summaryrefslogtreecommitdiff
path: root/source3/lib
AgeCommit message (Collapse)AuthorFilesLines
2001-01-19Changes from APPLIANCE_HEAD:David O'Neill1-28/+119
source/lib/util_seaccess.c - added se_create_child_secdesc() function which takes a parent (container) security descriptor and creates a security descriptor which has the inheritance flags for each ACE applied. In NT a print job is a child object of a printer so deleting and pausing/resuming jobs requires a check against the child security descriptor, not the parent. The values seen in NT printer security descriptors now all fit together in a natural and elegant way which is always nice. - Removed #ifdef'ed out portion of check_ace() when the INHERIT_ONLY flag is set as the se_create_child_secdesc() function now creates a security descriptor which can be used without this hack. (This used to be commit f125b9a94413fd481ae9f05ec5096ef79f0d49e4)
2001-01-17Cleanup of Get_Pwnam(). Adds debugging, cleans up the allow_changeDavid O'Neill1-48/+45
codepath. (This used to be commit 767f73aee62438d74248facf7122b2c49645d5c7)
2001-01-15Changes from APPLIANCE_HEAD:David O'Neill1-4/+9
source/rpc_parse/parse_lsa.c - off by one unistr length bug in init_lsa_trans_name() source/lib/util_sid.c - resolve more BUILTIN sid values to names. source/nsswitch/wb_client.c - fix typo in debug message - set errno on error so we don't get bogus value from last failure. source/rpc_server/srv_spoolss_nt.c - add debug to track number of open printer handles for ease of tracking handle leaks in the future. source/rpc_server/srv_lsa.c - fix off-by-one string bug. This was preventing NT from displaying names for well-know SIDs in printer permissions dialog. (This used to be commit 59229b9025cff54cbdd05e374616ffbf9c6fee33)
2001-01-15removed unnecessary process_exists() call in message_send_pid()Andrew Tridgell1-11/+0
it slows us down and doesn't gain anything (This used to be commit 30fb31a3ab05ab6bb6c89cb457e2216e34b963e6)
2001-01-11Fixed typo with acl_set_fd() not needing an ACL_TYPE_T parameter.Jeremy Allison1-5/+5
Ensure HAVE_NO_ACLS is set in configure if ACL support not selected. Jeremy (This used to be commit 523c91935621ec2d200a79385046694806f7c837)
2001-01-11First compiling version of code that sets NT ACLs as POSIX ACLs.Jeremy Allison1-2/+90
Now the debugging starts.... :-). Jeremy. (This used to be commit 2300ac79f5eba84225288a87129b4df5bd471466)
2001-01-11Changes from APPLIANCE_HEAD:David O'Neill1-1/+1
testsuite/printing/psec.c - Use lock directory from smb.conf parameter when peeking at the ntdrivers.tdb file. source/rpc_parse/parse_sec.c - fix typo in debug message source/script/installbin.sh - create private directory as part of 'make install'. source/nsswitch/winbindd_cache.c source/nsswitch/winbindd_idmap.c source/passdb/secrets.c source/smbd/connection.c - always convert tdb key to unix code-page when generating. source/printing/nt_printing.c - always convert tdb key to unix code-page when generating. - don't prepend path to a filename that is NULL in add_a_printer_driver_3(). source/rpc_server/srv_spoolss_nt.c - always convert tdb key to unix code-page when generating. - don't prepend server name to a path/filename that is NULL in the fill_printer_driver_info functions. source/printing/printing.c - always convert tdb key to unix code-page when generating. - move access check for print_queue_purge() outside of job delete loop. source/smbd/unix_acls.c - fix for setting ACLs (this got missed earlier) source/lib/messages.c - trivial sync with appliance_head (This used to be commit 376601d17d53ef7bfaafa576bd770e554516e808)
2001-01-11Fix from John for growing messages.tdb.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 6dc83a8c665dd6774ce597cf7269ad4d8c5380cf)
2001-01-07Codepages and stuff for Turkish language support. Contributed byTim Potter1-0/+25
Deniz Akkus <akkus@alum.mit.edu> (This used to be commit 5650c143a706a0a65dfd55dea2248c6636a57912)
2001-01-04Changes from APPLIANCE_HEAD:David O'Neill2-5/+75
source/Makefile.in - changes to ctags and etags rules that somehow got lost along the way. source/include/proto.h - make proto source/smbd/sec_ctx.c source/smbd/password.c - merge debugs for debugging user groups and NT token stuff. source/lib/util_str.c - capitalise domain name returned from parse_domain_user() source/nsswitch/wb_client.c - fix broken conditional in debug statement. source/include/rpc_secdes.h source/include/rpc_spoolss.h source/printing/nt_printing.c source/lib/util_seaccess.c - fix printer permission bugs related to ACE masks for printers. This adds mapping of generic access rights to object specific rights for NT printers. Still need to work out whether or not to ignore ACEs with certain flags set, though. See comments in util_seaccess.c:check_ace() for details. source/printing/nt_printing.c source/printing/printing.c - use PRINTER_ACCESS_ADMINISTER instead of JOB_ACCESS_ADMINISTER until we sort out printer/printjob permission stuff. (This used to be commit 1dba9c5cd1e6389734c648f6903abcb7c8d5b2f0)
2001-01-02Fixed -d option for rpcclient.Tim Potter1-2/+7
(This used to be commit 44c5eb4def9a264f660b2398d28b72f54e6547e6)
2000-12-20Removed uninitialised variable.Jeremy Allison1-1/+0
Jeremy. (This used to be commit 56a93567a106f25e87df093e1861f6bdd1d3196a)
2000-12-19Split the one sys_acl_free call into sys_acl_free_TYPE calls, to allowJeremy Allison1-11/+32
easier wrapping of non-POSIX ACL interfaces. Jeremy. (This used to be commit 1a31b4eb082b23d60e3d9040b3c0110eef1f9385)
2000-12-18A couple more UMR fixes.Jeremy Allison1-2/+2
Jeremy. (This used to be commit a83702c99f1ecd6e68f8c178b20823fce6d4c6c6)
2000-12-15Never free anything in the rpc_parse/prs_XXX functions. Do it in the enclosingJeremy Allison1-5/+5
function. lib/util_unistr.c: Check lengths *before* reading source - prevent uninitialised memory reads. Jeremy. (This used to be commit ce4f461965c872fbfc9fe5f6b98aed58bb3dd67a)
2000-12-15lib/util_unistr.c:Jean-François Micouleau1-22/+21
rewrote unistr2_to_ascii() to correct a bug seen on SGI boxes. rpc_parse/parse_misc.c: rpc_parse/parse_prs.c: rewrote of BUFFER5 handling to NOT byteswap when it was already in network byte order. rpc_parse/parse_samr.c: cleanup of samr_io_q_lookup_domain(), remove the over-parsing by 2 bytes. rpc_server/srv_lsa.c: UNISTR2 strings need to be NULL terminated to pleased W2K. rpc_server/srv_spoolss_nt.c: use snprintf instead of safe_strcpy as we want the string truncated at 32 chars. That should fix SUN and SGI box not able to act as printserver and the problem with joining from a W2K wks. J.F. (This used to be commit 69fe739303b105f2c488f266f13977da1b6b201d)
2000-12-15Fixed memory leaks in lsa_XX calls. Fixed memory leaks in smbcacls. MergedJeremy Allison2-11/+7
in fixes from appliance-head and 2.2. Fixed multiple connection.tdb open problem. Jeremy. (This used to be commit 0a40bc83e14c69a09948ec09bb6fc5026c4f4c14)
2000-12-14Renamed parameters and variables called acl to the_acl as it conflictsTim Potter1-6/+6
with a Solaris system call. (This used to be commit 5e547ddcb526be5562db9213c5b36e505e735a2e)
2000-12-12Removed the special casing of SIDs in se_access_check. This is now done ↵Jeremy Allison2-41/+45
(correctly) when the NT_USER_TOKEN is *created*. Jeremy. (This used to be commit 27d72ed1cf8ece2bede812341279ba5a7262ace4)
2000-12-12Owner always has READ_CONTROL and WRITE_DAC access.Jeremy Allison1-1/+3
Jeremy. (This used to be commit 05fcb124dfbb1a257828e9dc6a7793fc3dc73c4b)
2000-12-11code review of rpcclientGerald Carter1-159/+140
o added some comments o abstracted a few code bits o cleaned up some code by removing unused code paths -- jerry (This used to be commit 679453af36c06ae9c82dd20742a56272ec73f427)
2000-12-11new version of Get_Pwnam()Gerald Carter1-52/+50
o check the username in all lowercase o check the username as transmitted if this would be a different case o check the username in all upper case if this is a new version -- jerry (This used to be commit 059f4fee5d8ad72cd699995c660263ed2cc4f25f)
2000-12-09Fixed typo causing coredump in file_lines_parse.Jeremy Allison1-1/+1
Jeremy. (This used to be commit f575f4d67a5b45e47c29de30f02901c55cef4621)
2000-12-08Modified argc passed to rpc_client cmd_* functions to include argv[0].Tim Potter1-3/+3
Gerald, could you check to see I haven't introduced any bugs into rpcclient/cmd_spoolss.c? (This used to be commit 77b0bda4df3217cd186d5b8f902a50f35346d98d)
2000-12-07file_lines_load/file_lines_pload can now optionally convert unix_to_dos()Jeremy Allison1-7/+14
on read. Jeremy. (This used to be commit 76b8dd376d13eb4469417be217c966d54d333367)
2000-12-07Added better configure test for POSIX ACLs. Fixed stupid typo in sysacls.cJeremy Allison1-1/+1
Jeremy. (This used to be commit da6ae57501e3cb971e82eac5bb05efcd9cf443ae)
2000-12-07Working code to read POSIX ACLs on a Linux system using the bestbitsJeremy Allison1-2/+49
ACL patch from http://acl.bestbits.at/. configure support needs more work (just assumes correct headers at the moment). ACL writing needs adding. Jeremy. (This used to be commit 6ae63e502e6adf3666a34aa87860c74e106fdb84)
2000-12-06Cause smbd to use the new posix_acls code, not the old unix_acls code.Jeremy Allison1-0/+12
Currently does exactly the same thing (returns ACLs the same way). This code is written to try and get a POSIX ACL via the abstract sys_XX interface, then fall back to providing a UNIX based ACL if the calls fail. Seems to work. Next step is to add a --with-posix-acls to configure.in and then check on a POSIX ACL system that a complex ACL is returned correctly as an NT ACL. Note that the ACL set (a more complex problem) is not addressed yet. Jeremy. (This used to be commit 4339e20202a876dbadc07980b731f711463b7299)
2000-12-06Fixed compiler warning.Tim Potter1-1/+1
(This used to be commit 6553f1d02792d81987dda51af76b4fc06d73a787)
2000-12-06Make smbd/posix_acls.c use abstract interface.Jeremy Allison1-0/+110
include/smb_acls.h lib/sysacls.c: Added as interface definitions. Jeremy. (This used to be commit 8359375bba5b3ae24956f66b066dedf11d3583df)
2000-12-06Changed to sourceforge tdb code. This includes spinlocks (so we now haveJeremy Allison1-7/+7
a --with-spinlocks option to configure, this does mean the on-disk tdb format has changed, so 2.2alphaX sites will need to re-create their tdb's. The upside is no more tdb fragmentation and a +5% on netbench. Swings and roundabouts.... Jeremy. (This used to be commit 9dea7b7c257db487f8ced7dad3fce92fba03ea91)
2000-12-02fixed messaging bug - use strlen() instead of sizeof() in key lengthAndrew Tridgell1-2/+2
(This used to be commit 1d63160c751fa968e3a7618d1feb84a9feaa13dc)
2000-12-01Allow zero length smb.conf files.Tim Potter1-2/+0
(This used to be commit 46007a541cd2497c14659a10ba24a6d0a375ac5a)
2000-12-01Use lp_codepagedir() instead of CODEPAGEDIR when loading the unicode map.Tim Potter1-2/+3
Found by Joseph Cheek <joseph@cheek.com> (This used to be commit ec74fdc631fbd5f0b5450df02acb9cd98c153823)
2000-11-21Another large patch for the passdb rewrite.Gerald Carter1-0/+6
o added BOOL own_memory flag in SAM_ACCOUNT so we could use static memory for string pointer assignment or allocate a new string o added a reference TDB passdb backend. This is only a reference and should not be used in production because - RID's are generated using the same algorithm as with smbpasswd - a TDB can only have one key (w/o getting into problems) and we need three. Therefore the pdb_sam-getpwuid() and pdb_getsampwrid() functions are interative searches :-( we need transaction support, multiple indexes, and a nice open source DBM. The Berkeley DB (from sleepycat.com seems to fit this criteria now) o added a new parameter "private dir" as many places in the code were using lp_smb_passwd_file() and chopping off the filename part. This makes more sense to me and I will docuement it in the man pages o Ran through Insure-lite and corrected memory leaks. Need for a public flogging this time Jeremy (-: -- jerry (This used to be commit 4792029a2991bd84251d152a62b1033dec62cee2)
2000-11-17fixed the problem with messages not getting throughAndrew Tridgell1-1/+1
the problem had nothing to do with being your own pid, it was instead a problem with IPC$ connections not being registered in the connections database and an incorrect test for -1 in the messaging code. These changes also mean that IPC$ shares now show up in smbstatus. That is probably a good thing. (This used to be commit 3575ad10985a18f897e38179ca69fa9a49a7ea02)
2000-11-17save and restore errno in selectAndrew Tridgell1-1/+5
(This used to be commit 34f0379096d0701c74a51c51649ffe4cb1a24291)
2000-11-17Delete queue on empty.Jeremy Allison1-2/+7
Jeremy. (This used to be commit 6e18a2aa58bc485e3c803ff357acc1b7fe6d95e1)
2000-11-17the duplicate checking code will cause unaligned accesses on non-intelAndrew Tridgell1-4/+4
processors. Fixed. (This used to be commit 64d38c24100cb3409b38b9923734f2a6202bdc2a)
2000-11-17use process_exists() not kill(pid, 0)Andrew Tridgell1-1/+1
(This used to be commit 30048cff12e03c95ef43ba4ee16af1df2de9dbc8)
2000-11-16Fix for a problem with the new messaging system. If a sender is using theJeremy Allison2-6/+42
messaging system as a notification mechanism, and the speed of notification greatly exceeds the speed of message recovery, then you get a massively (>75Mb) growing tdb. If the message is a simple notification, then the message is static, and you only need one of them in transit to a target process at any one time. This patch adds a BOOL "allow_duplicates" to the message_send_XX primitives. If set to False, then before sending a message the sender checks the existing message queue for a target pid for a duplicate of this message, and doesn't add to it if one already exists. Also added code into msgtest.c to test this. Jeremy. (This used to be commit 3aa7995660395ecb85c8e35b638fa9fbbb952558)
2000-11-16Fix for plaintext passwords from Pat Sandfort @ HP.Jeremy Allison1-3/+6
Jeremy. (This used to be commit b8753b92fbeb1d6768d0559e12ff2aa1d0148419)
2000-11-16Ok - fixed a bug in our levelII oplock code. We need to break a level II onJeremy Allison1-51/+0
a byte range lock (write lock only, but Win2k breaks on read lock also so I do the same) - if you think about why, this is obvious. Also fixed our client code to do level II oplocks, if requested, and fixed the code where we would assume the client wanted level II if it advertised itself as being level II capable - it may not want that. Jeremy. (This used to be commit 213cd0b5192307cd4b0026cae94b2f52fb1b0c02)
2000-11-13Large commit which restructures the local password storage API.Gerald Carter1-0/+7
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
2000-11-11Merge of Herb's profiling code.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 3be056c71aa8e0a4ba70d397107199004bdb7d3f)
2000-11-10Merge in Herb's changes from 2.2.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 24d76c5fbda29d89c96d7c22193ec2eb93ad3887)
2000-11-10Fix from John E. Malmberg <wb8tyw@qsl.net> for -1 return in interfaces scan.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 4d25a53c36ad2c33cc2ecaf1486e18f1536eff95)
2000-11-0664 bit fix from Uros Prestor <uros@turbolinux.com>.Jeremy Allison1-3/+3
Jeremy. (This used to be commit 9a5471b3e861aa864ffff5fc87ac2681de7b0068)
2000-11-04Fix some compiler warnings.Tim Potter1-6/+6
(This used to be commit 852de9226d50ccac71ec1691052a6e395283ca56)
2000-10-28Fixed silly bug in dup2 code found by Kenichi Okuyama@Tokyo Research Lab. ↵Jeremy Allison1-1/+1
IBM-Japan. Co. Jp. Jeremy. (This used to be commit 9c2272e056aef741c4b86f9a247c3534944d9eff)