summaryrefslogtreecommitdiff
path: root/source3/smbd/server.c
AgeCommit message (Collapse)AuthorFilesLines
2002-01-14Removed MAXSTATUS which was set incorrectly - thus causing tdb traversalJeremy Allison1-16/+9
of the connections db on smbd startup. This should fix the Solaris large load bug.... (fingers crossed). Jeremy. (This used to be commit 5b2b9c25af28543e67762805d1387524cbb6c39d)
2002-01-12Many thanks to Alexander Bokovoy <a.bokovoy@sam-solutions.net>.Andrew Bartlett1-0/+1
This work was sponsored by Optifacio Software Services, Inc. Andrew Bartlett (various e-mails announcements merged into some form of commit message below:) This patch which adds basics of universal groups support into Samba 3. Currently, only Winbind with RPC calls supports this, ADS support requires additional (possibly huge) work on KRB5 PAC. However, basic infrastructure is here. This patch adds: 1. Storing of universal groups for particular user logged into Samba software (smbd/ two winbind-pam methods) into netlogon_unigrp.tdb as array of uint32 supplemental group rids keyed as DOMAIN_SID/USER_RID in tdb. 2. Fetching of unversal groups for given user rid and domain sid from netlogon_unigrp.tdb. Since this is used in both smbd and winbindd, main code is in source/lib/netlogon_uingrp.c. Dependencies are added to AUTH_OBJ as UNIGRP_OBJ and WINBINDD_OBJ as UNIGRP_OBJ. This patch has had a few versions, the final version in particular: Many thanks to Andrew Bartlett for critics and comments, and partly rewritten code. New: - updated fetching code to changed byte order macros - moved functions to proper namespace - optimized memory usage by reusing caller's memory context - enhanced code to more follow Samba coding rules Todo: - proper universal group expiration after timeout (This used to be commit 80c2aefbe7c1aa363dd286a47d50c5d8b4595f43)
2002-01-09Add two more memory-debug smbcontrol messages: these ones shouldMartin Pool1-0/+1
prompt dmalloc to log information about what happening, so you can see in flight why smbd is getting bloated. (This used to be commit bcb443c5c4bf97fe6b5b0993e42496c2e64f0124)
2002-01-09Better explanation message for dmalloc.Martin Pool1-1/+1
Also more insertion of parenthesis to handle struct members called 'free'. You can now get useful dmalloc output, as long as it is compatible with your C library. On RH7.1 it looks like you have to rebuild dmalloc to allow free(0) by default, because something in libcrypt does that. (sigh) (This used to be commit 391cbb690196537c8b6292b42c2e27408cc7e249)
2002-01-09Add UNUSED(paramname) macro to be used in parameter lists, to quietenMartin Pool1-1/+2
gcc warnings about unused parameters. (This used to be commit b29775d442c36f667a6db5ba9dbe47d1a133525f)
2002-01-09Fixed up atomic update code.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 274b04d4a6123fbfe363afc214e908ab36c7e8a7)
2002-01-05I've decided to move the auth code around a bit more...Andrew Bartlett1-2/+4
The auth_authsupplied_info typedef is now just a plain struct - auth_context, but it has been modified to contain the function pointers to the rest of the auth subsystem's components. (Who needs non-static functions anyway?) In working all this mess out, I fixed a number of memory leaks and moved the entire auth subsystem over to talloc(). Note that the TALLOC_CTX attached to the auth_context can be rather long-lived, it is provided for things that are intended to live as long. (The global_negprot_auth_context lasts the whole life of the smbd). I've also adjusted a few things in auth_domain.c, mainly passing the domain as a paramater to a few functions instead of looking up lp_workgroup(). I'm hopign to make this entire thing a bit more trusted domains (as PDC) freindly in the near future. Other than that, I moved a bit of the code around, hence the rather messy diff. Andrew Bartlett (This used to be commit 12f5515f556cf39fea98134fe3e2ac4540501048)
2002-01-03smbd should register to receive MSG_REQ_POOL_USAGE. Response shouldMartin Pool1-0/+1
be information about memory usage, but this is not done yet. (This used to be commit 830a126a442bdde28fc42e23e7260c344b6534b9)
2001-12-30When running interactive we want to set our own process group forJeremy Allison1-0/+9
signal management. Jeremy. (This used to be commit fffae94dd5699f44c0b1c8081587deafd89b3fc0)
2001-12-29Fixup -i interactive modes.Jeremy Allison1-6/+12
Jeremy. (This used to be commit 9343b613d3778b0330bc4d610d3befd363797360)
2001-12-20Removed global debugf. Replaced with lp_set_logfile(name).Jeremy Allison1-5/+7
Fixed winbindd to finally stop leaving log. file droppings :-). Jeremy. (This used to be commit 0bea6cf79a44f79fa3a4f2c8381e898e79c66509)
2001-12-03added a tdb to store the account policy informations.Jean-François Micouleau1-4/+9
You can change them with either usermanager->policies->account or from a command prompt on NT/W2K: net accounts /domain we can add a rpc accounts to the net command. As the net_rpc.c is still empty, I did not start. How should I add command to it ? Should I take the rpcclient/cmd_xxx functions and call them from there ? alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more for jeremy ;-) J.F. (This used to be commit bc28a8eebd9245ce3004ae4b1a359db51f77bf21)
2001-11-24This is another rather major change to the samba authenticaionAndrew Bartlett1-1/+3
subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett (This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99)
2001-11-23Removed TimeInit() call from every client program (except for one placeTim Potter1-2/+0
in smbd/process.c where the timezone is reinitialised. Was replaced with check for a static is_initialised boolean. (This used to be commit 8fc772c9e5770cd3a8857670214dcff033ebae32)
2001-11-19Store some path names in global variables initialized to configureMartin Pool1-7/+7
default, rather than in preprocessor macros. (This used to be commit 79ec88f0da40faebe1e587f1b3e87b5f2b184f58)
2001-10-22lets try the new mangling codeSimo Sorce1-0/+5
all the calls go through a compatibility interface will change that soon a new mangle.tdb file will be set in the lock directory it contains a static mapping longname<->manglename (This used to be commit 1ffacd2068a896d36a9e56b6e28c63e2f7e98762)
2001-10-18Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.Jeremy Allison1-4/+5
Ensure make_conection() can only be called as root. Jeremy. (This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
2001-10-18got rid of start_background_queue()Andrew Tridgell1-1/+6
THIS WAS A DISASTER! it created hundreds of processes on the build farm machines, which we can't kill. (This used to be commit 04479db879d04fb329022c3282d92bab94a48576)
2001-10-16very simple asynchronous "lpq" thread patchJean-François Micouleau1-0/+2
To speed up operations with the lpq command, it's now run in a separate asynchronous process. Opening the Printers folder on NT is now fast ;-) I think even faster than with a ** server Jeremy, you should look at that patch to include it in 2.2.3 J.F. (This used to be commit 8ef9dff3074e7979579ce66a204e8ec7bf62a587)
2001-10-03switched over to a new method of handling uppercase/lowercase mappingsAndrew Tridgell1-0/+2
for unicode strings. The new method relies on 3 files that are mmap'd at startup to provide the mapping tables. The upcase.dat and lowcase.dat tables should be the same on all systems. The valid.dat table says what characters are valid in 8.3 names, and differs between systems. I'm committing the japanese valid.dat here, in future we need some way of automatically installing and choosing a appropriate table. This commit also adds my mini tdb based gettext replacement in intl/lang_tdb.c. I have not enabled this yet and have not removed the old gettext code as the new code is still being looked at by Monyo. Right now the code assumes that the upcase.dat, lowcase.dat and valid.dat files are installed in the Samba lib directory. That is not a good choice, but I'll leave them there until we work out the new install directory structure for Samba 3.0. simo - please look at the isvalid_w() function and think about using it in your new mangling code. That should be the final step to correctly passing the chargen test code from monyo. (This used to be commit 1c221994f118dd542a158b2db51e07d04d0e9314)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-2/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-19Add the ability to display Samba's build options with smbd -b and as a level 4Andrew Bartlett1-16/+23
DEBUG(). Also included are details like build date/time, location and compiler. This should get most of the options we set, except those that don't affect smbd, like WITH_PAM_SMBPASSWD or WITH_WINBINDD. This work due to Vance Lankhaar <vlankhaar@hotmail.com> Some work needs to be done to make it only rebuild when needed (ie smbd being rebuilt) but its in pretty good shape already. Also fix up some printf() -> d_printf(). Andrew Bartlett (This used to be commit beff1d2beaf4337dba6bfc372c5e09a43cfd791a)
2001-09-19printf() -> d_printf()Andrew Bartlett1-1/+1
(This used to be commit e8bd42edc05226d49ab0b6768f898d883fcf8d1a)
2001-09-19added a hook to reopen all tdb's after the server forkAndrew Tridgell1-0/+3
this prevents the fd seek pointer problem (This used to be commit f49518e497deeb46292456c3650769d50ec2a955)
2001-09-10replaced stdio in many parts of samba with a XFILE. XFILE is a cut-downAndrew Tridgell1-5/+0
replacemnt of stdio that doesn't suffer from the 8-bit filedescriptor limit that we hit with nasty consequences on some systems I would eventually prefer us to have a configure test to see if we need to replace stdio, but for now this code needs to be tested widely so I'm enabling it by default. (This used to be commit 1af8bf34f1caa3e7ec312d8109c07d32a945a448)
2001-08-28Added dummy handlers for SAM_SYNC and SAM_REPL messages.Tim Potter1-0/+30
(This used to be commit 08e05f1b3c2d5767e8f8f0343fc0ea90c786eac0)
2001-08-22A few changes:Andrew Bartlett1-6/+2
drop paramaters: status utmp hostname change session code to always record each vuid current on the server. The sessionid struct is no longer packed, as I couldn't get that to work ;-) change smbstatus to show this info and less of the connections.tdb info (its not actualy that accurate). I'll get swat doing some of this shortly. (This used to be commit b068ad300527c44673bbee0aede7849199c89de7)
2001-08-09Try to set the socket options early for some OSs (like Sol 8) where theyAndrew Bartlett1-1/+8
can't be set after the listen(). Andrew Bartlett (This used to be commit 23b6772a2454ff3b480807a4ca8f58e8a0dc0c81)
2001-07-17Fixes from Jens-Uwe.Walther@force.de to make the -l option behaveJeremy Allison1-1/+1
consistently. Jeremy. (This used to be commit f591ca9f25c54d3cdd0b76df472411e44c95ea47)
2001-07-10added winbind_exclude_domain() so smbd can tell the winbind clientAndrew Tridgell1-0/+5
code not to do lookups for a particular domain. This allows winbind to operate on a Samba PDC (This used to be commit d472ee3a690fb6db03fd4536e4093a18fc37ddbb)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-2/+2
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-07-04The big character set handling changeover!Andrew Tridgell1-4/+0
This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a)
2001-06-25fixed usage of socklen_t and also tidied up SIG_ATOMIC_T, using a typedef ↵Andrew Tridgell1-3/+3
instead of a define (This used to be commit e2ecff419fdc0a0dc7551b33b377dc11061ef2a3)
2001-06-25- make the regresison test mode code build in by default. This shouldAndrew Tridgell1-11/+1
allow us to have test targets without special configure options - fixed make proto so that it actually does something (This used to be commit 55109a752578e9389d853cb27ec17c2114ecff77)
2001-06-22added the ability to test smbd safely as an ordinary user. The way it works isAndrew Tridgell1-0/+2
that libsmb/ creates a local tcp socket then launches smbd as a subprocess attached to that socket. smbd thinks it is being launched from inetd. to use it do the following: - compile with -DSMB_REGRESSION_TEST - run like this (also works with smbtorture etc) export SMBD_TEST=1 export LIBSMB_PROG=bin/smbd smbclient //server/share -Uuser%pass obviously you need to setup a smb.conf etc. Using --prefix to configure is useful. The aim of all this stuff is to add a decent set of regression tests to the build farm, so we know if smbd actually runs correctly on all the platforms, not just builds. We can run smbtorture, masktest, locktest etc, plus a bunch of smbclient scripts and any new tests we write. This doesn't help much with nmbd (at least not yet) but its a good start. (This used to be commit 7e8e6ae9a88c4d2587eb4e7f0501cd71bd36ebb2)
2001-05-25Added tdb_change_int_atomic() to allow atomic updates of a tdb int value.Jeremy Allison1-5/+3
Jeremy. (This used to be commit cf5015f15935605cf69078bc15251db61ddc48c7)
2001-05-08Patch from ackley@cs.unm.edu to clear server_fd/client_fd in root daemon to stopJeremy Allison1-0/+10
%I getpeername() failure. Jeremy. (This used to be commit 15584d30cd51650752fcbdd4f0dfc193fed18e5a)
2001-04-18merge from 2.2Andrew Tridgell1-1/+3
(This used to be commit f52a5014ee325f9d91f266f88eac51b6136a75b9)
2001-04-09Added set/get SD's on shares. Check before tcon.Jeremy Allison1-0/+4
Jeremy. (This used to be commit 036b1a8b09fe6a7cca83d631624145574acad7f2)
2001-04-08Got "medieval on our ass" about adding the -1 to slprintf.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 94747b4639ed9b19f7d0fb896e43aa392a84989a)
2001-03-23first pass of the new group mapping codeJean-François Micouleau1-0/+5
J.F. (This used to be commit 7154deb026d53cb0cd503562174c3332a372be63)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-9/+0
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2001-02-15samba/source/nmbd/nmbd.c change remote_machine name to nmbd insteadHerb Lewis1-1/+1
of nmb so we write to same log file that was originally created as log.nmbd samba/source/smbd/server.c change remote_machine name to smbd instead of smb so we write to same log file that was originally created as log.smbd samba/source/lib/interface.c allow binding to all interface IP addresses even if on same subnet. This allows you to specify which IP's you want in interfaces line and use bind interfaces only (This used to be commit 01dfd59712f3730498784d7632da8fe0113d55b6)
2001-02-12Merge of JohnR's changes to appliance-head, JF's changes to 2.2,Jeremy Allison1-0/+17
updated the POSIX_ACL code to be in sync. Jeremy. (This used to be commit c0517d6f4e3079feca1309fd1ea7b21e83f0de02)
2001-01-25Changes from APPLIANCE_HEAD:David O'Neill1-0/+5
source/smbd/server.c source/nmbd/nmbd.c - Fixed a very subtle bug with signals. Seems that POSIX requires that the signal mask be inhereted. So, if you happen to kick off smbd/nmbd from code that has the mask set on SIGUSR1, you lose messages. (This used to be commit b4c98196fc65e8b3bce928296e854987622eae78)
2001-01-08Patch from Richard Bollinger for dead entries being left in connections tdb.Jeremy Allison1-0/+5
Jeremy. (This used to be commit 48a3afcd4716a456c3072bf41450b361e4379be8)
2000-11-27passdb/secrets.c passdb/smbpassfile.c smbd/server.c : Actually *use* the codeJeremy Allison1-0/+5
written to transition from an old DOMAIN.MACHINE.MAC file to secrets.tdb. printing/nt_printing.c: Fix case insensitive name lookups for driver files. John - this should fix the Win9x/WinME problem correctly. Jeremy. (This used to be commit 8f3332a9acf413ac5d12053ca5c52733a4e946cc)
2000-11-27Fixed messaging so main smbd can get lib/message.c messages.Jeremy Allison1-0/+8
Jeremy. (This used to be commit 349d58fb5758cebc5a8575f80103150b8cd0a080)
2000-11-22Free talloc'ed memory from the main smbd. Patch from Rich Bollinger, Elliott ↵Jeremy Allison1-0/+3
Company Jeremy. (This used to be commit e041b144b2c7c6c9fdd6cd20256a197876aaf353)
2000-11-13Large commit which restructures the local password storage API.Gerald Carter1-1/+1
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)