SYSKEY, TNG freeze, 2.0.x->TNG merge and other thoughts

Luke Kenneth Casson Leighton lkcl at samba.org
Wed Feb 9 18:57:51 GMT 2000 

heere we go again.

srv_lookup.c

out-of-date concepts.  broken concepts.  broken code.  e.g contains
hard-code table of the BUILTIN domain's Aliases.  make_dom_gids is
redundant.  lookup_xxx_xxx() functions  were a first implementation
attempt at a time when i didn't understand what was going on.  this code
should be abandoned and replaced (including in tng, what is left of it).

conclusion: replace.

srv_lsa.c

open_policy2 also exists in tng.  open_policy and open_policy2 use of
for-loop to create policy handles is not acceptable.  elrond has totally
rewritten tng instance-implementation to be UNICODE and also i not do
direct database-lookups but to use SAM database calls instead.

conclusion: replace

srv_lsa_hnd.c

out-of-date policy handling, not suitable for use in thg.

conclusion: replace

srv_netlog.c

same as before.  code only does NTLMv1.  doesn't generate user session
keys.  susceptible to client-side behaviour.  doesn't handle
pass-through-to-trusted-domain-controllers.
  doesn't handle cases where SSAM database can handle UNICODE.  doesn't
have net_trust_dom_list, net_logon_ctrl2 or net_sam_sync of tng.

conclusion: replace

srv_pipe.c

doesn't handle netlogon secure channel.  ntlmssp hard-coded, should be
abstracted. shouldn't be processing anonymous users (or making decisions
about them) that's the job of the NETLOGON process, not srv_pipe.c

doesn't handle NTLMv2 sign-seal, but neither does tng.  we're missing some
constants.  i know they exist, i just don't know what they are.

_does_ do bind_nak, which is really good.  _doesn't_ do a fault pdu, which
is not.

conclusion: replace, use bind_nak code from 2_0, put into tng.

srv_pipe_hnd.c

code deals with dce/rpc which it shouldn't.  tng is a data-redirector

conclusino: replace

srv_reg.c

only does ProductOptions not NETLOGON\Control as well.  NG responds
LanmanNT, 2_0 responsds ServerNT.  need to resolve this

conclusion: replace with lars conversion, resolve unknown issues.

srv_samr.c

nothing useful at all.

conclusion: replace

srv_srvsvc.c:

there's a considerable amount of formatting-changes that make it difficult
to review this.  nothing new except in net_srv_get_info that andrew added
code to truncate the server name to 48 chars.  the hard-coded 0x4100b (a
pdc) server-type has already also been added to tng nset_srv_get_info.

init_share_info looks like it's had a pstring_sub("%S",
lp_servicename(snum)) processing.

conclusion: replace, add seerver-truncate-to-48-chars code.  write decent
code that takes account of connection-state from smbd.  this is going to
be really tricky to get right.  may have to stick with the pstring_sub()
hack for now.  ask elrond to make srv_srvsvc_nt.c code
dynamically-allocated.

srv_util.c

hard-coded BUILTIN domain's aliases not acceptable.
get_domain_users_groups() isunacceptable, it uses hacked-up parameters i
created just for the sheer hell of it because i needed something to put in
the user's groups.  lookup_xxx_xxx() is a broken design, broken concept,
broken code, and also unacceptable.

conclusion: replace

ok, that's it.

overall: api_reply_xxx()  code should check that marshalling succeeded,
this is a good idea (add totng's rpc_server/srv_*.c marshalling/dispatcher
code).

conclusion: no significant "reliability" changes noticed that are vitally
important except the server-truncate-to-48-chars and the init_share_info()
being dynamically allocated.

jeremy, i think tht you may be considering that the server-implementation
code in 2_0 is "considerably more reliable" because of about... four
changes in functionality.  the tng code DWARFS the 2_0 code in comparison
-- 7,655 lines of code compared to 21,511.

so no, i do _not_ want to keep the tng server-side implementation code, it
too out-of-date.  i hope that this message will help you realise, now, WHY
i kept telling you that using the 2_0 code is not a good idea, and also
why i persistently asked you to keep 2_0 mods and tng mods up-to-date.

thx,

luke

<a href="mailto:lkcl at samba.org"   > Luke Kenneth Casson Leighton    </a>
<a href="http://www.cb1.com/~lkcl"> Samba and Network Development   </a>
<a href="http://samba.org"        > Samba Web site                  </a>
<a href="http://www.iss.net"      > Internet Security Systems, Inc. </a>
<a href="http://mcp.com"          > Macmillan Technical Publishing  </a>

 ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals

More information about the samba-ntdom mailing list