summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorSamba Release Account <samba-bugs@samba.org>1997-07-17 20:11:58 +0000
committerSamba Release Account <samba-bugs@samba.org>1997-07-17 20:11:58 +0000
commit8b904f4ecc7b6bd6558d40fda4184112bbb10366 (patch)
tree6f356198018991ea578110d5091d3b30a4cf7f8c /source3/smbd
parent6835bd679c414a7d19a50cd6e99a53801cf4475e (diff)
downloadsamba-8b904f4ecc7b6bd6558d40fda4184112bbb10366.tar.gz
samba-8b904f4ecc7b6bd6558d40fda4184112bbb10366.tar.bz2
samba-8b904f4ecc7b6bd6558d40fda4184112bbb10366.zip
Makefile: Added krb5 option from Nathan Neulinger <nneul@umr.edu>
includes.h: Added krb5 option from Nathan Neulinger <nneul@umr.edu>, added SGI5 fix. password.c: Added krb5 option from Nathan Neulinger <nneul@umr.edu> quotas.c: Added inode quote fix. reply.c: removed redundent code. server.c: Changed error debug to 0, removed redundent check. util.c: Added close_low_fd() to become_daemon - fix for rsh from Johnathan Knight. Jeremy (jallison@whistle.com) (This used to be commit 256afb764828b0a6dad5529d62501bc9ea2807ee)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/password.c87
-rw-r--r--source3/smbd/quotas.c2
-rw-r--r--source3/smbd/reply.c7
-rw-r--r--source3/smbd/server.c4
4 files changed, 89 insertions, 11 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 2ba09f5ad9..e00028d87e 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -585,6 +585,86 @@ void dfs_unlogin(void)
#endif
+#ifdef KRB5_AUTH
+/*******************************************************************
+check on Kerberos authentication
+********************************************************************/
+static BOOL krb5_auth(char *this_user,char *password)
+{
+ krb5_data tgtname = {
+ 0,
+ KRB5_TGS_NAME_SIZE,
+ KRB5_TGS_NAME
+ };
+ krb5_context kcontext;
+ krb5_principal kprinc;
+ krb5_principal server;
+ krb5_creds kcreds;
+ int options = 0;
+ krb5_address **addrs = (krb5_address **)0;
+ krb5_preauthtype *preauth = NULL;
+ krb5_keytab keytab = NULL;
+ krb5_timestamp now;
+ krb5_ccache ccache = NULL;
+ int retval;
+ char *name;
+
+ if ( retval=krb5_init_context(&kcontext))
+ {
+ return(False);
+ }
+
+ if ( retval = krb5_timeofday(kcontext, &now) )
+ {
+ return(False);
+ }
+
+ if ( retval = krb5_cc_default(kcontext, &ccache) )
+ {
+ return(False);
+ }
+
+ if ( retval = krb5_parse_name(kcontext, this_user, &kprinc) )
+ {
+ return(False);
+ }
+
+ memset((char *)&kcreds, 0, sizeof(kcreds));
+
+ kcreds.client = kprinc;
+
+ if ((retval = krb5_build_principal_ext(kcontext, &server,
+ krb5_princ_realm(kcontext, kprinc)->length,
+ krb5_princ_realm(kcontext, kprinc)->data,
+ tgtname.length,
+ tgtname.data,
+ krb5_princ_realm(kcontext, kprinc)->length,
+ krb5_princ_realm(kcontext, kprinc)->data,
+ 0)))
+ {
+ return(False);
+ }
+
+ kcreds.server = server;
+
+ retval = krb5_get_in_tkt_with_password(kcontext,
+ options,
+ addrs,
+ NULL,
+ preauth,
+ password,
+ 0,
+ &kcreds,
+ 0);
+
+ if ( retval )
+ {
+ return(False);
+ }
+
+ return(True);
+}
+#endif /* KRB5_AUTH */
#ifdef LINUX_BIGCRYPT
/****************************************************************************
@@ -687,6 +767,10 @@ Hence we make a direct return to avoid a second chance!!!
if (dfs_auth(this_user,password)) return(True);
#endif
+#ifdef KRB5_AUTH
+ if (krb5_auth(this_user,password)) return(True);
+#endif
+
#ifdef PWDAUTH
if (pwdauth(this_user,password) == 0)
return(True);
@@ -1318,7 +1402,8 @@ static BOOL check_user_equiv(char *user, char *remote, char *equiv_file)
}
file_host = strtok(bp, " \t\n");
file_user = strtok(NULL, " \t\n");
- DEBUG(7, ("check_user_equiv %s %s\n", file_host, file_user));
+ DEBUG(7, ("check_user_equiv %s %s\n", file_host ? file_host : "(null)",
+ file_user ? file_user : "(null)" ));
if (file_host && *file_host)
{
BOOL host_ok = False;
diff --git a/source3/smbd/quotas.c b/source3/smbd/quotas.c
index 262eea3100..8cbe46d9e1 100644
--- a/source3/smbd/quotas.c
+++ b/source3/smbd/quotas.c
@@ -437,7 +437,7 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize)
/* Use softlimit to determine disk space, except when it has been exceeded */
if ((D.dqb_curblocks>D.dqb_bsoftlimit)
#if !defined(__FreeBSD__)
-||(D.dqb_curfiles>D.dqb_fsoftlimit)
+||((D.dqb_curfiles>D.dqb_fsoftlimit) && (D.dqb_fsoftlimit != 0))
#endif
) {
*dfree = 0;
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 8f650cb994..315c7fbb51 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -1026,7 +1026,6 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize)
pstring fname;
int cnum = SVAL(inbuf,smb_tid);
int fnum = -1;
- int openmode = 0;
int smb_mode = SVAL(inbuf,smb_vwv3);
int smb_attr = SVAL(inbuf,smb_vwv5);
BOOL oplock_request = BITSETW(inbuf+smb_vwv2,1);
@@ -1050,12 +1049,6 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize)
strcpy(fname,smb_buf(inbuf));
unix_convert(fname,cnum,0);
- /* now add create and trunc bits */
- if (smb_ofun & 0x10)
- openmode |= O_CREAT;
- if ((smb_ofun & 0x3) == 2)
- openmode |= O_TRUNC;
-
fnum = find_free_file();
if (fnum < 0)
return(ERROR(ERRSRV,ERRnofids));
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 41f23ed02f..2969624215 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1577,9 +1577,9 @@ void open_file_shared(int fnum,int cnum,char *fname,int share_mode,int ofun,
int old_open_mode = old_shares[i].share_mode &0xF;
int old_deny_mode = (old_shares[i].share_mode >>4)&7;
- if (deny_mode > 4 || old_deny_mode > 4 || old_open_mode > 2)
+ if (old_deny_mode > 4 || old_open_mode > 2)
{
- DEBUG(2,("Invalid share mode (%d,%d,%d) on file %s\n",
+ DEBUG(0,("Invalid share mode found (%d,%d,%d) on file %s\n",
deny_mode,old_deny_mode,old_open_mode,fname));
free((char *)old_shares);
if(share_locked)