summaryrefslogtreecommitdiff
path: root/source3/smbd
AgeCommit message (Collapse)AuthorFilesLines
2002-07-04Always free_conn() after all the DEBUG()s etc.Andrew Bartlett1-3/+3
(This used to be commit 06529c0433bf75790aad27dd3cecf7005612c694)
2002-07-03first cut at implementing support for browsing printer and driver driverGerald Carter1-0/+3
via regedt32.exe. The regsitry.tdb is only a framework. It is not intended to store values, only key/subkey structure. The data will be retrieved from nt*tdb (for printers) creating a virtual view of the data. You can currently connect to a Samba box using regedt32.exe (haven't tried regedit.exe). Some basic keys are created in registry.tdb for use. There are two problems.... * something is getting freed in the winreg code that causes heap corruption later on. As long as you don't play with the winreg server functionality, I don't think you'll be bitten by this. * no access controls are currently implemented * I can't browse HKLM because regedt32 greys out the SYSTEM subkey. ok so that was three.... (This used to be commit 542d3c93a998083c07b2afa91a7c927c376caf54)
2002-07-02Address the string_sub problem by changing len = 0 to mean "no expand".Jeremy Allison3-11/+11
Went through and checked all string_subs I could to ensure they're being used correctly. Jeremy. (This used to be commit 17cae0d683be404be69554cd0e84117bdcc56c87)
2002-07-01used findstatic.pl to make some variables static and remove some deadAndrew Tridgell2-5/+5
code (This used to be commit 91ad9041e9507d36eb3f40c23c5d4df61f139ef0)
2002-06-28Shut down printing tdb correctly - this will be more important when I goJeremy Allison1-0/+1
to a tdb per-queue for scalability. Jeremy. (This used to be commit e808eb2758ff4ad1eed7b50a02865b87ba0c068e)
2002-06-27It's fairly obvious that no one has tried to upload a driverGerald Carter1-0/+28
to a Samba print server running HEAD in a while. This has been broken since tridge's changes to make_connection() to not do the chdir() to the connect_path. Sorry it took me so long to get around to fixing it. The problem occured with our internal use of make_connection(). jerry (This used to be commit b5bc8aa0f68ceebfb5c0ec15ff93b0172cec36d8)
2002-06-26fixed 3 bugs in jeremys trans2 merge. Hopefully it now works.Andrew Tridgell1-8/+4
(This used to be commit 4a7813711130625598e0ffe92e7938890b818d2f)
2002-06-25Update cli_full_connection() to take a 'flags' paramater, and try to get aAndrew Bartlett1-8/+2
few more places to use it. Andrew Bartlett (This used to be commit 23689b0746d5ab030d8693abf71dd2e80ec1d7c7)
2002-06-24Merged across trans2.c from SAMBA_2_2. UNIX extensions and passthroughJeremy Allison1-1073/+1513
now supported in HEAD. Jeremy. (This used to be commit 082c5c084ef870709d3046f580eef597bb2aeef3)
2002-06-22Raise some debug levels.Andrew Bartlett2-2/+2
Andrew Bartlett (This used to be commit 5c0e4ecfaf9bf7e6e799dceeb275b5db2d4142dd)
2002-06-21Don't use uint. It doesn't exist on some platforms and we don't define it.Jeremy Allison2-2/+2
Replaced with "unsigned int". Jeremy. (This used to be commit 5841ca54b6a8c36f3d76c12570ff8f2211ed2363)
2002-06-21Fixed incorrect debug.Tim Potter1-1/+1
(This used to be commit a905b5f49db6a12c9a562e1d5e3981dc3525fd27)
2002-06-20Got rid of unused flags field in lanman api_commands[].Tim Potter1-36/+49
Added an auth_user field which denotes whether the api call can be made anonymously. In combination with lp_restrict_anonymous() this can decrease the amount of information that can be retrieved anonymously. So far NetShareEnum, NetSessionEnum, NetGroupEnum, NetGroupGetUsers, NetUserEnum, PrintQEnum, NetFileEnum cannot be called anonymously. SamOEMChangePassword and NetServerEnum can be called anonymously. All other functions can be called anonymously until it can be proven that they can't to avoid breaking anything. (This used to be commit ead6ab9602640aca5d1d8ac336f3a129f9466159)
2002-06-17compile warngin fixes merged from 2.2Gerald Carter4-19/+19
(This used to be commit 29874f4b8fecdc7cbd84d656dafce54cca49e0b1)
2002-06-16Further updates to the service.c code. authorise_login() is now a bit simpilerAndrew Bartlett2-6/+6
and we seem to have eliminated the segfault. Unfortunetly I'm still at a bit of a loss as to why it did segfault, but the patch is correct in any case. Andrew Bartlett (This used to be commit 70c16188c7a267f9f3f8de0b6830f66c9e68a2c7)
2002-06-15Rework much of the service.c code:Andrew Bartlett2-195/+238
The aim of this execise is to give the 'security>=user' code a straight paper path. Security=share will sill call authorise_login(), but otherwise we avoid that mess. This allow *much* more accurate error code reporting, beocuse we don't start pretending that we can use the (nonexistant) password etc. Also in this patch is code to create the 'homes' share at session setup time (as we have done in the past - been broken recently) and to record this on the user's vuser struct for later reference. The changes here should also allow for much better use of %H (some more changes to come here). The service.c changes move a lot of code around, but are not as drastric as they look... (Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not '*total_entries' was compared). This code is needs testing, but passes my basic tests. I expect we have lost some functionality, but the stuff I had expected to loose was already broken before I started. In particular, we don't 'fall back' to guest if the user cannot access a share (for security=user). If you want this kind of stuff then you really want security=share anyway. Andrew Bartlett (This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c)
2002-06-14moved lp_list_* functions away from param/loadparm.c, put int lib/util_str.cSimo Sorce2-15/+15
and renamed to str_list_* as it is a better name. Elrond should be satisfied now :) (This used to be commit 4ae260adb9505384fcccfb4c9929cb60a45f2e84)
2002-06-13Veto files fix.Jeremy Allison1-275/+273
Jeremy. (This used to be commit 1712a7b34a73ad89965961c0db4dd198d6b257c6)
2002-06-13Merge in mangle fixes from 2.2.Jeremy Allison6-369/+371
Jeremy. (This used to be commit 5e2571f424a40df4d67fe279517a9b21184b78e1)
2002-06-07Ensure when allowing fchown with write access and dos filemodes thatJeremy Allison1-7/+7
we leave the gid alone. Jeremy. (This used to be commit 3f72910cf954b127c0cc06d6616ca2b8cd0d41ad)
2002-06-07Globally replace 'global_sam_sid' with get_global_sam_sid(), a selfAndrew Bartlett3-6/+5
initialising function. This patch thanks to the work of "Stefan (metze) Metzmacher" <metze@metzemix.de> This is partly to enable the transition to SIDs in the the passdb. Andrew Bartlett (This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
2002-06-07Allow sd_len to be zero on NT_TRANSACT_CREATE but not for set sd (helpsJeremy Allison1-4/+7
Novell client). Jeremy. (This used to be commit ac49fd297acf27384a5e133a5fd7a32c1ba27ca6)
2002-06-06Overly complex but neccessary fix for kernel oplock problems. The issueJeremy Allison3-21/+55
is that there are some times when we should return an EINTR from a select, some times when we should not. As we can take a signal at any time, we have to eat EINTR's in some selects. This means we need to check for kernel oplock breaks more often in the main loop, as well as add the queuing mechanism needed for the changenotify code (due to the mistake in understanding POSIX semantics w.r.t. setting a signal mask in a signal handler). This code now passes all my tests. However, (and IMHO and I know tridge disagrees) - the correct way to fix this is to run with RT signals blocked and explicitly unblock them just before the main select, block them after and then process them all in one place. Just my 2cents :-). Jeremy. (This used to be commit a8c85372e2826a07117c89b39270cde8641ce55d)
2002-06-05Remove blocksignals call as it's never going to bloody work right...Jeremy Allison1-1/+0
Jeremy. (This used to be commit db8932c297096e6e957677c4ed944e4c319db1d8)
2002-06-05Fix for Linux kernel bug where signal mask set within a signal handlerJeremy Allison1-33/+67
is being ignored on sighandler exit. This means we have to have a small array of fd's, not a single one. Jeremy. (This used to be commit b06862e2de8d3bafbc10a9807501ef5bf148a61c)
2002-06-03Move session gathering routine back into session.c so it can be called eitherJim McDonough2-53/+53
in RAP or RPC environment. (This used to be commit 3eec0d64c7c4592d4f0d74108fb0be2b7a22bde6)
2002-05-31Removed some unused variables - tidy up some formating, add struct toJeremy Allison2-193/+190
client state to implement smb signing - this is a test at present. Jeremy. (This used to be commit a234e303558a25c4ea26b7f6788006e4fee651bf)
2002-05-26Add support for NTLMv2 (tested!) with NTLMSSP.Andrew Bartlett1-17/+49
The problem was the NTLMv2 uses extra data in order to make reply/lookup more difficult. That extra data includes the hostname, and the domain. This matches Win2k (sort of) by sending this information. Win2k connects with LMCompatibilityLevel=5 without a problem. We can change the negotiation bits if we want, this should allow us to make NTLMv2 the default for other clients as well. Some of the extra #defines were found in the squid source. Andrew Bartlett (This used to be commit 17a5f67b3d1935baf6197ae967624eb847b66ac8)
2002-05-25Clean up a few unused functions, add a bit of static etc.Andrew Bartlett1-1/+1
Importantly: The removal of the silly 'delete user script' behaviour when secuity=domain. I have left the name the same - as it still does the (previously documented, but not in smb.conf(5)) sane behaviour of deleting users on request. When we decide what to do with the 'add user' functionality, we might rename it. Andrew Bartlett (This used to be commit cdcfe3671eb7570e15649b77f708e6579055e7bc)
2002-05-24Remove the password length paramater from cli_full_connection - it reallyAndrew Bartlett1-1/+1
didn't make any sense, and its was always just strlen(password) anyway. This fixes it to be strlen(password)+1 Andrew Bartlett (This used to be commit c205b18bd6b9b69200ff3db55f2c641631d4ab40)
2002-05-24If we don't do the select don't do the recvfrom.Jeremy Allison1-0/+1
Jeremy. (This used to be commit f536ec62242c5c644e03afa19f4a3ebedf36f80d)
2002-05-24Fixed silly typo that causes receive_local_message to loop - caused byJeremy Allison1-1/+1
my removal of the goto. Oops ! Jeremy. (This used to be commit 4d3679e03e0c30602b1345cbf2fbf8587dff1f26)
2002-05-22Merge of bugfixes from 2.2.Jeremy Allison2-6/+8
Jeremy. (This used to be commit 5c8351228c55f2403214351f6fd16fe231aee917)
2002-05-22Fix for strangeness in Linux 2.0.x select return.Jeremy Allison1-0/+14
Jeremy. (This used to be commit 490b95a35d1e2ccd3b80db5cfcf7b9804901d36e)
2002-05-22Remove horrid goto.Jeremy Allison1-10/+5
Jeremy. (This used to be commit 7e6db250804e51ce0883b972831da455d389cdcd)
2002-05-22Cleanups!Andrew Bartlett1-1/+1
Make some code static, add some const to the PAM code, and make the plaintext password code actually function - particulary without the requirement to modify the 'struct passwd' (which it assumed was made up of fstrings) This kills some particularly ugly code in lib/util_pw.c Andrew Bartlett (This used to be commit 302dad4990ba5194f072e435465d9adaa089ae06)
2002-05-22Merge of receive_local_message fix from 2.2.5.Jeremy Allison4-51/+35
Jeremy. (This used to be commit d4dbb9cb1338332bda3651dc4b86abcf47e9c2d2)
2002-05-21Tricky fix. If we were waiting for an oplock break response message fromJeremy Allison1-0/+11
another smbd and an incoming SIGUSR1 message arrived we'd break out of the wait early - as we have to use sys_select() to wait for an oplock response message, not sys_select_intr() (which ignores EINTR errors) because of the real time signal kernel interface. Jeremy. (This used to be commit 3bb26957e3e7fb5059d21115546d189eaca34646)
2002-05-20Stop smbd looping when hide unreadable is true and .. is unreadable.Jeremy Allison1-65/+72
Jeremy. (This used to be commit fda7a11b093315a77ca1199119b5421a029ee883)
2002-05-20Merge from 2.2.Jeremy Allison2-2/+3
Jeremy. (This used to be commit 174df5d914b149e52bf260e6502f2436c2720958)
2002-05-19Spelling fix.Tim Potter1-1/+1
(This used to be commit 37f1cd013da073ca23fd9b16ee8cfbf9a3e6cbd9)
2002-05-18A few things in this commit:Andrew Bartlett3-26/+36
cleanup some of the code in net_rpc_join re const warnings and fstrings. Passdb: Make the %u and %U substituions in passdb work. This is done by declaring these paramters to be 'const' and doing the substitution manually. I'm told this is us going full circle, but I can't really see a better way. Finally these things actually seem to work properly... Make the lanman code use the pdb's recorded values for homedir etc rather than the values from lp_*() Add code to set the plaintext password in the passdb, where it can decide how to store/set it. For use with a future 'ldap password change' option, or somthing like that... Add pdb_unix, so as to remove the 'not in passdb' special cases from the local_lookup_*() code. Quite small, as it uses the new 'struct passwd -> SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd) Other: Fix up the adding of [homes] at session setup time to actually pass the right string, that is the unix homedir, not the UNC path. Fix up [homes] so that for winbind users is picks the correct name. (bad interactions with the default domain code previously) Change the rpc_server/srv_lsa_nt.c code to match NT when for the SATUS_NONE_MAPPED reply: This was only being triggered on no queries, now it is on the 'no mappings' (ie all mappings failed). Checked against Win2k. Policy Question: Should SID -> unix_user.234/unix_group.364 be considered a mapping or not? Currently it isn't. Andrew Bartlett (This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)
2002-05-17Make --with-ldapsam 'go away'. This is now a standard, stable, featureAndrew Bartlett1-3/+6
and there is no real reason for it to depend on more than the abilty to compile the code. (This used to be commit 64aaec137e39595e6e61b55eb525615683a1393c)
2002-05-17Check paramters for NULL.Andrew Bartlett1-0/+4
(This used to be commit 078e81530e9bc4e5f0b8e18aff0488386bce29a5)
2002-05-17This removes --with-ssl from Samba.Andrew Bartlett4-317/+0
This option was badly maintained, useless and confused our users and distirbutors. (its SSL, therfore it must be good...) No windows client uses this protocol without help from an SSL tunnel. I can't see any reason why setting up a unix-side SSL wrapper would be any more difficult than the > 10 config options this mess added to samba in any case. On the Samba client end, I think the LIBSMB_PROG hack should be sufficient to start stunnel on the unix side. We might extend this to take %i and %p (IP and port) if there is demand. Andrew Bartlett (This used to be commit b04561d3fd3ee732877790fb4193b20ad72a75f8)
2002-05-17Get the sco boxes compiling again - use the sys_ intefaces for all the dl*Andrew Bartlett2-2/+2
funcitons. (This used to be commit c37c1e39253d9d21f8ab38ab8d24f7e787008596)
2002-05-16Fix bug where creating a file and setting a security descriptor atomicallyJeremy Allison1-47/+68
that only contains an "everyone" DACL doesn't apply this to user and group entries also. Jeremy. (This used to be commit 2f67f39d219bbe110d52ed2680fd8ac57946756f)
2002-05-14Removed lp_strip_dot code - ensured that mangling code treats names endingJeremy Allison3-32/+45
in '.' as invalid long filenames (special treatment for '.' and '..' which are valid - yes Andrew I did this without strlen :-) :-). Jeremy. (This used to be commit 3180d8ba4ace9417033039d61d04c255da6f6a01)
2002-05-13Fix bug where setting end of file length to 8 was hitting erroneousJeremy Allison1-0/+4
check for OS/2 EA set. This caused Macromedia movie files to not export correctly onto a Samba share. Originally spotted by Michel Stoop stoop@ncg.nl. Jeremy. (This used to be commit 6b4affde167104c760bd8dc3c8906511a7642853)
2002-05-09Sync'ing SAMBA_2_2 with HEAD.Shirish Kalele1-8/+15
(This used to be commit d926cc989690684ec4799ebb3a3a01e8d4173de6)