1997-12-13 14:16:07 +00:00
/*
Unix SMB / Netbios implementation .
Version 1.9 .
NBT netbios routines and daemon - version 2
1998-01-22 13:27:43 +00:00
Copyright ( C ) Andrew Tridgell 1994 - 1998
Copyright ( C ) Luke Kenneth Casson Leighton 1994 - 1998
Copyright ( C ) Jeremy Allison 1994 - 1998
1997-12-13 14:16:07 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 675 Mass Ave , Cambridge , MA 0213 9 , USA .
Revision History :
*/
# include "includes.h"
1998-04-25 01:12:08 +00:00
extern pstring global_myname ;
extern fstring global_myworkgroup ;
1997-12-13 14:16:07 +00:00
2001-08-24 19:28:08 +00:00
struct sam_database_info {
uint32 index ;
uint32 serial_lo , serial_hi ;
uint32 date_lo , date_hi ;
} ;
/****************************************************************************
2001-08-28 06:08:31 +00:00
Send a message to smbd to do a sam delta sync
2001-08-24 19:28:08 +00:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2001-08-28 06:08:31 +00:00
static void send_repl_message ( uint32 low_serial )
2001-08-24 19:28:08 +00:00
{
2001-08-28 06:08:31 +00:00
TDB_CONTEXT * tdb ;
tdb = tdb_open_log ( lock_path ( " connections.tdb " ) , 0 ,
2001-09-06 22:08:19 +00:00
TDB_DEFAULT , O_RDONLY , 0 ) ;
2001-08-28 06:08:31 +00:00
if ( ! tdb ) {
DEBUG ( 3 , ( " send_repl_message(): failed to open connections "
" database \n " ) ) ;
return ;
}
DEBUG ( 3 , ( " sending replication message, serial = 0x%04x \n " ,
low_serial ) ) ;
message_send_all ( tdb , MSG_SMB_SAM_REPL , & low_serial ,
sizeof ( low_serial ) , False ) ;
tdb_close ( tdb ) ;
2001-08-24 19:28:08 +00:00
}
1997-12-13 14:16:07 +00:00
/****************************************************************************
Process a domain logon packet
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
void process_logon_packet ( struct packet_struct * p , char * buf , int len ,
char * mailslot )
{
struct dgram_packet * dgram = & p - > packet . dgram ;
pstring my_name ;
fstring reply_name ;
pstring outbuf ;
1998-09-28 21:43:48 +00:00
int code ;
1997-12-13 14:16:07 +00:00
uint16 token = 0 ;
2000-02-22 21:00:01 +00:00
uint32 ntversion = 0 ;
uint16 lmnttoken = 0 ;
uint16 lm20token = 0 ;
1997-12-13 14:16:07 +00:00
uint32 domainsidsize ;
2000-02-23 02:02:33 +00:00
BOOL short_request = False ;
1997-12-13 14:16:07 +00:00
char * getdc ;
char * uniuser ; /* Unicode user name. */
1999-12-13 13:27:58 +00:00
pstring ascuser ;
1997-12-13 14:16:07 +00:00
char * unicomp ; /* Unicode computer name. */
1998-10-21 01:35:01 +00:00
memset ( outbuf , 0 , sizeof ( outbuf ) ) ;
1997-12-13 14:16:07 +00:00
if ( ! lp_domain_logons ( ) )
{
1997-12-16 09:20:34 +00:00
DEBUG ( 3 , ( " process_logon_packet: Logon packet received from IP %s and domain \
1997-12-13 14:16:07 +00:00
logons are not enabled . \ n " , inet_ntoa(p->ip) ));
return ;
}
1998-05-12 00:55:32 +00:00
pstrcpy ( my_name , global_myname ) ;
1997-12-13 14:16:07 +00:00
strupper ( my_name ) ;
code = SVAL ( buf , 0 ) ;
2000-04-22 00:33:16 +00:00
DEBUG ( 1 , ( " process_logon_packet: Logon from %s: code = 0x%x \n " , inet_ntoa ( p - > ip ) , code ) ) ;
1997-12-13 14:16:07 +00:00
switch ( code )
{
case 0 :
{
char * q = buf + 2 ;
char * machine = q ;
char * user = skip_string ( machine , 1 ) ;
getdc = skip_string ( user , 1 ) ;
q = skip_string ( getdc , 1 ) ;
token = SVAL ( q , 3 ) ;
1998-05-12 00:55:32 +00:00
fstrcpy ( reply_name , my_name ) ;
1997-12-13 14:16:07 +00:00
DEBUG ( 3 , ( " process_logon_packet: Domain login request from %s at IP %s user=%s token=%x \n " ,
machine , inet_ntoa ( p - > ip ) , user , token ) ) ;
q = outbuf ;
1998-09-29 17:16:15 +00:00
SSVAL ( q , 0 , 6 ) ;
q + = 2 ;
1997-12-13 14:16:07 +00:00
1998-05-12 00:55:32 +00:00
fstrcpy ( reply_name , " \\ \\ " ) ;
fstrcat ( reply_name , my_name ) ;
fstrcpy ( q , reply_name ) ; q = skip_string ( q , 1 ) ; /* PDC name */
1997-12-13 14:16:07 +00:00
1998-09-29 17:16:15 +00:00
SSVAL ( q , 0 , token ) ;
q + = 2 ;
1997-12-13 14:16:07 +00:00
dump_data ( 4 , outbuf , PTR_DIFF ( q , outbuf ) ) ;
send_mailslot ( True , getdc ,
outbuf , PTR_DIFF ( q , outbuf ) ,
2000-04-18 03:34:27 +00:00
global_myname , 0x0 ,
2001-03-15 00:49:13 +00:00
machine ,
1997-12-13 14:16:07 +00:00
dgram - > source_name . name_type ,
1998-08-30 17:04:24 +00:00
p - > ip , * iface_ip ( p - > ip ) , p - > port ) ;
1997-12-13 14:16:07 +00:00
break ;
}
case QUERYFORPDC :
{
char * q = buf + 2 ;
char * machine = q ;
2001-09-26 16:47:02 +00:00
if ( ! lp_domain_master ( ) )
{
/* We're not Primary Domain Controller -- ignore this */
2001-09-27 16:28:50 +00:00
return ;
2001-09-26 16:47:02 +00:00
}
1997-12-13 14:16:07 +00:00
getdc = skip_string ( machine , 1 ) ;
2000-04-11 14:11:14 +00:00
q = skip_string ( getdc , 1 ) ;
2000-04-11 19:44:54 +00:00
q = ALIGN2 ( q , buf ) ;
1997-12-13 14:16:07 +00:00
2000-03-27 12:19:58 +00:00
/* at this point we can work out if this is a W9X or NT style
request . Experiments show that the difference is wether the
packet ends here . For a W9X request we now end with a pair of
bytes ( usually 0xFE 0xFF ) whereas with NT we have two further
strings - the following is a simple way of detecting this */
2000-04-11 14:11:14 +00:00
if ( len - PTR_DIFF ( q , buf ) < = 3 ) {
2000-03-27 12:19:58 +00:00
short_request = True ;
} else {
2000-04-11 14:11:14 +00:00
unicomp = q ;
2000-03-27 12:19:58 +00:00
/* A full length (NT style) request */
2000-04-11 14:11:14 +00:00
q = skip_unibuf ( unicomp , PTR_DIFF ( buf + len , unicomp ) ) ;
2000-03-27 12:19:58 +00:00
if ( len - PTR_DIFF ( q , buf ) > 8 ) {
/* with NT5 clients we can sometimes
get additional data - a length specificed string
containing the domain name , then 16 bytes of
data ( no idea what it is ) */
int dom_len = CVAL ( q , 0 ) ;
q + + ;
if ( dom_len ! = 0 ) {
q + = dom_len + 1 ;
}
q + = 16 ;
}
ntversion = IVAL ( q , 0 ) ;
lmnttoken = SVAL ( q , 4 ) ;
lm20token = SVAL ( q , 6 ) ;
2000-02-22 21:00:01 +00:00
}
1997-12-13 14:16:07 +00:00
/* Construct reply. */
q = outbuf ;
1998-09-29 17:16:15 +00:00
SSVAL ( q , 0 , QUERYFORPDC_R ) ;
q + = 2 ;
1997-12-13 14:16:07 +00:00
1998-05-12 00:55:32 +00:00
fstrcpy ( reply_name , my_name ) ;
1998-09-29 17:16:15 +00:00
fstrcpy ( q , reply_name ) ;
q = skip_string ( q , 1 ) ; /* PDC name */
1997-12-13 14:16:07 +00:00
2000-02-22 21:00:01 +00:00
/* PDC and domain name */
if ( ! short_request ) /* Make a full reply */
{
2000-05-02 23:56:24 +00:00
q = ALIGN2 ( q , outbuf ) ;
1999-08-08 04:51:13 +00:00
2000-03-27 12:38:45 +00:00
q + = dos_PutUniCode ( q , my_name , sizeof ( pstring ) , True ) ; /* PDC name */
q + = dos_PutUniCode ( q , global_myworkgroup , sizeof ( pstring ) , True ) ; /* Domain name*/
2000-04-11 14:11:14 +00:00
SIVAL ( q , 0 , 1 ) ; /* our nt version */
SSVAL ( q , 4 , 0xffff ) ; /* our lmnttoken */
SSVAL ( q , 6 , 0xffff ) ; /* our lm20token */
2000-03-27 12:19:58 +00:00
q + = 8 ;
1999-08-08 04:51:13 +00:00
}
1997-12-13 14:16:07 +00:00
2000-02-22 21:00:01 +00:00
/* RJS, 21-Feb-2000, we send a short reply if the request was short */
1997-12-13 14:16:07 +00:00
DEBUG ( 3 , ( " process_logon_packet: GETDC request from %s at IP %s, \
reporting % s domain % s 0 x % x ntversion = % x lm_nt token = % x lm_20 token = % x \ n " ,
2000-04-18 03:34:27 +00:00
machine , inet_ntoa ( p - > ip ) , reply_name , global_myworkgroup ,
1997-12-13 14:16:07 +00:00
QUERYFORPDC_R , ( uint32 ) ntversion , ( uint32 ) lmnttoken ,
( uint32 ) lm20token ) ) ;
dump_data ( 4 , outbuf , PTR_DIFF ( q , outbuf ) ) ;
send_mailslot ( True , getdc ,
outbuf , PTR_DIFF ( q , outbuf ) ,
2000-04-18 03:34:27 +00:00
global_myname , 0x0 ,
1999-12-13 13:27:58 +00:00
dgram - > source_name . name ,
dgram - > source_name . name_type ,
1998-08-30 17:04:24 +00:00
p - > ip , * iface_ip ( p - > ip ) , p - > port ) ;
1997-12-13 14:16:07 +00:00
return ;
}
case SAMLOGON :
{
char * q = buf + 2 ;
2001-07-04 07:15:53 +00:00
fstring asccomp ;
1997-12-13 14:16:07 +00:00
1998-09-29 17:17:48 +00:00
q + = 2 ;
1997-12-13 14:16:07 +00:00
unicomp = q ;
2000-04-11 14:11:14 +00:00
uniuser = skip_unibuf ( unicomp , PTR_DIFF ( buf + len , unicomp ) ) ;
getdc = skip_unibuf ( uniuser , PTR_DIFF ( buf + len , uniuser ) ) ;
1997-12-13 14:16:07 +00:00
q = skip_string ( getdc , 1 ) ;
2000-04-11 14:25:04 +00:00
q + = 4 ; /* Account Control Bits - indicating username type */
1998-09-29 17:16:15 +00:00
domainsidsize = IVAL ( q , 0 ) ;
q + = 4 ;
2000-04-11 14:11:14 +00:00
2000-04-22 00:33:16 +00:00
DEBUG ( 3 , ( " process_logon_packet: SAMLOGON sidsize %d, len = %d \n " , domainsidsize , len ) ) ;
if ( domainsidsize < ( len - PTR_DIFF ( q , buf ) ) & & ( domainsidsize ! = 0 ) ) {
2000-04-11 14:11:14 +00:00
q + = domainsidsize ;
2000-04-11 19:44:54 +00:00
q = ALIGN4 ( q , buf ) ;
2000-04-11 14:11:14 +00:00
}
2000-04-22 00:33:16 +00:00
DEBUG ( 3 , ( " process_logon_packet: len = %d PTR_DIFF(q, buf) = %d \n " , len , PTR_DIFF ( q , buf ) ) ) ;
2000-04-11 14:11:14 +00:00
if ( len - PTR_DIFF ( q , buf ) > 8 ) {
/* with NT5 clients we can sometimes
get additional data - a length specificed string
containing the domain name , then 16 bytes of
data ( no idea what it is ) */
int dom_len = CVAL ( q , 0 ) ;
q + + ;
2000-04-22 00:33:16 +00:00
if ( dom_len < ( len - PTR_DIFF ( q , buf ) ) & & ( dom_len ! = 0 ) ) {
2000-04-11 14:11:14 +00:00
q + = dom_len + 1 ;
}
q + = 16 ;
}
1998-09-29 17:16:15 +00:00
ntversion = IVAL ( q , 0 ) ;
2000-04-11 14:11:14 +00:00
lmnttoken = SVAL ( q , 4 ) ;
lm20token = SVAL ( q , 6 ) ;
q + = 8 ;
1997-12-13 14:16:07 +00:00
1999-12-13 13:27:58 +00:00
DEBUG ( 3 , ( " process_logon_packet: SAMLOGON sidsize %d ntv %d \n " , domainsidsize , ntversion ) ) ;
1997-12-13 14:16:07 +00:00
/*
1998-12-09 06:35:37 +00:00
* we respond regadless of whether the machine is in our password
* database . If it isn ' t then we let smbd send an appropriate error .
1997-12-13 14:16:07 +00:00
* Let ' s ignore the SID .
*/
2001-07-04 07:15:53 +00:00
pull_ucs2_pstring ( ascuser , uniuser ) ;
pull_ucs2_fstring ( asccomp , unicomp ) ;
1999-12-13 13:27:58 +00:00
DEBUG ( 3 , ( " process_logon_packet: SAMLOGON user %s \n " , ascuser ) ) ;
1998-05-12 00:55:32 +00:00
fstrcpy ( reply_name , " \\ \\ " ) ; /* Here it wants \\LOGONSERVER. */
fstrcpy ( reply_name + 2 , my_name ) ;
1997-12-13 14:16:07 +00:00
1999-12-13 13:27:58 +00:00
DEBUG ( 3 , ( " process_logon_packet: SAMLOGON request from %s(%s) for %s, returning logon svr %s domain %s code %x token=%x \n " ,
2001-07-04 07:15:53 +00:00
asccomp , inet_ntoa ( p - > ip ) , ascuser , reply_name , global_myworkgroup ,
1999-12-13 13:27:58 +00:00
SAMLOGON_R , lmnttoken ) ) ;
1997-12-13 14:16:07 +00:00
/* Construct reply. */
q = outbuf ;
2000-03-27 12:19:58 +00:00
if ( SVAL ( uniuser , 0 ) = = 0 ) {
SSVAL ( q , 0 , SAMLOGON_UNK_R ) ; /* user unknown */
} else {
SSVAL ( q , 0 , SAMLOGON_R ) ;
}
1998-09-29 17:16:15 +00:00
q + = 2 ;
1997-12-13 14:16:07 +00:00
2000-03-27 12:38:45 +00:00
q + = dos_PutUniCode ( q , reply_name , sizeof ( pstring ) , True ) ;
2000-04-18 03:34:27 +00:00
q + = dos_PutUniCode ( q , ascuser , sizeof ( pstring ) , True ) ;
q + = dos_PutUniCode ( q , global_myworkgroup , sizeof ( pstring ) , True ) ;
1998-09-29 17:16:15 +00:00
2000-04-11 14:11:14 +00:00
/* tell the client what version we are */
SIVAL ( q , 0 , 1 ) ; /* our ntversion */
SSVAL ( q , 4 , 0xffff ) ; /* our lmnttoken */
SSVAL ( q , 6 , 0xffff ) ; /* our lm20token */
q + = 8 ;
1997-12-13 14:16:07 +00:00
dump_data ( 4 , outbuf , PTR_DIFF ( q , outbuf ) ) ;
send_mailslot ( True , getdc ,
outbuf , PTR_DIFF ( q , outbuf ) ,
2000-04-18 03:34:27 +00:00
global_myname , 0x0 ,
1999-12-13 13:27:58 +00:00
dgram - > source_name . name ,
dgram - > source_name . name_type ,
1998-08-30 17:04:24 +00:00
p - > ip , * iface_ip ( p - > ip ) , p - > port ) ;
1997-12-13 14:16:07 +00:00
break ;
}
2001-08-28 06:08:31 +00:00
/* Announce change to UAS or SAM. Send by the domain controller when a
replication event is required . */
2001-08-24 19:28:08 +00:00
case SAM_UAS_CHANGE : {
struct sam_database_info * db_info ;
char * q = buf + 2 ;
int i , db_count ;
2001-08-28 06:08:31 +00:00
uint32 low_serial ;
2001-08-24 19:28:08 +00:00
/* Header */
2001-08-28 06:08:31 +00:00
low_serial = IVAL ( q , 0 ) ; q + = 4 ; /* Low serial number */
2001-08-24 19:28:08 +00:00
q + = 4 ; /* Date/time */
q + = 4 ; /* Pulse */
q + = 4 ; /* Random */
/* Domain info */
q = skip_string ( q , 1 ) ; /* PDC name */
q = skip_string ( q , 1 ) ; /* Domain name */
q = skip_unibuf ( q , PTR_DIFF ( buf + len , q ) ) ; /* Unicode PDC name */
q = skip_unibuf ( q , PTR_DIFF ( buf + len , q ) ) ; /* Unicode domain name */
/* Database info */
2001-08-28 06:08:31 +00:00
db_count = SVAL ( q , 0 ) ; q + = 2 ;
2001-08-24 19:28:08 +00:00
db_info = ( struct sam_database_info * )
malloc ( sizeof ( struct sam_database_info ) * db_count ) ;
if ( db_info = = NULL ) {
DEBUG ( 3 , ( " out of memory allocating info for %d databases \n " ,
db_count ) ) ;
return ;
}
for ( i = 0 ; i < db_count ; i + + ) {
db_info [ i ] . index = IVAL ( q , 0 ) ;
db_info [ i ] . serial_lo = IVAL ( q , 4 ) ;
db_info [ i ] . serial_hi = IVAL ( q , 8 ) ;
db_info [ i ] . date_lo = IVAL ( q , 12 ) ;
db_info [ i ] . date_hi = IVAL ( q , 16 ) ;
q + = 20 ;
}
/* Domain SID */
q + = IVAL ( q , 0 ) + 4 ; /* 4 byte length plus data */
q + = 2 ; /* Alignment? */
/* Misc other info */
q + = 4 ; /* NT version (0x1) */
q + = 2 ; /* LMNT token (0xff) */
q + = 2 ; /* LM20 token (0xff) */
2001-09-17 04:35:51 +00:00
SAFE_FREE ( db_info ) ; /* Not sure whether we need to do anything
2001-08-28 06:08:31 +00:00
useful with these */
/* Send message to smbd */
send_repl_message ( low_serial ) ;
break ;
2001-08-24 19:28:08 +00:00
}
1997-12-13 14:16:07 +00:00
default :
{
DEBUG ( 3 , ( " process_logon_packet: Unknown domain request %d \n " , code ) ) ;
return ;
}
}
}
