IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
printing/printing.c: Insure fix for malloc of zero.
rpc_parse/parse_misc.c: Enusre UNISTR's are zero filled.
rpc_parse/parse_spoolss.c: Correct INFO_6 - differs between pre-releases of W2K and shipping build.
rpc_server/srv_spoolss_nt.c: Canonicalize printernames.
Jeremy.
on exit. Needed to fix printing.tdb from groving to 300Mb+ if being
driven by smbclient clients that never ask for status... (effective
DOS attack :-).
Jeremy.
username rather than the Unix username. The Windows username will then be
shown in the port monitor regardless of the Unix username used to spool the
job.
- make proto
- addition of function to convert from errno values to NT status codes
(source/lib/error.c)
- purge queue done without full access permission will purge only the
jobs owned by that user, rather than failing.
- unlock job database tdb before sending job to printer
- in print_job_start(), ensure that we don't pick a jobid with an existing
temporary file that may be owned by another user, as it causes silent
failures.
- fixes for printer permission checking for NT5 clients
(source/include/rpc_spoolss.h, source/printing/nt_printing.c,
source/printing/printing.c, source/rpc_server/srv_spoolss_nt.c)
- change from uint8 to 'enum SID_NAME_USE' (source/rpc_server/srv_lsa.c)
- fixed memory leaks for win95 driver download process
(source/smbd/lanman.c)
- properly free prs_structs and dacl in testsuite/printing/psec.c
A user can now pause, resume or delete their own job even if they don't
have the Manage Documents privilege.
Added call to se_access_check() for changing printer properties. The Full
Access privilege is required for the user to perform this.
Several uninitialised variables and memory leaks plugged.
Modified default ACL created on new printers to be Everyone / Print instead
of Everyone / Full Access. This required some random stuffing around with
the value of the revision field to correspond with the ACL that NT produces
when setting the same permission on the printer.
Fixed dodgy function call in printing/printfsp.c
printing/printing.c: priority needs to be 1 not zero (found by checked build).
rpc_server/srv_spoolss_nt.c: Log invalid handle access, also print out if this is a different
pid handle. This will help track down client access after a connection
is closed.
Jeremy.
User details are passed into the printing back end from the spoolss code.
For each print operation these details are checked using the
se_access_check() function using information from the winbind daemon.
Fixed bug in nt_printing_setsec() where the user and group SIDs were
trashed if the permissions were changed from NT. It is necessary to merge
these sids from the previous value of the security descriptor before
storing it in the tdb.
of tdb_{store,get}_int() to store the length of the string key + 1 so the
stored key contains the trailing NULL character. This allows normal
string library routines to manipulate keys.
Also renamed tdb_get_int() to tdb_fetch_int() to keep the set of verbs
consistent.
new open mechanism Andrew & I discussed.
config.sub:
configure: Included the QNX patch.
include/vfs.h:
smbd/vfs-wrap.c:
smbd/vfs.c: Added ftruncate vfs call (needed).
Note that we will also need locking calls in the vfs (to be added).
lib/util_unistr.c:
nmbd/nmbd_processlogon.c: Fix for NT domain logons causing nmbd to core dump.
Also fix for sidsize DOS bug.
locking/locking.c: Check value of ret before using it for memdup.
printing/printing.c: Convert print_fsp_open to return an allocated fsp.
rpc_server/srv_lsa.c: Fix for NT domain logons.
I have removed all use of lp_share_modes() from the code (although I
left the parameter in the table for backwards compatibility). It no longer makes
sense for this to exist.
smbd/close.c: Removed lp_share_modes().
smbd/fileio.c: Fixed parameters to unlock_share_entry call in panic code.
smbd/files.c: Correctly set the unix_ERR_code to ERRnofids on fsp allocation fail.
smbd/nttrans.c:
smbd/reply.c:
smbd/trans2.c: Changed all occurrences of open_file_shared/open_directory/
open_file_stat to return an fsp from the call.
smbd/open.c: Changed all occurrences of open_file_shared/open_directory/
open_file_stat to return an fsp from the call.
In addition I have fixed a long standing race condition in the deny mode
processing w.r.t. two smbd's creating a file. Andrew, please note that
your original idea of using open with O_EXCL in this case would not work
(I went over the races very carefully) and so we must re-check deny modes
*after* the open() call returns. This is because there is a race between
the open with O_EXCL and the lock of the share mode entry. Imagine the
case where the first smbd does the open with O_EXCL and a deny mode of DENY_ALL,
but is pre-empted before it locks the share modes and creates the deny
mode entry for DENY_ALL. A second smbd could then come in with O_RDONLY
and a deny mode of DENY_NONE and the two opens would be allowed.
The *only* way to fix this race is to lock the share modes after the
open and then do the deny mode checks *after* this lock in the case
where the file did not originally exist.
This code will need extensive testing but seems to initially work.
Jeremy.
printing/printing.c: Cast tdb_delete to (tdb_traverse_func) to stop warning.
tmpfile gives mirror warning.
smbd/groupname.c: Remember to file_lines_free() on exit.
tdb/tdb.h: Add tdb_traverse_func typedef.
Jeremy
so swat can get it without linking to the backend code
------------
The following series of commits are for the new tdb based printing
backend. This completely replaces our old printing backend.
Major changes include:
- all print ops are now done in printing/*.c rather than scattered all
over the place
- system job ids are decoupled from SMB job ids
- the lpq parsers don't need to be nearly so smart, they only need to
parse the filename, the status and system job id
- we can store lots more info about a job, including the full job name
- the queue cache control is much better
I also added a new utility routine file_lines_load() that loads a text
file and parses it into lines. This is used in out lpq parsing and I
also want to use it to replace all of our fgets() based code in other
places.
it in print_open_file()
that removes a lot of special cases in open.c and makes the print
handling code much easier to understand.
there is still lots to do in printing.c, but this at least gets
printing separated from the mainline code
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service. the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.
this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).
removed reference to pipes_struct in msrpc services. all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.
created become_vuser() which does everything not related to connection_struct
that become_user() does.
removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.
todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.
had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons. why? because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency. so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc. this is the MINIMUM info identified so far that's
actually implemented. missing bits include the called and calling
netbios names etc. (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.
This code still needs surgery :-(.
Jeremy.
include/smb.h:
param/loadparm.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
printing/printing.c: Added J.F.'s latest fix.
rpc_parse/parse_misc.c:
parse_reg.c:
rpcclient/cmd_reg.c:
rpcclient/display.c: SGI compiler signed/unsigned issues.
smbd/reply.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
utils/testparm.c: Added extra test.
Jeremy.
client/client.c:
client/clitar.c:
include/client.h:
smbwrapper/smbw_dir.c:
smbwrapper/smbw_stat.c:
smbwrapper/smbw.c:
lib/util.c: Converted all use of 'mode' to uint16.
smbd/quotas.c: Fixed stupid comment bug I put in there :-(.
printing/printing.c: Fix from J.F. to new code.
Jeremy.
Added quotas patch for autoconf from Dejan Ilic <svedja@lysator.liu.se>.
printing/printing.c: Filenames with spaces patch from Allan Bjorklund <allan@umich.edu>
utils/nmblookup.c: Fix usage() function.
smbd/reply.c: Split out the security=server and security=domain checks into
check_server_security() and check_domain_security() to aid the
writing of the 'hack' appliance mode invented by John Schimmel.
Jeremy.
to check for stat64 and friends, and then changes much of Samba
to use the data type SMB_OFF_T for file size information.
stat/fstat/lstat/lseek/ftruncate have now become sys_stat etc. to hide
the 64 bit calls if needed.
Note that this still does not expose 64 bit functionality to the
client, as the changes to the reply_xxx smb's are not yet done.
This code change should make these changes possible.
Still to do before full 64 bit-ness to the client:
fcntl lock code.
statfs code
widening of dev_t and ino_t (now possible due to SMB_DEV_T and SMB_OFF_T
types being in place).
Let me know if wierd things happen after this check-in and I'll
fix them :-).
Jeremy.
