From 59f992f12de9a0c6a0bc30f8953b324699623a03 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 19 Apr 2000 07:00:22 +0000 Subject: patch from luke to split out lanman code from ipc.c into lanman.c (This used to be commit 95246a8432e04bcdeed962d1a6112dfd90518941) --- source3/smbd/lanman.c | 3180 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 3180 insertions(+) create mode 100644 source3/smbd/lanman.c (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c new file mode 100644 index 0000000000..391a94596a --- /dev/null +++ b/source3/smbd/lanman.c @@ -0,0 +1,3180 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + Inter-process communication and named pipe handling + Copyright (C) Andrew Tridgell 1992-1998 + + SMB Version handling + Copyright (C) John H Terpstra 1995-1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ +/* + This file handles the named pipe and mailslot calls + in the SMBtrans protocol + */ + +#include "includes.h" +#include "nterr.h" + +#ifdef CHECK_TYPES +#undef CHECK_TYPES +#endif +#define CHECK_TYPES 0 + +extern int DEBUGLEVEL; + +extern fstring local_machine; +extern fstring global_myworkgroup; + +#define NERR_Success 0 +#define NERR_badpass 86 +#define NERR_notsupported 50 + +#define NERR_BASE (2100) +#define NERR_BufTooSmall (NERR_BASE+23) +#define NERR_JobNotFound (NERR_BASE+51) +#define NERR_DestNotFound (NERR_BASE+52) + +#define ACCESS_READ 0x01 +#define ACCESS_WRITE 0x02 +#define ACCESS_CREATE 0x04 + +#define SHPWLEN 8 /* share password length */ + +static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len); +static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len); + + +static int CopyExpanded(connection_struct *conn, + int snum, char** dst, char* src, int* n) +{ + pstring buf; + int l; + + if (!src || !dst || !n || !(*dst)) return(0); + + StrnCpy(buf,src,sizeof(buf)/2); + pstring_sub(buf,"%S",lp_servicename(snum)); + standard_sub_conn(conn,buf); + StrnCpy(*dst,buf,*n); + l = strlen(*dst) + 1; + (*dst) += l; + (*n) -= l; + return l; +} + +static int CopyAndAdvance(char** dst, char* src, int* n) +{ + int l; + if (!src || !dst || !n || !(*dst)) return(0); + StrnCpy(*dst,src,*n-1); + l = strlen(*dst) + 1; + (*dst) += l; + (*n) -= l; + return l; +} + +static int StrlenExpanded(connection_struct *conn, int snum, char* s) +{ + pstring buf; + if (!s) return(0); + StrnCpy(buf,s,sizeof(buf)/2); + pstring_sub(buf,"%S",lp_servicename(snum)); + standard_sub_conn(conn,buf); + return strlen(buf) + 1; +} + +static char* Expand(connection_struct *conn, int snum, char* s) +{ + static pstring buf; + if (!s) return(NULL); + StrnCpy(buf,s,sizeof(buf)/2); + pstring_sub(buf,"%S",lp_servicename(snum)); + standard_sub_conn(conn,buf); + return &buf[0]; +} + +/******************************************************************* + check a API string for validity when we only need to check the prefix + ******************************************************************/ +static BOOL prefix_ok(char *str,char *prefix) +{ + return(strncmp(str,prefix,strlen(prefix)) == 0); +} + +struct pack_desc { + char* format; /* formatstring for structure */ + char* subformat; /* subformat for structure */ + char* base; /* baseaddress of buffer */ + int buflen; /* remaining size for fixed part; on init: length of base */ + int subcount; /* count of substructures */ + char* structbuf; /* pointer into buffer for remaining fixed part */ + int stringlen; /* remaining size for variable part */ + char* stringbuf; /* pointer into buffer for remaining variable part */ + int neededlen; /* total needed size */ + int usedlen; /* total used size (usedlen <= neededlen and usedlen <= buflen) */ + char* curpos; /* current position; pointer into format or subformat */ + int errcode; +}; + +static int get_counter(char** p) +{ + int i, n; + if (!p || !(*p)) return(1); + if (!isdigit((int)**p)) return 1; + for (n = 0;;) { + i = **p; + if (isdigit(i)) + n = 10 * n + (i - '0'); + else + return n; + (*p)++; + } +} + +static int getlen(char* p) +{ + int n = 0; + if (!p) return(0); + while (*p) { + switch( *p++ ) { + case 'W': /* word (2 byte) */ + n += 2; + break; + case 'K': /* status word? (2 byte) */ + n += 2; + break; + case 'N': /* count of substructures (word) at end */ + n += 2; + break; + case 'D': /* double word (4 byte) */ + case 'z': /* offset to zero terminated string (4 byte) */ + case 'l': /* offset to user data (4 byte) */ + n += 4; + break; + case 'b': /* offset to data (with counter) (4 byte) */ + n += 4; + get_counter(&p); + break; + case 'B': /* byte (with optional counter) */ + n += get_counter(&p); + break; + } + } + return n; +} + +static BOOL init_package(struct pack_desc* p, int count, int subcount) +{ + int n = p->buflen; + int i; + + if (!p->format || !p->base) return(False); + + i = count * getlen(p->format); + if (p->subformat) i += subcount * getlen(p->subformat); + p->structbuf = p->base; + p->neededlen = 0; + p->usedlen = 0; + p->subcount = 0; + p->curpos = p->format; + if (i > n) { + p->neededlen = i; + i = n = 0; + p->errcode = ERRmoredata; + } + else + p->errcode = NERR_Success; + p->buflen = i; + n -= i; + p->stringbuf = p->base + i; + p->stringlen = n; + return(p->errcode == NERR_Success); +} + +#ifdef HAVE_STDARG_H +static int package(struct pack_desc* p, ...) +{ +#else +static int package(va_alist) +va_dcl +{ + struct pack_desc* p; +#endif + va_list args; + int needed=0, stringneeded; + char* str=NULL; + int is_string=0, stringused; + int32 temp; + +#ifdef HAVE_STDARG_H + va_start(args,p); +#else + va_start(args); + p = va_arg(args,struct pack_desc *); +#endif + + if (!*p->curpos) { + if (!p->subcount) + p->curpos = p->format; + else { + p->curpos = p->subformat; + p->subcount--; + } + } +#if CHECK_TYPES + str = va_arg(args,char*); + SMB_ASSERT(strncmp(str,p->curpos,strlen(str)) == 0); +#endif + stringneeded = -1; + + if (!p->curpos) { + va_end(args); + return(0); + } + + switch( *p->curpos++ ) { + case 'W': /* word (2 byte) */ + needed = 2; + temp = va_arg(args,int); + if (p->buflen >= needed) SSVAL(p->structbuf,0,temp); + break; + case 'K': /* status word? (2 byte) */ + needed = 2; + temp = va_arg(args,int); + if (p->buflen >= needed) SSVAL(p->structbuf,0,temp); + break; + case 'N': /* count of substructures (word) at end */ + needed = 2; + p->subcount = va_arg(args,int); + if (p->buflen >= needed) SSVAL(p->structbuf,0,p->subcount); + break; + case 'D': /* double word (4 byte) */ + needed = 4; + temp = va_arg(args,int); + if (p->buflen >= needed) SIVAL(p->structbuf,0,temp); + break; + case 'B': /* byte (with optional counter) */ + needed = get_counter(&p->curpos); + { + char *s = va_arg(args,char*); + if (p->buflen >= needed) StrnCpy(p->structbuf,s?s:"",needed-1); + } + break; + case 'z': /* offset to zero terminated string (4 byte) */ + str = va_arg(args,char*); + stringneeded = (str ? strlen(str)+1 : 0); + is_string = 1; + break; + case 'l': /* offset to user data (4 byte) */ + str = va_arg(args,char*); + stringneeded = va_arg(args,int); + is_string = 0; + break; + case 'b': /* offset to data (with counter) (4 byte) */ + str = va_arg(args,char*); + stringneeded = get_counter(&p->curpos); + is_string = 0; + break; + } + va_end(args); + if (stringneeded >= 0) { + needed = 4; + if (p->buflen >= needed) { + stringused = stringneeded; + if (stringused > p->stringlen) { + stringused = (is_string ? p->stringlen : 0); + if (p->errcode == NERR_Success) p->errcode = ERRmoredata; + } + if (!stringused) + SIVAL(p->structbuf,0,0); + else { + SIVAL(p->structbuf,0,PTR_DIFF(p->stringbuf,p->base)); + memcpy(p->stringbuf,str?str:"",stringused); + if (is_string) p->stringbuf[stringused-1] = '\0'; + p->stringbuf += stringused; + p->stringlen -= stringused; + p->usedlen += stringused; + } + } + p->neededlen += stringneeded; + } + p->neededlen += needed; + if (p->buflen >= needed) { + p->structbuf += needed; + p->buflen -= needed; + p->usedlen += needed; + } + else { + if (p->errcode == NERR_Success) p->errcode = ERRmoredata; + } + return 1; +} + +#if CHECK_TYPES +#define PACK(desc,t,v) package(desc,t,v,0,0,0,0) +#define PACKl(desc,t,v,l) package(desc,t,v,l,0,0,0,0) +#else +#define PACK(desc,t,v) package(desc,v) +#define PACKl(desc,t,v,l) package(desc,v,l) +#endif + +static void PACKI(struct pack_desc* desc,char *t,int v) +{ + PACK(desc,t,v); +} + +static void PACKS(struct pack_desc* desc,char *t,char *v) +{ + PACK(desc,t,v); +} + + +/**************************************************************************** + get a print queue + ****************************************************************************/ +static void PackDriverData(struct pack_desc* desc) +{ + char drivdata[4+4+32]; + SIVAL(drivdata,0,sizeof drivdata); /* cb */ + SIVAL(drivdata,4,1000); /* lVersion */ + memset(drivdata+8,0,32); /* szDeviceName */ + pstrcpy(drivdata+8,"NULL"); + PACKl(desc,"l",drivdata,sizeof drivdata); /* pDriverData */ +} + +static int check_printq_info(struct pack_desc* desc, + int uLevel, char *id1, char *id2) +{ + desc->subformat = NULL; + switch( uLevel ) { + case 0: + desc->format = "B13"; + break; + case 1: + desc->format = "B13BWWWzzzzzWW"; + break; + case 2: + desc->format = "B13BWWWzzzzzWN"; + desc->subformat = "WB21BB16B10zWWzDDz"; + break; + case 3: + desc->format = "zWWWWzzzzWWzzl"; + break; + case 4: + desc->format = "zWWWWzzzzWNzzl"; + desc->subformat = "WWzWWDDzz"; + break; + case 5: + desc->format = "z"; + break; + case 51: + desc->format = "K"; + break; + case 52: + desc->format = "WzzzzzzzzN"; + desc->subformat = "z"; + break; + default: return False; + } + if (strcmp(desc->format,id1) != 0) return False; + if (desc->subformat && strcmp(desc->subformat,id2) != 0) return False; + return True; +} + + +#define JOB_STATUS_QUEUED 0 +#define JOB_STATUS_PAUSED 1 +#define JOB_STATUS_SPOOLING 2 +#define JOB_STATUS_PRINTING 3 +#define JOB_STATUS_PRINTED 4 + +#define QUEUE_STATUS_PAUSED 1 +#define QUEUE_STATUS_ERROR 2 + +/* turn a print job status into a on the wire status +*/ +static int printj_status(int v) +{ + switch (v) { + case LPQ_QUEUED: + return JOB_STATUS_QUEUED; + case LPQ_PAUSED: + return JOB_STATUS_PAUSED; + case LPQ_SPOOLING: + return JOB_STATUS_SPOOLING; + case LPQ_PRINTING: + return JOB_STATUS_PRINTING; + } + return 0; +} + +/* turn a print queue status into a on the wire status +*/ +static int printq_status(int v) +{ + switch (v) { + case LPQ_QUEUED: + return 0; + case LPQ_PAUSED: + return QUEUE_STATUS_PAUSED; + } + return QUEUE_STATUS_ERROR; +} + +static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, + struct pack_desc* desc, + print_queue_struct* queue, int n) +{ + time_t t = queue->time; + + /* the client expects localtime */ + t -= TimeDiff(t); + + PACKI(desc,"W",queue->job); /* uJobId */ + if (uLevel == 1) { + PACKS(desc,"B21",queue->user); /* szUserName */ + PACKS(desc,"B",""); /* pad */ + PACKS(desc,"B16",""); /* szNotifyName */ + PACKS(desc,"B10","PM_Q_RAW"); /* szDataType */ + PACKS(desc,"z",""); /* pszParms */ + PACKI(desc,"W",n+1); /* uPosition */ + PACKI(desc,"W",printj_status(queue->status)); /* fsStatus */ + PACKS(desc,"z",""); /* pszStatus */ + PACKI(desc,"D",t); /* ulSubmitted */ + PACKI(desc,"D",queue->size); /* ulSize */ + PACKS(desc,"z",queue->file); /* pszComment */ + } + if (uLevel == 2 || uLevel == 3) { + PACKI(desc,"W",queue->priority); /* uPriority */ + PACKS(desc,"z",queue->user); /* pszUserName */ + PACKI(desc,"W",n+1); /* uPosition */ + PACKI(desc,"W",printj_status(queue->status)); /* fsStatus */ + PACKI(desc,"D",t); /* ulSubmitted */ + PACKI(desc,"D",queue->size); /* ulSize */ + PACKS(desc,"z","Samba"); /* pszComment */ + PACKS(desc,"z",queue->file); /* pszDocument */ + if (uLevel == 3) { + PACKS(desc,"z",""); /* pszNotifyName */ + PACKS(desc,"z","PM_Q_RAW"); /* pszDataType */ + PACKS(desc,"z",""); /* pszParms */ + PACKS(desc,"z",""); /* pszStatus */ + PACKS(desc,"z",SERVICE(snum)); /* pszQueue */ + PACKS(desc,"z","lpd"); /* pszQProcName */ + PACKS(desc,"z",""); /* pszQProcParms */ + PACKS(desc,"z","NULL"); /* pszDriverName */ + PackDriverData(desc); /* pDriverData */ + PACKS(desc,"z",""); /* pszPrinterName */ + } + } +} + + +static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, + struct pack_desc* desc, + int count, print_queue_struct* queue, + print_status_struct* status) +{ + int i,ok=0; + pstring tok,driver,datafile,langmon,helpfile,datatype; + char *p; + char **lines, *line; + + lines = file_lines_load(lp_driverfile(),NULL); + if (!lines) { + DEBUG(3,("fill_printq_info: Can't open %s - %s\n", + lp_driverfile(),strerror(errno))); + desc->errcode=NERR_notsupported; + return; + } + + /* lookup the long printer driver name in the file + description */ + for (i=0;lines[i] && !ok;i++) { + p = lines[i]; + if (next_token(&p,tok,":",sizeof(tok)) && + (strlen(lp_printerdriver(snum)) == strlen(tok)) && + (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) + ok=1; + } + line = strdup(p); + p = line; + file_lines_free(lines); + + /* driver file name */ + if (ok && !next_token(&p,driver,":",sizeof(driver))) ok = 0; + /* data file name */ + if (ok && !next_token(&p,datafile,":",sizeof(datafile))) ok = 0; + /* + * for the next tokens - which may be empty - I have + * to check for empty tokens first because the + * next_token function will skip all empty token + * fields */ + if (ok) { + /* help file */ + if (*p == ':') { + *helpfile = '\0'; + p++; + } else if (!next_token(&p,helpfile,":",sizeof(helpfile))) ok = 0; + } + + if (ok) { + /* language monitor */ + if (*p == ':') { + *langmon = '\0'; + p++; + } else if (!next_token(&p,langmon,":",sizeof(langmon))) + ok = 0; + } + + /* default data type */ + if (ok && !next_token(&p,datatype,":",sizeof(datatype))) + ok = 0; + + if (ok) { + PACKI(desc,"W",0x0400); /* don't know */ + PACKS(desc,"z",lp_printerdriver(snum)); /* long printer name */ + PACKS(desc,"z",driver); /* Driverfile Name */ + PACKS(desc,"z",datafile); /* Datafile name */ + PACKS(desc,"z",langmon); /* language monitor */ + PACKS(desc,"z",lp_driverlocation(snum)); /* share to retrieve files */ + PACKS(desc,"z",datatype); /* default data type */ + PACKS(desc,"z",helpfile); /* helpfile name */ + PACKS(desc,"z",driver); /* driver name */ + DEBUG(3,("Driver:%s:\n",driver)); + DEBUG(3,("Data File:%s:\n",datafile)); + DEBUG(3,("Language Monitor:%s:\n",langmon)); + DEBUG(3,("Data Type:%s:\n",datatype)); + DEBUG(3,("Help File:%s:\n",helpfile)); + PACKI(desc,"N",count); /* number of files to copy */ + for (i=0;i gave %d entries\n", + SERVICE(snum),count)); + } else { + DEBUG(3,("fill_printq_info: Can't supply driver files\n")); + desc->errcode=NERR_notsupported; + } + free(line); +} + + +static void fill_printq_info(connection_struct *conn, int snum, int uLevel, + struct pack_desc* desc, + int count, print_queue_struct* queue, + print_status_struct* status) +{ + switch (uLevel) { + case 1: + case 2: + PACKS(desc,"B13",SERVICE(snum)); + break; + case 3: + case 4: + case 5: + PACKS(desc,"z",Expand(conn,snum,SERVICE(snum))); + break; + case 51: + PACKI(desc,"K",printq_status(status->status)); + break; + } + + if (uLevel == 1 || uLevel == 2) { + PACKS(desc,"B",""); /* alignment */ + PACKI(desc,"W",5); /* priority */ + PACKI(desc,"W",0); /* start time */ + PACKI(desc,"W",0); /* until time */ + PACKS(desc,"z",""); /* pSepFile */ + PACKS(desc,"z","lpd"); /* pPrProc */ + PACKS(desc,"z",SERVICE(snum)); /* pDestinations */ + PACKS(desc,"z",""); /* pParms */ + if (snum < 0) { + PACKS(desc,"z","UNKNOWN PRINTER"); + PACKI(desc,"W",LPSTAT_ERROR); + } + else if (!status || !status->message[0]) { + PACKS(desc,"z",Expand(conn,snum,lp_comment(snum))); + PACKI(desc,"W",LPSTAT_OK); /* status */ + } else { + PACKS(desc,"z",status->message); + PACKI(desc,"W",printq_status(status->status)); /* status */ + } + PACKI(desc,(uLevel == 1 ? "W" : "N"),count); + } + + if (uLevel == 3 || uLevel == 4) { + PACKI(desc,"W",5); /* uPriority */ + PACKI(desc,"W",0); /* uStarttime */ + PACKI(desc,"W",0); /* uUntiltime */ + PACKI(desc,"W",5); /* pad1 */ + PACKS(desc,"z",""); /* pszSepFile */ + PACKS(desc,"z","WinPrint"); /* pszPrProc */ + PACKS(desc,"z",""); /* pszParms */ + if (!status || !status->message[0]) { + PACKS(desc,"z",Expand(conn,snum,lp_comment(snum))); /* pszComment */ + PACKI(desc,"W",LPSTAT_OK); /* fsStatus */ + } else { + PACKS(desc,"z",status->message); /* pszComment */ + PACKI(desc,"W",printq_status(status->status)); /* fsStatus */ + } + PACKI(desc,(uLevel == 3 ? "W" : "N"),count); /* cJobs */ + PACKS(desc,"z",SERVICE(snum)); /* pszPrinters */ + PACKS(desc,"z",lp_printerdriver(snum)); /* pszDriverName */ + PackDriverData(desc); /* pDriverData */ + } + + if (uLevel == 2 || uLevel == 4) { + int i; + for (i=0;i + * to return the 'invalid info level' error if an + * unknown level was requested. + */ + *rdata_len = 0; + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,ERROR_INVALID_LEVEL); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,0); + return(True); + } + + snum = lp_servicenumber(QueueName); + if (snum < 0 && pcap_printername_ok(QueueName,NULL)) { + int pnum = lp_servicenumber(PRINTERS_NAME); + if (pnum >= 0) { + lp_add_printer(QueueName,pnum); + snum = lp_servicenumber(QueueName); + } + } + + if (snum < 0 || !VALID_SNUM(snum)) return(False); + + if (uLevel==52) { + count = get_printerdrivernumber(snum); + DEBUG(3,("api_DosPrintQGetInfo: Driver files count: %d\n",count)); + } else { + count = print_queue_status(snum, &queue,&status); + } + + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + if (init_package(&desc,1,count)) { + desc.subcount = count; + fill_printq_info(conn,snum,uLevel,&desc,count,queue,&status); + } else if(uLevel == 0) { + /* + * This is a *disgusting* hack. + * This is *so* bad that even I'm embarrassed (and I + * have no shame). Here's the deal : + * Until we get the correct SPOOLSS code into smbd + * then when we're running with NT SMB support then + * NT makes this call with a level of zero, and then + * immediately follows it with an open request to + * the \\SRVSVC pipe. If we allow that open to + * succeed then NT barfs when it cannot open the + * \\SPOOLSS pipe immediately after and continually + * whines saying "Printer name is invalid" forever + * after. If we cause *JUST THIS NEXT OPEN* of \\SRVSVC + * to fail, then NT downgrades to using the downlevel code + * and everything works as well as before. I hate + * myself for adding this code.... JRA. + */ + + fail_next_srvsvc_open(); + } + + *rdata_len = desc.usedlen; + + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,desc.neededlen); + + DEBUG(4,("printqgetinfo: errorcode %d\n",desc.errcode)); + + if (queue) free(queue); + + return(True); +} + + +/**************************************************************************** + view list of all print jobs on all queues + ****************************************************************************/ +static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, char* data, + int mdrcnt, int mprcnt, + char **rdata, char** rparam, + int *rdata_len, int *rparam_len) +{ + char *param_format = param+2; + char *output_format1 = skip_string(param_format,1); + char *p = skip_string(output_format1,1); + int uLevel = SVAL(p,0); + char *output_format2 = p + 4; + int services = lp_numservices(); + int i, n; + struct pack_desc desc; + print_queue_struct **queue = NULL; + print_status_struct *status = NULL; + int* subcntarr = NULL; + int queuecnt, subcnt=0, succnt=0; + + memset((char *)&desc,'\0',sizeof(desc)); + + DEBUG(3,("DosPrintQEnum uLevel=%d\n",uLevel)); + + if (!prefix_ok(param_format,"WrLeh")) return False; + if (!check_printq_info(&desc,uLevel,output_format1,output_format2)) { + /* + * Patch from Scott Moomaw + * to return the 'invalid info level' error if an + * unknown level was requested. + */ + *rdata_len = 0; + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,ERROR_INVALID_LEVEL); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,0); + return(True); + } + + queuecnt = 0; + for (i = 0; i < services; i++) + if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) + queuecnt++; + if (uLevel > 0) { + if((queue = (print_queue_struct**)malloc(queuecnt*sizeof(print_queue_struct*))) == NULL) { + DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); + return False; + } + memset(queue,0,queuecnt*sizeof(print_queue_struct*)); + if((status = (print_status_struct*)malloc(queuecnt*sizeof(print_status_struct))) == NULL) { + DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); + return False; + } + memset(status,0,queuecnt*sizeof(print_status_struct)); + if((subcntarr = (int*)malloc(queuecnt*sizeof(int))) == NULL) { + DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); + return False; + } + subcnt = 0; + n = 0; + for (i = 0; i < services; i++) + if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { + subcntarr[n] = print_queue_status(i, &queue[n],&status[n]); + subcnt += subcntarr[n]; + n++; + } + } + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + + if (init_package(&desc,queuecnt,subcnt)) { + n = 0; + succnt = 0; + for (i = 0; i < services; i++) + if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { + fill_printq_info(conn,i,uLevel,&desc,subcntarr[n],queue[n],&status[n]); + n++; + if (desc.errcode == NERR_Success) succnt = n; + } + } + + if (subcntarr) free(subcntarr); + + *rdata_len = desc.usedlen; + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,queuecnt); + + for (i = 0; i < queuecnt; i++) { + if (queue && queue[i]) free(queue[i]); + } + + if (queue) free(queue); + if (status) free(status); + + return True; +} + +/**************************************************************************** + get info level for a server list query + ****************************************************************************/ +static BOOL check_server_info(int uLevel, char* id) +{ + switch( uLevel ) { + case 0: + if (strcmp(id,"B16") != 0) return False; + break; + case 1: + if (strcmp(id,"B16BBDz") != 0) return False; + break; + default: + return False; + } + return True; +} + +struct srv_info_struct +{ + fstring name; + uint32 type; + fstring comment; + fstring domain; + BOOL server_added; +}; + + +/******************************************************************* + get server info lists from the files saved by nmbd. Return the + number of entries + ******************************************************************/ +static int get_server_info(uint32 servertype, + struct srv_info_struct **servers, + char *domain) +{ + int count=0; + int alloced=0; + char **lines; + BOOL local_list_only; + int i; + + lines = file_lines_load(lock_path(SERVER_LIST), NULL); + if (!lines) { + DEBUG(4,("Can't open %s - %s\n",lock_path(SERVER_LIST),strerror(errno))); + return(0); + } + + /* request for everything is code for request all servers */ + if (servertype == SV_TYPE_ALL) + servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY); + + local_list_only = (servertype & SV_TYPE_LOCAL_LIST_ONLY); + + DEBUG(4,("Servertype search: %8x\n",servertype)); + + for (i=0;lines[i];i++) { + fstring stype; + struct srv_info_struct *s; + char *ptr = lines[i]; + BOOL ok = True; + + if (!*ptr) continue; + + if (count == alloced) { + alloced += 10; + (*servers) = (struct srv_info_struct *) + Realloc(*servers,sizeof(**servers)*alloced); + if (!(*servers)) return(0); + memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count)); + } + s = &(*servers)[count]; + + if (!next_token(&ptr,s->name , NULL, sizeof(s->name))) continue; + if (!next_token(&ptr,stype , NULL, sizeof(stype))) continue; + if (!next_token(&ptr,s->comment, NULL, sizeof(s->comment))) continue; + if (!next_token(&ptr,s->domain , NULL, sizeof(s->domain))) { + /* this allows us to cope with an old nmbd */ + pstrcpy(s->domain,global_myworkgroup); + } + + if (sscanf(stype,"%X",&s->type) != 1) { + DEBUG(4,("r:host file ")); + ok = False; + } + + /* Filter the servers/domains we return based on what was asked for. */ + + /* Check to see if we are being asked for a local list only. */ + if(local_list_only && ((s->type & SV_TYPE_LOCAL_LIST_ONLY) == 0)) { + DEBUG(4,("r: local list only")); + ok = False; + } + + /* doesn't match up: don't want it */ + if (!(servertype & s->type)) { + DEBUG(4,("r:serv type ")); + ok = False; + } + + if ((servertype & SV_TYPE_DOMAIN_ENUM) != + (s->type & SV_TYPE_DOMAIN_ENUM)) + { + DEBUG(4,("s: dom mismatch ")); + ok = False; + } + + if (!strequal(domain, s->domain) && !(servertype & SV_TYPE_DOMAIN_ENUM)) + { + ok = False; + } + + /* We should never return a server type with a SV_TYPE_LOCAL_LIST_ONLY set. */ + s->type &= ~SV_TYPE_LOCAL_LIST_ONLY; + + if (ok) + { + DEBUG(4,("**SV** %20s %8x %25s %15s\n", + s->name, s->type, s->comment, s->domain)); + + s->server_added = True; + count++; + } + else + { + DEBUG(4,("%20s %8x %25s %15s\n", + s->name, s->type, s->comment, s->domain)); + } + } + + file_lines_free(lines); + return(count); +} + + +/******************************************************************* + fill in a server info structure + ******************************************************************/ +static int fill_srv_info(struct srv_info_struct *service, + int uLevel, char **buf, int *buflen, + char **stringbuf, int *stringspace, char *baseaddr) +{ + int struct_len; + char* p; + char* p2; + int l2; + int len; + + switch (uLevel) { + case 0: struct_len = 16; break; + case 1: struct_len = 26; break; + default: return -1; + } + + if (!buf) + { + len = 0; + switch (uLevel) + { + case 1: + len = strlen(service->comment)+1; + break; + } + + if (buflen) *buflen = struct_len; + if (stringspace) *stringspace = len; + return struct_len + len; + } + + len = struct_len; + p = *buf; + if (*buflen < struct_len) return -1; + if (stringbuf) + { + p2 = *stringbuf; + l2 = *stringspace; + } + else + { + p2 = p + struct_len; + l2 = *buflen - struct_len; + } + if (!baseaddr) baseaddr = p; + + switch (uLevel) + { + case 0: + StrnCpy(p,service->name,15); + break; + + case 1: + StrnCpy(p,service->name,15); + SIVAL(p,18,service->type); + SIVAL(p,22,PTR_DIFF(p2,baseaddr)); + len += CopyAndAdvance(&p2,service->comment,&l2); + break; + } + + if (stringbuf) + { + *buf = p + struct_len; + *buflen -= struct_len; + *stringbuf = p2; + *stringspace = l2; + } + else + { + *buf = p2; + *buflen -= len; + } + return len; +} + + +static BOOL srv_comp(struct srv_info_struct *s1,struct srv_info_struct *s2) +{ + return(strcmp(s1->name,s2->name)); +} + +/**************************************************************************** + view list of servers available (or possibly domains). The info is + extracted from lists saved by nmbd on the local host + ****************************************************************************/ +static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param, char *data, + int mdrcnt, int mprcnt, char **rdata, + char **rparam, int *rdata_len, int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + int buf_len = SVAL(p,2); + uint32 servertype = IVAL(p,4); + char *p2; + int data_len, fixed_len, string_len; + int f_len = 0, s_len = 0; + struct srv_info_struct *servers=NULL; + int counted=0,total=0; + int i,missed; + fstring domain; + BOOL domain_request; + BOOL local_request; + + /* If someone sets all the bits they don't really mean to set + DOMAIN_ENUM and LOCAL_LIST_ONLY, they just want all the + known servers. */ + + if (servertype == SV_TYPE_ALL) + servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY); + + /* If someone sets SV_TYPE_LOCAL_LIST_ONLY but hasn't set + any other bit (they may just set this bit on it's own) they + want all the locally seen servers. However this bit can be + set on its own so set the requested servers to be + ALL - DOMAIN_ENUM. */ + + if ((servertype & SV_TYPE_LOCAL_LIST_ONLY) && !(servertype & SV_TYPE_DOMAIN_ENUM)) + servertype = SV_TYPE_ALL & ~(SV_TYPE_DOMAIN_ENUM); + + domain_request = ((servertype & SV_TYPE_DOMAIN_ENUM) != 0); + local_request = ((servertype & SV_TYPE_LOCAL_LIST_ONLY) != 0); + + p += 8; + + if (!prefix_ok(str1,"WrLehD")) return False; + if (!check_server_info(uLevel,str2)) return False; + + DEBUG(4, ("server request level: %s %8x ", str2, servertype)); + DEBUG(4, ("domains_req:%s ", BOOLSTR(domain_request))); + DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request))); + + if (strcmp(str1, "WrLehDz") == 0) { + StrnCpy(domain, p, sizeof(fstring)-1); + } else { + StrnCpy(domain, global_myworkgroup, sizeof(fstring)-1); + } + + if (lp_browse_list()) + total = get_server_info(servertype,&servers,domain); + + data_len = fixed_len = string_len = 0; + missed = 0; + + qsort(servers,total,sizeof(servers[0]),QSORT_CAST srv_comp); + + { + char *lastname=NULL; + + for (i=0;iname)) continue; + lastname = s->name; + data_len += fill_srv_info(s,uLevel,0,&f_len,0,&s_len,0); + DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n", + s->name, s->type, s->comment, s->domain)); + + if (data_len <= buf_len) { + counted++; + fixed_len += f_len; + string_len += s_len; + } else { + missed++; + } + } + } + + *rdata_len = fixed_len + string_len; + *rdata = REALLOC(*rdata,*rdata_len); + memset(*rdata,'\0',*rdata_len); + + p2 = (*rdata) + fixed_len; /* auxilliary data (strings) will go here */ + p = *rdata; + f_len = fixed_len; + s_len = string_len; + + { + char *lastname=NULL; + int count2 = counted; + for (i = 0; i < total && count2;i++) + { + struct srv_info_struct *s = &servers[i]; + if (lastname && strequal(lastname,s->name)) continue; + lastname = s->name; + fill_srv_info(s,uLevel,&p,&f_len,&p2,&s_len,*rdata); + DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n", + s->name, s->type, s->comment, s->domain)); + count2--; + } + } + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + SSVAL(*rparam,0,(missed == 0 ? NERR_Success : ERRmoredata)); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,counted); + SSVAL(*rparam,6,counted+missed); + + if (servers) free(servers); + + DEBUG(3,("NetServerEnum domain = %s uLevel=%d counted=%d total=%d\n", + domain,uLevel,counted,counted+missed)); + + return(True); +} + +/**************************************************************************** + command 0x34 - suspected of being a "Lookup Names" stub api + ****************************************************************************/ +static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *param, char *data, + int mdrcnt, int mprcnt, char **rdata, + char **rparam, int *rdata_len, int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + int buf_len = SVAL(p,2); + int counted=0; + int missed=0; + + DEBUG(5,("RNetGroupGetUsers: %s %s %s %d %d\n", + str1, str2, p, uLevel, buf_len)); + + if (!prefix_ok(str1,"zWrLeh")) return False; + + *rdata_len = 0; + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + + SSVAL(*rparam,0,0x08AC); /* informational warning message */ + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,counted); + SSVAL(*rparam,6,counted+missed); + + return(True); +} + +/**************************************************************************** + get info about a share + ****************************************************************************/ +static BOOL check_share_info(int uLevel, char* id) +{ + switch( uLevel ) { + case 0: + if (strcmp(id,"B13") != 0) return False; + break; + case 1: + if (strcmp(id,"B13BWz") != 0) return False; + break; + case 2: + if (strcmp(id,"B13BWzWWWzB9B") != 0) return False; + break; + case 91: + if (strcmp(id,"B13BWzWWWzB9BB9BWzWWzWW") != 0) return False; + break; + default: return False; + } + return True; +} + +static int fill_share_info(connection_struct *conn, int snum, int uLevel, + char** buf, int* buflen, + char** stringbuf, int* stringspace, char* baseaddr) +{ + int struct_len; + char* p; + char* p2; + int l2; + int len; + + switch( uLevel ) { + case 0: struct_len = 13; break; + case 1: struct_len = 20; break; + case 2: struct_len = 40; break; + case 91: struct_len = 68; break; + default: return -1; + } + + + if (!buf) + { + len = 0; + if (uLevel > 0) len += StrlenExpanded(conn,snum,lp_comment(snum)); + if (uLevel > 1) len += strlen(lp_pathname(snum)) + 1; + if (buflen) *buflen = struct_len; + if (stringspace) *stringspace = len; + return struct_len + len; + } + + len = struct_len; + p = *buf; + if ((*buflen) < struct_len) return -1; + if (stringbuf) + { + p2 = *stringbuf; + l2 = *stringspace; + } + else + { + p2 = p + struct_len; + l2 = (*buflen) - struct_len; + } + if (!baseaddr) baseaddr = p; + + StrnCpy(p,lp_servicename(snum),13); + + if (uLevel > 0) + { + int type; + CVAL(p,13) = 0; + type = STYPE_DISKTREE; + if (lp_print_ok(snum)) type = STYPE_PRINTQ; + if (strequal("IPC$",lp_servicename(snum))) type = STYPE_IPC; + SSVAL(p,14,type); /* device type */ + SIVAL(p,16,PTR_DIFF(p2,baseaddr)); + len += CopyExpanded(conn,snum,&p2,lp_comment(snum),&l2); + } + + if (uLevel > 1) + { + SSVAL(p,20,ACCESS_READ|ACCESS_WRITE|ACCESS_CREATE); /* permissions */ + SSVALS(p,22,-1); /* max uses */ + SSVAL(p,24,1); /* current uses */ + SIVAL(p,26,PTR_DIFF(p2,baseaddr)); /* local pathname */ + len += CopyAndAdvance(&p2,lp_pathname(snum),&l2); + memset(p+30,0,SHPWLEN+2); /* passwd (reserved), pad field */ + } + + if (uLevel > 2) + { + memset(p+40,0,SHPWLEN+2); + SSVAL(p,50,0); + SIVAL(p,52,0); + SSVAL(p,56,0); + SSVAL(p,58,0); + SIVAL(p,60,0); + SSVAL(p,64,0); + SSVAL(p,66,0); + } + + if (stringbuf) + { + (*buf) = p + struct_len; + (*buflen) -= struct_len; + (*stringbuf) = p2; + (*stringspace) = l2; + } + else + { + (*buf) = p2; + (*buflen) -= len; + } + return len; +} + +static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *netname = skip_string(str2,1); + char *p = skip_string(netname,1); + int uLevel = SVAL(p,0); + int snum = find_service(netname); + + if (snum < 0) return False; + + /* check it's a supported varient */ + if (!prefix_ok(str1,"zWrLh")) return False; + if (!check_share_info(uLevel,str2)) return False; + + *rdata = REALLOC(*rdata,mdrcnt); + p = *rdata; + *rdata_len = fill_share_info(conn,snum,uLevel,&p,&mdrcnt,0,0,0); + if (*rdata_len < 0) return False; + + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,4,*rdata_len); + + return(True); +} + +/**************************************************************************** + view list of shares available + ****************************************************************************/ +static BOOL api_RNetShareEnum(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + int buf_len = SVAL(p,2); + char *p2; + int count=lp_numservices(); + int total=0,counted=0; + BOOL missed = False; + int i; + int data_len, fixed_len, string_len; + int f_len = 0, s_len = 0; + + if (!prefix_ok(str1,"WrLeh")) return False; + if (!check_share_info(uLevel,str2)) return False; + + data_len = fixed_len = string_len = 0; + for (i=0;itm_hour; + CVAL(p,9) = t->tm_min; + CVAL(p,10) = t->tm_sec; + CVAL(p,11) = 0; /* hundredths of seconds */ + SSVALS(p,12,TimeDiff(unixdate)/60); /* timezone in minutes from GMT */ + SSVAL(p,14,10000); /* timer interval in 0.0001 of sec */ + CVAL(p,16) = t->tm_mday; + CVAL(p,17) = t->tm_mon + 1; + SSVAL(p,18,1900+t->tm_year); + CVAL(p,20) = t->tm_wday; + } + + + return(True); +} + +/**************************************************************************** + Set the user password. +*****************************************************************************/ + +static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *p = skip_string(param+2,2); + fstring user; + fstring pass1,pass2; + + fstrcpy(user,p); + + p = skip_string(p,1); + + memset(pass1,'\0',sizeof(pass1)); + memset(pass2,'\0',sizeof(pass2)); + memcpy(pass1,p,16); + memcpy(pass2,p+16,16); + + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); + + *rdata_len = 0; + + SSVAL(*rparam,0,NERR_badpass); + SSVAL(*rparam,2,0); /* converter word */ + + DEBUG(3,("Set password for <%s>\n",user)); + + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + (void)map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam( user, True); + + /* + * Attempt to verify the old password against smbpasswd entries + * Win98 clients send old and new password in plaintext for this call. + */ + + { + fstring saved_pass2; + struct smb_passwd *smbpw = NULL; + + /* + * Save the new password as change_oem_password overwrites it + * with zeros. + */ + + fstrcpy(saved_pass2, pass2); + + if (check_plaintext_password(user,pass1,strlen(pass1),&smbpw) && + change_oem_password(smbpw,pass2,False)) + { + SSVAL(*rparam,0,NERR_Success); + + /* + * If unix password sync was requested, attempt to change + * the /etc/passwd database also. Return failure if this cannot + * be done. + */ + + if(lp_unix_password_sync() && !chgpasswd(user,pass1,saved_pass2,False)) + SSVAL(*rparam,0,NERR_badpass); + } + } + + /* + * If the above failed, attempt the plaintext password change. + * This tests against the /etc/passwd database only. + */ + + if(SVAL(*rparam,0) != NERR_Success) + { + if (password_ok(user, pass1,strlen(pass1),NULL) && + chgpasswd(user,pass1,pass2,False)) + { + SSVAL(*rparam,0,NERR_Success); + } + } + + /* + * If the plaintext change failed, attempt + * the old encrypted method. NT will generate this + * after trying the samr method. Note that this + * method is done as a last resort as this + * password change method loses the NT password hash + * and cannot change the UNIX password as no plaintext + * is received. + */ + + if(SVAL(*rparam,0) != NERR_Success) + { + struct smb_passwd *sampw = NULL; + + if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &sampw) && + change_lanman_password(sampw,(unsigned char *)pass1,(unsigned char *)pass2)) + { + SSVAL(*rparam,0,NERR_Success); + } + } + + memset((char *)pass1,'\0',sizeof(fstring)); + memset((char *)pass2,'\0',sizeof(fstring)); + + return(True); +} + +/**************************************************************************** + Set the user password (SamOEM version - gets plaintext). +****************************************************************************/ + +static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + fstring user; + char *p = param + 2; + *rparam_len = 2; + *rparam = REALLOC(*rparam,*rparam_len); + + *rdata_len = 0; + + SSVAL(*rparam,0,NERR_badpass); + + /* + * Check the parameter definition is correct. + */ + if(!strequal(param + 2, "zsT")) { + DEBUG(0,("api_SamOEMChangePassword: Invalid parameter string %s\n", param + 2)); + return False; + } + p = skip_string(p, 1); + + if(!strequal(p, "B516B16")) { + DEBUG(0,("api_SamOEMChangePassword: Invalid data parameter string %s\n", p)); + return False; + } + p = skip_string(p,1); + + fstrcpy(user,p); + p = skip_string(p,1); + + DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user)); + + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + (void)map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam( user, True); + + if (pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL)) + { + SSVAL(*rparam,0,NERR_Success); + } + + return(True); +} + +/**************************************************************************** + delete a print job + Form: <> + ****************************************************************************/ +static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + int function = SVAL(param,0); + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int jobid, errcode; + + jobid = SVAL(p,0); + + /* check it's a supported varient */ + if (!(strcsequal(str1,"W") && strcsequal(str2,""))) + return(False); + + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); + *rdata_len = 0; + + if (!print_job_exists(jobid)) { + errcode = NERR_JobNotFound; + goto out; + } + + errcode = NERR_notsupported; + + switch (function) { + case 81: /* delete */ + if (print_job_delete(jobid)) errcode = NERR_Success; + break; + case 82: /* pause */ + if (print_job_pause(jobid)) errcode = NERR_Success; + break; + case 83: /* resume */ + if (print_job_resume(jobid)) errcode = NERR_Success; + break; + } + + out: + SSVAL(*rparam,0,errcode); + SSVAL(*rparam,2,0); /* converter word */ + + return(True); +} + +/**************************************************************************** + Purge a print queue - or pause or resume it. + ****************************************************************************/ +static BOOL api_WPrintQueuePurge(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + int function = SVAL(param,0); + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *QueueName = skip_string(str2,1); + int errcode = NERR_notsupported; + int snum; + + /* check it's a supported varient */ + if (!(strcsequal(str1,"z") && strcsequal(str2,""))) + return(False); + + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); + *rdata_len = 0; + + snum = print_queue_snum(QueueName); + + if (snum == -1) { + errcode = NERR_JobNotFound; + goto out; + } + + switch (function) { + case 74: /* Pause queue */ + if (print_queue_pause(snum)) errcode = NERR_Success; + break; + case 75: /* Resume queue */ + if (print_queue_resume(snum)) errcode = NERR_Success; + break; + case 103: /* Purge */ + if (print_queue_purge(snum)) errcode = NERR_Success; + break; + } + + out: + SSVAL(*rparam,0,errcode); + SSVAL(*rparam,2,0); /* converter word */ + + return(True); +} + + +/**************************************************************************** + set the property of a print job (undocumented?) + ? function = 0xb -> set name of print job + ? function = 0x6 -> move print job up/down + Form: + or +****************************************************************************/ +static int check_printjob_info(struct pack_desc* desc, + int uLevel, char* id) +{ + desc->subformat = NULL; + switch( uLevel ) { + case 0: desc->format = "W"; break; + case 1: desc->format = "WB21BB16B10zWWzDDz"; break; + case 2: desc->format = "WWzWWDDzz"; break; + case 3: desc->format = "WWzWWDDzzzzzzzzzzlz"; break; + default: return False; + } + if (strcmp(desc->format,id) != 0) return False; + return True; +} + +static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + struct pack_desc desc; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int jobid; + int uLevel = SVAL(p,2); + int function = SVAL(p,4); + int place, errcode; + + jobid = SVAL(p,0); + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); + + *rdata_len = 0; + + /* check it's a supported varient */ + if ((strcmp(str1,"WWsTP")) || + (!check_printjob_info(&desc,uLevel,str2))) + return(False); + + if (!print_job_exists(jobid)) { + errcode=NERR_JobNotFound; + goto out; + } + + errcode = NERR_notsupported; + + switch (function) { + case 0x6: + /* change job place in the queue, + data gives the new place */ + place = SVAL(data,0); + if (print_job_set_place(jobid, place)) { + errcode=NERR_Success; + } + break; + + case 0xb: + /* change print job name, data gives the name */ + if (print_job_set_name(jobid, data)) { + errcode=NERR_Success; + } + break; + + default: + return False; + } + + out: + SSVALS(*rparam,0,errcode); + SSVAL(*rparam,2,0); /* converter word */ + + return(True); +} + + +/**************************************************************************** + get info about the server + ****************************************************************************/ +static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + char *p2; + int struct_len; + + DEBUG(4,("NetServerGetInfo level %d\n",uLevel)); + + /* check it's a supported varient */ + if (!prefix_ok(str1,"WrLh")) return False; + switch( uLevel ) { + case 0: + if (strcmp(str2,"B16") != 0) return False; + struct_len = 16; + break; + case 1: + if (strcmp(str2,"B16BBDz") != 0) return False; + struct_len = 26; + break; + case 2: + if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWz") + != 0) return False; + struct_len = 134; + break; + case 3: + if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWzDWz") + != 0) return False; + struct_len = 144; + break; + case 20: + if (strcmp(str2,"DN") != 0) return False; + struct_len = 6; + break; + case 50: + if (strcmp(str2,"B16BBDzWWzzz") != 0) return False; + struct_len = 42; + break; + default: return False; + } + + *rdata_len = mdrcnt; + *rdata = REALLOC(*rdata,*rdata_len); + + p = *rdata; + p2 = p + struct_len; + if (uLevel != 20) { + StrnCpy(p,local_machine,16); + strupper(p); + } + p += 16; + if (uLevel > 0) + { + struct srv_info_struct *servers=NULL; + int i,count; + pstring comment; + uint32 servertype= lp_default_server_announce(); + + pstrcpy(comment,string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH)); + + if ((count=get_server_info(SV_TYPE_ALL,&servers,global_myworkgroup))>0) { + for (i=0;i 1) + { + return False; /* not yet implemented */ + } + + *rdata_len = PTR_DIFF(p2,*rdata); + + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,4,*rdata_len); + + return(True); +} + + +/**************************************************************************** + get info about the server + ****************************************************************************/ +static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + char *p2; + extern pstring sesssetup_user; + int level = SVAL(p,0); + + DEBUG(4,("NetWkstaGetInfo level %d\n",level)); + + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + + /* check it's a supported varient */ + if (!(level==10 && strcsequal(str1,"WrLh") && strcsequal(str2,"zzzBBzz"))) + return(False); + + *rdata_len = mdrcnt + 1024; + *rdata = REALLOC(*rdata,*rdata_len); + + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + + p = *rdata; + p2 = p + 22; + + + SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */ + pstrcpy(p2,local_machine); + strupper(p2); + p2 = skip_string(p2,1); + p += 4; + + SIVAL(p,0,PTR_DIFF(p2,*rdata)); + pstrcpy(p2,sesssetup_user); + p2 = skip_string(p2,1); + p += 4; + + SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */ + pstrcpy(p2,global_myworkgroup); + strupper(p2); + p2 = skip_string(p2,1); + p += 4; + + SCVAL(p,0,lp_major_announce_version()); /* system version - e.g 4 in 4.1 */ + SCVAL(p,1,lp_minor_announce_version()); /* system version - e.g .1 in 4.1 */ + p += 2; + + SIVAL(p,0,PTR_DIFF(p2,*rdata)); + pstrcpy(p2,global_myworkgroup); /* don't know. login domain?? */ + p2 = skip_string(p2,1); + p += 4; + + SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */ + pstrcpy(p2,""); + p2 = skip_string(p2,1); + p += 4; + + *rdata_len = PTR_DIFF(p2,*rdata); + + SSVAL(*rparam,4,*rdata_len); + + return(True); +} + +/**************************************************************************** + get info about a user + + struct user_info_11 { + char usri11_name[21]; 0-20 + char usri11_pad; 21 + char *usri11_comment; 22-25 + char *usri11_usr_comment; 26-29 + unsigned short usri11_priv; 30-31 + unsigned long usri11_auth_flags; 32-35 + long usri11_password_age; 36-39 + char *usri11_homedir; 40-43 + char *usri11_parms; 44-47 + long usri11_last_logon; 48-51 + long usri11_last_logoff; 52-55 + unsigned short usri11_bad_pw_count; 56-57 + unsigned short usri11_num_logons; 58-59 + char *usri11_logon_server; 60-63 + unsigned short usri11_country_code; 64-65 + char *usri11_workstations; 66-69 + unsigned long usri11_max_storage; 70-73 + unsigned short usri11_units_per_week; 74-75 + unsigned char *usri11_logon_hours; 76-79 + unsigned short usri11_code_page; 80-81 + }; + +where: + + usri11_name specifies the user name for which information is retireved + + usri11_pad aligns the next data structure element to a word boundary + + usri11_comment is a null terminated ASCII comment + + usri11_user_comment is a null terminated ASCII comment about the user + + usri11_priv specifies the level of the privilege assigned to the user. + The possible values are: + +Name Value Description +USER_PRIV_GUEST 0 Guest privilege +USER_PRIV_USER 1 User privilege +USER_PRV_ADMIN 2 Administrator privilege + + usri11_auth_flags specifies the account operator privileges. The + possible values are: + +Name Value Description +AF_OP_PRINT 0 Print operator + + +Leach, Naik [Page 28] + + +INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 + + +AF_OP_COMM 1 Communications operator +AF_OP_SERVER 2 Server operator +AF_OP_ACCOUNTS 3 Accounts operator + + + usri11_password_age specifies how many seconds have elapsed since the + password was last changed. + + usri11_home_dir points to a null terminated ASCII string that contains + the path name of the user's home directory. + + usri11_parms points to a null terminated ASCII string that is set + aside for use by applications. + + usri11_last_logon specifies the time when the user last logged on. + This value is stored as the number of seconds elapsed since + 00:00:00, January 1, 1970. + + usri11_last_logoff specifies the time when the user last logged off. + This value is stored as the number of seconds elapsed since + 00:00:00, January 1, 1970. A value of 0 means the last logoff + time is unknown. + + usri11_bad_pw_count specifies the number of incorrect passwords + entered since the last successful logon. + + usri11_log1_num_logons specifies the number of times this user has + logged on. A value of -1 means the number of logons is unknown. + + usri11_logon_server points to a null terminated ASCII string that + contains the name of the server to which logon requests are sent. + A null string indicates logon requests should be sent to the + domain controller. + + usri11_country_code specifies the country code for the user's language + of choice. + + usri11_workstations points to a null terminated ASCII string that + contains the names of workstations the user may log on from. + There may be up to 8 workstations, with the names separated by + commas. A null strings indicates there are no restrictions. + + usri11_max_storage specifies the maximum amount of disk space the user + can occupy. A value of 0xffffffff indicates there are no + restrictions. + + usri11_units_per_week specifies the equal number of time units into + which a week is divided. This value must be equal to 168. + + usri11_logon_hours points to a 21 byte (168 bits) string that + specifies the time during which the user can log on. Each bit + represents one unique hour in a week. The first bit (bit 0, word + 0) is Sunday, 0:00 to 0:59, the second bit (bit 1, word 0) is + + + +Leach, Naik [Page 29] + + +INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 + + + Sunday, 1:00 to 1:59 and so on. A null pointer indicates there + are no restrictions. + + usri11_code_page specifies the code page for the user's language of + choice + +All of the pointers in this data structure need to be treated +specially. The pointer is a 32 bit pointer. The higher 16 bits need +to be ignored. The converter word returned in the parameters section +needs to be subtracted from the lower 16 bits to calculate an offset +into the return buffer where this ASCII string resides. + +There is no auxiliary data in the response. + + ****************************************************************************/ + +#define usri11_name 0 +#define usri11_pad 21 +#define usri11_comment 22 +#define usri11_usr_comment 26 +#define usri11_full_name 30 +#define usri11_priv 34 +#define usri11_auth_flags 36 +#define usri11_password_age 40 +#define usri11_homedir 44 +#define usri11_parms 48 +#define usri11_last_logon 52 +#define usri11_last_logoff 56 +#define usri11_bad_pw_count 60 +#define usri11_num_logons 62 +#define usri11_logon_server 64 +#define usri11_country_code 68 +#define usri11_workstations 70 +#define usri11_max_storage 74 +#define usri11_units_per_week 78 +#define usri11_logon_hours 80 +#define usri11_code_page 84 +#define usri11_end 86 + +#define USER_PRIV_GUEST 0 +#define USER_PRIV_USER 1 +#define USER_PRIV_ADMIN 2 + +#define AF_OP_PRINT 0 +#define AF_OP_COMM 1 +#define AF_OP_SERVER 2 +#define AF_OP_ACCOUNTS 3 + + +static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *UserName = skip_string(str2,1); + char *p = skip_string(UserName,1); + int uLevel = SVAL(p,0); + char *p2; + + /* get NIS home of a previously validated user - simeon */ + /* With share level security vuid will always be zero. + Don't depend on vuser being non-null !!. JRA */ + user_struct *vuser = get_valid_user_struct(vuid); + if(vuser != NULL) + DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, vuser->name)); + + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + + DEBUG(4,("RNetUserGetInfo level=%d\n", uLevel)); + + /* check it's a supported variant */ + if (strcmp(str1,"zWrLh") != 0) return False; + switch( uLevel ) + { + case 0: p2 = "B21"; break; + case 1: p2 = "B21BB16DWzzWz"; break; + case 2: p2 = "B21BB16DWzzWzDzzzzDDDDWb21WWzWW"; break; + case 10: p2 = "B21Bzzz"; break; + case 11: p2 = "B21BzzzWDDzzDDWWzWzDWb21W"; break; + default: return False; + } + + if (strcmp(p2,str2) != 0) return False; + + *rdata_len = mdrcnt + 1024; + *rdata = REALLOC(*rdata,*rdata_len); + + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + + p = *rdata; + p2 = p + usri11_end; + + memset(p,0,21); + fstrcpy(p+usri11_name,UserName); /* 21 bytes - user name */ + + if (uLevel > 0) + { + SCVAL(p,usri11_pad,0); /* padding - 1 byte */ + *p2 = 0; + } + if (uLevel >= 10) + { + SIVAL(p,usri11_comment,PTR_DIFF(p2,p)); /* comment */ + pstrcpy(p2,"Comment"); + p2 = skip_string(p2,1); + + SIVAL(p,usri11_usr_comment,PTR_DIFF(p2,p)); /* user_comment */ + pstrcpy(p2,"UserComment"); + p2 = skip_string(p2,1); + + /* EEK! the cifsrap.txt doesn't have this in!!!! */ + SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */ + pstrcpy(p2,((vuser != NULL) ? vuser->real_name : UserName)); + p2 = skip_string(p2,1); + } + + if (uLevel == 11) /* modelled after NTAS 3.51 reply */ + { + SSVAL(p,usri11_priv,conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); + SIVAL(p,usri11_auth_flags,AF_OP_PRINT); /* auth flags */ + SIVALS(p,usri11_password_age,-1); /* password age */ + SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */ + pstrcpy(p2, lp_logon_home()); + p2 = skip_string(p2,1); + SIVAL(p,usri11_parms,PTR_DIFF(p2,p)); /* parms */ + pstrcpy(p2,""); + p2 = skip_string(p2,1); + SIVAL(p,usri11_last_logon,0); /* last logon */ + SIVAL(p,usri11_last_logoff,0); /* last logoff */ + SSVALS(p,usri11_bad_pw_count,-1); /* bad pw counts */ + SSVALS(p,usri11_num_logons,-1); /* num logons */ + SIVAL(p,usri11_logon_server,PTR_DIFF(p2,p)); /* logon server */ + pstrcpy(p2,"\\\\*"); + p2 = skip_string(p2,1); + SSVAL(p,usri11_country_code,0); /* country code */ + + SIVAL(p,usri11_workstations,PTR_DIFF(p2,p)); /* workstations */ + pstrcpy(p2,""); + p2 = skip_string(p2,1); + + SIVALS(p,usri11_max_storage,-1); /* max storage */ + SSVAL(p,usri11_units_per_week,168); /* units per week */ + SIVAL(p,usri11_logon_hours,PTR_DIFF(p2,p)); /* logon hours */ + + /* a simple way to get logon hours at all times. */ + memset(p2,0xff,21); + SCVAL(p2,21,0); /* fix zero termination */ + p2 = skip_string(p2,1); + + SSVAL(p,usri11_code_page,0); /* code page */ + } + if (uLevel == 1 || uLevel == 2) + { + memset(p+22,' ',16); /* password */ + SIVALS(p,38,-1); /* password age */ + SSVAL(p,42, + conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); + SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ + pstrcpy(p2,lp_logon_home()); + p2 = skip_string(p2,1); + SIVAL(p,48,PTR_DIFF(p2,*rdata)); /* comment */ + *p2++ = 0; + SSVAL(p,52,0); /* flags */ + SIVAL(p,54,PTR_DIFF(p2,*rdata)); /* script_path */ + pstrcpy(p2,lp_logon_script()); + standard_sub_conn( conn, p2 ); + p2 = skip_string(p2,1); + if (uLevel == 2) + { + SIVAL(p,60,0); /* auth_flags */ + SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ + pstrcpy(p2,((vuser != NULL) ? vuser->real_name : UserName)); + p2 = skip_string(p2,1); + SIVAL(p,68,0); /* urs_comment */ + SIVAL(p,72,PTR_DIFF(p2,*rdata)); /* parms */ + pstrcpy(p2,""); + p2 = skip_string(p2,1); + SIVAL(p,76,0); /* workstations */ + SIVAL(p,80,0); /* last_logon */ + SIVAL(p,84,0); /* last_logoff */ + SIVALS(p,88,-1); /* acct_expires */ + SIVALS(p,92,-1); /* max_storage */ + SSVAL(p,96,168); /* units_per_week */ + SIVAL(p,98,PTR_DIFF(p2,*rdata)); /* logon_hours */ + memset(p2,-1,21); + p2 += 21; + SSVALS(p,102,-1); /* bad_pw_count */ + SSVALS(p,104,-1); /* num_logons */ + SIVAL(p,106,PTR_DIFF(p2,*rdata)); /* logon_server */ + pstrcpy(p2,"\\\\%L"); + standard_sub_conn(conn, p2); + p2 = skip_string(p2,1); + SSVAL(p,110,49); /* country_code */ + SSVAL(p,112,860); /* code page */ + } + } + + *rdata_len = PTR_DIFF(p2,*rdata); + + SSVAL(*rparam,4,*rdata_len); /* is this right?? */ + + return(True); +} + +/******************************************************************* + get groups that a user is a member of + ******************************************************************/ +static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *UserName = skip_string(str2,1); + char *p = skip_string(UserName,1); + int uLevel = SVAL(p,0); + char *p2; + int count=0; + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + + /* check it's a supported varient */ + if (strcmp(str1,"zWrLeh") != 0) return False; + switch( uLevel ) { + case 0: p2 = "B21"; break; + default: return False; + } + if (strcmp(p2,str2) != 0) return False; + + *rdata_len = mdrcnt + 1024; + *rdata = REALLOC(*rdata,*rdata_len); + + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + + p = *rdata; + + /* XXXX we need a real SAM database some day */ + pstrcpy(p,"Users"); p += 21; count++; + pstrcpy(p,"Domain Users"); p += 21; count++; + pstrcpy(p,"Guests"); p += 21; count++; + pstrcpy(p,"Domain Guests"); p += 21; count++; + + *rdata_len = PTR_DIFF(p,*rdata); + + SSVAL(*rparam,4,count); /* is this right?? */ + SSVAL(*rparam,6,count); /* is this right?? */ + + return(True); +} + + +static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + struct pack_desc desc; + char* name; + + uLevel = SVAL(p,0); + name = p + 2; + + memset((char *)&desc,'\0',sizeof(desc)); + + DEBUG(3,("WWkstaUserLogon uLevel=%d name=%s\n",uLevel,name)); + + /* check it's a supported varient */ + if (strcmp(str1,"OOWb54WrLh") != 0) return False; + if (uLevel != 1 || strcmp(str2,"WB21BWDWWDDDDDDDzzzD") != 0) return False; + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + desc.subformat = NULL; + desc.format = str2; + + if (init_package(&desc,1,0)) + { + PACKI(&desc,"W",0); /* code */ + PACKS(&desc,"B21",name); /* eff. name */ + PACKS(&desc,"B",""); /* pad */ + PACKI(&desc,"W", + conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); + PACKI(&desc,"D",0); /* auth flags XXX */ + PACKI(&desc,"W",0); /* num logons */ + PACKI(&desc,"W",0); /* bad pw count */ + PACKI(&desc,"D",0); /* last logon */ + PACKI(&desc,"D",-1); /* last logoff */ + PACKI(&desc,"D",-1); /* logoff time */ + PACKI(&desc,"D",-1); /* kickoff time */ + PACKI(&desc,"D",0); /* password age */ + PACKI(&desc,"D",0); /* password can change */ + PACKI(&desc,"D",-1); /* password must change */ + { + fstring mypath; + fstrcpy(mypath,"\\\\"); + fstrcat(mypath,local_machine); + strupper(mypath); + PACKS(&desc,"z",mypath); /* computer */ + } + PACKS(&desc,"z",global_myworkgroup);/* domain */ + +/* JHT - By calling lp_logon_script() and standard_sub() we have */ +/* made sure all macros are fully substituted and available */ + { + pstring logon_script; + pstrcpy(logon_script,lp_logon_script()); + standard_sub_conn( conn, logon_script ); + PACKS(&desc,"z", logon_script); /* script path */ + } +/* End of JHT mods */ + + PACKI(&desc,"D",0x00000000); /* reserved */ + } + + *rdata_len = desc.usedlen; + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,desc.neededlen); + + DEBUG(4,("WWkstaUserLogon: errorcode %d\n",desc.errcode)); + return(True); +} + + +/**************************************************************************** + api_WAccessGetUserPerms + ****************************************************************************/ +static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *user = skip_string(str2,1); + char *resource = skip_string(user,1); + + DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user,resource)); + + /* check it's a supported varient */ + if (strcmp(str1,"zzh") != 0) return False; + if (strcmp(str2,"") != 0) return False; + + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,0); /* errorcode */ + SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,4,0x7f); /* permission flags */ + + return(True); +} + +/**************************************************************************** + api_WPrintJobEnumerate + ****************************************************************************/ +static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + int count; + int i; + int snum; + int job; + struct pack_desc desc; + print_queue_struct *queue=NULL; + print_status_struct status; + + uLevel = SVAL(p,2); + + memset((char *)&desc,'\0',sizeof(desc)); + memset((char *)&status,'\0',sizeof(status)); + + DEBUG(3,("WPrintJobGetInfo uLevel=%d uJobId=0x%X\n",uLevel,SVAL(p,0))); + + /* check it's a supported varient */ + if (strcmp(str1,"WWrLh") != 0) return False; + if (!check_printjob_info(&desc,uLevel,str2)) return False; + + job = SVAL(p,0); + + if (snum < 0 || !VALID_SNUM(snum)) return(False); + + count = print_queue_status(snum,&queue,&status); + for (i = 0; i < count; i++) { + if (queue[i].job == job) break; + } + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + + if (init_package(&desc,1,0)) { + if (i < count) { + fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i); + *rdata_len = desc.usedlen; + } + else { + desc.errcode = NERR_JobNotFound; + *rdata_len = 0; + } + } + + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,desc.neededlen); + + if (queue) free(queue); + + DEBUG(4,("WPrintJobGetInfo: errorcode %d\n",desc.errcode)); + return(True); +} + +static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + char* name = p; + int uLevel; + int count; + int i, succnt=0; + int snum; + struct pack_desc desc; + print_queue_struct *queue=NULL; + print_status_struct status; + + memset((char *)&desc,'\0',sizeof(desc)); + memset((char *)&status,'\0',sizeof(status)); + + p = skip_string(p,1); + uLevel = SVAL(p,0); + + DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name)); + + /* check it's a supported varient */ + if (strcmp(str1,"zWrLeh") != 0) return False; + if (uLevel > 2) return False; /* defined only for uLevel 0,1,2 */ + if (!check_printjob_info(&desc,uLevel,str2)) return False; + + snum = lp_servicenumber(name); + if (snum < 0 && pcap_printername_ok(name,NULL)) { + int pnum = lp_servicenumber(PRINTERS_NAME); + if (pnum >= 0) { + lp_add_printer(name,pnum); + snum = lp_servicenumber(name); + } + } + + if (snum < 0 || !VALID_SNUM(snum)) return(False); + + count = print_queue_status(snum,&queue,&status); + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + + if (init_package(&desc,count,0)) { + succnt = 0; + for (i = 0; i < count; i++) { + fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i); + if (desc.errcode == NERR_Success) succnt = i+1; + } + } + + *rdata_len = desc.usedlen; + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,count); + + if (queue) free(queue); + + DEBUG(4,("WPrintJobEnumerate: errorcode %d\n",desc.errcode)); + return(True); +} + +static int check_printdest_info(struct pack_desc* desc, + int uLevel, char* id) +{ + desc->subformat = NULL; + switch( uLevel ) { + case 0: desc->format = "B9"; break; + case 1: desc->format = "B9B21WWzW"; break; + case 2: desc->format = "z"; break; + case 3: desc->format = "zzzWWzzzWW"; break; + default: return False; + } + if (strcmp(desc->format,id) != 0) return False; + return True; +} + +static void fill_printdest_info(connection_struct *conn, int snum, int uLevel, + struct pack_desc* desc) +{ + char buf[100]; + strncpy(buf,SERVICE(snum),sizeof(buf)-1); + buf[sizeof(buf)-1] = 0; + strupper(buf); + if (uLevel <= 1) { + PACKS(desc,"B9",buf); /* szName */ + if (uLevel == 1) { + PACKS(desc,"B21",""); /* szUserName */ + PACKI(desc,"W",0); /* uJobId */ + PACKI(desc,"W",0); /* fsStatus */ + PACKS(desc,"z",""); /* pszStatus */ + PACKI(desc,"W",0); /* time */ + } + } + if (uLevel == 2 || uLevel == 3) { + PACKS(desc,"z",buf); /* pszPrinterName */ + if (uLevel == 3) { + PACKS(desc,"z",""); /* pszUserName */ + PACKS(desc,"z",""); /* pszLogAddr */ + PACKI(desc,"W",0); /* uJobId */ + PACKI(desc,"W",0); /* fsStatus */ + PACKS(desc,"z",""); /* pszStatus */ + PACKS(desc,"z",""); /* pszComment */ + PACKS(desc,"z","NULL"); /* pszDrivers */ + PACKI(desc,"W",0); /* time */ + PACKI(desc,"W",0); /* pad1 */ + } + } +} + +static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + char* PrinterName = p; + int uLevel; + struct pack_desc desc; + int snum; + + memset((char *)&desc,'\0',sizeof(desc)); + + p = skip_string(p,1); + uLevel = SVAL(p,0); + + DEBUG(3,("WPrintDestGetInfo uLevel=%d PrinterName=%s\n",uLevel,PrinterName)); + + /* check it's a supported varient */ + if (strcmp(str1,"zWrLh") != 0) return False; + if (!check_printdest_info(&desc,uLevel,str2)) return False; + + snum = lp_servicenumber(PrinterName); + if (snum < 0 && pcap_printername_ok(PrinterName,NULL)) { + int pnum = lp_servicenumber(PRINTERS_NAME); + if (pnum >= 0) { + lp_add_printer(PrinterName,pnum); + snum = lp_servicenumber(PrinterName); + } + } + + if (snum < 0) { + *rdata_len = 0; + desc.errcode = NERR_DestNotFound; + desc.neededlen = 0; + } + else { + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + if (init_package(&desc,1,0)) { + fill_printdest_info(conn,snum,uLevel,&desc); + } + *rdata_len = desc.usedlen; + } + + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,desc.neededlen); + + DEBUG(4,("WPrintDestGetInfo: errorcode %d\n",desc.errcode)); + return(True); +} + +static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + int queuecnt; + int i, n, succnt=0; + struct pack_desc desc; + int services = lp_numservices(); + + memset((char *)&desc,'\0',sizeof(desc)); + + uLevel = SVAL(p,0); + + DEBUG(3,("WPrintDestEnum uLevel=%d\n",uLevel)); + + /* check it's a supported varient */ + if (strcmp(str1,"WrLeh") != 0) return False; + if (!check_printdest_info(&desc,uLevel,str2)) return False; + + queuecnt = 0; + for (i = 0; i < services; i++) + if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) + queuecnt++; + + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + if (init_package(&desc,queuecnt,0)) { + succnt = 0; + n = 0; + for (i = 0; i < services; i++) { + if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { + fill_printdest_info(conn,i,uLevel,&desc); + n++; + if (desc.errcode == NERR_Success) succnt = n; + } + } + } + + *rdata_len = desc.usedlen; + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,queuecnt); + + DEBUG(4,("WPrintDestEnumerate: errorcode %d\n",desc.errcode)); + return(True); +} + +static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + int succnt; + struct pack_desc desc; + + memset((char *)&desc,'\0',sizeof(desc)); + + uLevel = SVAL(p,0); + + DEBUG(3,("WPrintDriverEnum uLevel=%d\n",uLevel)); + + /* check it's a supported varient */ + if (strcmp(str1,"WrLeh") != 0) return False; + if (uLevel != 0 || strcmp(str2,"B41") != 0) return False; + + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + if (init_package(&desc,1,0)) { + PACKS(&desc,"B41","NULL"); + } + + succnt = (desc.errcode == NERR_Success ? 1 : 0); + + *rdata_len = desc.usedlen; + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,1); + + DEBUG(4,("WPrintDriverEnum: errorcode %d\n",desc.errcode)); + return(True); +} + +static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + int succnt; + struct pack_desc desc; + + memset((char *)&desc,'\0',sizeof(desc)); + + uLevel = SVAL(p,0); + + DEBUG(3,("WPrintQProcEnum uLevel=%d\n",uLevel)); + + /* check it's a supported varient */ + if (strcmp(str1,"WrLeh") != 0) return False; + if (uLevel != 0 || strcmp(str2,"B13") != 0) return False; + + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + desc.format = str2; + if (init_package(&desc,1,0)) { + PACKS(&desc,"B13","lpd"); + } + + succnt = (desc.errcode == NERR_Success ? 1 : 0); + + *rdata_len = desc.usedlen; + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,1); + + DEBUG(4,("WPrintQProcEnum: errorcode %d\n",desc.errcode)); + return(True); +} + +static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + int succnt; + struct pack_desc desc; + + memset((char *)&desc,'\0',sizeof(desc)); + + uLevel = SVAL(p,0); + + DEBUG(3,("WPrintPortEnum uLevel=%d\n",uLevel)); + + /* check it's a supported varient */ + if (strcmp(str1,"WrLeh") != 0) return False; + if (uLevel != 0 || strcmp(str2,"B9") != 0) return False; + + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + memset((char *)&desc,'\0',sizeof(desc)); + desc.base = *rdata; + desc.buflen = mdrcnt; + desc.format = str2; + if (init_package(&desc,1,0)) { + PACKS(&desc,"B13","lp0"); + } + + succnt = (desc.errcode == NERR_Success ? 1 : 0); + + *rdata_len = desc.usedlen; + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,1); + + DEBUG(4,("WPrintPortEnum: errorcode %d\n",desc.errcode)); + return(True); +} + +/**************************************************************************** + The buffer was too small + ****************************************************************************/ + +static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + *rparam_len = MIN(*rparam_len,mprcnt); + *rparam = REALLOC(*rparam,*rparam_len); + + *rdata_len = 0; + + SSVAL(*rparam,0,NERR_BufTooSmall); + + DEBUG(3,("Supplied buffer too small in API command\n")); + + return(True); +} + + +/**************************************************************************** + The request is not supported + ****************************************************************************/ + +static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); + + *rdata_len = 0; + + SSVAL(*rparam,0,NERR_notsupported); + SSVAL(*rparam,2,0); /* converter word */ + + DEBUG(3,("Unsupported API command\n")); + + return(True); +} + + + + +struct +{ + char *name; + int id; + BOOL (*fn)(connection_struct *,uint16,char *,char *, + int,int,char **,char **,int *,int *); + int flags; +} api_commands[] = { + {"RNetShareEnum", 0, api_RNetShareEnum,0}, + {"RNetShareGetInfo", 1, api_RNetShareGetInfo,0}, + {"RNetServerGetInfo", 13, api_RNetServerGetInfo,0}, + {"RNetGroupGetUsers", 52, api_RNetGroupGetUsers,0}, + {"RNetUserGetInfo", 56, api_RNetUserGetInfo,0}, + {"NetUserGetGroups", 59, api_NetUserGetGroups,0}, + {"NetWkstaGetInfo", 63, api_NetWkstaGetInfo,0}, + {"DosPrintQEnum", 69, api_DosPrintQEnum,0}, + {"DosPrintQGetInfo", 70, api_DosPrintQGetInfo,0}, + {"WPrintQueuePause", 74, api_WPrintQueuePurge,0}, + {"WPrintQueueResume", 75, api_WPrintQueuePurge,0}, + {"WPrintJobEnumerate",76, api_WPrintJobEnumerate,0}, + {"WPrintJobGetInfo", 77, api_WPrintJobGetInfo,0}, + {"RDosPrintJobDel", 81, api_RDosPrintJobDel,0}, + {"RDosPrintJobPause", 82, api_RDosPrintJobDel,0}, + {"RDosPrintJobResume",83, api_RDosPrintJobDel,0}, + {"WPrintDestEnum", 84, api_WPrintDestEnum,0}, + {"WPrintDestGetInfo", 85, api_WPrintDestGetInfo,0}, + {"NetRemoteTOD", 91, api_NetRemoteTOD,0}, + {"WPrintQueuePurge", 103, api_WPrintQueuePurge,0}, + {"NetServerEnum", 104, api_RNetServerEnum,0}, + {"WAccessGetUserPerms",105, api_WAccessGetUserPerms,0}, + {"SetUserPassword", 115, api_SetUserPassword,0}, + {"WWkstaUserLogon", 132, api_WWkstaUserLogon,0}, + {"PrintJobInfo", 147, api_PrintJobInfo,0}, + {"WPrintDriverEnum", 205, api_WPrintDriverEnum,0}, + {"WPrintQProcEnum", 206, api_WPrintQProcEnum,0}, + {"WPrintPortEnum", 207, api_WPrintPortEnum,0}, + {"SamOEMChangePassword", 214, api_SamOEMChangePassword,0}, + {NULL, -1, api_Unsupported,0}}; + + +/**************************************************************************** + Handle remote api calls + ****************************************************************************/ + +int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char *params, + int tdscnt,int tpscnt,int mdrcnt,int mprcnt) +{ + int api_command; + char *rdata = NULL; + char *rparam = NULL; + int rdata_len = 0; + int rparam_len = 0; + BOOL reply=False; + int i; + + if (!params) { + DEBUG(0,("ERROR: NULL params in api_reply()\n")); + return 0; + } + + api_command = SVAL(params,0); + + DEBUG(3,("Got API command %d of form <%s> <%s> (tdscnt=%d,tpscnt=%d,mdrcnt=%d,mprcnt=%d)\n", + api_command, + params+2, + skip_string(params+2,1), + tdscnt,tpscnt,mdrcnt,mprcnt)); + + for (i=0;api_commands[i].name;i++) { + if (api_commands[i].id == api_command && api_commands[i].fn) { + DEBUG(3,("Doing %s\n",api_commands[i].name)); + break; + } + } + + rdata = (char *)malloc(1024); + if (rdata) + memset(rdata,'\0',1024); + + rparam = (char *)malloc(1024); + if (rparam) + memset(rparam,'\0',1024); + + if(!rdata || !rparam) { + DEBUG(0,("api_reply: malloc fail !\n")); + return -1; + } + + reply = api_commands[i].fn(conn,vuid,params,data,mdrcnt,mprcnt, + &rdata,&rparam,&rdata_len,&rparam_len); + + + if (rdata_len > mdrcnt || + rparam_len > mprcnt) { + reply = api_TooSmall(conn,vuid,params,data,mdrcnt,mprcnt, + &rdata,&rparam,&rdata_len,&rparam_len); + } + + /* if we get False back then it's actually unsupported */ + if (!reply) + api_Unsupported(conn,vuid,params,data,mdrcnt,mprcnt, + &rdata,&rparam,&rdata_len,&rparam_len); + + send_trans_reply(outbuf, rparam, rparam_len, rdata, rdata_len, False); + + if (rdata ) + free(rdata); + if (rparam) + free(rparam); + + return -1; +} + -- cgit From d384e1801d7cd841f67f3c9216900d2e59e9d1d5 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 22 Apr 2000 08:27:48 +0000 Subject: fixed uninitialised snum (This used to be commit 14251aab2ec00aa7f3e6a6e791e78732cb5a9eda) --- source3/smbd/lanman.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 391a94596a..aaf2bc017f 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2617,6 +2617,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para if (!check_printjob_info(&desc,uLevel,str2)) return False; job = SVAL(p,0); + snum = print_job_snum(job); if (snum < 0 || !VALID_SNUM(snum)) return(False); -- cgit From 00e3fe132476fcaed0f4b9bbe74b0a6559c39df0 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 25 Apr 2000 14:06:57 +0000 Subject: moved trans2.h and nterr.h into includes.h with all our other includes (This used to be commit d7cd7c88fdabb01d9e40ae8a657737907a21ac37) --- source3/smbd/lanman.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index aaf2bc017f..9774305fc9 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -27,7 +27,6 @@ */ #include "includes.h" -#include "nterr.h" #ifdef CHECK_TYPES #undef CHECK_TYPES -- cgit From 32d5416b6a777a7874fec8518ec44e750560d882 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 2 May 2000 13:55:42 +0000 Subject: split the username in the vuser structure into a separate userdom_struct. As the name implies this also contains a domain (unused at the moment). This will be important shortly, as operation in appliance mode needs the domain to be always carried with the username. (This used to be commit ee8546342d5be90e730372b985710d764564b124) --- source3/smbd/lanman.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 9774305fc9..2ec08ddbf9 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2285,7 +2285,8 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param Don't depend on vuser being non-null !!. JRA */ user_struct *vuser = get_valid_user_struct(vuid); if(vuser != NULL) - DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, vuser->name)); + DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, + vuser->user.unix_name)); *rparam_len = 6; *rparam = REALLOC(*rparam,*rparam_len); @@ -2335,7 +2336,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param /* EEK! the cifsrap.txt doesn't have this in!!!! */ SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */ - pstrcpy(p2,((vuser != NULL) ? vuser->real_name : UserName)); + pstrcpy(p2,((vuser != NULL) ? vuser->user.real_name : UserName)); p2 = skip_string(p2,1); } @@ -2394,7 +2395,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param { SIVAL(p,60,0); /* auth_flags */ SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ - pstrcpy(p2,((vuser != NULL) ? vuser->real_name : UserName)); + pstrcpy(p2,((vuser != NULL) ? vuser->user.real_name : UserName)); p2 = skip_string(p2,1); SIVAL(p,68,0); /* urs_comment */ SIVAL(p,72,PTR_DIFF(p2,*rdata)); /* parms */ -- cgit From f3a861e04e33901c89408a9c89ebaa81fc606f97 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 4 May 2000 07:59:34 +0000 Subject: - use full_name instead of real_name - got rid of guest map code in lpq parser (This used to be commit 8e53f781d3cf6a7007764916a0d8e8f1abea1f66) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 2ec08ddbf9..b986df6d07 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2336,7 +2336,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param /* EEK! the cifsrap.txt doesn't have this in!!!! */ SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */ - pstrcpy(p2,((vuser != NULL) ? vuser->user.real_name : UserName)); + pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); p2 = skip_string(p2,1); } @@ -2395,7 +2395,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param { SIVAL(p,60,0); /* auth_flags */ SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ - pstrcpy(p2,((vuser != NULL) ? vuser->user.real_name : UserName)); + pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); p2 = skip_string(p2,1); SIVAL(p,68,0); /* urs_comment */ SIVAL(p,72,PTR_DIFF(p2,*rdata)); /* parms */ -- cgit From 49a0e6d5989656c1b3c9c063a20308ca4ee5d73b Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 10 May 2000 10:41:59 +0000 Subject: more merging voodoo this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic - this isn't permanent, it should go after another few merge steps have been done (This used to be commit 92109d7b3c06f240452d39f669ecb8c9c86ab610) --- source3/smbd/lanman.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index b986df6d07..fe2cc3ae7d 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1,3 +1,4 @@ +#define OLD_NTDOMAIN 1 /* Unix SMB/Netbios implementation. Version 1.9. @@ -3179,3 +3180,5 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * return -1; } + +#undef OLD_NTDOMAIN -- cgit From 0164047afbd082b0003147845a72ca08b4781b81 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 7 Jun 2000 01:49:23 +0000 Subject: Fixing get/set of security descriptors. Removed ugly hack for NT printing. Fixed up tdb parse stuff memory leaks. Jeremy. (This used to be commit 8ef41f31c53e14ad057d883810a1cd2301fede2a) --- source3/smbd/lanman.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index fe2cc3ae7d..cfc0e08d47 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -776,6 +776,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, desc.subcount = count; fill_printq_info(conn,snum,uLevel,&desc,count,queue,&status); } else if(uLevel == 0) { +#if 0 /* * This is a *disgusting* hack. * This is *so* bad that even I'm embarrassed (and I @@ -795,6 +796,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, */ fail_next_srvsvc_open(); +#endif } *rdata_len = desc.usedlen; -- cgit From a62d17dc618f3de641341118af02fb43b6cb7e6a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 8 Jun 2000 22:24:13 +0000 Subject: Change from "David S. Chappell" to make "printer driver file" a share parameter. This fits better with the new NT printing subsystem. Jeremy. (This used to be commit 7afb68461f3938a647a6c48689293af8ed36ccb7) --- source3/smbd/lanman.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index cfc0e08d47..bee2b39f2f 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -499,10 +499,10 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, char *p; char **lines, *line; - lines = file_lines_load(lp_driverfile(),NULL); + lines = file_lines_load(lp_driverfile(snum),NULL); if (!lines) { DEBUG(3,("fill_printq_info: Can't open %s - %s\n", - lp_driverfile(),strerror(errno))); + lp_driverfile(snum),strerror(errno))); desc->errcode=NERR_notsupported; return; } @@ -668,10 +668,10 @@ static int get_printerdrivernumber(int snum) char *p; char **lines, *line; - lines = file_lines_load(lp_driverfile(), NULL); + lines = file_lines_load(lp_driverfile(snum), NULL); if (!lines) { DEBUG(3,("get_printerdrivernumber: Can't open %s - %s\n", - lp_driverfile(),strerror(errno))); + lp_driverfile(snum),strerror(errno))); return(0); } -- cgit From 5824ae2734fd4b7e765afe696c135a8fe5153c88 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 16 Jun 2000 08:18:57 +0000 Subject: Pass the vuid from the connection_struct to the printing back end functions. (This used to be commit 6120d03200ed6d89640332aedc75172bdf77e2a0) --- source3/smbd/lanman.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index bee2b39f2f..bf635b88b1 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1773,13 +1773,13 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param switch (function) { case 81: /* delete */ - if (print_job_delete(jobid)) errcode = NERR_Success; + if (print_job_delete(jobid, vuid)) errcode = NERR_Success; break; case 82: /* pause */ - if (print_job_pause(jobid)) errcode = NERR_Success; + if (print_job_pause(jobid, vuid)) errcode = NERR_Success; break; case 83: /* resume */ - if (print_job_resume(jobid)) errcode = NERR_Success; + if (print_job_resume(jobid, vuid)) errcode = NERR_Success; break; } @@ -1822,13 +1822,13 @@ static BOOL api_WPrintQueuePurge(connection_struct *conn,uint16 vuid, char *para switch (function) { case 74: /* Pause queue */ - if (print_queue_pause(snum)) errcode = NERR_Success; + if (print_queue_pause(snum, vuid)) errcode = NERR_Success; break; case 75: /* Resume queue */ - if (print_queue_resume(snum)) errcode = NERR_Success; + if (print_queue_resume(snum, vuid)) errcode = NERR_Success; break; case 103: /* Purge */ - if (print_queue_purge(snum)) errcode = NERR_Success; + if (print_queue_purge(snum, vuid)) errcode = NERR_Success; break; } -- cgit From 75dd5b5051f6e0f29ae51ecbc493d78e44ca5e21 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 6 Jul 2000 07:10:32 +0000 Subject: Don't check NT permissions when printing from lanman. (This used to be commit e84607eedf3be454f8f709c70cafc5ded4ea951d) --- source3/smbd/lanman.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index bf635b88b1..82f0c25fa8 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1773,13 +1773,13 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param switch (function) { case 81: /* delete */ - if (print_job_delete(jobid, vuid)) errcode = NERR_Success; + if (print_job_delete(NULL, jobid)) errcode = NERR_Success; break; case 82: /* pause */ - if (print_job_pause(jobid, vuid)) errcode = NERR_Success; + if (print_job_pause(NULL, jobid)) errcode = NERR_Success; break; case 83: /* resume */ - if (print_job_resume(jobid, vuid)) errcode = NERR_Success; + if (print_job_resume(NULL, jobid)) errcode = NERR_Success; break; } @@ -1822,13 +1822,13 @@ static BOOL api_WPrintQueuePurge(connection_struct *conn,uint16 vuid, char *para switch (function) { case 74: /* Pause queue */ - if (print_queue_pause(snum, vuid)) errcode = NERR_Success; + if (print_queue_pause(NULL, snum)) errcode = NERR_Success; break; case 75: /* Resume queue */ - if (print_queue_resume(snum, vuid)) errcode = NERR_Success; + if (print_queue_resume(NULL, snum)) errcode = NERR_Success; break; case 103: /* Purge */ - if (print_queue_purge(snum, vuid)) errcode = NERR_Success; + if (print_queue_purge(NULL, snum)) errcode = NERR_Success; break; } -- cgit From 78a4848e8da7bb4f96e99e3419c5473c4c23bb6d Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 10 Jul 2000 05:08:21 +0000 Subject: Re-instated lanman printing security checks (oops). A user can now pause, resume or delete their own job even if they don't have the Manage Documents privilege. Added call to se_access_check() for changing printer properties. The Full Access privilege is required for the user to perform this. Several uninitialised variables and memory leaks plugged. Modified default ACL created on new printers to be Everyone / Print instead of Everyone / Full Access. This required some random stuffing around with the value of the revision field to correspond with the ACL that NT produces when setting the same permission on the printer. Fixed dodgy function call in printing/printfsp.c (This used to be commit 2abce4dcfa351051df6e5f789b34fa99c9b81c22) --- source3/smbd/lanman.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 82f0c25fa8..e5a42d4db4 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1753,6 +1753,7 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); int jobid, errcode; + extern struct current_user current_user; jobid = SVAL(p,0); @@ -1773,13 +1774,16 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param switch (function) { case 81: /* delete */ - if (print_job_delete(NULL, jobid)) errcode = NERR_Success; + if (print_job_delete(¤t_user, jobid)) + errcode = NERR_Success; break; case 82: /* pause */ - if (print_job_pause(NULL, jobid)) errcode = NERR_Success; + if (print_job_pause(¤t_user, jobid)) + errcode = NERR_Success; break; case 83: /* resume */ - if (print_job_resume(NULL, jobid)) errcode = NERR_Success; + if (print_job_resume(¤t_user, jobid)) + errcode = NERR_Success; break; } -- cgit From 5c162bbe5b6ce32f894c3ee77da9dcdd9c840ad4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 19 Jul 2000 20:11:11 +0000 Subject: Code from John Reilly to add tdb lookups into the Win95 printer driver download if looking for the default driver files fail. Jeremy. (This used to be commit 1192d867c4e863471f9bc12afceb68a23ba2142e) --- source3/smbd/lanman.c | 51 ++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 44 insertions(+), 7 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index e5a42d4db4..a51ea92353 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -498,15 +498,17 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, pstring tok,driver,datafile,langmon,helpfile,datatype; char *p; char **lines, *line; + pstring gen_line; + DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", + snum, lp_printerdriver(snum), lp_driverfile(snum))); lines = file_lines_load(lp_driverfile(snum),NULL); if (!lines) { DEBUG(3,("fill_printq_info: Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); - desc->errcode=NERR_notsupported; - return; } - + else + { /* lookup the long printer driver name in the file description */ for (i=0;lines[i] && !ok;i++) { @@ -516,6 +518,22 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) ok=1; } + } + + if( !ok ) { + /* no printers.def, or driver not found, check the NT driver tdb */ + if ( ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum)) ) { + p = gen_line; + DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", + lp_printerdriver(snum), gen_line)); + } else { + /* didn't find driver in tdb either... oh well */ + DEBUG(10,("9x driver not found in tdb\n")); + desc->errcode=NERR_notsupported; + return; + } + } + line = strdup(p); p = line; file_lines_free(lines); @@ -667,21 +685,40 @@ static int get_printerdrivernumber(int snum) pstring tok; char *p; char **lines, *line; + pstring gen_line; + DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", + snum, lp_printerdriver(snum), lp_driverfile(snum))); lines = file_lines_load(lp_driverfile(snum), NULL); if (!lines) { DEBUG(3,("get_printerdrivernumber: Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); - return(0); } - - /* lookup the long printer driver name in the file description */ - for (i=0;lines[i] && !ok; i++) { + else + { + /* lookup the long printer driver name in the file + description */ + for (i=0;lines[i] && !ok;i++) { p = lines[i]; if (next_token(&p,tok,":",sizeof(tok)) && + (strlen(lp_printerdriver(snum)) == strlen(tok)) && (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) ok=1; } + } + + if( !ok ) { + /* no printers.def, or driver not found, check the NT driver tdb */ + if ( ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum)) ) { + p = gen_line; + DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", + lp_printerdriver(snum), gen_line)); + } else { + /* didn't find driver in tdb either... oh well */ + DEBUG(10,("9x driver not found in tdb\n")); + return (0); + } + } line = strdup(p); p = line; file_lines_free(lines); -- cgit From 9f040cc17ea6c5f536571fa37a10125ec3f12765 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 19 Jul 2000 23:47:10 +0000 Subject: Modified the patch to look in the tdb *first* - thus allowing legacy text filed to be ignored when an upload is done. Modified to code to goto err on problems, simplifies it. Jeremy. (This used to be commit 9157a6ab2646c035a731d53aa3be010488ccf51a) --- source3/smbd/lanman.c | 166 +++++++++++++++++++++++++++----------------------- 1 file changed, 91 insertions(+), 75 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index a51ea92353..078e3385dc 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -494,112 +494,128 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, int count, print_queue_struct* queue, print_status_struct* status) { - int i,ok=0; + int i; + BOOL ok = False; pstring tok,driver,datafile,langmon,helpfile,datatype; char *p; - char **lines, *line; + char **lines; + char *line = NULL; pstring gen_line; + /* + * Check in the tdb *first* before checking the legacy + * files. This allows an NT upload to take precedence over + * the existing fileset. JRA. + */ + + if ( ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum)) ) { + p = gen_line; + DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", lp_printerdriver(snum), gen_line)); + } else { + /* didn't find driver in tdb either... oh well */ + DEBUG(10,("9x driver not found in tdb\n")); + } + DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", snum, lp_printerdriver(snum), lp_driverfile(snum))); + lines = file_lines_load(lp_driverfile(snum),NULL); + if (!lines) { DEBUG(3,("fill_printq_info: Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); - } - else - { - /* lookup the long printer driver name in the file - description */ - for (i=0;lines[i] && !ok;i++) { - p = lines[i]; - if (next_token(&p,tok,":",sizeof(tok)) && - (strlen(lp_printerdriver(snum)) == strlen(tok)) && - (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) - ok=1; - } - } - - if( !ok ) { - /* no printers.def, or driver not found, check the NT driver tdb */ - if ( ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum)) ) { - p = gen_line; - DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", - lp_printerdriver(snum), gen_line)); - } else { - /* didn't find driver in tdb either... oh well */ - DEBUG(10,("9x driver not found in tdb\n")); desc->errcode=NERR_notsupported; return; + } else { + /* lookup the long printer driver name in the file + description */ + for (i=0;lines[i] && !ok;i++) { + p = lines[i]; + if (next_token(&p,tok,":",sizeof(tok)) && + (strlen(lp_printerdriver(snum)) == strlen(tok)) && + (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) + ok = True; } } - line = strdup(p); + if (!ok) + goto err; + + if ((line = strdup(p)) == NULL) + goto err; + p = line; file_lines_free(lines); /* driver file name */ - if (ok && !next_token(&p,driver,":",sizeof(driver))) ok = 0; + if (!next_token(&p,driver,":",sizeof(driver))) + goto err; + /* data file name */ - if (ok && !next_token(&p,datafile,":",sizeof(datafile))) ok = 0; + if (!next_token(&p,datafile,":",sizeof(datafile))) + goto err; + /* * for the next tokens - which may be empty - I have * to check for empty tokens first because the * next_token function will skip all empty token * fields */ - if (ok) { - /* help file */ - if (*p == ':') { - *helpfile = '\0'; - p++; - } else if (!next_token(&p,helpfile,":",sizeof(helpfile))) ok = 0; - } + + /* help file */ + if (*p == ':') { + *helpfile = '\0'; + p++; + } else if (!next_token(&p,helpfile,":",sizeof(helpfile))) + goto err; - if (ok) { - /* language monitor */ - if (*p == ':') { - *langmon = '\0'; - p++; - } else if (!next_token(&p,langmon,":",sizeof(langmon))) - ok = 0; - } + /* language monitor */ + if (*p == ':') { + *langmon = '\0'; + p++; + } else if (!next_token(&p,langmon,":",sizeof(langmon))) + goto err; /* default data type */ - if (ok && !next_token(&p,datatype,":",sizeof(datatype))) - ok = 0; + if (!next_token(&p,datatype,":",sizeof(datatype))) + goto err; - if (ok) { - PACKI(desc,"W",0x0400); /* don't know */ - PACKS(desc,"z",lp_printerdriver(snum)); /* long printer name */ - PACKS(desc,"z",driver); /* Driverfile Name */ - PACKS(desc,"z",datafile); /* Datafile name */ - PACKS(desc,"z",langmon); /* language monitor */ - PACKS(desc,"z",lp_driverlocation(snum)); /* share to retrieve files */ - PACKS(desc,"z",datatype); /* default data type */ - PACKS(desc,"z",helpfile); /* helpfile name */ - PACKS(desc,"z",driver); /* driver name */ - DEBUG(3,("Driver:%s:\n",driver)); - DEBUG(3,("Data File:%s:\n",datafile)); - DEBUG(3,("Language Monitor:%s:\n",langmon)); - DEBUG(3,("Data Type:%s:\n",datatype)); - DEBUG(3,("Help File:%s:\n",helpfile)); - PACKI(desc,"N",count); /* number of files to copy */ - for (i=0;i gave %d entries\n", - SERVICE(snum),count)); - } else { - DEBUG(3,("fill_printq_info: Can't supply driver files\n")); - desc->errcode=NERR_notsupported; + PACKI(desc,"W",0x0400); /* don't know */ + PACKS(desc,"z",lp_printerdriver(snum)); /* long printer name */ + PACKS(desc,"z",driver); /* Driverfile Name */ + PACKS(desc,"z",datafile); /* Datafile name */ + PACKS(desc,"z",langmon); /* language monitor */ + PACKS(desc,"z",lp_driverlocation(snum)); /* share to retrieve files */ + PACKS(desc,"z",datatype); /* default data type */ + PACKS(desc,"z",helpfile); /* helpfile name */ + PACKS(desc,"z",driver); /* driver name */ + DEBUG(3,("Driver:%s:\n",driver)); + DEBUG(3,("Data File:%s:\n",datafile)); + DEBUG(3,("Language Monitor:%s:\n",langmon)); + DEBUG(3,("Data Type:%s:\n",datatype)); + DEBUG(3,("Help File:%s:\n",helpfile)); + PACKI(desc,"N",count); /* number of files to copy */ + + for (i=0;i gave %d entries\n", + SERVICE(snum),count)); + free(line); + return; + + err: + + DEBUG(3,("fill_printq_info: Can't supply driver files\n")); + desc->errcode=NERR_notsupported; + if (line) + free(line); } -- cgit From bc22ae0b47bddd919b07e4c81ae12243c1f3226a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 25 Jul 2000 22:35:57 +0000 Subject: Fixed up error checking and move printer file code. Fixed a memory leak. Jeremy. (This used to be commit 5130dd0f8b80aed5fb3c0df290b627057cc9b825) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 078e3385dc..6cb63f18f7 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -508,7 +508,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, * the existing fileset. JRA. */ - if ( ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum)) ) { + if ((ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum)) ) == True) { p = gen_line; DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", lp_printerdriver(snum), gen_line)); } else { @@ -725,7 +725,7 @@ static int get_printerdrivernumber(int snum) if( !ok ) { /* no printers.def, or driver not found, check the NT driver tdb */ - if ( ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum)) ) { + if ((ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum)))==True ) { p = gen_line; DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", lp_printerdriver(snum), gen_line)); -- cgit From 49fcb300de40d6da8682b485fd2c51236bcbb3dd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 31 Jul 2000 20:41:51 +0000 Subject: Added John Reilly's enumports/addprinter/delprinter scripting code plus the fix for the Win9x printer drivers. Changed command names to add "command" string on the end for some consistancy with the other scripting commands. Added '%P' option to tdbpack/unpack to store long comment string. Made port name be "Samba Printer Port" if no enum port script given. Fixed prs_uint32_pre code to cope with null args. Jeremy. (This used to be commit 902ada63799cf27924c72e24e7593a8c9fb5eba9) --- source3/smbd/lanman.c | 92 ++++++++++++++++++++++++--------------------------- 1 file changed, 43 insertions(+), 49 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 6cb63f18f7..ab2fd4d55d 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -495,11 +495,10 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, print_status_struct* status) { int i; - BOOL ok = False; + BOOL ok; pstring tok,driver,datafile,langmon,helpfile,datatype; char *p; - char **lines; - char *line = NULL; + char **lines = NULL; pstring gen_line; /* @@ -512,23 +511,18 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, p = gen_line; DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", lp_printerdriver(snum), gen_line)); } else { - /* didn't find driver in tdb either... oh well */ - DEBUG(10,("9x driver not found in tdb\n")); - } + /* didn't find driver in tdb */ DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", snum, lp_printerdriver(snum), lp_driverfile(snum))); lines = file_lines_load(lp_driverfile(snum),NULL); - if (!lines) { - DEBUG(3,("fill_printq_info: Can't open %s - %s\n", - lp_driverfile(snum),strerror(errno))); + DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); desc->errcode=NERR_notsupported; return; } else { - /* lookup the long printer driver name in the file - description */ + /* lookup the long printer driver name in the file description */ for (i=0;lines[i] && !ok;i++) { p = lines[i]; if (next_token(&p,tok,":",sizeof(tok)) && @@ -537,16 +531,10 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, ok = True; } } + } - if (!ok) - goto err; - - if ((line = strdup(p)) == NULL) - goto err; - - p = line; - file_lines_free(lines); - + if (ok) + { /* driver file name */ if (!next_token(&p,driver,":",sizeof(driver))) goto err; @@ -588,9 +576,11 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, PACKS(desc,"z",datatype); /* default data type */ PACKS(desc,"z",helpfile); /* helpfile name */ PACKS(desc,"z",driver); /* driver name */ + DEBUG(3,("lp_printerdriver:%s:\n",lp_printerdriver(snum))); DEBUG(3,("Driver:%s:\n",driver)); DEBUG(3,("Data File:%s:\n",datafile)); DEBUG(3,("Language Monitor:%s:\n",langmon)); + DEBUG(3,("lp_driverlocation:%s:\n",lp_driverlocation(snum))); DEBUG(3,("Data Type:%s:\n",datatype)); DEBUG(3,("Help File:%s:\n",helpfile)); PACKI(desc,"N",count); /* number of files to copy */ @@ -607,15 +597,16 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, DEBUG(3,("fill_printq_info on <%s> gave %d entries\n", SERVICE(snum),count)); - free(line); + desc->errcode=NERR_Success; + file_lines_free(lines); return; + } err: DEBUG(3,("fill_printq_info: Can't supply driver files\n")); desc->errcode=NERR_notsupported; - if (line) - free(line); + file_lines_free(lines); } @@ -697,64 +688,67 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, /* This function returns the number of files for a given driver */ static int get_printerdrivernumber(int snum) { - int i=0,ok=0; + int i; + BOOL ok; pstring tok; char *p; - char **lines, *line; + char **lines = NULL; pstring gen_line; + /* + * Check in the tdb *first* before checking the legacy + * files. This allows an NT upload to take precedence over + * the existing fileset. JRA. + */ + + if ((ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum))) == True ) { + p = gen_line; + DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", lp_printerdriver(snum), gen_line)); + } else { + /* didn't find driver in tdb */ + DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", snum, lp_printerdriver(snum), lp_driverfile(snum))); + lines = file_lines_load(lp_driverfile(snum), NULL); if (!lines) { - DEBUG(3,("get_printerdrivernumber: Can't open %s - %s\n", - lp_driverfile(snum),strerror(errno))); + DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); } else { - /* lookup the long printer driver name in the file - description */ + /* lookup the long printer driver name in the file description */ for (i=0;lines[i] && !ok;i++) { p = lines[i]; if (next_token(&p,tok,":",sizeof(tok)) && (strlen(lp_printerdriver(snum)) == strlen(tok)) && (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) - ok=1; + ok = True; } - } - - if( !ok ) { - /* no printers.def, or driver not found, check the NT driver tdb */ - if ((ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum)))==True ) { - p = gen_line; - DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", - lp_printerdriver(snum), gen_line)); - } else { - /* didn't find driver in tdb either... oh well */ - DEBUG(10,("9x driver not found in tdb\n")); - return (0); } } - line = strdup(p); - p = line; - file_lines_free(lines); - if (ok) { + if( ok ) { /* skip 5 fields */ i = 5; while (*p && i) { if (*p++ == ':') i--; } if (!*p || i) - return(0); + goto err; /* count the number of files */ while (next_token(&p,tok,",",sizeof(tok))) i++; - } - free(line); + file_lines_free(lines); return(i); + } + + err: + + DEBUG(3,("Can't determine number of printer driver files\n")); + file_lines_free(lines); + return (0); } static BOOL api_DosPrintQGetInfo(connection_struct *conn, -- cgit From d95777ac34f68a3525786103b9217f6397d9f1d4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 1 Aug 2000 00:41:19 +0000 Subject: Added print job substitutions for %{printername}, %{sharename} and %{portname} from the NT printer tdb. Also added checks for time restrictions before allowing a job to print. Jeremy. (This used to be commit 8cfb55e81abebf0354e6d470ed68bbac1d6560ad) --- source3/smbd/lanman.c | 30 ++++++++++++++---------------- 1 file changed, 14 insertions(+), 16 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index ab2fd4d55d..047212bf9f 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -707,23 +707,21 @@ static int get_printerdrivernumber(int snum) } else { /* didn't find driver in tdb */ - DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", + DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", snum, lp_printerdriver(snum), lp_driverfile(snum))); - lines = file_lines_load(lp_driverfile(snum), NULL); - if (!lines) { + lines = file_lines_load(lp_driverfile(snum), NULL); + if (!lines) { DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); - } - else - { + } else { /* lookup the long printer driver name in the file description */ - for (i=0;lines[i] && !ok;i++) { - p = lines[i]; - if (next_token(&p,tok,":",sizeof(tok)) && - (strlen(lp_printerdriver(snum)) == strlen(tok)) && - (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) + for (i=0;lines[i] && !ok;i++) { + p = lines[i]; + if (next_token(&p,tok,":",sizeof(tok)) && + (strlen(lp_printerdriver(snum)) == strlen(tok)) && + (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) ok = True; - } + } } } @@ -741,7 +739,7 @@ static int get_printerdrivernumber(int snum) i++; file_lines_free(lines); - return(i); + return(i); } err: @@ -861,10 +859,10 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, return(True); } - /**************************************************************************** - view list of all print jobs on all queues - ****************************************************************************/ + View list of all print jobs on all queues. +****************************************************************************/ + static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, char* data, int mdrcnt, int mprcnt, char **rdata, char** rparam, -- cgit From 150d8c6a87a2af724b22ebcc1fd58248ce99a2f3 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 17 Aug 2000 20:05:05 +0000 Subject: Fix for Win9x driver downloads when information is stored in the TDB. See the message I posted about this on samba-technical * If the admin does not desire the new NT print driver support, nothing needs to be done. All existing parameters work the same. * If the admin wants to take advantage of NT printer driver support but does not want to migrate the 9x drivers to the new setup, the leave the existing printers.def file. When smbd attempts to locate a 9x driver for the printer in the TDB and fails it will drop down to using the printers.def (and all associated parameters). The make_printerdef tool will also remain for backwards compatibility but will be moved to the "this tool is the old way of doing it" pile. * If the admin installs a 9x driver for a printer on a Samba host (in the printing TDB), this information will take precedence and the three old printing parameters will be ignored (including print driver location). * If an admin wants to migrate the printers.def file into the new setup, I can write a script to do this using rpcclient. The main problem is the driver namespace (we need the NT driver name first in order to be consistent). jerry (This used to be commit ac049f8bf348810dc068382fdbc6635a2015d36a) --- source3/smbd/lanman.c | 236 ++++++++++++++++++++++++++++++++------------------ 1 file changed, 153 insertions(+), 83 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 047212bf9f..712016285e 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -37,6 +37,7 @@ extern int DEBUGLEVEL; extern fstring local_machine; +extern fstring global_myname; extern fstring global_myworkgroup; #define NERR_Success 0 @@ -488,7 +489,10 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, } } - +/******************************************************************** + Respond to the DosPrintQInfo command with a level of 52 + This is used to get printer driver information for Win9x clients + ********************************************************************/ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, struct pack_desc* desc, int count, print_queue_struct* queue, @@ -500,106 +504,155 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, char *p; char **lines = NULL; pstring gen_line; + NT_PRINTER_INFO_LEVEL *info = NULL; + BOOL in_tdb = False; + fstring location; /* * Check in the tdb *first* before checking the legacy * files. This allows an NT upload to take precedence over * the existing fileset. JRA. + * + * we need to lookup the driver name prior to making the call + * to get_a_printer_driver_9x_compatible() and not rely on the + * 'print driver' parameter --jerry */ - if ((ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum)) ) == True) { - p = gen_line; - DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", lp_printerdriver(snum), gen_line)); - } else { + get_a_printer (&info, 2, lp_servicename(snum)); + if ((info != NULL) && + ((ok = get_a_printer_driver_9x_compatible(gen_line, info->info_2->drivername)) == True)) + { + in_tdb = True; + p = gen_line; + DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", + info->info_2->drivername, gen_line)); + } + else + { /* didn't find driver in tdb */ - DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", - snum, lp_printerdriver(snum), lp_driverfile(snum))); + DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", + snum, lp_printerdriver(snum), lp_driverfile(snum))); - lines = file_lines_load(lp_driverfile(snum),NULL); - if (!lines) { - DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); - desc->errcode=NERR_notsupported; - return; - } else { + lines = file_lines_load(lp_driverfile(snum),NULL); + if (!lines) + { + DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum), + strerror(errno))); + desc->errcode=NERR_notsupported; + return; + } + else + { /* lookup the long printer driver name in the file description */ - for (i=0;lines[i] && !ok;i++) { - p = lines[i]; - if (next_token(&p,tok,":",sizeof(tok)) && - (strlen(lp_printerdriver(snum)) == strlen(tok)) && - (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) - ok = True; + for (i=0;lines[i] && !ok;i++) + { + p = lines[i]; + if (next_token(&p,tok,":",sizeof(tok)) && + (strlen(lp_printerdriver(snum)) == strlen(tok)) && + (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) + ok = True; + } } } - } if (ok) { - /* driver file name */ - if (!next_token(&p,driver,":",sizeof(driver))) - goto err; + /* driver file name */ + if (!next_token(&p,driver,":",sizeof(driver))) + goto err; - /* data file name */ - if (!next_token(&p,datafile,":",sizeof(datafile))) - goto err; + /* data file name */ + if (!next_token(&p,datafile,":",sizeof(datafile))) + goto err; - /* - * for the next tokens - which may be empty - I have - * to check for empty tokens first because the - * next_token function will skip all empty token - * fields */ - - /* help file */ - if (*p == ':') { - *helpfile = '\0'; - p++; - } else if (!next_token(&p,helpfile,":",sizeof(helpfile))) - goto err; + /* + * for the next tokens - which may be empty - I have + * to check for empty tokens first because the + * next_token function will skip all empty token + * fields */ + + /* help file */ + if (*p == ':') + { + *helpfile = '\0'; + p++; + } + else if (!next_token(&p,helpfile,":",sizeof(helpfile))) + goto err; - /* language monitor */ - if (*p == ':') { - *langmon = '\0'; - p++; - } else if (!next_token(&p,langmon,":",sizeof(langmon))) - goto err; + /* language monitor */ + if (*p == ':') + { + *langmon = '\0'; + p++; + } + else if (!next_token(&p,langmon,":",sizeof(langmon))) + goto err; - /* default data type */ - if (!next_token(&p,datatype,":",sizeof(datatype))) - goto err; + /* default data type */ + if (!next_token(&p,datatype,":",sizeof(datatype))) + goto err; - PACKI(desc,"W",0x0400); /* don't know */ - PACKS(desc,"z",lp_printerdriver(snum)); /* long printer name */ - PACKS(desc,"z",driver); /* Driverfile Name */ - PACKS(desc,"z",datafile); /* Datafile name */ - PACKS(desc,"z",langmon); /* language monitor */ - PACKS(desc,"z",lp_driverlocation(snum)); /* share to retrieve files */ - PACKS(desc,"z",datatype); /* default data type */ - PACKS(desc,"z",helpfile); /* helpfile name */ - PACKS(desc,"z",driver); /* driver name */ - DEBUG(3,("lp_printerdriver:%s:\n",lp_printerdriver(snum))); - DEBUG(3,("Driver:%s:\n",driver)); - DEBUG(3,("Data File:%s:\n",datafile)); - DEBUG(3,("Language Monitor:%s:\n",langmon)); - DEBUG(3,("lp_driverlocation:%s:\n",lp_driverlocation(snum))); - DEBUG(3,("Data Type:%s:\n",datatype)); - DEBUG(3,("Help File:%s:\n",helpfile)); - PACKI(desc,"N",count); /* number of files to copy */ - - for (i=0;iinfo_2->drivername); /* long printer name */ + } + else + { + PACKS(desc,"z",lp_printerdriver(snum)); /* long printer name */ + } + PACKS(desc,"z",driver); /* Driverfile Name */ + PACKS(desc,"z",datafile); /* Datafile name */ + PACKS(desc,"z",langmon); /* language monitor */ + if (in_tdb) + { + fstrcpy(location, "\\\\"); + fstrcat(location, global_myname); + fstrcat(location, "\\print$\\WIN40\\0"); + PACKS(desc,"z",location); /* share to retrieve files */ + } + else + { + PACKS(desc,"z",lp_driverlocation(snum)); /* share to retrieve files */ + } + PACKS(desc,"z",datatype); /* default data type */ + PACKS(desc,"z",helpfile); /* helpfile name */ + PACKS(desc,"z",driver); /* driver name */ + + if (in_tdb) + DEBUG(3,("lp_printerdriver:%s:\n",info->info_2->drivername)); + else + DEBUG(3,("lp_printerdriver:%s:\n",lp_printerdriver(snum))); + + DEBUG(3,("Driver:%s:\n",driver)); + DEBUG(3,("Data File:%s:\n",datafile)); + DEBUG(3,("Language Monitor:%s:\n",langmon)); + if (in_tdb) + DEBUG(3,("lp_driverlocation:%s:\n",location)); + else + DEBUG(3,("lp_driverlocation:%s:\n",lp_driverlocation(snum))); + DEBUG(3,("Data Type:%s:\n",datatype)); + DEBUG(3,("Help File:%s:\n",helpfile)); + PACKI(desc,"N",count); /* number of files to copy */ + + for (i=0;i gave %d entries\n", - SERVICE(snum),count)); + DEBUG(3,("fill_printq_info on <%s> gave %d entries\n", + SERVICE(snum),count)); - desc->errcode=NERR_Success; + desc->errcode=NERR_Success; file_lines_free(lines); - return; + return; } err: @@ -694,28 +747,42 @@ static int get_printerdrivernumber(int snum) char *p; char **lines = NULL; pstring gen_line; - + NT_PRINTER_INFO_LEVEL *info = NULL; + /* * Check in the tdb *first* before checking the legacy * files. This allows an NT upload to take precedence over * the existing fileset. JRA. + * + * we need to lookup the driver name prior to making the call + * to get_a_printer_driver_9x_compatible() and not rely on the + * 'print driver' parameter --jerry */ - if ((ok = get_a_printer_driver_9x_compatible(gen_line, lp_printerdriver(snum))) == True ) { + get_a_printer (&info, 2, lp_servicename(snum)); + if ((info != NULL) && + (ok = get_a_printer_driver_9x_compatible(gen_line, info->info_2->drivername) == True)) + { p = gen_line; DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", lp_printerdriver(snum), gen_line)); - } else { + } + else + { /* didn't find driver in tdb */ DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", snum, lp_printerdriver(snum), lp_driverfile(snum))); lines = file_lines_load(lp_driverfile(snum), NULL); - if (!lines) { + if (!lines) + { DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); - } else { + } + else + { /* lookup the long printer driver name in the file description */ - for (i=0;lines[i] && !ok;i++) { + for (i=0;lines[i] && !ok;i++) + { p = lines[i]; if (next_token(&p,tok,":",sizeof(tok)) && (strlen(lp_printerdriver(snum)) == strlen(tok)) && @@ -725,7 +792,8 @@ static int get_printerdrivernumber(int snum) } } - if( ok ) { + if( ok ) + { /* skip 5 fields */ i = 5; while (*p && i) { @@ -2203,7 +2271,8 @@ Name Value Description AF_OP_PRINT 0 Print operator -Leach, Naik [Page 28] +Leach, Naik [Page 28] + INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 @@ -2265,7 +2334,8 @@ AF_OP_ACCOUNTS 3 Accounts operator -Leach, Naik [Page 29] +Leach, Naik [Page 29] + INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 -- cgit From 92d1e90d497b7795dd671c1a52092ef7ba6d542b Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 29 Aug 2000 14:38:38 +0000 Subject: fixed previous bug spotted by Elrond in get_printerdrivernumber(). Thought I had already committed this. jerry (This used to be commit 2ceb704c3d06a92b97ba67ac82c007a7ba084b75) --- source3/smbd/lanman.c | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 712016285e..170bb9e6bd 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -542,16 +542,16 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, desc->errcode=NERR_notsupported; return; } - else + + /* lookup the long printer driver name in the file description */ + for (i=0;lines[i] && !ok;i++) { - /* lookup the long printer driver name in the file description */ - for (i=0;lines[i] && !ok;i++) + p = lines[i]; + if (next_token(&p,tok,":",sizeof(tok)) && + (strlen(lp_printerdriver(snum)) == strlen(tok)) && + (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) { - p = lines[i]; - if (next_token(&p,tok,":",sizeof(tok)) && - (strlen(lp_printerdriver(snum)) == strlen(tok)) && - (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) - ok = True; + ok = True; } } } @@ -777,17 +777,18 @@ static int get_printerdrivernumber(int snum) if (!lines) { DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); + return 0; } - else + + /* lookup the long printer driver name in the file description */ + for (i=0;lines[i] && !ok;i++) { - /* lookup the long printer driver name in the file description */ - for (i=0;lines[i] && !ok;i++) + p = lines[i]; + if (next_token(&p,tok,":",sizeof(tok)) && + (strlen(lp_printerdriver(snum)) == strlen(tok)) && + (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) { - p = lines[i]; - if (next_token(&p,tok,":",sizeof(tok)) && - (strlen(lp_printerdriver(snum)) == strlen(tok)) && - (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) - ok = True; + ok = True; } } } -- cgit From d407579b94ee2647d1e51c536534024e5c4c51ad Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 30 Aug 2000 00:45:59 +0000 Subject: Implemented AbortPrinter() from Gerald's Win32 test code. Just purge all possible printjobs from that printer (I think this is correct). Added error code returns for print_queue_XXX() functions. Jeremy. (This used to be commit 6d081a9017f87f59b7189ba507e211db01c40af5) --- source3/smbd/lanman.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 170bb9e6bd..82ab5f4d3c 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1940,13 +1940,13 @@ static BOOL api_WPrintQueuePurge(connection_struct *conn,uint16 vuid, char *para switch (function) { case 74: /* Pause queue */ - if (print_queue_pause(NULL, snum)) errcode = NERR_Success; + if (print_queue_pause(NULL, snum, &errcode)) errcode = NERR_Success; break; case 75: /* Resume queue */ - if (print_queue_resume(NULL, snum)) errcode = NERR_Success; + if (print_queue_resume(NULL, snum, &errcode)) errcode = NERR_Success; break; case 103: /* Purge */ - if (print_queue_purge(NULL, snum)) errcode = NERR_Success; + if (print_queue_purge(NULL, snum, &errcode)) errcode = NERR_Success; break; } -- cgit From 288ea15a564e0931f8002cfb2ca3b4064bb4c227 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 31 Aug 2000 07:11:59 +0000 Subject: make sure a couple of variables are initialised (This used to be commit 155c7c37398f5f9457ea249ded74f425b90ac9a0) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 82ab5f4d3c..6595163ba9 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -499,7 +499,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, print_status_struct* status) { int i; - BOOL ok; + BOOL ok = False; pstring tok,driver,datafile,langmon,helpfile,datatype; char *p; char **lines = NULL; @@ -742,7 +742,7 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, static int get_printerdrivernumber(int snum) { int i; - BOOL ok; + BOOL ok = False; pstring tok; char *p; char **lines = NULL; -- cgit From a3a28675fafbbc5a5a378b3a7235253d772ef63e Mon Sep 17 00:00:00 2001 From: David O'Neill Date: Fri, 1 Sep 2000 18:49:26 +0000 Subject: Changes from APPLIANCE_HEAD (per Tim Potter): - make proto - addition of function to convert from errno values to NT status codes (source/lib/error.c) - purge queue done without full access permission will purge only the jobs owned by that user, rather than failing. - unlock job database tdb before sending job to printer - in print_job_start(), ensure that we don't pick a jobid with an existing temporary file that may be owned by another user, as it causes silent failures. - fixes for printer permission checking for NT5 clients (source/include/rpc_spoolss.h, source/printing/nt_printing.c, source/printing/printing.c, source/rpc_server/srv_spoolss_nt.c) - change from uint8 to 'enum SID_NAME_USE' (source/rpc_server/srv_lsa.c) - fixed memory leaks for win95 driver download process (source/smbd/lanman.c) - properly free prs_structs and dacl in testsuite/printing/psec.c (This used to be commit 74af3e2caec7197e5d1ca389e2f78054a4197502) --- source3/smbd/lanman.c | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 6595163ba9..54bfa3155b 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -540,7 +540,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum), strerror(errno))); desc->errcode=NERR_notsupported; - return; + goto done; } /* lookup the long printer driver name in the file description */ @@ -651,14 +651,16 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, SERVICE(snum),count)); desc->errcode=NERR_Success; - file_lines_free(lines); - return; + goto done; } err: DEBUG(3,("fill_printq_info: Can't supply driver files\n")); desc->errcode=NERR_notsupported; + + done: + safe_free(info); file_lines_free(lines); } @@ -741,7 +743,7 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, /* This function returns the number of files for a given driver */ static int get_printerdrivernumber(int snum) { - int i; + int i, result = 0; BOOL ok = False; pstring tok; char *p; @@ -777,7 +779,7 @@ static int get_printerdrivernumber(int snum) if (!lines) { DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); - return 0; + goto done; } /* lookup the long printer driver name in the file description */ @@ -800,22 +802,24 @@ static int get_printerdrivernumber(int snum) while (*p && i) { if (*p++ == ':') i--; } - if (!*p || i) - goto err; + if (!*p || i) { + DEBUG(3,("Can't determine number of printer driver files\n")); + goto done; + } /* count the number of files */ while (next_token(&p,tok,",",sizeof(tok))) i++; - file_lines_free(lines); - return(i); + result = i; } - err: + done: - DEBUG(3,("Can't determine number of printer driver files\n")); + safe_free(info); file_lines_free(lines); - return (0); + + return result; } static BOOL api_DosPrintQGetInfo(connection_struct *conn, -- cgit From 08657e539e4cd4105057a9c12db30dbe4bbfcb1d Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 6 Oct 2000 04:36:05 +0000 Subject: global_myname is actually a pstring. (This used to be commit e451fd346105d5d34354ff9141d445b5f1a82e0a) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 54bfa3155b..dafbe2258f 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -37,7 +37,7 @@ extern int DEBUGLEVEL; extern fstring local_machine; -extern fstring global_myname; +extern pstring global_myname; extern fstring global_myworkgroup; #define NERR_Success 0 -- cgit From ecd90a0bf45d560b4532fe7ce04332b53947fbdc Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 18 Oct 2000 06:22:20 +0000 Subject: Renamed WPrintQueuePurge to WPrintQueueCtrl as this function can purge, pause or resume a print queue. (This used to be commit 9998518a69c67c1540266549c69fca977a89acde) --- source3/smbd/lanman.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index dafbe2258f..fa6224b596 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1915,7 +1915,7 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param /**************************************************************************** Purge a print queue - or pause or resume it. ****************************************************************************/ -static BOOL api_WPrintQueuePurge(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) @@ -3210,8 +3210,8 @@ struct {"NetWkstaGetInfo", 63, api_NetWkstaGetInfo,0}, {"DosPrintQEnum", 69, api_DosPrintQEnum,0}, {"DosPrintQGetInfo", 70, api_DosPrintQGetInfo,0}, - {"WPrintQueuePause", 74, api_WPrintQueuePurge,0}, - {"WPrintQueueResume", 75, api_WPrintQueuePurge,0}, + {"WPrintQueuePause", 74, api_WPrintQueueCtrl,0}, + {"WPrintQueueResume", 75, api_WPrintQueueCtrl,0}, {"WPrintJobEnumerate",76, api_WPrintJobEnumerate,0}, {"WPrintJobGetInfo", 77, api_WPrintJobGetInfo,0}, {"RDosPrintJobDel", 81, api_RDosPrintJobDel,0}, @@ -3220,7 +3220,7 @@ struct {"WPrintDestEnum", 84, api_WPrintDestEnum,0}, {"WPrintDestGetInfo", 85, api_WPrintDestGetInfo,0}, {"NetRemoteTOD", 91, api_NetRemoteTOD,0}, - {"WPrintQueuePurge", 103, api_WPrintQueuePurge,0}, + {"WPrintQueuePurge", 103, api_WPrintQueueCtrl,0}, {"NetServerEnum", 104, api_RNetServerEnum,0}, {"WAccessGetUserPerms",105, api_WAccessGetUserPerms,0}, {"SetUserPassword", 115, api_SetUserPassword,0}, -- cgit From ff6f0c1a3bd50463228cb6bdcf0018cf6ab4270f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 30 Oct 2000 19:35:43 +0000 Subject: Call standard_sub_advanced() after lp_logon_XX() calls. Jeremy. (This used to be commit d5be2334d4fb007e39565b771cbe68e338a7fe68) --- source3/smbd/lanman.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index fa6224b596..3b50960468 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2474,6 +2474,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SIVALS(p,usri11_password_age,-1); /* password age */ SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */ pstrcpy(p2, lp_logon_home()); + standard_sub_conn(conn, p2); p2 = skip_string(p2,1); SIVAL(p,usri11_parms,PTR_DIFF(p2,p)); /* parms */ pstrcpy(p2,""); @@ -2510,6 +2511,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ pstrcpy(p2,lp_logon_home()); + standard_sub_conn(conn, p2); p2 = skip_string(p2,1); SIVAL(p,48,PTR_DIFF(p2,*rdata)); /* comment */ *p2++ = 0; -- cgit From e1cc6c85d793f5d86798eaf5ab452b11ed2f73bb Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 8 Nov 2000 00:16:38 +0000 Subject: More merging of printing stuff from appliance. (This used to be commit 18fa724a7969666dd5aa176af187054abc94bfd3) --- source3/smbd/lanman.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 3b50960468..944a187ccc 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1892,15 +1892,15 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param switch (function) { case 81: /* delete */ - if (print_job_delete(¤t_user, jobid)) + if (print_job_delete(¤t_user, jobid, &errcode)) errcode = NERR_Success; break; case 82: /* pause */ - if (print_job_pause(¤t_user, jobid)) + if (print_job_pause(¤t_user, jobid, &errcode)) errcode = NERR_Success; break; case 83: /* resume */ - if (print_job_resume(¤t_user, jobid)) + if (print_job_resume(¤t_user, jobid, &errcode)) errcode = NERR_Success; break; } -- cgit From 9fede0dc0dbad51528cd1384023d24549c3f0ba4 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 13 Nov 2000 23:03:34 +0000 Subject: Large commit which restructures the local password storage API. Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389) --- source3/smbd/lanman.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 944a187ccc..fe6b22a9bf 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1733,7 +1733,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param { fstring saved_pass2; - struct smb_passwd *smbpw = NULL; + SAM_ACCOUNT *sampass; /* * Save the new password as change_oem_password overwrites it @@ -1742,8 +1742,8 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param fstrcpy(saved_pass2, pass2); - if (check_plaintext_password(user,pass1,strlen(pass1),&smbpw) && - change_oem_password(smbpw,pass2,False)) + if (check_plaintext_password(user,pass1,strlen(pass1),&sampass) && + change_oem_password(sampass,pass2,False)) { SSVAL(*rparam,0,NERR_Success); @@ -1784,10 +1784,10 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if(SVAL(*rparam,0) != NERR_Success) { - struct smb_passwd *sampw = NULL; + SAM_ACCOUNT *hnd = NULL; - if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &sampw) && - change_lanman_password(sampw,(unsigned char *)pass1,(unsigned char *)pass2)) + if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd) && + change_lanman_password(hnd,(unsigned char *)pass1,(unsigned char *)pass2)) { SSVAL(*rparam,0,NERR_Success); } -- cgit From 9df3d64a2cdb2eafad5f597850f1a2fda8b1f8d2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 16 Nov 2000 19:08:55 +0000 Subject: Fix from Jim McDonough @ IBM for OS/2 clients. Jeremy. (This used to be commit f571e1efd01c7b1b500a833df3bd074a8c4c65ec) --- source3/smbd/lanman.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index fe6b22a9bf..51472ea309 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -201,7 +201,17 @@ static BOOL init_package(struct pack_desc* p, int count, int subcount) if (i > n) { p->neededlen = i; i = n = 0; +#if 0 + /* + * This is the old error code we used. Aparently + * WinNT/2k systems return ERRbuftoosmall (2123) and + * OS/2 needs this. I'm leaving this here so we can revert + * if needed. JRA. + */ p->errcode = ERRmoredata; +#else + p->errcode = ERRbuftoosmall; +#endif } else p->errcode = NERR_Success; -- cgit From 2130ced345a6f3ecffe61c3622aceb8986925baa Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 21 Nov 2000 02:38:22 +0000 Subject: Fix for off-by-one StrnCpy. Jeremy. (This used to be commit 63cafb34b39443d03d17ae01b47adc0926b05fe2) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 51472ea309..1e461f10a9 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -76,7 +76,7 @@ static int CopyExpanded(connection_struct *conn, StrnCpy(buf,src,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); standard_sub_conn(conn,buf); - StrnCpy(*dst,buf,*n); + StrnCpy(*dst,buf,*n-1); l = strlen(*dst) + 1; (*dst) += l; (*n) -= l; -- cgit From cf5b71994d6cdb2f81c390579f4a0e676926c6b9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 7 Dec 2000 19:26:04 +0000 Subject: file_lines_load/file_lines_pload can now optionally convert unix_to_dos() on read. Jeremy. (This used to be commit 76b8dd376d13eb4469417be217c966d54d333367) --- source3/smbd/lanman.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 1e461f10a9..c9193db4a8 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -544,7 +544,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", snum, lp_printerdriver(snum), lp_driverfile(snum))); - lines = file_lines_load(lp_driverfile(snum),NULL); + lines = file_lines_load(lp_driverfile(snum),NULL, False); if (!lines) { DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum), @@ -785,7 +785,7 @@ static int get_printerdrivernumber(int snum) DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", snum, lp_printerdriver(snum), lp_driverfile(snum))); - lines = file_lines_load(lp_driverfile(snum), NULL); + lines = file_lines_load(lp_driverfile(snum), NULL, False); if (!lines) { DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); @@ -1089,7 +1089,7 @@ static int get_server_info(uint32 servertype, BOOL local_list_only; int i; - lines = file_lines_load(lock_path(SERVER_LIST), NULL); + lines = file_lines_load(lock_path(SERVER_LIST), NULL, False); if (!lines) { DEBUG(4,("Can't open %s - %s\n",lock_path(SERVER_LIST),strerror(errno))); return(0); -- cgit From be7e02f9bcbce31bcc4b69c54fe0630ee83c7cd1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 7 Dec 2000 21:55:10 +0000 Subject: Fixed bug with Win9x/ME where drivername was being returned incorrectly in one printq case. Now goes though common function. Jeremy. (This used to be commit e9f48c9cec960b6190fb7a2485c9476640863071) --- source3/smbd/lanman.c | 82 +++++++++++++++++++++++++++++---------------------- 1 file changed, 46 insertions(+), 36 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index c9193db4a8..848a187f1a 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -499,6 +499,28 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, } } +/******************************************************************** + Return a driver name given an snum. + Looks in a tdb first. Returns True if from tdb, False otherwise. + ********************************************************************/ + +static BOOL get_driver_name(int snum, pstring drivername) +{ + NT_PRINTER_INFO_LEVEL *info = NULL; + BOOL in_tdb = False; + + get_a_printer (&info, 2, lp_servicename(snum)); + if (info != NULL) { + pstrcpy( drivername, info->info_2->drivername); + in_tdb = True; + free_a_printer(&info, 2); + } else { + pstrcpy( drivername, lp_printerdriver(snum)); + } + + return in_tdb; +} + /******************************************************************** Respond to the DosPrintQInfo command with a level of 52 This is used to get printer driver information for Win9x clients @@ -514,10 +536,10 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, char *p; char **lines = NULL; pstring gen_line; - NT_PRINTER_INFO_LEVEL *info = NULL; BOOL in_tdb = False; fstring location; - + pstring drivername; + /* * Check in the tdb *first* before checking the legacy * files. This allows an NT upload to take precedence over @@ -528,21 +550,20 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, * 'print driver' parameter --jerry */ - get_a_printer (&info, 2, lp_servicename(snum)); - if ((info != NULL) && - ((ok = get_a_printer_driver_9x_compatible(gen_line, info->info_2->drivername)) == True)) + + if ((get_driver_name(snum,drivername)) && + ((ok = get_a_printer_driver_9x_compatible(gen_line, drivername)) == True)) { in_tdb = True; p = gen_line; - DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", - info->info_2->drivername, gen_line)); + DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", drivername, gen_line)); } else { /* didn't find driver in tdb */ - DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", - snum, lp_printerdriver(snum), lp_driverfile(snum))); + DEBUG(10,("snum: %d\nprinterdriver: [%s]\nlp_driverfile: [%s]\n", + snum, drivername, lp_driverfile(snum))); lines = file_lines_load(lp_driverfile(snum),NULL, False); if (!lines) @@ -558,8 +579,8 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, { p = lines[i]; if (next_token(&p,tok,":",sizeof(tok)) && - (strlen(lp_printerdriver(snum)) == strlen(tok)) && - (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) + (strlen(drivername) == strlen(tok)) && + (!strncmp(tok,drivername,strlen(drivername)))) { ok = True; } @@ -605,14 +626,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, goto err; PACKI(desc,"W",0x0400); /* don't know */ - if (in_tdb) - { - PACKS(desc,"z",info->info_2->drivername); /* long printer name */ - } - else - { - PACKS(desc,"z",lp_printerdriver(snum)); /* long printer name */ - } + PACKS(desc,"z",drivername); /* long printer name */ PACKS(desc,"z",driver); /* Driverfile Name */ PACKS(desc,"z",datafile); /* Datafile name */ PACKS(desc,"z",langmon); /* language monitor */ @@ -631,11 +645,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, PACKS(desc,"z",helpfile); /* helpfile name */ PACKS(desc,"z",driver); /* driver name */ - if (in_tdb) - DEBUG(3,("lp_printerdriver:%s:\n",info->info_2->drivername)); - else - DEBUG(3,("lp_printerdriver:%s:\n",lp_printerdriver(snum))); - + DEBUG(3,("printerdriver:%s:\n",drivername)); DEBUG(3,("Driver:%s:\n",driver)); DEBUG(3,("Data File:%s:\n",datafile)); DEBUG(3,("Language Monitor:%s:\n",langmon)); @@ -670,7 +680,6 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, desc->errcode=NERR_notsupported; done: - safe_free(info); file_lines_free(lines); } @@ -719,6 +728,8 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, } if (uLevel == 3 || uLevel == 4) { + pstring drivername; + PACKI(desc,"W",5); /* uPriority */ PACKI(desc,"W",0); /* uStarttime */ PACKI(desc,"W",0); /* uUntiltime */ @@ -735,7 +746,8 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, } PACKI(desc,(uLevel == 3 ? "W" : "N"),count); /* cJobs */ PACKS(desc,"z",SERVICE(snum)); /* pszPrinters */ - PACKS(desc,"z",lp_printerdriver(snum)); /* pszDriverName */ + get_driver_name(snum,drivername); + PACKS(desc,"z",drivername); /* pszDriverName */ PackDriverData(desc); /* pDriverData */ } @@ -759,7 +771,7 @@ static int get_printerdrivernumber(int snum) char *p; char **lines = NULL; pstring gen_line; - NT_PRINTER_INFO_LEVEL *info = NULL; + pstring drivername; /* * Check in the tdb *first* before checking the legacy @@ -771,19 +783,18 @@ static int get_printerdrivernumber(int snum) * 'print driver' parameter --jerry */ - get_a_printer (&info, 2, lp_servicename(snum)); - if ((info != NULL) && - (ok = get_a_printer_driver_9x_compatible(gen_line, info->info_2->drivername) == True)) + if ((get_driver_name(snum,drivername)) && + (ok = get_a_printer_driver_9x_compatible(gen_line, drivername) == True)) { p = gen_line; - DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", lp_printerdriver(snum), gen_line)); + DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", drivername, gen_line)); } else { /* didn't find driver in tdb */ - DEBUG(10,("snum: %d\nlp_printerdriver: [%s]\nlp_driverfile: [%s]\n", - snum, lp_printerdriver(snum), lp_driverfile(snum))); + DEBUG(10,("snum: %d\nprinterdriver: [%s]\nlp_driverfile: [%s]\n", + snum, drivername, lp_driverfile(snum))); lines = file_lines_load(lp_driverfile(snum), NULL, False); if (!lines) @@ -797,8 +808,8 @@ static int get_printerdrivernumber(int snum) { p = lines[i]; if (next_token(&p,tok,":",sizeof(tok)) && - (strlen(lp_printerdriver(snum)) == strlen(tok)) && - (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) + (strlen(drivername) == strlen(tok)) && + (!strncmp(tok,drivername,strlen(drivername)))) { ok = True; } @@ -826,7 +837,6 @@ static int get_printerdrivernumber(int snum) done: - safe_free(info); file_lines_free(lines); return result; -- cgit From 8aec70075ae410502b9e70f885409bd709ad5a97 Mon Sep 17 00:00:00 2001 From: David O'Neill Date: Wed, 17 Jan 2001 19:16:05 +0000 Subject: Changes from APPLIANCE_HEAD: source/smbd/lanman.c - Change fill_printq_info() to fix corrupted 9X/ME printer comment (This used to be commit acbed88a195b32d251fd15fc8fdd069726659d64) --- source3/smbd/lanman.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 848a187f1a..a2178f052b 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -737,11 +737,12 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, PACKS(desc,"z",""); /* pszSepFile */ PACKS(desc,"z","WinPrint"); /* pszPrProc */ PACKS(desc,"z",""); /* pszParms */ - if (!status || !status->message[0]) { - PACKS(desc,"z",Expand(conn,snum,lp_comment(snum))); /* pszComment */ + PACKS(desc,"z",NULL); /* pszComment - don't ask.... JRA */ + /* "don't ask" that it's done this way to fix corrupted + Win9X/ME printer comments. */ + if (!status) { PACKI(desc,"W",LPSTAT_OK); /* fsStatus */ } else { - PACKS(desc,"z",status->message); /* pszComment */ PACKI(desc,"W",printq_status(status->status)); /* fsStatus */ } PACKI(desc,(uLevel == 3 ? "W" : "N"),count); /* cJobs */ -- cgit From 7599c82cceec73fe33b6daa4a908937aed768f80 Mon Sep 17 00:00:00 2001 From: David O'Neill Date: Mon, 22 Jan 2001 16:59:24 +0000 Subject: Changes from APPLIANCE_HEAD: source/smbd/lanman.c - cleanup and bug fix for win9x print queue purge. source/printing/printing.c - cleanup and bug fix for win9x print queue purge. - print_job_end() changed to cleanup spool file in the event of a failure returned from the print_run_command() (This used to be commit 0235fbef37b400a2bf875163878e497282cd1739) --- source3/smbd/lanman.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index a2178f052b..fd59f4603a 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1947,6 +1947,7 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param char *QueueName = skip_string(str2,1); int errcode = NERR_notsupported; int snum; + extern struct current_user current_user; /* check it's a supported varient */ if (!(strcsequal(str1,"z") && strcsequal(str2,""))) @@ -1965,13 +1966,13 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param switch (function) { case 74: /* Pause queue */ - if (print_queue_pause(NULL, snum, &errcode)) errcode = NERR_Success; + if (print_queue_pause(¤t_user, snum, &errcode)) errcode = NERR_Success; break; case 75: /* Resume queue */ - if (print_queue_resume(NULL, snum, &errcode)) errcode = NERR_Success; + if (print_queue_resume(¤t_user, snum, &errcode)) errcode = NERR_Success; break; case 103: /* Purge */ - if (print_queue_purge(NULL, snum, &errcode)) errcode = NERR_Success; + if (print_queue_purge(¤t_user, snum, &errcode)) errcode = NERR_Success; break; } -- cgit From 2f7c1db093504a9798cdfd9c5d08a259cb4abc46 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 23 Jan 2001 01:52:30 +0000 Subject: include/vfs.h: smbd/vfs-wrap.c: smbd/vfs.c: Added fchmod_acl and chmod_acl. lib/substitute.c: smbd/lanman.c: smbd/open.c: smbd/process.c: smbd/reply.c: smbd/service.c: Removed sessetup_user variable. Added current_user_info struct which conatins domain info etc. Added '%D' for client domain parameter. Jeremy. (This used to be commit 2844ec3d511680609d6794b8718001a1bda9e89f) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index fd59f4603a..33da479361 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2187,7 +2187,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); char *p2; - extern pstring sesssetup_user; + extern userdom_struct current_user_info; int level = SVAL(p,0); DEBUG(4,("NetWkstaGetInfo level %d\n",level)); @@ -2216,7 +2216,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); - pstrcpy(p2,sesssetup_user); + pstrcpy(p2,current_user_info.smb_name); p2 = skip_string(p2,1); p += 4; -- cgit From 918c3ebe32aacee82fe354d5b9b7ea4d477dcfda Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 24 Jan 2001 19:04:56 +0000 Subject: smbd/lanman.c: Fix for calling qsort with 0 number. smbd/nttrans.c: Realloc mem fixes based on those that went into trans2.c smbd/process.c: Move to a table based dispatch, based on a comment from Andrew about Antons work. Jeremy. (This used to be commit a958f7822e095367efb8749b6f1f2e110ffb8866) --- source3/smbd/lanman.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 33da479361..23ce19f532 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1341,7 +1341,8 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param data_len = fixed_len = string_len = 0; missed = 0; - qsort(servers,total,sizeof(servers[0]),QSORT_CAST srv_comp); + if (total > 0) + qsort(servers,total,sizeof(servers[0]),QSORT_CAST srv_comp); { char *lastname=NULL; -- cgit From 2506c61ab3bd667d54c5e004cc80ce5e40643b5d Mon Sep 17 00:00:00 2001 From: David O'Neill Date: Mon, 29 Jan 2001 21:34:08 +0000 Subject: Changes from APPLIANCE_HEAD: source/include/proto.h - make proto source/printing/nt_printing.c source/rpc_server/srv_spoolss_nt.c - Fix for the overwriting of printerdata entries when WinNT and Win2k are modifying printer parameters on PCL printers. Turns out that Win2k creates a printer with a NULL devmode entry and then expects to set it on *OPEN* (yes this is insane). So we cannot return a "default" devmode for a printer - and we must allow an open to set it. source/tdb/tdb.c - Show freelist in an easier format. Show total free. - When storing a new record, allocate memory for the key + data before the tdb_allocate() as if the malloc fails a (sparse) hole is left in the tdb. source/tdb/tdbtool.c - Show freelist in an easier format. Show total free. source/tdb/Makefile - cleaned up Makefile dependancies source/smbd/lanman.c - Fix for Win9x corrupting it's own parameter string. source/printing/printfsp.c source/printing/printing.c source/rpc_server/srv_spoolss_nt.c source/smbd/close.c - Added normal close parameter into print_fsp_end() which treats an abnormal close as error condition and deletes the spool file. (This used to be commit 025f7a092ad258ff774e3f5e53737f8210cc8af6) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 23ce19f532..7dba0c06f3 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -736,7 +736,7 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, PACKI(desc,"W",5); /* pad1 */ PACKS(desc,"z",""); /* pszSepFile */ PACKS(desc,"z","WinPrint"); /* pszPrProc */ - PACKS(desc,"z",""); /* pszParms */ + PACKS(desc,"z",NULL); /* pszParms */ PACKS(desc,"z",NULL); /* pszComment - don't ask.... JRA */ /* "don't ask" that it's done this way to fix corrupted Win9X/ME printer comments. */ -- cgit From ed77fca1990f96dba6fe9204e551056395c6ed29 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 23 Feb 2001 03:59:37 +0000 Subject: include/rpc_spoolss.h: Added JOB_STATUS_XXX defines. include/smb.h: Added LPQ_xx enums to correspond with the NT JOB_STATUS_XXX. We need these to be different as we're storing LPQ_xx enums in the tdb already. rpc_server/srv_spoolss_nt.c: Don't need to return status strings as we're now returning status codes. smbd/lanman.c: Change the RAP status codes to have "RAP" in the name. printing/printing.c: Keep track of the status of a job. Allow a job to be deleted from one smbd when being submitted by another. Made logic in mutex clearer. Jeremy. (This used to be commit 71029da7dd74eb91dd6953752bdf238f319d985d) --- source3/smbd/lanman.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 7dba0c06f3..c29f0df434 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -413,14 +413,14 @@ static int check_printq_info(struct pack_desc* desc, } -#define JOB_STATUS_QUEUED 0 -#define JOB_STATUS_PAUSED 1 -#define JOB_STATUS_SPOOLING 2 -#define JOB_STATUS_PRINTING 3 -#define JOB_STATUS_PRINTED 4 +#define RAP_JOB_STATUS_QUEUED 0 +#define RAP_JOB_STATUS_PAUSED 1 +#define RAP_JOB_STATUS_SPOOLING 2 +#define RAP_JOB_STATUS_PRINTING 3 +#define RAP_JOB_STATUS_PRINTED 4 -#define QUEUE_STATUS_PAUSED 1 -#define QUEUE_STATUS_ERROR 2 +#define RAP_QUEUE_STATUS_PAUSED 1 +#define RAP_QUEUE_STATUS_ERROR 2 /* turn a print job status into a on the wire status */ @@ -428,13 +428,13 @@ static int printj_status(int v) { switch (v) { case LPQ_QUEUED: - return JOB_STATUS_QUEUED; + return RAP_JOB_STATUS_QUEUED; case LPQ_PAUSED: - return JOB_STATUS_PAUSED; + return RAP_JOB_STATUS_PAUSED; case LPQ_SPOOLING: - return JOB_STATUS_SPOOLING; + return RAP_JOB_STATUS_SPOOLING; case LPQ_PRINTING: - return JOB_STATUS_PRINTING; + return RAP_JOB_STATUS_PRINTING; } return 0; } @@ -447,9 +447,9 @@ static int printq_status(int v) case LPQ_QUEUED: return 0; case LPQ_PAUSED: - return QUEUE_STATUS_PAUSED; + return RAP_QUEUE_STATUS_PAUSED; } - return QUEUE_STATUS_ERROR; + return RAP_QUEUE_STATUS_ERROR; } static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, -- cgit From da3053048c3d224a20d6383ac6682d31059cd46c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 11 Mar 2001 00:32:10 +0000 Subject: Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMR RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549) --- source3/smbd/lanman.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index c29f0df434..f5e1de1608 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1,4 +1,3 @@ -#define OLD_NTDOMAIN 1 /* Unix SMB/Netbios implementation. Version 1.9. @@ -3330,6 +3329,3 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * return -1; } - - -#undef OLD_NTDOMAIN -- cgit From 1656c5d258939397e0131349d2539212a25b5a18 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 17 Mar 2001 14:02:44 +0000 Subject: ADMIN$ is an IPC share, not a disk share (This used to be commit 0ea62800edd618091fde81e8de4347f612f98a18) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index f5e1de1608..45ce286634 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1512,7 +1512,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, CVAL(p,13) = 0; type = STYPE_DISKTREE; if (lp_print_ok(snum)) type = STYPE_PRINTQ; - if (strequal("IPC$",lp_servicename(snum))) type = STYPE_IPC; + if (strequal("IPC",lp_fstype(snum))) type = STYPE_IPC; SSVAL(p,14,type); /* device type */ SIVAL(p,16,PTR_DIFF(p2,baseaddr)); len += CopyExpanded(conn,snum,&p2,lp_comment(snum),&l2); -- cgit From a44721750944af9beb46f169a49a439b614a8622 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 23 Mar 2001 03:12:58 +0000 Subject: Two OS/2 printer fixes from Jim McDonough @ IBM. First one adds a new info level into the lanman printing and an ioctl to the trans2 code. Andrew - this uses ASCII only. It looks ok to me but please check ! Second one adds a parameter "os2 driver map" that allows OS/2 driver names to be mapped. Jeremy. (This used to be commit da79b519e0b6b4317d7fb5260d74e0e74a7e0b46) --- source3/smbd/lanman.c | 71 ++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 59 insertions(+), 12 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 45ce286634..e9df2ed41e 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -474,7 +474,7 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, PACKI(desc,"D",queue->size); /* ulSize */ PACKS(desc,"z",queue->file); /* pszComment */ } - if (uLevel == 2 || uLevel == 3) { + if (uLevel == 2 || uLevel == 3 || uLevel == 4) { PACKI(desc,"W",queue->priority); /* uPriority */ PACKS(desc,"z",queue->user); /* pszUserName */ PACKI(desc,"W",n+1); /* uPosition */ @@ -494,6 +494,17 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, PACKS(desc,"z","NULL"); /* pszDriverName */ PackDriverData(desc); /* pDriverData */ PACKS(desc,"z",""); /* pszPrinterName */ + } else if (uLevel == 4) { /* OS2 */ + PACKS(desc,"z",""); /* pszSpoolFileName */ + PACKS(desc,"z",""); /* pszPortName */ + PACKS(desc,"z",""); /* pszStatus */ + PACKI(desc,"D",0); /* ulPagesSpooled */ + PACKI(desc,"D",0); /* ulPagesSent */ + PACKI(desc,"D",0); /* ulPagesPrinted */ + PACKI(desc,"D",0); /* ulTimePrinted */ + PACKI(desc,"D",0); /* ulExtendJobStatus */ + PACKI(desc,"D",0); /* ulStartPage */ + PACKI(desc,"D",0); /* ulEndPage */ } } } @@ -859,7 +870,8 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, struct pack_desc desc; print_queue_struct *queue=NULL; print_status_struct status; - + char* tmpdata=NULL; + memset((char *)&status,'\0',sizeof(status)); memset((char *)&desc,'\0',sizeof(desc)); @@ -907,9 +919,19 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, count = print_queue_status(snum, &queue,&status); } - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; + if (mdrcnt > 0) { + *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + } else { + /* + * Don't return data but need to get correct length + * init_package will return wrong size if buflen=0 + */ + desc.buflen = getlen(desc.format); + desc.base = tmpdata = (char *) malloc (desc.buflen); + } + if (init_package(&desc,1,count)) { desc.subcount = count; fill_printq_info(conn,snum,uLevel,&desc,count,queue,&status); @@ -948,7 +970,8 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, DEBUG(4,("printqgetinfo: errorcode %d\n",desc.errcode)); if (queue) free(queue); - + if (tmpdata) free (tmpdata); + return(True); } @@ -2000,6 +2023,7 @@ static int check_printjob_info(struct pack_desc* desc, case 1: desc->format = "WB21BB16B10zWWzDDz"; break; case 2: desc->format = "WWzWWDDzz"; break; case 3: desc->format = "WWzWWDDzzzzzzzzzzlz"; break; + case 4: desc->format = "WWzWWDDzzzzzDDDDDDD"; break; default: return False; } if (strcmp(desc->format,id) != 0) return False; @@ -2755,6 +2779,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para struct pack_desc desc; print_queue_struct *queue=NULL; print_status_struct status; + char *tmpdata=NULL; uLevel = SVAL(p,2); @@ -2776,9 +2801,19 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para for (i = 0; i < count; i++) { if (queue[i].job == job) break; } - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; + + if (mdrcnt > 0) { + *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + } else { + /* + * Don't return data but need to get correct length + * init_package will return wrong size if buflen=0 + */ + desc.buflen = getlen(desc.format); + desc.base = tmpdata = (char *)malloc ( desc.buflen ); + } if (init_package(&desc,1,0)) { if (i < count) { @@ -2798,6 +2833,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para SSVAL(*rparam,4,desc.neededlen); if (queue) free(queue); + if (tmpdata) free(tmpdata); DEBUG(4,("WPrintJobGetInfo: errorcode %d\n",desc.errcode)); return(True); @@ -2932,6 +2968,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par int uLevel; struct pack_desc desc; int snum; + char *tmpdata=NULL; memset((char *)&desc,'\0',sizeof(desc)); @@ -2959,9 +2996,18 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par desc.neededlen = 0; } else { - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; + if (mdrcnt > 0) { + *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + } else { + /* + * Don't return data but need to get correct length + * init_package will return wrong size if buflen=0 + */ + desc.buflen = getlen(desc.format); + desc.base = tmpdata = (char *)malloc ( desc.buflen ); + } if (init_package(&desc,1,0)) { fill_printdest_info(conn,snum,uLevel,&desc); } @@ -2975,6 +3021,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par SSVAL(*rparam,4,desc.neededlen); DEBUG(4,("WPrintDestGetInfo: errorcode %d\n",desc.errcode)); + if (tmpdata) free (tmpdata); return(True); } -- cgit From 578a9fabfb08740bd13af7418ceda41d1341cc5d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 31 Mar 2001 13:48:24 +0000 Subject: started converting some of the only-ascii code to use srvstr_* added srvstr_push_ascii() and srvstr_pull_ascii() as convenience routines to replace the current usage of strncpy() like fns for packet pull/push. We need to do this in *lots* of places in Samba in order to get our codepage handling right (This used to be commit 8b0e3679a6dc479c0e3177707dff386559779b69) --- source3/smbd/lanman.c | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index e9df2ed41e..73815a5c59 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -368,7 +368,7 @@ static void PackDriverData(struct pack_desc* desc) SIVAL(drivdata,0,sizeof drivdata); /* cb */ SIVAL(drivdata,4,1000); /* lVersion */ memset(drivdata+8,0,32); /* szDeviceName */ - pstrcpy(drivdata+8,"NULL"); + srvstr_push_ascii(drivdata+8,"NULL",-1); PACKl(desc,"l",drivdata,sizeof drivdata); /* pDriverData */ } @@ -1267,11 +1267,11 @@ static int fill_srv_info(struct srv_info_struct *service, switch (uLevel) { case 0: - StrnCpy(p,service->name,15); + srvstr_push_ascii(p,service->name,15); break; case 1: - StrnCpy(p,service->name,15); + srvstr_push_ascii(p,service->name,15); SIVAL(p,18,service->type); SIVAL(p,22,PTR_DIFF(p2,baseaddr)); len += CopyAndAdvance(&p2,service->comment,&l2); @@ -1352,9 +1352,9 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request))); if (strcmp(str1, "WrLehDz") == 0) { - StrnCpy(domain, p, sizeof(fstring)-1); + srvstr_pull_ascii(domain, p, sizeof(fstring)); } else { - StrnCpy(domain, global_myworkgroup, sizeof(fstring)-1); + fstrcpy(domain, global_myworkgroup); } if (lp_browse_list()) @@ -1527,7 +1527,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, } if (!baseaddr) baseaddr = p; - StrnCpy(p,lp_servicename(snum),13); + srvstr_push_ascii(p,lp_servicename(snum),13); if (uLevel > 0) { @@ -1739,7 +1739,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param fstring user; fstring pass1,pass2; - fstrcpy(user,p); + srvstr_pull_ascii(user,p,sizeof(user)); p = skip_string(p,1); @@ -1876,8 +1876,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * } p = skip_string(p,1); - fstrcpy(user,p); - p = skip_string(p,1); + p += srvstr_pull_ascii(user,p,sizeof(user)); DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user)); @@ -2146,8 +2145,8 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par p = *rdata; p2 = p + struct_len; if (uLevel != 20) { - StrnCpy(p,local_machine,16); - strupper(p); + srvstr_push(NULL, p,local_machine,16, + STR_ASCII|STR_UPPER|STR_TERMINATE|STR_CONVERT); } p += 16; if (uLevel > 0) -- cgit From d095b5249cf9e1496ad5a3d6b5acb77af2c587a7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 28 Apr 2001 13:49:34 +0000 Subject: - added test for vasprintf - cleaned up GNUC printf attribute macros - added enum handling in mkproto - removed non-vararg code - made slprintf and vslprintf just macros for snprintf and vsnprintf - don't need slprintf code any more (This used to be commit c7aeb2254dfc3cd0aa0b6c0bdd426f9323be0ddf) --- source3/smbd/lanman.c | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 73815a5c59..8dc3d8308a 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -221,27 +221,15 @@ static BOOL init_package(struct pack_desc* p, int count, int subcount) return(p->errcode == NERR_Success); } -#ifdef HAVE_STDARG_H static int package(struct pack_desc* p, ...) { -#else -static int package(va_alist) -va_dcl -{ - struct pack_desc* p; -#endif va_list args; int needed=0, stringneeded; char* str=NULL; int is_string=0, stringused; int32 temp; -#ifdef HAVE_STDARG_H va_start(args,p); -#else - va_start(args); - p = va_arg(args,struct pack_desc *); -#endif if (!*p->curpos) { if (!p->subcount) -- cgit From f35157f39293f9fa240a28642c41708b55d301c8 Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Fri, 4 May 2001 15:44:27 +0000 Subject: Big cleanup of passdb and backends. I did some basic tests but I have probably broken something. Notably the password changing. So don't cry ;-) J.F. (This used to be commit a4a4c02b12f030a3b9e6225b999c90689dfc4719) --- source3/smbd/lanman.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 8dc3d8308a..d5dd876670 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1765,7 +1765,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param { fstring saved_pass2; - SAM_ACCOUNT *sampass; + SAM_ACCOUNT *sampass=NULL; /* * Save the new password as change_oem_password overwrites it @@ -1788,7 +1788,9 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if(lp_unix_password_sync() && !chgpasswd(user,pass1,saved_pass2,False)) SSVAL(*rparam,0,NERR_badpass); } - } + pdb_clear_sam(sampass); + } + /* * If the above failed, attempt the plaintext password change. @@ -1823,8 +1825,10 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param { SSVAL(*rparam,0,NERR_Success); } + pdb_clear_sam(hnd); } + memset((char *)pass1,'\0',sizeof(fstring)); memset((char *)pass2,'\0',sizeof(fstring)); -- cgit From 30c4c04c2f584857633ce7605555dcfb37a3e1af Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 7 May 2001 14:04:46 +0000 Subject: Patch from Simo: o sed 's/pdb_clear_sam/pdb_free_sam/g' o add pdb_reset_sam() o password changing should be ok now as well. (This used to be commit 96d0e7c3301ad990f6c83b9c216720cb32661fb5) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index d5dd876670..69a0fa5ac3 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1788,7 +1788,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if(lp_unix_password_sync() && !chgpasswd(user,pass1,saved_pass2,False)) SSVAL(*rparam,0,NERR_badpass); } - pdb_clear_sam(sampass); + pdb_free_sam(sampass); } @@ -1825,7 +1825,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param { SSVAL(*rparam,0,NERR_Success); } - pdb_clear_sam(hnd); + pdb_free_sam(hnd); } -- cgit From 87fbb7092b8f8b2f0db0f361c3d625e19de57cd9 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 4 Jul 2001 07:15:53 +0000 Subject: The big character set handling changeover! This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a) --- source3/smbd/lanman.c | 38 ++++++++++++++++++-------------------- 1 file changed, 18 insertions(+), 20 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 69a0fa5ac3..2b71770b2e 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -75,8 +75,7 @@ static int CopyExpanded(connection_struct *conn, StrnCpy(buf,src,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); standard_sub_conn(conn,buf); - StrnCpy(*dst,buf,*n-1); - l = strlen(*dst) + 1; + l = push_ascii(*dst,buf,*n-1, STR_TERMINATE); (*dst) += l; (*n) -= l; return l; @@ -86,8 +85,7 @@ static int CopyAndAdvance(char** dst, char* src, int* n) { int l; if (!src || !dst || !n || !(*dst)) return(0); - StrnCpy(*dst,src,*n-1); - l = strlen(*dst) + 1; + l = push_ascii(*dst,src,*n-1, STR_TERMINATE); (*dst) += l; (*n) -= l; return l; @@ -356,7 +354,7 @@ static void PackDriverData(struct pack_desc* desc) SIVAL(drivdata,0,sizeof drivdata); /* cb */ SIVAL(drivdata,4,1000); /* lVersion */ memset(drivdata+8,0,32); /* szDeviceName */ - srvstr_push_ascii(drivdata+8,"NULL",-1); + push_ascii(drivdata+8,"NULL",-1, STR_TERMINATE); PACKl(desc,"l",drivdata,sizeof drivdata); /* pDriverData */ } @@ -563,7 +561,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, DEBUG(10,("snum: %d\nprinterdriver: [%s]\nlp_driverfile: [%s]\n", snum, drivername, lp_driverfile(snum))); - lines = file_lines_load(lp_driverfile(snum),NULL, False); + lines = file_lines_load(lp_driverfile(snum),NULL); if (!lines) { DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum), @@ -795,7 +793,7 @@ static int get_printerdrivernumber(int snum) DEBUG(10,("snum: %d\nprinterdriver: [%s]\nlp_driverfile: [%s]\n", snum, drivername, lp_driverfile(snum))); - lines = file_lines_load(lp_driverfile(snum), NULL, False); + lines = file_lines_load(lp_driverfile(snum), NULL); if (!lines) { DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); @@ -1110,7 +1108,7 @@ static int get_server_info(uint32 servertype, BOOL local_list_only; int i; - lines = file_lines_load(lock_path(SERVER_LIST), NULL, False); + lines = file_lines_load(lock_path(SERVER_LIST), NULL); if (!lines) { DEBUG(4,("Can't open %s - %s\n",lock_path(SERVER_LIST),strerror(errno))); return(0); @@ -1255,15 +1253,15 @@ static int fill_srv_info(struct srv_info_struct *service, switch (uLevel) { case 0: - srvstr_push_ascii(p,service->name,15); - break; + push_ascii(p,service->name, 15, STR_TERMINATE); + break; case 1: - srvstr_push_ascii(p,service->name,15); - SIVAL(p,18,service->type); - SIVAL(p,22,PTR_DIFF(p2,baseaddr)); - len += CopyAndAdvance(&p2,service->comment,&l2); - break; + push_ascii(p,service->name,15, STR_TERMINATE); + SIVAL(p,18,service->type); + SIVAL(p,22,PTR_DIFF(p2,baseaddr)); + len += CopyAndAdvance(&p2,service->comment,&l2); + break; } if (stringbuf) @@ -1340,7 +1338,7 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request))); if (strcmp(str1, "WrLehDz") == 0) { - srvstr_pull_ascii(domain, p, sizeof(fstring)); + pull_ascii_fstring(domain, p); } else { fstrcpy(domain, global_myworkgroup); } @@ -1515,7 +1513,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, } if (!baseaddr) baseaddr = p; - srvstr_push_ascii(p,lp_servicename(snum),13); + push_ascii(p,lp_servicename(snum),13, STR_TERMINATE); if (uLevel > 0) { @@ -1727,7 +1725,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param fstring user; fstring pass1,pass2; - srvstr_pull_ascii(user,p,sizeof(user)); + pull_ascii_fstring(user,p); p = skip_string(p,1); @@ -1868,7 +1866,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * } p = skip_string(p,1); - p += srvstr_pull_ascii(user,p,sizeof(user)); + p += pull_ascii_fstring(user,p); DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user)); @@ -2138,7 +2136,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par p2 = p + struct_len; if (uLevel != 20) { srvstr_push(NULL, p,local_machine,16, - STR_ASCII|STR_UPPER|STR_TERMINATE|STR_CONVERT); + STR_ASCII|STR_UPPER|STR_TERMINATE); } p += 16; if (uLevel > 0) -- cgit From 527e824293ee934ca5da0ef5424efe5ab7757248 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 4 Jul 2001 07:36:09 +0000 Subject: strchr and strrchr are macros when compiling with optimisation in gcc, so we can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 2b71770b2e..6e3145aa7d 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -866,7 +866,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, str3 = p + 4; /* remove any trailing username */ - if ((p = strchr(QueueName,'%'))) *p = 0; + if ((p = strchr_m(QueueName,'%'))) *p = 0; DEBUG(3,("PrintQueue uLevel=%d name=%s\n",uLevel,QueueName)); -- cgit From 5b8d230e39cedda6117cf8528065cbab45bdd835 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 8 Jul 2001 14:10:30 +0000 Subject: This removes unused paramaters from various authtication functions, and should not change behaviour. This should make my later diffs smaller, where I actualy start cleaning up this mess... Andrew Bartlett (This used to be commit 04f090c224bb7ac3b53c430a591fce1fc939a81c) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 6e3145aa7d..aaf8b3fafe 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1797,7 +1797,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if(SVAL(*rparam,0) != NERR_Success) { - if (password_ok(user, pass1,strlen(pass1),NULL) && + if (password_ok(user, pass1,strlen(pass1)) && chgpasswd(user,pass1,pass2,False)) { SSVAL(*rparam,0,NERR_Success); -- cgit From b026e6edf290ec4cd77c2bb9a378630ddf7bc450 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 6 Aug 2001 22:39:51 +0000 Subject: Added Gerald's lanman printing only change to HEAD. Jeremy. (This used to be commit b7bd512d9a9b543b9caf93c264776db6852c03ea) --- source3/smbd/lanman.c | 190 ++++++++++++++++++++++++-------------------------- 1 file changed, 91 insertions(+), 99 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index aaf8b3fafe..c84812cb83 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -845,120 +845,112 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - char *QueueName = p; - int uLevel; - int count=0; - int snum; - char* str3; - struct pack_desc desc; - print_queue_struct *queue=NULL; - print_status_struct status; - char* tmpdata=NULL; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + char *QueueName = p; + int uLevel; + int count=0; + int snum; + char* str3; + struct pack_desc desc; + print_queue_struct *queue=NULL; + print_status_struct status; + char* tmpdata=NULL; - memset((char *)&status,'\0',sizeof(status)); - memset((char *)&desc,'\0',sizeof(desc)); + memset((char *)&status,'\0',sizeof(status)); + memset((char *)&desc,'\0',sizeof(desc)); - p = skip_string(p,1); - uLevel = SVAL(p,0); - str3 = p + 4; + p = skip_string(p,1); + uLevel = SVAL(p,0); + str3 = p + 4; - /* remove any trailing username */ - if ((p = strchr_m(QueueName,'%'))) *p = 0; + /* remove any trailing username */ + if ((p = strchr_m(QueueName,'%'))) + *p = 0; - DEBUG(3,("PrintQueue uLevel=%d name=%s\n",uLevel,QueueName)); + DEBUG(3,("api_DosPrintQGetInfo uLevel=%d name=%s\n",uLevel,QueueName)); - /* check it's a supported varient */ - if (!prefix_ok(str1,"zWrLh")) return False; - if (!check_printq_info(&desc,uLevel,str2,str3)) { - /* - * Patch from Scott Moomaw - * to return the 'invalid info level' error if an - * unknown level was requested. - */ - *rdata_len = 0; - *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); - SSVALS(*rparam,0,ERROR_INVALID_LEVEL); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,0); - return(True); - } + /* check it's a supported varient */ + if (!prefix_ok(str1,"zWrLh")) + return False; + if (!check_printq_info(&desc,uLevel,str2,str3)) { + /* + * Patch from Scott Moomaw + * to return the 'invalid info level' error if an + * unknown level was requested. + */ + *rdata_len = 0; + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,ERROR_INVALID_LEVEL); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,0); + return(True); + } - snum = lp_servicenumber(QueueName); - if (snum < 0 && pcap_printername_ok(QueueName,NULL)) { - int pnum = lp_servicenumber(PRINTERS_NAME); - if (pnum >= 0) { - lp_add_printer(QueueName,pnum); - snum = lp_servicenumber(QueueName); - } - } + snum = lp_servicenumber(QueueName); + if (snum < 0 && pcap_printername_ok(QueueName,NULL)) { + int pnum = lp_servicenumber(PRINTERS_NAME); + if (pnum >= 0) { + lp_add_printer(QueueName,pnum); + snum = lp_servicenumber(QueueName); + } + } - if (snum < 0 || !VALID_SNUM(snum)) return(False); + if (snum < 0 || !VALID_SNUM(snum)) + return(False); - if (uLevel==52) { - count = get_printerdrivernumber(snum); - DEBUG(3,("api_DosPrintQGetInfo: Driver files count: %d\n",count)); - } else { - count = print_queue_status(snum, &queue,&status); - } + if (uLevel==52) { + count = get_printerdrivernumber(snum); + DEBUG(3,("api_DosPrintQGetInfo: Driver files count: %d\n",count)); + } else { + count = print_queue_status(snum, &queue,&status); + } - if (mdrcnt > 0) { - *rdata = REALLOC(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; - } else { - /* - * Don't return data but need to get correct length - * init_package will return wrong size if buflen=0 - */ - desc.buflen = getlen(desc.format); - desc.base = tmpdata = (char *) malloc (desc.buflen); - } + if (mdrcnt > 0) { + *rdata = REALLOC(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + } else { + /* + * Don't return data but need to get correct length + * init_package will return wrong size if buflen=0 + */ + desc.buflen = getlen(desc.format); + desc.base = tmpdata = (char *) malloc (desc.buflen); + } - if (init_package(&desc,1,count)) { - desc.subcount = count; - fill_printq_info(conn,snum,uLevel,&desc,count,queue,&status); - } else if(uLevel == 0) { -#if 0 - /* - * This is a *disgusting* hack. - * This is *so* bad that even I'm embarrassed (and I - * have no shame). Here's the deal : - * Until we get the correct SPOOLSS code into smbd - * then when we're running with NT SMB support then - * NT makes this call with a level of zero, and then - * immediately follows it with an open request to - * the \\SRVSVC pipe. If we allow that open to - * succeed then NT barfs when it cannot open the - * \\SPOOLSS pipe immediately after and continually - * whines saying "Printer name is invalid" forever - * after. If we cause *JUST THIS NEXT OPEN* of \\SRVSVC - * to fail, then NT downgrades to using the downlevel code - * and everything works as well as before. I hate - * myself for adding this code.... JRA. - */ - - fail_next_srvsvc_open(); -#endif - } + if (init_package(&desc,1,count)) { + desc.subcount = count; + fill_printq_info(conn,snum,uLevel,&desc,count,queue,&status); + } - *rdata_len = desc.usedlen; + *rdata_len = desc.usedlen; - *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); - SSVALS(*rparam,0,desc.errcode); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,desc.neededlen); + /* + * We must set the return code to ERRbuftoosmall + * in order to support lanman style printing with Win NT/2k + * clients --jerry + */ + if (!mdrcnt && lp_lanman_printing_only()) + desc.errcode = ERRbuftoosmall; + + *rdata_len = desc.usedlen; + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,desc.neededlen); - DEBUG(4,("printqgetinfo: errorcode %d\n",desc.errcode)); + DEBUG(4,("printqgetinfo: errorcode %d\n",desc.errcode)); - if (queue) free(queue); - if (tmpdata) free (tmpdata); + if (queue) + free(queue); + if (tmpdata) + free (tmpdata); - return(True); + return(True); } /**************************************************************************** -- cgit From de5f42c9d9172592779fa2504d44544e3b6b1c0d Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 10 Aug 2001 04:27:26 +0000 Subject: merge from 2.2 (This used to be commit 6ab0e949d18b97ea7177175a4e6abb5ba076db98) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index c84812cb83..fe3516ee9d 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -933,7 +933,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, * in order to support lanman style printing with Win NT/2k * clients --jerry */ - if (!mdrcnt && lp_lanman_printing_only()) + if (!mdrcnt && lp_disable_spoolss()) desc.errcode = ERRbuftoosmall; *rdata_len = desc.usedlen; -- cgit From 4bbd1ddb274438e00f83fffa2051d8f7d6c2b17c Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 10 Aug 2001 05:50:47 +0000 Subject: More constant conversions. (This used to be commit 00703d306f14a5977df75cb04ee34ae8628ed40e) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index fe3516ee9d..ad7e8aac86 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -883,7 +883,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, *rdata_len = 0; *rparam_len = 6; *rparam = REALLOC(*rparam,*rparam_len); - SSVALS(*rparam,0,ERROR_INVALID_LEVEL); + SSVALS(*rparam,0,ERRunknownlevel); SSVAL(*rparam,2,0); SSVAL(*rparam,4,0); return(True); @@ -989,7 +989,7 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, *rdata_len = 0; *rparam_len = 6; *rparam = REALLOC(*rparam,*rparam_len); - SSVALS(*rparam,0,ERROR_INVALID_LEVEL); + SSVALS(*rparam,0,ERRunknownlevel); SSVAL(*rparam,2,0); SSVAL(*rparam,4,0); return(True); -- cgit From 2e783a47076bd0994b6ce86df7ec967bc1c2da63 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sun, 12 Aug 2001 17:30:01 +0000 Subject: this is a big global fix for the ptr = Realloc(ptr, size) bug. many possible mem leaks, and segfaults fixed. someone should port this fix to 2.2 also. (This used to be commit fa8e55b8b465114ce209344965c1ca0333b84db9) --- source3/smbd/lanman.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index ad7e8aac86..6408bbff9e 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1123,10 +1123,16 @@ static int get_server_info(uint32 servertype, if (!*ptr) continue; if (count == alloced) { + struct srv_info_struct *ts; + alloced += 10; - (*servers) = (struct srv_info_struct *) + ts = (struct srv_info_struct *) Realloc(*servers,sizeof(**servers)*alloced); - if (!(*servers)) return(0); + if (!ts) { + DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n")); + return(0); + } + else *servers = ts; memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count)); } s = &(*servers)[count]; -- cgit From b03a2011bb5a038cf9f3fd20351516420c6fc88a Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Tue, 28 Aug 2001 16:05:55 +0000 Subject: Ouch ! I didn't think I would have to do that: add 2 new rap calls ! It's a quick and ugly hack as a proof of concept: the dell powervault 705 works with a samba PDC. I'll do a correct user enumeration later. J.F. (This used to be commit 9ec6a8735682c7dfe9f8573f063da7625d425d8a) --- source3/smbd/lanman.c | 127 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 127 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 6408bbff9e..f971bf1e35 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1660,6 +1660,131 @@ static BOOL api_RNetShareEnum(connection_struct *conn,uint16 vuid, char *param,c } +/**************************************************************************** + view list of groups available + ****************************************************************************/ +static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + int buf_len = SVAL(p,2); + char *p2; + int count=0; + int total=0,counted=0; + BOOL missed = False; + int i; + int data_len, fixed_len, string_len; + int f_len = 0, s_len = 0; + + if (!prefix_ok(str1,"WrLeh")) return False; + + /* check it's a supported variant */ + switch( uLevel ) + { + case 0: + p2 = "B21"; + break; + default: + return False; + } + + if (strcmp(p2,str2) != 0) return False; + + *rdata_len = mdrcnt + 1024; + *rdata = REALLOC(*rdata,*rdata_len); + + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + + p = *rdata; + + /* XXXX we need a real SAM database some day */ + pstrcpy(p,"Users"); p += 21; count++; + pstrcpy(p,"Domain Users"); p += 21; count++; + pstrcpy(p,"Guests"); p += 21; count++; + pstrcpy(p,"Domain Guests"); p += 21; count++; + + *rdata_len = PTR_DIFF(p,*rdata); + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + + SSVAL(*rparam,4,count); /* is this right?? */ + SSVAL(*rparam,6,count); /* is this right?? */ + + DEBUG(3,("api_RNetGroupEnum gave %d entries\n", count)); + + return(True); +} + +/**************************************************************************** + view list of groups available + ****************************************************************************/ +static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + int buf_len = SVAL(p,2); + char *p2; + int count=0; + int total=0,counted=0; + BOOL missed = False; + int i; + int data_len, fixed_len, string_len; + int f_len = 0, s_len = 0; + + if (!prefix_ok(str1,"WrLeh")) return False; + + /* check it's a supported variant */ + switch( uLevel ) + { + case 0: + p2 = "B21"; + break; + default: + return False; + } + + if (strcmp(p2,str2) != 0) return False; + + *rdata_len = mdrcnt + 1024; + *rdata = REALLOC(*rdata,*rdata_len); + + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + + p = *rdata; + + /* XXXX we need a real SAM database some day */ + pstrcpy(p,"Users"); p += 21; count++; + pstrcpy(p,"Domain Users"); p += 21; count++; + pstrcpy(p,"Guests"); p += 21; count++; + pstrcpy(p,"Domain Guests"); p += 21; count++; + + *rdata_len = PTR_DIFF(p,*rdata); + + *rparam_len = 8; + *rparam = REALLOC(*rparam,*rparam_len); + + SSVAL(*rparam,4,count); /* is this right?? */ + SSVAL(*rparam,6,count); /* is this right?? */ + + DEBUG(3,("api_RNetUserEnum gave %d entries\n", count)); + + return(True); +} + + /**************************************************************************** get the time of day info @@ -3262,7 +3387,9 @@ struct {"RNetShareEnum", 0, api_RNetShareEnum,0}, {"RNetShareGetInfo", 1, api_RNetShareGetInfo,0}, {"RNetServerGetInfo", 13, api_RNetServerGetInfo,0}, + {"RNetGroupEnum", 47, api_RNetGroupEnum,0}, {"RNetGroupGetUsers", 52, api_RNetGroupGetUsers,0}, + {"RNetUserEnum", 53, api_RNetUserEnum,0}, {"RNetUserGetInfo", 56, api_RNetUserGetInfo,0}, {"NetUserGetGroups", 59, api_NetUserGetGroups,0}, {"NetWkstaGetInfo", 63, api_NetWkstaGetInfo,0}, -- cgit From 2771d77c6025dd7a1b5fbf2c0f863e334655b323 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 3 Sep 2001 08:54:24 +0000 Subject: tidied up some unused vars in JFs new fns (This used to be commit e26502b1f840cd0fafd700c9756b610b38709ce2) --- source3/smbd/lanman.c | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index f971bf1e35..21d18fc88c 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1672,14 +1672,8 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); char *p2; int count=0; - int total=0,counted=0; - BOOL missed = False; - int i; - int data_len, fixed_len, string_len; - int f_len = 0, s_len = 0; if (!prefix_ok(str1,"WrLeh")) return False; @@ -1734,14 +1728,8 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); char *p2; int count=0; - int total=0,counted=0; - BOOL missed = False; - int i; - int data_len, fixed_len, string_len; - int f_len = 0, s_len = 0; if (!prefix_ok(str1,"WrLeh")) return False; -- cgit From 19fea3242cf6234786b6cbb60631e0071f31ff9f Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 4 Sep 2001 07:13:01 +0000 Subject: the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66) --- source3/smbd/lanman.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 21d18fc88c..eb0e7154a2 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2016,6 +2016,7 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param char *p = skip_string(str2,1); int jobid, errcode; extern struct current_user current_user; + WERROR werr = WERR_OK; jobid = SVAL(p,0); @@ -2036,18 +2037,21 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param switch (function) { case 81: /* delete */ - if (print_job_delete(¤t_user, jobid, &errcode)) + if (print_job_delete(¤t_user, jobid, &werr)) errcode = NERR_Success; break; case 82: /* pause */ - if (print_job_pause(¤t_user, jobid, &errcode)) + if (print_job_pause(¤t_user, jobid, &werr)) errcode = NERR_Success; break; case 83: /* resume */ - if (print_job_resume(¤t_user, jobid, &errcode)) + if (print_job_resume(¤t_user, jobid, &werr)) errcode = NERR_Success; break; } + + if (!W_ERROR_IS_OK(werr)) + errcode = W_ERROR_V(werr); out: SSVAL(*rparam,0,errcode); @@ -2070,6 +2074,7 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param char *QueueName = skip_string(str2,1); int errcode = NERR_notsupported; int snum; + WERROR werr = WERR_OK; extern struct current_user current_user; /* check it's a supported varient */ @@ -2089,16 +2094,18 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param switch (function) { case 74: /* Pause queue */ - if (print_queue_pause(¤t_user, snum, &errcode)) errcode = NERR_Success; + if (print_queue_pause(¤t_user, snum, &werr)) errcode = NERR_Success; break; case 75: /* Resume queue */ - if (print_queue_resume(¤t_user, snum, &errcode)) errcode = NERR_Success; + if (print_queue_resume(¤t_user, snum, &werr)) errcode = NERR_Success; break; case 103: /* Purge */ - if (print_queue_purge(¤t_user, snum, &errcode)) errcode = NERR_Success; + if (print_queue_purge(¤t_user, snum, &werr)) errcode = NERR_Success; break; } + if (!W_ERROR_IS_OK(werr)) errcode = W_ERROR_V(werr); + out: SSVAL(*rparam,0,errcode); SSVAL(*rparam,2,0); /* converter word */ -- cgit From 61b2794968faa35dc91edce17e9b91e5366c3514 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 17 Sep 2001 11:25:41 +0000 Subject: move to SAFE_FREE() (This used to be commit a95943fde0ad89ae3f2deca2f7ba9cb5ab612b74) --- source3/smbd/lanman.c | 32 ++++++++++++++------------------ 1 file changed, 14 insertions(+), 18 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index eb0e7154a2..4d3da88783 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -945,10 +945,8 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, DEBUG(4,("printqgetinfo: errorcode %d\n",desc.errcode)); - if (queue) - free(queue); - if (tmpdata) - free (tmpdata); + SAFE_FREE(queue); + SAFE_FREE(tmpdata); return(True); } @@ -1038,7 +1036,7 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, } } - if (subcntarr) free(subcntarr); + SAFE_FREE(subcntarr); *rdata_len = desc.usedlen; *rparam_len = 8; @@ -1049,11 +1047,11 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, SSVAL(*rparam,6,queuecnt); for (i = 0; i < queuecnt; i++) { - if (queue && queue[i]) free(queue[i]); + if (queue) SAFE_FREE(queue[i]); } - if (queue) free(queue); - if (status) free(status); + SAFE_FREE(queue); + SAFE_FREE(status); return True; } @@ -1403,7 +1401,7 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param SSVAL(*rparam,4,counted); SSVAL(*rparam,6,counted+missed); - if (servers) free(servers); + SAFE_FREE(servers); DEBUG(3,("NetServerEnum domain = %s uLevel=%d counted=%d total=%d\n", domain,uLevel,counted,counted+missed)); @@ -2274,7 +2272,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par pstrcpy(comment,servers[i].comment); } } - if (servers) free(servers); + SAFE_FREE(servers); SCVAL(p,0,lp_major_announce_version()); SCVAL(p,1,lp_minor_announce_version()); @@ -2939,8 +2937,8 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para SSVAL(*rparam,2,0); SSVAL(*rparam,4,desc.neededlen); - if (queue) free(queue); - if (tmpdata) free(tmpdata); + SAFE_FREE(queue); + SAFE_FREE(tmpdata); DEBUG(4,("WPrintJobGetInfo: errorcode %d\n",desc.errcode)); return(True); @@ -3009,7 +3007,7 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *pa SSVAL(*rparam,4,succnt); SSVAL(*rparam,6,count); - if (queue) free(queue); + SAFE_FREE(queue); DEBUG(4,("WPrintJobEnumerate: errorcode %d\n",desc.errcode)); return(True); @@ -3128,7 +3126,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par SSVAL(*rparam,4,desc.neededlen); DEBUG(4,("WPrintDestGetInfo: errorcode %d\n",desc.errcode)); - if (tmpdata) free (tmpdata); + SAFE_FREE(tmpdata); return(True); } @@ -3478,10 +3476,8 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * send_trans_reply(outbuf, rparam, rparam_len, rdata, rdata_len, False); - if (rdata ) - free(rdata); - if (rparam) - free(rparam); + SAFE_FREE(rdata); + SAFE_FREE(rparam); return -1; } -- cgit From 83db39d2b5624217422b4c10509d589018f7a329 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 26 Sep 2001 12:12:26 +0000 Subject: Fix this to use the plaintext password code directly, like SWAT does. This whole area needs to be cleaned up. Should this kind of passowrd change/check be permitted with encrypt passwords = yes? In any case I've also had trouble testing this, as I can't find the right software/configuration to exersise this behaviour. But its better than the previous situation. Any assistance greatly appriciated. Andrew Bartlett (This used to be commit 37655b42897031f754d436435e64a2548de756b5) --- source3/smbd/lanman.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 4d3da88783..e9213e75a2 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1834,6 +1834,8 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param fstring user; fstring pass1,pass2; + struct passwd *passwd; + pull_ascii_fstring(user,p); p = skip_string(p,1); @@ -1863,7 +1865,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param /* * Do any UNIX username case mangling. */ - (void)Get_Pwnam( user, True); + passwd = Get_Pwnam( user, True); /* * Attempt to verify the old password against smbpasswd entries @@ -1906,13 +1908,15 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if(SVAL(*rparam,0) != NERR_Success) { - if (password_ok(user, pass1,strlen(pass1)) && - chgpasswd(user,pass1,pass2,False)) - { - SSVAL(*rparam,0,NERR_Success); - } + if NT_STATUS_IS_OK(pass_check(passwd, user, pass1, + strlen(pass1), NULL, False)) + { + if (chgpasswd(user,pass1,pass2,False)) { + SSVAL(*rparam,0,NERR_Success); + } + } } - + /* * If the plaintext change failed, attempt * the old encrypted method. NT will generate this -- cgit From 81697d5ebe33ad95dedfc376118fcdf0367cf052 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 29 Sep 2001 13:08:26 +0000 Subject: Fix up a number of intertwined issues: The big one is a global change to allow us to NULLify the free'ed pointer to a former passdb object. This was done to allow idra's SAFE_FREE() macro to do its magic, and to satisfy the input test in pdb_init_sam() for a NULL pointer to start with. This NULL pointer test was what was breaking the adding of accounts up until now, and this code has been reworked to avoid duplicating work - I hope this will avoid a similar mess-up in future. Finally, I fixed a few nasty bugs where the pdb_ fuctions's return codes were being ignored. Some of these functions malloc() and are permitted to fail. Also, this caught a nasty bug where pdb_set_lanman_password(sam, NULL) acheived precisely didilly-squat, just returning False. Now that we check the returns this bug was spotted. This could allow different LM and NT passwords. - the pdbedit code needs to start checking these too, but I havn't had a chance to fix it. I have also fixed up where some of the password changing code was using the pdb_set functions to store *internal* data. I assume this is from a previous lot of mass conversion work... Most likally (and going on past experience) I have missed somthing, probably in the LanMan password change code which I havn't yet been able to test, but this lot is in much better shape than it was before. If all this is too much to swallow (particularly for 2.2.2) then just adding a sam_pass = NULL to the particular line of passdb.c should do the trick for the ovbious bug. Andrew Bartlett (This used to be commit 762c8758a7869809d89b4da9c2a5249678942930) --- source3/smbd/lanman.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index e9213e75a2..b7acfa5f32 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1884,7 +1884,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param fstrcpy(saved_pass2, pass2); if (check_plaintext_password(user,pass1,strlen(pass1),&sampass) && - change_oem_password(sampass,pass2,False)) + change_oem_password(sampass,pass2)) { SSVAL(*rparam,0,NERR_Success); @@ -1897,7 +1897,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if(lp_unix_password_sync() && !chgpasswd(user,pass1,saved_pass2,False)) SSVAL(*rparam,0,NERR_badpass); } - pdb_free_sam(sampass); + pdb_free_sam(&sampass); } @@ -1931,12 +1931,12 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param { SAM_ACCOUNT *hnd = NULL; - if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd) && + if (check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd) && change_lanman_password(hnd,(unsigned char *)pass1,(unsigned char *)pass2)) { SSVAL(*rparam,0,NERR_Success); } - pdb_free_sam(hnd); + pdb_free_sam(&hnd); } -- cgit From dc1fc3ee8ec2199bc73bb5d7ec711c6800f61d65 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 2 Oct 2001 04:29:50 +0000 Subject: Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header. (This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e) --- source3/smbd/lanman.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index b7acfa5f32..088162c126 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -33,8 +33,6 @@ #endif #define CHECK_TYPES 0 -extern int DEBUGLEVEL; - extern fstring local_machine; extern pstring global_myname; extern fstring global_myworkgroup; -- cgit From d1006a96d075d3dca97915b5c39b58b0f48a419f Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Fri, 19 Oct 2001 19:13:11 +0000 Subject: Add RAP net share add support (This used to be commit a70bc077a1ecc4b42254f83327c8d80c618e95f6) --- source3/smbd/lanman.c | 144 +++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 113 insertions(+), 31 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 088162c126..0d92c98628 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1655,6 +1655,87 @@ static BOOL api_RNetShareEnum(connection_struct *conn,uint16 vuid, char *param,c return(True); } +/**************************************************************************** + Add a share + ****************************************************************************/ +static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + fstring sharename; + fstring comment; + pstring pathname; + pstring command; + int offset; + int snum; + int res; + + /* check it's a supported varient */ + if (!prefix_ok(str1,RAP_WShareAdd_REQ)) return False; + if (!check_share_info(uLevel,str2)) return False; + if (uLevel != 2) { + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); + *rdata_len = 0; + SSVAL(*rparam,0,NERR_notsupported); + SSVAL(*rparam,2,0); + return True; + } + + pull_ascii_fstring(sharename,data); + snum = find_service(sharename); + if (snum >= 0) { /* already exists */ + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); + SSVAL(*rparam,0,ERRfilexists); + SSVAL(*rparam,2,0); + return True; + } + + /* only support disk share adds */ + if (SVAL(data,14)!=STYPE_DISKTREE) { + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); + *rdata_len = 0; + SSVAL(*rparam,0,NERR_notsupported); + SSVAL(*rparam,2,0); + return True; + } + + offset = IVAL(data, 16); + pull_ascii_fstring(comment, offset? (data+offset) : ""); + offset = IVAL(data, 26); + pull_ascii_pstring(pathname, offset? (data+offset) : ""); + + string_replace(sharename, '"', ' '); + string_replace(pathname, '"', ' '); + string_replace(comment, '"', ' '); + + slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\" \"%s\" \"%s\"", + lp_add_share_cmd(), CONFIGFILE, sharename, pathname, comment); + + DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); + if ((res = smbrun(command, NULL)) != 0) { + DEBUG(0,("api_RNetShareAdd: Running [%s] returned (%d)\n", command, res )); + return ERRnoaccess; + } else + message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False); + return True; + + *rparam_len = 6; + *rparam = REALLOC(*rparam,*rparam_len); + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,4,*rdata_len); + *rdata_len = 0; + + return(True); +} /**************************************************************************** view list of groups available @@ -3379,37 +3460,38 @@ struct int,int,char **,char **,int *,int *); int flags; } api_commands[] = { - {"RNetShareEnum", 0, api_RNetShareEnum,0}, - {"RNetShareGetInfo", 1, api_RNetShareGetInfo,0}, - {"RNetServerGetInfo", 13, api_RNetServerGetInfo,0}, - {"RNetGroupEnum", 47, api_RNetGroupEnum,0}, - {"RNetGroupGetUsers", 52, api_RNetGroupGetUsers,0}, - {"RNetUserEnum", 53, api_RNetUserEnum,0}, - {"RNetUserGetInfo", 56, api_RNetUserGetInfo,0}, - {"NetUserGetGroups", 59, api_NetUserGetGroups,0}, - {"NetWkstaGetInfo", 63, api_NetWkstaGetInfo,0}, - {"DosPrintQEnum", 69, api_DosPrintQEnum,0}, - {"DosPrintQGetInfo", 70, api_DosPrintQGetInfo,0}, - {"WPrintQueuePause", 74, api_WPrintQueueCtrl,0}, - {"WPrintQueueResume", 75, api_WPrintQueueCtrl,0}, - {"WPrintJobEnumerate",76, api_WPrintJobEnumerate,0}, - {"WPrintJobGetInfo", 77, api_WPrintJobGetInfo,0}, - {"RDosPrintJobDel", 81, api_RDosPrintJobDel,0}, - {"RDosPrintJobPause", 82, api_RDosPrintJobDel,0}, - {"RDosPrintJobResume",83, api_RDosPrintJobDel,0}, - {"WPrintDestEnum", 84, api_WPrintDestEnum,0}, - {"WPrintDestGetInfo", 85, api_WPrintDestGetInfo,0}, - {"NetRemoteTOD", 91, api_NetRemoteTOD,0}, - {"WPrintQueuePurge", 103, api_WPrintQueueCtrl,0}, - {"NetServerEnum", 104, api_RNetServerEnum,0}, - {"WAccessGetUserPerms",105, api_WAccessGetUserPerms,0}, - {"SetUserPassword", 115, api_SetUserPassword,0}, - {"WWkstaUserLogon", 132, api_WWkstaUserLogon,0}, - {"PrintJobInfo", 147, api_PrintJobInfo,0}, - {"WPrintDriverEnum", 205, api_WPrintDriverEnum,0}, - {"WPrintQProcEnum", 206, api_WPrintQProcEnum,0}, - {"WPrintPortEnum", 207, api_WPrintPortEnum,0}, - {"SamOEMChangePassword", 214, api_SamOEMChangePassword,0}, + {"RNetShareEnum", RAP_WshareEnum, api_RNetShareEnum,0}, + {"RNetShareGetInfo", RAP_WshareGetInfo, api_RNetShareGetInfo,0}, + {"RNetShareAdd", RAP_WshareAdd, api_RNetShareAdd,0}, + {"RNetServerGetInfo", RAP_WserverGetInfo, api_RNetServerGetInfo,0}, + {"RNetGroupEnum", RAP_WGroupEnum, api_RNetGroupEnum,0}, + {"RNetGroupGetUsers", RAP_WGroupGetUsers, api_RNetGroupGetUsers,0}, + {"RNetUserEnum", RAP_WUserEnum, api_RNetUserEnum,0}, + {"RNetUserGetInfo", RAP_WUserGetInfo, api_RNetUserGetInfo,0}, + {"NetUserGetGroups", RAP_WUserGetGroups, api_NetUserGetGroups,0}, + {"NetWkstaGetInfo", RAP_WWkstaGetInfo, api_NetWkstaGetInfo,0}, + {"DosPrintQEnum", RAP_WPrintQEnum, api_DosPrintQEnum,0}, + {"DosPrintQGetInfo", RAP_WPrintQGetInfo, api_DosPrintQGetInfo,0}, + {"WPrintQueuePause", RAP_WPrintQPause, api_WPrintQueueCtrl,0}, + {"WPrintQueueResume", RAP_WPrintQContinue, api_WPrintQueueCtrl,0}, + {"WPrintJobEnumerate",RAP_WPrintJobEnum, api_WPrintJobEnumerate,0}, + {"WPrintJobGetInfo", RAP_WPrintJobGetInfo, api_WPrintJobGetInfo,0}, + {"RDosPrintJobDel", RAP_WPrintJobDel, api_RDosPrintJobDel,0}, + {"RDosPrintJobPause", RAP_WPrintJobPause, api_RDosPrintJobDel,0}, + {"RDosPrintJobResume",RAP_WPrintJobContinue, api_RDosPrintJobDel,0}, + {"WPrintDestEnum", RAP_WPrintDestEnum, api_WPrintDestEnum,0}, + {"WPrintDestGetInfo", RAP_WPrintDestGetInfo, api_WPrintDestGetInfo,0}, + {"NetRemoteTOD", RAP_NetRemoteTOD, api_NetRemoteTOD,0}, + {"WPrintQueuePurge", RAP_WPrintQPurge, api_WPrintQueueCtrl,0}, + {"NetServerEnum", RAP_NetServerEnum2, api_RNetServerEnum,0}, + {"WAccessGetUserPerms",RAP_WAccessGetUserPerms,api_WAccessGetUserPerms,0}, + {"SetUserPassword", RAP_WUserPasswordSet2, api_SetUserPassword,0}, + {"WWkstaUserLogon", RAP_WWkstaUserLogon, api_WWkstaUserLogon,0}, + {"PrintJobInfo", RAP_WPrintJobSetInfo, api_PrintJobInfo,0}, + {"WPrintDriverEnum", RAP_WPrintDriverEnum, api_WPrintDriverEnum,0}, + {"WPrintQProcEnum", RAP_WPrintQProcessorEnum,api_WPrintQProcEnum,0}, + {"WPrintPortEnum", RAP_WPrintPortEnum, api_WPrintPortEnum,0}, + {"SamOEMChangePassword",RAP_SamOEMChgPasswordUser2_P,api_SamOEMChangePassword,0}, {NULL, -1, api_Unsupported,0}}; -- cgit From e5868e1f57c1de537a7385a81d23671a727af5f5 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Sat, 20 Oct 2001 21:50:51 +0000 Subject: Use asprintf, do bounds check, better rc logic (This used to be commit 6a734158d92663873b7a9df517bec45a27ee9790) --- source3/smbd/lanman.c | 76 +++++++++++++++++++++++++++++---------------------- 1 file changed, 43 insertions(+), 33 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 0d92c98628..d4d7683855 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1670,62 +1670,63 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch fstring sharename; fstring comment; pstring pathname; - pstring command; - int offset; + char *command, *cmdname; + uint offset; int snum; - int res; + int res = ERRunsup; /* check it's a supported varient */ if (!prefix_ok(str1,RAP_WShareAdd_REQ)) return False; if (!check_share_info(uLevel,str2)) return False; - if (uLevel != 2) { - *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); - *rdata_len = 0; - SSVAL(*rparam,0,NERR_notsupported); - SSVAL(*rparam,2,0); - return True; - } + if (uLevel != 2) return False; pull_ascii_fstring(sharename,data); snum = find_service(sharename); if (snum >= 0) { /* already exists */ - *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); - SSVAL(*rparam,0,ERRfilexists); - SSVAL(*rparam,2,0); - return True; + res = ERRfilexists; + goto error_exit; } /* only support disk share adds */ - if (SVAL(data,14)!=STYPE_DISKTREE) { - *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); - *rdata_len = 0; - SSVAL(*rparam,0,NERR_notsupported); - SSVAL(*rparam,2,0); - return True; - } + if (SVAL(data,14)!=STYPE_DISKTREE) return False; offset = IVAL(data, 16); + if (offset >= mdrcnt) { + res = ERRinvalidparam; + goto error_exit; + } pull_ascii_fstring(comment, offset? (data+offset) : ""); + offset = IVAL(data, 26); + if (offset >= mdrcnt) { + res = ERRinvalidparam; + goto error_exit; + } pull_ascii_pstring(pathname, offset? (data+offset) : ""); string_replace(sharename, '"', ' '); string_replace(pathname, '"', ' '); string_replace(comment, '"', ' '); - slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\" \"%s\" \"%s\"", + cmdname = lp_add_share_cmd(); + + if (!cmdname || *cmdname == '\0') return False; + + asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"", lp_add_share_cmd(), CONFIGFILE, sharename, pathname, comment); - DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); - if ((res = smbrun(command, NULL)) != 0) { - DEBUG(0,("api_RNetShareAdd: Running [%s] returned (%d)\n", command, res )); - return ERRnoaccess; - } else - message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False); - return True; + if (command) { + DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); + if ((res = smbrun(command, NULL)) != 0) { + DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n", command, res )); + SAFE_FREE(command); + res = ERRnoaccess; + goto error_exit; + } else { + SAFE_FREE(command); + message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False); + } + } else return False; *rparam_len = 6; *rparam = REALLOC(*rparam,*rparam_len); @@ -1734,7 +1735,16 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch SSVAL(*rparam,4,*rdata_len); *rdata_len = 0; - return(True); + return True; + + error_exit: + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); + *rdata_len = 0; + SSVAL(*rparam,0,res); + SSVAL(*rparam,2,0); + return True; + } /**************************************************************************** -- cgit From a443dea5d1f6b63c464711a16fbea87541621394 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Mon, 22 Oct 2001 18:14:42 +0000 Subject: server support for RAP session list function (This used to be commit d42c28fbadf577a23fb8c1da9e1c64a2f34fe133) --- source3/smbd/lanman.c | 105 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 105 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index d4d7683855..3150253dab 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -3415,6 +3415,110 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param, return(True); } +struct session_info { + char machine[31]; + char username[24]; + char clitype[24]; + int opens; + int time; +}; + +struct sessions_info { + int count; + struct session_info *session_list; +}; + +static int gather_sessioninfo(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void *state) +{ + struct sessions_info *sinfo = state; + struct session_info *curinfo = NULL; + struct sessionid *sessid = (struct sessionid *) dbuf.dptr; + + sinfo->count += 1; + sinfo->session_list = REALLOC(sinfo->session_list, sinfo->count * sizeof(struct session_info)); + + curinfo = &(sinfo->session_list[sinfo->count - 1]); + + safe_strcpy(curinfo->machine, sessid->remote_machine, + sizeof(curinfo->machine)); + safe_strcpy(curinfo->username, uidtoname(sessid->uid), + sizeof(curinfo->username)); + DEBUG(7,("gather_sessioninfo session from %s@%s\n", + curinfo->username, curinfo->machine)); + return 0; +} + +/**************************************************************************** + List open sessions + ****************************************************************************/ +static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param, char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) + +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + struct pack_desc desc; + struct sessions_info sinfo; + int i; + + memset((char *)&desc,'\0',sizeof(desc)); + + uLevel = SVAL(p,0); + + DEBUG(3,("RNetSessionEnum uLevel=%d\n",uLevel)); + DEBUG(7,("RNetSessionEnum req string=%s\n",str1)); + DEBUG(7,("RNetSessionEnum ret string=%s\n",str2)); + + /* check it's a supported varient */ + if (strcmp(str1,RAP_NetSessionEnum_REQ) != 0) return False; + if (uLevel != 2 || strcmp(str2,RAP_SESSION_INFO_L2) != 0) return False; + + sinfo.count = 0; + sinfo.session_list = NULL; + + if (!session_traverse(gather_sessioninfo, &sinfo)) { + DEBUG(4,("RNetSessionEnum session_traverse failed\n")); + return False; + } + + if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + memset((char *)&desc,'\0',sizeof(desc)); + desc.base = *rdata; + desc.buflen = mdrcnt; + desc.format = str2; + if (!init_package(&desc,sinfo.count,0)) { + return False; + } + + for(i=0; i Date: Mon, 29 Oct 2001 07:28:32 +0000 Subject: This commit is number 3 of 4. In particular this commit focuses on: Changing the Get_Pwnam code so that it can work in a const-enforced environment. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes allow for 'const' in the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username (This used to be commit e7634f81c5116ff4addfb7e495f54b6bb78e8f77) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 3150253dab..7ade1e6d47 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1954,7 +1954,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param /* * Do any UNIX username case mangling. */ - passwd = Get_Pwnam( user, True); + passwd = Get_Pwnam_Modify( user ); /* * Attempt to verify the old password against smbpasswd entries @@ -2082,7 +2082,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * /* * Do any UNIX username case mangling. */ - (void)Get_Pwnam( user, True); + (void)Get_Pwnam_Modify( user ); if (pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL)) { -- cgit From f741f656737f4ec46cd318e986b6bf412ed309d2 Mon Sep 17 00:00:00 2001 From: Martin Pool Date: Mon, 19 Nov 2001 02:49:53 +0000 Subject: Store some path names in global variables initialized to configure default, rather than in preprocessor macros. (This used to be commit 79ec88f0da40faebe1e587f1b3e87b5f2b184f58) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 7ade1e6d47..34dcf6c211 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1713,7 +1713,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch if (!cmdname || *cmdname == '\0') return False; asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"", - lp_add_share_cmd(), CONFIGFILE, sharename, pathname, comment); + lp_add_share_cmd(), dyn_CONFIGFILE, sharename, pathname, comment); if (command) { DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); -- cgit From bf65820af242786bd66d814fc3e9d89920a49f8e Mon Sep 17 00:00:00 2001 From: Martin Pool Date: Fri, 21 Dec 2001 00:37:49 +0000 Subject: Add an output parameter to message_send_all that says how many messages were sent, so you know how many replies to expect. Const and doc religion. (This used to be commit 22e510ea0d69356be4fd2fa5ad9e9f4e84f62337) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 34dcf6c211..64da736ae2 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1724,7 +1724,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch goto error_exit; } else { SAFE_FREE(command); - message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False); + message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL); } } else return False; -- cgit From d6823366b881612234ab0655adb11c594f864c4a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 11 Jan 2002 19:10:25 +0000 Subject: Same fix as went into 2.2 (I'm waiting for jerry to finish some code). Jeremy. (This used to be commit 01ff6ce4963e1daff019f2b936cef218e1c93f67) --- source3/smbd/lanman.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 64da736ae2..fb8b52342a 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1512,7 +1512,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, if (uLevel > 0) { int type; - CVAL(p,13) = 0; + SCVAL(p,13,0); type = STYPE_DISKTREE; if (lp_print_ok(snum)) type = STYPE_PRINTQ; if (strequal("IPC",lp_fstype(snum))) type = STYPE_IPC; @@ -1894,16 +1894,16 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,ch t = LocalTime(&unixdate); SIVAL(p,4,0); /* msecs ? */ - CVAL(p,8) = t->tm_hour; - CVAL(p,9) = t->tm_min; - CVAL(p,10) = t->tm_sec; - CVAL(p,11) = 0; /* hundredths of seconds */ + SCVAL(p,8,t->tm_hour); + SCVAL(p,9,t->tm_min); + SCVAL(p,10,t->tm_sec); + SCVAL(p,11,0); /* hundredths of seconds */ SSVALS(p,12,TimeDiff(unixdate)/60); /* timezone in minutes from GMT */ SSVAL(p,14,10000); /* timer interval in 0.0001 of sec */ - CVAL(p,16) = t->tm_mday; - CVAL(p,17) = t->tm_mon + 1; + SCVAL(p,16,t->tm_mday); + SCVAL(p,17,t->tm_mon + 1); SSVAL(p,18,1900+t->tm_year); - CVAL(p,20) = t->tm_wday; + SCVAL(p,20,t->tm_wday); } -- cgit From f46db61068573779b56f8580c075ee143c3860d5 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 20 Jan 2002 09:00:32 +0000 Subject: Kill off the old varient of 'check_plaintext_password' (new version just committed in auth/auth_compat.c and use the new version to make the plaintext password change slightly sane... (Needs testing). Andrew Bartlett (This used to be commit 996d0cd89cf9da5e9749f136f013cc4a8b977ee0) --- source3/smbd/lanman.c | 83 +++++++++++++++++---------------------------------- 1 file changed, 28 insertions(+), 55 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index fb8b52342a..1a5777e1d4 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1923,8 +1923,6 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param fstring user; fstring pass1,pass2; - struct passwd *passwd; - pull_ascii_fstring(user,p); p = skip_string(p,1); @@ -1944,68 +1942,43 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param DEBUG(3,("Set password for <%s>\n",user)); - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - passwd = Get_Pwnam_Modify( user ); - /* * Attempt to verify the old password against smbpasswd entries * Win98 clients send old and new password in plaintext for this call. */ { - fstring saved_pass2; - SAM_ACCOUNT *sampass=NULL; - - /* - * Save the new password as change_oem_password overwrites it - * with zeros. - */ - - fstrcpy(saved_pass2, pass2); - - if (check_plaintext_password(user,pass1,strlen(pass1),&sampass) && - change_oem_password(sampass,pass2)) - { - SSVAL(*rparam,0,NERR_Success); - - /* - * If unix password sync was requested, attempt to change - * the /etc/passwd database also. Return failure if this cannot - * be done. - */ - - if(lp_unix_password_sync() && !chgpasswd(user,pass1,saved_pass2,False)) - SSVAL(*rparam,0,NERR_badpass); - } - pdb_free_sam(&sampass); - } - - - /* - * If the above failed, attempt the plaintext password change. - * This tests against the /etc/passwd database only. - */ - - if(SVAL(*rparam,0) != NERR_Success) - { - if NT_STATUS_IS_OK(pass_check(passwd, user, pass1, - strlen(pass1), NULL, False)) + auth_serversupplied_info *server_info = NULL; + DATA_BLOB password = data_blob(pass1, strlen(pass1)+1); + if (NT_STATUS_IS_OK(check_plaintext_password(user,password,&server_info))) { + if (change_oem_password(server_info->sam_account,pass2)) { - if (chgpasswd(user,pass1,pass2,False)) { - SSVAL(*rparam,0,NERR_Success); - } + SSVAL(*rparam,0,NERR_Success); } + + /* + * If unix password sync was requested, attempt to change + * the /etc/passwd database also. Return failure if this cannot + * be done. + * + * This occours regardless of the previous result, becouse + * It might not have been testing the password against the SAM backend. + * (and therefore the change_oem_password would fail). + * + * Conditional on lp_unix_password_sync() becouse we don't want + * to touch the unix db unless we have admin permission. + */ + + if(lp_unix_password_sync() && !chgpasswd(pdb_get_username(server_info->sam_account), + pass1,pass2,False)) { + SSVAL(*rparam,0,NERR_badpass); + } + + free_server_info(&server_info); + } + data_blob_clear_free(&password); } - + /* * If the plaintext change failed, attempt * the old encrypted method. NT will generate this -- cgit From a03b5e3864ac6044694fe0b4e7f83098598b60dc Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 21 Jan 2002 00:32:26 +0000 Subject: One less Get_Pwnam_Modify call! (the passdb backend is case-insensitive, so there isn't any point to this). Andrew Bartlett (This used to be commit 5e868b403340d84d68c1831a09bf1a4dd710da90) --- source3/smbd/lanman.c | 5 ----- 1 file changed, 5 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 1a5777e1d4..d755bb42f8 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2052,11 +2052,6 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * (void)map_username(user); - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam_Modify( user ); - if (pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL)) { SSVAL(*rparam,0,NERR_Success); -- cgit From 44dd648a646e58ad69f250dcd23fe56d7885efd2 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 23 Jan 2002 11:57:11 +0000 Subject: Change the order of this a bit - as unix password change can fail. This due for abstraction into chgpasswd.c shortly. Andrew Bartlett (This used to be commit 635942ae21793136814a84b1d344f411a5d6e242) --- source3/smbd/lanman.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index d755bb42f8..f6ebbc82ad 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1951,29 +1951,30 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param auth_serversupplied_info *server_info = NULL; DATA_BLOB password = data_blob(pass1, strlen(pass1)+1); if (NT_STATUS_IS_OK(check_plaintext_password(user,password,&server_info))) { - if (change_oem_password(server_info->sam_account,pass2)) - { - SSVAL(*rparam,0,NERR_Success); - } - + /* * If unix password sync was requested, attempt to change - * the /etc/passwd database also. Return failure if this cannot + * the /etc/passwd database first. Return failure if this cannot * be done. * - * This occours regardless of the previous result, becouse - * It might not have been testing the password against the SAM backend. - * (and therefore the change_oem_password would fail). + * This occurs before the oem change, becouse we don't want to + * update it if chgpasswd failed. * * Conditional on lp_unix_password_sync() becouse we don't want * to touch the unix db unless we have admin permission. */ - if(lp_unix_password_sync() && !chgpasswd(pdb_get_username(server_info->sam_account), - pass1,pass2,False)) { + if(lp_unix_password_sync() && IS_SAM_UNIX_USER(server->sam_account) + && !chgpasswd(pdb_get_username(server_info->sam_account), + pass1,pass2,False)) { SSVAL(*rparam,0,NERR_badpass); } + if (change_oem_password(server_info->sam_account,pass2)) + { + SSVAL(*rparam,0,NERR_Success); + } + free_server_info(&server_info); } data_blob_clear_free(&password); -- cgit From 7c05db480320067d8d98b030cf4c19adedee1e43 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 23 Jan 2002 13:44:32 +0000 Subject: Oops... (This used to be commit 9b63a872239bf7757c802bb3db3761cf3ec66e85) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index f6ebbc82ad..66e4cd5bf7 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1964,7 +1964,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param * to touch the unix db unless we have admin permission. */ - if(lp_unix_password_sync() && IS_SAM_UNIX_USER(server->sam_account) + if(lp_unix_password_sync() && IS_SAM_UNIX_USER(server_info->sam_account) && !chgpasswd(pdb_get_username(server_info->sam_account), pass1,pass2,False)) { SSVAL(*rparam,0,NERR_badpass); -- cgit From cd68afe31256ad60748b34f7318a180cfc2127cc Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 30 Jan 2002 06:08:46 +0000 Subject: Removed version number from file header. Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa) --- source3/smbd/lanman.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 66e4cd5bf7..128d8bea4a 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1,6 +1,5 @@ /* - Unix SMB/Netbios implementation. - Version 1.9. + Unix SMB/CIFS implementation. Inter-process communication and named pipe handling Copyright (C) Andrew Tridgell 1992-1998 -- cgit From 14c6277840a7b067335122a0ae13ed390e9ab3a6 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 27 Feb 2002 13:18:51 +0000 Subject: This should fix up the level 0 'convert_string' debug messages that we have been seing since the unicode conversion. It looks like a simple oversight in the move away from StrnCpy (which takes amount of space -1 as an arg) to push_ascii etc which take the absolute amount of space. Andrew Bartlett (This used to be commit 4447c6bd4d9c273ef5bf4eb23726923ee58bf38d) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 128d8bea4a..5bf7bb89e3 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -82,7 +82,7 @@ static int CopyAndAdvance(char** dst, char* src, int* n) { int l; if (!src || !dst || !n || !(*dst)) return(0); - l = push_ascii(*dst,src,*n-1, STR_TERMINATE); + l = push_ascii(*dst,src,*n, STR_TERMINATE); (*dst) += l; (*n) -= l; return l; -- cgit From 65c007b583e2107f5ad1ba6733d3e578a143863e Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 15 Mar 2002 08:14:10 +0000 Subject: syncing up printing code with SAMBA_2_2 (already done some merges in the reverse). * add in new printer change notify code from SAMBA_2_2 * add in se_map_standard() from 2.2 in _spoolss_open_printer_ex() * sync up the _print_queue_struct in smb.h (why did someone change the user/file names in fs_user/fs_file (or vice-versa) ? ) * sync up some cli_spoolss_XXX functions (This used to be commit 5760315c1de4033fdc22684c940f18010010924f) --- source3/smbd/lanman.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 5bf7bb89e3..a218a04962 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -445,7 +445,7 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, PACKI(desc,"W",queue->job); /* uJobId */ if (uLevel == 1) { - PACKS(desc,"B21",queue->user); /* szUserName */ + PACKS(desc,"B21",queue->fs_user); /* szUserName */ PACKS(desc,"B",""); /* pad */ PACKS(desc,"B16",""); /* szNotifyName */ PACKS(desc,"B10","PM_Q_RAW"); /* szDataType */ @@ -455,17 +455,17 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, PACKS(desc,"z",""); /* pszStatus */ PACKI(desc,"D",t); /* ulSubmitted */ PACKI(desc,"D",queue->size); /* ulSize */ - PACKS(desc,"z",queue->file); /* pszComment */ + PACKS(desc,"z",queue->fs_file); /* pszComment */ } if (uLevel == 2 || uLevel == 3 || uLevel == 4) { PACKI(desc,"W",queue->priority); /* uPriority */ - PACKS(desc,"z",queue->user); /* pszUserName */ + PACKS(desc,"z",queue->fs_user); /* pszUserName */ PACKI(desc,"W",n+1); /* uPosition */ PACKI(desc,"W",printj_status(queue->status)); /* fsStatus */ PACKI(desc,"D",t); /* ulSubmitted */ PACKI(desc,"D",queue->size); /* ulSize */ PACKS(desc,"z","Samba"); /* pszComment */ - PACKS(desc,"z",queue->file); /* pszDocument */ + PACKS(desc,"z",queue->fs_file); /* pszDocument */ if (uLevel == 3) { PACKS(desc,"z",""); /* pszNotifyName */ PACKS(desc,"z","PM_Q_RAW"); /* pszDataType */ -- cgit From ab13654dc9ac23872e4d1384e1c54e336f113009 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sun, 17 Mar 2002 04:36:35 +0000 Subject: Renamed get_nt_error_msg() to nt_errstr(). (This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index a218a04962..666bbb5f61 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1632,7 +1632,7 @@ static BOOL api_RNetShareEnum(connection_struct *conn,uint16 vuid, char *param,c *rdata = REALLOC(*rdata,*rdata_len); memset(*rdata,0,*rdata_len); - p2 = (*rdata) + fixed_len; /* auxillery data (strings) will go here */ + p2 = (*rdata) + fixed_len; /* auxiliary data (strings) will go here */ p = *rdata; f_len = fixed_len; s_len = string_len; -- cgit From e90b65284812aaa5ff9e9935ce9bbad7791cbbcd Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 15 Jul 2002 10:35:28 +0000 Subject: updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce) --- source3/smbd/lanman.c | 424 +++++++++++++++++++++++++++----------------------- 1 file changed, 226 insertions(+), 198 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 666bbb5f61..217bb6a613 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -71,7 +71,7 @@ static int CopyExpanded(connection_struct *conn, StrnCpy(buf,src,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); - standard_sub_conn(conn,buf); + standard_sub_conn(conn,buf,sizeof(buf)); l = push_ascii(*dst,buf,*n-1, STR_TERMINATE); (*dst) += l; (*n) -= l; @@ -94,7 +94,7 @@ static int StrlenExpanded(connection_struct *conn, int snum, char* s) if (!s) return(0); StrnCpy(buf,s,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); - standard_sub_conn(conn,buf); + standard_sub_conn(conn,buf,sizeof(buf)); return strlen(buf) + 1; } @@ -104,7 +104,7 @@ static char* Expand(connection_struct *conn, int snum, char* s) if (!s) return(NULL); StrnCpy(buf,s,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); - standard_sub_conn(conn,buf); + standard_sub_conn(conn,buf,sizeof(buf)); return &buf[0]; } @@ -1670,7 +1670,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch fstring comment; pstring pathname; char *command, *cmdname; - uint offset; + unsigned int offset; int snum; int res = ERRunsup; @@ -1754,82 +1754,104 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c char **rdata,char **rparam, int *rdata_len,int *rparam_len) { + int i; + int errflags=0; + int resume_context, cli_buf_size; char *str1 = param+2; char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - char *p2; - int count=0; - if (!prefix_ok(str1,"WrLeh")) return False; - - /* check it's a supported variant */ - switch( uLevel ) - { - case 0: - p2 = "B21"; - break; - default: - return False; + GROUP_MAP *group_list; + int num_entries; + + if (strcmp(str1,"WrLeh") != 0) + return False; + + /* parameters + * W-> resume context (number of users to skip) + * r -> return parameter pointer to receive buffer + * L -> length of receive buffer + * e -> return parameter number of entries + * h -> return parameter total number of users + */ + if (strcmp("B21",str2) != 0) + return False; + + /* get list of domain groups SID_DOMAIN_GRP=2 */ + if(!enum_group_mapping(2 , &group_list, &num_entries, False, False)) { + DEBUG(3,("api_RNetGroupEnum:failed to get group list")); + return False; } - if (strcmp(p2,str2) != 0) return False; + resume_context = SVAL(p,0); + cli_buf_size=SVAL(p+2,0); + DEBUG(10,("api_RNetGroupEnum:resume context: %d, client buffer size: %d\n", resume_context, cli_buf_size)); - *rdata_len = mdrcnt + 1024; + *rdata_len = cli_buf_size; *rdata = REALLOC(*rdata,*rdata_len); - SSVAL(*rparam,0,NERR_Success); - SSVAL(*rparam,2,0); /* converter word */ - p = *rdata; - /* XXXX we need a real SAM database some day */ - pstrcpy(p,"Users"); p += 21; count++; - pstrcpy(p,"Domain Users"); p += 21; count++; - pstrcpy(p,"Guests"); p += 21; count++; - pstrcpy(p,"Domain Guests"); p += 21; count++; + for(i=resume_context; i resume context (number of users to skip) + * r -> return parameter pointer to receive buffer + * L -> length of receive buffer + * e -> return parameter number of entries + * h -> return parameter total number of users + */ + + resume_context = SVAL(p,0); + cli_buf_size=SVAL(p+2,0); + DEBUG(10,("api_RNetUserEnum:resume context: %d, client buffer size: %d\n", resume_context, cli_buf_size)); + *rparam_len = 8; *rparam = REALLOC(*rparam,*rparam_len); - SSVAL(*rparam,4,count); /* is this right?? */ - SSVAL(*rparam,6,count); /* is this right?? */ + /* check it's a supported varient */ + if (strcmp("B21",str2) != 0) + return False; - DEBUG(3,("api_RNetUserEnum gave %d entries\n", count)); + *rdata_len = cli_buf_size; + *rdata = REALLOC(*rdata,*rdata_len); - return(True); + p = *rdata; + + /* to get user list enumerations for NetUserEnum in B21 format */ + pdb_init_sam(&pwd); + + /* Open the passgrp file - not for update. */ + become_root(); + if(!pdb_setsampwent(False)) { + DEBUG(0, ("api_RNetUserEnum:unable to open sam database.\n")); + unbecome_root(); + return False; + } + errflags=NERR_Success; + + while ( pdb_getsampwent(pwd) ) { + const char *name=pdb_get_username(pwd); + if ((name) && (*(name+strlen(name)-1)!='$')) { + count_total++; + if(count_total>=resume_context) { + if( ((PTR_DIFF(p,*rdata)+21)<=*rdata_len)&&(strlen(name)<=21) ) { + pstrcpy(p,name); + DEBUG(10,("api_RNetUserEnum:adding entry %d username %s\n",count_sent,p)); + p += 21; + count_sent++; + } else { + /* set overflow error */ + DEBUG(10,("api_RNetUserEnum:overflow on entry %d username %s\n",count_sent,name)); + errflags=234; + break; + } + } + } + } ; + + pdb_endsampwent(); + unbecome_root(); + + pdb_free_sam(&pwd); + + *rdata_len = PTR_DIFF(p,*rdata); + + SSVAL(*rparam,0,errflags); + SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,4,count_sent); /* is this right?? */ + SSVAL(*rparam,6,count_total); /* is this right?? */ + + return True; } @@ -2343,7 +2451,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par SIVAL(p,6,0); } else { SIVAL(p,6,PTR_DIFF(p2,*rdata)); - standard_sub_conn(conn,comment); + standard_sub_conn(conn,comment,sizeof(comment)); StrnCpy(p2,comment,MAX(mdrcnt - struct_len,0)); p2 = skip_string(p2,1); } @@ -2685,8 +2793,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SIVAL(p,usri11_auth_flags,AF_OP_PRINT); /* auth flags */ SIVALS(p,usri11_password_age,-1); /* password age */ SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */ - pstrcpy(p2, lp_logon_home()); - standard_sub_conn(conn, p2); + pstrcpy(p2, vuser && vuser->homedir ? vuser->homedir : ""); p2 = skip_string(p2,1); SIVAL(p,usri11_parms,PTR_DIFF(p2,p)); /* parms */ pstrcpy(p2,""); @@ -2722,15 +2829,13 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SSVAL(p,42, conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ - pstrcpy(p2,lp_logon_home()); - standard_sub_conn(conn, p2); + pstrcpy(p2, vuser && vuser->homedir ? vuser->homedir : ""); p2 = skip_string(p2,1); SIVAL(p,48,PTR_DIFF(p2,*rdata)); /* comment */ *p2++ = 0; SSVAL(p,52,0); /* flags */ SIVAL(p,54,PTR_DIFF(p2,*rdata)); /* script_path */ - pstrcpy(p2,lp_logon_script()); - standard_sub_conn( conn, p2 ); + pstrcpy(p2,vuser && vuser->logon_script ? vuser->logon_script : ""); p2 = skip_string(p2,1); if (uLevel == 2) { @@ -2755,7 +2860,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SSVALS(p,104,-1); /* num_logons */ SIVAL(p,106,PTR_DIFF(p2,*rdata)); /* logon_server */ pstrcpy(p2,"\\\\%L"); - standard_sub_conn(conn, p2); + standard_sub_conn(conn, p2,0); p2 = skip_string(p2,1); SSVAL(p,110,49); /* country_code */ SSVAL(p,112,860); /* code page */ @@ -2769,56 +2874,6 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param return(True); } -/******************************************************************* - get groups that a user is a member of - ******************************************************************/ -static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) -{ - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *UserName = skip_string(str2,1); - char *p = skip_string(UserName,1); - int uLevel = SVAL(p,0); - char *p2; - int count=0; - - *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); - - /* check it's a supported varient */ - if (strcmp(str1,"zWrLeh") != 0) return False; - switch( uLevel ) { - case 0: p2 = "B21"; break; - default: return False; - } - if (strcmp(p2,str2) != 0) return False; - - *rdata_len = mdrcnt + 1024; - *rdata = REALLOC(*rdata,*rdata_len); - - SSVAL(*rparam,0,NERR_Success); - SSVAL(*rparam,2,0); /* converter word */ - - p = *rdata; - - /* XXXX we need a real SAM database some day */ - pstrcpy(p,"Users"); p += 21; count++; - pstrcpy(p,"Domain Users"); p += 21; count++; - pstrcpy(p,"Guests"); p += 21; count++; - pstrcpy(p,"Domain Guests"); p += 21; count++; - - *rdata_len = PTR_DIFF(p,*rdata); - - SSVAL(*rparam,4,count); /* is this right?? */ - SSVAL(*rparam,6,count); /* is this right?? */ - - return(True); -} - - static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -2830,6 +2885,12 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param int uLevel; struct pack_desc desc; char* name; + /* With share level security vuid will always be zero. + Don't depend on vuser being non-null !!. JRA */ + user_struct *vuser = get_valid_user_struct(vuid); + if(vuser != NULL) + DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, + vuser->user.unix_name)); uLevel = SVAL(p,0); name = p + 2; @@ -2873,15 +2934,7 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param } PACKS(&desc,"z",global_myworkgroup);/* domain */ -/* JHT - By calling lp_logon_script() and standard_sub() we have */ -/* made sure all macros are fully substituted and available */ - { - pstring logon_script; - pstrcpy(logon_script,lp_logon_script()); - standard_sub_conn( conn, logon_script ); - PACKS(&desc,"z", logon_script); /* script path */ - } -/* End of JHT mods */ + PACKS(&desc,"z", vuser && vuser->logon_script ? vuser->logon_script :""); /* script path */ PACKI(&desc,"D",0x00000000); /* reserved */ } @@ -3030,7 +3083,7 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *pa DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name)); - /* check it's a supported varient */ + /* check it's a supported variant */ if (strcmp(str1,"zWrLeh") != 0) return False; if (uLevel > 2) return False; /* defined only for uLevel 0,1,2 */ if (!check_printjob_info(&desc,uLevel,str2)) return False; @@ -3383,38 +3436,6 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param, return(True); } -struct session_info { - char machine[31]; - char username[24]; - char clitype[24]; - int opens; - int time; -}; - -struct sessions_info { - int count; - struct session_info *session_list; -}; - -static int gather_sessioninfo(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void *state) -{ - struct sessions_info *sinfo = state; - struct session_info *curinfo = NULL; - struct sessionid *sessid = (struct sessionid *) dbuf.dptr; - - sinfo->count += 1; - sinfo->session_list = REALLOC(sinfo->session_list, sinfo->count * sizeof(struct session_info)); - - curinfo = &(sinfo->session_list[sinfo->count - 1]); - - safe_strcpy(curinfo->machine, sessid->remote_machine, - sizeof(curinfo->machine)); - safe_strcpy(curinfo->username, uidtoname(sessid->uid), - sizeof(curinfo->username)); - DEBUG(7,("gather_sessioninfo session from %s@%s\n", - curinfo->username, curinfo->machine)); - return 0; -} /**************************************************************************** List open sessions @@ -3430,8 +3451,8 @@ static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param char *p = skip_string(str2,1); int uLevel; struct pack_desc desc; - struct sessions_info sinfo; - int i; + struct sessionid *session_list; + int i, num_sessions; memset((char *)&desc,'\0',sizeof(desc)); @@ -3445,26 +3466,20 @@ static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param if (strcmp(str1,RAP_NetSessionEnum_REQ) != 0) return False; if (uLevel != 2 || strcmp(str2,RAP_SESSION_INFO_L2) != 0) return False; - sinfo.count = 0; - sinfo.session_list = NULL; - - if (!session_traverse(gather_sessioninfo, &sinfo)) { - DEBUG(4,("RNetSessionEnum session_traverse failed\n")); - return False; - } + num_sessions = list_sessions(&session_list); if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); memset((char *)&desc,'\0',sizeof(desc)); desc.base = *rdata; desc.buflen = mdrcnt; desc.format = str2; - if (!init_package(&desc,sinfo.count,0)) { + if (!init_package(&desc,num_sessions,0)) { return False; } - for(i=0; iguest) + return ERROR_NT(NT_STATUS_ACCESS_DENIED); + } + rdata = (char *)malloc(1024); if (rdata) memset(rdata,'\0',1024); -- cgit From b0b28531c8cd76d3fcd95da08389d8a4d2e631a3 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 15 Jul 2002 11:16:26 +0000 Subject: more bug updates from head (This used to be commit 8b769bf5bbbe54b1a39fd85cc24db09c1ab7faab) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 217bb6a613..996a17e932 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1778,7 +1778,7 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c return False; /* get list of domain groups SID_DOMAIN_GRP=2 */ - if(!enum_group_mapping(2 , &group_list, &num_entries, False, False)) { + if(!enum_group_mapping(SID_NAME_DOM_GRP , &group_list, &num_entries, False, False)) { DEBUG(3,("api_RNetGroupEnum:failed to get group list")); return False; } -- cgit From 127e77e6e334fdc33086bffcbe00d340c0ba0097 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 17 Aug 2002 15:27:10 +0000 Subject: Sync 3.0 branch with head (This used to be commit 42615b945e2e48e53a21ea47f2e45407913a6a1e) --- source3/smbd/lanman.c | 41 +++++++++++++++++++++++------------------ 1 file changed, 23 insertions(+), 18 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 996a17e932..8bfad4ab33 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -443,7 +443,7 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, /* the client expects localtime */ t -= TimeDiff(t); - PACKI(desc,"W",queue->job); /* uJobId */ + PACKI(desc,"W",pjobid_to_rap(snum,queue->job)); /* uJobId */ if (uLevel == 1) { PACKS(desc,"B21",queue->fs_user); /* szUserName */ PACKS(desc,"B",""); /* pad */ @@ -933,7 +933,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, if (!mdrcnt && lp_disable_spoolss()) desc.errcode = ERRbuftoosmall; - *rdata_len = desc.usedlen; + *rdata_len = desc.usedlen; *rparam_len = 6; *rparam = REALLOC(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); @@ -2181,11 +2181,14 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param char *str1 = param+2; char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); - int jobid, errcode; + uint32 jobid; + int snum; + int errcode; extern struct current_user current_user; WERROR werr = WERR_OK; - jobid = SVAL(p,0); + if(!rap_to_pjobid(SVAL(p,0),&snum,&jobid)) + return False; /* check it's a supported varient */ if (!(strcsequal(str1,"W") && strcsequal(str2,""))) @@ -2195,7 +2198,7 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param *rparam = REALLOC(*rparam,*rparam_len); *rdata_len = 0; - if (!print_job_exists(jobid)) { + if (!print_job_exists(snum, jobid)) { errcode = NERR_JobNotFound; goto out; } @@ -2204,15 +2207,15 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param switch (function) { case 81: /* delete */ - if (print_job_delete(¤t_user, jobid, &werr)) + if (print_job_delete(¤t_user, snum, jobid, &werr)) errcode = NERR_Success; break; case 82: /* pause */ - if (print_job_pause(¤t_user, jobid, &werr)) + if (print_job_pause(¤t_user, snum, jobid, &werr)) errcode = NERR_Success; break; case 83: /* resume */ - if (print_job_resume(¤t_user, jobid, &werr)) + if (print_job_resume(¤t_user, snum, jobid, &werr)) errcode = NERR_Success; break; } @@ -2313,12 +2316,14 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha char *str1 = param+2; char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); - int jobid; + uint32 jobid; + int snum; int uLevel = SVAL(p,2); int function = SVAL(p,4); int place, errcode; - jobid = SVAL(p,0); + if(!rap_to_pjobid(SVAL(p,0),&snum,&jobid)) + return False; *rparam_len = 4; *rparam = REALLOC(*rparam,*rparam_len); @@ -2329,7 +2334,7 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha (!check_printjob_info(&desc,uLevel,str2))) return(False); - if (!print_job_exists(jobid)) { + if (!print_job_exists(snum, jobid)) { errcode=NERR_JobNotFound; goto out; } @@ -2341,14 +2346,14 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha /* change job place in the queue, data gives the new place */ place = SVAL(data,0); - if (print_job_set_place(jobid, place)) { + if (print_job_set_place(snum, jobid, place)) { errcode=NERR_Success; } break; case 0xb: /* change print job name, data gives the name */ - if (print_job_set_name(jobid, data)) { + if (print_job_set_name(snum, jobid, data)) { errcode=NERR_Success; } break; @@ -2994,7 +2999,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para int count; int i; int snum; - int job; + uint32 jobid; struct pack_desc desc; print_queue_struct *queue=NULL; print_status_struct status; @@ -3011,14 +3016,14 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para if (strcmp(str1,"WWrLh") != 0) return False; if (!check_printjob_info(&desc,uLevel,str2)) return False; - job = SVAL(p,0); - snum = print_job_snum(job); + if(!rap_to_pjobid(SVAL(p,0),&snum,&jobid)) + return False; if (snum < 0 || !VALID_SNUM(snum)) return(False); count = print_queue_status(snum,&queue,&status); for (i = 0; i < count; i++) { - if (queue[i].job == job) break; + if (queue[i].job == jobid) break; } if (mdrcnt > 0) { @@ -3549,7 +3554,7 @@ static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param,cha -struct +const static struct { char *name; int id; -- cgit From 6ce3e3b10c30946ebe6ce25b5be0ca03e9d5617f Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 21 Oct 2002 20:11:12 +0000 Subject: removed the following parameters * postscript * printer driver * printer driver location * printer driver file also removed the get_a_printer_driver_9x_compatible() function (This used to be commit 743f2b8025effe57d8f075ff14a9357123c507a8) --- source3/smbd/lanman.c | 309 +++++++++++++++----------------------------------- 1 file changed, 91 insertions(+), 218 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 8bfad4ab33..0db1af6032 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -494,7 +494,7 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, /******************************************************************** Return a driver name given an snum. - Looks in a tdb first. Returns True if from tdb, False otherwise. + Returns True if from tdb, False otherwise. ********************************************************************/ static BOOL get_driver_name(int snum, pstring drivername) @@ -507,8 +507,6 @@ static BOOL get_driver_name(int snum, pstring drivername) pstrcpy( drivername, info->info_2->drivername); in_tdb = True; free_a_printer(&info, 2); - } else { - pstrcpy( drivername, lp_printerdriver(snum)); } return in_tdb; @@ -518,162 +516,83 @@ static BOOL get_driver_name(int snum, pstring drivername) Respond to the DosPrintQInfo command with a level of 52 This is used to get printer driver information for Win9x clients ********************************************************************/ -static void fill_printq_info_52(connection_struct *conn, int snum, int uLevel, - struct pack_desc* desc, - int count, print_queue_struct* queue, - print_status_struct* status) +static void fill_printq_info_52(connection_struct *conn, int snum, + struct pack_desc* desc, int count ) { - int i; - BOOL ok = False; - pstring tok,driver,datafile,langmon,helpfile,datatype; - char *p; - char **lines = NULL; - pstring gen_line; - BOOL in_tdb = False; - fstring location; - pstring drivername; - - /* - * Check in the tdb *first* before checking the legacy - * files. This allows an NT upload to take precedence over - * the existing fileset. JRA. - * - * we need to lookup the driver name prior to making the call - * to get_a_printer_driver_9x_compatible() and not rely on the - * 'print driver' parameter --jerry - */ - - - if ((get_driver_name(snum,drivername)) && - ((ok = get_a_printer_driver_9x_compatible(gen_line, drivername)) == True)) - { - in_tdb = True; - p = gen_line; - DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", drivername, gen_line)); - } - else - { - /* didn't find driver in tdb */ - - DEBUG(10,("snum: %d\nprinterdriver: [%s]\nlp_driverfile: [%s]\n", - snum, drivername, lp_driverfile(snum))); - - lines = file_lines_load(lp_driverfile(snum),NULL); - if (!lines) - { - DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum), - strerror(errno))); - desc->errcode=NERR_notsupported; - goto done; - } - - /* lookup the long printer driver name in the file description */ - for (i=0;lines[i] && !ok;i++) - { - p = lines[i]; - if (next_token(&p,tok,":",sizeof(tok)) && - (strlen(drivername) == strlen(tok)) && - (!strncmp(tok,drivername,strlen(drivername)))) - { - ok = True; - } - } + int i; + fstring location; + NT_PRINTER_DRIVER_INFO_LEVEL driver; + NT_PRINTER_INFO_LEVEL *printer = NULL; + + if ( !W_ERROR_IS_OK(get_a_printer( &printer, 2, lp_servicename(snum))) ) { + DEBUG(3,("fill_printq_info_52: Failed to lookup printer [%s]\n", + lp_servicename(snum))); + goto err; } - - if (ok) + + if ( !W_ERROR_IS_OK(get_a_printer_driver(&driver, 3, printer->info_2->drivername, + "Windows 4.0", 0)) ) { - /* driver file name */ - if (!next_token(&p,driver,":",sizeof(driver))) - goto err; - - /* data file name */ - if (!next_token(&p,datafile,":",sizeof(datafile))) - goto err; - - /* - * for the next tokens - which may be empty - I have - * to check for empty tokens first because the - * next_token function will skip all empty token - * fields */ + DEBUG(3,("fill_printq_info_52: Failed to lookup driver [%s]\n", + printer->info_2->drivername)); + goto err; + } - /* help file */ - if (*p == ':') - { - *helpfile = '\0'; - p++; - } - else if (!next_token(&p,helpfile,":",sizeof(helpfile))) - goto err; + trim_string(driver.info_3->driverpath, "\\print$\\WIN40\\0\\", 0); + trim_string(driver.info_3->datafile, "\\print$\\WIN40\\0\\", 0); + trim_string(driver.info_3->helpfile, "\\print$\\WIN40\\0\\", 0); - /* language monitor */ - if (*p == ':') - { - *langmon = '\0'; - p++; - } - else if (!next_token(&p,langmon,":",sizeof(langmon))) - goto err; + PACKI(desc, "W", 0x0400); /* don't know */ + PACKS(desc, "z", driver.info_3->name); /* long printer name */ + PACKS(desc, "z", driver.info_3->driverpath); /* Driverfile Name */ + PACKS(desc, "z", driver.info_3->datafile); /* Datafile name */ + PACKS(desc, "z", driver.info_3->monitorname); /* language monitor */ - /* default data type */ - if (!next_token(&p,datatype,":",sizeof(datatype))) - goto err; + fstrcpy(location, "\\\\"); + fstrcat(location, get_called_name()); + fstrcat(location, "\\print$\\WIN40\\0"); + PACKS(desc,"z", location); /* share to retrieve files */ - PACKI(desc,"W",0x0400); /* don't know */ - PACKS(desc,"z",drivername); /* long printer name */ - PACKS(desc,"z",driver); /* Driverfile Name */ - PACKS(desc,"z",datafile); /* Datafile name */ - PACKS(desc,"z",langmon); /* language monitor */ - if (in_tdb) - { - fstrcpy(location, "\\\\"); - fstrcat(location, global_myname); - fstrcat(location, "\\print$\\WIN40\\0"); - PACKS(desc,"z",location); /* share to retrieve files */ - } - else - { - PACKS(desc,"z",lp_driverlocation(snum)); /* share to retrieve files */ - } - PACKS(desc,"z",datatype); /* default data type */ - PACKS(desc,"z",helpfile); /* helpfile name */ - PACKS(desc,"z",driver); /* driver name */ - - DEBUG(3,("printerdriver:%s:\n",drivername)); - DEBUG(3,("Driver:%s:\n",driver)); - DEBUG(3,("Data File:%s:\n",datafile)); - DEBUG(3,("Language Monitor:%s:\n",langmon)); - if (in_tdb) - DEBUG(3,("lp_driverlocation:%s:\n",location)); - else - DEBUG(3,("lp_driverlocation:%s:\n",lp_driverlocation(snum))); - DEBUG(3,("Data Type:%s:\n",datatype)); - DEBUG(3,("Help File:%s:\n",helpfile)); - PACKI(desc,"N",count); /* number of files to copy */ - - for (i=0;i gave %d entries\n", - SERVICE(snum),count)); - - desc->errcode=NERR_Success; - goto done; + PACKS(desc,"z", driver.info_3->defaultdatatype); /* default data type */ + PACKS(desc,"z", driver.info_3->helpfile); /* helpfile name */ + PACKS(desc,"z", driver.info_3->driverpath); /* driver name */ + + DEBUG(3,("Printer Driver Name: %s:\n",driver.info_3->name)); + DEBUG(3,("Driver: %s:\n",driver.info_3->driverpath)); + DEBUG(3,("Data File: %s:\n",driver.info_3->datafile)); + DEBUG(3,("Language Monitor: %s:\n",driver.info_3->monitorname)); + DEBUG(3,("Driver Location: %s:\n",location)); + DEBUG(3,("Data Type: %s:\n",driver.info_3->defaultdatatype)); + DEBUG(3,("Help File: %s:\n",driver.info_3->helpfile)); + PACKI(desc,"N",count); /* number of files to copy */ + + for ( i=0; idependentfiles && *driver.info_3->dependentfiles[i]; i++) + { + trim_string(driver.info_3->dependentfiles[i], "\\print$\\WIN40\\0\\", 0); + PACKS(desc,"z",driver.info_3->dependentfiles[i]); /* driver files to copy */ + DEBUG(3,("Dependent File: %s:\n",driver.info_3->dependentfiles[i])); } + + /* sanity check */ + if ( i != count ) + DEBUG(3,("fill_printq_info_52: file count specified by client [%d] != number of dependent files [%i]\n", + count, i)); + + DEBUG(3,("fill_printq_info on <%s> gave %d entries\n", SERVICE(snum),i)); - err: + desc->errcode=NERR_Success; + goto done; +err: DEBUG(3,("fill_printq_info: Can't supply driver files\n")); desc->errcode=NERR_notsupported; - done: - file_lines_free(lines); +done: + if ( printer ) + free_a_printer( &printer, 2 ); + + if ( driver.info_3 ) + free_a_printer_driver( driver, 3 ); } @@ -751,88 +670,42 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, fill_printjob_info(conn,snum,uLevel == 2 ? 1 : 2,desc,&queue[i],i); } - if (uLevel==52) { - fill_printq_info_52(conn, snum, uLevel, desc, count, queue, status); - } + if (uLevel==52) + fill_printq_info_52( conn, snum, desc, count ); } /* This function returns the number of files for a given driver */ static int get_printerdrivernumber(int snum) { - int i, result = 0; - BOOL ok = False; - pstring tok; - char *p; - char **lines = NULL; - pstring gen_line; - pstring drivername; - - /* - * Check in the tdb *first* before checking the legacy - * files. This allows an NT upload to take precedence over - * the existing fileset. JRA. - * - * we need to lookup the driver name prior to making the call - * to get_a_printer_driver_9x_compatible() and not rely on the - * 'print driver' parameter --jerry - */ - - if ((get_driver_name(snum,drivername)) && - (ok = get_a_printer_driver_9x_compatible(gen_line, drivername) == True)) - { - p = gen_line; - DEBUG(10,("9x compatable driver line for [%s]: [%s]\n", drivername, gen_line)); - } - else - { - /* didn't find driver in tdb */ - - DEBUG(10,("snum: %d\nprinterdriver: [%s]\nlp_driverfile: [%s]\n", - snum, drivername, lp_driverfile(snum))); - - lines = file_lines_load(lp_driverfile(snum), NULL); - if (!lines) - { - DEBUG(3,("Can't open %s - %s\n", lp_driverfile(snum),strerror(errno))); - goto done; - } + int result = 0; + NT_PRINTER_DRIVER_INFO_LEVEL driver; + NT_PRINTER_INFO_LEVEL *printer = NULL; - /* lookup the long printer driver name in the file description */ - for (i=0;lines[i] && !ok;i++) - { - p = lines[i]; - if (next_token(&p,tok,":",sizeof(tok)) && - (strlen(drivername) == strlen(tok)) && - (!strncmp(tok,drivername,strlen(drivername)))) - { - ok = True; - } - } + if ( !W_ERROR_IS_OK(get_a_printer( &printer, 2, lp_servicename(snum))) ) { + DEBUG(3,("get_printerdrivernumber: Failed to lookup printer [%s]\n", + lp_servicename(snum))); + goto done; } - - if( ok ) - { - /* skip 5 fields */ - i = 5; - while (*p && i) { - if (*p++ == ':') i--; - } - if (!*p || i) { - DEBUG(3,("Can't determine number of printer driver files\n")); - goto done; - } - /* count the number of files */ - while (next_token(&p,tok,",",sizeof(tok))) - i++; - - result = i; + if ( !W_ERROR_IS_OK(get_a_printer_driver(&driver, 3, printer->info_2->drivername, + "Windows 4.0", 0)) ) + { + DEBUG(3,("get_printerdrivernumber: Failed to lookup driver [%s]\n", + printer->info_2->drivername)); + goto done; } - + + /* count the number of files */ + while ( driver.info_3->dependentfiles && *driver.info_3->dependentfiles[result] ) + result++; + \ done: - - file_lines_free(lines); - + if ( printer ) + free_a_printer( &printer, 2 ); + + if ( driver.info_3 ) + free_a_printer_driver( driver, 3 ); + return result; } -- cgit From 56dc17378b978f02f8397071021be5bf9a88b6a4 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 1 Nov 2002 22:17:19 +0000 Subject: Merges from HEAD: - off-by-one fix - fixes warnings about insufficent space in buffer. - fix a memleak in uid.c - we forgot to free() the allocated struct. (This used to be commit b8951a6551b352e4aac7e8b0ecf7fec3f2d9634e) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 0db1af6032..d8c1cc6f60 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -72,7 +72,7 @@ static int CopyExpanded(connection_struct *conn, StrnCpy(buf,src,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); standard_sub_conn(conn,buf,sizeof(buf)); - l = push_ascii(*dst,buf,*n-1, STR_TERMINATE); + l = push_ascii(*dst,buf,*n, STR_TERMINATE); (*dst) += l; (*n) -= l; return l; -- cgit From 6d7195d1d79c43f5ccc8dc4a9215c02177d5fa89 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 2 Nov 2002 03:47:48 +0000 Subject: Merge passdb from HEAD -> 3.0 The work here includes: - metze' set/changed patch, which avoids making changes to ldap on unmodified attributes. - volker's group mapping in passdb patch - volker's samsync stuff - volkers SAMR changes. - mezte's connection caching patch - my recent changes (fix magic root check, ldap ssl) Andrew Bartlett (This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index d8c1cc6f60..7ab1be9dd9 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1651,7 +1651,7 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c return False; /* get list of domain groups SID_DOMAIN_GRP=2 */ - if(!enum_group_mapping(SID_NAME_DOM_GRP , &group_list, &num_entries, False, False)) { + if(!pdb_enum_group_mapping(SID_NAME_DOM_GRP , &group_list, &num_entries, False, False)) { DEBUG(3,("api_RNetGroupEnum:failed to get group list")); return False; } -- cgit From 2f194322d419350f35a48dff750066894d68eccf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 12 Nov 2002 23:20:50 +0000 Subject: Removed global_myworkgroup, global_myname, global_myscope. Added liberal dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89) --- source3/smbd/lanman.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 7ab1be9dd9..6a031dde6f 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -33,8 +33,6 @@ #define CHECK_TYPES 0 extern fstring local_machine; -extern pstring global_myname; -extern fstring global_myworkgroup; #define NERR_Success 0 #define NERR_badpass 86 @@ -960,7 +958,7 @@ struct srv_info_struct ******************************************************************/ static int get_server_info(uint32 servertype, struct srv_info_struct **servers, - char *domain) + const char *domain) { int count=0; int alloced=0; @@ -985,7 +983,7 @@ static int get_server_info(uint32 servertype, for (i=0;lines[i];i++) { fstring stype; struct srv_info_struct *s; - char *ptr = lines[i]; + const char *ptr = lines[i]; BOOL ok = True; if (!*ptr) continue; @@ -1010,7 +1008,7 @@ static int get_server_info(uint32 servertype, if (!next_token(&ptr,s->comment, NULL, sizeof(s->comment))) continue; if (!next_token(&ptr,s->domain , NULL, sizeof(s->domain))) { /* this allows us to cope with an old nmbd */ - pstrcpy(s->domain,global_myworkgroup); + pstrcpy(s->domain,lp_workgroup()); } if (sscanf(stype,"%X",&s->type) != 1) { @@ -1206,7 +1204,7 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param if (strcmp(str1, "WrLehDz") == 0) { pull_ascii_fstring(domain, p); } else { - fstrcpy(domain, global_myworkgroup); + fstrcpy(domain, lp_workgroup()); } if (lp_browse_list()) @@ -2311,7 +2309,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par pstrcpy(comment,string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH)); - if ((count=get_server_info(SV_TYPE_ALL,&servers,global_myworkgroup))>0) { + if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) { for (i=0;ilogon_script ? vuser->logon_script :""); /* script path */ -- cgit From c64d762997c80bd9ad2d47d1799cf9ec870d455a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 15 Nov 2002 21:43:57 +0000 Subject: Updates from HEAD: - const for PACKS() in lanman.c - change auth to 'account before password' - add help to net rpc {vampire,samsync} - configure updates for sun workshop cc - become_root() around pdb_ calls in auth_util for guest login. Andrew Bartlett (This used to be commit 43e90eb6e331d478013a9c038292f245edc51bd0) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 6a031dde6f..43b5d9e55f 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -218,7 +218,7 @@ static int package(struct pack_desc* p, ...) { va_list args; int needed=0, stringneeded; - char* str=NULL; + const char* str=NULL; int is_string=0, stringused; int32 temp; @@ -334,7 +334,7 @@ static void PACKI(struct pack_desc* desc,char *t,int v) PACK(desc,t,v); } -static void PACKS(struct pack_desc* desc,char *t,char *v) +static void PACKS(struct pack_desc* desc,const char *t,const char *v) { PACK(desc,t,v); } -- cgit From 634c54310c92c48dd4eceec602e230a021bdcfc5 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 3 Jan 2003 08:28:12 +0000 Subject: Merge from HEAD - make Samba compile with -Wwrite-strings without additional warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c) --- source3/smbd/lanman.c | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 43b5d9e55f..7a667c378d 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -109,14 +109,14 @@ static char* Expand(connection_struct *conn, int snum, char* s) /******************************************************************* check a API string for validity when we only need to check the prefix ******************************************************************/ -static BOOL prefix_ok(char *str,char *prefix) +static BOOL prefix_ok(const char *str, const char *prefix) { return(strncmp(str,prefix,strlen(prefix)) == 0); } struct pack_desc { - char* format; /* formatstring for structure */ - char* subformat; /* subformat for structure */ + const char* format; /* formatstring for structure */ + const char* subformat; /* subformat for structure */ char* base; /* baseaddress of buffer */ int buflen; /* remaining size for fixed part; on init: length of base */ int subcount; /* count of substructures */ @@ -125,11 +125,11 @@ struct pack_desc { char* stringbuf; /* pointer into buffer for remaining variable part */ int neededlen; /* total needed size */ int usedlen; /* total used size (usedlen <= neededlen and usedlen <= buflen) */ - char* curpos; /* current position; pointer into format or subformat */ + const char* curpos; /* current position; pointer into format or subformat */ int errcode; }; -static int get_counter(char** p) +static int get_counter(const char** p) { int i, n; if (!p || !(*p)) return(1); @@ -144,7 +144,7 @@ static int get_counter(char** p) } } -static int getlen(char* p) +static int getlen(const char* p) { int n = 0; if (!p) return(0); @@ -329,7 +329,7 @@ static int package(struct pack_desc* p, ...) #define PACKl(desc,t,v,l) package(desc,v,l) #endif -static void PACKI(struct pack_desc* desc,char *t,int v) +static void PACKI(struct pack_desc* desc, const char *t,int v) { PACK(desc,t,v); } @@ -1704,7 +1704,7 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para char *UserName = skip_string(str2,1); char *p = skip_string(UserName,1); int uLevel = SVAL(p,0); - char *p2; + const char *level_string; int count=0; *rparam_len = 8; @@ -1715,13 +1715,13 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para return False; switch( uLevel ) { case 0: - p2 = "B21"; + level_string = "B21"; break; default: return False; } - if (strcmp(p2,str2) != 0) + if (strcmp(level_string,str2) != 0) return False; *rdata_len = mdrcnt + 1024; @@ -2602,6 +2602,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param char *p = skip_string(UserName,1); int uLevel = SVAL(p,0); char *p2; + const char *level_string; /* get NIS home of a previously validated user - simeon */ /* With share level security vuid will always be zero. @@ -2620,15 +2621,15 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param if (strcmp(str1,"zWrLh") != 0) return False; switch( uLevel ) { - case 0: p2 = "B21"; break; - case 1: p2 = "B21BB16DWzzWz"; break; - case 2: p2 = "B21BB16DWzzWzDzzzzDDDDWb21WWzWW"; break; - case 10: p2 = "B21Bzzz"; break; - case 11: p2 = "B21BzzzWDDzzDDWWzWzDWb21W"; break; + case 0: level_string = "B21"; break; + case 1: level_string = "B21BB16DWzzWz"; break; + case 2: level_string = "B21BB16DWzzWzDzzzzDDDDWb21WWzWW"; break; + case 10: level_string = "B21Bzzz"; break; + case 11: level_string = "B21BzzzWDDzzDDWWzWzDWb21W"; break; default: return False; } - if (strcmp(p2,str2) != 0) return False; + if (strcmp(level_string,str2) != 0) return False; *rdata_len = mdrcnt + 1024; *rdata = REALLOC(*rdata,*rdata_len); @@ -3425,9 +3426,9 @@ static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param,cha -const static struct +static const struct { - char *name; + const char *name; int id; BOOL (*fn)(connection_struct *,uint16,char *,char *, int,int,char **,char **,int *,int *); -- cgit From e3ed8eaa2fd47a72c7b89d769ee594f238130ff7 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 4 Jan 2003 08:45:17 +0000 Subject: Merge from HEAD - move user password changes into the NTSTATUS era, and add suppport for the 'min password age' and 'min passwd len' concepts. (This used to be commit d9417b08d1b649e598b44135bc57008f4e4f7769) --- source3/smbd/lanman.c | 22 ++-------------------- 1 file changed, 2 insertions(+), 20 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 7a667c378d..61288e0167 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1930,25 +1930,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param DATA_BLOB password = data_blob(pass1, strlen(pass1)+1); if (NT_STATUS_IS_OK(check_plaintext_password(user,password,&server_info))) { - /* - * If unix password sync was requested, attempt to change - * the /etc/passwd database first. Return failure if this cannot - * be done. - * - * This occurs before the oem change, becouse we don't want to - * update it if chgpasswd failed. - * - * Conditional on lp_unix_password_sync() becouse we don't want - * to touch the unix db unless we have admin permission. - */ - - if(lp_unix_password_sync() && IS_SAM_UNIX_USER(server_info->sam_account) - && !chgpasswd(pdb_get_username(server_info->sam_account), - pass1,pass2,False)) { - SSVAL(*rparam,0,NERR_badpass); - } - - if (change_oem_password(server_info->sam_account,pass2)) + if (NT_STATUS_IS_OK(change_oem_password(server_info->sam_account, pass1, pass2))) { SSVAL(*rparam,0,NERR_Success); } @@ -2031,7 +2013,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * (void)map_username(user); - if (pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL)) + if (NT_STATUS_IS_OK(pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL))) { SSVAL(*rparam,0,NERR_Success); } -- cgit From 61b65aad1361e221828c7eabfdd16b42b1643eb3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 14 Jan 2003 07:49:15 +0000 Subject: Merge from HEAD - eliminated unused arguments. Andrew Bartlett (This used to be commit 6dd474d8451d39e580834089d7c3614059558354) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 61288e0167..b1dfa68fec 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1955,7 +1955,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param SAM_ACCOUNT *hnd = NULL; if (check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd) && - change_lanman_password(hnd,(unsigned char *)pass1,(unsigned char *)pass2)) + change_lanman_password(hnd,pass2)) { SSVAL(*rparam,0,NERR_Success); } -- cgit From 27b7e51a3cc619f879655a3230611457ac43b9e7 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 14 Jan 2003 08:53:59 +0000 Subject: Merge from HEAD: - fstring/pstring mixups - the detection code that found them (disabled) - a bit of whitespace - a static Andrew Bartlett (This used to be commit 9b70fa868e7d9481f584c83fc4046174e1dedfd9) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index b1dfa68fec..25f390be55 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1008,7 +1008,7 @@ static int get_server_info(uint32 servertype, if (!next_token(&ptr,s->comment, NULL, sizeof(s->comment))) continue; if (!next_token(&ptr,s->domain , NULL, sizeof(s->domain))) { /* this allows us to cope with an old nmbd */ - pstrcpy(s->domain,lp_workgroup()); + fstrcpy(s->domain,lp_workgroup()); } if (sscanf(stype,"%X",&s->type) != 1) { -- cgit From 23b3b29eec61860155404333f6e70ebd24b50940 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 25 Feb 2003 20:53:53 +0000 Subject: Progress on CR 601 cache the printer_info_2 with the open printer handle. cache is invalidated on a mod_a_printer() call **on that smbd**. Yes, this means that the window for admins to step on each other from different clients just got larger, but since handles a generally short lived this is probably ok. (This used to be commit 31272d3b6bb9ec62fd666301c7adfa0c1720a99b) --- source3/smbd/lanman.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 25f390be55..98857c6d32 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -500,7 +500,7 @@ static BOOL get_driver_name(int snum, pstring drivername) NT_PRINTER_INFO_LEVEL *info = NULL; BOOL in_tdb = False; - get_a_printer (&info, 2, lp_servicename(snum)); + get_a_printer (NULL, &info, 2, lp_servicename(snum)); if (info != NULL) { pstrcpy( drivername, info->info_2->drivername); in_tdb = True; @@ -522,7 +522,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, NT_PRINTER_DRIVER_INFO_LEVEL driver; NT_PRINTER_INFO_LEVEL *printer = NULL; - if ( !W_ERROR_IS_OK(get_a_printer( &printer, 2, lp_servicename(snum))) ) { + if ( !W_ERROR_IS_OK(get_a_printer( NULL, &printer, 2, lp_servicename(snum))) ) { DEBUG(3,("fill_printq_info_52: Failed to lookup printer [%s]\n", lp_servicename(snum))); goto err; @@ -679,7 +679,7 @@ static int get_printerdrivernumber(int snum) NT_PRINTER_DRIVER_INFO_LEVEL driver; NT_PRINTER_INFO_LEVEL *printer = NULL; - if ( !W_ERROR_IS_OK(get_a_printer( &printer, 2, lp_servicename(snum))) ) { + if ( !W_ERROR_IS_OK(get_a_printer( NULL, &printer, 2, lp_servicename(snum))) ) { DEBUG(3,("get_printerdrivernumber: Failed to lookup printer [%s]\n", lp_servicename(snum))); goto done; -- cgit From 75a5c0b307a79536316b651273d3f6983323f5ce Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 18 Jun 2003 15:24:10 +0000 Subject: Ok, this patch removes the privilege stuff we had in, unused, for some time. The code was nice, but put in the wrong place (group mapping) and not supported by most of the code, thus useless. We will put back most of the code when our infrastructure will be changed so that privileges actually really make sense to be set. This is a first patch of a set to enhance all our mapping code cleaness and stability towards a sane next beta for 3.0 code base Simo. (This used to be commit e341e7c49f8c17a9ee30ca3fab3aa0397c1f0c7e) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 98857c6d32..6976a06684 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1649,7 +1649,7 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c return False; /* get list of domain groups SID_DOMAIN_GRP=2 */ - if(!pdb_enum_group_mapping(SID_NAME_DOM_GRP , &group_list, &num_entries, False, False)) { + if(!pdb_enum_group_mapping(SID_NAME_DOM_GRP , &group_list, &num_entries, False)) { DEBUG(3,("api_RNetGroupEnum:failed to get group list")); return False; } -- cgit From ce72beb2b558d86fb49063c6b1fa00e07952ce56 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 3 Jul 2003 19:11:31 +0000 Subject: Removed strupper/strlower macros that automatically map to strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959) --- source3/smbd/lanman.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 6976a06684..04d6a9a8a8 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2367,7 +2367,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */ pstrcpy(p2,local_machine); - strupper(p2); + strupper_m(p2); p2 = skip_string(p2,1); p += 4; @@ -2378,7 +2378,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */ pstrcpy(p2,lp_workgroup()); - strupper(p2); + strupper_m(p2); p2 = skip_string(p2,1); p += 4; @@ -2788,7 +2788,7 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param fstring mypath; fstrcpy(mypath,"\\\\"); fstrcat(mypath,local_machine); - strupper(mypath); + strupper_m(mypath); PACKS(&desc,"z",mypath); /* computer */ } PACKS(&desc,"z",lp_workgroup());/* domain */ @@ -3007,7 +3007,7 @@ static void fill_printdest_info(connection_struct *conn, int snum, int uLevel, char buf[100]; strncpy(buf,SERVICE(snum),sizeof(buf)-1); buf[sizeof(buf)-1] = 0; - strupper(buf); + strupper_m(buf); if (uLevel <= 1) { PACKS(desc,"B9",buf); /* szName */ if (uLevel == 1) { -- cgit From ba12e6bb5fcfbf4bdba8f2c38978d38e1f857286 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 31 Jul 2003 01:33:44 +0000 Subject: Wrap calls to change_oem_password() in become_root()/unbecome_root() pairs to allow UNIX password change scripts to work correctly. This is safe as the old password has been checked as correct before invoking this. Jeremy. (This used to be commit 1734d43eb55561d46a6ffb5d806afedfd3746f9f) --- source3/smbd/lanman.c | 112 +++++++++++++++++++++++++------------------------- 1 file changed, 57 insertions(+), 55 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 04d6a9a8a8..a5f7a7b2ea 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1897,76 +1897,78 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *p = skip_string(param+2,2); - fstring user; - fstring pass1,pass2; + char *p = skip_string(param+2,2); + fstring user; + fstring pass1,pass2; - pull_ascii_fstring(user,p); + pull_ascii_fstring(user,p); - p = skip_string(p,1); + p = skip_string(p,1); - memset(pass1,'\0',sizeof(pass1)); - memset(pass2,'\0',sizeof(pass2)); - memcpy(pass1,p,16); - memcpy(pass2,p+16,16); + memset(pass1,'\0',sizeof(pass1)); + memset(pass2,'\0',sizeof(pass2)); + memcpy(pass1,p,16); + memcpy(pass2,p+16,16); - *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam_len = 4; + *rparam = REALLOC(*rparam,*rparam_len); - *rdata_len = 0; + *rdata_len = 0; - SSVAL(*rparam,0,NERR_badpass); - SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,0,NERR_badpass); + SSVAL(*rparam,2,0); /* converter word */ - DEBUG(3,("Set password for <%s>\n",user)); + DEBUG(3,("Set password for <%s>\n",user)); - /* - * Attempt to verify the old password against smbpasswd entries - * Win98 clients send old and new password in plaintext for this call. - */ + /* + * Attempt to verify the old password against smbpasswd entries + * Win98 clients send old and new password in plaintext for this call. + */ - { - auth_serversupplied_info *server_info = NULL; - DATA_BLOB password = data_blob(pass1, strlen(pass1)+1); - if (NT_STATUS_IS_OK(check_plaintext_password(user,password,&server_info))) { - - if (NT_STATUS_IS_OK(change_oem_password(server_info->sam_account, pass1, pass2))) - { - SSVAL(*rparam,0,NERR_Success); - } - - free_server_info(&server_info); - } - data_blob_clear_free(&password); - } + { + auth_serversupplied_info *server_info = NULL; + DATA_BLOB password = data_blob(pass1, strlen(pass1)+1); - /* - * If the plaintext change failed, attempt - * the old encrypted method. NT will generate this - * after trying the samr method. Note that this - * method is done as a last resort as this - * password change method loses the NT password hash - * and cannot change the UNIX password as no plaintext - * is received. - */ + if (NT_STATUS_IS_OK(check_plaintext_password(user,password,&server_info))) { - if(SVAL(*rparam,0) != NERR_Success) - { - SAM_ACCOUNT *hnd = NULL; + become_root(); + if (NT_STATUS_IS_OK(change_oem_password(server_info->sam_account, pass1, pass2))) { + SSVAL(*rparam,0,NERR_Success); + } + unbecome_root(); - if (check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd) && - change_lanman_password(hnd,pass2)) - { - SSVAL(*rparam,0,NERR_Success); - } - pdb_free_sam(&hnd); - } + free_server_info(&server_info); + } + data_blob_clear_free(&password); + } + /* + * If the plaintext change failed, attempt + * the old encrypted method. NT will generate this + * after trying the samr method. Note that this + * method is done as a last resort as this + * password change method loses the NT password hash + * and cannot change the UNIX password as no plaintext + * is received. + */ + + if(SVAL(*rparam,0) != NERR_Success) { + SAM_ACCOUNT *hnd = NULL; - memset((char *)pass1,'\0',sizeof(fstring)); - memset((char *)pass2,'\0',sizeof(fstring)); + if (check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd)) { + become_root(); + if (change_lanman_password(hnd,pass2)) { + SSVAL(*rparam,0,NERR_Success); + } + unbecome_root(); + pdb_free_sam(&hnd); + } + } + + memset((char *)pass1,'\0',sizeof(fstring)); + memset((char *)pass2,'\0',sizeof(fstring)); - return(True); + return(True); } /**************************************************************************** -- cgit From 062f89bc2833bf49f873a7fd5c2624babd702db0 Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Fri, 15 Aug 2003 01:42:30 +0000 Subject: get rid of some sompiler warnings on IRIX (This used to be commit a6a39c61e8228c8b3b7552ab3c61ec3a6a639143) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index a5f7a7b2ea..7fcf25d7c9 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1957,7 +1957,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if (check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd)) { become_root(); - if (change_lanman_password(hnd,pass2)) { + if (change_lanman_password(hnd,(uchar *)pass2)) { SSVAL(*rparam,0,NERR_Success); } unbecome_root(); -- cgit From 49e66508f271c5d548a045a1297652ed5b03494c Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 19 Aug 2003 04:17:21 +0000 Subject: Fix BUG #314: api_netUserGetGRoups() was failing prematurely (also fixed the call to return the real groups and not a mocked up list) Fixed simple compiler warning in srv_lsa_ds.c (This used to be commit 6b0e38e01a44d87b844d973318accc456abef857) --- source3/smbd/lanman.c | 66 +++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 59 insertions(+), 7 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 7fcf25d7c9..0d5bc3a9ab 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1706,13 +1706,24 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para int uLevel = SVAL(p,0); const char *level_string; int count=0; + SAM_ACCOUNT *sampw = NULL; + BOOL ret = False; + DOM_GID *gids = NULL; + int num_groups = 0; + int i; + fstring grp_domain; + fstring grp_name; + enum SID_NAME_USE grp_type; + DOM_SID sid, dom_sid; *rparam_len = 8; *rparam = REALLOC(*rparam,*rparam_len); /* check it's a supported varient */ - if (!strcmp(str1,"zWrLeh")) + + if ( strcmp(str1,"zWrLeh") != 0 ) return False; + switch( uLevel ) { case 0: level_string = "B21"; @@ -1732,18 +1743,59 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para p = *rdata; - /* XXXX we need a real SAM database some day */ - pstrcpy(p,"Users"); p += 21; count++; - pstrcpy(p,"Domain Users"); p += 21; count++; - pstrcpy(p,"Guests"); p += 21; count++; - pstrcpy(p,"Domain Guests"); p += 21; count++; + /* Lookup the user information; This should only be one of + our accounts (not remote domains) */ + + pdb_init_sam( &sampw ); + + become_root(); /* ROOT BLOCK */ + + if ( !pdb_getsampwnam(sampw, UserName) ) + goto out; + /* this next set of code is horribly inefficient, but since + it is rarely called, I'm going to leave it like this since + it easier to follow --jerry */ + + /* get the list of group SIDs */ + + if ( !get_domain_user_groups(conn->mem_ctx, &num_groups, &gids, sampw) ) { + DEBUG(1,("api_NetUserGetGroups: get_domain_user_groups() failed!\n")); + goto out; + } + + /* convert to names (we don't support universal groups so the domain + can only be ours) */ + + sid_copy( &dom_sid, get_global_sam_sid() ); + for (i=0; i Date: Thu, 4 Sep 2003 18:02:17 +0000 Subject: Fix UNIX passwd sync properly. I've finally understood the as_root parameter has bugger all to do with who you *currently* are, and everything to do with who you run the script as. Doh ! Jeremy. (This used to be commit 17a241d9f788b63fec091001cb72d34c09cf32a4) --- source3/smbd/lanman.c | 63 +++++++++++++++++++++++++-------------------------- 1 file changed, 31 insertions(+), 32 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 0d5bc3a9ab..b27ccc23ef 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1984,7 +1984,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if (NT_STATUS_IS_OK(check_plaintext_password(user,password,&server_info))) { become_root(); - if (NT_STATUS_IS_OK(change_oem_password(server_info->sam_account, pass1, pass2))) { + if (NT_STATUS_IS_OK(change_oem_password(server_info->sam_account, pass1, pass2, False))) { SSVAL(*rparam,0,NERR_Success); } unbecome_root(); @@ -2032,47 +2032,46 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - fstring user; - char *p = param + 2; - *rparam_len = 2; - *rparam = REALLOC(*rparam,*rparam_len); + fstring user; + char *p = param + 2; + *rparam_len = 2; + *rparam = REALLOC(*rparam,*rparam_len); - *rdata_len = 0; + *rdata_len = 0; - SSVAL(*rparam,0,NERR_badpass); + SSVAL(*rparam,0,NERR_badpass); - /* - * Check the parameter definition is correct. - */ - if(!strequal(param + 2, "zsT")) { - DEBUG(0,("api_SamOEMChangePassword: Invalid parameter string %s\n", param + 2)); - return False; - } - p = skip_string(p, 1); + /* + * Check the parameter definition is correct. + */ - if(!strequal(p, "B516B16")) { - DEBUG(0,("api_SamOEMChangePassword: Invalid data parameter string %s\n", p)); - return False; - } - p = skip_string(p,1); + if(!strequal(param + 2, "zsT")) { + DEBUG(0,("api_SamOEMChangePassword: Invalid parameter string %s\n", param + 2)); + return False; + } + p = skip_string(p, 1); - p += pull_ascii_fstring(user,p); + if(!strequal(p, "B516B16")) { + DEBUG(0,("api_SamOEMChangePassword: Invalid data parameter string %s\n", p)); + return False; + } + p = skip_string(p,1); + p += pull_ascii_fstring(user,p); - DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user)); + DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user)); - /* - * Pass the user through the NT -> unix user mapping - * function. - */ + /* + * Pass the user through the NT -> unix user mapping + * function. + */ - (void)map_username(user); + (void)map_username(user); - if (NT_STATUS_IS_OK(pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL))) - { - SSVAL(*rparam,0,NERR_Success); - } + if (NT_STATUS_IS_OK(pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL))) { + SSVAL(*rparam,0,NERR_Success); + } - return(True); + return(True); } /**************************************************************************** -- cgit From c19e1d51e041e298cb7241cde4c635a003a66391 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 16 Oct 2003 00:45:17 +0000 Subject: Ensure error code path doesn't free unmalloced memory. Bug #628. Jeremy. (This used to be commit d817716519e1b2a619a46563ca44812a020a769a) --- source3/smbd/lanman.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index b27ccc23ef..30934d0b3a 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -522,6 +522,8 @@ static void fill_printq_info_52(connection_struct *conn, int snum, NT_PRINTER_DRIVER_INFO_LEVEL driver; NT_PRINTER_INFO_LEVEL *printer = NULL; + ZERO_STRUCT(driver); + if ( !W_ERROR_IS_OK(get_a_printer( NULL, &printer, 2, lp_servicename(snum))) ) { DEBUG(3,("fill_printq_info_52: Failed to lookup printer [%s]\n", lp_servicename(snum))); @@ -679,6 +681,8 @@ static int get_printerdrivernumber(int snum) NT_PRINTER_DRIVER_INFO_LEVEL driver; NT_PRINTER_INFO_LEVEL *printer = NULL; + ZERO_STRUCT(driver); + if ( !W_ERROR_IS_OK(get_a_printer( NULL, &printer, 2, lp_servicename(snum))) ) { DEBUG(3,("get_printerdrivernumber: Failed to lookup printer [%s]\n", lp_servicename(snum))); -- cgit From 472df57e7b525b4e2d453a19d26800fcfb3d1aa6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 27 Oct 2003 20:09:15 +0000 Subject: Missing UNIX -> DOS codepage conversion. Fix from Alexander Bokovoy . Jeremy. (This used to be commit 8b9b635bd2759642c25fe0cea5eefbbe5af44193) --- source3/smbd/lanman.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 30934d0b3a..3ea6ab483b 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2346,15 +2346,15 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par pstring comment; uint32 servertype= lp_default_server_announce(); - pstrcpy(comment,string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH)); + push_ascii(comment,lp_serverstring(), MAX_SERVER_STRING_LENGTH,STR_TERMINATE); if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) { - for (i=0;i Date: Mon, 24 Nov 2003 17:31:38 +0000 Subject: more access fixes for group enumeration in LDAP; bug 281 (This used to be commit 68283407e0f366d8315f4be6caed67eb6fe84b85) --- source3/smbd/lanman.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 3ea6ab483b..c53889a7a4 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1635,6 +1635,7 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c char *str1 = param+2; char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); + BOOL ret; GROUP_MAP *group_list; int num_entries; @@ -1653,8 +1654,12 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c return False; /* get list of domain groups SID_DOMAIN_GRP=2 */ - if(!pdb_enum_group_mapping(SID_NAME_DOM_GRP , &group_list, &num_entries, False)) { - DEBUG(3,("api_RNetGroupEnum:failed to get group list")); + become_root(); + ret = pdb_enum_group_mapping(SID_NAME_DOM_GRP , &group_list, &num_entries, False); + unbecome_root(); + + if( !ret ) { + DEBUG(3,("api_RNetGroupEnum:failed to get group list")); return False; } -- cgit From a0cefa62e68212165d41aebca4d807c3c38529f9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 28 Jan 2004 23:41:55 +0000 Subject: Merge of Chris's fix. Jeremy. (This used to be commit 1a7714ea32300ba0e48f275addcf2e1f272a96ed) --- source3/smbd/lanman.c | 42 +++++++++++++++++++++++++++++++----------- 1 file changed, 31 insertions(+), 11 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index c53889a7a4..c4df84e76c 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1465,12 +1465,24 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *para } /**************************************************************************** - view list of shares available - ****************************************************************************/ -static BOOL api_RNetShareEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) + View the list of available shares. + + This function is the server side of the NetShareEnum() RAP call. + It fills the return buffer with share names and share comments. + Note that the return buffer normally (in all known cases) allows only + twelve byte strings for share names (plus one for a nul terminator). + Share names longer than 12 bytes must be skipped. + ****************************************************************************/ +static BOOL api_RNetShareEnum( connection_struct *conn, + uint16 vuid, + char *param, + char *data, + int mdrcnt, + int mprcnt, + char **rdata, + char **rparam, + int *rdata_len, + int *rparam_len ) { char *str1 = param+2; char *str2 = skip_string(str1,1); @@ -1490,7 +1502,9 @@ static BOOL api_RNetShareEnum(connection_struct *conn,uint16 vuid, char *param,c data_len = fixed_len = string_len = 0; for (i=0;i Date: Fri, 28 May 2004 00:41:08 +0000 Subject: r931: Ensure we push 16 bytes (including null termination) not 15. (This used to be commit 1d3fd1a58e0a8b08fe028ceee03618180c7d4b97) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index c4df84e76c..dd9708356e 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1121,11 +1121,11 @@ static int fill_srv_info(struct srv_info_struct *service, switch (uLevel) { case 0: - push_ascii(p,service->name, 15, STR_TERMINATE); + push_ascii(p,service->name, MAX_NETBIOSNAME_LEN, STR_TERMINATE); break; case 1: - push_ascii(p,service->name,15, STR_TERMINATE); + push_ascii(p,service->name,MAX_NETBIOSNAME_LEN, STR_TERMINATE); SIVAL(p,18,service->type); SIVAL(p,22,PTR_DIFF(p2,baseaddr)); len += CopyAndAdvance(&p2,service->comment,&l2); -- cgit From 2d5bf9ec40dbae68ced924604e180f6669b80670 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Mon, 27 Sep 2004 17:07:28 +0000 Subject: r2697: Fix for bugzilla #1732, patch by Satoh Fumiyasu, fumiya@samba.gr.jp Limit share names returned by RAP based on windows character width, not unix character width. (This used to be commit 5d57058d912a42d55879352e904f0bcaa6531075) --- source3/smbd/lanman.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index dd9708356e..524c982998 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1501,10 +1501,12 @@ static BOOL api_RNetShareEnum( connection_struct *conn, if (!check_share_info(uLevel,str2)) return False; data_len = fixed_len = string_len = 0; - for (i=0;i Date: Fri, 1 Oct 2004 20:34:12 +0000 Subject: r2768: BUG 1519: save the hostname used in the open_printer_ex() for later reuse when filling in the spolss replies (also gets rid of get_called_name() (This used to be commit 57db8ca91f52329c7f8985c04463b6b69015b0c4) --- source3/smbd/lanman.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 524c982998..8b07f0e305 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -548,9 +548,8 @@ static void fill_printq_info_52(connection_struct *conn, int snum, PACKS(desc, "z", driver.info_3->datafile); /* Datafile name */ PACKS(desc, "z", driver.info_3->monitorname); /* language monitor */ - fstrcpy(location, "\\\\"); - fstrcat(location, get_called_name()); - fstrcat(location, "\\print$\\WIN40\\0"); + fstrcpy(location, "\\\\%L\\print$\\WIN40\\0"); + standard_sub_basic( NULL, location, sizeof(location)-1 ); PACKS(desc,"z", location); /* share to retrieve files */ PACKS(desc,"z", driver.info_3->defaultdatatype); /* default data type */ -- cgit From c53e6401eb3de7fa4abc85c25f8672b624cf2c66 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 18 Oct 2004 19:57:03 +0000 Subject: r3049: fixing some calls in the printing code to stanard_sub_basic(); fix standard_sub_snum() to use the current user's gid; add some (snum == -1) checks to standard_sub_advanced() (This used to be commit 8c3fd1908d201e9891878ff4c3259ed9690dff97) --- source3/smbd/lanman.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 8b07f0e305..610ee45120 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -441,7 +441,7 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, /* the client expects localtime */ t -= TimeDiff(t); - PACKI(desc,"W",pjobid_to_rap(snum,queue->job)); /* uJobId */ + PACKI(desc,"W",pjobid_to_rap(lp_const_servicename(snum),queue->job)); /* uJobId */ if (uLevel == 1) { PACKS(desc,"B21",queue->fs_user); /* szUserName */ PACKS(desc,"B",""); /* pad */ @@ -549,7 +549,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, PACKS(desc, "z", driver.info_3->monitorname); /* language monitor */ fstrcpy(location, "\\\\%L\\print$\\WIN40\\0"); - standard_sub_basic( NULL, location, sizeof(location)-1 ); + standard_sub_basic( "", location, sizeof(location)-1 ); PACKS(desc,"z", location); /* share to retrieve files */ PACKS(desc,"z", driver.info_3->defaultdatatype); /* default data type */ @@ -2122,11 +2122,12 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param char *p = skip_string(str2,1); uint32 jobid; int snum; + fstring sharename; int errcode; extern struct current_user current_user; WERROR werr = WERR_OK; - if(!rap_to_pjobid(SVAL(p,0),&snum,&jobid)) + if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) return False; /* check it's a supported varient */ @@ -2137,7 +2138,7 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param *rparam = REALLOC(*rparam,*rparam_len); *rdata_len = 0; - if (!print_job_exists(snum, jobid)) { + if (!print_job_exists(sharename, jobid)) { errcode = NERR_JobNotFound; goto out; } @@ -2257,11 +2258,12 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha char *p = skip_string(str2,1); uint32 jobid; int snum; + fstring sharename; int uLevel = SVAL(p,2); int function = SVAL(p,4); int place, errcode; - if(!rap_to_pjobid(SVAL(p,0),&snum,&jobid)) + if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) return False; *rparam_len = 4; *rparam = REALLOC(*rparam,*rparam_len); @@ -2273,7 +2275,7 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha (!check_printjob_info(&desc,uLevel,str2))) return(False); - if (!print_job_exists(snum, jobid)) { + if (!print_job_exists(sharename, jobid)) { errcode=NERR_JobNotFound; goto out; } @@ -2939,6 +2941,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para int count; int i; int snum; + fstring sharename; uint32 jobid; struct pack_desc desc; print_queue_struct *queue=NULL; @@ -2956,7 +2959,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para if (strcmp(str1,"WWrLh") != 0) return False; if (!check_printjob_info(&desc,uLevel,str2)) return False; - if(!rap_to_pjobid(SVAL(p,0),&snum,&jobid)) + if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) return False; if (snum < 0 || !VALID_SNUM(snum)) return(False); -- cgit From a4fab4d51a1c201810414a5b21b9d7bec4442646 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 11 Nov 2004 17:40:49 +0000 Subject: r3682: fix seg fault in lanman printing code caused by uninitialized variable (This used to be commit c52e663c4a32b975796383834b2c04796daf8f29) --- source3/smbd/lanman.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 610ee45120..e7aa05b54a 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2267,6 +2267,12 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha return False; *rparam_len = 4; *rparam = REALLOC(*rparam,*rparam_len); + + if ( (snum = lp_servicenumber(sharename)) == -1 ) { + DEBUG(0,("api_PrintJobInfo: unable to get service number from sharename [%s]\n", + sharename)); + return False; + } *rdata_len = 0; -- cgit From f9e87b9ba65f37bafa45eacb1a6c9b8c5483d46b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 12 Nov 2004 15:49:47 +0000 Subject: r3705: Nobody has commented, so I'll take this as an ack... abartlet, I'd like to ask you to take a severe look at this! We have solved the problem to find the global groups a user is in twice: Once in auth_util.c and another time for the corresponding samr call. The attached patch unifies these and sends them through the passdb backend (new function pdb_enum_group_memberships). Thus it gives pdb_ldap.c the chance to further optimize the corresponding call if the samba and posix accounts are unified by issuing a specialized ldap query. The parameter to activate this ldapsam behaviour is ldapsam:trusted = yes Volker (This used to be commit b94838aff1a009f8d8c2c3efd48756a5b8f3f989) --- source3/smbd/lanman.c | 45 ++++++++++++++++++++++----------------------- 1 file changed, 22 insertions(+), 23 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index e7aa05b54a..1379877efc 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1741,13 +1741,15 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para int count=0; SAM_ACCOUNT *sampw = NULL; BOOL ret = False; - DOM_GID *gids = NULL; - int num_groups = 0; + DOM_SID *sids; + gid_t *gids; + int num_groups; int i; fstring grp_domain; fstring grp_name; enum SID_NAME_USE grp_type; - DOM_SID sid, dom_sid; + struct passwd *passwd; + NTSTATUS result; *rparam_len = 8; *rparam = REALLOC(*rparam,*rparam_len); @@ -1778,6 +1780,11 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para /* Lookup the user information; This should only be one of our accounts (not remote domains) */ + + passwd = getpwnam_alloc(UserName); + + if (passwd == NULL) + return False; pdb_init_sam( &sampw ); @@ -1786,35 +1793,26 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para if ( !pdb_getsampwnam(sampw, UserName) ) goto out; - /* this next set of code is horribly inefficient, but since - it is rarely called, I'm going to leave it like this since - it easier to follow --jerry */ - - /* get the list of group SIDs */ - - if ( !get_domain_user_groups(conn->mem_ctx, &num_groups, &gids, sampw) ) { - DEBUG(1,("api_NetUserGetGroups: get_domain_user_groups() failed!\n")); + sids = NULL; + num_groups = 0; + + result = pdb_enum_group_memberships(pdb_get_username(sampw), + passwd->pw_gid, + &sids, &gids, &num_groups); + + if (!NT_STATUS_IS_OK(result)) goto out; - } - /* convert to names (we don't support universal groups so the domain - can only be ours) */ - - sid_copy( &dom_sid, get_global_sam_sid() ); for (i=0; i Date: Wed, 17 Nov 2004 21:22:35 +0000 Subject: r3824: Fix crash in api_RNetShareEnum. ServicePtrs[] may contain invalid entries. Happened after rev3708 removed non-existing cups printers. Volker (This used to be commit 60998d9d2f6272e383304da2b1d568a4b65f8787) --- source3/smbd/lanman.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 1379877efc..aeea9de9ca 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1502,6 +1502,8 @@ static BOOL api_RNetShareEnum( connection_struct *conn, data_len = fixed_len = string_len = 0; for (i=0;i Date: Thu, 18 Nov 2004 15:13:58 +0000 Subject: r3848: Fix for bug 2057. Only partially applied the patch, the second part seems not necessary. I'm using gcc 3.4.1, this does not detect the possibly uninitialized variable. Does anybody know how to get 3.4.1 to warn me? Volker (This used to be commit 8b6f8f93a0f30be0184e6044a499c1ef8f7b247e) --- source3/smbd/lanman.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index aeea9de9ca..5f4c0cec52 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2146,6 +2146,12 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param goto out; } + snum = lp_servicenumber( sharename); + if (snum == -1) { + errcode = NERR_DestNotFound; + goto out; + } + errcode = NERR_notsupported; switch (function) { @@ -2971,6 +2977,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) return False; + snum = lp_servicenumber( sharename); if (snum < 0 || !VALID_SNUM(snum)) return(False); count = print_queue_status(snum,&queue,&status); -- cgit From 3bd3be97dc8a581c0502410453091c195e322766 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 6 Dec 2004 19:25:25 +0000 Subject: r4083: consolidate printer searches to use find_service rather than for loops (This used to be commit 12440744ba36445186042c8c254785766cce5385) --- source3/smbd/lanman.c | 52 +++++++++++++++++---------------------------------- 1 file changed, 17 insertions(+), 35 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 5f4c0cec52..7d5e0f5ad2 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -760,18 +760,10 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, return(True); } - snum = lp_servicenumber(QueueName); - if (snum < 0 && pcap_printername_ok(QueueName,NULL)) { - int pnum = lp_servicenumber(PRINTERS_NAME); - if (pnum >= 0) { - lp_add_printer(QueueName,pnum); - snum = lp_servicenumber(QueueName); - } - } - - if (snum < 0 || !VALID_SNUM(snum)) - return(False); - + snum = find_service(QueueName); + if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) + return False; + if (uLevel==52) { count = get_printerdrivernumber(snum); DEBUG(3,("api_DosPrintQGetInfo: Driver files count: %d\n",count)); @@ -3048,20 +3040,18 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *pa DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name)); /* check it's a supported variant */ - if (strcmp(str1,"zWrLeh") != 0) return False; - if (uLevel > 2) return False; /* defined only for uLevel 0,1,2 */ - if (!check_printjob_info(&desc,uLevel,str2)) return False; - - snum = lp_servicenumber(name); - if (snum < 0 && pcap_printername_ok(name,NULL)) { - int pnum = lp_servicenumber(PRINTERS_NAME); - if (pnum >= 0) { - lp_add_printer(name,pnum); - snum = lp_servicenumber(name); - } - } + if (strcmp(str1,"zWrLeh") != 0) + return False; + + if (uLevel > 2) + return False; /* defined only for uLevel 0,1,2 */ + + if (!check_printjob_info(&desc,uLevel,str2)) + return False; - if (snum < 0 || !VALID_SNUM(snum)) return(False); + snum = find_service(name); + if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) + return False; count = print_queue_status(snum,&queue,&status); if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); @@ -3164,16 +3154,8 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par if (strcmp(str1,"zWrLh") != 0) return False; if (!check_printdest_info(&desc,uLevel,str2)) return False; - snum = lp_servicenumber(PrinterName); - if (snum < 0 && pcap_printername_ok(PrinterName,NULL)) { - int pnum = lp_servicenumber(PRINTERS_NAME); - if (pnum >= 0) { - lp_add_printer(PrinterName,pnum); - snum = lp_servicenumber(PrinterName); - } - } - - if (snum < 0) { + snum = find_service(PrinterName); + if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) { *rdata_len = 0; desc.errcode = NERR_DestNotFound; desc.neededlen = 0; -- cgit From acf9d61421faa6c0055d57fdee7db300dc5431aa Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 7 Dec 2004 18:25:53 +0000 Subject: r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a) --- source3/smbd/lanman.c | 129 +++++++++++++++++++++++++------------------------- 1 file changed, 64 insertions(+), 65 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 7d5e0f5ad2..4af11da784 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -753,7 +753,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, */ *rdata_len = 0; *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,ERRunknownlevel); SSVAL(*rparam,2,0); SSVAL(*rparam,4,0); @@ -772,7 +772,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, } if (mdrcnt > 0) { - *rdata = REALLOC(*rdata,mdrcnt); + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); desc.base = *rdata; desc.buflen = mdrcnt; } else { @@ -781,7 +781,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, * init_package will return wrong size if buflen=0 */ desc.buflen = getlen(desc.format); - desc.base = tmpdata = (char *) malloc (desc.buflen); + desc.base = tmpdata = (char *) SMB_MALLOC (desc.buflen); } if (init_package(&desc,1,count)) { @@ -801,7 +801,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, *rdata_len = desc.usedlen; *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,desc.neededlen); @@ -849,7 +849,7 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, */ *rdata_len = 0; *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,ERRunknownlevel); SSVAL(*rparam,2,0); SSVAL(*rparam,4,0); @@ -861,17 +861,17 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) queuecnt++; if (uLevel > 0) { - if((queue = (print_queue_struct**)malloc(queuecnt*sizeof(print_queue_struct*))) == NULL) { + if((queue = SMB_MALLOC_ARRAY(print_queue_struct*, queuecnt)) == NULL) { DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); return False; } memset(queue,0,queuecnt*sizeof(print_queue_struct*)); - if((status = (print_status_struct*)malloc(queuecnt*sizeof(print_status_struct))) == NULL) { + if((status = SMB_MALLOC_ARRAY(print_status_struct,queuecnt)) == NULL) { DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); return False; } memset(status,0,queuecnt*sizeof(print_status_struct)); - if((subcntarr = (int*)malloc(queuecnt*sizeof(int))) == NULL) { + if((subcntarr = SMB_MALLOC_ARRAY(int,queuecnt)) == NULL) { DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); return False; } @@ -884,7 +884,7 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, n++; } } - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); desc.base = *rdata; desc.buflen = mdrcnt; @@ -903,7 +903,7 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -987,8 +987,7 @@ static int get_server_info(uint32 servertype, struct srv_info_struct *ts; alloced += 10; - ts = (struct srv_info_struct *) - Realloc(*servers,sizeof(**servers)*alloced); + ts = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced); if (!ts) { DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n")); return(0); @@ -1234,7 +1233,7 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param } *rdata_len = fixed_len + string_len; - *rdata = REALLOC(*rdata,*rdata_len); + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); memset(*rdata,'\0',*rdata_len); p2 = (*rdata) + fixed_len; /* auxilliary data (strings) will go here */ @@ -1258,7 +1257,7 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param } *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVAL(*rparam,0,(missed == 0 ? NERR_Success : ERRmoredata)); SSVAL(*rparam,2,0); SSVAL(*rparam,4,counted); @@ -1295,7 +1294,7 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *pa *rdata_len = 0; *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVAL(*rparam,0,0x08AC); /* informational warning message */ SSVAL(*rparam,2,0); @@ -1441,13 +1440,13 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *para if (!prefix_ok(str1,"zWrLh")) return False; if (!check_share_info(uLevel,str2)) return False; - *rdata = REALLOC(*rdata,mdrcnt); + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); p = *rdata; *rdata_len = fill_share_info(conn,snum,uLevel,&p,&mdrcnt,0,0,0); if (*rdata_len < 0) return False; *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ SSVAL(*rparam,4,*rdata_len); @@ -1514,7 +1513,7 @@ static BOOL api_RNetShareEnum( connection_struct *conn, } } *rdata_len = fixed_len + string_len; - *rdata = REALLOC(*rdata,*rdata_len); + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); memset(*rdata,0,*rdata_len); p2 = (*rdata) + fixed_len; /* auxiliary data (strings) will go here */ @@ -1537,7 +1536,7 @@ static BOOL api_RNetShareEnum( connection_struct *conn, } *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVAL(*rparam,0,missed ? ERRmoredata : NERR_Success); SSVAL(*rparam,2,0); SSVAL(*rparam,4,counted); @@ -1623,7 +1622,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch } else return False; *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ SSVAL(*rparam,4,*rdata_len); @@ -1633,7 +1632,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch error_exit: *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); *rdata_len = 0; SSVAL(*rparam,0,res); SSVAL(*rparam,2,0); @@ -1688,7 +1687,7 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c DEBUG(10,("api_RNetGroupEnum:resume context: %d, client buffer size: %d\n", resume_context, cli_buf_size)); *rdata_len = cli_buf_size; - *rdata = REALLOC(*rdata,*rdata_len); + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); p = *rdata; @@ -1710,7 +1709,7 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c *rdata_len = PTR_DIFF(p,*rdata); *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVAL(*rparam, 0, errflags); SSVAL(*rparam, 2, 0); /* converter word */ @@ -1748,7 +1747,7 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para NTSTATUS result; *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); /* check it's a supported varient */ @@ -1767,7 +1766,7 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para return False; *rdata_len = mdrcnt + 1024; - *rdata = REALLOC(*rdata,*rdata_len); + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ @@ -1859,14 +1858,14 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch DEBUG(10,("api_RNetUserEnum:resume context: %d, client buffer size: %d\n", resume_context, cli_buf_size)); *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); /* check it's a supported varient */ if (strcmp("B21",str2) != 0) return False; *rdata_len = cli_buf_size; - *rdata = REALLOC(*rdata,*rdata_len); + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); p = *rdata; @@ -1929,10 +1928,10 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,ch { char *p; *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); *rdata_len = 21; - *rdata = REALLOC(*rdata,*rdata_len); + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ @@ -1991,7 +1990,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param memcpy(pass2,p+16,16); *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); *rdata_len = 0; @@ -2063,7 +2062,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * fstring user; char *p = param + 2; *rparam_len = 2; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); *rdata_len = 0; @@ -2130,7 +2129,7 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param return(False); *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); *rdata_len = 0; if (!print_job_exists(sharename, jobid)) { @@ -2193,7 +2192,7 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param return(False); *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); *rdata_len = 0; snum = print_queue_snum(QueueName); @@ -2267,7 +2266,7 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) return False; *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); if ( (snum = lp_servicenumber(sharename)) == -1 ) { DEBUG(0,("api_PrintJobInfo: unable to get service number from sharename [%s]\n", @@ -2368,7 +2367,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par } *rdata_len = mdrcnt; - *rdata = REALLOC(*rdata,*rdata_len); + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); p = *rdata; p2 = p + struct_len; @@ -2417,7 +2416,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par *rdata_len = PTR_DIFF(p2,*rdata); *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ SSVAL(*rparam,4,*rdata_len); @@ -2444,14 +2443,14 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param DEBUG(4,("NetWkstaGetInfo level %d\n",level)); *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); /* check it's a supported varient */ if (!(level==10 && strcsequal(str1,"WrLh") && strcsequal(str2,"zzzBBzz"))) return(False); *rdata_len = mdrcnt + 1024; - *rdata = REALLOC(*rdata,*rdata_len); + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ @@ -2690,7 +2689,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param vuser->user.unix_name)); *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); DEBUG(4,("RNetUserGetInfo level=%d\n", uLevel)); @@ -2709,7 +2708,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param if (strcmp(level_string,str2) != 0) return False; *rdata_len = mdrcnt + 1024; - *rdata = REALLOC(*rdata,*rdata_len); + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ @@ -2856,7 +2855,7 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param /* check it's a supported varient */ if (strcmp(str1,"OOWb54WrLh") != 0) return False; if (uLevel != 1 || strcmp(str2,"WB21BWDWWDDDDDDDzzzD") != 0) return False; - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); desc.base = *rdata; desc.buflen = mdrcnt; desc.subformat = NULL; @@ -2895,7 +2894,7 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param *rdata_len = desc.usedlen; *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,desc.neededlen); @@ -2925,7 +2924,7 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *p if (strcmp(str2,"") != 0) return False; *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,0); /* errorcode */ SSVAL(*rparam,2,0); /* converter word */ SSVAL(*rparam,4,0x7f); /* permission flags */ @@ -2978,7 +2977,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para } if (mdrcnt > 0) { - *rdata = REALLOC(*rdata,mdrcnt); + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); desc.base = *rdata; desc.buflen = mdrcnt; } else { @@ -2987,7 +2986,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para * init_package will return wrong size if buflen=0 */ desc.buflen = getlen(desc.format); - desc.base = tmpdata = (char *)malloc ( desc.buflen ); + desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen ); } if (init_package(&desc,1,0)) { @@ -3002,7 +3001,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para } *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,desc.neededlen); @@ -3054,7 +3053,7 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *pa return False; count = print_queue_status(snum,&queue,&status); - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); desc.base = *rdata; desc.buflen = mdrcnt; @@ -3069,7 +3068,7 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *pa *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -3162,7 +3161,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par } else { if (mdrcnt > 0) { - *rdata = REALLOC(*rdata,mdrcnt); + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); desc.base = *rdata; desc.buflen = mdrcnt; } else { @@ -3171,7 +3170,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par * init_package will return wrong size if buflen=0 */ desc.buflen = getlen(desc.format); - desc.base = tmpdata = (char *)malloc ( desc.buflen ); + desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen ); } if (init_package(&desc,1,0)) { fill_printdest_info(conn,snum,uLevel,&desc); @@ -3180,7 +3179,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par } *rparam_len = 6; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,desc.neededlen); @@ -3219,7 +3218,7 @@ static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param, if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) queuecnt++; - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); desc.base = *rdata; desc.buflen = mdrcnt; if (init_package(&desc,queuecnt,0)) { @@ -3237,7 +3236,7 @@ static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param, *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -3269,7 +3268,7 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *para if (strcmp(str1,"WrLeh") != 0) return False; if (uLevel != 0 || strcmp(str2,"B41") != 0) return False; - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); desc.base = *rdata; desc.buflen = mdrcnt; if (init_package(&desc,1,0)) { @@ -3281,7 +3280,7 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *para *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -3313,7 +3312,7 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param if (strcmp(str1,"WrLeh") != 0) return False; if (uLevel != 0 || strcmp(str2,"B13") != 0) return False; - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); desc.base = *rdata; desc.buflen = mdrcnt; desc.format = str2; @@ -3326,7 +3325,7 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -3358,7 +3357,7 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param, if (strcmp(str1,"WrLeh") != 0) return False; if (uLevel != 0 || strcmp(str2,"B9") != 0) return False; - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); memset((char *)&desc,'\0',sizeof(desc)); desc.base = *rdata; desc.buflen = mdrcnt; @@ -3372,7 +3371,7 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param, *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -3414,7 +3413,7 @@ static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param num_sessions = list_sessions(&session_list); - if (mdrcnt > 0) *rdata = REALLOC(*rdata,mdrcnt); + if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); memset((char *)&desc,'\0',sizeof(desc)); desc.base = *rdata; desc.buflen = mdrcnt; @@ -3438,7 +3437,7 @@ static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); /* converter */ SSVAL(*rparam,4,num_sessions); /* count */ @@ -3458,7 +3457,7 @@ static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param,char * int *rdata_len,int *rparam_len) { *rparam_len = MIN(*rparam_len,mprcnt); - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); *rdata_len = 0; @@ -3480,7 +3479,7 @@ static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param,cha int *rdata_len,int *rparam_len) { *rparam_len = 4; - *rparam = REALLOC(*rparam,*rparam_len); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); *rdata_len = 0; @@ -3587,11 +3586,11 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * return ERROR_NT(NT_STATUS_ACCESS_DENIED); } - rdata = (char *)malloc(1024); + rdata = (char *)SMB_MALLOC(1024); if (rdata) memset(rdata,'\0',1024); - rparam = (char *)malloc(1024); + rparam = (char *)SMB_MALLOC(1024); if (rparam) memset(rparam,'\0',1024); -- cgit From 1ed62fde09f382342a396a047975fdeeea7113bb Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 19 Jan 2005 16:13:26 +0000 Subject: r4847: Hand over a acb_mask to pdb_setsampwent in load_sampwd_entries(). This allows the ldap-backend to search much more effeciently. Machines will be searched in the ldap_machine_suffix and users in the ldap_users_suffix. (Note that we already use the ldap_group_suffix in ldapsam_setsamgrent for quite some time). Using the specific ldap-bases becomes notably important in large domains: On my testmachine "net rpc trustdom list" has to search through 40k accounts just to list 3 interdomain-trust-accounts, similiar effects show up the non-user query_dispinfo-calls, etc. Also renamed all_machines to only_machines in load_sampwd_entries() since that reflects better what is really meant. Guenther (This used to be commit 6394257cc721ca739bda0e320375f04506913533) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 4af11da784..9f2cd21425 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1874,7 +1874,7 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch /* Open the passgrp file - not for update. */ become_root(); - if(!pdb_setsampwent(False)) { + if(!pdb_setsampwent(False, 0)) { DEBUG(0, ("api_RNetUserEnum:unable to open sam database.\n")); unbecome_root(); return False; -- cgit From c1b9243c2892220b906df86d7b021d1bf18571b6 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 1 Feb 2005 20:43:14 +0000 Subject: r5165: BUG 2295: always use get_local_machine_name() rather than digging in the gloval variable 'local_machine' (This used to be commit 6a6e4af46a5c0a693a3dd9d558a4d1c1e5d72d95) --- source3/smbd/lanman.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 9f2cd21425..d8c5201ce6 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -32,8 +32,6 @@ #endif #define CHECK_TYPES 0 -extern fstring local_machine; - #define NERR_Success 0 #define NERR_badpass 86 #define NERR_notsupported 50 @@ -2372,7 +2370,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par p = *rdata; p2 = p + struct_len; if (uLevel != 20) { - srvstr_push(NULL, p,local_machine,16, + srvstr_push(NULL, p,get_local_machine_name(),16, STR_ASCII|STR_UPPER|STR_TERMINATE); } p += 16; @@ -2387,7 +2385,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) { for (i=0;i Date: Wed, 6 Apr 2005 16:28:04 +0000 Subject: r6225: get rid of warnings from my compiler about nested externs (This used to be commit efea76ac71412f8622cd233912309e91b9ea52da) --- source3/smbd/lanman.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index d8c5201ce6..f2794d2901 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -27,6 +27,9 @@ #include "includes.h" +extern struct current_user current_user; +extern userdom_struct current_user_info; + #ifdef CHECK_TYPES #undef CHECK_TYPES #endif @@ -2116,7 +2119,6 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param int snum; fstring sharename; int errcode; - extern struct current_user current_user; WERROR werr = WERR_OK; if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) @@ -2183,7 +2185,6 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param int errcode = NERR_notsupported; int snum; WERROR werr = WERR_OK; - extern struct current_user current_user; /* check it's a supported varient */ if (!(strcsequal(str1,"z") && strcsequal(str2,""))) @@ -2435,7 +2436,6 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); char *p2; - extern userdom_struct current_user_info; int level = SVAL(p,0); DEBUG(4,("NetWkstaGetInfo level %d\n",level)); -- cgit From 0f7e9f6c56506cb390491dc7db9153aa41565981 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 10 Apr 2005 15:45:46 +0000 Subject: r6279: Convert the RAP enum functions to the pdb_search API. Who is using this nowadays? This looks rather broken, but survives basic tests with 'net'. Volker (This used to be commit 7ae1b94e3eda574729272238cd08e83a33278a7e) --- source3/smbd/lanman.c | 101 ++++++++++++++++++++++++++++---------------------- 1 file changed, 56 insertions(+), 45 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index f2794d2901..127480f0b3 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1655,9 +1655,10 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c char *str1 = param+2; char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); - BOOL ret; - GROUP_MAP *group_list; + struct pdb_search *search; + struct samr_displayentry *entries; + int num_entries; if (strcmp(str1,"WrLeh") != 0) @@ -1675,30 +1676,39 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c /* get list of domain groups SID_DOMAIN_GRP=2 */ become_root(); - ret = pdb_enum_group_mapping(SID_NAME_DOM_GRP , &group_list, &num_entries, False); + search = pdb_search_groups(); unbecome_root(); - - if( !ret ) { - DEBUG(3,("api_RNetGroupEnum:failed to get group list")); + + if (search == NULL) { + DEBUG(3,("api_RNetGroupEnum:failed to get group list")); return False; } resume_context = SVAL(p,0); cli_buf_size=SVAL(p+2,0); - DEBUG(10,("api_RNetGroupEnum:resume context: %d, client buffer size: %d\n", resume_context, cli_buf_size)); + DEBUG(10,("api_RNetGroupEnum:resume context: %d, client buffer size: " + "%d\n", resume_context, cli_buf_size)); + + become_root(); + num_entries = pdb_search_entries(search, resume_context, 0xffffffff, + &entries); + unbecome_root(); *rdata_len = cli_buf_size; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); p = *rdata; - for(i=resume_context; i=resume_context) { - if( ((PTR_DIFF(p,*rdata)+21)<=*rdata_len)&&(strlen(name)<=21) ) { - pstrcpy(p,name); - DEBUG(10,("api_RNetUserEnum:adding entry %d username %s\n",count_sent,p)); - p += 21; - count_sent++; - } else { - /* set overflow error */ - DEBUG(10,("api_RNetUserEnum:overflow on entry %d username %s\n",count_sent,name)); - errflags=234; - break; - } - } - } - } ; - pdb_endsampwent(); + become_root(); + num_users = pdb_search_entries(search, resume_context, 0xffffffff, + &users); unbecome_root(); - pdb_free_sam(&pwd); + errflags=NERR_Success; + + for (i=0; i Date: Fri, 12 Aug 2005 23:49:57 +0000 Subject: r9288: Whitespace cleanup and memory leak on error path fix found by Coverity. Jeremy. (This used to be commit 0b85900fc8d79c71af986bb8b6346bba7840a704) --- source3/smbd/lanman.c | 115 ++++++++++++++++++++++++++------------------------ 1 file changed, 60 insertions(+), 55 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 127480f0b3..018b7f12ea 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -3558,75 +3558,80 @@ static const struct int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char *params, int tdscnt,int tpscnt,int mdrcnt,int mprcnt) { - int api_command; - char *rdata = NULL; - char *rparam = NULL; - int rdata_len = 0; - int rparam_len = 0; - BOOL reply=False; - int i; + int api_command; + char *rdata = NULL; + char *rparam = NULL; + int rdata_len = 0; + int rparam_len = 0; + BOOL reply=False; + int i; - if (!params) { - DEBUG(0,("ERROR: NULL params in api_reply()\n")); - return 0; - } + if (!params) { + DEBUG(0,("ERROR: NULL params in api_reply()\n")); + return 0; + } - api_command = SVAL(params,0); + api_command = SVAL(params,0); - DEBUG(3,("Got API command %d of form <%s> <%s> (tdscnt=%d,tpscnt=%d,mdrcnt=%d,mprcnt=%d)\n", - api_command, - params+2, - skip_string(params+2,1), - tdscnt,tpscnt,mdrcnt,mprcnt)); + DEBUG(3,("Got API command %d of form <%s> <%s> (tdscnt=%d,tpscnt=%d,mdrcnt=%d,mprcnt=%d)\n", + api_command, + params+2, + skip_string(params+2,1), + tdscnt,tpscnt,mdrcnt,mprcnt)); - for (i=0;api_commands[i].name;i++) { - if (api_commands[i].id == api_command && api_commands[i].fn) { - DEBUG(3,("Doing %s\n",api_commands[i].name)); - break; - } - } + for (i=0;api_commands[i].name;i++) { + if (api_commands[i].id == api_command && api_commands[i].fn) { + DEBUG(3,("Doing %s\n",api_commands[i].name)); + break; + } + } - /* Check whether this api call can be done anonymously */ + /* Check whether this api call can be done anonymously */ - if (api_commands[i].auth_user && lp_restrict_anonymous()) { - user_struct *user = get_valid_user_struct(vuid); + if (api_commands[i].auth_user && lp_restrict_anonymous()) { + user_struct *user = get_valid_user_struct(vuid); - if (!user || user->guest) - return ERROR_NT(NT_STATUS_ACCESS_DENIED); - } + if (!user || user->guest) { + return ERROR_NT(NT_STATUS_ACCESS_DENIED); + } + } - rdata = (char *)SMB_MALLOC(1024); - if (rdata) - memset(rdata,'\0',1024); + rdata = (char *)SMB_MALLOC(1024); + if (rdata) { + memset(rdata,'\0',1024); + } - rparam = (char *)SMB_MALLOC(1024); - if (rparam) - memset(rparam,'\0',1024); + rparam = (char *)SMB_MALLOC(1024); + if (rparam) { + memset(rparam,'\0',1024); + } - if(!rdata || !rparam) { - DEBUG(0,("api_reply: malloc fail !\n")); - return -1; - } + if(!rdata || !rparam) { + DEBUG(0,("api_reply: malloc fail !\n")); + SAFE_FREE(rdata); + SAFE_FREE(rparam); + return -1; + } - reply = api_commands[i].fn(conn,vuid,params,data,mdrcnt,mprcnt, - &rdata,&rparam,&rdata_len,&rparam_len); + reply = api_commands[i].fn(conn,vuid,params,data,mdrcnt,mprcnt, + &rdata,&rparam,&rdata_len,&rparam_len); - if (rdata_len > mdrcnt || - rparam_len > mprcnt) { - reply = api_TooSmall(conn,vuid,params,data,mdrcnt,mprcnt, - &rdata,&rparam,&rdata_len,&rparam_len); - } + if (rdata_len > mdrcnt || + rparam_len > mprcnt) { + reply = api_TooSmall(conn,vuid,params,data,mdrcnt,mprcnt, + &rdata,&rparam,&rdata_len,&rparam_len); + } - /* if we get False back then it's actually unsupported */ - if (!reply) - api_Unsupported(conn,vuid,params,data,mdrcnt,mprcnt, - &rdata,&rparam,&rdata_len,&rparam_len); + /* if we get False back then it's actually unsupported */ + if (!reply) { + api_Unsupported(conn,vuid,params,data,mdrcnt,mprcnt, + &rdata,&rparam,&rdata_len,&rparam_len); + } - send_trans_reply(outbuf, rparam, rparam_len, rdata, rdata_len, False); + send_trans_reply(outbuf, rparam, rparam_len, rdata, rdata_len, False); - SAFE_FREE(rdata); - SAFE_FREE(rparam); - - return -1; + SAFE_FREE(rdata); + SAFE_FREE(rparam); + return -1; } -- cgit From 2d4ded54b68ef7bd4871c780807ac09facc05f2b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 13 Aug 2005 00:13:21 +0000 Subject: r9290: Some error path cleanups found by Coverity. Whitespace reformatting. This file need a lot of error path cleanup. Jeremy. (This used to be commit ce93e469d80bb26cda390626ba8cc55ff9c822b6) --- source3/smbd/lanman.c | 509 +++++++++++++++++++++++++++----------------------- 1 file changed, 277 insertions(+), 232 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 018b7f12ea..0666fe8913 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -332,12 +332,12 @@ static int package(struct pack_desc* p, ...) static void PACKI(struct pack_desc* desc, const char *t,int v) { - PACK(desc,t,v); + PACK(desc,t,v); } static void PACKS(struct pack_desc* desc,const char *t,const char *v) { - PACK(desc,t,v); + PACK(desc,t,v); } @@ -346,51 +346,56 @@ static void PACKS(struct pack_desc* desc,const char *t,const char *v) ****************************************************************************/ static void PackDriverData(struct pack_desc* desc) { - char drivdata[4+4+32]; - SIVAL(drivdata,0,sizeof drivdata); /* cb */ - SIVAL(drivdata,4,1000); /* lVersion */ - memset(drivdata+8,0,32); /* szDeviceName */ - push_ascii(drivdata+8,"NULL",-1, STR_TERMINATE); - PACKl(desc,"l",drivdata,sizeof drivdata); /* pDriverData */ + char drivdata[4+4+32]; + SIVAL(drivdata,0,sizeof drivdata); /* cb */ + SIVAL(drivdata,4,1000); /* lVersion */ + memset(drivdata+8,0,32); /* szDeviceName */ + push_ascii(drivdata+8,"NULL",-1, STR_TERMINATE); + PACKl(desc,"l",drivdata,sizeof drivdata); /* pDriverData */ } static int check_printq_info(struct pack_desc* desc, - int uLevel, char *id1, char *id2) + unsigned int uLevel, char *id1, char *id2) { - desc->subformat = NULL; - switch( uLevel ) { - case 0: - desc->format = "B13"; - break; - case 1: - desc->format = "B13BWWWzzzzzWW"; - break; - case 2: - desc->format = "B13BWWWzzzzzWN"; - desc->subformat = "WB21BB16B10zWWzDDz"; - break; - case 3: - desc->format = "zWWWWzzzzWWzzl"; - break; - case 4: - desc->format = "zWWWWzzzzWNzzl"; - desc->subformat = "WWzWWDDzz"; - break; - case 5: - desc->format = "z"; - break; - case 51: - desc->format = "K"; - break; - case 52: - desc->format = "WzzzzzzzzN"; - desc->subformat = "z"; - break; - default: return False; - } - if (strcmp(desc->format,id1) != 0) return False; - if (desc->subformat && strcmp(desc->subformat,id2) != 0) return False; - return True; + desc->subformat = NULL; + switch( uLevel ) { + case 0: + desc->format = "B13"; + break; + case 1: + desc->format = "B13BWWWzzzzzWW"; + break; + case 2: + desc->format = "B13BWWWzzzzzWN"; + desc->subformat = "WB21BB16B10zWWzDDz"; + break; + case 3: + desc->format = "zWWWWzzzzWWzzl"; + break; + case 4: + desc->format = "zWWWWzzzzWNzzl"; + desc->subformat = "WWzWWDDzz"; + break; + case 5: + desc->format = "z"; + break; + case 51: + desc->format = "K"; + break; + case 52: + desc->format = "WzzzzzzzzN"; + desc->subformat = "z"; + break; + default: + return False; + } + if (strcmp(desc->format,id1) != 0) { + return False; + } + if (desc->subformat && strcmp(desc->subformat,id2) != 0) { + return False; + } + return True; } @@ -721,7 +726,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); char *QueueName = p; - int uLevel; + unsigned int uLevel; int count=0; int snum; char* str3; @@ -824,134 +829,169 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, char **rdata, char** rparam, int *rdata_len, int *rparam_len) { - char *param_format = param+2; - char *output_format1 = skip_string(param_format,1); - char *p = skip_string(output_format1,1); - int uLevel = SVAL(p,0); - char *output_format2 = p + 4; - int services = lp_numservices(); - int i, n; - struct pack_desc desc; - print_queue_struct **queue = NULL; - print_status_struct *status = NULL; - int* subcntarr = NULL; - int queuecnt, subcnt=0, succnt=0; + char *param_format = param+2; + char *output_format1 = skip_string(param_format,1); + char *p = skip_string(output_format1,1); + unsigned int uLevel = SVAL(p,0); + char *output_format2 = p + 4; + int services = lp_numservices(); + int i, n; + struct pack_desc desc; + print_queue_struct **queue = NULL; + print_status_struct *status = NULL; + int *subcntarr = NULL; + int queuecnt = 0, subcnt = 0, succnt = 0; - memset((char *)&desc,'\0',sizeof(desc)); + memset((char *)&desc,'\0',sizeof(desc)); - DEBUG(3,("DosPrintQEnum uLevel=%d\n",uLevel)); + DEBUG(3,("DosPrintQEnum uLevel=%d\n",uLevel)); - if (!prefix_ok(param_format,"WrLeh")) return False; - if (!check_printq_info(&desc,uLevel,output_format1,output_format2)) { - /* - * Patch from Scott Moomaw - * to return the 'invalid info level' error if an - * unknown level was requested. - */ - *rdata_len = 0; - *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,ERRunknownlevel); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,0); - return(True); - } + if (!prefix_ok(param_format,"WrLeh")) { + return False; + } + if (!check_printq_info(&desc,uLevel,output_format1,output_format2)) { + /* + * Patch from Scott Moomaw + * to return the 'invalid info level' error if an + * unknown level was requested. + */ + *rdata_len = 0; + *rparam_len = 6; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVALS(*rparam,0,ERRunknownlevel); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,0); + return(True); + } - queuecnt = 0; - for (i = 0; i < services; i++) - if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) - queuecnt++; - if (uLevel > 0) { - if((queue = SMB_MALLOC_ARRAY(print_queue_struct*, queuecnt)) == NULL) { - DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); - return False; - } - memset(queue,0,queuecnt*sizeof(print_queue_struct*)); - if((status = SMB_MALLOC_ARRAY(print_status_struct,queuecnt)) == NULL) { - DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); - return False; - } - memset(status,0,queuecnt*sizeof(print_status_struct)); - if((subcntarr = SMB_MALLOC_ARRAY(int,queuecnt)) == NULL) { - DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); - return False; - } - subcnt = 0; - n = 0; - for (i = 0; i < services; i++) - if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { - subcntarr[n] = print_queue_status(i, &queue[n],&status[n]); - subcnt += subcntarr[n]; - n++; - } - } - if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; + for (i = 0; i < services; i++) { + if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { + queuecnt++; + } + } - if (init_package(&desc,queuecnt,subcnt)) { - n = 0; - succnt = 0; - for (i = 0; i < services; i++) - if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { - fill_printq_info(conn,i,uLevel,&desc,subcntarr[n],queue[n],&status[n]); - n++; - if (desc.errcode == NERR_Success) succnt = n; - } - } + if((queue = SMB_MALLOC_ARRAY(print_queue_struct*, queuecnt)) == NULL) { + DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); + goto err; + } + memset(queue,0,queuecnt*sizeof(print_queue_struct*)); + if((status = SMB_MALLOC_ARRAY(print_status_struct,queuecnt)) == NULL) { + DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); + goto err; + } + memset(status,0,queuecnt*sizeof(print_status_struct)); + if((subcntarr = SMB_MALLOC_ARRAY(int,queuecnt)) == NULL) { + DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); + goto err; + } + + subcnt = 0; + n = 0; + for (i = 0; i < services; i++) { + if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { + subcntarr[n] = print_queue_status(i, &queue[n],&status[n]); + subcnt += subcntarr[n]; + n++; + } + } + + if (mdrcnt > 0) { + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + goto err; + } + } + desc.base = *rdata; + desc.buflen = mdrcnt; + + if (init_package(&desc,queuecnt,subcnt)) { + n = 0; + succnt = 0; + for (i = 0; i < services; i++) { + if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { + fill_printq_info(conn,i,uLevel,&desc,subcntarr[n],queue[n],&status[n]); + n++; + if (desc.errcode == NERR_Success) { + succnt = n; + } + } + } + } - SAFE_FREE(subcntarr); + SAFE_FREE(subcntarr); - *rdata_len = desc.usedlen; - *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,desc.errcode); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,succnt); - SSVAL(*rparam,6,queuecnt); + *rdata_len = desc.usedlen; + *rparam_len = 8; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + goto err; + } + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,queuecnt); - for (i = 0; i < queuecnt; i++) { - if (queue) SAFE_FREE(queue[i]); - } + for (i = 0; i < queuecnt; i++) { + if (queue) { + SAFE_FREE(queue[i]); + } + } - SAFE_FREE(queue); - SAFE_FREE(status); + SAFE_FREE(queue); + SAFE_FREE(status); - return True; + return True; + + err: + + SAFE_FREE(subcntarr); + for (i = 0; i < queuecnt; i++) { + if (queue) { + SAFE_FREE(queue[i]); + } + } + SAFE_FREE(queue); + SAFE_FREE(status); + + return False; } /**************************************************************************** - get info level for a server list query - ****************************************************************************/ + Get info level for a server list query. +****************************************************************************/ + static BOOL check_server_info(int uLevel, char* id) { - switch( uLevel ) { - case 0: - if (strcmp(id,"B16") != 0) return False; - break; - case 1: - if (strcmp(id,"B16BBDz") != 0) return False; - break; - default: - return False; - } - return True; + switch( uLevel ) { + case 0: + if (strcmp(id,"B16") != 0) { + return False; + } + break; + case 1: + if (strcmp(id,"B16BBDz") != 0) { + return False; + } + break; + default: + return False; + } + return True; } -struct srv_info_struct -{ - fstring name; - uint32 type; - fstring comment; - fstring domain; - BOOL server_added; +struct srv_info_struct { + fstring name; + uint32 type; + fstring comment; + fstring domain; + BOOL server_added; }; - /******************************************************************* - get server info lists from the files saved by nmbd. Return the - number of entries - ******************************************************************/ + Get server info lists from the files saved by nmbd. Return the + number of entries. +******************************************************************/ + static int get_server_info(uint32 servertype, struct srv_info_struct **servers, const char *domain) @@ -1059,10 +1099,10 @@ static int get_server_info(uint32 servertype, return(count); } - /******************************************************************* - fill in a server info structure - ******************************************************************/ + Fill in a server info structure. +******************************************************************/ + static int fill_srv_info(struct srv_info_struct *service, int uLevel, char **buf, int *buflen, char **stringbuf, int *stringspace, char *baseaddr) @@ -1141,13 +1181,14 @@ static int fill_srv_info(struct srv_info_struct *service, static BOOL srv_comp(struct srv_info_struct *s1,struct srv_info_struct *s2) { - return(strcmp(s1->name,s2->name)); + return(strcmp(s1->name,s2->name)); } /**************************************************************************** - view list of servers available (or possibly domains). The info is - extracted from lists saved by nmbd on the local host - ****************************************************************************/ + View list of servers available (or possibly domains). The info is + extracted from lists saved by nmbd on the local host. +****************************************************************************/ + static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param, char *data, int mdrcnt, int mprcnt, char **rdata, char **rparam, int *rdata_len, int *rparam_len) @@ -1275,6 +1316,7 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param /**************************************************************************** command 0x34 - suspected of being a "Lookup Names" stub api ****************************************************************************/ + static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *param, char *data, int mdrcnt, int mprcnt, char **rdata, char **rparam, int *rdata_len, int *rparam_len) @@ -1308,6 +1350,7 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *pa /**************************************************************************** get info about a share ****************************************************************************/ + static BOOL check_share_info(int uLevel, char* id) { switch( uLevel ) { @@ -1464,6 +1507,7 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *para twelve byte strings for share names (plus one for a nul terminator). Share names longer than 12 bytes must be skipped. ****************************************************************************/ + static BOOL api_RNetShareEnum( connection_struct *conn, uint16 vuid, char *param, @@ -1547,11 +1591,12 @@ static BOOL api_RNetShareEnum( connection_struct *conn, counted,total,uLevel, buf_len,*rdata_len,mdrcnt)); return(True); -} /* api_RNetShareEnum */ +} /**************************************************************************** Add a share ****************************************************************************/ + static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -1638,12 +1683,12 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch SSVAL(*rparam,0,res); SSVAL(*rparam,2,0); return True; - } /**************************************************************************** view list of groups available ****************************************************************************/ + static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -1733,8 +1778,9 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c } /******************************************************************* - get groups that a user is a member of - ******************************************************************/ + Get groups that a user is a member of. +******************************************************************/ + static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -1839,8 +1885,9 @@ out: } /******************************************************************* - get all users - ******************************************************************/ + Get all users. +******************************************************************/ + static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -1869,7 +1916,8 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch resume_context = SVAL(p,0); cli_buf_size=SVAL(p+2,0); - DEBUG(10,("api_RNetUserEnum:resume context: %d, client buffer size: %d\n", resume_context, cli_buf_size)); + DEBUG(10,("api_RNetUserEnum:resume context: %d, client buffer size: %d\n", + resume_context, cli_buf_size)); *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); @@ -1928,11 +1976,10 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch return True; } - - /**************************************************************************** - get the time of day info - ****************************************************************************/ + Get the time of day info. +****************************************************************************/ + static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -1974,8 +2021,6 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,ch SSVAL(p,18,1900+t->tm_year); SCVAL(p,20,t->tm_wday); } - - return(True); } @@ -2117,6 +2162,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * delete a print job Form: <> ****************************************************************************/ + static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -2184,6 +2230,7 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param /**************************************************************************** Purge a print queue - or pause or resume it. ****************************************************************************/ + static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -2233,7 +2280,6 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param return(True); } - /**************************************************************************** set the property of a print job (undocumented?) ? function = 0xb -> set name of print job @@ -2241,6 +2287,7 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param Form: or ****************************************************************************/ + static int check_printjob_info(struct pack_desc* desc, int uLevel, char* id) { @@ -2328,8 +2375,9 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha /**************************************************************************** - get info about the server - ****************************************************************************/ + Get info about the server. +****************************************************************************/ + static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -2434,10 +2482,10 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par return(True); } - /**************************************************************************** - get info about the server - ****************************************************************************/ + Get info about the server. +****************************************************************************/ + static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -2912,10 +2960,10 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param return(True); } - /**************************************************************************** - api_WAccessGetUserPerms - ****************************************************************************/ + api_WAccessGetUserPerms +****************************************************************************/ + static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -2944,6 +2992,7 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *p /**************************************************************************** api_WPrintJobEnumerate ****************************************************************************/ + static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, int mdrcnt,int mprcnt, char **rdata,char **rparam, @@ -3500,56 +3549,53 @@ static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param,cha return(True); } - - - -static const struct -{ - const char *name; - int id; - BOOL (*fn)(connection_struct *,uint16,char *,char *, - int,int,char **,char **,int *,int *); - BOOL auth_user; /* Deny anonymous access? */ +static const struct { + const char *name; + int id; + BOOL (*fn)(connection_struct *,uint16,char *,char *, + int,int,char **,char **,int *,int *); + BOOL auth_user; /* Deny anonymous access? */ } api_commands[] = { - {"RNetShareEnum", RAP_WshareEnum, api_RNetShareEnum, True}, - {"RNetShareGetInfo", RAP_WshareGetInfo, api_RNetShareGetInfo}, - {"RNetShareAdd", RAP_WshareAdd, api_RNetShareAdd}, - {"RNetSessionEnum", RAP_WsessionEnum, api_RNetSessionEnum, True}, - {"RNetServerGetInfo", RAP_WserverGetInfo, api_RNetServerGetInfo}, - {"RNetGroupEnum", RAP_WGroupEnum, api_RNetGroupEnum, True}, - {"RNetGroupGetUsers", RAP_WGroupGetUsers, api_RNetGroupGetUsers, True}, - {"RNetUserEnum", RAP_WUserEnum, api_RNetUserEnum, True}, - {"RNetUserGetInfo", RAP_WUserGetInfo, api_RNetUserGetInfo}, - {"NetUserGetGroups", RAP_WUserGetGroups, api_NetUserGetGroups}, - {"NetWkstaGetInfo", RAP_WWkstaGetInfo, api_NetWkstaGetInfo}, - {"DosPrintQEnum", RAP_WPrintQEnum, api_DosPrintQEnum, True}, - {"DosPrintQGetInfo", RAP_WPrintQGetInfo, api_DosPrintQGetInfo}, - {"WPrintQueuePause", RAP_WPrintQPause, api_WPrintQueueCtrl}, - {"WPrintQueueResume", RAP_WPrintQContinue, api_WPrintQueueCtrl}, - {"WPrintJobEnumerate",RAP_WPrintJobEnum, api_WPrintJobEnumerate}, - {"WPrintJobGetInfo", RAP_WPrintJobGetInfo, api_WPrintJobGetInfo}, - {"RDosPrintJobDel", RAP_WPrintJobDel, api_RDosPrintJobDel}, - {"RDosPrintJobPause", RAP_WPrintJobPause, api_RDosPrintJobDel}, - {"RDosPrintJobResume",RAP_WPrintJobContinue, api_RDosPrintJobDel}, - {"WPrintDestEnum", RAP_WPrintDestEnum, api_WPrintDestEnum}, - {"WPrintDestGetInfo", RAP_WPrintDestGetInfo, api_WPrintDestGetInfo}, - {"NetRemoteTOD", RAP_NetRemoteTOD, api_NetRemoteTOD}, - {"WPrintQueuePurge", RAP_WPrintQPurge, api_WPrintQueueCtrl}, - {"NetServerEnum", RAP_NetServerEnum2, api_RNetServerEnum}, /* anon OK */ - {"WAccessGetUserPerms",RAP_WAccessGetUserPerms,api_WAccessGetUserPerms}, - {"SetUserPassword", RAP_WUserPasswordSet2, api_SetUserPassword}, - {"WWkstaUserLogon", RAP_WWkstaUserLogon, api_WWkstaUserLogon}, - {"PrintJobInfo", RAP_WPrintJobSetInfo, api_PrintJobInfo}, - {"WPrintDriverEnum", RAP_WPrintDriverEnum, api_WPrintDriverEnum}, - {"WPrintQProcEnum", RAP_WPrintQProcessorEnum,api_WPrintQProcEnum}, - {"WPrintPortEnum", RAP_WPrintPortEnum, api_WPrintPortEnum}, - {"SamOEMChangePassword",RAP_SamOEMChgPasswordUser2_P,api_SamOEMChangePassword}, /* anon OK */ - {NULL, -1, api_Unsupported}}; - -/* The following RAP calls are not implemented by Samba: - - RAP_WFileEnum2 - anon not OK -*/ + {"RNetShareEnum", RAP_WshareEnum, api_RNetShareEnum, True}, + {"RNetShareGetInfo", RAP_WshareGetInfo, api_RNetShareGetInfo}, + {"RNetShareAdd", RAP_WshareAdd, api_RNetShareAdd}, + {"RNetSessionEnum", RAP_WsessionEnum, api_RNetSessionEnum, True}, + {"RNetServerGetInfo", RAP_WserverGetInfo, api_RNetServerGetInfo}, + {"RNetGroupEnum", RAP_WGroupEnum, api_RNetGroupEnum, True}, + {"RNetGroupGetUsers", RAP_WGroupGetUsers, api_RNetGroupGetUsers, True}, + {"RNetUserEnum", RAP_WUserEnum, api_RNetUserEnum, True}, + {"RNetUserGetInfo", RAP_WUserGetInfo, api_RNetUserGetInfo}, + {"NetUserGetGroups", RAP_WUserGetGroups, api_NetUserGetGroups}, + {"NetWkstaGetInfo", RAP_WWkstaGetInfo, api_NetWkstaGetInfo}, + {"DosPrintQEnum", RAP_WPrintQEnum, api_DosPrintQEnum, True}, + {"DosPrintQGetInfo", RAP_WPrintQGetInfo, api_DosPrintQGetInfo}, + {"WPrintQueuePause", RAP_WPrintQPause, api_WPrintQueueCtrl}, + {"WPrintQueueResume", RAP_WPrintQContinue, api_WPrintQueueCtrl}, + {"WPrintJobEnumerate",RAP_WPrintJobEnum, api_WPrintJobEnumerate}, + {"WPrintJobGetInfo", RAP_WPrintJobGetInfo, api_WPrintJobGetInfo}, + {"RDosPrintJobDel", RAP_WPrintJobDel, api_RDosPrintJobDel}, + {"RDosPrintJobPause", RAP_WPrintJobPause, api_RDosPrintJobDel}, + {"RDosPrintJobResume",RAP_WPrintJobContinue, api_RDosPrintJobDel}, + {"WPrintDestEnum", RAP_WPrintDestEnum, api_WPrintDestEnum}, + {"WPrintDestGetInfo", RAP_WPrintDestGetInfo, api_WPrintDestGetInfo}, + {"NetRemoteTOD", RAP_NetRemoteTOD, api_NetRemoteTOD}, + {"WPrintQueuePurge", RAP_WPrintQPurge, api_WPrintQueueCtrl}, + {"NetServerEnum", RAP_NetServerEnum2, api_RNetServerEnum}, /* anon OK */ + {"WAccessGetUserPerms",RAP_WAccessGetUserPerms,api_WAccessGetUserPerms}, + {"SetUserPassword", RAP_WUserPasswordSet2, api_SetUserPassword}, + {"WWkstaUserLogon", RAP_WWkstaUserLogon, api_WWkstaUserLogon}, + {"PrintJobInfo", RAP_WPrintJobSetInfo, api_PrintJobInfo}, + {"WPrintDriverEnum", RAP_WPrintDriverEnum, api_WPrintDriverEnum}, + {"WPrintQProcEnum", RAP_WPrintQProcessorEnum,api_WPrintQProcEnum}, + {"WPrintPortEnum", RAP_WPrintPortEnum, api_WPrintPortEnum}, + {"SamOEMChangePassword",RAP_SamOEMChgPasswordUser2_P,api_SamOEMChangePassword}, /* anon OK */ + {NULL, -1, api_Unsupported} + /* The following RAP calls are not implemented by Samba: + + RAP_WFileEnum2 - anon not OK + */ +}; + /**************************************************************************** Handle remote api calls @@ -3617,8 +3663,7 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * &rdata,&rparam,&rdata_len,&rparam_len); - if (rdata_len > mdrcnt || - rparam_len > mprcnt) { + if (rdata_len > mdrcnt || rparam_len > mprcnt) { reply = api_TooSmall(conn,vuid,params,data,mdrcnt,mprcnt, &rdata,&rparam,&rdata_len,&rparam_len); } -- cgit From 8d7c88667190fe286971ac4fffb64ee5bd9eeeb0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Oct 2005 03:24:00 +0000 Subject: r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4 x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 0666fe8913..3e1174b22f 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1797,8 +1797,8 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para BOOL ret = False; DOM_SID *sids; gid_t *gids; - int num_groups; - int i; + size_t num_groups; + size_t i; fstring grp_domain; fstring grp_name; enum SID_NAME_USE grp_type; -- cgit From 6d5757395a0e54245543794d0d6d6d6a32cd857a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 5 Nov 2005 04:21:55 +0000 Subject: r11511: A classic "friday night check-in" :-). This moves much of the Samba4 timezone handling code back into Samba3. Gets rid of "kludge-gmt" and removes the effectiveness of the parameter "time offset" (I can add this back in very easily if needed) - it's no longer being looked at. I'm hoping this will fix the problems people have been having with DST transitions. I'll start comprehensive testing tomorrow, but for now all modifications are done. Splits time get/set functions into srv_XXX and cli_XXX as they need to look at different timezone offsets. Get rid of much of the "efficiency" cruft that was added to Samba back in the day when the C library timezone handling functions were slow. Jeremy. (This used to be commit 414303bc0272f207046b471a0364fa296b67c1f8) --- source3/smbd/lanman.c | 667 ++++++++++++++++++++++++++------------------------ 1 file changed, 353 insertions(+), 314 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 3e1174b22f..1e2a248851 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -50,23 +50,25 @@ extern userdom_struct current_user_info; #define SHPWLEN 8 /* share password length */ -static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len); -static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len); +static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param, char *data, + int mdrcnt, int mprcnt, + char **rdata, char **rparam, + int *rdata_len, int *rparam_len); +static BOOL api_TooSmall(connection_struct *conn, uint16 vuid, char *param, char *data, + int mdrcnt, int mprcnt, + char **rdata, char **rparam, + int *rdata_len, int *rparam_len); static int CopyExpanded(connection_struct *conn, - int snum, char** dst, char* src, int* n) + int snum, char **dst, char *src, int *n) { pstring buf; int l; - if (!src || !dst || !n || !(*dst)) return(0); + if (!src || !dst || !n || !(*dst)) { + return 0; + } StrnCpy(buf,src,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); @@ -77,30 +79,36 @@ static int CopyExpanded(connection_struct *conn, return l; } -static int CopyAndAdvance(char** dst, char* src, int* n) +static int CopyAndAdvance(char **dst, char *src, int *n) { - int l; - if (!src || !dst || !n || !(*dst)) return(0); - l = push_ascii(*dst,src,*n, STR_TERMINATE); - (*dst) += l; - (*n) -= l; - return l; + int l; + if (!src || !dst || !n || !(*dst)) { + return 0; + } + l = push_ascii(*dst,src,*n, STR_TERMINATE); + (*dst) += l; + (*n) -= l; + return l; } -static int StrlenExpanded(connection_struct *conn, int snum, char* s) +static int StrlenExpanded(connection_struct *conn, int snum, char *s) { pstring buf; - if (!s) return(0); + if (!s) { + return 0; + } StrnCpy(buf,s,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); standard_sub_conn(conn,buf,sizeof(buf)); return strlen(buf) + 1; } -static char* Expand(connection_struct *conn, int snum, char* s) +static char *Expand(connection_struct *conn, int snum, char *s) { static pstring buf; - if (!s) return(NULL); + if (!s) { + return NULL; + } StrnCpy(buf,s,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); standard_sub_conn(conn,buf,sizeof(buf)); @@ -108,218 +116,248 @@ static char* Expand(connection_struct *conn, int snum, char* s) } /******************************************************************* - check a API string for validity when we only need to check the prefix - ******************************************************************/ + Check a API string for validity when we only need to check the prefix. +******************************************************************/ + static BOOL prefix_ok(const char *str, const char *prefix) { - return(strncmp(str,prefix,strlen(prefix)) == 0); + return(strncmp(str,prefix,strlen(prefix)) == 0); } struct pack_desc { - const char* format; /* formatstring for structure */ - const char* subformat; /* subformat for structure */ - char* base; /* baseaddress of buffer */ - int buflen; /* remaining size for fixed part; on init: length of base */ - int subcount; /* count of substructures */ - char* structbuf; /* pointer into buffer for remaining fixed part */ - int stringlen; /* remaining size for variable part */ - char* stringbuf; /* pointer into buffer for remaining variable part */ - int neededlen; /* total needed size */ - int usedlen; /* total used size (usedlen <= neededlen and usedlen <= buflen) */ - const char* curpos; /* current position; pointer into format or subformat */ - int errcode; + const char *format; /* formatstring for structure */ + const char *subformat; /* subformat for structure */ + char *base; /* baseaddress of buffer */ + int buflen; /* remaining size for fixed part; on init: length of base */ + int subcount; /* count of substructures */ + char *structbuf; /* pointer into buffer for remaining fixed part */ + int stringlen; /* remaining size for variable part */ + char *stringbuf; /* pointer into buffer for remaining variable part */ + int neededlen; /* total needed size */ + int usedlen; /* total used size (usedlen <= neededlen and usedlen <= buflen) */ + const char *curpos; /* current position; pointer into format or subformat */ + int errcode; }; -static int get_counter(const char** p) +static int get_counter(const char **p) { - int i, n; - if (!p || !(*p)) return(1); - if (!isdigit((int)**p)) return 1; - for (n = 0;;) { - i = **p; - if (isdigit(i)) - n = 10 * n + (i - '0'); - else - return n; - (*p)++; - } + int i, n; + if (!p || !(*p)) { + return 1; + } + if (!isdigit((int)**p)) { + return 1; + } + for (n = 0;;) { + i = **p; + if (isdigit(i)) { + n = 10 * n + (i - '0'); + } else { + return n; + } + (*p)++; + } } -static int getlen(const char* p) +static int getlen(const char *p) { - int n = 0; - if (!p) return(0); - while (*p) { - switch( *p++ ) { - case 'W': /* word (2 byte) */ - n += 2; - break; - case 'K': /* status word? (2 byte) */ - n += 2; - break; - case 'N': /* count of substructures (word) at end */ - n += 2; - break; - case 'D': /* double word (4 byte) */ - case 'z': /* offset to zero terminated string (4 byte) */ - case 'l': /* offset to user data (4 byte) */ - n += 4; - break; - case 'b': /* offset to data (with counter) (4 byte) */ - n += 4; - get_counter(&p); - break; - case 'B': /* byte (with optional counter) */ - n += get_counter(&p); - break; - } - } - return n; + int n = 0; + if (!p) { + return 0; + } + + while (*p) { + switch( *p++ ) { + case 'W': /* word (2 byte) */ + n += 2; + break; + case 'K': /* status word? (2 byte) */ + n += 2; + break; + case 'N': /* count of substructures (word) at end */ + n += 2; + break; + case 'D': /* double word (4 byte) */ + case 'z': /* offset to zero terminated string (4 byte) */ + case 'l': /* offset to user data (4 byte) */ + n += 4; + break; + case 'b': /* offset to data (with counter) (4 byte) */ + n += 4; + get_counter(&p); + break; + case 'B': /* byte (with optional counter) */ + n += get_counter(&p); + break; + } + } + return n; } -static BOOL init_package(struct pack_desc* p, int count, int subcount) +static BOOL init_package(struct pack_desc *p, int count, int subcount) { - int n = p->buflen; - int i; + int n = p->buflen; + int i; + + if (!p->format || !p->base) { + return False; + } - if (!p->format || !p->base) return(False); - - i = count * getlen(p->format); - if (p->subformat) i += subcount * getlen(p->subformat); - p->structbuf = p->base; - p->neededlen = 0; - p->usedlen = 0; - p->subcount = 0; - p->curpos = p->format; - if (i > n) { - p->neededlen = i; - i = n = 0; + i = count * getlen(p->format); + if (p->subformat) { + i += subcount * getlen(p->subformat); + } + p->structbuf = p->base; + p->neededlen = 0; + p->usedlen = 0; + p->subcount = 0; + p->curpos = p->format; + if (i > n) { + p->neededlen = i; + i = n = 0; #if 0 - /* - * This is the old error code we used. Aparently - * WinNT/2k systems return ERRbuftoosmall (2123) and - * OS/2 needs this. I'm leaving this here so we can revert - * if needed. JRA. - */ - p->errcode = ERRmoredata; + /* + * This is the old error code we used. Aparently + * WinNT/2k systems return ERRbuftoosmall (2123) and + * OS/2 needs this. I'm leaving this here so we can revert + * if needed. JRA. + */ + p->errcode = ERRmoredata; #else - p->errcode = ERRbuftoosmall; + p->errcode = ERRbuftoosmall; #endif - } - else - p->errcode = NERR_Success; - p->buflen = i; - n -= i; - p->stringbuf = p->base + i; - p->stringlen = n; - return(p->errcode == NERR_Success); + } else { + p->errcode = NERR_Success; + } + p->buflen = i; + n -= i; + p->stringbuf = p->base + i; + p->stringlen = n; + return (p->errcode == NERR_Success); } -static int package(struct pack_desc* p, ...) +static int package(struct pack_desc *p, ...) { - va_list args; - int needed=0, stringneeded; - const char* str=NULL; - int is_string=0, stringused; - int32 temp; + va_list args; + int needed=0, stringneeded; + const char *str=NULL; + int is_string=0, stringused; + int32 temp; - va_start(args,p); + va_start(args,p); - if (!*p->curpos) { - if (!p->subcount) - p->curpos = p->format; - else { - p->curpos = p->subformat; - p->subcount--; - } - } + if (!*p->curpos) { + if (!p->subcount) { + p->curpos = p->format; + } else { + p->curpos = p->subformat; + p->subcount--; + } + } #if CHECK_TYPES - str = va_arg(args,char*); - SMB_ASSERT(strncmp(str,p->curpos,strlen(str)) == 0); + str = va_arg(args,char*); + SMB_ASSERT(strncmp(str,p->curpos,strlen(str)) == 0); #endif - stringneeded = -1; + stringneeded = -1; - if (!p->curpos) { - va_end(args); - return(0); - } + if (!p->curpos) { + va_end(args); + return 0; + } - switch( *p->curpos++ ) { - case 'W': /* word (2 byte) */ - needed = 2; - temp = va_arg(args,int); - if (p->buflen >= needed) SSVAL(p->structbuf,0,temp); - break; - case 'K': /* status word? (2 byte) */ - needed = 2; - temp = va_arg(args,int); - if (p->buflen >= needed) SSVAL(p->structbuf,0,temp); - break; - case 'N': /* count of substructures (word) at end */ - needed = 2; - p->subcount = va_arg(args,int); - if (p->buflen >= needed) SSVAL(p->structbuf,0,p->subcount); - break; - case 'D': /* double word (4 byte) */ - needed = 4; - temp = va_arg(args,int); - if (p->buflen >= needed) SIVAL(p->structbuf,0,temp); - break; - case 'B': /* byte (with optional counter) */ - needed = get_counter(&p->curpos); - { - char *s = va_arg(args,char*); - if (p->buflen >= needed) StrnCpy(p->structbuf,s?s:"",needed-1); - } - break; - case 'z': /* offset to zero terminated string (4 byte) */ - str = va_arg(args,char*); - stringneeded = (str ? strlen(str)+1 : 0); - is_string = 1; - break; - case 'l': /* offset to user data (4 byte) */ - str = va_arg(args,char*); - stringneeded = va_arg(args,int); - is_string = 0; - break; - case 'b': /* offset to data (with counter) (4 byte) */ - str = va_arg(args,char*); - stringneeded = get_counter(&p->curpos); - is_string = 0; - break; - } - va_end(args); - if (stringneeded >= 0) { - needed = 4; - if (p->buflen >= needed) { - stringused = stringneeded; - if (stringused > p->stringlen) { - stringused = (is_string ? p->stringlen : 0); - if (p->errcode == NERR_Success) p->errcode = ERRmoredata; - } - if (!stringused) - SIVAL(p->structbuf,0,0); - else { - SIVAL(p->structbuf,0,PTR_DIFF(p->stringbuf,p->base)); - memcpy(p->stringbuf,str?str:"",stringused); - if (is_string) p->stringbuf[stringused-1] = '\0'; - p->stringbuf += stringused; - p->stringlen -= stringused; - p->usedlen += stringused; - } - } - p->neededlen += stringneeded; - } - p->neededlen += needed; - if (p->buflen >= needed) { - p->structbuf += needed; - p->buflen -= needed; - p->usedlen += needed; - } - else { - if (p->errcode == NERR_Success) p->errcode = ERRmoredata; - } - return 1; + switch( *p->curpos++ ) { + case 'W': /* word (2 byte) */ + needed = 2; + temp = va_arg(args,int); + if (p->buflen >= needed) { + SSVAL(p->structbuf,0,temp); + } + break; + case 'K': /* status word? (2 byte) */ + needed = 2; + temp = va_arg(args,int); + if (p->buflen >= needed) { + SSVAL(p->structbuf,0,temp); + } + break; + case 'N': /* count of substructures (word) at end */ + needed = 2; + p->subcount = va_arg(args,int); + if (p->buflen >= needed) { + SSVAL(p->structbuf,0,p->subcount); + } + break; + case 'D': /* double word (4 byte) */ + needed = 4; + temp = va_arg(args,int); + if (p->buflen >= needed) { + SIVAL(p->structbuf,0,temp); + } + break; + case 'B': /* byte (with optional counter) */ + needed = get_counter(&p->curpos); + { + char *s = va_arg(args,char*); + if (p->buflen >= needed) { + StrnCpy(p->structbuf,s?s:"",needed-1); + } + } + break; + case 'z': /* offset to zero terminated string (4 byte) */ + str = va_arg(args,char*); + stringneeded = (str ? strlen(str)+1 : 0); + is_string = 1; + break; + case 'l': /* offset to user data (4 byte) */ + str = va_arg(args,char*); + stringneeded = va_arg(args,int); + is_string = 0; + break; + case 'b': /* offset to data (with counter) (4 byte) */ + str = va_arg(args,char*); + stringneeded = get_counter(&p->curpos); + is_string = 0; + break; + } + + va_end(args); + if (stringneeded >= 0) { + needed = 4; + if (p->buflen >= needed) { + stringused = stringneeded; + if (stringused > p->stringlen) { + stringused = (is_string ? p->stringlen : 0); + if (p->errcode == NERR_Success) { + p->errcode = ERRmoredata; + } + } + if (!stringused) { + SIVAL(p->structbuf,0,0); + } else { + SIVAL(p->structbuf,0,PTR_DIFF(p->stringbuf,p->base)); + memcpy(p->stringbuf,str?str:"",stringused); + if (is_string) { + p->stringbuf[stringused-1] = '\0'; + } + p->stringbuf += stringused; + p->stringlen -= stringused; + p->usedlen += stringused; + } + } + p->neededlen += stringneeded; + } + + p->neededlen += needed; + if (p->buflen >= needed) { + p->structbuf += needed; + p->buflen -= needed; + p->usedlen += needed; + } else { + if (p->errcode == NERR_Success) { + p->errcode = ERRmoredata; + } + } + return 1; } #if CHECK_TYPES @@ -340,10 +378,10 @@ static void PACKS(struct pack_desc* desc,const char *t,const char *v) PACK(desc,t,v); } - /**************************************************************************** - get a print queue - ****************************************************************************/ + Get a print queue. +****************************************************************************/ + static void PackDriverData(struct pack_desc* desc) { char drivdata[4+4+32]; @@ -439,61 +477,61 @@ static int printq_status(int v) } static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, - struct pack_desc* desc, - print_queue_struct* queue, int n) + struct pack_desc *desc, + print_queue_struct *queue, int n) { - time_t t = queue->time; - - /* the client expects localtime */ - t -= TimeDiff(t); - - PACKI(desc,"W",pjobid_to_rap(lp_const_servicename(snum),queue->job)); /* uJobId */ - if (uLevel == 1) { - PACKS(desc,"B21",queue->fs_user); /* szUserName */ - PACKS(desc,"B",""); /* pad */ - PACKS(desc,"B16",""); /* szNotifyName */ - PACKS(desc,"B10","PM_Q_RAW"); /* szDataType */ - PACKS(desc,"z",""); /* pszParms */ - PACKI(desc,"W",n+1); /* uPosition */ - PACKI(desc,"W",printj_status(queue->status)); /* fsStatus */ - PACKS(desc,"z",""); /* pszStatus */ - PACKI(desc,"D",t); /* ulSubmitted */ - PACKI(desc,"D",queue->size); /* ulSize */ - PACKS(desc,"z",queue->fs_file); /* pszComment */ - } - if (uLevel == 2 || uLevel == 3 || uLevel == 4) { - PACKI(desc,"W",queue->priority); /* uPriority */ - PACKS(desc,"z",queue->fs_user); /* pszUserName */ - PACKI(desc,"W",n+1); /* uPosition */ - PACKI(desc,"W",printj_status(queue->status)); /* fsStatus */ - PACKI(desc,"D",t); /* ulSubmitted */ - PACKI(desc,"D",queue->size); /* ulSize */ - PACKS(desc,"z","Samba"); /* pszComment */ - PACKS(desc,"z",queue->fs_file); /* pszDocument */ - if (uLevel == 3) { - PACKS(desc,"z",""); /* pszNotifyName */ - PACKS(desc,"z","PM_Q_RAW"); /* pszDataType */ - PACKS(desc,"z",""); /* pszParms */ - PACKS(desc,"z",""); /* pszStatus */ - PACKS(desc,"z",SERVICE(snum)); /* pszQueue */ - PACKS(desc,"z","lpd"); /* pszQProcName */ - PACKS(desc,"z",""); /* pszQProcParms */ - PACKS(desc,"z","NULL"); /* pszDriverName */ - PackDriverData(desc); /* pDriverData */ - PACKS(desc,"z",""); /* pszPrinterName */ - } else if (uLevel == 4) { /* OS2 */ - PACKS(desc,"z",""); /* pszSpoolFileName */ - PACKS(desc,"z",""); /* pszPortName */ - PACKS(desc,"z",""); /* pszStatus */ - PACKI(desc,"D",0); /* ulPagesSpooled */ - PACKI(desc,"D",0); /* ulPagesSent */ - PACKI(desc,"D",0); /* ulPagesPrinted */ - PACKI(desc,"D",0); /* ulTimePrinted */ - PACKI(desc,"D",0); /* ulExtendJobStatus */ - PACKI(desc,"D",0); /* ulStartPage */ - PACKI(desc,"D",0); /* ulEndPage */ - } - } + time_t t = queue->time; + + /* the client expects localtime */ + t -= get_time_zone(t); + + PACKI(desc,"W",pjobid_to_rap(lp_const_servicename(snum),queue->job)); /* uJobId */ + if (uLevel == 1) { + PACKS(desc,"B21",queue->fs_user); /* szUserName */ + PACKS(desc,"B",""); /* pad */ + PACKS(desc,"B16",""); /* szNotifyName */ + PACKS(desc,"B10","PM_Q_RAW"); /* szDataType */ + PACKS(desc,"z",""); /* pszParms */ + PACKI(desc,"W",n+1); /* uPosition */ + PACKI(desc,"W",printj_status(queue->status)); /* fsStatus */ + PACKS(desc,"z",""); /* pszStatus */ + PACKI(desc,"D",t); /* ulSubmitted */ + PACKI(desc,"D",queue->size); /* ulSize */ + PACKS(desc,"z",queue->fs_file); /* pszComment */ + } + if (uLevel == 2 || uLevel == 3 || uLevel == 4) { + PACKI(desc,"W",queue->priority); /* uPriority */ + PACKS(desc,"z",queue->fs_user); /* pszUserName */ + PACKI(desc,"W",n+1); /* uPosition */ + PACKI(desc,"W",printj_status(queue->status)); /* fsStatus */ + PACKI(desc,"D",t); /* ulSubmitted */ + PACKI(desc,"D",queue->size); /* ulSize */ + PACKS(desc,"z","Samba"); /* pszComment */ + PACKS(desc,"z",queue->fs_file); /* pszDocument */ + if (uLevel == 3) { + PACKS(desc,"z",""); /* pszNotifyName */ + PACKS(desc,"z","PM_Q_RAW"); /* pszDataType */ + PACKS(desc,"z",""); /* pszParms */ + PACKS(desc,"z",""); /* pszStatus */ + PACKS(desc,"z",SERVICE(snum)); /* pszQueue */ + PACKS(desc,"z","lpd"); /* pszQProcName */ + PACKS(desc,"z",""); /* pszQProcParms */ + PACKS(desc,"z","NULL"); /* pszDriverName */ + PackDriverData(desc); /* pDriverData */ + PACKS(desc,"z",""); /* pszPrinterName */ + } else if (uLevel == 4) { /* OS2 */ + PACKS(desc,"z",""); /* pszSpoolFileName */ + PACKS(desc,"z",""); /* pszPortName */ + PACKS(desc,"z",""); /* pszStatus */ + PACKI(desc,"D",0); /* ulPagesSpooled */ + PACKI(desc,"D",0); /* ulPagesSent */ + PACKI(desc,"D",0); /* ulPagesPrinted */ + PACKI(desc,"D",0); /* ulTimePrinted */ + PACKI(desc,"D",0); /* ulExtendJobStatus */ + PACKI(desc,"D",0); /* ulStartPage */ + PACKI(desc,"D",0); /* ulEndPage */ + } + } } /******************************************************************** @@ -2001,20 +2039,20 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,ch struct tm *t; time_t unixdate = time(NULL); - put_dos_date3(p,0,unixdate); /* this is the time that is looked at + srv_put_dos_date3(p,0,unixdate); /* this is the time that is looked at by NT in a "net time" operation, it seems to ignore the one below */ /* the client expects to get localtime, not GMT, in this bit (I think, this needs testing) */ - t = LocalTime(&unixdate); + t = localtime(&unixdate); SIVAL(p,4,0); /* msecs ? */ SCVAL(p,8,t->tm_hour); SCVAL(p,9,t->tm_min); SCVAL(p,10,t->tm_sec); SCVAL(p,11,0); /* hundredths of seconds */ - SSVALS(p,12,TimeDiff(unixdate)/60); /* timezone in minutes from GMT */ + SSVALS(p,12,get_time_zone(unixdate)/60); /* timezone in minutes from GMT */ SSVAL(p,14,10000); /* timer interval in 0.0001 of sec */ SCVAL(p,16,t->tm_mday); SCVAL(p,17,t->tm_mon + 1); @@ -2737,23 +2775,25 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param char *p2; const char *level_string; - /* get NIS home of a previously validated user - simeon */ - /* With share level security vuid will always be zero. - Don't depend on vuser being non-null !!. JRA */ - user_struct *vuser = get_valid_user_struct(vuid); - if(vuser != NULL) - DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, - vuser->user.unix_name)); + /* get NIS home of a previously validated user - simeon */ + /* With share level security vuid will always be zero. + Don't depend on vuser being non-null !!. JRA */ + user_struct *vuser = get_valid_user_struct(vuid); + if(vuser != NULL) { + DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, + vuser->user.unix_name)); + } - *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam_len = 6; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - DEBUG(4,("RNetUserGetInfo level=%d\n", uLevel)); + DEBUG(4,("RNetUserGetInfo level=%d\n", uLevel)); /* check it's a supported variant */ - if (strcmp(str1,"zWrLh") != 0) return False; - switch( uLevel ) - { + if (strcmp(str1,"zWrLh") != 0) { + return False; + } + switch( uLevel ) { case 0: level_string = "B21"; break; case 1: level_string = "B21BB16DWzzWz"; break; case 2: level_string = "B21BB16DWzzWzDzzzzDDDDWb21WWzWW"; break; @@ -2762,7 +2802,9 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param default: return False; } - if (strcmp(level_string,str2) != 0) return False; + if (strcmp(level_string,str2) != 0) { + return False; + } *rdata_len = mdrcnt + 1024; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); @@ -2776,13 +2818,12 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param memset(p,0,21); fstrcpy(p+usri11_name,UserName); /* 21 bytes - user name */ - if (uLevel > 0) - { + if (uLevel > 0) { SCVAL(p,usri11_pad,0); /* padding - 1 byte */ *p2 = 0; } - if (uLevel >= 10) - { + + if (uLevel >= 10) { SIVAL(p,usri11_comment,PTR_DIFF(p2,p)); /* comment */ pstrcpy(p2,"Comment"); p2 = skip_string(p2,1); @@ -2797,8 +2838,8 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param p2 = skip_string(p2,1); } - if (uLevel == 11) /* modelled after NTAS 3.51 reply */ - { + if (uLevel == 11) { + /* modelled after NTAS 3.51 reply */ SSVAL(p,usri11_priv,conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,usri11_auth_flags,AF_OP_PRINT); /* auth flags */ SIVALS(p,usri11_password_age,-1); /* password age */ @@ -2832,8 +2873,8 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SSVAL(p,usri11_code_page,0); /* code page */ } - if (uLevel == 1 || uLevel == 2) - { + + if (uLevel == 1 || uLevel == 2) { memset(p+22,' ',16); /* password */ SIVALS(p,38,-1); /* password age */ SSVAL(p,42, @@ -2847,8 +2888,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SIVAL(p,54,PTR_DIFF(p2,*rdata)); /* script_path */ pstrcpy(p2,vuser && vuser->logon_script ? vuser->logon_script : ""); p2 = skip_string(p2,1); - if (uLevel == 2) - { + if (uLevel == 2) { SIVAL(p,60,0); /* auth_flags */ SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); @@ -3506,47 +3546,46 @@ static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param /**************************************************************************** - The buffer was too small + The buffer was too small. ****************************************************************************/ -static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param, char *data, + int mdrcnt, int mprcnt, + char **rdata, char **rparam, + int *rdata_len, int *rparam_len) { - *rparam_len = MIN(*rparam_len,mprcnt); - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam_len = MIN(*rparam_len,mprcnt); + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - *rdata_len = 0; + *rdata_len = 0; - SSVAL(*rparam,0,NERR_BufTooSmall); + SSVAL(*rparam,0,NERR_BufTooSmall); - DEBUG(3,("Supplied buffer too small in API command\n")); + DEBUG(3,("Supplied buffer too small in API command\n")); - return(True); + return True; } - /**************************************************************************** - The request is not supported + The request is not supported. ****************************************************************************/ -static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, char *param, char *data, + int mdrcnt, int mprcnt, + char **rdata, char **rparam, + int *rdata_len, int *rparam_len) { - *rparam_len = 4; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam_len = 4; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - *rdata_len = 0; + *rdata_len = 0; - SSVAL(*rparam,0,NERR_notsupported); - SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,0,NERR_notsupported); + SSVAL(*rparam,2,0); /* converter word */ - DEBUG(3,("Unsupported API command\n")); + DEBUG(3,("Unsupported API command\n")); - return(True); + return True; } static const struct { -- cgit From 05ac2de0df78d22ad5afb42ea5c72ba17bef8395 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 3 Dec 2005 18:34:13 +0000 Subject: r12051: Merge across the lookup_name and lookup_sid work. Lets see how the build farm reacts :-) Volker (This used to be commit 9f99d04a54588cd9d1a1ab163ebb304437f932f7) --- source3/smbd/lanman.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 1e2a248851..90e36e2a83 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1837,9 +1837,6 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para gid_t *gids; size_t num_groups; size_t i; - fstring grp_domain; - fstring grp_name; - enum SID_NAME_USE grp_type; struct passwd *passwd; NTSTATUS result; @@ -1896,9 +1893,12 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para goto out; for (i=0; imem_ctx, &sids[i], NULL, &grp_name, + NULL) ) { + pstrcpy(p, grp_name); p += 21; count++; } -- cgit From 661c5c741a5285a5ddf8c1fc74ba50335f1c1931 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 10 Dec 2005 11:22:01 +0000 Subject: r12163: Change lookup_sid and lookup_name to return const char * instead of char *, use a temporary talloc_ctx for clarity. Volker (This used to be commit b15815c804bf3e558ed6357b5e9a6e3e0fac777f) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 90e36e2a83..4778702e7a 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1894,7 +1894,7 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para for (i=0; imem_ctx, &sids[i], NULL, &grp_name, NULL) ) { -- cgit From 0af1500fc0bafe61019f1b2ab1d9e1d369221240 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 3 Feb 2006 22:19:41 +0000 Subject: r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f) --- source3/smbd/lanman.c | 2750 ++++++++++++++++++++++++++----------------------- 1 file changed, 1480 insertions(+), 1270 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 4778702e7a..83dfdf0d8b 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1034,107 +1034,111 @@ static int get_server_info(uint32 servertype, struct srv_info_struct **servers, const char *domain) { - int count=0; - int alloced=0; - char **lines; - BOOL local_list_only; - int i; + int count=0; + int alloced=0; + char **lines; + BOOL local_list_only; + int i; - lines = file_lines_load(lock_path(SERVER_LIST), NULL); - if (!lines) { - DEBUG(4,("Can't open %s - %s\n",lock_path(SERVER_LIST),strerror(errno))); - return(0); - } + lines = file_lines_load(lock_path(SERVER_LIST), NULL, 0); + if (!lines) { + DEBUG(4,("Can't open %s - %s\n",lock_path(SERVER_LIST),strerror(errno))); + return 0; + } - /* request for everything is code for request all servers */ - if (servertype == SV_TYPE_ALL) - servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY); + /* request for everything is code for request all servers */ + if (servertype == SV_TYPE_ALL) { + servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY); + } - local_list_only = (servertype & SV_TYPE_LOCAL_LIST_ONLY); + local_list_only = (servertype & SV_TYPE_LOCAL_LIST_ONLY); - DEBUG(4,("Servertype search: %8x\n",servertype)); + DEBUG(4,("Servertype search: %8x\n",servertype)); - for (i=0;lines[i];i++) { - fstring stype; - struct srv_info_struct *s; - const char *ptr = lines[i]; - BOOL ok = True; + for (i=0;lines[i];i++) { + fstring stype; + struct srv_info_struct *s; + const char *ptr = lines[i]; + BOOL ok = True; - if (!*ptr) continue; + if (!*ptr) { + continue; + } - if (count == alloced) { - struct srv_info_struct *ts; + if (count == alloced) { + struct srv_info_struct *ts; - alloced += 10; - ts = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced); - if (!ts) { - DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n")); - return(0); - } - else *servers = ts; - memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count)); - } - s = &(*servers)[count]; + alloced += 10; + ts = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced); + if (!ts) { + DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n")); + return 0; + } else { + *servers = ts; + } + memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count)); + } + s = &(*servers)[count]; - if (!next_token(&ptr,s->name , NULL, sizeof(s->name))) continue; - if (!next_token(&ptr,stype , NULL, sizeof(stype))) continue; - if (!next_token(&ptr,s->comment, NULL, sizeof(s->comment))) continue; - if (!next_token(&ptr,s->domain , NULL, sizeof(s->domain))) { - /* this allows us to cope with an old nmbd */ - fstrcpy(s->domain,lp_workgroup()); - } + if (!next_token(&ptr,s->name, NULL, sizeof(s->name))) { + continue; + } + if (!next_token(&ptr,stype, NULL, sizeof(stype))) { + continue; + } + if (!next_token(&ptr,s->comment, NULL, sizeof(s->comment))) { + continue; + } + if (!next_token(&ptr,s->domain, NULL, sizeof(s->domain))) { + /* this allows us to cope with an old nmbd */ + fstrcpy(s->domain,lp_workgroup()); + } - if (sscanf(stype,"%X",&s->type) != 1) { - DEBUG(4,("r:host file ")); - ok = False; - } + if (sscanf(stype,"%X",&s->type) != 1) { + DEBUG(4,("r:host file ")); + ok = False; + } - /* Filter the servers/domains we return based on what was asked for. */ + /* Filter the servers/domains we return based on what was asked for. */ - /* Check to see if we are being asked for a local list only. */ - if(local_list_only && ((s->type & SV_TYPE_LOCAL_LIST_ONLY) == 0)) { - DEBUG(4,("r: local list only")); - ok = False; - } + /* Check to see if we are being asked for a local list only. */ + if(local_list_only && ((s->type & SV_TYPE_LOCAL_LIST_ONLY) == 0)) { + DEBUG(4,("r: local list only")); + ok = False; + } - /* doesn't match up: don't want it */ - if (!(servertype & s->type)) { - DEBUG(4,("r:serv type ")); - ok = False; - } + /* doesn't match up: don't want it */ + if (!(servertype & s->type)) { + DEBUG(4,("r:serv type ")); + ok = False; + } - if ((servertype & SV_TYPE_DOMAIN_ENUM) != - (s->type & SV_TYPE_DOMAIN_ENUM)) - { - DEBUG(4,("s: dom mismatch ")); - ok = False; - } + if ((servertype & SV_TYPE_DOMAIN_ENUM) != + (s->type & SV_TYPE_DOMAIN_ENUM)) { + DEBUG(4,("s: dom mismatch ")); + ok = False; + } - if (!strequal(domain, s->domain) && !(servertype & SV_TYPE_DOMAIN_ENUM)) - { - ok = False; - } + if (!strequal(domain, s->domain) && !(servertype & SV_TYPE_DOMAIN_ENUM)) { + ok = False; + } - /* We should never return a server type with a SV_TYPE_LOCAL_LIST_ONLY set. */ - s->type &= ~SV_TYPE_LOCAL_LIST_ONLY; + /* We should never return a server type with a SV_TYPE_LOCAL_LIST_ONLY set. */ + s->type &= ~SV_TYPE_LOCAL_LIST_ONLY; - if (ok) - { - DEBUG(4,("**SV** %20s %8x %25s %15s\n", - s->name, s->type, s->comment, s->domain)); - - s->server_added = True; - count++; - } - else - { - DEBUG(4,("%20s %8x %25s %15s\n", - s->name, s->type, s->comment, s->domain)); - } - } + if (ok) { + DEBUG(4,("**SV** %20s %8x %25s %15s\n", + s->name, s->type, s->comment, s->domain)); + s->server_added = True; + count++; + } else { + DEBUG(4,("%20s %8x %25s %15s\n", + s->name, s->type, s->comment, s->domain)); + } + } - file_lines_free(lines); - return(count); + file_lines_free(lines); + return count; } /******************************************************************* @@ -1145,75 +1149,79 @@ static int fill_srv_info(struct srv_info_struct *service, int uLevel, char **buf, int *buflen, char **stringbuf, int *stringspace, char *baseaddr) { - int struct_len; - char* p; - char* p2; - int l2; - int len; + int struct_len; + char* p; + char* p2; + int l2; + int len; - switch (uLevel) { - case 0: struct_len = 16; break; - case 1: struct_len = 26; break; - default: return -1; - } - - if (!buf) - { - len = 0; - switch (uLevel) - { - case 1: - len = strlen(service->comment)+1; - break; + switch (uLevel) { + case 0: + struct_len = 16; + break; + case 1: + struct_len = 26; + break; + default: + return -1; } + + if (!buf) { + len = 0; + switch (uLevel) { + case 1: + len = strlen(service->comment)+1; + break; + } - if (buflen) *buflen = struct_len; - if (stringspace) *stringspace = len; - return struct_len + len; - } + if (buflen) { + *buflen = struct_len; + } + if (stringspace) { + *stringspace = len; + } + return struct_len + len; + } - len = struct_len; - p = *buf; - if (*buflen < struct_len) return -1; - if (stringbuf) - { - p2 = *stringbuf; - l2 = *stringspace; - } - else - { - p2 = p + struct_len; - l2 = *buflen - struct_len; - } - if (!baseaddr) baseaddr = p; + len = struct_len; + p = *buf; + if (*buflen < struct_len) { + return -1; + } + if (stringbuf) { + p2 = *stringbuf; + l2 = *stringspace; + } else { + p2 = p + struct_len; + l2 = *buflen - struct_len; + } + if (!baseaddr) { + baseaddr = p; + } - switch (uLevel) - { - case 0: - push_ascii(p,service->name, MAX_NETBIOSNAME_LEN, STR_TERMINATE); - break; - - case 1: - push_ascii(p,service->name,MAX_NETBIOSNAME_LEN, STR_TERMINATE); - SIVAL(p,18,service->type); - SIVAL(p,22,PTR_DIFF(p2,baseaddr)); - len += CopyAndAdvance(&p2,service->comment,&l2); - break; - } - - if (stringbuf) - { - *buf = p + struct_len; - *buflen -= struct_len; - *stringbuf = p2; - *stringspace = l2; - } - else - { - *buf = p2; - *buflen -= len; - } - return len; + switch (uLevel) { + case 0: + push_ascii(p,service->name, MAX_NETBIOSNAME_LEN, STR_TERMINATE); + break; + + case 1: + push_ascii(p,service->name,MAX_NETBIOSNAME_LEN, STR_TERMINATE); + SIVAL(p,18,service->type); + SIVAL(p,22,PTR_DIFF(p2,baseaddr)); + len += CopyAndAdvance(&p2,service->comment,&l2); + break; + } + + if (stringbuf) { + *buf = p + struct_len; + *buflen -= struct_len; + *stringbuf = p2; + *stringspace = l2; + } else { + *buf = p2; + *buflen -= len; + } + return len; } @@ -1231,124 +1239,137 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param int mdrcnt, int mprcnt, char **rdata, char **rparam, int *rdata_len, int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); - uint32 servertype = IVAL(p,4); - char *p2; - int data_len, fixed_len, string_len; - int f_len = 0, s_len = 0; - struct srv_info_struct *servers=NULL; - int counted=0,total=0; - int i,missed; - fstring domain; - BOOL domain_request; - BOOL local_request; - - /* If someone sets all the bits they don't really mean to set - DOMAIN_ENUM and LOCAL_LIST_ONLY, they just want all the - known servers. */ - - if (servertype == SV_TYPE_ALL) - servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY); - - /* If someone sets SV_TYPE_LOCAL_LIST_ONLY but hasn't set - any other bit (they may just set this bit on it's own) they - want all the locally seen servers. However this bit can be - set on its own so set the requested servers to be - ALL - DOMAIN_ENUM. */ - - if ((servertype & SV_TYPE_LOCAL_LIST_ONLY) && !(servertype & SV_TYPE_DOMAIN_ENUM)) - servertype = SV_TYPE_ALL & ~(SV_TYPE_DOMAIN_ENUM); - - domain_request = ((servertype & SV_TYPE_DOMAIN_ENUM) != 0); - local_request = ((servertype & SV_TYPE_LOCAL_LIST_ONLY) != 0); - - p += 8; - - if (!prefix_ok(str1,"WrLehD")) return False; - if (!check_server_info(uLevel,str2)) return False; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + int buf_len = SVAL(p,2); + uint32 servertype = IVAL(p,4); + char *p2; + int data_len, fixed_len, string_len; + int f_len = 0, s_len = 0; + struct srv_info_struct *servers=NULL; + int counted=0,total=0; + int i,missed; + fstring domain; + BOOL domain_request; + BOOL local_request; + + /* If someone sets all the bits they don't really mean to set + DOMAIN_ENUM and LOCAL_LIST_ONLY, they just want all the + known servers. */ + + if (servertype == SV_TYPE_ALL) { + servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY); + } + + /* If someone sets SV_TYPE_LOCAL_LIST_ONLY but hasn't set + any other bit (they may just set this bit on it's own) they + want all the locally seen servers. However this bit can be + set on its own so set the requested servers to be + ALL - DOMAIN_ENUM. */ + + if ((servertype & SV_TYPE_LOCAL_LIST_ONLY) && !(servertype & SV_TYPE_DOMAIN_ENUM)) { + servertype = SV_TYPE_ALL & ~(SV_TYPE_DOMAIN_ENUM); + } + + domain_request = ((servertype & SV_TYPE_DOMAIN_ENUM) != 0); + local_request = ((servertype & SV_TYPE_LOCAL_LIST_ONLY) != 0); + + p += 8; + + if (!prefix_ok(str1,"WrLehD")) { + return False; + } + if (!check_server_info(uLevel,str2)) { + return False; + } - DEBUG(4, ("server request level: %s %8x ", str2, servertype)); - DEBUG(4, ("domains_req:%s ", BOOLSTR(domain_request))); - DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request))); - - if (strcmp(str1, "WrLehDz") == 0) { - pull_ascii_fstring(domain, p); - } else { - fstrcpy(domain, lp_workgroup()); - } - - if (lp_browse_list()) - total = get_server_info(servertype,&servers,domain); - - data_len = fixed_len = string_len = 0; - missed = 0; - - if (total > 0) - qsort(servers,total,sizeof(servers[0]),QSORT_CAST srv_comp); - - { - char *lastname=NULL; - - for (i=0;iname)) continue; - lastname = s->name; - data_len += fill_srv_info(s,uLevel,0,&f_len,0,&s_len,0); - DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n", - s->name, s->type, s->comment, s->domain)); + DEBUG(4, ("server request level: %s %8x ", str2, servertype)); + DEBUG(4, ("domains_req:%s ", BOOLSTR(domain_request))); + DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request))); + + if (strcmp(str1, "WrLehDz") == 0) { + pull_ascii_fstring(domain, p); + } else { + fstrcpy(domain, lp_workgroup()); + } + + if (lp_browse_list()) { + total = get_server_info(servertype,&servers,domain); + } + + data_len = fixed_len = string_len = 0; + missed = 0; + + if (total > 0) { + qsort(servers,total,sizeof(servers[0]),QSORT_CAST srv_comp); + } + + { + char *lastname=NULL; + + for (i=0;iname)) { + continue; + } + lastname = s->name; + data_len += fill_srv_info(s,uLevel,0,&f_len,0,&s_len,0); + DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n", + s->name, s->type, s->comment, s->domain)); - if (data_len <= buf_len) { - counted++; - fixed_len += f_len; - string_len += s_len; - } else { - missed++; - } - } - } - - *rdata_len = fixed_len + string_len; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); - memset(*rdata,'\0',*rdata_len); + if (data_len <= buf_len) { + counted++; + fixed_len += f_len; + string_len += s_len; + } else { + missed++; + } + } + } + + *rdata_len = fixed_len + string_len; + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + memset(*rdata,'\0',*rdata_len); - p2 = (*rdata) + fixed_len; /* auxilliary data (strings) will go here */ - p = *rdata; - f_len = fixed_len; - s_len = string_len; - - { - char *lastname=NULL; - int count2 = counted; - for (i = 0; i < total && count2;i++) - { - struct srv_info_struct *s = &servers[i]; - if (lastname && strequal(lastname,s->name)) continue; - lastname = s->name; - fill_srv_info(s,uLevel,&p,&f_len,&p2,&s_len,*rdata); - DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n", - s->name, s->type, s->comment, s->domain)); - count2--; - } - } + p2 = (*rdata) + fixed_len; /* auxilliary data (strings) will go here */ + p = *rdata; + f_len = fixed_len; + s_len = string_len; + + { + char *lastname=NULL; + int count2 = counted; + + for (i = 0; i < total && count2;i++) { + struct srv_info_struct *s = &servers[i]; + + if (lastname && strequal(lastname,s->name)) { + continue; + } + lastname = s->name; + fill_srv_info(s,uLevel,&p,&f_len,&p2,&s_len,*rdata); + DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n", + s->name, s->type, s->comment, s->domain)); + count2--; + } + } - *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVAL(*rparam,0,(missed == 0 ? NERR_Success : ERRmoredata)); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,counted); - SSVAL(*rparam,6,counted+missed); + *rparam_len = 8; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVAL(*rparam,0,(missed == 0 ? NERR_Success : ERRmoredata)); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,counted); + SSVAL(*rparam,6,counted+missed); - SAFE_FREE(servers); + SAFE_FREE(servers); - DEBUG(3,("NetServerEnum domain = %s uLevel=%d counted=%d total=%d\n", - domain,uLevel,counted,counted+missed)); + DEBUG(3,("NetServerEnum domain = %s uLevel=%d counted=%d total=%d\n", + domain,uLevel,counted,counted+missed)); - return(True); + return True; } /**************************************************************************** @@ -1359,30 +1380,32 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *pa int mdrcnt, int mprcnt, char **rdata, char **rparam, int *rdata_len, int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); - int counted=0; - int missed=0; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + int buf_len = SVAL(p,2); + int counted=0; + int missed=0; DEBUG(5,("RNetGroupGetUsers: %s %s %s %d %d\n", str1, str2, p, uLevel, buf_len)); - if (!prefix_ok(str1,"zWrLeh")) return False; + if (!prefix_ok(str1,"zWrLeh")) { + return False; + } - *rdata_len = 0; + *rdata_len = 0; - *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam_len = 8; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVAL(*rparam,0,0x08AC); /* informational warning message */ - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,counted); - SSVAL(*rparam,6,counted+missed); + SSVAL(*rparam,0,0x08AC); /* informational warning message */ + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,counted); + SSVAL(*rparam,6,counted+missed); - return(True); + return True; } /**************************************************************************** @@ -1391,117 +1414,146 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *pa static BOOL check_share_info(int uLevel, char* id) { - switch( uLevel ) { - case 0: - if (strcmp(id,"B13") != 0) return False; - break; - case 1: - if (strcmp(id,"B13BWz") != 0) return False; - break; - case 2: - if (strcmp(id,"B13BWzWWWzB9B") != 0) return False; - break; - case 91: - if (strcmp(id,"B13BWzWWWzB9BB9BWzWWzWW") != 0) return False; - break; - default: return False; - } - return True; + switch( uLevel ) { + case 0: + if (strcmp(id,"B13") != 0) { + return False; + } + break; + case 1: + if (strcmp(id,"B13BWz") != 0) { + return False; + } + break; + case 2: + if (strcmp(id,"B13BWzWWWzB9B") != 0) { + return False; + } + break; + case 91: + if (strcmp(id,"B13BWzWWWzB9BB9BWzWWzWW") != 0) { + return False; + } + break; + default: + return False; + } + return True; } static int fill_share_info(connection_struct *conn, int snum, int uLevel, char** buf, int* buflen, char** stringbuf, int* stringspace, char* baseaddr) { - int struct_len; - char* p; - char* p2; - int l2; - int len; + int struct_len; + char* p; + char* p2; + int l2; + int len; - switch( uLevel ) { - case 0: struct_len = 13; break; - case 1: struct_len = 20; break; - case 2: struct_len = 40; break; - case 91: struct_len = 68; break; - default: return -1; - } + switch( uLevel ) { + case 0: + struct_len = 13; + break; + case 1: + struct_len = 20; + break; + case 2: + struct_len = 40; + break; + case 91: + struct_len = 68; + break; + default: + return -1; + } - if (!buf) - { - len = 0; - if (uLevel > 0) len += StrlenExpanded(conn,snum,lp_comment(snum)); - if (uLevel > 1) len += strlen(lp_pathname(snum)) + 1; - if (buflen) *buflen = struct_len; - if (stringspace) *stringspace = len; - return struct_len + len; - } + if (!buf) { + len = 0; + + if (uLevel > 0) { + len += StrlenExpanded(conn,snum,lp_comment(snum)); + } + if (uLevel > 1) { + len += strlen(lp_pathname(snum)) + 1; + } + if (buflen) { + *buflen = struct_len; + } + if (stringspace) { + *stringspace = len; + } + return struct_len + len; + } - len = struct_len; - p = *buf; - if ((*buflen) < struct_len) return -1; - if (stringbuf) - { - p2 = *stringbuf; - l2 = *stringspace; - } - else - { - p2 = p + struct_len; - l2 = (*buflen) - struct_len; - } - if (!baseaddr) baseaddr = p; + len = struct_len; + p = *buf; + if ((*buflen) < struct_len) { + return -1; + } + + if (stringbuf) { + p2 = *stringbuf; + l2 = *stringspace; + } else { + p2 = p + struct_len; + l2 = (*buflen) - struct_len; + } + + if (!baseaddr) { + baseaddr = p; + } - push_ascii(p,lp_servicename(snum),13, STR_TERMINATE); + push_ascii(p,lp_servicename(snum),13, STR_TERMINATE); - if (uLevel > 0) - { - int type; - SCVAL(p,13,0); - type = STYPE_DISKTREE; - if (lp_print_ok(snum)) type = STYPE_PRINTQ; - if (strequal("IPC",lp_fstype(snum))) type = STYPE_IPC; - SSVAL(p,14,type); /* device type */ - SIVAL(p,16,PTR_DIFF(p2,baseaddr)); - len += CopyExpanded(conn,snum,&p2,lp_comment(snum),&l2); - } + if (uLevel > 0) { + int type; + + SCVAL(p,13,0); + type = STYPE_DISKTREE; + if (lp_print_ok(snum)) { + type = STYPE_PRINTQ; + } + if (strequal("IPC",lp_fstype(snum))) { + type = STYPE_IPC; + } + SSVAL(p,14,type); /* device type */ + SIVAL(p,16,PTR_DIFF(p2,baseaddr)); + len += CopyExpanded(conn,snum,&p2,lp_comment(snum),&l2); + } - if (uLevel > 1) - { - SSVAL(p,20,ACCESS_READ|ACCESS_WRITE|ACCESS_CREATE); /* permissions */ - SSVALS(p,22,-1); /* max uses */ - SSVAL(p,24,1); /* current uses */ - SIVAL(p,26,PTR_DIFF(p2,baseaddr)); /* local pathname */ - len += CopyAndAdvance(&p2,lp_pathname(snum),&l2); - memset(p+30,0,SHPWLEN+2); /* passwd (reserved), pad field */ - } + if (uLevel > 1) { + SSVAL(p,20,ACCESS_READ|ACCESS_WRITE|ACCESS_CREATE); /* permissions */ + SSVALS(p,22,-1); /* max uses */ + SSVAL(p,24,1); /* current uses */ + SIVAL(p,26,PTR_DIFF(p2,baseaddr)); /* local pathname */ + len += CopyAndAdvance(&p2,lp_pathname(snum),&l2); + memset(p+30,0,SHPWLEN+2); /* passwd (reserved), pad field */ + } - if (uLevel > 2) - { - memset(p+40,0,SHPWLEN+2); - SSVAL(p,50,0); - SIVAL(p,52,0); - SSVAL(p,56,0); - SSVAL(p,58,0); - SIVAL(p,60,0); - SSVAL(p,64,0); - SSVAL(p,66,0); - } + if (uLevel > 2) { + memset(p+40,0,SHPWLEN+2); + SSVAL(p,50,0); + SIVAL(p,52,0); + SSVAL(p,56,0); + SSVAL(p,58,0); + SIVAL(p,60,0); + SSVAL(p,64,0); + SSVAL(p,66,0); + } - if (stringbuf) - { - (*buf) = p + struct_len; - (*buflen) -= struct_len; - (*stringbuf) = p2; - (*stringspace) = l2; - } - else - { - (*buf) = p2; - (*buflen) -= len; - } - return len; + if (stringbuf) { + (*buf) = p + struct_len; + (*buflen) -= struct_len; + (*stringbuf) = p2; + (*stringspace) = l2; + } else { + (*buf) = p2; + (*buflen) -= len; + } + + return len; } static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, @@ -1509,31 +1561,39 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *para char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *netname = skip_string(str2,1); - char *p = skip_string(netname,1); - int uLevel = SVAL(p,0); - int snum = find_service(netname); + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *netname = skip_string(str2,1); + char *p = skip_string(netname,1); + int uLevel = SVAL(p,0); + int snum = find_service(netname); - if (snum < 0) return False; + if (snum < 0) { + return False; + } - /* check it's a supported varient */ - if (!prefix_ok(str1,"zWrLh")) return False; - if (!check_share_info(uLevel,str2)) return False; + /* check it's a supported varient */ + if (!prefix_ok(str1,"zWrLh")) { + return False; + } + if (!check_share_info(uLevel,str2)) { + return False; + } - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - p = *rdata; - *rdata_len = fill_share_info(conn,snum,uLevel,&p,&mdrcnt,0,0,0); - if (*rdata_len < 0) return False; + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + p = *rdata; + *rdata_len = fill_share_info(conn,snum,uLevel,&p,&mdrcnt,0,0,0); + if (*rdata_len < 0) { + return False; + } - *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVAL(*rparam,0,NERR_Success); - SSVAL(*rparam,2,0); /* converter word */ - SSVAL(*rparam,4,*rdata_len); + *rparam_len = 6; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,4,*rdata_len); - return(True); + return True; } /**************************************************************************** @@ -1557,78 +1617,87 @@ static BOOL api_RNetShareEnum( connection_struct *conn, int *rdata_len, int *rparam_len ) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); - char *p2; - int count=lp_numservices(); - int total=0,counted=0; - BOOL missed = False; - int i; - int data_len, fixed_len, string_len; - int f_len = 0, s_len = 0; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + int buf_len = SVAL(p,2); + char *p2; + int count = 0; + int total=0,counted=0; + BOOL missed = False; + int i; + int data_len, fixed_len, string_len; + int f_len = 0, s_len = 0; - if (!prefix_ok(str1,"WrLeh")) return False; - if (!check_share_info(uLevel,str2)) return False; + if (!prefix_ok(str1,"WrLeh")) { + return False; + } + if (!check_share_info(uLevel,str2)) { + return False; + } - data_len = fixed_len = string_len = 0; - for (i=0;i= 0) { /* already exists */ - res = ERRfilexists; - goto error_exit; - } - - /* only support disk share adds */ - if (SVAL(data,14)!=STYPE_DISKTREE) return False; - - offset = IVAL(data, 16); - if (offset >= mdrcnt) { - res = ERRinvalidparam; - goto error_exit; - } - pull_ascii_fstring(comment, offset? (data+offset) : ""); - - offset = IVAL(data, 26); - if (offset >= mdrcnt) { - res = ERRinvalidparam; - goto error_exit; - } - pull_ascii_pstring(pathname, offset? (data+offset) : ""); - - string_replace(sharename, '"', ' '); - string_replace(pathname, '"', ' '); - string_replace(comment, '"', ' '); - - cmdname = lp_add_share_cmd(); - - if (!cmdname || *cmdname == '\0') return False; - - asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"", - lp_add_share_cmd(), dyn_CONFIGFILE, sharename, pathname, comment); - - if (command) { - DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); - if ((res = smbrun(command, NULL)) != 0) { - DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n", command, res )); - SAFE_FREE(command); - res = ERRnoaccess; - goto error_exit; - } else { - SAFE_FREE(command); - message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL); - } - } else return False; - - *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVAL(*rparam,0,NERR_Success); - SSVAL(*rparam,2,0); /* converter word */ - SSVAL(*rparam,4,*rdata_len); - *rdata_len = 0; - - return True; - - error_exit: - *rparam_len = 4; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - *rdata_len = 0; - SSVAL(*rparam,0,res); - SSVAL(*rparam,2,0); - return True; -} - -/**************************************************************************** - view list of groups available - ****************************************************************************/ - -static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) -{ - int i; - int errflags=0; - int resume_context, cli_buf_size; char *str1 = param+2; char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + fstring sharename; + fstring comment; + pstring pathname; + char *command, *cmdname; + unsigned int offset; + int snum; + int res = ERRunsup; + + /* check it's a supported varient */ + if (!prefix_ok(str1,RAP_WShareAdd_REQ)) { + return False; + } + if (!check_share_info(uLevel,str2)) { + return False; + } + if (uLevel != 2) { + return False; + } - struct pdb_search *search; - struct samr_displayentry *entries; + pull_ascii_fstring(sharename,data); + snum = find_service(sharename); + if (snum >= 0) { /* already exists */ + res = ERRfilexists; + goto error_exit; + } - int num_entries; - - if (strcmp(str1,"WrLeh") != 0) + /* only support disk share adds */ + if (SVAL(data,14)!=STYPE_DISKTREE) { return False; + } - /* parameters - * W-> resume context (number of users to skip) - * r -> return parameter pointer to receive buffer - * L -> length of receive buffer - * e -> return parameter number of entries - * h -> return parameter total number of users - */ - if (strcmp("B21",str2) != 0) - return False; + offset = IVAL(data, 16); + if (offset >= mdrcnt) { + res = ERRinvalidparam; + goto error_exit; + } + + pull_ascii_fstring(comment, offset? (data+offset) : ""); + + offset = IVAL(data, 26); + + if (offset >= mdrcnt) { + res = ERRinvalidparam; + goto error_exit; + } + + pull_ascii_pstring(pathname, offset? (data+offset) : ""); + + string_replace(sharename, '"', ' '); + string_replace(pathname, '"', ' '); + string_replace(comment, '"', ' '); + + cmdname = lp_add_share_cmd(); + + if (!cmdname || *cmdname == '\0') { + return False; + } + + asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"", + lp_add_share_cmd(), dyn_CONFIGFILE, sharename, pathname, comment); + + if (command) { + DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); + + if ((res = smbrun(command, NULL)) != 0) { + DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n", command, res )); + SAFE_FREE(command); + res = ERRnoaccess; + goto error_exit; + } else { + SAFE_FREE(command); + message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL); + } + } else { + return False; + } + + *rparam_len = 6; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,4,*rdata_len); + *rdata_len = 0; + + return True; + + error_exit: + + *rparam_len = 4; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rdata_len = 0; + SSVAL(*rparam,0,res); + SSVAL(*rparam,2,0); + return True; +} + +/**************************************************************************** + view list of groups available + ****************************************************************************/ + +static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + int i; + int errflags=0; + int resume_context, cli_buf_size; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + + struct pdb_search *search; + struct samr_displayentry *entries; + + int num_entries; + + if (strcmp(str1,"WrLeh") != 0) { + return False; + } + + /* parameters + * W-> resume context (number of users to skip) + * r -> return parameter pointer to receive buffer + * L -> length of receive buffer + * e -> return parameter number of entries + * h -> return parameter total number of users + */ + + if (strcmp("B21",str2) != 0) { + return False; + } /* get list of domain groups SID_DOMAIN_GRP=2 */ become_root(); @@ -1837,8 +1926,10 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para gid_t *gids; size_t num_groups; size_t i; - struct passwd *passwd; NTSTATUS result; + DOM_SID user_sid; + enum SID_NAME_USE type; + TALLOC_CTX *mem_ctx; *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); @@ -1867,45 +1958,64 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para p = *rdata; + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + DEBUG(0, ("talloc_new failed\n")); + return False; + } + /* Lookup the user information; This should only be one of our accounts (not remote domains) */ - passwd = getpwnam_alloc(UserName); - - if (passwd == NULL) - return False; - - pdb_init_sam( &sampw ); - become_root(); /* ROOT BLOCK */ - if ( !pdb_getsampwnam(sampw, UserName) ) - goto out; + if (!lookup_name(mem_ctx, UserName, LOOKUP_NAME_ALL, + NULL, NULL, &user_sid, &type)) { + DEBUG(10, ("lookup_name(%s) failed\n", UserName)); + goto done; + } + + if (type != SID_NAME_USER) { + DEBUG(10, ("%s is a %s, not a user\n", UserName, + sid_type_lookup(type))); + goto done; + } + + if (!NT_STATUS_IS_OK(pdb_init_sam_talloc(mem_ctx, &sampw))) { + DEBUG(10, ("pdb_init_sam_talloc failed\n")); + goto done; + } + + if ( !pdb_getsampwsid(sampw, &user_sid) ) { + DEBUG(10, ("pdb_getsampwsid(%s) failed for user %s\n", + sid_string_static(&user_sid), UserName)); + goto done; + } + gids = NULL; sids = NULL; num_groups = 0; - result = pdb_enum_group_memberships(pdb_get_username(sampw), - passwd->pw_gid, + result = pdb_enum_group_memberships(mem_ctx, sampw, &sids, &gids, &num_groups); - if (!NT_STATUS_IS_OK(result)) - goto out; + if (!NT_STATUS_IS_OK(result)) { + DEBUG(10, ("pdb_enum_group_memberships failed for %s\n", + UserName)); + goto done; + } for (i=0; imem_ctx, &sids[i], NULL, &grp_name, - NULL) ) { + if ( lookup_sid(mem_ctx, &sids[i], NULL, &grp_name, NULL) ) { pstrcpy(p, grp_name); p += 21; count++; } } - SAFE_FREE(sids); - *rdata_len = PTR_DIFF(p,*rdata); SSVAL(*rparam,4,count); /* is this right?? */ @@ -1913,11 +2023,10 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para ret = True; -out: +done: unbecome_root(); /* END ROOT BLOCK */ - pdb_free_sam( &sampw ); - passwd_free(&passwd); + talloc_free(mem_ctx); return ret; } @@ -2023,43 +2132,42 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,ch char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *p; - *rparam_len = 4; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - - *rdata_len = 21; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); - - SSVAL(*rparam,0,NERR_Success); - SSVAL(*rparam,2,0); /* converter word */ - - p = *rdata; - - { - struct tm *t; - time_t unixdate = time(NULL); - - srv_put_dos_date3(p,0,unixdate); /* this is the time that is looked at - by NT in a "net time" operation, - it seems to ignore the one below */ - - /* the client expects to get localtime, not GMT, in this bit - (I think, this needs testing) */ - t = localtime(&unixdate); - - SIVAL(p,4,0); /* msecs ? */ - SCVAL(p,8,t->tm_hour); - SCVAL(p,9,t->tm_min); - SCVAL(p,10,t->tm_sec); - SCVAL(p,11,0); /* hundredths of seconds */ - SSVALS(p,12,get_time_zone(unixdate)/60); /* timezone in minutes from GMT */ - SSVAL(p,14,10000); /* timer interval in 0.0001 of sec */ - SCVAL(p,16,t->tm_mday); - SCVAL(p,17,t->tm_mon + 1); - SSVAL(p,18,1900+t->tm_year); - SCVAL(p,20,t->tm_wday); - } - return(True); + struct tm *t; + time_t unixdate = time(NULL); + char *p; + + *rparam_len = 4; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + + *rdata_len = 21; + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + + p = *rdata; + + srv_put_dos_date3(p,0,unixdate); /* this is the time that is looked at + by NT in a "net time" operation, + it seems to ignore the one below */ + + /* the client expects to get localtime, not GMT, in this bit + (I think, this needs testing) */ + t = localtime(&unixdate); + + SIVAL(p,4,0); /* msecs ? */ + SCVAL(p,8,t->tm_hour); + SCVAL(p,9,t->tm_min); + SCVAL(p,10,t->tm_sec); + SCVAL(p,11,0); /* hundredths of seconds */ + SSVALS(p,12,get_time_zone(unixdate)/60); /* timezone in minutes from GMT */ + SSVAL(p,14,10000); /* timer interval in 0.0001 of sec */ + SCVAL(p,16,t->tm_mday); + SCVAL(p,17,t->tm_mon + 1); + SSVAL(p,18,1900+t->tm_year); + SCVAL(p,20,t->tm_wday); + + return True; } /**************************************************************************** @@ -2111,7 +2219,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param } unbecome_root(); - free_server_info(&server_info); + talloc_free(server_info); } data_blob_clear_free(&password); } @@ -2421,103 +2529,117 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - char *p2; - int struct_len; - - DEBUG(4,("NetServerGetInfo level %d\n",uLevel)); - - /* check it's a supported varient */ - if (!prefix_ok(str1,"WrLh")) return False; - switch( uLevel ) { - case 0: - if (strcmp(str2,"B16") != 0) return False; - struct_len = 16; - break; - case 1: - if (strcmp(str2,"B16BBDz") != 0) return False; - struct_len = 26; - break; - case 2: - if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWz") - != 0) return False; - struct_len = 134; - break; - case 3: - if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWzDWz") - != 0) return False; - struct_len = 144; - break; - case 20: - if (strcmp(str2,"DN") != 0) return False; - struct_len = 6; - break; - case 50: - if (strcmp(str2,"B16BBDzWWzzz") != 0) return False; - struct_len = 42; - break; - default: return False; - } - - *rdata_len = mdrcnt; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); - - p = *rdata; - p2 = p + struct_len; - if (uLevel != 20) { - srvstr_push(NULL, p,get_local_machine_name(),16, - STR_ASCII|STR_UPPER|STR_TERMINATE); - } - p += 16; - if (uLevel > 0) - { - struct srv_info_struct *servers=NULL; - int i,count; - pstring comment; - uint32 servertype= lp_default_server_announce(); - - push_ascii(comment,lp_serverstring(), MAX_SERVER_STRING_LENGTH,STR_TERMINATE); - - if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) { - for (i=0;i 1) - { - return False; /* not yet implemented */ - } - - *rdata_len = PTR_DIFF(p2,*rdata); - - *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVAL(*rparam,0,NERR_Success); - SSVAL(*rparam,2,0); /* converter word */ - SSVAL(*rparam,4,*rdata_len); - - return(True); + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel = SVAL(p,0); + char *p2; + int struct_len; + + DEBUG(4,("NetServerGetInfo level %d\n",uLevel)); + + /* check it's a supported varient */ + if (!prefix_ok(str1,"WrLh")) { + return False; + } + + switch( uLevel ) { + case 0: + if (strcmp(str2,"B16") != 0) { + return False; + } + struct_len = 16; + break; + case 1: + if (strcmp(str2,"B16BBDz") != 0) { + return False; + } + struct_len = 26; + break; + case 2: + if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWz")!= 0) { + return False; + } + struct_len = 134; + break; + case 3: + if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWzDWz") != 0) { + return False; + } + struct_len = 144; + break; + case 20: + if (strcmp(str2,"DN") != 0) { + return False; + } + struct_len = 6; + break; + case 50: + if (strcmp(str2,"B16BBDzWWzzz") != 0) { + return False; + } + struct_len = 42; + break; + default: + return False; + } + + *rdata_len = mdrcnt; + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + + p = *rdata; + p2 = p + struct_len; + if (uLevel != 20) { + srvstr_push(NULL, p,get_local_machine_name(),16, + STR_ASCII|STR_UPPER|STR_TERMINATE); + } + p += 16; + if (uLevel > 0) { + struct srv_info_struct *servers=NULL; + int i,count; + pstring comment; + uint32 servertype= lp_default_server_announce(); + + push_ascii(comment,lp_serverstring(), MAX_SERVER_STRING_LENGTH,STR_TERMINATE); + + if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) { + for (i=0;i 1) { + return False; /* not yet implemented */ + } + + *rdata_len = PTR_DIFF(p2,*rdata); + + *rparam_len = 6; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,4,*rdata_len); + + return True; } /**************************************************************************** @@ -2529,67 +2651,67 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - char *p2; - int level = SVAL(p,0); - - DEBUG(4,("NetWkstaGetInfo level %d\n",level)); + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + char *p2; + int level = SVAL(p,0); - *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + DEBUG(4,("NetWkstaGetInfo level %d\n",level)); - /* check it's a supported varient */ - if (!(level==10 && strcsequal(str1,"WrLh") && strcsequal(str2,"zzzBBzz"))) - return(False); + *rparam_len = 6; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - *rdata_len = mdrcnt + 1024; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + /* check it's a supported varient */ + if (!(level==10 && strcsequal(str1,"WrLh") && strcsequal(str2,"zzzBBzz"))) { + return False; + } - SSVAL(*rparam,0,NERR_Success); - SSVAL(*rparam,2,0); /* converter word */ + *rdata_len = mdrcnt + 1024; + *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); - p = *rdata; - p2 = p + 22; + SSVAL(*rparam,0,NERR_Success); + SSVAL(*rparam,2,0); /* converter word */ + p = *rdata; + p2 = p + 22; - SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */ - pstrcpy(p2,get_local_machine_name()); - strupper_m(p2); - p2 = skip_string(p2,1); - p += 4; + SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */ + pstrcpy(p2,get_local_machine_name()); + strupper_m(p2); + p2 = skip_string(p2,1); + p += 4; - SIVAL(p,0,PTR_DIFF(p2,*rdata)); - pstrcpy(p2,current_user_info.smb_name); - p2 = skip_string(p2,1); - p += 4; + SIVAL(p,0,PTR_DIFF(p2,*rdata)); + pstrcpy(p2,current_user_info.smb_name); + p2 = skip_string(p2,1); + p += 4; - SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */ - pstrcpy(p2,lp_workgroup()); - strupper_m(p2); - p2 = skip_string(p2,1); - p += 4; + SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */ + pstrcpy(p2,lp_workgroup()); + strupper_m(p2); + p2 = skip_string(p2,1); + p += 4; - SCVAL(p,0,lp_major_announce_version()); /* system version - e.g 4 in 4.1 */ - SCVAL(p,1,lp_minor_announce_version()); /* system version - e.g .1 in 4.1 */ - p += 2; + SCVAL(p,0,lp_major_announce_version()); /* system version - e.g 4 in 4.1 */ + SCVAL(p,1,lp_minor_announce_version()); /* system version - e.g .1 in 4.1 */ + p += 2; - SIVAL(p,0,PTR_DIFF(p2,*rdata)); - pstrcpy(p2,lp_workgroup()); /* don't know. login domain?? */ - p2 = skip_string(p2,1); - p += 4; + SIVAL(p,0,PTR_DIFF(p2,*rdata)); + pstrcpy(p2,lp_workgroup()); /* don't know. login domain?? */ + p2 = skip_string(p2,1); + p += 4; - SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */ - pstrcpy(p2,""); - p2 = skip_string(p2,1); - p += 4; + SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */ + pstrcpy(p2,""); + p2 = skip_string(p2,1); + p += 4; - *rdata_len = PTR_DIFF(p2,*rdata); + *rdata_len = PTR_DIFF(p2,*rdata); - SSVAL(*rparam,4,*rdata_len); + SSVAL(*rparam,4,*rdata_len); - return(True); + return True; } /**************************************************************************** @@ -2929,75 +3051,83 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel; - struct pack_desc desc; - char* name; - /* With share level security vuid will always be zero. - Don't depend on vuser being non-null !!. JRA */ - user_struct *vuser = get_valid_user_struct(vuid); - if(vuser != NULL) - DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, - vuser->user.unix_name)); - - uLevel = SVAL(p,0); - name = p + 2; - - memset((char *)&desc,'\0',sizeof(desc)); - - DEBUG(3,("WWkstaUserLogon uLevel=%d name=%s\n",uLevel,name)); - - /* check it's a supported varient */ - if (strcmp(str1,"OOWb54WrLh") != 0) return False; - if (uLevel != 1 || strcmp(str2,"WB21BWDWWDDDDDDDzzzD") != 0) return False; - if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; - desc.subformat = NULL; - desc.format = str2; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + struct pack_desc desc; + char* name; + /* With share level security vuid will always be zero. + Don't depend on vuser being non-null !!. JRA */ + user_struct *vuser = get_valid_user_struct(vuid); + + if(vuser != NULL) { + DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, + vuser->user.unix_name)); + } + + uLevel = SVAL(p,0); + name = p + 2; + + memset((char *)&desc,'\0',sizeof(desc)); + + DEBUG(3,("WWkstaUserLogon uLevel=%d name=%s\n",uLevel,name)); + + /* check it's a supported varient */ + if (strcmp(str1,"OOWb54WrLh") != 0) { + return False; + } + if (uLevel != 1 || strcmp(str2,"WB21BWDWWDDDDDDDzzzD") != 0) { + return False; + } + if (mdrcnt > 0) { + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + } + + desc.base = *rdata; + desc.buflen = mdrcnt; + desc.subformat = NULL; + desc.format = str2; - if (init_package(&desc,1,0)) - { - PACKI(&desc,"W",0); /* code */ - PACKS(&desc,"B21",name); /* eff. name */ - PACKS(&desc,"B",""); /* pad */ - PACKI(&desc,"W", - conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); - PACKI(&desc,"D",0); /* auth flags XXX */ - PACKI(&desc,"W",0); /* num logons */ - PACKI(&desc,"W",0); /* bad pw count */ - PACKI(&desc,"D",0); /* last logon */ - PACKI(&desc,"D",-1); /* last logoff */ - PACKI(&desc,"D",-1); /* logoff time */ - PACKI(&desc,"D",-1); /* kickoff time */ - PACKI(&desc,"D",0); /* password age */ - PACKI(&desc,"D",0); /* password can change */ - PACKI(&desc,"D",-1); /* password must change */ - { - fstring mypath; - fstrcpy(mypath,"\\\\"); - fstrcat(mypath,get_local_machine_name()); - strupper_m(mypath); - PACKS(&desc,"z",mypath); /* computer */ - } - PACKS(&desc,"z",lp_workgroup());/* domain */ - - PACKS(&desc,"z", vuser && vuser->logon_script ? vuser->logon_script :""); /* script path */ - - PACKI(&desc,"D",0x00000000); /* reserved */ - } - - *rdata_len = desc.usedlen; - *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,desc.errcode); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,desc.neededlen); - - DEBUG(4,("WWkstaUserLogon: errorcode %d\n",desc.errcode)); - return(True); + if (init_package(&desc,1,0)) { + PACKI(&desc,"W",0); /* code */ + PACKS(&desc,"B21",name); /* eff. name */ + PACKS(&desc,"B",""); /* pad */ + PACKI(&desc,"W", conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); + PACKI(&desc,"D",0); /* auth flags XXX */ + PACKI(&desc,"W",0); /* num logons */ + PACKI(&desc,"W",0); /* bad pw count */ + PACKI(&desc,"D",0); /* last logon */ + PACKI(&desc,"D",-1); /* last logoff */ + PACKI(&desc,"D",-1); /* logoff time */ + PACKI(&desc,"D",-1); /* kickoff time */ + PACKI(&desc,"D",0); /* password age */ + PACKI(&desc,"D",0); /* password can change */ + PACKI(&desc,"D",-1); /* password must change */ + + { + fstring mypath; + fstrcpy(mypath,"\\\\"); + fstrcat(mypath,get_local_machine_name()); + strupper_m(mypath); + PACKS(&desc,"z",mypath); /* computer */ + } + + PACKS(&desc,"z",lp_workgroup());/* domain */ + PACKS(&desc,"z", vuser && vuser->logon_script ? vuser->logon_script :""); /* script path */ + PACKI(&desc,"D",0x00000000); /* reserved */ + } + + *rdata_len = desc.usedlen; + *rparam_len = 6; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,desc.neededlen); + + DEBUG(4,("WWkstaUserLogon: errorcode %d\n",desc.errcode)); + + return True; } /**************************************************************************** @@ -3009,24 +3139,28 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *p char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *user = skip_string(str2,1); - char *resource = skip_string(user,1); + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *user = skip_string(str2,1); + char *resource = skip_string(user,1); - DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user,resource)); + DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user,resource)); - /* check it's a supported varient */ - if (strcmp(str1,"zzh") != 0) return False; - if (strcmp(str2,"") != 0) return False; + /* check it's a supported varient */ + if (strcmp(str1,"zzh") != 0) { + return False; + } + if (strcmp(str2,"") != 0) { + return False; + } - *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,0); /* errorcode */ - SSVAL(*rparam,2,0); /* converter word */ - SSVAL(*rparam,4,0x7f); /* permission flags */ + *rparam_len = 6; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVALS(*rparam,0,0); /* errorcode */ + SSVAL(*rparam,2,0); /* converter word */ + SSVAL(*rparam,4,0x7f); /* permission flags */ - return(True); + return True; } /**************************************************************************** @@ -3038,192 +3172,224 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel; - int count; - int i; - int snum; - fstring sharename; - uint32 jobid; - struct pack_desc desc; - print_queue_struct *queue=NULL; - print_status_struct status; - char *tmpdata=NULL; - - uLevel = SVAL(p,2); - - memset((char *)&desc,'\0',sizeof(desc)); - memset((char *)&status,'\0',sizeof(status)); - - DEBUG(3,("WPrintJobGetInfo uLevel=%d uJobId=0x%X\n",uLevel,SVAL(p,0))); - - /* check it's a supported varient */ - if (strcmp(str1,"WWrLh") != 0) return False; - if (!check_printjob_info(&desc,uLevel,str2)) return False; - - if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) - return False; - - snum = lp_servicenumber( sharename); - if (snum < 0 || !VALID_SNUM(snum)) return(False); - - count = print_queue_status(snum,&queue,&status); - for (i = 0; i < count; i++) { - if (queue[i].job == jobid) break; - } - - if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; - } else { - /* - * Don't return data but need to get correct length - * init_package will return wrong size if buflen=0 - */ - desc.buflen = getlen(desc.format); - desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen ); - } - - if (init_package(&desc,1,0)) { - if (i < count) { - fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i); - *rdata_len = desc.usedlen; - } - else { - desc.errcode = NERR_JobNotFound; - *rdata_len = 0; - } - } - - *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,desc.errcode); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,desc.neededlen); - - SAFE_FREE(queue); - SAFE_FREE(tmpdata); - - DEBUG(4,("WPrintJobGetInfo: errorcode %d\n",desc.errcode)); - return(True); -} + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + int count; + int i; + int snum; + fstring sharename; + uint32 jobid; + struct pack_desc desc; + print_queue_struct *queue=NULL; + print_status_struct status; + char *tmpdata=NULL; -static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) -{ - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - char* name = p; - int uLevel; - int count; - int i, succnt=0; - int snum; - struct pack_desc desc; - print_queue_struct *queue=NULL; - print_status_struct status; - - memset((char *)&desc,'\0',sizeof(desc)); - memset((char *)&status,'\0',sizeof(status)); - - p = skip_string(p,1); - uLevel = SVAL(p,0); - - DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name)); - - /* check it's a supported variant */ - if (strcmp(str1,"zWrLeh") != 0) - return False; - - if (uLevel > 2) - return False; /* defined only for uLevel 0,1,2 */ - - if (!check_printjob_info(&desc,uLevel,str2)) - return False; - - snum = find_service(name); - if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) - return False; - - count = print_queue_status(snum,&queue,&status); - if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; - - if (init_package(&desc,count,0)) { - succnt = 0; - for (i = 0; i < count; i++) { - fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i); - if (desc.errcode == NERR_Success) succnt = i+1; - } - } - - *rdata_len = desc.usedlen; - - *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,desc.errcode); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,succnt); - SSVAL(*rparam,6,count); - - SAFE_FREE(queue); - - DEBUG(4,("WPrintJobEnumerate: errorcode %d\n",desc.errcode)); - return(True); -} + uLevel = SVAL(p,2); + + memset((char *)&desc,'\0',sizeof(desc)); + memset((char *)&status,'\0',sizeof(status)); + + DEBUG(3,("WPrintJobGetInfo uLevel=%d uJobId=0x%X\n",uLevel,SVAL(p,0))); + + /* check it's a supported varient */ + if (strcmp(str1,"WWrLh") != 0) { + return False; + } + if (!check_printjob_info(&desc,uLevel,str2)) { + return False; + } + + if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) { + return False; + } + + snum = lp_servicenumber( sharename); + if (snum < 0 || !VALID_SNUM(snum)) { + return(False); + } + + count = print_queue_status(snum,&queue,&status); + for (i = 0; i < count; i++) { + if (queue[i].job == jobid) { + break; + } + } + + if (mdrcnt > 0) { + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + } else { + /* + * Don't return data but need to get correct length + * init_package will return wrong size if buflen=0 + */ + desc.buflen = getlen(desc.format); + desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen ); + } + + if (init_package(&desc,1,0)) { + if (i < count) { + fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i); + *rdata_len = desc.usedlen; + } else { + desc.errcode = NERR_JobNotFound; + *rdata_len = 0; + } + } + + *rparam_len = 6; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,desc.neededlen); + + SAFE_FREE(queue); + SAFE_FREE(tmpdata); + + DEBUG(4,("WPrintJobGetInfo: errorcode %d\n",desc.errcode)); + + return True; +} + +static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *param,char *data, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) +{ + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + char* name = p; + int uLevel; + int count; + int i, succnt=0; + int snum; + struct pack_desc desc; + print_queue_struct *queue=NULL; + print_status_struct status; + + memset((char *)&desc,'\0',sizeof(desc)); + memset((char *)&status,'\0',sizeof(status)); + + p = skip_string(p,1); + uLevel = SVAL(p,0); + + DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name)); + + /* check it's a supported variant */ + if (strcmp(str1,"zWrLeh") != 0) { + return False; + } + + if (uLevel > 2) { + return False; /* defined only for uLevel 0,1,2 */ + } + + if (!check_printjob_info(&desc,uLevel,str2)) { + return False; + } + + snum = find_service(name); + if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) { + return False; + } + + count = print_queue_status(snum,&queue,&status); + if (mdrcnt > 0) { + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + } + desc.base = *rdata; + desc.buflen = mdrcnt; + + if (init_package(&desc,count,0)) { + succnt = 0; + for (i = 0; i < count; i++) { + fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i); + if (desc.errcode == NERR_Success) { + succnt = i+1; + } + } + } + + *rdata_len = desc.usedlen; + + *rparam_len = 8; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,count); + + SAFE_FREE(queue); + + DEBUG(4,("WPrintJobEnumerate: errorcode %d\n",desc.errcode)); + + return True; +} static int check_printdest_info(struct pack_desc* desc, int uLevel, char* id) { - desc->subformat = NULL; - switch( uLevel ) { - case 0: desc->format = "B9"; break; - case 1: desc->format = "B9B21WWzW"; break; - case 2: desc->format = "z"; break; - case 3: desc->format = "zzzWWzzzWW"; break; - default: return False; - } - if (strcmp(desc->format,id) != 0) return False; - return True; + desc->subformat = NULL; + switch( uLevel ) { + case 0: + desc->format = "B9"; + break; + case 1: + desc->format = "B9B21WWzW"; + break; + case 2: + desc->format = "z"; + break; + case 3: + desc->format = "zzzWWzzzWW"; + break; + default: + return False; + } + if (strcmp(desc->format,id) != 0) { + return False; + } + return True; } static void fill_printdest_info(connection_struct *conn, int snum, int uLevel, struct pack_desc* desc) { - char buf[100]; - strncpy(buf,SERVICE(snum),sizeof(buf)-1); - buf[sizeof(buf)-1] = 0; - strupper_m(buf); - if (uLevel <= 1) { - PACKS(desc,"B9",buf); /* szName */ - if (uLevel == 1) { - PACKS(desc,"B21",""); /* szUserName */ - PACKI(desc,"W",0); /* uJobId */ - PACKI(desc,"W",0); /* fsStatus */ - PACKS(desc,"z",""); /* pszStatus */ - PACKI(desc,"W",0); /* time */ - } - } - if (uLevel == 2 || uLevel == 3) { - PACKS(desc,"z",buf); /* pszPrinterName */ - if (uLevel == 3) { - PACKS(desc,"z",""); /* pszUserName */ - PACKS(desc,"z",""); /* pszLogAddr */ - PACKI(desc,"W",0); /* uJobId */ - PACKI(desc,"W",0); /* fsStatus */ - PACKS(desc,"z",""); /* pszStatus */ - PACKS(desc,"z",""); /* pszComment */ - PACKS(desc,"z","NULL"); /* pszDrivers */ - PACKI(desc,"W",0); /* time */ - PACKI(desc,"W",0); /* pad1 */ - } - } + char buf[100]; + + strncpy(buf,SERVICE(snum),sizeof(buf)-1); + buf[sizeof(buf)-1] = 0; + strupper_m(buf); + + if (uLevel <= 1) { + PACKS(desc,"B9",buf); /* szName */ + if (uLevel == 1) { + PACKS(desc,"B21",""); /* szUserName */ + PACKI(desc,"W",0); /* uJobId */ + PACKI(desc,"W",0); /* fsStatus */ + PACKS(desc,"z",""); /* pszStatus */ + PACKI(desc,"W",0); /* time */ + } + } + + if (uLevel == 2 || uLevel == 3) { + PACKS(desc,"z",buf); /* pszPrinterName */ + if (uLevel == 3) { + PACKS(desc,"z",""); /* pszUserName */ + PACKS(desc,"z",""); /* pszLogAddr */ + PACKI(desc,"W",0); /* uJobId */ + PACKI(desc,"W",0); /* fsStatus */ + PACKS(desc,"z",""); /* pszStatus */ + PACKS(desc,"z",""); /* pszComment */ + PACKS(desc,"z","NULL"); /* pszDrivers */ + PACKI(desc,"W",0); /* time */ + PACKI(desc,"W",0); /* pad1 */ + } + } } static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, @@ -3231,60 +3397,64 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - char* PrinterName = p; - int uLevel; - struct pack_desc desc; - int snum; - char *tmpdata=NULL; - - memset((char *)&desc,'\0',sizeof(desc)); - - p = skip_string(p,1); - uLevel = SVAL(p,0); - - DEBUG(3,("WPrintDestGetInfo uLevel=%d PrinterName=%s\n",uLevel,PrinterName)); - - /* check it's a supported varient */ - if (strcmp(str1,"zWrLh") != 0) return False; - if (!check_printdest_info(&desc,uLevel,str2)) return False; - - snum = find_service(PrinterName); - if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) { - *rdata_len = 0; - desc.errcode = NERR_DestNotFound; - desc.neededlen = 0; - } - else { - if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; - } else { - /* - * Don't return data but need to get correct length - * init_package will return wrong size if buflen=0 - */ - desc.buflen = getlen(desc.format); - desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen ); - } - if (init_package(&desc,1,0)) { - fill_printdest_info(conn,snum,uLevel,&desc); - } - *rdata_len = desc.usedlen; - } - - *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,desc.errcode); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,desc.neededlen); - - DEBUG(4,("WPrintDestGetInfo: errorcode %d\n",desc.errcode)); - SAFE_FREE(tmpdata); - return(True); + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + char* PrinterName = p; + int uLevel; + struct pack_desc desc; + int snum; + char *tmpdata=NULL; + + memset((char *)&desc,'\0',sizeof(desc)); + + p = skip_string(p,1); + uLevel = SVAL(p,0); + + DEBUG(3,("WPrintDestGetInfo uLevel=%d PrinterName=%s\n",uLevel,PrinterName)); + + /* check it's a supported varient */ + if (strcmp(str1,"zWrLh") != 0) { + return False; + } + if (!check_printdest_info(&desc,uLevel,str2)) { + return False; + } + + snum = find_service(PrinterName); + if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) { + *rdata_len = 0; + desc.errcode = NERR_DestNotFound; + desc.neededlen = 0; + } else { + if (mdrcnt > 0) { + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + desc.base = *rdata; + desc.buflen = mdrcnt; + } else { + /* + * Don't return data but need to get correct length + * init_package will return wrong size if buflen=0 + */ + desc.buflen = getlen(desc.format); + desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen ); + } + if (init_package(&desc,1,0)) { + fill_printdest_info(conn,snum,uLevel,&desc); + } + *rdata_len = desc.usedlen; + } + + *rparam_len = 6; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,desc.neededlen); + + DEBUG(4,("WPrintDestGetInfo: errorcode %d\n",desc.errcode)); + SAFE_FREE(tmpdata); + + return True; } static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param,char *data, @@ -3292,56 +3462,68 @@ static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel; - int queuecnt; - int i, n, succnt=0; - struct pack_desc desc; - int services = lp_numservices(); - - memset((char *)&desc,'\0',sizeof(desc)); - - uLevel = SVAL(p,0); - - DEBUG(3,("WPrintDestEnum uLevel=%d\n",uLevel)); - - /* check it's a supported varient */ - if (strcmp(str1,"WrLeh") != 0) return False; - if (!check_printdest_info(&desc,uLevel,str2)) return False; - - queuecnt = 0; - for (i = 0; i < services; i++) - if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) - queuecnt++; - - if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; - if (init_package(&desc,queuecnt,0)) { - succnt = 0; - n = 0; - for (i = 0; i < services; i++) { - if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { - fill_printdest_info(conn,i,uLevel,&desc); - n++; - if (desc.errcode == NERR_Success) succnt = n; - } - } - } - - *rdata_len = desc.usedlen; - - *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,desc.errcode); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,succnt); - SSVAL(*rparam,6,queuecnt); - - DEBUG(4,("WPrintDestEnumerate: errorcode %d\n",desc.errcode)); - return(True); + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + int queuecnt; + int i, n, succnt=0; + struct pack_desc desc; + int services = lp_numservices(); + + memset((char *)&desc,'\0',sizeof(desc)); + + uLevel = SVAL(p,0); + + DEBUG(3,("WPrintDestEnum uLevel=%d\n",uLevel)); + + /* check it's a supported varient */ + if (strcmp(str1,"WrLeh") != 0) { + return False; + } + if (!check_printdest_info(&desc,uLevel,str2)) { + return False; + } + + queuecnt = 0; + for (i = 0; i < services; i++) { + if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { + queuecnt++; + } + } + + if (mdrcnt > 0) { + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + } + + desc.base = *rdata; + desc.buflen = mdrcnt; + if (init_package(&desc,queuecnt,0)) { + succnt = 0; + n = 0; + for (i = 0; i < services; i++) { + if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { + fill_printdest_info(conn,i,uLevel,&desc); + n++; + if (desc.errcode == NERR_Success) { + succnt = n; + } + } + } + } + + *rdata_len = desc.usedlen; + + *rparam_len = 8; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,queuecnt); + + DEBUG(4,("WPrintDestEnumerate: errorcode %d\n",desc.errcode)); + + return True; } static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *param,char *data, @@ -3349,43 +3531,50 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *para char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel; - int succnt; - struct pack_desc desc; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + int succnt; + struct pack_desc desc; - memset((char *)&desc,'\0',sizeof(desc)); + memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = SVAL(p,0); - DEBUG(3,("WPrintDriverEnum uLevel=%d\n",uLevel)); + DEBUG(3,("WPrintDriverEnum uLevel=%d\n",uLevel)); - /* check it's a supported varient */ - if (strcmp(str1,"WrLeh") != 0) return False; - if (uLevel != 0 || strcmp(str2,"B41") != 0) return False; + /* check it's a supported varient */ + if (strcmp(str1,"WrLeh") != 0) { + return False; + } + if (uLevel != 0 || strcmp(str2,"B41") != 0) { + return False; + } + + if (mdrcnt > 0) { + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + } + desc.base = *rdata; + desc.buflen = mdrcnt; + if (init_package(&desc,1,0)) { + PACKS(&desc,"B41","NULL"); + } - if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; - if (init_package(&desc,1,0)) { - PACKS(&desc,"B41","NULL"); - } + succnt = (desc.errcode == NERR_Success ? 1 : 0); - succnt = (desc.errcode == NERR_Success ? 1 : 0); + *rdata_len = desc.usedlen; - *rdata_len = desc.usedlen; + *rparam_len = 8; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,1); - *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,desc.errcode); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,succnt); - SSVAL(*rparam,6,1); + DEBUG(4,("WPrintDriverEnum: errorcode %d\n",desc.errcode)); - DEBUG(4,("WPrintDriverEnum: errorcode %d\n",desc.errcode)); - return(True); + return True; } static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param,char *data, @@ -3393,44 +3582,51 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel; - int succnt; - struct pack_desc desc; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + int succnt; + struct pack_desc desc; - memset((char *)&desc,'\0',sizeof(desc)); + memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = SVAL(p,0); - DEBUG(3,("WPrintQProcEnum uLevel=%d\n",uLevel)); + DEBUG(3,("WPrintQProcEnum uLevel=%d\n",uLevel)); - /* check it's a supported varient */ - if (strcmp(str1,"WrLeh") != 0) return False; - if (uLevel != 0 || strcmp(str2,"B13") != 0) return False; + /* check it's a supported varient */ + if (strcmp(str1,"WrLeh") != 0) { + return False; + } + if (uLevel != 0 || strcmp(str2,"B13") != 0) { + return False; + } - if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - desc.base = *rdata; - desc.buflen = mdrcnt; - desc.format = str2; - if (init_package(&desc,1,0)) { - PACKS(&desc,"B13","lpd"); - } + if (mdrcnt > 0) { + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + } + desc.base = *rdata; + desc.buflen = mdrcnt; + desc.format = str2; + if (init_package(&desc,1,0)) { + PACKS(&desc,"B13","lpd"); + } + + succnt = (desc.errcode == NERR_Success ? 1 : 0); - succnt = (desc.errcode == NERR_Success ? 1 : 0); + *rdata_len = desc.usedlen; - *rdata_len = desc.usedlen; + *rparam_len = 8; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,1); - *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,desc.errcode); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,succnt); - SSVAL(*rparam,6,1); + DEBUG(4,("WPrintQProcEnum: errorcode %d\n",desc.errcode)); - DEBUG(4,("WPrintQProcEnum: errorcode %d\n",desc.errcode)); - return(True); + return True; } static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param,char *data, @@ -3438,45 +3634,52 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel; - int succnt; - struct pack_desc desc; + char *str1 = param+2; + char *str2 = skip_string(str1,1); + char *p = skip_string(str2,1); + int uLevel; + int succnt; + struct pack_desc desc; + + memset((char *)&desc,'\0',sizeof(desc)); - memset((char *)&desc,'\0',sizeof(desc)); + uLevel = SVAL(p,0); - uLevel = SVAL(p,0); + DEBUG(3,("WPrintPortEnum uLevel=%d\n",uLevel)); - DEBUG(3,("WPrintPortEnum uLevel=%d\n",uLevel)); + /* check it's a supported varient */ + if (strcmp(str1,"WrLeh") != 0) { + return False; + } + if (uLevel != 0 || strcmp(str2,"B9") != 0) { + return False; + } - /* check it's a supported varient */ - if (strcmp(str1,"WrLeh") != 0) return False; - if (uLevel != 0 || strcmp(str2,"B9") != 0) return False; + if (mdrcnt > 0) { + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + } + memset((char *)&desc,'\0',sizeof(desc)); + desc.base = *rdata; + desc.buflen = mdrcnt; + desc.format = str2; + if (init_package(&desc,1,0)) { + PACKS(&desc,"B13","lp0"); + } - if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - memset((char *)&desc,'\0',sizeof(desc)); - desc.base = *rdata; - desc.buflen = mdrcnt; - desc.format = str2; - if (init_package(&desc,1,0)) { - PACKS(&desc,"B13","lp0"); - } + succnt = (desc.errcode == NERR_Success ? 1 : 0); - succnt = (desc.errcode == NERR_Success ? 1 : 0); + *rdata_len = desc.usedlen; - *rdata_len = desc.usedlen; + *rparam_len = 8; + *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + SSVALS(*rparam,0,desc.errcode); + SSVAL(*rparam,2,0); + SSVAL(*rparam,4,succnt); + SSVAL(*rparam,6,1); - *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - SSVALS(*rparam,0,desc.errcode); - SSVAL(*rparam,2,0); - SSVAL(*rparam,4,succnt); - SSVAL(*rparam,6,1); + DEBUG(4,("WPrintPortEnum: errorcode %d\n",desc.errcode)); - DEBUG(4,("WPrintPortEnum: errorcode %d\n",desc.errcode)); - return(True); + return True; } @@ -3489,59 +3692,66 @@ static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel; - struct pack_desc desc; - struct sessionid *session_list; - int i, num_sessions; - - memset((char *)&desc,'\0',sizeof(desc)); - - uLevel = SVAL(p,0); - - DEBUG(3,("RNetSessionEnum uLevel=%d\n",uLevel)); - DEBUG(7,("RNetSessionEnum req string=%s\n",str1)); - DEBUG(7,("RNetSessionEnum ret string=%s\n",str2)); - - /* check it's a supported varient */ - if (strcmp(str1,RAP_NetSessionEnum_REQ) != 0) return False; - if (uLevel != 2 || strcmp(str2,RAP_SESSION_INFO_L2) != 0) return False; - - num_sessions = list_sessions(&session_list); - - if (mdrcnt > 0) *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); - memset((char *)&desc,'\0',sizeof(desc)); - desc.base = *rdata; - desc.buflen = mdrcnt; - desc.format = str2; - if (!init_package(&desc,num_sessions,0)) { - return False; - } - - for(i=0; i 0) { + *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + } + memset((char *)&desc,'\0',sizeof(desc)); + desc.base = *rdata; + desc.buflen = mdrcnt; + desc.format = str2; + if (!init_package(&desc,num_sessions,0)) { + return False; + } + + for(i=0; i Date: Fri, 10 Feb 2006 23:23:10 +0000 Subject: r13443: Fix the build. Guenther (This used to be commit 40a21776a7a16f3200e87c6564d9b6e8c481dd1e) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 83dfdf0d8b..a2ec6f34b8 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2214,7 +2214,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param if (NT_STATUS_IS_OK(check_plaintext_password(user,password,&server_info))) { become_root(); - if (NT_STATUS_IS_OK(change_oem_password(server_info->sam_account, pass1, pass2, False))) { + if (NT_STATUS_IS_OK(change_oem_password(server_info->sam_account, pass1, pass2, False, NULL))) { SSVAL(*rparam,0,NERR_Success); } unbecome_root(); @@ -2297,7 +2297,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * (void)map_username(user); - if (NT_STATUS_IS_OK(pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL))) { + if (NT_STATUS_IS_OK(pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL, NULL))) { SSVAL(*rparam,0,NERR_Success); } -- cgit From fb5362c069b5b6548478b2217a0519c56d856705 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 20 Feb 2006 17:59:58 +0000 Subject: r13571: Replace all calls to talloc_free() with thye TALLOC_FREE() macro which sets the freed pointer to NULL. (This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index a2ec6f34b8..3f10ba41b2 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2026,7 +2026,7 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para done: unbecome_root(); /* END ROOT BLOCK */ - talloc_free(mem_ctx); + TALLOC_FREE(mem_ctx); return ret; } @@ -2219,7 +2219,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param } unbecome_root(); - talloc_free(server_info); + TALLOC_FREE(server_info); } data_blob_clear_free(&password); } -- cgit From 2203bed32c84c63737f402accf73452efb76b483 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 20 Feb 2006 20:09:36 +0000 Subject: r13576: This is the beginnings of moving the SAM_ACCOUNT data structure to make full use of the new talloc() interface. Discussed with Volker and Jeremy. * remove the internal mem_ctx and simply use the talloc() structure as the context. * replace the internal free_fn() with a talloc_destructor() function * remove the unnecessary private nested structure * rename SAM_ACCOUNT to 'struct samu' to indicate the current an upcoming changes. Groups will most likely be replaced with a 'struct samg' in the future. Note that there are now passbd API changes. And for the most part, the wrapper functions remain the same. While this code has been tested on tdb and ldap based Samba PDC's as well as Samba member servers, there are probably still some bugs. The code also needs more testing under valgrind to ensure it's not leaking memory. But it's a start...... (This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0) --- source3/smbd/lanman.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 3f10ba41b2..03f7f8e5c8 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1920,7 +1920,7 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para int uLevel = SVAL(p,0); const char *level_string; int count=0; - SAM_ACCOUNT *sampw = NULL; + struct samu *sampw = NULL; BOOL ret = False; DOM_SID *sids; gid_t *gids; @@ -2235,7 +2235,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param */ if(SVAL(*rparam,0) != NERR_Success) { - SAM_ACCOUNT *hnd = NULL; + struct samu *hnd = NULL; if (check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd)) { become_root(); @@ -2243,7 +2243,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param SSVAL(*rparam,0,NERR_Success); } unbecome_root(); - pdb_free_sam(&hnd); + TALLOC_FREE(hnd); } } -- cgit From cd559192633d78a9f06e239c6a448955f6ea0842 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 21 Feb 2006 14:34:11 +0000 Subject: r13590: * replace all pdb_init_sam[_talloc]() calls with samu_new() * replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix() (This used to be commit 6f1afa4acc93a07d0ee9940822d7715acaae634f) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 03f7f8e5c8..ca6cc57cc3 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1981,8 +1981,8 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para goto done; } - if (!NT_STATUS_IS_OK(pdb_init_sam_talloc(mem_ctx, &sampw))) { - DEBUG(10, ("pdb_init_sam_talloc failed\n")); + if ( !(sampw = samu_new(mem_ctx)) ) { + DEBUG(0, ("samu_new() failed!\n")); goto done; } -- cgit From 894358a8f3e338b339b6c37233edef794b312087 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 7 Mar 2006 06:31:04 +0000 Subject: r13915: Fixed a very interesting class of realloc() bugs found by Coverity. realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0) --- source3/smbd/lanman.c | 176 +++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 166 insertions(+), 10 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index ca6cc57cc3..a78681bad8 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -798,6 +798,9 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, *rdata_len = 0; *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,ERRunknownlevel); SSVAL(*rparam,2,0); SSVAL(*rparam,4,0); @@ -817,6 +820,9 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } desc.base = *rdata; desc.buflen = mdrcnt; } else { @@ -846,6 +852,9 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, *rdata_len = desc.usedlen; *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,desc.neededlen); @@ -896,6 +905,9 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, *rdata_len = 0; *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,ERRunknownlevel); SSVAL(*rparam,2,0); SSVAL(*rparam,4,0); @@ -1066,15 +1078,11 @@ static int get_server_info(uint32 servertype, } if (count == alloced) { - struct srv_info_struct *ts; - alloced += 10; - ts = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced); - if (!ts) { + *servers = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced); + if (!*servers) { DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n")); return 0; - } else { - *servers = ts; } memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count)); } @@ -1332,6 +1340,9 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param *rdata_len = fixed_len + string_len; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + if (!*rdata) { + return False; + } memset(*rdata,'\0',*rdata_len); p2 = (*rdata) + fixed_len; /* auxilliary data (strings) will go here */ @@ -1359,6 +1370,9 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVAL(*rparam,0,(missed == 0 ? NERR_Success : ERRmoredata)); SSVAL(*rparam,2,0); SSVAL(*rparam,4,counted); @@ -1399,6 +1413,9 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *pa *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVAL(*rparam,0,0x08AC); /* informational warning message */ SSVAL(*rparam,2,0); @@ -1581,6 +1598,9 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *para } *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } p = *rdata; *rdata_len = fill_share_info(conn,snum,uLevel,&p,&mdrcnt,0,0,0); if (*rdata_len < 0) { @@ -1589,6 +1609,9 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *para *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ SSVAL(*rparam,4,*rdata_len); @@ -1665,6 +1688,9 @@ static BOOL api_RNetShareEnum( connection_struct *conn, *rdata_len = fixed_len + string_len; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + if (!*rdata) { + return False; + } memset(*rdata,0,*rdata_len); p2 = (*rdata) + fixed_len; /* auxiliary data (strings) will go here */ @@ -1688,6 +1714,9 @@ static BOOL api_RNetShareEnum( connection_struct *conn, *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVAL(*rparam,0,missed ? ERRmoredata : NERR_Success); SSVAL(*rparam,2,0); SSVAL(*rparam,4,counted); @@ -1792,6 +1821,9 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ SSVAL(*rparam,4,*rdata_len); @@ -1803,6 +1835,9 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch *rparam_len = 4; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } *rdata_len = 0; SSVAL(*rparam,0,res); SSVAL(*rparam,2,0); @@ -1868,6 +1903,9 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c *rdata_len = cli_buf_size; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + if (!*rdata) { + return False; + } p = *rdata; @@ -1895,7 +1933,9 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); - + if (!*rparam) { + return False; + } SSVAL(*rparam, 0, errflags); SSVAL(*rparam, 2, 0); /* converter word */ SSVAL(*rparam, 4, i); /* is this right?? */ @@ -1933,6 +1973,9 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } /* check it's a supported varient */ @@ -1952,7 +1995,9 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para *rdata_len = mdrcnt + 1024; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); - + if (!*rdata) { + return False; + } SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ @@ -2068,6 +2113,9 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } /* check it's a supported varient */ if (strcmp("B21",str2) != 0) @@ -2075,6 +2123,9 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch *rdata_len = cli_buf_size; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + if (!*rdata) { + return False; + } p = *rdata; @@ -2138,9 +2189,15 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,ch *rparam_len = 4; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } *rdata_len = 21; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + if (!*rdata) { + return False; + } SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ @@ -2194,6 +2251,9 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param *rparam_len = 4; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } *rdata_len = 0; @@ -2266,6 +2326,9 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * char *p = param + 2; *rparam_len = 2; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } *rdata_len = 0; @@ -2333,6 +2396,9 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param *rparam_len = 4; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } *rdata_len = 0; if (!print_job_exists(sharename, jobid)) { @@ -2396,6 +2462,9 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param *rparam_len = 4; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } *rdata_len = 0; snum = print_queue_snum(QueueName); @@ -2470,6 +2539,9 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha return False; *rparam_len = 4; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } if ( (snum = lp_servicenumber(sharename)) == -1 ) { DEBUG(0,("api_PrintJobInfo: unable to get service number from sharename [%s]\n", @@ -2586,6 +2658,9 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par *rdata_len = mdrcnt; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + if (!*rdata) { + return False; + } p = *rdata; p2 = p + struct_len; @@ -2635,6 +2710,9 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ SSVAL(*rparam,4,*rdata_len); @@ -2661,6 +2739,9 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } /* check it's a supported varient */ if (!(level==10 && strcsequal(str1,"WrLh") && strcsequal(str2,"zzzBBzz"))) { @@ -2669,6 +2750,9 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param *rdata_len = mdrcnt + 1024; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + if (!*rdata) { + return False; + } SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ @@ -2908,6 +2992,9 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } DEBUG(4,("RNetUserGetInfo level=%d\n", uLevel)); @@ -2930,6 +3017,9 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param *rdata_len = mdrcnt + 1024; *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + if (!*rdata) { + return False; + } SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ @@ -3082,6 +3172,9 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param } if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } } desc.base = *rdata; @@ -3121,6 +3214,9 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param *rdata_len = desc.usedlen; *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,desc.neededlen); @@ -3156,6 +3252,9 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *p *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,0); /* errorcode */ SSVAL(*rparam,2,0); /* converter word */ SSVAL(*rparam,4,0x7f); /* permission flags */ @@ -3219,6 +3318,9 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } desc.base = *rdata; desc.buflen = mdrcnt; } else { @@ -3242,6 +3344,9 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,desc.neededlen); @@ -3300,6 +3405,9 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *pa count = print_queue_status(snum,&queue,&status); if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } } desc.base = *rdata; desc.buflen = mdrcnt; @@ -3318,6 +3426,9 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *pa *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -3429,6 +3540,9 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par } else { if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } desc.base = *rdata; desc.buflen = mdrcnt; } else { @@ -3447,6 +3561,9 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,desc.neededlen); @@ -3494,6 +3611,9 @@ static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param, if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } } desc.base = *rdata; @@ -3516,6 +3636,9 @@ static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param, *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -3554,6 +3677,9 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *para if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } } desc.base = *rdata; desc.buflen = mdrcnt; @@ -3567,6 +3693,9 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *para *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -3605,6 +3734,9 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } } desc.base = *rdata; desc.buflen = mdrcnt; @@ -3619,6 +3751,9 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -3657,6 +3792,9 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param, if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } } memset((char *)&desc,'\0',sizeof(desc)); desc.base = *rdata; @@ -3672,6 +3810,9 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param, *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); @@ -3720,6 +3861,9 @@ static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + if (!*rdata) { + return False; + } } memset((char *)&desc,'\0',sizeof(desc)); desc.base = *rdata; @@ -3745,6 +3889,9 @@ static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); /* converter */ SSVAL(*rparam,4,num_sessions); /* count */ @@ -3766,6 +3913,9 @@ static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param, char { *rparam_len = MIN(*rparam_len,mprcnt); *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } *rdata_len = 0; @@ -3787,6 +3937,9 @@ static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, char *param, c { *rparam_len = 4; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + if (!*rparam) { + return False; + } *rdata_len = 0; @@ -3919,11 +4072,14 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * /* if we get False back then it's actually unsupported */ if (!reply) { - api_Unsupported(conn,vuid,params,data,mdrcnt,mprcnt, + reply = api_Unsupported(conn,vuid,params,data,mdrcnt,mprcnt, &rdata,&rparam,&rdata_len,&rparam_len); } - send_trans_reply(outbuf, rparam, rparam_len, rdata, rdata_len, False); + /* If api_Unsupported returns false we can't return anything. */ + if (reply) { + send_trans_reply(outbuf, rparam, rparam_len, rdata, rdata_len, False); + } SAFE_FREE(rdata); SAFE_FREE(rparam); -- cgit From dece1a2db267eb7adf1560bc040763be919db592 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 7 Mar 2006 20:24:28 +0000 Subject: r13983: Fix Coverity bug # 111 (This used to be commit 08d7fd31ab250bc6ba3922b36aa7b0cfef1e5bf1) --- source3/smbd/lanman.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index a78681bad8..4d4d9d2259 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1082,6 +1082,7 @@ static int get_server_info(uint32 servertype, *servers = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced); if (!*servers) { DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n")); + file_lines_free(lines); return 0; } memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count)); -- cgit From a1e0a0e9286fbe90ca04cda9df38e72d8d18b0c1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 14 Jun 2006 21:36:49 +0000 Subject: r16230: Fix Klocwork #861 and others. localtime and asctime can return NULL. Ensure we check all returns correctly. Jeremy. (This used to be commit 6c61dc8ed6d84f310ef391fb7700e93ef42c4afc) --- source3/smbd/lanman.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 4d4d9d2259..7d1a2ade54 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2212,6 +2212,9 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,ch /* the client expects to get localtime, not GMT, in this bit (I think, this needs testing) */ t = localtime(&unixdate); + if (!t) { + return False; + } SIVAL(p,4,0); /* msecs ? */ SCVAL(p,8,t->tm_hour); -- cgit From f9147c4e408d316d194c4e367dfccbf433cb8ec9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 15 Jun 2006 01:54:09 +0000 Subject: r16241: Fix Klocwork #106 and others like it. Make 2 important changes. pdb_get_methods() returning NULL is a *fatal* error. Don't try and cope with it just call smb_panic. This removes a *lot* of pointless "if (!pdb)" handling code. Secondly, ensure that if samu_init() fails we *always* back out of a function. That way we are never in a situation where the pdb_XXX() functions need to start with a "if (sampass)" test - this was just bad design, not defensive programming. Jeremy. (This used to be commit a0d368197d6ae6777b7c2c3c6e970ab8ae7ca2ae) --- source3/smbd/lanman.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 7d1a2ade54..e4531d8ae9 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2010,6 +2010,12 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para return False; } + if ( !(sampw = samu_new(mem_ctx)) ) { + DEBUG(0, ("samu_new() failed!\n")); + TALLOC_FREE(mem_ctx); + return False; + } + /* Lookup the user information; This should only be one of our accounts (not remote domains) */ @@ -2027,11 +2033,6 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para goto done; } - if ( !(sampw = samu_new(mem_ctx)) ) { - DEBUG(0, ("samu_new() failed!\n")); - goto done; - } - if ( !pdb_getsampwsid(sampw, &user_sid) ) { DEBUG(10, ("pdb_getsampwsid(%s) failed for user %s\n", sid_string_static(&user_sid), UserName)); -- cgit From fbdcf2663b56007a438ac4f0d8d82436b1bfe688 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 11 Jul 2006 18:01:26 +0000 Subject: r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8) --- source3/smbd/lanman.c | 45 ++++++++++++++++++++++++++++++++------------- 1 file changed, 32 insertions(+), 13 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index e4531d8ae9..2d6db8f2a3 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -72,7 +72,11 @@ static int CopyExpanded(connection_struct *conn, StrnCpy(buf,src,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); - standard_sub_conn(conn,buf,sizeof(buf)); + standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, + conn->connectpath, conn->gid, + get_current_username(), + current_user_info.domain, + buf, sizeof(buf)); l = push_ascii(*dst,buf,*n, STR_TERMINATE); (*dst) += l; (*n) -= l; @@ -99,7 +103,11 @@ static int StrlenExpanded(connection_struct *conn, int snum, char *s) } StrnCpy(buf,s,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); - standard_sub_conn(conn,buf,sizeof(buf)); + standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, + conn->connectpath, conn->gid, + get_current_username(), + current_user_info.domain, + buf, sizeof(buf)); return strlen(buf) + 1; } @@ -111,7 +119,11 @@ static char *Expand(connection_struct *conn, int snum, char *s) } StrnCpy(buf,s,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); - standard_sub_conn(conn,buf,sizeof(buf)); + standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, + conn->connectpath, conn->gid, + get_current_username(), + current_user_info.domain, + buf, sizeof(buf)); return &buf[0]; } @@ -593,7 +605,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, PACKS(desc, "z", driver.info_3->monitorname); /* language monitor */ fstrcpy(location, "\\\\%L\\print$\\WIN40\\0"); - standard_sub_basic( "", location, sizeof(location)-1 ); + standard_sub_basic( "", "", location, sizeof(location)-1 ); PACKS(desc,"z", location); /* share to retrieve files */ PACKS(desc,"z", driver.info_3->defaultdatatype); /* default data type */ @@ -2534,7 +2546,6 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha char *str2 = skip_string(str1,1); char *p = skip_string(str2,1); uint32 jobid; - int snum; fstring sharename; int uLevel = SVAL(p,2); int function = SVAL(p,4); @@ -2548,9 +2559,9 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha return False; } - if ( (snum = lp_servicenumber(sharename)) == -1 ) { - DEBUG(0,("api_PrintJobInfo: unable to get service number from sharename [%s]\n", - sharename)); + if (!share_defined(sharename)) { + DEBUG(0,("api_PrintJobInfo: sharen [%s] not defined\n", + sharename)); return False; } @@ -2573,14 +2584,14 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha /* change job place in the queue, data gives the new place */ place = SVAL(data,0); - if (print_job_set_place(snum, jobid, place)) { + if (print_job_set_place(sharename, jobid, place)) { errcode=NERR_Success; } break; case 0xb: /* change print job name, data gives the name */ - if (print_job_set_name(snum, jobid, data)) { + if (print_job_set_name(sharename, jobid, data)) { errcode=NERR_Success; } break; @@ -2701,7 +2712,11 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par SIVAL(p,6,0); } else { SIVAL(p,6,PTR_DIFF(p2,*rdata)); - standard_sub_conn(conn,comment,sizeof(comment)); + standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, + conn->connectpath, conn->gid, + get_current_username(), + current_user_info.domain, + comment, sizeof(comment)); StrnCpy(p2,comment,MAX(mdrcnt - struct_len,0)); p2 = skip_string(p2,1); } @@ -3126,8 +3141,12 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SSVALS(p,102,-1); /* bad_pw_count */ SSVALS(p,104,-1); /* num_logons */ SIVAL(p,106,PTR_DIFF(p2,*rdata)); /* logon_server */ - pstrcpy(p2,"\\\\%L"); - standard_sub_conn(conn, p2,0); + { + pstring tmp; + pstrcpy(tmp, "\\\\%L"); + standard_sub_basic("", "", tmp, sizeof(tmp)); + pstrcpy(p2, tmp); + } p2 = skip_string(p2,1); SSVAL(p,110,49); /* country_code */ SSVAL(p,112,860); /* code page */ -- cgit From 00ffc8ec93600bd20e380c1242a946749acf0843 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 28 Aug 2006 05:41:32 +0000 Subject: r17879: Make it explicit that we can never pass NULL for buflen or stringlen. Stanford Checker fix. Jeremy. (This used to be commit 2d8bdd2dce633253780a5b0378f229893d049666) --- source3/smbd/lanman.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 2d6db8f2a3..da1def4361 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1195,12 +1195,8 @@ static int fill_srv_info(struct srv_info_struct *service, break; } - if (buflen) { - *buflen = struct_len; - } - if (stringspace) { - *stringspace = len; - } + *buflen = struct_len; + *stringspace = len; return struct_len + len; } -- cgit From 2b27c93a9a8471693d7dcb5fdbe8afe65b22ff66 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 8 Sep 2006 14:28:06 +0000 Subject: r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index da1def4361..637d5b4120 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1977,7 +1977,7 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para size_t i; NTSTATUS result; DOM_SID user_sid; - enum SID_NAME_USE type; + enum lsa_SidType type; TALLOC_CTX *mem_ctx; *rparam_len = 8; -- cgit From cfed7a5a71aab48b1d5b758df318b991a95592a5 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 9 Oct 2006 07:17:37 +0000 Subject: r19184: W2k3 returns its name for the GetServerInfo RAP call. Do the same. Implement 'net rap server name'. Volker (This used to be commit 919385ed2a2a07e848bc0baaac9ed3d1964d4386) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 637d5b4120..8a16c2c044 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2677,7 +2677,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par p = *rdata; p2 = p + struct_len; if (uLevel != 20) { - srvstr_push(NULL, p,get_local_machine_name(),16, + srvstr_push(NULL, p,global_myname(),16, STR_ASCII|STR_UPPER|STR_TERMINATE); } p += 16; -- cgit From 9d20474a48931a2574e04ba89db730be9bfb7288 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 9 Oct 2006 13:26:29 +0000 Subject: r19203: Part two of returning our real name. This code is a bit ancient... :-) (This used to be commit 370c24ba2ad3bce29929886f96d626e698da0238) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 8a16c2c044..8ecc965c0d 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2691,7 +2691,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) { for (i=0;i Date: Thu, 30 Nov 2006 07:38:40 +0000 Subject: r19963: Add 'registry shares = yes' and registry key security descriptors. (This used to be commit 6cab254c49e07b11c170511ec613f0f33914c3e6) --- source3/smbd/lanman.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 8ecc965c0d..e42d96b11e 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1671,6 +1671,7 @@ static BOOL api_RNetShareEnum( connection_struct *conn, /* Ensure all the usershares are loaded. */ become_root(); + load_registry_shares(); count = load_usershare_shares(); unbecome_root(); -- cgit From 261c004d7bf85de945a1a3956c1d8f15075bc224 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 30 Mar 2007 22:25:08 +0000 Subject: r22014: Make us pass RANDOMIPC test again :-(. This is an ugly check-in, but I've no option. Jeremy. (This used to be commit c3a565081d70b209a4f9e6e8f1859bf7194a5f74) --- source3/smbd/lanman.c | 878 ++++++++++++++++++++++++++++++++++---------------- 1 file changed, 601 insertions(+), 277 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index e42d96b11e..905b6a023a 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -50,10 +50,13 @@ extern userdom_struct current_user_info; #define SHPWLEN 8 /* share password length */ -static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param, char *data, - int mdrcnt, int mprcnt, - char **rdata, char **rparam, - int *rdata_len, int *rparam_len); +static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, int mprcnt, + char **rdata, char **rparam, + int *rdata_len, int *rparam_len); + static BOOL api_TooSmall(connection_struct *conn, uint16 vuid, char *param, char *data, int mdrcnt, int mprcnt, char **rdata, char **rparam, @@ -585,7 +588,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, lp_servicename(snum))); goto err; } - + if ( !W_ERROR_IS_OK(get_a_printer_driver(&driver, 3, printer->info_2->drivername, "Windows 4.0", 0)) ) { @@ -597,17 +600,17 @@ static void fill_printq_info_52(connection_struct *conn, int snum, trim_string(driver.info_3->driverpath, "\\print$\\WIN40\\0\\", 0); trim_string(driver.info_3->datafile, "\\print$\\WIN40\\0\\", 0); trim_string(driver.info_3->helpfile, "\\print$\\WIN40\\0\\", 0); - + PACKI(desc, "W", 0x0400); /* don't know */ PACKS(desc, "z", driver.info_3->name); /* long printer name */ PACKS(desc, "z", driver.info_3->driverpath); /* Driverfile Name */ PACKS(desc, "z", driver.info_3->datafile); /* Datafile name */ PACKS(desc, "z", driver.info_3->monitorname); /* language monitor */ - + fstrcpy(location, "\\\\%L\\print$\\WIN40\\0"); standard_sub_basic( "", "", location, sizeof(location)-1 ); PACKS(desc,"z", location); /* share to retrieve files */ - + PACKS(desc,"z", driver.info_3->defaultdatatype); /* default data type */ PACKS(desc,"z", driver.info_3->helpfile); /* helpfile name */ PACKS(desc,"z", driver.info_3->driverpath); /* driver name */ @@ -627,12 +630,12 @@ static void fill_printq_info_52(connection_struct *conn, int snum, PACKS(desc,"z",driver.info_3->dependentfiles[i]); /* driver files to copy */ DEBUG(3,("Dependent File: %s:\n",driver.info_3->dependentfiles[i])); } - + /* sanity check */ if ( i != count ) DEBUG(3,("fill_printq_info_52: file count specified by client [%d] != number of dependent files [%i]\n", count, i)); - + DEBUG(3,("fill_printq_info on <%s> gave %d entries\n", SERVICE(snum),i)); desc->errcode=NERR_Success; @@ -645,7 +648,7 @@ err: done: if ( printer ) free_a_printer( &printer, 2 ); - + if ( driver.info_3 ) free_a_printer_driver( driver, 3 ); } @@ -743,7 +746,7 @@ static int get_printerdrivernumber(int snum) lp_servicename(snum))); goto done; } - + if ( !W_ERROR_IS_OK(get_a_printer_driver(&driver, 3, printer->info_2->drivername, "Windows 4.0", 0)) ) { @@ -751,7 +754,7 @@ static int get_printerdrivernumber(int snum) printer->info_2->drivername)); goto done; } - + /* count the number of files */ while ( driver.info_3->dependentfiles && *driver.info_3->dependentfiles[result] ) result++; @@ -759,39 +762,50 @@ static int get_printerdrivernumber(int snum) done: if ( printer ) free_a_printer( &printer, 2 ); - + if ( driver.info_3 ) free_a_printer_driver( driver, 3 ); - + return result; } -static BOOL api_DosPrintQGetInfo(connection_struct *conn, - uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); char *QueueName = p; unsigned int uLevel; int count=0; int snum; - char* str3; + char *str3; struct pack_desc desc; print_queue_struct *queue=NULL; print_status_struct status; char* tmpdata=NULL; + if (!str1 || !str2 || !p) { + return False; + } memset((char *)&status,'\0',sizeof(status)); memset((char *)&desc,'\0',sizeof(desc)); - - p = skip_string(p,1); - uLevel = SVAL(p,0); - str3 = p + 4; - + + p = skip_string(param,tpscnt,p,1); + if (!p) { + return False; + } + uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + str3 = get_safe_offset(param,tpscnt,p,4) ? p + 4 : 0; + /* Check if string exists. */ + if (skip_string(param,tpscnt,str3,1) == NULL) { + return False; + } + /* remove any trailing username */ if ((p = strchr_m(QueueName,'%'))) *p = 0; @@ -883,16 +897,18 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, View list of all print jobs on all queues. ****************************************************************************/ -static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, char* data, - int mdrcnt, int mprcnt, - char **rdata, char** rparam, - int *rdata_len, int *rparam_len) +static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, int mprcnt, + char **rdata, char** rparam, + int *rdata_len, int *rparam_len) { - char *param_format = param+2; - char *output_format1 = skip_string(param_format,1); - char *p = skip_string(output_format1,1); - unsigned int uLevel = SVAL(p,0); - char *output_format2 = p + 4; + char *param_format = get_safe_offset(param,tpscnt,param,2); + char *output_format1 = skip_string(param,tpscnt,param_format,1); + char *p = skip_string(param,tpscnt,output_format1,1); + unsigned int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + char *output_format2 = get_safe_offset(param,tpscnt,p,4); int services = lp_numservices(); int i, n; struct pack_desc desc; @@ -901,6 +917,13 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, int *subcntarr = NULL; int queuecnt = 0, subcnt = 0, succnt = 0; + if (!param_format || !output_format1 || !p || !output_format2) { + return False; + } + + uLevel = SVAL(p,0); + output_format2 = p + 4; + memset((char *)&desc,'\0',sizeof(desc)); DEBUG(3,("DosPrintQEnum uLevel=%d\n",uLevel)); @@ -1252,16 +1275,18 @@ static BOOL srv_comp(struct srv_info_struct *s1,struct srv_info_struct *s2) extracted from lists saved by nmbd on the local host. ****************************************************************************/ -static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param, char *data, - int mdrcnt, int mprcnt, char **rdata, - char **rparam, int *rdata_len, int *rparam_len) +static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, int mprcnt, char **rdata, + char **rparam, int *rdata_len, int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); - uint32 servertype = IVAL(p,4); + char *str1 = get_safe_offset(param, tpscnt, param, 2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); + int uLevel = get_safe_offset(param, tpscnt, p, 2) ? SVAL(p,0) : -1; + int buf_len = get_safe_offset(param,tpscnt, p, 4) ? SVAL(p,2) : 0; + uint32 servertype = get_safe_offset(param,tpscnt,p,8) ? IVAL(p,4) : 0; char *p2; int data_len, fixed_len, string_len; int f_len = 0, s_len = 0; @@ -1272,6 +1297,10 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param BOOL domain_request; BOOL local_request; + if (!str1 || !str2 || !p) { + return False; + } + /* If someone sets all the bits they don't really mean to set DOMAIN_ENUM and LOCAL_LIST_ONLY, they just want all the known servers. */ @@ -1307,6 +1336,9 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request))); if (strcmp(str1, "WrLehDz") == 0) { + if (skip_string(param,tpscnt,p,1) == NULL) { + return False; + } pull_ascii_fstring(domain, p); } else { fstrcpy(domain, lp_workgroup()); @@ -1399,18 +1431,24 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param command 0x34 - suspected of being a "Lookup Names" stub api ****************************************************************************/ -static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *param, char *data, - int mdrcnt, int mprcnt, char **rdata, - char **rparam, int *rdata_len, int *rparam_len) +static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, int mprcnt, char **rdata, + char **rparam, int *rdata_len, int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); + int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + int buf_len = get_safe_offset(param,tpscnt,p,4) ? SVAL(p,2) : 0; int counted=0; int missed=0; + if (!str1 || !str2 || !p) { + return False; + } + DEBUG(5,("RNetGroupGetUsers: %s %s %s %d %d\n", str1, str2, p, uLevel, buf_len)); @@ -1582,18 +1620,25 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, return len; } -static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *netname = skip_string(str2,1); - char *p = skip_string(netname,1); - int uLevel = SVAL(p,0); - int snum = find_service(netname); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *netname = skip_string(param,tpscnt,str2,1); + char *p = skip_string(param,tpscnt,netname,1); + int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + int snum; + if (!str1 || !str2 || !netname || !p) { + return False; + } + + snum = find_service(netname); if (snum < 0) { return False; } @@ -1638,22 +1683,21 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *para Share names longer than 12 bytes must be skipped. ****************************************************************************/ -static BOOL api_RNetShareEnum( connection_struct *conn, - uint16 vuid, - char *param, - char *data, - int mdrcnt, - int mprcnt, - char **rdata, - char **rparam, - int *rdata_len, - int *rparam_len ) +static BOOL api_RNetShareEnum( connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, + int mprcnt, + char **rdata, + char **rparam, + int *rdata_len, + int *rparam_len ) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); + int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + int buf_len = get_safe_offset(param,tpscnt,p,4) ? SVAL(p,2) : 0; char *p2; int count = 0; int total=0,counted=0; @@ -1662,6 +1706,10 @@ static BOOL api_RNetShareEnum( connection_struct *conn, int data_len, fixed_len, string_len; int f_len = 0, s_len = 0; + if (!str1 || !str2 || !p) { + return False; + } + if (!prefix_ok(str1,"WrLeh")) { return False; } @@ -1743,15 +1791,17 @@ static BOOL api_RNetShareEnum( connection_struct *conn, Add a share ****************************************************************************/ -static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); + int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; fstring sharename; fstring comment; pstring pathname; @@ -1760,6 +1810,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch int snum; int res = ERRunsup; + if (!str1 || !str2 || !p) { + return False; + } + /* check it's a supported varient */ if (!prefix_ok(str1,RAP_WShareAdd_REQ)) { return False; @@ -1771,6 +1825,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch return False; } + /* Do we have a string ? */ + if (skip_string(data,mdrcnt,data,1) == NULL) { + return False; + } pull_ascii_fstring(sharename,data); snum = find_service(sharename); if (snum >= 0) { /* already exists */ @@ -1778,6 +1836,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch goto error_exit; } + if (mdrcnt < 28) { + return False; + } + /* only support disk share adds */ if (SVAL(data,14)!=STYPE_DISKTREE) { return False; @@ -1789,6 +1851,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch goto error_exit; } + /* Do we have a string ? */ + if (skip_string(data,mdrcnt,data+offset,1) == NULL) { + return False; + } pull_ascii_fstring(comment, offset? (data+offset) : ""); offset = IVAL(data, 26); @@ -1798,6 +1864,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch goto error_exit; } + /* Do we have a string ? */ + if (skip_string(data,mdrcnt,data+offset,1) == NULL) { + return False; + } pull_ascii_pstring(pathname, offset? (data+offset) : ""); string_replace(sharename, '"', ' '); @@ -1858,23 +1928,29 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch view list of groups available ****************************************************************************/ -static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { int i; int errflags=0; int resume_context, cli_buf_size; - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); struct pdb_search *search; struct samr_displayentry *entries; int num_entries; + if (!str1 || !str2 || !p) { + return False; + } + if (strcmp(str1,"WrLeh") != 0) { return False; } @@ -1901,8 +1977,8 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c return False; } - resume_context = SVAL(p,0); - cli_buf_size=SVAL(p+2,0); + resume_context = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + cli_buf_size= get_safe_offset(param,tpscnt,p,4) ? SVAL(p+2,0) : 0; DEBUG(10,("api_RNetGroupEnum:resume context: %d, client buffer size: " "%d\n", resume_context, cli_buf_size)); @@ -1958,16 +2034,18 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c Get groups that a user is a member of. ******************************************************************/ -static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *UserName = skip_string(str2,1); - char *p = skip_string(UserName,1); - int uLevel = SVAL(p,0); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *UserName = skip_string(param,tpscnt,str2,1); + char *p = skip_string(param,tpscnt,UserName,1); + int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; const char *level_string; int count=0; struct samu *sampw = NULL; @@ -1981,6 +2059,10 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para enum lsa_SidType type; TALLOC_CTX *mem_ctx; + if (!str1 || !str2 || !UserName || !p) { + return False; + } + *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); if (!*rparam) { @@ -2091,10 +2173,12 @@ done: Get all users. ******************************************************************/ -static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_RNetUserEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { int count_sent=0; int num_users=0; @@ -2103,9 +2187,13 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch struct pdb_search *search; struct samr_displayentry *users; - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); + + if (!str1 || !str2 || !p) { + return False; + } if (strcmp(str1,"WrLeh") != 0) return False; @@ -2117,8 +2205,8 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch * h -> return parameter total number of users */ - resume_context = SVAL(p,0); - cli_buf_size=SVAL(p+2,0); + resume_context = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + cli_buf_size= get_safe_offset(param,tpscnt,p,4) ? SVAL(p+2,0) : 0; DEBUG(10,("api_RNetUserEnum:resume context: %d, client buffer size: %d\n", resume_context, cli_buf_size)); @@ -2189,10 +2277,12 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch Get the time of day info. ****************************************************************************/ -static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { struct tm *t; time_t unixdate = time(NULL); @@ -2245,21 +2335,38 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,ch Set the user password. *****************************************************************************/ -static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *p = skip_string(param+2,2); + char *np = get_safe_offset(param,tpscnt,param,2); + char *p = skip_string(param,tpscnt,np,2); fstring user; fstring pass1,pass2; + if (!np || !p) { + return False; + } + + /* Do we have a string ? */ + if (skip_string(param,tpscnt,p,1) == NULL) { + return False; + } pull_ascii_fstring(user,p); - p = skip_string(p,1); + p = skip_string(param,tpscnt,p,1); + if (!p) { + return False; + } memset(pass1,'\0',sizeof(pass1)); memset(pass2,'\0',sizeof(pass2)); + if (get_safe_offset(param,tpscnt,p,32) == NULL) { + return False; + } memcpy(pass1,p,16); memcpy(pass2,p+16,16); @@ -2331,19 +2438,24 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param Set the user password (SamOEM version - gets plaintext). ****************************************************************************/ -static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { fstring user; - char *p = param + 2; + char *p = get_safe_offset(param,tpscnt,param,2); *rparam_len = 2; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); if (!*rparam) { return False; } + if (!p) { + return False; + } *rdata_len = 0; SSVAL(*rparam,0,NERR_badpass); @@ -2352,17 +2464,35 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * * Check the parameter definition is correct. */ - if(!strequal(param + 2, "zsT")) { - DEBUG(0,("api_SamOEMChangePassword: Invalid parameter string %s\n", param + 2)); + /* Do we have a string ? */ + if (skip_string(param,tpscnt,p,1) == 0) { + return False; + } + if(!strequal(p, "zsT")) { + DEBUG(0,("api_SamOEMChangePassword: Invalid parameter string %s\n", p)); + return False; + } + p = skip_string(param, tpscnt, p, 1); + if (!p) { return False; } - p = skip_string(p, 1); + /* Do we have a string ? */ + if (skip_string(param,tpscnt,p,1) == 0) { + return False; + } if(!strequal(p, "B516B16")) { DEBUG(0,("api_SamOEMChangePassword: Invalid data parameter string %s\n", p)); return False; } - p = skip_string(p,1); + p = skip_string(param,tpscnt,p,1); + if (!p) { + return False; + } + /* Do we have a string ? */ + if (skip_string(param,tpscnt,p,1) == 0) { + return False; + } p += pull_ascii_fstring(user,p); DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user)); @@ -2386,21 +2516,29 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * Form: <> ****************************************************************************/ -static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - int function = SVAL(param,0); - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + int function = get_safe_offset(param,tpscnt,param,2) ? SVAL(param,0) : 0; + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); uint32 jobid; int snum; fstring sharename; int errcode; WERROR werr = WERR_OK; + if (!str1 || !str2 || !p) { + return False; + } + if (get_safe_offset(param,tpscnt,p,2) == NULL) { + return False; + } if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) return False; @@ -2457,19 +2595,25 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param Purge a print queue - or pause or resume it. ****************************************************************************/ -static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - int function = SVAL(param,0); - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *QueueName = skip_string(str2,1); + int function = get_safe_offset(param,tpscnt,param,2) ? SVAL(param,0) : 0; + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *QueueName = skip_string(param,tpscnt,str2,1); int errcode = NERR_notsupported; int snum; WERROR werr = WERR_OK; + if (!str1 || !str2 || !QueueName) { + return False; + } + /* check it's a supported varient */ if (!(strcsequal(str1,"z") && strcsequal(str2,""))) return(False); @@ -2533,21 +2677,29 @@ static int check_printjob_info(struct pack_desc* desc, return True; } -static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_PrintJobInfo(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { struct pack_desc desc; - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); uint32 jobid; fstring sharename; - int uLevel = SVAL(p,2); - int function = SVAL(p,4); + int uLevel = get_safe_offset(param,tpscnt,p,4) ? SVAL(p,2) : -1; + int function = get_safe_offset(param,tpscnt,p,6) ? SVAL(p,4) : -1; int place, errcode; + if (!str1 || !str2 || !p) { + return False; + } + if (get_safe_offset(param,tpscnt,p,2) == NULL) { + return False; + } if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) return False; *rparam_len = 4; @@ -2609,18 +2761,24 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha Get info about the server. ****************************************************************************/ -static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); + int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; char *p2; int struct_len; + if (!str1 || !str2 || !p) { + return False; + } + DEBUG(4,("NetServerGetInfo level %d\n",uLevel)); /* check it's a supported varient */ @@ -2715,7 +2873,10 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par current_user_info.domain, comment, sizeof(comment)); StrnCpy(p2,comment,MAX(mdrcnt - struct_len,0)); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } } } @@ -2741,16 +2902,22 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par Get info about the server. ****************************************************************************/ -static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); char *p2; - int level = SVAL(p,0); + int level = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + + if (!str1 || !str2 || !p) { + return False; + } DEBUG(4,("NetWkstaGetInfo level %d\n",level)); @@ -2775,23 +2942,35 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param SSVAL(*rparam,2,0); /* converter word */ p = *rdata; - p2 = p + 22; + p2 = get_safe_offset(*rdata,*rdata_len,p,22); + if (!p2) { + return False; + } SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */ pstrcpy(p2,get_local_machine_name()); strupper_m(p2); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); pstrcpy(p2,current_user_info.smb_name); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */ pstrcpy(p2,lp_workgroup()); strupper_m(p2); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } p += 4; SCVAL(p,0,lp_major_announce_version()); /* system version - e.g 4 in 4.1 */ @@ -2800,12 +2979,18 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param SIVAL(p,0,PTR_DIFF(p2,*rdata)); pstrcpy(p2,lp_workgroup()); /* don't know. login domain?? */ - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */ pstrcpy(p2,""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } p += 4; *rdata_len = PTR_DIFF(p2,*rdata); @@ -2985,16 +3170,18 @@ There is no auxiliary data in the response. #define AF_OP_ACCOUNTS 3 -static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *UserName = skip_string(str2,1); - char *p = skip_string(UserName,1); - int uLevel = SVAL(p,0); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *UserName = skip_string(param,tpscnt,str2,1); + char *p = skip_string(param,tpscnt,UserName,1); + int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; char *p2; const char *level_string; @@ -3007,6 +3194,10 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param vuser->user.unix_name)); } + if (!str1 || !str2 || !UserName || !p) { + return False; + } + *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); if (!*rparam) { @@ -3042,7 +3233,10 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SSVAL(*rparam,2,0); /* converter word */ p = *rdata; - p2 = p + usri11_end; + p2 = get_safe_offset(*rdata,*rdata_len,p,usri11_end); + if (!p2) { + return False; + } memset(p,0,21); fstrcpy(p+usri11_name,UserName); /* 21 bytes - user name */ @@ -3055,16 +3249,25 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param if (uLevel >= 10) { SIVAL(p,usri11_comment,PTR_DIFF(p2,p)); /* comment */ pstrcpy(p2,"Comment"); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } SIVAL(p,usri11_usr_comment,PTR_DIFF(p2,p)); /* user_comment */ pstrcpy(p2,"UserComment"); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } /* EEK! the cifsrap.txt doesn't have this in!!!! */ SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */ pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } } if (uLevel == 11) { @@ -3074,22 +3277,34 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SIVALS(p,usri11_password_age,-1); /* password age */ SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */ pstrcpy(p2, vuser && vuser->homedir ? vuser->homedir : ""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } SIVAL(p,usri11_parms,PTR_DIFF(p2,p)); /* parms */ pstrcpy(p2,""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } SIVAL(p,usri11_last_logon,0); /* last logon */ SIVAL(p,usri11_last_logoff,0); /* last logoff */ SSVALS(p,usri11_bad_pw_count,-1); /* bad pw counts */ SSVALS(p,usri11_num_logons,-1); /* num logons */ SIVAL(p,usri11_logon_server,PTR_DIFF(p2,p)); /* logon server */ pstrcpy(p2,"\\\\*"); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } SSVAL(p,usri11_country_code,0); /* country code */ SIVAL(p,usri11_workstations,PTR_DIFF(p2,p)); /* workstations */ pstrcpy(p2,""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } SIVALS(p,usri11_max_storage,-1); /* max storage */ SSVAL(p,usri11_units_per_week,168); /* units per week */ @@ -3098,7 +3313,10 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param /* a simple way to get logon hours at all times. */ memset(p2,0xff,21); SCVAL(p2,21,0); /* fix zero termination */ - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } SSVAL(p,usri11_code_page,0); /* code page */ } @@ -3110,22 +3328,34 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ pstrcpy(p2, vuser && vuser->homedir ? vuser->homedir : ""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } SIVAL(p,48,PTR_DIFF(p2,*rdata)); /* comment */ *p2++ = 0; SSVAL(p,52,0); /* flags */ SIVAL(p,54,PTR_DIFF(p2,*rdata)); /* script_path */ pstrcpy(p2,vuser && vuser->logon_script ? vuser->logon_script : ""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } if (uLevel == 2) { SIVAL(p,60,0); /* auth_flags */ SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } SIVAL(p,68,0); /* urs_comment */ SIVAL(p,72,PTR_DIFF(p2,*rdata)); /* parms */ pstrcpy(p2,""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } SIVAL(p,76,0); /* workstations */ SIVAL(p,80,0); /* last_logon */ SIVAL(p,84,0); /* last_logoff */ @@ -3144,7 +3374,10 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param standard_sub_basic("", "", tmp, sizeof(tmp)); pstrcpy(p2, tmp); } - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2,1); + if (!p2) { + return False; + } SSVAL(p,110,49); /* country_code */ SSVAL(p,112,860); /* code page */ } @@ -3157,14 +3390,16 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param return(True); } -static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); int uLevel; struct pack_desc desc; char* name; @@ -3172,12 +3407,19 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param Don't depend on vuser being non-null !!. JRA */ user_struct *vuser = get_valid_user_struct(vuid); + if (!str1 || !str2 || !p) { + return False; + } + if(vuser != NULL) { DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, vuser->user.unix_name)); } - uLevel = SVAL(p,0); + uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + if (skip_string(param,tpscnt,p+2,1) == NULL) { + return False; + } name = p + 2; memset((char *)&desc,'\0',sizeof(desc)); @@ -3251,15 +3493,21 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param api_WAccessGetUserPerms ****************************************************************************/ -static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *user = skip_string(str2,1); - char *resource = skip_string(user,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *user = skip_string(param,tpscnt,str2,1); + char *resource = skip_string(param,tpscnt,user,1); + + if (!str1 || !str2 || !user || !resource) { + return False; + } DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user,resource)); @@ -3287,14 +3535,16 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *p api_WPrintJobEnumerate ****************************************************************************/ -static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); int uLevel; int count; int i; @@ -3306,7 +3556,11 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para print_status_struct status; char *tmpdata=NULL; - uLevel = SVAL(p,2); + if (!str1 || !str2 || !p) { + return False; + } + + uLevel = get_safe_offset(param,tpscnt,p,4) ? SVAL(p,2) : -1; memset((char *)&desc,'\0',sizeof(desc)); memset((char *)&status,'\0',sizeof(status)); @@ -3380,15 +3634,17 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para return True; } -static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - char* name = p; + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); + char *name = p; int uLevel; int count; int i, succnt=0; @@ -3397,11 +3653,18 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *pa print_queue_struct *queue=NULL; print_status_struct status; + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); memset((char *)&status,'\0',sizeof(status)); - p = skip_string(p,1); - uLevel = SVAL(p,0); + p = skip_string(param,tpscnt,p,1); + if (!p) { + return False; + } + uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name)); @@ -3524,24 +3787,33 @@ static void fill_printdest_info(connection_struct *conn, int snum, int uLevel, } } -static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); char* PrinterName = p; int uLevel; struct pack_desc desc; int snum; char *tmpdata=NULL; + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); - p = skip_string(p,1); - uLevel = SVAL(p,0); + p = skip_string(param,tpscnt,p,1); + if (!p) { + return False; + } + uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; DEBUG(3,("WPrintDestGetInfo uLevel=%d PrinterName=%s\n",uLevel,PrinterName)); @@ -3595,23 +3867,29 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par return True; } -static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintDestEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); int uLevel; int queuecnt; int i, n, succnt=0; struct pack_desc desc; int services = lp_numservices(); + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; DEBUG(3,("WPrintDestEnum uLevel=%d\n",uLevel)); @@ -3670,21 +3948,27 @@ static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param, return True; } -static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); int uLevel; int succnt; struct pack_desc desc; + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : 0; DEBUG(3,("WPrintDriverEnum uLevel=%d\n",uLevel)); @@ -3727,21 +4011,26 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *para return True; } -static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); int uLevel; int succnt; struct pack_desc desc; + if (!str1 || !str2 || !p) { + return False; + } memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; DEBUG(3,("WPrintQProcEnum uLevel=%d\n",uLevel)); @@ -3785,21 +4074,27 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param return True; } -static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintPortEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); int uLevel; int succnt; struct pack_desc desc; + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; DEBUG(3,("WPrintPortEnum uLevel=%d\n",uLevel)); @@ -3844,27 +4139,33 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param, return True; } - /**************************************************************************** List open sessions ****************************************************************************/ -static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param, char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) + +static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1,1); + char *p = skip_string(param,tpscnt,str2,1); int uLevel; struct pack_desc desc; struct sessionid *session_list; int i, num_sessions; + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; DEBUG(3,("RNetSessionEnum uLevel=%d\n",uLevel)); DEBUG(7,("RNetSessionEnum req string=%s\n",str1)); @@ -3951,10 +4252,12 @@ static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param, char The request is not supported. ****************************************************************************/ -static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, char *param, char *data, - int mdrcnt, int mprcnt, - char **rdata, char **rparam, - int *rdata_len, int *rparam_len) +static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, int mprcnt, + char **rdata, char **rparam, + int *rdata_len, int *rparam_len) { *rparam_len = 4; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); @@ -3975,7 +4278,9 @@ static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, char *param, c static const struct { const char *name; int id; - BOOL (*fn)(connection_struct *,uint16,char *,char *, + BOOL (*fn)(connection_struct *, uint16, + char *, int, + char *, int, int,int,char **,char **,int *,int *); BOOL auth_user; /* Deny anonymous access? */ } api_commands[] = { @@ -4030,6 +4335,8 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * int api_command; char *rdata = NULL; char *rparam = NULL; + const char *name1 = NULL; + const char *name2 = NULL; int rdata_len = 0; int rparam_len = 0; BOOL reply=False; @@ -4040,12 +4347,25 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * return 0; } + if (tpscnt < 2) { + return 0; + } api_command = SVAL(params,0); + /* Is there a string at position params+2 ? */ + if (skip_string(params,tpscnt,params+2,1)) { + name1 = params + 2; + } else { + name1 = ""; + } + name2 = skip_string(params,tpscnt,params+2,1); + if (!name2) { + name2 = ""; + } DEBUG(3,("Got API command %d of form <%s> <%s> (tdscnt=%d,tpscnt=%d,mdrcnt=%d,mprcnt=%d)\n", api_command, - params+2, - skip_string(params+2,1), + name1, + name2, tdscnt,tpscnt,mdrcnt,mprcnt)); for (i=0;api_commands[i].name;i++) { @@ -4082,7 +4402,11 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * return -1; } - reply = api_commands[i].fn(conn,vuid,params,data,mdrcnt,mprcnt, + reply = api_commands[i].fn(conn, + vuid, + params,tpscnt, /* params + length */ + data,tdscnt, /* data + length */ + mdrcnt,mprcnt, &rdata,&rparam,&rdata_len,&rparam_len); @@ -4093,7 +4417,7 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * /* if we get False back then it's actually unsupported */ if (!reply) { - reply = api_Unsupported(conn,vuid,params,data,mdrcnt,mprcnt, + reply = api_Unsupported(conn,vuid,params,tpscnt,data,tdscnt,mdrcnt,mprcnt, &rdata,&rparam,&rdata_len,&rparam_len); } -- cgit From 730bfd9ced5dc7bf6948de66834f3e465a8cc724 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 31 Mar 2007 01:14:00 +0000 Subject: r22017: After changing 2000 lines of this I think this is needed :-). Jeremy. (This used to be commit 99092e8841edea468fa1e59a8c725f3467b58966) --- source3/smbd/lanman.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 905b6a023a..f0e553e231 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2,6 +2,7 @@ Unix SMB/CIFS implementation. Inter-process communication and named pipe handling Copyright (C) Andrew Tridgell 1992-1998 + Copyright (C) Jeremy Allison 2007. SMB Version handling Copyright (C) John H Terpstra 1995-1998 -- cgit From e5358d6c55cc0aae64447d32611bea4c249f0788 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 2 Apr 2007 19:04:57 +0000 Subject: r22042: Try and clean up my own mess using the API Volker suggested. I now use : BOOL is_offset_safe(const char *buf_base, size_t buf_len, char *ptr, size_t off) char *get_safe_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off) char *get_safe_str_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off) int get_safe_SVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval) int get_safe_IVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval) Volker, please criticize and comment. Thanks, Jeremy. (This used to be commit d47af7c9263f519e7307859b6a696d854c5dfca3) --- source3/smbd/lanman.c | 147 ++++++++++++++++++++++++++------------------------ 1 file changed, 76 insertions(+), 71 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index f0e553e231..03411b8dd9 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -777,7 +777,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); char *QueueName = p; @@ -800,10 +800,9 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, if (!p) { return False; } - uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; - str3 = get_safe_offset(param,tpscnt,p,4) ? p + 4 : 0; - /* Check if string exists. */ - if (skip_string(param,tpscnt,str3,1) == NULL) { + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + str3 = get_safe_str_ptr(param,tpscnt,p,4); + if (!str3) { return False; } @@ -905,11 +904,11 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char **rdata, char** rparam, int *rdata_len, int *rparam_len) { - char *param_format = get_safe_offset(param,tpscnt,param,2); + char *param_format = get_safe_str_ptr(param,tpscnt,param,2); char *output_format1 = skip_string(param,tpscnt,param_format,1); char *p = skip_string(param,tpscnt,output_format1,1); - unsigned int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; - char *output_format2 = get_safe_offset(param,tpscnt,p,4); + unsigned int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + char *output_format2 = get_safe_str_ptr(param,tpscnt,p,4); int services = lp_numservices(); int i, n; struct pack_desc desc; @@ -1282,12 +1281,12 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, int mdrcnt, int mprcnt, char **rdata, char **rparam, int *rdata_len, int *rparam_len) { - char *str1 = get_safe_offset(param, tpscnt, param, 2); + char *str1 = get_safe_str_ptr(param, tpscnt, param, 2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); - int uLevel = get_safe_offset(param, tpscnt, p, 2) ? SVAL(p,0) : -1; - int buf_len = get_safe_offset(param,tpscnt, p, 4) ? SVAL(p,2) : 0; - uint32 servertype = get_safe_offset(param,tpscnt,p,8) ? IVAL(p,4) : 0; + int uLevel = get_safe_SVAL(param, tpscnt, p, 0, -1); + int buf_len = get_safe_SVAL(param,tpscnt, p, 2, 0); + uint32 servertype = get_safe_IVAL(param,tpscnt,p,4, 0); char *p2; int data_len, fixed_len, string_len; int f_len = 0, s_len = 0; @@ -1438,11 +1437,11 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, int mdrcnt, int mprcnt, char **rdata, char **rparam, int *rdata_len, int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); - int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; - int buf_len = get_safe_offset(param,tpscnt,p,4) ? SVAL(p,2) : 0; + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + int buf_len = get_safe_SVAL(param,tpscnt,p,2,0); int counted=0; int missed=0; @@ -1628,11 +1627,11 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *netname = skip_string(param,tpscnt,str2,1); char *p = skip_string(param,tpscnt,netname,1); - int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); int snum; if (!str1 || !str2 || !netname || !p) { @@ -1694,11 +1693,11 @@ static BOOL api_RNetShareEnum( connection_struct *conn, uint16 vuid, int *rdata_len, int *rparam_len ) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); - int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; - int buf_len = get_safe_offset(param,tpscnt,p,4) ? SVAL(p,2) : 0; + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + int buf_len = get_safe_SVAL(param,tpscnt,p,2,0); char *p2; int count = 0; int total=0,counted=0; @@ -1799,10 +1798,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); - int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); fstring sharename; fstring comment; pstring pathname; @@ -1939,7 +1938,7 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, int i; int errflags=0; int resume_context, cli_buf_size; - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); @@ -1978,8 +1977,8 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, return False; } - resume_context = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; - cli_buf_size= get_safe_offset(param,tpscnt,p,4) ? SVAL(p+2,0) : 0; + resume_context = get_safe_SVAL(param,tpscnt,p,0,-1); + cli_buf_size= get_safe_SVAL(param,tpscnt,p,2,0); DEBUG(10,("api_RNetGroupEnum:resume context: %d, client buffer size: " "%d\n", resume_context, cli_buf_size)); @@ -2042,11 +2041,11 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *UserName = skip_string(param,tpscnt,str2,1); char *p = skip_string(param,tpscnt,UserName,1); - int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); const char *level_string; int count=0; struct samu *sampw = NULL; @@ -2188,7 +2187,7 @@ static BOOL api_RNetUserEnum(connection_struct *conn, uint16 vuid, struct pdb_search *search; struct samr_displayentry *users; - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); @@ -2206,8 +2205,8 @@ static BOOL api_RNetUserEnum(connection_struct *conn, uint16 vuid, * h -> return parameter total number of users */ - resume_context = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; - cli_buf_size= get_safe_offset(param,tpscnt,p,4) ? SVAL(p+2,0) : 0; + resume_context = get_safe_SVAL(param,tpscnt,p,0,-1); + cli_buf_size= get_safe_SVAL(param,tpscnt,p,2,0); DEBUG(10,("api_RNetUserEnum:resume context: %d, client buffer size: %d\n", resume_context, cli_buf_size)); @@ -2343,7 +2342,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *np = get_safe_offset(param,tpscnt,param,2); + char *np = get_safe_str_ptr(param,tpscnt,param,2); char *p = skip_string(param,tpscnt,np,2); fstring user; fstring pass1,pass2; @@ -2365,7 +2364,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, memset(pass1,'\0',sizeof(pass1)); memset(pass2,'\0',sizeof(pass2)); - if (get_safe_offset(param,tpscnt,p,32) == NULL) { + if (!is_offset_safe(param,tpscnt,p,32)) { return False; } memcpy(pass1,p,16); @@ -2447,7 +2446,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, int *rdata_len,int *rparam_len) { fstring user; - char *p = get_safe_offset(param,tpscnt,param,2); + char *p = get_safe_str_ptr(param,tpscnt,param,2); *rparam_len = 2; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); if (!*rparam) { @@ -2524,8 +2523,8 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - int function = get_safe_offset(param,tpscnt,param,2) ? SVAL(param,0) : 0; - char *str1 = get_safe_offset(param,tpscnt,param,2); + int function = get_safe_SVAL(param,tpscnt,param,0,0); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); uint32 jobid; @@ -2537,7 +2536,7 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, if (!str1 || !str2 || !p) { return False; } - if (get_safe_offset(param,tpscnt,p,2) == NULL) { + if (!is_offset_safe(param,tpscnt,p,2)) { return False; } if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) @@ -2603,8 +2602,8 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - int function = get_safe_offset(param,tpscnt,param,2) ? SVAL(param,0) : 0; - char *str1 = get_safe_offset(param,tpscnt,param,2); + int function = get_safe_SVAL(param,tpscnt,param,0,0); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *QueueName = skip_string(param,tpscnt,str2,1); int errcode = NERR_notsupported; @@ -2626,6 +2625,9 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, } *rdata_len = 0; + if (skip_string(param,tpscnt,QueueName,1) == NULL) { + return False; + } snum = print_queue_snum(QueueName); if (snum == -1) { @@ -2686,19 +2688,19 @@ static BOOL api_PrintJobInfo(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { struct pack_desc desc; - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); uint32 jobid; fstring sharename; - int uLevel = get_safe_offset(param,tpscnt,p,4) ? SVAL(p,2) : -1; - int function = get_safe_offset(param,tpscnt,p,6) ? SVAL(p,4) : -1; + int uLevel = get_safe_SVAL(param,tpscnt,p,2,-1); + int function = get_safe_SVAL(param,tpscnt,p,4,-1); int place, errcode; if (!str1 || !str2 || !p) { return False; } - if (get_safe_offset(param,tpscnt,p,2) == NULL) { + if (!is_offset_safe(param,tpscnt,p,2)) { return False; } if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) @@ -2769,10 +2771,10 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); - int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); char *p2; int struct_len; @@ -2910,11 +2912,11 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); char *p2; - int level = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + int level = get_safe_SVAL(param,tpscnt,p,0,-1); if (!str1 || !str2 || !p) { return False; @@ -2943,7 +2945,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, SSVAL(*rparam,2,0); /* converter word */ p = *rdata; - p2 = get_safe_offset(*rdata,*rdata_len,p,22); + p2 = get_safe_ptr(*rdata,*rdata_len,p,22); if (!p2) { return False; } @@ -3178,11 +3180,11 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *UserName = skip_string(param,tpscnt,str2,1); char *p = skip_string(param,tpscnt,UserName,1); - int uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); char *p2; const char *level_string; @@ -3234,7 +3236,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SSVAL(*rparam,2,0); /* converter word */ p = *rdata; - p2 = get_safe_offset(*rdata,*rdata_len,p,usri11_end); + p2 = get_safe_ptr(*rdata,*rdata_len,p,usri11_end); if (!p2) { return False; } @@ -3398,7 +3400,7 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); int uLevel; @@ -3417,11 +3419,11 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, vuser->user.unix_name)); } - uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; - if (skip_string(param,tpscnt,p+2,1) == NULL) { + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + name = get_safe_str_ptr(param,tpscnt,p,2); + if (!name) { return False; } - name = p + 2; memset((char *)&desc,'\0',sizeof(desc)); @@ -3501,7 +3503,7 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *user = skip_string(param,tpscnt,str2,1); char *resource = skip_string(param,tpscnt,user,1); @@ -3510,6 +3512,9 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, return False; } + if (skip_string(param,tpscnt,resource,1) == NULL) { + return False; + } DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user,resource)); /* check it's a supported varient */ @@ -3543,7 +3548,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); int uLevel; @@ -3561,7 +3566,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, return False; } - uLevel = get_safe_offset(param,tpscnt,p,4) ? SVAL(p,2) : -1; + uLevel = get_safe_SVAL(param,tpscnt,p,2,-1); memset((char *)&desc,'\0',sizeof(desc)); memset((char *)&status,'\0',sizeof(status)); @@ -3642,7 +3647,7 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); char *name = p; @@ -3665,7 +3670,7 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, if (!p) { return False; } - uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name)); @@ -3795,7 +3800,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); char* PrinterName = p; @@ -3814,7 +3819,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, if (!p) { return False; } - uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintDestGetInfo uLevel=%d PrinterName=%s\n",uLevel,PrinterName)); @@ -3875,7 +3880,7 @@ static BOOL api_WPrintDestEnum(connection_struct *conn, uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); int uLevel; @@ -3890,7 +3895,7 @@ static BOOL api_WPrintDestEnum(connection_struct *conn, uint16 vuid, memset((char *)&desc,'\0',sizeof(desc)); - uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintDestEnum uLevel=%d\n",uLevel)); @@ -3956,7 +3961,7 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); int uLevel; @@ -3969,7 +3974,7 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, memset((char *)&desc,'\0',sizeof(desc)); - uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : 0; + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintDriverEnum uLevel=%d\n",uLevel)); @@ -4019,7 +4024,7 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); int uLevel; @@ -4031,7 +4036,7 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, } memset((char *)&desc,'\0',sizeof(desc)); - uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintQProcEnum uLevel=%d\n",uLevel)); @@ -4082,7 +4087,7 @@ static BOOL api_WPrintPortEnum(connection_struct *conn, uint16 vuid, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); int uLevel; @@ -4095,7 +4100,7 @@ static BOOL api_WPrintPortEnum(connection_struct *conn, uint16 vuid, memset((char *)&desc,'\0',sizeof(desc)); - uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintPortEnum uLevel=%d\n",uLevel)); @@ -4152,7 +4157,7 @@ static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { - char *str1 = get_safe_offset(param,tpscnt,param,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1,1); char *p = skip_string(param,tpscnt,str2,1); int uLevel; @@ -4166,7 +4171,7 @@ static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, memset((char *)&desc,'\0',sizeof(desc)); - uLevel = get_safe_offset(param,tpscnt,p,2) ? SVAL(p,0) : -1; + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("RNetSessionEnum uLevel=%d\n",uLevel)); DEBUG(7,("RNetSessionEnum req string=%s\n",str1)); -- cgit From 7371762dae1127117470c436ad0e3521f4bd4a35 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 2 Apr 2007 19:46:27 +0000 Subject: r22043: Comparing lanman.c with -r22013 is now MUCH easier, thanks! This looks much easier to review! Damn close to what I had in my tree, just the fn names were slightly different. This removes one unnecessary dupe. Next thing is to get rid of the parameter "n" of skip_string, there is only one (!) caller that does not pass in 1.... Volker (This used to be commit 2878c1e93a8d71288fa3144cff57bce66c592e22) --- source3/smbd/lanman.c | 3 --- 1 file changed, 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 03411b8dd9..f7fe965430 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -921,9 +921,6 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, return False; } - uLevel = SVAL(p,0); - output_format2 = p + 4; - memset((char *)&desc,'\0',sizeof(desc)); DEBUG(3,("DosPrintQEnum uLevel=%d\n",uLevel)); -- cgit From 8990b13d2f576aac2e32cec91c0a70adf8b58539 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 2 Apr 2007 20:04:05 +0000 Subject: r22044: Remove the only skip_string(...,2) caller (This used to be commit 08ea2b83b26968990fce191cdafe26d3183518a6) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index f7fe965430..1f38f65f3e 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2340,7 +2340,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, int *rdata_len,int *rparam_len) { char *np = get_safe_str_ptr(param,tpscnt,param,2); - char *p = skip_string(param,tpscnt,np,2); + char *p = skip_string(param,tpscnt,skip_string(param,tpscnt,np,1),1); fstring user; fstring pass1,pass2; -- cgit From 0a2cc569a1803f459f7db77d03e6e90ae30aa35d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 2 Apr 2007 20:10:21 +0000 Subject: r22045: As Volker noticed, skip_string's last argument is redundent. Remove it. Jeremy. (This used to be commit 140881cfbb59ce4a699b5900efe02bf315be7bd5) --- source3/smbd/lanman.c | 192 ++++++++++++++++++++++++++------------------------ 1 file changed, 98 insertions(+), 94 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 1f38f65f3e..0ef6fe1c47 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -778,8 +778,8 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); char *QueueName = p; unsigned int uLevel; int count=0; @@ -796,7 +796,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, memset((char *)&status,'\0',sizeof(status)); memset((char *)&desc,'\0',sizeof(desc)); - p = skip_string(param,tpscnt,p,1); + p = skip_string(param,tpscnt,p); if (!p) { return False; } @@ -905,8 +905,8 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, int *rdata_len, int *rparam_len) { char *param_format = get_safe_str_ptr(param,tpscnt,param,2); - char *output_format1 = skip_string(param,tpscnt,param_format,1); - char *p = skip_string(param,tpscnt,output_format1,1); + char *output_format1 = skip_string(param,tpscnt,param_format); + char *p = skip_string(param,tpscnt,output_format1); unsigned int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); char *output_format2 = get_safe_str_ptr(param,tpscnt,p,4); int services = lp_numservices(); @@ -1279,8 +1279,8 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char **rparam, int *rdata_len, int *rparam_len) { char *str1 = get_safe_str_ptr(param, tpscnt, param, 2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel = get_safe_SVAL(param, tpscnt, p, 0, -1); int buf_len = get_safe_SVAL(param,tpscnt, p, 2, 0); uint32 servertype = get_safe_IVAL(param,tpscnt,p,4, 0); @@ -1333,7 +1333,7 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request))); if (strcmp(str1, "WrLehDz") == 0) { - if (skip_string(param,tpscnt,p,1) == NULL) { + if (skip_string(param,tpscnt,p) == NULL) { return False; } pull_ascii_fstring(domain, p); @@ -1435,8 +1435,8 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char **rparam, int *rdata_len, int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); int buf_len = get_safe_SVAL(param,tpscnt,p,2,0); int counted=0; @@ -1625,9 +1625,9 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *netname = skip_string(param,tpscnt,str2,1); - char *p = skip_string(param,tpscnt,netname,1); + char *str2 = skip_string(param,tpscnt,str1); + char *netname = skip_string(param,tpscnt,str2); + char *p = skip_string(param,tpscnt,netname); int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); int snum; @@ -1691,8 +1691,8 @@ static BOOL api_RNetShareEnum( connection_struct *conn, uint16 vuid, int *rparam_len ) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); int buf_len = get_safe_SVAL(param,tpscnt,p,2,0); char *p2; @@ -1796,8 +1796,8 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); fstring sharename; fstring comment; @@ -1823,7 +1823,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, } /* Do we have a string ? */ - if (skip_string(data,mdrcnt,data,1) == NULL) { + if (skip_string(data,mdrcnt,data) == NULL) { return False; } pull_ascii_fstring(sharename,data); @@ -1849,7 +1849,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, } /* Do we have a string ? */ - if (skip_string(data,mdrcnt,data+offset,1) == NULL) { + if (skip_string(data,mdrcnt,data+offset) == NULL) { return False; } pull_ascii_fstring(comment, offset? (data+offset) : ""); @@ -1862,7 +1862,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, } /* Do we have a string ? */ - if (skip_string(data,mdrcnt,data+offset,1) == NULL) { + if (skip_string(data,mdrcnt,data+offset) == NULL) { return False; } pull_ascii_pstring(pathname, offset? (data+offset) : ""); @@ -1936,8 +1936,8 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, int errflags=0; int resume_context, cli_buf_size; char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); struct pdb_search *search; struct samr_displayentry *entries; @@ -2039,9 +2039,9 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *UserName = skip_string(param,tpscnt,str2,1); - char *p = skip_string(param,tpscnt,UserName,1); + char *str2 = skip_string(param,tpscnt,str1); + char *UserName = skip_string(param,tpscnt,str2); + char *p = skip_string(param,tpscnt,UserName); int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); const char *level_string; int count=0; @@ -2185,8 +2185,8 @@ static BOOL api_RNetUserEnum(connection_struct *conn, uint16 vuid, struct samr_displayentry *users; char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); if (!str1 || !str2 || !p) { return False; @@ -2340,21 +2340,25 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, int *rdata_len,int *rparam_len) { char *np = get_safe_str_ptr(param,tpscnt,param,2); - char *p = skip_string(param,tpscnt,skip_string(param,tpscnt,np,1),1); + char *p = NULL; fstring user; fstring pass1,pass2; + /* Skip 2 strings. */ + p = skip_string(param,tpscnt,np); + p = skip_string(param,tpscnt,p); + if (!np || !p) { return False; } /* Do we have a string ? */ - if (skip_string(param,tpscnt,p,1) == NULL) { + if (skip_string(param,tpscnt,p) == NULL) { return False; } pull_ascii_fstring(user,p); - p = skip_string(param,tpscnt,p,1); + p = skip_string(param,tpscnt,p); if (!p) { return False; } @@ -2462,32 +2466,32 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, */ /* Do we have a string ? */ - if (skip_string(param,tpscnt,p,1) == 0) { + if (skip_string(param,tpscnt,p) == 0) { return False; } if(!strequal(p, "zsT")) { DEBUG(0,("api_SamOEMChangePassword: Invalid parameter string %s\n", p)); return False; } - p = skip_string(param, tpscnt, p, 1); + p = skip_string(param, tpscnt, p); if (!p) { return False; } /* Do we have a string ? */ - if (skip_string(param,tpscnt,p,1) == 0) { + if (skip_string(param,tpscnt,p) == 0) { return False; } if(!strequal(p, "B516B16")) { DEBUG(0,("api_SamOEMChangePassword: Invalid data parameter string %s\n", p)); return False; } - p = skip_string(param,tpscnt,p,1); + p = skip_string(param,tpscnt,p); if (!p) { return False; } /* Do we have a string ? */ - if (skip_string(param,tpscnt,p,1) == 0) { + if (skip_string(param,tpscnt,p) == 0) { return False; } p += pull_ascii_fstring(user,p); @@ -2522,8 +2526,8 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, { int function = get_safe_SVAL(param,tpscnt,param,0,0); char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); uint32 jobid; int snum; fstring sharename; @@ -2601,8 +2605,8 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, { int function = get_safe_SVAL(param,tpscnt,param,0,0); char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *QueueName = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *QueueName = skip_string(param,tpscnt,str2); int errcode = NERR_notsupported; int snum; WERROR werr = WERR_OK; @@ -2622,7 +2626,7 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, } *rdata_len = 0; - if (skip_string(param,tpscnt,QueueName,1) == NULL) { + if (skip_string(param,tpscnt,QueueName) == NULL) { return False; } snum = print_queue_snum(QueueName); @@ -2686,8 +2690,8 @@ static BOOL api_PrintJobInfo(connection_struct *conn, uint16 vuid, { struct pack_desc desc; char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); uint32 jobid; fstring sharename; int uLevel = get_safe_SVAL(param,tpscnt,p,2,-1); @@ -2769,8 +2773,8 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); char *p2; int struct_len; @@ -2873,7 +2877,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, current_user_info.domain, comment, sizeof(comment)); StrnCpy(p2,comment,MAX(mdrcnt - struct_len,0)); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -2910,8 +2914,8 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); char *p2; int level = get_safe_SVAL(param,tpscnt,p,0,-1); @@ -2950,7 +2954,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */ pstrcpy(p2,get_local_machine_name()); strupper_m(p2); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -2958,7 +2962,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, SIVAL(p,0,PTR_DIFF(p2,*rdata)); pstrcpy(p2,current_user_info.smb_name); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -2967,7 +2971,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */ pstrcpy(p2,lp_workgroup()); strupper_m(p2); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -2979,7 +2983,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, SIVAL(p,0,PTR_DIFF(p2,*rdata)); pstrcpy(p2,lp_workgroup()); /* don't know. login domain?? */ - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -2987,7 +2991,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */ pstrcpy(p2,""); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3178,9 +3182,9 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *UserName = skip_string(param,tpscnt,str2,1); - char *p = skip_string(param,tpscnt,UserName,1); + char *str2 = skip_string(param,tpscnt,str1); + char *UserName = skip_string(param,tpscnt,str2); + char *p = skip_string(param,tpscnt,UserName); int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); char *p2; const char *level_string; @@ -3249,14 +3253,14 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, if (uLevel >= 10) { SIVAL(p,usri11_comment,PTR_DIFF(p2,p)); /* comment */ pstrcpy(p2,"Comment"); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } SIVAL(p,usri11_usr_comment,PTR_DIFF(p2,p)); /* user_comment */ pstrcpy(p2,"UserComment"); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3264,7 +3268,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, /* EEK! the cifsrap.txt doesn't have this in!!!! */ SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */ pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3277,13 +3281,13 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SIVALS(p,usri11_password_age,-1); /* password age */ SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */ pstrcpy(p2, vuser && vuser->homedir ? vuser->homedir : ""); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } SIVAL(p,usri11_parms,PTR_DIFF(p2,p)); /* parms */ pstrcpy(p2,""); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3293,7 +3297,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SSVALS(p,usri11_num_logons,-1); /* num logons */ SIVAL(p,usri11_logon_server,PTR_DIFF(p2,p)); /* logon server */ pstrcpy(p2,"\\\\*"); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3301,7 +3305,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SIVAL(p,usri11_workstations,PTR_DIFF(p2,p)); /* workstations */ pstrcpy(p2,""); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3313,7 +3317,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, /* a simple way to get logon hours at all times. */ memset(p2,0xff,21); SCVAL(p2,21,0); /* fix zero termination */ - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3328,7 +3332,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ pstrcpy(p2, vuser && vuser->homedir ? vuser->homedir : ""); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3337,7 +3341,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SSVAL(p,52,0); /* flags */ SIVAL(p,54,PTR_DIFF(p2,*rdata)); /* script_path */ pstrcpy(p2,vuser && vuser->logon_script ? vuser->logon_script : ""); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3345,14 +3349,14 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SIVAL(p,60,0); /* auth_flags */ SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } SIVAL(p,68,0); /* urs_comment */ SIVAL(p,72,PTR_DIFF(p2,*rdata)); /* parms */ pstrcpy(p2,""); - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3374,7 +3378,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, standard_sub_basic("", "", tmp, sizeof(tmp)); pstrcpy(p2, tmp); } - p2 = skip_string(*rdata,*rdata_len,p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } @@ -3398,8 +3402,8 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; struct pack_desc desc; char* name; @@ -3501,15 +3505,15 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *user = skip_string(param,tpscnt,str2,1); - char *resource = skip_string(param,tpscnt,user,1); + char *str2 = skip_string(param,tpscnt,str1); + char *user = skip_string(param,tpscnt,str2); + char *resource = skip_string(param,tpscnt,user); if (!str1 || !str2 || !user || !resource) { return False; } - if (skip_string(param,tpscnt,resource,1) == NULL) { + if (skip_string(param,tpscnt,resource) == NULL) { return False; } DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user,resource)); @@ -3546,8 +3550,8 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; int count; int i; @@ -3645,8 +3649,8 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); char *name = p; int uLevel; int count; @@ -3663,7 +3667,7 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, memset((char *)&desc,'\0',sizeof(desc)); memset((char *)&status,'\0',sizeof(status)); - p = skip_string(param,tpscnt,p,1); + p = skip_string(param,tpscnt,p); if (!p) { return False; } @@ -3798,8 +3802,8 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); char* PrinterName = p; int uLevel; struct pack_desc desc; @@ -3812,7 +3816,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, memset((char *)&desc,'\0',sizeof(desc)); - p = skip_string(param,tpscnt,p,1); + p = skip_string(param,tpscnt,p); if (!p) { return False; } @@ -3878,8 +3882,8 @@ static BOOL api_WPrintDestEnum(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; int queuecnt; int i, n, succnt=0; @@ -3959,8 +3963,8 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; int succnt; struct pack_desc desc; @@ -4022,8 +4026,8 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; int succnt; struct pack_desc desc; @@ -4085,8 +4089,8 @@ static BOOL api_WPrintPortEnum(connection_struct *conn, uint16 vuid, int *rdata_len,int *rparam_len) { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; int succnt; struct pack_desc desc; @@ -4155,8 +4159,8 @@ static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, { char *str1 = get_safe_str_ptr(param,tpscnt,param,2); - char *str2 = skip_string(param,tpscnt,str1,1); - char *p = skip_string(param,tpscnt,str2,1); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; struct pack_desc desc; struct sessionid *session_list; @@ -4355,12 +4359,12 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * } api_command = SVAL(params,0); /* Is there a string at position params+2 ? */ - if (skip_string(params,tpscnt,params+2,1)) { + if (skip_string(params,tpscnt,params+2)) { name1 = params + 2; } else { name1 = ""; } - name2 = skip_string(params,tpscnt,params+2,1); + name2 = skip_string(params,tpscnt,params+2); if (!name2) { name2 = ""; } -- cgit From afd637e926c70f9ca88d8e85ea2c684032962bc9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 3 Apr 2007 04:52:09 +0000 Subject: r22050: Fix a couple of off-by-one errors in the rap call patch. Jerry, this works now for displaying shares on Win9x (and hopefully everything else as well :-). Jeremy. (This used to be commit 728a4cc71376f9cfff2578d21a47602f8b7c6531) --- source3/smbd/lanman.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 0ef6fe1c47..4ca9a4b051 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2365,7 +2365,11 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, memset(pass1,'\0',sizeof(pass1)); memset(pass2,'\0',sizeof(pass2)); - if (!is_offset_safe(param,tpscnt,p,32)) { + /* + * We use 31 here not 32 as we're checking + * the last byte we want to access is safe. + */ + if (!is_offset_safe(param,tpscnt,p,31)) { return False; } memcpy(pass1,p,16); @@ -2537,7 +2541,11 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, if (!str1 || !str2 || !p) { return False; } - if (!is_offset_safe(param,tpscnt,p,2)) { + /* + * We use 1 here not 2 as we're checking + * the last byte we want to access is safe. + */ + if (!is_offset_safe(param,tpscnt,p,1)) { return False; } if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) @@ -2701,7 +2709,11 @@ static BOOL api_PrintJobInfo(connection_struct *conn, uint16 vuid, if (!str1 || !str2 || !p) { return False; } - if (!is_offset_safe(param,tpscnt,p,2)) { + /* + * We use 1 here not 2 as we're checking + * the last byte we want to access is safe. + */ + if (!is_offset_safe(param,tpscnt,p,1)) { return False; } if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) -- cgit From 97e3cb896f284ba5330ad834a821a3a227e9abe4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 4 Apr 2007 00:03:12 +0000 Subject: r22065: First logic change I've found :-(. We were being too restrictive about strings being NULL. If an info level doesn't use a subformat the subformat string may be missing (null). Add debug statements to help track this. Jeremy (This used to be commit 70875f92a22985539dc41e26a084218a45e1a13f) --- source3/smbd/lanman.c | 33 ++++++++++++++++++++++++--------- 1 file changed, 24 insertions(+), 9 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 4ca9a4b051..15e0284521 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -441,12 +441,18 @@ static int check_printq_info(struct pack_desc* desc, desc->subformat = "z"; break; default: + DEBUG(0,("check_printq_info: invalid level %d\n", + uLevel )); return False; } - if (strcmp(desc->format,id1) != 0) { + if (id1 == NULL || strcmp(desc->format,id1) != 0) { + DEBUG(0,("check_printq_info: invalid format %s\n", + id1 ? id1 : "" )); return False; } - if (desc->subformat && strcmp(desc->subformat,id2) != 0) { + if (desc->subformat && (id2 == NULL || strcmp(desc->subformat,id2) != 0)) { + DEBUG(0,("check_printq_info: invalid subformat %s\n", + id2 ? id2 : "" )); return False; } return True; @@ -802,9 +808,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, } uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); str3 = get_safe_str_ptr(param,tpscnt,p,4); - if (!str3) { - return False; - } + /* str3 may be null here and is checked in check_printq_info(). */ /* remove any trailing username */ if ((p = strchr_m(QueueName,'%'))) @@ -917,7 +921,7 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, int *subcntarr = NULL; int queuecnt = 0, subcnt = 0, succnt = 0; - if (!param_format || !output_format1 || !p || !output_format2) { + if (!param_format || !output_format1 || !p) { return False; } @@ -2683,9 +2687,16 @@ static int check_printjob_info(struct pack_desc* desc, case 2: desc->format = "WWzWWDDzz"; break; case 3: desc->format = "WWzWWDDzzzzzzzzzzlz"; break; case 4: desc->format = "WWzWWDDzzzzzDDDDDDD"; break; - default: return False; + default: + DEBUG(0,("check_printjob_info: invalid level %d\n", + uLevel )); + return False; + } + if (id == NULL || strcmp(desc->format,id) != 0) { + DEBUG(0,("check_printjob_info: invalid format %s\n", + id ? id : "" )); + return False; } - if (strcmp(desc->format,id) != 0) return False; return True; } @@ -3762,9 +3773,13 @@ static int check_printdest_info(struct pack_desc* desc, desc->format = "zzzWWzzzWW"; break; default: + DEBUG(0,("check_printdest_info: invalid level %d\n", + uLevel)); return False; } - if (strcmp(desc->format,id) != 0) { + if (id == NULL || strcmp(desc->format,id) != 0) { + DEBUG(0,("check_printdest_info: invalid string %s\n", + id ? id : "" )); return False; } return True; -- cgit From 0829e1ad1c3646efecf50729f493b9ee72ef0517 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 19 Apr 2007 22:40:32 +0000 Subject: r22391: Looks bigger than it is. Make "inbuf" available to all callers of smb_setlen (via set_message() calls). This will allow the server to reflect back the correct encryption context. Jeremy. (This used to be commit 2d80a96120a5fe2fe726f00746d36d85044c4bdb) --- source3/smbd/lanman.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 15e0284521..cd2750d759 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -4360,11 +4360,19 @@ static const struct { /**************************************************************************** - Handle remote api calls - ****************************************************************************/ + Handle remote api calls. +****************************************************************************/ -int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char *params, - int tdscnt,int tpscnt,int mdrcnt,int mprcnt) +int api_reply(connection_struct *conn, + uint16 vuid, + const char *inbuf, + char *outbuf, + char *data, + char *params, + int tdscnt, + int tpscnt, + int mdrcnt, + int mprcnt) { int api_command; char *rdata = NULL; @@ -4457,7 +4465,13 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * /* If api_Unsupported returns false we can't return anything. */ if (reply) { - send_trans_reply(outbuf, rparam, rparam_len, rdata, rdata_len, False); + send_trans_reply(inbuf, + outbuf, + rparam, + rparam_len, + rdata, + rdata_len, + False); } SAFE_FREE(rdata); -- cgit From e26dee48f079f429690584aa2666f498e08e6810 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 28 Apr 2007 18:16:33 +0000 Subject: r22561: Fix a memleak in lanman.c: Nobody would free the session_list. Volker (This used to be commit 5d428400f77399b7fc30fb2a0fb10f0c74b96458) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index cd2750d759..05b1e812b2 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -4213,7 +4213,7 @@ static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, return False; } - num_sessions = list_sessions(&session_list); + num_sessions = list_sessions(tmp_talloc_ctx(), &session_list); if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); -- cgit From 4aa44f7475e03dcc596f6a13fffffda7268074a1 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 8 May 2007 13:44:36 +0000 Subject: r22761: This introduces lib/conn_tdb.c with two main functions: connections_traverse and connections_forall. This centralizes all the routines that did individual tdb_open("connections.tdb") and direct tdb_traverse. Volker (This used to be commit e43e94cda1ad8876b3cb5d1129080b57fa6ec214) --- source3/smbd/lanman.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 05b1e812b2..b235fd1698 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1894,7 +1894,8 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, goto error_exit; } else { SAFE_FREE(command); - message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL); + message_send_all(MSG_SMB_CONF_UPDATED, NULL, 0, + False, NULL); } } else { return False; -- cgit From 8c3f8e5697f29f1a9829298e0561ff7305b62082 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 15 May 2007 15:49:55 +0000 Subject: r22911: Pass a messaging_context to message_send_all (This used to be commit cc92ce665dcfe9054d09429219883b18a4cab090) --- source3/smbd/lanman.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index b235fd1698..fae6312080 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1894,7 +1894,8 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, goto error_exit; } else { SAFE_FREE(command); - message_send_all(MSG_SMB_CONF_UPDATED, NULL, 0, + message_send_all(smbd_messaging_context(), + MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL); } } else { -- cgit From ac3f08ddbe0b484375624db0e35999a8584b57f4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 21 May 2007 22:17:13 +0000 Subject: r23055: Rewrite messages.c to use auto-generated marshalling in the tdb. I'm doing this because for the clustering the marshalling is needed in more than one place, so I wanted a decent routine to marshall a message_rec struct which was not there before. Tridge, this seems about the same speed as it used to be before, the librpc/ndr overhead in my tests was under the noise. Volker (This used to be commit eaefd00563173dfabb7716c5695ac0a2f7139bb6) --- source3/smbd/lanman.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index fae6312080..0a9a529a85 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1895,8 +1895,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, } else { SAFE_FREE(command); message_send_all(smbd_messaging_context(), - MSG_SMB_CONF_UPDATED, NULL, 0, - False, NULL); + MSG_SMB_CONF_UPDATED, NULL, 0, NULL); } } else { return False; -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 0a9a529a85..5e0cdf09fc 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -9,7 +9,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, -- cgit From 5e54558c6dea67b56bbfaba5698f3a434d3dffb6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 00:52:41 +0000 Subject: r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07) --- source3/smbd/lanman.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 5e0cdf09fc..a7fe07b314 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -18,8 +18,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ /* This file handles the named pipe and mailslot calls -- cgit From 16443996b51f56b3c788d4f15e85ec0911a807b7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 19 Jul 2007 10:23:36 +0000 Subject: r23967: Memleak fix from Atsushi Nakabayashi Thanks! Volker (This used to be commit 46997a70199296d4ec45780f002898f23029bb26) --- source3/smbd/lanman.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index a7fe07b314..3568bb55b9 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -850,6 +850,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); if (!*rdata) { + SAFE_FREE(queue); return False; } desc.base = *rdata; @@ -882,6 +883,8 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); if (!*rparam) { + SAFE_FREE(queue); + SAFE_FREE(tmpdata); return False; } SSVALS(*rparam,0,desc.errcode); -- cgit From 6c6fed5e656d64df9c9c12d7909f2c2289208bf7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 2 Aug 2007 17:37:38 +0000 Subject: r24130: Explicitly pass flags2 to srvstr_push This is in preparation of the trans2 conversion: srvstr_push should not look at inbuf directly. (This used to be commit 5fd7e6a3821bea26d352e3edc23b7a216b1200e5) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 3568bb55b9..f7a4f9b0bd 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2866,7 +2866,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, p = *rdata; p2 = p + struct_len; if (uLevel != 20) { - srvstr_push(NULL, p,global_myname(),16, + srvstr_push(NULL, 0, p,global_myname(),16, STR_ASCII|STR_UPPER|STR_TERMINATE); } p += 16; -- cgit From d274724ebbbce15abe2c5cd73fca94453dfc2a84 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 5 Aug 2007 11:19:24 +0000 Subject: r24243: Remove reply_prep_legacy from api_reply (This used to be commit b01664b43b0bd94bb59dec57480d2be954a7298a) --- source3/smbd/lanman.c | 38 ++++++++++++++++---------------------- 1 file changed, 16 insertions(+), 22 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index f7a4f9b0bd..3673998f79 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -4366,16 +4366,11 @@ static const struct { Handle remote api calls. ****************************************************************************/ -int api_reply(connection_struct *conn, - uint16 vuid, - const char *inbuf, - char *outbuf, - char *data, - char *params, - int tdscnt, - int tpscnt, - int mdrcnt, - int mprcnt) +void api_reply(connection_struct *conn, uint16 vuid, + struct smb_request *req, + char *data, char *params, + int tdscnt, int tpscnt, + int mdrcnt, int mprcnt) { int api_command; char *rdata = NULL; @@ -4389,11 +4384,13 @@ int api_reply(connection_struct *conn, if (!params) { DEBUG(0,("ERROR: NULL params in api_reply()\n")); - return 0; + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; } if (tpscnt < 2) { - return 0; + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; } api_command = SVAL(params,0); /* Is there a string at position params+2 ? */ @@ -4426,7 +4423,8 @@ int api_reply(connection_struct *conn, user_struct *user = get_valid_user_struct(vuid); if (!user || user->guest) { - return ERROR_NT(NT_STATUS_ACCESS_DENIED); + reply_nterror(req, NT_STATUS_ACCESS_DENIED); + return; } } @@ -4444,7 +4442,8 @@ int api_reply(connection_struct *conn, DEBUG(0,("api_reply: malloc fail !\n")); SAFE_FREE(rdata); SAFE_FREE(rparam); - return -1; + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; } reply = api_commands[i].fn(conn, @@ -4468,16 +4467,11 @@ int api_reply(connection_struct *conn, /* If api_Unsupported returns false we can't return anything. */ if (reply) { - send_trans_reply(inbuf, - outbuf, - rparam, - rparam_len, - rdata, - rdata_len, - False); + send_trans_reply_new(req, rparam, rparam_len, + rdata, rdata_len, False); } SAFE_FREE(rdata); SAFE_FREE(rparam); - return -1; + return; } -- cgit From b0ed26faf088d921e876f3a850c3e146514cc7e8 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 5 Aug 2007 11:34:57 +0000 Subject: r24244: Complete the conversion of reply_trans[s] Remove reply_prep/post_legacy from send_trans_replies (This used to be commit c08366f840ead5aba7199cf0b058587055b4d98e) --- source3/smbd/lanman.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 3673998f79..1d6369c18b 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -4467,8 +4467,8 @@ void api_reply(connection_struct *conn, uint16 vuid, /* If api_Unsupported returns false we can't return anything. */ if (reply) { - send_trans_reply_new(req, rparam, rparam_len, - rdata, rdata_len, False); + send_trans_reply(req, rparam, rparam_len, + rdata, rdata_len, False); } SAFE_FREE(rdata); -- cgit From 929e1d99209e20a9c2c95c8bdfc8eaa37b2c2291 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 30 Aug 2007 19:48:31 +0000 Subject: r24809: Consolidate the use of temporary talloc contexts. This adds the two functions talloc_stackframe() and talloc_tos(). * When a new talloc stackframe is allocated with talloc_stackframe(), then * the TALLOC_CTX returned with talloc_tos() is reset to that new * frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse * happens: The previous talloc_tos() is restored. * * This API is designed to be robust in the sense that if someone forgets to * TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and * resets the talloc_tos(). The original motivation for this patch was to get rid of the sid_string_static & friends buffers. Explicitly passing talloc context everywhere clutters code too much for my taste, so an implicit talloc_tos() is introduced here. Many of these static buffers are replaced by a single static pointer. The intended use would thus be that low-level functions can rather freely push stuff to talloc_tos, the upper layers clean up by freeing the stackframe. The more of these stackframes are used and correctly freed the more exact the memory cleanup happens. This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and lp_talloc_ctx (did I forget any?) So, never do a tmp_ctx = talloc_init("foo"); anymore, instead, use tmp_ctx = talloc_stackframe() :-) Volker (This used to be commit 6585ea2cb7f417e14540495b9c7380fe9c8c717b) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 1d6369c18b..581ac90aeb 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -4216,7 +4216,7 @@ static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, return False; } - num_sessions = list_sessions(tmp_talloc_ctx(), &session_list); + num_sessions = list_sessions(talloc_tos(), &session_list); if (mdrcnt > 0) { *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); -- cgit From ff0947fbed841065fce85c64ff4b2a2e8f24f056 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 4 Sep 2007 10:15:04 +0000 Subject: r24949: Remove some static buffers (This used to be commit df648d47ff3c4e24f439fda839653bda98323100) --- source3/smbd/lanman.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 581ac90aeb..9eb2a283cc 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -116,18 +116,16 @@ static int StrlenExpanded(connection_struct *conn, int snum, char *s) static char *Expand(connection_struct *conn, int snum, char *s) { - static pstring buf; + pstring buf; if (!s) { return NULL; } StrnCpy(buf,s,sizeof(buf)/2); pstring_sub(buf,"%S",lp_servicename(snum)); - standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, - conn->connectpath, conn->gid, - get_current_username(), - current_user_info.domain, - buf, sizeof(buf)); - return &buf[0]; + return talloc_sub_advanced(talloc_tos(), lp_servicename(SNUM(conn)), + conn->user, conn->connectpath, conn->gid, + get_current_username(), + current_user_info.domain, buf); } /******************************************************************* -- cgit From 327ca9167ed28d2207444a93424cadef79d166b5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 11 Sep 2007 19:27:34 +0000 Subject: r25103: Ensure we don't return unwritten memory (valgrind caught). Jeremy. (This used to be commit b3f0d39d11fa18b7bfef6cec88efaf4a2be2d6e0) --- source3/smbd/lanman.c | 135 +++++++++++++++++++++++++++----------------------- 1 file changed, 74 insertions(+), 61 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 9eb2a283cc..37fcc658db 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -50,6 +50,20 @@ extern userdom_struct current_user_info; #define SHPWLEN 8 /* share password length */ +/* Limit size of ipc replies */ + +static char *smb_realloc_limit(void *ptr, size_t size) +{ + char *val; + + size = MAX((size),4*1024); + val = (char *)SMB_REALLOC(ptr,size); + if (val) { + memset(val,'\0',size); + } + return val; +} + static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, @@ -824,7 +838,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, */ *rdata_len = 0; *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -846,7 +860,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, } if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { SAFE_FREE(queue); return False; @@ -879,7 +893,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, *rdata_len = desc.usedlen; *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { SAFE_FREE(queue); SAFE_FREE(tmpdata); @@ -940,7 +954,7 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, */ *rdata_len = 0; *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -982,7 +996,7 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, } if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { goto err; } @@ -1008,7 +1022,7 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { goto err; } @@ -1381,11 +1395,10 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, } *rdata_len = fixed_len + string_len; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + *rdata = smb_realloc_limit(*rdata,*rdata_len); if (!*rdata) { return False; } - memset(*rdata,'\0',*rdata_len); p2 = (*rdata) + fixed_len; /* auxilliary data (strings) will go here */ p = *rdata; @@ -1411,7 +1424,7 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, } *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -1460,7 +1473,7 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, *rdata_len = 0; *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -1652,7 +1665,7 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, return False; } - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; } @@ -1663,7 +1676,7 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, } *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -1746,12 +1759,11 @@ static BOOL api_RNetShareEnum( connection_struct *conn, uint16 vuid, } *rdata_len = fixed_len + string_len; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + *rdata = smb_realloc_limit(*rdata,*rdata_len); if (!*rdata) { return False; } - memset(*rdata,0,*rdata_len); - + p2 = (*rdata) + fixed_len; /* auxiliary data (strings) will go here */ p = *rdata; f_len = fixed_len; @@ -1772,7 +1784,7 @@ static BOOL api_RNetShareEnum( connection_struct *conn, uint16 vuid, } *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -1902,7 +1914,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, } *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -1916,7 +1928,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, error_exit: *rparam_len = 4; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -1990,7 +2002,7 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, unbecome_root(); *rdata_len = cli_buf_size; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + *rdata = smb_realloc_limit(*rdata,*rdata_len); if (!*rdata) { return False; } @@ -2020,7 +2032,7 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, *rdata_len = PTR_DIFF(p,*rdata); *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -2066,16 +2078,16 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, } *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } - + /* check it's a supported varient */ - + if ( strcmp(str1,"zWrLeh") != 0 ) return False; - + switch( uLevel ) { case 0: level_string = "B21"; @@ -2088,10 +2100,11 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, return False; *rdata_len = mdrcnt + 1024; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + *rdata = smb_realloc_limit(*rdata,*rdata_len); if (!*rdata) { return False; } + SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ @@ -2213,7 +2226,7 @@ static BOOL api_RNetUserEnum(connection_struct *conn, uint16 vuid, resume_context, cli_buf_size)); *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -2223,7 +2236,7 @@ static BOOL api_RNetUserEnum(connection_struct *conn, uint16 vuid, return False; *rdata_len = cli_buf_size; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + *rdata = smb_realloc_limit(*rdata,*rdata_len); if (!*rdata) { return False; } @@ -2291,13 +2304,13 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *p; *rparam_len = 4; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } *rdata_len = 21; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + *rdata = smb_realloc_limit(*rdata,*rdata_len); if (!*rdata) { return False; } @@ -2381,7 +2394,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, memcpy(pass2,p+16,16); *rparam_len = 4; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -2458,7 +2471,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, fstring user; char *p = get_safe_str_ptr(param,tpscnt,param,2); *rparam_len = 2; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -2561,7 +2574,7 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, return(False); *rparam_len = 4; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -2633,7 +2646,7 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, return(False); *rparam_len = 4; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -2731,7 +2744,7 @@ static BOOL api_PrintJobInfo(connection_struct *conn, uint16 vuid, if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) return False; *rparam_len = 4; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -2856,7 +2869,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, } *rdata_len = mdrcnt; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + *rdata = smb_realloc_limit(*rdata,*rdata_len); if (!*rdata) { return False; } @@ -2915,7 +2928,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, *rdata_len = PTR_DIFF(p2,*rdata); *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -2950,7 +2963,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, DEBUG(4,("NetWkstaGetInfo level %d\n",level)); *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -2961,7 +2974,7 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, } *rdata_len = mdrcnt + 1024; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + *rdata = smb_realloc_limit(*rdata,*rdata_len); if (!*rdata) { return False; } @@ -3227,7 +3240,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, } *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -3252,7 +3265,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, } *rdata_len = mdrcnt + 1024; - *rdata = SMB_REALLOC_LIMIT(*rdata,*rdata_len); + *rdata = smb_realloc_limit(*rdata,*rdata_len); if (!*rdata) { return False; } @@ -3462,7 +3475,7 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, return False; } if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; } @@ -3504,7 +3517,7 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, *rdata_len = desc.usedlen; *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -3551,7 +3564,7 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, } *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -3623,7 +3636,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, } if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; } @@ -3649,7 +3662,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, } *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -3719,7 +3732,7 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, count = print_queue_status(snum,&queue,&status); if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; } @@ -3740,7 +3753,7 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -3867,7 +3880,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, desc.neededlen = 0; } else { if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; } @@ -3888,7 +3901,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, } *rparam_len = 6; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -3944,7 +3957,7 @@ static BOOL api_WPrintDestEnum(connection_struct *conn, uint16 vuid, } if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; } @@ -3969,7 +3982,7 @@ static BOOL api_WPrintDestEnum(connection_struct *conn, uint16 vuid, *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -4016,7 +4029,7 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, } if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; } @@ -4032,7 +4045,7 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -4078,7 +4091,7 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, } if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; } @@ -4095,7 +4108,7 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -4142,7 +4155,7 @@ static BOOL api_WPrintPortEnum(connection_struct *conn, uint16 vuid, } if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; } @@ -4160,7 +4173,7 @@ static BOOL api_WPrintPortEnum(connection_struct *conn, uint16 vuid, *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -4217,7 +4230,7 @@ static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, num_sessions = list_sessions(talloc_tos(), &session_list); if (mdrcnt > 0) { - *rdata = SMB_REALLOC_LIMIT(*rdata,mdrcnt); + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; } @@ -4245,7 +4258,7 @@ static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, *rdata_len = desc.usedlen; *rparam_len = 8; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -4269,7 +4282,7 @@ static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param, char int *rdata_len, int *rparam_len) { *rparam_len = MIN(*rparam_len,mprcnt); - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } @@ -4295,7 +4308,7 @@ static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, int *rdata_len, int *rparam_len) { *rparam_len = 4; - *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); + *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { return False; } -- cgit From eacd3140573d1122a3785823e4003bfc6352c431 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 13 Sep 2007 22:08:59 +0000 Subject: r25138: More pstring elimination. Add a TALLOC_CTX parameter to unix_convert(). Jeremy. (This used to be commit 39c211a702e91c34c1a5a689e1b0c4530ea8a1ac) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 37fcc658db..87cbc9183e 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -415,7 +415,7 @@ static void PackDriverData(struct pack_desc* desc) SIVAL(drivdata,0,sizeof drivdata); /* cb */ SIVAL(drivdata,4,1000); /* lVersion */ memset(drivdata+8,0,32); /* szDeviceName */ - push_ascii(drivdata+8,"NULL",-1, STR_TERMINATE); + push_ascii(drivdata+8,"NULL",32, STR_TERMINATE); PACKl(desc,"l",drivdata,sizeof drivdata); /* pDriverData */ } -- cgit From 30191d1a5704ad2b158386b511558972d539ce47 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 18 Oct 2007 17:40:25 -0700 Subject: RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f) --- source3/smbd/lanman.c | 100 +++++++++++++++++++++++++------------------------- 1 file changed, 50 insertions(+), 50 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 87cbc9183e..440b928ef0 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -64,14 +64,14 @@ static char *smb_realloc_limit(void *ptr, size_t size) return val; } -static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, +static bool api_Unsupported(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt, int mprcnt, char **rdata, char **rparam, int *rdata_len, int *rparam_len); -static BOOL api_TooSmall(connection_struct *conn, uint16 vuid, char *param, char *data, +static bool api_TooSmall(connection_struct *conn, uint16 vuid, char *param, char *data, int mdrcnt, int mprcnt, char **rdata, char **rparam, int *rdata_len, int *rparam_len); @@ -146,7 +146,7 @@ static char *Expand(connection_struct *conn, int snum, char *s) Check a API string for validity when we only need to check the prefix. ******************************************************************/ -static BOOL prefix_ok(const char *str, const char *prefix) +static bool prefix_ok(const char *str, const char *prefix) { return(strncmp(str,prefix,strlen(prefix)) == 0); } @@ -221,7 +221,7 @@ static int getlen(const char *p) return n; } -static BOOL init_package(struct pack_desc *p, int count, int subcount) +static bool init_package(struct pack_desc *p, int count, int subcount) { int n = p->buflen; int i; @@ -572,10 +572,10 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, Returns True if from tdb, False otherwise. ********************************************************************/ -static BOOL get_driver_name(int snum, pstring drivername) +static bool get_driver_name(int snum, pstring drivername) { NT_PRINTER_INFO_LEVEL *info = NULL; - BOOL in_tdb = False; + bool in_tdb = False; get_a_printer (NULL, &info, 2, lp_servicename(snum)); if (info != NULL) { @@ -787,7 +787,7 @@ static int get_printerdrivernumber(int snum) return result; } -static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, +static bool api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -915,7 +915,7 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, View list of all print jobs on all queues. ****************************************************************************/ -static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, +static bool api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt, int mprcnt, @@ -1060,7 +1060,7 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, Get info level for a server list query. ****************************************************************************/ -static BOOL check_server_info(int uLevel, char* id) +static bool check_server_info(int uLevel, char* id) { switch( uLevel ) { case 0: @@ -1084,7 +1084,7 @@ struct srv_info_struct { uint32 type; fstring comment; fstring domain; - BOOL server_added; + bool server_added; }; /******************************************************************* @@ -1099,7 +1099,7 @@ static int get_server_info(uint32 servertype, int count=0; int alloced=0; char **lines; - BOOL local_list_only; + bool local_list_only; int i; lines = file_lines_load(lock_path(SERVER_LIST), NULL, 0); @@ -1121,7 +1121,7 @@ static int get_server_info(uint32 servertype, fstring stype; struct srv_info_struct *s; const char *ptr = lines[i]; - BOOL ok = True; + bool ok = True; if (!*ptr) { continue; @@ -1280,7 +1280,7 @@ static int fill_srv_info(struct srv_info_struct *service, } -static BOOL srv_comp(struct srv_info_struct *s1,struct srv_info_struct *s2) +static bool srv_comp(struct srv_info_struct *s1,struct srv_info_struct *s2) { return(strcmp(s1->name,s2->name)); } @@ -1290,7 +1290,7 @@ static BOOL srv_comp(struct srv_info_struct *s1,struct srv_info_struct *s2) extracted from lists saved by nmbd on the local host. ****************************************************************************/ -static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, +static bool api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt, int mprcnt, char **rdata, @@ -1309,8 +1309,8 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, int counted=0,total=0; int i,missed; fstring domain; - BOOL domain_request; - BOOL local_request; + bool domain_request; + bool local_request; if (!str1 || !str2 || !p) { return False; @@ -1445,7 +1445,7 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, command 0x34 - suspected of being a "Lookup Names" stub api ****************************************************************************/ -static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, +static bool api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt, int mprcnt, char **rdata, @@ -1490,7 +1490,7 @@ static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, get info about a share ****************************************************************************/ -static BOOL check_share_info(int uLevel, char* id) +static bool check_share_info(int uLevel, char* id) { switch( uLevel ) { case 0: @@ -1634,7 +1634,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, return len; } -static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, +static bool api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -1697,7 +1697,7 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, Share names longer than 12 bytes must be skipped. ****************************************************************************/ -static BOOL api_RNetShareEnum( connection_struct *conn, uint16 vuid, +static bool api_RNetShareEnum( connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt, @@ -1715,7 +1715,7 @@ static BOOL api_RNetShareEnum( connection_struct *conn, uint16 vuid, char *p2; int count = 0; int total=0,counted=0; - BOOL missed = False; + bool missed = False; int i; int data_len, fixed_len, string_len; int f_len = 0, s_len = 0; @@ -1804,7 +1804,7 @@ static BOOL api_RNetShareEnum( connection_struct *conn, uint16 vuid, Add a share ****************************************************************************/ -static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, +static bool api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -1942,7 +1942,7 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, view list of groups available ****************************************************************************/ -static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, +static bool api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -2048,7 +2048,7 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, Get groups that a user is a member of. ******************************************************************/ -static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, +static bool api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -2063,7 +2063,7 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, const char *level_string; int count=0; struct samu *sampw = NULL; - BOOL ret = False; + bool ret = False; DOM_SID *sids; gid_t *gids; size_t num_groups; @@ -2188,7 +2188,7 @@ done: Get all users. ******************************************************************/ -static BOOL api_RNetUserEnum(connection_struct *conn, uint16 vuid, +static bool api_RNetUserEnum(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -2292,7 +2292,7 @@ static BOOL api_RNetUserEnum(connection_struct *conn, uint16 vuid, Get the time of day info. ****************************************************************************/ -static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, +static bool api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -2350,7 +2350,7 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, Set the user password. *****************************************************************************/ -static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, +static bool api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -2461,7 +2461,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, Set the user password (SamOEM version - gets plaintext). ****************************************************************************/ -static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, +static bool api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -2539,7 +2539,7 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, Form: <> ****************************************************************************/ -static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, +static bool api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -2622,7 +2622,7 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, Purge a print queue - or pause or resume it. ****************************************************************************/ -static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, +static bool api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -2714,7 +2714,7 @@ static int check_printjob_info(struct pack_desc* desc, return True; } -static BOOL api_PrintJobInfo(connection_struct *conn, uint16 vuid, +static bool api_PrintJobInfo(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -2802,7 +2802,7 @@ static BOOL api_PrintJobInfo(connection_struct *conn, uint16 vuid, Get info about the server. ****************************************************************************/ -static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, +static bool api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -2943,7 +2943,7 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, Get info about the server. ****************************************************************************/ -static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, +static bool api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -3211,7 +3211,7 @@ There is no auxiliary data in the response. #define AF_OP_ACCOUNTS 3 -static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, +static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -3431,7 +3431,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, return(True); } -static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, +static bool api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -3534,7 +3534,7 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, api_WAccessGetUserPerms ****************************************************************************/ -static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, +static bool api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -3579,7 +3579,7 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, api_WPrintJobEnumerate ****************************************************************************/ -static BOOL api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, +static bool api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -3678,7 +3678,7 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, return True; } -static BOOL api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, +static bool api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -3835,7 +3835,7 @@ static void fill_printdest_info(connection_struct *conn, int snum, int uLevel, } } -static BOOL api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, +static bool api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -3915,7 +3915,7 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, return True; } -static BOOL api_WPrintDestEnum(connection_struct *conn, uint16 vuid, +static bool api_WPrintDestEnum(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -3996,7 +3996,7 @@ static BOOL api_WPrintDestEnum(connection_struct *conn, uint16 vuid, return True; } -static BOOL api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, +static bool api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -4059,7 +4059,7 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, return True; } -static BOOL api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, +static bool api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -4122,7 +4122,7 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, return True; } -static BOOL api_WPrintPortEnum(connection_struct *conn, uint16 vuid, +static bool api_WPrintPortEnum(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -4191,7 +4191,7 @@ static BOOL api_WPrintPortEnum(connection_struct *conn, uint16 vuid, List open sessions ****************************************************************************/ -static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, +static bool api_RNetSessionEnum(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt,int mprcnt, @@ -4276,7 +4276,7 @@ static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, The buffer was too small. ****************************************************************************/ -static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param, char *data, +static bool api_TooSmall(connection_struct *conn,uint16 vuid, char *param, char *data, int mdrcnt, int mprcnt, char **rdata, char **rparam, int *rdata_len, int *rparam_len) @@ -4300,7 +4300,7 @@ static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param, char The request is not supported. ****************************************************************************/ -static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, +static bool api_Unsupported(connection_struct *conn, uint16 vuid, char *param, int tpscnt, char *data, int tdscnt, int mdrcnt, int mprcnt, @@ -4326,11 +4326,11 @@ static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, static const struct { const char *name; int id; - BOOL (*fn)(connection_struct *, uint16, + bool (*fn)(connection_struct *, uint16, char *, int, char *, int, int,int,char **,char **,int *,int *); - BOOL auth_user; /* Deny anonymous access? */ + bool auth_user; /* Deny anonymous access? */ } api_commands[] = { {"RNetShareEnum", RAP_WshareEnum, api_RNetShareEnum, True}, {"RNetShareGetInfo", RAP_WshareGetInfo, api_RNetShareGetInfo}, @@ -4390,7 +4390,7 @@ void api_reply(connection_struct *conn, uint16 vuid, const char *name2 = NULL; int rdata_len = 0; int rparam_len = 0; - BOOL reply=False; + bool reply=False; int i; if (!params) { -- cgit From d5791deefaa8ef67ee0573cd41f5eb22b37261a9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 12 Nov 2007 17:59:18 -0800 Subject: Remove pstrings from lanman.c Jeremy. (This used to be commit 7bfd25c75602e25da73710261a54da8e0feea133) --- source3/smbd/lanman.c | 202 ++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 148 insertions(+), 54 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 440b928ef0..4bd59a7aa6 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -77,26 +77,43 @@ static bool api_TooSmall(connection_struct *conn, uint16 vuid, char *param, char int *rdata_len, int *rparam_len); -static int CopyExpanded(connection_struct *conn, - int snum, char **dst, char *src, int *n) +static int CopyExpanded(connection_struct *conn, + int snum, char **dst, char *src, int *p_space_remaining) { - pstring buf; + TALLOC_CTX *ctx = talloc_tos(); + char *buf = NULL; int l; - if (!src || !dst || !n || !(*dst)) { + if (!src || !dst || !p_space_remaining || !(*dst) || + *p_space_remaining <= 0) { return 0; } - StrnCpy(buf,src,sizeof(buf)/2); - pstring_sub(buf,"%S",lp_servicename(snum)); - standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, - conn->connectpath, conn->gid, - get_current_username(), - current_user_info.domain, - buf, sizeof(buf)); - l = push_ascii(*dst,buf,*n, STR_TERMINATE); + buf = talloc_strdup(ctx, src); + if (!buf) { + *p_space_remaining = 0; + return 0; + } + buf = talloc_string_sub(ctx, buf,"%S",lp_servicename(snum)); + if (!buf) { + *p_space_remaining = 0; + return 0; + } + buf = talloc_sub_advanced(ctx, + lp_servicename(SNUM(conn)), + conn->user, + conn->connectpath, + conn->gid, + get_current_username(), + current_user_info.domain, + buf); + if (!buf) { + *p_space_remaining = 0; + return 0; + } + l = push_ascii(*dst,buf,*p_space_remaining, STR_TERMINATE); (*dst) += l; - (*n) -= l; + (*p_space_remaining) -= l; return l; } @@ -114,32 +131,57 @@ static int CopyAndAdvance(char **dst, char *src, int *n) static int StrlenExpanded(connection_struct *conn, int snum, char *s) { - pstring buf; + TALLOC_CTX *ctx = talloc_tos(); + char *buf = NULL; if (!s) { return 0; } - StrnCpy(buf,s,sizeof(buf)/2); - pstring_sub(buf,"%S",lp_servicename(snum)); - standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user, - conn->connectpath, conn->gid, - get_current_username(), - current_user_info.domain, - buf, sizeof(buf)); + buf = talloc_strdup(ctx,s); + if (!buf) { + return 0; + } + buf = talloc_string_sub(ctx,buf,"%S",lp_servicename(snum)); + if (!buf) { + return 0; + } + buf = talloc_sub_advanced(ctx, + lp_servicename(SNUM(conn)), + conn->user, + conn->connectpath, + conn->gid, + get_current_username(), + current_user_info.domain, + buf); + if (!buf) { + return 0; + } return strlen(buf) + 1; } static char *Expand(connection_struct *conn, int snum, char *s) { - pstring buf; + TALLOC_CTX *ctx = talloc_tos(); + char *buf = NULL; + if (!s) { return NULL; } - StrnCpy(buf,s,sizeof(buf)/2); - pstring_sub(buf,"%S",lp_servicename(snum)); - return talloc_sub_advanced(talloc_tos(), lp_servicename(SNUM(conn)), - conn->user, conn->connectpath, conn->gid, - get_current_username(), - current_user_info.domain, buf); + buf = talloc_strdup(ctx,s); + if (!buf) { + return 0; + } + buf = talloc_string_sub(ctx,buf,"%S",lp_servicename(snum)); + if (!buf) { + return 0; + } + return talloc_sub_advanced(ctx, + lp_servicename(SNUM(conn)), + conn->user, + conn->connectpath, + conn->gid, + get_current_username(), + current_user_info.domain, + buf); } /******************************************************************* @@ -572,16 +614,20 @@ static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, Returns True if from tdb, False otherwise. ********************************************************************/ -static bool get_driver_name(int snum, pstring drivername) +static bool get_driver_name(int snum, char **pp_drivername) { NT_PRINTER_INFO_LEVEL *info = NULL; - bool in_tdb = False; + bool in_tdb = false; get_a_printer (NULL, &info, 2, lp_servicename(snum)); if (info != NULL) { - pstrcpy( drivername, info->info_2->drivername); - in_tdb = True; + *pp_drivername = talloc_strdup(talloc_tos(), + info->info_2->drivername); + in_tdb = true; free_a_printer(&info, 2); + if (!*pp_drivername) { + return false; + } } return in_tdb; @@ -716,7 +762,7 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, } if (uLevel == 3 || uLevel == 4) { - pstring drivername; + char *drivername = NULL; PACKI(desc,"W",5); /* uPriority */ PACKI(desc,"W",0); /* uStarttime */ @@ -726,7 +772,7 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, PACKS(desc,"z","WinPrint"); /* pszPrProc */ PACKS(desc,"z",NULL); /* pszParms */ PACKS(desc,"z",NULL); /* pszComment - don't ask.... JRA */ - /* "don't ask" that it's done this way to fix corrupted + /* "don't ask" that it's done this way to fix corrupted Win9X/ME printer comments. */ if (!status) { PACKI(desc,"W",LPSTAT_OK); /* fsStatus */ @@ -735,7 +781,10 @@ static void fill_printq_info(connection_struct *conn, int snum, int uLevel, } PACKI(desc,(uLevel == 3 ? "W" : "N"),count); /* cJobs */ PACKS(desc,"z",SERVICE(snum)); /* pszPrinters */ - get_driver_name(snum,drivername); + get_driver_name(snum,&drivername); + if (!drivername) { + return; + } PACKS(desc,"z",drivername); /* pszDriverName */ PackDriverData(desc); /* pDriverData */ } @@ -1817,12 +1866,12 @@ static bool api_RNetShareAdd(connection_struct *conn,uint16 vuid, int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); fstring sharename; fstring comment; - pstring pathname; + char *pathname = NULL; char *command, *cmdname; unsigned int offset; int snum; int res = ERRunsup; - + if (!str1 || !str2 || !p) { return False; } @@ -1881,7 +1930,11 @@ static bool api_RNetShareAdd(connection_struct *conn,uint16 vuid, if (skip_string(data,mdrcnt,data+offset) == NULL) { return False; } - pull_ascii_pstring(pathname, offset? (data+offset) : ""); + + pull_ascii_talloc(talloc_tos(), &pathname, offset? (data+offset) : ""); + if (!pathname) { + return false; + } string_replace(sharename, '"', ' '); string_replace(pathname, '"', ' '); @@ -2884,16 +2937,25 @@ static bool api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, if (uLevel > 0) { struct srv_info_struct *servers=NULL; int i,count; - pstring comment; + char *comment = NULL; + TALLOC_CTX *ctx = talloc_tos(); uint32 servertype= lp_default_server_announce(); - push_ascii(comment,lp_serverstring(), MAX_SERVER_STRING_LENGTH,STR_TERMINATE); + comment = talloc_strdup(ctx,lp_serverstring()); + if (!comment) { + return false; + } if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) { for (i=0;iuser, - conn->connectpath, conn->gid, - get_current_username(), - current_user_info.domain, - comment, sizeof(comment)); - StrnCpy(p2,comment,MAX(mdrcnt - struct_len,0)); + comment = talloc_sub_advanced(ctx, + lp_servicename(SNUM(conn)), + conn->user, + conn->connectpath, + conn->gid, + get_current_username(), + current_user_info.domain, + comment); + if (comment) { + return false; + } + if (mdrcnt - struct_len <= 0) { + return false; + } + push_ascii(p2, + comment, + MIN(mdrcnt - struct_len, + MAX_SERVER_STRING_LENGTH), + STR_TERMINATE); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3231,7 +3306,7 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, Don't depend on vuser being non-null !!. JRA */ user_struct *vuser = get_valid_user_struct(vuid); if(vuser != NULL) { - DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, + DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, vuser->user.unix_name)); } @@ -3246,7 +3321,7 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, } DEBUG(4,("RNetUserGetInfo level=%d\n", uLevel)); - + /* check it's a supported variant */ if (strcmp(str1,"zWrLh") != 0) { return False; @@ -3279,7 +3354,7 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, return False; } - memset(p,0,21); + memset(p,0,21); fstrcpy(p+usri11_name,UserName); /* 21 bytes - user name */ if (uLevel > 0) { @@ -3410,10 +3485,29 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SSVALS(p,104,-1); /* num_logons */ SIVAL(p,106,PTR_DIFF(p2,*rdata)); /* logon_server */ { - pstring tmp; - pstrcpy(tmp, "\\\\%L"); - standard_sub_basic("", "", tmp, sizeof(tmp)); - pstrcpy(p2, tmp); + TALLOC_CTX *ctx = talloc_tos(); + int space_rem = *rdata_len - (p2 - *rdata); + char *tmp; + + if (space_rem <= 0) { + return false; + } + tmp = talloc_strdup(ctx, "\\\\%L"); + if (!tmp) { + return false; + } + tmp = talloc_sub_basic(ctx, + "", + "", + tmp); + if (!tmp) { + return false; + } + + push_ascii(p2, + tmp, + space_rem, + STR_TERMINATE); } p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { -- cgit From cae4c742a896c6adb02b3e7a3c091d02aebb7339 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 19 Nov 2007 17:43:28 -0800 Subject: Always check return from push_ascii. Jeremy. (This used to be commit 9c3d10521e691169cfbb8b728f123911c3c970ae) --- source3/smbd/lanman.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 4bd59a7aa6..b2e435e97f 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -112,6 +112,9 @@ static int CopyExpanded(connection_struct *conn, return 0; } l = push_ascii(*dst,buf,*p_space_remaining, STR_TERMINATE); + if (l == -1) { + return 0; + } (*dst) += l; (*p_space_remaining) -= l; return l; @@ -124,6 +127,9 @@ static int CopyAndAdvance(char **dst, char *src, int *n) return 0; } l = push_ascii(*dst,src,*n, STR_TERMINATE); + if (l == -1) { + return 0; + } (*dst) += l; (*n) -= l; return l; -- cgit From d4bfafa29c62c69b002b1ca9f527c51c00fd3fd6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 26 Nov 2007 15:28:13 +0100 Subject: Fix bug 5055 (This used to be commit 8bcd2df841bae63e7d58c35d4728b7d853471697) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index b2e435e97f..17ab891c64 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1380,7 +1380,7 @@ static bool api_RNetServerEnum(connection_struct *conn, uint16 vuid, } /* If someone sets SV_TYPE_LOCAL_LIST_ONLY but hasn't set - any other bit (they may just set this bit on it's own) they + any other bit (they may just set this bit on its own) they want all the locally seen servers. However this bit can be set on its own so set the requested servers to be ALL - DOMAIN_ENUM. */ -- cgit From b9342eaaa6bf61f559e4173d7ea58acc1a0a9705 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 3 Dec 2007 15:19:22 -0800 Subject: Remove unused wpstring and macros. Stop using pstrcpy in smbd/*.c Jeremy. (This used to be commit e72bce5b62fb0a9d0ff4a3d76490219994f303cf) --- source3/smbd/lanman.c | 60 +++++++++++++++++++++++++++++---------------------- 1 file changed, 34 insertions(+), 26 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 17ab891c64..b194fc6231 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2130,6 +2130,7 @@ static bool api_NetUserGetGroups(connection_struct *conn,uint16 vuid, NTSTATUS result; DOM_SID user_sid; enum lsa_SidType type; + char *endp = NULL; TALLOC_CTX *mem_ctx; if (!str1 || !str2 || !UserName || !p) { @@ -2168,6 +2169,7 @@ static bool api_NetUserGetGroups(connection_struct *conn,uint16 vuid, SSVAL(*rparam,2,0); /* converter word */ p = *rdata; + endp = *rdata + *rdata_len; mem_ctx = talloc_new(NULL); if (mem_ctx == NULL) { @@ -2181,7 +2183,7 @@ static bool api_NetUserGetGroups(connection_struct *conn,uint16 vuid, return False; } - /* Lookup the user information; This should only be one of + /* Lookup the user information; This should only be one of our accounts (not remote domains) */ become_root(); /* ROOT BLOCK */ @@ -2218,12 +2220,11 @@ static bool api_NetUserGetGroups(connection_struct *conn,uint16 vuid, } for (i=0; i return parameter number of entries * h -> return parameter total number of users */ - + resume_context = get_safe_SVAL(param,tpscnt,p,0,-1); cli_buf_size= get_safe_SVAL(param,tpscnt,p,2,0); DEBUG(10,("api_RNetUserEnum:resume context: %d, client buffer size: %d\n", @@ -2301,6 +2303,7 @@ static bool api_RNetUserEnum(connection_struct *conn, uint16 vuid, } p = *rdata; + endp = *rdata + *rdata_len; become_root(); search = pdb_search_users(ACB_NORMAL); @@ -2319,13 +2322,13 @@ static bool api_RNetUserEnum(connection_struct *conn, uint16 vuid, for (i=0; i= 10) { SIVAL(p,usri11_comment,PTR_DIFF(p2,p)); /* comment */ - pstrcpy(p2,"Comment"); + strlcpy(p2,"Comment",PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } SIVAL(p,usri11_usr_comment,PTR_DIFF(p2,p)); /* user_comment */ - pstrcpy(p2,"UserComment"); + strlcpy(p2,"UserComment",PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3385,7 +3393,7 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, /* EEK! the cifsrap.txt doesn't have this in!!!! */ SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */ - pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); + strlcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName),PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3398,13 +3406,13 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SIVAL(p,usri11_auth_flags,AF_OP_PRINT); /* auth flags */ SIVALS(p,usri11_password_age,-1); /* password age */ SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */ - pstrcpy(p2, vuser && vuser->homedir ? vuser->homedir : ""); + strlcpy(p2, vuser && vuser->homedir ? vuser->homedir : "",PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } SIVAL(p,usri11_parms,PTR_DIFF(p2,p)); /* parms */ - pstrcpy(p2,""); + strlcpy(p2,"",PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3414,7 +3422,7 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SSVALS(p,usri11_bad_pw_count,-1); /* bad pw counts */ SSVALS(p,usri11_num_logons,-1); /* num logons */ SIVAL(p,usri11_logon_server,PTR_DIFF(p2,p)); /* logon server */ - pstrcpy(p2,"\\\\*"); + strlcpy(p2,"\\\\*",PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3422,7 +3430,7 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SSVAL(p,usri11_country_code,0); /* country code */ SIVAL(p,usri11_workstations,PTR_DIFF(p2,p)); /* workstations */ - pstrcpy(p2,""); + strlcpy(p2,"",PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3449,7 +3457,7 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, SSVAL(p,42, conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ - pstrcpy(p2, vuser && vuser->homedir ? vuser->homedir : ""); + strlcpy(p2, vuser && vuser->homedir ? vuser->homedir : "",PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3458,7 +3466,7 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, *p2++ = 0; SSVAL(p,52,0); /* flags */ SIVAL(p,54,PTR_DIFF(p2,*rdata)); /* script_path */ - pstrcpy(p2,vuser && vuser->logon_script ? vuser->logon_script : ""); + strlcpy(p2,vuser && vuser->logon_script ? vuser->logon_script : "",PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3466,14 +3474,14 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, if (uLevel == 2) { SIVAL(p,60,0); /* auth_flags */ SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ - pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); + strlcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName),PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; } SIVAL(p,68,0); /* urs_comment */ SIVAL(p,72,PTR_DIFF(p2,*rdata)); /* parms */ - pstrcpy(p2,""); + strlcpy(p2,"",PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; -- cgit From 42cfffae80480eae4381902fff3f7c61f858a933 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 7 Dec 2007 17:32:32 -0800 Subject: Remove next_token - all uses must now be next_token_talloc. No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de) --- source3/smbd/lanman.c | 51 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 35 insertions(+), 16 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index b194fc6231..feb5fa4b05 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1177,11 +1177,13 @@ static int get_server_info(uint32 servertype, struct srv_info_struct *s; const char *ptr = lines[i]; bool ok = True; + TALLOC_CTX *frame = NULL; + char *p; if (!*ptr) { continue; } - + if (count == alloced) { alloced += 10; *servers = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced); @@ -1193,26 +1195,43 @@ static int get_server_info(uint32 servertype, memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count)); } s = &(*servers)[count]; - - if (!next_token(&ptr,s->name, NULL, sizeof(s->name))) { + + frame = talloc_stackframe(); + s->name[0] = '\0'; + if (!next_token_talloc(frame,&ptr,&p, NULL)) { + TALLOC_FREE(frame); continue; } - if (!next_token(&ptr,stype, NULL, sizeof(stype))) { + fstrcpy(s->name, p); + + stype[0] = '\0'; + if (!next_token_talloc(frame,&ptr, &p, NULL)) { + TALLOC_FREE(frame); continue; } - if (!next_token(&ptr,s->comment, NULL, sizeof(s->comment))) { + fstrcpy(stype, p); + + s->comment[0] = '\0'; + if (!next_token_talloc(frame,&ptr, &p, NULL)) { + TALLOC_FREE(frame); continue; } - if (!next_token(&ptr,s->domain, NULL, sizeof(s->domain))) { + fstrcpy(s->comment, p); + + s->domain[0] = '\0'; + if (!next_token_talloc(frame,&ptr,&p, NULL)) { /* this allows us to cope with an old nmbd */ - fstrcpy(s->domain,lp_workgroup()); + fstrcpy(s->domain,lp_workgroup()); + } else { + fstrcpy(s->domain, p); } - - if (sscanf(stype,"%X",&s->type) != 1) { - DEBUG(4,("r:host file ")); - ok = False; + TALLOC_FREE(frame); + + if (sscanf(stype,"%X",&s->type) != 1) { + DEBUG(4,("r:host file ")); + ok = False; } - + /* Filter the servers/domains we return based on what was asked for. */ /* Check to see if we are being asked for a local list only. */ @@ -1222,11 +1241,11 @@ static int get_server_info(uint32 servertype, } /* doesn't match up: don't want it */ - if (!(servertype & s->type)) { - DEBUG(4,("r:serv type ")); - ok = False; + if (!(servertype & s->type)) { + DEBUG(4,("r:serv type ")); + ok = False; } - + if ((servertype & SV_TYPE_DOMAIN_ENUM) != (s->type & SV_TYPE_DOMAIN_ENUM)) { DEBUG(4,("s: dom mismatch ")); -- cgit From 7faee02d0d351c5c039e8f1be7e82ce3a93cbe96 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 10 Dec 2007 11:30:37 -0800 Subject: Remove the char[1024] strings from dynconfig. Replace them with malloc'ing accessor functions. Should save a lot of static space :-). Jeremy. (This used to be commit 52dc5eaef2106015b3a8b659e818bdb15ad94b05) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index feb5fa4b05..7df7de36dc 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1972,7 +1972,7 @@ static bool api_RNetShareAdd(connection_struct *conn,uint16 vuid, } asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"", - lp_add_share_cmd(), dyn_CONFIGFILE, sharename, pathname, comment); + lp_add_share_cmd(), get_dyn_CONFIGFILE(), sharename, pathname, comment); if (command) { DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); -- cgit From 900288a2b86abd247f9eb4cd15dc5617a17cfef1 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 15 Dec 2007 21:11:36 +0100 Subject: Replace sid_string_static by sid_string_dbg in DEBUGs (This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 7df7de36dc..3ab216c062 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2221,7 +2221,7 @@ static bool api_NetUserGetGroups(connection_struct *conn,uint16 vuid, if ( !pdb_getsampwsid(sampw, &user_sid) ) { DEBUG(10, ("pdb_getsampwsid(%s) failed for user %s\n", - sid_string_static(&user_sid), UserName)); + sid_string_dbg(&user_sid), UserName)); goto done; } -- cgit From 9254bb4ef1c3c3a52ea8e935edb0e7a86ec3ea7a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 4 Jan 2008 12:56:23 -0800 Subject: Refactor the crypto code after a very helpful conversation with Volker. Mostly making sure we have data on the incoming packet type, not stored in the smb header. Jeremy. (This used to be commit c4e5a505043965eec77b5bb9bc60957e8f3b97c8) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 3ab216c062..5a6df1f139 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -4605,7 +4605,7 @@ void api_reply(connection_struct *conn, uint16 vuid, /* If api_Unsupported returns false we can't return anything. */ if (reply) { - send_trans_reply(req, rparam, rparam_len, + send_trans_reply(conn, req, rparam, rparam_len, rdata, rdata_len, False); } -- cgit From 55af880341226f8ecd864cbe046af8434a961278 Mon Sep 17 00:00:00 2001 From: Karolin Seeger Date: Tue, 5 Feb 2008 15:32:14 +0100 Subject: Fix typo. Karolin (This used to be commit 3745e398b1cc4d1b76a7cb4ee9c998ff16b454b9) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 5a6df1f139..18e6bf9f7b 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -3175,7 +3175,7 @@ static bool api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, where: - usri11_name specifies the user name for which information is retireved + usri11_name specifies the user name for which information is retrieved usri11_pad aligns the next data structure element to a word boundary -- cgit From a4c0812af0132476dfd542ca212304de898fa7c7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 2 Apr 2008 15:54:49 +0200 Subject: Fix some "ignoring asprintf result" warnings (This used to be commit 155d62ddfd3584d44a493c2aa1ea7f096bcff432) --- source3/smbd/lanman.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 18e6bf9f7b..6fa4f9698d 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1971,24 +1971,24 @@ static bool api_RNetShareAdd(connection_struct *conn,uint16 vuid, return False; } - asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"", - lp_add_share_cmd(), get_dyn_CONFIGFILE(), sharename, pathname, comment); + if (asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"", + lp_add_share_cmd(), get_dyn_CONFIGFILE(), sharename, + pathname, comment) == -1) { + return false; + } - if (command) { - DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); + DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); - if ((res = smbrun(command, NULL)) != 0) { - DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n", command, res )); - SAFE_FREE(command); - res = ERRnoaccess; - goto error_exit; - } else { - SAFE_FREE(command); - message_send_all(smbd_messaging_context(), - MSG_SMB_CONF_UPDATED, NULL, 0, NULL); - } + if ((res = smbrun(command, NULL)) != 0) { + DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n", + command, res )); + SAFE_FREE(command); + res = ERRnoaccess; + goto error_exit; } else { - return False; + SAFE_FREE(command); + message_send_all(smbd_messaging_context(), + MSG_SMB_CONF_UPDATED, NULL, 0, NULL); } *rparam_len = 6; -- cgit From 1b2bf00fb98417434f653ce869226887d97aaeb2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 29 Apr 2008 12:47:55 +0200 Subject: Remove "homedir" from "struct user_struct" (This used to be commit 41f9afd62d8cc6067582d452f3d53a5c67253b69) --- source3/smbd/lanman.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 6fa4f9698d..be8aa58e7f 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -3420,12 +3420,17 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, } if (uLevel == 11) { + const char *homedir = ""; + if (vuser != NULL) { + homedir = pdb_get_homedir( + vuser->server_info->sam_account); + } /* modelled after NTAS 3.51 reply */ SSVAL(p,usri11_priv,conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,usri11_auth_flags,AF_OP_PRINT); /* auth flags */ SIVALS(p,usri11_password_age,-1); /* password age */ SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */ - strlcpy(p2, vuser && vuser->homedir ? vuser->homedir : "",PTR_DIFF(endp,p2)); + strlcpy(p2, homedir, PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3471,12 +3476,17 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, } if (uLevel == 1 || uLevel == 2) { + const char *homedir = ""; + if (vuser != NULL) { + homedir = pdb_get_homedir( + vuser->server_info->sam_account); + } memset(p+22,' ',16); /* password */ SIVALS(p,38,-1); /* password age */ SSVAL(p,42, conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ - strlcpy(p2, vuser && vuser->homedir ? vuser->homedir : "",PTR_DIFF(endp,p2)); + strlcpy(p2, homedir, PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; -- cgit From faa5e8e12c58376db0323a4e4855454ed53dcc00 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 29 Apr 2008 13:28:40 +0200 Subject: Remove "logon_script" from "struct user_struct" (This used to be commit b36fd84186a656f86e4cfb9166fc0ecbffb422cb) --- source3/smbd/lanman.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index be8aa58e7f..39d49334e0 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -3476,17 +3476,14 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, } if (uLevel == 1 || uLevel == 2) { - const char *homedir = ""; - if (vuser != NULL) { - homedir = pdb_get_homedir( - vuser->server_info->sam_account); - } memset(p+22,' ',16); /* password */ SIVALS(p,38,-1); /* password age */ SSVAL(p,42, conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ - strlcpy(p2, homedir, PTR_DIFF(endp,p2)); + strlcpy(p2, vuser ? pdb_get_homedir( + vuser->server_info->sam_account) : "", + PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3495,7 +3492,9 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, *p2++ = 0; SSVAL(p,52,0); /* flags */ SIVAL(p,54,PTR_DIFF(p2,*rdata)); /* script_path */ - strlcpy(p2,vuser && vuser->logon_script ? vuser->logon_script : "",PTR_DIFF(endp,p2)); + strlcpy(p2, vuser ? pdb_get_logon_script( + vuser->server_info->sam_account) : "", + PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3648,7 +3647,8 @@ static bool api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, } PACKS(&desc,"z",lp_workgroup());/* domain */ - PACKS(&desc,"z", vuser && vuser->logon_script ? vuser->logon_script :""); /* script path */ + PACKS(&desc,"z", vuser ? pdb_get_logon_script( + vuser->server_info->sam_account) : ""); /* script path */ PACKI(&desc,"D",0x00000000); /* reserved */ } -- cgit From c6d209f8342d56adc52a6c8ab99a4a2e17d409b2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 29 Apr 2008 13:43:10 +0200 Subject: Remove the unix token info from "struct user_struct" (This used to be commit aa2299d42adf4d27e707ac755e07be70d0af1bb4) --- source3/smbd/lanman.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 39d49334e0..7ba4b64477 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -3338,8 +3338,9 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, Don't depend on vuser being non-null !!. JRA */ user_struct *vuser = get_valid_user_struct(vuid); if(vuser != NULL) { - DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, - vuser->user.unix_name)); + DEBUG(3,(" Username of UID %d is %s\n", + (int)vuser->server_info->uid, + vuser->user.unix_name)); } if (!str1 || !str2 || !UserName || !p) { @@ -3589,8 +3590,9 @@ static bool api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, } if(vuser != NULL) { - DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, - vuser->user.unix_name)); + DEBUG(3,(" Username of UID %d is %s\n", + (int)vuser->server_info->uid, + vuser->user.unix_name)); } uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); -- cgit From 71ff1ba2deddf8fa12b034518e92e0a461871388 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 29 Apr 2008 13:45:58 +0200 Subject: Remove "guest" from "struct user_struct" (This used to be commit 570a6b80feb5b0dc23213ba936c721e766cd4818) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 7ba4b64477..a3687451d5 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -4572,7 +4572,7 @@ void api_reply(connection_struct *conn, uint16 vuid, if (api_commands[i].auth_user && lp_restrict_anonymous()) { user_struct *user = get_valid_user_struct(vuid); - if (!user || user->guest) { + if (!user || user->server_info->guest) { reply_nterror(req, NT_STATUS_ACCESS_DENIED); return; } -- cgit From bec1dfab27be3db888eeb451b4547f16e08e93c3 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 30 Apr 2008 17:42:39 +0200 Subject: Remove "userdom_struct user" from "struct user_struct" (This used to be commit 420de035237bb08bc470c9eb820f3da2edaa6805) --- source3/smbd/lanman.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index a3687451d5..a233893482 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -3340,7 +3340,7 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, if(vuser != NULL) { DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->server_info->uid, - vuser->user.unix_name)); + vuser->server_info->unix_name)); } if (!str1 || !str2 || !UserName || !p) { @@ -3413,7 +3413,9 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, /* EEK! the cifsrap.txt doesn't have this in!!!! */ SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */ - strlcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName),PTR_DIFF(endp,p2)); + strlcpy(p2,((vuser != NULL) + ? pdb_get_fullname(vuser->server_info->sam_account) + : UserName),PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3503,7 +3505,9 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, if (uLevel == 2) { SIVAL(p,60,0); /* auth_flags */ SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ - strlcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName),PTR_DIFF(endp,p2)); + strlcpy(p2,((vuser != NULL) + ? pdb_get_fullname(vuser->server_info->sam_account) + : UserName),PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; @@ -3592,7 +3596,7 @@ static bool api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, if(vuser != NULL) { DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->server_info->uid, - vuser->user.unix_name)); + vuser->server_info->unix_name)); } uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); -- cgit From 53a623d8a69b5dd7fbd964013032878e09032375 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 8 May 2008 15:53:55 +0200 Subject: Remove the unix token info from connection_struct (This used to be commit 2834dacc8d49f77fe55fb5d7e3eb2dda431d1d3d) --- source3/smbd/lanman.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index a233893482..4309622b26 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -103,7 +103,7 @@ static int CopyExpanded(connection_struct *conn, lp_servicename(SNUM(conn)), conn->user, conn->connectpath, - conn->gid, + conn->server_info->gid, get_current_username(), current_user_info.domain, buf); @@ -154,7 +154,7 @@ static int StrlenExpanded(connection_struct *conn, int snum, char *s) lp_servicename(SNUM(conn)), conn->user, conn->connectpath, - conn->gid, + conn->server_info->gid, get_current_username(), current_user_info.domain, buf); @@ -184,7 +184,7 @@ static char *Expand(connection_struct *conn, int snum, char *s) lp_servicename(SNUM(conn)), conn->user, conn->connectpath, - conn->gid, + conn->server_info->gid, get_current_username(), current_user_info.domain, buf); @@ -3002,7 +3002,7 @@ static bool api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, lp_servicename(SNUM(conn)), conn->user, conn->connectpath, - conn->gid, + conn->server_info->gid, get_current_username(), current_user_info.domain, comment); -- cgit From 5bda9a8af02c7889e15e580a5620689aa312a16a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 8 May 2008 16:06:42 +0200 Subject: Remove "user" from connection_struct (This used to be commit 368454a27cb53a408ec416cbf37235b304592fb5) --- source3/smbd/lanman.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 4309622b26..413b916f7b 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -101,7 +101,7 @@ static int CopyExpanded(connection_struct *conn, } buf = talloc_sub_advanced(ctx, lp_servicename(SNUM(conn)), - conn->user, + conn->server_info->unix_name, conn->connectpath, conn->server_info->gid, get_current_username(), @@ -152,7 +152,7 @@ static int StrlenExpanded(connection_struct *conn, int snum, char *s) } buf = talloc_sub_advanced(ctx, lp_servicename(SNUM(conn)), - conn->user, + conn->server_info->unix_name, conn->connectpath, conn->server_info->gid, get_current_username(), @@ -182,7 +182,7 @@ static char *Expand(connection_struct *conn, int snum, char *s) } return talloc_sub_advanced(ctx, lp_servicename(SNUM(conn)), - conn->user, + conn->server_info->unix_name, conn->connectpath, conn->server_info->gid, get_current_username(), @@ -3000,7 +3000,7 @@ static bool api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, SIVAL(p,6,PTR_DIFF(p2,*rdata)); comment = talloc_sub_advanced(ctx, lp_servicename(SNUM(conn)), - conn->user, + conn->server_info->unix_name, conn->connectpath, conn->server_info->gid, get_current_username(), -- cgit From fb37f156009611af0dd454a0fb0829a09cd638ac Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Tue, 29 Apr 2008 14:36:24 -0700 Subject: Cleanup size_t return values in callers of convert_string_allocate This patch is the second iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure. (This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d) --- source3/smbd/lanman.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 413b916f7b..d6c76c54c1 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1896,6 +1896,7 @@ static bool api_RNetShareAdd(connection_struct *conn,uint16 vuid, unsigned int offset; int snum; int res = ERRunsup; + size_t converted_size; if (!str1 || !str2 || !p) { return False; @@ -1956,7 +1957,13 @@ static bool api_RNetShareAdd(connection_struct *conn,uint16 vuid, return False; } - pull_ascii_talloc(talloc_tos(), &pathname, offset? (data+offset) : ""); + if (!pull_ascii_talloc(talloc_tos(), &pathname, + offset ? (data+offset) : "", &converted_size)) + { + DEBUG(0,("api_RNetShareAdd: pull_ascii_talloc failed: %s", + strerror(errno))); + } + if (!pathname) { return false; } -- cgit From f4d8141174cf75984978e80b6a040b98423089f6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 11 May 2008 01:02:52 +0200 Subject: Remove reference to current_user_info from lanman.c (This used to be commit f52d7c3faba4aa815d95883775f4859251406161) --- source3/smbd/lanman.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index d6c76c54c1..fce58d069b 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -28,7 +28,6 @@ #include "includes.h" extern struct current_user current_user; -extern userdom_struct current_user_info; #ifdef CHECK_TYPES #undef CHECK_TYPES @@ -105,7 +104,7 @@ static int CopyExpanded(connection_struct *conn, conn->connectpath, conn->server_info->gid, get_current_username(), - current_user_info.domain, + pdb_get_domain(conn->server_info->sam_account), buf); if (!buf) { *p_space_remaining = 0; @@ -156,7 +155,7 @@ static int StrlenExpanded(connection_struct *conn, int snum, char *s) conn->connectpath, conn->server_info->gid, get_current_username(), - current_user_info.domain, + pdb_get_domain(conn->server_info->sam_account), buf); if (!buf) { return 0; @@ -186,7 +185,7 @@ static char *Expand(connection_struct *conn, int snum, char *s) conn->connectpath, conn->server_info->gid, get_current_username(), - current_user_info.domain, + pdb_get_domain(conn->server_info->sam_account), buf); } @@ -3005,14 +3004,15 @@ static bool api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, SIVAL(p,6,0); } else { SIVAL(p,6,PTR_DIFF(p2,*rdata)); - comment = talloc_sub_advanced(ctx, - lp_servicename(SNUM(conn)), - conn->server_info->unix_name, - conn->connectpath, - conn->server_info->gid, - get_current_username(), - current_user_info.domain, - comment); + comment = talloc_sub_advanced( + ctx, + lp_servicename(SNUM(conn)), + conn->server_info->unix_name, + conn->connectpath, + conn->server_info->gid, + get_current_username(), + pdb_get_domain(conn->server_info->sam_account), + comment); if (comment) { return false; } @@ -3111,7 +3111,7 @@ static bool api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); - strlcpy(p2,current_user_info.smb_name,PTR_DIFF(endp,p2)); + strlcpy(p2,conn->server_info->sanitized_username,PTR_DIFF(endp,p2)); p2 = skip_string(*rdata,*rdata_len,p2); if (!p2) { return False; -- cgit From 50ab871813d8281760e0c70d454cba996e0b67d8 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 11 May 2008 11:26:33 +0200 Subject: Remove some references to get_current_username() and current_user_info (This used to be commit 344d69f95e217d16213eaa6b53141af6ab459708) --- source3/smbd/lanman.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index fce58d069b..31d4a39842 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -103,7 +103,7 @@ static int CopyExpanded(connection_struct *conn, conn->server_info->unix_name, conn->connectpath, conn->server_info->gid, - get_current_username(), + conn->server_info->sanitized_username, pdb_get_domain(conn->server_info->sam_account), buf); if (!buf) { @@ -154,7 +154,7 @@ static int StrlenExpanded(connection_struct *conn, int snum, char *s) conn->server_info->unix_name, conn->connectpath, conn->server_info->gid, - get_current_username(), + conn->server_info->sanitized_username, pdb_get_domain(conn->server_info->sam_account), buf); if (!buf) { @@ -184,7 +184,7 @@ static char *Expand(connection_struct *conn, int snum, char *s) conn->server_info->unix_name, conn->connectpath, conn->server_info->gid, - get_current_username(), + conn->server_info->sanitized_username, pdb_get_domain(conn->server_info->sam_account), buf); } @@ -3010,7 +3010,7 @@ static bool api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, conn->server_info->unix_name, conn->connectpath, conn->server_info->gid, - get_current_username(), + conn->server_info->sanitized_username, pdb_get_domain(conn->server_info->sam_account), comment); if (comment) { -- cgit From 40f5eab5eb515937e1b23cf6762b77c194d29b9d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 19 Jun 2008 16:54:12 +0200 Subject: Wrap the unix token info in a unix_user_token in auth_serversupplied_info No functional change, this is a preparation for more current_user ref removal (This used to be commit dcaedf345e62ab74ea87f0a3fa1e3199c75c5445) --- source3/smbd/lanman.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 31d4a39842..226e0d5789 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -102,7 +102,7 @@ static int CopyExpanded(connection_struct *conn, lp_servicename(SNUM(conn)), conn->server_info->unix_name, conn->connectpath, - conn->server_info->gid, + conn->server_info->utok.gid, conn->server_info->sanitized_username, pdb_get_domain(conn->server_info->sam_account), buf); @@ -153,7 +153,7 @@ static int StrlenExpanded(connection_struct *conn, int snum, char *s) lp_servicename(SNUM(conn)), conn->server_info->unix_name, conn->connectpath, - conn->server_info->gid, + conn->server_info->utok.gid, conn->server_info->sanitized_username, pdb_get_domain(conn->server_info->sam_account), buf); @@ -183,7 +183,7 @@ static char *Expand(connection_struct *conn, int snum, char *s) lp_servicename(SNUM(conn)), conn->server_info->unix_name, conn->connectpath, - conn->server_info->gid, + conn->server_info->utok.gid, conn->server_info->sanitized_username, pdb_get_domain(conn->server_info->sam_account), buf); @@ -3009,7 +3009,7 @@ static bool api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, lp_servicename(SNUM(conn)), conn->server_info->unix_name, conn->connectpath, - conn->server_info->gid, + conn->server_info->utok.gid, conn->server_info->sanitized_username, pdb_get_domain(conn->server_info->sam_account), comment); @@ -3346,7 +3346,7 @@ static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, user_struct *vuser = get_valid_user_struct(vuid); if(vuser != NULL) { DEBUG(3,(" Username of UID %d is %s\n", - (int)vuser->server_info->uid, + (int)vuser->server_info->utok.uid, vuser->server_info->unix_name)); } @@ -3602,7 +3602,7 @@ static bool api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, if(vuser != NULL) { DEBUG(3,(" Username of UID %d is %s\n", - (int)vuser->server_info->uid, + (int)vuser->server_info->utok.uid, vuser->server_info->unix_name)); } -- cgit From a3c0be63256b7db6325d8dcb599497e8e7905f08 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 24 Jun 2008 16:03:28 +0200 Subject: Change print_access_check to take auth_serversupplied_info instead of current_user Reason: This is the main user of p->current_user which I would like to remove (This used to be commit fd43059b3dfa8cdac9814de1c76f963ba5de9bcb) --- source3/smbd/lanman.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 226e0d5789..29703ffd1e 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -2682,15 +2682,15 @@ static bool api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, switch (function) { case 81: /* delete */ - if (print_job_delete(¤t_user, snum, jobid, &werr)) + if (print_job_delete(conn->server_info, snum, jobid, &werr)) errcode = NERR_Success; break; case 82: /* pause */ - if (print_job_pause(¤t_user, snum, jobid, &werr)) + if (print_job_pause(conn->server_info, snum, jobid, &werr)) errcode = NERR_Success; break; case 83: /* resume */ - if (print_job_resume(¤t_user, snum, jobid, &werr)) + if (print_job_resume(conn->server_info, snum, jobid, &werr)) errcode = NERR_Success; break; } @@ -2751,13 +2751,19 @@ static bool api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, switch (function) { case 74: /* Pause queue */ - if (print_queue_pause(¤t_user, snum, &werr)) errcode = NERR_Success; + if (print_queue_pause(conn->server_info, snum, &werr)) { + errcode = NERR_Success; + } break; case 75: /* Resume queue */ - if (print_queue_resume(¤t_user, snum, &werr)) errcode = NERR_Success; + if (print_queue_resume(conn->server_info, snum, &werr)) { + errcode = NERR_Success; + } break; case 103: /* Purge */ - if (print_queue_purge(¤t_user, snum, &werr)) errcode = NERR_Success; + if (print_queue_purge(conn->server_info, snum, &werr)) { + errcode = NERR_Success; + } break; } -- cgit From e2585b73e975e8a434533019fbab1b8bd045ca70 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 24 Jun 2008 16:58:12 +0200 Subject: remove unused extern current_user from lanman.c (This used to be commit e2009c0b8dc229faf98ce189d2a906e58d3e1e63) --- source3/smbd/lanman.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 29703ffd1e..03a48f5e61 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -27,8 +27,6 @@ #include "includes.h" -extern struct current_user current_user; - #ifdef CHECK_TYPES #undef CHECK_TYPES #endif -- cgit From cf9665016f70aff9a5d6ec7ab427e469f43dbfc6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 2 Apr 2008 15:55:10 +0200 Subject: Let send_trans_reply work on only the inbuf It does not really need the whole smb_request (This used to be commit d3facf4cbdb2915168e91d64c2d8320f67524df8) --- source3/smbd/lanman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/lanman.c') diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 03a48f5e61..fe1d766b9d 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -4632,7 +4632,7 @@ void api_reply(connection_struct *conn, uint16 vuid, /* If api_Unsupported returns false we can't return anything. */ if (reply) { - send_trans_reply(conn, req, rparam, rparam_len, + send_trans_reply(conn, req->inbuf, rparam, rparam_len, rdata, rdata_len, False); } -- cgit