summaryrefslogtreecommitdiff
path: root/source3/smbd/reply.c
AgeCommit message (Collapse)AuthorFilesLines
1999-11-21implement server-side generation of NTLMv2 session key. YESSS :-)Luke Leighton1-1/+1
(This used to be commit 1092b4f6fbdf3770c0dab756b982a562def1738e)
1999-11-21hmmm... have to add client-side support in domain_client_validate() toLuke Leighton1-4/+6
_use_ user session key. (This used to be commit be6a6b13939798a9c7242b38864f0ce842391a74)
1999-11-20modified domain_client_validate to take trust account name / type. thisLuke Leighton1-5/+56
is to pass DOMAIN_NAME$ and SEC_CHAN_DOMAIN instead of WKSTA_NAME$ and SEC_CHAN_WKSTA. modified check_domain_security to determine if domain name is own domain, and to use wksta trust account if so, otherwise check "trusting domains" parameter and use inter-domain trust account if so, otherwise return False. (This used to be commit 97ec74e1fa99d773812d2df402251fafb76b181c)
1999-11-15- added DCE/RPC "fault" PDU support.Luke Leighton1-0/+4
- disabled (AGAIN) the GETDC "if (MAILSLOT\NTLOGON)" code that will get NT5rc2 to work but WILL break win95 (AGAIN). this needs _not_ to be re-enabled but to be replaced with a better mechanism. - added SMBwrite support (note: SMBwriteX already existed) as NT5rc2 is sending DCE/RPC over SMBwrite not SMBwriteX. (This used to be commit 25c70e3c984c4fed19763ed405741e83fe14f87e)
1999-07-21comments requested by jeremy as to why NT/95 NULL-password distinction hackLuke Leighton1-1/+6
was modified. (This used to be commit 50f7bd8a9c47d073bbde66ae26e9f71f030afc4c)
1999-07-15work-around for win95 NULL session bug: NULL password actually beingLuke Leighton1-3/+13
placed in data stream before username / domain, whereas NT doesn't do this... (This used to be commit 44e6d4c1b0b6ae54e76e96471b40bb784c8b3c8c)
1999-07-15more dfs stuff. this looks like it's going to be more appropriate to useLuke Leighton1-25/+75
the vfs tables. at the moment, i replaced all calls to unix_convert() with unix_dfs_convert(). this does the job, but it's not very nice. (This used to be commit 00d4aebce9f268a737ef9df9bdbe59f8fe831979)
1999-07-12lengths of NT passwords when "encrypt passwords = no" can be completelyLuke Leighton1-1/+1
random. values seen can be as high as 18255. this fails the check of <= 24 which sets NT password length to 0, effectively ignoring it. the <= 24 was removed in reply_sesssetup_X. (This used to be commit 98d43b20dc4df72ddbfaeb34581222adc53d15dd)
1999-07-12Jean-Francois Micouleau's rewritten DFS patch, originally written byLuke Leighton1-0/+10
Nigel Williams. despite the data format being *exactly* the same as NT's, this still doesn't work yet. more work needed. (This used to be commit 270981960bb5aab52d2f8e494827101ece6729c4)
1999-07-06reporting failure to accept ntlmv2 (only) with down-level protocols (LANMAN1Luke Leighton1-3/+13
and below). (This used to be commit be7b978249ddb5e2e94aa160a360fecbf51f016e)
1999-06-29improving authentication code (tidyup).Luke Leighton1-3/+5
(This used to be commit ab1a6aa42db5217f025941fb5107436556bc23b7)
1999-06-24debugging of NBT messages added.Luke Leighton1-0/+3
(This used to be commit ceb20adb3c924818201fa8992e19e82f45b40710)
1999-06-13Moved code that changes the pw_passwd entry (i.e shadow password andTim Potter1-1/+1
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug. Note that the Get_Pwnam() function now returns a const struct passwd * as a hint to other developers not to change entries in the struct passwd. (This used to be commit 36d7cb4ccc42268e8e6a7b783c945d1853624958)
1999-04-20Changed arguments to fsync() function to break dependency onTim Potter1-13/+17
connection_struct. (This used to be commit ee6f826ccc0897a4538f6f9a560127c54a4c4038)
1999-04-04Fixed up incorrect calls to read_file().Tim Potter1-2/+2
(This used to be commit 17d007daa3d1fa60501eae1eecfc2d0f88c1692e)
1999-04-04Use VFS operations for file I/O.Tim Potter1-73/+80
(This used to be commit cfddbdb62485256a947a30e04c753200451cbe1c)
1999-03-25SAM database "set user info".Luke Leighton1-3/+4
---------------------------- - removed DOM_RID4 - removed SAMR_UNKNOWN_32 - added SAMR_SET_USERINFO (opcode 0x32) - added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user) - fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - added mod_sam21pwd_entry() - preparing to call mod_sam21pwd_entry() - added "user session key" to user_struct.dc. this is md4(nt#) and is needed to decode user's clear-text passwords in SAMR_SET_USERINFO. - split code out in chgpasswd.c to decode 516 byte password buffers. (This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)
1998-12-14trying to track down issues in get_home_dir().Luke Leighton1-1/+5
(This used to be commit 2cce78aa00f31b79d51aaf46da72019b926e8226)
1998-12-01check server role before doing nt user to unix user mappingLuke Leighton1-12/+15
(This used to be commit 9d4e810e7dd8d6d80b47204636f9a37774f95455)
1998-12-01andrej spotted that entries _not_ in domain map user were being refused.Luke Leighton1-10/+6
modified map_nt_and_unix_names() to never refuse a mapping (returns void now not BOOL). (This used to be commit faffcb3c8955dcea3987e2978dc34b4dba580167)
1998-12-01hm. removed the "if failed to map nt name to unix name, fail tcon call"Luke Leighton1-8/+2
restriction and "domain user map" seems to work. amazing. (This used to be commit 2c0d91e64a6b330b209ca62c3306ec1a53fda873)
1998-11-30attempting to fix "domain user map" up, but it's a bit complicated.Luke Leighton1-34/+56
i may simply go for a response in the NetSamLogon returning the unix username, forcing the NT user to appear to be a unix user, however even that is fraught with implications. might just have to go the whole hog and do this tuple thing, "unix_name + nt_name" always associated together... issue with api_net_sam_logon, getsam21pwent() being called twice, the second time overwriting static buffer data (argh) so had to make a copy. noticed a nested "become_root()"/"unbecome_root()" which will have to be tracked down... (This used to be commit 474f94f419a531e33b475249da7efb99ac22f454)
1998-11-25Makefile.in: Added maintainer mode fixes.Jeremy Allison1-14/+14
aclocal.m4: Added AC_LIBTESTFUNC. configure.in: Fixed -lsecurity -lsec problems. client.c: dos_ fixes. groupdb/aliasunix.c: Dead code removal. include/includes.h: Added default PRINTCAP_NAME. lib/genrand.c: dos_ fixes. lib/replace.c: Added strtoul. lib/system.c: dos_ fixes. lib/util.c: dos_ fixes. lib/util_sid.c: Signed/unsigned fixes. lib/util_str.c: removed bad const. locking/locking_slow.c: dos_ fixes. printing/printing.c: dos_ fixes. rpc_server/srv_samr.c: Dead code removal. rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN ! smbd/dir.c: dos_ fixes. smbd/open.c: dos_ fixes. smbd/oplock.c: dos_ fixes. smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes. Jeremy. (This used to be commit 6acb4b68f68d516e2ac3c47e500f5600d653435e)
1998-11-17Fixed NT modify timestamp issue.Jeremy Allison1-0/+11
If a client does a modify timestamp on an open file (which will do no good at all on UNIX :-) then keep the modify request pending in the files_struct and apply it at close instead. Jeremy. (This used to be commit 92a7a86f0e0255e3812dd35bebfcd653091514ae)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-1/+3
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-11-16O_EXCL fixes for printing files & oplocks.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 4ca71c90985b1c88d92bdd0f9079a4afc263dc46)
1998-11-15change ROUNDUP to SMB_ROUNDUP to prevent conflicts with system macrosAndrew Tridgell1-1/+1
(This used to be commit d9d44d98ec719b7fc6d5b0fc35bf8727f4cd0372)
1998-11-10include/local.h:Jeremy Allison1-6/+13
include/smb.h: param/loadparm.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-). printing/printing.c: Added J.F.'s latest fix. rpc_parse/parse_misc.c: parse_reg.c: rpcclient/cmd_reg.c: rpcclient/display.c: SGI compiler signed/unsigned issues. smbd/reply.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-). utils/testparm.c: Added extra test. Jeremy. (This used to be commit 9668a5ef50be2e6b575f9989e87ee2ff8da5ac1d)
1998-11-03Makefile.in configure configure.in include/proto.h smbd/noquotas.c ↵Jeremy Allison1-44/+86
smbd/quotas.c: Added quotas patch for autoconf from Dejan Ilic <svedja@lysator.liu.se>. printing/printing.c: Filenames with spaces patch from Allan Bjorklund <allan@umich.edu> utils/nmblookup.c: Fix usage() function. smbd/reply.c: Split out the security=server and security=domain checks into check_server_security() and check_domain_security() to aid the writing of the 'hack' appliance mode invented by John Schimmel. Jeremy. (This used to be commit f09ab9b52251087a58af92ec753537ca34a970fc)
1998-10-28Fix from thwartedefforts@wonky.org (slightly modified) toJeremy Allison1-1/+1
fix username overwriting problem in security=share. Jeremy. (This used to be commit 17621964344336c6303386c3c9e8a3e23b9e46e1)
1998-10-23Reasonably large change to give us *exactly* correct NT delete on close ↵Jeremy Allison1-1/+1
semantics. This was trickier than it looks :-). Check out the new DELETE_ON_CLOSE flag in the share modes and the new code that iterates through all open files on the same device and inode in files.c and trans2.c Also changed the code that modifies share mode entries to take generic function pointers rather than doing a specific thing so this sort of change should be easier in the future. Jeremy. (This used to be commit 5e6a7cd99d29d1cf068fc517272559c1cf47ea3a)
1998-10-23include/smb.h: Added #defines for lots of things - makes our code a *lot* ↵Jeremy Allison1-16/+22
easier to read. lib/util.c: Fixed Luke's set_first_token() function - should return void. smbd/close.c: Move delete_on_close into file_fd_struct structure. smbd/ipc.c: Changed local_machine back to fstring. smbd/nttrans.c: Use defines for mapping share modes. smbd/open.c: Move delete_on_close into file_fd_struct structure, added code for ALLOW_SHARE_DELETE. smbd/reply.c: Use defines for mapping share modes. smbd/trans2.c: Move delete_on_close into file_fd_struct structure. Jeremy. (This used to be commit 8e1ce307bd6a9056b4a95fe6f52ff42dc6e03a08)
1998-10-19- dce/rpc codeLuke Leighton1-1/+1
- removed debug info in struni2 and unistr2 (security risk) - rpc_pipe function was getting pointer to data then calling realloc *dur* - password check function, the start of "credential checking", user, wks, domain, pass as the credentials (not just user,pass which is incorrect in a domain context) - cli_write needs to return ssize_t not size_t, because total can be -1 if the write fails. - fixed signed / unsigned warnings (how come i don't get those any more when i compile with gcc???) - nt password change added in smbd. yes, jeremy, i verified that the SMBtrans2 version still works. (This used to be commit fcfb40d2b0fc565ee4f66b3a3761c246366a2ef3)
1998-10-18Fixed sys_lseek and seek_file calls so all returnsJeremy Allison1-15/+52
are *checked* :-). Jeremy. (This used to be commit b8b781191dd7d28944d87eec5fa0fbef798e289b)
1998-10-18check for lp_nt_pipe_support() in open callsAndrew Tridgell1-1/+1
(This used to be commit 44d901b3e040a520c4ad9089e68c566c78acacca)
1998-10-16made pass_check_smb() available for dce/rpc use.Luke Leighton1-2/+2
(This used to be commit 95e8a910c5d9ba0ef57669fb1256eaa932e0bb09)
1998-10-07dce/rpcLuke Leighton1-0/+4
(This used to be commit 34afa638f6f7bb145ec094510ac58f7a22dfc3aa)
1998-10-06implemented unix semantics for rename in smbwrapperAndrew Tridgell1-1/+1
(This used to be commit a5c18f9c82f5f76b00ff29c5668b4f0d3e8d6bd0)
1998-09-26Fixed the problem with reply_getatr() being passed a "" name in reply_getatr,Jeremy Allison1-8/+10
replaced the paranoid code in smbd/filename.c that replaces a "" with a ".". I am starting to think this code may well be needed. Jeremy. (This used to be commit bdc3d9f52fbded4b1483af8be0059decfd4bad34)
1998-09-25Makefile.in: Fixed bug with continuation line causing proto to fail.Jeremy Allison1-1/+1
Added $(PROGS) $(SPROGS) as targets for make clean. acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES. configure.in: Added sys/capability.h header check. Added function checks for srandom random srand rand. Added HAVE_IRIX_SPECIFIC_CAPABILITIES test. includes.h: Added #include <sys/capability.h>. ntdomain.h: Moved struct acct_info into here from smb.h smb.h: Added KERNEL_OPLOCK_CAPABILITY define. Moved enum action_type into rpcclient.h Moved struct cli_state into client.h Moved struct nt_client_info, struct tar_client_info, struct client_info into rpcclient.h lib/genrand.c: Changed to use sys_random() & friends. lib/smbrun.c: Lose capabilities after fork. lib/system.c: Added set_process_capability(), set_inherited_process_capability() sys_random(), sys_srandom(). lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an 32 bit mounted NFS filesystem. nmbd/nmbd.c: Changed to use sys_random() & friends. nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends. passdb/ldap.c: Missed one pdb_encode_acct_ctrl call. passdb/passdb.c: Changed to Ander's code for ' ' characters. passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ. script/mkproto.awk: Added 'long' to prototypes. smbd/chgpasswd.c: Lose capabilities after fork. smbd/open.c: Do the mmap *after* the kernel oplock. smbd/oplock.c: Removed stub code from kernel oplock path. Added set_process_capability(), set_inherited_process_capability() calls. smbd/reply.c: Initialize count = 0, offset = 0. smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls. tests/summary.c: Ensure we have RANDOM or RAND. utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ. utils/torture.c: Changed to use sys_random() & friends. Jeremy. (This used to be commit e8be306f23963ac00b1a383ebe0cc1421529fb02)
1998-09-23look at the CAP_NT_SMBS bit in the client capabilities to determine ifAndrew Tridgell1-3/+5
we should serve up volume labels as ascii or unicode. NT wants ascii, W95 wants unicode. It's a crazy protocol! (This used to be commit 24b8a757ae2899d54dd2b2f091a3c0de6de84dbb)
1998-09-203 changes:Andrew Tridgell1-2/+4
1) use lp_fstype() instead of FSTYPE_STRING 2) added SMB_SEARCH_BITS to the TconX reply options (in vwv3). I noted that NT sets this (undocumented) bit and setting it helped get autorun from exported cdroms working. 3) fixed volume labels in QFSINFO level 258. I made these changes while getting the Encyclopadia Brittanica CD to run from a Samba drive. (I bought it for Sue yesterday). The first and second changes allowed Samba to export CDs with autorun info and the client will autorun it when mounted. There are all sorts of nasty implications in that that perhaps we can go into on samba-technical. Think about creating some autorun info in /tmp/ then waiting for people to mount it as scratch space ... The last change was because EB wanted the right volume label. The code we had used a non unicode volume label but tests with W95->NT4 showed that it has to be unicode. There was a note in the code from Jeremy saying that he thought it should _not_ be unicode. Jeremy, can you explain why? It certainly didn't work as non-unicode (the client displays a garbage volume label) and when I fixed it to use unicode it all worked from Win95. and in case anyone is interested EB98 now works fine from a Samba drive :) (This used to be commit 66268ae5881f43fbdc1ccd751122ab2285c375ad)
1998-09-18Fixed problems with premature kernel oplock checkin code.Jeremy Allison1-1/+1
The ./configure & build now seem to work ok. Jeremy. (This used to be commit 7c1a5ed1c2a55543d3f3c8bbd38e6c9c35b80390)
1998-09-18fixed a typo (LLARGE_SMB_OFF_T instead of LARGE_SMB_OFF_T)Andrew Tridgell1-1/+1
(This used to be commit 3e77d94cd2d693490265b60ad7c576a25902d8ea)
1998-09-18include/includes.h:Jeremy Allison1-1/+1
lib/system.c: Can't assume every system has a statvfs varient. Return -1 for those that don't. smbd/reply.c: Fixed printf warning. Jeremy. (This used to be commit 14c134e8316687aa5a4ee089c2acfa6428faceae)
1998-09-17configure configure.in: Added checks for statvfs64. Last bit of 64 bit ↵Jeremy Allison1-1/+1
widening (I hope :-). include/config.h.in: Added #undef STAT_STATVFS64. include/includes.h: Added SMB_STRUCT_STATVFS type, Changed SMB_BIG_INTEGER to SMB_BIG_UINT and SMB_BIG_INT types. include/smb.h: Added flag defines from CIFS spec. lib/debug.c: Fixed one more mode_t issue. lib/system.c: Added sys_statvfs wrapper. lib/util.c: Changed trim_string to use size_t. param/loadparm.c: Moved "blocking locks" into locking section. Alphabetised locking options. Question - shuld we do this for all options ? passdb/ldap.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. passdb/nispass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. passdb/smbpass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. smbd/dfree.c: Changed to use 64 bit types if available. Moved to use unsigned types. smbd/dosmode.c: Fixed one more mode_t issue. smbd/negprot.c: Changed literals to be FLAG_ #defines. smbd/nttrans.c: Removed dead code. smbd/open.c: Changed disk_free call. smbd/process.c: Changed literals to be FLAG_ #defines. smbd/reply.c: Changed disk_free call. smbd/trans2.c: Fixed but in SMB_QUERY_FS_VOLUME_INFO call. Was using UNICODE - should use ascii. tests/summary.c: Added STAT_STATVFS64 check. Jeremy. (This used to be commit c512b1b91fb7f2a7a93b9033a33e06d966daadb4)
1998-09-17configure configure.in: Added tests for fseek64 and ftell64.Jeremy Allison1-24/+6
config.h.in: Added fseek64 and ftell64. includes.h: Added definition of SMB_BIG_INTEGER. smb.h: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. access.c: Tidyup of dbug statement. system.c: Added sys_fseek and sys_ftell. Changed mode calls to use mode_t. asyncdns.c: Tidyup of comment. loadparm.c: Tidyup of set_default_server_announce_type() function definition. ldap.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. nispass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. smbpass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. smbpassfile.c: Use sys_fseek(). chgpasswd.c: Tidyup of debug statement. dosmode.c: Changed mode calls to use mode_t. ipc.c: Removal of dead code. nttrans.c: Changed mode calls to use mode_t. open.c: Changed mode calls to use mode_t. pipes.c: Removal of dead code. reply.c: Removal of dead code. trans2.c: Removal of dead code. Changed mode calls to use mode_t. Jeremy. (This used to be commit c381d32e3dc23fe887408016cae821aceb30da2c)
1998-09-11Ok so with this bugfix 64 bit file access actually seems to work :-).Jeremy Allison1-3/+3
Problems were just dumb bugs like (defining sys_lseek to return 'int' DOH !). Jeremy. (This used to be commit 54dd51176fbab18af0b21bdee71b53f8f86573a8)
1998-09-11Ok - this is the 'expose 64 bit to the clients' checkin.Jeremy Allison1-10/+10
I have tested it by creating a 'holey' 20GB file - checking that it shows up correctl in the NT file view (it does) and am busily copying it to NULL: on the NT box. All good so far.... :-). Also implemented NT 'delete on close' semantics. Jeremy. (This used to be commit 1654faee80648583e6a47ab7eda990fefdf85124)
1998-09-11Added ssize_t to configure code.Jeremy Allison1-148/+215
Got 'religion' about using size_t and ssize_t for read/write stuff as part of the code to expose 64 bits to the client. This checkin does all the 'easy' stuff - such as all the read/write/lock calls - but now comes the harder parts (open & friends) and all the file enquiry functions..... Jeremy. (This used to be commit 36544fe5476f7770bd5748574fc54be7b3ee4d4a)