summaryrefslogtreecommitdiff
path: root/source3/lib/access.c
AgeCommit message (Collapse)AuthorFilesLines
2011-05-08s3-lib Use common lib/socket code for get_interfaces() et alAndrew Bartlett1-1/+1
2011-04-25s3:lib/access: normalize IPv4 mapped IPv6 addresses in both directions (bug ↵Stefan Metzmacher1-14/+17
#7383) metze
2011-03-16s3-interfaces: only include interfaces.h where needed.Günther Deschner1-0/+1
Guenther
2010-08-26s3-build: only include memcache.h where needed.Günther Deschner1-0/+1
Guenther
2010-08-22s3: Move check_access to cgi.c, its only userVolker Lendecke1-81/+0
2010-08-22s3: Replace calls to check_access by allow_accessVolker Lendecke1-0/+4
We already have both the name and address of the client stored now
2010-08-16s3: Simplify the logic of check_access by an early returnVolker Lendecke1-34/+32
2010-08-16s3: Fix some type-punned warningsVolker Lendecke1-1/+3
2008-10-23Use sockaddr_storage only where we rely on the size, use sockaddrJelmer Vernooij1-1/+1
otherwise (to clarify we can also pass in structs smaller than sockaddr_storage, such as sockaddr_in).
2008-10-13Add data_blob_string_const_null() function that includes the terminatingJelmer Vernooij1-3/+3
null byte and use it in Samba 3. This matches the behaviour prior to my data_blob changes.
2008-08-09lib/access: make list_match() public.Michael Adam1-1/+1
Michael (This used to be commit 742bedce417c666b5e91d8d0a7dc7682dc62eba2)
2008-08-09lib/access: make client_match() public.Michael Adam1-1/+1
Michael (This used to be commit 1b2dec93b635dfd23af78a370c223ea2dd486aa7)
2008-03-06client[ADDR_INDEX] is an IPv4 mapped to IPv6, butJeremy Allison1-5/+21
the list item is not. Try and match the IPv4 part of address only. This will happen a lot on IPv6 enabled systems with IPv4 allow/deny lists in smb.conf. Bug #5311. Jeremy. (This used to be commit 7c3550f82c51ce173b13e568762f728ecb881e85)
2007-12-21Add a singleton cacheVolker Lendecke1-2/+18
First user is yp_default_domain (This used to be commit c19363eb77fcc3e1bf3341e6373d38f1e91fc08f)
2007-11-03I can't get away without a 'length' arg. :-).Jeremy Allison1-4/+4
Jeremy. (This used to be commit 95d01279a5def709d0a5d5ae7224d6286006d120)
2007-11-03Stop get_peer_addr() and client_addr() from using globalJeremy Allison1-4/+6
statics. Part of my library cleanups. Jeremy. (This used to be commit e848506c858bd16706c1d7f6b4b032005512b8ac)
2007-10-25Fix reversed bool check for access. Found by kukks.Jeremy Allison1-1/+1
Thanks ! Jeremy. (This used to be commit a13e8bd39de978d69666b8aeb884d943885a3605)
2007-10-16Improve IPv4 detection.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 2ef50e325c2183385286b994216624dc3a309ff3)
2007-10-16Fix access control code to be IPv6/v4 protocol independent.Jeremy Allison1-151/+200
Make unix_wild_match() talloc, not pstring based. Next will be name resolution code, and client code. Jeremy. (This used to be commit f6a01b82c5a47957659df08ea84e335dfbba1826)
2007-10-10Add start of IPv6 implementation. Currently most of this is avoidingJeremy Allison1-1/+1
IPv6 in winbindd, but moves most of the socket functions that were wrongly in lib/util.c into lib/util_sock.c and provides generic IPv4/6 independent versions of most things. Still lots of work to do, but now I can see how I'll fix the access check code. Nasty part that remains is the name resolution code which is used to returning arrays of in_addr structs. Jeremy. (This used to be commit 3f6bd0e1ec5cc6670f3d08f76fc2cd94c9cd1a08)
2007-10-10r17408: Let us use netgroups even without a NIS domain but just using filesSimo Sorce1-3/+2
(This used to be commit c065341d3ffc9125514f563c63d416cf7c40375f)
2007-10-10r7139: trying to reduce the number of diffs between trunk and 3.0; changing ↵Gerald Carter1-1/+1
version to 3.0.20pre1 (This used to be commit 9727d05241574042dd3aa8844ae5c701d22e2da1)
2007-10-10r6149: Fixes bugs #2498 and 2484.Derrell Lipman1-1/+1
1. using smbc_getxattr() et al, one may now request all access control entities in the ACL without getting all other NT attributes. 2. added the ability to exclude specified attributes from the result set provided by smbc_getxattr() et al, when requesting all attributes, all NT attributes, or all DOS attributes. 3. eliminated all compiler warnings, including when --enable-developer compiler flags are in use. removed -Wcast-qual flag from list, as that is specifically to force warnings in the case of casting away qualifiers. Note: In the process of eliminating compiler warnings, a few nasties were discovered. In the file libads/sasl.c, PRIVATE kerberos interfaces are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED kerberos interfaces are being used. Someone who knows kerberos should look at these and determine if there is an alternate method of accomplishing the task. (This used to be commit 994694f7f26da5099f071e1381271a70407f33bb)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-1/+1
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2003-12-08make sure we use a real network address in case there are extra non-zero ↵Gerald Carter1-1/+1
octets in hosts allow/deny (This used to be commit 0348e85177ae90c350659451424ab521a4fc335a)
2003-12-01fix inverted logic caused by s/strcmp/strequal/; host allow/deny works ↵Gerald Carter1-1/+1
again; bug 846 (This used to be commit c816b44a9c1278d756f63044bb3a3bce3afec9b3)
2003-11-07Simple rename of get_socket_addr to get_peer_addr and get_socket_name toVolker Lendecke1-7/+7
get_peer_name. This is to get closer to the getsockname/getpeername system functions. Next step will be the %i macro for the local IP address. I still want to play %L-games in times of port 445. Volker (This used to be commit d7162122eaf5d897e5de51604e431bfbaa20e905)
2003-10-22Put strcasecmp/strncasecmp on the banned list (except for needed callsJeremy Allison1-10/+10
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. (This used to be commit d7e35dfb9283d560d0ed2ab231f36ed92767dace)
2003-08-15get rid of some sompiler warnings on IRIXHerb Lewis1-2/+1
(This used to be commit a6a39c61e8228c8b3b7552ab3c61ec3a6a639143)
2003-04-26round three of CIDR fixes; spotted by Tomoki AONOGerald Carter1-3/+2
(This used to be commit 554026b2084e2371c1ddae7316fbb0b9b76472d4)
2003-04-18fix byte ordering when using CIDR notation in hosts allow/deny; spotted by ↵Gerald Carter1-0/+4
Eloy Paris (This used to be commit 6155144b9f6a8d41675ff8f0564f86420431c142)
2003-03-28fix CIDR hosts allow/deny notationGerald Carter1-1/+1
(This used to be commit 84707fd95eec260a1cb22a165a0161a075f93ada)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-86/+79
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
2002-10-26Try to catch up on the code I've put into HEAD that should be in 3.0:Andrew Bartlett1-3/+3
- vorlan's hosts allow with DNS names patch - use x_fileno() in debug.c, not the struct directly. - check for server timeout on password change (was reporting success) - better error/status loggin in both the pam_winbind client and winbindd_pam server code. - (pdb_ldap) don't set the ldap version twice - we do it on every bind anyway. (This used to be commit 9fa1863d8e7788eda83911ca2610754486b33069)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-2/+18
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-03-27Allow hosts allow/deny to use xx.xx.xx.xx/yy syntax.Jeremy Allison1-2/+10
Jeremy. (This used to be commit ea60c50109462b35825be1dd3cc6b28f739a1b59)
2002-01-18If 127.0.0.1 matches both allow & deny then allow. Patch from Steve Langasek ↵Jeremy Allison1-1/+7
vorlon@netexpress.net Jeremy. (This used to be commit 478696e924a5e562965eb21841198c96500027c4)
2001-10-29More spelling and grammer from Vance. <vance@digital-host.net>Andrew Bartlett1-3/+4
Thanks! Andrew Bartlett (This used to be commit f019bed7663b4a20c1b5ab6b59fcadda17b89acd)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-2/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-17move to SAFE_FREE()Simo Sorce1-1/+1
(This used to be commit 60e907b7e8e1c008463a88ed2b076344278986ef)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-5/+5
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-06-23fix compiler warningsSimo Sorce1-3/+0
(This used to be commit 7420e2f7898f1d141ba2af3eda07a67862fee842)
2001-06-20initial support for paramter type P_LISTSimo Sorce1-43/+23
it will avoid problems with lists being longer than 1024 bytes just now only ip list parameters have been converted to the new type (hosts allow, hosts deny, ssl hosts, ssl hosts resign) (This used to be commit e1572f85d6247b760db10825b2fa688d7ed50bd3)
2001-04-20merge from 2.2Gerald Carter1-1/+1
(This used to be commit f87f3707f3d5f205d0287381d71380264a711666)
2001-04-19merge from 2.2Gerald Carter1-2/+2
(This used to be commit 79f4c4ad74149f4b1a8a5a82d8ca8d2474a23ab3)
2001-04-14Removed one samba-bugs ref. from source.Jeremy Allison1-1/+1
Jeremy. (This used to be commit d40ee1707d1d3cf04358bca7fad16ebc15bd4845)
2001-03-27merge from 2.2Gerald Carter1-8/+71
(This used to be commit 3a03065b43d073205e421434bc32082c0f9f64da)
2000-04-11finally got sick of the "extern int Client" code and the stupidAndrew Tridgell1-3/+3
assumption that we have one socket everywhere while doing so I discovered a few bugs! 1) the clientgen session retarget code if used from smbd or nmbd would cause a crash as it called close_sockets() which closed our main socket! fixed by removing close_sockets() completely - it is unnecessary 2) the caching in client_addr() and client_name() was bogus - it could easily get fooled and give the wrong result. fixed. 3) the retarget could could recurse, allowing an easy denial of service attack on nmbd. fixed. (This used to be commit 5937ab14d222696e40a3fc6f0e6a536f2d7305d3)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-6/+32
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1998-11-21global change from samba.anu.edu.au to samba.orgAndrew Tridgell1-1/+1
(This used to be commit 42d2509c9fab5c774fd33b9d4b5bd1ee125479c3)
generated by cgit (git 2.34.1) at 2024-11-01 15:58:45 +0000