summaryrefslogtreecommitdiff
path: root/source3/nmbd
AgeCommit message (Collapse)AuthorFilesLines
1998-12-01rpc_samr.h parse_samr.c srv_samr.c :Luke Leighton1-1/+1
samr_query_aliasmembers (cool!) util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c : pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5) to obtain member and pdc sids. (This used to be commit 3e1eb4f26b67e484b05e1dde94fd4e4dae982631)
1998-11-29weekend work. user / group database API.Luke Leighton1-14/+15
- split sam_passwd and smb_passwd into separate higher-order function tables - renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user" plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd password databases to fill in the blank entries that are not obtained from whatever password database API instance is being used. NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c for the only example outside of the password database APIs i could find. - added query_useraliases code to rpcclient. - dealt with some nasty interdependencies involving non-smbd programs and the password database API. this is still not satisfactorily resolved completelely, but it's the best i can do for now. - #ifdef'd out some password database options so that people don't mistakenly set them unless they recompile to _use_ those options. lots of debugging done, it's still not finished. the unix/NT uid/gid and user-rid/group-rid issues are better, but not perfect. the "BUILTIN" domain is still missing: users cannot be added to "BUILTIN" groups yet, as we only have an "alias" db API and a "group" db API but not "builtin-alias" db API... (This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
1998-11-17Added the same open()/fopen()/creat()/mmap() -> sys_XXX calls.Jeremy Allison4-6/+6
Tidied up some of the mess (no other word for it). Still doesn't compile cleanly. There are calls with incorrect parameters that don't seem to be doing the right thing. This code still needs surgery :-(. Jeremy. (This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-3/+3
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-11-14Removed acconfig.h configure configure.in include/config.h.in: Made ↵Jeremy Allison19-150/+150
smbwrapper not made by default. nmbd*: Changed all calls to namestr() to nmbd_namestr() to fix broken FreeBSD include file problem...sigh. Jeremy. (This used to be commit 9ee8f39aed8772a05c203161b4ae6b7d90d67481)
1998-11-02client/client.c: Patch to tidy up file size output.Jeremy Allison1-4/+1
nmbd/nmbd.c: Someone (a "yank" no doubt :-) Changed instances of "initialise" to "initialize". Someone get that man an *English* dictionary.... :-) :-). Jeremy. (This used to be commit 6279be7f96802bb132e5e18dd8c6912652296e70)
1998-11-02removed comment line at end of fileLuke Leighton1-2/+4
(This used to be commit 5e2fc8b7ccf4a9c8b0a2acf4bd752531ac6fa775)
1998-10-31took out Lukes change as it breaks domain logons for Win95 clientsAndrew Tridgell1-4/+0
(ie. it breaks Sues machine). Luke, your comment was: put unicode strings after SAMLOGON query regardless of whether it's an NT mailslot or a non-NT mailslot, after having observed this behaviour out of NT machines. perhaps you could post the relevant tcpdump or netmon capture so we can see what is going on? I suspect that what you saw isn't exactly what the win95 boxes are generating. Maybe you saw a GETDCxxx instead of a GETDC000 ? Maybe we need a switch based on the GETDC request type? We won't know unless we see sniffs. (This used to be commit a2bacc08955ba61aac4b45b63a54b279e5776261)
1998-10-22Okay, this is really silly but removing one space from one debug statementChristopher R. Hertel1-1/+1
meant that one hex dump would fit within 80 characters in lynx after HTML conversion. (This used to be commit c391f076f29cff917fd51d58598e1ad11048e824)
1998-10-22Minor change.Christopher R. Hertel1-1/+1
The debug_browse_data() function does a hex dump of a browser packet. The last line is often not a full 16 bytes, which would miss-align the hex output. I've added the padding needed to align the hex output. Chris -)----- (This used to be commit 9f9b30abab118f0a2e007beddd79de38a2d5ea29)
1998-10-22Another cosmetic change.Christopher R. Hertel1-2/+8
When dumping the wins.dat, this module will also write the database contents to the log file (don't do this if you have a large wins.dat!). The output was in a sort of tabular format, except that the asctime() function was used and it always terminates its output with a newline. I did a bit of fussing, removed the '\n' character, and did my best to line up the other columns. If the output format of asctime() is different on different systems, then the columns won't line up, but the output will still look better than it did before. Chris -)----- (This used to be commit 57295113feefcde77b429c661878444cd078b21f)
1998-10-21Changed the debug calls to use the newer debug macros. This allowed me toChristopher R. Hertel1-59/+151
break up some very long lines in both the code and the output. The change is mostly cosmetic, but should improve log file readability. (This used to be commit fc4e0148ebf8ea45e4410224218c0c987965d36c)
1998-10-21fixing smbd encrypted rpcs (data lens, alloc hints, sequence nums argh).Luke Leighton1-0/+6
put unicode strings after SAMLOGON query regardless of whether it's an NT mailslot or a non-NT mailslot, after having observed this behaviour out of NT machines. (This used to be commit c101113ec20ed0ba633e78e4ee45596cdccaf1b5)
1998-10-05get type of callback rightAndrew Tridgell1-1/+1
(This used to be commit 327eba774e5bb17a91f80617bd7359afe0c83f48)
1998-09-29Missed one removed multi-statement line. Grrr.Jeremy Allison1-0/+1
Jeremy. (This used to be commit 7958787d9beffcd0f025c7a85469844d2e520ce5)
1998-09-29Fixed bug introduced by me in dead code elimination.Jeremy Allison1-22/+44
Bug was caused by multiple C statements on a line. IMHO this is a *BUG* and will be treated as such.... Fixed all such multiple statements in this file. Jeremy. (This used to be commit ea3ab46f12565ac6ccbb8c69825acedd3640ec12)
1998-09-29get away with dummy and .dummy filesAlexandre Oliva1-1/+0
(This used to be commit 90a8a02484a0897b053fd6531b7fec5d23098b6f)
1998-09-28Changes to test in configure if capabilities are enabled on a system.Jeremy Allison6-41/+9
Changes to get Samba to compile cleanly with the IRIX compiler with the options : -fullwarn -woff 1209,1174 (the -woff options are to turn off warnings about unused function parameters and controlling loop expressions being constants). Split prototype generation as we hit a limit in IRIX nawk. Removed "." code in smbd/filename.c (yet again :-). Jeremy. (This used to be commit e0567433bd72aec17bf5a54cc292701095d25f09)
1998-09-28automated generation of .dummy files for each subdirectory;Alexandre Oliva1-1/+0
dummy.in files are no longer needed, and new directories will be taken care of automatically, at configure (or config.status --recheck) time (This used to be commit 237a8e5fe62d757c04b8207cbbee4df1470cfe4e)
1998-09-25Makefile.in: Fixed bug with continuation line causing proto to fail.Jeremy Allison2-2/+2
Added $(PROGS) $(SPROGS) as targets for make clean. acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES. configure.in: Added sys/capability.h header check. Added function checks for srandom random srand rand. Added HAVE_IRIX_SPECIFIC_CAPABILITIES test. includes.h: Added #include <sys/capability.h>. ntdomain.h: Moved struct acct_info into here from smb.h smb.h: Added KERNEL_OPLOCK_CAPABILITY define. Moved enum action_type into rpcclient.h Moved struct cli_state into client.h Moved struct nt_client_info, struct tar_client_info, struct client_info into rpcclient.h lib/genrand.c: Changed to use sys_random() & friends. lib/smbrun.c: Lose capabilities after fork. lib/system.c: Added set_process_capability(), set_inherited_process_capability() sys_random(), sys_srandom(). lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an 32 bit mounted NFS filesystem. nmbd/nmbd.c: Changed to use sys_random() & friends. nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends. passdb/ldap.c: Missed one pdb_encode_acct_ctrl call. passdb/passdb.c: Changed to Ander's code for ' ' characters. passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ. script/mkproto.awk: Added 'long' to prototypes. smbd/chgpasswd.c: Lose capabilities after fork. smbd/open.c: Do the mmap *after* the kernel oplock. smbd/oplock.c: Removed stub code from kernel oplock path. Added set_process_capability(), set_inherited_process_capability() calls. smbd/reply.c: Initialize count = 0, offset = 0. smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls. tests/summary.c: Ensure we have RANDOM or RAND. utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ. utils/torture.c: Changed to use sys_random() & friends. Jeremy. (This used to be commit e8be306f23963ac00b1a383ebe0cc1421529fb02)
1998-09-25added rpcclient programLuke Leighton1-1/+7
(This used to be commit aa38f39d67fade4dfd7badb7a9b39c833a1dd1ca)
1998-09-21replace getpass() with getsmbpass() if getsmbpass.c compilesAlexandre Oliva1-1/+1
(This used to be commit 9a5bdf5c1bef689fe0d6879949df869efbc34783)
1998-09-21major autoconf clean-upAlexandre Oliva1-0/+1
fix problems in builds with srcdir!=builddir (This used to be commit 1ffc3b807a3f80644c974b454ff5e6f68e89b546)
1998-09-18oops ... I got the filenames wrong in my cleanup of the wins databaseAndrew Tridgell1-1/+2
save, so it started saving weird filenames (from an unitialised fstring). chaos reigns! (This used to be commit 20a550d61e322cc9a0acfdf8fb974dafe0cd9603)
1998-09-18nmbd/nmbd_winsserver.c: Fixed printf style warning.Jeremy Allison1-1/+1
script/mkproto.awk: Added SMB_BIG_UINT. Jeremy. (This used to be commit c22c40f0caa7d6a9e8120e6415fa728db708db3e)
1998-09-17configure configure.in: Added tests for fseek64 and ftell64.Jeremy Allison1-1/+1
config.h.in: Added fseek64 and ftell64. includes.h: Added definition of SMB_BIG_INTEGER. smb.h: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. access.c: Tidyup of dbug statement. system.c: Added sys_fseek and sys_ftell. Changed mode calls to use mode_t. asyncdns.c: Tidyup of comment. loadparm.c: Tidyup of set_default_server_announce_type() function definition. ldap.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. nispass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. smbpass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. smbpassfile.c: Use sys_fseek(). chgpasswd.c: Tidyup of debug statement. dosmode.c: Changed mode calls to use mode_t. ipc.c: Removal of dead code. nttrans.c: Changed mode calls to use mode_t. open.c: Changed mode calls to use mode_t. pipes.c: Removal of dead code. reply.c: Removal of dead code. trans2.c: Removal of dead code. Changed mode calls to use mode_t. Jeremy. (This used to be commit c381d32e3dc23fe887408016cae821aceb30da2c)
1998-09-17fixed another potential fork bomb where the wins file becomesAndrew Tridgell2-0/+5
non-writeable for some reason. (This used to be commit 9edd43dcd6cc040416f11e00320c53682558fd8a)
1998-09-17fixed the nmbd fork bomb. It was a silly mistake, asAndrew Tridgell1-0/+3
expected. wins_write_database() didn't exit after doing its stuff, so when it returned you had two copies of nmbd :) (This used to be commit 5e6488d4830016ea720a644c1b1ae25b336d3b8b)
1998-09-17fixed a typo in my last commitAndrew Tridgell1-1/+1
(This used to be commit 31b4048362c63ab19e9ef35453c3763eec8b8f2b)
1998-09-17fixed a potential problem with wins_write_database() child processes.Andrew Tridgell3-13/+13
In sig_term() we were calling wins_write_database(0) which would fork a child. This child might then get killed by the same process killing off the parent. That process would then fork another child etc. The solution is to pass a "background" flag to wins_write_database(0) and only fork if this is set. (This used to be commit 1e1a512e3ff59f962fb3de382f671618bed60839)
1998-09-10fixed a bug in the wins database writer that caused the database to beAndrew Tridgell1-3/+11
written continuously rather than once every 5 seconds (at most). also changed it to 20 seconds :) (This used to be commit 1b07de7079e81da9c0b930bdc30ae0451b57d53a)
1998-09-09Copyright notices written to debug logs are now through 1998.Christopher R. Hertel1-1/+1
Chris -)----- (This used to be commit ac13c29d46f564fc340b652b4b71dfa92e4b5b16)
1998-09-05tridge the destroyer returns!Andrew Tridgell6-168/+10
prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
1998-09-02we are never interested in SIGPIPE so just ignore (block) itAndrew Tridgell1-12/+2
always. Don't even install a handler. (This used to be commit 72c383f4b7bcce5374632dc972df16ab0e2542b9)
1998-08-31I looked at the refresh issue a bit more and discovered that SambaAndrew Tridgell1-3/+4
also doesn't switch to a registration if a refresh fails, instead the name is removed! This makes it even more imortant that a Samba WINS server accepts refresh requests as registration requests if the name is not registered. I've gone ahead and implemented this. (This used to be commit 07f825fc9491bb5adac047854e67c63f7757143b)
1998-08-31minor fixes to the DMB<->DMB sync code. We now get the dmb name fromAndrew Tridgell1-5/+10
the local_master name on the unicast subnet if it is unknown. (This used to be commit 222b6d90e09288091028f5e0435f1d4a74153f66)
1998-08-31I realised that my DMB<->DMB sync code has the property that theAndrew Tridgell2-2/+20
amount of network traffic grows as the square of the number of workgroups. It probably wouldn't have caused problems but to be safe I changed the code to use random() to decrease the probability of a DMB<->DMB sync in proportion to the number of known workgroups. This keeps the nice browse connectivity while making the traffic rise only linearly with the number of workgroups. (This used to be commit 685f4ef2e1f83ab39e91229cf53a61eecb6181eb)
1998-08-31set a maximum name refresh time of 20 minutes.Andrew Tridgell2-3/+3
The previous code was strictly correct, but not very practical. self names were only refreshed every 3 days. I hit a situation where the Samba WINS server was restarted after deleting wins.dat and didn't notice some remote subnets (also running Samba). I realised that the complete database wouldn't have been rebuilt for 3 days, which is way too long. In order to recover from WINS restarts we need a much shorter maximum refresh time. (This used to be commit 1d23dd0912e81ff72695bd043e8e2aee32da18a8)
1998-08-31bounds check next_token() to prevent possible buffer overflowsAndrew Tridgell4-16/+16
(This used to be commit 3eade55dc7c842bdc50205c330802d211fae54d3)
1998-08-30added a dest_port parameter to send_mailslot() so we send replies toAndrew Tridgell6-21/+25
the correct port in environments like ip masq. (This used to be commit 7d455ee637b6ff70c95845f89d71573ca07b83f3)
1998-08-30a couple of debug linesAndrew Tridgell1-0/+2
(This used to be commit 03d343ddf5ef672afb3cf1fa65f86eb2c0a48772)
1998-08-30finished the asynchronous browse synchronisation code. It even seemsAndrew Tridgell3-141/+337
to work (not a lot of testing yet though). Now we just need to deal with people worried about having more than two nmbd processes sometimes. (the async processes are created on demand for browse sync, so you'll only see more than 2 occasionally) (This used to be commit a350a54680e4170e2adf571b010ea508e7291780)
1998-08-30we we have successfully done a query on *<1b> from a wins server andAndrew Tridgell1-7/+25
then obtained a node status response we need to remember the server name of the master browser so that other browse clients asking us for a workgroup list will get a entry for the master of that workgroup. (This used to be commit 601f995ffbfa0ee477ea628d92b9660d6bdd8cbc)
1998-08-30changed the way that name query records are sorted in replies. TheyAndrew Tridgell2-36/+9
are now sorted by the number of common leading bits in the IP address with the address of the querying host. (This used to be commit 4460a1bc6aa7666d1c71d32ba73855d6ed32320a)
1998-08-30include our netbios names list and our workgroup in the wins.dat hashAndrew Tridgell1-2/+22
(This used to be commit f555a76df696a0625acc16fa365dc048e0c2447d)
1998-08-30changed the format of the wins.dat file slightly.Andrew Tridgell1-0/+16
It now has a line like this: VERSION 1 251152 the first number is a version #define in nmbd_winsserver.c and will be used if we ever have to change the format again. The second number is a hash of the current interfaces setting. It is used to detect the case where nmbd is restarted on a machine after the IP of the machine has changed (or the interfaces list has changed in any way). When that happens we need to discard the old wins.dat cache or you end up with chaos. This has bitten quite a few people, they find that when they move a machine it continues using the old IP for some things for the next week until the wins entries time out! I've checked, and the old nmbd can handle the new format, although it does spit out a spurious error message about the VERSION line. So users can safely run 2.0alpha then switch back to 1.9.18 without problems. (This used to be commit c4a8cdc60a5b01894ab2456e77b6d89d4c16a088)
1998-08-30added some defensive programming to nmbd. This mostly means zeroingAndrew Tridgell9-13/+29
areas of memory before freeing them. While doing this I also found a couple of real bugs. In two places we were freeing some memory that came from the stack, which leads to a certain core dump on many sytems. (This used to be commit c5e5c25c854e54f59291057ba47c4701b5910ebe)
1998-08-29don't exit on a SIGPIPEAndrew Tridgell1-2/+1
(This used to be commit f18b4e95bffb25fa016dd6e7f9a128a9fc69466f)
1998-08-28This checking fixes the statcache bug that stopped NetBench from runningJeremy Allison1-1/+1
correctly. Added new parameter "stat cache size" - set to 50 by default. I now declare the statcache code officially "open" for business :-). It gets a hit rate of 97% with a NetBench run and seems to make using a case insensitive run as efficient as a case sensitive run. Also tidied up our sys_select usage - added a maxfd parameter and also added an implementation of select in terms of poll(), for systems where poll() is much faster. This is disabled by default. Jeremy. (This used to be commit 779b924ec1f6c81ff578d22295b20fece698d1fc)
1998-08-28nmbd would core dump if a large number of netbios aliases is set. TheAndrew Tridgell1-2/+3
problem was a buffer overflow in process_node_status_request(). this really points out a general problem is allocating MAX_DGRAM_SIZE packets on the stack in nmbd. There must be a better way. (This used to be commit 7db45f169c33e0f3a67ba2260049226992de8bdf)