summaryrefslogtreecommitdiff
path: root/source3/smbd/reply.c
AgeCommit message (Collapse)AuthorFilesLines
1999-12-21first cut at using the tdb code for the connections structure, theAndrew Tridgell1-1/+1
SWAT status page and smbstatus. It made the code _much_ simpler, I wish we'd done a database module a long time ago! (This used to be commit 4951755413c11d4c5b9af4699a6e622056d52433)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-718/+1111
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-12-12changed function name of get_home_dir() to get_unixhome_dir(), to stopLuke Leighton1-1/+1
clash with gnu readline library. fixed issue with [homes] service not being there - call lp_add_home() just before starting the msrpc processing. (This used to be commit 054195df9b6187c663ede5cf4489499abbdc29fc)
1999-12-12final part of "first" phase converting over to msrpc daemon architecture.Luke Leighton1-35/+3
done a minimal amout of clean-up in the Makefile, removing unnecessary modules from the link stage. this is not complete, yet, and will involve some changes, for example to smbd, to remove dependencies on the password database API that shouldn't be there. for example, smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa API. this first implementation has minor problems with not reinstantiating the same services as the caller. the "homes" service is a good example. (This used to be commit caa50525220b0d0250fa139367593c2de2c12135)
1999-12-06the first independent msrpc daemon - lsarpcd.Luke Leighton1-2/+3
one horrible cut / paste job from smbd, plus a code split of shared components between the two. the job is not _yet_ complete, as i need to be able to do a become_user() call for security reasons. i picked lsarpcd first because you don't _need_ security on it (microsoft botched so badly on this one, it's not real. at least they fixed this in nt5 with restrictanonymous=0x2). fixing this involves sending the current smb and unix credentials down the unix pipe so that the daemon it eventually goes to can pick them up at the other end. i can't believe this all worked!!! (This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)
1999-12-02domain_client_validate() no longer takes serverlist, it callsLuke Leighton1-10/+1
get_any_dc_name(). (This used to be commit e21367c0ebdc5e202cdc39d50950bff089bf67f8)
1999-12-02need a domain resolving function, but get_trusted_serverlist() will do.Luke Leighton1-30/+6
this is horrible. (This used to be commit 9df973fe711f322075d86d6792d6c0b8539c1d00)
1999-11-21implement server-side generation of NTLMv2 session key. YESSS :-)Luke Leighton1-1/+1
(This used to be commit 1092b4f6fbdf3770c0dab756b982a562def1738e)
1999-11-21hmmm... have to add client-side support in domain_client_validate() toLuke Leighton1-4/+6
_use_ user session key. (This used to be commit be6a6b13939798a9c7242b38864f0ce842391a74)
1999-11-20modified domain_client_validate to take trust account name / type. thisLuke Leighton1-5/+56
is to pass DOMAIN_NAME$ and SEC_CHAN_DOMAIN instead of WKSTA_NAME$ and SEC_CHAN_WKSTA. modified check_domain_security to determine if domain name is own domain, and to use wksta trust account if so, otherwise check "trusting domains" parameter and use inter-domain trust account if so, otherwise return False. (This used to be commit 97ec74e1fa99d773812d2df402251fafb76b181c)
1999-11-15- added DCE/RPC "fault" PDU support.Luke Leighton1-0/+4
- disabled (AGAIN) the GETDC "if (MAILSLOT\NTLOGON)" code that will get NT5rc2 to work but WILL break win95 (AGAIN). this needs _not_ to be re-enabled but to be replaced with a better mechanism. - added SMBwrite support (note: SMBwriteX already existed) as NT5rc2 is sending DCE/RPC over SMBwrite not SMBwriteX. (This used to be commit 25c70e3c984c4fed19763ed405741e83fe14f87e)
1999-07-21comments requested by jeremy as to why NT/95 NULL-password distinction hackLuke Leighton1-1/+6
was modified. (This used to be commit 50f7bd8a9c47d073bbde66ae26e9f71f030afc4c)
1999-07-15work-around for win95 NULL session bug: NULL password actually beingLuke Leighton1-3/+13
placed in data stream before username / domain, whereas NT doesn't do this... (This used to be commit 44e6d4c1b0b6ae54e76e96471b40bb784c8b3c8c)
1999-07-15more dfs stuff. this looks like it's going to be more appropriate to useLuke Leighton1-25/+75
the vfs tables. at the moment, i replaced all calls to unix_convert() with unix_dfs_convert(). this does the job, but it's not very nice. (This used to be commit 00d4aebce9f268a737ef9df9bdbe59f8fe831979)
1999-07-12lengths of NT passwords when "encrypt passwords = no" can be completelyLuke Leighton1-1/+1
random. values seen can be as high as 18255. this fails the check of <= 24 which sets NT password length to 0, effectively ignoring it. the <= 24 was removed in reply_sesssetup_X. (This used to be commit 98d43b20dc4df72ddbfaeb34581222adc53d15dd)
1999-07-12Jean-Francois Micouleau's rewritten DFS patch, originally written byLuke Leighton1-0/+10
Nigel Williams. despite the data format being *exactly* the same as NT's, this still doesn't work yet. more work needed. (This used to be commit 270981960bb5aab52d2f8e494827101ece6729c4)
1999-07-06reporting failure to accept ntlmv2 (only) with down-level protocols (LANMAN1Luke Leighton1-3/+13
and below). (This used to be commit be7b978249ddb5e2e94aa160a360fecbf51f016e)
1999-06-29improving authentication code (tidyup).Luke Leighton1-3/+5
(This used to be commit ab1a6aa42db5217f025941fb5107436556bc23b7)
1999-06-24debugging of NBT messages added.Luke Leighton1-0/+3
(This used to be commit ceb20adb3c924818201fa8992e19e82f45b40710)
1999-06-13Moved code that changes the pw_passwd entry (i.e shadow password andTim Potter1-1/+1
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug. Note that the Get_Pwnam() function now returns a const struct passwd * as a hint to other developers not to change entries in the struct passwd. (This used to be commit 36d7cb4ccc42268e8e6a7b783c945d1853624958)
1999-04-20Changed arguments to fsync() function to break dependency onTim Potter1-13/+17
connection_struct. (This used to be commit ee6f826ccc0897a4538f6f9a560127c54a4c4038)
1999-04-04Fixed up incorrect calls to read_file().Tim Potter1-2/+2
(This used to be commit 17d007daa3d1fa60501eae1eecfc2d0f88c1692e)
1999-04-04Use VFS operations for file I/O.Tim Potter1-73/+80
(This used to be commit cfddbdb62485256a947a30e04c753200451cbe1c)
1999-03-25SAM database "set user info".Luke Leighton1-3/+4
---------------------------- - removed DOM_RID4 - removed SAMR_UNKNOWN_32 - added SAMR_SET_USERINFO (opcode 0x32) - added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user) - fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - added mod_sam21pwd_entry() - preparing to call mod_sam21pwd_entry() - added "user session key" to user_struct.dc. this is md4(nt#) and is needed to decode user's clear-text passwords in SAMR_SET_USERINFO. - split code out in chgpasswd.c to decode 516 byte password buffers. (This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)
1998-12-14trying to track down issues in get_home_dir().Luke Leighton1-1/+5
(This used to be commit 2cce78aa00f31b79d51aaf46da72019b926e8226)
1998-12-01check server role before doing nt user to unix user mappingLuke Leighton1-12/+15
(This used to be commit 9d4e810e7dd8d6d80b47204636f9a37774f95455)
1998-12-01andrej spotted that entries _not_ in domain map user were being refused.Luke Leighton1-10/+6
modified map_nt_and_unix_names() to never refuse a mapping (returns void now not BOOL). (This used to be commit faffcb3c8955dcea3987e2978dc34b4dba580167)
1998-12-01hm. removed the "if failed to map nt name to unix name, fail tcon call"Luke Leighton1-8/+2
restriction and "domain user map" seems to work. amazing. (This used to be commit 2c0d91e64a6b330b209ca62c3306ec1a53fda873)
1998-11-30attempting to fix "domain user map" up, but it's a bit complicated.Luke Leighton1-34/+56
i may simply go for a response in the NetSamLogon returning the unix username, forcing the NT user to appear to be a unix user, however even that is fraught with implications. might just have to go the whole hog and do this tuple thing, "unix_name + nt_name" always associated together... issue with api_net_sam_logon, getsam21pwent() being called twice, the second time overwriting static buffer data (argh) so had to make a copy. noticed a nested "become_root()"/"unbecome_root()" which will have to be tracked down... (This used to be commit 474f94f419a531e33b475249da7efb99ac22f454)
1998-11-25Makefile.in: Added maintainer mode fixes.Jeremy Allison1-14/+14
aclocal.m4: Added AC_LIBTESTFUNC. configure.in: Fixed -lsecurity -lsec problems. client.c: dos_ fixes. groupdb/aliasunix.c: Dead code removal. include/includes.h: Added default PRINTCAP_NAME. lib/genrand.c: dos_ fixes. lib/replace.c: Added strtoul. lib/system.c: dos_ fixes. lib/util.c: dos_ fixes. lib/util_sid.c: Signed/unsigned fixes. lib/util_str.c: removed bad const. locking/locking_slow.c: dos_ fixes. printing/printing.c: dos_ fixes. rpc_server/srv_samr.c: Dead code removal. rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN ! smbd/dir.c: dos_ fixes. smbd/open.c: dos_ fixes. smbd/oplock.c: dos_ fixes. smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes. Jeremy. (This used to be commit 6acb4b68f68d516e2ac3c47e500f5600d653435e)
1998-11-17Fixed NT modify timestamp issue.Jeremy Allison1-0/+11
If a client does a modify timestamp on an open file (which will do no good at all on UNIX :-) then keep the modify request pending in the files_struct and apply it at close instead. Jeremy. (This used to be commit 92a7a86f0e0255e3812dd35bebfcd653091514ae)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-1/+3
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-11-16O_EXCL fixes for printing files & oplocks.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 4ca71c90985b1c88d92bdd0f9079a4afc263dc46)
1998-11-15change ROUNDUP to SMB_ROUNDUP to prevent conflicts with system macrosAndrew Tridgell1-1/+1
(This used to be commit d9d44d98ec719b7fc6d5b0fc35bf8727f4cd0372)
1998-11-10include/local.h:Jeremy Allison1-6/+13
include/smb.h: param/loadparm.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-). printing/printing.c: Added J.F.'s latest fix. rpc_parse/parse_misc.c: parse_reg.c: rpcclient/cmd_reg.c: rpcclient/display.c: SGI compiler signed/unsigned issues. smbd/reply.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-). utils/testparm.c: Added extra test. Jeremy. (This used to be commit 9668a5ef50be2e6b575f9989e87ee2ff8da5ac1d)
1998-11-03Makefile.in configure configure.in include/proto.h smbd/noquotas.c ↵Jeremy Allison1-44/+86
smbd/quotas.c: Added quotas patch for autoconf from Dejan Ilic <svedja@lysator.liu.se>. printing/printing.c: Filenames with spaces patch from Allan Bjorklund <allan@umich.edu> utils/nmblookup.c: Fix usage() function. smbd/reply.c: Split out the security=server and security=domain checks into check_server_security() and check_domain_security() to aid the writing of the 'hack' appliance mode invented by John Schimmel. Jeremy. (This used to be commit f09ab9b52251087a58af92ec753537ca34a970fc)
1998-10-28Fix from thwartedefforts@wonky.org (slightly modified) toJeremy Allison1-1/+1
fix username overwriting problem in security=share. Jeremy. (This used to be commit 17621964344336c6303386c3c9e8a3e23b9e46e1)
1998-10-23Reasonably large change to give us *exactly* correct NT delete on close ↵Jeremy Allison1-1/+1
semantics. This was trickier than it looks :-). Check out the new DELETE_ON_CLOSE flag in the share modes and the new code that iterates through all open files on the same device and inode in files.c and trans2.c Also changed the code that modifies share mode entries to take generic function pointers rather than doing a specific thing so this sort of change should be easier in the future. Jeremy. (This used to be commit 5e6a7cd99d29d1cf068fc517272559c1cf47ea3a)
1998-10-23include/smb.h: Added #defines for lots of things - makes our code a *lot* ↵Jeremy Allison1-16/+22
easier to read. lib/util.c: Fixed Luke's set_first_token() function - should return void. smbd/close.c: Move delete_on_close into file_fd_struct structure. smbd/ipc.c: Changed local_machine back to fstring. smbd/nttrans.c: Use defines for mapping share modes. smbd/open.c: Move delete_on_close into file_fd_struct structure, added code for ALLOW_SHARE_DELETE. smbd/reply.c: Use defines for mapping share modes. smbd/trans2.c: Move delete_on_close into file_fd_struct structure. Jeremy. (This used to be commit 8e1ce307bd6a9056b4a95fe6f52ff42dc6e03a08)
1998-10-19- dce/rpc codeLuke Leighton1-1/+1
- removed debug info in struni2 and unistr2 (security risk) - rpc_pipe function was getting pointer to data then calling realloc *dur* - password check function, the start of "credential checking", user, wks, domain, pass as the credentials (not just user,pass which is incorrect in a domain context) - cli_write needs to return ssize_t not size_t, because total can be -1 if the write fails. - fixed signed / unsigned warnings (how come i don't get those any more when i compile with gcc???) - nt password change added in smbd. yes, jeremy, i verified that the SMBtrans2 version still works. (This used to be commit fcfb40d2b0fc565ee4f66b3a3761c246366a2ef3)
1998-10-18Fixed sys_lseek and seek_file calls so all returnsJeremy Allison1-15/+52
are *checked* :-). Jeremy. (This used to be commit b8b781191dd7d28944d87eec5fa0fbef798e289b)
1998-10-18check for lp_nt_pipe_support() in open callsAndrew Tridgell1-1/+1
(This used to be commit 44d901b3e040a520c4ad9089e68c566c78acacca)
1998-10-16made pass_check_smb() available for dce/rpc use.Luke Leighton1-2/+2
(This used to be commit 95e8a910c5d9ba0ef57669fb1256eaa932e0bb09)
1998-10-07dce/rpcLuke Leighton1-0/+4
(This used to be commit 34afa638f6f7bb145ec094510ac58f7a22dfc3aa)
1998-10-06implemented unix semantics for rename in smbwrapperAndrew Tridgell1-1/+1
(This used to be commit a5c18f9c82f5f76b00ff29c5668b4f0d3e8d6bd0)
1998-09-26Fixed the problem with reply_getatr() being passed a "" name in reply_getatr,Jeremy Allison1-8/+10
replaced the paranoid code in smbd/filename.c that replaces a "" with a ".". I am starting to think this code may well be needed. Jeremy. (This used to be commit bdc3d9f52fbded4b1483af8be0059decfd4bad34)
1998-09-25Makefile.in: Fixed bug with continuation line causing proto to fail.Jeremy Allison1-1/+1
Added $(PROGS) $(SPROGS) as targets for make clean. acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES. configure.in: Added sys/capability.h header check. Added function checks for srandom random srand rand. Added HAVE_IRIX_SPECIFIC_CAPABILITIES test. includes.h: Added #include <sys/capability.h>. ntdomain.h: Moved struct acct_info into here from smb.h smb.h: Added KERNEL_OPLOCK_CAPABILITY define. Moved enum action_type into rpcclient.h Moved struct cli_state into client.h Moved struct nt_client_info, struct tar_client_info, struct client_info into rpcclient.h lib/genrand.c: Changed to use sys_random() & friends. lib/smbrun.c: Lose capabilities after fork. lib/system.c: Added set_process_capability(), set_inherited_process_capability() sys_random(), sys_srandom(). lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an 32 bit mounted NFS filesystem. nmbd/nmbd.c: Changed to use sys_random() & friends. nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends. passdb/ldap.c: Missed one pdb_encode_acct_ctrl call. passdb/passdb.c: Changed to Ander's code for ' ' characters. passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ. script/mkproto.awk: Added 'long' to prototypes. smbd/chgpasswd.c: Lose capabilities after fork. smbd/open.c: Do the mmap *after* the kernel oplock. smbd/oplock.c: Removed stub code from kernel oplock path. Added set_process_capability(), set_inherited_process_capability() calls. smbd/reply.c: Initialize count = 0, offset = 0. smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls. tests/summary.c: Ensure we have RANDOM or RAND. utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ. utils/torture.c: Changed to use sys_random() & friends. Jeremy. (This used to be commit e8be306f23963ac00b1a383ebe0cc1421529fb02)
1998-09-23look at the CAP_NT_SMBS bit in the client capabilities to determine ifAndrew Tridgell1-3/+5
we should serve up volume labels as ascii or unicode. NT wants ascii, W95 wants unicode. It's a crazy protocol! (This used to be commit 24b8a757ae2899d54dd2b2f091a3c0de6de84dbb)
1998-09-203 changes:Andrew Tridgell1-2/+4
1) use lp_fstype() instead of FSTYPE_STRING 2) added SMB_SEARCH_BITS to the TconX reply options (in vwv3). I noted that NT sets this (undocumented) bit and setting it helped get autorun from exported cdroms working. 3) fixed volume labels in QFSINFO level 258. I made these changes while getting the Encyclopadia Brittanica CD to run from a Samba drive. (I bought it for Sue yesterday). The first and second changes allowed Samba to export CDs with autorun info and the client will autorun it when mounted. There are all sorts of nasty implications in that that perhaps we can go into on samba-technical. Think about creating some autorun info in /tmp/ then waiting for people to mount it as scratch space ... The last change was because EB wanted the right volume label. The code we had used a non unicode volume label but tests with W95->NT4 showed that it has to be unicode. There was a note in the code from Jeremy saying that he thought it should _not_ be unicode. Jeremy, can you explain why? It certainly didn't work as non-unicode (the client displays a garbage volume label) and when I fixed it to use unicode it all worked from Win95. and in case anyone is interested EB98 now works fine from a Samba drive :) (This used to be commit 66268ae5881f43fbdc1ccd751122ab2285c375ad)
1998-09-18Fixed problems with premature kernel oplock checkin code.Jeremy Allison1-1/+1
The ./configure & build now seem to work ok. Jeremy. (This used to be commit 7c1a5ed1c2a55543d3f3c8bbd38e6c9c35b80390)