1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Commit Graph

56 Commits

Author SHA1 Message Date
Luke Leighton
6b56ebb7cf added two new params: "trusted domains" and "trusting domains".
these _may_ not actually ever get used, as trust relationships
really need to be established with shared secrets, and you need
to get the SID of the trusted and trusting domains, so this
may have to go in a private/xxx.mac file.
(This used to be commit 71f1213867)
1999-11-16 17:27:41 +00:00
Richard Sharpe
8a84d000c9 Changes to implement NET_AUTH based on NET_AUTH2, to get Win2000
happier in joining a Samba domain.
(This used to be commit 70274b5253)
1999-11-16 14:10:23 +00:00
Luke Leighton
050121b1a1 rewrote api_net_sam_logon() to be a little clearer.
(This used to be commit 3adc31083b)
1999-10-27 17:20:55 +00:00
Luke Leighton
ae0d7718eb Tim Potter spotted compile error: matthew had added BDC support to smbd,
which i didn't know about!
(This used to be commit 30620b93e5)
1999-07-21 05:07:20 +00:00
Luke Leighton
f922d25ce8 oops, set password lengths to a boolean value.
(This used to be commit e6d43ddb1b)
1999-07-06 20:33:24 +00:00
Luke Leighton
73891ca8e4 improving authentication code (tidyup).
(This used to be commit ab1a6aa42d)
1999-06-29 18:47:06 +00:00
Matthew Chapman
99e42c0656 Some more BDC-related fixes, mainly to the NET_SAM_SYNC RPC with respect
to alignment, missing fields, etc. - it should now work correctly.
There is still the problem of decoding the private data field.
(This used to be commit c3c25e762f)
1999-06-02 03:19:20 +00:00
Jean-François Micouleau
4e5bf481fb last part of RPC api change.
and of rpcclient eventlog funtion

	Jean Francois
(This used to be commit 7fc8659e83)
1999-05-03 22:04:02 +00:00
Matthew Chapman
53f0cd990c Mainly BDC-related changes.
* Added SEC_CHAN_BDC
* Fix for endianness problem reported by Edan Idzerda <edan@mtu.edu>. A
  BUFFER2 is really a "unibuf" in my terminology and we should treat it as
  such.
* Added some more common NT structures (BIGINT, BUFHDR2, BUFFER4).
* Added NET_SAM_SYNC (-> NetDatabaseSync2) RPC for account replication.
  Still experimental and incomplete, with a few too many NULL security
  descriptors lying around (must go look at Jeremy's SD code). Haven't
  worked out password encryption yet either.
  However, the XXX_INFO structures I've added to rpc_netlogon.h are quite
  nice as they give some insight into how these objects are stored in the
  SAM.
(This used to be commit 74d6dec25d)
1999-04-08 05:35:53 +00:00
Luke Leighton
bc973ffbdd Dejan Ilic: spotted "NETLOGON" bug, failure of NT_STATUS WRONG_PASSWORD.
(This used to be commit 2f02a083b2)
1999-04-06 16:36:52 +00:00
Luke Leighton
2aadefe8cc Greg Dickie: spotted bug where smb_nt_passwd could be NULL.
(This used to be commit d8946f1cc7)
1999-03-10 17:06:07 +00:00
Matthew Chapman
2737f26ad6 Always null-terminate strings.
Also some string length and sizeof(pointer) corrections.
(This used to be commit ce24191939)
1999-02-15 05:33:30 +00:00
Matthew Chapman
fd96929ec1 UNICODE cleanup (see lib/util_unistr.c).
No more ugly static library buffers and all functions take a destination
string length (especially unistrcpy was rather dangerous; we were only
saved by the fact that datagrams are limited in size).
(This used to be commit a1d39af1ce)
1999-02-12 00:16:09 +00:00
Luke Leighton
3b12477f34 pwdb_smb_to_sam was not returning NULL for nt name so that
pwdb_sam_map_names() was using a "blank" static string instead of
a NULL pointer for nt names.  NULL means over-ride, so the nt name
got left as "blank".

this causes nt clients to terminate with extreme prejudice.
(This used to be commit ddd3501982)
1999-02-09 16:01:28 +00:00
Matthew Chapman
bfff648f38 Fix for NT BSOD problem. There's no reason to have two "NT usernames" running
around anyway.

The real problem is, once again, the brokenness of pwdb_sam_map_names et al.
This time it is deciding to return blank NT usernames, which NT's redirector
objects to.

I'm currently working on improving the pwdb/mapping code, should be ready in a
couple of weeks.
(This used to be commit 30a085bf80)
1999-02-09 03:57:10 +00:00
Luke Leighton
c6ad04b8fb attempting to fix "domain user map" up, but it's a bit complicated.
i may simply go for a response in the NetSamLogon returning the
unix username, forcing the NT user to appear to be a unix user,
however even that is fraught with implications.

might just have to go the whole hog and do this tuple thing,
"unix_name + nt_name" always associated together...


issue with api_net_sam_logon, getsam21pwent() being called twice,
the second time overwriting static buffer data (argh) so had to
make a copy.

noticed a nested "become_root()"/"unbecome_root()" which will have
to be tracked down...
(This used to be commit 474f94f419)
1998-11-30 22:42:13 +00:00
Luke Leighton
30038de462 weekend work. user / group database API.
- split sam_passwd and smb_passwd into separate higher-order function tables

- renamed struct smb_passwd's "smb_user" to "unix_user".  added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.

NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.

- added query_useraliases code to rpcclient.

- dealt with some nasty interdependencies involving non-smbd programs
and the password database API.  this is still not satisfactorily
resolved completelely, but it's the best i can do for now.

- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.

lots of debugging done, it's still not finished.  the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect.  the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7)
1998-11-29 20:03:33 +00:00
Luke Leighton
9a0cb06b24 fixing group database issues
(This used to be commit 591c63e3e1)
1998-11-25 23:11:25 +00:00
Luke Leighton
c9b2f20efc fixing domain join and domain login problems
(This used to be commit 90a2466431)
1998-11-25 14:54:23 +00:00
Luke Leighton
74d539f557 - group database API. oops and oh dear, the threat has been carried out:
the pre-alpha "domain group" etc parameters have disappeared.

- interactive debug detection

- re-added mem_man (andrew's memory management, detects memory corruption)

- american spellings of "initialise" replaced with english spelling of
  "initialise".

- started on "lookup_name()" and "lookup_sid()" functions.  proper ones.

- moved lots of functions around.  created some modules of commonly used
  code.  e.g the password file locking code, which is used in groupfile.c
  and aliasfile.c and smbpass.c

- moved RID_TYPE_MASK up another bit.  this is really unfortunate, but
  there is no other "fast" way to identify users from groups from aliases.
  i do not believe that this code saves us anything (the multipliers)
  and puts us at a disadvantage (reduces the useable rid space).
  the designers of NT aren't silly: if they can get away with a user-
  interface-speed LsaLookupNames / LsaLookupSids, then so can we.  i
  spoke with isaac at the cifs conference, the only time for example that
  they do a security context check is on file create.  certainly not on
  individual file reads / writes, which would drastically hit their
  performance and ours, too.

- renamed myworkgroup to global_sam_name, amongst other things, when used
  in the rpc code.  there is also a global_member_name, as we are always
  responsible for a SAM database, the scope of which is limited by the role
  of the machine (e.g if a member of a workgroup, your SAM is for _local_
  logins only, and its name is the name of your server.  you even still
  have a SID.  see LsaQueryInfoPolicy, levels 3 and 5).

- updated functionality of groupname.c to be able to cope with names
  like DOMAIN\group and SERVER\alias.  used this code to be able to
  do aliases as well as groups.  this code may actually be better
  off being used in username mapping, too.

- created a connect to serverlist function in clientgen.c and used it
  in password.c

- initialisation in server.c depends on the role of the server.  well,
  it does now.

- rpctorture.  smbtorture.  EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e609)
1998-11-17 16:19:04 +00:00
Luke Leighton
5b863af4c0 cleaning up conflicts between group code not yet committed and
changes from yesterday by me, jeremy and andrew.

jeremy, your ACB_PWNOTREQ mod would have caused a crash if the user
didn't exist (first check should be for smb_pass != NULL)
(This used to be commit cbac0f165d)
1998-11-12 16:07:00 +00:00
Jeremy Allison
f49b994aeb rpc_server/srv_netlog.c: Fixed crash bug with ACB_PWNOTREQ.
script/makeyodldocs.sh: Added code to make text docs for non-man page YODL docs.
web/cgi.c web/swat.c: SGI compiler warnings fixed.
Jeremy.
(This used to be commit 80e0f7e107)
1998-11-11 23:25:51 +00:00
Luke Leighton
a9d1a89963 set netlogon negotiation flags to 0x1ff, not to what the client requests.
this is 0x4000 01ff on NT4 SP4, and 0x0000 01ff on pre-NT4 SP4.
(This used to be commit 59cf9c00d9)
1998-10-23 17:22:21 +00:00
Luke Leighton
eadc5b8c6e domain aliases added a bit better: does local aliases if you query
for sid S-1-5-20 and does (nothing at the moment) if you query for
your own sid.
(This used to be commit da40f26f4b)
1998-10-21 22:36:26 +00:00
Luke Leighton
c9ab92ffe5 rpcclient ntlogin test
(This used to be commit f69cf05ff5)
1998-10-16 00:59:22 +00:00
Jeremy Allison
9066025a8a Got very strict about the differences and uses of
uid_t, gid_t and vuid. Added sys_getgroups() to get
around the int * return problem. Set correct datatypes
for all uid, gid and vuid variables.
Jeremy.
(This used to be commit e570db46fc)
1998-09-29 20:24:17 +00:00
Jeremy Allison
06e42fa865 nmbd_elections.c: Removed force elections code to bring into line with 1.9.18.
nmbd_namelistdb.c: Added comment for Chris.
nmbd_subnetdb.c: Went back to Chris's comparison code as with the make_nmb_name
                 change it all works now.
lib/rpc/server/srv_netlog.c: Ensure we return 'account disabled' for disabled
                             accounts, rather than crashing.
Jeremy.
(This used to be commit 4ab3d16827)
1998-06-29 22:50:49 +00:00
Jeremy Allison
72bf410b6e De-coupled the mapping of a Windows to UNIX username from the Get_Pwnam
username case conversion wrapper. It is now (very) explicit where we are
mapping between an incoming Windows username, and when we are doing a
UNIX password entry lookup, which may change the case of the given
username.
This makes things *much* clearer (IMHO:-) and will ease the adding of
the 'groupname map' parameter, and the addition of the special 'jeremy'
mode for Samba where unix users will not be needed. (We must think of
a better name for it :-).
Jeremy.
(This used to be commit fb6ed81844)
1998-06-10 19:45:13 +00:00
Jeremy Allison
e85295d924 loadparm.c: Removed 'domain other sids' parameter.
lib/rpc/include/rpc_lsa.h: Changed #defines for RPC calls - moved some, made LSA_LOOKUPNAMES correct.
lib/rpc/include/rpc_misc.h: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx.
                            Changed bitmasks for uid to rid to be 1 bit.
lib/rpc/parse/parse_misc.c: Changed make_unistr2 to put length as given, max length as one more.
lib/rpc/server/srv_netlog.c: Removed 'domain other sids' parameter.
lib/rpc/server/srv_samr.c: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx.
lib/rpc/server/srv_util.c: Changed DOMAIN_ALIAS_xxx to BUILTIN_ALIAS_xxx.
Jeremy.
(This used to be commit 34c91840a3)
1998-06-09 02:26:26 +00:00
Jeremy Allison
88d88f5d0d loadparm.c: Did it ! Changed defaults for 'case preserve' and 'short case preserve'.
Also removed 'domain allow/deny' parameters.
shmem_sysv.c: Added strerror code so I can see why sysV calls are failing.
lib/rpc/server/srv_netlog.c: Removed code that used 'domain allow/deny' parameters -
                             replaced with a comment so I will remember to fix this later.
Jeremy.
(This used to be commit 5f46c7c4b1)
1998-06-05 20:46:05 +00:00
Luke Leighton
684edc9fcd - created pdb_sethexpwd(), to be called from all pwd apis that need to
store passwords in ascii format

- dealt with lots of signed/unsigned char thingies spotted by Tim Winders.
(This used to be commit bd825f1ef1)
1998-05-24 13:36:43 +00:00
Jeremy Allison
ffab54750f chgpasswd.c: Changed back to getsmb... from getsam...
ldap.c: Stoped dummy_function being prototyped.
loadparm.c: Fixed slprintf sizes.
nisppass.c: Fixed safe_strcpy sizes.
nmbd_processlogon.c: Changed back to getsmb... from getsam...
nttrans.c: Just a dump of new code.
passdb.c: Moved stuff around a lot - stopped any lookups by rid. This
          needs to be indirected through a function table (soon).
password.c: Changed back to getsmb... from getsam...
reply.c: Changed back to getsmb... from getsam...
slprintf.c: Fixed prototype problems.
smb.h: Fixed prototype problems.
smbpass.c: Changed to getsmbfile....
smbpasswd.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup.
lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam...
Jeremy.
(This used to be commit 7d332b2493)
1998-05-18 21:30:57 +00:00
Luke Leighton
39f3c0c25a - renamed some of the passdb.c functions: they have a prefix pdb_ on them
- split smbpass.c "password file lock" routines into smbpassfile.c: moved
  trust account routines into smbpassfile.c as well
(This used to be commit 3e48b4eb11)
1998-05-18 12:27:04 +00:00
Jeremy Allison
5e1313d184 Fix from "Gerald W. Carter" <cartegw@eng.auburn.edu>, we were
copying from a parameter into an unitialized variable (doh !).
Jeremy.
(This used to be commit a3a0dc14c2)
1998-05-15 22:29:42 +00:00
Jeremy Allison
05a8202b48 Fixed dce/rpc to use global_machine_sid (auto generated in server.c if
not present in smb.conf).
Jeremy.
(This used to be commit e7c1100390)
1998-05-14 03:32:21 +00:00
Jeremy Allison
a4276507e4 chgpasswd.c: Added comments to #ifdefs
ipc.c: Caused samba password changing not to be done if UNIX password
       changing requested and not successful.
util.c: Added string_to_sid() and sid_to_string() functions.
lib/rpc/client/cli_samr.c:
lib/rpc/include/rpc_misc.h:
lib/rpc/parse/parse_lsa.c:
lib/rpc/parse/parse_misc.c:
lib/rpc/parse/parse_net.c:
lib/rpc/parse/parse_samr.c:
lib/rpc/server/srv_lsa.c:
lib/rpc/server/srv_lsa_hnd.c:
lib/rpc/server/srv_netlog.c:
lib/rpc/server/srv_samr.c:
lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs
around as char *, they are converted to DOM_SID at the earliest
opportunity, and passed around as that. Also added dynamic memory
allocation of group sids. Preparing to auto-generate machine sid.
Jeremy.
(This used to be commit 134d6fa79c)
1998-05-14 01:30:40 +00:00
Jeremy Allison
f888868f46 This is a security audit change of the main source.
It removed all ocurrences of the following functions :

sprintf
strcpy
strcat

The replacements are slprintf, safe_strcpy and safe_strcat.

It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.

Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.

Jeremy.
(This used to be commit 2d77445400)
1998-05-12 00:55:32 +00:00
Andrew Tridgell
3dfc0c8472 changed to use slprintf() instead of sprintf() just about
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.

This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb)
1998-05-11 06:38:36 +00:00
Luke Leighton
d8d9f77233 created "passdb.c" which is an interface point to (at present) either
smbpasswd or ldap passwd, at compile-time (-DUSE_LDAP).

_none_ of the functions in ldap.c or smbpass.c should be called directly:
only those in passdb.c should be used.

-DUSE_LDAP is unlikely to compile at the moment.
(This used to be commit 57b01ad4ff)
1998-05-07 18:19:05 +00:00
Jeremy Allison
3eae1e3f8e Added patch from Bruce Tenison <btenison@dibbs.net> to allow encrypted
passwords to be stored over time, allowing a smbpasswd file migration.
Adds new parameter "update encrypted".
Will also add to 1.9.18 branch.
Docs update to follow.
Jeremy.
(This used to be commit 5d3e874d78)
1998-04-30 01:39:22 +00:00
Jeremy Allison
90177708aa Makefile: Added files to smbpasswd.c.
loadparm.c: Patch from tim@quiknet.com for static string problems.
server.c: Setup global_myname.
smbpass.c: Fix up locking. Add machine_password_delete() call.
smbpasswd.c: Added provisional code to add to a domain.
lib/rpc/client/cli_login.c: Fixed incorrect cred_hash3 call when setting machine password.
lib/rpc/server/srv_netlog.c: Fixed incorrect cred_hash3 call when setting machine password.
Jeremy.
(This used to be commit 6a7164233e)
1998-04-29 22:27:26 +00:00
Jeremy Allison
d3832506b2 This is the checkin that adds the security=domain functionality.
WARNING - so far this has only been tested against a Samba PDC
(still waiting for IS to add me the machine accounts :-).

Still missing is the code in smbpasswd that will add a machine
account password and change it on the domain controller, but
this is not hard, and I will check it in soon.

Jeremy.
(This used to be commit 17b94a7084)
1998-04-29 00:02:57 +00:00
Jeremy Allison
e7ac86607c This looks like a big change but really isn't.
It is changing the global variables "myname" and "myworkgroup"
to "global_myname" and "global_myworkgroup" respectively.

This is to make it very explicit when we are messing
with a global (don't ask - it makes the domain client
code much clearer :-).

Jeremy.
(This used to be commit 866406bfe3)
1998-04-25 01:12:08 +00:00
Jeremy Allison
30675f81f6 Makefile: Added nterr.c into the mix.
clientgen.c: Added nt_error as an entry in the struct client_state.
password.c: Open the netlogon pipe.
smb.h: Added nt_error as an entry in the struct client_state.
lib/rpc/parse/parse_net.c: Added comments on net logon.
lib/rpc/server/srv_netlog.c: Added comments on net logon.
Jeremy.
(This used to be commit 899a9f0dce)
1998-04-23 22:59:19 +00:00
Jeremy Allison
da4e61efad Fixed bug found by Gerald Carter <cartegw@Eng.Auburn.EDU> where
global myname was being overwritten incorrectly.
Jeremy.
(This used to be commit a3e7cf1b8a)
1998-04-22 17:59:44 +00:00
Jeremy Allison
2beb8f3cb5 genrand.c: Improved filename based random seed generation.
lib/rpc/server/srv_netlog.c: Changed to use generate_random_buffer().
Jeremy.
(This used to be commit 093d060a06)
1998-04-20 23:57:29 +00:00
Jeremy Allison
6733e2b36e includes.h: Added John's redhat fix for QSORT_CAST.
smbpass.c: Added lock depth code so calls to pw_file_lock() can be nested.
           Fixed codedump problems in add_smbpwd_entry().
smbpasswd.c: Removed all the code that manipulated the password file
             directly. Now *all* smbpasswd file changes are done through
             the interfaces defined in smbpass.c This should make
             the life of people adding alternate backend databases
             *much* easier.
lib/rpc/server/srv_netlog.c: Removed debug messages used to debug
                             machine password changing.
Jeremy.
(This used to be commit c9f61be08f)
1998-04-18 02:00:39 +00:00
Jeremy Allison
373d7c6257 Changing of machine passwords now works !!!!!!
smbdes.c: Added cred_hash3.
smbpasswd.c: Fixes for adding a machine account (needs more work).
lib/rpc/server/srv_netlog.c: Turn on the machine password changing
code by default (calls cred_hash3).
Jeremy.
(This used to be commit 50aa513b96)
1998-04-17 19:29:51 +00:00
Jeremy Allison
2a53d6f707 Modified interfaces to getting smb password entries from
get_smbpwd_entry (now an internal function to smbpass.c)
to a more UNIX-like :

getsmbpwnam() - get entry by name.
getsmbpwuid() - get entry by uid.

Changed the type returned by the smbpasswd enumeration
functions to be a void * so that people don't come to
depend on it being a FILE *.

These abstractions should make it much easier to
replace the smbpasswd file with a better backend
in future.

Other files changed are to match the above changes.

Jeremy.
(This used to be commit 1161cfb7f2)
1998-04-14 00:41:59 +00:00
Jeremy Allison
77e4dd2478 Changed code to check NT password *first* - if it exists.
The NT password is a higher quality password, and should
always be looked at before the LM password, if available
(sorry, Luke, just a minor change, the other changes you
made were fine :-).
Jeremy.
(This used to be commit c1367bf533)
1998-04-02 01:07:53 +00:00