summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2002-01-26Move the lsa code across to the changed args for lookup_name, and surround itAndrew Bartlett1-4/+2
in become_root()/unbecome_root(). Also only allocate the memory the client reqests - and don't allow the client to trigger an SMB_ASSERT if they ask for 'more'. Up the maximum number of sids allowed, and note that this is an arbiary guess, and can be raised without consequence. Andrew Bartlett (This used to be commit 6e7667125d142670db7393ed7a48386f3821d896)
2002-01-26This always points at a string literal, so it probably should be 'const'.Andrew Bartlett1-1/+1
(This used to be commit e72e511935ce7f2b658a133bd536833864bc6a92)
2002-01-26Fixed ADDPRINTEREX to take a devmode and a security descriptor...Jeremy Allison1-9/+4
Jeremy. (This used to be commit 27f65b3aad13ecd33bbb84048d70e3dde212f278)
2002-01-25rewrote nmbd's wins backend to use a tdb instead of a flat text file.Jean-François Micouleau1-0/+56
Changed the way the wins record are handled in memory. Now they are living much longer with the different states: active, released and tombstone. Also added a version ID, some wins flags and the wins owner ip address to the namrec->data struct, and a function to process messages sent by the wins replication daemon. the initiate_wins_processing() function is not correct, I'll fix it later. J.F. (This used to be commit b902e087d06c32797af19021a7f56895d86d7364)
2002-01-25new message type for nmbdJean-François Micouleau1-0/+1
J.F. (This used to be commit 5fef8a5ad29074bcf02904a1cca72133d57cc3e4)
2002-01-25Return correct RPC fault PDU on bad handle incoming.Jeremy Allison1-0/+6
Jeremy. (This used to be commit 0db93d8752197e213f0974edae53e2dafdd77b51)
2002-01-25minor fixesSimo Sorce1-4/+3
(This used to be commit 04f492980b73800b60dde764fdeb43f2eab79624)
2002-01-20This is another *BIG* change...Andrew Bartlett3-4/+69
Samba now features a pluggable passdb interface, along the same lines as the one in use in the auth subsystem. In this case, only one backend may be active at a time by the 'normal' interface, and only one backend per passdb_context is permitted outside that. This pluggable interface is designed to allow any number of passdb backends to be compiled in, with the selection at runtime. The 'passdb backend' paramater has been created (and documented!) to support this. As such, configure has been modfied to allow (for example) --with-ldap and the old smbpasswd to be selected at the same time. This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua. These two backends accept 'non unix accounts', where the user does *not* exist in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to avoid conflicts in the algroitmic mapping of RIDs, they use the values specified in the 'non unix account range' paramter - in the same way as the winbind ranges are specifed. While I was at it, I cleaned up some of the code in pdb_tdb (code copied directly from smbpasswd and not really considered properly). Most of this was to do with % macro expansion on stored data. It isn't easy to get the macros into the tdb, and the first password change will 'expand' them. tdbsam needs to use a similar system to pdb_ldap in this regard. This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I don't have the test facilities for these. I plan to incoroprate at least pdb_ldap into this scheme after consultation with Jerry. Each (converted) passdb module now no longer has any 'static' variables, and only exports 1 init function outside its .c file. The non-unix-account support in this patch has been proven! It is now possible to join a win2k machine to a Samba PDC without an account in /etc/passwd! Other changes: Minor interface adjustments: pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*. pdb_update_sam_account() no longer takes the 'override' argument that was being ignored so often (every other passdb backend). Extra checks have been added in some places. Minor code changes: smbpasswd no longer attempts to initialise the passdb at startup, this is now done on first use. pdbedit has lost some of its 'machine account' logic, as this behaviour is now controlled by the passdb subsystem directly. The samr subsystem no longer calls 'local password change', but does the pdb interactions directly. This allow the ACB_ flags specifed to be transferred direct to the backend, without interference. Doco: I've updated the doco to reflect some of the changes, and removed some paramters no longer applicable to HEAD. (This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
2002-01-20Kill off another ugly wart from the side of the passdb subsystem.Andrew Bartlett3-1/+5
This time its the pdb_getsampwuid() function - which was only being used by the SAMR rpc subsystem to gain a 'user session key'. This 'user session key' is actually generated at login time, and the other changes here simply move that data around. This also means that (when I check some details) we will be able to use the user session key, even when we are not actually the DC, becouse its one of the components of the info3 struct returned on logon. Andrew Bartlett (This used to be commit 799ac01fe08a338e4e94289f5d6767ebf905c1fa)
2002-01-20This is the current patch from Luke Leighton <lckl@samba-tng.org> to add aAndrew Bartlett1-8/+85
degree of seperation betwen reading/writing the raw NamedPipe SMB packets and the matching operations inside smbd's RPC components. This patch is designed for no change in behaviour, and my tests hold that to be true. This patch does however allow for the future loadable modules interface to specify function pointers in replacement of the fixed state. The pipes_struct has been split into two peices, with smb_np_struct taking the information that should be generic to where the data ends up. Some other minor changes are made: we get another small helper function in util_sock.c and some of the original code has better failure debugs and variable use. (As per on-list comments). Andrew Bartlett (This used to be commit 8ef13cabdddf58b741886782297fb64b2fb7e489)
2002-01-17A nice *big* change to the fundemental way we do things.Andrew Bartlett1-0/+2
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps them around for a long time - often past the next call... This adds a getpwnam_alloc and a getpwuid_alloc to the collection. These function as expected, returning a malloced structure that can be free()ed with passwd_free(&passwd). This patch also cuts down on the number of calls to getpwnam - mostly by taking advantage of the fact that the passdb interface is already case-insensiteve. With this patch most of the recursive cases have been removed (that I know of) and the problems are reduced further by not using the sys_ interface in the new code. This means that pointers to the cache won't be affected. (This is a tempoary HACK, I intend to kill the password cache entirly). The only change I'm a little worried about is the change to rpc_server/srv_samr_nt.c for private groups. In this case we are getting groups from the new group mapping DB. Do we still need to check for private groups? I've toned down the check to a case sensitve match with the new code, but we might be able to kill it entirly. I've also added a make_modifyable_passwd() function, that copies a passwd struct into the form that the old sys_getpw* code provided. As far as I can tell this is only actually used in the pass_check.c crazies, where I moved the final 'special case' for shadow passwords (out of _Get_Pwnam()). The matching case for getpwent() is dealt with already, in lib/util_getent.c Also included in here is a small change to register the [homes] share at vuid creation rather than just in one varient of the session setup. (This picks up the SPNEGO cases). The home directory is now stored on the vuid, and I am hoping this might provide a saner way to do %H substitions. TODO: Kill off remaining Get_Pwnam_Modify calls (they are not needed), change the remaining sys_getpwnam() callers to use getpwnam_alloc() and move Get_Pwnam to return an allocated struct. Andrew Bartlett (This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da)
2002-01-17Added some guards.Tim Potter1-0/+4
(This used to be commit 967c68858001cd620d2524d56180497c4b479c6b)
2002-01-16Merged in %S fixes and XX_NOT_CHANGED fixes from 2.2.Jeremy Allison1-3/+3
Jeremy. (This used to be commit 0fcca6c627a5c9c2219ec9714df5e0bc1a44cc29)
2002-01-16Fixup error mapping so we have only one table containing errno -> dos error ↵Jeremy Allison1-0/+7
-> NT STATUS maps. Fixes problem with disk full returning incorrect error. Jeremy. (This used to be commit 16fcbf3c1ccf1d704765653f68395dd596c0d841)
2002-01-16Added CIFS UNIX extension code to client.Jeremy Allison1-0/+6
Jeremy. (This used to be commit 794c3e2c76aae57d054e46b185def104ca02977c)
2002-01-16At leadt don't lose this - I need to re-sync trans2.c between 2.2.x andJeremy Allison1-27/+66
HEAD soon. Jeremy. (This used to be commit 2f57257558b67b4a5106fece269ce55643464683)
2002-01-16Roll back PSTRING_SANCTIFY patch; just leave non-controversial typeMartin Pool2-40/+4
and constness changes. (This used to be commit cee0ec72746122c962e6c5278a736266a7f2c424)
2002-01-15Split pstring definitions into their own header.Martin Pool2-53/+72
(This used to be commit 04e3082f7d45c1b304adff5a46106136cff0e09e)
2002-01-15Integrate with PSTRING_SANCTIFY.Martin Pool1-4/+4
(This used to be commit 20a03facb6acf6329acc1645d4e9ead863a1a57c)
2002-01-15Change the passdb interface to use allocated strings.Andrew Bartlett1-13/+17
These strings are allocated using talloc(), either using its own memory context stored on the SAM_ACCOUNT or one supplied by the caller. The pdb_init_sam() and pdb_free_sam() function have been modifed so that a call to pdb_free_sam() will either clean up (remove hashes from memory) and destroy the TALLOC_CTX or just clean up depending on who supplied it. The pdb_init_sam and pdb_free_sam functions now also return an NTSTATUS, and I have modified the 3 places that actually checked these returns. The only nasty thing about this patch is the small measure needed to maintin interface compatability - strings set to NULL are actually set to "". This is becouse there are too many places in Samba that do strlen() on these strings without checking if they are NULL pointers. A supp patch will follow to set all strings to "" in pdb_default_sam(). Andrew Bartlett (This used to be commit 144345b41d39a6f68d01f62b7aee64ca0d328085)
2002-01-14Removed MAXSTATUS which was set incorrectly - thus causing tdb traversalJeremy Allison1-1/+2
of the connections db on smbd startup. This should fix the Solaris large load bug.... (fingers crossed). Jeremy. (This used to be commit 5b2b9c25af28543e67762805d1387524cbb6c39d)
2002-01-14PSTRING_SANCTIFY:Martin Pool1-3/+50
If you define this, pstring and fstring become distinguished types, so that it's harder to accidentally overflow them by for example passing an fstring on the lhs of pstrcpy. The types are defined as one-element union arrays so that with "fstring f" the name "f" will be a pointer and with a big hammer you can cast it to (char *). So code that tries to just use it directly will get a loud warning, but hopefully nothing worse. To pass them to non-pstring-aware functions, use PSTR and check that the function takes a const. They should almost never be modified except by special calls. In those unusual cases, use PSTR_MUTABLE. This is off by default so as not to produce too many warnings. As the code is vetted it can become the default. (This used to be commit ca233bc8b30d7d0626039b2769c4e1ae92dafd50)
2002-01-12Added PRINTER_INFO_4/PRINTER_INFO_5, we're seeing level 5 requested on the ↵Jeremy Allison1-0/+20
wire... so. Jeremy. (This used to be commit b63b76297835ab8227b98925fa8120ffce1a37d9)
2002-01-11Same fix as went into 2.2 (I'm waiting for jerry to finish some code).Jeremy Allison1-18/+24
Jeremy. (This used to be commit 01ff6ce4963e1daff019f2b936cef218e1c93f67)
2002-01-11preparing for release of 3.0-alpha13Samba Release Account1-1/+1
(This used to be commit 4f4f898348c5719b745ff358463fd7d59e3da495)
2002-01-11Back out the crazy notion that the NTLMSSP flags actually mean anything...Andrew Bartlett1-1/+7
Replace this with some flags that *we* define. We can do a mapping later if we actually get some more reliable info about what passwords are actually valid. Andrew Bartlett (This used to be commit 7f7a42c3e4d5798ac87ea16a42e4976c3778a76b)
2002-01-11Correct4ed comment.Tim Potter1-1/+1
(This used to be commit 78814664ef7d41c2f6637b508711ab45647a64f9)
2002-01-10added structure members referred to by recent changes in vfs-wrap.cHerb Lewis1-1/+5
(This used to be commit c5e14d73dffee86ef2dabcf7031eea0da9e32f3d)
2002-01-10First part of UNIX extensions (#ifdefed out) more to follow.Jeremy Allison2-0/+7
Jeremy. (This used to be commit 02b18f2cca6d6d046d2d8fd7375b207d44031ddc)
2002-01-10Oh joy - the original code didn't do mapping of the perms onto the wire.Jeremy Allison1-11/+41
Make it up as we go along... :-). Jeremy. (This used to be commit 4289fe3499e49c3ed356eff55ffbcfef4dca72af)
2002-01-10We need to test for major/minor macros.Jeremy Allison2-0/+13
Jeremy. (This used to be commit ee8c8add7f83d7a794546769c59c85ef8bb5b89a)
2002-01-10Getting ready to add UNIX extensions in HEAD also.Jeremy Allison4-27/+96
Jeremy (This used to be commit 6210d4aa196c944e47076e316980f76ac9c6b02d)
2002-01-09Added tests for st_blocks in struct stat, and added a (hateful) constantJeremy Allison1-0/+2
the specifies the units that st_blocks is in. The reason for this is that HPUX uses 8k, AIX uses a #defined constant and everyone else (tm) uses 512 byte units. Needed for the CIFS UNIX extensions - coming to a Samba server near you soon.... :-). Jeremy. (This used to be commit 38cfffea5f0d7f5ff676f83204a2923247dce9d5)
2002-01-09Add two more memory-debug smbcontrol messages: these ones shouldMartin Pool1-0/+8
prompt dmalloc to log information about what happening, so you can see in flight why smbd is getting bloated. (This used to be commit bcb443c5c4bf97fe6b5b0993e42496c2e64f0124)
2002-01-09With --enable-dmalloc, also use dmalloc's wrappers around routinesMartin Pool1-1/+4
like strcat (This used to be commit fb8ab69b6f638c41d734282488be91d85b4ec057)
2002-01-09Add UNUSED(paramname) macro to be used in parameter lists, to quietenMartin Pool1-1/+10
gcc warnings about unused parameters. (This used to be commit b29775d442c36f667a6db5ba9dbe47d1a133525f)
2002-01-09Fix macro name controlling inclusion of DMALLOC.Martin Pool1-1/+1
(This used to be commit a57e13b8b661dd41e8036f862c708b5d3ced82e6)
2002-01-07Sed error. The status value in the PRINTER_INFO_2 structure isn't a WERRORTim Potter2-2/+2
but a plain old uint32. (This used to be commit 690cc12bad2a037684a43b0dcb48be8eb03aa7bc)
2002-01-06DOS error 31 is ERRgeneral, General Failure. This is the WERROR equivalentTim Potter1-0/+1
to NT_STATUS_UNSUCCESSFUL according to AB's funky new error map. (This used to be commit 9c968fbb017d3369ac207e65348a9a22dbed0213)
2002-01-05I've decided to move the auth code around a bit more...Andrew Bartlett1-13/+21
The auth_authsupplied_info typedef is now just a plain struct - auth_context, but it has been modified to contain the function pointers to the rest of the auth subsystem's components. (Who needs non-static functions anyway?) In working all this mess out, I fixed a number of memory leaks and moved the entire auth subsystem over to talloc(). Note that the TALLOC_CTX attached to the auth_context can be rather long-lived, it is provided for things that are intended to live as long. (The global_negprot_auth_context lasts the whole life of the smbd). I've also adjusted a few things in auth_domain.c, mainly passing the domain as a paramater to a few functions instead of looking up lp_workgroup(). I'm hopign to make this entire thing a bit more trusted domains (as PDC) freindly in the near future. Other than that, I moved a bit of the code around, hence the rather messy diff. Andrew Bartlett (This used to be commit 12f5515f556cf39fea98134fe3e2ac4540501048)
2002-01-05Add a talloc varient of the data_blob functions.Andrew Bartlett1-1/+2
Also change the structure so it has its own (optional) 'free' pointer - so we don't free() a talloc'ed version. also split out the data_blob_clear() functionaility. Andrew Bartlett (This used to be commit 207ee8aac42cf4b35f07e496b15fdeabe50950bc)
2002-01-03Added WERROR for non local domain.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 6c51d90f13a40359baef08424f7ea1940f93d511)
2002-01-03Update the NT_STATUS -> DOS error table.Andrew Bartlett1-0/+2
This new table is rather different to the old one (see diff posted to the list for a sorted list of differences) and needs a *lot* of testing. It does however seem to line up much better with what NT is using, as exampled by the change to the OBJECT_NAME_COLLISION DOS error, it now matches win2k where it didn't before. I can't see any critical errors we now get wrong, and I know that the auth errors are correct as per my on-the-wire observations. This table was produced (and I hope to comment this better later) by using the ERRMAPEXTRACT smbtorture tool, a Win2k domain member and the 'name_to_ntstatus' auth module on the HEAD PDC. This module returned the username as the error, and the NT box was forced to give me a dos error becouse thats all I negotiated on that connection. Hence the map. Andrew Bartlett (This used to be commit a855dfb2e0b899d03087860e5462c2aed3ca4cad)
2002-01-03Clarify doc for SAFE_FREE.Martin Pool1-3/+7
(This used to be commit 269a7d3c9ba8ca1444653c1aa56b843b8b1df08b)
2002-01-03Add talloc_asprintf_append, which grows an existing string buffer toMartin Pool1-0/+6
contain new print-formatted information. (Also talloc_vasprintf_append.) Idea borrowed from glib. (This used to be commit 53723e874885936dd67483ebf46601fc73489d17)
2002-01-03Welcome to preprocessor hell. Had to put a #ifndef around SAFE_FREE toTim Potter1-0/+3
stop smb_macros.h and tdb.h from fighting with each other. I tried to rearrange the #include file order but that breaks other stuff. Aargh! (This used to be commit aae8cc6e450a6a0b33045ed1e6d49f8eebeb48b2)
2002-01-03Removed unused #defineTim Potter1-1/+0
(This used to be commit ab1bd916cf59e12366d9005f6ce1cf6521ff02be)
2002-01-02removed stuff I wasn't usingGerald Carter1-49/+0
(This used to be commit 27ffce157a655e267f225126f586847e5a0b8614)
2002-01-02ooops./ forgot oneGerald Carter1-1/+1
(This used to be commit 501f3f3a8fb5ea27155f8c2fe266f1f659d7d22d)
2002-01-02Actually enforce the passdb API.Andrew Bartlett1-48/+55
Thou shalt not reference SAM_ACCOUNT members directly - always use pdb_get/pdb_set. This is achived by making the whole of SAM_ACCOUNT have a .private member, where the real members live. This caught a pile of examples, and these have beeen fixed. The pdb_get..() functions are 'const' (have been for some time) and this required a few small changes to constify other functions. I've also added some debugs to the pdb get and set, they can be removed if requested. I've rewritten the copy_id2x_to_sam_pass() functions to use the new passdb interface, but I need the flags info to do it properly. The pdb_free_sam() funciton now blanks out the LM and NT hashes, and as such I have removed many extra 'samr_clear_sam_passwd(smbpass)' calls as a result. Finally, any and all testing is always appriciated - but the basics seem to work. Andrew Bartlett (This used to be commit d3dd28f6c443187b8d820d5a39c7c5b3be2fa95c)