summaryrefslogtreecommitdiff
path: root/source3/include/smb.h
AgeCommit message (Collapse)AuthorFilesLines
2002-11-02Add more options to popt_common and use them. Current ones are:Jelmer Vernooij1-0/+3
-V Version information -n Set netbios name -l Set directory to store log files in -d Set debuglevel -s Load specified configuration file -O Set socket options (This used to be commit 1602d5894947b59fd36c161053a66c0afe2c959c)
2002-11-02Add popt_common_socket_optionsJelmer Vernooij1-0/+1
(This used to be commit a15434314fd8cd88eab40e7cbc8f06a7d0d0169e)
2002-10-30- Remove RTLD_GLOBALJelmer Vernooij1-1/+1
- make smb_load_module() return the return value of init_module() (This used to be commit a8d2dd8d009797486105188f8fdb898a65bb25b0)
2002-10-30Add init_module_function typedef for new module systemJelmer Vernooij1-0/+3
(This used to be commit 4d1206be5275a8af7dfb612f1747fba484a7d017)
2002-10-14Tidyup of file specific access mask bits.Tim Potter1-14/+19
Added directory specific access mask bits. (This used to be commit edbd942a8d0edcb5e7cc3086c3d98c6ff1d6cd80)
2002-10-12Nice *big* patch from metze.Andrew Bartlett1-18/+53
The actual design change is relitivly small however: It all goes back to jerry's 'BOOL store', added to many of the elements in a SAM_ACCOUNT. This ensured that smb.conf defaults did not get 'fixed' into ldap. This was a great win for admins, and this patch follows in the same way. This patch extends the concept - we don't store values back into LDAP unless they have been changed. So if we read a value, but don't update it, or we read a value, find it's not there and use a default, we will not update ldap with that value. This reduced clutter in our LDAP DB, and makes it easier to change defaults later on. Metze's particular problem was that when we 'write back' an unchanged value, we would clear any muliple values in that feild. Now he can still have his mulitivalued 'uid' feild, without Samba changing it for *every* other operation. This also applies to many other attributes, and helps to eliminate a nasty race condition. (Time between get and set) This patch is big, and needs more testing, but metze has tested usrmgr, and I've fixed some pdbedit bugs, and tested domain joins, so it isn't compleatly flawed ;-). The same system will be introduced into the SAM code shortly, but this fixes bugs that people were coming across in production uses of Samba 3.0/HEAD, hence it's inclusion here. Andrew Bartlett (This used to be commit 7f237bde212eb188df84a5d8adb598a93fba8155)
2002-10-07forgot some bits from previous rpc_secdesc.h rework patchSimo Sorce1-2/+0
(This used to be commit 738b9237eda8fdb8adb534ab1a84070923f352f1)
2002-10-06try to put every security descriptors related definitions in the same file.Simo Sorce1-9/+2
also try to uniform names to a clean scheme. first part. (This used to be commit a123e05877caf90c28980be2d84b1d0b46e4fd21)
2002-10-05Add more common options to popt_common - and start usingJelmer Vernooij1-0/+1
the ones for debuglevel and configuration file in pdbedit (This used to be commit cb0d03a393d9009c3e16b9d05d88c171de9a9414)
2002-10-04merge of working dsrolegetprimdominfo() client code from APP_HEADGerald Carter1-1/+1
(This used to be commit f70caa25e4ee198151b915cf2bc0a26b2d0e243d)
2002-10-04merge of new client side support the Win2k LSARPC UUID in rpcbindGerald Carter1-0/+11
from APP_HEAD (This used to be commit 38c9e4299845fd77cc8629945ce2d259489f7437)
2002-10-01Cope with rw errors and timeout to peer.Jeremy Allison1-0/+2
Jeremy. (This used to be commit 736a7bab487d7e217eed452e2089adb6b4164ad5)
2002-09-25This patch from "Stefan (metze) Metzmacher" <metze@metzemix.de> cleans upAndrew Bartlett1-1/+4
pdb_ldap and adds a 'ldap passwd sync' option. The idea with this option is to do allow an ldap backend to do all the fancy password hashing etc - and to tell smbd no to try and double-up. Using 'ldap passwd sync = only' will do this, but is not recommended unless such a backend is in place... Running 'ldap passwd sync = yes' just gets you the same as doing 'pam passwd sync = yes' and having both PAM and pam_ldap correctly configured for 'magic root' behaviour, but only using ldap connection, and one set of credentials. This also gets us closer to allowing ldap to say 'password too short' etc, which might assist in maintaining a consistant password policy. Andrew Bartlett (This used to be commit f13e243f1a13d34ae057b40b01f561e8b95d4570)
2002-09-16Changed Major/Minor version info reported to Server Manager to 4.9.John Terpstra1-8/+12
Added new SWAT Flags for Advanced and Developer modes. (This used to be commit 0250e2c52c7d7aa25308b6c20b8e2a51184cb598)
2002-09-07Winbind client-side cleanups.Andrew Bartlett1-2/+0
The global winbind file descriptor can cause havoc in some situations - particulary when it becomes 0, 1 or 2. This patch (based on some very nice work by Hannes Schmidt <mail@schmidt-net.via.t-online.de>) starts to recitfy the problem by ensuring that the close-on-exec flag is set, and that we move above 3 in the file descriptor table. I've also decided that the PAM module can close it's pipe handle on every request - this isn't performance-critical code. The next step is to do the same for nss_winbind. (But things like getent() might get in our way there). This also cleans up some function prototypes, puts them in just one place. Andrew Bartlett (This used to be commit 442eb39657b98f67cd229ed3110b63aae8bf4e3c)
2002-09-05Move the fancy NT_STATUS macros to a new file, so we can include them earlierAndrew Bartlett1-38/+0
in includes.h Andrew Bartlett (This used to be commit ed184ed1905b49956528b6835f48a69ba3c1a045)
2002-09-04Add bcast_msg_flags to connection struct. Allows sender to filter whenJeremy Allison1-0/+1
sending broadcast messages. Also initial cut-down of printing notify messages (not yet finished). Jeremy. (This used to be commit aca333719695b278843c59e1c6eb07d6655fd59c)
2002-08-28Return correct FILE_SUPERSEDED response - IFSTEST strikes again...Jeremy Allison1-0/+1
Jeremy. (This used to be commit df3e467eb7cce059782870bfec222293577c4f69)
2002-08-23Merged initial allocation code for IFSTEST fix.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 095e2bf9469a4c26814fb049f2870983c090ed81)
2002-08-21Handle wrap-around on this number by making it unsigned.Andrew Bartlett1-1/+1
(Wrapping to zero does not create problems in this cache) Andrew Bartlett (This used to be commit c58e3d5c7d78dd02584b1490a27f7007e11b8712)
2002-08-20IFSTEST fixes for open fid, nametoolong.Jeremy Allison1-11/+12
Jeremy. (This used to be commit e53a81261ed189881c0f07e1b46f97aa6770cab7)
2002-08-20Based orginally by work by Kai, this patch moves our NT_TOKEN generation intoAndrew Bartlett1-3/+4
our authenticaion code - removing some of the duplication from the current code. This also gets us *much* closer to supporting a real SAM backend, becouse the SAM can give us the right info then. This also changes our service.c code, so that we do a VUID (rather than uid) cache on the connection struct, and do full NT ACL/NT_TOKEN checks (or cached equivilant) on every packet, for the same r or rw mode the whole share was open for. Andrew Bartlett (This used to be commit d8122cee059fc7098bfa7e42e638a9958b3ac902)
2002-07-31added support for smbd listening on port 445 and 139. It now listensAndrew Tridgell1-1/+3
on both by default, and you can specify a list of ports to listen on either with "smb ports = " in smb.conf or using the -p option to smbd. this is needed for proper netbiosless operation. (This used to be commit 5dee0a7b5e0fcb298a9d36661c80e60d8b9bcc3a)
2002-07-30OK!Simo Sorce1-3/+10
Finally the cascaded VFS patch is in. Testing is very welcome, specially with layered multiple vfs modules. A big thank to Alexander Bokovoy for his work and patience :) Simo. (This used to be commit 56283601afe1836dafe0580532f014e29593c463)
2002-07-29Added extern for popt_common_debug.Tim Potter1-0/+4
(This used to be commit 4c664a0de89676cfb2b14a93d4e30aed04e29fe9)
2002-07-28Another item off my long-term todo list:Andrew Bartlett1-2/+2
Remove the n^2 search for valid 'tty' names from the sesion code when we don't actually need it. Its main value is in getting 'well behaved' numbers for use with utmp, so when we are not doing utmp we don't need this to get in the way. Andrew Bartlett (This used to be commit 50507e131dac19485a2561f3448da7334e357f50)
2002-07-16print_jobid in the fsp struct should be uint32.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 51c8338c7ac8665fcaaac6de5f2d81b460e803f5)
2002-07-08(this should have been part of the previous commit)Andrew Bartlett1-0/+14
Add a function to display 'sid types' as strings - makes rpcclient outptut and DEBUG() logs much eaiser to understand. Move the enum for SID types to smb.h, becouse is really isn't LSA specific any more. Andrew Bartlett (This used to be commit fc9739861104df4ddc93efab3275275307e4fbb9)
2002-07-03Kill off codepage related stuff, now we don't use codepages any more.Andrew Bartlett1-24/+0
Andrew Bartlett (This used to be commit d1ca2b9f23ce701eb6b6becafb1acd813fc8fc3a)
2002-06-15Rework much of the service.c code:Andrew Bartlett1-0/+3
The aim of this execise is to give the 'security>=user' code a straight paper path. Security=share will sill call authorise_login(), but otherwise we avoid that mess. This allow *much* more accurate error code reporting, beocuse we don't start pretending that we can use the (nonexistant) password etc. Also in this patch is code to create the 'homes' share at session setup time (as we have done in the past - been broken recently) and to record this on the user's vuser struct for later reference. The changes here should also allow for much better use of %H (some more changes to come here). The service.c changes move a lot of code around, but are not as drastric as they look... (Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not '*total_entries' was compared). This code is needs testing, but passes my basic tests. I expect we have lost some functionality, but the stuff I had expected to loose was already broken before I started. In particular, we don't 'fall back' to guest if the user cannot access a share (for security=user). If you want this kind of stuff then you really want security=share anyway. Andrew Bartlett (This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c)
2002-06-14Fix spelling typo.Jeremy Allison1-11/+11
Jeremy. (This used to be commit 0e7e8d44627ad9645a90e96001f8550b68b67a62)
2002-06-14More of SMB signing for client - not yet finished (should be harmless).Jeremy Allison1-1/+2
Jeremy. (This used to be commit c1b20db4bb4bb1ba485466f50b9795470027327c)
2002-06-13Latest patch from metze <metze@metzemix.de> to move most of samba acrossAndrew Bartlett1-2/+2
to using SIDs instead of RIDs. The new funciton sid_peek_check_rid() takes an 'expected domain sid' argument. The idea here is to prevent mistakes where the SID is implict, but isn't the same one that we have in the struct. Andrew Bartlett (This used to be commit 04f9a8ff4c7982f6597c0f6748f85d66d4784901)
2002-06-07Add flags2 for security signituresAndrew Bartlett1-0/+1
(This used to be commit 39c3f245f5e5d5e7532f9097683e6af3190dc872)
2002-05-31Removed some unused variables - tidy up some formating, add struct toJeremy Allison1-1/+7
client state to implement smb signing - this is a test at present. Jeremy. (This used to be commit a234e303558a25c4ea26b7f6788006e4fee651bf)
2002-05-18Include the extra #define for the last set of smbpasswd mods.Andrew Bartlett1-0/+1
(This used to be commit bf82ac14c826a765b33d368e4cb62c7fb3cd3c4f)
2002-05-18A few things in this commit:Andrew Bartlett1-2/+7
cleanup some of the code in net_rpc_join re const warnings and fstrings. Passdb: Make the %u and %U substituions in passdb work. This is done by declaring these paramters to be 'const' and doing the substitution manually. I'm told this is us going full circle, but I can't really see a better way. Finally these things actually seem to work properly... Make the lanman code use the pdb's recorded values for homedir etc rather than the values from lp_*() Add code to set the plaintext password in the passdb, where it can decide how to store/set it. For use with a future 'ldap password change' option, or somthing like that... Add pdb_unix, so as to remove the 'not in passdb' special cases from the local_lookup_*() code. Quite small, as it uses the new 'struct passwd -> SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd) Other: Fix up the adding of [homes] at session setup time to actually pass the right string, that is the unix homedir, not the UNC path. Fix up [homes] so that for winbind users is picks the correct name. (bad interactions with the default domain code previously) Change the rpc_server/srv_lsa_nt.c code to match NT when for the SATUS_NONE_MAPPED reply: This was only being triggered on no queries, now it is on the 'no mappings' (ie all mappings failed). Checked against Win2k. Policy Question: Should SID -> unix_user.234/unix_group.364 be considered a mapping or not? Currently it isn't. Andrew Bartlett (This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)
2002-05-17This removes --with-ssl from Samba.Andrew Bartlett1-5/+0
This option was badly maintained, useless and confused our users and distirbutors. (its SSL, therfore it must be good...) No windows client uses this protocol without help from an SSL tunnel. I can't see any reason why setting up a unix-side SSL wrapper would be any more difficult than the > 10 config options this mess added to samba in any case. On the Samba client end, I think the LIBSMB_PROG hack should be sufficient to start stunnel on the unix side. We might extend this to take %i and %p (IP and port) if there is demand. Andrew Bartlett (This used to be commit b04561d3fd3ee732877790fb4193b20ad72a75f8)
2002-04-15Added hex values as comments for the standard access rights.Tim Potter1-5/+5
(This used to be commit 00511ae2b4bc0ef3bfda89cc0ae3e1fba092b6d6)
2002-04-13This is the 'multiple pdb backends' patch from ctrlsoft, aka Jelmer VernooijAndrew Bartlett1-0/+2
<jelmer@nl.linux.org>. This patch also includes major rework of pdbedit to use popt, and the addition of -i paramter (allowing the user to specify which PDBs is being operated on) and -e to export a pdb - useful for backup and testing etc. Use of -i and -e gets us pdb2pdb functionality for transition between backends, much like the sam2sam in TNG. Andrew Bartlett (This used to be commit c10def37f506d3f2bab442418ac08fdb62659b02)
2002-03-23Fix the mp3 rename bug - also tidy up our open code and remove the specialJeremy Allison1-6/+3
cases for rename and unlink. Had to add desired_access into the share mode record. Jeremy. (This used to be commit 3b1b8ac43535fb0839c5474fa55bf7150f6cde31)
2002-03-20BUFFER_SIZE Should be 128k if large read write tests are to work.Jeremy Allison1-0/+5
Jeremy. (This used to be commit 2be9b253ad40e125169725ea79e6723cb40c5e6a)
2002-03-20Remove the "stat open" code - make it inline. This should fix theJeremy Allison1-1/+0
bugs with opening and renaming mp3 files, also the word rename problems that people have had for a while. Needs a make clean :-) make. Also added JohnR's printing fix. Jeremy. (This used to be commit 504e5ef0494c54efbd0357e334cb2aa5a9eb9c14)
2002-03-19Merge in JohnR's page count fixes.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 2e3133fbe5531b9bbc9bf46a04b27fa58e555f5a)
2002-03-19Sync up vfs changes from 2.2.x.Jeremy Allison1-0/+1
Jeremy. (This used to be commit ad1e858d8e72adf924ff435eab8da3e60842e2e6)
2002-03-15syncing up printing code with SAMBA_2_2 (already done some mergesGerald Carter1-2/+2
in the reverse). * add in new printer change notify code from SAMBA_2_2 * add in se_map_standard() from 2.2 in _spoolss_open_printer_ex() * sync up the _print_queue_struct in smb.h (why did someone change the user/file names in fs_user/fs_file (or vice-versa) ? ) * sync up some cli_spoolss_XXX functions (This used to be commit 5760315c1de4033fdc22684c940f18010010924f)
2002-03-12Added POSIX ACL layer into the vfs.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 7d59445b6962547a8938928a9371651a09e26516)
2002-03-10yipee! Finally put in the patch from Alexey KotovichAndrew Tridgell1-6/+0
<a.kotovich@sam-solutions.net> that adds the security decsriptor code for ADS workstation accounts thanks for your patience Cat, and thanks to Andrew Bartlett for extensive reviews and suggestions about this code. (This used to be commit 6891393b5db868246fe52ff62b3dc6aa5ca6f726)
2002-03-07Change xcopy test to use defined constants rather than magic hexJeremy Allison1-6/+6
values so we can see what's going on. Jeremy. (This used to be commit 5ba4ba36339269b2059da7c103e63ecd948f7938)
2002-03-02This patch merges my private LDAP tree into HEAD.Andrew Bartlett1-2/+8
The main change here is to move ldap into the new pluggable passdb subsystem and to take the LDAP location as a 'location' paramter on the 'passdb backend' line in the smb.conf. This is an LDAP URL, parsed by OpenLDAP where supported, and by hand where it isn't. It also adds the ldap user suffix and ldap machine suffix smb.conf options, so that machines added to the LDAP dir don't get mixed in with people. Non-unix account support is also added. This means that machines don't need to be in /etc/passwd or in nss_ldap's scope. This code has stood up well under my production environment, so it relitivly well tested. I'm commiting this now becouse others have shown interest in using it, and there is no point 'hording' the code :-). Andrew Bartlett (This used to be commit cd5234d7dd7309d88944b83d807c1f1c2ca0460a)