summaryrefslogtreecommitdiff
path: root/source3/smbd/reply.c
AgeCommit message (Collapse)AuthorFilesLines
2012-03-04s3-auth: Remove security=share (depricated since 3.6).Andrew Bartlett1-34/+4
This patch removes security=share, which Samba implemented by matching the per-share password provided by the client in the Tree Connect with a selection of usernames supplied by the client, the smb.conf or guessed from the environment. The rationale for the removal is that for the bulk of security=share users, we just we need a very simple way to run a 'trust the network' Samba server, where users mark shares as guest ok. This is still supported, and the smb.conf options are documented at https://wiki.samba.org/index.php/Public_Samba_Server At the same time, this closes the door on one of the most arcane areas of Samba authentication. Naturally, full user-name/password authentication remain available in security=user and above. This includes documentation updates for username and only user, which now only do a small amount of what they used to do. Andrew Bartlett -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SHARE | | security=share | | | | | | 5 March | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______
2012-03-01Add open_dir_with_privilege() to ensure we're opening the correct directory ↵Jeremy Allison1-0/+1
when doing backup requests. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Mar 1 03:50:40 CET 2012 on sn-devel-104
2012-02-19s3: get_share_mode_lock->get_existing_share_mode_lockVolker Lendecke1-1/+1
2012-02-18Fix a bunch of "unused variable" warnings.Jeremy Allison1-2/+0
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Feb 18 06:22:40 CET 2012 on sn-devel-104
2012-02-16Rename obscure defined constants.Christopher R. Hertel (crh)1-2/+2
Replaced the undescriptive SMB_PORT1 and SMB_PORT2 defined constants with the slightly more descriptive names NBT_SMB_PORT and TCP_SMB_PORT. Also replaced several hard-coded references to the well-known port numbers (139 and 445, respectively) as appropriate. Small changes to clarify some comments regarding the two transport types. Signed-off-by: Simo Sorce <idra@samba.org> Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Thu Feb 16 08:29:41 CET 2012 on sn-devel-104
2012-01-12s3: Put an indirection layer into share_mode_lockVolker Lendecke1-2/+2
Signed-off-by: Jeremy Allison <jra@samba.org>
2012-01-12s3: Introduce get_share_mode_lock_fresh()Volker Lendecke1-2/+1
This slightly simplifies the code path for all callers which assume that a share mode exists already. Only the callers in open_file_ntcreate and open_directory will ever create new share modes. Signed-off-by: Jeremy Allison <jra@samba.org>
2011-12-31Final part of fix for bug #8679 - recvfile code path using splice() on Linux ↵Jeremy Allison1-5/+0
leaves data in the pipe on short write. The code to set a DOS error on short writeX return is amazingly legacy code, and also breaks the reply as fixup_chain_error_packet() enforces a 2-byte wct on any reply where smb_rcls != 0. Found in testing by Andrew Bartlett. Thanks Andrew ! Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Dec 31 08:05:35 CET 2011 on sn-devel-104
2011-12-16Fix bug #8664 - Renaming a symlink fails if the symlink target is outside of ↵Jeremy Allison1-2/+4
the share. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Dec 16 23:32:26 CET 2011 on sn-devel-104
2011-12-15s3:smbd: pass smbd_server_connection and a snumused function pointer to ↵Stefan Metzmacher1-1/+1
reload_services() metze
2011-12-02s3: Use autogenerated open_files.idlVolker Lendecke1-0/+1
2011-11-16Final part of patchset to fix bug #8556 - ACL permissions ignored when ↵Jeremy Allison1-0/+7
SMBsetatr is requested. This now plumbs access checks through all setattr calls. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Nov 16 04:20:04 CET 2011 on sn-devel-104
2011-11-15Remove the check for FILE_WRITE_ATTRIBUTES from smb_set_file_time(). ItJeremy Allison1-0/+5
is called from places like fileio.c that need to update the write time on a file handle only open for write, without neccessarily having FILE_WRITE_ATTRIBUTES permission. Move all checks to before the smb_set_file_time() callers.
2011-11-15Always set the attribute first, before the time.Jeremy Allison1-7/+7
2011-09-14s3:smbd: SMB ReadX with size > 0xffff should only possible for samba clients.Stefan Metzmacher1-1/+10
Windows 2008 R2 (and others) ignore the high bits for the read size. Unless we're using the unix extentions and the client uses CIFS_UNIX_LARGE_READ_CAP, we should also ignore the high bits. But we still need to support old "smbclient" binaries and have to check if the client is "Samba". metze Signed-off-by: Jeremy Allison <jra@samba.org>
2011-08-29Fix bug 8412 - Microsoft Office 2007 (Microsoft Word) fails to save as on a ↵Jeremy Allison1-0/+46
Samba share with SMB2.
2011-08-25s3: Pass smbd_server_connection to is_encrypted_packetVolker Lendecke1-4/+5
2011-08-05s3: Fix a debug messageVolker Lendecke1-1/+1
2011-08-02s3: Pass sconn explicitly to open_was_deferredVolker Lendecke1-7/+7
2011-07-29s3: We only need base_name in map_open_params_to_ntcreateVolker Lendecke1-3/+5
2011-07-20s3-auth Use *unix_token rather than utok in struct auth3_session_infoAndrew Bartlett1-2/+2
This brings this structure one step closer to the struct auth_session_info. A few SMB_ASSERT calls are added in some key places to ensure that this pointer is initialised, to make tracing any bugs here easier in future. NOTE: Many of the users of this structure should be reviewed, as unix and NT access checks are mixed in a way that should just be done using the NT ACL. This patch has not changed this behaviour however. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-12s3:smbd: s/SMBkeepalive/NBSSkeepaliveStefan Metzmacher1-10/+10
metze
2011-07-11s3:smbd: return the real share access mask in the SMBtconX responseStefan Metzmacher1-3/+1
metze
2011-07-04s3-smbd: Replace client_id in smbd reply.Andreas Schneider1-1/+10
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-07-04s3-rpc_server: Migrate rpc function to tsocket_address.Andreas Schneider1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-06-09s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett1-1/+1
There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
2011-06-09s3-talloc Change TALLOC_ARRAY() to talloc_array()Andrew Bartlett1-3/+3
Using the standard macro makes it easier to move code into common, as TALLOC_ARRAY isn't standard talloc.
2011-05-29s3: Reply correctly to a bad nbt session requestVolker Lendecke1-1/+15
2011-05-20Optimization. If the attributes passed to can_rename() include both ↵Jeremy Allison1-5/+8
FILE_ATTRIBUTE_HIDDEN and FILE_ATTRIBUTE_SYSTEM then there's no point in reading the source DOS attribute, as we're not going to deny the rename on attribute match.
2011-05-20s3: Fix an uninitialized variableVolker Lendecke1-1/+1
2011-05-05Fix many const compiler warnings.Jeremy Allison1-7/+7
2011-05-03s3: reply_readbraw_error needs an sconn as argument also in the non-LFS code ↵Björn Jacke1-1/+1
path Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Björn Jacke <bj@sernet.de> Autobuild-Date: Tue May 3 13:04:11 CEST 2011 on sn-devel-104
2011-04-29s3-smb Use FILE_ATTRIBUTE_ARCHIVE intead of aARCHAndrew Bartlett1-2/+2
This means we use just one constant for this file attribute. Andrew Bartlett
2011-04-29s3-smb Use FILE_ATTRIBUTE_DIRECTORY intead of aDIRAndrew Bartlett1-15/+15
This means we use just one constant for this file attribute. Andrew Bartlett
2011-04-29s3-smb Use FILE_ATTRIBUTE_VOLUME intead of aVOLIDAndrew Bartlett1-3/+3
This means we use just one constant for this file attribute. Andrew Bartlett
2011-04-29s3-smb Use FILE_ATTRIBUTE_SYSTEM intead of aSYSTEMAndrew Bartlett1-2/+2
This means we use just one constant for this file attribute. Andrew Bartlett
2011-04-29s3-smb Use FILE_ATTRIBUTE_HIDDEN intead of aHIDDENAndrew Bartlett1-3/+3
This means we use just one constant for this file attribute. Andrew Bartlett
2011-04-29s3-smb Use FILE_ATTRIBUTE_READONLY intead of aRONLYAndrew Bartlett1-3/+3
This means we use just one constant for this file attribute. Andrew Bartlett
2011-04-22s3: Fix Coverity ID 2335, CHECKED_RETURNVolker Lendecke1-1/+3
2011-04-14s3: only include smb profiling where needed.Günther Deschner1-0/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Thu Apr 14 01:31:39 CEST 2011 on sn-devel-104
2011-04-13s3-rpc_client: add and use rpc_client/rpc_client.h.Günther Deschner1-0/+1
Guenther
2011-03-30s3-auth: smbd needs auth.hGünther Deschner1-0/+1
Guenther
2011-03-30s3-libsmb: put namequery headers to nmblib.hGünther Deschner1-0/+1
We might find a better name for it and merge other namequery related things as well here... Guenther
2011-03-30s3: include smbd/smbd.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-includes: only include system/filesys.h when needed.Günther Deschner1-0/+1
Guenther
2011-03-19s3:smbd: remove uses of "./" in unlink_internals()Stefan Metzmacher1-4/+0
Commit 78b931ce6c840ade646c1c6030fa2d6acb77208b tried to do that, but didn't have any effect. metze
2011-02-22s3-auth Rename auth_serversupplied_info varaiables: server_info -> session_infoAndrew Bartlett1-3/+3
These variables, of type struct auth_serversupplied_info were poorly named when added into 2001, and in good consistant practice, this has extended all over the codebase in the years since. The structure is also not ideal for it's current purpose. Originally intended to convey the results of the authentication modules, it really describes all the essential attributes of a session. This rename will reduce the volume of a future patch to replaced these with a struct auth_session_info, with auth_serversupplied_info confined to the lower levels of the auth subsystem, and then eliminated. (The new structure will be the output of create_local_token(), and the change in struct definition will ensure that this is always run, populating local groups and privileges). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-02-10Put OpenDir() back the way it was - don't overload with an fsp arg. Create ↵Jeremy Allison1-3/+3
OpenDir_fsp for new usage. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Feb 10 02:43:31 CET 2011 on sn-devel-104
2011-02-09Allow SMB2_FIND to actually use the open fd handle if we support fdopendir. ↵Jeremy Allison1-3/+4
Fallback to pathname opendir if not.
2011-02-08Use corrcet function instead of cut-and-paste code.Jeremy Allison1-1/+1
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Feb 8 03:23:40 CET 2011 on sn-devel-104
generated by cgit (git 2.34.1) at 2024-07-20 07:31:48 +0000