2 Unix SMB/Netbios implementation.
4 NBT netbios routines and daemon - version 2
5 Copyright (C) Andrew Tridgell 1994-1998
6 Copyright (C) Luke Kenneth Casson Leighton 1994-1998
7 Copyright (C) Jeremy Allison 1994-1998
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 extern pstring global_myname
;
30 extern fstring global_myworkgroup
;
32 /****************************************************************************
33 Process a domain logon packet
34 **************************************************************************/
36 void process_logon_packet(struct packet_struct
*p
,char *buf
,int len
,
39 struct dgram_packet
*dgram
= &p
->packet
.dgram
;
49 BOOL short_request
= False
;
51 char *uniuser
; /* Unicode user name. */
53 char *unicomp
; /* Unicode computer name. */
55 START_PROFILE(domain_logon
);
56 memset(outbuf
, 0, sizeof(outbuf
));
58 if (!lp_domain_logons())
60 DEBUG(3,("process_logon_packet: Logon packet received from IP %s and domain \
61 logons are not enabled.\n", inet_ntoa(p
->ip
) ));
65 pstrcpy(my_name
, global_myname
);
69 DEBUG(1,("process_logon_packet: Logon from %s: code = 0x%x\n", inet_ntoa(p
->ip
), code
));
77 char *user
= skip_string(machine
,1);
79 getdc
= skip_string(user
,1);
80 q
= skip_string(getdc
,1);
83 fstrcpy(reply_name
,my_name
);
85 DEBUG(3,("process_logon_packet: Domain login request from %s at IP %s user=%s token=%x\n",
86 machine
,inet_ntoa(p
->ip
),user
,token
));
92 fstrcpy(reply_name
, "\\\\");
93 fstrcat(reply_name
, my_name
);
94 fstrcpy(q
, reply_name
); q
= skip_string(q
, 1); /* PDC name */
99 dump_data(4, outbuf
, PTR_DIFF(q
, outbuf
));
101 send_mailslot(True
, getdc
,
102 outbuf
,PTR_DIFF(q
,outbuf
),
105 dgram
->source_name
.name_type
,
106 p
->ip
, *iface_ip(p
->ip
), p
->port
);
115 if (!lp_domain_master())
117 /* We're not Primary Domain Controller -- ignore this */
121 getdc
= skip_string(machine
,1);
122 q
= skip_string(getdc
,1);
125 /* at this point we can work out if this is a W9X or NT style
126 request. Experiments show that the difference is wether the
127 packet ends here. For a W9X request we now end with a pair of
128 bytes (usually 0xFE 0xFF) whereas with NT we have two further
129 strings - the following is a simple way of detecting this */
130 if (len
- PTR_DIFF(q
, buf
) <= 3) {
131 short_request
= True
;
135 /* A full length (NT style) request */
136 q
= skip_unibuf(unicomp
, PTR_DIFF(buf
+ len
, unicomp
));
138 if (len
- PTR_DIFF(q
, buf
) > 8) {
139 /* with NT5 clients we can sometimes
140 get additional data - a length specificed string
141 containing the domain name, then 16 bytes of
142 data (no idea what it is) */
143 int dom_len
= CVAL(q
, 0);
150 ntversion
= IVAL(q
, 0);
151 lmnttoken
= SVAL(q
, 4);
152 lm20token
= SVAL(q
, 6);
155 /* Construct reply. */
157 SSVAL(q
, 0, QUERYFORPDC_R
);
160 fstrcpy(reply_name
,my_name
);
161 fstrcpy(q
, reply_name
);
162 q
= skip_string(q
, 1); /* PDC name */
164 /* PDC and domain name */
165 if (!short_request
) /* Make a full reply */
167 q
= ALIGN2(q
, outbuf
);
169 q
+= dos_PutUniCode(q
, my_name
, sizeof(pstring
), True
); /* PDC name */
170 q
+= dos_PutUniCode(q
, global_myworkgroup
,sizeof(pstring
), True
); /* Domain name*/
172 SIVAL(q
, 0, 1); /* our nt version */
173 SSVAL(q
, 4, 0xffff); /* our lmnttoken */
174 SSVAL(q
, 6, 0xffff); /* our lm20token */
178 /* RJS, 21-Feb-2000, we send a short reply if the request was short */
180 DEBUG(3,("process_logon_packet: GETDC request from %s at IP %s, \
181 reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
182 machine
,inet_ntoa(p
->ip
), reply_name
, global_myworkgroup
,
183 QUERYFORPDC_R
, (uint32
)ntversion
, (uint32
)lmnttoken
,
184 (uint32
)lm20token
));
186 dump_data(4, outbuf
, PTR_DIFF(q
, outbuf
));
188 send_mailslot(True
, getdc
,
189 outbuf
,PTR_DIFF(q
,outbuf
),
191 dgram
->source_name
.name
,
192 dgram
->source_name
.name_type
,
193 p
->ip
, *iface_ip(p
->ip
), p
->port
);
203 uniuser
= skip_unibuf(unicomp
, PTR_DIFF(buf
+len
, unicomp
));
204 getdc
= skip_unibuf(uniuser
,PTR_DIFF(buf
+len
, uniuser
));
205 q
= skip_string(getdc
,1);
206 q
+= 4; /* Account Control Bits - indicating username type */
207 domainsidsize
= IVAL(q
, 0);
210 DEBUG(3,("process_logon_packet: SAMLOGON sidsize %d, len = %d\n", domainsidsize
, len
));
212 if (domainsidsize
< (len
- PTR_DIFF(q
, buf
)) && (domainsidsize
!= 0)) {
217 DEBUG(3,("process_logon_packet: len = %d PTR_DIFF(q, buf) = %d\n", len
, PTR_DIFF(q
, buf
) ));
219 if (len
- PTR_DIFF(q
, buf
) > 8) {
220 /* with NT5 clients we can sometimes
221 get additional data - a length specificed string
222 containing the domain name, then 16 bytes of
223 data (no idea what it is) */
224 int dom_len
= CVAL(q
, 0);
226 if (dom_len
< (len
- PTR_DIFF(q
, buf
)) && (dom_len
!= 0)) {
232 ntversion
= IVAL(q
, 0);
233 lmnttoken
= SVAL(q
, 4);
234 lm20token
= SVAL(q
, 6);
237 DEBUG(3,("process_logon_packet: SAMLOGON sidsize %d ntv %d\n", domainsidsize
, ntversion
));
240 * we respond regadless of whether the machine is in our password
241 * database. If it isn't then we let smbd send an appropriate error.
242 * Let's ignore the SID.
245 pstrcpy(ascuser
, dos_unistr(uniuser
));
246 DEBUG(3,("process_logon_packet: SAMLOGON user %s\n", ascuser
));
248 fstrcpy(reply_name
,"\\\\"); /* Here it wants \\LOGONSERVER. */
249 fstrcpy(reply_name
+2,my_name
);
251 DEBUG(3,("process_logon_packet: SAMLOGON request from %s(%s) for %s, returning logon svr %s domain %s code %x token=%x\n",
252 dos_unistr(unicomp
),inet_ntoa(p
->ip
), ascuser
, reply_name
, global_myworkgroup
,
253 SAMLOGON_R
,lmnttoken
));
255 /* Construct reply. */
258 if (SVAL(uniuser
, 0) == 0) {
259 SSVAL(q
, 0, SAMLOGON_UNK_R
); /* user unknown */
261 SSVAL(q
, 0, SAMLOGON_R
);
265 q
+= dos_PutUniCode(q
, reply_name
,sizeof(pstring
), True
);
266 q
+= dos_PutUniCode(q
, ascuser
, sizeof(pstring
), True
);
267 q
+= dos_PutUniCode(q
, global_myworkgroup
,sizeof(pstring
), True
);
269 /* tell the client what version we are */
270 SIVAL(q
, 0, 1); /* our ntversion */
271 SSVAL(q
, 4, 0xffff); /* our lmnttoken */
272 SSVAL(q
, 6, 0xffff); /* our lm20token */
275 dump_data(4, outbuf
, PTR_DIFF(q
, outbuf
));
277 send_mailslot(True
, getdc
,
278 outbuf
,PTR_DIFF(q
,outbuf
),
280 dgram
->source_name
.name
,
281 dgram
->source_name
.name_type
,
282 p
->ip
, *iface_ip(p
->ip
), p
->port
);
288 DEBUG(3,("process_logon_packet: Unknown domain request %d\n",code
));
293 END_PROFILE(domain_logon
);