From 276364e2a4cee00f4521845347a0b0a371f6b0e6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 12 Dec 2000 02:36:14 +0000 Subject: Removed the special casing of SIDs in se_access_check. This is now done (correctly) when the NT_USER_TOKEN is *created*. Jeremy. (This used to be commit 27d72ed1cf8ece2bede812341279ba5a7262ace4) --- source3/include/proto.h | 818 +++++++++++++++++++------------------ source3/include/rpc_client_proto.h | 55 +++ source3/lib/util_seaccess.c | 33 +- source3/lib/util_sid.c | 53 ++- source3/smbd/password.c | 37 +- source3/smbd/uid.c | 7 +- 6 files changed, 562 insertions(+), 441 deletions(-) (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index efb95680fc..8765c02771 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -46,8 +46,7 @@ void add_char_string(char *s); /*The following definitions come from lib/cmd_interp.c */ void free_cmd_set_array(uint32 num_entries, struct command_set **entries); -struct command_set *add_cmd_set_to_array(uint32 *len, - struct command_set ***array, +struct command_set *add_cmd_set_to_array(uint32 *len, struct command_set ***array, const struct command_set *cmd); void add_command_set(const struct command_set *cmds); void cmd_set_no_autoconnect(void); @@ -224,279 +223,9 @@ void CatchChildLeaveStatus(void); int vslprintf(char *str, int n, char *format, va_list ap); -/*The following definitions come from libsmb/cliconnect.c */ - -BOOL cli_session_setup(struct cli_state *cli, - char *user, - char *pass, int passlen, - char *ntpass, int ntpasslen, - char *workgroup); -BOOL cli_ulogoff(struct cli_state *cli); -BOOL cli_send_tconX(struct cli_state *cli, - char *share, char *dev, char *pass, int passlen); -BOOL cli_tdis(struct cli_state *cli); -void cli_negprot_send(struct cli_state *cli); -BOOL cli_negprot(struct cli_state *cli); -BOOL cli_session_request(struct cli_state *cli, - struct nmb_name *calling, struct nmb_name *called); -BOOL cli_connect(struct cli_state *cli, const char *host, struct in_addr *ip); -BOOL cli_reestablish_connection(struct cli_state *cli); -BOOL cli_establish_connection(struct cli_state *cli, - char *dest_host, struct in_addr *dest_ip, - struct nmb_name *calling, struct nmb_name *called, - char *service, char *service_type, - BOOL do_shutdown, BOOL do_tcon); -BOOL attempt_netbios_session_request(struct cli_state *cli, char *srchost, char *desthost, - struct in_addr *pdest_ip); - -/*The following definitions come from libsmb/clientgen.c */ - -int cli_set_port(struct cli_state *cli, int port); -BOOL cli_receive_smb(struct cli_state *cli); -BOOL cli_send_smb(struct cli_state *cli); -void cli_setup_packet(struct cli_state *cli); -void cli_init_creds(struct cli_state *cli, const struct ntuser_creds *usr); -struct cli_state *cli_initialise(struct cli_state *cli); -void cli_shutdown(struct cli_state *cli); -void cli_sockopt(struct cli_state *cli, char *options); -uint16 cli_setpid(struct cli_state *cli, uint16 pid); - -/*The following definitions come from libsmb/clierror.c */ - -char *cli_errstr(struct cli_state *cli); -int cli_error(struct cli_state *cli, uint8 *eclass, uint32 *num, uint32 *nt_rpc_error); - -/*The following definitions come from libsmb/clifile.c */ - -BOOL cli_rename(struct cli_state *cli, char *fname_src, char *fname_dst); -BOOL cli_unlink(struct cli_state *cli, char *fname); -BOOL cli_mkdir(struct cli_state *cli, char *dname); -BOOL cli_rmdir(struct cli_state *cli, char *dname); -int cli_nt_create(struct cli_state *cli, char *fname, uint32 DesiredAccess); -int cli_open(struct cli_state *cli, char *fname, int flags, int share_mode); -BOOL cli_close(struct cli_state *cli, int fnum); -BOOL cli_lock(struct cli_state *cli, int fnum, - uint32 offset, uint32 len, int timeout, enum brl_type lock_type); -BOOL cli_unlock(struct cli_state *cli, int fnum, uint32 offset, uint32 len); -BOOL cli_lock64(struct cli_state *cli, int fnum, - SMB_BIG_UINT offset, SMB_BIG_UINT len, int timeout, enum brl_type lock_type); -BOOL cli_unlock64(struct cli_state *cli, int fnum, SMB_BIG_UINT offset, SMB_BIG_UINT len); -BOOL cli_getattrE(struct cli_state *cli, int fd, - uint16 *attr, size_t *size, - time_t *c_time, time_t *a_time, time_t *m_time); -BOOL cli_getatr(struct cli_state *cli, char *fname, - uint16 *attr, size_t *size, time_t *t); -BOOL cli_setatr(struct cli_state *cli, char *fname, uint16 attr, time_t t); -BOOL cli_chkpath(struct cli_state *cli, char *path); -BOOL cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail); - -/*The following definitions come from libsmb/clilist.c */ - -int cli_list(struct cli_state *cli,const char *Mask,uint16 attribute, - void (*fn)(file_info *, const char *)); -int cli_list_old(struct cli_state *cli,const char *Mask,uint16 attribute, - void (*fn)(file_info *, const char *)); - -/*The following definitions come from libsmb/climessage.c */ - -BOOL cli_message_start(struct cli_state *cli, char *host, char *username, - int *grp); -BOOL cli_message_text(struct cli_state *cli, char *msg, int len, int grp); -BOOL cli_message_end(struct cli_state *cli, int grp); - -/*The following definitions come from libsmb/cliprint.c */ - -int cli_print_queue(struct cli_state *cli, - void (*fn)(struct print_job_info *)); -int cli_printjob_del(struct cli_state *cli, int job); - -/*The following definitions come from libsmb/clirap.c */ - -BOOL cli_api_pipe(struct cli_state *cli, char *pipe_name, int pipe_name_len, - uint16 *setup, uint32 setup_count, uint32 max_setup_count, - char *params, uint32 param_count, uint32 max_param_count, - char *data, uint32 data_count, uint32 max_data_count, - char **rparam, uint32 *rparam_count, - char **rdata, uint32 *rdata_count); -BOOL cli_api(struct cli_state *cli, - char *param, int prcnt, int mprcnt, - char *data, int drcnt, int mdrcnt, - char **rparam, int *rprcnt, - char **rdata, int *rdrcnt); -BOOL cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation); -int cli_RNetShareEnum(struct cli_state *cli, void (*fn)(const char *, uint32, const char *)); -BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype, - void (*fn)(const char *, uint32, const char *)); -BOOL cli_oem_change_password(struct cli_state *cli, const char *user, const char *new_password, - const char *old_password); -BOOL cli_qpathinfo(struct cli_state *cli, const char *fname, - time_t *c_time, time_t *a_time, time_t *m_time, - size_t *size, uint16 *mode); -BOOL cli_qpathinfo2(struct cli_state *cli, const char *fname, - time_t *c_time, time_t *a_time, time_t *m_time, - time_t *w_time, size_t *size, uint16 *mode, - SMB_INO_T *ino); -BOOL cli_qfileinfo(struct cli_state *cli, int fnum, - uint16 *mode, size_t *size, - time_t *c_time, time_t *a_time, time_t *m_time, - time_t *w_time, SMB_INO_T *ino); - -/*The following definitions come from libsmb/clireadwrite.c */ - -size_t cli_read(struct cli_state *cli, int fnum, char *buf, off_t offset, size_t size); -ssize_t cli_write(struct cli_state *cli, - int fnum, uint16 write_mode, - char *buf, off_t offset, size_t size); -ssize_t cli_smbwrite(struct cli_state *cli, - int fnum, char *buf, off_t offset, size_t size1); - -/*The following definitions come from libsmb/clisecdesc.c */ - -SEC_DESC *cli_query_secdesc(struct cli_state *cli,int fd); -BOOL cli_set_secdesc(struct cli_state *cli,int fd, SEC_DESC *sd); - -/*The following definitions come from libsmb/clitrans.c */ - -BOOL cli_send_trans(struct cli_state *cli, int trans, - char *name, int pipe_name_len, - int fid, int flags, - uint16 *setup, int lsetup, int msetup, - char *param, int lparam, int mparam, - char *data, int ldata, int mdata); -BOOL cli_receive_trans(struct cli_state *cli,int trans, - char **param, int *param_len, - char **data, int *data_len); -BOOL cli_send_nt_trans(struct cli_state *cli, - int function, - int flags, - uint16 *setup, int lsetup, int msetup, - char *param, int lparam, int mparam, - char *data, int ldata, int mdata); -BOOL cli_receive_nt_trans(struct cli_state *cli, - char **param, int *param_len, - char **data, int *data_len); - -/*The following definitions come from libsmb/credentials.c */ - -char *credstr(uchar *cred); -void cred_session_key(DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal, char *pass, - uchar session_key[8]); -void cred_create(uchar session_key[8], DOM_CHAL *stor_cred, UTIME timestamp, - DOM_CHAL *cred); -int cred_assert(DOM_CHAL *cred, uchar session_key[8], DOM_CHAL *stored_cred, - UTIME timestamp); -BOOL clnt_deal_with_creds(uchar sess_key[8], - DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_srv_cred); -BOOL deal_with_creds(uchar sess_key[8], - DOM_CRED *sto_clnt_cred, - DOM_CRED *rcv_clnt_cred, DOM_CRED *rtn_srv_cred); - -/*The following definitions come from libsmb/namequery.c */ - -BOOL name_status(int fd,char *name,int name_type,BOOL recurse, - struct in_addr to_ip,char *master,char *rname); -struct in_addr *name_query(int fd,const char *name,int name_type, - BOOL bcast,BOOL recurse, - struct in_addr to_ip, int *count); -FILE *startlmhosts(char *fname); -BOOL getlmhostsent( FILE *fp, pstring name, int *name_type, struct in_addr *ipaddr); -void endlmhosts(FILE *fp); -BOOL name_resolve_bcast(const char *name, int name_type, - struct in_addr **return_ip_list, int *return_count); -BOOL is_ip_address(const char *name); -BOOL resolve_name(const char *name, struct in_addr *return_ip, int name_type); -BOOL resolve_srv_name(const char* srv_name, fstring dest_host, - struct in_addr *ip); -BOOL find_master_ip(char *group, struct in_addr *master_ip); -BOOL lookup_pdc_name(const char *srcname, const char *domain, struct in_addr *pdc_ip, char *ret_name); -BOOL get_dc_list(char *group, struct in_addr **ip_list, int *count); - -/*The following definitions come from libsmb/nmblib.c */ - -void debug_nmb_packet(struct packet_struct *p); -char *nmb_namestr(struct nmb_name *n); -struct packet_struct *copy_packet(struct packet_struct *packet); -void free_packet(struct packet_struct *packet); -struct packet_struct *parse_packet(char *buf,int length, - enum packet_type packet_type); -struct packet_struct *read_packet(int fd,enum packet_type packet_type); -void make_nmb_name( struct nmb_name *n, const char *name, int type); -BOOL nmb_name_equal(struct nmb_name *n1, struct nmb_name *n2); -int build_packet(char *buf, struct packet_struct *p); -BOOL send_packet(struct packet_struct *p); -struct packet_struct *receive_packet(int fd,enum packet_type type,int t); -struct packet_struct *receive_nmb_packet(int fd, int t, int trn_id); -struct packet_struct *receive_dgram_packet(int fd, int t, char *mailslot_name); -BOOL match_mailslot_name(struct packet_struct *p, char *mailslot_name); -void sort_query_replies(char *data, int n, struct in_addr ip); -char *dns_to_netbios_name(char *dns_name); -int name_mangle( char *In, char *Out, char name_type ); -int name_extract(char *buf,int ofs,char *name); -int name_len(char *s1); - -/*The following definitions come from libsmb/nterr.c */ - -BOOL get_safe_nt_error_msg(uint32 nt_code,char *msg, size_t len); -char *get_nt_error_msg(uint32 nt_code); - -/*The following definitions come from libsmb/passchange.c */ - -BOOL remote_password_change(const char *remote_machine, const char *user_name, - const char *old_passwd, const char *new_passwd, - char *err_str, size_t err_str_len); - -/*The following definitions come from libsmb/pwd_cache.c */ - -void pwd_init(struct pwd_info *pwd); -BOOL pwd_is_nullpwd(const struct pwd_info *pwd); -BOOL pwd_compare(struct pwd_info *pwd1, struct pwd_info *pwd2); -void pwd_read(struct pwd_info *pwd, char *passwd_report, BOOL do_encrypt); -void pwd_set_nullpwd(struct pwd_info *pwd); -void pwd_set_cleartext(struct pwd_info *pwd, char *clr); -void pwd_get_cleartext(struct pwd_info *pwd, char *clr); -void pwd_set_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16]); -void pwd_get_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16]); -void pwd_make_lm_nt_16(struct pwd_info *pwd, char *clr); -void pwd_make_lm_nt_owf(struct pwd_info *pwd, uchar cryptkey[8]); -void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24], uchar nt_owf[24]); - -/*The following definitions come from lib/smbrun.c */ - -int smbrun(char *cmd,char *outfile,BOOL shared); - -/*The following definitions come from libsmb/smbdes.c */ - -void E_P16(unsigned char *p14,unsigned char *p16); -void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24); -void D_P16(unsigned char *p14, unsigned char *in, unsigned char *out); -void E_old_pw_hash( unsigned char *p14, unsigned char *in, unsigned char *out); -void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key); -void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key); -void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int forw); -void SamOEMhash( unsigned char *data, unsigned char *key, int val); - -/*The following definitions come from libsmb/smbencrypt.c */ - -void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24); -void E_md4hash(uchar *passwd, uchar *p16); -void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16]); -void SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]); -void NTLMSSPOWFencrypt(uchar passwd[8], uchar *ntlmchalresp, uchar p24[24]); -void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24); -BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode); -BOOL decode_pw_buffer(char buffer[516], char *new_pwrd, - int new_pwrd_size, uint32 *new_pw_len); - -/*The following definitions come from libsmb/smberr.c */ - -char *smb_errstr(char *inbuf); - -/*The following definitions come from libsmb/unexpected.c */ +/*The following definitions come from lib/smbrun.c */ -void unexpected_packet(struct packet_struct *p); -void clear_unexpected(time_t t); -struct packet_struct *receive_unexpected(enum packet_type packet_type, int id, - char *mailslot_name); +int smbrun(char *cmd,char *outfile,BOOL shared); /*The following definitions come from lib/snprintf.c */ @@ -510,6 +239,31 @@ void standard_sub_snum(int snum, char *str); void standard_sub_vuser(char *str, user_struct *vuser); void standard_sub_vsnum(char *str, user_struct *vuser, int snum); +/*The following definitions come from lib/sysacls.c */ + +int sys_acl_get_entry( SMB_ACL_T acl, int entry_id, SMB_ACL_ENTRY_T *entry_p); +int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p); +int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p); +void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d); +SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type); +SMB_ACL_T sys_acl_get_fd(int fd); +int sys_acl_free( void *obj_p); +int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset); +int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm); +int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm); +char *sys_acl_to_text( SMB_ACL_T acl, ssize_t *plen); +int sys_acl_get_entry( SMB_ACL_T acl, int entry_id, SMB_ACL_ENTRY_T *entry_p); +int sys_acl_get_tag_type( SMB_ACL_ENTRY_T entry_d, SMB_ACL_TAG_T *tag_type_p); +int sys_acl_get_permset( SMB_ACL_ENTRY_T entry_d, SMB_ACL_PERMSET_T *permset_p); +void *sys_acl_get_qualifier( SMB_ACL_ENTRY_T entry_d); +SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type); +SMB_ACL_T sys_acl_get_fd(int fd); +int sys_acl_free( void *obj_p); +int sys_acl_clear_perms(SMB_ACL_PERMSET_T permset); +int sys_acl_add_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm); +int sys_acl_get_perm( SMB_ACL_PERMSET_T permset, SMB_ACL_PERM_T perm); +char *sys_acl_to_text( SMB_ACL_T acl, ssize_t *plen); + /*The following definitions come from lib/system.c */ int sys_usleep(long usecs); @@ -592,23 +346,6 @@ BOOL user_in_group_list(char *user,char *gname); BOOL user_in_list(char *user,char *list); struct passwd *smb_getpwnam(char *user, BOOL allow_change); -/*The following definitions come from lib/util_array.c */ - -void free_void_array(uint32 num_entries, void **entries, - void(free_item)(void*)); -void* add_copy_to_array(uint32 *len, void ***array, const void *item, - void*(item_dup)(const void*), BOOL alloc_anyway); -void* add_item_to_array(uint32 *len, void ***array, void *item); -void free_use_info_array(uint32 num_entries, struct use_info **entries); -struct use_info* add_use_info_to_array(uint32 *len, struct use_info ***array, - const struct use_info *name); -void free_char_array(uint32 num_entries, char **entries); -char* add_chars_to_array(uint32 *len, char ***array, const char *name); -void free_uint32_array(uint32 num_entries, uint32 **entries); -uint32* add_uint32s_to_array(uint32 *len, uint32 ***array, const uint32 *name); -void free_sid_array(uint32 num_entries, DOM_SID **entries); -DOM_SID* add_sid_to_array(uint32 *len, DOM_SID ***array, const DOM_SID *sid); - /*The following definitions come from lib/util.c */ char *tmpdir(void); @@ -675,6 +412,23 @@ BOOL ms_has_wild(char *s); BOOL mask_match(char *string, char *pattern, BOOL is_case_sensitive); int _Insure_trap_error(int a1, int a2, int a3, int a4, int a5, int a6); +/*The following definitions come from lib/util_array.c */ + +void free_void_array(uint32 num_entries, void **entries, + void(free_item)(void*)); +void* add_copy_to_array(uint32 *len, void ***array, const void *item, + void*(item_dup)(const void*), BOOL alloc_anyway); +void* add_item_to_array(uint32 *len, void ***array, void *item); +void free_use_info_array(uint32 num_entries, struct use_info **entries); +struct use_info* add_use_info_to_array(uint32 *len, struct use_info ***array, + const struct use_info *name); +void free_char_array(uint32 num_entries, char **entries); +char* add_chars_to_array(uint32 *len, char ***array, const char *name); +void free_uint32_array(uint32 num_entries, uint32 **entries); +uint32* add_uint32s_to_array(uint32 *len, uint32 ***array, const uint32 *name); +void free_sid_array(uint32 num_entries, DOM_SID **entries); +DOM_SID* add_sid_to_array(uint32 *len, DOM_SID ***array, const DOM_SID *sid); + /*The following definitions come from lib/util_file.c */ BOOL do_file_lock(int fd, int waitsecs, int type); @@ -890,12 +644,282 @@ smb_ucs2_t *string_truncate_w(smb_ucs2_t *s, size_t length); smb_ucs2_t doscp2ucs2(int w); int ucs2doscp(smb_ucs2_t w); -/*The following definitions come from lib/wins_srv.c */ +/*The following definitions come from lib/wins_srv.c */ + +BOOL wins_srv_load_list( char *src ); +struct in_addr wins_srv_ip( void ); +void wins_srv_died( struct in_addr boothill_ip ); +unsigned long wins_srv_count( void ); + +/*The following definitions come from libsmb/cliconnect.c */ + +BOOL cli_session_setup(struct cli_state *cli, + char *user, + char *pass, int passlen, + char *ntpass, int ntpasslen, + char *workgroup); +BOOL cli_ulogoff(struct cli_state *cli); +BOOL cli_send_tconX(struct cli_state *cli, + char *share, char *dev, char *pass, int passlen); +BOOL cli_tdis(struct cli_state *cli); +void cli_negprot_send(struct cli_state *cli); +BOOL cli_negprot(struct cli_state *cli); +BOOL cli_session_request(struct cli_state *cli, + struct nmb_name *calling, struct nmb_name *called); +BOOL cli_connect(struct cli_state *cli, const char *host, struct in_addr *ip); +BOOL cli_reestablish_connection(struct cli_state *cli); +BOOL cli_establish_connection(struct cli_state *cli, + char *dest_host, struct in_addr *dest_ip, + struct nmb_name *calling, struct nmb_name *called, + char *service, char *service_type, + BOOL do_shutdown, BOOL do_tcon); +BOOL attempt_netbios_session_request(struct cli_state *cli, char *srchost, char *desthost, + struct in_addr *pdest_ip); + +/*The following definitions come from libsmb/clientgen.c */ + +int cli_set_port(struct cli_state *cli, int port); +BOOL cli_receive_smb(struct cli_state *cli); +BOOL cli_send_smb(struct cli_state *cli); +void cli_setup_packet(struct cli_state *cli); +void cli_init_creds(struct cli_state *cli, const struct ntuser_creds *usr); +struct cli_state *cli_initialise(struct cli_state *cli); +void cli_shutdown(struct cli_state *cli); +void cli_sockopt(struct cli_state *cli, char *options); +uint16 cli_setpid(struct cli_state *cli, uint16 pid); + +/*The following definitions come from libsmb/clierror.c */ + +char *cli_errstr(struct cli_state *cli); +int cli_error(struct cli_state *cli, uint8 *eclass, uint32 *num, uint32 *nt_rpc_error); + +/*The following definitions come from libsmb/clifile.c */ + +BOOL cli_rename(struct cli_state *cli, char *fname_src, char *fname_dst); +BOOL cli_unlink(struct cli_state *cli, char *fname); +BOOL cli_mkdir(struct cli_state *cli, char *dname); +BOOL cli_rmdir(struct cli_state *cli, char *dname); +int cli_nt_create(struct cli_state *cli, char *fname, uint32 DesiredAccess); +int cli_open(struct cli_state *cli, char *fname, int flags, int share_mode); +BOOL cli_close(struct cli_state *cli, int fnum); +BOOL cli_lock(struct cli_state *cli, int fnum, + uint32 offset, uint32 len, int timeout, enum brl_type lock_type); +BOOL cli_unlock(struct cli_state *cli, int fnum, uint32 offset, uint32 len); +BOOL cli_lock64(struct cli_state *cli, int fnum, + SMB_BIG_UINT offset, SMB_BIG_UINT len, int timeout, enum brl_type lock_type); +BOOL cli_unlock64(struct cli_state *cli, int fnum, SMB_BIG_UINT offset, SMB_BIG_UINT len); +BOOL cli_getattrE(struct cli_state *cli, int fd, + uint16 *attr, size_t *size, + time_t *c_time, time_t *a_time, time_t *m_time); +BOOL cli_getatr(struct cli_state *cli, char *fname, + uint16 *attr, size_t *size, time_t *t); +BOOL cli_setatr(struct cli_state *cli, char *fname, uint16 attr, time_t t); +BOOL cli_chkpath(struct cli_state *cli, char *path); +BOOL cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail); + +/*The following definitions come from libsmb/clilist.c */ + +int cli_list(struct cli_state *cli,const char *Mask,uint16 attribute, + void (*fn)(file_info *, const char *)); +int cli_list_old(struct cli_state *cli,const char *Mask,uint16 attribute, + void (*fn)(file_info *, const char *)); + +/*The following definitions come from libsmb/climessage.c */ + +BOOL cli_message_start(struct cli_state *cli, char *host, char *username, + int *grp); +BOOL cli_message_text(struct cli_state *cli, char *msg, int len, int grp); +BOOL cli_message_end(struct cli_state *cli, int grp); + +/*The following definitions come from libsmb/cliprint.c */ + +int cli_print_queue(struct cli_state *cli, + void (*fn)(struct print_job_info *)); +int cli_printjob_del(struct cli_state *cli, int job); + +/*The following definitions come from libsmb/clirap.c */ + +BOOL cli_api_pipe(struct cli_state *cli, char *pipe_name, int pipe_name_len, + uint16 *setup, uint32 setup_count, uint32 max_setup_count, + char *params, uint32 param_count, uint32 max_param_count, + char *data, uint32 data_count, uint32 max_data_count, + char **rparam, uint32 *rparam_count, + char **rdata, uint32 *rdata_count); +BOOL cli_api(struct cli_state *cli, + char *param, int prcnt, int mprcnt, + char *data, int drcnt, int mdrcnt, + char **rparam, int *rprcnt, + char **rdata, int *rdrcnt); +BOOL cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation); +int cli_RNetShareEnum(struct cli_state *cli, void (*fn)(const char *, uint32, const char *)); +BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype, + void (*fn)(const char *, uint32, const char *)); +BOOL cli_oem_change_password(struct cli_state *cli, const char *user, const char *new_password, + const char *old_password); +BOOL cli_qpathinfo(struct cli_state *cli, const char *fname, + time_t *c_time, time_t *a_time, time_t *m_time, + size_t *size, uint16 *mode); +BOOL cli_qpathinfo2(struct cli_state *cli, const char *fname, + time_t *c_time, time_t *a_time, time_t *m_time, + time_t *w_time, size_t *size, uint16 *mode, + SMB_INO_T *ino); +BOOL cli_qfileinfo(struct cli_state *cli, int fnum, + uint16 *mode, size_t *size, + time_t *c_time, time_t *a_time, time_t *m_time, + time_t *w_time, SMB_INO_T *ino); + +/*The following definitions come from libsmb/clireadwrite.c */ + +size_t cli_read(struct cli_state *cli, int fnum, char *buf, off_t offset, size_t size); +ssize_t cli_write(struct cli_state *cli, + int fnum, uint16 write_mode, + char *buf, off_t offset, size_t size); +ssize_t cli_smbwrite(struct cli_state *cli, + int fnum, char *buf, off_t offset, size_t size1); + +/*The following definitions come from libsmb/clisecdesc.c */ + +SEC_DESC *cli_query_secdesc(struct cli_state *cli,int fd); +BOOL cli_set_secdesc(struct cli_state *cli,int fd, SEC_DESC *sd); + +/*The following definitions come from libsmb/clitrans.c */ + +BOOL cli_send_trans(struct cli_state *cli, int trans, + char *name, int pipe_name_len, + int fid, int flags, + uint16 *setup, int lsetup, int msetup, + char *param, int lparam, int mparam, + char *data, int ldata, int mdata); +BOOL cli_receive_trans(struct cli_state *cli,int trans, + char **param, int *param_len, + char **data, int *data_len); +BOOL cli_send_nt_trans(struct cli_state *cli, + int function, + int flags, + uint16 *setup, int lsetup, int msetup, + char *param, int lparam, int mparam, + char *data, int ldata, int mdata); +BOOL cli_receive_nt_trans(struct cli_state *cli, + char **param, int *param_len, + char **data, int *data_len); + +/*The following definitions come from libsmb/credentials.c */ + +char *credstr(uchar *cred); +void cred_session_key(DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal, char *pass, + uchar session_key[8]); +void cred_create(uchar session_key[8], DOM_CHAL *stor_cred, UTIME timestamp, + DOM_CHAL *cred); +int cred_assert(DOM_CHAL *cred, uchar session_key[8], DOM_CHAL *stored_cred, + UTIME timestamp); +BOOL clnt_deal_with_creds(uchar sess_key[8], + DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_srv_cred); +BOOL deal_with_creds(uchar sess_key[8], + DOM_CRED *sto_clnt_cred, + DOM_CRED *rcv_clnt_cred, DOM_CRED *rtn_srv_cred); + +/*The following definitions come from libsmb/namequery.c */ + +BOOL name_status(int fd,char *name,int name_type,BOOL recurse, + struct in_addr to_ip,char *master,char *rname); +struct in_addr *name_query(int fd,const char *name,int name_type, + BOOL bcast,BOOL recurse, + struct in_addr to_ip, int *count); +FILE *startlmhosts(char *fname); +BOOL getlmhostsent( FILE *fp, pstring name, int *name_type, struct in_addr *ipaddr); +void endlmhosts(FILE *fp); +BOOL name_resolve_bcast(const char *name, int name_type, + struct in_addr **return_ip_list, int *return_count); +BOOL is_ip_address(const char *name); +BOOL resolve_name(const char *name, struct in_addr *return_ip, int name_type); +BOOL resolve_srv_name(const char* srv_name, fstring dest_host, + struct in_addr *ip); +BOOL find_master_ip(char *group, struct in_addr *master_ip); +BOOL lookup_pdc_name(const char *srcname, const char *domain, struct in_addr *pdc_ip, char *ret_name); +BOOL get_dc_list(char *group, struct in_addr **ip_list, int *count); + +/*The following definitions come from libsmb/nmblib.c */ + +void debug_nmb_packet(struct packet_struct *p); +char *nmb_namestr(struct nmb_name *n); +struct packet_struct *copy_packet(struct packet_struct *packet); +void free_packet(struct packet_struct *packet); +struct packet_struct *parse_packet(char *buf,int length, + enum packet_type packet_type); +struct packet_struct *read_packet(int fd,enum packet_type packet_type); +void make_nmb_name( struct nmb_name *n, const char *name, int type); +BOOL nmb_name_equal(struct nmb_name *n1, struct nmb_name *n2); +int build_packet(char *buf, struct packet_struct *p); +BOOL send_packet(struct packet_struct *p); +struct packet_struct *receive_packet(int fd,enum packet_type type,int t); +struct packet_struct *receive_nmb_packet(int fd, int t, int trn_id); +struct packet_struct *receive_dgram_packet(int fd, int t, char *mailslot_name); +BOOL match_mailslot_name(struct packet_struct *p, char *mailslot_name); +void sort_query_replies(char *data, int n, struct in_addr ip); +char *dns_to_netbios_name(char *dns_name); +int name_mangle( char *In, char *Out, char name_type ); +int name_extract(char *buf,int ofs,char *name); +int name_len(char *s1); + +/*The following definitions come from libsmb/nterr.c */ -BOOL wins_srv_load_list( char *src ); -struct in_addr wins_srv_ip( void ); -void wins_srv_died( struct in_addr boothill_ip ); -unsigned long wins_srv_count( void ); +BOOL get_safe_nt_error_msg(uint32 nt_code,char *msg, size_t len); +char *get_nt_error_msg(uint32 nt_code); + +/*The following definitions come from libsmb/passchange.c */ + +BOOL remote_password_change(const char *remote_machine, const char *user_name, + const char *old_passwd, const char *new_passwd, + char *err_str, size_t err_str_len); + +/*The following definitions come from libsmb/pwd_cache.c */ + +void pwd_init(struct pwd_info *pwd); +BOOL pwd_is_nullpwd(const struct pwd_info *pwd); +BOOL pwd_compare(struct pwd_info *pwd1, struct pwd_info *pwd2); +void pwd_read(struct pwd_info *pwd, char *passwd_report, BOOL do_encrypt); +void pwd_set_nullpwd(struct pwd_info *pwd); +void pwd_set_cleartext(struct pwd_info *pwd, char *clr); +void pwd_get_cleartext(struct pwd_info *pwd, char *clr); +void pwd_set_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16]); +void pwd_get_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16]); +void pwd_make_lm_nt_16(struct pwd_info *pwd, char *clr); +void pwd_make_lm_nt_owf(struct pwd_info *pwd, uchar cryptkey[8]); +void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24], uchar nt_owf[24]); + +/*The following definitions come from libsmb/smbdes.c */ + +void E_P16(unsigned char *p14,unsigned char *p16); +void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24); +void D_P16(unsigned char *p14, unsigned char *in, unsigned char *out); +void E_old_pw_hash( unsigned char *p14, unsigned char *in, unsigned char *out); +void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key); +void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key); +void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int forw); +void SamOEMhash( unsigned char *data, unsigned char *key, int val); + +/*The following definitions come from libsmb/smbencrypt.c */ + +void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24); +void E_md4hash(uchar *passwd, uchar *p16); +void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16]); +void SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]); +void NTLMSSPOWFencrypt(uchar passwd[8], uchar *ntlmchalresp, uchar p24[24]); +void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24); +BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode); +BOOL decode_pw_buffer(char buffer[516], char *new_pwrd, + int new_pwrd_size, uint32 *new_pw_len); + +/*The following definitions come from libsmb/smberr.c */ + +char *smb_errstr(char *inbuf); + +/*The following definitions come from libsmb/unexpected.c */ + +void unexpected_packet(struct packet_struct *p); +void clear_unexpected(time_t t); +struct packet_struct *receive_unexpected(enum packet_type packet_type, int id, + char *mailslot_name); /*The following definitions come from locking/brlock.c */ @@ -983,6 +1007,9 @@ BOOL queue_dns_query(struct packet_struct *p,struct nmb_name *question, struct name_record **n); void kill_async_dns_child(void); +/*The following definitions come from nmbd/nmbd.c */ + + /*The following definitions come from nmbd/nmbd_become_dmb.c */ void add_domain_names(time_t t); @@ -1013,9 +1040,6 @@ void announce_and_sync_with_domain_master_browser( struct subnet_record *subrec, void collect_all_workgroup_names_from_wins_server(time_t t); void sync_all_dmbs(time_t t); -/*The following definitions come from nmbd/nmbd.c */ - - /*The following definitions come from nmbd/nmbd_elections.c */ void check_master_browser_exists(time_t t); @@ -1820,6 +1844,11 @@ void pcap_printer_fn(void (*fn)(char *, char *)); void cups_printer_fn(void (*fn)(char *, char *)); int cups_printername_ok(char *name); +/*The following definitions come from printing/print_svid.c */ + +void sysv_printer_fn(void (*fn)(char *, char *)); +int sysv_printername_ok(char *name); + /*The following definitions come from printing/printfsp.c */ #if OLD_NTDOMAIN @@ -1852,11 +1881,6 @@ BOOL print_queue_resume(struct current_user *user, int snum, int *errcode); BOOL print_queue_purge(struct current_user *user, int snum, int *errcode); #endif -/*The following definitions come from printing/print_svid.c */ - -void sysv_printer_fn(void (*fn)(char *, char *)); -int sysv_printername_ok(char *name); - /*The following definitions come from profile/profile.c */ void profile_message(int msg_type, pid_t src, void *buf, size_t len); @@ -2112,56 +2136,6 @@ BOOL do_wks_query_info(struct cli_state *cli, char *server_name, uint32 switch_value, WKS_INFO_100 *wks100); -/*The following definitions come from rpcclient/cmd_spoolss.c */ - -uint32 cmd_spoolss_enum_printers(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_enum_ports(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_enum_printerdata(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_getprinter(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_enum_jobs(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_open_printer_ex(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_getprinterdata(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_getprinterdriver(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_enumprinterdrivers(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_getprinterdriverdir(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_addprinterex(struct client_info *info, int argc, char *argv[]); -uint32 cmd_spoolss_addprinterdriver(struct client_info *info, int argc, char *argv[]); -void set_drv_info_3_env (DRIVER_INFO_3 *info, const char *arch); -BOOL init_drv_info_3_members (DRIVER_INFO_3 *info, char *args); -void free_drv_info_3 (DRIVER_INFO_3 *info); - -/*The following definitions come from rpcclient/display_sec.c */ - -void display_sec_desc(FILE *out_hnd, enum action_type action, SEC_DESC *const sec); - -/*The following definitions come from rpcclient/display_spool.c */ - -void display_printer_info_ctr(FILE *out_hnd, enum action_type action, uint32 level, - uint32 count, PRINTER_INFO_CTR ctr); -void display_port_info_ctr(FILE *out_hnd, enum action_type action, uint32 level, - uint32 count, PORT_INFO_CTR *ctr); -void display_port_info_1(FILE *out_hnd, enum action_type action, PORT_INFO_1 *i1); -void display_port_info_2(FILE *out_hnd, enum action_type action, PORT_INFO_2 *i2); -void display_printer_enumdata(FILE *out_hnd, enum action_type action, uint32 idx, - uint32 valuelen, uint16 *value, uint32 rvaluelen, - uint32 type, - uint32 datalen, uint8 *data, uint32 rdatalen); -void display_job_info_2(FILE *out_hnd, enum action_type action, - JOB_INFO_2 *const i2); -void display_job_info_1(FILE *out_hnd, enum action_type action, - JOB_INFO_1 *const i1); -void display_job_info_2_ctr(FILE *out_hnd, enum action_type action, - uint32 count, JOB_INFO_2 *const *const ctr); -void display_job_info_1_ctr(FILE *out_hnd, enum action_type action, - uint32 count, JOB_INFO_1 *const *const ctr); -void display_job_info_ctr(FILE *out_hnd, enum action_type action, - uint32 level, uint32 count, - void *const *const ctr); -void display_printer_driver_ctr(FILE *out_hnd, enum action_type action, uint32 level, - uint32 count, PRINTER_DRIVER_CTR ctr); -void display_printerdriverdir_info_ctr(FILE *out_hnd, enum action_type action, uint32 level, - DRIVER_DIRECTORY_CTR ctr); - /*The following definitions come from rpc_client/msrpc_spoolss.c */ void init_buffer(NEW_BUFFER *buffer, uint32 size, TALLOC_CTX *ctx); @@ -2211,13 +2185,6 @@ struct ncacn_np *ncacn_np_use_add(const char *pipe_name, const struct ntuser_creds *ntc, BOOL reuse, BOOL *is_new_connection); -/*The following definitions come from rpcclient/rpcclient.c */ - - -/*The following definitions come from rpcclient/spoolss_cmds.c */ - -void add_spl_commands(void); - /*The following definitions come from rpc_parse/parse_creds.c */ BOOL make_creds_unix(CREDS_UNIX *r_u, const char* user_name, @@ -3374,6 +3341,69 @@ uint32 lookup_user_rid(char *user_name, uint32 *rid); BOOL api_wkssvc_rpc(pipes_struct *p); #endif +/*The following definitions come from rpcclient/cmd_lsarpc.c */ + +uint32 cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[]); +uint32 cmd_lsa_lookup_names(struct client_info *info, int argc, char *argv[]); +void add_lsa_commands(void); + +/*The following definitions come from rpcclient/cmd_spoolss.c */ + +uint32 cmd_spoolss_enum_printers(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_enum_ports(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_enum_printerdata(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_getprinter(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_enum_jobs(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_open_printer_ex(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_getprinterdata(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_getprinterdriver(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_enumprinterdrivers(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_getprinterdriverdir(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_addprinterex(struct client_info *info, int argc, char *argv[]); +uint32 cmd_spoolss_addprinterdriver(struct client_info *info, int argc, char *argv[]); +void set_drv_info_3_env (DRIVER_INFO_3 *info, const char *arch); +BOOL init_drv_info_3_members (DRIVER_INFO_3 *info, char *args); +void free_drv_info_3 (DRIVER_INFO_3 *info); + +/*The following definitions come from rpcclient/display_sec.c */ + +void display_sec_desc(FILE *out_hnd, enum action_type action, SEC_DESC *const sec); + +/*The following definitions come from rpcclient/display_spool.c */ + +void display_printer_info_ctr(FILE *out_hnd, enum action_type action, uint32 level, + uint32 count, PRINTER_INFO_CTR ctr); +void display_port_info_ctr(FILE *out_hnd, enum action_type action, uint32 level, + uint32 count, PORT_INFO_CTR *ctr); +void display_port_info_1(FILE *out_hnd, enum action_type action, PORT_INFO_1 *i1); +void display_port_info_2(FILE *out_hnd, enum action_type action, PORT_INFO_2 *i2); +void display_printer_enumdata(FILE *out_hnd, enum action_type action, uint32 idx, + uint32 valuelen, uint16 *value, uint32 rvaluelen, + uint32 type, + uint32 datalen, uint8 *data, uint32 rdatalen); +void display_job_info_2(FILE *out_hnd, enum action_type action, + JOB_INFO_2 *const i2); +void display_job_info_1(FILE *out_hnd, enum action_type action, + JOB_INFO_1 *const i1); +void display_job_info_2_ctr(FILE *out_hnd, enum action_type action, + uint32 count, JOB_INFO_2 *const *const ctr); +void display_job_info_1_ctr(FILE *out_hnd, enum action_type action, + uint32 count, JOB_INFO_1 *const *const ctr); +void display_job_info_ctr(FILE *out_hnd, enum action_type action, + uint32 level, uint32 count, + void *const *const ctr); +void display_printer_driver_ctr(FILE *out_hnd, enum action_type action, uint32 level, + uint32 count, PRINTER_DRIVER_CTR ctr); +void display_printerdriverdir_info_ctr(FILE *out_hnd, enum action_type action, uint32 level, + DRIVER_DIRECTORY_CTR ctr); + +/*The following definitions come from rpcclient/rpcclient.c */ + + +/*The following definitions come from rpcclient/spoolss_cmds.c */ + +void add_spl_commands(void); + /*The following definitions come from smbd/blocking.c */ #if OLD_NTDOMAIN @@ -3667,7 +3697,7 @@ user_struct *get_valid_user_struct(uint16 vuid); void invalidate_vuid(uint16 vuid); char *validated_username(uint16 vuid); char *validated_domain(uint16 vuid); -NT_USER_TOKEN *create_nt_token(uid_t uid, gid_t gid, int ngroups, gid_t *groups); +NT_USER_TOKEN *create_nt_token(uid_t uid, gid_t gid, int ngroups, gid_t *groups, BOOL is_guest); uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, char *domain,BOOL guest); void add_session_user(char *user); @@ -3703,6 +3733,13 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize); int reply_pipe_close(connection_struct *conn, char *inbuf,char *outbuf); #endif +/*The following definitions come from smbd/posix_acls.c */ + +#if OLD_NTDOMAIN +size_t get_nt_acl(files_struct *fsp, SEC_DESC **ppdesc); +BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd); +#endif + /*The following definitions come from smbd/process.c */ #if OLD_NTDOMAIN @@ -3872,34 +3909,6 @@ BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype); BOOL sid_to_gid(DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype); #endif -/*The following definitions come from smbd/unix_acls.c */ - -#if OLD_NTDOMAIN -size_t get_nt_acl(files_struct *fsp, SEC_DESC **ppdesc); -BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd); -#endif - -/*The following definitions come from smbd/vfs.c */ - -#if OLD_NTDOMAIN -int vfs_init_default(connection_struct *conn); -BOOL vfs_init_custom(connection_struct *conn); -BOOL vfs_directory_exist(connection_struct *conn, char *dname, SMB_STRUCT_STAT *st); -int vfs_mkdir(connection_struct *conn, char *fname, mode_t mode); -char *vfs_getwd(connection_struct *conn, char *unix_path); -BOOL vfs_file_exist(connection_struct *conn,char *fname,SMB_STRUCT_STAT *sbuf); -ssize_t vfs_read_data(files_struct *fsp, char *buf, size_t byte_count); -ssize_t vfs_write_data(files_struct *fsp,char *buffer,size_t N); -int vfs_set_filelen(files_struct *fsp, SMB_OFF_T len); -SMB_OFF_T vfs_transfer_file(int in_fd, files_struct *in_fsp, - int out_fd, files_struct *out_fsp, - SMB_OFF_T n, char *header, int headlen, int align); -char *vfs_readdirname(connection_struct *conn, void *p); -int vfs_ChDir(connection_struct *conn, char *path); -char *vfs_GetWd(connection_struct *conn, char *path); -BOOL reduce_name(connection_struct *conn, char *s,char *dir,BOOL widelinks); -#endif - /*The following definitions come from smbd/vfs-wrap.c */ #if OLD_NTDOMAIN @@ -3936,6 +3945,27 @@ BOOL vfswrap_fset_nt_acl(files_struct *fsp, int fd, uint32 security_info_sent, S BOOL vfswrap_set_nt_acl(files_struct *fsp, char *name, uint32 security_info_sent, SEC_DESC *psd); #endif +/*The following definitions come from smbd/vfs.c */ + +#if OLD_NTDOMAIN +int vfs_init_default(connection_struct *conn); +BOOL vfs_init_custom(connection_struct *conn); +BOOL vfs_directory_exist(connection_struct *conn, char *dname, SMB_STRUCT_STAT *st); +int vfs_mkdir(connection_struct *conn, char *fname, mode_t mode); +char *vfs_getwd(connection_struct *conn, char *unix_path); +BOOL vfs_file_exist(connection_struct *conn,char *fname,SMB_STRUCT_STAT *sbuf); +ssize_t vfs_read_data(files_struct *fsp, char *buf, size_t byte_count); +ssize_t vfs_write_data(files_struct *fsp,char *buffer,size_t N); +int vfs_set_filelen(files_struct *fsp, SMB_OFF_T len); +SMB_OFF_T vfs_transfer_file(int in_fd, files_struct *in_fsp, + int out_fd, files_struct *out_fsp, + SMB_OFF_T n, char *header, int headlen, int align); +char *vfs_readdirname(connection_struct *conn, void *p); +int vfs_ChDir(connection_struct *conn, char *path); +char *vfs_GetWd(connection_struct *conn, char *path); +BOOL reduce_name(connection_struct *conn, char *s,char *dir,BOOL widelinks); +#endif + /*The following definitions come from smbwrapper/realcalls.c */ int real_utime(const char *name, struct utimbuf *buf); @@ -4016,6 +4046,14 @@ int smbw_stat_printjob(struct smbw_server *srv,char *path, int smbw_fstat(int fd, struct stat *st); int smbw_stat(const char *fname, struct stat *st); +/*The following definitions come from tdb/spinlock.c */ + +int tdb_spinlock(TDB_CONTEXT *tdb, int list, int rw_type); +int tdb_spinunlock(TDB_CONTEXT *tdb, int list, int rw_type); +int tdb_create_rwlocks(int fd, unsigned int hash_size); +int tdb_clear_spinlocks(TDB_CONTEXT *tdb); +int tdb_clear_spinlocks(TDB_CONTEXT *tdb); + /*The following definitions come from tdb/tdb.c */ void tdb_printfreelist(TDB_CONTEXT *tdb); diff --git a/source3/include/rpc_client_proto.h b/source3/include/rpc_client_proto.h index 4275bf77f3..3b94c37d59 100644 --- a/source3/include/rpc_client_proto.h +++ b/source3/include/rpc_client_proto.h @@ -3,6 +3,35 @@ /* This file is automatically generated with "make proto". DO NOT EDIT */ +/*The following definitions come from lib/util_list.c */ + +BOOL copy_policy_hnd (POLICY_HND *dest, const POLICY_HND *src); +BOOL compare_rpc_hnd_node(const RPC_HND_NODE *x, + const RPC_HND_NODE *y); +BOOL RpcHndList_set_connection(const POLICY_HND *hnd, + struct cli_connection *con); +BOOL RpcHndList_del_connection(const POLICY_HND *hnd); +struct cli_connection* RpcHndList_get_connection(const POLICY_HND *hnd); + +/*The following definitions come from rpc_client/cli_connect.c */ + +void init_connections(void); +void free_connections(void); +void cli_connection_free(struct cli_connection *con); +void cli_connection_unlink(struct cli_connection *con); +BOOL cli_connection_init(const char *srv_name, char *pipe_name, + struct cli_connection **con); +BOOL cli_connection_init_auth(const char *srv_name, char *pipe_name, + struct cli_connection **con, + cli_auth_fns * auth, void *auth_creds); +struct _cli_auth_fns *cli_conn_get_authfns(struct cli_connection *con); +void *cli_conn_get_auth_creds(struct cli_connection *con); +BOOL rpc_hnd_pipe_req(const POLICY_HND * hnd, uint8 op_num, + prs_struct * data, prs_struct * rdata); +BOOL rpc_con_pipe_req(struct cli_connection *con, uint8 op_num, + prs_struct * data, prs_struct * rdata); +BOOL rpc_con_ok(struct cli_connection *con); + /*The following definitions come from rpc_client/cli_login.c */ BOOL cli_nt_setup_creds(struct cli_state *cli, unsigned char mach_pwd[16]); @@ -172,9 +201,35 @@ BOOL do_srv_net_srv_file_enum(struct cli_state *cli, BOOL do_srv_net_srv_get_info(struct cli_state *cli, char *server_name, uint32 switch_value, SRV_INFO_CTR *ctr); +/*The following definitions come from rpc_client/cli_use.c */ + +void init_cli_use(void); +void free_cli_use(void); +struct cli_state *cli_net_use_add(const char *srv_name, + const struct ntuser_creds *usr_creds, + BOOL reuse, BOOL *is_new); +BOOL cli_net_use_del(const char *srv_name, + const struct ntuser_creds *usr_creds, + BOOL force_close, BOOL *connection_closed); +void cli_net_use_enum(uint32 *num_cons, struct use_info ***use); +void cli_use_wait_keyboard(void); + /*The following definitions come from rpc_client/cli_wkssvc.c */ BOOL do_wks_query_info(struct cli_state *cli, char *server_name, uint32 switch_value, WKS_INFO_100 *wks100); + +/*The following definitions come from rpc_client/ncacn_np_use.c */ + +BOOL ncacn_np_use_del(const char *srv_name, const char *pipe_name, + const vuser_key * key, + BOOL force_close, BOOL *connection_closed); +struct ncacn_np *ncacn_np_initialise(struct ncacn_np *msrpc, + const vuser_key * key); +struct ncacn_np *ncacn_np_use_add(const char *pipe_name, + const vuser_key * key, + const char *srv_name, + const struct ntuser_creds *ntc, + BOOL reuse, BOOL *is_new_connection); #endif /* _PROTO_H_ */ diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c index 9aa2be4d2d..87d0f3bb68 100644 --- a/source3/lib/util_seaccess.c +++ b/source3/lib/util_seaccess.c @@ -26,36 +26,8 @@ extern int DEBUGLEVEL; -/* Everyone = S-1-1-0 */ - -static DOM_SID everyone_sid = { - 1, /* sid_rev_num */ - 1, /* num_auths */ - { 0, 0, 0, 0, 0, 1}, /* id_auth[6] */ - { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} /* sub_auth[15] */ -}; - -/* - * Guest token used when there is no NT_USER_TOKEN available. - */ - -/* Guest = S-1-5-32-546 */ - -static DOM_SID guest_sid = { - 1, /* sid_rev_num */ - 2, /* num_auths */ - { 0, 0, 0, 0, 0, 5}, /* id_auth[6] */ - { 32, 546, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} /* sub_auth[15] */ -}; - -static NT_USER_TOKEN guest_token = { - 1, - &guest_sid -}; - /********************************************************************************** Check if this ACE has a SID in common with the token. - The SID "Everyone" always matches. **********************************************************************************/ static BOOL token_sid_in_ace( NT_USER_TOKEN *token, SEC_ACE *ace) @@ -63,8 +35,6 @@ static BOOL token_sid_in_ace( NT_USER_TOKEN *token, SEC_ACE *ace) size_t i; for (i = 0; i < token->num_sids; i++) { - if (sid_equal(&ace->sid, &everyone_sid)) - return True; if (sid_equal(&ace->sid, &token->user_sids[i])) return True; } @@ -200,10 +170,11 @@ static BOOL get_max_access( SEC_ACL *acl, NT_USER_TOKEN *token, uint32 *granted, BOOL se_access_check(SEC_DESC *sd, struct current_user *user, uint32 acc_desired, uint32 *acc_granted, uint32 *status) { + extern NT_USER_TOKEN anonymous_token; size_t i; SEC_ACL *acl; fstring sid_str; - NT_USER_TOKEN *token = user->nt_user_token ? user->nt_user_token : &guest_token; + NT_USER_TOKEN *token = user->nt_user_token ? user->nt_user_token : &anonymous_token; uint32 tmp_acc_desired = acc_desired; if (!status || !acc_granted) diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index 80254318c4..94144bbbd1 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -33,14 +33,17 @@ extern fstring global_myworkgroup; * Some useful sids */ -DOM_SID global_sid_Builtin; /* local well-known domain */ -DOM_SID global_sid_World_Domain; /* everyone */ -DOM_SID global_sid_World; /* everyone */ -DOM_SID global_sid_Creator_Owner_Domain; /* Creator Owner */ -DOM_SID global_sid_Creator_Owner; /* Creator Owner */ -DOM_SID global_sid_NT_Authority; /* NT Authority */ -DOM_SID global_sid_NULL; /* NULL sid */ -DOM_SID global_sid_Builtin_Guests; +DOM_SID global_sid_Builtin; /* Local well-known domain */ +DOM_SID global_sid_World_Domain; /* Everyone domain */ +DOM_SID global_sid_World; /* Everyone */ +DOM_SID global_sid_Creator_Owner_Domain; /* Creator Owner domain */ +DOM_SID global_sid_Creator_Owner; /* Creator Owner */ +DOM_SID global_sid_NT_Authority; /* NT Authority */ +DOM_SID global_sid_NULL; /* NULL sid */ +DOM_SID global_sid_Builtin_Guests; /* Builtin guest users */ +DOM_SID global_sid_Authenticated_Users; /* All authenticated rids */ +DOM_SID global_sid_Network; /* Network rids */ +DOM_SID global_sid_Anonymous; /* Anonymous login */ const DOM_SID *global_sid_everyone = &global_sid_World; @@ -51,12 +54,15 @@ typedef struct _known_sid_users { } known_sid_users; /* static known_sid_users no_users[] = {{0, 0, NULL}}; */ + static known_sid_users everyone_users[] = { { 0, SID_NAME_WKN_GRP, "Everyone" }, {0, (enum SID_NAME_USE)0, NULL}}; + static known_sid_users creator_owner_users[] = { { 0, SID_NAME_ALIAS, "Creator Owner" }, {0, (enum SID_NAME_USE)0, NULL}}; + static known_sid_users nt_authority_users[] = { { 1, SID_NAME_ALIAS, "Dialup" }, { 2, SID_NAME_ALIAS, "Network"}, @@ -70,6 +76,10 @@ static known_sid_users nt_authority_users[] = { { 18, SID_NAME_ALIAS, "SYSTEM"}, { 0, (enum SID_NAME_USE)0, NULL}}; +static known_sid_users builtin_users[] = { + { DOMAIN_USER_RID_ADMIN, SID_NAME_USER, "Administrator" }, + { 0, (enum SID_NAME_USE)0, NULL}}; + static struct sid_name_map_info { DOM_SID *sid; @@ -81,12 +91,24 @@ sid_name_map[] = { &global_sam_sid, global_myname, NULL}, { &global_sam_sid, global_myworkgroup, NULL}, { &global_sid_Builtin, "BUILTIN", NULL}, + { &global_sid_Builtin, "", &builtin_users[0]}, { &global_sid_World_Domain, "", &everyone_users[0] }, { &global_sid_Creator_Owner_Domain, "", &creator_owner_users[0] }, { &global_sid_NT_Authority, "NT Authority", &nt_authority_users[0] }, { NULL, NULL, NULL} }; +/* + * An NT compatible anonymous token. + */ + +static DOM_SID anon_sid_array[3]; + +NT_USER_TOKEN anonymous_token = { + 3, + anon_sid_array +}; + /**************************************************************************** Creates some useful well known sids ****************************************************************************/ @@ -101,6 +123,14 @@ void generate_wellknown_sids(void) string_to_sid(&global_sid_Creator_Owner, "S-1-3-0"); string_to_sid(&global_sid_NT_Authority, "S-1-5"); string_to_sid(&global_sid_NULL, "S-1-0-0"); + string_to_sid(&global_sid_Authenticated_Users, "S-1-5-11"); + string_to_sid(&global_sid_Network, "S-1-5-2"); + string_to_sid(&global_sid_Anonymous, "S-1-5-7"); + + /* Create the anon token. */ + sid_copy( &anonymous_token.user_sids[0], &global_sid_World); + sid_copy( &anonymous_token.user_sids[1], &global_sid_Network); + sid_copy( &anonymous_token.user_sids[2], &global_sid_Anonymous); } /************************************************************************** @@ -210,15 +240,18 @@ BOOL map_domain_name_to_sid(DOM_SID *sid, char *nt_domain) void split_domain_name(const char *fullname, char *domain, char *name) { pstring full_name; - char *p; + char *p, *sep; + + sep = lp_winbind_separator(); *domain = *name = '\0'; - if (fullname[0] == '\\') + if (fullname[0] == sep[0] || fullname[0] == '\\') fullname++; pstrcpy(full_name, fullname); p = strchr(full_name+1, '\\'); + if (!p) p = strchr(full_name+1, sep[0]); if (p != NULL) { *p = 0; diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 7232bffd11..193653a867 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -166,37 +166,56 @@ char *validated_domain(uint16 vuid) Create the SID list for this user. ****************************************************************************/ -NT_USER_TOKEN *create_nt_token(uid_t uid, gid_t gid, int ngroups, gid_t *groups) +NT_USER_TOKEN *create_nt_token(uid_t uid, gid_t gid, int ngroups, gid_t *groups, BOOL is_guest) { + extern DOM_SID global_sid_World; + extern DOM_SID global_sid_Network; + extern DOM_SID global_sid_Builtin_Guests; + extern DOM_SID global_sid_Authenticated_Users; NT_USER_TOKEN *token; DOM_SID *psids; int i, psid_ndx = 0; + size_t num_sids = 0; if ((token = (NT_USER_TOKEN *)malloc( sizeof(NT_USER_TOKEN) ) ) == NULL) return NULL; ZERO_STRUCTP(token); - if ((token->user_sids = (DOM_SID *)malloc( (ngroups + 2)*sizeof(DOM_SID))) == NULL) { + /* We always have uid/gid plus World and Network and Authenticated Users or Guest SIDs. */ + num_sids = 5 + ngroups; + + if ((token->user_sids = (DOM_SID *)malloc( num_sids*sizeof(DOM_SID))) == NULL) { free(token); return NULL; } psids = token->user_sids; - token->num_sids = 2; + sid_copy( &psids[psid_ndx++], &global_sid_World); + sid_copy( &psids[psid_ndx++], &global_sid_Network); - uid_to_sid( &psids[0], uid); - gid_to_sid( &psids[1], gid); + /* + * The only difference between guest and "anonymous" (which we + * don't really support) is the addition of Authenticated_Users. + */ + + if (is_guest) + sid_copy( &psids[psid_ndx++], &global_sid_Builtin_Guests); + else + sid_copy( &psids[psid_ndx++], &global_sid_Authenticated_Users); + + uid_to_sid( &psids[psid_ndx++], uid); + gid_to_sid( &psids[psid_ndx++], gid); for (i = 0; i < ngroups; i++) { if (groups[i] != gid) { - gid_to_sid( &psids[psid_ndx+2], groups[i]); - psid_ndx++; - token->num_sids++; + gid_to_sid( &psids[psid_ndx++], groups[i]); } } + token->num_sids = psid_ndx; + return token; } @@ -257,7 +276,7 @@ uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, get_current_groups( &vuser->n_groups, &vuser->groups); /* Create an NT_USER_TOKEN struct for this user. */ - vuser->nt_user_token = create_nt_token(uid,gid, vuser->n_groups, vuser->groups); + vuser->nt_user_token = create_nt_token(uid,gid, vuser->n_groups, vuser->groups, guest); next_vuid++; num_validated_vuids++; diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 008765cde1..25cadb51b0 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -148,6 +148,8 @@ BOOL become_user(connection_struct *conn, uint16 vuid) */ if((group_c = *lp_force_group(snum))) { + BOOL is_guest = False; + if(group_c == '+') { /* @@ -173,7 +175,10 @@ BOOL become_user(connection_struct *conn, uint16 vuid) * re-create it. */ - token = create_nt_token(uid, gid, current_user.ngroups, current_user.groups); + if (vuser && vuser->guest) + is_guest = True; + + token = create_nt_token(uid, gid, current_user.ngroups, current_user.groups, is_guest); must_free_token = True; } -- cgit