summaryrefslogtreecommitdiff
path: root/source3/smbd/server.c
AgeCommit message (Collapse)AuthorFilesLines
1998-07-17Forgot to increase size of files_struct by MAX_OPEN_DIRECTORIES inJeremy Allison1-1/+1
previous checkin. Jeremy. (This used to be commit 7dfaca5d370ccb472d85416c623692ae7ec2176f)
1998-07-17Code added to fix the renaming of a directory under NT SMB calls.Jeremy Allison1-23/+102
local.h: Changed MAXDIR to MAX_OPEN_DIRECTORIES - shmem size also tuned by this. dir.c: Use MAX_OPEN_DIRECTORIES. nttrans.c: Allow opening of a directory to succeed. Doesn't actually open a file descriptor but takes a files_struct slot marked as an fd. reply.c: Changed to close any outstanding is_directory files. reply_close changed to understand directory files. server.c: Added open_directory(), close_directory() calls. smb.h: Added is_directory to files_struct. Changed OPEN_FNUM to check that target is !is_directory (this prevents the normal file calls from processing a directory files_struct. Jeremy. (This used to be commit e01ce693f47e75e277f3440d46e32b0bd866b550)
1998-07-16Makefile: Added nttrans.oJeremy Allison1-3/+3
includes.h: Added termios.h for AIX. nttrans.c: Working NT SMB calls ! pipes.c: Use strequal instead of strcmp. server.c: Use #defines rather than numbers. smb.h: Updated NT SMB #defines. Jeremy. (This used to be commit 3e5cada9885059e9926eb6a56d350c4b1b53d245)
1998-07-14loadparm.c:Jeremy Allison1-88/+88
With apologies to Charlton Heston and Pierre Boule. "You damn fools, you finally did it". Changed default security mode to be security=user. Yes this is a big (although small in code) change. It's something we've been discussing for a while, to finally wean people off the legacy security=share mode which is *never* what you want. Jeremy. nmbd_incomingrequests.c: Bug fix for nmbd core dumps caused by overrun. Found by <samuel@public.szonline.net>. nttrans.c: More NT smb stuff. reply.c: Unlink will overwrite an existing file. Well you learn something new about POSIX every day. :-). server.c: Tidyup unreadable code. smbpasswd.c: Code to allow -U remote_username to allow ordinary users to change remote passwords if their NT username is different from their UNIX username. Patch from <torbjorn.lindh@allgon.se>. Jeremy. (This used to be commit 4eccb47cfb3c8907a6558b6ea9a02b0184458e34)
1998-07-11nttrans.c: More NT SMB stuff.Jeremy Allison1-3/+16
reply.c: Broke out the internals of reply_mv so that they may be called externally from the NT transact rename. server.c: Changed stat calls to sys_stat - found in code review of bugfix. Jeremy. (This used to be commit fb19dad88edfd7a5c7257a15afc9253fb41f4b99)
1998-07-10Fix for bug PR#8294 reported by <detlef.lammermann@er.materna.de>Jeremy Allison1-1/+8
- the Files array was storing the 'dos_to_unix' translated name, rather than the untranslated name. This could case problems when the name was run through dos_to_unix again. Jeremy. (This used to be commit 5f4be1498f7c907a539fe9b5998dfbcaa9e20e20)
1998-07-09Needed fix to SIGHUP handling donated by branko.cibej@hermes.siJeremy Allison1-8/+29
(I can't believe we've had that bug so long :-). Jeremy. (This used to be commit 4d26757776af2aaba9cdaf4c956fab29bfde1599)
1998-06-16Added SSL support from Christian Starkjohann <cs@obdev.at>Jeremy Allison1-0/+25
This patch may not yet compile with -DUSE_SSL enabled, further Makefile changes may be needed. But it was important to get this code in place before I go off to USENIX. Jeremy. (This used to be commit 31e768369fdc61e07c59630c86c62239f3d3f3f7)
1998-06-12ipc.c: map_username is now a BOOL function.Jeremy Allison1-28/+42
reply.c: map_username is now a BOOL function. server.c: Added capability to do map_username on service names when looking for a home directory. That's what the original code would do. lib/rpc/server/srv_util.c: Changed domain_ to builtin_ for BUILTIN aliases. username.c: Work in progress on groupname map parameter. Jeremy (This used to be commit fa95fae5eed95aff64f0a01825477610a101bbc7)
1998-06-10Minor changes as I've now discovered gcc -pedantic-errors. ThisJeremy Allison1-2/+1
does the signed/unsigned warnings I've been missing. Jeremy (This used to be commit 6d94e67624d1f2c08ac2e1c0eea23facd1e618f2)
1998-06-03ipc.c: Fix bug where we don't return the correct error code when clientJeremy Allison1-82/+258
gives a too-small buffer for share info. Fix from Gil Kloepfer <gil@arlut.utexas.edu> smb.h: server.c: Fix for a nastly little security problem with multi-user Windows NT servers and Samba where the contents of the open-file cache can end up being served out to users who shouldn't have access. This is some *seriously* ugly code. Jeremy. (This used to be commit 05c85df3c7da982085615e5a1db6c71e164db4f5)
1998-05-27loadparm.c: Added machine password timeout parameter - set to 7 days be default.Jeremy Allison1-0/+47
password.c: Added code to tell server.c when machine password needs changing. server.c: Change machine password in idle cycles if it needs it. smbpassfile.c: Fixed up length calculations for machine password file. smbpasswd.c: Moved domain joining code/machine password changing code. lib/rpc/client/cli_netlogon.c: And this is where it now lives. Jeremy. (This used to be commit b8fedca6191de96159df0d1d17082d82e8e44773)
1998-05-18Abstracted all the crappy password interfaces through an indirectJeremy Allison1-0/+3
function table, selectable at compile time. This should make the code that implements all the password functions much cleaner, as it's now very clear exactly what a particular password database needs to provide to Samba. Jeremy. (This used to be commit 27ca536ad974242524c12f7100e419d9e7f9647f)
1998-05-18resolving compilation errorsLuke Leighton1-1/+1
(This used to be commit dea0c06eec44a7c2860f97d8f23584d30e482e0a)
1998-05-14passdb.cJeremy Allison1-181/+2
server.c: Moved generate_machine_sid() into passdb.c for Jean-Francois (who might want an LDAP version). Changed locking to free exclusive lock as soon as possible to prevent contention. lib/rpc/parse/parse_samr.c lib/rpc/server/srv_samr.c: Changed last SID-as-string manipulation function to use DOM_SID structure. Jeremy. (This used to be commit 3b8f5aef57b4f37265c0403385053085f0df6f18)
1998-05-14namequery.c: Fixed SGI IRIX 5.x compiler problem.Jeremy Allison1-2/+191
server.c: Added MACHINE.SID file generation - use lp_domain_sid() be default. smbpass.c: Exposed do_file_lock() as I now use it in server.c Jeremy. (This used to be commit 5bf17840ac7d65d08dd3fdfe8b789010488f6808)
1998-05-12This is a security audit change of the main source.Jeremy Allison1-28/+28
It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell1-4/+4
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
1998-05-07This should (hopefully :-) be the final fix for the %U %G substitutionJeremy Allison1-22/+28
problem.... smbpass.c: Removed Luke's dire warning - as some of the functions in here *need* to be called externally :-). Jeremy. (This used to be commit 1fd8d12ca414066acec71b33eb8a13e16c2acd3a)
1998-05-06loadparm.c: Added #ifdef USE_LDAP around ldap code.Jeremy Allison1-7/+16
server.c: Moved %U, %G and %N into standard_sub() from standard_sub_basic() as only smbd knows about usernames. Also fixes problem with calling standard_sub_basic() from loadparm.c. smbpass.c: Partial tidyup of machine_password_lock() code - not finished yet. util.c: Moved %U, %G and %N into standard_sub() from standard_sub_basic() as only smbd knows about usernames. Also fixes problem with calling standard_sub_basic() from loadparm.c. lib/rpc/server/srv_ldap_helpers.c: Added #ifdef USE_LDAP around ldap code. lib/rpc/server/srv_samr.c: Added #ifdef USE_LDAP around ldap code. Jeremy. (This used to be commit 446b98ca071170fc950bad86ad96b58308a5b75c)
1998-05-06Fixes for the %U and %G problems people have reported.Jeremy Allison1-6/+11
Essentially, multiple session_setup_and_X's may be done to an smbd. As there is only one global variable containing the requested connection name (sessionsetup_user), then any subsequent sessionsetups overwrite this name (causing %U and %G to get the wrong name). This is particularly common when an NT client does a null session setup to get a browse list after the user has connected, but before a share has been mounted. These changes store the requested_name in the vuid structure (so this only really works for user level and above security) and copies this name back into the global variable before the standard_sub call. Jeremy. (This used to be commit b5187ad6a3b3af9fbbeee8bced0ab16b41e9825b)
1998-05-05genrand.c: SGI compile warning fix.Jeremy Allison1-2/+1
ipc.c: Fix for duplicate printer names being long. loadparm.c: Set bNetWkstaUserLogon to false by default - new code in password.c protects us. nmbd_logonnames.c: nmbd_namequery.c: nmbd_namerelease.c: Debug messages fix. password.c: SGI compile warning fix, fix for tcon() with bNetWkstaUserLogon call. reply.c: SGI compile warning fix. server.c Debug messages fix. smbpass.c: Fix for incorrect pointer. Jeremy. (This used to be commit 567d3f838988cafab4770fce1cf68b73085e6c71)
1998-04-29Makefile: Added files to smbpasswd.c.Jeremy Allison1-0/+16
loadparm.c: Patch from tim@quiknet.com for static string problems. server.c: Setup global_myname. smbpass.c: Fix up locking. Add machine_password_delete() call. smbpasswd.c: Added provisional code to add to a domain. lib/rpc/client/cli_login.c: Fixed incorrect cred_hash3 call when setting machine password. lib/rpc/server/srv_netlog.c: Fixed incorrect cred_hash3 call when setting machine password. Jeremy. (This used to be commit 6a7164233e3bf9d6bb57c44a53204068e454ae5c)
1998-04-29This is the checkin that adds the security=domain functionality.Jeremy Allison1-4/+0
WARNING - so far this has only been tested against a Samba PDC (still waiting for IS to add me the machine accounts :-). Still missing is the code in smbpasswd that will add a machine account password and change it on the domain controller, but this is not hard, and I will check it in soon. Jeremy. (This used to be commit 17b94a7084621b3f0106dd4d3386f05cdfc56d19)
1998-04-25This looks like a big change but really isn't.Jeremy Allison1-4/+4
It is changing the global variables "myname" and "myworkgroup" to "global_myname" and "global_myworkgroup" respectively. This is to make it very explicit when we are messing with a global (don't ask - it makes the domain client code much clearer :-). Jeremy. (This used to be commit 866406bfe399cf757c8275093dacd5ce4843afa0)
1998-04-22genrand.c: Improved generation of random values, more secure.Jeremy Allison1-0/+4
loadparm.c: Started add of 'security=domain' code. password.c: Fix for security=server NT bugs. reply.c: Started add of 'security=domain' code. server.c: Started add of 'security=domain' code. smb.h: Started add of 'security=domain' code. Jeremy. (This used to be commit e6bda112ebe0d41f54c4249b5c2e1f24011347e1)
1998-04-20Makefile: Added genrand.oJeremy Allison1-0/+2
clientgen.c: Changed to fill change password buffer with random stuff. password.c: Changed to get challenge from genrand.c server.c: Added #ifdef around O_SYNC. version.h: Changed to 1.9.19prealpha. genrand.c: New code to generate (hopefully) good random numbers for use in crypto challenges/session keys etc. PLEASE REVIEW THIS CODE AND SUGGEST IMPROVEMENTS !!!!!! Jeremy. (This used to be commit 608e98546392fd0aac9b33f4feac43615dbb4405)
1998-04-13Changes include:Christopher R. Hertel1-3/+3
proto.h: The unusual. ;) reply.c: I changes some function names, and updated reply.c to match. See mangle.c below for more. server.c: Changed function names and parameters in file mangle.c, so changed server.c calls to match. See mangle.c below for more. mangle.c: I replaced the caching mechanism used for caching reverse mangled name maps. The old method was a large array of 256-byte strings. Movement in the stack (including push and pop) was done by memcpy()ing whole chunks of memory around. The new system uses the ubi_Cache module which, in turn, uses a splay tree. Entries are dynamically allocated using a minimum amount of memory. Searches are non-linear, which should speed things up a bit, too. Overall, this should save memory and be faster. Other changes: I streamlined the is_mangled() test and made other speed enhancements including replacing some static functions with macros. Added comments, etc. Note: Per an E'mail conversation with Andrew, the 'mangled stack' parameter in smb.conf doesn't do anything anymore. The cache is now set for 16K bytes maximum memory usage. The mangle stack parameter is silently ignored. This can easily be changed, but I'd rather introduce a 'mangled cache memory' parameter and remove 'mangled stack'. Remaining problems: While testing the module, I noticed that something is calling name_map_mangle() twice. The result is that names which contain illegal characters are getting mangled twice. Also, the entire module works by overwriting the input string. This has a variety of nasty side effects. Summary: There's a lot still to be done, but the changes I have in place *should* work in exactly the same way (except for the mangle stack parameter). The rest of the bugs and other issues are separate. Chris -)----- (This used to be commit 8759bec11ba483b2292b0e513b85c98ed5e3e2d4)
1998-04-13Changes to allow Samba to be compiled with -Wstrict-prototypesJeremy Allison1-8/+8
with gcc. (Not a big change although it looks like it :-). Jeremy. (This used to be commit cd2613c57261456485fe4eeecfda209ada70de8e)
1998-04-13fixed a memory leak in close_file(). Each time a file was openedAndrew Tridgell1-1/+7
we leaked memory equal to the length of the filename. (This used to be commit 30a347de74f7f8e2646b1853a9e5914320cee58d)
1998-04-12support O_SYNC at open time in files (previously we only supported itAndrew Tridgell1-0/+4
on individual writes) (This used to be commit ce017a233ba5c68e340e0d31634f9bd93118b20a)
1998-04-10Fix for [homes] problem with security=share. We were still relyingJeremy Allison1-5/+19
on a valid vuid to get the connecting username - this is *never* true (anymore) with security=share. Jeremy. (This used to be commit 5d6f63a7e665ee19bd4508b2b40d497e9851b248)
1998-04-09Makefile, loadparm.c, server.c, smb.h, util.c: Patch fromJeremy Allison1-7/+7
stn@techfak.uni-kiel.de (Stefan Nehlsen) to get homes from the NIS+ map. smbpasswd.c: Tidy up of cli_state structure. Jeremy. (This used to be commit fc2295e0f5729585fdb3ee47edb290851d4071c5)
1998-04-06loadparm.c: Cause IPC$ comment to be evaluated at runtime, rather thanJeremy Allison1-2/+10
load time (patch from "Marty Leisner" <leisner@sdsp.mc.xerox.com>. server.c: Patch from Josef Hinteregger <joehtg@joehtg.co.at> - string could be overwritten when find_service() called recursively. Jeremy. (This used to be commit cf15b3bd74a262e7af3d739a83ef7b43df4935e5)
1998-03-31includes.h: Added semaphore fix for HPUX10.xJeremy Allison1-1/+1
server.c trans2.c: Added oplock deadlock bug fix. lib/rpc/server/srv_netlog.c: Made code that changes machine account password the default. Jeremy. (This used to be commit 3b56fbc11e9d1cb7d4930d9782238c2610cac30d)
1998-03-30Fixed compile-time error introduced by log message change.Jeremy Allison1-8/+19
Added support for 32bit error messages needed for NTDOM code (was in NTDOM branch, somehow missed during the merge). Jeremy. (This used to be commit 188fb28d7be5d466c86a7464f951d08941d0021f)
1998-03-29Added remote machine and address to debug message in make_connection() function.John Terpstra1-1/+1
contributor: <ado@flower.nci.nih.gov> (This used to be commit 7775b0f2aa43ee58f1a4f13004451235cfa157ef)
1998-03-27Fix for client generated core-dump bug where offset to readrawJeremy Allison1-1/+2
was so large that when used with -DUSE_MMAP it caused the unsigned subtraction to wrap aound and become positive - thus causing a silly memcpy offset. Thanks to "Michael St. Laurent" <rowl@earthlink.net> for giving me the core dump that allowed me to track this one down. Jeremy. (This used to be commit c9e066037ab222472085c4a0ecc8a39b337ad2aa)
1998-03-19Finally made OS/2 WP fix the default.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 7cc7a65dec917071d5df04b711acaf8824f13dd6)
1998-03-17this isn't a big commit, it just looks like it :-)Andrew Tridgell1-3/+5
I needed the client_name() and client_addr() functions in swat so I could tell who was connecting from where. The problem was that these functions didn't take a file descriptor parameter they just used the global "Client". So I needed to change all calls to pass a parameter ... lots of files. (This used to be commit a776058900a727591bd7b69debdaa25c0e31d693)
1998-03-15- claim the null connection after the session request to mak sure weAndrew Tridgell1-4/+0
have the netbios name - fix another kill connection bug (This used to be commit c634b799874795d42dae28fb4440ea452dc89b1b)
1998-03-15- added the ability to kill off individual connections from SWAT (fromAndrew Tridgell1-181/+5
the status page) - split the claim_connection() code into its own file - fixed the claim_connection() code to lock the file when manipulating it - always claim a null connection at startup - fixed a bug in the pidfile code (This used to be commit abd4a17e21d12be3d1747e94ceb1915abaf135e3)
1998-03-14added the ability to start/stop the server from SWAT.Andrew Tridgell1-33/+3
I needed to modify the way the pidfile is handled in nmbd and smbd to do this. Jeremy, you may wish to look at what I've done as it probably breaks the Whistle use of pidfiles. In particular I've removed the -f option and instead smbd and nmbd always create a pidfile in the lock directory. (This used to be commit 20bb22d61b986d2036c681fc33db60f2b2b3c1c7)
1998-03-14another makeover of loadparm to support new stuff in swat andAndrew Tridgell1-1/+1
testparm. In particular I added: - ability to optionally save default values of all parameters when calling lp_load(). This can then be used to save only non-default parameters in lp_dump(). This makes the saved smb.conf (and viewed parameters in testparm) much shorter - ability to not load ipc share in lp_load() - separators in parm_table[] so parameters can be grouped logically. - flag to mark parameters that are local but which should be also viewed as global as far as parameters editing is concerned (This used to be commit f9af35da26e58fb0b644b5f0169f1c212230047a)
1998-03-12move setup_groups() into password.c so that swat can link withoutAndrew Tridgell1-83/+0
including server.o (This used to be commit 67bb8835c76e3efc43de55493971fe2402c0d709)
1998-03-12report the max size of raw reads as 65536 not 65535 (this now matchesAndrew Tridgell1-1/+1
what Win95 reports) (This used to be commit a4c6884f43233d57a5f6465f67c4657dd061ae43)
1998-03-11Missed fixes in NTDOM branch for doing readX via pipe IPC$.Jeremy Allison1-1/+1
Allows long share lists to be browsed. Browsing *into* a long share name still fails, though. (Luke - you may need to look into this). Jeremy. (This used to be commit 5299d1b49f2bfd6cf84a687548904206f4a18a41)
1998-03-11"For I have laboured mightily on Luke's code, and hath brokenJeremy Allison1-3/+1
all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)
1998-03-04Removed broken change I made to mangle.c (ooops. Andrew's originalJeremy Allison1-8/+3
algorithm was correct). Finally (I think) fixed the mangled directory stack issue in scan_directory() correctly. Mangled & non-mangled names are now being checked correctly. Hurrah to Ulrik Dickow <ukd@kampsax.dk> who helped isolate this one. Jeremy. (This used to be commit 37f5f7b557aa59c7eba4a9f2f2f323d7cec62fc7)
1998-03-04Adding Korean and Traditional Chinese codepage support.Jeremy Allison1-0/+4
Jeremy. (This used to be commit 2df47cf1bb3428fbaa8dcf45ec114ec3aaafae57)