search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3: Lift the server_messaging_context from notify_job_status
[Samba/gbeck.git] / source3 / nmbd / nmbd_processlogon.c
blob607260b230a529367c3fba1681a211de8633fe86
1 /*
2 Unix SMB/CIFS implementation.
3 NBT netbios routines and daemon - version 2
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Luke Kenneth Casson Leighton 1994-1998
6 Copyright (C) Jeremy Allison 1994-2003
7 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21
22 Revision History:
23
24 */
25
26 #include "includes.h"
27 #include "../libcli/netlogon.h"
28 #include "../libcli/cldap/cldap.h"
29 #include "../lib/tsocket/tsocket.h"
30 #include "../libcli/security/dom_sid.h"
31 #include "secrets.h"
32
33 struct sam_database_info {
34 uint32 index;
35 uint32 serial_lo, serial_hi;
36 uint32 date_lo, date_hi;
37 };
38
39 /**
40 * check whether the client belongs to the hosts
41 * for which initial logon should be delayed...
42 */
43 static bool delay_logon(const char *peer_name, const char *peer_addr)
44 {
45 const char **delay_list = lp_init_logon_delayed_hosts();
46 const char *peer[2];
47
48 if (delay_list == NULL) {
49 return False;
50 }
51
52 peer[0] = peer_name;
53 peer[1] = peer_addr;
54
55 return list_match(delay_list, (const char *)peer, client_match);
56 }
57
58 static void delayed_init_logon_handler(struct event_context *event_ctx,
59 struct timed_event *te,
60 struct timeval now,
61 void *private_data)
62 {
63 struct packet_struct *p = (struct packet_struct *)private_data;
64
65 DEBUG(10, ("delayed_init_logon_handler (%lx): re-queuing packet.\n",
66 (unsigned long)te));
67
68 queue_packet(p);
69
70 TALLOC_FREE(te);
71 }
72
73 struct nmbd_proxy_logon_context {
74 struct cldap_socket *cldap_sock;
75 };
76
77 static struct nmbd_proxy_logon_context *global_nmbd_proxy_logon;
78
79 bool initialize_nmbd_proxy_logon(void)
80 {
81 const char *cldap_server = lp_parm_const_string(-1, "nmbd_proxy_logon",
82 "cldap_server", NULL);
83 struct nmbd_proxy_logon_context *ctx;
84 NTSTATUS status;
85 struct in_addr addr;
86 char addrstr[INET_ADDRSTRLEN];
87 const char *server_str;
88 int ret;
89 struct tsocket_address *server_addr;
90
91 if (!cldap_server) {
92 return true;
93 }
94
95 addr = interpret_addr2(cldap_server);
96 server_str = inet_ntop(AF_INET, &addr,
97 addrstr, sizeof(addrstr));
98 if (!server_str || strcmp("0.0.0.0", server_str) == 0) {
99 DEBUG(0,("Failed to resolve[%s] for nmbd_proxy_logon\n",
100 cldap_server));
101 return false;
102 }
103
104 ctx = talloc_zero(nmbd_event_context(),
105 struct nmbd_proxy_logon_context);
106 if (!ctx) {
107 return false;
108 }
109
110 ret = tsocket_address_inet_from_strings(ctx, "ipv4",
111 server_str, LDAP_PORT,
112 &server_addr);
113 if (ret != 0) {
114 TALLOC_FREE(ctx);
115 status = map_nt_error_from_unix(errno);
116 DEBUG(0,("Failed to create cldap tsocket_address for %s - %s\n",
117 server_str, nt_errstr(status)));
118 return false;
119 }
120
121 /* we create a connected udp socket */
122 status = cldap_socket_init(ctx, nmbd_event_context(), NULL,
123 server_addr, &ctx->cldap_sock);
124 TALLOC_FREE(server_addr);
125 if (!NT_STATUS_IS_OK(status)) {
126 TALLOC_FREE(ctx);
127 DEBUG(0,("failed to create cldap socket for %s: %s\n",
128 server_str, nt_errstr(status)));
129 return false;
130 }
131
132 global_nmbd_proxy_logon = ctx;
133 return true;
134 }
135
136 struct nmbd_proxy_logon_state {
137 struct in_addr local_ip;
138 struct packet_struct *p;
139 const char *remote_name;
140 uint8_t remote_name_type;
141 const char *remote_mailslot;
142 struct nbt_netlogon_packet req;
143 struct nbt_netlogon_response resp;
144 struct cldap_netlogon io;
145 };
146
147 static int nmbd_proxy_logon_state_destructor(struct nmbd_proxy_logon_state *s)
148 {
149 s->p->locked = false;
150 free_packet(s->p);
151 return 0;
152 }
153
154 static void nmbd_proxy_logon_done(struct tevent_req *subreq);
155
156 static void nmbd_proxy_logon(struct nmbd_proxy_logon_context *ctx,
157 struct in_addr local_ip,
158 struct packet_struct *p,
159 uint8_t *buf,
160 uint32_t len)
161 {
162 struct nmbd_proxy_logon_state *state;
163 enum ndr_err_code ndr_err;
164 DATA_BLOB blob = data_blob_const(buf, len);
165 const char *computer_name = NULL;
166 const char *mailslot_name = NULL;
167 const char *user_name = NULL;
168 const char *domain_sid = NULL;
169 uint32_t acct_control = 0;
170 uint32_t nt_version = 0;
171 struct tevent_req *subreq;
172 fstring source_name;
173 struct dgram_packet *dgram = &p->packet.dgram;
174
175 state = TALLOC_ZERO_P(ctx, struct nmbd_proxy_logon_state);
176 if (!state) {
177 DEBUG(0,("failed to allocate nmbd_proxy_logon_state\n"));
178 return;
179 }
180
181 pull_ascii_nstring(source_name, sizeof(source_name), dgram->source_name.name);
182 state->remote_name = talloc_strdup(state, source_name);
183 state->remote_name_type = dgram->source_name.name_type,
184 state->local_ip = local_ip;
185 state->p = p;
186
187 ndr_err = ndr_pull_struct_blob(
188 &blob, state, &state->req,
189 (ndr_pull_flags_fn_t)ndr_pull_nbt_netlogon_packet);
190 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
191 NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
192 DEBUG(0,("failed parse nbt_netlogon_packet: %s\n",
193 nt_errstr(status)));
194 TALLOC_FREE(state);
195 return;
196 }
197
198 if (DEBUGLEVEL >= 10) {
199 DEBUG(10, ("nmbd_proxy_logon:\n"));
200 NDR_PRINT_DEBUG(nbt_netlogon_packet, &state->req);
201 }
202
203 switch (state->req.command) {
204 case LOGON_SAM_LOGON_REQUEST:
205 computer_name = state->req.req.logon.computer_name;
206 user_name = state->req.req.logon.user_name;
207 mailslot_name = state->req.req.logon.mailslot_name;
208 acct_control = state->req.req.logon.acct_control;
209 if (state->req.req.logon.sid_size > 0) {
210 domain_sid = dom_sid_string(state,
211 &state->req.req.logon.sid);
212 if (!domain_sid) {
213 DEBUG(0,("failed to get a string for sid\n"));
214 TALLOC_FREE(state);
215 return;
216 }
217 }
218 nt_version = state->req.req.logon.nt_version;
219 break;
220
221 default:
222 /* this can't happen as the caller already checks the command */
223 break;
224 }
225
226 state->remote_mailslot = mailslot_name;
227
228 if (user_name && strlen(user_name) == 0) {
229 user_name = NULL;
230 }
231
232 if (computer_name && strlen(computer_name) == 0) {
233 computer_name = NULL;
234 }
235
236 /*
237 * as the socket is connected,
238 * we don't need to specify the destination
239 */
240 state->io.in.dest_address = NULL;
241 state->io.in.dest_port = 0;
242 state->io.in.realm = NULL;
243 state->io.in.host = computer_name;
244 state->io.in.user = user_name;
245 state->io.in.domain_guid = NULL;
246 state->io.in.domain_sid = domain_sid;
247 state->io.in.acct_control = acct_control;
248 state->io.in.version = nt_version;
249 state->io.in.map_response = false;
250
251 subreq = cldap_netlogon_send(state,
252 ctx->cldap_sock,
253 &state->io);
254 if (!subreq) {
255 DEBUG(0,("failed to send cldap netlogon call\n"));
256 TALLOC_FREE(state);
257 return;
258 }
259 tevent_req_set_callback(subreq, nmbd_proxy_logon_done, state);
260
261 /* we reply async */
262 state->p->locked = true;
263 talloc_set_destructor(state, nmbd_proxy_logon_state_destructor);
264 }
265
266 static void nmbd_proxy_logon_done(struct tevent_req *subreq)
267 {
268 struct nmbd_proxy_logon_state *state =
269 tevent_req_callback_data(subreq,
270 struct nmbd_proxy_logon_state);
271 NTSTATUS status;
272 DATA_BLOB response = data_blob_null;
273
274 status = cldap_netlogon_recv(subreq, state, &state->io);
275 if (!NT_STATUS_IS_OK(status)) {
276 DEBUG(0,("failed to recv cldap netlogon call: %s\n",
277 nt_errstr(status)));
278 TALLOC_FREE(state);
279 return;
280 }
281
282 status = push_netlogon_samlogon_response(&response, state,
283 &state->io.out.netlogon);
284 if (!NT_STATUS_IS_OK(status)) {
285 DEBUG(0,("failed to push netlogon_samlogon_response: %s\n",
286 nt_errstr(status)));
287 TALLOC_FREE(state);
288 return;
289 }
290
291 send_mailslot(true, state->remote_mailslot,
292 (char *)response.data, response.length,
293 global_myname(), 0x0,
294 state->remote_name,
295 state->remote_name_type,
296 state->p->ip,
297 state->local_ip,
298 state->p->port);
299 TALLOC_FREE(state);
300 }
301
302 /****************************************************************************
303 Process a domain logon packet
304 **************************************************************************/
305
306 void process_logon_packet(struct packet_struct *p, char *buf,int len,
307 const char *mailslot)
308 {
309 struct dgram_packet *dgram = &p->packet.dgram;
310 fstring my_name;
311 fstring reply_name;
312 char outbuf[1024];
313 int code;
314 uint16 token = 0;
315 uint32 ntversion = 0;
316 uint16 lmnttoken = 0;
317 uint16 lm20token = 0;
318 uint32 domainsidsize;
319 bool short_request = False;
320 char *getdc;
321 char *uniuser; /* Unicode user name. */
322 fstring ascuser;
323 char *unicomp; /* Unicode computer name. */
324 size_t size;
325 struct sockaddr_storage ss;
326 const struct sockaddr_storage *pss;
327 struct in_addr ip;
328
329 in_addr_to_sockaddr_storage(&ss, p->ip);
330 pss = iface_ip((struct sockaddr *)&ss);
331 if (!pss) {
332 DEBUG(5,("process_logon_packet:can't find outgoing interface "
333 "for packet from IP %s\n",
334 inet_ntoa(p->ip) ));
335 return;
336 }
337 ip = ((struct sockaddr_in *)pss)->sin_addr;
338
339 memset(outbuf, 0, sizeof(outbuf));
340
341 if (!lp_domain_logons()) {
342 DEBUG(5,("process_logon_packet: Logon packet received from IP %s and domain \
343 logons are not enabled.\n", inet_ntoa(p->ip) ));
344 return;
345 }
346
347 fstrcpy(my_name, global_myname());
348
349 code = get_safe_SVAL(buf,len,buf,0,-1);
350 DEBUG(4,("process_logon_packet: Logon from %s: code = 0x%x\n", inet_ntoa(p->ip), code));
351
352 switch (code) {
353 case 0:
354 {
355 fstring mach_str, user_str, getdc_str;
356 char *q = buf + 2;
357 char *machine = q;
358 char *user = skip_string(buf,len,machine);
359
360 if (!user || PTR_DIFF(user, buf) >= len) {
361 DEBUG(0,("process_logon_packet: bad packet\n"));
362 return;
363 }
364 getdc = skip_string(buf,len,user);
365
366 if (!getdc || PTR_DIFF(getdc, buf) >= len) {
367 DEBUG(0,("process_logon_packet: bad packet\n"));
368 return;
369 }
370 q = skip_string(buf,len,getdc);
371
372 if (!q || PTR_DIFF(q + 5, buf) > len) {
373 DEBUG(0,("process_logon_packet: bad packet\n"));
374 return;
375 }
376 token = SVAL(q,3);
377
378 fstrcpy(reply_name,my_name);
379
380 pull_ascii_fstring(mach_str, machine);
381 pull_ascii_fstring(user_str, user);
382 pull_ascii_fstring(getdc_str, getdc);
383
384 DEBUG(5,("process_logon_packet: Domain login request from %s at IP %s user=%s token=%x\n",
385 mach_str,inet_ntoa(p->ip),user_str,token));
386
387 q = outbuf;
388 SSVAL(q, 0, 6);
389 q += 2;
390
391 fstrcpy(reply_name, "\\\\");
392 fstrcat(reply_name, my_name);
393 size = push_ascii(q,reply_name,
394 sizeof(outbuf)-PTR_DIFF(q, outbuf),
395 STR_TERMINATE);
396 if (size == (size_t)-1) {
397 return;
398 }
399 q = skip_string(outbuf,sizeof(outbuf),q); /* PDC name */
400
401 SSVAL(q, 0, token);
402 q += 2;
403
404 dump_data(4, (uint8 *)outbuf, PTR_DIFF(q, outbuf));
405
406 send_mailslot(True, getdc_str,
407 outbuf,PTR_DIFF(q,outbuf),
408 global_myname(), 0x0,
409 mach_str,
410 dgram->source_name.name_type,
411 p->ip, ip, p->port);
412 break;
413 }
414
415 case LOGON_PRIMARY_QUERY:
416 {
417 fstring mach_str, getdc_str;
418 fstring source_name;
419 char *q = buf + 2;
420 char *machine = q;
421
422 if (!lp_domain_master()) {
423 /* We're not Primary Domain Controller -- ignore this */
424 return;
425 }
426
427 getdc = skip_string(buf,len,machine);
428
429 if (!getdc || PTR_DIFF(getdc, buf) >= len) {
430 DEBUG(0,("process_logon_packet: bad packet\n"));
431 return;
432 }
433 q = skip_string(buf,len,getdc);
434
435 if (!q || PTR_DIFF(q, buf) >= len) {
436 DEBUG(0,("process_logon_packet: bad packet\n"));
437 return;
438 }
439 q = ALIGN2(q, buf);
440
441 /* At this point we can work out if this is a W9X or NT style
442 request. Experiments show that the difference is wether the
443 packet ends here. For a W9X request we now end with a pair of
444 bytes (usually 0xFE 0xFF) whereas with NT we have two further
445 strings - the following is a simple way of detecting this */
446
447 if (len - PTR_DIFF(q, buf) <= 3) {
448 short_request = True;
449 } else {
450 unicomp = q;
451
452 if (PTR_DIFF(q, buf) >= len) {
453 DEBUG(0,("process_logon_packet: bad packet\n"));
454 return;
455 }
456
457 /* A full length (NT style) request */
458 q = skip_unibuf(unicomp, PTR_DIFF(buf + len, unicomp));
459
460 if (PTR_DIFF(q, buf) >= len) {
461 DEBUG(0,("process_logon_packet: bad packet\n"));
462 return;
463 }
464
465 if (len - PTR_DIFF(q, buf) > 8) {
466 /* with NT5 clients we can sometimes
467 get additional data - a length specificed string
468 containing the domain name, then 16 bytes of
469 data (no idea what it is) */
470 int dom_len = CVAL(q, 0);
471 q++;
472 if (dom_len != 0) {
473 q += dom_len + 1;
474 }
475 q += 16;
476 }
477
478 if (PTR_DIFF(q + 8, buf) > len) {
479 DEBUG(0,("process_logon_packet: bad packet\n"));
480 return;
481 }
482
483 ntversion = IVAL(q, 0);
484 lmnttoken = SVAL(q, 4);
485 lm20token = SVAL(q, 6);
486 }
487
488 /* Construct reply. */
489 q = outbuf;
490 SSVAL(q, 0, NETLOGON_RESPONSE_FROM_PDC);
491 q += 2;
492
493 fstrcpy(reply_name,my_name);
494 size = push_ascii(q, reply_name,
495 sizeof(outbuf)-PTR_DIFF(q, outbuf),
496 STR_TERMINATE);
497 if (size == (size_t)-1) {
498 return;
499 }
500 q = skip_string(outbuf,sizeof(outbuf),q); /* PDC name */
501
502 /* PDC and domain name */
503 if (!short_request) {
504 /* Make a full reply */
505 q = ALIGN2(q, outbuf);
506
507 q += dos_PutUniCode(q, my_name,
508 sizeof(outbuf) - PTR_DIFF(q, outbuf),
509 True); /* PDC name */
510 q += dos_PutUniCode(q, lp_workgroup(),
511 sizeof(outbuf) - PTR_DIFF(q, outbuf),
512 True); /* Domain name*/
513 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 8) {
514 return;
515 }
516 SIVAL(q, 0, 1); /* our nt version */
517 SSVAL(q, 4, 0xffff); /* our lmnttoken */
518 SSVAL(q, 6, 0xffff); /* our lm20token */
519 q += 8;
520 }
521
522 /* RJS, 21-Feb-2000, we send a short reply if the request was short */
523
524 pull_ascii_fstring(mach_str, machine);
525
526 DEBUG(5,("process_logon_packet: GETDC request from %s at IP %s, \
527 reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
528 mach_str,inet_ntoa(p->ip), reply_name, lp_workgroup(),
529 NETLOGON_RESPONSE_FROM_PDC, (uint32)ntversion, (uint32)lmnttoken,
530 (uint32)lm20token ));
531
532 dump_data(4, (uint8 *)outbuf, PTR_DIFF(q, outbuf));
533
534 pull_ascii_fstring(getdc_str, getdc);
535 pull_ascii_nstring(source_name, sizeof(source_name), dgram->source_name.name);
536
537 send_mailslot(True, getdc_str,
538 outbuf,PTR_DIFF(q,outbuf),
539 global_myname(), 0x0,
540 source_name,
541 dgram->source_name.name_type,
542 p->ip, ip, p->port);
543 return;
544 }
545
546 case LOGON_SAM_LOGON_REQUEST:
547
548 {
549 fstring getdc_str;
550 fstring source_name;
551 char *source_addr;
552 char *q = buf + 2;
553 fstring asccomp;
554
555 if (global_nmbd_proxy_logon) {
556 nmbd_proxy_logon(global_nmbd_proxy_logon,
557 ip, p, (uint8_t *)buf, len);
558 return;
559 }
560
561 q += 2;
562
563 if (PTR_DIFF(q, buf) >= len) {
564 DEBUG(0,("process_logon_packet: bad packet\n"));
565 return;
566 }
567
568 unicomp = q;
569 uniuser = skip_unibuf(unicomp, PTR_DIFF(buf+len, unicomp));
570
571 if (PTR_DIFF(uniuser, buf) >= len) {
572 DEBUG(0,("process_logon_packet: bad packet\n"));
573 return;
574 }
575
576 getdc = skip_unibuf(uniuser,PTR_DIFF(buf+len, uniuser));
577
578 if (PTR_DIFF(getdc, buf) >= len) {
579 DEBUG(0,("process_logon_packet: bad packet\n"));
580 return;
581 }
582
583 q = skip_string(buf,len,getdc);
584
585 if (!q || PTR_DIFF(q + 8, buf) >= len) {
586 DEBUG(0,("process_logon_packet: bad packet\n"));
587 return;
588 }
589
590 q += 4; /* Account Control Bits - indicating username type */
591 domainsidsize = IVAL(q, 0);
592 q += 4;
593
594 DEBUG(5,("process_logon_packet: LOGON_SAM_LOGON_REQUEST sidsize %d, len = %d\n", domainsidsize, len));
595
596 if (domainsidsize < (len - PTR_DIFF(q, buf)) && (domainsidsize != 0)) {
597 q += domainsidsize;
598 q = ALIGN4(q, buf);
599 }
600
601 DEBUG(5,("process_logon_packet: len = %d PTR_DIFF(q, buf) = %ld\n", len, (unsigned long)PTR_DIFF(q, buf) ));
602
603 if (len - PTR_DIFF(q, buf) > 8) {
604 /* with NT5 clients we can sometimes
605 get additional data - a length specificed string
606 containing the domain name, then 16 bytes of
607 data (no idea what it is) */
608 int dom_len = CVAL(q, 0);
609 q++;
610 if (dom_len < (len - PTR_DIFF(q, buf)) && (dom_len != 0)) {
611 q += dom_len + 1;
612 }
613 q += 16;
614 }
615
616 if (PTR_DIFF(q + 8, buf) > len) {
617 DEBUG(0,("process_logon_packet: bad packet\n"));
618 return;
619 }
620
621 ntversion = IVAL(q, 0);
622 lmnttoken = SVAL(q, 4);
623 lm20token = SVAL(q, 6);
624 q += 8;
625
626 DEBUG(3,("process_logon_packet: LOGON_SAM_LOGON_REQUEST sidsize %d ntv %d\n", domainsidsize, ntversion));
627
628 /*
629 * we respond regadless of whether the machine is in our password
630 * database. If it isn't then we let smbd send an appropriate error.
631 * Let's ignore the SID.
632 */
633 pull_ucs2_fstring(ascuser, uniuser);
634 pull_ucs2_fstring(asccomp, unicomp);
635 DEBUG(5,("process_logon_packet: LOGON_SAM_LOGON_REQUEST user %s\n", ascuser));
636
637 fstrcpy(reply_name, "\\\\"); /* Here it wants \\LOGONSERVER. */
638 fstrcat(reply_name, my_name);
639
640 DEBUG(5,("process_logon_packet: LOGON_SAM_LOGON_REQUEST request from %s(%s) for %s, returning logon svr %s domain %s code %x token=%x\n",
641 asccomp,inet_ntoa(p->ip), ascuser, reply_name, lp_workgroup(),
642 LOGON_SAM_LOGON_RESPONSE ,lmnttoken));
643
644 /* Construct reply. */
645
646 q = outbuf;
647 /* we want the simple version unless we are an ADS PDC..which means */
648 /* never, at least for now */
649 if ((ntversion < 11) || (SEC_ADS != lp_security()) || (ROLE_DOMAIN_PDC != lp_server_role())) {
650 if (SVAL(uniuser, 0) == 0) {
651 SSVAL(q, 0, LOGON_SAM_LOGON_USER_UNKNOWN); /* user unknown */
652 } else {
653 SSVAL(q, 0, LOGON_SAM_LOGON_RESPONSE);
654 }
655
656 q += 2;
657
658 q += dos_PutUniCode(q, reply_name,
659 sizeof(outbuf) - PTR_DIFF(q, outbuf),
660 True);
661 q += dos_PutUniCode(q, ascuser,
662 sizeof(outbuf) - PTR_DIFF(q, outbuf),
663 True);
664 q += dos_PutUniCode(q, lp_workgroup(),
665 sizeof(outbuf) - PTR_DIFF(q, outbuf),
666 True);
667 }
668 #ifdef HAVE_ADS
669 else {
670 struct GUID domain_guid;
671 UUID_FLAT flat_guid;
672 char *domain;
673 char *hostname;
674 char *component, *dc, *q1;
675 char *q_orig = q;
676 int str_offset;
677 char *saveptr = NULL;
678
679 domain = get_mydnsdomname(talloc_tos());
680 if (!domain) {
681 DEBUG(2,
682 ("get_mydnsdomname failed.\n"));
683 return;
684 }
685 hostname = get_myname(talloc_tos());
686 if (!hostname) {
687 DEBUG(2,
688 ("get_myname failed.\n"));
689 return;
690 }
691
692 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 8) {
693 return;
694 }
695 if (SVAL(uniuser, 0) == 0) {
696 SIVAL(q, 0, LOGON_SAM_LOGON_USER_UNKNOWN_EX); /* user unknown */
697 } else {
698 SIVAL(q, 0, LOGON_SAM_LOGON_RESPONSE_EX);
699 }
700 q += 4;
701
702 SIVAL(q, 0, NBT_SERVER_PDC|NBT_SERVER_GC|NBT_SERVER_LDAP|NBT_SERVER_DS|
703 NBT_SERVER_KDC|NBT_SERVER_TIMESERV|NBT_SERVER_CLOSEST|NBT_SERVER_WRITABLE);
704 q += 4;
705
706 /* Push Domain GUID */
707 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < UUID_FLAT_SIZE) {
708 return;
709 }
710 if (False == secrets_fetch_domain_guid(domain, &domain_guid)) {
711 DEBUG(2, ("Could not fetch DomainGUID for %s\n", domain));
712 return;
713 }
714
715 smb_uuid_pack(domain_guid, &flat_guid);
716 memcpy(q, &flat_guid.info, UUID_FLAT_SIZE);
717 q += UUID_FLAT_SIZE;
718
719 /* Forest */
720 str_offset = q - q_orig;
721 dc = domain;
722 q1 = q;
723 while ((component = strtok_r(dc, ".", &saveptr)) != NULL) {
724 dc = NULL;
725 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 1) {
726 return;
727 }
728 size = push_ascii(&q[1], component,
729 sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
730 0);
731 if (size == (size_t)-1 || size > 0xff) {
732 return;
733 }
734 SCVAL(q, 0, size);
735 q += (size + 1);
736 }
737
738 /* Unk0 */
739 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 4) {
740 return;
741 }
742 SCVAL(q, 0, 0);
743 q++;
744
745 /* Domain */
746 SCVAL(q, 0, 0xc0 | ((str_offset >> 8) & 0x3F));
747 SCVAL(q, 1, str_offset & 0xFF);
748 q += 2;
749
750 /* Hostname */
751 size = push_ascii(&q[1], hostname,
752 sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
753 0);
754 if (size == (size_t)-1 || size > 0xff) {
755 return;
756 }
757 SCVAL(q, 0, size);
758 q += (size + 1);
759
760 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 3) {
761 return;
762 }
763
764 SCVAL(q, 0, 0xc0 | ((str_offset >> 8) & 0x3F));
765 SCVAL(q, 1, str_offset & 0xFF);
766 q += 2;
767
768 /* NETBIOS of domain */
769 size = push_ascii(&q[1], lp_workgroup(),
770 sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
771 STR_UPPER);
772 if (size == (size_t)-1 || size > 0xff) {
773 return;
774 }
775 SCVAL(q, 0, size);
776 q += (size + 1);
777
778 /* Unk1 */
779 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 2) {
780 return;
781 }
782
783 SCVAL(q, 0, 0);
784 q++;
785
786 /* NETBIOS of hostname */
787 size = push_ascii(&q[1], my_name,
788 sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
789 0);
790 if (size == (size_t)-1 || size > 0xff) {
791 return;
792 }
793 SCVAL(q, 0, size);
794 q += (size + 1);
795
796 /* Unk2 */
797 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 4) {
798 return;
799 }
800
801 SCVAL(q, 0, 0);
802 q++;
803
804 /* User name */
805 if (SVAL(uniuser, 0) != 0) {
806 size = push_ascii(&q[1], ascuser,
807 sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
808 0);
809 if (size == (size_t)-1 || size > 0xff) {
810 return;
811 }
812 SCVAL(q, 0, size);
813 q += (size + 1);
814 }
815
816 q_orig = q;
817 /* Site name */
818 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 1) {
819 return;
820 }
821 size = push_ascii(&q[1], "Default-First-Site-Name",
822 sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
823 0);
824 if (size == (size_t)-1 || size > 0xff) {
825 return;
826 }
827 SCVAL(q, 0, size);
828 q += (size + 1);
829
830 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 18) {
831 return;
832 }
833
834 /* Site name (2) */
835 str_offset = q - q_orig;
836 SCVAL(q, 0, 0xc0 | ((str_offset >> 8) & 0x3F));
837 SCVAL(q, 1, str_offset & 0xFF);
838 q += 2;
839
840 SCVAL(q, 0, PTR_DIFF(q,q1));
841 SCVAL(q, 1, 0x10); /* unknown */
842
843 SIVAL(q, 0, 0x00000002);
844 q += 4; /* unknown */
845 SIVAL(q, 0, ntohl(ip.s_addr));
846 q += 4;
847 SIVAL(q, 0, 0x00000000);
848 q += 4; /* unknown */
849 SIVAL(q, 0, 0x00000000);
850 q += 4; /* unknown */
851 }
852 #endif
853
854 if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 8) {
855 return;
856 }
857
858 /* tell the client what version we are */
859 SIVAL(q, 0, ((ntversion < 11) || (SEC_ADS != lp_security())) ? 1 : 13);
860 /* our ntversion */
861 SSVAL(q, 4, 0xffff); /* our lmnttoken */
862 SSVAL(q, 6, 0xffff); /* our lm20token */
863 q += 8;
864
865 dump_data(4, (uint8 *)outbuf, PTR_DIFF(q, outbuf));
866
867 pull_ascii_fstring(getdc_str, getdc);
868 pull_ascii_nstring(source_name, sizeof(source_name), dgram->source_name.name);
869 source_addr = SMB_STRDUP(inet_ntoa(dgram->header.source_ip));
870 if (source_addr == NULL) {
871 DEBUG(3, ("out of memory copying client"
872 " address string\n"));
873 return;
874 }
875
876 /*
877 * handle delay.
878 * packets requeued after delay are marked as
879 * locked.
880 */
881 if ((p->locked == False) &&
882 (strlen(ascuser) == 0) &&
883 delay_logon(source_name, source_addr))
884 {
885 struct timeval when;
886
887 DEBUG(3, ("process_logon_packet: "
888 "delaying initial logon "
889 "reply for client %s(%s) for "
890 "%u milliseconds\n",
891 source_name, source_addr,
892 lp_init_logon_delay()));
893
894 when = timeval_current_ofs(0,
895 lp_init_logon_delay() * 1000);
896 p->locked = true;
897 event_add_timed(nmbd_event_context(),
898 NULL,
899 when,
900 delayed_init_logon_handler,
901 p);
902 } else {
903 DEBUG(3, ("process_logon_packet: "
904 "processing delayed initial "
905 "logon reply for client "
906 "%s(%s)\n",
907 source_name, source_addr));
908
909 p->locked = false;
910 send_mailslot(true, getdc,
911 outbuf,PTR_DIFF(q,outbuf),
912 global_myname(), 0x0,
913 source_name,
914 dgram->source_name.name_type,
915 p->ip, ip, p->port);
916 }
917
918 SAFE_FREE(source_addr);
919
920 break;
921 }
922
923 /* Announce change to UAS or SAM. Send by the domain controller when a
924 replication event is required. */
925
926 case NETLOGON_ANNOUNCE_UAS:
927 DEBUG(5, ("Got NETLOGON_ANNOUNCE_UAS\n"));
928 break;
929
930 default:
931 DEBUG(3,("process_logon_packet: Unknown domain request %d\n",code));
932 return;
933 }
934 }
WIP