2 Unix SMB/Netbios implementation.
4 NBT netbios routines and daemon - version 2
5 Copyright (C) Andrew Tridgell 1994-1998
6 Copyright (C) Luke Kenneth Casson Leighton 1994-1998
7 Copyright (C) Jeremy Allison 1994-1998
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 extern int DEBUGLEVEL
;
31 extern pstring global_myname
;
32 extern fstring global_myworkgroup
;
34 /****************************************************************************
35 Process a domain logon packet
36 **************************************************************************/
38 void process_logon_packet(struct packet_struct
*p
,char *buf
,int len
,
41 struct dgram_packet
*dgram
= &p
->packet
.dgram
;
51 BOOL short_request
= False
;
53 char *uniuser
; /* Unicode user name. */
54 char *unicomp
; /* Unicode computer name. */
58 memset(outbuf
, 0, sizeof(outbuf
));
60 if (!lp_domain_logons())
62 DEBUG(3,("process_logon_packet: Logon packet received from IP %s and domain \
63 logons are not enabled.\n", inet_ntoa(p
->ip
) ));
67 pstrcpy(my_name
, global_myname
);
71 DEBUG(1,("process_logon_packet: Logon from %s: code = %x\n", inet_ntoa(p
->ip
), code
));
73 dump_data(4, buf
, len
);
81 char *user
= skip_string(machine
,1);
83 getdc
= skip_string(user
,1);
84 q
= skip_string(getdc
,1);
87 fstrcpy(reply_name
,my_name
);
89 DEBUG(3,("process_logon_packet: Domain login request from %s at IP %s user=%s token=%x\n",
90 machine
,inet_ntoa(p
->ip
),user
,token
));
96 fstrcpy(reply_name
, "\\\\");
97 fstrcat(reply_name
, my_name
);
98 fstrcpy(q
, reply_name
); q
= skip_string(q
, 1); /* PDC name */
103 dump_data(4, outbuf
, PTR_DIFF(q
, outbuf
));
105 send_mailslot(True
, getdc
,
106 outbuf
,PTR_DIFF(q
,outbuf
),
108 dgram
->source_name
.name
,
109 dgram
->source_name
.name_type
,
110 p
->ip
, *iface_ip(p
->ip
), p
->port
);
119 getdc
= skip_string(machine
,1);
120 q
= skip_string(getdc
,1);
123 /* at this point we can work out if this is a W9X or NT style
124 request. Experiments show that the difference is wether the
125 packet ends here. For a W9X request we now end with a pair of
126 bytes (usually 0xFE 0xFF) whereas with NT we have two further
127 strings - the following is a simple way of detecting this */
128 if (len
- PTR_DIFF(q
, buf
) <= 3) {
129 short_request
= True
;
133 /* A full length (NT style) request */
134 q
= skip_unibuf(unicomp
, PTR_DIFF(buf
+ len
, unicomp
));
136 if (len
- PTR_DIFF(q
, buf
) > 8) {
137 /* with NT5 clients we can sometimes
138 get additional data - a length specificed string
139 containing the domain name, then 16 bytes of
140 data (no idea what it is) */
141 int dom_len
= CVAL(q
, 0);
148 ntversion
= IVAL(q
, 0);
149 lmnttoken
= SVAL(q
, 4);
150 lm20token
= SVAL(q
, 6);
153 /* Construct reply. */
155 SSVAL(q
, 0, QUERYFORPDC_R
);
158 fstrcpy(reply_name
,my_name
);
159 fstrcpy(q
, reply_name
);
160 q
= skip_string(q
, 1); /* PDC name */
162 /* PDC and domain name */
163 if (!short_request
) /* Make a full reply */
167 q
+= dos_PutUniCode(q
, my_name
, sizeof(pstring
), True
); /* PDC name */
168 q
+= dos_PutUniCode(q
, global_myworkgroup
,sizeof(pstring
), True
); /* Domain name*/
170 SIVAL(q
, 0, 1); /* our nt version */
171 SSVAL(q
, 4, 0xffff); /* our lmnttoken */
172 SSVAL(q
, 6, 0xffff); /* our lm20token */
176 /* RJS, 21-Feb-2000, we send a short reply if the request was short */
178 DEBUG(3,("process_logon_packet: GETDC request from %s at IP %s, \
179 reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
180 machine
,inet_ntoa(p
->ip
), reply_name
, global_myworkgroup
,
181 QUERYFORPDC_R
, (uint32
)ntversion
, (uint32
)lmnttoken
,
182 (uint32
)lm20token
));
184 dump_data(4, outbuf
, PTR_DIFF(q
, outbuf
));
186 send_mailslot(True
, getdc
,
187 outbuf
,PTR_DIFF(q
,outbuf
),
189 dgram
->source_name
.name
,
190 dgram
->source_name
.name_type
,
191 p
->ip
, *iface_ip(p
->ip
), p
->port
);
201 uniuser
= skip_unibuf(unicomp
, PTR_DIFF(buf
+len
, unicomp
));
202 getdc
= skip_unibuf(uniuser
,PTR_DIFF(buf
+len
, uniuser
));
203 q
= skip_string(getdc
,1);
204 q
+= 4; /* Account Control Bits - indicating username type */
205 domainsidsize
= IVAL(q
, 0);
208 if (domainsidsize
!= 0)
213 if (len
- PTR_DIFF(q
, buf
) > 8)
215 /* with NT5 clients we can sometimes
216 get additional data - a length specificed string
217 containing the domain name, then 16 bytes of
218 data (no idea what it is) */
219 int dom_len
= CVAL(q
, 0);
226 ntversion
= IVAL(q
, 0);
227 lmnttoken
= SVAL(q
, 4);
228 lm20token
= SVAL(q
, 6);
231 DEBUG(3,("process_logon_packet: SAMLOGON sidsize %d ntv %d\n", domainsidsize
, ntversion
));
234 * we respond regadless of whether the machine is in our password
235 * database. If it isn't then we let smbd send an appropriate error.
236 * Let's ignore the SID.
239 unibuf_to_ascii(ascuser
, uniuser
, sizeof(ascuser
)-1);
240 DEBUG(3,("process_logon_packet: SAMLOGON user %s\n", ascuser
));
242 fstrcpy(reply_name
,"\\\\"); /* Here it wants \\LOGONSERVER. */
243 fstrcpy(reply_name
+2,my_name
);
245 unibuf_to_ascii(asccomp
, unicomp
, sizeof(asccomp
)-1);
246 DEBUG(3,("process_logon_packet: SAMLOGON request from %s(%s) for %s, returning logon svr %s domain %s code %x token=%x\n",
247 asccomp
,inet_ntoa(p
->ip
), ascuser
, reply_name
, global_myworkgroup
,
248 SAMLOGON_R
,lmnttoken
));
250 /* Construct reply. */
253 if (SVAL(uniuser
, 0) == 0) {
254 SSVAL(q
, 0, SAMLOGON_UNK_R
); /* user unknown */
256 SSVAL(q
, 0, SAMLOGON_R
);
260 q
+= dos_PutUniCode(q
, reply_name
,sizeof(pstring
), True
);
261 q
+= dos_PutUniCode(q
, ascuser
, sizeof(pstring
), True
);
262 q
+= dos_PutUniCode(q
, global_myworkgroup
,sizeof(pstring
), True
);
264 /* tell the client what version we are */
265 SIVAL(q
, 0, 1); /* our ntversion */
266 SSVAL(q
, 4, 0xffff); /* our lmnttoken */
267 SSVAL(q
, 6, 0xffff); /* our lm20token */
270 dump_data(4, outbuf
, PTR_DIFF(q
, outbuf
));
272 send_mailslot(True
, getdc
,
273 outbuf
,PTR_DIFF(q
,outbuf
),
275 dgram
->source_name
.name
,
276 dgram
->source_name
.name_type
,
277 p
->ip
, *iface_ip(p
->ip
), p
->port
);
283 DEBUG(3,("process_logon_packet: Unknown domain request %d\n",code
));