1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

241 Commits

Author SHA1 Message Date
Andrew Tridgell
32a965e09c 2nd phase of head branch sync with SAMBA_2_0 - this delets all the files that were in the head branch but weren't in SAMBA_2_0
(This used to be commit d7b2087865)
1999-12-13 13:35:20 +00:00
Andrew Tridgell
3db52feb1f first pass at updating head branch to be to be the same as the SAMBA_2_0 branch
(This used to be commit 453a822a76)
1999-12-13 13:27:58 +00:00
Luke Leighton
4f8a24522c final part of "first" phase converting over to msrpc daemon architecture.
done a minimal amout of clean-up in the Makefile, removing unnecessary
modules from the link stage.  this is not complete, yet, and will
involve some changes, for example to smbd, to remove dependencies on
the password database API that shouldn't be there.  for example,
smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa
API.

this first implementation has minor problems with not reinstantiating
the same services as the caller.  the "homes" service is a good example.
(This used to be commit caa5052522)
1999-12-12 20:03:42 +00:00
Luke Leighton
0ce128e355 delineation between smb and msrpc more marked. smbd now constructs
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service.  the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.

this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).

removed reference to pipes_struct in msrpc services.  all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.

created become_vuser() which does everything not related to connection_struct
that become_user() does.

removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.

todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.

had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons.  why?  because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency.  so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc.  this is the MINIMUM info identified so far that's
actually implemented.  missing bits include the called and calling
netbios names etc.  (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
(This used to be commit aa3c659a8d)
1999-12-12 01:25:49 +00:00
Luke Leighton
4ab9d91428 ABOUT TIME!!!!!!!!
damn, this one is bad.

started, at least two days ago, to add an authentication mechanism to
the smbd<->msrpc redirector/relay, such that sufficient unix / nt
information could be transferred across the unix socket to do a
become_user() on the other side of the socket.

it is necessary that the msrpc daemon inherit the same unix and nt
credentials as the smbd process from which it was spawned, until
such time as the msrpc daemon receives an authentication request
of its own, whereupon the msrpc daemon is responsible for authenticating
the new credentials and doing yet another become_user() etc sequence.
(This used to be commit 30c7fdd6ef)
1999-12-08 21:43:03 +00:00
Luke Leighton
a0ba234cf9 the first independent msrpc daemon - lsarpcd.
one horrible cut / paste job from smbd, plus a code split of shared
components between the two.

the job is not _yet_ complete, as i need to be able to do a become_user()
call for security reasons.  i picked lsarpcd first because you don't
_need_ security on it (microsoft botched so badly on this one, it's not
real.  at least they fixed this in nt5 with restrictanonymous=0x2).
fixing this involves sending the current smb and unix credentials down
the unix pipe so that the daemon it eventually goes to can pick them
up at the other end.

i can't believe this all worked!!!
(This used to be commit 2245b0c6d1)
1999-12-06 00:44:32 +00:00
Luke Leighton
0d44ff9a76 attempting to resolve the issue that multiple servers often specified in
parameters to connect to \PIPE\NETLOGON.
(This used to be commit d1986ade30)
1999-11-29 21:47:14 +00:00
Luke Leighton
3fc5ec73be further abstraction involving client states. main client-side code
is pretty much independent of SMB client states, which will make it
easier to add other transports.
(This used to be commit a1ff7e8fc3)
1999-11-27 21:50:11 +00:00
Luke Leighton
75bc100943 cool! completed a samr* API that _would_ look like an msdn samr* api...
if microsoft bothered to publish it.  actually, there are good reasons
for not publishing it: people might write programs for it, and then
those programs wouldn't work on nt5, for example...
(This used to be commit 8ce93b80d3)
1999-11-25 05:26:48 +00:00
Luke Leighton
a70a4626df service control manager API completed. svcenum -i works, but does not
do so twice.  possible memory corruption, revolving around getopt().
(This used to be commit 7cacf8bd02)
1999-11-24 23:11:03 +00:00
Luke Leighton
f8b82a7b95 first stages of removing struct cli_state* and uint16 fnum from all
msrpc client code.  the intent is to hide / abstract / associate
connection info behind policy handles.

this makes the msrpc functions look more and more like their nt equivalents.

who-hou!
(This used to be commit c01b18e632)
1999-11-24 20:24:33 +00:00
Luke Leighton
2752e372b6 WARNING! MOVED rpc_server/srv_lsa_hnd.c TO lib/util_hnd.c
CVS UPDATE MAY ISSUE WARNING ABOUT lib/util_hnd.c MODIFICATION
DATE BEING IN THE FUTURE.  CVS CHECKOUT A NEW REPOSITORY MAY BE
SAFER.
(This used to be commit c26e8a6ac5)
1999-11-24 18:15:50 +00:00
Luke Leighton
d7889cd223 rewrote policy handle code to be generic (it's needed for client-side too)
attempted to fix regsetsec command
(This used to be commit eaac0923e0)
1999-11-24 18:09:33 +00:00
Luke Leighton
4081147c31 adding user session key into network netlogon response.
(This used to be commit c73f6b0d02)
1999-11-21 17:11:00 +00:00
Luke Leighton
ef8ced0ca6 dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT()
some of the server-side stuff.  Realloc() was being used, so it
Realloc()d some random area of memory.  oops.dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT()
some of the server-side stuff.  Realloc() was being used, so it
Realloc()d some random area of memory.  oops.dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT()
some of the server-side stuff.  Realloc() was being used, so it
Realloc()d some random area of memory.  oops.
(This used to be commit a51f62f4cf)
1999-11-20 18:17:29 +00:00
Luke Leighton
e1820455c2 nt5rc2 falling over because the LsaQueryInfoPolicy() response _must_
have the string max length = string length + 1.

if not, then it gets its knickers in a twist over whether the string
is NULL-terminated or not.

four days.

four days i spent on this one.
(This used to be commit 9795e5948c)
1999-11-19 02:05:19 +00:00
Luke Leighton
3365a2fd23 The First Necessary UNICODE String Support.
the random workstation trust account password is TOTAL garbage.  i mean,
complete garbage.  it's nowhere CLOSE to being a UNICODE string.  therefore
we can't just take every second character.

created nt_owf_genW() which creates NT#(password) instead of NT#(Unicode(pw)).
followed through to the password setting in srv_samr.c
(This used to be commit 172601b84a)
1999-11-19 01:37:16 +00:00
Luke Leighton
161c11e4bc - bug in nmbd registering DOMAIN_NAME<1c> to WINS server; recursion
desired flag MUST be set in any NBT UDP packets sent to a WINS
  server, else they will go to the WINS client side of the NT NetBIOS
  kernel instead, and will get trashed.

- added \PIPE\browser server-side code.
(This used to be commit 8e406c1fa2)
1999-11-19 01:01:07 +00:00
Luke Leighton
da517a3ff4 responses to UDP samquery go back to SERVER<00> not DOMAIN<1c>, the
request name.

modified createuser rpcclient command to examine name being added.  if it
ends in a $, assume that a workstation trust account is being added.
(This used to be commit 4aea261cb0)
1999-11-18 23:15:45 +00:00
Luke Leighton
4245278ca3 set "key does not exist" response to reg_query_val() (win32 status code
of 0x2).  [p.s. getting REALLY bored of this nt5rc2->samba domain stuff].
(This used to be commit a8801942f7)
1999-11-18 22:03:47 +00:00
Luke Leighton
e3b2f276e0 added samuserset2 rpcclient command to test ACB_XXX bit-setting on
samr opcode 0x25.  _yet_ another failed attempt to get nt5rc2 to join
a samba domain.  what _is_ it with this stuff, dammit?
(This used to be commit c3913f8ae2)
1999-11-18 19:29:08 +00:00
Luke Leighton
a394a4a8fa updating reg_value_info() parsing code to take BUFFER2 instead of just
a char*.  now copes with multiple types.
(This used to be commit 3df7c903c5)
1999-11-18 17:57:21 +00:00
Luke Leighton
ccc8585567 added regqueryval command (experimental) to get reg_io_q_info() and
reg_io_r_info() working properly.  previously they weren't well
understood (well, they were the first of the registry functions i did,
back in december 97, ok??? :-)

set ntversion to 0x1 in SAMQUERY, so that we reply same as NT4 srv.
(This used to be commit 98ddeaf442)
1999-11-18 00:26:11 +00:00
Luke Leighton
cc8df5ce49 attempting to get nt5 wksta to join domain.
1) had to fix samr "create user" and "set user info" (level 23).

2) had to fix netlogon enum trust domains

3) registry key needed \\ in it not \.
(This used to be commit 70b2c1ecbb)
1999-11-16 21:14:53 +00:00
Luke Leighton
6b56ebb7cf added two new params: "trusted domains" and "trusting domains".
these _may_ not actually ever get used, as trust relationships
really need to be established with shared secrets, and you need
to get the SID of the trusted and trusting domains, so this
may have to go in a private/xxx.mac file.
(This used to be commit 71f1213867)
1999-11-16 17:27:41 +00:00
Luke Leighton
82f1f32ff7 added another dummy key so that NT5 can check in the registry whether
password changes are allowed or not.  *dur*!!!!
(This used to be commit b51fa05c82)
1999-11-16 17:25:45 +00:00
Luke Leighton
774d2d7366 Shirish Kalele <kalele@veritas.com> noticed that NT workstations are
sending anonymous NTLMSSP user credentials to set up \PIPE\samr.
added anonymous NTLMSSP sessions.
(This used to be commit df5ee2bd42)
1999-11-16 15:39:09 +00:00
Richard Sharpe
8a84d000c9 Changes to implement NET_AUTH based on NET_AUTH2, to get Win2000
happier in joining a Samba domain.
(This used to be commit 70274b5253)
1999-11-16 14:10:23 +00:00
Luke Leighton
089b57b5b4 added server-side samr enum domains. fixed some parsing issues, server-side.
(This used to be commit 60b0840106)
1999-11-15 23:46:27 +00:00
Luke Leighton
b231d2fafa - added DCE/RPC "fault" PDU support.
- disabled (AGAIN) the GETDC "if (MAILSLOT\NTLOGON)" code that will get
NT5rc2 to work but WILL break win95 (AGAIN).  this needs _not_ to be
re-enabled but to be replaced with a better mechanism.

- added SMBwrite support (note: SMBwriteX already existed) as NT5rc2 is
sending DCE/RPC over SMBwrite not SMBwriteX.
(This used to be commit 25c70e3c98)
1999-11-15 22:11:10 +00:00
Luke Leighton
702b085293 preparation for doing a spoolss enum jobs command. had to rewrite
spoolss_enumjobs parsing code to do read / writes not just writes.
(This used to be commit bc659a09f9)
1999-11-08 22:00:41 +00:00
Luke Leighton
bd6467154e spoolss openprinterex / closeprinter client-code.
experimental spoolopen <printer name> command added.

jean-francois, f.y.i. i changed the #define for SPOOLSS_OPENPRINTEREX from
op code 0x44 to 0x45.
(This used to be commit ef7fa58fd3)
1999-11-06 18:11:19 +00:00
Luke Leighton
7011570610 free up memory allocated by enum dom groups / aliases
(This used to be commit edb49e754b)
1999-11-02 23:32:16 +00:00
Luke Leighton
d0fd259514 more reshuffling of enum groups code. more higher order functions.
(This used to be commit 497d423172)
1999-10-29 17:37:27 +00:00
Luke Leighton
050121b1a1 rewrote api_net_sam_logon() to be a little clearer.
(This used to be commit 3adc31083b)
1999-10-27 17:20:55 +00:00
Luke Leighton
8e1f542ddf one of those wonderful moments when running against a different MSRPC
implementation (NT5) when you discover that your code is trash.
samr_enum_dom_users(), samr_enum_dom_aliases() and samr_enum_dom_groups()
all take a HANDLE for multiple-call enumeration purposes.
(This used to be commit 19490d8b4f)
1999-10-25 16:22:08 +00:00
Luke Leighton
45b794bdde the dynamic memory alloc blood-fest goes on...
(This used to be commit 134b20e2a7)
1999-10-21 19:02:57 +00:00
Luke Leighton
6f9105c853 various. debug levels changed. nmbd doesn't need libsmb/clienttrust.c.
samr_lookup_rids() moved to a dynamic memory structure not a
static one limited to 32 RIDs.  cli_pipe.c reading wasn't checking
ERRmoredata when DOS error codes negotiated (this terminates
MSRPC code with prejudice).
(This used to be commit 8976eca2db)
1999-10-21 16:53:50 +00:00
Luke Leighton
003f7364fd adding error checking in parsing code
(This used to be commit 4c98d71ebd)
1999-10-15 20:00:30 +00:00
Jean-François Micouleau
ed5fbd743b don't leak printer handles,
don't coredump when adding forms,
and a small non obvious memory leak in the rpc buffers

	J.F.
(This used to be commit bee11f8889)
1999-09-27 13:12:55 +00:00
Jean-François Micouleau
0490365b04 Don't duplicate forms anymore, just update the definition.
Many memory leaks fixed.

	J.F.
(This used to be commit f328ae8024)
1999-09-25 14:18:48 +00:00
Jean-François Micouleau
7b88001235 Correctly handle the dependent files in the printer_driver_info_3 struct
It means complex printer drivers should now download fine.

	J.F.
(This used to be commit a893df5c00)
1999-09-24 14:45:21 +00:00
Luke Leighton
178ad937ec allan hourihane sent log 100 in which showed that some really old code
for lsa_close response was messing up.  fixed by calling lsa_io_r_close()
which i've been meaning to do for over eighteen months.
(This used to be commit f9a0ea0948)
1999-09-09 18:15:08 +00:00
Luke Leighton
58f8159566 matthew chapman identified 4 previously unknown samr functions.
(This used to be commit 001b53866c)
1999-08-31 13:19:55 +00:00
Luke Leighton
736c507722 debugged enumgroups -g option
(This used to be commit 1cde47ba6a)
1999-08-30 17:15:59 +00:00
Luke Leighton
b3f59299a0 patch from michael glauche to add session enum code into smbd.
(This used to be commit e90e38c66d)
1999-08-18 21:18:42 +00:00
Luke Leighton
e055972009 patch from Michael Glauche to list connections from STATUS..LCK.
(This used to be commit 91a66dd5c3)
1999-08-17 23:16:17 +00:00
Jean-François Micouleau
4bff267574 - enumprintprocessors and enumprintmonitors added.
- getjob (level 1 and 2) done.
- better handling of getprinterdriver (level 2).
- added workaround to print PCL files.

Now the spoolss code should be compliant with all kind of printers :-)

	Jean Francois
(This used to be commit bf9b639bf9)
1999-07-27 10:46:44 +00:00
Luke Leighton
f2e0bbffb5 renaming AUTH VERIFIER to AUTH NTLMSSP VERIFIER. ready for adding
another RPC authentication system.
(This used to be commit 1a211bafeb)
1999-07-26 21:47:23 +00:00
Luke Leighton
d300fc3173 commented location where lookup_sids(), a direct call to the password
database API, needs to be replaced with over-the-wire (actually, tcp/ip
loopback) to smbd.

in fact, this is the location where, if we want to put in an nt5 ldap
lookup system or netware NDS instead, we make the calls to resolve
users-to-sids and vice-versa: NOT by replacing rpc_server/srv_samr.c.
(This used to be commit fd886af331)
1999-07-26 17:46:06 +00:00