summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
1999-04-01Ken McDonell from SGI was interested in adding some profilingAndrew Tridgell3-1/+16
capabilities to Samba so that Samba could talk to the SGI PCP (Performance Co-Pilot) apps. This change adds a profiling shared memory area and uses it to count two fairly trivial things, the number of uid switches and the number of SMB packets processes. To add more just edit include/profile.h and then increment it at the right place. I've also added a -P switch to smbstatus to dump the profile area. (This used to be commit ef3d61a80ad0b87c196a63ef2bd4fe8fc3863bd0)
1999-03-25SAM database "set user info".Luke Leighton4-41/+66
---------------------------- - removed DOM_RID4 - removed SAMR_UNKNOWN_32 - added SAMR_SET_USERINFO (opcode 0x32) - added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user) - fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - added mod_sam21pwd_entry() - preparing to call mod_sam21pwd_entry() - added "user session key" to user_struct.dc. this is md4(nt#) and is needed to decode user's clear-text passwords in SAMR_SET_USERINFO. - split code out in chgpasswd.c to decode 516 byte password buffers. (This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)
1999-03-19going to start adding inter-domain trust logons soon.Luke Leighton1-123/+130
(This used to be commit f9f594c03e220a0d902c5c3c5835948348b19fee)
1999-03-19Beau Kuiper: provided patch so that passwords could only be changed byLuke Leighton1-0/+8
root if the ACB_PWLOCK bit is set (on a per-user basis). he also added an extra smbpasswd option so that this bit can be modified from command-line. (This used to be commit 534fe319d9de8da2ed7e911dbba3c7df08193efa)
1999-03-12cli_setup_creds new arguments added.Luke Leighton1-1/+3
(This used to be commit 5fa3a3f710cfd3a51641d560a96bd08f92afca32)
1999-02-24Return either STATUS_BUFFER_OVERFLOW or ERRDOS/ERRmoredata depending onMatthew Chapman1-7/+10
whether the client supports 32-bit error codes. (This used to be commit cb5428308d6978f7bd76c1b878dd4a43135a274d)
1999-02-24Win9x user level security.Matthew Chapman1-0/+4
* Added SAMR_LOOKUP_DOMAIN (-> SamrLookupDomainInSamServer) * Added real SAMR_ENUM_DOM_GROUPS (corresponding to SamrEnumerateGroupsInDomain). The existing one is just an alias for SamrQueryDisplayInformation (see below). * Added three extra info levels to SAMR_QUERY_DISPINFO. Info level 3 is what was previously SAMR_ENUM_DOM_GROUPS; info levels 4 and 5 are simple user/group list requests used by Win9x and I suspect (haven't checked) the "low speed connection" User Manager. * Added another two aliases for SAMR_QUERY_DISPINFO, opcodes 0x30 and 0x33. Usually the first is with info level 3 and the second 4 but there is some overlap so indeed these should be implemented as just aliases. * Return ERRDOS/ERRmoredata on extra data instead of STATUS_BUFFER_OVERFLOW for Win95's benefit. On a named pipe this results in an SMBreadX as usual. Still need to fix SAMR_QUERY_DOMAIN_INFO which has a hard-coded number of users and groups - which Win95 proceeds to truncate at. (This used to be commit 7d03e6e21908f3a759a4e65c5edd850622335e3e)
1999-02-15Always null-terminate strings.Matthew Chapman1-3/+3
Also some string length and sizeof(pointer) corrections. (This used to be commit ce24191939b82985d09eabe945199f38b0fea486)
1999-02-12UNICODE cleanup (see lib/util_unistr.c).Matthew Chapman2-9/+8
No more ugly static library buffers and all functions take a destination string length (especially unistrcpy was rather dangerous; we were only saved by the fact that datagrams are limited in size). (This used to be commit a1d39af1ce1d451b811dbd7c2ba391214851b87e)
1999-02-11UNICODE issues.Luke Leighton1-1/+1
(This used to be commit 6a437cfb33f24913e0c1f8484c0b08ef317e513b)
1999-02-10use jeremy's versions of the UNICODE routines.Luke Leighton1-1/+1
(This used to be commit c5109ff782be8774db47a92b48ca6335ec8d6065)
1999-02-09when multiple independent large rpc calls come in on the same pipe,Luke Leighton1-1/+2
prev_pdu_file_offset was not being re-initialised to zero. (This used to be commit fcaa1214412f5a417a648d4da5c4332f75f59f57)
1999-02-08UNICODE byte ordering issue: typecast to uint16* replaced with SSVAL()Luke Leighton1-1/+1
(This used to be commit 9084b7e33dfe717bd8d5604ee71d137e3baef0f5)
1999-02-08reload_services needs to be called prior to init_files but afterLuke Leighton1-4/+4
get_myname. (This used to be commit 9ab81caa065a0e08368fc9137d42ed810fd4b817)
1999-02-03initialise my name (used in %h) prior to loading smb.conf files.Luke Leighton1-26/+15
(This used to be commit ed128c38a88746ec7822d598e72f0106a30a4af7)
1999-01-25Putting back the -p flag in smbclient.Richard Sharpe1-1/+8
However, it seems that the -s flag in smbclient is also ignored :-( (This used to be commit f6c78192664d611d4663ed7459a2789315861eec)
1998-12-14server_cryptkey() now calling cli_connectserverlist(). stupid microsoftLuke Leighton1-74/+4
idiotic *SMBSERVER connectionism added to cli_connect_serverlist(). also added check for protocol < LANMAN2. (This used to be commit c2bcb3a286f22ed4f0f55da2a3eb2bff17906fb1)
1998-12-14trying to track down issues in get_home_dir().Luke Leighton2-3/+9
(This used to be commit 2cce78aa00f31b79d51aaf46da72019b926e8226)
1998-12-08adding srvsvc pipe.Luke Leighton1-0/+1
(This used to be commit d06d6369942828ec89e90f99bd0d0d3f91d61d13)
1998-12-07fixed warnings (and potential errors) due to integer overflow whenAndrew Tridgell1-1/+2
creating locking masks (This used to be commit 5e2844d5edb15de29b976d2ff077ffbe012b860c)
1998-12-07removed nt_pipe_fnum from struct cli_state. need to be able to callLuke Leighton1-9/+10
LsaLookupSids etc from within SamrQueryAliasMembers, for example. fnum is now a parameter to client functions. thanks to mike black for starting the ball rolling. (This used to be commit bee8f7fa6b0f7f995f71303f4e14a4aaed0c2437)
1998-12-05Sync up critical kernel oplock bugfix. I don't want to loseJeremy Allison1-4/+37
this.... Jeremy. (This used to be commit 5287f3d19b7d8e76970f1ce1abfd95b7341434e5)
1998-12-03moved get_unixgroups it will be needed by the unix instance of the groupLuke Leighton1-49/+0
DB API (This used to be commit ef58e48bc9af338ed6c734205d4faf82371284ac)
1998-12-01check server role before doing nt user to unix user mappingLuke Leighton1-12/+15
(This used to be commit 9d4e810e7dd8d6d80b47204636f9a37774f95455)
1998-12-01rpc_samr.h parse_samr.c srv_samr.c :Luke Leighton1-1/+1
samr_query_aliasmembers (cool!) util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c : pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5) to obtain member and pdc sids. (This used to be commit 3e1eb4f26b67e484b05e1dde94fd4e4dae982631)
1998-12-01andrej spotted that entries _not_ in domain map user were being refused.Luke Leighton1-10/+6
modified map_nt_and_unix_names() to never refuse a mapping (returns void now not BOOL). (This used to be commit faffcb3c8955dcea3987e2978dc34b4dba580167)
1998-12-01hm. removed the "if failed to map nt name to unix name, fail tcon call"Luke Leighton1-8/+2
restriction and "domain user map" seems to work. amazing. (This used to be commit 2c0d91e64a6b330b209ca62c3306ec1a53fda873)
1998-11-30attempting to fix "domain user map" up, but it's a bit complicated.Luke Leighton1-34/+56
i may simply go for a response in the NetSamLogon returning the unix username, forcing the NT user to appear to be a unix user, however even that is fraught with implications. might just have to go the whole hog and do this tuple thing, "unix_name + nt_name" always associated together... issue with api_net_sam_logon, getsam21pwent() being called twice, the second time overwriting static buffer data (argh) so had to make a copy. noticed a nested "become_root()"/"unbecome_root()" which will have to be tracked down... (This used to be commit 474f94f419a531e33b475249da7efb99ac22f454)
1998-11-30- adding builtin[alias]db.Luke Leighton1-0/+5
- lib/sids.c: generate_sam_sid() modified to take a domain name: it now generates "DOMAIN_NAME.SID". reasons: 1) if you run multiple samba servers on the same machine under different netbios names as members of a domain, they won't all use the same SID, which is a _big_ mistake but it would happen _by default_. 2) we have (had) a problem with sid_to_string() and string_to_sid() which cause SIDs to be incorrectly read. one of the major reasons for *NOT* making this change was so as not to disrupt existing users. but as they will be anyway by this bug, we might as well go ahead. - passdb/smbpass.c: wanted to change the meaning of the name in the smbpasswd file to an "nt" name not a "unix" name. this is probably not a good idea: reverted this. - output formatting / bug-fixing in rpcclient query_useraliases code. (This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
1998-11-29"retired" two modules to preserve their cvs history.Luke Leighton1-638/+1
added their replacements, added sam password database API modules (This used to be commit b1d1c1337c69c6f6bf25ab932a1a6a757e3ea2ae)
1998-11-29weekend work. user / group database API.Luke Leighton3-25/+26
- split sam_passwd and smb_passwd into separate higher-order function tables - renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user" plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd password databases to fill in the blank entries that are not obtained from whatever password database API instance is being used. NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c for the only example outside of the password database APIs i could find. - added query_useraliases code to rpcclient. - dealt with some nasty interdependencies involving non-smbd programs and the password database API. this is still not satisfactorily resolved completelely, but it's the best i can do for now. - #ifdef'd out some password database options so that people don't mistakenly set them unless they recompile to _use_ those options. lots of debugging done, it's still not finished. the unix/NT uid/gid and user-rid/group-rid issues are better, but not perfect. the "BUILTIN" domain is still missing: users cannot be added to "BUILTIN" groups yet, as we only have an "alias" db API and a "group" db API but not "builtin-alias" db API... (This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
1998-11-29don't allow ".." in service name when doing "default service"Andrew Tridgell1-1/+3
processing. (This used to be commit 702263bba555a1d7c7999d40e5789b7e920dbce4)
1998-11-25fixing group database issuesLuke Leighton1-35/+52
(This used to be commit 591c63e3e1e3201ddcd7582585b652fb848d80ca)
1998-11-25Makefile.in: Added maintainer mode fixes.Jeremy Allison7-31/+31
aclocal.m4: Added AC_LIBTESTFUNC. configure.in: Fixed -lsecurity -lsec problems. client.c: dos_ fixes. groupdb/aliasunix.c: Dead code removal. include/includes.h: Added default PRINTCAP_NAME. lib/genrand.c: dos_ fixes. lib/replace.c: Added strtoul. lib/system.c: dos_ fixes. lib/util.c: dos_ fixes. lib/util_sid.c: Signed/unsigned fixes. lib/util_str.c: removed bad const. locking/locking_slow.c: dos_ fixes. printing/printing.c: dos_ fixes. rpc_server/srv_samr.c: Dead code removal. rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN ! smbd/dir.c: dos_ fixes. smbd/open.c: dos_ fixes. smbd/oplock.c: dos_ fixes. smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes. Jeremy. (This used to be commit 6acb4b68f68d516e2ac3c47e500f5600d653435e)
1998-11-25LsaLookupNames client call (first used as lookupnames command in rpcclient).Luke Leighton1-11/+2
(This used to be commit 68342a29a892e515cf2b22d759476d61944bcd59)
1998-11-25fixing domain join and domain login problemsLuke Leighton1-1/+1
(This used to be commit 90a24664318da97a6e8cfe4622a8573c0e3cbe5e)
1998-11-24Fixed oplock test path spec bug.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 252dd8b8929adbdff9917395d4f8caad2d7882b2)
1998-11-23Fixed -Wall -Wshadow warning.Jeremy Allison1-2/+1
Jeremy. (This used to be commit 81b90208910528a4ace683f30e39c54d8cfa12b7)
1998-11-23remove / add / attempt to stop remove didn't work.Luke Leighton1-0/+651
(This used to be commit 82b6292dff38f4e22ee8feab1b54504b95d705fa)
1998-11-23unix instance of group database APILuke Leighton3-627/+3
(This used to be commit e76f593b3572ac881f1aa1fb3326d8b7169b0078)
1998-11-23changed string_sub() to replace " ; and ` in the inserted string with _Andrew Tridgell1-4/+4
use all_string_sub() if you don't want this. (This used to be commit a3357ab49335106674fe7a7481cd0f146d74fbe5)
1998-11-21try to use *SMBSERVER to connect to password server if the firstAndrew Tridgell1-13/+11
session_request fails. (This used to be commit ab2370e7ac770f1e32b8d726ab955457fcc8c2d7)
1998-11-21formatting changeAndrew Tridgell1-1/+1
(This used to be commit 94fc7fe3afa1dc5547050248738eb697c1eeef59)
1998-11-21smbd/password.c: Added *SMBSERVER fix is name is too long.Jeremy Allison1-1/+9
web/swat.c: Changed '?' to help. Jeremy. (This used to be commit 631913ea856926a77304692c74a1bd27faead179)
1998-11-20Instrumented hack fix with debug level 10 statements just in case :-).Jeremy Allison1-0/+3
Jeremy. (This used to be commit 10f51b85722141f99ffecc3f19a39de108400828)
1998-11-19Sync up with 2.0 code.Jeremy Allison3-9/+94
Added HPUX autoconf changes. Added "gross hack" printer code. Jeremy. (This used to be commit 1ef6d3bd63722afe9c376793a6ea72046d1a0602)
1998-11-18Fixed crash bug which was assuming that fd_ptr was always non-nullJeremy Allison3-6/+12
(which is not the case with open directories). Jeremy. (This used to be commit c154b1601f5891d664fc538ec8874fa8ef2061e6)
1998-11-17Fixed NT modify timestamp issue.Jeremy Allison2-2/+26
If a client does a modify timestamp on an open file (which will do no good at all on UNIX :-) then keep the modify request pending in the files_struct and apply it at close instead. Jeremy. (This used to be commit 92a7a86f0e0255e3812dd35bebfcd653091514ae)
1998-11-17Added the same open()/fopen()/creat()/mmap() -> sys_XXX calls.Jeremy Allison9-18/+18
Tidied up some of the mess (no other word for it). Still doesn't compile cleanly. There are calls with incorrect parameters that don't seem to be doing the right thing. This code still needs surgery :-(. Jeremy. (This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton6-295/+609
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)