summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2002-06-25Update cli_full_connection() to take a 'flags' paramater, and try to get aAndrew Bartlett1-8/+2
few more places to use it. Andrew Bartlett (This used to be commit 23689b0746d5ab030d8693abf71dd2e80ec1d7c7)
2002-06-24Merged across trans2.c from SAMBA_2_2. UNIX extensions and passthroughJeremy Allison1-1073/+1513
now supported in HEAD. Jeremy. (This used to be commit 082c5c084ef870709d3046f580eef597bb2aeef3)
2002-06-22Raise some debug levels.Andrew Bartlett2-2/+2
Andrew Bartlett (This used to be commit 5c0e4ecfaf9bf7e6e799dceeb275b5db2d4142dd)
2002-06-21Don't use uint. It doesn't exist on some platforms and we don't define it.Jeremy Allison2-2/+2
Replaced with "unsigned int". Jeremy. (This used to be commit 5841ca54b6a8c36f3d76c12570ff8f2211ed2363)
2002-06-21Fixed incorrect debug.Tim Potter1-1/+1
(This used to be commit a905b5f49db6a12c9a562e1d5e3981dc3525fd27)
2002-06-20Got rid of unused flags field in lanman api_commands[].Tim Potter1-36/+49
Added an auth_user field which denotes whether the api call can be made anonymously. In combination with lp_restrict_anonymous() this can decrease the amount of information that can be retrieved anonymously. So far NetShareEnum, NetSessionEnum, NetGroupEnum, NetGroupGetUsers, NetUserEnum, PrintQEnum, NetFileEnum cannot be called anonymously. SamOEMChangePassword and NetServerEnum can be called anonymously. All other functions can be called anonymously until it can be proven that they can't to avoid breaking anything. (This used to be commit ead6ab9602640aca5d1d8ac336f3a129f9466159)
2002-06-17compile warngin fixes merged from 2.2Gerald Carter4-19/+19
(This used to be commit 29874f4b8fecdc7cbd84d656dafce54cca49e0b1)
2002-06-16Further updates to the service.c code. authorise_login() is now a bit simpilerAndrew Bartlett2-6/+6
and we seem to have eliminated the segfault. Unfortunetly I'm still at a bit of a loss as to why it did segfault, but the patch is correct in any case. Andrew Bartlett (This used to be commit 70c16188c7a267f9f3f8de0b6830f66c9e68a2c7)
2002-06-15Rework much of the service.c code:Andrew Bartlett2-195/+238
The aim of this execise is to give the 'security>=user' code a straight paper path. Security=share will sill call authorise_login(), but otherwise we avoid that mess. This allow *much* more accurate error code reporting, beocuse we don't start pretending that we can use the (nonexistant) password etc. Also in this patch is code to create the 'homes' share at session setup time (as we have done in the past - been broken recently) and to record this on the user's vuser struct for later reference. The changes here should also allow for much better use of %H (some more changes to come here). The service.c changes move a lot of code around, but are not as drastric as they look... (Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not '*total_entries' was compared). This code is needs testing, but passes my basic tests. I expect we have lost some functionality, but the stuff I had expected to loose was already broken before I started. In particular, we don't 'fall back' to guest if the user cannot access a share (for security=user). If you want this kind of stuff then you really want security=share anyway. Andrew Bartlett (This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c)
2002-06-14moved lp_list_* functions away from param/loadparm.c, put int lib/util_str.cSimo Sorce2-15/+15
and renamed to str_list_* as it is a better name. Elrond should be satisfied now :) (This used to be commit 4ae260adb9505384fcccfb4c9929cb60a45f2e84)
2002-06-13Veto files fix.Jeremy Allison1-275/+273
Jeremy. (This used to be commit 1712a7b34a73ad89965961c0db4dd198d6b257c6)
2002-06-13Merge in mangle fixes from 2.2.Jeremy Allison6-369/+371
Jeremy. (This used to be commit 5e2571f424a40df4d67fe279517a9b21184b78e1)
2002-06-07Ensure when allowing fchown with write access and dos filemodes thatJeremy Allison1-7/+7
we leave the gid alone. Jeremy. (This used to be commit 3f72910cf954b127c0cc06d6616ca2b8cd0d41ad)
2002-06-07Globally replace 'global_sam_sid' with get_global_sam_sid(), a selfAndrew Bartlett3-6/+5
initialising function. This patch thanks to the work of "Stefan (metze) Metzmacher" <metze@metzemix.de> This is partly to enable the transition to SIDs in the the passdb. Andrew Bartlett (This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
2002-06-07Allow sd_len to be zero on NT_TRANSACT_CREATE but not for set sd (helpsJeremy Allison1-4/+7
Novell client). Jeremy. (This used to be commit ac49fd297acf27384a5e133a5fd7a32c1ba27ca6)
2002-06-06Overly complex but neccessary fix for kernel oplock problems. The issueJeremy Allison3-21/+55
is that there are some times when we should return an EINTR from a select, some times when we should not. As we can take a signal at any time, we have to eat EINTR's in some selects. This means we need to check for kernel oplock breaks more often in the main loop, as well as add the queuing mechanism needed for the changenotify code (due to the mistake in understanding POSIX semantics w.r.t. setting a signal mask in a signal handler). This code now passes all my tests. However, (and IMHO and I know tridge disagrees) - the correct way to fix this is to run with RT signals blocked and explicitly unblock them just before the main select, block them after and then process them all in one place. Just my 2cents :-). Jeremy. (This used to be commit a8c85372e2826a07117c89b39270cde8641ce55d)
2002-06-05Remove blocksignals call as it's never going to bloody work right...Jeremy Allison1-1/+0
Jeremy. (This used to be commit db8932c297096e6e957677c4ed944e4c319db1d8)
2002-06-05Fix for Linux kernel bug where signal mask set within a signal handlerJeremy Allison1-33/+67
is being ignored on sighandler exit. This means we have to have a small array of fd's, not a single one. Jeremy. (This used to be commit b06862e2de8d3bafbc10a9807501ef5bf148a61c)
2002-06-03Move session gathering routine back into session.c so it can be called eitherJim McDonough2-53/+53
in RAP or RPC environment. (This used to be commit 3eec0d64c7c4592d4f0d74108fb0be2b7a22bde6)
2002-05-31Removed some unused variables - tidy up some formating, add struct toJeremy Allison2-193/+190
client state to implement smb signing - this is a test at present. Jeremy. (This used to be commit a234e303558a25c4ea26b7f6788006e4fee651bf)
2002-05-26Add support for NTLMv2 (tested!) with NTLMSSP.Andrew Bartlett1-17/+49
The problem was the NTLMv2 uses extra data in order to make reply/lookup more difficult. That extra data includes the hostname, and the domain. This matches Win2k (sort of) by sending this information. Win2k connects with LMCompatibilityLevel=5 without a problem. We can change the negotiation bits if we want, this should allow us to make NTLMv2 the default for other clients as well. Some of the extra #defines were found in the squid source. Andrew Bartlett (This used to be commit 17a5f67b3d1935baf6197ae967624eb847b66ac8)
2002-05-25Clean up a few unused functions, add a bit of static etc.Andrew Bartlett1-1/+1
Importantly: The removal of the silly 'delete user script' behaviour when secuity=domain. I have left the name the same - as it still does the (previously documented, but not in smb.conf(5)) sane behaviour of deleting users on request. When we decide what to do with the 'add user' functionality, we might rename it. Andrew Bartlett (This used to be commit cdcfe3671eb7570e15649b77f708e6579055e7bc)
2002-05-24Remove the password length paramater from cli_full_connection - it reallyAndrew Bartlett1-1/+1
didn't make any sense, and its was always just strlen(password) anyway. This fixes it to be strlen(password)+1 Andrew Bartlett (This used to be commit c205b18bd6b9b69200ff3db55f2c641631d4ab40)
2002-05-24If we don't do the select don't do the recvfrom.Jeremy Allison1-0/+1
Jeremy. (This used to be commit f536ec62242c5c644e03afa19f4a3ebedf36f80d)
2002-05-24Fixed silly typo that causes receive_local_message to loop - caused byJeremy Allison1-1/+1
my removal of the goto. Oops ! Jeremy. (This used to be commit 4d3679e03e0c30602b1345cbf2fbf8587dff1f26)
2002-05-22Merge of bugfixes from 2.2.Jeremy Allison2-6/+8
Jeremy. (This used to be commit 5c8351228c55f2403214351f6fd16fe231aee917)
2002-05-22Fix for strangeness in Linux 2.0.x select return.Jeremy Allison1-0/+14
Jeremy. (This used to be commit 490b95a35d1e2ccd3b80db5cfcf7b9804901d36e)
2002-05-22Remove horrid goto.Jeremy Allison1-10/+5
Jeremy. (This used to be commit 7e6db250804e51ce0883b972831da455d389cdcd)
2002-05-22Cleanups!Andrew Bartlett1-1/+1
Make some code static, add some const to the PAM code, and make the plaintext password code actually function - particulary without the requirement to modify the 'struct passwd' (which it assumed was made up of fstrings) This kills some particularly ugly code in lib/util_pw.c Andrew Bartlett (This used to be commit 302dad4990ba5194f072e435465d9adaa089ae06)
2002-05-22Merge of receive_local_message fix from 2.2.5.Jeremy Allison4-51/+35
Jeremy. (This used to be commit d4dbb9cb1338332bda3651dc4b86abcf47e9c2d2)
2002-05-21Tricky fix. If we were waiting for an oplock break response message fromJeremy Allison1-0/+11
another smbd and an incoming SIGUSR1 message arrived we'd break out of the wait early - as we have to use sys_select() to wait for an oplock response message, not sys_select_intr() (which ignores EINTR errors) because of the real time signal kernel interface. Jeremy. (This used to be commit 3bb26957e3e7fb5059d21115546d189eaca34646)
2002-05-20Stop smbd looping when hide unreadable is true and .. is unreadable.Jeremy Allison1-65/+72
Jeremy. (This used to be commit fda7a11b093315a77ca1199119b5421a029ee883)
2002-05-20Merge from 2.2.Jeremy Allison2-2/+3
Jeremy. (This used to be commit 174df5d914b149e52bf260e6502f2436c2720958)
2002-05-19Spelling fix.Tim Potter1-1/+1
(This used to be commit 37f1cd013da073ca23fd9b16ee8cfbf9a3e6cbd9)
2002-05-18A few things in this commit:Andrew Bartlett3-26/+36
cleanup some of the code in net_rpc_join re const warnings and fstrings. Passdb: Make the %u and %U substituions in passdb work. This is done by declaring these paramters to be 'const' and doing the substitution manually. I'm told this is us going full circle, but I can't really see a better way. Finally these things actually seem to work properly... Make the lanman code use the pdb's recorded values for homedir etc rather than the values from lp_*() Add code to set the plaintext password in the passdb, where it can decide how to store/set it. For use with a future 'ldap password change' option, or somthing like that... Add pdb_unix, so as to remove the 'not in passdb' special cases from the local_lookup_*() code. Quite small, as it uses the new 'struct passwd -> SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd) Other: Fix up the adding of [homes] at session setup time to actually pass the right string, that is the unix homedir, not the UNC path. Fix up [homes] so that for winbind users is picks the correct name. (bad interactions with the default domain code previously) Change the rpc_server/srv_lsa_nt.c code to match NT when for the SATUS_NONE_MAPPED reply: This was only being triggered on no queries, now it is on the 'no mappings' (ie all mappings failed). Checked against Win2k. Policy Question: Should SID -> unix_user.234/unix_group.364 be considered a mapping or not? Currently it isn't. Andrew Bartlett (This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)
2002-05-17Make --with-ldapsam 'go away'. This is now a standard, stable, featureAndrew Bartlett1-3/+6
and there is no real reason for it to depend on more than the abilty to compile the code. (This used to be commit 64aaec137e39595e6e61b55eb525615683a1393c)
2002-05-17Check paramters for NULL.Andrew Bartlett1-0/+4
(This used to be commit 078e81530e9bc4e5f0b8e18aff0488386bce29a5)
2002-05-17This removes --with-ssl from Samba.Andrew Bartlett4-317/+0
This option was badly maintained, useless and confused our users and distirbutors. (its SSL, therfore it must be good...) No windows client uses this protocol without help from an SSL tunnel. I can't see any reason why setting up a unix-side SSL wrapper would be any more difficult than the > 10 config options this mess added to samba in any case. On the Samba client end, I think the LIBSMB_PROG hack should be sufficient to start stunnel on the unix side. We might extend this to take %i and %p (IP and port) if there is demand. Andrew Bartlett (This used to be commit b04561d3fd3ee732877790fb4193b20ad72a75f8)
2002-05-17Get the sco boxes compiling again - use the sys_ intefaces for all the dl*Andrew Bartlett2-2/+2
funcitons. (This used to be commit c37c1e39253d9d21f8ab38ab8d24f7e787008596)
2002-05-16Fix bug where creating a file and setting a security descriptor atomicallyJeremy Allison1-47/+68
that only contains an "everyone" DACL doesn't apply this to user and group entries also. Jeremy. (This used to be commit 2f67f39d219bbe110d52ed2680fd8ac57946756f)
2002-05-14Removed lp_strip_dot code - ensured that mangling code treats names endingJeremy Allison3-32/+45
in '.' as invalid long filenames (special treatment for '.' and '..' which are valid - yes Andrew I did this without strlen :-) :-). Jeremy. (This used to be commit 3180d8ba4ace9417033039d61d04c255da6f6a01)
2002-05-13Fix bug where setting end of file length to 8 was hitting erroneousJeremy Allison1-0/+4
check for OS/2 EA set. This caused Macromedia movie files to not export correctly onto a Samba share. Originally spotted by Michel Stoop stoop@ncg.nl. Jeremy. (This used to be commit 6b4affde167104c760bd8dc3c8906511a7642853)
2002-05-09Sync'ing SAMBA_2_2 with HEAD.Shirish Kalele1-8/+15
(This used to be commit d926cc989690684ec4799ebb3a3a01e8d4173de6)
2002-04-29Fix build farm bug.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 459f8634c1ced78abda30f1d5b7888f428aade6b)
2002-04-29Added 2.2.x mangle fix to old mangle code in HEAD.Jeremy Allison1-2/+1
Jeremy. (This used to be commit a7768b9b6fa7522d6afebc43f41a495b8d8ab961)
2002-04-24smbd/fileio.c: debug changes so read/write/seek calls can be logged for ↵Jeremy Allison1-382/+393
name, pos, size easily. Might help with access problem. Jeremy. (This used to be commit e08d72b3271ae1b155a59ae82acf9d619c22c81f)
2002-04-24move to the FNV1 hash alghorithm seem goodSimo Sorce2-4/+15
the test revealed 15 collision with 1 Million long file names :-) Simo. (This used to be commit 77dc498b6f0c435f082eb2d934920d3f3bef0b65)
2002-04-24patch from Alexander Bokovoy needed for dlopen on bsd systemsAndrew Tridgell1-2/+11
(This used to be commit 38fd99e84176106ed700f637e9292d2a4c1385b4)
2002-04-24made a couple of variables staticAndrew Tridgell1-3/+4
(This used to be commit fb6ce175d479e5bddc239595320f5dc245ac2ec6)
2002-04-23When doing a non-io open the stat failing is no cause for a debug zeroJeremy Allison1-2/+6
to be printed, it just means file not found. Jeremy. (This used to be commit 25dea499b82da5e84412bf10781adbd240aa46f0)