Luke Leighton [Sat, 4 Dec 1999 23:40:21 +0000 (23:40 +0000)]
argh! how horrible! spent ages working out why packets weren't being
received properly when a UDP "retry" occurs. it's because reads and
writes must be interleaved / matched.
scenario:
nmblookup connects to agent, sends request.
agent receives request, broadcasts it on 137.
agent RECEIVES 137 broadcast, sends it to nmblookup
agent receives RESPONSE to 137 broadcast, sends it to nmblookup.
if reads are not equally interspersed with writes, then second send
will fail.
if you think this is odd behaviour and that the agent should be filtering
its own UDP traffic, think again.
agent will be, potentially, redirecting nmbd traffic (including WINS
server) not just client programs.
(This used to be commit 43e158c4261e51678d6e7f77ceb4a1c7281a2525)
Luke Leighton [Sat, 4 Dec 1999 19:14:37 +0000 (19:14 +0000)]
jeremy is going to hate me for this.
created an "nmb-agent" utility that, yes: it connects to the 137 socket
and accepts unix socket connections which it redirects onto port 137.
it uses the name_trn_id field to filter requests to the correct
location.
name_query() and name_status() are the first victims to use this
feature (by specifying a file descriptor of -1).
(This used to be commit d923bc8da2cf996408194d98381409191dd81a16)
Luke Leighton [Fri, 3 Dec 1999 23:36:53 +0000 (23:36 +0000)]
argh! smb-agent redirection client reusage is a nightmare!
moved smb-agent over to a single-process model instead of fork()
in order to reuse client connections. except, of course, you
can't do a select() on the same socket connections! argh!
(This used to be commit e9e5a34de8e8f9a69e817aceb8c16284334d4642)
Luke Leighton [Fri, 3 Dec 1999 22:02:03 +0000 (22:02 +0000)]
starting "connection reuse" system in smb-agent. added version number
which isn't actually used right now :-)
(This used to be commit d54a64ae3ab7cdc1ac67fb49f7255e6a106d624e)
Luke Leighton [Fri, 3 Dec 1999 19:55:34 +0000 (19:55 +0000)]
smb-agent improvements. added -D (daemon) option. smb agent is
restricted to connections from the current user (socket is created
with current user uid).
(This used to be commit 5af076e4b7ee13eebe0b89748e3f5a1ef21f8c73)
Luke Leighton [Fri, 3 Dec 1999 18:16:08 +0000 (18:16 +0000)]
cool! a unix socket smb redirector. code based on smbfilter and
ideas from ssh-agent.
the intent is to be able to share smb sessions using cli_net_use_add()
across multiple processes, where one process knows the target server
name, user name and domain, but not the smb password.
(This used to be commit 294b653f2e9cdc1864ec638ae8b4300df25723cf)
Luke Leighton [Thu, 2 Dec 1999 20:16:34 +0000 (20:16 +0000)]
new get_any_dc_name() function allows lookups of trusted domains from
lp_trusted_domains() parameter, so trusted domain logins should work,
right, if you put user = TRUSTED_DOMAIN\NTuser in "domain name map", right?
right - as _long_ as you're not using NTLMv2, because the damn NT username
gets mapped to the damn unix name too early, and NTLMv2 challenge-responses
are based on the client's user name, client's domain name, client's host name
etc damn etc.
so it becomes necessary to stop using char* username because this allows
for massive amounts of confusion as to which username is being referred to.
the underlying unix username on the local unix system that is associated with
the smbd process that represents the NT username? or the NT username itself?
(This used to be commit dd3ccdd7d996c107766cdad3c403e8b8947b9e65)
Luke Leighton [Thu, 2 Dec 1999 19:03:23 +0000 (19:03 +0000)]
cleaning up: removing those horrible references to server list
functions (cli_net_use_addlist()). needed originally because
there was no get_dc_any_name() function.
(This used to be commit 3a2b920ea2e6704b2574f404e1e41c7cfc0f96b2)
Luke Leighton [Thu, 2 Dec 1999 16:38:16 +0000 (16:38 +0000)]
oops, pwdb_initialise() called unnecessarily from here (failure to read
trusted domains may cause rpcclient to fail).
(This used to be commit 12e2b973216c0798a939f68220b0e6a60acd5c01)
Luke Leighton [Wed, 1 Dec 1999 22:39:27 +0000 (22:39 +0000)]
added net use (actually net -S srv -U user -W dom) and net del (actually
same as net use but with -d and -f) command options
(This used to be commit 586db87ea31ebb1b090527f61a4989461f626b1a)
Luke Leighton [Wed, 1 Dec 1999 22:06:53 +0000 (22:06 +0000)]
more cli_session_setup() calls. what the heck are these doing???
they should all be replaced with cli_establish_connection().
created cli_use_wait_keyboard() which waits on multiple cli_states
and swallows session keepalives.
(This used to be commit fcc39b3f4f2f8d04d3fab09db048b4f3dc1e97d5)
Luke Leighton [Wed, 1 Dec 1999 21:47:30 +0000 (21:47 +0000)]
cli_session_setup() now takes an extra argument (host name). hey, what
the heck is a cli_session_setup() call doing in here??? this should use
cli_establish_connection()server!
(This used to be commit fa054c96c62ed0f0a0c6649a7ad7a143fe09694b)
Luke Leighton [Wed, 1 Dec 1999 20:18:21 +0000 (20:18 +0000)]
damn, that took a while. nt login password was being stored incorrectly
in private .mac file (oops). ntlogin test now works.
(This used to be commit c98c66690683965612e9631d77c2dff91ec8a872)
Luke Leighton [Wed, 1 Dec 1999 18:47:29 +0000 (18:47 +0000)]
improving createuser account command to be able to add workstations
and then set a default random password.
(This used to be commit 7846818432a93295651c8c67445a2d6a0f3b21d8)
Luke Leighton [Tue, 30 Nov 1999 18:01:03 +0000 (18:01 +0000)]
added failed connections to the net use array, even though they'd been
freed / cleaned up. oops, dat bad, cos they get freed again when u quit.
(This used to be commit 3c4a6256dd790413ce96d208689e13c649787c4c)
Luke Leighton [Tue, 30 Nov 1999 00:08:39 +0000 (00:08 +0000)]
ok. this is where it gets interesting. client states are now maintained
by cli_net_use_add() and cli_net_use_del(). MSRPC connections are
established with cli_connection_init(), and automatically unlinked with
cli_connection_unlink. client states are _reused_ by cli_connection_init.
(This used to be commit 0fcd8ce0967169362bd126a28aa309401abdf17d)
Luke Leighton [Mon, 29 Nov 1999 23:56:09 +0000 (23:56 +0000)]
this is going to sound _really_ weird, ok, but i had to implement
equivalents of NetUseAdd and NetUseDel!
(This used to be commit 86f4b1d3cc3887c4bb7bd6433f5f932f7db1b88e)
Luke Leighton [Mon, 29 Nov 1999 21:47:14 +0000 (21:47 +0000)]
attempting to resolve the issue that multiple servers often specified in
parameters to connect to \PIPE\NETLOGON.
(This used to be commit d1986ade30bdcac1f49707221a3e5a5ae597ce62)
Luke Leighton [Sat, 27 Nov 1999 23:31:45 +0000 (23:31 +0000)]
cool! spooljobs works! this surprised me very much :-) helped to
specify \PIPE\spoolss instead of \PIPE\lsarpc...
(This used to be commit 4e92090016badc78ae6532f0eb57af6bbdb789bd)
Luke Leighton [Sat, 27 Nov 1999 22:58:11 +0000 (22:58 +0000)]
moved at command over to new abstract connection system. matthew, you
initialised dest_wks _after_ using it in at_soon() :-) so i fixed this :)
(This used to be commit 0aaf0c9c80b4a506955065e822a356b1c43a5ac5)
Luke Leighton [Sat, 27 Nov 1999 22:34:12 +0000 (22:34 +0000)]
updated \PIPE\wkssvc commands to use new abstracted connection system.
modified resolve_srv_name() to return dest host of *SMBSERVER if
server name is \\ip.add.ress.format
(This used to be commit 3204829225792974c8b20efb6ba6e24661a4f658)
Luke Leighton [Sat, 27 Nov 1999 22:14:37 +0000 (22:14 +0000)]
modified cli_connect_serverlist to take server list of format
\\server_name \\other_server etc.
(This used to be commit 4fd4aeb57455792bd8eaf81f8fa45bca6bd3e2e2)
Luke Leighton [Sat, 27 Nov 1999 21:50:11 +0000 (21:50 +0000)]
further abstraction involving client states. main client-side code
is pretty much independent of SMB client states, which will make it
easier to add other transports.
(This used to be commit a1ff7e8fc3129ba4a04722f977bc2d3725d13624)
Luke Leighton [Sat, 27 Nov 1999 20:29:16 +0000 (20:29 +0000)]
enhanced samuser command to do same thing as enumusers command (-g -u -a)
except with only one user. done by sharing same code.
(This used to be commit 4e029d50fcb9148f2d65c6be2703b1003e68cec7)
Luke Leighton [Sat, 27 Nov 1999 00:02:03 +0000 (00:02 +0000)]
bug-fixing registry commands and the rpcclient "rpcclient" command.
the rpcclient "rpcclient" command allows user options to be reset
(e.g the username / password) _without_ terminating rpcclient.
try this:
Luke Leighton [Thu, 25 Nov 1999 05:34:12 +0000 (05:34 +0000)]
previous commit added an abstraction function that didn't even have
struct cli_state, uint16 fnum into the code: rpc_hnd_api_req().
modified cli_lsarpc.c to use this. the rest is const issues.
(This used to be commit c1ea396de21309c4cf19fd92f2573f5257c24588)
Luke Leighton [Thu, 25 Nov 1999 05:26:48 +0000 (05:26 +0000)]
cool! completed a samr* API that _would_ look like an msdn samr* api...
if microsoft bothered to publish it. actually, there are good reasons
for not publishing it: people might write programs for it, and then
those programs wouldn't work on nt5, for example...
(This used to be commit 8ce93b80d3b4e1c1e28aa1dde38cdef184eff3c1)
Luke Leighton [Wed, 24 Nov 1999 23:11:03 +0000 (23:11 +0000)]
service control manager API completed. svcenum -i works, but does not
do so twice. possible memory corruption, revolving around getopt().
(This used to be commit 7cacf8bd026f1ee274f1d352c68cf79cf4f3b499)
Luke Leighton [Wed, 24 Nov 1999 22:45:09 +0000 (22:45 +0000)]
ok. *whew*. this is the first completed part of the restructure.
verified that lsaquery, lsalookupsids work, and found some bugs in the
parameters of these commands :-)
soo... we now have an lsa_* api that has the same arguments as the nt
Lsa* api! cool!
the only significant coding difference is the introduction of a
user_credentials structure, containing user, domain, pass and ntlmssp
flags.
(This used to be commit 57bff6fe82d777e599d535f076efb2328ba1188b)
Luke Leighton [Wed, 24 Nov 1999 20:24:33 +0000 (20:24 +0000)]
first stages of removing struct cli_state* and uint16 fnum from all
msrpc client code. the intent is to hide / abstract / associate
connection info behind policy handles.
this makes the msrpc functions look more and more like their nt equivalents.
Luke Leighton [Wed, 24 Nov 1999 18:15:50 +0000 (18:15 +0000)]
WARNING! MOVED rpc_server/srv_lsa_hnd.c TO lib/util_hnd.c
CVS UPDATE MAY ISSUE WARNING ABOUT lib/util_hnd.c MODIFICATION
DATE BEING IN THE FUTURE. CVS CHECKOUT A NEW REPOSITORY MAY BE
SAFER.
(This used to be commit c26e8a6ac59934ae580077df937439c2c538dbdb)
Luke Leighton [Mon, 22 Nov 1999 19:02:39 +0000 (19:02 +0000)]
okay :) all cmd_() functions now take int argc, char **argv :) that
means that some commands need more work, as they still use next_token(),
the use of which i wish to avoid.
plus, i was getting fed up of the poor command-line processing in some
of these commands. i'm starting to need getopt() in them, especially
in samsetuser.
Luke Leighton [Sun, 21 Nov 1999 19:24:01 +0000 (19:24 +0000)]
you know what? this sort of thing makes me laugh. hmm, what functions
have we got. and what data do we have. hmm.. i wonder what the NTLMv2
user session key can be... hmmm... weell.... there's some hidden data
here, generated from the user password that doesn't go over-the-wire,
so that's _got_ to be involved. and... that bit of data took a lot of
computation to produce, so it's probably _also_ involved... and md4 no, md5?
no, how about hmac_md5 yes let's try that one (the other's didn't work)
oh goodie, it worked!
i love it when this sort of thing happens. took all of fifteen minutes to
guess it. tried concatenating client and server challenges. tried
concatenating _random_ bits of client and server challenges. tried
md5 of the above. tried hmac_md5 of the above. eventually, it boils down
to this:
kr = MD4(NT#,username,domainname)
hmacntchal=hmac_md5(kr, nt server challenge)
sess_key = hmac_md5(kr, hmacntchal);
(This used to be commit ab174759cd210fe1be888d0c589a5b2669f7ff1e)
Luke Leighton [Sun, 21 Nov 1999 17:27:20 +0000 (17:27 +0000)]
hmmm... have to add client-side support in domain_client_validate() to
_use_ user session key.
(This used to be commit be6a6b13939798a9c7242b38864f0ce842391a74)
Luke Leighton [Sat, 20 Nov 1999 22:05:31 +0000 (22:05 +0000)]
oops, #ifdef'd cli_shutdown out, as the fun has _already_ started:
NT refuses to play nice, and establish a trust relationship.
(This used to be commit 98c42764fba365d612a8ae4b3172b03367066112)
Luke Leighton [Sat, 20 Nov 1999 21:59:16 +0000 (21:59 +0000)]
attempting to establish inter-domain trust relationships. modified
smbpasswd so it can be used to set up inter-domain trust account.
(This used to be commit 99ec0620c3bf4af96440c684f880d414659de2e9)
Luke Leighton [Sat, 20 Nov 1999 20:54:29 +0000 (20:54 +0000)]
modified domain_client_validate to take trust account name / type. this
is to pass DOMAIN_NAME$ and SEC_CHAN_DOMAIN instead of WKSTA_NAME$ and
SEC_CHAN_WKSTA.
modified check_domain_security to determine if domain name is own domain,
and to use wksta trust account if so, otherwise check "trusting domains"
parameter and use inter-domain trust account if so, otherwise return
False.
(This used to be commit 97ec74e1fa99d773812d2df402251fafb76b181c)
Luke Leighton [Sat, 20 Nov 1999 18:17:29 +0000 (18:17 +0000)]
dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT()
some of the server-side stuff. Realloc() was being used, so it
Realloc()d some random area of memory. oops.dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT()
some of the server-side stuff. Realloc() was being used, so it
Realloc()d some random area of memory. oops.dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT()
some of the server-side stuff. Realloc() was being used, so it
Realloc()d some random area of memory. oops.
(This used to be commit a51f62f4cf610c23e45251cedb543144747a3e54)
Luke Leighton [Sat, 20 Nov 1999 17:41:35 +0000 (17:41 +0000)]
explicit reference to tell people that rpcclient doesn't work with
Windows 95. i can just imagine some people saying "it dunna wurk on
my box at home", and me having to reply, "i dunna care".
(This used to be commit b31de1640728ebcdc87cdb887cd74a288e180ed7)
Luke Leighton [Fri, 19 Nov 1999 01:37:16 +0000 (01:37 +0000)]
The First Necessary UNICODE String Support.
the random workstation trust account password is TOTAL garbage. i mean,
complete garbage. it's nowhere CLOSE to being a UNICODE string. therefore
we can't just take every second character.
created nt_owf_genW() which creates NT#(password) instead of NT#(Unicode(pw)).
followed through to the password setting in srv_samr.c
(This used to be commit 172601b84ae94044b27ded917d4e0e21e47a5a66)
Luke Leighton [Fri, 19 Nov 1999 01:24:41 +0000 (01:24 +0000)]
- surprise! the number of UNICODE strings that didn't have alignment
after them is incredible. how did we get away with this for so long?
(This used to be commit 3152bde7d855d189f6f8ab9e6291828579cde2d0)
Luke Leighton [Fri, 19 Nov 1999 01:01:07 +0000 (01:01 +0000)]
- bug in nmbd registering DOMAIN_NAME<1c> to WINS server; recursion
desired flag MUST be set in any NBT UDP packets sent to a WINS
server, else they will go to the WINS client side of the NT NetBIOS
kernel instead, and will get trashed.
Luke Leighton [Fri, 19 Nov 1999 00:12:16 +0000 (00:12 +0000)]
added \PIPE\browser plus experimental brsinfo command. you wouldn't
believe the XXXX that MIGHT be involved in getting nt5rc2 to join
a samba domain...
(This used to be commit 569babb3935950c1b64396955541abf276cc1d92)
Luke Leighton [Thu, 18 Nov 1999 23:15:45 +0000 (23:15 +0000)]
responses to UDP samquery go back to SERVER<00> not DOMAIN<1c>, the
request name.
modified createuser rpcclient command to examine name being added. if it
ends in a $, assume that a workstation trust account is being added.
(This used to be commit 4aea261cb0e5f34255ff83271eb5cadb0eb78bc9)
projects / thirdparty / samba.git / log
