Age | Commit message (Collapse) | Author | Files | Lines |
|
samr_query_aliasmembers (cool!)
util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c :
pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID
if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5)
to obtain member and pdc sids.
(This used to be commit 3e1eb4f26b67e484b05e1dde94fd4e4dae982631)
|
|
- lib/sids.c:
generate_sam_sid() modified to take a domain name: it now
generates "DOMAIN_NAME.SID". reasons:
1) if you run multiple samba servers on the same machine
under different netbios names as members of a domain,
they won't all use the same SID, which is a _big_ mistake
but it would happen _by default_.
2) we have (had) a problem with sid_to_string() and string_to_sid()
which cause SIDs to be incorrectly read. one of the major
reasons for *NOT* making this change was so as not to disrupt
existing users. but as they will be anyway by this bug,
we might as well go ahead.
- passdb/smbpass.c:
wanted to change the meaning of the name in the smbpasswd
file to an "nt" name not a "unix" name. this is probably
not a good idea: reverted this.
- output formatting / bug-fixing in rpcclient query_useraliases code.
(This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
|
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
aclocal.m4: Added AC_LIBTESTFUNC.
configure.in: Fixed -lsecurity -lsec problems.
client.c: dos_ fixes.
groupdb/aliasunix.c: Dead code removal.
include/includes.h: Added default PRINTCAP_NAME.
lib/genrand.c: dos_ fixes.
lib/replace.c: Added strtoul.
lib/system.c: dos_ fixes.
lib/util.c: dos_ fixes.
lib/util_sid.c: Signed/unsigned fixes.
lib/util_str.c: removed bad const.
locking/locking_slow.c: dos_ fixes.
printing/printing.c: dos_ fixes.
rpc_server/srv_samr.c: Dead code removal.
rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN !
smbd/dir.c: dos_ fixes.
smbd/open.c: dos_ fixes.
smbd/oplock.c: dos_ fixes.
smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes.
Jeremy.
(This used to be commit 6acb4b68f68d516e2ac3c47e500f5600d653435e)
|
|
(This used to be commit 90a24664318da97a6e8cfe4622a8573c0e3cbe5e)
|
|
(This used to be commit e76f593b3572ac881f1aa1fb3326d8b7169b0078)
|
|
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
|
|
Chris - feel free to fix these things differently if these fixes don't
work for you.
Jeremy.
(This used to be commit 1f225abfbe6b021b589711c2e4c599a63050c5b2)
|
|
rpc_client/cli_pipe.c: Inlined code removed from smbdes.c
rpc_server/srv_samr.c: Fixed unused variable warning.
rpc_server/srv_util.c: Inlined code removed from smbdes.c
Luke - the above changes are the first part of the changes
you and I discussed as being neccessary at the CIFS conference.
*PLEASE REVIEW THESE CHANGES* - make sure I haven't broken
any of the authenticated DCE/RPC code.
smbd/nttrans.c: Fixed to allow NT5.0beta2 to use Samba shares
with NT SMB support.
smbd/open.c: Fixed mkdir when called from nttrans calls.
smbd/server.c: Set correct size for strcpy of global_myworkgroup.
Jeremy.
(This used to be commit d891421d16ff80998dee429227bd391455f9d1a1)
|
|
for sid S-1-5-20 and does (nothing at the moment) if you query for
your own sid.
(This used to be commit da40f26f4b2f7ce286076b4e39dffd76aa2ef8e6)
|
|
param/loadparm.c:
smbd/oplock.c: Allow kernel oplocks to be turned off in the smb.conf file.
smbd/server.c: Move init_structs() to after the smb.conf file is loaded - preparation
for making a "max open files" parameter.
Jeremy.
(This used to be commit 6a261517a09b005f502a37941431308fa8bf2c5c)
|
|
Added $(PROGS) $(SPROGS) as targets for make clean.
acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES.
configure.in: Added sys/capability.h header check.
Added function checks for srandom random srand rand.
Added HAVE_IRIX_SPECIFIC_CAPABILITIES test.
includes.h: Added #include <sys/capability.h>.
ntdomain.h: Moved struct acct_info into here from smb.h
smb.h: Added KERNEL_OPLOCK_CAPABILITY define.
Moved enum action_type into rpcclient.h
Moved struct cli_state into client.h
Moved struct nt_client_info, struct tar_client_info, struct client_info
into rpcclient.h
lib/genrand.c: Changed to use sys_random() & friends.
lib/smbrun.c: Lose capabilities after fork.
lib/system.c: Added set_process_capability(), set_inherited_process_capability()
sys_random(), sys_srandom().
lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an
32 bit mounted NFS filesystem.
nmbd/nmbd.c: Changed to use sys_random() & friends.
nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends.
passdb/ldap.c: Missed one pdb_encode_acct_ctrl call.
passdb/passdb.c: Changed to Ander's code for ' ' characters.
passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ.
script/mkproto.awk: Added 'long' to prototypes.
smbd/chgpasswd.c: Lose capabilities after fork.
smbd/open.c: Do the mmap *after* the kernel oplock.
smbd/oplock.c: Removed stub code from kernel oplock path.
Added set_process_capability(), set_inherited_process_capability() calls.
smbd/reply.c: Initialize count = 0, offset = 0.
smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls.
tests/summary.c: Ensure we have RANDOM or RAND.
utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ.
utils/torture.c: Changed to use sys_random() & friends.
Jeremy.
(This used to be commit e8be306f23963ac00b1a383ebe0cc1421529fb02)
|
|
when creating oplock test file.
smbd/server.c: Check for existance of kernel oplocks before
becoming a daemon.
Jeremy.
(This used to be commit b42779e17e754d4a2f75904e2187c9209e0a53f0)
|
|
on a machine that supports them in autoconf.
Move various functions out of lib/util.c into smbd/process.c
and smbd/oplock.c where they belong.
Jeremy.
(This used to be commit c3c5e13f85c97939746070132dad941e79c546fb)
|
|
Chris -)-----
(This used to be commit ac13c29d46f564fc340b652b4b71dfa92e4b5b16)
|
|
prompted by the interpret_security() dead code that Jean-Francois
pointed out I added a make target "finddead" that finds potentially
dead (ie. unused) code. It spat out 304 function names ...
I went through these are deleted many of them, making others static
(finddead also reports functions that are used only in the local
file).
in doing this I have almost certainly deleted some useful code. I may
have even prevented compilation with some compile options. I
apologise. I decided it was better to get rid of this code now and add
back the one or two functions that are needed than to keep all this
baggage.
So, if I have done a bit too much "destroying" then let me know. Keep
the swearing to a minimum :)
One bit I didn't do is the ubibt code. Chris, can you look at that?
Heaps of unused functions there. Can they be made static?
(This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
|
|
always. Don't even install a handler.
(This used to be commit 72c383f4b7bcce5374632dc972df16ab0e2542b9)
|
|
correctly. Added new parameter "stat cache size" - set to 50 by default.
I now declare the statcache code officially "open" for business :-).
It gets a hit rate of 97% with a NetBench run and seems to make
using a case insensitive run as efficient as a case sensitive run.
Also tidied up our sys_select usage - added a maxfd parameter and
also added an implementation of select in terms of poll(), for systems
where poll() is much faster. This is disabled by default.
Jeremy.
(This used to be commit 779b924ec1f6c81ff578d22295b20fece698d1fc)
|
|
NetBench testing though.... :-). Attempts to efficiently reduce
the number of stat() calls Samba does.
Jeremy.
(This used to be commit d0e48a2d8072c3e77a57ac6a2fb5044c05f03b41)
|
|
default to overwrite and smbd would default to append. Also, the -a option
(actually a toggle, such that "-a -a" would set the default) was documented
as append mode for nmbd, and *overwrite mode* for smbd.
nmbd now defaults to append mode, to match smbd. The -a option now always
means append, and I've added the -o option to both, meaning overwrite.
Note that the change to nmbd's default behavior may confuse some people.
I've not seen anything about 2.0.0 changes in the WHATSNEW.txt file.
Where would I document a change like this?
Chris -)-----
(This used to be commit b1d374fb14b1fb92a84260f1dcc59a39a4b99a3d)
|
|
(This used to be commit 722312c326d54849e2552327fcd88ac77257ad2c)
|
|
(This used to be commit f92475aa3cb3ade576c39c02c7996c949c42082a)
|
|
the splitup was done with an axe, not a scalpel, so there are some
rough edges. I mostly wanted to get the general form right with fine
tuning of what goes where to come later. Still, this is better than
what we had before where server.c was a general repository for
anything that didn't fit elsewhere.
(This used to be commit a6d194886a4a5f7507fa37289ff96c1be56f14a6)
|
|
created dosmode.c and filename.c
(This used to be commit 534a90ca44641417c21f6ed6d4b94b1de60f808d)
|
|
server.c without breaking things.
this splits off netprot.c and fileio.c for negprot and read/write/seek
handling respectively.
(This used to be commit b3d7014643ec9f2eef6e6f598f5b9db1fe2f930d)
|
|
to a linked list with bitmap format.
(This used to be commit b7aaab1b6b2d2f72b2bb7c11f5c7bf081a6093d9)
|
|
the chain pointer is now stored as a static and is set whenever a
handle is created or extracted. This also makes the code less error
prone.
(This used to be commit 068a862982bea726e8d7b1b4065d510b9840a272)
|
|
removed most cases where a pnum is used and substituted a pipes_struct*.
in files.c I added a offset of 0x1000 to all file handles on the
wire. This makes it much less likely that bad parsing will give us the
wrong field.
(This used to be commit 8bc2627ff28d340db65bfa017daca2dc291d5ef7)
|
|
private to files.c)
It now is a doubly linked list with a bitmap for allocated file
numbers. Similarly for the fd_ptr code. I also changed the default
maximum number of open files to 4096. The static cost is 1 bit per
file.
It all seems to work, and it passes the "does Sue scream" test, but if
you see weird behaviour then please investigate. With the volume of
new code that has gone in there are bound to be one or two bugs
lurking.
note that you must do a "make clean" before building this as many data
structures have changed in size.
(This used to be commit 79755ce97004b787d7e83a8d18fc4c7c003b7231)
|
|
bitmap.c: added bitmap hanlding code in preparation for increasing the
default max open files to several thousand
(This used to be commit f573a65b67e7a57586fec57845598e49b157ee0a)
|
|
in files.c
it should now be faily easy to expand the default MAX_OPEN_FILES to
many thousands.
(This used to be commit b088c804f98908eb02f05ab2f2e8a61691a0a582)
|
|
configure.in: Source for header changes.
client/clitar.c: Fixed isXXX macros & debugs for gcc pedantic compile.
include/config.h.in: Added MEMSET, BZERO, MEMORY, RPCSVC_YPCLNT, STRINGS headers.
include/includes.h: Headers for the above.
include/smb.h: Made SIGNAL_CAST POSIX by default void (*)(int).
lib/access.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/charset.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/debug.c: Fixed signal functs.
lib/kanji.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/smbrun.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/util.c: Fixed isXXX macros & debugs for gcc pedantic compile.
libsmb/namequery.c: Fixed isXXX macros & debugs for gcc pedantic compile.
locking/shmem.c: Fixed isXXX macros & debugs for gcc pedantic compile.
locking/shmem_sysv.c: Fixed error messages in sysV stuff.
nmbd/asyncdns.c: Fixed signal functs.
nmbd/nmbd.c: Fixed isXXX macros & debugs for gcc pedantic compile.
passdb/passdb.c: Fixed isXXX macros & debugs for gcc pedantic compile.
passdb/smbpassfile.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/chgpasswd.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/ipc.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/nttrans.c: Fixed fsp code path.
smbd/password.c: fixed HAVE_YP_GET_DEFAULT_DOMAIN problem.
smbd/printing.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/reply.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/server.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/trans2.c: Fixed core dump bug.
smbd/uid.c: Fixed isXXX macros & debugs for gcc pedantic compile.
Jeremy.
(This used to be commit 1b9cbcd02e575dc0a95fa589f720df30a4acc46b)
|
|
Connections[] is now a local array in server.c
I might have broken something with this change. In particular the
oplock code is suspect and some .dll files aren't being oplocked when
I expected them to be. I'll look at it after I've got some sleep.
(This used to be commit c7ee025ead4a85b6fa44a832047b878451845fb6)
|
|
locking/locking.c: First cut a blocking lock code. #ifdef'ed out for now.
locking/locking_shm.c: Removed dir_ptr. Not needed.
smbd/nttrans.c: More work on ChangeNotify - return is not an error and needs
to be handled as a nttrans with zero params. Removed dir_ptr. Not needed.
smbd/reply.c:
smbd/server.c:
smbd/trans2.c: Removed dir_ptr. Not needed.
Hmmm. At the moment smbclient is broken - doesn't issue prompt correctly.
This needs looking at.
Jeremy.
(This used to be commit ddfbcc05815621d3c463f92faed047f126412342)
|
|
modified it not to need any smbd specific structures and instead pass
things from smbd.
(This used to be commit 162141d3b3fcf53fbc6a1f18702df85c2b7f1781)
|
|
into passdb/pass_check.c. This means SWAT no longer needs to link to
smbd/password.c
(This used to be commit 90d93889d722670cbb517017531264630af759bf)
|
|
nttrans.c: Moved common code into function in server.c
Removed left over debug level 0.
server.c: Moved common code into function in server.c
Jeremy.
(This used to be commit 34ef55b7228155cef40cbdfcdc1fe623c1037bd6)
|
|
for changes in the directory modify timestamps. A better version
will look at the requested client flags, and create a hash that
represents the current state of the directory, and check against
this instead.
debug.c: Added lp_timestamp_logs() function.
loadparm.c: Added "change notify timeout" in seconds (default 60)
- this is the scan rate for a directory.
Added ""timestamp logs" boolean - default True. Turns
off log timestamps (so I can read them :-).
nttrans.c: ChangeNotify implementation.
server.c: ChangeNotify implementation.
shmem_sysv.c: Added exits on shmem errors (without them smbd can
core dump if some calls fail).
smb.h: Added ChangeNotify flags for future use.
util.c: Tidied up typedef.
Jeremy.
(This used to be commit a0748c3f53974483680ebe2ea4f556ece8d7fa43)
|
|
timestamps from several DEBUG messages. The timestamps are redundant now
that DEBUG() provides them automatically.
There are still a few more files to do, but I've got to get home for dinner.
Chris -)-----
(This used to be commit 60286ccecaa6028d687e6406755016455e3b3a26)
|
|
loadparm.c: Added "ole locking compatibility" option (default "true").
locking.c: Changes to implement union in files_struct.
locking_shm.c: Changes to implement union in files_struct.
nttrans.c: Made opening a directory explicit (we have to).
Added create directory code for nttrans.
reply.c: Changes to implement union in files_struct.
server.c: Changes to implement union in files_struct. Added create directory code.
trans2.c: Changes to implement union in files_struct.
smb.h: Changes to implement union in files_struct.
util.c: Changed linked list code to UNIQX linked list. This will make
the other lists I need to implement for ChangeNotify and blocking
locks easier.
Jeremy.
(This used to be commit 3a5eea850bb256b39cff8ace1e4fb4e0c1f5472b)
|
|
time test instead. This also allows us to get rid of the igroups
element of a couple of structures.
(This used to be commit 8b25fe734166b76ceebf8d9543c706ebe0fddc96)
|
|
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
|
|
locking.c: Added code to deal with real open mode of file.
reply.c: Added strict sync parameter.
server.c: Added strict sync parameter. Fixed open modes.
Jeremy.
(This used to be commit ed57b603b5c9333d588e62d774ad2be67e43ffd9)
|
|
local.h: Kept FSTYPE_STRING as Samba for now.
nmbd_browsesync.c: Added bugfix from Matt Chapman mattyc@cyberdude.com
- lmb_browserlist is now a struct ubi_dlList not a
struct browse_cache_record *.
server.c:
smb.h:
uid.c:
password.c: Removed attrs code - it is not used anywhere.
Jeremy
(This used to be commit ef1af7fe6d5c58ae57b8e4efff0729e1a315da43)
|
|
as the code in reply_lockingX wasn't taking account of
the difference between read and write locks ! How did this
ever work :-) !
reply.c:
server.c: Add lock type to is_locked() and do_lock().
util.c: Also added code from klausr@ITAP.Physik.Uni-Stuttgart.De
to fix problem with log files growing too large if an
smbd writes less than 100 debug messages.
Jeremy.
(This used to be commit 80080abf772a470d5f0f4dcd4a75fb2a09a9fb2a)
|
|
MAX_OPEN_DIRECTORIES for nttrans I forgot to update the code that
enumerates the array.
Created new MAX_FNUMS in local.h, changed all code that iterates
through the files_struct array to use this.
(sorry Richard).
Jeremy.
(This used to be commit 339b10222269d71c7a493cc08b7b1bfd35fd55fc)
|
|
previous checkin.
Jeremy.
(This used to be commit 7dfaca5d370ccb472d85416c623692ae7ec2176f)
|
|
local.h: Changed MAXDIR to MAX_OPEN_DIRECTORIES - shmem size also tuned by this.
dir.c: Use MAX_OPEN_DIRECTORIES.
nttrans.c: Allow opening of a directory to succeed. Doesn't actually open
a file descriptor but takes a files_struct slot marked as an
fd.
reply.c: Changed to close any outstanding is_directory files.
reply_close changed to understand directory files.
server.c: Added open_directory(), close_directory() calls.
smb.h: Added is_directory to files_struct.
Changed OPEN_FNUM to check that target is !is_directory (this
prevents the normal file calls from processing a directory
files_struct.
Jeremy.
(This used to be commit e01ce693f47e75e277f3440d46e32b0bd866b550)
|
|
includes.h: Added termios.h for AIX.
nttrans.c: Working NT SMB calls !
pipes.c: Use strequal instead of strcmp.
server.c: Use #defines rather than numbers.
smb.h: Updated NT SMB #defines.
Jeremy.
(This used to be commit 3e5cada9885059e9926eb6a56d350c4b1b53d245)
|
|
With apologies to Charlton Heston and Pierre Boule.
"You damn fools, you finally did it".
Changed default security mode to be security=user.
Yes this is a big (although small in code) change.
It's something we've been discussing for a while, to
finally wean people off the legacy security=share mode
which is *never* what you want.
Jeremy.
nmbd_incomingrequests.c: Bug fix for nmbd core dumps caused by overrun.
Found by <samuel@public.szonline.net>.
nttrans.c: More NT smb stuff.
reply.c: Unlink will overwrite an existing file. Well you learn
something new about POSIX every day. :-).
server.c: Tidyup unreadable code.
smbpasswd.c: Code to allow -U remote_username to allow ordinary
users to change remote passwords if their NT username
is different from their UNIX username.
Patch from <torbjorn.lindh@allgon.se>.
Jeremy.
(This used to be commit 4eccb47cfb3c8907a6558b6ea9a02b0184458e34)
|