From 1adc13467055e916b45e54c010dda1f6917bd4cb Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Thu, 5 Aug 2004 17:28:10 +0000 Subject: [PATCH] winxp-sp2-pioctl-20040805 On Windows XP SP2, when a Kerberos principal is used for login and the KDC is not reachable, Windows will return a DOWNGRADE_DETECTED error when attempting to open the ioctl file. This is because NTLM will not be permitted when there is the potential of an attack. There is a hack to get around this. Manually create a CIFS connection to the AFS client service while specifying the current user's name. This will use the cached password and allow the downgrade to NTLM. --- src/sys/pioctl_nt.c | 41 ++++++++++++++++++++++++++++++++++++++--- 1 file changed, 38 insertions(+), 3 deletions(-) diff --git a/src/sys/pioctl_nt.c b/src/sys/pioctl_nt.c index 756b8ef274..0123f89c0f 100644 --- a/src/sys/pioctl_nt.c +++ b/src/sys/pioctl_nt.c @@ -164,10 +164,45 @@ GetIoctlHandle(char *fileNamep, HANDLE * handlep) FILE_FLAG_WRITE_THROUGH, NULL); fflush(stdout); if (fh == INVALID_HANDLE_VALUE) { - if (GetLastError() == ERROR_DOWNGRADE_DETECTED) - fprintf(stderr, "Unable to open \"%s\": Authentication Downgrade Detected\n", tbuffer); - return -1; + HKEY hk; + char szUser[64] = ""; + char szClient[MAX_PATH] = ""; + char szPath[MAX_PATH] = ""; + NETRESOURCE nr; + DWORD res; + + if (GetLastError() != ERROR_DOWNGRADE_DETECTED) + return -1; + + lana_GetNetbiosName(szClient, LANA_NETBIOS_NAME_FULL); + sprintf(szPath, "\\\\%s", szClient); + + /* We should probably be using GetUserNameEx() for this */ + if (RegOpenKey (HKEY_CURRENT_USER, + TEXT("Software\\Microsoft\\Windows\\CurrentVersion\\Explorer"), &hk) == 0) + { + DWORD dwSize = sizeof(szUser); + DWORD dwType = REG_SZ; + RegQueryValueEx (hk, TEXT("Logon User Name"), NULL, &dwType, (PBYTE)szUser, &dwSize); + RegCloseKey (hk); + } + + memset (&nr, 0x00, sizeof(NETRESOURCE)); + nr.dwType=RESOURCETYPE_DISK; + nr.lpLocalName=0; + nr.lpRemoteName=szPath; + res = WNetAddConnection2(&nr,NULL,szUser,0); + if (res) + return -1; + + fh = CreateFile(tbuffer, GENERIC_READ | GENERIC_WRITE, + FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, + FILE_FLAG_WRITE_THROUGH, NULL); + fflush(stdout); + if (fh == INVALID_HANDLE_VALUE) + return -1; } + /* return fh and success code */ *handlep = fh; return 0;