summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2001-01-04Changes from APPLIANCE_HEAD:David O'Neill3-2/+22
source/Makefile.in - changes to ctags and etags rules that somehow got lost along the way. source/include/proto.h - make proto source/smbd/sec_ctx.c source/smbd/password.c - merge debugs for debugging user groups and NT token stuff. source/lib/util_str.c - capitalise domain name returned from parse_domain_user() source/nsswitch/wb_client.c - fix broken conditional in debug statement. source/include/rpc_secdes.h source/include/rpc_spoolss.h source/printing/nt_printing.c source/lib/util_seaccess.c - fix printer permission bugs related to ACE masks for printers. This adds mapping of generic access rights to object specific rights for NT printers. Still need to work out whether or not to ignore ACEs with certain flags set, though. See comments in util_seaccess.c:check_ace() for details. source/printing/nt_printing.c source/printing/printing.c - use PRINTER_ACCESS_ADMINISTER instead of JOB_ACCESS_ADMINISTER until we sort out printer/printjob permission stuff. (This used to be commit 1dba9c5cd1e6389734c648f6903abcb7c8d5b2f0)
2000-12-19Fixed bug found by Gerald. If a Samba server joins a domain and is setJeremy Allison1-4/+18
to search for a DC to authenticate to using the "*" syntax than ensure that for the first hour after the password change is searches for the PDC using the 1B name not the 1C name as domain replication may not have occured. Jeremy. (This used to be commit c25533de9918ed9b0c79fd039e11d1b79f513db0)
2000-12-19Split set_nt_acls into owner set (which uses chown) and permission setJeremy Allison1-94/+109
(which currently uses chmod) in preparation for ACL creation. Jeremy. (This used to be commit 0f39895ab007a7300aed6c011c487593ee8c91f0)
2000-12-19Split the one sys_acl_free call into sys_acl_free_TYPE calls, to allowJeremy Allison1-3/+3
easier wrapping of non-POSIX ACL interfaces. Jeremy. (This used to be commit 1a31b4eb082b23d60e3d9040b3c0110eef1f9385)
2000-12-18Fix typos in new group sid check.Jeremy Allison1-2/+2
Jeremy. (This used to be commit c48e95297e63c8b6f0c6686e5bcfa52229710dbc)
2000-12-16Fixed chown/chgrp setting from smbcacls.Jeremy Allison1-0/+2
Jeremy. (This used to be commit 43ca0d991cc6489be16722a7ea89e01a42f2ca2f)
2000-12-15Fixed memory leaks in lsa_XX calls. Fixed memory leaks in smbcacls. MergedJeremy Allison1-0/+9
in fixes from appliance-head and 2.2. Fixed multiple connection.tdb open problem. Jeremy. (This used to be commit 0a40bc83e14c69a09948ec09bb6fc5026c4f4c14)
2000-12-12Fixed bug noticed by JF. se_access_check needs user SID as first in token.Jeremy Allison1-10/+23
Jeremy. (This used to be commit f0d7867801e3f78bfc55fdb36ca965e35457f51b)
2000-12-12Fixed processing of dfree script (was truncating).Jeremy Allison1-2/+0
Jeremy. (This used to be commit 1e719a807669876b4d11f4653e9712f25fcba20b)
2000-12-12Compile fix for new arg to create_nt_token()Tim Potter1-1/+3
(This used to be commit 806185ca8cc8d28f16745a1db9427f52eb8d22e4)
2000-12-12Removed the special casing of SIDs in se_access_check. This is now done ↵Jeremy Allison2-10/+34
(correctly) when the NT_USER_TOKEN is *created*. Jeremy. (This used to be commit 27d72ed1cf8ece2bede812341279ba5a7262ace4)
2000-12-12Sorry Gerald, I think the original code was better (plus safer as I'm sureJeremy Allison1-7/+10
it's working :-). Jeremy. (This used to be commit e18c104ee35d00dcbe2e73e6c9699300a3947364)
2000-12-12Extra part of fix that Gerald missed (sorry).Jeremy Allison1-1/+1
Jeremy. (This used to be commit ebf754400f443452948020d68e29f597f1b2d60c)
2000-12-11subtle bug where files which missed the stat_cache but were addedGerald Carter1-10/+7
to the cache during the look returned a blank stat struct. Made weird occurrences such as... $ smbclient //pogo/print$ smb:\ > cd w32x86 ERROR: Invalid path smb:\ > cd w32x86 smb:\w32x86\ > (This used to be commit 8938dc183112b039c21a5a0beadb60068a8c5b00)
2000-12-11Fix for short names not being returned correctly with non-mangled shares.Jeremy Allison1-1/+2
Jeremy. (This used to be commit bcf0a5c316ee8cf333d9d838b041e44a11cb5f1b)
2000-12-11Fixed very subtle bug returning correct error on an open, when we haveJeremy Allison1-8/+22
a choice of invalid share mode and access denied. We must return the access denied by preference, but also remember to break the oplocks... This is needed for multi-user MS-Access. Jeremy. (This used to be commit 7eb7241442ea0f1e065b009c3cccd5821b89a8b6)
2000-12-08Fixed compiler warning.Jeremy Allison1-2/+2
Jeremy. (This used to be commit e6a1a1e444631f0d674f33b5b8d1d71435de0511)
2000-12-08Added OLD_NTDOMAIN to remove warnings about undefined functions.Jeremy Allison3-0/+6
Jeremy. (This used to be commit f4c32a75e6e60eae6078449478d04ff22373d817)
2000-12-08Removed unused auto (IRIX compiler warning).Jeremy Allison1-2/+1
Jeremy. (This used to be commit 63e2ebc4272cd8bc52ea80e1e12996ab273b8ea4)
2000-12-08Fixed *very* subtle statcache bug where invalid stat state could beJeremy Allison1-1/+2
being used if last component lookup failed, but was found in the directory scan. Jeremy. (This used to be commit 7055fa0bc43f6e2b3f04b8901fccea80d59bf490)
2000-12-07Fixed bug with Win9x/ME where drivername was being returned incorrectly inJeremy Allison1-36/+46
one printq case. Now goes though common function. Jeremy. (This used to be commit e9f48c9cec960b6190fb7a2485c9476640863071)
2000-12-07file_lines_load/file_lines_pload can now optionally convert unix_to_dos()Jeremy Allison4-6/+6
on read. Jeremy. (This used to be commit 76b8dd376d13eb4469417be217c966d54d333367)
2000-12-07Working code to read POSIX ACLs on a Linux system using the bestbitsJeremy Allison1-38/+61
ACL patch from http://acl.bestbits.at/. configure support needs more work (just assumes correct headers at the moment). ACL writing needs adding. Jeremy. (This used to be commit 6ae63e502e6adf3666a34aa87860c74e106fdb84)
2000-12-06Cause smbd to use the new posix_acls code, not the old unix_acls code.Jeremy Allison1-61/+47
Currently does exactly the same thing (returns ACLs the same way). This code is written to try and get a POSIX ACL via the abstract sys_XX interface, then fall back to providing a UNIX based ACL if the calls fail. Seems to work. Next step is to add a --with-posix-acls to configure.in and then check on a POSIX ACL system that a complex ACL is returned correctly as an NT ACL. Note that the ACL set (a more complex problem) is not addressed yet. Jeremy. (This used to be commit 4339e20202a876dbadc07980b731f711463b7299)
2000-12-06Print debug if domain_client_validate() cannot fetch the trust accountTim Potter1-1/+2
password (say for example if the tdb file format has changed). (-: (This used to be commit 447fbb38a857a7e97cf2a99022576521c71a4512)
2000-12-06Make smbd/posix_acls.c use abstract interface.Jeremy Allison1-11/+10
include/smb_acls.h lib/sysacls.c: Added as interface definitions. Jeremy. (This used to be commit 8359375bba5b3ae24956f66b066dedf11d3583df)
2000-12-06Fixed compiler warning.Tim Potter1-2/+2
(This used to be commit 5e81151e53300a8c58adca09d02d0b075a13c322)
2000-12-06Moving to abstract API interface (sys_get_acl() etc.) to allow systemJeremy Allison1-42/+42
specific ACL calls to be dealt with elsewhere. This file will eventually be able to replace the old UNIX acl interface. Jeremy. (This used to be commit b27cac77628a4b332b529115b0854c71f9eea374)
2000-12-04Remove C++ style commentsDavid O'Neill1-1/+1
(This used to be commit 80c192244fdb07e8e9cf4c0376bbea60dde244a0)
2000-12-01Code to read & return POSIX ACLs as NT ACLs. Close to test on Linux.Jeremy Allison1-74/+95
Jeremy. (This used to be commit 52e9311bc2a837d1f4791f36c3477c430f841378)
2000-11-30Keep syncing up POSIX ACL work...Jeremy Allison1-110/+111
Jeremy. (This used to be commit 8f0062b873b2f4e8b27bb937ad213c4aa29443a7)
2000-11-30Work in progress, doesn't compile. Adding the POSIX ACL mapping....Jeremy Allison1-22/+198
Jeremy. (This used to be commit bcac4ede7608a91643f5fcd034f6b273a45b5c7a)
2000-11-28include/dlinklist.h: Added '{' '}' around DLIST_PROMOTE so it can be used as ↵Jeremy Allison1-60/+81
a single statement after an 'if'. Tracking this down took 4 hours from my life and ANDREW I WANT THEM BACK !!!!! :-). include/smb.h smbd/password.c: Fixed the bug veritas reported with realloc of the validated_users array growing without bounds. This is now a linked list as god (Andrew) intended :-). Jeremy. (This used to be commit 346f2f9206b9b4ed123e2a61c0a48de630397b8a)
2000-11-27passdb/secrets.c passdb/smbpassfile.c smbd/server.c : Actually *use* the codeJeremy Allison1-0/+5
written to transition from an old DOMAIN.MACHINE.MAC file to secrets.tdb. printing/nt_printing.c: Fix case insensitive name lookups for driver files. John - this should fix the Win9x/WinME problem correctly. Jeremy. (This used to be commit 8f3332a9acf413ac5d12053ca5c52733a4e946cc)
2000-11-27Fixed messaging so main smbd can get lib/message.c messages.Jeremy Allison1-0/+8
Jeremy. (This used to be commit 349d58fb5758cebc5a8575f80103150b8cd0a080)
2000-11-27Removed unnessesary init.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 2a797f9aa26b2d0c703b9d67f6e1ec97e4f408d2)
2000-11-24This should fix Office failing to print to "FILE:".Jeremy Allison1-3/+3
Jeremy. (This used to be commit a08b08f7782234f26b2656a229007a411c6fb521)
2000-11-22Free talloc'ed memory from the main smbd. Patch from Rich Bollinger, Elliott ↵Jeremy Allison1-0/+3
Company Jeremy. (This used to be commit e041b144b2c7c6c9fdd6cd20256a197876aaf353)
2000-11-21Don't forget to convert into UNIX character set before callingJeremy Allison1-1/+1
winbindd. Jeremy. (This used to be commit 00cd72c385f1e5d075dbacf834b68769b5ac38f3)
2000-11-21combined 2 if statments which used the same conditionGerald Carter1-3/+5
-- jerry (This used to be commit 445fd1dbd8bb93f56f20b5dd9e9d5b018147b21d)
2000-11-21Fix for off-by-one StrnCpy.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 63cafb34b39443d03d17ae01b47adc0926b05fe2)
2000-11-21Fix for updating of print queues changed from a local box. Essentially,Jeremy Allison2-5/+10
this makes sure that the change messages sent to ourselves are handled synchronously w.r.t. other smb packets incoming. Jeremy. (This used to be commit 78a13074455618308d048d1c69f62e660988eb90)
2000-11-17we don't need the separate lp_status() connection records any moreAndrew Tridgell1-12/+0
(This used to be commit 209e20365e562371aafafea301b4ffecc3d4c3ed)
2000-11-17fixed the problem with messages not getting throughAndrew Tridgell2-36/+27
the problem had nothing to do with being your own pid, it was instead a problem with IPC$ connections not being registered in the connections database and an incorrect test for -1 in the messaging code. These changes also mean that IPC$ shares now show up in smbstatus. That is probably a good thing. (This used to be commit 3575ad10985a18f897e38179ca69fa9a49a7ea02)
2000-11-16Fix from Jim McDonough @ IBM for OS/2 clients.Jeremy Allison1-0/+10
Jeremy. (This used to be commit f571e1efd01c7b1b500a833df3bd074a8c4c65ec)
2000-11-16Ok - fixed a bug in our levelII oplock code. We need to break a level II onJeremy Allison7-104/+220
a byte range lock (write lock only, but Win2k breaks on read lock also so I do the same) - if you think about why, this is obvious. Also fixed our client code to do level II oplocks, if requested, and fixed the code where we would assume the client wanted level II if it advertised itself as being level II capable - it may not want that. Jeremy. (This used to be commit 213cd0b5192307cd4b0026cae94b2f52fb1b0c02)
2000-11-14Merge from appliance head of JR's changes for driver versioning.Jeremy Allison4-73/+141
Jeremy. (This used to be commit cdbd2e99775642dc2e92004be9014bf38a92d80f)
2000-11-13Large commit which restructures the local password storage API.Gerald Carter6-156/+168
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
2000-11-08More merging of printing stuff from appliance.Tim Potter1-3/+3
(This used to be commit 18fa724a7969666dd5aa176af187054abc94bfd3)
2000-11-06Added a VFS version return to init call. Allows smbd to fail an init ifJeremy Allison2-8/+16
versions don't match. Jeremy. (This used to be commit d0fbb4f5d999abade8930cc6fff231a2af6cccfb)