1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-14 19:24:43 +03:00

2737 Commits

Author SHA1 Message Date
Luke Leighton
1cece21246 SMB_BIG_INT dir_total incompatible with %d: must use %llu (line 446) -
Luke Leighton
129a9a4d4b fixed issues with "Welcome to SAMBA Domain" for when admin user/pass is
used to add workstation to domain.  unix account db not modified: only
SAM password db is used.
-
Alexandre Oliva
29581f8486 * client/client.c (dir_total): use SMB_BIG_UINT
* client/clitar.c (ttarf): ditto
* * lib/snprintf.c: support long longs; adapted from Cloyce D. Spradling's
patch <cloyce@headgear.org>
-
Luke Leighton
4aed18b5e1 added SAMR_USER_INFO_24 info level to samr_set_userinfo. this is used
by "Welcome to SAMBA Domain".
-
Luke Leighton
2e58ed7424 SAM database "set user info".
----------------------------

- removed DOM_RID4

- removed SAMR_UNKNOWN_32

- added SAMR_SET_USERINFO (opcode 0x32)

- added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user)

- fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

- added mod_sam21pwd_entry()

- preparing to call mod_sam21pwd_entry()

- added "user session key" to user_struct.dc.  this is md4(nt#) and is
  needed to decode user's clear-text passwords in SAMR_SET_USERINFO.

- split code out in chgpasswd.c to decode 516 byte password buffers.
-
Luke Leighton
68841eeb64 NULL pointer handling in nt_lm_owf_gen -
Luke Leighton
9092368af8 matt, you had removed a "pointer" from DOM_R_REF structure which made it
possible to fix lsa_r_lookup_names, but forgot to add that pointer in
to lsa_r_lookup_sids, where DOM_R_REF was also being used.
-
Luke Leighton
f84dede27e removed 2 unnecessary args from make_uni_hdr. -
Matthew Chapman
6d03f61d25 Fixed LSA Lookup Names. There were a few too many NULL pointers in a
negative response, which tended to crash lsass.exe.
-
Luke Leighton
103557e26b dynamic memory allocation in samr enum dom users. works with 849 entries now. -
Matthew Chapman
90b6fce780 Fixed a typo where the RPC header mem_buffer was initialised as 0x8 bytes long
rather than 0x18. Rather nasty, I doubt the client ever worked for multiple
PDU's.
-
Matthew Chapman
71b861f746 ERRmoredata is informational and should not be treated as a hard error
anywhere.
-
Matthew Chapman
9a482aedb2 Same infinite loop bug as I fixed in SAMBA_2_0, but I just spent half
an hour tracking it down in HEAD so I'm going to commit it here as well.
-
Matthew Chapman
1143fd4297 #if defined(HAVE_MYSQL_H) || defined(WITH_MYSQLSAM)
should instead have &&.
-
Matthew Chapman
73730f6004 Another UNICODE issue - this time BUFFER2 was being transmitted incorrectly. -
Matthew Chapman
402ed18188 If a buffer pointer is NULL then its length_is() attribute should not be
transmitted.

Such a problem was crashing Server Manager.
-
Matthew Chapman
b9e8a3ef3a The line:
this_pdu_data_pos = data_pos - p->prev_pdu_file_offset;

is correct for first two PDU's only, after that it results in extra
garbage after each fragment and hence "Protocol Error" messages from
NT4 SP4. Changed to:

    this_pdu_data_pos = (pdu_data_sent == 0) ? 0 : (pdu_data_sent - 0x18);
-
Matthew Chapman
1e17c2529c Ensuring return status is aligned in SAMR_QUERY_DISPINFO response. -
Luke Leighton
fefb4bf191 added a "createuser" command. -
Luke Leighton
d6cee14f80 value->enc_secret not value->secret -
Luke Leighton
b51574174c const char* instead of char* for input -
Luke Leighton
674e4a3a73 return type of nt_decrypt_string2 set to BOOL. -
Luke Leighton
f9f594c03e going to start adding inter-domain trust logons soon. -
Luke Leighton
96e358a2f0 valid_pol in lsa_query_secret() needed to be initialised to False. -
Matthew Chapman
5951e16a11 querysecret now shows the real, fairdinkum, decrypted secret :-) -
Matthew Chapman
f09388fa6f Implemented encryption algorithm used for a number of RPC buffers.
(actually, decryption only currently because I need to get some sleep).

Basically another Microsoft twist on DES; the "master key" is the user's
NT hash MD4'd and subsets of this are chosen as the 56-bit DES keys.
-
Luke Leighton
534fe319d9 Beau Kuiper: provided patch so that passwords could only be changed by
root if the ACB_PWLOCK bit is set (on a per-user basis).  he also added
an extra smbpasswd option so that this bit can be modified from
command-line.
-
Luke Leighton
082109369b double-checked the return results from new querysecret command, corrected
my corrections :)
-
Luke Leighton
60da0a1255 matt,
remember: only close handles that you've previously opened.  if the
lsa_open_secret() succeeds then and only then can you close it.
if the lsa_open_policy2() succeeds then and only then can you close it.
-
Matthew Chapman
113d03a38a Added SVC_START_SERVICE rpc. An NT PDC will attempt to start the NETLOGON
service on its BDC's prior to initiating SAM replication. For now just
return success.
-
Matthew Chapman
900238a661 Changed hard-coded number of users/groups in SAMR_QUERY_DOMAIN_INFO
to MAX_SAM_ENTRIES to prevent truncation of user lists.
A proper implementation is not important right now.
-
Matthew Chapman
365fa3b5fb Adding LSA_OPENSECRET (-> LsarOpenSecret) and LSA_QUERYSECRET
(-> LsarQuerySecret) on client side, including rpcclient command
"querysecret" for others to play with.

The major obstacle is working out the encryption algorithm used
for the secret value. It definitely uses the NT hash as part of the
key, and it seems the block size is 64 bits - probably DES based -
but I can't work out what's done in between. Help required.
-
Luke Leighton
baf55934dc SAMLOGON query - alignment issue is beginning to get to me. -
Luke Leighton
4bb74fcc71 Stefan Walters: purify spotted rverf should be alloc'd to 16 bytes not 8. -
Luke Leighton
9d01e9d86a alignment issue for UDP SAMLOGON response. -
Matthew Chapman
03e722cdf5 Added SVC_QUERY_DISP_NAME (corresponding to the GetServiceDisplayName API).
Needed during preliminary part of SAM replication.
-
Matthew Chapman
c95520eae9 Don't forget to make proto. -
Luke Leighton
81b5304fe5 Stefan Walter: spotted *p_group == NULL which should be p_group == NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == NULL. -
Luke Leighton
5fa3a3f710 cli_setup_creds new arguments added. -
Luke Leighton
65b0abe8b7 new "domtrust" test command. r&d into inter-domain trust accounts. -
Luke Leighton
478d9ddfcf check for exactly _one_ key: for USRMGR.EXE. -
Luke Leighton
5b1d078900 static password space needed. -
Luke Leighton
d8946f1cc7 Greg Dickie: spotted bug where smb_nt_passwd could be NULL. -
Luke Leighton
b0381bb262 Greg Dickie spotted some wierd memory corruption problem with group
database enumeration.
-
Luke Leighton
de290627f0 alignment issue in UDP SAMLOGON response. -
Luke Leighton
62d499f832 mods to allow inter-domain trust accounts to be added to SAM database
using smbpasswd command.
-
Luke Leighton
74c7d626cd oh dear, it's this one again. removed check for MAILSLOT\NTLOGON because
it's wrong.  i've seen a packet from nt client on MAILSLOT\NETLOGON
with appended undocumented unicode tacked on the end and the response
contained undocumented unicode tacked on the end.
-
Luke Leighton
a32a6f64b1 oops, IS_BITS_CLR_ALL() macro was wrong! -
Luke Leighton
97a0b24955 reverted access control flags in enum commands. -
Luke Leighton
1c330d5682 - todd sabin spotted bugs in samr enum dom users / groups / aliases code:
last count (probably an ENUM / resume handle) should always be returned
  even if there are no items being returned.

- got fed up of seven intendation levels in cmd_samr.c, maximum recommended
  in *any* code is three!  made some sub-fns instead.
-