bool cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation)
{
char *rparam = NULL;
char *rdata = NULL;
char *p;
unsigned int rdrcnt,rprcnt;
char param[1024];
memset(param, 0, sizeof(param));
/* send a SMBtrans command with api NetWkstaUserLogon */
p = param;
SSVAL(p,0,132); /* api number */
p += 2;
strlcpy(p,"OOWb54WrLh",sizeof(param)-PTR_DIFF(p,param));
p = skip_string(param,sizeof(param),p);
strlcpy(p,"WB21BWDWWDDDDDDDzzzD",sizeof(param)-PTR_DIFF(p,param));
p = skip_string(param,sizeof(param),p);
SSVAL(p,0,1);
p += 2;
strlcpy(p,user,sizeof(param)-PTR_DIFF(p,param));
strupper_m(p);
p += 21;
p++;
p += 15;
p++;
strlcpy(p, workstation,sizeof(param)-PTR_DIFF(p,param));
strupper_m(p);
p += 16;
SSVAL(p, 0, CLI_BUFFER_SIZE);
p += 2;
SSVAL(p, 0, CLI_BUFFER_SIZE);
p += 2;
if (cli_api(cli,
param, PTR_DIFF(p,param),1024, /* param, length, max */
NULL, 0, CLI_BUFFER_SIZE, /* data, length, max */
&rparam, &rprcnt, /* return params, return size */
&rdata, &rdrcnt /* return data, return size */
)) {
cli->rap_error = rparam? SVAL(rparam,0) : -1;
p = rdata;
if (cli->rap_error == 0) {
DEBUG(4,("NetWkstaUserLogon success\n"));
/*
* The cli->privileges = SVAL(p, 24); field was set here
* but it was not use anywhere else.
*/
/* The cli->eff_name field used to be set here
but it wasn't used anywhere else. */
} else {
DEBUG(1,("NetwkstaUserLogon gave error %d\n", cli->rap_error));
}
}
SAFE_FREE(rparam);
SAFE_FREE(rdata);
return (cli->rap_error == 0);
}
ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads,
char **returned_principal)
{
char *princ = NULL;
if (ads->server.realm && ads->server.ldap_server) {
char *server, *server_realm;
server = SMB_STRDUP(ads->server.ldap_server);
server_realm = SMB_STRDUP(ads->server.realm);
if (!server || !server_realm) {
return ADS_ERROR(LDAP_NO_MEMORY);
}
strlower_m(server);
strupper_m(server_realm);
asprintf(&princ, "ldap/%s@%s", server, server_realm);
SAFE_FREE(server);
SAFE_FREE(server_realm);
if (!princ) {
return ADS_ERROR(LDAP_NO_MEMORY);
}
} else if (ads->config.realm && ads->config.ldap_server_name) {
char *server, *server_realm;
server = SMB_STRDUP(ads->config.ldap_server_name);
server_realm = SMB_STRDUP(ads->config.realm);
if (!server || !server_realm) {
return ADS_ERROR(LDAP_NO_MEMORY);
}
strlower_m(server);
strupper_m(server_realm);
asprintf(&princ, "ldap/%s@%s", server, server_realm);
SAFE_FREE(server);
SAFE_FREE(server_realm);
if (!princ) {
return ADS_ERROR(LDAP_NO_MEMORY);
}
}
if (!princ) {
return ADS_ERROR(LDAP_PARAM_ERROR);
}
*returned_principal = princ;
return ADS_SUCCESS;
}
static bool parse_wbinfo_domain_user(const char *domuser, fstring domain,
fstring user)
{
char *p = strchr(domuser,winbind_separator());
if (!p) {
/* Maybe it was a UPN? */
if ((p = strchr(domuser, '@')) != NULL) {
fstrcpy(domain, "");
fstrcpy(user, domuser);
return true;
}
fstrcpy(user, domuser);
fstrcpy(domain, get_winbind_domain());
return true;
}
fstrcpy(user, p+1);
fstrcpy(domain, domuser);
domain[PTR_DIFF(p, domuser)] = 0;
strupper_m(domain);
return true;
}
static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_context,
void *my_private_data,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info)
{
NTSTATUS nt_status;
fstring user;
long error_num;
DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
fstrcpy(user, user_info->client.account_name);
if (strnequal("NT_STATUS", user, strlen("NT_STATUS"))) {
if (!strupper_m(user)) {
return NT_STATUS_INVALID_PARAMETER;
}
return nt_status_string_to_code(user);
}
if (!strlower_m(user)) {
return NT_STATUS_INVALID_PARAMETER;
}
error_num = strtoul(user, NULL, 16);
DEBUG(5,("check_name_to_ntstatus_security: Error for user %s was %lx\n", user, error_num));
nt_status = NT_STATUS(error_num);
return nt_status;
}
static void send_election_dgram(struct subnet_record *subrec, const char *workgroup_name,
uint32_t criterion, int timeup,const char *server_name)
{
char outbuf[1024];
unstring srv_name;
char *p;
DEBUG(2,("send_election_dgram: Sending election packet for workgroup %s on subnet %s\n",
workgroup_name, subrec->subnet_name ));
memset(outbuf,'\0',sizeof(outbuf));
p = outbuf;
SCVAL(p,0,ANN_Election); /* Election opcode. */
p++;
SCVAL(p,0,((criterion == 0 && timeup == 0) ? 0 : ELECTION_VERSION));
SIVAL(p,1,criterion);
SIVAL(p,5,timeup*1000); /* ms - Despite what the spec says. */
p += 13;
unstrcpy(srv_name, server_name);
if (!strupper_m(srv_name)) {
DEBUG(2,("strupper_m failed for %s\n", srv_name));
return;
}
/* The following call does UNIX -> DOS charset conversion. */
push_ascii(p, srv_name, sizeof(outbuf)-PTR_DIFF(p,outbuf)-1, STR_TERMINATE);
p = skip_string(outbuf,sizeof(outbuf),p);
send_mailslot(False, BROWSE_MAILSLOT, outbuf, PTR_DIFF(p,outbuf),
lp_netbios_name(), 0,
workgroup_name, 0x1e,
subrec->bcast_ip, subrec->myip, DGRAM_PORT);
}
static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_context,
void *my_private_data,
TALLOC_CTX *mem_ctx,
const auth_usersupplied_info *user_info,
auth_serversupplied_info **server_info)
{
NTSTATUS nt_status;
fstring user;
long error_num;
fstrcpy(user, user_info->smb_name);
if (strnequal("NT_STATUS", user, strlen("NT_STATUS"))) {
strupper_m(user);
return nt_status_string_to_code(user);
}
strlower_m(user);
error_num = strtoul(user, NULL, 16);
DEBUG(5,("check_name_to_ntstatus_security: Error for user %s was %lx\n", user, error_num));
nt_status = NT_STATUS(error_num);
return nt_status;
}
/*
hash a string of the specified length. The string does not need to be
null terminated
this hash needs to be fast with a low collision rate (what hash doesn't?)
*/
static u32 mangle_hash(const char *key, unsigned length)
{
u32 value;
u32 i;
fstring str;
/* we have to uppercase here to ensure that the mangled name
doesn't depend on the case of the long name. Note that this
is the only place where we need to use a multi-byte string
function */
strncpy(str, key, length);
str[length] = 0;
strupper_m(str);
/* the length of a multi-byte string can change after a strupper_m */
length = strlen(str);
/* Set the initial value from the key size. */
for (value = FNV1_INIT, i=0; i < length; i++) {
value *= (u32)FNV1_PRIME;
value ^= (u32)(str[i]);
}
/* note that we force it to a 31 bit hash, to keep within the limits
of the 36^6 mangle space */
return value & ~0x80000000;
}
char *normalize_reg_path(TALLOC_CTX *ctx, const char *keyname )
{
char *p;
char *nkeyname;
/* skip leading '\' chars */
while (*keyname == '\\') {
keyname++;
}
nkeyname = talloc_strdup(ctx, keyname);
if (nkeyname == NULL) {
return NULL;
}
/* strip trailing '\' chars */
p = strrchr(nkeyname, '\\');
while ((p != NULL) && (p[1] == '\0')) {
*p = '\0';
p = strrchr(nkeyname, '\\');
}
strupper_m(nkeyname);
return nkeyname;
}
/**
* Given a stream name, populate xattr_name with the xattr name to use for
* accessing the stream.
*/
static NTSTATUS streams_xattr_get_name(TALLOC_CTX *ctx,
const char *stream_name,
char **xattr_name)
{
char *stype;
stype = strchr_m(stream_name + 1, ':');
*xattr_name = talloc_asprintf(ctx, "%s%s",
SAMBA_XATTR_DOSSTREAM_PREFIX,
stream_name + 1);
if (*xattr_name == NULL) {
return NT_STATUS_NO_MEMORY;
}
if (stype == NULL) {
/* Append an explicit stream type if one wasn't specified. */
*xattr_name = talloc_asprintf(ctx, "%s:$DATA",
*xattr_name);
if (*xattr_name == NULL) {
return NT_STATUS_NO_MEMORY;
}
} else {
/* Normalize the stream type to upercase. */
strupper_m(strrchr_m(*xattr_name, ':') + 1);
}
DEBUG(10, ("xattr_name: %s, stream_name: %s\n", *xattr_name,
stream_name));
return NT_STATUS_OK;
}
static void send_election_dgram(struct subnet_record *subrec, const char *workgroup_name,
uint32 criterion, int timeup,const char *server_name)
{
pstring outbuf;
unstring srv_name;
char *p;
DEBUG(2,("send_election_dgram: Sending election packet for workgroup %s on subnet %s\n",
workgroup_name, subrec->subnet_name ));
memset(outbuf,'\0',sizeof(outbuf));
p = outbuf;
SCVAL(p,0,ANN_Election); /* Election opcode. */
p++;
SCVAL(p,0,((criterion == 0 && timeup == 0) ? 0 : ELECTION_VERSION));
SIVAL(p,1,criterion);
SIVAL(p,5,timeup*1000); /* ms - Despite what the spec says. */
p += 13;
unstrcpy(srv_name, server_name);
strupper_m(srv_name);
/* The following call does UNIX -> DOS charset conversion. */
pstrcpy_base(p, srv_name, outbuf);
p = skip_string(p,1);
send_mailslot(False, BROWSE_MAILSLOT, outbuf, PTR_DIFF(p,outbuf),
global_myname(), 0,
workgroup_name, 0x1e,
subrec->bcast_ip, subrec->myip, DGRAM_PORT);
}
BOOL secrets_fetch_domain_guid(const char *domain, GUID *guid)
{
GUID *dyn_guid;
fstring key;
size_t size;
GUID new_guid;
slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain);
strupper_m(key);
dyn_guid = (GUID *)secrets_fetch(key, &size);
DEBUG(6,("key is %s, size is %d\n", key, (int)size));
if ((NULL == dyn_guid) && (ROLE_DOMAIN_PDC == lp_server_role())) {
smb_uuid_generate_random(&new_guid);
if (!secrets_store_domain_guid(domain, &new_guid))
return False;
dyn_guid = (GUID *)secrets_fetch(key, &size);
if (dyn_guid == NULL)
return False;
}
if (size != sizeof(GUID))
{
SAFE_FREE(dyn_guid);
return False;
}
*guid = *dyn_guid;
SAFE_FREE(dyn_guid);
return True;
}
/**
* Copy a string from a char* unix src to a dos codepage string destination.
*
* @return the number of bytes occupied by the string in the destination.
*
* @param flags can include
* <dl>
* <dt>STR_TERMINATE</dt> <dd>means include the null termination</dd>
* <dt>STR_UPPER</dt> <dd>means uppercase in the destination</dd>
* </dl>
*
* @param dest_len the maximum length in bytes allowed in the
* destination. If @p dest_len is -1 then no maximum is used.
**/
size_t push_ascii(void *dest, const char *src, size_t dest_len, int flags)
{
size_t src_len = strlen(src);
pstring tmpbuf;
size_t ret;
/* No longer allow a length of -1 */
if (dest_len == (size_t)-1)
smb_panic("push_ascii - dest_len == -1");
if (flags & STR_UPPER) {
pstrcpy(tmpbuf, src);
strupper_m(tmpbuf);
src = tmpbuf;
}
if (flags & (STR_TERMINATE | STR_TERMINATE_ASCII))
src_len++;
ret =convert_string(CH_UNIX, CH_DOS, src, src_len, dest, dest_len, True);
if (ret == (size_t)-1 &&
(flags & (STR_TERMINATE | STR_TERMINATE_ASCII))
&& dest_len > 0) {
((char *)dest)[0] = '\0';
}
return ret;
}
bool secrets_fetch_domain_guid(const char *domain, struct GUID *guid)
{
struct GUID *dyn_guid;
fstring key;
size_t size = 0;
struct GUID new_guid;
slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain);
strupper_m(key);
dyn_guid = (struct GUID *)secrets_fetch(key, &size);
if (!dyn_guid) {
if (lp_server_role() == ROLE_DOMAIN_PDC) {
smb_uuid_generate_random(&new_guid);
if (!secrets_store_domain_guid(domain, &new_guid))
return False;
dyn_guid = (struct GUID *)secrets_fetch(key, &size);
}
if (dyn_guid == NULL) {
return False;
}
}
if (size != sizeof(struct GUID)) {
DEBUG(1,("UUID size %d is wrong!\n", (int)size));
SAFE_FREE(dyn_guid);
return False;
}
*guid = *dyn_guid;
SAFE_FREE(dyn_guid);
return True;
}
static NTSTATUS cmd_samr_query_groupmem(struct cli_state *cli,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
POLICY_HND connect_pol, domain_pol, group_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 num_members, *group_rids, *group_attrs, group_rid;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
int i;
fstring server;
if ((argc < 2) || (argc > 3)) {
printf("Usage: %s rid [access mask]\n", argv[0]);
return NT_STATUS_OK;
}
sscanf(argv[1], "%i", &group_rid);
if (argc > 2)
sscanf(argv[2], "%x", &access_mask);
slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
strupper_m(server);
result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid, &domain_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_samr_open_group(cli, mem_ctx, &domain_pol,
access_mask,
group_rid, &group_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_samr_query_groupmem(cli, mem_ctx, &group_pol,
&num_members, &group_rids,
&group_attrs);
if (!NT_STATUS_IS_OK(result))
goto done;
for (i = 0; i < num_members; i++) {
printf("\trid:[0x%x] attr:[0x%x]\n", group_rids[i],
group_attrs[i]);
}
done:
return result;
}
/***********************************************************************
* Query group information
*/
static NTSTATUS cmd_samr_query_group(struct cli_state *cli,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
POLICY_HND connect_pol, domain_pol, group_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 info_level = 1;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
GROUP_INFO_CTR *group_ctr;
fstring server;
uint32 group_rid;
if ((argc < 2) || (argc > 4)) {
printf("Usage: %s rid [info level] [access mask]\n", argv[0]);
return NT_STATUS_OK;
}
sscanf(argv[1], "%i", &group_rid);
if (argc > 2)
sscanf(argv[2], "%i", &info_level);
if (argc > 3)
sscanf(argv[3], "%x", &access_mask);
slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
strupper_m(server);
result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid, &domain_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_samr_open_group(cli, mem_ctx, &domain_pol,
access_mask,
group_rid, &group_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_samr_query_groupinfo(cli, mem_ctx, &group_pol,
info_level, &group_ctr);
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
display_group_info_ctr(group_ctr);
done:
return result;
}
BOOL secrets_store_domain_sid(const char *domain, const DOM_SID *sid)
{
fstring key;
slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_SID, domain);
strupper_m(key);
return secrets_store(key, sid, sizeof(DOM_SID));
}
bool secrets_store_domain_guid(const char *domain, struct GUID *guid)
{
fstring key;
slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain);
strupper_m(key);
return secrets_store(key, guid, sizeof(struct GUID));
}
/**
* Form a key for fetching a trusted domain password
*
* @param domain trusted domain name
*
* @return stored password's key
**/
static char *trustdom_keystr(const char *domain)
{
static pstring keystr;
pstr_sprintf(keystr, "%s/%s", SECRETS_DOMTRUST_ACCT_PASS, domain);
strupper_m(keystr);
return keystr;
}
/* ************************************************************************** **
* Create a browser entry and add it to the local master browser list.
*
* Input: work_name
* browser_name
* ip
*
* Output: Pointer to the new entry, or NULL if malloc() failed.
*
* ************************************************************************** **
*/
struct browse_cache_record *create_browser_in_lmb_cache( const char *work_name,
const char *browser_name,
struct in_addr ip )
{
struct browse_cache_record *browc;
time_t now = time( NULL );
browc = SMB_MALLOC_P(struct browse_cache_record);
if( NULL == browc ) {
DEBUG( 0, ("create_browser_in_lmb_cache: malloc fail !\n") );
return( NULL );
}
memset( (char *)browc, '\0', sizeof( *browc ) );
/* For a new lmb entry we want to sync with it after one minute. This
will allow it time to send out a local announce and build its
browse list.
*/
browc->sync_time = now + 60;
/* Allow the new lmb to miss an announce period before we remove it. */
browc->death_time = now + ( (CHECK_TIME_MST_ANNOUNCE + 2) * 60 );
unstrcpy( browc->lmb_name, browser_name);
unstrcpy( browc->work_group, work_name);
strupper_m( browc->lmb_name );
strupper_m( browc->work_group );
browc->ip = ip;
DLIST_ADD_END(lmb_browserlist, browc, struct browse_cache_record *);
if( DEBUGLVL( 3 ) ) {
Debug1( "nmbd_browserdb:create_browser_in_lmb_cache()\n" );
Debug1( " Added lmb cache entry for workgroup %s ", browc->work_group );
Debug1( "name %s IP %s ", browc->lmb_name, inet_ntoa(ip) );
Debug1( "ttl %d\n", (int)browc->death_time );
}
return( browc );
}
static void create_wks_info_100(WKS_INFO_100 *inf)
{
pstring my_name;
pstring domain;
DEBUG(5,("create_wks_info_100: %d\n", __LINE__));
pstrcpy (my_name, global_myname());
strupper_m(my_name);
pstrcpy (domain, lp_workgroup());
strupper_m(domain);
init_wks_info_100(inf,
0x000001f4, /* platform id info */
lp_major_announce_version(),
lp_minor_announce_version(),
my_name, domain);
}
/**
* Form a key for fetching the machine trust account password
*
* @param domain domain name
*
* @return stored password's key
**/
const char *trust_keystr(const char *domain)
{
static fstring keystr;
slprintf(keystr,sizeof(keystr)-1,"%s/%s",
SECRETS_MACHINE_ACCT_PASS, domain);
strupper_m(keystr);
return keystr;
}
static void my_make_nmb_name( struct nmb_name *n, const char *name, int type)
{
fstring unix_name;
memset( (char *)n, '\0', sizeof(struct nmb_name) );
fstrcpy(unix_name, name);
strupper_m(unix_name);
push_ascii(n->name, unix_name, sizeof(n->name), STR_TERMINATE);
n->name_type = (unsigned int)type & 0xFF;
push_ascii(n->scope, lp_netbios_scope(), 64, STR_TERMINATE);
}
/************************************************************************
Routine to fetch the plaintext machine account password for a realm
the password is assumed to be a null terminated ascii string
************************************************************************/
char *secrets_fetch_machine_password(const char *domain,
time_t *pass_last_set_time,
uint32 *channel)
{
char *key = NULL;
char *ret;
asprintf(&key, "%s/%s", SECRETS_MACHINE_PASSWORD, domain);
strupper_m(key);
ret = (char *)secrets_fetch(key, NULL);
SAFE_FREE(key);
if (pass_last_set_time) {
size_t size;
uint32 *last_set_time;
asprintf(&key, "%s/%s", SECRETS_MACHINE_LAST_CHANGE_TIME, domain);
strupper_m(key);
last_set_time = secrets_fetch(key, &size);
if (last_set_time) {
*pass_last_set_time = IVAL(last_set_time,0);
SAFE_FREE(last_set_time);
} else {
*pass_last_set_time = 0;
}
SAFE_FREE(key);
}
if (channel) {
size_t size;
uint32 *channel_type;
asprintf(&key, "%s/%s", SECRETS_MACHINE_SEC_CHANNEL_TYPE, domain);
strupper_m(key);
channel_type = secrets_fetch(key, &size);
if (channel_type) {
*channel = IVAL(channel_type,0);
SAFE_FREE(channel_type);
} else {
*channel = get_default_sec_channel();
}
SAFE_FREE(key);
}
return ret;
}
static NTSTATUS share_sanity_checks(const struct tsocket_address *remote_address,
const char *rhost,
int snum,
fstring dev)
{
char *raddr;
raddr = tsocket_address_inet_addr_string(remote_address,
talloc_tos());
if (raddr == NULL) {
return NT_STATUS_NO_MEMORY;
}
if (!lp_snum_ok(snum) ||
!allow_access(lp_hosts_deny(snum), lp_hosts_allow(snum),
rhost, raddr)) {
return NT_STATUS_ACCESS_DENIED;
}
if (dev[0] == '?' || !dev[0]) {
if (lp_printable(snum)) {
fstrcpy(dev,"LPT1:");
} else if (strequal(lp_fstype(snum), "IPC")) {
fstrcpy(dev, "IPC");
} else {
fstrcpy(dev,"A:");
}
}
if (!strupper_m(dev)) {
DEBUG(2,("strupper_m %s failed\n", dev));
return NT_STATUS_INVALID_PARAMETER;
}
if (lp_printable(snum)) {
if (!strequal(dev, "LPT1:")) {
return NT_STATUS_BAD_DEVICE_TYPE;
}
} else if (strequal(lp_fstype(snum), "IPC")) {
if (!strequal(dev, "IPC")) {
return NT_STATUS_BAD_DEVICE_TYPE;
}
} else if (!strequal(dev, "A:")) {
return NT_STATUS_BAD_DEVICE_TYPE;
}
/* Behave as a printer if we are supposed to */
if (lp_printable(snum) && (strcmp(dev, "A:") == 0)) {
fstrcpy(dev, "LPT1:");
}
return NT_STATUS_OK;
}
static struct passwd *Get_Pwnam_internals(TALLOC_CTX *mem_ctx,
const char *user, char *user2)
{
struct passwd *ret = NULL;
if (!user2 || !(*user2))
return(NULL);
if (!user || !(*user))
return(NULL);
/* Try in all lower case first as this is the most
common case on UNIX systems */
strlower_m(user2);
DEBUG(5,("Trying _Get_Pwnam(), username as lowercase is %s\n",user2));
ret = getpwnam_alloc_cached(mem_ctx, user2);
if(ret)
goto done;
/* Try as given, if username wasn't originally lowercase */
if(strcmp(user, user2) != 0) {
DEBUG(5,("Trying _Get_Pwnam(), username as given is %s\n",
user));
ret = getpwnam_alloc_cached(mem_ctx, user);
if(ret)
goto done;
}
/* Try as uppercase, if username wasn't originally uppercase */
strupper_m(user2);
if(strcmp(user, user2) != 0) {
DEBUG(5,("Trying _Get_Pwnam(), username as uppercase is %s\n",
user2));
ret = getpwnam_alloc_cached(mem_ctx, user2);
if(ret)
goto done;
}
/* Try all combinations up to usernamelevel */
strlower_m(user2);
DEBUG(5,("Checking combinations of %d uppercase letters in %s\n",
lp_usernamelevel(), user2));
ret = uname_string_combinations(user2, mem_ctx, getpwnam_alloc_cached,
lp_usernamelevel());
done:
DEBUG(5,("Get_Pwnam_internals %s find user [%s]!\n",ret ?
"did":"didn't", user));
return ret;
}
bool secrets_fetch_domain_guid(const char *domain, struct GUID *guid)
{
struct GUID *dyn_guid;
fstring key;
size_t size = 0;
struct GUID new_guid;
#if _SAMBA_BUILD_ == 4
if (strequal(domain, get_global_sam_name()) &&
(pdb_capabilities() & PDB_CAP_ADS)) {
struct pdb_domain_info *domain_info;
domain_info = pdb_get_domain_info(talloc_tos());
if (!domain_info) {
/* If we have a ADS-capable passdb backend, we
* must never make up our own SID, it will
* already be in the directory */
DEBUG(0, ("Unable to fetch a Domain GUID from the directory!\n"));
return false;
}
*guid = domain_info->guid;
return true;
}
#endif
slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain);
strupper_m(key);
dyn_guid = (struct GUID *)secrets_fetch(key, &size);
if (!dyn_guid) {
if (lp_server_role() == ROLE_DOMAIN_PDC) {
new_guid = GUID_random();
if (!secrets_store_domain_guid(domain, &new_guid))
return False;
dyn_guid = (struct GUID *)secrets_fetch(key, &size);
}
if (dyn_guid == NULL) {
return False;
}
}
if (size != sizeof(struct GUID)) {
DEBUG(1,("UUID size %d is wrong!\n", (int)size));
SAFE_FREE(dyn_guid);
return False;
}
*guid = *dyn_guid;
SAFE_FREE(dyn_guid);
return True;
}
BOOL secrets_store_machine_password(const char *pass, const char *domain, uint32 sec_channel)
{
char *key = NULL;
BOOL ret;
uint32 last_change_time;
uint32 sec_channel_type;
asprintf(&key, "%s/%s", SECRETS_MACHINE_PASSWORD, domain);
if (!key)
return False;
strupper_m(key);
ret = secrets_store(key, pass, strlen(pass)+1);
SAFE_FREE(key);
if (!ret)
return ret;
asprintf(&key, "%s/%s", SECRETS_MACHINE_LAST_CHANGE_TIME, domain);
if (!key)
return False;
strupper_m(key);
SIVAL(&last_change_time, 0, time(NULL));
ret = secrets_store(key, &last_change_time, sizeof(last_change_time));
SAFE_FREE(key);
asprintf(&key, "%s/%s", SECRETS_MACHINE_SEC_CHANNEL_TYPE, domain);
if (!key)
return False;
strupper_m(key);
SIVAL(&sec_channel_type, 0, sec_channel);
ret = secrets_store(key, &sec_channel_type, sizeof(sec_channel_type));
SAFE_FREE(key);
return ret;
}
static void announce_local_master_browser_to_domain_master_browser( struct work_record *work)
{
char outbuf[1024];
unstring myname;
unstring dmb_name;
char *p;
if(ismyip_v4(work->dmb_addr)) {
if( DEBUGLVL( 2 ) ) {
dbgtext( "announce_local_master_browser_to_domain_master_browser:\n" );
dbgtext( "We are both a domain and a local master browser for " );
dbgtext( "workgroup %s. ", work->work_group );
dbgtext( "Do not announce to ourselves.\n" );
}
return;
}
memset(outbuf,'\0',sizeof(outbuf));
p = outbuf;
SCVAL(p,0,ANN_MasterAnnouncement);
p++;
unstrcpy(myname, lp_netbios_name());
if (!strupper_m(myname)) {
DEBUG(2,("strupper_m %s failed\n", myname));
return;
}
myname[15]='\0';
/* The call below does CH_UNIX -> CH_DOS conversion. JRA */
push_ascii(p, myname, sizeof(outbuf)-PTR_DIFF(p,outbuf)-1, STR_TERMINATE);
p = skip_string(outbuf,sizeof(outbuf),p);
if( DEBUGLVL( 4 ) ) {
dbgtext( "announce_local_master_browser_to_domain_master_browser:\n" );
dbgtext( "Sending local master announce to " );
dbgtext( "%s for workgroup %s.\n", nmb_namestr(&work->dmb_name),
work->work_group );
}
/* Target name for send_mailslot must be in UNIX charset. */
pull_ascii_nstring(dmb_name, sizeof(dmb_name), work->dmb_name.name);
send_mailslot(True, BROWSE_MAILSLOT, outbuf,PTR_DIFF(p,outbuf),
lp_netbios_name(), 0x0, dmb_name, 0x0,
work->dmb_addr, FIRST_SUBNET->myip, DGRAM_PORT);
}
static BOOL parse_ntlm_auth_domain_user(const char *domuser, fstring domain,
fstring user)
{
char *p = strchr(domuser,winbind_separator());
if (!p) {
return False;
}
fstrcpy(user, p+1);
fstrcpy(domain, domuser);
domain[PTR_DIFF(p, domuser)] = 0;
strupper_m(domain);
return True;
}
static bool set_my_netbios_names(const char *name, int i)
{
SAFE_FREE(smb_my_netbios_names[i]);
/*
* Don't include space for terminating '\0' in strndup,
* it is automatically added. This screws up if the name
* is greater than MAX_NETBIOSNAME_LEN-1 in the unix
* charset, but less than or equal to MAX_NETBIOSNAME_LEN-1
* in the DOS charset, but this is so old we have to live
* with that.
*/
smb_my_netbios_names[i] = SMB_STRNDUP(name, MAX_NETBIOSNAME_LEN-1);
if (!smb_my_netbios_names[i])
return False;
return strupper_m(smb_my_netbios_names[i]);
}
