summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_srvsvc_nt.c
AgeCommit message (Collapse)AuthorFilesLines
2004-03-01Ok here it is my latest work on privilegesSimo Sorce1-18/+52
This patch add privilege support for samba Currently it is implemented only for tdbsam backend but estending it to other sam backends is straightforward. I must make a big thank to JFM for his teachings on the matter and the functions at the base of this work. At thye moment only samr_create_user honours SeAddUsersPrivilege and SeMachineAccountPrivilege to permit any user to add machines and/or users to the server. The command "net priv" has been provided to manipulate the privileges database. There are still many things to do (like support in "net rpc vampire") but the working core is here. Feel free to comment/extend on this work. Of course I will deny that any bug may affect this code :-) Simo. This patch adds also my patch about add share command enhancements. (This used to be commit 7a78c3605e203bd8e0d7ae244605f076a5d0b0bc)
2003-11-19Correct fix for '$' termination test.Jeremy Allison1-2/+1
Jeremy. (This used to be commit b93e44e01edb432e11b9ad6aeb4d4eea0f7fa433)
2003-11-18Fix to correct checking of '$' name termination.Rafal Szczesniak1-1/+1
Patch by metze. rafal (This used to be commit 7191186fc64eb0b8092a2f6f1e89b6b6a6df7627)
2003-09-19Ensure that dup_sec_desc copies the 'type' field correctly. This causedJeremy Allison1-1/+1
me to expose a type arguement to make_sec_desc(). We weren't copying the SE_DESC_DACL_AUTO_INHERITED flag which could cause errors on auto inherited checks. Jeremy. (This used to be commit 546b2271c08735ac1049a453abac996d794aa364)
2003-07-16trying to get HEAD building again. If you want the codeGerald Carter1-11/+22
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
2003-03-18Ensure dev in make_connection is const.Jeremy Allison1-1/+1
Jeremy. (This used to be commit e8155fade61e9dc308a82f442453803160c36806)
2003-03-16Make sure we mark the assumption of a fstring parameter for 'devicetype'Andrew Bartlett1-2/+7
in the function prototype, and change callers to respect this. Andrew Bartlett (This used to be commit 9f3d3c380120f16d76d68f346799282d61eec892)
2003-01-14A couple more pstcpy/fstrcpy mixups - doing an fstrcpy into a pstring isAndrew Bartlett1-3/+3
harmless, but breaks my automated check. (This used to be commit e5d2b1f6c3c0883054f4e0eab2cac958706a790d)
2003-01-02BIG patch...Andrew Bartlett1-2/+2
This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett (This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
2002-12-20Forward port the change to talloc_init() to make all talloc contextsJeremy Allison1-2/+2
named. Ensure we can query them. Jeremy. (This used to be commit 842e08e52a665ae678eea239759bb2de1a0d7b33)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-5/+3
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
2002-10-04Add a timeout to tdb_lock_bystring(). Ensure we never have more thanJeremy Allison1-1/+1
MAX_PRINT_JOBS in a queue. Jeremy. (This used to be commit bb58a08af459b4abae9d53ab98c15f40638ce52b)
2002-08-20Based orginally by work by Kai, this patch moves our NT_TOKEN generation intoAndrew Bartlett1-3/+3
our authenticaion code - removing some of the duplication from the current code. This also gets us *much* closer to supporting a real SAM backend, becouse the SAM can give us the right info then. This also changes our service.c code, so that we do a VUID (rather than uid) cache on the connection struct, and do full NT ACL/NT_TOKEN checks (or cached equivilant) on every packet, for the same r or rw mode the whole share was open for. Andrew Bartlett (This used to be commit d8122cee059fc7098bfa7e42e638a9958b3ac902)
2002-07-28Fix a missing 'no memory' return in last night's svrsvc code, and useAndrew Bartlett1-1/+1
sys_dup2() in a couple more places. Andrew Bartlett (This used to be commit e69b476626c802b1e1920f241733d0dd6d06a06e)
2002-07-27A very long time ago (actually 6 months ago) I promised to commit this codeAndrew Bartlett1-87/+307
to the Samba tree. Originally written by Nigel Williams" <nigel@veritas.com>, I've been trying to keep it in some form of shape for the last 6 months. In particular I think some of the code got committed a few months ago, and others have made changes to the CVS version over time. anyway, its finally in - and doesn't appear to have broken anything. Now to try the client-side patches :-) Andrew Bartlett (This used to be commit f9bac7c5c2c4ddf0bf39d596a7b922fbb17c6b16)
2002-07-15fixed a number of real bugs found by warnings on the 64 bit irix compilerAndrew Tridgell1-2/+0
(This used to be commit 04de6bbc8055e5547af41b10e284b722f40e726d)
2002-07-02Address the string_sub problem by changing len = 0 to mean "no expand".Jeremy Allison1-4/+4
Went through and checked all string_subs I could to ensure they're being used correctly. Jeremy. (This used to be commit 17cae0d683be404be69554cd0e84117bdcc56c87)
2002-07-01used findstatic.pl to make some variables static and remove some deadAndrew Tridgell1-1/+1
code (This used to be commit 91ad9041e9507d36eb3f40c23c5d4df61f139ef0)
2002-06-18more debug classess activatedSimo Sorce1-0/+3
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
2002-06-15Rework much of the service.c code:Andrew Bartlett1-3/+2
The aim of this execise is to give the 'security>=user' code a straight paper path. Security=share will sill call authorise_login(), but otherwise we avoid that mess. This allow *much* more accurate error code reporting, beocuse we don't start pretending that we can use the (nonexistant) password etc. Also in this patch is code to create the 'homes' share at session setup time (as we have done in the past - been broken recently) and to record this on the user's vuser struct for later reference. The changes here should also allow for much better use of %H (some more changes to come here). The service.c changes move a lot of code around, but are not as drastric as they look... (Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not '*total_entries' was compared). This code is needs testing, but passes my basic tests. I expect we have lost some functionality, but the stuff I had expected to loose was already broken before I started. In particular, we don't 'fall back' to guest if the user cannot access a share (for security=user). If you want this kind of stuff then you really want security=share anyway. Andrew Bartlett (This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c)
2002-06-03Fix netsessenum RPC. Correctly respond with as much info as we can.Jim McDonough1-5/+12
(This used to be commit c8781a3fdaa4d8cb81233582f29159ace7e436ac)
2002-06-03Move restrict anonymous checks into a general function calledTim Potter1-18/+21
pipe_access_check(). Eventually this can take a security descriptor as an argument as well. (This used to be commit 8bbdc674afef32621bf473ba1af76bae7270b818)
2002-05-31Update netfileenum on both client and server sides to do an arbitrary numberJim McDonough1-61/+27
of files. This was done to better enable net rpc file. Perhaps we can start giving back real info this way, too. (This used to be commit b3fea72ee9abd2441a49c35442c54819e4ba16ba)
2002-05-31Return access denied for net_share_enum when restrict anonymous > 0Tim Potter1-0/+17
(This used to be commit 5df1aa9f20ae2036848b7e46703bfd3a923d7b4f)
2002-04-11merge from 2.2Gerald Carter1-1/+0
(This used to be commit 7db47c6647d764739e395948699cf115c4da4c8d)
2002-04-10Added Shirish's client side caching policy change.Jeremy Allison1-0/+52
Jeremy. (This used to be commit 16015c07eab2e57fa3771051e3e08fde21757cfa)
2002-03-31Removed unused variable.Tim Potter1-1/+0
(This used to be commit 3e58e9dbabc4e4a1289ff6a43ddbb5de37b02515)
2002-03-23Fix the mp3 rename bug - also tidy up our open code and remove the specialJeremy Allison1-2/+2
cases for rename and unlink. Had to add desired_access into the share mode record. Jeremy. (This used to be commit 3b1b8ac43535fb0839c5474fa55bf7150f6cde31)
2002-03-22Stomped on some header file version numbers that have crept back in.Tim Potter1-1/+1
(This used to be commit e66bdf1229ba84f64c19e817e2c4081dbbf0bee8)
2002-03-05Fix the NTSTATUS -> WERROR for srvsvc pipe.Jeremy Allison1-137/+128
Jeremy. (This used to be commit 2b85d3570c2b149049482c3878c50cf8f5bfca61)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-09When re-writing tdb version numbers as little endian int32, we mustJeremy Allison1-6/+7
change the version number also. Jeremy. (This used to be commit 3dec9cf99a82bd15626eb99e7d937ff00183cc05)
2002-01-09Fixed all uses of tdb_fetch/store/_int to use explicit int32 little endianJeremy Allison1-18/+29
in tdb's. All except winbindd_idmap.... Hmmmmmm. Jeremy. (This used to be commit ec71f1732b6b27bd2d65b250a6f3720a235dc38d)
2002-01-03Fixed nasty cast of tdb_delete in traversals.Jeremy Allison1-1/+1
Jeremy. (This used to be commit a0cdec3acc82d1ce0292fadd4b8dac23638450f3)
2001-12-31- portablitity fixes for cc -64 on irixAndrew Tridgell1-1/+1
- fixed gid* bug in rpc_server (This used to be commit 48aa90c48c5f0e3054c4acdc49668e222e7c0d36)
2001-12-21Add an output parameter to message_send_all that says how manyMartin Pool1-3/+6
messages were sent, so you know how many replies to expect. Const and doc religion. (This used to be commit 22e510ea0d69356be4fd2fa5ad9e9f4e84f62337)
2001-11-23Sorry. I broke the build, missed on open_directory call.Jeremy Allison1-2/+2
Jeremy. (This used to be commit fe288b14cc7f2bc6b8427438da672e7dd7812027)
2001-11-19Store some path names in global variables initialized to configureMartin Pool1-3/+3
default, rather than in preprocessor macros. (This used to be commit 79ec88f0da40faebe1e587f1b3e87b5f2b184f58)
2001-10-31This is a farily large patch (3300 lines) and reworks most of the AuthRewriteAndrew Bartlett1-6/+6
code. In particular this assists tpot in some of his work, becouse it provides the connection between the authenticaion and the vuid generation. Major Changes: - Fully malloc'ed structures. - Massive rework of the code so that all structures are made and destroyed using malloc and free, rather than hanging around on the stack. - SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them to be declared 'invalid' without the chance that people might get ROOT by default. - kill off some of the "DOMAIN\user" lookups. These can be readded at a more appropriate place (probably domain_client_validate.c) in the future. They don't belong in session setups. - Massive introduction of DATA_BLOB structures, particularly for passwords. - Use NTLMSSP flags to tell the backend what its getting, rather than magic lenghths. - Fix winbind back up again, but tpot is redoing this soon anyway. - Abstract much of the work in srv_netlog_nt back into auth helper functions. This is a LARGE change, and any assistance is testing it is appriciated. Domain logons are still broken (as far as I can tell) but other functionality seems intact. Needs testing with a wide variety of MS clients. Andrew Bartlett (This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c)
2001-10-18Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.Jeremy Allison1-1/+5
Ensure make_conection() can only be called as root. Jeremy. (This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
2001-10-10Back-out the share acl fix. Not needed (Gerald has been telling porkiesJeremy Allison1-16/+3
again :-) :-). Jeremy. (This used to be commit 3b56239c51da3bb24d9ac1ee1442717f597c682a)
2001-10-09Fix bug where removing root from a share SD stops further edit access.Jeremy Allison1-4/+17
Jeremy. (This used to be commit 4d57c7520fa106ef6c29c0678584e1726ded961f)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-1/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-26Added Elrond patch to make se_access_check use NT datastructures, not Samba.Jeremy Allison1-21/+6
Jeremy. (This used to be commit bca6419447e926e51aeecf3e484228f640cecb84)
2001-09-19fix debugAndrew Bartlett1-1/+1
(This used to be commit d103371e8028efb6eec3c4b917b68734832f5844)
2001-09-19Reverse some of the breakage I commited a day or two ago, as we need toAndrew Bartlett1-5/+21
fill out the user_info struct (otherwise we don't have a vuid for make_connection()). Also add a become_user() call, becouse it really looks like it was missing (we must pass it anyway to finish make_connection()). Is there any reason not to be the user when reading an ACL? Finally, fix up some formatting to show that the two functions are almost identical. Andrew Bartlett (This used to be commit 00c667c0ad922a1bf388b8a2b8c6137fc7f0acaa)
2001-09-15Looks like it missed these. make_connection now no longer takes a 'username'Andrew Bartlett1-2/+0
argument. (This used to be commit 0e1322227b0a91226b4b85c8e0ff838ebfd9e962)
2001-09-15Kill off the //server/share%user hack in share level security.Andrew Bartlett1-12/+6
This should help make much of this code simpiler. Andrew Bartlett (This used to be commit fb0c3629c360fd0c57129500474960e6da6f9ef0)
2001-09-12- enable MSDFS by default, there seems no reason not to have it enabledAndrew Tridgell1-3/+0
by default in Samba 3.x - got rid of some unused parameters in Makefile.in - declare DEBUGLEVEL in debug.h rather than in each file (This used to be commit b8651acb9c0d7248a6a2e82c33b1e43633fd83fd)
2001-09-06got rid of USE_TDB_MMAP_FLAG as its not needed any moreAndrew Tridgell1-1/+1
(This used to be commit c26e0d3f27a05ecc8bd2390f9aab7f9451524e47)