summaryrefslogtreecommitdiffstats
path: root/source3/lib/access.c
Commit message (Collapse)AuthorAgeFilesLines
* s3-lib Use common lib/socket code for get_interfaces() et alAndrew Bartlett2011-05-081-1/+1
|
* s3:lib/access: normalize IPv4 mapped IPv6 addresses in both directions (bug ↵Stefan Metzmacher2011-04-251-14/+17
| | | | | | #7383) metze
* s3-interfaces: only include interfaces.h where needed.Günther Deschner2011-03-161-0/+1
| | | | Guenther
* s3-build: only include memcache.h where needed.Günther Deschner2010-08-261-0/+1
| | | | Guenther
* s3: Move check_access to cgi.c, its only userVolker Lendecke2010-08-221-81/+0
|
* s3: Replace calls to check_access by allow_accessVolker Lendecke2010-08-221-0/+4
| | | | We already have both the name and address of the client stored now
* s3: Simplify the logic of check_access by an early returnVolker Lendecke2010-08-161-34/+32
|
* s3: Fix some type-punned warningsVolker Lendecke2010-08-161-1/+3
|
* Use sockaddr_storage only where we rely on the size, use sockaddrJelmer Vernooij2008-10-231-1/+1
| | | | | otherwise (to clarify we can also pass in structs smaller than sockaddr_storage, such as sockaddr_in).
* Add data_blob_string_const_null() function that includes the terminatingJelmer Vernooij2008-10-131-3/+3
| | | | | | null byte and use it in Samba 3. This matches the behaviour prior to my data_blob changes.
* lib/access: make list_match() public.Michael Adam2008-08-091-1/+1
| | | | | Michael (This used to be commit 742bedce417c666b5e91d8d0a7dc7682dc62eba2)
* lib/access: make client_match() public.Michael Adam2008-08-091-1/+1
| | | | | Michael (This used to be commit 1b2dec93b635dfd23af78a370c223ea2dd486aa7)
* client[ADDR_INDEX] is an IPv4 mapped to IPv6, butJeremy Allison2008-03-061-5/+21
| | | | | | | | | the list item is not. Try and match the IPv4 part of address only. This will happen a lot on IPv6 enabled systems with IPv4 allow/deny lists in smb.conf. Bug #5311. Jeremy. (This used to be commit 7c3550f82c51ce173b13e568762f728ecb881e85)
* Add a singleton cacheVolker Lendecke2007-12-211-2/+18
| | | | | First user is yp_default_domain (This used to be commit c19363eb77fcc3e1bf3341e6373d38f1e91fc08f)
* I can't get away without a 'length' arg. :-).Jeremy Allison2007-11-031-4/+4
| | | | | Jeremy. (This used to be commit 95d01279a5def709d0a5d5ae7224d6286006d120)
* Stop get_peer_addr() and client_addr() from using globalJeremy Allison2007-11-031-4/+6
| | | | | | statics. Part of my library cleanups. Jeremy. (This used to be commit e848506c858bd16706c1d7f6b4b032005512b8ac)
* Fix reversed bool check for access. Found by kukks.Jeremy Allison2007-10-251-1/+1
| | | | | | Thanks ! Jeremy. (This used to be commit a13e8bd39de978d69666b8aeb884d943885a3605)
* Improve IPv4 detection.Jeremy Allison2007-10-161-1/+1
| | | | | Jeremy. (This used to be commit 2ef50e325c2183385286b994216624dc3a309ff3)
* Fix access control code to be IPv6/v4 protocol independent.Jeremy Allison2007-10-161-151/+200
| | | | | | | Make unix_wild_match() talloc, not pstring based. Next will be name resolution code, and client code. Jeremy. (This used to be commit f6a01b82c5a47957659df08ea84e335dfbba1826)
* Add start of IPv6 implementation. Currently most of this is avoidingJeremy Allison2007-10-101-1/+1
| | | | | | | | | | | IPv6 in winbindd, but moves most of the socket functions that were wrongly in lib/util.c into lib/util_sock.c and provides generic IPv4/6 independent versions of most things. Still lots of work to do, but now I can see how I'll fix the access check code. Nasty part that remains is the name resolution code which is used to returning arrays of in_addr structs. Jeremy. (This used to be commit 3f6bd0e1ec5cc6670f3d08f76fc2cd94c9cd1a08)
* r17408: Let us use netgroups even without a NIS domain but just using filesSimo Sorce2007-10-101-3/+2
| | | | (This used to be commit c065341d3ffc9125514f563c63d416cf7c40375f)
* r7139: trying to reduce the number of diffs between trunk and 3.0; changing ↵Gerald Carter2007-10-101-1/+1
| | | | | | version to 3.0.20pre1 (This used to be commit 9727d05241574042dd3aa8844ae5c701d22e2da1)
* r6149: Fixes bugs #2498 and 2484.Derrell Lipman2007-10-101-1/+1
| | | | | | | | | | | | | | | | | | | 1. using smbc_getxattr() et al, one may now request all access control entities in the ACL without getting all other NT attributes. 2. added the ability to exclude specified attributes from the result set provided by smbc_getxattr() et al, when requesting all attributes, all NT attributes, or all DOS attributes. 3. eliminated all compiler warnings, including when --enable-developer compiler flags are in use. removed -Wcast-qual flag from list, as that is specifically to force warnings in the case of casting away qualifiers. Note: In the process of eliminating compiler warnings, a few nasties were discovered. In the file libads/sasl.c, PRIVATE kerberos interfaces are being used; and in libsmb/clikrb5.c, both PRIAVE and DEPRECATED kerberos interfaces are being used. Someone who knows kerberos should look at these and determine if there is an alternate method of accomplishing the task. (This used to be commit 994694f7f26da5099f071e1381271a70407f33bb)
* r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison2007-10-101-1/+1
| | | | | | | | | | allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
* make sure we use a real network address in case there are extra non-zero ↵Gerald Carter2003-12-081-1/+1
| | | | | | octets in hosts allow/deny (This used to be commit 0348e85177ae90c350659451424ab521a4fc335a)
* fix inverted logic caused by s/strcmp/strequal/; host allow/deny works ↵Gerald Carter2003-12-011-1/+1
| | | | | | again; bug 846 (This used to be commit c816b44a9c1278d756f63044bb3a3bce3afec9b3)
* Simple rename of get_socket_addr to get_peer_addr and get_socket_name toVolker Lendecke2003-11-071-7/+7
| | | | | | | | | | | get_peer_name. This is to get closer to the getsockname/getpeername system functions. Next step will be the %i macro for the local IP address. I still want to play %L-games in times of port 445. Volker (This used to be commit d7162122eaf5d897e5de51604e431bfbaa20e905)
* Put strcasecmp/strncasecmp on the banned list (except for needed callsJeremy Allison2003-10-221-10/+10
| | | | | | | in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. (This used to be commit d7e35dfb9283d560d0ed2ab231f36ed92767dace)
* get rid of some sompiler warnings on IRIXHerb Lewis2003-08-151-2/+1
| | | | (This used to be commit a6a39c61e8228c8b3b7552ab3c61ec3a6a639143)
* round three of CIDR fixes; spotted by Tomoki AONOGerald Carter2003-04-261-3/+2
| | | | (This used to be commit 554026b2084e2371c1ddae7316fbb0b9b76472d4)
* fix byte ordering when using CIDR notation in hosts allow/deny; spotted by ↵Gerald Carter2003-04-181-0/+4
| | | | | | Eloy Paris (This used to be commit 6155144b9f6a8d41675ff8f0564f86420431c142)
* fix CIDR hosts allow/deny notationGerald Carter2003-03-281-1/+1
| | | | (This used to be commit 84707fd95eec260a1cb22a165a0161a075f93ada)
* Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison2002-11-121-86/+79
| | | | | | | dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
* Try to catch up on the code I've put into HEAD that should be in 3.0:Andrew Bartlett2002-10-261-3/+3
| | | | | | | | | | - vorlan's hosts allow with DNS names patch - use x_fileno() in debug.c, not the struct directly. - check for server timeout on password change (was reporting success) - better error/status loggin in both the pam_winbind client and winbindd_pam server code. - (pdb_ldap) don't set the ldap version twice - we do it on every bind anyway. (This used to be commit 9fa1863d8e7788eda83911ca2610754486b33069)
* updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell2002-07-151-2/+18
| | | | (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
* Allow hosts allow/deny to use xx.xx.xx.xx/yy syntax.Jeremy Allison2002-03-271-2/+10
| | | | | Jeremy. (This used to be commit ea60c50109462b35825be1dd3cc6b28f739a1b59)
* If 127.0.0.1 matches both allow & deny then allow. Patch from Steve Langasek ↵Jeremy Allison2002-01-181-1/+7
| | | | | | | vorlon@netexpress.net Jeremy. (This used to be commit 478696e924a5e562965eb21841198c96500027c4)
* More spelling and grammer from Vance. <vance@digital-host.net>Andrew Bartlett2001-10-291-3/+4
| | | | | | | Thanks! Andrew Bartlett (This used to be commit f019bed7663b4a20c1b5ab6b59fcadda17b89acd)
* Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter2001-10-021-2/+0
| | | | (This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
* move to SAFE_FREE()Simo Sorce2001-09-171-1/+1
| | | | (This used to be commit 60e907b7e8e1c008463a88ed2b076344278986ef)
* strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell2001-07-041-5/+5
| | | | | | can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
* fix compiler warningsSimo Sorce2001-06-231-3/+0
| | | | (This used to be commit 7420e2f7898f1d141ba2af3eda07a67862fee842)
* initial support for paramter type P_LISTSimo Sorce2001-06-201-43/+23
| | | | | | | it will avoid problems with lists being longer than 1024 bytes just now only ip list parameters have been converted to the new type (hosts allow, hosts deny, ssl hosts, ssl hosts resign) (This used to be commit e1572f85d6247b760db10825b2fa688d7ed50bd3)
* merge from 2.2Gerald Carter2001-04-201-1/+1
| | | | (This used to be commit f87f3707f3d5f205d0287381d71380264a711666)
* merge from 2.2Gerald Carter2001-04-191-2/+2
| | | | (This used to be commit 79f4c4ad74149f4b1a8a5a82d8ca8d2474a23ab3)
* Removed one samba-bugs ref. from source.Jeremy Allison2001-04-141-1/+1
| | | | | Jeremy. (This used to be commit d40ee1707d1d3cf04358bca7fad16ebc15bd4845)
* merge from 2.2Gerald Carter2001-03-271-8/+71
| | | | (This used to be commit 3a03065b43d073205e421434bc32082c0f9f64da)
* finally got sick of the "extern int Client" code and the stupidAndrew Tridgell2000-04-111-3/+3
| | | | | | | | | | | | | | | | | assumption that we have one socket everywhere while doing so I discovered a few bugs! 1) the clientgen session retarget code if used from smbd or nmbd would cause a crash as it called close_sockets() which closed our main socket! fixed by removing close_sockets() completely - it is unnecessary 2) the caching in client_addr() and client_name() was bogus - it could easily get fooled and give the wrong result. fixed. 3) the retarget could could recurse, allowing an easy denial of service attack on nmbd. fixed. (This used to be commit 5937ab14d222696e40a3fc6f0e6a536f2d7305d3)
* first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1999-12-131-6/+32
| | | | (This used to be commit 453a822a76780063dff23526c35408866d0c0154)
* global change from samba.anu.edu.au to samba.orgAndrew Tridgell1998-11-211-1/+1
| | | | (This used to be commit 42d2509c9fab5c774fd33b9d4b5bd1ee125479c3)