IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
I had to modify sys_select() to not loop on EINTR. I added a wrapper
called sys_select_intr() which gives the old behaviour.
(This used to be commit b28cc4163b)
errors etc.) into locking/posix.c, where it is needed. fcntl_lock in lib/util.c
is now very small and clean.
Added (*lock) op to vfs layer.
Jeremy.
(This used to be commit 46092ee141)
call to ms_fnmatch(). This also removes all the Win9X semantics stuff
and a bunch of other associated cruft.
- moved the stat cache code into statcache.c
- fixed the uint16 alignment requirements of ascii_to_unistr() and
unistr_to_ascii()
- trans2 SMB_FIND_FILE_BOTH_DIRECTORY_INFO returns the short name as
unicode always (at least thats what NT4 does)
- fixed some errors in the in-memory tdb code. Still ugly, but doesn't
crash as much
(This used to be commit 03e9cea004)
We finally have a perfect emulation of Microsoft wildcard
matching. The routine ms_fnmatch() does wildcard matching with all MS
wildcards (including the unicode wildcards), and masktest against a
NT4 workstation with hundreds of thousands of random exmaples has not
found a single error.
amazingly it is only about 60 lines of code, but it has taken us years
to get it right. I didn't sleep much last night :)
(This used to be commit cc9e007cdf)
include/includes.h: Added SMB_BIG_UINT_BITS.
lib/util.c: Removed align2/align4 - use macros.
libsmb/namequery.c: Use ALIGN2.
locking/locking.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T.
Needed to move to hiding POSIX locks at a lower layer.
nmbd/nmbd_processlogon.c: Use ALIGN2/ALIGN4 macros.
smbd/blocking.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T.
smbd/reply.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T.
Jeremy.
(This used to be commit 491eea8a20)
assumption that we have one socket everywhere
while doing so I discovered a few bugs!
1) the clientgen session retarget code if used from smbd or nmbd would
cause a crash as it called close_sockets() which closed our main
socket! fixed by removing close_sockets() completely - it is unnecessary
2) the caching in client_addr() and client_name() was bogus - it could
easily get fooled and give the wrong result. fixed.
3) the retarget could could recurse, allowing an easy denial of
service attack on nmbd. fixed.
(This used to be commit 5937ab14d2)
fixed typo in SPOOLSS_SYNT
some cleanup of unused functions
wrote make_spoolss_enumprinter and make_spoolss_openprinterex for
rpcclient as I'm trying to keep in sync the parsing code between HEAD and
TNG.
Will commit changes to TNG after lunch.
J.F.
(This used to be commit 025cdb345f)
This fixes our netbios scope handling. We now have a 'netbios scope' option
in smb.conf and the scope option is removed from make_nmb_name()
this was prompted by a bug in our PDC finding code where it didn't append
the scope to the query of the '*' name.
(This used to be commit b563be824b)
yamd is much better, and doesn't require any source code changes
if you haven't seen yamd then take a look at
http://www3.hmc.edu/~neldredge/yamd/
its excellent!
(This used to be commit 25b13f8b79)
instead of either sysv or mmap shared memory or lock files.
this means we can now completely remove
locking_shm.c
locking_slow.c
shmem.c
shmem_sysv.c
and lots of other things also got simpler
locking.c got a bit larger, but is much better compartmentalised now
(This used to be commit e48c2d9937)
clash with gnu readline library.
fixed issue with [homes] service not being there - call lp_add_home()
just before starting the msrpc processing.
(This used to be commit 054195df9b)
done a minimal amout of clean-up in the Makefile, removing unnecessary
modules from the link stage. this is not complete, yet, and will
involve some changes, for example to smbd, to remove dependencies on
the password database API that shouldn't be there. for example,
smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa
API.
this first implementation has minor problems with not reinstantiating
the same services as the caller. the "homes" service is a good example.
(This used to be commit caa5052522)
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service. the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.
this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).
removed reference to pipes_struct in msrpc services. all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.
created become_vuser() which does everything not related to connection_struct
that become_user() does.
removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.
todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.
had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons. why? because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency. so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc. this is the MINIMUM info identified so far that's
actually implemented. missing bits include the called and calling
netbios names etc. (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
(This used to be commit aa3c659a8d)
time out of sending the session setup on Solaris 2.6. No idea.
I'll work on it some tomorrow. This is to fix the "Unable to
setup password vectors" thingy.
Also changed an inet_aton() to inet_addr() as the former is
not very portable :-)
Luke, I set the redir flag to false because the connection to
the smb-agent was failing and smbpasswd bombed. Double check me
on this one.
-jc
(This used to be commit e1d2b174ca)
found out that getopt() _must_ have optind set to 0 before reuse.
still haven't decided what to do with the net* api yet...
(This used to be commit 29c480085e)
verified that lsaquery, lsalookupsids work, and found some bugs in the
parameters of these commands :-)
soo... we now have an lsa_* api that has the same arguments as the nt
Lsa* api! cool!
the only significant coding difference is the introduction of a
user_credentials structure, containing user, domain, pass and ntlmssp
flags.
(This used to be commit 57bff6fe82)
spoolss_r_io_enumprinters doesn't decode strings correctly
as printer_info_1/2 code has only been written to write
structures, not read them.
(This used to be commit 135eaa9773)
char*
UNISTR2*
SID*
decided to create a higher-order function set, add_item_to_array()
free_item_array().
higher-order support routines needed to add a new type:
type* item_dup(const type*)
void item_free(type*)
of course, strdup() and free() are perfect, pre-existing examples
of such functions, used in the implementation of add_chars_to_array()
and free_char_array().
sid_dup() and free() work for the add_sids_to_array() and free_sid_array()
implementations.
use unistr2_dup() and created unistr2_free() because the functionality
behind these may change into something horrible, like [horror] dynamic
memory allocation of the UNISTR2 character array. argh!!!!
jean-francois, this function set implements what we talked about over...
a year ago, now :-)
(This used to be commit a80ea2eb47)
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug.
Note that the Get_Pwnam() function now returns a const struct passwd *
as a hint to other developers not to change entries in the struct
passwd.
(This used to be commit 36d7cb4ccc)
- renamed do_lsa_xxx to lsa_xxx
- added "enumgroups [-m]" command, enumerates groups, shows members.
- added cmd_sam_add_groupmem(), need to call these in rpcclient.c
- added cmd_sam_add_aliasmem(), need to call these in rpcclient.c
- modified "enumaliases [-m]" command
- improved "enumgroups" and "enumaliases" to display names not just RIDS/SIDs.
- renamed "samr_unknown_12" to "samr_lookup_rids".
- added the following client-side functions:
get_samr_query_groupmem()
get_samr_query_aliasmem()
get_samr_query_groupinfo()
samr_enum_dom_groups()
samr_enum_dom_aliases()
samr_add_aliasmem()
samr_add_groupmem()
- improved display output (display.c)
(This used to be commit eacc5e581a)
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7)
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.
This code still needs surgery :-(.
Jeremy.
(This used to be commit 18ff93a9ab)
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e609)
should allow us to call a function in swat rather than piping to
smbpasswd.
while doing this I also fixed quite a few "const char *" versus "char *" issues
that cropped up while using const to track down bugs in the code. This
led to changes in several generic functions.
The smbpasswd changes should be correct but they have not been
extensively tested. At least if I have introduced bugs then we should
be able to fix them more easily than before.
(This used to be commit 713864dd03)
client/client.c:
client/clitar.c:
include/client.h:
smbwrapper/smbw_dir.c:
smbwrapper/smbw_stat.c:
smbwrapper/smbw.c:
lib/util.c: Converted all use of 'mode' to uint16.
smbd/quotas.c: Fixed stupid comment bug I put in there :-(.
printing/printing.c: Fix from J.F. to new code.
Jeremy.
(This used to be commit bacd3e9d20)
the reason we don't return() here is that smb_panic() is used not just
for segv but also for detected errors (such as buffer overflows)
(This used to be commit 7a50ca81a5)
lib/util.c: Fixed Luke's set_first_token() function - should return void.
smbd/close.c: Move delete_on_close into file_fd_struct structure.
smbd/ipc.c: Changed local_machine back to fstring.
smbd/nttrans.c: Use defines for mapping share modes.
smbd/open.c: Move delete_on_close into file_fd_struct structure, added code for ALLOW_SHARE_DELETE.
smbd/reply.c: Use defines for mapping share modes.
smbd/trans2.c: Move delete_on_close into file_fd_struct structure.
Jeremy.
(This used to be commit 8e1ce307bd)
smb.tgz file from my portable.
particularly the call to mem_data followed by a realloc of that data in
cli_pipe.c's rpc_read() function.
smbd responses now use p->rdata_i which is a faked-up pointer into
p->rdata's response data. rdata can be very long; rdata_i is limited
to point to no more than max_tsize - 0x18 in length. this will make
it an almost trivial task to add the encrypted rpc headers after
rdata_i, and mem_buf_copy will cope admirably with rhdr chained to
rdata_i chained to auth_verifier etc etc...
(This used to be commit 05a297e3a9)
- removed debug info in struni2 and unistr2 (security risk)
- rpc_pipe function was getting pointer to data then calling realloc *dur*
- password check function, the start of "credential checking",
user, wks, domain, pass as the credentials (not just user,pass which
is incorrect in a domain context)
- cli_write needs to return ssize_t not size_t, because total can be -1
if the write fails.
- fixed signed / unsigned warnings (how come i don't get those any more
when i compile with gcc???)
- nt password change added in smbd. yes, jeremy, i verified that the
SMBtrans2 version still works.
(This used to be commit fcfb40d2b0)
uid_t, gid_t and vuid. Added sys_getgroups() to get
around the int * return problem. Set correct datatypes
for all uid, gid and vuid variables.
Jeremy.
(This used to be commit e570db46fc)
Changes to get Samba to compile cleanly with the IRIX compiler
with the options : -fullwarn -woff 1209,1174 (the -woff options
are to turn off warnings about unused function parameters and
controlling loop expressions being constants).
Split prototype generation as we hit a limit in IRIX nawk.
Removed "." code in smbd/filename.c (yet again :-).
Jeremy.
(This used to be commit e0567433bd)
Added $(PROGS) $(SPROGS) as targets for make clean.
acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES.
configure.in: Added sys/capability.h header check.
Added function checks for srandom random srand rand.
Added HAVE_IRIX_SPECIFIC_CAPABILITIES test.
includes.h: Added #include <sys/capability.h>.
ntdomain.h: Moved struct acct_info into here from smb.h
smb.h: Added KERNEL_OPLOCK_CAPABILITY define.
Moved enum action_type into rpcclient.h
Moved struct cli_state into client.h
Moved struct nt_client_info, struct tar_client_info, struct client_info
into rpcclient.h
lib/genrand.c: Changed to use sys_random() & friends.
lib/smbrun.c: Lose capabilities after fork.
lib/system.c: Added set_process_capability(), set_inherited_process_capability()
sys_random(), sys_srandom().
lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an
32 bit mounted NFS filesystem.
nmbd/nmbd.c: Changed to use sys_random() & friends.
nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends.
passdb/ldap.c: Missed one pdb_encode_acct_ctrl call.
passdb/passdb.c: Changed to Ander's code for ' ' characters.
passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ.
script/mkproto.awk: Added 'long' to prototypes.
smbd/chgpasswd.c: Lose capabilities after fork.
smbd/open.c: Do the mmap *after* the kernel oplock.
smbd/oplock.c: Removed stub code from kernel oplock path.
Added set_process_capability(), set_inherited_process_capability() calls.
smbd/reply.c: Initialize count = 0, offset = 0.
smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls.
tests/summary.c: Ensure we have RANDOM or RAND.
utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ.
utils/torture.c: Changed to use sys_random() & friends.
Jeremy.
(This used to be commit e8be306f23)
on a machine that supports them in autoconf.
Move various functions out of lib/util.c into smbd/process.c
and smbd/oplock.c where they belong.
Jeremy.
(This used to be commit c3c5e13f85)
