[SCM] Samba Shared Repository - branch v3-6-test updated
Günther Deschner
gd at samba.org
Mon Sep 20 11:36:13 MDT 2010
The branch, v3-6-test has been updated
via 1bb222d s3-nmbd: use NETLOGON_NT_VERSION_1 in LOGON_PRIMARY_RESPONSE.
via 4662162 s3-nmbd: use autogenerated marshalling for LOGON_SAM_LOGON_REQUEST.
via 2a136a9 s3-nmbd: use autogenerated marshalling for LOGON_PRIMARY_QUERY.
via b870be6 s3-nmbd: use autogenerated marshalling for LOGON_REQUEST.
via fdc0251 s3-nmbd: handle source_name in one location in nmbd_process_logon().
via 23d217a s3-nmbd: use nbt_netlogon_packet in process_logon_packet().
via b04c8e0 libcli/netlogon: add LOGON_REQUEST handling to pull_nbt_netlogon_response().
via 72d58e9 libcli/netlogon: add LOGON_RESPONSE2 to pull_nbt_netlogon_response().
via a80ec29 libcli/netlogon: add NETLOGON_RESPONSE2 to push_nbt_netlogon_response().
via 9a0695a s4-waf: fix bin/python/samba/dcerpc/nbt.so.
via 930ca32 s4-smbtorture: add torture ndr nbt testsuite.
via ece5080 nbt: add nbt_netlogon_response2 to IDL.
via 37664fd nbt: add NETLOGON_LOGON_REQUEST.
via 672949f nbt: add decode_nbt_netlogon_packet() to IDL.
via 9fe70c2 s3-nmbd: fix indentation in process_logon_packet().
via 1363767 s3-nmbd: remove trailing whitespace in nmbd_processlogon.c
from c9d78fc s3: Fix the charset_pull routine (bug 7531)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -----------------------------------------------------------------
commit 1bb222d88dbd8a4004d5c4f5e05a2ead18a430ea
Author: Günther Deschner <gd at samba.org>
Date: Thu Sep 9 23:13:33 2010 +0200
s3-nmbd: use NETLOGON_NT_VERSION_1 in LOGON_PRIMARY_RESPONSE.
Guenther
(cherry picked from commit 9f4c1a2a7b9c94df821413acb4fb61327e605f7f)
commit 4662162393915fbf3b82696cb60696c8742a81d4
Author: Günther Deschner <gd at samba.org>
Date: Wed Sep 8 18:55:27 2010 +0200
s3-nmbd: use autogenerated marshalling for LOGON_SAM_LOGON_REQUEST.
Guenther
(cherry picked from commit 71b95703f99d2a5b71c8d31abf04e2a05336afb8)
commit 2a136a90707c5b73fa14c4239578fbc6d800f275
Author: Günther Deschner <gd at samba.org>
Date: Thu Sep 9 13:16:21 2010 +0200
s3-nmbd: use autogenerated marshalling for LOGON_PRIMARY_QUERY.
Couldn't find any reproducer for a short request, so removing it for now.
Guenther
(cherry picked from commit 36d7efa75a799522b8ac5995509573d667213799)
commit b870be6cf0ed7901ce79586a794b9d6fa7e8be0a
Author: Günther Deschner <gd at samba.org>
Date: Thu Sep 9 22:39:05 2010 +0200
s3-nmbd: use autogenerated marshalling for LOGON_REQUEST.
Guenther
(cherry picked from commit bfda968e0776dfc95e761ffd3a91f72702286fee)
commit fdc0251603f11c3d7d269fd603b72d2881f709a0
Author: Günther Deschner <gd at samba.org>
Date: Thu Sep 9 22:38:37 2010 +0200
s3-nmbd: handle source_name in one location in nmbd_process_logon().
Guenther
(cherry picked from commit f002b7fa1b4162e691abb68eb95eee2a809faaf5)
commit 23d217aa7839d2c203ab3fa581732f274fc4793c
Author: Günther Deschner <gd at samba.org>
Date: Tue Sep 7 11:41:05 2010 +0200
s3-nmbd: use nbt_netlogon_packet in process_logon_packet().
Guenther
(cherry picked from commit 5fc7d14b064d83b40c65a8c41ea05a9b43af6f5d)
commit b04c8e0cc7cc077dc69c14cff14deb3c384a7a6e
Author: Günther Deschner <gd at samba.org>
Date: Wed Sep 8 11:58:04 2010 +0200
libcli/netlogon: add LOGON_REQUEST handling to pull_nbt_netlogon_response().
Guenther
(cherry picked from commit fe30e359670d67e9a8b8ccd22d4eb6d363f88827)
commit 72d58e950c4043f706ac21e079338bd7f5321c7a
Author: Günther Deschner <gd at samba.org>
Date: Wed Sep 8 18:59:19 2010 +0200
libcli/netlogon: add LOGON_RESPONSE2 to pull_nbt_netlogon_response().
Guenther
(cherry picked from commit 9a1dbe04a8f1a7cbd0352504990c9240fdd22dae)
commit a80ec29c5af21a6599b59eb303b8bd52ccd33d57
Author: Günther Deschner <gd at samba.org>
Date: Tue Sep 7 22:41:44 2010 +0200
libcli/netlogon: add NETLOGON_RESPONSE2 to push_nbt_netlogon_response().
Guenther
(cherry picked from commit daa948df2bf23f15bcdb4df170306ef71d952e7c)
commit 9a0695ad5dbdc27b579b1d118bb43460d6c999d1
Author: Günther Deschner <gd at samba.org>
Date: Wed Sep 8 23:23:09 2010 +0200
s4-waf: fix bin/python/samba/dcerpc/nbt.so.
Thanks to Brad Hards for pointing this out.
Guenther
commit 930ca329db9dd064aada99bcda15fd93f8a7e973
Author: Günther Deschner <gd at samba.org>
Date: Wed Sep 8 11:18:40 2010 +0200
s4-smbtorture: add torture ndr nbt testsuite.
Guenther
(cherry picked from commit 81ece84b789c64243db1661df6c9fa590d19490f)
commit ece50807cac6b133eeec42cea941fc4fdf1b764e
Author: Günther Deschner <gd at samba.org>
Date: Tue Sep 7 22:41:06 2010 +0200
nbt: add nbt_netlogon_response2 to IDL.
Guenther
(cherry picked from commit 1217809c465a35b0a2727111d820007097b2b611)
commit 37664fd79bebc2b76d86a5a487233e29a17ecf16
Author: Günther Deschner <gd at samba.org>
Date: Tue Sep 7 13:16:27 2010 +0200
nbt: add NETLOGON_LOGON_REQUEST.
Guenther
(cherry picked from commit 8f8ff8bb29cb6f07ddcb310a089b695dbe176b34)
commit 672949f7eca50e323375935e7106cf02128f1b0c
Author: Günther Deschner <gd at samba.org>
Date: Wed Sep 8 11:19:48 2010 +0200
nbt: add decode_nbt_netlogon_packet() to IDL.
Guenther
(cherry picked from commit 778950ca9322700c10c92b411873309398aa8dd1)
commit 9fe70c2f27ad6fcd06d4ac126f521a23058bdefc
Author: Günther Deschner <gd at samba.org>
Date: Tue Sep 7 11:50:39 2010 +0200
s3-nmbd: fix indentation in process_logon_packet().
purely cosmetic, no code change.
Guenther
(cherry picked from commit 958df10a44f1370ab46f8ed571e6927e1e182d87)
commit 1363767084e24f5d4587a2edb07497321a940e5c
Author: Günther Deschner <gd at samba.org>
Date: Wed Sep 8 19:01:10 2010 +0200
s3-nmbd: remove trailing whitespace in nmbd_processlogon.c
Guenther
(cherry picked from commit ed68eb768b59835b96099d3073a5aa8b1da0e082)
-----------------------------------------------------------------------
Summary of changes:
libcli/netlogon.c | 20 +
libcli/netlogon.h | 3 +-
librpc/idl/nbt.idl | 26 +-
source3/nmbd/nmbd_processlogon.c | 913 +++++++++++++-------------------------
source4/librpc/wscript_build | 6 +-
source4/torture/config.mk | 2 +-
source4/torture/ndr/nbt.c | 70 +++
source4/torture/ndr/ndr.c | 1 +
source4/torture/wscript_build | 2 +-
9 files changed, 438 insertions(+), 605 deletions(-)
create mode 100644 source4/torture/ndr/nbt.c
Changeset truncated at 500 lines:
diff --git a/libcli/netlogon.c b/libcli/netlogon.c
index d9b0196..ceb1c85 100644
--- a/libcli/netlogon.c
+++ b/libcli/netlogon.c
@@ -194,7 +194,17 @@ NTSTATUS push_nbt_netlogon_response(DATA_BLOB *data, TALLOC_CTX *mem_ctx,
data, mem_ctx,
&response->data.samlogon);
break;
+ case NETLOGON_RESPONSE2:
+ ndr_err = ndr_push_struct_blob(data, mem_ctx,
+ &response->data.response2,
+ (ndr_push_flags_fn_t)ndr_push_nbt_netlogon_response2);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ return ndr_map_error2ntstatus(ndr_err);
+ }
+ status = NT_STATUS_OK;
+ break;
}
+
return status;
}
@@ -228,6 +238,15 @@ NTSTATUS pull_nbt_netlogon_response(DATA_BLOB *data, TALLOC_CTX *mem_ctx,
status = NT_STATUS_OK;
response->response_type = NETLOGON_GET_PDC;
break;
+ case LOGON_RESPONSE2:
+ ndr_err = ndr_pull_struct_blob(data, mem_ctx, &response->data.response2,
+ (ndr_pull_flags_fn_t)ndr_pull_nbt_netlogon_response2);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ return ndr_map_error2ntstatus(ndr_err);
+ }
+ status = NT_STATUS_OK;
+ response->response_type = NETLOGON_RESPONSE2;
+ break;
case LOGON_SAM_LOGON_RESPONSE:
case LOGON_SAM_LOGON_PAUSE_RESPONSE:
case LOGON_SAM_LOGON_USER_UNKNOWN:
@@ -242,6 +261,7 @@ NTSTATUS pull_nbt_netlogon_response(DATA_BLOB *data, TALLOC_CTX *mem_ctx,
/* These levels are queries, not responses */
case LOGON_PRIMARY_QUERY:
+ case LOGON_REQUEST:
case NETLOGON_ANNOUNCE_UAS:
case LOGON_SAM_LOGON_REQUEST:
status = NT_STATUS_INVALID_NETWORK_RESPONSE;
diff --git a/libcli/netlogon.h b/libcli/netlogon.h
index 6ca3de3..3e626ed 100644
--- a/libcli/netlogon.h
+++ b/libcli/netlogon.h
@@ -42,10 +42,11 @@ struct netlogon_samlogon_response
struct nbt_netlogon_response
{
- enum {NETLOGON_GET_PDC, NETLOGON_SAMLOGON} response_type;
+ enum {NETLOGON_GET_PDC, NETLOGON_SAMLOGON, NETLOGON_RESPONSE2} response_type;
union {
struct nbt_netlogon_response_from_pdc get_pdc;
struct netlogon_samlogon_response samlogon;
+ struct nbt_netlogon_response2 response2;
} data;
};
diff --git a/librpc/idl/nbt.idl b/librpc/idl/nbt.idl
index 897abb2..6eff674 100644
--- a/librpc/idl/nbt.idl
+++ b/librpc/idl/nbt.idl
@@ -10,7 +10,9 @@
import "misc.idl", "security.idl", "svcctl.idl", "samr.idl";
[
- helper("../libcli/netlogon.h", "../libcli/nbt/libnbt.h")
+ helper("../libcli/netlogon.h", "../libcli/nbt/libnbt.h"),
+ helpstring("NBT messages"),
+ uuid("6def41b6-86e4-4c32-997c-ed33af7bcd8e")
]
interface nbt
{
@@ -377,6 +379,8 @@ interface nbt
} netlogon_nt_version_flags;
typedef [enum16bit,public] enum {
+ LOGON_REQUEST = 0,
+ LOGON_RESPONSE2 = 6,
LOGON_PRIMARY_QUERY = 7, /* Was also NETLOGON_QUERY_FOR_PDC */
NETLOGON_ANNOUNCE_UAS = 10,
NETLOGON_RESPONSE_FROM_PDC = 12,
@@ -413,6 +417,15 @@ interface nbt
uint16 lm20_token;
} NETLOGON_SAM_LOGON_REQUEST;
+ typedef struct {
+ astring computer_name;
+ astring user_name;
+ astring mailslot_name;
+ uint8 request_count;
+ uint16 lmnt_token;
+ uint16 lm20_token;
+ } NETLOGON_LOGON_REQUEST;
+
typedef [flag(NDR_NOALIGN),public] struct {
netlogon_command command;
nstring pdc_name;
@@ -492,6 +505,12 @@ interface nbt
uint16 lm20_token;
} nbt_netlogon_response_from_pdc;
+ typedef [flag(NDR_NOALIGN),public] struct {
+ netlogon_command command;
+ astring pdc_name;
+ uint16 lm20_token;
+ } nbt_netlogon_response2;
+
typedef enum netr_SamDatabaseID netr_SamDatabaseID;
/* used to announce SAM changes - MS-NRPC 2.2.1.5.1 */
@@ -520,6 +539,7 @@ interface nbt
} NETLOGON_DB_CHANGE;
typedef [nodiscriminant] union {
+ [case(LOGON_REQUEST)] NETLOGON_LOGON_REQUEST logon0;
[case(LOGON_SAM_LOGON_REQUEST)] NETLOGON_SAM_LOGON_REQUEST logon;
[case(LOGON_PRIMARY_QUERY)] nbt_netlogon_query_for_pdc pdc;
[case(NETLOGON_ANNOUNCE_UAS)] NETLOGON_DB_CHANGE uas;
@@ -542,6 +562,10 @@ interface nbt
[switch_is(command)] nbt_netlogon_request req;
} nbt_netlogon_packet;
+ void decode_nbt_netlogon_packet(
+ [in] nbt_netlogon_packet packet
+ );
+
/********************************************************/
/* \MAILSLOT\BROWSE mailslot requests */
/* for details see http://ubiqx.org/cifs/Browsing.html */
diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c
index 273f3d3..aa4a85c 100644
--- a/source3/nmbd/nmbd_processlogon.c
+++ b/source3/nmbd/nmbd_processlogon.c
@@ -1,24 +1,24 @@
-/*
+/*
Unix SMB/CIFS implementation.
NBT netbios routines and daemon - version 2
Copyright (C) Andrew Tridgell 1994-1998
Copyright (C) Luke Kenneth Casson Leighton 1994-1998
Copyright (C) Jeremy Allison 1994-2003
Copyright (C) Jim McDonough <jmcd at us.ibm.com> 2002
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
-
+
Revision History:
*/
@@ -280,7 +280,7 @@ static void nmbd_proxy_logon_done(struct tevent_req *subreq)
return;
}
- status = push_netlogon_samlogon_response(&response, state,
+ status = push_netlogon_samlogon_response(&response, state,
&state->io.out.netlogon);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("failed to push netlogon_samlogon_response: %s\n",
@@ -304,29 +304,22 @@ static void nmbd_proxy_logon_done(struct tevent_req *subreq)
Process a domain logon packet
**************************************************************************/
-void process_logon_packet(struct packet_struct *p, char *buf,int len,
+void process_logon_packet(struct packet_struct *p, char *buf,int len,
const char *mailslot)
{
+ fstring source_name;
struct dgram_packet *dgram = &p->packet.dgram;
- fstring my_name;
- fstring reply_name;
- char outbuf[1024];
- int code;
- uint16 token = 0;
- uint32 ntversion = 0;
- uint16 lmnttoken = 0;
- uint16 lm20token = 0;
- uint32 domainsidsize;
- bool short_request = False;
- char *getdc;
- char *uniuser; /* Unicode user name. */
- fstring ascuser;
- char *unicomp; /* Unicode computer name. */
- size_t size;
struct sockaddr_storage ss;
const struct sockaddr_storage *pss;
struct in_addr ip;
+ DATA_BLOB blob_in, blob_out;
+ enum ndr_err_code ndr_err;
+ struct nbt_netlogon_packet request;
+ struct nbt_netlogon_response response;
+ NTSTATUS status;
+ const char *pdc_name;
+
in_addr_to_sockaddr_storage(&ss, p->ip);
pss = iface_ip((struct sockaddr *)&ss);
if (!pss) {
@@ -337,599 +330,319 @@ void process_logon_packet(struct packet_struct *p, char *buf,int len,
}
ip = ((struct sockaddr_in *)pss)->sin_addr;
- memset(outbuf, 0, sizeof(outbuf));
-
if (!lp_domain_logons()) {
DEBUG(5,("process_logon_packet: Logon packet received from IP %s and domain \
logons are not enabled.\n", inet_ntoa(p->ip) ));
return;
}
- fstrcpy(my_name, global_myname());
-
- code = get_safe_SVAL(buf,len,buf,0,-1);
- DEBUG(4,("process_logon_packet: Logon from %s: code = 0x%x\n", inet_ntoa(p->ip), code));
-
- switch (code) {
- case 0:
- {
- fstring mach_str, user_str, getdc_str;
- char *q = buf + 2;
- char *machine = q;
- char *user = skip_string(buf,len,machine);
-
- if (!user || PTR_DIFF(user, buf) >= len) {
- DEBUG(0,("process_logon_packet: bad packet\n"));
- return;
- }
- getdc = skip_string(buf,len,user);
-
- if (!getdc || PTR_DIFF(getdc, buf) >= len) {
- DEBUG(0,("process_logon_packet: bad packet\n"));
- return;
- }
- q = skip_string(buf,len,getdc);
-
- if (!q || PTR_DIFF(q + 5, buf) > len) {
- DEBUG(0,("process_logon_packet: bad packet\n"));
- return;
- }
- token = SVAL(q,3);
-
- fstrcpy(reply_name,my_name);
-
- pull_ascii_fstring(mach_str, machine);
- pull_ascii_fstring(user_str, user);
- pull_ascii_fstring(getdc_str, getdc);
-
- DEBUG(5,("process_logon_packet: Domain login request from %s at IP %s user=%s token=%x\n",
- mach_str,inet_ntoa(p->ip),user_str,token));
-
- q = outbuf;
- SSVAL(q, 0, 6);
- q += 2;
-
- fstrcpy(reply_name, "\\\\");
- fstrcat(reply_name, my_name);
- size = push_ascii(q,reply_name,
- sizeof(outbuf)-PTR_DIFF(q, outbuf),
- STR_TERMINATE);
- if (size == (size_t)-1) {
- return;
- }
- q = skip_string(outbuf,sizeof(outbuf),q); /* PDC name */
-
- SSVAL(q, 0, token);
- q += 2;
-
- dump_data(4, (uint8 *)outbuf, PTR_DIFF(q, outbuf));
-
- send_mailslot(True, getdc_str,
- outbuf,PTR_DIFF(q,outbuf),
- global_myname(), 0x0,
- mach_str,
- dgram->source_name.name_type,
- p->ip, ip, p->port);
- break;
+ pull_ascii_nstring(source_name, sizeof(source_name), dgram->source_name.name);
+
+ pdc_name = talloc_asprintf(talloc_tos(), "\\\\%s", global_myname());
+ if (!pdc_name) {
+ return;
+ }
+
+ ZERO_STRUCT(request);
+
+ blob_in = data_blob_const(buf, len);
+
+ ndr_err = ndr_pull_struct_blob(&blob_in, talloc_tos(), &request,
+ (ndr_pull_flags_fn_t)ndr_pull_nbt_netlogon_packet);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ DEBUG(1,("process_logon_packet: Failed to pull logon packet\n"));
+ return;
+ }
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_DEBUG(nbt_netlogon_packet, &request);
+ }
+
+ DEBUG(4,("process_logon_packet: Logon from %s: code = 0x%x\n",
+ inet_ntoa(p->ip), request.command));
+
+ switch (request.command) {
+ case LOGON_REQUEST: {
+
+ struct nbt_netlogon_response2 response2;
+
+ DEBUG(5,("process_logon_packet: Domain login request from %s at IP %s user=%s token=%x\n",
+ request.req.logon0.computer_name, inet_ntoa(p->ip),
+ request.req.logon0.user_name,
+ request.req.logon0.lm20_token));
+
+ response2.command = LOGON_RESPONSE2;
+ response2.pdc_name = pdc_name;
+ response2.lm20_token = 0xffff;
+
+ response.response_type = NETLOGON_RESPONSE2;
+ response.data.response2 = response2;
+
+ status = push_nbt_netlogon_response(&blob_out, talloc_tos(), &response);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("process_logon_packet: failed to push packet\n"));
+ return;
+ }
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_DEBUG(nbt_netlogon_response2, &response.data.response2);
+ }
+
+ send_mailslot(True, request.req.logon0.mailslot_name,
+ (char *)blob_out.data,
+ blob_out.length,
+ global_myname(), 0x0,
+ source_name,
+ dgram->source_name.name_type,
+ p->ip, ip, p->port);
+ break;
+ }
+
+ case LOGON_PRIMARY_QUERY: {
+
+ struct nbt_netlogon_response_from_pdc get_pdc;
+
+ if (!lp_domain_master()) {
+ /* We're not Primary Domain Controller -- ignore this */
+ return;
+ }
+
+ DEBUG(5,("process_logon_packet: GETDC request from %s at IP %s, "
+ "reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
+ request.req.pdc.computer_name,
+ inet_ntoa(p->ip),
+ global_myname(),
+ lp_workgroup(),
+ NETLOGON_RESPONSE_FROM_PDC,
+ request.req.pdc.nt_version,
+ request.req.pdc.lmnt_token,
+ request.req.pdc.lm20_token));
+
+ get_pdc.command = NETLOGON_RESPONSE_FROM_PDC;
+ get_pdc.pdc_name = global_myname();
+ get_pdc._pad = data_blob_null;
+ get_pdc.unicode_pdc_name = global_myname();
+ get_pdc.domain_name = lp_workgroup();
+ get_pdc.nt_version = NETLOGON_NT_VERSION_1;
+ get_pdc.lmnt_token = 0xffff;
+ get_pdc.lm20_token = 0xffff;
+
+ response.response_type = NETLOGON_GET_PDC;
+ response.data.get_pdc = get_pdc;
+
+ status = push_nbt_netlogon_response(&blob_out, talloc_tos(), &response);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("process_logon_packet: failed to push packet\n"));
+ return;
+ }
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_DEBUG(nbt_netlogon_response_from_pdc, &response.data.get_pdc);
+ }
+
+ send_mailslot(True, request.req.pdc.mailslot_name,
+ (char *)blob_out.data,
+ blob_out.length,
+ global_myname(), 0x0,
+ source_name,
+ dgram->source_name.name_type,
+ p->ip, ip, p->port);
+
+ return;
+ }
+
+ case LOGON_SAM_LOGON_REQUEST: {
+ char *source_addr;
+ bool user_unknown = false;
+
+ struct netlogon_samlogon_response samlogon;
+
+ if (global_nmbd_proxy_logon) {
+ nmbd_proxy_logon(global_nmbd_proxy_logon,
+ ip, p, (uint8_t *)buf, len);
+ return;
+ }
+
+ source_addr = SMB_STRDUP(inet_ntoa(dgram->header.source_ip));
+ if (source_addr == NULL) {
+ DEBUG(3, ("out of memory copying client"
+ " address string\n"));
+ return;
+ }
+
+ DEBUG(5,("process_logon_packet: LOGON_SAM_LOGON_REQUEST request from %s(%s) for %s, returning logon svr %s domain %s code %x token=%x\n",
+ request.req.logon.computer_name,
+ inet_ntoa(p->ip),
+ request.req.logon.user_name,
+ pdc_name,
+ lp_workgroup(),
+ LOGON_SAM_LOGON_RESPONSE,
+ request.req.logon.lmnt_token));
+
+ if (!request.req.logon.user_name) {
+ user_unknown = true;
+ }
+
+ /* we want the simple version unless we are an ADS PDC..which means */
+ /* never, at least for now */
+
+ if ((request.req.logon.nt_version < (NETLOGON_NT_VERSION_1 | NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX_WITH_IP)) ||
+ (SEC_ADS != lp_security()) || (ROLE_DOMAIN_PDC != lp_server_role())) {
+
+ struct NETLOGON_SAM_LOGON_RESPONSE_NT40 nt4;
+
+ nt4.command = user_unknown ? LOGON_SAM_LOGON_USER_UNKNOWN :
+ LOGON_SAM_LOGON_RESPONSE;
+ nt4.pdc_name = pdc_name;
+ nt4.user_name = request.req.logon.user_name;
+ nt4.domain_name = lp_workgroup();
+ nt4.nt_version = NETLOGON_NT_VERSION_1;
+ nt4.lmnt_token = 0xffff;
+ nt4.lm20_token = 0xffff;
+
+ samlogon.ntver = NETLOGON_NT_VERSION_1;
+ samlogon.data.nt4 = nt4;
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_DEBUG(NETLOGON_SAM_LOGON_RESPONSE_NT40, &nt4);
}
+ }
+#ifdef HAVE_ADS
+ else {
- case LOGON_PRIMARY_QUERY:
- {
- fstring mach_str, getdc_str;
- fstring source_name;
- char *q = buf + 2;
- char *machine = q;
-
- if (!lp_domain_master()) {
- /* We're not Primary Domain Controller -- ignore this */
- return;
- }
-
- getdc = skip_string(buf,len,machine);
-
- if (!getdc || PTR_DIFF(getdc, buf) >= len) {
- DEBUG(0,("process_logon_packet: bad packet\n"));
- return;
- }
- q = skip_string(buf,len,getdc);
-
- if (!q || PTR_DIFF(q, buf) >= len) {
- DEBUG(0,("process_logon_packet: bad packet\n"));
- return;
- }
- q = ALIGN2(q, buf);
-
- /* At this point we can work out if this is a W9X or NT style
- request. Experiments show that the difference is wether the
- packet ends here. For a W9X request we now end with a pair of
- bytes (usually 0xFE 0xFF) whereas with NT we have two further
- strings - the following is a simple way of detecting this */
--
Samba Shared Repository
More information about the samba-cvs
mailing list