpcd_process(void);
/*The following definitions come from mem_man/mem_man.c */
void smb_mem_set_multiplier(int multiplier);
void *smb_mem_resize(void *ptr,size_t newsize);
+/*The following definitions come from msrpc/msrpcd.c */
+
+void exit_server(char *reason);
+int msrpc_main(int argc,char *argv[]);
+
+/*The following definitions come from msrpc/msrpcd_process.c */
+
+BOOL get_user_creds(int c, struct user_creds *usr);
+BOOL msrpcd_init(int c, pipes_struct *p);
+void msrpcd_process(int c, pipes_struct *p);
+
+/*The following definitions come from netlogond/netlogond.c */
+
+void msrpc_service_init(void);
+BOOL reload_services(BOOL test);
+
/*The following definitions come from nmbd/asyncdns.c */
int asyncdns_fd(void);
SAM_DELTA_HDR *hdr_deltas,
SAM_DELTA_CTR *deltas);
-/*The following definitions come from rpc_client/cli_netlogon_sync.c */
-
-BOOL synchronise_passdb(void);
-
/*The following definitions come from rpc_client/cli_pipe.c */
BOOL create_rpc_bind_resp(struct pwd_info *pwd,
STRING2 *secret,
NTTIME *last_update);
+/*The following definitions come from rpc_client/msrpc_netlogon.c */
+
+BOOL check_domain_security(char *orig_user, char *domain,
+ uchar *challenge,
+ char *smb_apasswd, int smb_apasslen,
+ char *smb_ntpasswd, int smb_ntpasslen,
+ uchar user_sess_key[16]);
+
/*The following definitions come from rpc_client/msrpc_samr.c */
BOOL req_user_info( const POLICY_HND *pol_dom,
void readline_init(void);
+/*The following definitions come from samrd/samrd.c */
+
+void msrpc_service_init(void);
+BOOL reload_services(BOOL test);
+
/*The following definitions come from smbd/blocking.c */
BOOL push_blocking_lock_request( char *inbuf, int length, int lock_timeout, int lock_num);
BOOL server_validate(char *user, char *domain,
char *pass, int passlen,
char *ntpass, int ntpasslen);
-BOOL domain_client_validate( char *user, char *domain,
- char *acct_name, uint16 acct_type,
- char *smb_apasswd, int smb_apasslen,
- char *smb_ntpasswd, int smb_ntpasslen,
- uchar user_sess_key[16]);
/*The following definitions come from smbd/pipes.c */
int smbw_fstat(int fd, struct stat *st);
int smbw_stat(const char *fname, struct stat *st);
+/*The following definitions come from spoolssd/spoolssd.c */
+
+void msrpc_service_init(void);
+BOOL reload_services(BOOL test);
+
+/*The following definitions come from srvsvcd/srvsvcd.c */
+
+void msrpc_service_init(void);
+BOOL reload_services(BOOL test);
+
+/*The following definitions come from svcctld/svcctld.c */
+
+void msrpc_service_init(void);
+BOOL reload_services(BOOL test);
+
/*The following definitions come from web/cgi.c */
void cgi_load_variables(FILE *f1);
/*The following definitions come from web/swat.c */
+
+/*The following definitions come from winregd/winregd.c */
+
+void msrpc_service_init(void);
+BOOL reload_services(BOOL test);
+
+/*The following definitions come from wkssvcd/wkssvcd.c */
+
+void msrpc_service_init(void);
+BOOL reload_services(BOOL test);
#endif /* _PROTO_H_ */
#define PIPE_WINREG "\\PIPE\\winreg"
#define PIPE_WKSSVC "\\PIPE\\wkssvc"
#define PIPE_NETLOGON "\\PIPE\\NETLOGON"
-#define PIPE_SVCCTL "\\PIPE\\SVCCTL"
+#define PIPE_SVCCTL "\\PIPE\\svcctl"
#define PIPE_NTLSA "\\PIPE\\ntlsa"
#define PIPE_NTSVCS "\\PIPE\\ntsvcs"
#define PIPE_LSASS "\\PIPE\\lsass"
static char *server_list = NULL;
static pstring srv_list;
char *trusted_list = lp_trusted_domains();
- int my_role = lp_server_role();
if (strequal(lp_workgroup(), domain))
{
- if ((my_role == ROLE_DOMAIN_PDC) || (my_role == ROLE_DOMAIN_NONE)) {
- pstrcpy(srv_list,global_myname);
- }
- /* we must be a BDC or MEMBER if we execute this branch */
- else {
- pstrcpy(srv_list, lp_passwordserver());
- }
- DEBUG(10,("local domain server list: %s\n", srv_list));
+ DEBUG(10,("local domain server list: %s\n", server_list));
+ pstrcpy(srv_list, lp_passwordserver());
return srv_list;
}
return NULL;
}
+/**********************************************************
+ Encode the account control bits into a string.
+ length = length of string to encode into (including terminating
+ null). length *MUST BE MORE THAN 2* !
+ **********************************************************/
+
+char *pwdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
+{
+ static fstring acct_str;
+ size_t i = 0;
+
+ acct_str[i++] = '[';
+
+ if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N';
+ if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D';
+ if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H';
+ if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T';
+ if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U';
+ if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M';
+ if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W';
+ if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S';
+ if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
+ if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
+ if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
+ if (acct_ctrl & ACB_PWLOCK ) acct_str[i++] = 'P';
+
+ for ( ; i < length - 2 ; i++ )
+ {
+ acct_str[i] = ' ';
+ }
+
+ i = length - 2;
+ acct_str[i++] = ']';
+ acct_str[i++] = '\0';
+
+ return acct_str;
+}
+
+/**********************************************************
+ Decode the account control bits from a string.
+
+ this function breaks coding standards minimum line width of 80 chars.
+ reason: vertical line-up code clarity - all case statements fit into
+ 15 lines, which is more important.
+ **********************************************************/
+
+uint16 pwdb_decode_acct_ctrl(const char *p)
+{
+ uint16 acct_ctrl = 0;
+ BOOL finished = False;
+
+ /*
+ * Check if the account type bits have been encoded after the
+ * NT password (in the form [NDHTUWSLXI]).
+ */
+
+ if (*p != '[') return 0;
+
+ for (p++; *p && !finished; p++)
+ {
+ switch (*p)
+ {
+ case 'N': { acct_ctrl |= ACB_PWNOTREQ ; break; /* 'N'o password. */ }
+ case 'D': { acct_ctrl |= ACB_DISABLED ; break; /* 'D'isabled. */ }
+ case 'H': { acct_ctrl |= ACB_HOMDIRREQ; break; /* 'H'omedir required. */ }
+ case 'T': { acct_ctrl |= ACB_TEMPDUP ; break; /* 'T'emp account. */ }
+ case 'U': { acct_ctrl |= ACB_NORMAL ; break; /* 'U'ser account (normal). */ }
+ case 'M': { acct_ctrl |= ACB_MNS ; break; /* 'M'NS logon user account. What is this ? */ }
+ case 'W': { acct_ctrl |= ACB_WSTRUST ; break; /* 'W'orkstation account. */ }
+ case 'S': { acct_ctrl |= ACB_SVRTRUST ; break; /* 'S'erver account. */ }
+ case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ }
+ case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ }
+ case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ }
+ case 'P': { acct_ctrl |= ACB_PWLOCK ; break; /* 'P'assword cannot be changed remotely */ }
+ case ' ': { break; }
+ case ':':
+ case '\n':
+ case '\0':
+ case ']':
+ default: { finished = True; }
+ }
+ }
+
+ return acct_ctrl;
+}
+
+/*******************************************************************
+ gets password-database-format time from a string.
+ ********************************************************************/
+
+static time_t get_time_from_string(const char *p)
+{
+ int i;
+
+ for (i = 0; i < 8; i++)
+ {
+ if (p[i] == '\0' || !isxdigit((int)(p[i]&0xFF)))
+ {
+ break;
+ }
+ }
+ if (i == 8)
+ {
+ /*
+ * p points at 8 characters of hex digits -
+ * read into a time_t as the seconds since
+ * 1970 that the password was last changed.
+ */
+ return (time_t)strtol(p, NULL, 16);
+ }
+ return (time_t)-1;
+}
+
+/*******************************************************************
+ gets password last set time
+ ********************************************************************/
+
+time_t pwdb_get_last_set_time(const char *p)
+{
+ if (*p && !StrnCaseCmp(p, "LCT-", 4))
+ {
+ return get_time_from_string(p + 4);
+ }
+ return (time_t)-1;
+}
+
+
+/*******************************************************************
+ sets password-database-format time in a string.
+ ********************************************************************/
+static void set_time_in_string(char *p, int max_len, char *type, time_t t)
+{
+ slprintf(p, max_len, ":%s-%08X:", type, (uint32)t);
+}
+
+/*******************************************************************
+ sets logon time
+ ********************************************************************/
+void pwdb_set_logon_time(char *p, int max_len, time_t t)
+{
+ set_time_in_string(p, max_len, "LNT", t);
+}
+
+/*******************************************************************
+ sets logoff time
+ ********************************************************************/
+void pwdb_set_logoff_time(char *p, int max_len, time_t t)
+{
+ set_time_in_string(p, max_len, "LOT", t);
+}
+
+/*******************************************************************
+ sets kickoff time
+ ********************************************************************/
+void pwdb_set_kickoff_time(char *p, int max_len, time_t t)
+{
+ set_time_in_string(p, max_len, "KOT", t);
+}
+
+/*******************************************************************
+ sets password can change time
+ ********************************************************************/
+void pwdb_set_can_change_time(char *p, int max_len, time_t t)
+{
+ set_time_in_string(p, max_len, "CCT", t);
+}
+
+/*******************************************************************
+ sets password last set time
+ ********************************************************************/
+void pwdb_set_must_change_time(char *p, int max_len, time_t t)
+{
+ set_time_in_string(p, max_len, "MCT", t);
+}
+
+/*******************************************************************
+ sets password last set time
+ ********************************************************************/
+void pwdb_set_last_set_time(char *p, int max_len, time_t t)
+{
+ set_time_in_string(p, max_len, "LCT", t);
+}
+
+
+/*************************************************************
+ Routine to set 32 hex password characters from a 16 byte array.
+**************************************************************/
+void pwdb_sethexpwd(char *p, const char *pwd, uint16 acct_ctrl)
+{
+ if (pwd != NULL)
+ {
+ int i;
+ for (i = 0; i < 16; i++)
+ {
+ slprintf(&p[i*2], 33, "%02X", pwd[i]);
+ }
+ }
+ else
+ {
+ if (IS_BITS_SET_ALL(acct_ctrl, ACB_PWNOTREQ))
+ {
+ safe_strcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 33);
+ }
+ else
+ {
+ safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33);
+ }
+ }
+}
+
+/*************************************************************
+ Routine to get the 32 hex characters and turn them
+ into a 16 byte array.
+**************************************************************/
+BOOL pwdb_gethexpwd(const char *p, char *pwd, uint32 *acct_ctrl)
+{
+ if (strnequal(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 32))
+ {
+ if (acct_ctrl != NULL)
+ {
+ *acct_ctrl |= ACB_PWNOTREQ;
+ }
+ pwd[0] = 0;
+ return True;
+ }
+ else if (strnequal(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 32))
+ {
+ pwd[0] = 0;
+ return True;
+ }
+ else
+ {
+ return strhex_to_str(pwd, 32, p) == 16;
+ }
+}
void* add_copy_to_array(uint32 *len, void ***array, const void *item,
void*(item_dup)(const void*), BOOL alloc_anyway)
{
+ void* copy = NULL;
if (len == NULL || array == NULL)
{
return NULL;
if (item != NULL || alloc_anyway)
{
- void* copy = NULL;
- if (item != NULL || alloc_anyway)
- {
- copy = item_dup(item);
- }
- add_item_to_array(len, array, copy);
+ copy = item_dup(item);
+ return add_item_to_array(len, array, copy);
}
- return NULL;
+ return copy;
}
void* add_item_to_array(uint32 *len, void ***array, void *item)
return 0xC0000000 | NT_STATUS_NONE_MAPPED;
}
-/**********************************************************
- Encode the account control bits into a string.
- length = length of string to encode into (including terminating
- null). length *MUST BE MORE THAN 2* !
- **********************************************************/
-
-char *pwdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
-{
- static fstring acct_str;
- size_t i = 0;
-
- acct_str[i++] = '[';
-
- if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N';
- if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D';
- if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H';
- if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T';
- if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U';
- if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M';
- if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W';
- if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S';
- if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
- if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
- if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
- if (acct_ctrl & ACB_PWLOCK ) acct_str[i++] = 'P';
-
- for ( ; i < length - 2 ; i++ )
- {
- acct_str[i] = ' ';
- }
-
- i = length - 2;
- acct_str[i++] = ']';
- acct_str[i++] = '\0';
-
- return acct_str;
-}
-
-/**********************************************************
- Decode the account control bits from a string.
-
- this function breaks coding standards minimum line width of 80 chars.
- reason: vertical line-up code clarity - all case statements fit into
- 15 lines, which is more important.
- **********************************************************/
-
-uint16 pwdb_decode_acct_ctrl(const char *p)
-{
- uint16 acct_ctrl = 0;
- BOOL finished = False;
-
- /*
- * Check if the account type bits have been encoded after the
- * NT password (in the form [NDHTUWSLXI]).
- */
-
- if (*p != '[') return 0;
-
- for (p++; *p && !finished; p++)
- {
- switch (*p)
- {
- case 'N': { acct_ctrl |= ACB_PWNOTREQ ; break; /* 'N'o password. */ }
- case 'D': { acct_ctrl |= ACB_DISABLED ; break; /* 'D'isabled. */ }
- case 'H': { acct_ctrl |= ACB_HOMDIRREQ; break; /* 'H'omedir required. */ }
- case 'T': { acct_ctrl |= ACB_TEMPDUP ; break; /* 'T'emp account. */ }
- case 'U': { acct_ctrl |= ACB_NORMAL ; break; /* 'U'ser account (normal). */ }
- case 'M': { acct_ctrl |= ACB_MNS ; break; /* 'M'NS logon user account. What is this ? */ }
- case 'W': { acct_ctrl |= ACB_WSTRUST ; break; /* 'W'orkstation account. */ }
- case 'S': { acct_ctrl |= ACB_SVRTRUST ; break; /* 'S'erver account. */ }
- case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ }
- case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ }
- case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ }
- case 'P': { acct_ctrl |= ACB_PWLOCK ; break; /* 'P'assword cannot be changed remotely */ }
- case ' ': { break; }
- case ':':
- case '\n':
- case '\0':
- case ']':
- default: { finished = True; }
- }
- }
-
- return acct_ctrl;
-}
-
-/*******************************************************************
- gets password-database-format time from a string.
- ********************************************************************/
-
-static time_t get_time_from_string(const char *p)
-{
- int i;
-
- for (i = 0; i < 8; i++)
- {
- if (p[i] == '\0' || !isxdigit((int)(p[i]&0xFF)))
- {
- break;
- }
- }
- if (i == 8)
- {
- /*
- * p points at 8 characters of hex digits -
- * read into a time_t as the seconds since
- * 1970 that the password was last changed.
- */
- return (time_t)strtol(p, NULL, 16);
- }
- return (time_t)-1;
-}
-
-/*******************************************************************
- gets password last set time
- ********************************************************************/
-
-time_t pwdb_get_last_set_time(const char *p)
-{
- if (*p && !StrnCaseCmp(p, "LCT-", 4))
- {
- return get_time_from_string(p + 4);
- }
- return (time_t)-1;
-}
-
-
-/*******************************************************************
- sets password-database-format time in a string.
- ********************************************************************/
-static void set_time_in_string(char *p, int max_len, char *type, time_t t)
-{
- slprintf(p, max_len, ":%s-%08X:", type, (uint32)t);
-}
-
-/*******************************************************************
- sets logon time
- ********************************************************************/
-void pwdb_set_logon_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "LNT", t);
-}
-
-/*******************************************************************
- sets logoff time
- ********************************************************************/
-void pwdb_set_logoff_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "LOT", t);
-}
-
-/*******************************************************************
- sets kickoff time
- ********************************************************************/
-void pwdb_set_kickoff_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "KOT", t);
-}
-
-/*******************************************************************
- sets password can change time
- ********************************************************************/
-void pwdb_set_can_change_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "CCT", t);
-}
-
-/*******************************************************************
- sets password last set time
- ********************************************************************/
-void pwdb_set_must_change_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "MCT", t);
-}
-
-/*******************************************************************
- sets password last set time
- ********************************************************************/
-void pwdb_set_last_set_time(char *p, int max_len, time_t t)
-{
- set_time_in_string(p, max_len, "LCT", t);
-}
-
-
-/*************************************************************
- Routine to set 32 hex password characters from a 16 byte array.
-**************************************************************/
-void pwdb_sethexpwd(char *p, const char *pwd, uint16 acct_ctrl)
-{
- if (pwd != NULL)
- {
- int i;
- for (i = 0; i < 16; i++)
- {
- slprintf(&p[i*2], 33, "%02X", pwd[i]);
- }
- }
- else
- {
- if (IS_BITS_SET_ALL(acct_ctrl, ACB_PWNOTREQ))
- {
- safe_strcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 33);
- }
- else
- {
- safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33);
- }
- }
-}
-
-/*************************************************************
- Routine to get the 32 hex characters and turn them
- into a 16 byte array.
-**************************************************************/
-BOOL pwdb_gethexpwd(const char *p, char *pwd, uint32 *acct_ctrl)
-{
- if (strnequal(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 32))
- {
- if (acct_ctrl != NULL)
- {
- *acct_ctrl |= ACB_PWNOTREQ;
- }
- pwd[0] = 0;
- return True;
- }
- else if (strnequal(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 32))
- {
- pwd[0] = 0;
- return True;
- }
- else
- {
- return strhex_to_str(pwd, 32, p) == 16;
- }
-}
-
/*************************************************************
initialise password databases, domain names, domain sid.
pstrcpy(p,fname);
p = skip_string(p,1);
- if (!cli_send_smb(cli, True)) {
- return -1;
- }
+ cli_send_smb(cli, True);
if (!cli_receive_smb(cli)) {
return -1;
}
if (strequal(srv_name, "*SMBSERVER"))
{
fstrcpy(ip_name, "\\\\");
- destip->s_addr = inet_addr(&ip_name[2]);
+ inet_aton(&ip_name[2], destip);
srv_name = ip_name;
}
*/
#include "includes.h"
-#include "trans2.h"
+
+fstring pipe_name;
pstring servicesf = CONFIGFILE;
extern pstring debugf;
-extern pstring global_myname;
-
-int am_parent = 1;
-
-/* the last message the was processed */
-int last_message = -1;
-
-/* a useful macro to debug the last message processed */
-#define LAST_MESSAGE() smb_fn_name(last_message)
-
-extern pstring scope;
+extern BOOL append_log;
extern int DEBUGLEVEL;
-extern fstring remote_machine;
-extern pstring myhostname;
-
-extern pstring OriginalDir;
-
-/****************************************************************************
- when exiting, take the whole family
-****************************************************************************/
-static void *dflt_sig(void)
-{
- exit_server("caught signal");
- return NULL;
-}
-
-/****************************************************************************
- Send a SIGTERM to our process group.
-*****************************************************************************/
-static void killkids(void)
-{
- if(am_parent) kill(0,SIGTERM);
-}
-
-
-/****************************************************************************
- open and listen to a socket
-****************************************************************************/
-static int open_server_socket(void)
+void msrpc_service_init(void)
{
- int s;
- fstring dir;
- fstring path;
-
- slprintf(dir, sizeof(dir)-1, "/tmp/.msrpc");
- slprintf(path, sizeof(path)-1, "%s/lsarpc", dir);
-
- s = create_pipe_socket(dir, 0777, path, 0777);
-
- if (s == -1)
- return -1;
- /* ready to listen */
- if (listen(s, 5) == -1) {
- DEBUG(0,("listen: %s\n", strerror(errno)));
- close(s);
- return -1;
+ if (!pwdb_initialise(True))
+ {
+ exit(-1);
}
- return s;
-}
-/****************************************************************************
- open the socket communication
-****************************************************************************/
-static BOOL open_sockets(BOOL is_daemon)
-{
- extern int Client;
- int num_interfaces = iface_count();
- int fd_listenset;
- fd_set listen_set;
- int s;
-
- memset(&fd_listenset, 0, sizeof(fd_listenset));
-
-#ifdef HAVE_ATEXIT
+ if(!initialise_sam_password_db())
{
- static int atexit_set;
- if(atexit_set == 0) {
- atexit_set=1;
- atexit(killkids);
- }
+ exit(-1);
}
-#endif
- /* Stop zombies */
- CatchChild();
-
-
- FD_ZERO(&listen_set);
-
- /* Just bind to 0.0.0.0 - accept connections
- from anywhere. */
- num_interfaces = 1;
-
- /* open an incoming socket */
- s = open_server_socket();
- if (s == -1)
- return(False);
- fd_listenset = s;
- FD_SET(s,&listen_set);
-
- /* now accept incoming connections - forking a new process
- for each incoming connection */
- DEBUG(2,("waiting for a connection\n"));
- while (1)
+ if(!initialise_passgrp_db())
{
- struct sockaddr_un addr;
- int in_addrlen = sizeof(addr);
- fd_set lfds;
- int num;
-
- memcpy((char *)&lfds, (char *)&listen_set,
- sizeof(listen_set));
-
- num = sys_select(256,&lfds,NULL, NULL);
-
- if (num == -1 && errno == EINTR)
- continue;
-
- /* Find the sockets that are read-ready -
- accept on these. */
-
- s = -1;
- if(FD_ISSET(fd_listenset,&lfds))
- {
- s = fd_listenset;
- }
-
- /* Clear this so we don't look at it again. */
- FD_CLR(s,&lfds);
-
- Client = accept(s,(struct sockaddr*)&addr,&in_addrlen);
-
- if (Client == -1 && errno == EINTR)
- continue;
-
- if (Client == -1)
- {
- DEBUG(0,("open_sockets: accept: %s\n",
- strerror(errno)));
- continue;
- }
-
- if (Client != -1 && fork()==0)
- {
- /* Child code ... */
-
- /* close the listening socket(s) */
- close(fd_listenset);
-
- /* close our standard file
- descriptors */
- close_low_fds();
- am_parent = 0;
-
- /* Reset global variables in util.c so
- that client substitutions will be
- done correctly in the process. */
- reset_globals_after_fork();
-
- /*
- * Ensure this child has kernel oplock
- * capabilities, but not it's children.
- */
- set_process_capability(KERNEL_OPLOCK_CAPABILITY, True);
- set_inherited_process_capability(KERNEL_OPLOCK_CAPABILITY, False);
+ exit(-1);
+ }
- return True;
- }
- /* The parent doesn't need this socket */
- close(Client);
+ if(!initialise_group_db())
+ {
+ exit(-1);
+ }
- /* Force parent to check log size after
- * spawning child. Fix from
- * klausr@ITAP.Physik.Uni-Stuttgart.De. The
- * parent lsarpcd will log to logserver.smb. It
- * writes only two messages for each child
- * started/finished. But each child writes,
- * say, 50 messages also in logserver.smb,
- * begining with the debug_count of the
- * parent, before the child opens its own log
- * file logserver.client. In a worst case
- * scenario the size of logserver.smb would be
- * checked after about 50*50=2500 messages
- * (ca. 100kb).
- * */
- force_check_log_size();
+ if(!initialise_alias_db())
+ {
+ exit(-1);
+ }
- } /* end while 1 */
+ if(!initialise_builtin_db())
+ {
+ exit(-1);
+ }
-/* NOTREACHED return True; */
+ if (!get_member_domain_sid())
+ {
+ DEBUG(0,("ERROR: Samba cannot obtain PDC SID from PDC(s) %s.\n",
+ lp_passwordserver()));
+ exit(-1);
+ }
}
/****************************************************************************
ret = lp_load(servicesf,False,False,True);
- load_printers();
-
/* perhaps the config filename is now set */
if (!test)
reload_services(True);
return(ret);
}
-
-
-/****************************************************************************
-this prevents zombie child processes
-****************************************************************************/
-BOOL reload_after_sighup = False;
-
-static void sig_hup(int sig)
-{
- BlockSignals(True,SIGHUP);
- DEBUG(0,("Got SIGHUP\n"));
-
- /*
- * Fix from <branko.cibej@hermes.si> here.
- * We used to reload in the signal handler - this
- * is a *BIG* no-no.
- */
-
- reload_after_sighup = True;
- BlockSignals(False,SIGHUP);
-}
-
-
-
-#if DUMP_CORE
-/*******************************************************************
-prepare to dump a core file - carefully!
-********************************************************************/
-static BOOL dump_core(void)
-{
- char *p;
- pstring dname;
- pstrcpy(dname,debugf);
- if ((p=strrchr(dname,'/'))) *p=0;
- pstrcat(dname,"/corefiles");
- mkdir(dname,0700);
- sys_chown(dname,getuid(),getgid());
- chmod(dname,0700);
- if (chdir(dname)) return(False);
- umask(~(0700));
-
-#ifdef HAVE_GETRLIMIT
-#ifdef RLIMIT_CORE
- {
- struct rlimit rlp;
- getrlimit(RLIMIT_CORE, &rlp);
- rlp.rlim_cur = MAX(4*1024*1024,rlp.rlim_cur);
- setrlimit(RLIMIT_CORE, &rlp);
- getrlimit(RLIMIT_CORE, &rlp);
- DEBUG(3,("Core limits now %d %d\n",
- (int)rlp.rlim_cur,(int)rlp.rlim_max));
- }
-#endif
-#endif
-
-
- DEBUG(0,("Dumping core in %s\n",dname));
- abort();
- return(True);
-}
-#endif
-
-
-/****************************************************************************
-exit the server
-****************************************************************************/
-void exit_server(char *reason)
-{
- static int firsttime=1;
- extern char *last_inbuf;
-
-
- if (!firsttime) exit(0);
- firsttime = 0;
-
- unbecome_user();
- DEBUG(2,("Closing connections\n"));
-
-#ifdef WITH_DFS
- if (dcelogin_atmost_once) {
- dfs_unlogin();
- }
-#endif
-
- if (!reason) {
- int oldlevel = DEBUGLEVEL;
- DEBUGLEVEL = 10;
- if (last_inbuf)
- show_msg(last_inbuf);
- DEBUGLEVEL = oldlevel;
- DEBUG(0,("===============================================================\n"));
-#if DUMP_CORE
- if (dump_core()) return;
-#endif
- }
-
- locking_end();
-
- DEBUG(3,("Server exit (%s)\n", (reason ? reason : "")));
-#ifdef MEM_MAN
- {
- extern FILE *dbf;
- smb_mem_write_verbose(dbf);
- dbgflush();
- }
-#endif
- exit(0);
-}
-
-
-
-/****************************************************************************
- initialise connect, service and file structs
-****************************************************************************/
-static void init_structs(void)
-{
-#if 0
- conn_init();
-#endif
- init_rpc_pipe_hnd(); /* for RPC pipes */
- if (!init_policy_hnd(MAX_SERVER_POLICY_HANDLES))
- {
- exit_server("could not allocate policy handles\n");
- }
-}
-
-/****************************************************************************
-usage on the program
-****************************************************************************/
-static void usage(char *pname)
-{
- DEBUG(0,("Incorrect program usage - are you sure the command line is correct?\n"));
-
- printf("Usage: %s [-D] [-p port] [-d debuglevel] ", pname);
- printf("[-l log basename] [-s services file]\n" );
- printf("Version %s\n",VERSION);
- printf("\t-D become a daemon\n");
- printf("\t-p port listen on the specified port\n");
- printf("\t-d debuglevel set the debuglevel\n");
- printf("\t-l log basename. Basename for log/debug files\n");
- printf("\t-s services file. Filename of services file\n");
- printf("\t-P passive only\n");
- printf("\t-a append to log file (default)\n");
- printf("\t-o overwrite log file, don't append\n");
- printf("\t-i scope NetBIOS scope to use (default none)\n");
- printf("\n");
-}
-
-
/****************************************************************************
main program
****************************************************************************/
int main(int argc,char *argv[])
{
- extern BOOL append_log;
- /* shall I run as a daemon */
- BOOL is_daemon = False;
- int opt;
- extern char *optarg;
-
#ifdef HAVE_SET_AUTH_PARAMETERS
set_auth_parameters(argc,argv);
#endif
TimeInit();
- pstrcpy(debugf,LSARPCLOGFILE);
-
- pstrcpy(remote_machine, "lsarpcd");
-
+ fstrcpy(pipe_name, "lsarpc");
setup_logging(argv[0],False);
+ slprintf(debugf, sizeof(debugf), "%s/log.%s", LOGFILEBASE, pipe_name);
+ add_msrpc_command_processor( pipe_name, argv[0], api_ntlsa_rpc );
- charset_initialise();
-
- /* make absolutely sure we run as root - to handle cases where people
- are crazy enough to have it setuid */
-#ifdef HAVE_SETRESUID
- setresuid(0,0,0);
-#else
- setuid(0);
- seteuid(0);
- setuid(0);
- seteuid(0);
-#endif
-
- fault_setup((void (*)(void *))exit_server);
- CatchSignal(SIGTERM , SIGNAL_CAST dflt_sig);
-
- /* we are never interested in SIGPIPE */
- BlockSignals(True,SIGPIPE);
-
- /* we want total control over the permissions on created files,
- so set our umask to 0 */
- umask(0);
-
- dos_GetWd(OriginalDir);
-
- init_uid();
-
- /* this is for people who can't start the program correctly */
- while (argc > 1 && (*argv[1] != '-')) {
- argv++;
- argc--;
- }
-
- while ( EOF != (opt = getopt(argc, argv, "i:l:s:d:Dh?Paof:")) )
- switch (opt) {
- case 'i':
- pstrcpy(scope,optarg);
- break;
-
- case 'P':
- {
- extern BOOL passive;
- passive = True;
- }
- break;
-
- case 's':
- pstrcpy(servicesf,optarg);
- break;
-
- case 'l':
- pstrcpy(debugf,optarg);
- break;
-
- case 'a':
- append_log = True;
- break;
-
- case 'o':
- append_log = False;
- break;
-
- case 'D':
- is_daemon = True;
- break;
-
- case 'd':
- if (*optarg == 'A')
- DEBUGLEVEL = 10000;
- else
- DEBUGLEVEL = atoi(optarg);
- break;
-
- case 'h':
- case '?':
- usage(argv[0]);
- exit(0);
- break;
-
- default:
- usage(argv[0]);
- exit(1);
- }
-
- reopen_logs();
-
- DEBUG(1,( "lsarpcd version %s started.\n", VERSION));
- DEBUGADD(1,( "Copyright Andrew Tridgell 1992-1999\n"));
-
- DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
- (int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
-
- if (sizeof(uint16) < 2 || sizeof(uint32) < 4) {
- DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
- exit(1);
- }
-
- get_myname(myhostname,NULL);
-
- if (!reload_services(False))
- return(-1);
-
- init_structs();
-
-#ifdef WITH_PROFILE
- if (!profile_setup(False)) {
- DEBUG(0,("ERROR: failed to setup profiling\n"));
- return -1;
- }
-#endif
-
- /*
- * Set the machine NETBIOS name if not already
- * set from the config file.
- */
- if (!*global_myname)
- {
- fstrcpy(global_myname, dns_to_netbios_name(myhostname));
- }
- strupper(global_myname);
-
- add_msrpc_command_processor( "lsarpc", argv[0], api_ntlsa_rpc );
-
- codepage_initialise(lp_client_code_page());
-
- if (!pwdb_initialise(True))
- {
- exit(1);
- }
-
- if(!initialise_sam_password_db())
- {
- exit(1);
- }
-
- if(!initialise_passgrp_db())
- {
- exit(1);
- }
-
- if(!initialise_group_db())
- {
- exit(1);
- }
-
- if(!initialise_alias_db())
- {
- exit(1);
- }
-
- if(!initialise_builtin_db())
- {
- exit(1);
- }
-
- if (!get_member_domain_sid())
- {
- DEBUG(0,("ERROR: Samba cannot obtain PDC SID from PDC(s) %s.\n",
- lp_passwordserver()));
- exit(1);
- }
-
- CatchSignal(SIGHUP,SIGNAL_CAST sig_hup);
-
- /* Setup the signals that allow the debug log level
- to by dynamically changed. */
-
- /* If we are using the malloc debug code we can't use
- SIGUSR1 and SIGUSR2 to do debug level changes. */
-
-#ifndef MEM_MAN
-#if defined(SIGUSR1)
- CatchSignal( SIGUSR1, SIGNAL_CAST sig_usr1 );
-#endif /* SIGUSR1 */
-
-#if defined(SIGUSR2)
- CatchSignal( SIGUSR2, SIGNAL_CAST sig_usr2 );
-#endif /* SIGUSR2 */
-#endif /* MEM_MAN */
-
- DEBUG(3,( "loaded services\n"));
-
- if (!is_daemon && !is_a_socket(0)) {
- DEBUG(0,("standard input is not a socket, assuming -D option\n"));
- is_daemon = True;
- }
-
- if (is_daemon) {
- DEBUG( 3, ( "Becoming a daemon.\n" ) );
- become_daemon();
- }
-
- if (!directory_exist(lp_lockdir(), NULL)) {
- mkdir(lp_lockdir(), 0755);
- }
-
- if (is_daemon) {
- pidfile_create("lsarpcd");
- }
-
- if (!open_sockets(is_daemon))
- exit(1);
-
- if (!locking_init(0))
- exit(1);
-
- /* possibly reload the services file. */
- reload_services(True);
-
- if (*lp_rootdir()) {
- if (sys_chroot(lp_rootdir()) == 0)
- DEBUG(2,("Changed root to %s\n", lp_rootdir()));
- }
-
- lsarpcd_process();
- close_sockets();
-
- exit_server("normal exit");
- return(0);
+ return msrpc_main(argc, argv);
}
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ Main SMB server routines
+ Copyright (C) Andrew Tridgell 1992-1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+#include "trans2.h"
+
+extern pstring servicesf;
+extern pstring debugf;
+extern pstring global_myname;
+
+int am_parent = 1;
+
+/* the last message the was processed */
+int last_message = -1;
+
+/* a useful macro to debug the last message processed */
+#define LAST_MESSAGE() smb_fn_name(last_message)
+
+extern pstring scope;
+extern int DEBUGLEVEL;
+
+extern fstring remote_machine;
+extern pstring myhostname;
+extern pstring pipe_name;
+
+extern pstring OriginalDir;
+
+/****************************************************************************
+ when exiting, take the whole family
+****************************************************************************/
+static void *dflt_sig(void)
+{
+ exit_server("caught signal");
+ return NULL;
+}
+
+/****************************************************************************
+ Send a SIGTERM to our process group.
+*****************************************************************************/
+static void killkids(void)
+{
+ if(am_parent) kill(0,SIGTERM);
+}
+
+
+/****************************************************************************
+ open and listen to a socket
+****************************************************************************/
+static int open_server_socket(void)
+{
+ int s;
+ fstring dir;
+ fstring path;
+
+ slprintf(dir, sizeof(dir)-1, "/tmp/.msrpc");
+ slprintf(path, sizeof(path)-1, "%s/%s", dir, pipe_name);
+
+ s = create_pipe_socket(dir, 0777, path, 0777);
+
+ if (s == -1)
+ return -1;
+ /* ready to listen */
+ if (listen(s, 5) == -1) {
+ DEBUG(0,("listen: %s\n", strerror(errno)));
+ close(s);
+ return -1;
+ }
+ return s;
+}
+
+/****************************************************************************
+ open the socket communication
+****************************************************************************/
+static int open_sockets(BOOL is_daemon)
+{
+ int ClientMSRPC;
+ int num_interfaces = iface_count();
+ int fd_listenset;
+ fd_set listen_set;
+ int s;
+
+ memset(&fd_listenset, 0, sizeof(fd_listenset));
+
+#ifdef HAVE_ATEXIT
+ {
+ static int atexit_set;
+ if(atexit_set == 0) {
+ atexit_set=1;
+ atexit(killkids);
+ }
+ }
+#endif
+
+ /* Stop zombies */
+ CatchChild();
+
+
+ FD_ZERO(&listen_set);
+
+ /* Just bind to 0.0.0.0 - accept connections
+ from anywhere. */
+ num_interfaces = 1;
+
+ /* open an incoming socket */
+ s = open_server_socket();
+ if (s == -1)
+ return -1;
+ fd_listenset = s;
+ FD_SET(s,&listen_set);
+
+ /* now accept incoming connections - forking a new process
+ for each incoming connection */
+ DEBUG(2,("waiting for a connection\n"));
+ while (1)
+ {
+ struct sockaddr_un addr;
+ int in_addrlen = sizeof(addr);
+ fd_set lfds;
+ int num;
+
+ memcpy((char *)&lfds, (char *)&listen_set,
+ sizeof(listen_set));
+
+ num = sys_select(256,&lfds,NULL, NULL);
+
+ if (num == -1 && errno == EINTR)
+ continue;
+
+ /* Find the sockets that are read-ready -
+ accept on these. */
+
+ s = -1;
+ if(FD_ISSET(fd_listenset,&lfds))
+ {
+ s = fd_listenset;
+ }
+
+ /* Clear this so we don't look at it again. */
+ FD_CLR(s,&lfds);
+
+ ClientMSRPC = accept(s,(struct sockaddr*)&addr,&in_addrlen);
+
+ if (ClientMSRPC == -1 && errno == EINTR)
+ continue;
+
+ if (ClientMSRPC == -1)
+ {
+ DEBUG(0,("open_sockets: accept: %s\n",
+ strerror(errno)));
+ continue;
+ }
+
+ if (ClientMSRPC != -1 && fork()==0)
+ {
+ /* Child code ... */
+
+ /* close the listening socket(s) */
+ close(fd_listenset);
+
+ /* close our standard file
+ descriptors */
+ close_low_fds();
+ am_parent = 0;
+
+ /* Reset global variables in util.c so
+ that client substitutions will be
+ done correctly in the process. */
+ reset_globals_after_fork();
+
+ return ClientMSRPC;
+ }
+ /* The parent doesn't need this socket */
+ close(ClientMSRPC);
+
+ /* Force parent to check log size after
+ * spawning child. Fix from
+ * klausr@ITAP.Physik.Uni-Stuttgart.De. The
+ * parent daemon will log to logserver.smb. It
+ * writes only two messages for each child
+ * started/finished. But each child writes,
+ * say, 50 messages also in logserver.smb,
+ * begining with the debug_count of the
+ * parent, before the child opens its own log
+ * file logserver.client. In a worst case
+ * scenario the size of logserver.smb would be
+ * checked after about 50*50=2500 messages
+ * (ca. 100kb).
+ * */
+ force_check_log_size();
+
+ } /* end while 1 */
+
+/* NOTREACHED */
+}
+
+
+/****************************************************************************
+this prevents zombie child processes
+****************************************************************************/
+BOOL reload_after_sighup = False;
+
+static void sig_hup(int sig)
+{
+ BlockSignals(True,SIGHUP);
+ DEBUG(0,("Got SIGHUP\n"));
+
+ /*
+ * Fix from <branko.cibej@hermes.si> here.
+ * We used to reload in the signal handler - this
+ * is a *BIG* no-no.
+ */
+
+ reload_after_sighup = True;
+ BlockSignals(False,SIGHUP);
+}
+
+
+
+#if DUMP_CORE
+/*******************************************************************
+prepare to dump a core file - carefully!
+********************************************************************/
+static BOOL dump_core(void)
+{
+ char *p;
+ pstring dname;
+ pstrcpy(dname,debugf);
+ if ((p=strrchr(dname,'/'))) *p=0;
+ pstrcat(dname,"/corefiles");
+ mkdir(dname,0700);
+ sys_chown(dname,getuid(),getgid());
+ chmod(dname,0700);
+ if (chdir(dname)) return(False);
+ umask(~(0700));
+
+#ifdef HAVE_GETRLIMIT
+#ifdef RLIMIT_CORE
+ {
+ struct rlimit rlp;
+ getrlimit(RLIMIT_CORE, &rlp);
+ rlp.rlim_cur = MAX(4*1024*1024,rlp.rlim_cur);
+ setrlimit(RLIMIT_CORE, &rlp);
+ getrlimit(RLIMIT_CORE, &rlp);
+ DEBUG(3,("Core limits now %d %d\n",
+ (int)rlp.rlim_cur,(int)rlp.rlim_max));
+ }
+#endif
+#endif
+
+
+ DEBUG(0,("Dumping core in %s\n",dname));
+ abort();
+ return(True);
+}
+#endif
+
+
+/****************************************************************************
+exit the server
+****************************************************************************/
+void exit_server(char *reason)
+{
+ static int firsttime=1;
+ extern char *last_inbuf;
+
+
+ if (!firsttime) exit(0);
+ firsttime = 0;
+
+ unbecome_vuser();
+ DEBUG(2,("Closing connections\n"));
+
+#ifdef WITH_DFS
+ if (dcelogin_atmost_once) {
+ dfs_unlogin();
+ }
+#endif
+
+ if (!reason) {
+ int oldlevel = DEBUGLEVEL;
+ DEBUGLEVEL = 10;
+ if (last_inbuf)
+ show_msg(last_inbuf);
+ DEBUGLEVEL = oldlevel;
+ DEBUG(0,("===============================================================\n"));
+#if DUMP_CORE
+ if (dump_core()) return;
+#endif
+ }
+
+ locking_end();
+
+ DEBUG(3,("Server exit (%s)\n", (reason ? reason : "")));
+#ifdef MEM_MAN
+ {
+ extern FILE *dbf;
+ smb_mem_write_verbose(dbf);
+ dbgflush();
+ }
+#endif
+ exit(0);
+}
+
+
+
+/****************************************************************************
+ initialise connect, service and file structs
+****************************************************************************/
+static void init_structs(void)
+{
+#if 0
+ conn_init();
+#endif
+ init_rpc_pipe_hnd(); /* for RPC pipes */
+ if (!init_policy_hnd(MAX_SERVER_POLICY_HANDLES))
+ {
+ exit_server("could not allocate policy handles\n");
+ }
+}
+
+/****************************************************************************
+usage on the program
+****************************************************************************/
+static void usage(char *pname)
+{
+ DEBUG(0,("Incorrect program usage - are you sure the command line is correct?\n"));
+
+ printf("Usage: %s [-D] [-p port] [-d debuglevel] ", pname);
+ printf("[-l log basename] [-s services file]\n" );
+ printf("Version %s\n",VERSION);
+ printf("\t-D become a daemon\n");
+ printf("\t-p port listen on the specified port\n");
+ printf("\t-d debuglevel set the debuglevel\n");
+ printf("\t-l log basename. Basename for log/debug files\n");
+ printf("\t-s services file. Filename of services file\n");
+ printf("\t-P passive only\n");
+ printf("\t-a append to log file (default)\n");
+ printf("\t-o overwrite log file, don't append\n");
+ printf("\t-i scope NetBIOS scope to use (default none)\n");
+ printf("\n");
+}
+
+
+/****************************************************************************
+ main program
+****************************************************************************/
+int msrpc_main(int argc,char *argv[])
+{
+ extern BOOL append_log;
+ /* shall I run as a daemon */
+ BOOL is_daemon = False;
+ int opt;
+ extern char *optarg;
+ int ClientMSRPC = -1;
+ pipes_struct static_pipe;
+
+ pstrcpy(remote_machine, pipe_name);
+
+ charset_initialise();
+
+ /* make absolutely sure we run as root - to handle cases where people
+ are crazy enough to have it setuid */
+#ifdef HAVE_SETRESUID
+ setresuid(0,0,0);
+#else
+ setuid(0);
+ seteuid(0);
+ setuid(0);
+ seteuid(0);
+#endif
+
+ fault_setup((void (*)(void *))exit_server);
+ CatchSignal(SIGTERM , SIGNAL_CAST dflt_sig);
+
+ /* we are never interested in SIGPIPE */
+ BlockSignals(True,SIGPIPE);
+
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ umask(0);
+
+ dos_GetWd(OriginalDir);
+
+ init_uid();
+
+ /* this is for people who can't start the program correctly */
+ while (argc > 1 && (*argv[1] != '-')) {
+ argv++;
+ argc--;
+ }
+
+ while ( EOF != (opt = getopt(argc, argv, "i:l:s:d:Dh?Paof:")) )
+ switch (opt) {
+ case 'i':
+ pstrcpy(scope,optarg);
+ break;
+
+ case 'P':
+ {
+ extern BOOL passive;
+ passive = True;
+ }
+ break;
+
+ case 's':
+ pstrcpy(servicesf,optarg);
+ break;
+
+ case 'l':
+ pstrcpy(debugf,optarg);
+ break;
+
+ case 'a':
+ append_log = True;
+ break;
+
+ case 'o':
+ append_log = False;
+ break;
+
+ case 'D':
+ is_daemon = True;
+ break;
+
+ case 'd':
+ if (*optarg == 'A')
+ DEBUGLEVEL = 10000;
+ else
+ DEBUGLEVEL = atoi(optarg);
+ break;
+
+ case 'h':
+ case '?':
+ usage(argv[0]);
+ exit(0);
+ break;
+
+ default:
+ usage(argv[0]);
+ exit(1);
+ }
+
+ reopen_logs();
+
+ DEBUG(1,( "%s version %s started.\n", argv[0], VERSION));
+ DEBUGADD(1,( "Copyright Andrew Tridgell 1992-1999\n"));
+
+ DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
+ (int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
+
+ if (sizeof(uint16) < 2 || sizeof(uint32) < 4) {
+ DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
+ exit(1);
+ }
+
+ get_myname(myhostname,NULL);
+
+ if (!reload_services(False))
+ return(-1);
+
+ init_structs();
+
+#ifdef WITH_PROFILE
+ if (!profile_setup(False)) {
+ DEBUG(0,("ERROR: failed to setup profiling\n"));
+ return -1;
+ }
+#endif
+
+ /*
+ * Set the machine NETBIOS name if not already
+ * set from the config file.
+ */
+ if (!*global_myname)
+ {
+ fstrcpy(global_myname, dns_to_netbios_name(myhostname));
+ }
+ strupper(global_myname);
+
+ codepage_initialise(lp_client_code_page());
+
+ CatchSignal(SIGHUP,SIGNAL_CAST sig_hup);
+
+ /* Setup the signals that allow the debug log level
+ to by dynamically changed. */
+
+ /* If we are using the malloc debug code we can't use
+ SIGUSR1 and SIGUSR2 to do debug level changes. */
+
+#ifndef MEM_MAN
+#if defined(SIGUSR1)
+ CatchSignal( SIGUSR1, SIGNAL_CAST sig_usr1 );
+#endif /* SIGUSR1 */
+
+#if defined(SIGUSR2)
+ CatchSignal( SIGUSR2, SIGNAL_CAST sig_usr2 );
+#endif /* SIGUSR2 */
+#endif /* MEM_MAN */
+
+ DEBUG(3,( "loaded services\n"));
+
+ if (!is_daemon && !is_a_socket(0)) {
+ DEBUG(0,("standard input is not a socket, assuming -D option\n"));
+ is_daemon = True;
+ }
+
+ if (is_daemon) {
+ DEBUG( 3, ( "Becoming a daemon.\n" ) );
+ become_daemon();
+ }
+
+ if (!directory_exist(lp_lockdir(), NULL)) {
+ mkdir(lp_lockdir(), 0755);
+ }
+
+ if (is_daemon) {
+ pidfile_create(pipe_name);
+ }
+
+ ClientMSRPC = open_sockets(is_daemon);
+ if (ClientMSRPC == -1)
+ {
+ exit_server("open socket failed");
+ }
+
+ if (!locking_init(0))
+ exit(1);
+
+ /* possibly reload the services file. */
+ reload_services(True);
+
+ if (*lp_rootdir()) {
+ if (sys_chroot(lp_rootdir()) == 0)
+ DEBUG(2,("Changed root to %s\n", lp_rootdir()));
+ }
+
+ msrpc_service_init();
+
+ ZERO_STRUCT(static_pipe);
+ fstrcpy(static_pipe.name, pipe_name);
+ if (msrpcd_init(ClientMSRPC, &static_pipe))
+ {
+ reload_services(False);
+ msrpcd_process(ClientMSRPC, &static_pipe);
+ }
+ if (ClientMSRPC != -1)
+ {
+ close(ClientMSRPC);
+ }
+
+ exit_server("normal exit");
+ return(0);
+}
extern int DEBUGLEVEL;
time_t smb_last_time=(time_t)0;
-static struct pipes_struct static_pipe;
char *InBuffer = NULL;
char *OutBuffer = NULL;
The timeout is in milli seconds
****************************************************************************/
-static BOOL receive_message_or_smb(char *buffer, int buffer_len,
+static BOOL receive_message_or_msrpc(int c, char *buffer, int buffer_len,
int timeout, BOOL *got_smb)
{
- extern int Client;
fd_set fds;
int selrtn;
struct timeval to;
*/
FD_ZERO(&fds);
- FD_SET(Client,&fds);
+ FD_SET(c,&fds);
maxfd = 0;
to.tv_sec = timeout / 1000;
to.tv_usec = (timeout % 1000) * 1000;
- selrtn = sys_select(MAX(maxfd,Client)+1,&fds,NULL, timeout>0?&to:NULL);
+ selrtn = sys_select(MAX(maxfd,c)+1,&fds,NULL, timeout>0?&to:NULL);
/* Check if error */
if(selrtn == -1) {
return False;
}
- if (FD_ISSET(Client,&fds))
+ if (FD_ISSET(c,&fds))
{
*got_smb = True;
- return receive_smb(Client, buffer, 0);
+ return receive_smb(c, buffer, 0);
}
return False;
}
-/****************************************************************************
-Get the next SMB packet, doing the local message processing automatically.
-****************************************************************************/
-
-BOOL receive_next_smb(char *inbuf, int bufsize, int timeout)
-{
- BOOL got_smb = False;
- BOOL ret;
-
- do
- {
- ret = receive_message_or_smb(inbuf,bufsize,timeout,&got_smb);
-
- if(ret && !got_smb)
- {
- continue;
- }
-
- if(ret && (CVAL(inbuf,0) == 0x85))
- {
- /* Keepalive packet. */
- got_smb = False;
- }
-
- }
- while(ret && !got_smb);
-
- return ret;
-}
-
/*
These flags determine some of the permissions required to do an operation
/****************************************************************************
do a switch on the message type, and return the response size
****************************************************************************/
-static int do_message(char *inbuf,char *outbuf,int size,int bufsize)
+static int do_message(pipes_struct *p,
+ char *inbuf,char *outbuf,int size,int bufsize)
{
static int pid= -1;
- pipes_struct *p = &static_pipe;
prs_struct pd;
int outsize = -1;
/****************************************************************************
construct a reply to the incoming packet
****************************************************************************/
-static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
+static int construct_reply(pipes_struct *p,
+ char *inbuf,char *outbuf,int size,int bufsize)
{
int outsize = 0;
smb_last_time = time(NULL);
- outsize = do_message(inbuf,outbuf,size,bufsize) + 4;
+ outsize = do_message(p, inbuf,outbuf,size,bufsize) + 4;
if(outsize > 4)
_smb_setlen(outbuf,outsize - 4);
process an smb from the client - split out from the process() code so
it can be used by the oplock break code.
****************************************************************************/
-void process_smb(char *inbuf, char *outbuf)
+static void process_msrpc(pipes_struct *p, int c, char *inbuf, char *outbuf)
{
- extern int Client;
static int trans_num;
int32 len = smb_len(inbuf);
int nread = len + 4;
deny parameters before doing any parsing of the packet
passed to us by the client. This prevents attacks on our
parsing code from hosts not in the hosts allow list */
- if (!check_access(Client, lp_hostsallow(-1), lp_hostsdeny(-1))) {
+ if (!check_access(c, lp_hostsallow(-1), lp_hostsdeny(-1))) {
/* send a negative session response "not listining on calling
name" */
DEBUG( 1, ( "Connection denied from %s\n",
- client_addr(Client) ) );
+ client_addr(c) ) );
exit_server("connection denied");
}
}
}
#endif
- nread = construct_reply(inbuf,outbuf,nread,max_send);
+ nread = construct_reply(p, inbuf,outbuf,nread,max_send);
if(nread > 0)
{
nread, smb_len(outbuf)));
}
else
- send_smb(Client,outbuf);
+ send_smb(c,outbuf);
}
trans_num++;
}
-
-BOOL get_user_creds(struct user_creds *usr)
+/****************************************************************************
+ reads user credentials from the socket
+****************************************************************************/
+BOOL get_user_creds(int c, struct user_creds *usr)
{
pstring buf;
int rl;
uint32 len;
BOOL new_con = False;
- extern int Client;
uint32 status;
CREDS_CMD cmd;
DEBUG(10,("get_user_creds: first request\n"));
- rl = read(Client, &buf, sizeof(len));
+ rl = read(c, &buf, sizeof(len));
if (rl != sizeof(len))
{
return False;
}
- rl = read(Client, buf, len);
+ rl = read(c, buf, len);
if (rl < 0)
{
status = new_con ? 0x0 : 0x1;
- if (write(Client, &status, sizeof(status)) !=
+ if (write(c, &status, sizeof(status)) !=
sizeof(status))
{
return False;
}
/****************************************************************************
- process commands from the client
+ initialise from pipe
****************************************************************************/
-void lsarpcd_process(void)
+BOOL msrpcd_init(int c, pipes_struct *p)
{
struct user_creds usr;
gid_t *groups = NULL;
- ZERO_STRUCT(static_pipe);
-
- fstrcpy(static_pipe.name, "lsarpc");
-
- if (!get_user_creds(&usr))
+ if (!get_user_creds(c, &usr))
{
DEBUG(0,("authentication failed\n"));
free_user_creds(&usr);
- return;
+ return False;
}
if (usr.uxs.num_grps != 0)
groups = malloc(usr.uxs.num_grps * sizeof(groups[0]));
if (groups == NULL)
{
- return;
+ return False;
}
for (i = 0; i < usr.uxs.num_grps; i++)
{
}
}
- static_pipe.vuid = create_vuid(usr.uxs.uid, usr.uxs.gid,
+ p->vuid = create_vuid(usr.uxs.uid, usr.uxs.gid,
usr.uxs.num_grps, groups,
usr.uxc.user_name,
usr.uxc.requested_name,
usr.uxc.guest,
usr.ntc.pwd.sess_key);
- if (static_pipe.vuid == UID_FIELD_INVALID)
+ if (p->vuid == UID_FIELD_INVALID)
{
- return;
+ return False;
}
free_user_creds(&usr);
- become_vuser(static_pipe.vuid);
+ if (!become_vuser(p->vuid))
+ {
+ return False;
+ }
- static_pipe.l = malloc(sizeof(*static_pipe.l));
- if (static_pipe.l == NULL)
+ p->l = malloc(sizeof(*p->l));
+ if (p->l == NULL)
{
- return;
+ return False;
}
- ZERO_STRUCTP(static_pipe.l);
+ ZERO_STRUCTP(p->l);
+ return True;
+}
+
+/****************************************************************************
+ process commands from the client
+****************************************************************************/
+void msrpcd_process(int c, pipes_struct *p)
+{
InBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
OutBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
if ((InBuffer == NULL) || (OutBuffer == NULL))
errno = 0;
for (counter=SMBD_SELECT_LOOP;
- !receive_message_or_smb(InBuffer,BUFFER_SIZE,
+ !receive_message_or_msrpc(c, InBuffer,BUFFER_SIZE,
SMBD_SELECT_LOOP*1000,&got_smb);
counter += SMBD_SELECT_LOOP)
{
t = time(NULL);
- /* become root again if waiting */
- unbecome_vuser();
-
/* check for smb.conf reload */
if (counter >= service_load_counter + SMBD_RELOAD_CHECK)
{
}
if(got_smb)
- process_smb(InBuffer, OutBuffer);
+ process_msrpc(p, c, InBuffer, OutBuffer);
}
}
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ Main SMB server routines
+ Copyright (C) Andrew Tridgell 1992-1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+fstring pipe_name;
+
+pstring servicesf = CONFIGFILE;
+extern pstring debugf;
+extern BOOL append_log;
+extern int DEBUGLEVEL;
+
+/*************************************************************************
+ initialise an msrpc service
+ *************************************************************************/
+void msrpc_service_init(void)
+{
+ if (!pwdb_initialise(True))
+ {
+ exit(-1);
+ }
+
+ if(!initialise_sam_password_db())
+ {
+ exit(-1);
+ }
+
+ if(!initialise_passgrp_db())
+ {
+ exit(-1);
+ }
+
+ if(!initialise_group_db())
+ {
+ exit(-1);
+ }
+
+ if(!initialise_alias_db())
+ {
+ exit(-1);
+ }
+
+ if(!initialise_builtin_db())
+ {
+ exit(-1);
+ }
+
+ if (!get_member_domain_sid())
+ {
+ DEBUG(0,("ERROR: Samba cannot obtain PDC SID from PDC(s) %s.\n",
+ lp_passwordserver()));
+ exit(-1);
+ }
+}
+
+/****************************************************************************
+ reload the services file
+ **************************************************************************/
+BOOL reload_services(BOOL test)
+{
+ BOOL ret;
+
+ if (lp_loaded()) {
+ pstring fname;
+ pstrcpy(fname,lp_configfile());
+ if (file_exist(fname,NULL) && !strcsequal(fname,servicesf)) {
+ pstrcpy(servicesf,fname);
+ test = False;
+ }
+ }
+
+ reopen_logs();
+
+ if (test && !lp_file_list_changed())
+ return(True);
+
+ lp_killunused(NULL);
+
+ ret = lp_load(servicesf,False,False,True);
+
+ /* perhaps the config filename is now set */
+ if (!test)
+ reload_services(True);
+
+ reopen_logs();
+
+ load_interfaces();
+
+ return(ret);
+}
+
+/****************************************************************************
+ main program
+****************************************************************************/
+ int main(int argc,char *argv[])
+{
+#ifdef HAVE_SET_AUTH_PARAMETERS
+ set_auth_parameters(argc,argv);
+#endif
+
+#ifdef HAVE_SETLUID
+ /* needed for SecureWare on SCO */
+ setluid(0);
+#endif
+
+ append_log = True;
+
+ TimeInit();
+
+ setup_logging(argv[0],False);
+ fstrcpy(pipe_name, "NETLOGON");
+ slprintf(debugf, sizeof(debugf), "%s/log.%s", LOGFILEBASE, pipe_name);
+ add_msrpc_command_processor( pipe_name, argv[0], api_netlog_rpc );
+
+ return msrpc_main(argc, argv);
+}
* Get the trust account password.
*/
if(!trust_password_lock( domain, myname, False)) {
- DEBUG(0,("domain_client_validate: unable to open the trust account password file for \
+ DEBUG(0,("trust_get_passwd: unable to open the trust account password file for \
trust %s in domain %s.\n", myname, domain ));
return False;
}
if(get_trust_account_password( trust_passwd, &lct) == False) {
- DEBUG(0,("domain_client_validate: unable to read the trust account password for \
+ DEBUG(0,("trust_get_passwd: unable to read the trust account password for \
trust %s in domain %s.\n", myname, domain ));
trust_password_unlock();
return False;
con->pipe_name = strdup(pipe_name);
}
- con->cli = cli_net_use_add(srv_name, usr_creds, False, reuse);
+ con->cli = cli_net_use_add(srv_name, usr_creds, True, reuse);
if (con->cli == NULL)
{
DEBUG(5,("SPOOLSS Enum Printers (Server: %s level: %d)\n",
srv_name, level));
- make_spoolss_q_enumprinters(&q_o, flags, srv_name, level, 0x50);
+ make_spoolss_q_enumprinters(&q_o, flags, srv_name, level, 0x200);
/* turn parameters into data stream */
spoolss_io_q_enumprinters("", &q_o, &buf, 0);
PRINTER_INFO_1 *info1;
PRINTER_INFO_2 *info2;
+ fstring tmp;
- prs_debug(ps, depth, desc, "spoolss_io_r_enumprinters");
+ slprintf(tmp, sizeof(tmp)-1, "spoolss_io_r_enumprinters %d", r_u->level);
+
+ prs_debug(ps, depth, desc, tmp);
depth++;
prs_align(ps);
prs_uint32("pointer", ps, depth, &useless_ptr);
********************************************************************/
BOOL api_brs_rpc(rpcsrv_struct *p, prs_struct *data)
{
- return api_rpcTNP(p, "api_brssvc_rpc", api_brs_cmds, data);
+ return api_rpcTNP(p, "api_brs_rpc", api_brs_cmds, data);
}
return True;
}
+ if (strequal(mach_name, global_myname))
+ {
+ DEBUG(0,("get_md4pw: *** LOOPBACK DETECTED - USING NULL KEY ***\n"));
+ memset(md4pw, 0, 16);
+ return True;
+ }
+
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
return False;
}
size_t wks_len;
BOOL anonymous = False;
- struct smb_passwd *smb_pass = NULL;
-
memset(null_pwd, 0, sizeof(null_pwd));
DEBUG(5,("api_pipe_ntlmssp_verify: checking user details\n"));
else
{
DEBUG(5,("user: %s domain: %s wks: %s\n", l->user_name, l->domain, l->wks));
- become_root(True);
- smb_pass = getsmbpwnam(l->user_name);
- l->ntlmssp_validated = pass_check_smb(smb_pass, l->domain,
+ become_root(False);
+ l->ntlmssp_validated = check_domain_security(l->user_name, l->domain,
(uchar*)l->ntlmssp_chal.challenge,
lm_owf, lm_owf_len,
nt_owf, nt_owf_len,
- NULL, l->user_sess_key);
- unbecome_root(True);
-
- if (smb_pass != NULL)
- {
- pwd = smb_pass->smb_passwd;
- }
+ l->user_sess_key);
+ unbecome_root(False);
}
if (l->ntlmssp_validated && pwd != NULL)
}
-#if 0
-{
- { "lsarpc", "lsass", api_ntlsa_rpc },
- { "samr", "lsass", api_samr_rpc },
- { "srvsvc", "ntsvcs", api_srvsvc_rpc },
- { "wkssvc", "ntsvcs", api_wkssvc_rpc },
- { "browser", "ntsvcs", api_brs_rpc },
- { "svcctl", "ntsvcs", api_svcctl_rpc },
- { "NETLOGON", "lsass", api_netlog_rpc },
- { "winreg", "winreg", api_reg_rpc },
- { "spoolss", "spoolss", api_spoolss_rpc },
- { NULL, NULL, NULL }
-};
-#endif
void close_msrpc_command_processor(void)
{
DEBUG(5,("open pipes: name %s pnum=%x\n", p->name, p->pnum));
}
- if (strequal(pipe_name, "lsarpc"))
+ m = msrpc_use_add(pipe_name, &usr, False);
+ if (m == NULL)
{
- m = msrpc_use_add(pipe_name, &usr, False);
- if (m == NULL)
- {
- DEBUG(5,("open pipes: msrpc redirect failed\n"));
- return NULL;
- }
+ DEBUG(5,("open pipes: msrpc redirect failed\n"));
+ return NULL;
+ }
+#if 0
}
else
{
memcpy(l->user_sess_key, vuser->user_sess_key,
sizeof(l->user_sess_key));
}
+#endif
p = (pipes_struct *)malloc(sizeof(*p));
if (!p) return NULL;
{
BOOL res = True;
BOOL res1 = True;
+ BOOL res2 = True;
POLICY_HND key_pol;
POLICY_HND pol_con;
}
/* query it */
- res1 = res1 ? reg_query_info(&key_pol,
+ res2 = res1 ? reg_query_info(&key_pol,
val_name, &type, &buf) : False;
- if (res1)
+ if (res2)
{
reg_display_val_info(full_keyname, val_name, type, &buf);
}
}
res = res ? reg_close(&pol_con) : False;
- if (res && res1)
+ if (res2)
{
DEBUG(5,("cmd_reg_query: query succeeded\n"));
}
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ Main SMB server routines
+ Copyright (C) Andrew Tridgell 1992-1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+fstring pipe_name;
+
+pstring servicesf = CONFIGFILE;
+extern pstring debugf;
+extern BOOL append_log;
+extern int DEBUGLEVEL;
+
+/*************************************************************************
+ initialise an msrpc service
+ *************************************************************************/
+void msrpc_service_init(void)
+{
+ if (!pwdb_initialise(True))
+ {
+ exit(-1);
+ }
+
+ if(!initialise_sam_password_db())
+ {
+ exit(-1);
+ }
+
+ if(!initialise_passgrp_db())
+ {
+ exit(-1);
+ }
+
+ if(!initialise_group_db())
+ {
+ exit(-1);
+ }
+
+ if(!initialise_alias_db())
+ {
+ exit(-1);
+ }
+
+ if(!initialise_builtin_db())
+ {
+ exit(-1);
+ }
+
+ if (!get_member_domain_sid())
+ {
+ DEBUG(0,("ERROR: Samba cannot obtain PDC SID from PDC(s) %s.\n",
+ lp_passwordserver()));
+ exit(-1);
+ }
+}
+
+/****************************************************************************
+ reload the services file
+ **************************************************************************/
+BOOL reload_services(BOOL test)
+{
+ BOOL ret;
+
+ if (lp_loaded()) {
+ pstring fname;
+ pstrcpy(fname,lp_configfile());
+ if (file_exist(fname,NULL) && !strcsequal(fname,servicesf)) {
+ pstrcpy(servicesf,fname);
+ test = False;
+ }
+ }
+
+ reopen_logs();
+
+ if (test && !lp_file_list_changed())
+ return(True);
+
+ lp_killunused(NULL);
+
+ ret = lp_load(servicesf,False,False,True);
+
+ /* perhaps the config filename is now set */
+ if (!test)
+ reload_services(True);
+
+ reopen_logs();
+
+ load_interfaces();
+
+ return(ret);
+}
+
+/****************************************************************************
+ main program
+****************************************************************************/
+ int main(int argc,char *argv[])
+{
+#ifdef HAVE_SET_AUTH_PARAMETERS
+ set_auth_parameters(argc,argv);
+#endif
+
+#ifdef HAVE_SETLUID
+ /* needed for SecureWare on SCO */
+ setluid(0);
+#endif
+
+ append_log = True;
+
+ TimeInit();
+
+ setup_logging(argv[0],False);
+ fstrcpy(pipe_name, "samr");
+ slprintf(debugf, sizeof(debugf), "%s/log.%s", LOGFILEBASE, pipe_name);
+ add_msrpc_command_processor( pipe_name, argv[0], api_samr_rpc );
+
+ return msrpc_main(argc, argv);
+}
return(True);
}
-/***********************************************************************
- Do the same as security=server, but using NT Domain calls and a session
- key from the workstation trust account password.
-************************************************************************/
-
-BOOL domain_client_validate( char *user, char *domain,
- char *acct_name, uint16 acct_type,
- char *smb_apasswd, int smb_apasslen,
- char *smb_ntpasswd, int smb_ntpasslen,
- uchar user_sess_key[16])
-{
- unsigned char local_challenge[8];
- unsigned char local_lm_response[24];
- unsigned char local_nt_reponse[24];
- unsigned char trust_passwd[16];
- NET_ID_INFO_CTR ctr;
- NET_USER_INFO_3 info3;
- uint32 smb_uid_low;
- fstring trust_acct;
- fstring srv_name;
-
- fstrcpy(trust_acct, acct_name);
- fstrcat(trust_acct, "$");
-
- /*
- * Check that the requested domain is not our own machine name.
- * If it is, we should never check the PDC here, we use our own local
- * password file.
- */
-
- if(strequal( domain, global_myname))
- {
- DEBUG(3,("domain_client_validate: Requested domain was for this machine.\n"));
- return False;
- }
-
- if (!get_any_dc_name(domain, srv_name))
- {
- DEBUG(3,("domain_client_validate: could not find domain %s\n",
- domain));
- return False;
- }
-
- /*
- * Next, check that the passwords given were encrypted.
- */
-
- if(((smb_apasslen != 24) && (smb_apasslen != 0)) ||
- ((smb_ntpasslen <= 24) && (smb_ntpasslen != 0)))
- {
- /*
- * Not encrypted - do so.
- */
-
- DEBUG(3,("domain_client_validate: User passwords not in encrypted format.\n"));
- generate_random_buffer( local_challenge, 8, False);
- SMBencrypt( (uchar *)smb_apasswd, local_challenge, local_lm_response);
- SMBNTencrypt((uchar *)smb_ntpasswd, local_challenge, local_nt_reponse);
- smb_apasslen = 24;
- smb_ntpasslen = 24;
- smb_apasswd = (char *)local_lm_response;
- smb_ntpasswd = (char *)local_nt_reponse;
- }
- else
- {
- /*
- * Encrypted - get the challenge we sent for these
- * responses.
- */
-
- if (!last_challenge(local_challenge))
- {
- DEBUG(0,("domain_client_validate: no challenge done - password failed\n"));
- return False;
- }
- }
-
- /*
- * Get the workstation trust account password.
- */
- if (!trust_get_passwd( trust_passwd, domain, acct_name))
- {
- return False;
- }
-
- /*
- * At this point, smb_apasswd points to the lanman response to
- * the challenge in local_challenge, and smb_ntpasswd points to
- * the NT response to the challenge in local_challenge. Ship
- * these over the secure channel to a domain controller and
- * see if they were valid.
- */
-
- /*
- * Ok - we have an anonymous connection to the IPC$ share.
- * Now start the NT Domain stuff :-).
- */
-
- if(cli_nt_setup_creds(srv_name, global_myname, trust_acct,
- trust_passwd, acct_type) != 0x0)
- {
- DEBUG(0,("domain_client_validate: unable to setup the PDC credentials to machine \
- %s.\n", srv_name));
- return False;
- }
-
- /* We really don't care what LUID we give the user. */
- generate_random_buffer( (unsigned char *)&smb_uid_low, 4, False);
-
- if (!cli_nt_login_network(srv_name, global_myname,
- domain, user,
- smb_uid_low, (char *)local_challenge,
- ((smb_apasslen != 0) ? smb_apasswd : NULL),
- ((smb_ntpasslen != 0) ? smb_ntpasswd : NULL),
- &ctr, &info3))
- {
- DEBUG(0,("domain_client_validate: unable to validate password for user %s in domain \
- %s to Domain controller %s.\n", user, domain, srv_name));
- return False;
- }
-
- /*
- * Here, if we really want it, we have lots of info about the user in info3.
- * LKCLXXXX - really important to check things like "is this user acct
- * locked out / disabled" etc!!!!
- */
-
- return True;
-}
smb_ntpasswd, smb_ntpasslen);
}
-/****************************************************************************
- Check for a valid username and password in security=domain mode.
-****************************************************************************/
-
-static BOOL check_domain_security(char *orig_user, char *domain,
- char *smb_apasswd, int smb_apasslen,
- char *smb_ntpasswd, int smb_ntpasslen,
- uchar user_sess_key[16])
-{
- fstring acct_name;
- uint16 acct_type = 0;
-
- if (lp_security() == SEC_SHARE || lp_security() == SEC_SERVER)
- {
- return False;
- }
-
- if (lp_security() == SEC_DOMAIN && strequal(domain, global_myworkgroup))
- {
- fstrcpy(acct_name, global_myname);
- acct_type = SEC_CHAN_WKSTA;
- }
- else
- {
- fstrcpy(acct_name, global_myworkgroup);
- acct_type = SEC_CHAN_DOMAIN;
- }
-
- return domain_client_validate(orig_user, domain,
- acct_name, acct_type,
- smb_apasswd, smb_apasslen,
- smb_ntpasswd, smb_ntpasslen,
- user_sess_key);
-}
-
/****************************************************************************
reply to a session setup command
****************************************************************************/
static BOOL done_sesssetup = False;
BOOL doencrypt = SMBENCRYPT();
char *domain = "";
+ uchar last_chal[8];
*smb_apasswd = 0;
*smb_ntpasswd = 0;
!check_server_security(orig_user, domain,
smb_apasswd, smb_apasslen,
smb_ntpasswd, smb_ntpasslen) &&
+ !last_challenge(last_chal) &&
!check_domain_security(orig_user, domain,
+ last_chal,
smb_apasswd, smb_apasslen,
smb_ntpasswd, smb_ntpasslen, user_sess_key) &&
!check_hosts_equiv(user)
{
exit_server("could not allocate policy handles\n");
}
- init_printer_hnd(); /* for SPOOLSS handles */
init_dptrs();
init_dfs_table();
}
}
#endif /* WITH_SSL */
- start_msrpc_agent("lsarpc");
- add_msrpc_command_processor( "samr", "lsass", api_samr_rpc );
- add_msrpc_command_processor( "srvsvc", "ntsvcs", api_srvsvc_rpc );
- add_msrpc_command_processor( "wkssvc", "ntsvcs", api_wkssvc_rpc );
- add_msrpc_command_processor( "browser", "ntsvcs", api_brs_rpc );
- add_msrpc_command_processor( "svcctl", "ntsvcs", api_svcctl_rpc );
- add_msrpc_command_processor( "NETLOGON", "lsass", api_netlog_rpc );
- add_msrpc_command_processor( "winreg", "winreg", api_reg_rpc );
- add_msrpc_command_processor( "spoolss", "spoolss", api_spoolss_rpc );
-
codepage_initialise(lp_client_code_page());
if (!pwdb_initialise(True))
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ Main SMB server routines
+ Copyright (C) Andrew Tridgell 1992-1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+fstring pipe_name;
+
+pstring servicesf = CONFIGFILE;
+extern pstring debugf;
+extern BOOL append_log;
+
+/*************************************************************************
+ initialise an msrpc service
+ *************************************************************************/
+void msrpc_service_init(void)
+{
+ init_printer_hnd(); /* for SPOOLSS handles */
+}
+
+/****************************************************************************
+ reload the services file
+ **************************************************************************/
+BOOL reload_services(BOOL test)
+{
+ BOOL ret;
+
+ if (lp_loaded()) {
+ pstring fname;
+ pstrcpy(fname,lp_configfile());
+ if (file_exist(fname,NULL) && !strcsequal(fname,servicesf)) {
+ pstrcpy(servicesf,fname);
+ test = False;
+ }
+ }
+
+ reopen_logs();
+
+ if (test && !lp_file_list_changed())
+ return(True);
+
+ lp_killunused(NULL);
+
+ ret = lp_load(servicesf,False,False,True);
+
+ load_printers();
+
+ /* perhaps the config filename is now set */
+ if (!test)
+ reload_services(True);
+
+ reopen_logs();
+
+ load_interfaces();
+
+ return(ret);
+}
+
+/****************************************************************************
+ main program
+****************************************************************************/
+ int main(int argc,char *argv[])
+{
+#ifdef HAVE_SET_AUTH_PARAMETERS
+ set_auth_parameters(argc,argv);
+#endif
+
+#ifdef HAVE_SETLUID
+ /* needed for SecureWare on SCO */
+ setluid(0);
+#endif
+
+ append_log = True;
+
+ TimeInit();
+
+ setup_logging(argv[0],False);
+ fstrcpy(pipe_name, "spoolss");
+ slprintf(debugf, sizeof(debugf), "%s/log.%s", LOGFILEBASE, pipe_name);
+ add_msrpc_command_processor( pipe_name, argv[0], api_spoolss_rpc );
+
+ return msrpc_main(argc, argv);
+}
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ Main SMB server routines
+ Copyright (C) Andrew Tridgell 1992-1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+fstring pipe_name;
+
+pstring servicesf = CONFIGFILE;
+extern pstring debugf;
+extern BOOL append_log;
+
+/*************************************************************************
+ initialise an msrpc service
+ *************************************************************************/
+void msrpc_service_init(void)
+{
+}
+
+/****************************************************************************
+ reload the services file
+ **************************************************************************/
+BOOL reload_services(BOOL test)
+{
+ BOOL ret;
+
+ if (lp_loaded()) {
+ pstring fname;
+ pstrcpy(fname,lp_configfile());
+ if (file_exist(fname,NULL) && !strcsequal(fname,servicesf)) {
+ pstrcpy(servicesf,fname);
+ test = False;
+ }
+ }
+
+ reopen_logs();
+
+ if (test && !lp_file_list_changed())
+ return(True);
+
+ lp_killunused(NULL);
+
+ ret = lp_load(servicesf,False,False,True);
+
+ /* perhaps the config filename is now set */
+ if (!test)
+ reload_services(True);
+
+ reopen_logs();
+
+ load_interfaces();
+
+ return(ret);
+}
+
+/****************************************************************************
+ main program
+****************************************************************************/
+ int main(int argc,char *argv[])
+{
+#ifdef HAVE_SET_AUTH_PARAMETERS
+ set_auth_parameters(argc,argv);
+#endif
+
+#ifdef HAVE_SETLUID
+ /* needed for SecureWare on SCO */
+ setluid(0);
+#endif
+
+ append_log = True;
+
+ TimeInit();
+
+ setup_logging(argv[0],False);
+ fstrcpy(pipe_name, "srvsvc");
+ slprintf(debugf, sizeof(debugf), "%s/log.%s", LOGFILEBASE, pipe_name);
+ add_msrpc_command_processor( pipe_name, argv[0], api_srvsvc_rpc );
+
+ return msrpc_main(argc, argv);
+}
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ Main SMB server routines
+ Copyright (C) Andrew Tridgell 1992-1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+fstring pipe_name;
+
+pstring servicesf = CONFIGFILE;
+extern pstring debugf;
+extern BOOL append_log;
+
+/*************************************************************************
+ initialise an msrpc service
+ *************************************************************************/
+void msrpc_service_init(void)
+{
+}
+
+/****************************************************************************
+ reload the services file
+ **************************************************************************/
+BOOL reload_services(BOOL test)
+{
+ BOOL ret;
+
+ if (lp_loaded()) {
+ pstring fname;
+ pstrcpy(fname,lp_configfile());
+ if (file_exist(fname,NULL) && !strcsequal(fname,servicesf)) {
+ pstrcpy(servicesf,fname);
+ test = False;
+ }
+ }
+
+ reopen_logs();
+
+ if (test && !lp_file_list_changed())
+ return(True);
+
+ lp_killunused(NULL);
+
+ ret = lp_load(servicesf,False,False,True);
+
+ /* perhaps the config filename is now set */
+ if (!test)
+ reload_services(True);
+
+ reopen_logs();
+
+ load_interfaces();
+
+ return(ret);
+}
+
+/****************************************************************************
+ main program
+****************************************************************************/
+ int main(int argc,char *argv[])
+{
+#ifdef HAVE_SET_AUTH_PARAMETERS
+ set_auth_parameters(argc,argv);
+#endif
+
+#ifdef HAVE_SETLUID
+ /* needed for SecureWare on SCO */
+ setluid(0);
+#endif
+
+ append_log = True;
+
+ TimeInit();
+
+ setup_logging(argv[0],False);
+ fstrcpy(pipe_name, "svcctl");
+ slprintf(debugf, sizeof(debugf), "%s/log.%s", LOGFILEBASE, pipe_name);
+ add_msrpc_command_processor( pipe_name, argv[0], api_svcctl_rpc );
+
+ return msrpc_main(argc, argv);
+}
load_interfaces();
- init_policy_hnd(64);
-
if(!pwdb_initialise(False))
{
fprintf(stderr, "Can't setup password database vectors.\n");
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ Main SMB server routines
+ Copyright (C) Andrew Tridgell 1992-1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+fstring pipe_name;
+
+pstring servicesf = CONFIGFILE;
+extern pstring debugf;
+extern BOOL append_log;
+
+/*************************************************************************
+ initialise an msrpc service
+ *************************************************************************/
+void msrpc_service_init(void)
+{
+}
+
+/****************************************************************************
+ reload the services file
+ **************************************************************************/
+BOOL reload_services(BOOL test)
+{
+ BOOL ret;
+
+ if (lp_loaded()) {
+ pstring fname;
+ pstrcpy(fname,lp_configfile());
+ if (file_exist(fname,NULL) && !strcsequal(fname,servicesf)) {
+ pstrcpy(servicesf,fname);
+ test = False;
+ }
+ }
+
+ reopen_logs();
+
+ if (test && !lp_file_list_changed())
+ return(True);
+
+ lp_killunused(NULL);
+
+ ret = lp_load(servicesf,False,False,True);
+
+ /* perhaps the config filename is now set */
+ if (!test)
+ reload_services(True);
+
+ reopen_logs();
+
+ load_interfaces();
+
+ return(ret);
+}
+
+/****************************************************************************
+ main program
+****************************************************************************/
+ int main(int argc,char *argv[])
+{
+#ifdef HAVE_SET_AUTH_PARAMETERS
+ set_auth_parameters(argc,argv);
+#endif
+
+#ifdef HAVE_SETLUID
+ /* needed for SecureWare on SCO */
+ setluid(0);
+#endif
+
+ append_log = True;
+
+ TimeInit();
+
+ setup_logging(argv[0],False);
+ fstrcpy(pipe_name, "winreg");
+ slprintf(debugf, sizeof(debugf), "%s/log.%s", LOGFILEBASE, pipe_name);
+ add_msrpc_command_processor( pipe_name, argv[0], api_reg_rpc );
+
+ return msrpc_main(argc, argv);
+}
--- /dev/null
+/*
+ Unix SMB/Netbios implementation.
+ Version 1.9.
+ Main SMB server routines
+ Copyright (C) Andrew Tridgell 1992-1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+fstring pipe_name;
+
+pstring servicesf = CONFIGFILE;
+extern pstring debugf;
+extern BOOL append_log;
+
+/*************************************************************************
+ initialise an msrpc service
+ *************************************************************************/
+void msrpc_service_init(void)
+{
+}
+
+/****************************************************************************
+ reload the services file
+ **************************************************************************/
+BOOL reload_services(BOOL test)
+{
+ BOOL ret;
+
+ if (lp_loaded()) {
+ pstring fname;
+ pstrcpy(fname,lp_configfile());
+ if (file_exist(fname,NULL) && !strcsequal(fname,servicesf)) {
+ pstrcpy(servicesf,fname);
+ test = False;
+ }
+ }
+
+ reopen_logs();
+
+ if (test && !lp_file_list_changed())
+ return(True);
+
+ lp_killunused(NULL);
+
+ ret = lp_load(servicesf,False,False,True);
+
+ /* perhaps the config filename is now set */
+ if (!test)
+ reload_services(True);
+
+ reopen_logs();
+
+ load_interfaces();
+
+ return(ret);
+}
+
+/****************************************************************************
+ main program
+****************************************************************************/
+ int main(int argc,char *argv[])
+{
+#ifdef HAVE_SET_AUTH_PARAMETERS
+ set_auth_parameters(argc,argv);
+#endif
+
+#ifdef HAVE_SETLUID
+ /* needed for SecureWare on SCO */
+ setluid(0);
+#endif
+
+ append_log = True;
+
+ TimeInit();
+
+ setup_logging(argv[0],False);
+ fstrcpy(pipe_name, "wkssvc");
+ slprintf(debugf, sizeof(debugf), "%s/log.%s", LOGFILEBASE, pipe_name);
+ add_msrpc_command_processor( pipe_name, argv[0], api_wkssvc_rpc );
+
+ return msrpc_main(argc, argv);
+}
git.samba.org / kai / samba-autobuild / .git / commitdiff