summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2002-08-05This fixes a number of ADS problems, particularly with netbioslessAndrew Tridgell3-5/+18
setups. - split up the ads structure into logical pieces. This makes it much easier to keep things like the authentication realm and the server realm separate (they can be different). - allow ads callers to specify that no sasl bind should be performed (used by "net ads info" for example) - fix an error with handing ADS_ERROR_SYSTEM() when errno is 0 - completely rewrote the code for finding the LDAP server. Now try DNS methods first, and try all DNS servers returned from the SRV DNS query, sorted by closeness to our interfaces (using the same sort code as we use in replies from WINS servers). This allows us to cope with ADS DCs that are down, and ensures we don't pick one that is on the other side of the country unless absolutely necessary. - recognise dnsRecords as binary when displaying them - cope with the realm not being configured in smb.conf (work it out from the LDAP server) - look at the trustDirection when looking up trusted domains and don't include trusts that trust our domains but we don't trust theirs. - use LDAP to query the alternate (netbios) name for a realm, and make sure that both and long and short forms of the name are accepted by winbindd. Use the short form by default for listing users/groups. - rescan the list of trusted domains every 5 minutes in case new trust relationships are added while winbindd is running - include transient trust relationships (ie. C trusts B, B trusts A, so C trusts A) in winbindd. - don't do a gratuituous node status lookup when finding an ADS DC (we don't need it and it could fail) - remove unused sid_to_distinguished_name function - make sure we find the allternate name of our primary domain when operating with a netbiosless ADS DC (using LDAP to do the lookup) - fixed the rpc trusted domain enumeration to support up to approx 2000 trusted domains (the old limit was 3) - use the IP for the remote_machine (%m) macro when the client doesn't supply us with a name via a netbios session request (eg. port 445) - if the client uses SPNEGO then use the machine name from the SPNEGO auth packet for remote_machine (%m) macro - add new 'net ads workgroup' command to find the netbios workgroup name for a realm (This used to be commit e358d7b24c86a46d8c361b9e32a25d4f71a6dc00)
2002-08-02Merge of print notify fixes from APPLIANCE_HEAD.Tim Potter1-0/+5
(This used to be commit 7bf9ca6ca36fa319a57eab05567d49a003237bb5)
2002-08-01Fixed compiler warning.Tim Potter1-1/+1
(This used to be commit 81322f4d63095d828be7983eb4b47775abe8d33f)
2002-08-01make sure we null terminate plaintext passwordsAndrew Tridgell1-1/+1
(This used to be commit cf2abf677ed9942d841ef61ffb2565244c8979ac)
2002-07-31Rework parinioa to ensure we never get passwords longer than MAX_PASS_LEN, norAndrew Bartlett1-18/+11
longer than the buffer they claim to be in. Many thanks to tridge for explaining the macros. Andrew Bartlett (This used to be commit 3efd462bf2f1ed50c108c2b8ddecc461d002745d)
2002-07-31fixed the length checking for plaintext passwords (thanks to andrewbAndrew Tridgell1-2/+11
for spotting this) (This used to be commit d4c905e5a0a67c8e01a4fcf78aa992a3b7beff02)
2002-07-31fix debug, at idra's suggestion.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit bc17b91c2f1a1df58614b67bff94f228be6b9bb2)
2002-07-31added support for smbd listening on port 445 and 139. It now listensAndrew Tridgell1-45/+80
on both by default, and you can specify a list of ports to listen on either with "smb ports = " in smb.conf or using the -p option to smbd. this is needed for proper netbiosless operation. (This used to be commit 5dee0a7b5e0fcb298a9d36661c80e60d8b9bcc3a)
2002-07-30this fixes plaintext passwords with win2000Andrew Tridgell2-5/+8
there were 2 bugs: 1) we were sending a null challenge when we should have sent an empty challenge 2) the password can be in unicode if unicode is negotiated. This means our client code was wrong too :( (This used to be commit 1a6dfddf6788b30fc81794b1bfe749693183b2c1)
2002-07-30always include the (void) for void fns ...Andrew Tridgell1-1/+1
(This used to be commit deff1f96232b328fb5f5bb49a23eb4cda11fd330)
2002-07-30OK!Simo Sorce2-40/+130
Finally the cascaded VFS patch is in. Testing is very welcome, specially with layered multiple vfs modules. A big thank to Alexander Bokovoy for his work and patience :) Simo. (This used to be commit 56283601afe1836dafe0580532f014e29593c463)
2002-07-30Update a pile of Samba's SID lookup code to ensure:Andrew Bartlett1-35/+39
- That we never call winbind recursivly - That we never use an 'algorithmic' RID when we have a fixed uid or gid mapping in either the passdb or the group mapping db. Also, remove restrictions that say 'this domain only'. If we have a mapping configured, allow it to be returned. If we later decide certian mappings are invalid, then we sould put that in the code that actually does the map. Allow 'sid->name' transtations on the fixed 'well known' groups for NT, even if they are not represented by Unix groups yet. Andrew Bartlett (This used to be commit d5bafb224337e393420c2ce9c0a787405314713c)
2002-07-29introduced a get_file_size() macro in trans2.c to make it easier toAndrew Tridgell1-19/+21
experiment with file size returns (This used to be commit c529cee0b2925184376e3a14e83fa99b3636d4ce)
2002-07-29an initial fix for handling sparse files in smbdAndrew Tridgell3-72/+111
This gets my test code working, where we previously failed with files above 20G in size. I'm still not completely happy with this. There are just too many fields in trans2.c that we don't fill in. (This used to be commit 7dfdb456d4c9bcf6ecb1f7e5c5e79989f95e5627)
2002-07-29as suggested by Alexander Oswald <oswald@is.haw-hamburg.de>Simo Sorce1-4/+4
hide only unwriteable files and not dirs with this one. may be a hide unwriteable dirs param will follow. (This used to be commit 161dd6d963ea1c11891278af2483c925e508767e)
2002-07-28found nasty bug in intl/lang_tdb.c tdb structure was not tested to not be ↵Simo Sorce1-1/+1
null before close this one fixes swat not working with browsers that set more then one language. along the way implemented language priority in web/neg_lang.c with bubble sort also changet str_list_make to be able to use a different separator string Simo. (This used to be commit 69765e4faa8aaae74c97afc917891fc72d80703d)
2002-07-28minor portability fixAndrew Tridgell1-0/+2
samba-patches 820 (This used to be commit ea0a12fb60791553109f732079d971987538abd6)
2002-07-28Fix a missing 'no memory' return in last night's svrsvc code, and useAndrew Bartlett1-3/+3
sys_dup2() in a couple more places. Andrew Bartlett (This used to be commit e69b476626c802b1e1920f241733d0dd6d06a06e)
2002-07-28Another item off my long-term todo list:Andrew Bartlett1-23/+47
Remove the n^2 search for valid 'tty' names from the sesion code when we don't actually need it. Its main value is in getting 'well behaved' numbers for use with utmp, so when we are not doing utmp we don't need this to get in the way. Andrew Bartlett (This used to be commit 50507e131dac19485a2561f3448da7334e357f50)
2002-07-27This should fix a nastly little bug where if a user had already done oneAndrew Bartlett2-9/+14
session setup, it would not correctly pick up the [homes] share on a subsequent session setup. The new rules are: If you want to connect to [homes], then it must have been available at session setup time, or you must be in security=share. At each session setup, the user's copy of [homes] is updated to ensure it has the right path etc. Andrew Bartlett (This used to be commit 5d2c7816a3ea02a67c5b501626d91d43557e9dd9)
2002-07-27nice day todaySimo Sorce1-0/+69
add also hide unwriteable as per user request (This used to be commit e6b38a881b67af5365f84e52f9cd6dcfec82bf2f)
2002-07-26Mimir has been busy with patches again, and sent in the followingAndrew Bartlett1-1/+1
patches: Andrew Bartlett From his e-mail: Below I attach the following patches as a result of my work on trusted domains support: 1) srv_samr_nt.c.diff This fixes a bug which caused to return null string as the first entry of enumerated accounts list (no matter what entry, it was always null string and rid) and possibly spoiled further names, depeding on their length. I found that while testing my 'net rpc trustdom list' against nt servers and samba server. 2) libsmb.diff Now, fallback to anonymous connection works correctly. 3) smbpasswd.c.diff Just a little fix which actually allows one to create a trusting domain account using smbpasswd 4) typos.diff As the name suggests, it's just a few typos fix :) (This used to be commit 888d595fab4f6b28318b743f47378cb7ca35d479)
2002-07-24If lp_add_home() fails, don't go any further, just return -1.Andrew Bartlett1-1/+3
Andrew Bartlett (This used to be commit 2febc7ce1aa6b01ec68bd007ce0286813dff301d)
2002-07-24We must be root to access the passdb, so ensure all calls to local_lookup_sid()Andrew Bartlett1-1/+5
have become_root()/unbecome_root() wrappers. (this should be the last of them, the rest were done ages ago). Andrew Bartlett (This used to be commit 83360b211a7e834306d3e549c18bc41576534417)
2002-07-24Give an idea what service didn't have the directory.Andrew Bartlett1-1/+1
(This used to be commit 0229f610a8cf9e82618cc6850a431ac89ffc7630)
2002-07-21Add some const & static, remove unused functions.Andrew Bartlett2-24/+1
(This used to be commit 993ee671cc11a95d0d0aa6d60883e03bb473290d)
2002-07-20Make it clear that the 'service' isn't to be touched. (Make it const).Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 6465c6727be15cd2e915710bdc3e2f4244ad2083)
2002-07-20Update the smbd reply code a little:Andrew Bartlett2-5/+25
I don't like the idea of muliple netprots - becouse I see potential problems with people being able to maniplate internal samba variables. This applies in particular to remote names, so don't allow muliple session requests either. Also remove a pstrcpy() from the tcon code, we really don't need it. Andrew Bartlett (This used to be commit 2afa291404cfd8dae11120e5e470c38ba067c4b2)
2002-07-20Move some startup time initialisation to server.c, so it is all in one place.Andrew Bartlett2-11/+11
I'm not sure that we need that "dummy" talloc init, but anyway... Also, add some 'const' to the table of smb reply functions. Andrew Bartlett (This used to be commit 790b7c9ab82f930da66426e7a932d7365bd27725)
2002-07-20Add support for duplicating stderr into our logfiles.Andrew Bartlett1-8/+8
This is for two things: To allow panic actions etc to pump out backtraces to stderr and to allow vangrind to put its stuff in a logfile - making it possible to debug smbd when launched from inetd. I've also cleaned up some of the duplicate names in procedures between smbd and nmbd. Andrew Bartlett (This used to be commit 4bcb32731984b4aef1d4911a168a4e7a10d32fd4)
2002-07-19Allow trans2 and nttrans messages to be processed in oplock break state.Jeremy Allison2-5/+7
As noticed by Lev Iserovich <lev@ciprico.com> this seems to fix a problem with oplock breaks and Win2k, and we are protected from problems by existing code in trans2.c and nttrans.c Jeremy. (This used to be commit e3f7d6c03f100962395763a5066313d60b4761d0)
2002-07-19Formatting fixup. Fix shadow warning.Jeremy Allison1-452/+455
Jeremy. (This used to be commit beb298898d5700dcd775ee3b1f1965e67214e9e5)
2002-07-18Don't crash on setfileinfo on printer fsp.Jeremy Allison1-1/+2
Jeremy. (This used to be commit 3a9ceb6b3b915d3153d9cb107f447b13002c0f57)
2002-07-18Unneded extra check on lenSimo Sorce1-1/+1
(This used to be commit e3b3c148208792ac2ccbfd468ad580b1264f9876)
2002-07-18We have to look at the length before checking for "~" as the stringJeremy Allison1-3/+3
may be shorter than 6 chars. Caught by valgrind. Jeremy. (This used to be commit b846bbfa831922b0be52e54804a46d7870895bfc)
2002-07-18Use of uninitialized variable caught by valgrind.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 44410af397c386f58067679012856150b07b47e8)
2002-07-17Gone back to explicit queue number passing as snum - removed encoding ofJeremy Allison5-20/+29
queueid in job number. This means we must have an internal tdb to store mapping from 16 bit RAP jobid's to 32 bit RPC jobids. Jeremy. (This used to be commit 4ff64f69706cc94d5dba7762754d00790c476963)
2002-07-17Lanman print jobs are *16* bits, not 32. arggggh. Map them....Jeremy Allison2-9/+9
Jeremy. (This used to be commit 2b06fd305be10fa8a8629adb4a99ccd3960786da)
2002-07-15enum_group_mapping takes an enum not an intAndrew Tridgell1-1/+1
(This used to be commit 67a3ca2f235e011472dbe505ce7c34b26f92c44c)
2002-07-15fixed a call to get_current_groups()Andrew Tridgell1-1/+1
(This used to be commit 61c524e8102d4f5cdcf7c949b55b5dc67a320c74)
2002-07-15fixed a problem with getgroups() where it could include our currentAndrew Tridgell2-13/+28
effective gid which could mean that the user gets group 0 in their group list for acl interpretation this is a replacement fix for the one richard did in 2.2 (which didn't cope wiith variable behaviour depending on which nss module was in use) (This used to be commit cfc5ca3416cea5ea5d2ac34f5521cb6367e42cd2)
2002-07-14Move nttrans.c into the NTSTATUS age.Andrew Bartlett1-41/+29
This could do with another eye looking over it, but it seems to work. Andrew Bartlett (This used to be commit e6746db60daa4a61a3ed4302e4105345984af6ac)
2002-07-11last check in for tonight.Gerald Carter1-1/+1
* DeletePrinterDriverEx() now has the ability to delete driver files. I need to do some more testing tro veriofy that we are in fact not deleting a file out from under another driver, but it looks ok so far. * DeletePrinterDriver() noiw deletes all versions of the specified driver (cversion == 0, 1, 2, 3) (This used to be commit 17bb780e1327663fa2fcd6a3cb25dd461a29c537)
2002-07-11*Experimental* new large-scaling printer code. Splits printing.tdb intoJeremy Allison1-0/+2
a separate tdb per printer, but only keeps (currently one) tdb open at a time (although this is easily changed by changing a #define). Needs scalability testing with large numbers of printers now.... Jeremy. (This used to be commit b0909cfa14fc7ef29d2b98b56d52723570da782a)
2002-07-08Kill off const warnings - add a pile of const to various places.Andrew Bartlett2-3/+3
(This used to be commit 1de04ec4735c19ec21cdef6e679cea17c734c5f6)
2002-07-08Fix const warningAndrew Bartlett1-1/+1
(This used to be commit 3d2f0635ed060fca0fa97c97ef850e57641aef19)
2002-07-07Updates to the 'name -> sid' code:Andrew Bartlett1-3/+3
Correct the 'none mapped' behaviour, (so that it matches Win2k) and add a function to make the SID types appear as text strings in logs/rpcclient. Also, remove a silly case that would cause 'failure' to be 'success'. (Might look at this a bit more in future). Andrew Bartlett (This used to be commit c20d057f8821d13d3de61b319de44db23773516b)
2002-07-04Fix from Andrew Esh for coredump...Jeremy Allison1-8/+11
Jeremy. (This used to be commit aad40894404d000b925024e2f63977f87ecb5a6b)
2002-07-04Always free_conn() after all the DEBUG()s etc.Andrew Bartlett1-3/+3
(This used to be commit 06529c0433bf75790aad27dd3cecf7005612c694)
2002-07-03first cut at implementing support for browsing printer and driver driverGerald Carter1-0/+3
via regedt32.exe. The regsitry.tdb is only a framework. It is not intended to store values, only key/subkey structure. The data will be retrieved from nt*tdb (for printers) creating a virtual view of the data. You can currently connect to a Samba box using regedt32.exe (haven't tried regedit.exe). Some basic keys are created in registry.tdb for use. There are two problems.... * something is getting freed in the winreg code that causes heap corruption later on. As long as you don't play with the winreg server functionality, I don't think you'll be bitten by this. * no access controls are currently implemented * I can't browse HKLM because regedt32 greys out the SYSTEM subkey. ok so that was three.... (This used to be commit 542d3c93a998083c07b2afa91a7c927c376caf54)