1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

184 Commits

Author SHA1 Message Date
Luke Leighton
a3c6e96a22 mods to allow inter-domain trust accounts to be added to SAM database
using smbpasswd command.
(This used to be commit 62d499f832)
1999-03-09 01:21:57 +00:00
Luke Leighton
aecbc5b5d3 oh dear, it's this one again. removed check for MAILSLOT\NTLOGON because
it's wrong.  i've seen a packet from nt client on MAILSLOT\NETLOGON
with appended undocumented unicode tacked on the end and the response
contained undocumented unicode tacked on the end.
(This used to be commit 74c7d626cd)
1999-03-09 01:20:08 +00:00
Matthew Chapman
2737f26ad6 Always null-terminate strings.
Also some string length and sizeof(pointer) corrections.
(This used to be commit ce24191939)
1999-02-15 05:33:30 +00:00
Matthew Chapman
fd96929ec1 UNICODE cleanup (see lib/util_unistr.c).
No more ugly static library buffers and all functions take a destination
string length (especially unistrcpy was rather dangerous; we were only
saved by the fact that datagrams are limited in size).
(This used to be commit a1d39af1ce)
1999-02-12 00:16:09 +00:00
Jeremy Allison
3e7039349f Fix bug with nmbd running wild due to recursion in retransmit_or_expire_response_records().
Jeremy.
(This used to be commit d5f05b4fae)
1998-12-17 21:41:28 +00:00
Luke Leighton
58a0cbc0c8 oops, util_pwdb.c appears to be included in PASSDB_OBJ not LIB_OBJ.
(This used to be commit ca10eb4490)
1998-12-09 16:30:37 +00:00
Luke Leighton
1f989cda94 need to initialise global_myworkgroup
(This used to be commit 501617307f)
1998-12-09 16:23:57 +00:00
Andrew Tridgell
cfba976fc2 removed the SID stuff from the head branch as well.
This allows the removal of PASSDB_OBJ, RPC_CLIENT_OBJ and
RPC_PARSE_OBJ from nmbd in the head branch.

so nmbd just went on a diet :)
(This used to be commit be697c9ef0)
1998-12-09 06:35:37 +00:00
Luke Leighton
8d08fb7323 jean-f spotted race condition on generation of sam sid, from starting
nmbd and smbd.  nmbd is now client: smbd is solely responsible for
creating sam_name.SID
(This used to be commit 50fa4822df)
1998-12-03 17:38:20 +00:00
Luke Leighton
04e382fb16 rpc_samr.h parse_samr.c srv_samr.c :
samr_query_aliasmembers (cool!)

util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c :

	pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID
	if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5)
	to obtain member and pdc sids.
(This used to be commit 3e1eb4f26b)
1998-12-01 19:10:44 +00:00
Luke Leighton
30038de462 weekend work. user / group database API.
- split sam_passwd and smb_passwd into separate higher-order function tables

- renamed struct smb_passwd's "smb_user" to "unix_user".  added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.

NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.

- added query_useraliases code to rpcclient.

- dealt with some nasty interdependencies involving non-smbd programs
and the password database API.  this is still not satisfactorily
resolved completelely, but it's the best i can do for now.

- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.

lots of debugging done, it's still not finished.  the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect.  the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7)
1998-11-29 20:03:33 +00:00
Jeremy Allison
768761820e Added the same open()/fopen()/creat()/mmap() -> sys_XXX calls.
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.

This code still needs surgery :-(.

Jeremy.
(This used to be commit 18ff93a9ab)
1998-11-17 20:50:07 +00:00
Luke Leighton
74d539f557 - group database API. oops and oh dear, the threat has been carried out:
the pre-alpha "domain group" etc parameters have disappeared.

- interactive debug detection

- re-added mem_man (andrew's memory management, detects memory corruption)

- american spellings of "initialise" replaced with english spelling of
  "initialise".

- started on "lookup_name()" and "lookup_sid()" functions.  proper ones.

- moved lots of functions around.  created some modules of commonly used
  code.  e.g the password file locking code, which is used in groupfile.c
  and aliasfile.c and smbpass.c

- moved RID_TYPE_MASK up another bit.  this is really unfortunate, but
  there is no other "fast" way to identify users from groups from aliases.
  i do not believe that this code saves us anything (the multipliers)
  and puts us at a disadvantage (reduces the useable rid space).
  the designers of NT aren't silly: if they can get away with a user-
  interface-speed LsaLookupNames / LsaLookupSids, then so can we.  i
  spoke with isaac at the cifs conference, the only time for example that
  they do a security context check is on file create.  certainly not on
  individual file reads / writes, which would drastically hit their
  performance and ours, too.

- renamed myworkgroup to global_sam_name, amongst other things, when used
  in the rpc code.  there is also a global_member_name, as we are always
  responsible for a SAM database, the scope of which is limited by the role
  of the machine (e.g if a member of a workgroup, your SAM is for _local_
  logins only, and its name is the name of your server.  you even still
  have a SID.  see LsaQueryInfoPolicy, levels 3 and 5).

- updated functionality of groupname.c to be able to cope with names
  like DOMAIN\group and SERVER\alias.  used this code to be able to
  do aliases as well as groups.  this code may actually be better
  off being used in username mapping, too.

- created a connect to serverlist function in clientgen.c and used it
  in password.c

- initialisation in server.c depends on the role of the server.  well,
  it does now.

- rpctorture.  smbtorture.  EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e609)
1998-11-17 16:19:04 +00:00
Jeremy Allison
24ca89bfb0 Removed acconfig.h configure configure.in include/config.h.in: Made smbwrapper not made
by default.
nmbd*: Changed all calls to namestr() to nmbd_namestr() to fix broken FreeBSD include
	   file problem...sigh.
Jeremy.
(This used to be commit 9ee8f39aed)
1998-11-14 01:04:13 +00:00
Jeremy Allison
c082539152 client/client.c: Patch to tidy up file size output.
nmbd/nmbd.c: Someone (a "yank" no doubt :-) Changed instances of "initialise" to
             "initialize". Someone get that man an *English* dictionary.... :-) :-).
Jeremy.
(This used to be commit 6279be7f96)
1998-11-02 18:12:28 +00:00
Luke Leighton
502e2ec3cf removed comment line at end of file
(This used to be commit 5e2fc8b7cc)
1998-11-02 16:20:25 +00:00
Andrew Tridgell
04f2858fd7 took out Lukes change as it breaks domain logons for Win95 clients
(ie. it breaks Sues machine).

Luke, your comment was:

  put unicode strings after SAMLOGON query regardless of whether it's
  an NT mailslot or a non-NT mailslot, after having observed this behaviour
  out of NT machines.

perhaps you could post the relevant tcpdump or netmon capture so we
can see what is going on? I suspect that what you saw isn't exactly
what the win95 boxes are generating. Maybe you saw a GETDCxxx instead
of a GETDC000 ? Maybe we need a switch based on the GETDC request
type?

We won't know unless we see sniffs.
(This used to be commit a2bacc0895)
1998-10-31 07:38:50 +00:00
Christopher R. Hertel
6f61253648 Okay, this is really silly but removing one space from one debug statement
meant that one hex dump would fit within 80 characters in lynx after HTML
conversion.
(This used to be commit c391f076f2)
1998-10-22 22:51:45 +00:00
Christopher R. Hertel
034a12fdcb Minor change.
The debug_browse_data() function does a hex dump of a browser packet.  The
last line is often not a full 16 bytes, which would miss-align the hex
output.  I've added the padding needed to align the hex output.

Chris -)-----
(This used to be commit 9f9b30abab)
1998-10-22 18:07:39 +00:00
Christopher R. Hertel
2356f467d1 Another cosmetic change.
When dumping the wins.dat, this module will also write the database
contents to the log file (don't do this if you have a large wins.dat!).
The output was in a sort of tabular format, except that the asctime()
function was used and it always terminates its output with a newline.

I did a bit of fussing, removed the '\n' character, and did my best to
line up the other columns.  If the output format of asctime() is
different on different systems, then the columns won't line up, but
the output will still look better than it did before.

Chris -)-----
(This used to be commit 57295113fe)
1998-10-22 00:30:41 +00:00
Christopher R. Hertel
88a0a8c088 Changed the debug calls to use the newer debug macros. This allowed me to
break up some very long lines in both the code and the output.  The change
is mostly cosmetic, but should improve log file readability.
(This used to be commit fc4e0148eb)
1998-10-21 17:26:54 +00:00
Luke Leighton
9307940876 fixing smbd encrypted rpcs (data lens, alloc hints, sequence nums argh).
put unicode strings after SAMLOGON query regardless of whether it's
an NT mailslot or a non-NT mailslot, after having observed this behaviour
out of NT machines.
(This used to be commit c101113ec2)
1998-10-21 01:35:01 +00:00
Andrew Tridgell
f36d5c8bbf get type of callback right
(This used to be commit 327eba774e)
1998-10-05 03:53:25 +00:00
Jeremy Allison
0ccf4104a1 Missed one removed multi-statement line. Grrr.
Jeremy.
(This used to be commit 7958787d9b)
1998-09-29 17:17:48 +00:00
Jeremy Allison
da0c1ef08e Fixed bug introduced by me in dead code elimination.
Bug was caused by multiple C statements on a line.
IMHO this is a *BUG* and will be treated as such....
Fixed all such multiple statements in this file.
Jeremy.
(This used to be commit ea3ab46f12)
1998-09-29 17:16:15 +00:00
Alexandre Oliva
a2d7f765e8 get away with dummy and .dummy files
(This used to be commit 90a8a02484)
1998-09-29 04:52:17 +00:00
Jeremy Allison
cf3a9741dc Changes to test in configure if capabilities are enabled on a system.
Changes to get Samba to compile cleanly with the IRIX compiler
with the options : -fullwarn -woff 1209,1174 (the -woff options
are to turn off warnings about unused function parameters and
controlling loop expressions being constants).
Split prototype generation as we hit a limit in IRIX nawk.
Removed "." code in smbd/filename.c (yet again :-).
Jeremy.
(This used to be commit e0567433bd)
1998-09-28 21:43:48 +00:00
Alexandre Oliva
cf971f88ac automated generation of .dummy files for each subdirectory;
dummy.in files are no longer needed, and new directories will be taken
care of automatically, at configure (or config.status --recheck) time
(This used to be commit 237a8e5fe6)
1998-09-28 00:14:36 +00:00
Jeremy Allison
5f7ee36056 Makefile.in: Fixed bug with continuation line causing proto to fail.
Added $(PROGS) $(SPROGS) as targets for make clean.
acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES.
configure.in: Added sys/capability.h header check.
              Added function checks for srandom random srand rand.
              Added HAVE_IRIX_SPECIFIC_CAPABILITIES test.
includes.h: Added #include <sys/capability.h>.
ntdomain.h: Moved struct acct_info into here from smb.h
smb.h: Added KERNEL_OPLOCK_CAPABILITY define.
       Moved enum action_type into rpcclient.h
       Moved struct cli_state into client.h
       Moved struct nt_client_info, struct tar_client_info, struct client_info
             into rpcclient.h
lib/genrand.c: Changed to use sys_random() & friends.
lib/smbrun.c: Lose capabilities after fork.
lib/system.c: Added set_process_capability(), set_inherited_process_capability()
              sys_random(), sys_srandom().
lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an
            32 bit mounted NFS filesystem.
nmbd/nmbd.c: Changed to use sys_random() & friends.
nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends.
passdb/ldap.c: Missed one pdb_encode_acct_ctrl call.
passdb/passdb.c: Changed to Ander's code for ' ' characters.
passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ.
script/mkproto.awk: Added 'long' to prototypes.
smbd/chgpasswd.c: Lose capabilities after fork.
smbd/open.c: Do the mmap *after* the kernel oplock.
smbd/oplock.c: Removed stub code from kernel oplock path.
               Added set_process_capability(), set_inherited_process_capability() calls.
smbd/reply.c: Initialize count = 0, offset = 0.
smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls.
tests/summary.c: Ensure we have RANDOM or RAND.
utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ.
utils/torture.c: Changed to use sys_random() & friends.

Jeremy.
(This used to be commit e8be306f23)
1998-09-25 23:40:49 +00:00
Luke Leighton
66d5d73a5d added rpcclient program
(This used to be commit aa38f39d67)
1998-09-25 21:01:52 +00:00
Alexandre Oliva
ac39ce3eba replace getpass() with getsmbpass() if getsmbpass.c compiles
(This used to be commit 9a5bdf5c1b)
1998-09-21 11:34:44 +00:00
Alexandre Oliva
e649750cb4 major autoconf clean-up
fix problems in builds with srcdir!=builddir
(This used to be commit 1ffc3b807a)
1998-09-21 09:07:08 +00:00
Andrew Tridgell
2e6f6bc7f8 oops ... I got the filenames wrong in my cleanup of the wins database
save, so it started saving weird filenames (from an unitialised
fstring).

chaos reigns!
(This used to be commit 20a550d61e)
1998-09-18 13:52:30 +00:00
Jeremy Allison
1e17cbd2a3 nmbd/nmbd_winsserver.c: Fixed printf style warning.
script/mkproto.awk: Added SMB_BIG_UINT.
Jeremy.
(This used to be commit c22c40f0ca)
1998-09-18 00:12:15 +00:00
Jeremy Allison
ac9b687cc2 configure configure.in: Added tests for fseek64 and ftell64.
config.h.in: Added fseek64 and ftell64.
includes.h: Added definition of SMB_BIG_INTEGER.
smb.h: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
access.c: Tidyup of dbug statement.
system.c: Added sys_fseek and sys_ftell. Changed mode calls to use mode_t.
asyncdns.c: Tidyup of comment.
loadparm.c: Tidyup of set_default_server_announce_type() function definition.
ldap.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
nispass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
smbpass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
smbpassfile.c: Use sys_fseek().
chgpasswd.c: Tidyup of debug statement.
dosmode.c: Changed mode calls to use mode_t.
ipc.c: Removal of dead code.
nttrans.c: Changed mode calls to use mode_t.
open.c: Changed mode calls to use mode_t.
pipes.c: Removal of dead code.
reply.c: Removal of dead code.
trans2.c: Removal of dead code. Changed mode calls to use mode_t.
Jeremy.
(This used to be commit c381d32e3d)
1998-09-17 19:16:12 +00:00
Andrew Tridgell
c8e6aa6dc1 fixed another potential fork bomb where the wins file becomes
non-writeable for some reason.
(This used to be commit 9edd43dcd6)
1998-09-17 08:35:07 +00:00
Andrew Tridgell
d66a657f90 fixed the nmbd fork bomb. It was a silly mistake, as
expected. wins_write_database() didn't exit after doing its stuff, so
when it returned you had two copies of nmbd :)
(This used to be commit 5e6488d483)
1998-09-17 08:27:46 +00:00
Andrew Tridgell
1eef953aca fixed a typo in my last commit
(This used to be commit 31b4048362)
1998-09-17 08:23:00 +00:00
Andrew Tridgell
e959f2e232 fixed a potential problem with wins_write_database() child processes.
In sig_term() we were calling wins_write_database(0) which would fork a
child. This child might then get killed by the same process killing
off the parent. That process would then fork another child etc.

The solution is to pass a "background" flag to wins_write_database(0)
and only fork if this is set.
(This used to be commit 1e1a512e3f)
1998-09-17 06:36:08 +00:00
Andrew Tridgell
42edee90bf fixed a bug in the wins database writer that caused the database to be
written continuously rather than once every 5 seconds (at most).

also changed it to 20 seconds :)
(This used to be commit 1b07de7079)
1998-09-10 04:00:09 +00:00
Christopher R. Hertel
5de3c13680 Copyright notices written to debug logs are now through 1998.
Chris -)-----
(This used to be commit ac13c29d46)
1998-09-09 16:37:54 +00:00
Andrew Tridgell
e9ea36e4d2 tridge the destroyer returns!
prompted by the interpret_security() dead code that Jean-Francois
pointed out I added a make target "finddead" that finds potentially
dead (ie. unused) code. It spat out 304 function names ...

I went through these are deleted many of them, making others static
(finddead also reports functions that are used only in the local
file).

in doing this I have almost certainly deleted some useful code. I may
have even prevented compilation with some compile options. I
apologise. I decided it was better to get rid of this code now and add
back the one or two functions that are needed than to keep all this
baggage.

So, if I have done a bit too much "destroying" then let me know. Keep
the swearing to a minimum :)

One bit I didn't do is the ubibt code. Chris, can you look at that?
Heaps of unused functions there. Can they be made static?
(This used to be commit 2204475c87)
1998-09-05 05:07:05 +00:00
Andrew Tridgell
148691b1c5 we are never interested in SIGPIPE so just ignore (block) it
always. Don't even install a handler.
(This used to be commit 72c383f4b7)
1998-09-02 05:00:47 +00:00
Andrew Tridgell
a2450e6fb3 I looked at the refresh issue a bit more and discovered that Samba
also doesn't switch to a registration if a refresh fails, instead the
name is removed! This makes it even more imortant that a Samba WINS
server accepts refresh requests as registration requests if the name
is not registered. I've gone ahead and implemented this.
(This used to be commit 07f825fc94)
1998-08-31 09:38:50 +00:00
Andrew Tridgell
5e20600e54 minor fixes to the DMB<->DMB sync code. We now get the dmb name from
the local_master name on the unicast subnet if it is unknown.
(This used to be commit 222b6d90e0)
1998-08-31 07:23:11 +00:00
Andrew Tridgell
f8ad53aa03 I realised that my DMB<->DMB sync code has the property that the
amount of network traffic grows as the square of the number of
workgroups. It probably wouldn't have caused problems but to be safe I
changed the code to use random() to decrease the probability of a
DMB<->DMB sync in proportion to the number of known workgroups. This
keeps the nice browse connectivity while making the traffic rise only
linearly with the number of workgroups.
(This used to be commit 685f4ef2e1)
1998-08-31 06:59:23 +00:00
Andrew Tridgell
055e3c88e6 set a maximum name refresh time of 20 minutes.
The previous code was strictly correct, but not very practical. self
names were only refreshed every 3 days. I hit a situation where the
Samba WINS server was restarted after deleting wins.dat and didn't
notice some remote subnets (also running Samba). I realised that the
complete database wouldn't have been rebuilt for 3 days, which is way
too long. In order to recover from WINS restarts we need a much
shorter maximum refresh time.
(This used to be commit 1d23dd0912)
1998-08-31 04:19:31 +00:00
Andrew Tridgell
61b5fd6f32 bounds check next_token() to prevent possible buffer overflows
(This used to be commit 3eade55dc7)
1998-08-31 03:11:42 +00:00
Andrew Tridgell
ab4577f141 added a dest_port parameter to send_mailslot() so we send replies to
the correct port in environments like ip masq.
(This used to be commit 7d455ee637)
1998-08-30 17:04:24 +00:00
Andrew Tridgell
98b0fafc61 a couple of debug lines
(This used to be commit 03d343ddf5)
1998-08-30 16:33:48 +00:00