summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/includes.h6
-rw-r--r--source3/lib/util.c10
-rw-r--r--source3/smbd/password.c87
-rw-r--r--source3/smbd/quotas.c2
-rw-r--r--source3/smbd/reply.c7
-rw-r--r--source3/smbd/server.c4
6 files changed, 101 insertions, 15 deletions
diff --git a/source3/include/includes.h b/source3/include/includes.h
index a5adb35077..7dcff54286 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -348,6 +348,8 @@ char *getwd(char *);
#ifdef SGI5
#include <arpa/inet.h>
#include <netinet/tcp.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
#include <sys/statvfs.h>
#include <string.h>
#include <signal.h>
@@ -1059,6 +1061,10 @@ struct spwd { /* fake shadow password structure */
#include <dce/sec_login.h>
#endif
+#ifdef KRB5_AUTH
+#include <krb5.h>
+#endif
+
#ifdef NO_UTIMBUF
struct utimbuf {
time_t actime;
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 9d6229dbf9..0d7c32be89 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -2527,7 +2527,7 @@ void become_daemon(void)
/* detach from the terminal */
#ifdef USE_SETSID
setsid();
-#else
+#else /* USE_SETSID */
#ifdef TIOCNOTTY
{
int i = open("/dev/tty", O_RDWR);
@@ -2537,9 +2537,11 @@ void become_daemon(void)
close(i);
}
}
-#endif
-#endif
-#endif
+#endif /* TIOCNOTTY */
+#endif /* USE_SETSID */
+ /* Close fd's 0,1,2. Needed if started by rsh */
+ close_low_fds();
+#endif /* NO_FORK_DEBUG */
}
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 2ba09f5ad9..e00028d87e 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -585,6 +585,86 @@ void dfs_unlogin(void)
#endif
+#ifdef KRB5_AUTH
+/*******************************************************************
+check on Kerberos authentication
+********************************************************************/
+static BOOL krb5_auth(char *this_user,char *password)
+{
+ krb5_data tgtname = {
+ 0,
+ KRB5_TGS_NAME_SIZE,
+ KRB5_TGS_NAME
+ };
+ krb5_context kcontext;
+ krb5_principal kprinc;
+ krb5_principal server;
+ krb5_creds kcreds;
+ int options = 0;
+ krb5_address **addrs = (krb5_address **)0;
+ krb5_preauthtype *preauth = NULL;
+ krb5_keytab keytab = NULL;
+ krb5_timestamp now;
+ krb5_ccache ccache = NULL;
+ int retval;
+ char *name;
+
+ if ( retval=krb5_init_context(&kcontext))
+ {
+ return(False);
+ }
+
+ if ( retval = krb5_timeofday(kcontext, &now) )
+ {
+ return(False);
+ }
+
+ if ( retval = krb5_cc_default(kcontext, &ccache) )
+ {
+ return(False);
+ }
+
+ if ( retval = krb5_parse_name(kcontext, this_user, &kprinc) )
+ {
+ return(False);
+ }
+
+ memset((char *)&kcreds, 0, sizeof(kcreds));
+
+ kcreds.client = kprinc;
+
+ if ((retval = krb5_build_principal_ext(kcontext, &server,
+ krb5_princ_realm(kcontext, kprinc)->length,
+ krb5_princ_realm(kcontext, kprinc)->data,
+ tgtname.length,
+ tgtname.data,
+ krb5_princ_realm(kcontext, kprinc)->length,
+ krb5_princ_realm(kcontext, kprinc)->data,
+ 0)))
+ {
+ return(False);
+ }
+
+ kcreds.server = server;
+
+ retval = krb5_get_in_tkt_with_password(kcontext,
+ options,
+ addrs,
+ NULL,
+ preauth,
+ password,
+ 0,
+ &kcreds,
+ 0);
+
+ if ( retval )
+ {
+ return(False);
+ }
+
+ return(True);
+}
+#endif /* KRB5_AUTH */
#ifdef LINUX_BIGCRYPT
/****************************************************************************
@@ -687,6 +767,10 @@ Hence we make a direct return to avoid a second chance!!!
if (dfs_auth(this_user,password)) return(True);
#endif
+#ifdef KRB5_AUTH
+ if (krb5_auth(this_user,password)) return(True);
+#endif
+
#ifdef PWDAUTH
if (pwdauth(this_user,password) == 0)
return(True);
@@ -1318,7 +1402,8 @@ static BOOL check_user_equiv(char *user, char *remote, char *equiv_file)
}
file_host = strtok(bp, " \t\n");
file_user = strtok(NULL, " \t\n");
- DEBUG(7, ("check_user_equiv %s %s\n", file_host, file_user));
+ DEBUG(7, ("check_user_equiv %s %s\n", file_host ? file_host : "(null)",
+ file_user ? file_user : "(null)" ));
if (file_host && *file_host)
{
BOOL host_ok = False;
diff --git a/source3/smbd/quotas.c b/source3/smbd/quotas.c
index 262eea3100..8cbe46d9e1 100644
--- a/source3/smbd/quotas.c
+++ b/source3/smbd/quotas.c
@@ -437,7 +437,7 @@ BOOL disk_quotas(char *path, int *bsize, int *dfree, int *dsize)
/* Use softlimit to determine disk space, except when it has been exceeded */
if ((D.dqb_curblocks>D.dqb_bsoftlimit)
#if !defined(__FreeBSD__)
-||(D.dqb_curfiles>D.dqb_fsoftlimit)
+||((D.dqb_curfiles>D.dqb_fsoftlimit) && (D.dqb_fsoftlimit != 0))
#endif
) {
*dfree = 0;
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 8f650cb994..315c7fbb51 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -1026,7 +1026,6 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize)
pstring fname;
int cnum = SVAL(inbuf,smb_tid);
int fnum = -1;
- int openmode = 0;
int smb_mode = SVAL(inbuf,smb_vwv3);
int smb_attr = SVAL(inbuf,smb_vwv5);
BOOL oplock_request = BITSETW(inbuf+smb_vwv2,1);
@@ -1050,12 +1049,6 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize)
strcpy(fname,smb_buf(inbuf));
unix_convert(fname,cnum,0);
- /* now add create and trunc bits */
- if (smb_ofun & 0x10)
- openmode |= O_CREAT;
- if ((smb_ofun & 0x3) == 2)
- openmode |= O_TRUNC;
-
fnum = find_free_file();
if (fnum < 0)
return(ERROR(ERRSRV,ERRnofids));
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 41f23ed02f..2969624215 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1577,9 +1577,9 @@ void open_file_shared(int fnum,int cnum,char *fname,int share_mode,int ofun,
int old_open_mode = old_shares[i].share_mode &0xF;
int old_deny_mode = (old_shares[i].share_mode >>4)&7;
- if (deny_mode > 4 || old_deny_mode > 4 || old_open_mode > 2)
+ if (old_deny_mode > 4 || old_open_mode > 2)
{
- DEBUG(2,("Invalid share mode (%d,%d,%d) on file %s\n",
+ DEBUG(0,("Invalid share mode found (%d,%d,%d) on file %s\n",
deny_mode,old_deny_mode,old_open_mode,fname));
free((char *)old_shares);
if(share_locked)