IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
response to Bind Acknowledgment needs a lookup table for the PIPE string
(secondary address in RPC_HDR_BA structure).
smbparse.c util.c :
interesting problem, i think caused by us typecasting a uint16* buffer
to char*. found on a SPARC.
and made it private to the 2 shmem implementations. Added new
shmops->hash_size() function.
Added code to handle the IPC system limits by looping decreasing the
size of the resources (semaphores and shared memory) that we request
until we get under the system limits, which can be quite low on some
systems!
Added checks that the creator of the IPC objects is root. Otherwise we
would be open to a security hole where someone pre-creates the shared
memory segment and attaches.
added mode for printing debug array data as chars not uint8/16/32s.
only really useful for (uint8) strings or (uint16) unicode strings
lsaparse.c smbparse.c smb.h :
rpc bind and rpc bind ack structures and parsing and creation functions.
ipc.c pipes.c pipenetlog.c pipentlsa.c pipesrvsvc.c :
using rpc bind / bind ack parsing routines instead of incorrect use of
api_LsarpcTNP1 function.
ntclient.c :
creation of do_rpc_bind() function.
THAT'S IT, FOLKS!
added bind and bind ack structures and parsing functions. restructured
rpc header stuff.
ntclient.c pipenetlog.c pipentlsa.c pipesrvsvc.c :
having to deal with restructuring above.
It will try sysv IPC first, then if that fails it will try mmap(),
then after that it will try share files.
I have defined USE_SYSV_IPC for Linux, Solaris and HPUX at the
moment. Probably a lot more could have it defined. In fact, the vast
majority of systems support it. Need autoconf again :-)
It should actually be faster than the mmap() version, and doesn't need
any lock files. This means the problem of the share mem file being on
a NFS drive will be gone.
updated Query Info Policy to report domain name and domain sid for info levels
3 and 5.
fixed bug in dom_sid_to_string (idauths decoded wrong). fixed bug in DOM_SID:
subauths are 32 bit not 16.
1) the oplock macros in smb.h used | where they should have used
&. This means that smbd thought that all clients were always
requesting oplocks. This would have _really_ confused smbclient
and smbfs when they started receiving async oplock break requests when
they don't even know what an oplock is!
2) an oplock break request from a client can be embedded in a normal
lockingX request, and will be if the client has batched any lock
requests internally. The smbd code assumed that all oplock break
requests had num_locks==num_ulocks==0 which is not true. The only
thing special about a oplock break request with
num_locks==num_ulocks==0 is that no reply is sent. Otherwise it is
processed as a normal locking request in addition to the oplock break
processing.
These two fixes get the MS mail system in Win98 working on a Samba
1.9.18 network drive.
Andrew
adding bits for new nt domain code
byteorder.h :
trying to get macros right, and not to crash on SUNOS5...
client.c :
added #ifdef NTDOMAIN, and created do_nt_login() function. don't
want to have to recompile client.c unless absolutely necessary.
credentials.c :
moved deal_with_creds() [possibly inappropriately] into credentials.c
ipc.c reply.c server.c uid.c :
attempting to make (un)become_root() functions calleable from smbclient.
this is a little tricky: smbclient might have to be another setuid
root program, immediately setuid'ing to non-root, so that we can
reset-uid to root to get at the smbpasswd file. or, have a secure
pipe mechanism to smbd to grab smbpasswd entries. or the like.
smbdes.c smbencrypt.c :
created a function to generate lm and nt owf hashes.
lsaparse.c ntclient.c smbparse.c :
added nt client LSA_AUTH2 code. it works, too!
pipenetlog.c pipentlsa.c pipesrvsvc.c :
simplification. code-shuffling. getting that damn offset right
for the opcode in RPC_HDR.
smb.h :
changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL.
we might need to store the server times as well.
proto.h :
the usual.
adding start of undocumented options to do NT domain logons, client-side.
starting with LSA_REQCHAL.
the code here happily crashes smbd: i'll investigate this further... :-)
smbparse.c pipeutil.c lsaparse.c :
moved some of the common make_xxxx() functions out of pipeutil.c
so that the make_xxxx and (smb/lsa)_io_xxxx functions now sit
together. makes sense, really...
added a make_q_req_chal() function.
restructured make_rpc_reply() and called it make_rpc_hdr(). created
functions create_rpc_reply() and create_rpc_response().
pipenetlog.c pipentlsa.c pipesrvsvc.c
calling new create_rpc_reply() function instead of old make_rpc_reply().
proto.h :
usual.
smb.h:
added enum for RPC_PACKET_TYPE
redid the split that i did a year ago, taking the functions in client.c
out into clientutil.c. guess what? we could now do encrypted password
NetServerEnum2 calls in nmbd, if we wanted to.
i can now use cli_call_api() to send to different pipes. i hope.
pipenetlog.c:
allow adding to users group _and_ to admin group. if adding to
guest group, don't allow adding to users or admin as well.
smb.h :
added some pipe #defines (\PIPE\NETLOGON \PIPE\srvsvc ...)
proto.h :
usual.
added "domain other sids" parameter
pipenetlog.c :
using "domain other sids" parameter in SAM Logon response.
using new name_to_rid() function for r_uid and r_gid.
pipentlsa.c :
minor mods to do with new name_to_rid() function.
pipesrvsvc.c :
in the "net share enum" response, allocate some more space for the buffer.
there can be only 32 share entries in the response anyway. this needs
to be dealt with.
pipeutil.c :
modified name_to_rid() function to use new parameters "domain admin users"
and "domain guest users", but will otherwise do unix uid + 1000.
moved make_dom_gids() here.
proto.h:
the usual.
smb.h smbparse.c :
renamed sid_no to sid_rev_num in DOM_SID, and gid to r_gid in DOM_GID.
util.c :
moved make_dom_gids() from here.
created char *unistrn2(uint16* uni_buffer, int max_len)
added "domain admin users" parameter
added "domain guest users" parameter
these two complement the "domain groups" parameter. the "domain groups"
parameter should be for your own groups, and well-known aliases.
util.c :
added ability to do "domain groups = power_users admin_users backup_ops"
which are well-known RID aliases, not well-known RID groups.
pipenetlog.c :
combine the "domain admin users"; "domain guest users" and "domain groups"
parameters to give an array of RID groups to include in the SAM Logon
response.
ipc.c smb.h :
moved REALLOC() into smb.h
added RID #defines.
proto.h:
usual.
interface
The new code uses a source netbios name equal to the Samba servers
name, not the client name. It also uses NetWkstaUserLogon to do a full
network logon. This means it will honour the servers logon
restrictions (such as login times etc).
The shares modes code is now split into separate files. The shared
memory implementation is in locking_shm.c. The slow implementation is
in locking_slow.c
It is all controlled by a struct share_ops structure that has function
pointers to the implementation of all the functions needed by a share
modes implementation. An initialisation function sets up this
structure. This will make adding new implementations easy and clean.
This also allowed me to get rid of the ugly code in smbstatus. Now
status.c links to the locking code and calls methods in share_ops.
I also renamed some things and generally organised things in a much
cleaner fashion. Defines and structures specific to each
implementation have been moved to the appropriate file and out of
smb.h.
added srvparse.o and pipesrvsvc.o
smb.h :
mods to the Net Share Enum stuff
srvparse.c :
Net Share Enum parsing support. more srvsvc pipe parsing to go here...
pipenetlog.c util.c:
modified standard_sub_basic() so that you can set a global boolean
and use a different string for the %U username substitution.
proto.h:
the usual.
SH_INFO_1
SH_INFO_1_STR
SHARE_INFO_1_CTR
SRV_Q_NET_SHARE_ENUM
SRV_R_NET_SHARE_ENUM
the share info1 container can handle a maximum of 32 shares. the share info1
string structures contain two unicode strings, with 1024 uint16 characters
_each_. we're going to _have_ to dynamically allocate the unicode strings,
else we'll run out of stack space. rapidly.
SAM logon sorting. too many buffer pointers. added in the missing
switch value (value of 3). dealing with the buffer pointers to the
user info structure in a slightly different way.
uni_max_len and uni_str_len are the other way round, in UNIHDR.
util.c :
increased the show_msg() data size from 256 bytes to 512 bytes:
the LSA SAM Logon response can be about 500 bytes long.
pipenetlog.c :
forgot to set the authoritative field to 1.
id_info_1 has a pointer at the front of it. so does return credentials,
and so does the client credentials. these are all from the sam logon.
auth_level is 16 bytes not 32 and is actually called a switch_level.
smbparse.c :
smb_io_unihdr() - uni_max_len and uni_str_len are 16 bytes not 32.
this may have a knock-on effect on smb_in_unihdr2() but we'll see...
whoops, the SAM Logon structure was wrong. updated this, and
cifsntdomain.txt. more debug info in pipenetlog.c. the crash
is somewhere around deal_with_credentials().
byteorder.h :
put in uint8, uint16 and uint32 typecasts around debug info, because
sign extending was resulting in ffffffe8 being displayed instead of e8.
credentials.c :
some debugging info, because i'm tracking a coredump. without gdb.
nothing like making things difficult.
reply.c :
whoops, missed this (important) bit from paul's code, which tells
the NT workstation that the MACHINE$ entry doesn't already exist,
and we're going to create a default entry with a password "machine"
right now.
proto.h:
the usual.
added credentials.c to smbd
credentials.c:
using credential structures instead of char*
password.c uid.c server.c:
added sid and attr to user_struct.
smbdes.c:
smbhash and str_to_key make public instead of private.
pipes.c smb.h:
lsa structures, sub-functions.
proto.h:
usual.
smb.h: Added defines we will need for NT SMB calls.
trans2.c: Fixed SMB_QUERY_FILE_ALT_NAME_INFO return - this is only
for short name returns (and only used when you negotiate NT SMB calls
to boot !).
Jeremy (jallison@whistle.com)
use UTIME structure (defined and commented in smb.h to be time, secs,
since 01jan1970)
pipes.c:
another sub-function.
util.c:
added char *unistr2(uint16 *buff) function. same as unistr except
it takes uint16* instead of char*.
smbparse.c smb.h:
more structure sorting.
proto.h:
the usual.
added lp_domainsid()
lsaparse.c smb.h:
debugging structures and parsing functions
pipes.c:
finally got to the functions that will go into the RPC switch statement.
lsaparse.c: #ifdef'ed out code so this will compile - LUKE PLEASE CHECK THIS.
pipes.c: #ifdef'ed out code so this will compile - LUKE PLEASE CHECK THIS.
server.c: Fixed last known oplock race condition.
smb.h: Re-removed USE_OPLOCK defines - someone checked in an old version.
smbparse.c: #ifdef'ed out code so this will compile - LUKE PLEASE CHECK THIS.
Jeremy (jallison@whistle.com)
more static unused functions in pipes.c for the LSA RPC stream.
smb.h:
corrections and altercations over the documentation
lsaparse.c:
reflecting alterations in LSA structures...
locking.c: Removed USE_OPLOCKS - now the default.
params.c: Removed unused variable.
proto.h: Updated.
reply.c: Removed USE_OPLOCKS - now the default.
server.c: Removed USE_OPLOCKS - now the default.
smb.h: Removed USE_OPLOCKS - now the default.
smbparse.c: Changed shadowed variable.
status.c: Removed USE_OPLOCKS - now the default.
util.c: Removed USE_OPLOCKS - now the default.
Jeremy (jallison@whistle.com)
added more structures, this time for the use in the query and response
of the LSA_XXXX functions. next target: the NTLOGON mailslots (10 minutes
work).
smbparse.c:
tidying. adding some more sub-structure functions.
- recreated, as usual.
smb.h:
- added RPC_HDR structure - the 18 byte MSRPC header
smbparse.c:
- added smb_io_rpc_hdr() function to read/write the RPC_HDR structure.
util.c:
- added align2, align4, align_offset functions.
- added skip_unicode_string, unistrcpy, unistrncpy functions.
- modified unistrcpy and unistrncpy to return the number of unicode
characters returned, effectively making skip_unicode_string redundant.
server.c: Updated after netbench observation. Oplocks must be
broken *before* share modes are checked, not after. Netbench seems
to be working now.
smb.h: Added offsets for oplock break time fields.
trans2.c: Upped debug messages.
util.c: Upped debug messages.
Jeremy (jallison@whistle.com)
Yipeee. At least as far as I can check in a short time :-).
local.h: Changed OPLOCK_BREAK_TIMEOUT to 30 seconds.
locking.c: Big changes to delete oplocks on a share mode entry.
proto.h: updated.
reply.c: Added oplock break code in lockingX reply & readbraw reply.
server.c: Add batch oplock code. Force server shutdown if client fails
to respond to oplock break.
smb.h: Fix silly slow share mode oplock define bug.
status.c: Add oplock status info.
Jeremy (jallison@whistle.com)
