Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit a99d9cec7e090736ab49c91720cfd2b43e2a6f00)
|
|
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
(This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
|
|
In particular this commit focuses on:
Changing the Get_Pwnam code so that it can work in a const-enforced
environment.
While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.
----
These changes allow for 'const' in the Samba tree.
There are a number of good reasons to do this:
- I want to allow the SAM_ACCOUNT structure to move from wasteful
pstrings and fstrings to allocated strings. We can't do that if
people are modifying these outputs, as they may well make
assumptions about getting pstrings and fstrings
- I want --with-pam_smbpass to compile with a slightly sane
volume of warnings, currently its pretty bad, even in 2.2
where is compiles at all.
- Tridge assures me that he no longer opposes 'const religion'
based on the ability to #define const the problem away.
- Changed Get_Pwnam(x,y) into two variants (so that the const
parameter can work correctly): - Get_Pwnam(const x) and
Get_Pwnam_Modify(x).
- Reworked smbd/chgpasswd.c to work with these mods, passing
around a 'struct passwd' rather than the modified username
(This used to be commit e7634f81c5116ff4addfb7e495f54b6bb78e8f77)
|
|
uid.c: Added missing void.
Jeremy.
(This used to be commit c2e06ed2219860479868fd1ac18013ae4f891e10)
|
|
Ensure make_conection() can only be called as root.
Jeremy.
(This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
|
|
(This used to be commit 2d5b0f7ad865f92668954f87fd3b116a7abffa10)
|
|
functions correctly deal with the SID_NAME_TYPE. One fix for connection user
lookup in LSA.
Jeremy.
(This used to be commit 29730027d8118ec7d207c89d0fd7fb24ac173fde)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
for this bug report.
Jeremy.
(This used to be commit 50d8e5b22f2c2c792e3a2d33e00a1c9caab48981)
|
|
can't redefine them. damn.
(This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
|
|
returns a pointer to changable storage so ensure we save the details and
don't use the pointer directly.
Jeremy.
(This used to be commit d9fdaae54ee3a267aebd02ff6058a98aefc084c2)
|
|
lookup_name was expecting to be able to write to the string. Changed
lookup_name to use const.
Jeremy.
(This used to be commit 80c18d88491f1148ade623e81c33f84ba4f952f3)
|
|
RPC code to merge with new passdb code.
Currently rpcclient doesn't compile. I'm working on it...
Jeremy.
(This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
|
|
srv_samr.c: duplicate gid fix.
srv_spoolss_nt.c: Merge of JF's work.
uid.c: Fix for returning names when a PDC.
Jeremy.
(This used to be commit d938ad6963a2dd4eda930d508600ec1902dc2b16)
|
|
smbd/reply.c:
Added fix needed for appliances. When using winbindd - a new user may
exist (from winbind) but have no home directory. Extend add user script
so it is called with a %H substitution when a user exists but their home
directory does not. Thanks to Alex Win at VA Linux for finding this one
and testing the fix.
libsmb/clidgram.c: Fixed missing return statements.
smbd/uid.c: Fixed typo in debug.
Jeremy.
(This used to be commit 7ba0a2192b89954604dd793c537b4a17c2d1ac07)
|
|
(correctly)
when the NT_USER_TOKEN is *created*.
Jeremy.
(This used to be commit 27d72ed1cf8ece2bede812341279ba5a7262ace4)
|
|
Jeremy.
(This used to be commit cdbd2e99775642dc2e92004be9014bf38a92d80f)
|
|
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+)
are broken, but they were somewhat broken before. :)
The following functions implement the storage manipulation interface
/*The following definitions come from passdb/pdb_smbpasswd.c */
BOOL pdb_setsampwent (BOOL update);
void pdb_endsampwent (void);
SAM_ACCOUNT* pdb_getsampwent (void);
SAM_ACCOUNT* pdb_getsampwnam (char *username);
SAM_ACCOUNT* pdb_getsampwuid (uid_t uid);
SAM_ACCOUNT* pdb_getsampwrid (uint32 rid);
BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass);
BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override);
BOOL pdb_delete_sam_account (char* username);
There is also a host of pdb_set..() and pdb_get..() functions for
manipulating SAM_ACCOUNT struct members. Note that the struct
passdb_ops {} has gone away. Also notice that struct smb_passwd
(formally in smb.h) has been moved to passdb/pdb_smbpasswd.c
and is not accessed outisde of static internal functions in this
file. All local password searches should make use of the the SAM_ACCOUNT
struct and the previously mentioned functions.
I'll write some documentation for this later. The next step is to fix
the TDB passdb backend, then work on spliting the backends out into
share libraries, and finally get the LDAP backend going.
What works and may not:
o domain logons from Win9x works
o domain logons from WinNT 4 works
o user and group enumeration
as implemented by Tim works
o file and print access works
o changing password from
Win9x & NT ummm...i'll fix this tonight :)
If I broke anything else, just yell and I'll fix it. I think it
should be fairly quite.
-- jerry
(This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
|
|
Jeremy.
(This used to be commit f0dcc39d34202ed67d778ff40166856d4c2ad87b)
|
|
falling back to the UNIX calls on error. This should fix all problems with
smbd enumerating all users in all groups in all trusted domains via winbindd.
Also changed GETDC to query 1C name rather than 1b name as only the PDC
registers 1b.
Jeremy.
(This used to be commit 5b0038a2afd8abbd6fd4a58f5477a40d1926d498)
|
|
Added debug messages to se_access_check().
Added FULL_ACCESS acl to default acl on printers.
Jeremy.
(This used to be commit 7507f6f408cf8b0f8d7e2b3da54ce5fb5ef5343b)
|
|
Added a become_root()/unbecome_root() (push/pop security context)
around the initgroups() call to ensure it would succeed. Hmmm - I
wonder if this call being done as non-root might explain any "group access"
bugs we've had in the past....
Jeremy.
(This used to be commit 06a65972e872f37d88b84f22ea714feebd38f6c0)
|
|
with the current user. This will allow se_access_check() to quickly do
a SD check without having to translate uid/gid's to SIDs.
Still needs work on pipe calls.
Jeremy.
(This used to be commit e28d01b744b3dbd33e0e54af4e7f426fa8c082b8)
|
|
get ready and fix se_access_check().
Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid()
functions that look via winbind first the fall back on local lookup.
All Samba should use these rather than trying to call winbindd code
directly.
Added NT_USER_TOKEN struct in user_struct, contains list of NT sids
associated with this user.
se_access_check() should use this (cached) value rather than attempting
to do the same thing itself when given a uid/gid pair.
More work needs to be done to preserve these things accross security
context changes (especially with the tricky pipe problem) but I'm
beginning to see how this will be done..... probably by registering
a new vuid for an authenticated RPC pipe and not treating the
pipe calls specially.
More thoughts needed - but we're almost there...
Jeremy.
(This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
|
|
(This used to be commit 3c4a5f624bfa69eb81d998530d9227e158edd109)
|
|
structure so authenticated pipe users can have their unix groups set when
become_authenticated_pipe_user() is called.
(This used to be commit 55c9bf124dc661df43bfe582ef14b1297aeaf0fa)
|
|
(This used to be commit d0f55e04c9400481e4a981431715e167a8246e45)
|
|
Implemented become_root() and friends in terms of push/pop/set security
contexts.
(This used to be commit 0bcdcd0606fc2b6aba35b03255aad5bb2bd8e848)
|
|
this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic -
this isn't permanent, it should go after another few merge steps have
been done
(This used to be commit 92109d7b3c06f240452d39f669ecb8c9c86ab610)
|
|
userdom_struct. As the name implies this also contains a domain
(unused at the moment).
This will be important shortly, as operation in appliance mode needs
the domain to be always carried with the username.
(This used to be commit ee8546342d5be90e730372b985710d764564b124)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service. the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.
this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).
removed reference to pipes_struct in msrpc services. all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.
created become_vuser() which does everything not related to connection_struct
that become_user() does.
removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.
todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.
had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons. why? because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency. so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc. this is the MINIMUM info identified so far that's
actually implemented. missing bits include the called and calling
netbios names etc. (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
(This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
|
|
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug.
Note that the Get_Pwnam() function now returns a const struct passwd *
as a hint to other developers not to change entries in the struct
passwd.
(This used to be commit 36d7cb4ccc42268e8e6a7b783c945d1853624958)
|
|
capabilities to Samba so that Samba could talk to the SGI PCP
(Performance Co-Pilot) apps.
This change adds a profiling shared memory area and uses it to count
two fairly trivial things, the number of uid switches and the number
of SMB packets processes. To add more just edit include/profile.h and
then increment it at the right place.
I've also added a -P switch to smbstatus to dump the profile area.
(This used to be commit ef3d61a80ad0b87c196a63ef2bd4fe8fc3863bd0)
|
|
aclocal.m4: Added AC_LIBTESTFUNC.
configure.in: Fixed -lsecurity -lsec problems.
client.c: dos_ fixes.
groupdb/aliasunix.c: Dead code removal.
include/includes.h: Added default PRINTCAP_NAME.
lib/genrand.c: dos_ fixes.
lib/replace.c: Added strtoul.
lib/system.c: dos_ fixes.
lib/util.c: dos_ fixes.
lib/util_sid.c: Signed/unsigned fixes.
lib/util_str.c: removed bad const.
locking/locking_slow.c: dos_ fixes.
printing/printing.c: dos_ fixes.
rpc_server/srv_samr.c: Dead code removal.
rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN !
smbd/dir.c: dos_ fixes.
smbd/open.c: dos_ fixes.
smbd/oplock.c: dos_ fixes.
smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes.
Jeremy.
(This used to be commit 6acb4b68f68d516e2ac3c47e500f5600d653435e)
|
|
instead of opening pipes and other horrible stuff.
(This used to be commit 49bf19710345a59a2d17cd449be1a132885ed821)
|
|
uid_t, gid_t and vuid. Added sys_getgroups() to get
around the int * return problem. Set correct datatypes
for all uid, gid and vuid variables.
Jeremy.
(This used to be commit e570db46fc3a78e499523fd342e9a34cebb18998)
|
|
to a linked list with bitmap format.
(This used to be commit b7aaab1b6b2d2f72b2bb7c11f5c7bf081a6093d9)
|
|
configure.in: Source for header changes.
client/clitar.c: Fixed isXXX macros & debugs for gcc pedantic compile.
include/config.h.in: Added MEMSET, BZERO, MEMORY, RPCSVC_YPCLNT, STRINGS headers.
include/includes.h: Headers for the above.
include/smb.h: Made SIGNAL_CAST POSIX by default void (*)(int).
lib/access.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/charset.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/debug.c: Fixed signal functs.
lib/kanji.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/smbrun.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/util.c: Fixed isXXX macros & debugs for gcc pedantic compile.
libsmb/namequery.c: Fixed isXXX macros & debugs for gcc pedantic compile.
locking/shmem.c: Fixed isXXX macros & debugs for gcc pedantic compile.
locking/shmem_sysv.c: Fixed error messages in sysV stuff.
nmbd/asyncdns.c: Fixed signal functs.
nmbd/nmbd.c: Fixed isXXX macros & debugs for gcc pedantic compile.
passdb/passdb.c: Fixed isXXX macros & debugs for gcc pedantic compile.
passdb/smbpassfile.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/chgpasswd.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/ipc.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/nttrans.c: Fixed fsp code path.
smbd/password.c: fixed HAVE_YP_GET_DEFAULT_DOMAIN problem.
smbd/printing.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/reply.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/server.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/trans2.c: Fixed core dump bug.
smbd/uid.c: Fixed isXXX macros & debugs for gcc pedantic compile.
Jeremy.
(This used to be commit 1b9cbcd02e575dc0a95fa589f720df30a4acc46b)
|
|
Connections[] is now a local array in server.c
I might have broken something with this change. In particular the
oplock code is suspect and some .dll files aren't being oplocked when
I expected them to be. I'll look at it after I've got some sleep.
(This used to be commit c7ee025ead4a85b6fa44a832047b878451845fb6)
|
|
the correct directory before doing the stat. Doh !
uid.c: Fix for performance in security=share mode. Invalid vuid meant
that in security=share mode Samba was always doing the become_user/
undebome_user pairs for *every* smb. This code fixes it, but tridge
should review for security implications.
Jeremy.
(This used to be commit c3663379fdcec487feea2e5d848ee012ee6c6baf)
|
|
timestamps from several DEBUG messages. The timestamps are redundant now
that DEBUG() provides them automatically.
There are still a few more files to do, but I've got to get home for dinner.
Chris -)-----
(This used to be commit 60286ccecaa6028d687e6406755016455e3b3a26)
|
|
time test instead. This also allows us to get rid of the igroups
element of a couple of structures.
(This used to be commit 8b25fe734166b76ceebf8d9543c706ebe0fddc96)
|
|
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
|
|
local.h: Kept FSTYPE_STRING as Samba for now.
nmbd_browsesync.c: Added bugfix from Matt Chapman mattyc@cyberdude.com
- lmb_browserlist is now a struct ubi_dlList not a
struct browse_cache_record *.
server.c:
smb.h:
uid.c:
password.c: Removed attrs code - it is not used anywhere.
Jeremy
(This used to be commit ef1af7fe6d5c58ae57b8e4efff0729e1a315da43)
|
|
to the AIX specific (and undocumented) setpriv and setuidx calls.
Jeremy.
(This used to be commit 7a8d0a4ed4e07090bfe776b5544712274d2426e4)
|
|
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
|
|
problem....
smbpass.c: Removed Luke's dire warning - as some of the functions in here
*need* to be called externally :-).
Jeremy.
(This used to be commit 1fd8d12ca414066acec71b33eb8a13e16c2acd3a)
|
|
Essentially, multiple session_setup_and_X's may be done
to an smbd. As there is only one global variable containing
the requested connection name (sessionsetup_user), then any
subsequent sessionsetups overwrite this name (causing %U
and %G to get the wrong name). This is particularly common
when an NT client does a null session setup to get a
browse list after the user has connected, but before
a share has been mounted.
These changes store the requested_name in the vuid structure
(so this only really works for user level and above security)
and copies this name back into the global variable before
the standard_sub call.
Jeremy.
(This used to be commit b5187ad6a3b3af9fbbeee8bced0ab16b41e9825b)
|
|
loadparm.c: Added "win95 bug compatibility" parameter.
local.h: Replaced MAX_OPEN_FILES back to 100 from 10 (oops).
reply.c: Fixed ulogoff check against uid - changed to vuid.
server.c: Changed file struct save of uid - changed to vuid.
smb.h: Changed id in struct current_user to vuid.
Changed file struct uid to vuid.
time.c: Added "win95 bug compatibility" atime -> mtime return.
trans2.c: Added "win95 bug compatibility" fixes.
uid.c: Changed id in struct current_user to vuid - added checks
to set/reset it.
util.c: Added code to expand environment variables.
version.h : still at 1.9.18 (head branch doesn't matter too much at present).
Jeremy.
(This used to be commit adc903bcf59ad1664babd7f1d43675d3a75bfbc9)
|