1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

82 Commits

Author SHA1 Message Date
Andrew Bartlett
fcbfc7ad06 Changes all over the shop, but all towards:
- NTLM2 support in the server
 - KEY_EXCH support in the server
 - variable length session keys.

In detail:

 - NTLM2 is an extension of NTLMv1, that is compatible with existing
domain controllers (unlike NTLMv2, which requires a DC upgrade).

 * This is known as 'NTLMv2 session security' *

(This is not yet implemented on the RPC pipes however, so there may
well still be issues for PDC setups, particuarly around password
changes.  We do not fully understand the sign/seal implications of
NTLM2 on RPC pipes.)

This requires modifications to our authentication subsystem, as we
must handle the 'challege' input into the challenge-response algorithm
being changed.  This also needs to be turned off for
'security=server', which does not support this.

- KEY_EXCH is another 'security' mechanism, whereby the session key
actually used by the server is sent by the client, rather than being
the shared-secret directly or indirectly.

- As both these methods change the session key, the auth subsystem
needed to be changed, to 'override' session keys provided by the
backend.

- There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure.  This should help the SPNEGO implementation.

- The 'names blob' in NTLMSSP is always in unicode - never in ascii.
Don't make an ascii version ever.

- The other big change is to allow variable length session keys.  We
have always assumed that session keys are 16 bytes long - and padded
to this length if shorter.  However, Kerberos session keys are 8 bytes
long, when the krb5 login uses DES.

 * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. *

- Add better DEBUG() messages to ntlm_auth, warning administrators of
misconfigurations that prevent access to the privileged pipe.  This
should help reduce some of the 'it just doesn't work' issues.

- Fix data_blob_talloc() to behave the same way data_blob() does when
passed a NULL data pointer.  (just allocate)


REMEMBER to make clean after this commit - I have changed plenty of data structures...
(This used to be commit f3bbc87b0d)
2003-11-22 13:19:38 +00:00
Andrew Bartlett
f0cd6b35e5 - Fix the kerberos downgrade problem:
- When connecting to the NETOGON pipe, we make a call to auth2, in order
   to verify our identity.  This call was being made with negotiation flags
   of 0x1ff.  This caused our account to be downgraded.  If we instead make
   the call with flags > 1ff (such as 0x701ff), then this does not occour.

 - This is *not* related to the use of kerberos for the CIFS-level connection

My theory is that Win2k has a test to see if we are sending *exactly* what
NT4 sent - setting any other flags seems to cause us to remain intact.

Also ensure that we only have 'setup schannel' code in a few places, not
scattered around cmd_netlogon too.

Andrew Bartlett
(This used to be commit e10f0529fe)
2003-08-19 20:39:32 +00:00
Herb Lewis
aa39cc37da get rid of more compiler warnings
(This used to be commit 398bd14fc6)
2003-08-15 04:42:05 +00:00
Tim Potter
3f3e2a8f49 Fix out of date comment.
(This used to be commit 2e5bd16654)
2003-07-23 07:14:33 +00:00
Volker Lendecke
d1da999e0a This puts real netlogon connection caching to winbind. This becomes
important once we start doing schannel, as there would be a lot more
roundtrips for the second PIPE open and bind. With this patch logging
in to a member server is a matter of two (three if you count the
ack...) packets between us and the DC.

Volker
(This used to be commit 5b3cb7725a)
2003-05-08 08:02:52 +00:00
Andrew Bartlett
aa79f23d9b Turn down some DEBUG()s and remove some duplicate code spotted by dfenwick.
Andrew Bartlett
(This used to be commit 542a8b1817)
2003-05-01 02:51:49 +00:00
Andrew Bartlett
f071020f5e Merge from HEAD - save the type of channel used to contact the DC.
This allows us to join as a BDC, without appearing on the network as one
until we have the database replicated, and the admin changes the configuration.

This also change the SID retreval order from secrets.tdb, so we no longer
require a 'net rpc getsid' - the sid fetch during the domain join is sufficient.
Also minor fixes to 'net'.

Andrew Bartlett
(This used to be commit 876e00fd11)
2003-04-21 14:09:03 +00:00
Tim Potter
19164790b0 Merge: incorrect arg to debug.
(This used to be commit 800b79e836)
2003-04-14 05:24:59 +00:00
Volker Lendecke
f88a3ebde4 Auth2, not also Auth3 sends us flags back, although all the callers
ignore it.

Volker
(This used to be commit 1e03e95545)
2003-04-09 10:10:13 +00:00
Andrew Bartlett
53beee9e56 (merge from HEAD)
NTLM Authentication:

- Add a 'privileged' mode to Winbindd.  This is achieved by means of a directory
  under lockdir, that the admin can change the group access for.

- This mode is now required to access with 'CRAP' authentication feature.
- This *will* break the current SQUID helper, so I've fixed up our ntlm_auth
  replacement:
 - Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a
   challenge.
 - Use this to make our ntlm_auth utility suitable for use in current Squid 2.5
   servers.
 - Tested - works for Win2k clients, but not Win9X at present.  NTLMSSP updates
   are needed.
 - Now uses fgets(), not x_fgets() to cope with Squid environment (I think
   somthing to do with non-blocking stdin).

- Add much more robust connection code to wb_common.c - it will not connect to
  a server of a different protocol version, and it will automatically try and
  reconnect to the 'privileged' pipe if possible.
  - This could help with 'privileged' idmap operations etc in future.

- Add a generic HEX encode routine to util_str.c,
- fix a small line of dodgy C in StrnCpy_fn()

- Correctly pull our 'session key' out of the info3 from th the DC.  This is
  used in both the auth code, and in for export over the winbind pipe to
  ntlm_auth.

- Given the user's challenge/response and access to the privileged pipe,
  allow external access to the 'session key'.  To be used for MSCHAPv2
  integration.

Andrew Bartlett
(This used to be commit ec071ca3dc)
2003-03-24 09:54:13 +00:00
Tim Potter
1788f806e7 Merge: const fixes.
(This used to be commit a20aba0999)
2003-02-25 23:51:56 +00:00
Jeremy Allison
2f194322d4 Removed global_myworkgroup, global_myname, global_myscope. Added liberal
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8)
2002-11-12 23:20:50 +00:00
Gerald Carter
a834a73e34 sync'ing up for 3.0alpha20 release
(This used to be commit 65e7b5273b)
2002-09-25 15:19:00 +00:00
Jelmer Vernooij
1f7d18a99c Sync 3.0 branch with HEAD
(This used to be commit 3823a2ff5a)
2002-08-17 16:05:44 +00:00
Tim Potter
ab13654dc9 Renamed get_nt_error_msg() to nt_errstr().
(This used to be commit 1f007d3ed4)
2002-03-17 04:36:35 +00:00
Tim Potter
cd68afe312 Removed version number from file header.
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06)
2002-01-30 06:08:46 +00:00
Andrew Bartlett
8ba00d147b OK. Smbpasswd -j is DEAD.
This moves the rest of the functionality into the 'net rpc join' code.

Futhermore, this moves that entire area over to the libsmb codebase, rather
than the crufty old rpc_client stuff.

I have also fixed up the smbpasswd -a -m bug in the process.

We also have a new 'net rpc changetrustpw' that can be called from a
cron-job to regularly change the trust account password, for sites
that run winbind but not smbd.

With a little more work, we can kill rpc_client from smbd entirly!
(It is mostly the domain auth stuff - which I can rework - and the
spoolss stuff that sombody else will need to look over).

Andrew Bartlett
(This used to be commit 575897e879)
2001-12-05 11:00:26 +00:00
Tim Potter
c87c352699 Removed duplicate debug.
(This used to be commit 5c3521c937)
2001-11-05 00:12:23 +00:00
Tim Potter
d607fe0474 Don't accidentally return success when sending a broken NET_SAMLOGON
request.  This exposes a domain authentication bug with win2k where a rpc
fault is returned but not propagated up as an error.
(This used to be commit 27cd7ac857)
2001-10-31 04:42:16 +00:00
Tim Potter
d16ce1910b Fixed typo in debug message.
(This used to be commit 26fa0374bb)
2001-10-30 00:19:43 +00:00
Andrew Tridgell
a689b24db1 the next step in the intl changeover. This should get us compiling agian,
and also completes the switch to lang_tdb.c. SWAT should now work
with a po file in the lib/ directory

also removed useless SYSLOG defines in many files
(This used to be commit 5296b20ad8)
2001-10-14 12:10:29 +00:00
Tim Potter
dc1fc3ee8e Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.
(This used to be commit 2d0922b0ea)
2001-10-02 04:29:50 +00:00
Tim Potter
15a6649c01 Converted cli_net_auth2() and cli_nt_setup_creds() to return NTSTATUS.
(This used to be commit e0bdcbc599)
2001-09-18 02:49:35 +00:00
Andrew Tridgell
19fea3242c the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but the client code still needs some work
(This used to be commit dcd6e735f7)
2001-09-04 07:13:01 +00:00
Andrew Tridgell
b031af348c converted another bunch of stuff to NTSTATUS
(This used to be commit 1d36250e33)
2001-08-27 19:46:22 +00:00
Tim Potter
b9e7eeaf4f More status32 conversions.
(This used to be commit 031a19639c)
2001-08-24 20:31:00 +00:00
Tim Potter
f3aeaa8c90 Fixed typo in debug message.
(This used to be commit ea8c0a75af)
2001-08-24 18:37:06 +00:00
Tim Potter
af0af3d42a Removed nt_error field from cli_state as it was not used anywhere.
(This used to be commit 589aaa5fb1)
2001-08-10 05:50:20 +00:00
Andrew Tridgell
87fbb7092b The big character set handling changeover!
This commit gets rid of all our old codepage handling and replaces it with
iconv. All internal strings in Samba are now in "unix" charset, which may
be multi-byte. See internals.doc and my posting to samba-technical for
a more complete explanation.
(This used to be commit debb471267)
2001-07-04 07:15:53 +00:00
Tim Potter
dd0cca5c21 Broke out change trust account password routines into separate file
since they're only used in one place anyway (timeout_processing() in
process.c)
(This used to be commit d1e5d5d62f)
2001-05-17 02:52:45 +00:00
Jeremy Allison
02fe94f865 Removed JRATEST line.
Jeremy.
(This used to be commit be9933ce35)
2001-03-11 22:03:42 +00:00
Jeremy Allison
00ab9021b0 Serious (and I *mean* serious) attempt to fix little/bigendian RPC issues.
We were reading the endainness in the RPC header and then never propagating
it to the internal parse_structs used to parse the data.
Also removed the "align" argument to prs_init as it was *always* set to
4, and if needed can be set differently on a case by case basis.
Now ready for AS/U testing when Herb gets it set up :-).
Jeremy.
(This used to be commit 0cd37c831d)
2001-03-09 23:48:58 +00:00
Jeremy Allison
f93bb0801c rpc_client/cli_netlogon.c: Fixed incorrect printf.
Added Solaris ACL support.
Jeremy.
(This used to be commit f0d11b6997)
2001-02-25 00:24:54 +00:00
Jeremy Allison
3699948e97 This patch (donated by Marc Jacobsen of HP) should make Sun and HP very happy :-).
Probably Veritas too... :-).
It allows Samba as a domain member to authenticate against an AS/U server such
as the older HP PDC product or PD Netlink. It does this by trying a netlogon
with info level 3 and then falling back to info level 2 if the PDC returns
invalid info level.
Jeremy.
(This used to be commit bda1d6d4a4)
2001-02-24 00:42:41 +00:00
Tim Potter
64172d82fc Merge of i18n fixes from appliance branch. Samba can now talk to a network
with a PDC that has international netbios name and domain name.  There's
still quite a bit of i18n stuff to fix though...
(This used to be commit 79045bd72a)
2001-02-14 05:34:50 +00:00
Jeremy Allison
7bf9d8ce4b Fixed bug found by Gerald. If a Samba server joins a domain and is set
to search for a DC to authenticate to using the "*" syntax than ensure
that for the first hour after the password change is searches for the
PDC using the 1B name not the 1C name as domain replication may not
have occured.
Jeremy.
(This used to be commit c25533de99)
2000-12-19 23:57:48 +00:00
Jeremy Allison
5ec1642809 Ok - this is a *BIG* change - but it fixes the problems with static strings
in the RPC code. This change was prompted by trying to save a long (>256)
character comment in the printer properties page.

The new system associates a TALLOC_CTX with the pipe struct, and frees
the pool on return of a complete PDU.

A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx
code, and is freed in the main loop.

This code works with insure, and seems to be free of memory leaks and
crashes (so far) but there are probably the occasional problem with
code that uses UNISTRxx structs on the stack and expects them to contain
storage without doing a init_unistrXX().

This means that rpcclient will probably be horribly broken.
A TALLOC_CTX also needed associating with the struct cli_state also,
to make the prs_xx code there work.

The main interface change is the addition of a TALLOC_CTX to the
prs_init calls - used for dynamic allocation in the prs_XXX calls.

Now this is in place it should make dynamic allocation of all RPC
memory on unmarshall *much* easier to fix.

Jeremy.
(This used to be commit 0ff2ce543e)
2000-07-27 00:47:19 +00:00
Tim Potter
a4243b3d99 Fixed memory leak in modify_trust_password()
(This used to be commit 7145689bf5)
2000-07-26 03:04:01 +00:00
Andrew Tridgell
da44845a09 moved secrets fns into secrets.c
(This used to be commit f890bcf067)
2000-06-03 06:22:19 +00:00
Matthew Chapman
badb7fc0d2 Fixed LsaQueryInformationPolicy level 3 to return primary domain info.
Domain SID is saved in secrets.tdb upon joining domain.

Added "Authenticated Users" and "SYSTEM" well-known SIDs (under
NT Authority).
(This used to be commit 7710b4f48d)
2000-05-29 01:23:48 +00:00
Andrew Tridgell
2958dfcdf8 added secrets.tdb and changed storage of trust account password to use
it
(This used to be commit 88ad00b82a)
2000-05-08 10:42:21 +00:00
Jeremy Allison
8f1620125d acconfig.h configure configure.in: Added check for UT_SYSLEN for utmp code.
include/byteorder.h: Added alignment macros.
include/nameserv.h: Added defines for msg_type field options - from rfc1002.
lib/time.c: Typo fix.
lib/util_unistr.c: Updates from UNICODE branch.
printing/nt_printing.c: bzero -> memset.
smbd/connection.c: Added check for UT_SYSLEN for utmp code.

Other fixes : Rollback of unapproved commit from Luke.
Please *ask* next time before doing large changes to HEAD.

Jeremy.
(This used to be commit f02999dbf7)
2000-03-22 19:03:12 +00:00
Luke Leighton
b89b75a368 added the following message to all dce/rpc client/server code, except
the spoolss code (it's cut from TNG) and the smb-dce/rpc interface
code that jeremy has been working up to TNG-functionality.

i also want this message to go into SAMBA_2_0 and SAMBA_2_0_RELEASE,
because it is intolerable that potentially good modifications be made
to code that is going to be thrown away, and people waste their time
fixing bugs and adding enhancements that have already been carried
out already, up to two years ago in the TNG branch.

/*
 * THIS CODE IS OUT-OF-DATE BY TWO YEARS, IS LEGACY DESIGN AND VERY, VERY,
 * INCOMPLETE.  PLEASE DO NOT MAKE ANY FURTHER ENHANCEMENTS TO THIS CODE
 * UNLESS THEY ARE ALSO CARRIED OUT IN THE SAMBA_TNG BRANCH.
 *
 * PLEASE DO NOT TREAT THIS CODE AS AUTHORITATIVE IN *ANY* WAY.
 *
 * REPEAT, PLEASE DO NOT MAKE ANY MODIFICATIONS TO THIS CODE WITHOUT
 * FIRST CHECKING THE EQUIVALENT MODULE IN SAMBA_TNG, UPDATING THAT
 * FIRST, *THEN* CONSIDER MAKING THE SAME MODIFICATION IN THIS BRANCH
 *
 * YOU WILL, ALMOST GUARANTEED, FIND THAT THE BUG-FIX OR ENHANCEMENT THAT
 * YOU THINK IS NECESSARY, HAS ALREADY BEEN IMPLEMENTED IN SAMBA_TNG.
 * IF IT HAS NOT, YOUR BUG-FIX OR ENHANCEMENT *MUST* GO INTO SAMBA_TNG
 * AS THE SAMBA_TNG CODE WILL REPLACE THIS MODULE WITHOUT REFERENCE TO
 * ANYTHING IN IT, WITH THE POSSIBLE RISK THAT THE BUG-FIX OR ENHANCEMENT
 * MAY BE LOST.
 *
 * PLEASE OBSERVE AND RESPECT THIS SIMPLE REQUEST.
 *
 * THANK YOU.
 *
 * lkcl@samba.org
 */
(This used to be commit cfaea90529)
2000-03-22 10:26:09 +00:00
Andrew Tridgell
171da4d787 this looks like a big commit, but it isn't really :)
This fixes our netbios scope handling. We now have a 'netbios scope' option
in smb.conf and the scope option is removed from make_nmb_name()

this was prompted by a bug in our PDC finding code where it didn't append
the scope to the query of the '*' name.
(This used to be commit b563be824b)
2000-01-07 06:55:36 +00:00
Andrew Tridgell
4e1291a83f converted all our existing shared memory code to use a tdb database
instead of either sysv or mmap shared memory or lock files.

this means we can now completely remove
	locking_shm.c
	locking_slow.c
	shmem.c
	shmem_sysv.c
and lots of other things also got simpler

locking.c got a bit larger, but is much better compartmentalised now
(This used to be commit e48c2d9937)
1999-12-21 09:25:59 +00:00
Andrew Tridgell
3db52feb1f first pass at updating head branch to be to be the same as the SAMBA_2_0 branch
(This used to be commit 453a822a76)
1999-12-13 13:27:58 +00:00
Luke Leighton
f6c5f75568 damn, that took a while. nt login password was being stored incorrectly
in private .mac file (oops).  ntlogin test now works.
(This used to be commit c98c666906)
1999-12-01 20:18:21 +00:00
Luke Leighton
86ac6fa938 fixing joining to domain plus something weird going down with nt logins...
(This used to be commit cef258f1c9)
1999-12-01 19:25:51 +00:00
Luke Leighton
e302cb2b18 first attempt at getting \PIPE\NETLOGON working. it's pretty horrible.
(This used to be commit 44dd3efa63)
1999-11-29 19:46:57 +00:00
Luke Leighton
2803a72751 ok. *whew*. this is the first completed part of the restructure.
verified that lsaquery, lsalookupsids work, and found some bugs in the
parameters of these commands :-)

soo... we now have an lsa_* api that has the same arguments as the nt
Lsa* api!  cool!

the only significant coding difference is the introduction of a
user_credentials structure, containing user, domain, pass and ntlmssp
flags.
(This used to be commit 57bff6fe82)
1999-11-24 22:45:09 +00:00