1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Commit Graph

641 Commits

Author SHA1 Message Date
Jeremy Allison
4438d7b57e proto.h: Updated.
server.c: Updated after netbench observation. Oplocks must be
broken *before* share modes are checked, not after. Netbench seems
to be working now.
smb.h: Added offsets for oplock break time fields.
trans2.c: Upped debug messages.
util.c: Upped debug messages.
Jeremy (jallison@whistle.com)
(This used to be commit bc4b70c566)
1997-10-03 03:15:24 +00:00
Andrew Tridgell
a69125bae9 change a debug level in reply.c
change from ERRbaddirectory to ERRbadpath for ENOTDIR errors. This
reverts to the old Samba code. I've done quite a bit of testing
against NT4 and have yet to get it to produce the ERRbaddirectory
error code. Producing ERRbaddirectory made a visual basic application
that was sent to me not run. This might explain some of the "it
doesn't work any more" complaints we've got about 1.9.17.

Jeremy, can you remember how you got NT to produce ERRbaddirectory?
There might be some specific circumstances we need to cover.
(This used to be commit 1ed901ddff)
1997-10-02 14:11:34 +00:00
Jeremy Allison
fbd5dded7d Added debug message for oplock_break().
Jeremy (jallison@whistle.com)
(This used to be commit 4f29dfbc79)
1997-10-02 03:26:07 +00:00
Andrew Tridgell
85097a7c17 change the semantics of hosts allow/hosts deny so that a global
setting applies to all shares regardless of any settings on other
shares. This allows us to immediately drop a connection if it does not
come from a allowed host, without even parsing the first SMB
packet. The next time we get a nasty security hole we can offer people
the option of just setting their hosts allow line.

If we drop a connection in this way we generate a "Not listening for
calling name" response and then exit.


add a per share "oplocks" option in smb.conf. I think its important to
be able to disable oplocks on a per-share basis as there are occasions
then they are definately not wanted, for example when sharing data
between a windows box and a unix application. This also allows us to
tell people "try disabling oplocks" when diagnosing problems.


fix a bug in process_smb(). It was taking the length of the packet
from outbuf, not inbuf (this bug was introduced with the oplocks
code). Jeremy, I assume this wasn't deliberate?
(This used to be commit 44bc9f239a)
1997-10-02 03:14:32 +00:00
Jeremy Allison
c9cf77a6bb Modified some debug messages, moved from 5 -> 8.
Jeremy (jallison@whistle.com)
(This used to be commit cb83c74a6c)
1997-10-02 02:36:11 +00:00
Jeremy Allison
c557bb0517 Fixed problem with oplock_type being set with no port.
Jeremy (jallison@whistle.com)
(This used to be commit 90484db0bf)
1997-10-02 00:57:59 +00:00
Jeremy Allison
5864551aef OPLOCK CHECK-IN - oplocks are now *OPERATIONAL* !!!!
Yipeee. At least as far as I can check in a short time :-).

local.h: Changed OPLOCK_BREAK_TIMEOUT to 30 seconds.
locking.c: Big changes to delete oplocks on a share mode entry.
proto.h: updated.
reply.c: Added oplock break code in lockingX reply & readbraw reply.
server.c: Add batch oplock code. Force server shutdown if client fails
          to respond to oplock break.
smb.h: Fix silly slow share mode oplock define bug.
status.c: Add oplock status info.

Jeremy (jallison@whistle.com)
(This used to be commit 4c83d37239)
1997-10-01 23:32:22 +00:00
Jeremy Allison
a8129c1602 Changed consultant list.
Jeremy (jallison@whistle.com)
(This used to be commit 6dbe5ad80f)
1997-09-30 16:58:52 +00:00
Jeremy Allison
a0cd12e221 dir.c: more pstrcpys.
local.h: Add OPLOCK_BREAK_TIMEOUT.
password.c: Fix for paranoia password server security bug.
proto.h: Updated.
reply.c: Oplock changes.
server.c: Massive oplock changes - nearly there....
smb.h: oplock definitions.
util.c: Add local message processing queues for oplocks.
Jeremy (jallison@whistle.com)
(This used to be commit 92f1553db2)
1997-09-30 02:38:19 +00:00
Jeremy Allison
a5af479e5d Fixed you're -> your text that some pedant complained about :-).
Jeremy (jallison@whistle.com).
(This used to be commit b11833f1bd)
1997-09-26 19:40:12 +00:00
Jeremy Allison
dff16872ca Syncing up current oplock work in progress. #ifdef'ed out
so should have no effect on other work.
Jeremy (jallison@whistle.com)
(This used to be commit 7e3d4c8b21)
1997-09-26 19:26:56 +00:00
Jeremy Allison
d939350de4 Correctly rolled back interface.c (I was working on an older
revision). This will now be the current revision.
Jeremy (jallison@whistle.com)
(This used to be commit eb55ddd5bf)
1997-09-26 19:23:26 +00:00
Jeremy Allison
cef59090bb Adding Andrews buffer overflow fixes into the main branch.
Jeremy (jallison@whistle.com)
(This used to be commit e7eb1f044d)
1997-09-26 18:55:29 +00:00
Andrew Tridgell
5a7b3294db add error string reporting to clitar
(This used to be commit 2c5587a6fe)
1997-09-26 09:06:51 +00:00
Jeremy Allison
776674812b Added missing slow share mode offset defines. Somehow
they got lost.
Jeremy (jallison@whistle.com).
(This used to be commit ce9cdc2f61)
1997-09-25 17:36:21 +00:00
Jeremy Allison
6dd6b1383c Makefile: Removed earlier errors.
includes.h: Added INADDR_LOOPBACK define.
locking.c: More code to support oplocks.
proto.h: Updated.
server.c: More code to support oplocks. Moved processing of an SMB out of
process() into a separate function so it is easier to call from an oplock
break.
smb.h: Added oplock fields.
Jeremy (jallison@whistle.com)
(This used to be commit f46dbaf08e)
1997-09-25 00:25:44 +00:00
Jeremy Allison
81eb442e88 Checkin to sync up oplock development code so that NT
domain development code won't diverge.

Makefile: Fixed make proto (again). Added GLIBC2 fixes for Linux.
includes.h: Added GLIBC2 fixes for Linux.
proto.h: Much tidier.
quotas.c: OSF/1 quota fix.
reply.c: Fix from Ray Frush <frush@engr.colostate.edu> for zero NT timestamps.
server.c util.c: First oplock checkin - nowhere near finished so bracketed
with #ifdef USE_OPLOCKS. Done to make sync with NT domain code easier.
Jeremy (jallison@whistle.com)
(This used to be commit 7dce7d8447)
1997-09-23 19:19:06 +00:00
Luke Leighton
b3c610541b added code from Philip A Prindeville <philipp@enteka.com> which expands
the interfaces option to this:

"interfaces = le0 le1" or "interfaces = all".

it uses SIOCGIFxxxx ioctl calls.
(This used to be commit 39071415ba)
1997-09-23 16:09:12 +00:00
Jeremy Allison
7885239b62 smbclient.1: Added documentation of the username%password environment code.
smb.conf.5: Added 'username level' docs.
Jeremy (jallison@whistle.com)
(This used to be commit b588615b20)
1997-09-19 17:40:11 +00:00
Jeremy Allison
a2d2206cc9 Makefile: Changed proto: target to not include c files not used currently.
Caused proto.h to be from a sorted list of C files.
arcfour.h: Added prototypes.
client.c: Added username%password in environment patch from John Blair <jdblair@frodo.tucc.uab.edu>
loadparm.c: Added username manipulation code from Peter McCool [SMTP:peter@qimr.edu.au]
username.c: Added username manipulation code from Peter McCool [SMTP:peter@qimr.edu.au]
mkproto.awk: Added arc4_key type.
proto.h: Updated & sorted.
Jeremy (jallison@whistle.com)
(This used to be commit 97ed4fea67)
1997-09-19 17:12:08 +00:00
Jeremy Allison
1aa8036b45 Another South American consultant.
(This used to be commit eeb0e88353)
1997-09-19 00:36:01 +00:00
Jeremy Allison
501755a87c Added arcfour code needed for SMB password changing.
Jeremy (jallison@whistle.com)
(This used to be commit 8bc3d13b3d)
1997-09-18 19:56:57 +00:00
Luke Leighton
563cf6f4aa added timestamp to "Denied connection" message.
(This used to be commit f28b14a86c)
1997-09-18 12:47:55 +00:00
Andrew Tridgell
570a5becfc added some debug stuff
(This used to be commit 95184fd1ec)
1997-09-18 07:05:43 +00:00
Andrew Tridgell
102fb71537 John asked the other day about using the tar feature in smbclient to
handle file paths longer than 100 characters (the limit of the normal
tar format).

This patch adds support for producing GNU tar files (which have no
real limit on the path length) in smbclient.

Note that I have only added support for producing GNU tar files, I
haven't added support for accepting them when restoring. I thought I'd
leave that up to John :-)
(This used to be commit d5daf85162)
1997-09-18 06:52:49 +00:00
John Terpstra
1c7df3203c JHT ===> More hacks!
(This used to be commit 0b859fdfac)
1997-09-17 14:54:35 +00:00
John Terpstra
a8064b0f00 JHT ===> Changed behaviour of logon script processing so that all macros
can be used in the logon script parameter definition in the smb.conf
         Globals section. This fixes a problem reported by Jacco de Leeuw
         where OS/2 does not see the %u variable. Jacco suggested using %U
         but we really do want the user for the netlogon share session.
         If this does not do the trick - well we eat our hat! Yeh!
(This used to be commit a7716b2e70)
1997-09-17 13:53:59 +00:00
Jeremy Allison
99517574ca Added documentation for the 'delete veto files' parameter.
Jeremy (jallison@whistle.com)
(This used to be commit c6e736283e)
1997-09-17 01:33:33 +00:00
Jeremy Allison
1590983eb0 Added 'delete veto files' paremeter. Ugly - but the only
way to allow Samba client users to delete directories
containing Mac metafile information (.AppleDouble directories).

Needed for clean integration with netatalk.

Jeremy (jallison@whistle.com)
(This used to be commit 29c6c037dc)
1997-09-17 01:29:53 +00:00
Jeremy Allison
6449fc3b22 Fixing assumtions that malloced memory is zero filled - making
sure it is.
Jeremy (jallison@whistle.com)
(This used to be commit 59ee0d0c7e)
1997-09-16 17:40:17 +00:00
Andrew Tridgell
6ce9192fc2 change the encryption instructions to reflect the fact that the code
is now built in
(This used to be commit 82cfa6bb7c)
1997-09-16 08:31:01 +00:00
Andrew Tridgell
cda707f917 add a cast
(This used to be commit e712c6ed61)
1997-09-16 08:26:33 +00:00
Andrew Tridgell
57c2578cb2 - change generate_challenge() to use md4 instead of des
- move routines about a bit between smbencrypt.c and smbdes.c. Ensure
that there is no entry point for normal DES operation

- add the following comment:

   This code is NOT a complete DES implementation. It implements only
   the minimum necessary for SMB authentication, as used by all SMB
   products (including every copy of Microsoft Windows95 ever sold)

   In particular, it can only do a unchained forward DES pass. This
   means it is not possible to use this code for encryption/decryption
   of data, instead it is only useful as a "hash" algorithm.

   There is no entry point into this code that allows normal DES operation.

   I believe this means that this code does not come under ITAR
   regulations but this is NOT a legal opinion. If you are concerned
   about the applicability of ITAR regulations to this code then you
   should confirm it for yourself (and maybe let me know if you come
   up with a different answer to the one above)
(This used to be commit 35b92e725f)
1997-09-16 04:41:16 +00:00
Andrew Tridgell
72b02acd7e bug fix in the new des code.
I had one of the sbox[] constants wrong, which interestingly gave a
20% chance of the whole algorithm failing.
(This used to be commit 9a42f88a09)
1997-09-16 03:53:54 +00:00
Jeremy Allison
d6ed29012b 2 more consultants.
(This used to be commit e9f460ef0d)
1997-09-15 20:01:35 +00:00
Luke Leighton
9ae8fbdae0 unbecome_domain_master and unbecome_logon_master were announcing
as "dead".  removed this.
(This used to be commit d1f298cd52)
1997-09-15 12:13:16 +00:00
Andrew Tridgell
d55427c85f - if the user already exists then ignore the -add command
- change the way the smbpasswd file is auto-created if it doesn't
exist. It didn't work under IRIX for some unknown reason

The smbpasswd.c code is really a bit of a mess. We should probably
rewrite it sometime.
(This used to be commit 6e3697ad12)
1997-09-15 06:36:55 +00:00
Andrew Tridgell
552818e60e - change a lot of occurances of errno to use strerror(errno). We can't
assume all our users are programmers :-)

- automatically create the smbpasswd file if it doesn't exist when
running smbpasswd.
(This used to be commit 1d2361bd2d)
1997-09-15 05:43:37 +00:00
Andrew Tridgell
ddb2ce9d81 rewrote md4.c from scratch. This implementation should be portable and
doesn't have any worries about RSA copyright.
(This used to be commit a156997166)
1997-09-15 02:49:38 +00:00
Andrew Tridgell
5137b86072 no longer needed
(This used to be commit b04bc7f75e)
1997-09-15 02:47:59 +00:00
Andrew Tridgell
33a003de40 This commit does 3 main things:
1) put the encryption code in by default, with no #ifdef. It is still
disabled by default so you need to add "encrypt passwords = yes" in
smb.conf but at least all binaries will have it.

2) cleanup the kanji code so it compiles with no warnings

3) get rid of lots of uses of ugly non-portable C code. The main
offender being things like "register" but also remove uses of the
"const" keyword as there are compilers out there that don't support it
and even those that do often complain about its usage. Users don't
like warnings :-(

There is still some work to do. We need to replace the md4 code with
our own implementation. The current code (from rfc1186) is PD but is
not very portable. The new RFC (rfc1320) is more portable but adds
copyright restrictions. I'll do a from-scratch MD4 soon.

We also need to test that what I've implemented is portable. It should
be, but I'm too tired right now to test it on anything other than
intel linux.
(This used to be commit db917c62c1)
1997-09-14 16:37:18 +00:00
Andrew Tridgell
58ec10049b This is a written from scratch DES implementation. I couldn't find a
GPLd implementation so I decided to write one.

This version only does DES ecb encryption and isn't very general, so
it may in fact be exempt from ITAR regulations. ITAR regulations do
not prohibit the distribution of code that can be used for
authentication purposes only. This code has no decrypt function so it
would be useless for a normal encryption application and thus may be
ITAR exempt.

It is also very slow, but we don't need it to be fast. It is a literal
implementation from the standard and treats each bit as one byte to
make the code easy to write.
(This used to be commit c2bc073a87)
1997-09-14 16:19:49 +00:00
Jeremy Allison
3469592833 Added fix that means if connecting user sends guest account
with no password they are seen as guest. Previous patch
broke this.

Jeremy (jallison@whistle.com)
(This used to be commit 9a55c49626)
1997-09-12 16:29:36 +00:00
Jeremy Allison
30416c0b8a charcnv.c client.c clitar.c kanji.c kanji.h loadparm.c
mangle.c smb.h util.c:

  Big merge to allow KANJI support to be in the main
binary without explicitly compiling with it.

locking.c: Fix for smbstatus not being able to read files.
namepacket.c: Removed unneccesary debug statement.
trans2.c: Added Luke's proposed fix (ifdefed out until further testing).
nmblookup.c: Fixed bug where query fails and status is done on bogus IP.

Jeremy (jallison@whistle.com)
(This used to be commit 9196255022)
1997-09-11 20:17:32 +00:00
Andrew Tridgell
77df5c87c6 fix a couple of "declaration shadows previous local" warnings.
(This used to be commit c30f6a74d0)
1997-09-11 02:30:00 +00:00
Andrew Tridgell
6da700d77c prototype updates for new functions
(This used to be commit dbf6624360)
1997-09-11 02:19:35 +00:00
Andrew Tridgell
646a721960 add the stdout parameter to lp_dump()
(This used to be commit 77f5bc8705)
1997-09-11 02:19:23 +00:00
Andrew Tridgell
c6d4477628 some minor modifications to loadparm.c to support the necessary
functions for wsmbconf. In particular added some more support routines
(like lp_rename_service()) and make the dump routines take a FILE
pointer rather than assuming stdout
(This used to be commit 6d16501606)
1997-09-11 02:19:04 +00:00
Andrew Tridgell
926f4d9125 cgi.c is a simple set of CGI manipulation routines
wsmbconf.c is a rudimentary web based smb.conf editor. Its really
there just to demonstrate how such an editor can hook into loadparm.c,
I don't expect anyone to actually use it as is.

wsmbstatus.c is a simple web based smbstatus. Its probably broken.
(This used to be commit ced5205f72)
1997-09-11 02:17:16 +00:00
Jeremy Allison
aae64a9317 Added one more consultant.
(This used to be commit 594720c7f3)
1997-09-10 22:36:50 +00:00