summaryrefslogtreecommitdiff
path: root/source3/include/smb.h
AgeCommit message (Collapse)AuthorFilesLines
2002-01-25minor fixesSimo Sorce1-4/+3
(This used to be commit 04f492980b73800b60dde764fdeb43f2eab79624)
2002-01-20Kill off another ugly wart from the side of the passdb subsystem.Andrew Bartlett1-0/+2
This time its the pdb_getsampwuid() function - which was only being used by the SAMR rpc subsystem to gain a 'user session key'. This 'user session key' is actually generated at login time, and the other changes here simply move that data around. This also means that (when I check some details) we will be able to use the user session key, even when we are not actually the DC, becouse its one of the components of the info3 struct returned on logon. Andrew Bartlett (This used to be commit 799ac01fe08a338e4e94289f5d6767ebf905c1fa)
2002-01-17A nice *big* change to the fundemental way we do things.Andrew Bartlett1-0/+2
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps them around for a long time - often past the next call... This adds a getpwnam_alloc and a getpwuid_alloc to the collection. These function as expected, returning a malloced structure that can be free()ed with passwd_free(&passwd). This patch also cuts down on the number of calls to getpwnam - mostly by taking advantage of the fact that the passdb interface is already case-insensiteve. With this patch most of the recursive cases have been removed (that I know of) and the problems are reduced further by not using the sys_ interface in the new code. This means that pointers to the cache won't be affected. (This is a tempoary HACK, I intend to kill the password cache entirly). The only change I'm a little worried about is the change to rpc_server/srv_samr_nt.c for private groups. In this case we are getting groups from the new group mapping DB. Do we still need to check for private groups? I've toned down the check to a case sensitve match with the new code, but we might be able to kill it entirly. I've also added a make_modifyable_passwd() function, that copies a passwd struct into the form that the old sys_getpw* code provided. As far as I can tell this is only actually used in the pass_check.c crazies, where I moved the final 'special case' for shadow passwords (out of _Get_Pwnam()). The matching case for getpwent() is dealt with already, in lib/util_getent.c Also included in here is a small change to register the [homes] share at vuid creation rather than just in one varient of the session setup. (This picks up the SPNEGO cases). The home directory is now stored on the vuid, and I am hoping this might provide a saner way to do %H substitions. TODO: Kill off remaining Get_Pwnam_Modify calls (they are not needed), change the remaining sys_getpwnam() callers to use getpwnam_alloc() and move Get_Pwnam to return an allocated struct. Andrew Bartlett (This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da)
2002-01-16Fixup error mapping so we have only one table containing errno -> dos error ↵Jeremy Allison1-0/+7
-> NT STATUS maps. Fixes problem with disk full returning incorrect error. Jeremy. (This used to be commit 16fcbf3c1ccf1d704765653f68395dd596c0d841)
2002-01-15Split pstring definitions into their own header.Martin Pool1-53/+1
(This used to be commit 04e3082f7d45c1b304adff5a46106136cff0e09e)
2002-01-15Change the passdb interface to use allocated strings.Andrew Bartlett1-13/+17
These strings are allocated using talloc(), either using its own memory context stored on the SAM_ACCOUNT or one supplied by the caller. The pdb_init_sam() and pdb_free_sam() function have been modifed so that a call to pdb_free_sam() will either clean up (remove hashes from memory) and destroy the TALLOC_CTX or just clean up depending on who supplied it. The pdb_init_sam and pdb_free_sam functions now also return an NTSTATUS, and I have modified the 3 places that actually checked these returns. The only nasty thing about this patch is the small measure needed to maintin interface compatability - strings set to NULL are actually set to "". This is becouse there are too many places in Samba that do strlen() on these strings without checking if they are NULL pointers. A supp patch will follow to set all strings to "" in pdb_default_sam(). Andrew Bartlett (This used to be commit 144345b41d39a6f68d01f62b7aee64ca0d328085)
2002-01-14PSTRING_SANCTIFY:Martin Pool1-3/+50
If you define this, pstring and fstring become distinguished types, so that it's harder to accidentally overflow them by for example passing an fstring on the lhs of pstrcpy. The types are defined as one-element union arrays so that with "fstring f" the name "f" will be a pointer and with a big hammer you can cast it to (char *). So code that tries to just use it directly will get a loud warning, but hopefully nothing worse. To pass them to non-pstring-aware functions, use PSTR and check that the function takes a const. They should almost never be modified except by special calls. In those unusual cases, use PSTR_MUTABLE. This is off by default so as not to produce too many warnings. As the code is vetted it can become the default. (This used to be commit ca233bc8b30d7d0626039b2769c4e1ae92dafd50)
2002-01-10First part of UNIX extensions (#ifdefed out) more to follow.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 02b18f2cca6d6d046d2d8fd7375b207d44031ddc)
2002-01-05Add a talloc varient of the data_blob functions.Andrew Bartlett1-1/+2
Also change the structure so it has its own (optional) 'free' pointer - so we don't free() a talloc'ed version. also split out the data_blob_clear() functionaility. Andrew Bartlett (This used to be commit 207ee8aac42cf4b35f07e496b15fdeabe50950bc)
2002-01-02ooops./ forgot oneGerald Carter1-1/+1
(This used to be commit 501f3f3a8fb5ea27155f8c2fe266f1f659d7d22d)
2002-01-02Actually enforce the passdb API.Andrew Bartlett1-48/+55
Thou shalt not reference SAM_ACCOUNT members directly - always use pdb_get/pdb_set. This is achived by making the whole of SAM_ACCOUNT have a .private member, where the real members live. This caught a pile of examples, and these have beeen fixed. The pdb_get..() functions are 'const' (have been for some time) and this required a few small changes to constify other functions. I've also added some debugs to the pdb get and set, they can be removed if requested. I've rewritten the copy_id2x_to_sam_pass() functions to use the new passdb interface, but I need the flags info to do it properly. The pdb_free_sam() funciton now blanks out the LM and NT hashes, and as such I have removed many extra 'samr_clear_sam_passwd(smbpass)' calls as a result. Finally, any and all testing is always appriciated - but the basics seem to work. Andrew Bartlett (This used to be commit d3dd28f6c443187b8d820d5a39c7c5b3be2fa95c)
2001-12-31some merges from 2.2. Still need to merge in changes from pdb_tdb.cGerald Carter1-0/+1
but it will take more time as I don't want to loose any fixes that are only in HEAD. (This used to be commit efcde5d9d8ce44c0613764504d797be54ba21473)
2001-12-27moving SAM_ACCOUNT to include a bit field for initializedGerald Carter1-2/+21
members (such as uid and gid). This way we will be able to keep ourselves from writing out default smb.conf settings when the admin doesn't want to, That part is not done yet. Tested compiles with ldap/tdb/smbpasswd. Tested connection with smbpasswd backend. oh...and smbpasswd doesn'y automatically expire accounts after 21 days from the last password change either now. Just ifdef'd out that code in build_sam_account(). Will merge updates into 2.2 as they are necessary. jerry (This used to be commit f0d43791157d8f04a13a07d029f203ad4384d317)
2001-12-20much better auto-init of valid_table[]. This should just about removeAndrew Tridgell1-0/+1
the need for valid.dat (This used to be commit 0cfd0a5e543181b1384f7afee93fbaf3ccb2b999)
2001-12-20Added some comments showing hex values of some constants.Tim Potter1-11/+11
(This used to be commit b3aff6b5a35da3660ede060b42439324a2309644)
2001-12-14Rafal (mimir) patch for trusts r.Jean-François Micouleau1-0/+1
(This used to be commit c26623671e2b0b2e80c6d6383a99880c4f439f04)
2001-12-13update the ldap support code. it compiles.Jean-François Micouleau1-0/+7
Ignacio you can update your howto ;-) samsync: a small patch to try chaning challenges. J.F. (This used to be commit c99bc305599698f2291efbfe20024355cb2bcde0)
2001-12-05OK. Smbpasswd -j is DEAD.Andrew Bartlett1-0/+6
This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-03added a tdb to store the account policy informations.Jean-François Micouleau1-0/+14
You can change them with either usermanager->policies->account or from a command prompt on NT/W2K: net accounts /domain we can add a rpc accounts to the net command. As the net_rpc.c is still empty, I did not start. How should I add command to it ? Should I take the rpcclient/cmd_xxx functions and call them from there ? alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more for jeremy ;-) J.F. (This used to be commit bc28a8eebd9245ce3004ae4b1a359db51f77bf21)
2001-11-30Comment deconfusification.Tim Potter1-1/+1
(This used to be commit b5fac3a56d917b13fedc0ace3ea56ae82f51ccdd)
2001-11-25added 'security=ADS'Andrew Tridgell1-1/+1
(This used to be commit 5a735a88e472a48cd4329832998dc31c1e230ecb)
2001-11-23Reference about SIDs from tpot.Martin Pool1-7/+13
(This used to be commit 53963eae7d5930246c6c0c0b947f425d50d382c3)
2001-11-08Added more define bits. Fixed error in vol attributes.Jeremy Allison1-3/+6
Jeremy. (This used to be commit eba8204bfadb176fafb686a35295a09f0f35b894)
2001-11-04a big one:Simo Sorce1-0/+10
- old mangle code has gone, the new one based on tdb seem resonably ok probably the valid.dat table need to be updated to treat wild chars as invalid ones (work ok without it) - a LOT of new string manipulation function for unicode, they are somewhat tested but a review would not be bad - some new function I will need for the new unix_convert function I'm writing, this will be renamed filename_convert and use only unicode strings. - charconv, I attached a comment, if someone wnat to look if I'm right or just was hacking to late in the night to make a sane one :) of course any bug is my responsibility an will be pleased to see patches if you find any. :-) Simo. (This used to be commit ee19f7efb6ea9216fc91cf112ac1afa691983e9d)
2001-11-03Added NT_USER_TOKEN into server_info to fix extra groups problem.Jeremy Allison1-0/+3
Got "medieval on our ass" about const warnings (as many as I could :-). Jeremy. (This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
2001-10-31This is a farily large patch (3300 lines) and reworks most of the AuthRewriteAndrew Bartlett1-2/+2
code. In particular this assists tpot in some of his work, becouse it provides the connection between the authenticaion and the vuid generation. Major Changes: - Fully malloc'ed structures. - Massive rework of the code so that all structures are made and destroyed using malloc and free, rather than hanging around on the stack. - SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them to be declared 'invalid' without the chance that people might get ROOT by default. - kill off some of the "DOMAIN\user" lookups. These can be readded at a more appropriate place (probably domain_client_validate.c) in the future. They don't belong in session setups. - Massive introduction of DATA_BLOB structures, particularly for passwords. - Use NTLMSSP flags to tell the backend what its getting, rather than magic lenghths. - Fix winbind back up again, but tpot is redoing this soon anyway. - Abstract much of the work in srv_netlog_nt back into auth helper functions. This is a LARGE change, and any assistance is testing it is appriciated. Domain logons are still broken (as far as I can tell) but other functionality seems intact. Needs testing with a wide variety of MS clients. Andrew Bartlett (This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c)
2001-10-30Fix up smbpasswd -e/-d so that it doesn't change the password under you anyAndrew Bartlett1-0/+1
more. (Previously it set them to 'XXXX' or similar when only the flags were being changed - a bug I must have introduced when I reworked the passdb end of things a few weeks back.) Adds a new local flag: LOCAL_SET_PASSWORD to specify that the password is actually to be changed. Andrew Bartlett (This used to be commit cea6b6cb228c7e1f0c2d45951590e0d8fb8b315c)
2001-10-29This commit is number 2 of 4.Andrew Bartlett1-7/+0
In particular this commit focuses on: The guts of the moving about inside passdb. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes allow for the introduction of a large dose of 'const' to the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username passdb/ - Kill off disp_info stuff, it isn't used any more - Kill off support for writing to the old smbpasswd format, it isn't relevent to Samba 3.0 - Move around and modify the pdb_...() helper functions, adding one that sets the last changed time to 'now' and that sets the must change time appropriately. - Remove the ugly forced update of the LCT- value in pdb_smbpasswd. - Remove the implicit modification of the ACB flags when both NT and LM passwords are set. - Removed substation in pdb_getsampwnam output, as a single password change will render them inoperable in any case (they will be substituted and stored) - Added a default RID to the init_sam_from_pw() function, based on our rid algorithm. - Added checks that an smbpasswd stored user has a uid-based RID. - Fail to store tdb based users without a RID lib/ - Change the substituion code to use global_myname if there is no connection (and therefore no called name) at the present time. (This used to be commit 8f607810eb24ed1157bbd2e896c2c167bc34d986)
2001-10-20Converted a bunch of 0x85 constants to SMBkeepalive.Tim Potter1-0/+1
(This used to be commit b16a15a13ed7d267c6366abaeeb3ccafa5776f5e)
2001-10-20Move from timestamp to gen count file id's for finding oplocked filesJeremy Allison1-20/+23
in a tdb. Jeremy. (This used to be commit 058ae6b58f61ef46013dd076af3a84de5fbaaab1)
2001-10-19Ensure we mask off deny modes correctly on being set (this shouldn't haveJeremy Allison1-1/+1
caused problems but is tidier). Fix debug statement in locking.c Jeremy. (This used to be commit eac6bbd24ebf00b35e50953bc11186111dc39059)
2001-10-19Restored old Bmpx code - actually used by OS/2.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 7c1688fd67c1bda1477aaf870371c825280db870)
2001-10-12Some old stuff hanging around since the CIFS conference. Big cleanup ofTim Potter1-1/+0
rpcclient code. Refactored cmd_* functions to move common mem_ctx and pipe opening stuff up one level. Moved rpcclient.h into rpcclient directory and out of includes/smb.h (This used to be commit a40facba9651f9fb1dcc9e143f92ca298a324312)
2001-10-11initial kerberos/ADS/SPNEGO support in libsmb and smbclient. ToAndrew Tridgell1-0/+8
activate you need to: - install krb5 libraries - run configure - build smbclient - run kinit to get a TGT - run smbclient with the -k option to choose kerberos auth (This used to be commit d33057585644e1337bac743e25ed7653bfb39eef)
2001-10-05Move CLI_POLICY_HND to be internal to winbindd.Tim Potter1-9/+0
(This used to be commit e7b84aee0832c9fa6509e55eba914c1515620e8a)
2001-09-18Correct fix for unaligned memcpy - malloc'ed memory incremented by ↵Jeremy Allison1-1/+4
sizeof(struct locking_data) was not forced to be 8 byte aligned. Use union to force it to be correctly aligned for memcpy and use void *, to tell compiler not to optimize aligned copy (this last fix suggested by Trond @ RedHat). The first fix should be sufficient, but this provides a "belt and braces" fix. Jeremy. (This used to be commit 22c5915bb466529ac1bcb5c2574888b360a9775b)
2001-09-16Start pushing the NTSTATUS stuff out to the wire for session setups.Andrew Bartlett1-0/+1
Rework the 'map to guest' code, its now possible to follow what its trying to do... Add an NT_STATUS_EQUAL(x,y) macro to make this stuff sane to look at. Andrew Bartlett (This used to be commit d618880661976644a6ee713edf969ad561e82097)
2001-09-06Annotated definition of NEW_PW_FORMAT_SPACE_PADDED_LEN constant.Tim Potter1-1/+3
(This used to be commit e3ec6197ede4a37113567c2ab406937c6ca80e9d)
2001-09-04it now all compiles - so try enabling it by default and see what explodes on ↵Andrew Tridgell1-2/+2
the build farm (This used to be commit 5bb7e4f0f65edf1db20245f403cbe81833134240)
2001-09-03the next step in our error code handling changeAndrew Tridgell1-1/+19
- added WERROR for win32 error codes - added a configure test for immediate structures still lots to do, so its not enabled by default, but the main structure is there (This used to be commit 24f9ab683dec52587ee56717e821b49c0fa3d70f)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-2/+2
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-27started converting NTSTATUS to be a structure on systems with gcc in order ↵Andrew Tridgell1-0/+11
to make it type incompatible with BOOL so we catch errors sooner. This has already found a number of bugs (This used to be commit 1b778bc7d22efff3f90dc450eb12baa1241cf68f)
2001-08-27converted smbd to use NTSTATUS by defaultAndrew Tridgell1-2/+2
major changes include: - added NSTATUS type - added automatic mapping between dos and nt error codes - changed all ERROR() calls to ERROR_DOS() and many to ERROR_NT() these calls auto-translate to the client error code system - got rid of the cached error code and the writebmpx code We eventually will need to also: - get rid of BOOL, so we don't lose error info - replace all ERROR_DOS() calls with ERROR_NT() calls but that is too much for one night (This used to be commit 83d9896c1ea8be796192b51a4678c2a3b87f7518)
2001-08-13Moved across definition of dos error types from smb.h to doserr.hTim Potter1-4/+0
(This used to be commit 6c0dab85025dd7df9415edd627349fa8f1230de3)
2001-08-10Moved dos error codes from smb.h into new file doserr.hTim Potter1-113/+1
(This used to be commit 1bd8b6f79754aa8a14a7841b88f1c00d7a3767eb)
2001-07-22changed the iconv interface to go via ucs2 for all conversions. ThisAndrew Tridgell1-6/+4
fixes some problems wih some character sets and allows for using internal charsets in conjunction with ionv charsets this makes us slower but more correct. speed will come later. (This used to be commit 594f84b4e39182dcf344c02dc0185376a2726395)
2001-07-04The big character set handling changeover!Andrew Tridgell1-6/+28
This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a)
2001-06-30Ensure we return correct error on trying to unlock a region not locked.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 015a077acc49e59179dc10256fd32166ee4623e2)
2001-06-23Added other_safe_chars to alpha_strcpy(). Needs testing but is a betterJeremy Allison1-0/+2
fix for the problem. Jeremy. (This used to be commit e059fffd03a1382fb2b7059b6de369d9fc765a17)
2001-06-21Added STR_NOALIGN flags to clistr and srvstr fns. Yes, NT actually doesAndrew Tridgell1-1/+1
send unaligned unicode strings sometimes! Fixed our handling of the workgroup name tacked on the end of the NT1 negprot response (a unaligned unicode) fixed a couple of places where we should be using the message_end fns instead of pre-calculated buffer lengths (This used to be commit 86613493a9b2e56523153486931d0bf8d39beb7a)