summaryrefslogtreecommitdiff
path: root/source3/include/smb.h
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r76: Fix smbfs problem with Tree Disconnect issued before smbfs starts its work.Alexander Bokovoy1-0/+1
We use cli_state.smb_rw_error to pass this specific case into cli_close_connection() from smbmount as smb_rw_error can have only selected number of states and it is ignored in cli_close_connection(). Compiled and tested by Lars Mueller from SuSE on x86, x86_64, ppc, ppc64, s390 and s390x. (This used to be commit 738666ce0a310fae14476020fd6dac027b0e3ec5)
2004-04-02Added per-share parameter "store dos attributes". When set, will storeJeremy Allison1-0/+3
dos attributes in an EA. Based on an original patch from tridge, but modified somewhat to cover all cases. Jeremy. (This used to be commit ed653cd468213e0be901bc654aa3748ce5837947)
2004-03-31Added support for OS/2 EA's in smbd server. Test with smbtorture eatest.Jeremy Allison1-0/+2
New protocol option "ea support" to turn them on (off by default). Conrad at Apple may like this as it allows MacOS resource forks to be stored on a file. Passes valgrind. Documentation to follow. Jeremy. (This used to be commit 8cc10a6c0550c017a62e8a3790afd2172d173e00)
2004-03-27Merge from HEAD the SMB signing patch that I developed a couple of weeksAndrew Bartlett1-1/+2
ago. This patch re-adds support for 'optional' SMB signing. It also ensures that we are much more careful about when we enable signing, particularly with on-the-fly smb.conf reloads. The client code will now attempt to use smb signing by default, and disable it if the server doesn't correctly support it. Andrew Bartlett (This used to be commit e27b5cbe75d89ec839dafd52dd33101885a4c263)
2004-03-27Working (tested) client code for setting EA's by filename and fnum.Jeremy Allison1-0/+6
Now for parsing out the retrieved EA's. Jeremy. (This used to be commit 5eeeee302cec2cc1f6c130ed44be9df028f73cde)
2004-03-15Use "unix netbios name" type unstring - 64 bytes long to manipulate netbiosJeremy Allison1-0/+3
names in nmbd. Allows conversion from dos codepage mb strings (ie. SJIS) to expand to utf8 size on read. Jeremy. (This used to be commit 834d816caf9cd6318da00febde50d9233469dac2)
2004-03-13First part of patch from moriyama@miraclelinux.com (MORIYAMA Masayuki) toJeremy Allison1-1/+2
fix up netbios names with mb strings. Includes reformat of libsmb/nmblib.c so it's readable. Jeremy. (This used to be commit 966e49a48c352563cdd7f75fe2768f2d6612ec7e)
2004-03-03Use a common function to parse all pathnames from the wire. This allowsJeremy Allison1-0/+6
much closer emulation of Win2k3 error return codes. Jeremy. (This used to be commit c9f31fafeda6ad79e590276f36e03ecd2e93f818)
2004-02-25Figured out a new flags bit with gentest and ethereal....Jeremy Allison1-0/+1
Jeremy. (This used to be commit b4b684f1155b1abccb69cca7bca9819625dbfead)
2004-02-24Added NTrename SMB (0xA5) - how did we miss this.... ?Jeremy Allison1-0/+1
Jeremy. (This used to be commit dfd7d1c2b7b577a084a94926abfce82c91f20b7e)
2004-02-13Fixup the 'multiple-vuids' bugs.Jeremy Allison1-10/+19
Jeremy. (This used to be commit f0f7a48327ba1808088bc8c4e5d48b5cbeaeb4e3)
2004-02-08Remove more unused portions of the 'password cache'.Andrew Bartlett1-13/+0
Andrew Bartlett (This used to be commit 318e11748a86d92bfc6ebf0e58f3c8360cbf4b69)
2004-01-14bug 770; correct fix this time; Make sure that we send the SMBjobid for ↵Gerald Carter1-1/+2
unix jobs back to the client. Allows windows client to remove print jobs submitted from lpr (This used to be commit 514561118860f982c458930c34763dac9ce0554e)
2003-11-22Changes all over the shop, but all towards:Andrew Bartlett1-1/+1
- NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... (This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
2003-10-24Add initshutdown pipe commands to rpcclient. Second part of fix to bugJim McDonough1-1/+3
#534 (This used to be commit 4e86243ea1d4bbe96720caaaf02300f5e15bee5a)
2003-08-23Half-way though the big conversion of all nmbd access to wire elements beingJeremy Allison1-2/+4
converted to pull/push_ascii. This will not work right at the moment for non English codepages, but compiles - I will finish the work over the weekend. Then nmbd should be completely codepage correct. Jeremy. (This used to be commit 236d6adadf32397b28028ea82ae2ec027366f7c8)
2003-08-22struct nmb_name should have 16 byte namestrings, not 17.Jeremy Allison1-3/+3
Jeremy. (This used to be commit daf7b5fbd93c640c7660bdf173079fa1039794af)
2003-08-19Implement SMBexit properly. Found by Samba4 tester. You must do a makeJeremy Allison1-0/+1
clean proto all; after this commit. Jeremy. (This used to be commit 27af1f9feab12542dc538bfceac4593e644ba3b4)
2003-08-14Fix SMBseek and get/set position information SMBs. Works againstJeremy Allison1-0/+1
Samba4 tester. You will need a make clean; make all after this ! Jeremy. (This used to be commit 10d90171ed58bee3e5ab6476341059b585034134)
2003-07-30Add a command line option (-S on|off|required) to enable signing on clientJeremy Allison1-0/+1
connections. Overrides smb.conf parameter if set. Jeremy. (This used to be commit 879309671df6b530e0bff69559422a417da4a307)
2003-07-28Corrected description of SWAT FLAGS since they have changed as a result of theJohn Terpstra1-5/+4
cleanup of loadparm and swat.c (This used to be commit 6956eb9a0b878f6fae37e4de14573cccd2af2156)
2003-07-27Clarified what the SWAT FLAGS mean and what they do.John Terpstra1-3/+5
Note: The comments in this file regarding the FLAGS has been in need of maintenance for some time. (This used to be commit a0d2fa0f25abe22008080df2ad2e58e7ee424a2b)
2003-07-24Fix packet signing with asynchronous oplock breaks. Removed bad error messageJeremy Allison1-3/+1
due to w2k bug. I think this code is now working.... Need more testing of course but works on all the obvious cases I can think of. Jeremy. (This used to be commit a6e537f6611cc1357fffea0b69901fba7c9ad6ea)
2003-07-16Refactor signing code to remove most dependencies on 'struct cli'.Jeremy Allison1-0/+14
Ensure a server can't do a downgrade attack if client signing is mandatory. Add a lp_server_signing() function and a 'server signing' parameter that will act as the client one does. Jeremy (This used to be commit 203e4bf0bfb66fd9239e9a0656438a71280113cb)
2003-07-15Added the "required" keyword to the "client signing" parameter to force itJeremy Allison1-0/+1
on. Fail if missmatch. Small format tidyups in smbd/sesssetup.c. Preparing to add signing on server side. Jeremy. (This used to be commit c390b3e4cd68cfc233ddf14d139e25d40f050f27)
2003-06-25fix build on non-ldap platformsGerald Carter1-0/+3
(This used to be commit a59ea1d6d32337226f6099eefd19681fb28279c0)
2003-06-25large change:Gerald Carter1-0/+8
*) consolidates the dc location routines again (dns and netbios) get_dc_list() or get_sorted_dc_list() is the authoritative means of locating DC's again. (also inludes a flag to get_dc_list() to define if this should be a DNS only lookup or not) (however, if you set "name resolve order = hosts wins" you could still get DNS queries for domain name IFF ldap_domain2hostlist() fails. The answer? Fix your DNS setup) *) enabled DOMAIN<0x1c> lookups to be funneled through resolve_hosts resulting in a call to ldap_domain2hostlist() if lp_security() == SEC_ADS *) enables name cache for winbind ADS backend *) enable the negative connection cache for winbind ADS backend *) removes some old dead code *) consolidates some duplicate code *) moves the internal_name_resolve() to use an IP/port pair to deal with SRV RR dns replies. The namecache code also supports the IP:port syntax now as well. *) removes 'ads server' and moves the functionality back into 'password server' (which can support "hostname:port" syntax now but works fine with defaults depending on the value of lp_security()) (This used to be commit d7f7fcda425bef380441509734eca33da943c091)
2003-06-06- the 8.3 name in BOTH_DIRECTORY_INFO is supposed to be always unicodeAndrew Tridgell1-0/+1
(to match win2003 behaviour) - added the STR_TERMINATE_ASCII flag from samba4 so we can get the string termination right for the case where it is supposed to be non-terminated for UCS2 and terminated when ASCII (This used to be commit 791a4cc7cf84eca77116bca00aeb5f95560f6705)
2003-05-12And finally IDMAP in 3_0Simo Sorce1-122/+8
We really need idmap_ldap to have a good solution with ldapsam, porting it from the prvious code is beeing made, the code is really simple to do so I am confident it is not a problem to commit this code in. Not committing it would have been worst. I really would have been able to finish also the group code, maybe we can put it into a followin release after 3.0.0 even if it may be an upgrade problem. The code has been tested and seem to work right, more testing is needed for corner cases. Currently winbind pdc (working only for users and not for groups) is disabled as I was not able to make a complete group code replacement that works somewhat in a week (I have a complete patch, but there are bugs) Simo. (This used to be commit 0e58085978f984436815114a2ec347cf7899a89d)
2003-05-12Add NT quota support. Patch from Stefan (metze) MetzemacherAlexander Bokovoy1-0/+2
1. Allows to change quota settings for shared mount points from Win2K and WinXP from Explorer properties tab 2. Disabled by default and when requested, will be probed and enabled only on Linux where it works 3. Was tested for approx. two weeks now on Linux by two independent QA teams, have not found any bugs so far Documentation to follow (This used to be commit 4bf022ce9e45be85609426762ba2644ac2031326)
2003-05-11Fix VFS layer:Alexander Bokovoy1-12/+6
1. Finally work with cascaded modules with private data storage per module 2. Convert VFS API to macro calls to simplify cascading 3. Add quota support to VFS layer (prepare to NT quota support) Patch by Stefan (metze) Metzemacher, with review of Jelmer and me Tested in past few weeks. Documentation to new VFS API for third-party developers to follow (This used to be commit 91984ef5caa2d13c5d52e1f535bd3bbbae1ec978)
2003-05-06Patch from metze to add exit and interval events. Useful for modulesJelmer Vernooij1-3/+0
(This used to be commit 3033a63cefb5f28d4460885f7f4e4ecaed95443c)
2003-04-30Trailing , is non-standard (warning from IRIX)Andrew Bartlett1-2/+2
(This used to be commit 96134959d9f8385dfbf34445a3fe6911507cf51e)
2003-04-28Use NTSTATUS as return value for smb_register_*() functions and init_module()Jelmer Vernooij1-1/+1
function. Patch by metze with some minor modifications. (This used to be commit bc4b51bcb2daa7271c884cb83bf8bdba6d3a9b6d)
2003-04-28Whitespace syncup.Tim Potter1-4/+4
(This used to be commit 7fd7af121ee8ba4f9540394f64fe3c78e2e96cd2)
2003-04-24Irix CC reminds us that this is non-standard.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 748ed3552b2be1d86387dc3628107375104d8f50)
2003-04-21Header updates for smb signing mergeAndrew Bartlett1-3/+4
(This used to be commit 2e4b45cd2efe46477c2849faffe0e8401132ef88)
2003-04-15merge in metze' smbcquotas patch from HEADGerald Carter1-25/+42
(This used to be commit b6a77048886151435a4a5eeb9a04be44d397c504)
2003-04-14Add some more functions for the modules (backport from HEAD):Jelmer Vernooij1-1/+1
- init_modules() - smb_probe_module() (This used to be commit b3328dab2fa069af300b4076695bf6c359501111)
2003-04-14Merge new popt_common.h include file.Tim Potter1-15/+9
(This used to be commit 1fb4b8fe4310dd15c1842935871ead0745859a54)
2003-04-14Merge of new sid type (SID_NAME_COMPUTER) and tidyup.Tim Potter1-1/+0
(This used to be commit c91cf2b38df9f51dd6cb46f0742e1c57bb36b508)
2003-04-14Merge of rpcecho pipe for testing large dcerpc requests and responses.Tim Potter1-1/+3
Only compiled in when --enable-developer argument passed to configure. (This used to be commit 017da9393bab276543d0d5c50df8c760780f2450)
2003-04-09This is the netlogon schannel client code. Try aVolker Lendecke1-0/+2
rpcclient -S pdc -U% -c "samlogon user password" and it should work with the schannel. Needs testing against platforms different from NT4SP6. Volker (This used to be commit eaef0d8aeff1aa5a067679be3f17e08d7434e1e8)
2003-03-12adding some initiaial code to sert %a to Win2K3 (using Native LanMan string ↵Gerald Carter1-1/+1
from .NET RC2) (This used to be commit e074cab810f9299d0b27881cddf8a74f10fe233e)
2003-03-07Extra const committed by mistake - revert.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 183ce97d3719080b1b01932b96206b8ee4c5f5b0)
2003-03-07Patch from Michael Steffens. In his own words :Jeremy Allison1-1/+1
------------------------------------------------------------------------- I think there are basically two problem: 1. Windows clients do not always send ACEs for SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, and SMB_ACL_OTHER. The function ensure_canon_entry_valid() is prepared for that, but tries to "guess" values from group or other permissions, respectively, otherwise falling back to minimum r-- for the owner. Even if the owner had full permissions before setting ACL. This is the problem with W2k clients. 2. Function set_nt_acl() always chowns *before* attempting to set POSIX ACLs. This is ok in a take-ownership situation, but must fail if the file is to be given away. This is the problem with XP clients, trying to transfer ownership of the original file to the temp file. The problem with NT4 clients (no ACEs are transferred to the temp file, thus are lost after moving the temp file to the original name) is a client problem. It simply doesn't attempt to. I have played around with that using posic_acls.c from 3.0 merged into 2.2. As a result I can now present two patches, one for each branch. They basically modify: 1. Interpret missing SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, or SMB_ACL_OTHER as "preserve current value" instead of attempting to build one ourself. The original code is still in, but only as fallback in case current values can't be retrieved. 2. Rearrange set_nt_acl() such that chown is only done before setting ACLs if there is either no change of owning user, or change of owning user is towards the current user. Otherwise chown is done after setting ACLs. It now seems to produce reasonable results. (Well, as far as it can. If NT4 doesn't even try to transfer ACEs, only deliberate use of named default ACEs and/or "force group" or the crystal ball can help :) ------------------------------------------------------------------------- Jeremy. (This used to be commit 1d3b8c528bebfa1971d1affe454a03453335786e)
2003-02-27additional fix for CR 601Gerald Carter1-1/+1
* distinguish WinXP from Win2k * add a 1/3 of a second delay in OpenPrinter in order to trigger a LAN/WAN optimization in 2k clients. (This used to be commit c7712fa054d21b4884a78b7ea6c0fb8b3d637c6b)
2003-02-27Fix to allow blocking lock notification to be done rapidly (no waitJeremy Allison1-1/+1
for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb (does not interfere with existing locks). Jeremy. (This used to be commit 766928bbba1e597c9c2b12458dd8d37e6080593e)
2003-02-24Merge of server-side authentication changes to 3.0:Andrew Bartlett1-0/+2
- user_ok() and user_in_group() now take a list of groups, instead of looking for the user in the members of all groups. - The 'server_info' returned from the authentication is now kept around - in future we won't copy the sesion key, username etc, we will just referece them directly. - rhosts upgraded to use the SAM if possible, otherwise fake up based on getpwnam(). - auth_util code to deal with groups upgraded to deal with non-winbind domain members again. Andrew Bartlett (This used to be commit 74b5436c75114170ce7c780c19226103d0df9060)
2003-02-01Merge of signed/unsigned fixes from HEAD.Andrew Bartlett1-1/+1
(This used to be commit e9f56a157bd472914eebf64fde586104d8274717)