CVS update: samba/source

Luke Leighton lkcl at samba.anu.edu.au
Thu Nov 20 04:17:37 EST 1997 

Date:	Thursday November 20, 1997 @ 4:17
Author:	lkcl

Update of /data/cvs/samba/source
In directory samba:/tmp/cvs-serv2819

Modified Files:
      Tag: BRANCH_NTDOM
	Makefile client.c clientgen.c clientutil.c ntclient.c 
	ntdomain.h password.c proto.h pwd_validate.c reply.c server.c 
	smb.h smbpass.c util.c 
Log Message:

[hee hee hee been at it again].

Issues
------

- domain client:

this is the *first* version that successfully logs in to an NT 4.0 server
using smbclient.  hooray!  this means that we can start exploring the other
trust relationships (the SERVER and DOMAIN, not just the WORKSTATION).  this
means that we can possibly do backup domain controller and inter-domain trust
relationships.  it also means that pam-ntdom can easily be written.

oh, by the way, the implementation (in microsoft code) of the rpc pipes is
over anonymous IPC$ connection.  therefore, andrew, you are absolutely right:
we can't shut down anonymous IPC$ access, because you close off access to
DCE/RPC if you do that!

[if you put in an invalid username or password, then yes you can refuse it].

i also modified the nt client code to use clientgen.c and cli_state...


- code moving:

i split ntclient.c down into separate modules, because a) it was getting
cumbersome b) we need separate functions for logins, for status checks,
for trust account checks etc.


- smb_io_unistr2() and smb_io_unihdr():

this one's a pain.  every unicode string has a pointer before it.  if the
pointer is NULL, the unicode string is NOT put into the data stream.
sometimes this is done explicitly; sometimes it is done using a UNIHDR
structure.  eventually, i added an extra argument to smb_io_unistr2() to
tell it whether to bother to transfer the unicode string into/out of the
data stream, or whether to bzero the unicode string structure.

i got caught out on the SMB login, because some of the profile parameters
were NULL strings :-)


Modified Files:
---------------

Makefile :

	split ntclient.c into rpc_pipes/ntclient[login/trust/status].c

client.c :

	don't use clientutil.c, use clientgen.c.  new way of calling nt
	client code.

clientgen.c :

	- cli_send_trans()

	due to bugs in microsoft's code, they don't initialise their
	buffers before writing data to them.  therefore, there are some
	random bits of data appearing in between the 4-byte word-aligned
	sections.  in _case_ these are important (they are to os/2), i
	modified cli_send_trans to take not only the pipe name but the
	pipe name length, and to use memcpy() instead of strcpy.
	
	- cli_api_pipe()

	the generic version cli_api().  cli_api() is specifically for
	\PIPE\LANMAN.  this function can also take setup arguments as
	well as param and data arguments.

	- cli_api()

	only calls cli_api_pipe() in #ifdef NTDOMAIN.

	- cli_initialise()

	if the dest_ip address is zero, then assume that actually, we
	want to do a gethostbyname(), rather than connect to ip address
	0.0.0.0

clientutil.c :

	removed temporary hack which made a copy of the clear-text
	password.......

ntclient.c :

	contains one simple function now, which is a test-wrapper for the
	actual nt domain client code.

ntdomain.h :

	renamed unicode string "undoc" to "buffer_ptr".

	whoops!  baad one!  missed out a switch value (3) on the end of the
	SAM Logon and SAM Logoff Queries!  this was interesting, as it
	caused an "rpc fail" from the NT server...

password.c :

	- password_ok()

	removed smb password checking: calling smb_password_ok() instead.
	this is to avoid code duplication.  had to add explicit checking
	of the smb and unix userids, because this is deliberately *not*
	done in smb_password_ok().

pwd_validate.c :

	- server_validate2()

	was disconnecting after the SMBtconX.  got my true/false checks
	the wrong way round...

reply.c :

	- reply_sesssetup_X()

	made sess_trust_acct variable local.

server.c :

	not using (no-longer-global) sess_trust_acct variable.

smbpass.c :

	got the ACB_xxxx thingy to print out in |:0080:| format, not |:  80:|.
	also, specified the correct length.  i hope.

rpc_pipes/smbparse.c :
rpc_pipes/srvparse.c :
rpc_pipes/wksparse.c :
rpc_pipes/lsaparse.c :
rpc_pipes/samrparse.c :
rpc_pipes/pipesrvsvc.c :

	smb_io_unistr2() added extra buffer parameter.
	true: read/write data stream.  false: zero structure.

	- make_sam_info() and smb_io_sam_info()

	added missing switch_value2 parameter, used at the end of SAM
	Logon and SAM Logoff data streams.
	
rpc_pipes/ntclientlsa.c :
rpc_pipes/ntclientnet.c :
rpc_pipes/ntclientpipe.c :
rpc_pipes/pipeutil.c :

	removed explicit call_id parameter: use get_rpc_call_id() to make it.
	use of cli_state and client_gen.c functions instead of explicit
	Client and cnum stuff, which was using clientutil.c...

	- do_lsa_sam_logon() and do_lsa_sam_logoff()

	missing an extra parameter at the end (switch value of 3).

	- rpc_pipe_open()

	not needed: it's actually cli_open() from clientgen.c, with a few
	extra parameters.  you then call rpc set named pipe state, and you're
	happy.  if we supported NT create X, we'd probably not need the set
	named pipe state...


rpc_pipes/

More information about the samba-cvs mailing list