diff options
| author | Gerald Carter <jerry@samba.org> | 2007-04-09 16:04:07 +0000 |
|---|---|---|
| committer | Gerald Carter <jerry@samba.org> | 2007-04-09 16:04:07 +0000 |
| commit | 7dcb89c1236f9712f9018744bea2e016b5cdfab9 (patch) | |
| tree | 69b6dd928b31818c82a7368be3cff169cc8b8a61 | |
| parent | 099d375891d4444320bd451486e8bf7d9afdbe0f (diff) | |
| download | samba-7dcb89c1236f9712f9018744bea2e016b5cdfab9.tar.gz samba-7dcb89c1236f9712f9018744bea2e016b5cdfab9.tar.xz samba-7dcb89c1236f9712f9018744bea2e016b5cdfab9.zip | |
r22138: * Sync up with the SAMBA_3_0_25 as of svn r22132.
* Set VERSION to 3.0.25rc1
* Update release notes.
92 files changed, 2034 insertions, 2217 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index a7f02cbf7f0..c6de79d16b2 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,15 +1,16 @@ - ================================== - Release Notes for Samba 3.0.25pre2 - Mar 21, 2007 - ================================== - -This is the second preview release of the Samba 3.0.25 code base -and is provided for testing only. This release is *not* intended -for production servers. There has been a substantial amount -of development since the 3.0.23/3.0.24 series of stable releases. -We would like to ask the Samba community for help in testing -these changes as we work towards the next significant production -upgrade Samba 3.0 release. + ================================= + Release Notes for Samba 3.0.25rc1 + Apr 9, 2007 + ================================= + +This is the first release candidate of the Samba 3.0.25 code base +and is provided for testing only. An RC release means that we are +close to the final release but the code may still have a few +remaining minor bugs. This release is *not* intended for production +servers. There has been a substantial amount of development since +the 3.0.23/3.0.24 series of stable releases. We would like to ask the +Samba community for help in testing these changes as we work towards +the next significant production upgrade Samba 3.0 release. Major features included in the 3.0.25 code base include: @@ -25,7 +26,7 @@ Major features included in the 3.0.25 code base include: plug-in allowing for multiple Unix ACL implements to running side by side on the Same server. o Improved compatibility with Windows Vista clients. - o Man pages for VFS plugins. + o Man pages for VFS plug-ins. Off-line Logons and AD Site Support @@ -46,8 +47,8 @@ initial design document may be found at http://www.samba.org/~idra/samba3_newidmap.pdf -The final 3.0.25 release will include full documentation in the -distributed manpages. +Please refer to the "idmap domains" description in the smb.conf(5) +man page for more details. Dynamic DNS Updates @@ -66,7 +67,144 @@ Support for Additional ACL Modules Samba's POSIX ACL support has been moved inside of the VFS layer which means it is now possible to support multiple ACL implementations -on the same server including NFSv3 and GPFS ACLs. +on the same server including NFSv4 and GPFS ACLs. + + +###################################################################### +Changes +####### + +Changes since 3.0.25pre2 +------------------------ + +commits +------- + +o Jeremy Allison <jra@samba.org> + * Fix connection problem between pre-3.0.25 smbclient and new DFS + server code. + * Fix valgrind errors in credentials.c. + * Fix logic error in CIFS POSIX extensions for open() and mkdir(). + * Fix if logic error when checking for password resets of machine + trust accounts in Samba's passdb. + * Ensure we use the same technique to pull the share mode data out + that locking.c does. + * Fixes buffer parsing in the server side Lanman and RAP calls. + * Fix GetPrinter() info level 3 to fix displaying and setting + security descriptors on printers from WinXP x86_64 clients. + * Return correct error code to the trans2 GetDfsReferral() request + from Vista clients (fixes listing share contents in the Vista + explorer.exe). + * BUG 4486: Fix the exclude_dir parameter in the VFS recycle + plugin. + * Consolidate the become_root_uid_only() calls to only use + become_root(). + * Add vfs_readahead module to deal with the pipe-lined reads + from Vista clients. + * BUG 4404: Fix server SMB/CIFS protocol bugs that broke Vista + clients trying to utilize offline file support. + + +o Gerald (Jerry) Carter <jerry@samba.org> + * Fix unlocking screen savers via pam_winbind. + * Fixes for the Krb5 ticket refresh event handler in winbindd + when using "winbind refresh tickets = yes". + * Ensure that winbindd can resolve SIDs in the the "Unix User" and + "Unix Group" domain. + * BUG 4484: Add more checks to ensure that the %a variable is set + correctly for Vista clients. + * BUG 4439: Fix the object picker dialog when modifying ACLs + on a Samba member server in an AD domain by implementing + server support for the DsRoleGetPrimaryDomainInfo() RPC. + * Don't cache the S-1-22-{1,2} domain SID/uig/gid lookups in + idmap_cache. + + +o Steven Danneman <steven.danneman@isilon.com> + * Memory leak fixes. + * Fix core dump when config file in same directory. + + +o Guenther Deschner <gd@samba.org> + * Fix tdb keynames in netsamlogon_clear_cached_user(). + * Add missing proto_exists dependency for the Winbind NSS target + in the Makefile. + + +o William Jojo <jojowil@hvcc.edu> + * BUG 4447: Fix compile failure on AIX 5.2. + + +o Volker Lendecke <vl@samba.org> + * BUG 4460: Fix compile error in winbind_nss_irix.c. + * Fix Coverity bug reports. + * Fixes buffer parsing in the server side Lanman and RAP calls. + + +o Herb Lewis <herb@samba.org> + * Fix compile error in nmbd_incomingdgrams.c. + + +o Derrell Lipman <derrell@samba.org> + * BUG 4115: Fix for using kerberos logins in libsmbclient.so. + * BUG 4309: Prevent netbios keepalive on port 445 which causes + Vista to disconnect Samba clients. + * Ensure that the libsmbclient example programs link with the + libsmbclient library that's part of the current tree. + + +o Jason Mader <jason@ncac.gwu.edu> + * Various compile warning fixes. + + +o Don McCall <don.mccall@hp.com> + * Fix compile bug in vfs_default on platforms without utimes(). + * HP-UX compile fixes. + + +o Stefan Metzmacher <metze@samba.org> + * POSIX ACL compile warning fixes. + * Fix --with-fhs, where confdir is set to \${sysconfdir} but + sysconfdir wasn't defined in the Makefile. + * Add localstatedir to configure.in for completeness. + + +o Heinrich Mislik <Heinrich.Mislik@univie.ac.at> + * AIX quota fixes. + + +o Lars Mueller <lmuelle@samba.org> + * Merge more proto_exists dependency fixes from SAMBA_3_0. + * Makefile cleanups. + + +o James Peach <jpeach@apple.com> + * Changing the FindFirst response for the UNIX_INFO2 level to + include a length field before the name. + * Add call to chflags(2) in the default VFS module. + + +o Jiri Sasek <jiri.sasek@sun.com> + * Fix incorrect Krb5 linking on Solaris. + + +o Karolin Seeger <ks@sernet.de> + * Fix a compile problem in shadow_copy_test.c. + + +o Simo Sorce <idra@samba.org> + * Remove redundant log messages from idmap_ad.c. + * BUG 3974: Fix ambiguity between the -N option and the -T + tar options. + + +Release Notes for older release follow: + + -------------------------------------------------- + ================================== + Release Notes for Samba 3.0.25pre2 + Mar 21, 2007 + ================================== ###################################################################### @@ -229,63 +367,6 @@ Release Notes for older release follow: Feb 28, 2007 ================================== -Major features included in the 3.0.25 code base include: - - o Significant improvements in the winbind off-line logon support. - o Support for secure DDNS updates as part of the 'net ads join' - process. - o Rewritten IdMap interface which allows for TTL based caching and - per domain backends. - o New plug-in interface for the "winbind nss info" parameter. - o New file change notify subsystem which is able to make use of - inotify on Linux. - o Support for passing Windows security descriptors to a VFS - plug-in allowing for multiple Unix ACL implements to running side - by side on the Same server. - o Improved compatibility with Windows Vista clients. - o Man pages for VFS plugins. - - -Off-line Logons and AD Site Support -=================================== - -Winbind's capability to support offline logons has been greatly -improved with the 3.0.25 release including support for locating -domain controllers asynchronously using Active Directory Site -information. - - -New IdMap Interface for Winbindd -================================ - -The 3.0.25 release of Samba will include a rewritten IdMap interface -for winbindd which replaces the "idmap backend" parameter. The -initial design document may be found at - - http://www.samba.org/~idra/samba3_newidmap.pdf - -The final 3.0.25 release will include full documentation in the -distributed manpages. - - -Dynamic DNS Updates -=================== - -The "net ads join" command is now able to register the host's DNS A -records with Windows 2000 SP4 and 2003 DNS servers. This -feature must be enabled at compile time using the --with-dnsupdate -when running the ./configure script. There is also a related "net ads -dns" command for refreshing a host's records which could be launched -from a dhcp client script when a new IP address is obtained. - - -Support for Additional ACL Modules -================================== - -Samba's POSIX ACL support has been moved inside of the VFS layer -which means it is now possible to support multiple ACL implementations -on the same server including NFSv3 and GPFS ACLs. - ###################################################################### Changes diff --git a/examples/VFS/Makefile.in b/examples/VFS/Makefile.in index 53914994b1c..8869a4f20d3 100644 --- a/examples/VFS/Makefile.in +++ b/examples/VFS/Makefile.in @@ -7,7 +7,15 @@ INSTALLCMD = @INSTALL@ SAMBA_SOURCE = @SAMBA_SOURCE@ SHLIBEXT = @SHLIBEXT@ OBJEXT = @OBJEXT@ -FLAGS = $(CFLAGS) -Iinclude -I$(SAMBA_SOURCE)/include -I$(SAMBA_SOURCE)/popt -I$(SAMBA_SOURCE)/smbwrapper -I. $(CPPFLAGS) -I$(SAMBA_SOURCE) -fPIC +FLAGS = $(CFLAGS) $(CPPFLAGS) -fPIC \ + -Iinclude -I$(SAMBA_SOURCE)/include \ + -I$(SAMBA_SOURCE)/popt \ + -I$(SAMBA_SOURCE)/lib/replace \ + -I$(SAMBA_SOURCE)/lib/talloc \ + -I$(SAMBA_SOURCE)/tdb/include \ + -I$(SAMBA_SOURCE)/smbwrapper \ + -I$(SAMBA_SOURCE)/librpc \ + -I$(SAMBA_SOURCE) -I. prefix = @prefix@ diff --git a/examples/libsmbclient/Makefile b/examples/libsmbclient/Makefile index 11c3b77132d..ee117c9fe92 100644 --- a/examples/libsmbclient/Makefile +++ b/examples/libsmbclient/Makefile @@ -11,7 +11,8 @@ DEFS = -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE CFLAGS = -O0 -g -I$(SAMBA_INCL) $(EXTLIB_INCL) $(DEFS) LDFLAGS = -L/usr/local/samba/lib -LIBSMBCLIENT = /usr/local/samba/lib/libsmbclient.so +#LIBSMBCLIENT = /usr/local/samba/lib/libsmbclient.so +LIBSMBCLIENT = ../../source/bin/libsmbclient.a -ldl -lresolv TESTS= testsmbc \ tree \ @@ -32,39 +33,39 @@ testsmbc: testsmbc.o tree: tree.o @echo Linking tree - @$(CC) `gtk-config --cflags` $(CFLAGS) $(LDFLAGS) -o $@ `gtk-config --libs` $(LIBSMBCLIENT) $< + $(CC) `gtk-config --cflags` $(CFLAGS) $(LDFLAGS) -o $@ $< `gtk-config --libs` $(LIBSMBCLIENT) testacl: testacl.o @echo Linking testacl - @$(CC) `gtk-config --cflags` $(CFLAGS) $(LDFLAGS) -o $@ `gtk-config --libs` $(LIBSMBCLIENT) -lpopt $< + $(CC) `gtk-config --cflags` $(CFLAGS) $(LDFLAGS) -o $@ $< `gtk-config --libs` $(LIBSMBCLIENT) -lpopt testbrowse: testbrowse.o @echo Linking testbrowse - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $< + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt testbrowse2: testbrowse2.o @echo Linking testbrowse2 - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $< + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt teststat: teststat.o @echo Linking teststat - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $< + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt teststat2: teststat2.o @echo Linking teststat2 - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $< + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt testchmod: testchmod.o @echo Linking testchmod - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $< + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt testutime: testutime.o @echo Linking testutime - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $< + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt testread: testread.o @echo Linking testread - @$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(LIBSMBCLIENT) -lpopt $< + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt smbsh: make -C smbwrapper diff --git a/packaging/RedHat-9/README b/packaging/RedHat-9/README deleted file mode 100644 index 646b10dbbbf..00000000000 --- a/packaging/RedHat-9/README +++ /dev/null @@ -1,13 +0,0 @@ -Preparer: Gerald Carter <jerry@samba.org> - -Instructions: Preparing Samba Packages for Red Hat Linux -=============================================================== - -We provide support only for the latest stable release of major -branches (e.g 6.2, 7.3, and 8.0). The makerpms.sh script -supports rpm version 2.x, 3.x, and 4.x - -To produce the RPMS simply type: - - root# sh makerpms.sh - diff --git a/packaging/RedHat-9/filter-requires-samba_rh8.sh b/packaging/RedHat-9/filter-requires-samba_rh8.sh deleted file mode 100755 index 1fe7aca70ae..00000000000 --- a/packaging/RedHat-9/filter-requires-samba_rh8.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh - -/usr/lib/rpm/find-requires $* | grep -E -v '(Net::LDAP|Crypt::SmbHash|CGI|Unicode::MapUTF8)' diff --git a/packaging/RedHat-9/filter-requires-samba_rh9.sh b/packaging/RedHat-9/filter-requires-samba_rh9.sh deleted file mode 100755 index f90085ce359..00000000000 --- a/packaging/RedHat-9/filter-requires-samba_rh9.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -/usr/lib/rpm/perl.req $* | grep -E -v '(Net::LDAP|Crypt::SmbHash|CGI|Unicode::MapUTF8)' - diff --git a/packaging/RedHat-9/makerpms.sh.tmpl b/packaging/RedHat-9/makerpms.sh.tmpl deleted file mode 100644 index e54467f4931..00000000000 --- a/packaging/RedHat-9/makerpms.sh.tmpl +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/sh -# Copyright (C) John H Terpstra 1998-2002 -# Updated for RPM 3 by Jochen Wiedmann, joe@ispsoft.de -# Changed for a generic tar file rebuild by abartlet@pcug.org.au -# Changed by John H Terpstra to build on RH7.2 - should also work for earlier versions jht@samba.org - -# The following allows environment variables to override the target directories -# the alternative is to have a file in your home directory calles .rpmmacros -# containing the following: -# %_topdir /home/mylogin/redhat -# -# Note: Under this directory rpm expects to find the same directories that are under the -# /usr/src/redhat directory -# - -SPECDIR=`rpm --eval %_specdir` -SRCDIR=`rpm --eval %_sourcedir` - -# At this point the SPECDIR and SRCDIR vaiables must have a value! - -USERID=`id -u` -GRPID=`id -g` -VERSION='PVERSION' -REVISION='PREVISION' -SPECFILE="samba3.spec" -RPMVER=`rpm --version | awk '{print $3}'` -RPM="rpm" -echo The RPM Version on this machine is: $RPMVER - -## -## fix the mandir macro -## -case $RPMVER in - [23]*) - sed -e "s/MANDIR_MACRO/\%\{prefix\}\/man/g" < samba.spec > $SPECFILE - ;; - 4*) - sed -e "s/MANDIR_MACRO/\%\{_mandir\}/g" < samba.spec > $SPECFILE - ;; - *) - echo "Unknown RPM version: `rpm --version`" - exit 1 - ;; -esac - -## -## now catch the right command to build an RPM (defaults ro 'rpm' -## -case $RPMVER in - 4.[123]*) - RPM="rpmbuild" - ;; -esac - -echo "RPM build command is \"$RPM\"" - -pushd . -cd ../../source -if [ -f Makefile ]; then - make distclean -fi -popd - -pushd . -cd ../../../ -chown -R ${USERID}.${GRPID} samba-${VERSION}${REVISION} -if [ ! -d samba-${VERSION} ]; then - ln -s samba-${VERSION}${REVISION} samba-${VERSION} || exit 1 -fi -echo -n "Creating samba-${VERSION}.tar.bz2 ... " -tar --exclude=.svn -cf - samba-${VERSION}/. | bzip2 > ${SRCDIR}/samba-${VERSION}.tar.bz2 -echo "Done." -if [ $? -ne 0 ]; then - echo "Build failed!" - exit 1 -fi - -popd - - -/bin/cp -p filter-requires-samba_rh8.sh ${SRCDIR} -/bin/cp -p filter-requires-samba_rh9.sh ${SRCDIR} -chmod 755 ${SRCDIR}/filter-requires-samba_rh?.sh -/bin/cp -av $SPECFILE ${SPECDIR} - -echo Getting Ready to build release package -cd ${SPECDIR} -${RPM} -ba --clean --rmsource $SPECFILE - -echo Done. - diff --git a/packaging/RedHat-9/samba.log b/packaging/RedHat-9/samba.log deleted file mode 100644 index a3c000ea788..00000000000 --- a/packaging/RedHat-9/samba.log +++ /dev/null @@ -1,9 +0,0 @@ -/var/log/samba/*.log /var/log/samba/log.smbd /var/log/samba/log.nmbd { - notifempty - missingok - sharedscripts - copytruncate - postrotate - /bin/kill -HUP `cat /var/run/smbd.pid /var/run/nmbd.pid /var/run/winbindd.pid 2> /dev/null` 2> /dev/null || true - endscript -} diff --git a/packaging/RedHat-9/samba.pamd b/packaging/RedHat-9/samba.pamd deleted file mode 100644 index bf7a5b392ca..00000000000 --- a/packaging/RedHat-9/samba.pamd +++ /dev/null @@ -1,4 +0,0 @@ -auth required /lib/security/pam_pwdb.so nullok -account required /lib/security/pam_pwdb.so -session required /lib/security/pam_pwdb.so -password required /lib/security/pam_pwdb.so # shadow md5 nullok audit diff --git a/packaging/RedHat-9/samba.pamd.stack b/packaging/RedHat-9/samba.pamd.stack deleted file mode 100644 index 6a948f92cbd..00000000000 --- a/packaging/RedHat-9/samba.pamd.stack +++ /dev/null @@ -1,6 +0,0 @@ -#%PAM-1.0 -auth required pam_nologin.so -auth required pam_stack.so service=system-auth -account required pam_stack.so service=system-auth -session required pam_stack.so service=system-auth -password required pam_stack.so service=system-auth diff --git a/packaging/RedHat-9/samba.spec.tmpl b/packaging/RedHat-9/samba.spec.tmpl deleted file mode 100644 index 5de6a5fae65..00000000000 --- a/packaging/RedHat-9/samba.spec.tmpl +++ /dev/null @@ -1,476 +0,0 @@ -## grab the major and minor version of rpm -%define rpm_version `rpm --version | awk '{print $3}' | awk -F. '{print $1$2}'` - -Summary: Samba SMB client and server -Vendor: Samba Team -Name: samba -Version: PVERSION -Release: PRELEASEPRPMREV -License: GNU GPL version 2 -Group: Networking -Source: http://download.samba.org/samba/ftp/samba-%{version}.tar.bz2 - -# Don't depend on Net::LDAP -# one filter for RH 8 and one for 9 -Source998: filter-requires-samba_rh8.sh -Source999: filter-requires-samba_rh9.sh - -Packager: Gerald Carter [Samba-Team] <jerry@samba.org> -Requires: pam openldap krb5-libs cups -BuildRequires: openldap-devel krb5-devel pam-devel cups-devel -Prereq: chkconfig fileutils /sbin/ldconfig -Provides: samba = %{version} -Obsoletes: samba-common, samba-client, samba-swat -BuildRoot: %{_tmppath}/%{name}-%{version}-root -Prefix: /usr - -%description -Samba provides an SMB/CIFS server which can be used to provide -network file and print services to SMB/CIFS clients, including -various versions of MS Windows, OS/2, and other Linux machines. -Samba also provides some SMB clients, which complement the -built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP -(NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS -frame) protocol. - -Samba 3.0 also introduces UNICODE support and kerberos/ldap -integration as a member server in a Windows 2000 domain. - -Please refer to the WHATSNEW.txt document for fixup information. -docs directory for implementation details. - -%changelog -* Mon Nov 18 2002 Gerald Carter <jerry@samba.org> - - removed change log entries since history - is being maintained in CVS - -%prep -%setup - -%build - -# Working around perl dependency problem from docs -# Only > RH 8.0 seems to care here - -echo "rpm_version == %{rpm_version}" -if [ "%{rpm_version}" == "42" ]; then - %define __perl_requires %{SOURCE999} - echo "%{__perl_requires}" -elif [ "%{rpm_version}" == "41" ]; then - %define __find_requires %{SOURCE998} - echo "%{__find_requires}" -fi - -## Build main Samba source -cd source - -%ifarch ia64 -libtoolize --copy --force # get it to recognize IA-64 -autoheader -autoconf -EXTRA="-D_LARGEFILE64_SOURCE" -%endif - -## Get number of cpu's, default for 1 cpu on error -NUMCPU=`grep processor /proc/cpuinfo | wc -l` -if [ $NUMCPU -eq 0 ]; then - NUMCPU=1; -fi - -## run autogen if missing the configure script -if [ ! -f "configure" ]; then - ./autogen.sh -fi - -CFLAGS="$RPM_OPT_FLAGS $EXTRA" ./configure \ - --prefix=%{prefix} \ - --localstatedir=/var \ - --with-configdir=/etc/samba \ - --with-privatedir=/etc/samba \ - --with-fhs \ - --with-quotas \ - --with-smbmount \ - --enable-cups \ - --with-pam \ - --with-pam_smbpass \ - --with-syslog \ - --with-utmp \ - --with-swatdir=%{prefix}/share/swat \ - --with-shared-modules=idmap_rid \ - --with-libsmbclient -make -j${NUMCPU} proto -make -j${NUMCPU} all modules nsswitch/libnss_wins.so -make -j${NUMCPU} debug2html - -# Remove some permission bits to avoid to many dependencies -cd .. -find examples docs -type f | xargs -r chmod -x - -%install -rm -rf $RPM_BUILD_ROOT -mkdir -p $RPM_BUILD_ROOT -mkdir -p $RPM_BUILD_ROOT/sbin -mkdir -p $RPM_BUILD_ROOT/etc/samba -mkdir -p $RPM_BUILD_ROOT/etc/{logrotate.d,pam.d,samba} -mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d -mkdir -p $RPM_BUILD_ROOT%{prefix}/{bin,sbin} -mkdir -p $RPM_BUILD_ROOT%{prefix}/share/swat/{help,include,using_samba} -mkdir -p $RPM_BUILD_ROOT%{prefix}/share/swat/help/using_samba/{figs,gifs} -mkdir -p $RPM_BUILD_ROOTMANDIR_MACRO -mkdir -p $RPM_BUILD_ROOT/var/lib/samba -mkdir -p $RPM_BUILD_ROOT/var/{log,run}/samba -mkdir -p $RPM_BUILD_ROOT/var/spool/samba -mkdir -p $RPM_BUILD_ROOT/lib/security -mkdir -p $RPM_BUILD_ROOT%{prefix}/lib/samba/vfs -mkdir -p $RPM_BUILD_ROOT%{prefix}/{lib,include} - -# Install standard binary files -for i in nmblookup smbget smbclient smbpasswd smbstatus testparm \ - rpcclient smbspool smbcacls smbcontrol wbinfo smbmnt net \ - smbcacls pdbedit eventlogadm tdbbackup smbtree ntlm_auth smbcquotas -do - install -m755 source/bin/$i $RPM_BUILD_ROOT%{prefix}/bin -done - -for i in mksmbpasswd.sh smbtar findsmb -do - install -m755 source/script/$i $RPM_BUILD_ROOT%{prefix}/bin -done - -# Install secure binary files -for i in smbd nmbd swat smbmount smbumount debug2html winbindd -do - install -m755 source/bin/$i $RPM_BUILD_ROOT%{prefix}/sbin -done - -# we need a symlink for mount to recognise the smb and smbfs filesystem types -ln -sf %{prefix}/sbin/smbmount $RPM_BUILD_ROOT/sbin/mount.smbfs -ln -sf %{prefix}/sbin/smbmount $RPM_BUILD_ROOT/sbin/mount.smb - -# This allows us to get away without duplicating code that -# sombody else can maintain for us. -cd source -make DESTDIR=$RPM_BUILD_ROOT \ - BASEDIR=/usr \ - CONFIGDIR=/etc/samba \ - LIBDIR=%{prefix}/lib/samba \ - VARDIR=/var \ - SBINDIR=%{prefix}/sbin \ - BINDIR=%{prefix}/bin \ - MANDIR=MANDIR_MACRO \ - SWATDIR=%{prefix}/share/swat \ - SAMBABOOK=%{prefix}/share/swat/using_samba \ - installman installswat installdat installmodules -cd .. - -## don't duplicate the docs. These are installed with SWAT -rm -rf docs/htmldocs -rm -rf docs/manpages -( cd docs; ln -s %{prefix}/share/swat/help htmldocs ) - - - -# Install the nsswitch wins library -install -m755 source/nsswitch/libnss_wins.so $RPM_BUILD_ROOT/lib -( cd $RPM_BUILD_ROOT/lib; ln -sf libnss_wins.so libnss_wins.so.2 ) - -# Install winbind shared libraries -install -m755 source/nsswitch/libnss_winbind.so $RPM_BUILD_ROOT/lib -( cd $RPM_BUILD_ROOT/lib; ln -sf libnss_winbind.so libnss_winbind.so.2 ) -install -m755 source/bin/pam_winbind.so $RPM_BUILD_ROOT/lib/security - -# Install pam_smbpass.so -install -m755 source/bin/pam_smbpass.so $RPM_BUILD_ROOT/lib/security - -# libsmbclient -install -m 755 source/bin/libsmbclient.so $RPM_BUILD_ROOT%{prefix}/lib/ -install -m 755 source/bin/libsmbclient.a $RPM_BUILD_ROOT%{prefix}/lib/ -install -m 644 source/include/libsmbclient.h $RPM_BUILD_ROOT%{prefix}/include/ - -# libmsrpc -install -m 755 source/bin/libmsrpc.so $RPM_BUILD_ROOT%{prefix}/lib/ -install -m 755 source/bin/libmsrpc.a $RPM_BUILD_ROOT%{prefix}/lib/ -install -m 644 source/include/libmsrpc.h $RPM_BUILD_ROOT%{prefix}/include/ - -# Install the miscellany -install -m755 packaging/RedHat-9/smbprint $RPM_BUILD_ROOT%{prefix}/bin -install -m755 packaging/RedHat-9/smb.init $RPM_BUILD_ROOT/etc/rc.d/init.d/smb -install -m755 packaging/RedHat-9/winbind.init $RPM_BUILD_ROOT/etc/rc.d/init.d/winbind -install -m755 packaging/RedHat-9/smb.init $RPM_BUILD_ROOT%{prefix}/sbin/samba -install -m644 packaging/RedHat-9/samba.log $RPM_BUILD_ROOT/etc/logrotate.d/samba -install -m644 packaging/RedHat-9/smb.conf $RPM_BUILD_ROOT/etc/samba/smb.conf -install -m644 packaging/RedHat-9/smbusers $RPM_BUILD_ROOT/etc/samba/smbusers -install -m644 packaging/RedHat-9/samba.pamd $RPM_BUILD_ROOT/etc/pam.d/samba -install -m644 packaging/RedHat-9/samba.pamd.stack $RPM_BUILD_ROOT/etc/samba/samba.stack -install -m644 packaging/RedHat-9/samba.xinetd $RPM_BUILD_ROOT/etc/samba/samba.xinetd -echo 127.0.0.1 localhost > $RPM_BUILD_ROOT/etc/samba/lmhosts - -# Remove "*.old" files -find $RPM_BUILD_ROOT -name "*.old" -exec rm -f {} \; - -## -## Clean out man pages for tools not installed here -## -rm -f $RPM_BUILD_ROOT/%{_mandir}/man1/editreg.1* -rm -f $RPM_BUILD_ROOT%{_mandir}/man1/log2pcap.1* -rm -f $RPM_BUILD_ROOT%{_mandir}/man1/smbsh.1* -rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/mount.cifs.8* - - -%clean -rm -rf $RPM_BUILD_ROOT - -%post -## -## only needed if this is a new install (not an upgrade) -## -if [ "$1" -eq "1" ]; then - /sbin/chkconfig --add smb - /sbin/chkconfig --add winbind - /sbin/chkconfig smb off - /sbin/chkconfig winbind off -fi - -## -## we only have to wory about this if we are upgrading -## -if [ "$1" -eq "2" ]; then - if [ -f /etc/smb.conf -a ! -f /etc/samba/smb.conf ]; then - echo "Moving old /etc/smb.conf to /etc/samba/smb.conf" - mv /etc/smb.conf /etc/samba/smb.conf - fi - - if [ -f /etc/smbusers -a ! -f /etc/samba/smbusers ]; then - echo "Moving old /etc/smbusers to /etc/samba/smbusers" - mv /etc/smbusers /etc/samba/smbusers - fi - - if [ -f /etc/lmhosts -a ! -f /etc/samba/lmhosts ]; then - echo "Moving old /etc/lmhosts to /etc/samba/lmhosts" - mv /etc/lmhosts /etc/samba/lmhosts - fi - - if [ -f /etc/MACHINE.SID -a ! -f /etc/samba/MACHINE.SID ]; then - echo "Moving old /etc/MACHINE.SID to /etc/samba/MACHINE.SID" - mv /etc/MACHINE.SID /etc/samba/MACHINE.SID - fi - - if [ -f /etc/smbpasswd -a ! -f /etc/samba/smbpasswd ]; then - echo "Moving old /etc/smbpasswd to /etc/samba/smbpasswd" - mv /etc/smbpasswd /etc/samba/smbpasswd - fi - - # - # For 2.2.1 we move the tdb files from /var/lock/samba to /var/cache/samba - # to preserve across reboots. - # - for i in /var/lock/samba/*.tdb; do - if [ -f $i ]; then - newname="/var/lib/samba/`basename $i`" - echo "Moving $i to $newname" - mv $i $newname - fi - done - - # - # For 3.0.1 we move the tdb files from /var/cache/samba to /var/lib/samba - # - echo "Moving tdb files in /var/cache/samba/*.tdb to /var/lib/samba/*.tdb" - for i in /var/cache/samba/*.tdb; do - if [ -f $i ]; then - newname="/var/lib/samba/`basename $i`" - echo "Moving $i to $newname" - mv $i $newname - fi - done -fi - -## -## New things -## - -# Add swat entry to /etc/services if not already there. -if [ ! "`grep ^\s**swat /etc/services`" ]; then - echo 'swat 901/tcp # Add swat service used via inetd' >> /etc/services -fi - -# Add swat entry to /etc/inetd.conf if needed. -if [ -f /etc/inetd.conf ]; then - if [ ! "`grep ^\s*swat /etc/inetd.conf`" ]; then - echo 'swat stream tcp nowait.400 root %{prefix}/sbin/swat swat' >> /etc/inetd.conf - killall -HUP inetd || : - fi -fi - -# Add swat entry to xinetd.d if needed. -if [ -d /etc/xinetd.d -a ! -f /etc/xinetd.d/swat ]; then - mv /etc/samba/samba.xinetd /etc/xinetd.d/swat -else - rm -f /etc/samba/samba.xinetd -fi - -# Install the correct version of the samba pam file -if [ -f /lib/security/pam_stack.so ]; then - echo "Installing stack version of /etc/pam.d/samba..." - mv /etc/samba/samba.stack /etc/pam.d/samba -else - echo "Installing non-stack version of /etc/pam.d/samba..." - rm -f /etc/samba/samba.stack -fi - -## call ldconfig to create the version symlink for libsmbclient.so -/sbin/ldconfig - -%preun -if [ "$1" -eq "0" ] ; then - /sbin/chkconfig --del smb - /sbin/chkconfig --del winbind - - # We want to remove the browse.dat and wins.dat files - # so they can not interfer with a new version of samba! - if [ -e /var/lib/samba/browse.dat ]; then - rm -f /var/lib/samba/browse.dat - fi - if [ -e /var/lib/samba/wins.dat ]; then - rm -f /var/lib/samba/wins.dat - fi - - # Remove the transient tdb files. - if [ -e /var/lib/samba/brlock.tdb ]; then - rm -f /var/lib/samba/brlock.tdb - fi - - if [ -e /var/lib/samba/unexpected.tdb ]; then - rm -f /var/lib/samba/unexpected.tdb - fi - - if [ -e /var/lib/samba/connections.tdb ]; then - rm -f /var/lib/samba/connections.tdb - fi - - if [ -e /var/lib/samba/locking.tdb ]; then - rm -f /var/lib/samba/locking.tdb - fi - - if [ -e /var/lib/samba/messages.tdb ]; then - rm -f /var/lib/samba/messages.tdb - fi -fi - -%postun -# Only delete remnants of samba if this is the final deletion. -if [ "$1" -eq "0" ] ; then - if [ -x /etc/pam.d/samba ]; then - rm -f /etc/pam.d/samba - fi - - if [ -e /var/log/samba ]; then - rm -rf /var/log/samba - fi - - if [ -e /var/lib/samba ]; then - rm -rf /var/lib/samba - fi - - # Remove swat entries from /etc/inetd.conf and /etc/services - cd /etc - tmpfile=/etc/tmp.$$ - if [ -f /etc/inetd.conf ]; then - # preserve inetd.conf permissions. - cp -p /etc/inetd.conf $tmpfile - sed -e '/^[:space:]*swat.*$/d' /etc/inetd.conf > $tmpfile - mv $tmpfile inetd.conf - fi - - # preserve services permissions. - cp -p /etc/services $tmpfile - sed -e '/^[:space:]*swat.*$/d' /etc/services > $tmpfile - mv $tmpfile /etc/services - - # Remove swat entry from /etc/xinetd.d - if [ -f /etc/xinetd.d/swat ]; then - rm -r /etc/xinetd.d/swat - fi -fi - -/sbin/ldconfig - -%files -%defattr(-,root,root) -%doc README COPYING Manifest Read-Manifest-Now -%doc WHATSNEW.txt Roadmap -%doc docs -%doc examples -%{prefix}/sbin/smbd -%{prefix}/sbin/nmbd -%{prefix}/sbin/swat -%{prefix}/bin/smbmnt -%{prefix}/sbin/smbmount -%{prefix}/sbin/smbumount -%{prefix}/sbin/winbindd -%{prefix}/sbin/samba -%{prefix}/sbin/debug2html -/sbin/mount.smbfs -/sbin/mount.smb -%{prefix}/bin/mksmbpasswd.sh -%{prefix}/bin/smbclient -%{prefix}/bin/smbget -%{prefix}/bin/smbspool -%{prefix}/bin/rpcclient -%{prefix}/bin/testparm -%{prefix}/bin/findsmb -%{prefix}/bin/smbstatus -%{prefix}/bin/nmblookup -%{prefix}/bin/smbpasswd -%{prefix}/bin/smbtar -%{prefix}/bin/smbprint -%{prefix}/bin/smbcontrol -%{prefix}/bin/wbinfo -%{prefix}/bin/net -%{prefix}/bin/ntlm_auth -%{prefix}/bin/smbcquotas -%{prefix}/bin/smbcacls -%{prefix}/bin/pdbedit -%{prefix}/bin/eventlogadm -%{prefix}/bin/tdbbackup -%{prefix}/bin/smbtree -%attr(755,root,root) /lib/libnss_wins.s* -%attr(755,root,root) %{prefix}/lib/samba/vfs/*.so -%attr(755,root,root) %{prefix}/lib/samba/auth/*.so -%attr(755,root,root) %{prefix}/lib/samba/charset/*.so -%attr(755,root,root) %{prefix}/lib/samba/idmap/*.so -#%attr(755,root,root) %{prefix}/lib/samba/pdb/*.so -%attr(755,root,root) %{prefix}/lib/samba/*.dat -%attr(755,root,root) %{prefix}/lib/samba/*.msg -%{prefix}/include/libsmbclient.h -%{prefix}/lib/libsmbclient.a -%{prefix}/lib/libsmbclient.so -%{prefix}/include/libmsrpc.h -%{prefix}/lib/libmsrpc.a -%{prefix}/lib/libmsrpc.so -%{prefix}/share/swat/help/* -%{prefix}/share/swat/using_samba/* -%{prefix}/share/swat/include/*.html -%{prefix}/share/swat/images/* -%{prefix}/share/swat/lang/*/help/* -%{prefix}/share/swat/lang/*/images/* -%config(noreplace) /etc/samba/lmhosts -%config(noreplace) /etc/samba/smb.conf -%config(noreplace) /etc/samba/smbusers -/etc/samba/samba.stack -/etc/samba/samba.xinetd -/etc/rc.d/init.d/smb -/etc/rc.d/init.d/winbind -/etc/logrotate.d/samba -%config(noreplace) /etc/pam.d/samba -MANDIR_MACRO/man1/* -MANDIR_MACRO/man5/* -MANDIR_MACRO/man7/* -MANDIR_MACRO/man8/* -%attr(755,root,root) %dir /var/lib/samba -%dir /var/log/samba -%dir /var/run/samba -%attr(1777,root,root) %dir /var/spool/samba -%attr(-,root,root) /lib/libnss_winbind.so* -%attr(-,root,root) /lib/security/pam_winbind.so -%attr(-,root,root) /lib/security/pam_smbpass.so diff --git a/packaging/RedHat-9/samba.xinetd b/packaging/RedHat-9/samba.xinetd deleted file mode 100644 index 8c38b354218..00000000000 --- a/packaging/RedHat-9/samba.xinetd +++ /dev/null @@ -1,15 +0,0 @@ -# default: off -# description: SWAT is the Samba Web Admin Tool. Use swat \ -# to configure your Samba server. To use SWAT, \ -# connect to port 901 with your favorite web browser. -service swat -{ - port = 901 - socket_type = stream - wait = no - only_from = localhost - user = root - server = /usr/sbin/swat - log_on_failure += USERID - disable = yes -} diff --git a/packaging/RedHat-9/smb.conf b/packaging/RedHat-9/smb.conf deleted file mode 100644 index 971ca19c830..00000000000 --- a/packaging/RedHat-9/smb.conf +++ /dev/null @@ -1,271 +0,0 @@ -# This is the main Samba configuration file. You should read the -# smb.conf(5) manual page in order to understand the options listed -# here. Samba has a huge number of configurable options (perhaps too -# many!) most of which are not shown in this example -# -# For a step to step guide on installing, configuring and using samba, -# read the Samba-HOWTO-Collection. This may be obtained from: -# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf -# -# Many working examples of smb.conf files can be found in the -# Samba-Guide which is generated daily and can be downloaded from: -# http://www.samba.org/samba/docs/Samba-Guide.pdf -# -# Any line which starts with a ; (semi-colon) or a # (hash) -# is a comment and is ignored. In this example we will use a # -# for commentry and a ; for parts of the config file that you -# may wish to enable -# -# NOTE: Whenever you modify this file you should run the command "testparm" -# to check that you have not made any basic syntactic errors. -# -#======================= Global Settings ===================================== -[global] - -# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH - workgroup = MYGROUP - -# server string is the equivalent of the NT Description field - server string = Samba Server - -# Security mode. Defines in which mode Samba will operate. Possible -# values are share, user, server, domain and ads. Most people will want -# user level security. See the Samba-HOWTO-Collection for details. - security = user - -# This option is important for security. It allows you to restrict -# connections to machines which are on your local network. The -# following example restricts access to two C class networks and -# the "loopback" interface. For more examples of the syntax see -# the smb.conf man page -; hosts allow = 192.168.1. 192.168.2. 127. - -# If you want to automatically load your printer list rather -# than setting them up individually then you'll need this - load printers = yes - -# you may wish to override the location of the printcap file -; printcap name = /etc/printcap - -# on SystemV system setting printcap name to lpstat should allow -# you to automatically obtain a printer list from the SystemV spool -# system -; printcap name = lpstat - -# It should not be necessary to specify the print system type unless -# it is non-standard. Currently supported print systems include: -# bsd, cups, sysv, plp, lprng, aix, hpux, qnx -; printing = cups - -# Uncomment this if you want a guest account, you must add this to /etc/passwd -# otherwise the user "nobody" is used -; guest account = pcguest - -# this tells Samba to use a separate log file for each machine -# that connects - log file = /usr/local/samba/var/log.%m - -# Put a capping on the size of the log files (in Kb). - max log size = 50 - -# Use password server option only with security = server -# The argument list may include: -# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] -# or to auto-locate the domain controller/s -# password server = * -; password server = <NT-Server-Name> - -# Use the realm option only with security = ads -# Specifies the Active Directory realm the host is part of -; realm = MY_REALM - -# Backend to store user information in. New installations should -# use either tdbsam or ldapsam. smbpasswd is available for backwards -# compatibility. tdbsam requires no further configuration. -; passdb backend = tdbsam - -# Using the following line enables you to customise your configuration -# on a per machine basis. The %m gets replaced with the netbios name -# of the machine that is connecting. -# Note: Consider carefully the location in the configuration file of -# this line. The included file is read at that point. -; include = /usr/local/samba/lib/smb.conf.%m - -# Configure Samba to use multiple interfaces -# If you have multiple network interfaces then you must list them -# here. See the man page for details. -; interfaces = 192.168.12.2/24 192.168.13.2/24 - -# Browser Control Options: -# set local master to no if you don't want Samba to become a master -# browser on your network. Otherwise the normal election rules apply -; local master = no - -# OS Level determines the precedence of this server in master browser -# elections. The default value should be reasonable -; os level = 33 - -# Domain Master specifies Samba to be the Domain Master Browser. This -# allows Samba to collate browse lists between subnets. Don't use this -# if you already have a Windows NT domain controller doing this job -; domain master = yes - -# Preferred Master causes Samba to force a local browser election on startup -# and gives it a slightly higher chance of winning the election -; preferred master = yes - -# Enable this if you want Samba to be a domain logon server for -# Windows95 workstations. -; domain logons = yes - -# if you enable domain logons then you may want a per-machine or -# per user logon script -# run a specific logon batch file per workstation (machine) -; logon script = %m.bat -# run a specific logon batch file per username -; logon script = %U.bat - -# Where to store roving profiles (only for Win95 and WinNT) -# %L substitutes for this servers netbios name, %U is username -# You must uncomment the [Profiles] share below -; logon path = \\%L\Profiles\%U - -# Windows Internet Name Serving Support Section: -# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server -; wins support = yes - -# WINS Server - Tells the NMBD components of Samba to be a WINS Client -# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both -; wins server = w.x.y.z - -# WINS Proxy - Tells Samba to answer name resolution queries on -# behalf of a non WINS capable client, for this to work there must be -# at least one WINS Server on the network. The default is NO. -; wins proxy = yes - -# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names -# via DNS nslookups. The default is NO. - dns proxy = no - -# These scripts are used on a domain controller or stand-alone -# machine to add or delete corresponding unix accounts -; add user script = /usr/sbin/useradd %u -; add group script = /usr/sbin/groupadd %g -; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u -; delete user script = /usr/sbin/userdel %u -; delete user from group script = /usr/sbin/deluser %u %g -; delete group script = /usr/sbin/groupdel %g - - -#============================ Share Definitions ============================== -[homes] - comment = Home Directories - browseable = no - writable = yes - -# Un-comment the following and create the netlogon directory for Domain Logons -; [netlogon] -; comment = Network Logon Service -; path = /usr/local/samba/lib/netlogon -; guest ok = yes -; writable = no -; share modes = no - - -# Un-comment the following to provide a specific roving profile share -# the default is to use the user's home directory -;[Profiles] -; path = /usr/local/samba/profiles -; browseable = no -; guest ok = yes - - -# NOTE: If you have a BSD-style print system there is no need to -# specifically define each individual printer -[printers] - comment = All Printers - path = /usr/spool/samba - browseable = no -# Set public = yes to allow user 'guest account' to print - guest ok = no - writable = no - printable = yes - -# This one is useful for people to share files -;[tmp] -; comment = Temporary file space -; path = /tmp -; read only = no -; public = yes - -# A publicly accessible directory, but read only, except for people in -# the "staff" group -;[public] -; comment = Public Stuff -; path = /home/samba -; public = yes -; writable = yes -; printable = no -; write list = @staff - -# Other examples. -# -# A private printer, usable only by fred. Spool data will be placed in fred's -# home directory. Note that fred must have write access to the spool directory, -# wherever it is. -;[fredsprn] -; comment = Fred's Printer -; valid users = fred -; path = /homes/fred -; printer = freds_printer -; public = no -; writable = no -; printable = yes - -# A private directory, usable only by fred. Note that fred requires write -# access to the directory. -;[fredsdir] -; comment = Fred's Service -; path = /usr/somewhere/private -; valid users = fred -; public = no -; writable = yes -; printable = no - -# a service which has a different directory for each machine that connects -# this allows you to tailor configurations to incoming machines. You could -# also use the %U option to tailor it by user name. -# The %m gets replaced with the machine name that is connecting. -;[pchome] -; comment = PC Directories -; path = /usr/pc/%m -; public = no -; writable = yes - -# A publicly accessible directory, read/write to all users. Note that all files -# created in the directory by users will be owned by the default user, so -# any user with access can delete any other user's files. Obviously this -# directory must be writable by the default user. Another user could of course -# be specified, in which case all files would be owned by that user instead. -;[public] -; path = /usr/somewhere/else/public -; public = yes -; only guest = yes -; writable = yes -; printable = no - -# The following two entries demonstrate how to share a directory so that two -# users can place files there that will be owned by the specific users. In this -# setup, the directory should be writable by both users and should have the -# sticky bit set on it to prevent abuse. Obviously this could be extended to -# as many users as required. -;[myshare] -; comment = Mary's and Fred's stuff -; path = /usr/somewhere/shared -; valid users = mary fred -; public = no -; writable = yes -; printable = no -; create mask = 0765 - - diff --git a/packaging/RedHat-9/smb.init b/packaging/RedHat-9/smb.init deleted file mode 100755 index 9b45ebabb34..00000000000 --- a/packaging/RedHat-9/smb.init +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/sh -# -# chkconfig: 345 81 35 -# description: Starts and stops the Samba smbd and nmbd daemons \ -# used to provide SMB network services. - -# Source function library. -. /etc/rc.d/init.d/functions - -# Source networking configuration. -. /etc/sysconfig/network - -# Check that networking is up. -[ ${NETWORKING} = "no" ] && exit 0 - -CONFIG=/etc/samba/smb.conf - -# Check that smb.conf exists. -[ -f $CONFIG ] || exit 0 - -# See how we were called. -case "$1" in - start) - echo -n "Starting SMB services: " - daemon smbd -D - daemon nmbd -D - echo - touch /var/lock/subsys/smb - ;; - stop) - echo -n "Shutting down SMB services: " - - killproc smbd - killproc nmbd - rm -f /var/lock/subsys/smb - echo "" - ;; - status) - status smbd - status nmbd - ;; - restart) - echo -n "Restarting SMB services: " - $0 stop - $0 start - echo "done." - ;; - *) - echo "Usage: smb {start|stop|restart|status}" - exit 1 -esac - diff --git a/packaging/RedHat-9/smbprint b/packaging/RedHat-9/smbprint deleted file mode 100755 index a0fd2e481b5..00000000000 --- a/packaging/RedHat-9/smbprint +++ /dev/null @@ -1,77 +0,0 @@ -#!/bin/sh - -# This script is an input filter for printcap printing on a unix machine. It -# uses the smbclient program to print the file to the specified smb-based -# server and service. -# For example you could have a printcap entry like this -# -# smb:lp=/dev/null:sd=/usr/spool/smb:sh:if=/usr/local/samba/smbprint -# -# which would create a unix printer called "smb" that will print via this -# script. You will need to create the spool directory /usr/spool/smb with -# appropriate permissions and ownerships for your system. - -# Set these to the server and service you wish to print to -# In this example I have a WfWg PC called "lapland" that has a printer -# exported called "printer" with no password. - -# -# Script further altered by hamiltom@ecnz.co.nz (Michael Hamilton) -# so that the server, service, and password can be read from -# a /var/spool/lpd/PRINTNAME/.config file. -# -# In order for this to work the /etc/printcap entry must include an -# accounting file (af=...): -# -# cdcolour:\ -# :cm=CD IBM Colorjet on 6th:\ -# :sd=/var/spool/lpd/cdcolour:\ -# :af=/var/spool/lpd/cdcolour/acct:\ -# :if=/usr/local/etc/smbprint:\ -# :mx=0:\ -# :lp=/dev/null: -# -# The /usr/var/spool/lpd/PRINTNAME/.config file should contain: -# server=PC_SERVER -# service=PR_SHARENAME -# password="password" -# -# E.g. -# server=PAULS_PC -# service=CJET_371 -# password="" - -# -# Debugging log file, change to /dev/null if you like. -# -# logfile=/tmp/smb-print.log -logfile=/dev/null - - -# -# The last parameter to the filter is the accounting file name. -# Extract the directory name from the file name. -# Concat this with /.config to get the config file. -# -eval acct_file=\${$#} -spool_dir=`dirname $acct_file` -config_file=$spool_dir/.config - -# Should read the following variables set in the config file: -# server -# service -# password -eval `cat $config_file` - -# -# Some debugging help, change the >> to > if you want to same space. -# -echo "server $server, service $service" >> $logfile - -( -# NOTE You may wish to add the line `echo translate' if you want automatic -# CR/LF translation when printing. -# echo translate - echo "print -" - cat -) | /usr/bin/smbclient "\\\\$server\\$service" $password -U $server -N >> $logfile diff --git a/packaging/RedHat-9/smbusers b/packaging/RedHat-9/smbusers deleted file mode 100644 index ae3389f53f8..00000000000 --- a/packaging/RedHat-9/smbusers +++ /dev/null @@ -1,3 +0,0 @@ -# Unix_name = SMB_name1 SMB_name2 ... -root = administrator admin -nobody = guest pcguest smbguest diff --git a/packaging/RedHat-9/winbind.init b/packaging/RedHat-9/winbind.init deleted file mode 100644 index 289ca590834..00000000000 --- a/packaging/RedHat-9/winbind.init +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/sh -# -# chkconfig: 345 91 45 -# description: Starts and stops the Samba winbind daemon to provide \ -# user and group information from a domain controller to linux. - -# Source function library. -if [ -f /etc/init.d/functions ] ; then - . /etc/init.d/functions -elif [ -f /etc/rc.d/init.d/functions ] ; then - . /etc/rc.d/init.d/functions -else - exit 0 -fi - -# Source networking configuration. -. /etc/sysconfig/network - -# Check that networking is up. -[ ${NETWORKING} = "no" ] && exit 0 - -CONFIG=/etc/samba/smb.conf - -# Check that smb.conf exists. -[ -f $CONFIG ] || exit 0 - -start() { - echo -n "Starting Winbind services: " - daemon winbindd - RETVAL=$? - echo - [ $RETVAL -eq 0 ] && touch /var/lock/subsys/winbind || \ - RETVAL=1 - return $RETVAL -} -stop() { - echo -n "Shutting down Winbind services: " - killproc winbindd - RETVAL=$? - echo - [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/winbind - return $RETVAL -} -restart() { - stop - start -} -reload() { - export TMPDIR="/var/tmp" - echo -n "Checking domain trusts: " - killproc winbindd -HUP - RETVAL=$? - echo - return $RETVAL -} -mdkstatus() { - status winbindd -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart) - restart - ;; - reload) - reload - ;; - status) - mdkstatus - ;; - condrestart) - [ -f /var/lock/subsys/winbindd ] && restart || : - ;; - *) - echo "Usage: $0 {start|stop|restart|status|condrestart}" - exit 1 -esac - -exit $? diff --git a/source/Makefile.in b/source/Makefile.in index f27fed1f391..4e2cb5d2d93 100644 --- a/source/Makefile.in +++ b/source/Makefile.in @@ -10,6 +10,8 @@ prefix=@prefix@ exec_prefix=@exec_prefix@ +sysconfdir=@sysconfdir@ +localstatedir=@localstatedir@ datarootdir=@datarootdir@ selftest_prefix=@selftest_prefix@ @@ -124,15 +126,15 @@ LIBADDNS_MINOR=1 FLAGS1 = $(CFLAGS) @FLAGS1@ @SAMBA_CPPFLAGS@ $(CPPFLAGS) FLAGS2 = -FLAGS3 = -FLAGS4 = +FLAGS3 = +FLAGS4 = FLAGS5 = $(FLAGS1) $(FLAGS2) $(FLAGS3) $(FLAGS4) FLAGS = $(ISA) $(FLAGS5) -I$(srcdir)/lib -D_SAMBA_BUILD_=3 PASSWD_FLAGS = -DSMB_PASSWD_FILE=\"$(SMB_PASSWD_FILE)\" -DPRIVATE_DIR=\"$(PRIVATE_DIR)\" PATH_FLAGS1 = -DCONFIGFILE=\"$(CONFIGFILE)\" -DSBINDIR=\"$(SBINDIR)\" PATH_FLAGS2 = $(PATH_FLAGS1) -DBINDIR=\"$(BINDIR)\" -PATH_FLAGS3 = $(PATH_FLAGS2) -DLMHOSTSFILE=\"$(LMHOSTSFILE)\" +PATH_FLAGS3 = $(PATH_FLAGS2) -DLMHOSTSFILE=\"$(LMHOSTSFILE)\" PATH_FLAGS4 = $(PATH_FLAGS3) -DSWATDIR=\"$(SWATDIR)\" -DLOCKDIR=\"$(LOCKDIR)\" -DPIDDIR=\"$(PIDDIR)\" PATH_FLAGS5 = $(PATH_FLAGS4) -DLIBDIR=\"$(LIBDIR)\" \ -DLOGFILEBASE=\"$(LOGFILEBASE)\" -DSHLIBEXT=\"@SHLIBEXT@\" @@ -152,7 +154,7 @@ BIN_PROGS2 = bin/smbcontrol@EXEEXT@ bin/smbtree@EXEEXT@ bin/tdbbackup@EXEEXT@ \ bin/tdbtool@EXEEXT@ BIN_PROGS3 = bin/smbpasswd@EXEEXT@ bin/rpcclient@EXEEXT@ bin/smbcacls@EXEEXT@ \ bin/profiles@EXEEXT@ bin/ntlm_auth@EXEEXT@ \ - bin/smbcquotas@EXEEXT@ bin/eventlogadm@EXEEXT@ + bin/smbcquotas@EXEEXT@ bin/eventlogadm@EXEEXT@ TORTURE_PROGS = bin/smbtorture@EXEEXT@ bin/msgtest@EXEEXT@ \ bin/masktest@EXEEXT@ bin/locktest@EXEEXT@ \ @@ -166,10 +168,12 @@ EVERYTHING_PROGS = bin/debug2html@EXEEXT@ bin/smbfilter@EXEEXT@ \ bin/talloctort@EXEEXT@ bin/replacetort@EXEEXT@ \ bin/log2pcap@EXEEXT@ bin/sharesec@EXEEXT@ -SHLIBS = @SHLIB_PROGS@ @LIBSMBCLIENT@ @LIBSMBSHAREMODES@ @LIBMSRPC@ @LIBADDNS@ +SHLIBS = @LIBSMBCLIENT@ @LIBSMBSHAREMODES@ @LIBMSRPC@ @LIBADDNS@ PAM_MODULES = @PAM_MODULES@ +NSS_MODULES = @WINBIND_WINS_NSS@ @WINBIND_NSS@ + SCRIPTS = $(srcdir)/script/smbtar $(builddir)/script/findsmb VFS_MODULES = @VFS_MODULES@ @@ -263,11 +267,11 @@ READLINE_OBJ = lib/readline.o # Also depends on $(SECRETS_OBJ) $(LIBSAMBA_OBJ) # Be sure to include them into your application -POPT_LIB_OBJ = lib/popt_common.o +POPT_LIB_OBJ = lib/popt_common.o PARAM_OBJ = dynconfig.o param/loadparm.o param/params.o lib/sharesec.o -KRBCLIENT_OBJ = libads/kerberos.o libads/ads_status.o +KRBCLIENT_OBJ = libads/kerberos.o libads/ads_status.o LIBADDNS_OBJ0 = libaddns/dnsrecord.o libaddns/dnsutils.o libaddns/dnssock.o \ libaddns/dnsgss.o libaddns/dnsmarshall.o @@ -284,9 +288,9 @@ LIBADS_OBJ = libads/ldap.o libads/ldap_printer.o libads/sasl.o \ libads/authdata.o libads/cldap.o LIBADS_SERVER_OBJ = libads/util.o libads/kerberos_verify.o \ - libads/ldap_schema.o + libads/ldap_schema.o -SECRETS_OBJ = passdb/secrets.o passdb/machine_sid.o +SECRETS_OBJ = passdb/secrets.o passdb/machine_sid.o LIBNMB_OBJ = libsmb/unexpected.o libsmb/namecache.o libsmb/nmblib.o \ libsmb/namequery.o libsmb/conncache.o libads/dns.o @@ -323,7 +327,7 @@ REGISTRY_OBJ = registry/reg_frontend.o registry/reg_cachehook.o registry/reg_pri registry/reg_db.o registry/reg_eventlog.o registry/reg_shares.o \ registry/reg_util.o registry/reg_dynamic.o registry/reg_perfcount.o -RPC_LSA_OBJ = rpc_server/srv_lsa.o rpc_server/srv_lsa_nt.o +RPC_LSA_OBJ = rpc_server/srv_lsa.o rpc_server/srv_lsa_nt.o RPC_NETLOG_OBJ = rpc_server/srv_netlog.o rpc_server/srv_netlog_nt.o @@ -349,7 +353,7 @@ RPC_NTSVCS_OBJ = rpc_server/srv_ntsvcs.o rpc_server/srv_ntsvcs_nt.o RPC_DFS_OBJ = rpc_server/srv_dfs.o rpc_server/srv_dfs_nt.o -RPC_SPOOLSS_OBJ = rpc_server/srv_spoolss.o rpc_server/srv_spoolss_nt.o +RPC_SPOOLSS_OBJ = rpc_server/srv_spoolss.o rpc_server/srv_spoolss_nt.o RPC_EVENTLOG_OBJ = rpc_server/srv_eventlog.o rpc_server/srv_eventlog_nt.o rpc_server/srv_eventlog_lib.o @@ -425,6 +429,7 @@ VFS_PREALLOC_OBJ = modules/vfs_prealloc.o VFS_COMMIT_OBJ = modules/vfs_commit.o VFS_GPFS_OBJ = modules/vfs_gpfs.o modules/gpfs.o modules/nfs4_acls.o VFS_NOTIFY_FAM_OBJ = modules/vfs_notify_fam.o +VFS_READAHEAD_OBJ = modules/vfs_readahead.o PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o @@ -485,7 +490,7 @@ PRINTING_OBJ = printing/pcap.o printing/print_svid.o printing/print_aix.o \ printing/print_iprint.o printing/print_test.o PRINTBASE_OBJ = printing/notify.o printing/printing_db.o -PRINTBACKEND_OBJ = printing/printing.o printing/nt_printing.o $(PRINTBASE_OBJ) +PRINTBACKEND_OBJ = printing/printing.o printing/nt_printing.o $(PRINTBASE_OBJ) SMBD_OBJ = $(SMBD_OBJ_BASE) $(SMBD_OBJ_MAIN) NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \ @@ -505,7 +510,7 @@ NMBD_OBJ = $(NMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ $(PROFILE_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) SWAT_OBJ1 = web/cgi.o web/diagnose.o web/startstop.o web/statuspage.o \ - web/swat.o web/neg_lang.o + web/swat.o web/neg_lang.o SWAT_OBJ = $(SWAT_OBJ1) $(PARAM_OBJ) $(PRINTING_OBJ) $(LIBSMB_OBJ) \ $(LOCKING_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(KRBCLIENT_OBJ) \ @@ -615,7 +620,7 @@ NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_domain.o utils/net_help.o \ utils/net_rpc_service.o utils/net_rpc_registry.o utils/net_usershare.o \ utils/netlookup.o utils/net_sam.o utils/net_rpc_shell.o \ utils/net_util.o utils/net_rpc_sh_acct.o utils/net_rpc_audit.o \ - $(PASSWD_UTIL_OBJ) utils/net_dns.o utils/net_ads_gpo.o + $(PASSWD_UTIL_OBJ) utils/net_dns.o utils/net_ads_gpo.o NET_OBJ = $(NET_OBJ1) $(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \ $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ @@ -641,10 +646,10 @@ CIFS_MOUNT_OBJ = client/mount.cifs.o CIFS_UMOUNT_OBJ = client/umount.cifs.o NMBLOOKUP_OBJ = utils/nmblookup.o $(PARAM_OBJ) $(LIBNMB_OBJ) $(RPC_PARSE_OBJ1) $(DOSERR_OBJ) \ - $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) $(LIBSAMBA_OBJ) + $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) $(SECRETS_OBJ) $(LIBSAMBA_OBJ) SMBTORTURE_OBJ1 = torture/torture.o torture/nbio.o torture/scanner.o torture/utable.o \ - torture/denytest.o torture/mangle_test.o + torture/denytest.o torture/mangle_test.o SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) $(PARAM_OBJ) \ $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) @@ -656,7 +661,7 @@ MSGTEST_OBJ = torture/msgtest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) LOCKTEST_OBJ = torture/locktest.o $(PARAM_OBJ) $(LOCKING_OBJ) $(KRBCLIENT_OBJ) \ - $(LIBSMB_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) + $(LIBSMB_OBJ) $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) NSSTEST_OBJ = torture/nsstest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ $(LIB_NONSMBD_OBJ) $(SECRETS_OBJ) @@ -686,15 +691,15 @@ SMBCQUOTAS_OBJ = utils/smbcquotas.o $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ $(LIBMSRPC_OBJ) $(LIBMSRPC_GEN_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ) \ $(PASSDB_OBJ) $(SMBLDAP_OBJ) $(GROUPDB_OBJ) -EVTLOGADM_OBJ0 = utils/eventlogadm.o +EVTLOGADM_OBJ0 = utils/eventlogadm.o EVTLOGADM_OBJ = $(EVTLOGADM_OBJ0) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(REGOBJS_OBJ) \ $(ERRORMAP_OBJ) $(RPC_PARSE_OBJ1) $(LIBSAMBA_OBJ) $(DOSERR_OBJ) \ $(SECRETS_OBJ) \ registry/reg_eventlog.o rpc_server/srv_eventlog_lib.o registry/reg_util.o \ - registry/reg_db.o + registry/reg_db.o -SHARESEC_OBJ0 = utils/sharesec.o +SHARESEC_OBJ0 = utils/sharesec.o SHARESEC_OBJ = $(SHARESEC_OBJ0) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(REGOBJS_OBJ) \ $(ERRORMAP_OBJ) $(RPC_PARSE_OBJ1) $(LIBSAMBA_OBJ) $(DOSERR_OBJ) \ $(POPT_LIB_OBJ) $(SECRETS_OBJ) @@ -718,7 +723,7 @@ RPCTORTURE_OBJ = torture/rpctorture.o \ DEBUG2HTML_OBJ = utils/debug2html.o utils/debugparse.o SMBFILTER_OBJ = utils/smbfilter.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(SECRETS_OBJ) \ - $(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) + $(LIB_NONSMBD_OBJ) $(KRBCLIENT_OBJ) PROTO_OBJ = $(SMBD_OBJ_MAIN) $(LIBNDR_OBJ) $(LIBNDR_GEN_OBJ) \ $(SMBD_OBJ_SRV) $(NMBD_OBJ1) $(LIBSMB_OBJ) \ @@ -808,7 +813,7 @@ TDBTOOL_OBJ = tdb/tools/tdbtool.o $(TDBBASE_OBJ) $(LIBREPLACE_OBJ) \ TDBDUMP_OBJ = tdb/tools/tdbdump.o $(TDBBASE_OBJ) $(LIBREPLACE_OBJ) \ $(SOCKET_WRAPPER_OBJ) -NTLM_AUTH_OBJ1 = utils/ntlm_auth.o utils/ntlm_auth_diagnostics.o +NTLM_AUTH_OBJ1 = utils/ntlm_auth.o utils/ntlm_auth_diagnostics.o NTLM_AUTH_OBJ = ${NTLM_AUTH_OBJ1} $(LIBSAMBA_OBJ) $(POPT_LIB_OBJ) \ libsmb/asn1.o libsmb/spnego.o libsmb/clikrb5.o libads/kerberos.o \ @@ -820,14 +825,16 @@ NTLM_AUTH_OBJ = ${NTLM_AUTH_OBJ1} $(LIBSAMBA_OBJ) $(POPT_LIB_OBJ) \ ###################################################################### # now the rules... ###################################################################### -all : SHOWFLAGS proto_exists $(SBIN_PROGS) $(BIN_PROGS) $(ROOT_SBIN_PROGS) \ - $(SHLIBS) $(MODULES) $(PAM_MODULES) @EXTRA_ALL_TARGETS@ +all : SHOWFLAGS $(SBIN_PROGS) $(BIN_PROGS) $(ROOT_SBIN_PROGS) \ + $(SHLIBS) $(MODULES) $(NSS_MODULES) $(PAM_MODULES) @EXTRA_ALL_TARGETS@ + +nss_modules : $(NSS_MODULES) pam_modules : $(PAM_MODULES) -pam_smbpass : SHOWFLAGS proto_exists bin/pam_smbpass.@SHLIBEXT@ +pam_smbpass : SHOWFLAGS bin/pam_smbpass.@SHLIBEXT@ -pam_winbind : SHOWFLAGS proto_exists bin/pam_winbind.@SHLIBEXT@ +pam_winbind : SHOWFLAGS bin/pam_winbind.@SHLIBEXT@ torture : SHOWFLAGS $(TORTURE_PROGS) @@ -868,7 +875,7 @@ nsswitch : SHOWFLAGS bin/winbindd@EXEEXT@ bin/wbinfo@EXEEXT@ @WINBIND_NSS@ \ wins : SHOWFLAGS @WINBIND_WINS_NSS@ -modules: SHOWFLAGS proto_exists $(MODULES) +modules: SHOWFLAGS $(MODULES) cac: SHOWFLAGS $(LIBMSRPC) @@ -912,7 +919,7 @@ MAKEDIR = || exec false; \ @BROKEN_CC@ -mv `echo $@ | sed 's%^.*/%%g'` $@ # this adds support for precompiled headers. To use it, install a snapshot -# of gcc-3.4 and run 'make pch' before you do the main build. +# of gcc-3.4 and run 'make pch' before you do the main build. pch: proto_exists rm -f $(builddir)/include/includes.h.gch $(CC) -I. -I$(srcdir) $(FLAGS) $(PICFLAG) -c $(srcdir)/include/includes.h -o $(builddir)/include/includes.h.gch @@ -936,7 +943,7 @@ lib/pidfile.o: lib/pidfile.c lib/version.o: lib/version.c include/version.h @echo Compiling $*.c - @$(CC) -I. -I$(srcdir) $(FLAGS) $(PATH_FLAGS) $(PICFLAG) -c $(srcdir)/lib/version.c -o $@ + @$(CC) -I. -I$(srcdir) $(FLAGS) $(PATH_FLAGS) $(PICFLAG) -c $(srcdir)/lib/version.c -o $@ smbd/build_options.o: smbd/build_options.c Makefile include/config.h include/build_env.h include/proto.h @echo Compiling $*.c @@ -951,56 +958,56 @@ bin/.dummy: dir=bin $(MAKEDIR); fi @: >> $@ || : > $@ # what a fancy emoticon! -bin/smbd@EXEEXT@: $(SMBD_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbd@EXEEXT@: proto_exists $(SMBD_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(LDFLAGS) $(LDAP_LIBS) \ $(KRB5LIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) \ - $(ACL_LIBS) $(PASSDB_LIBS) $(LIBS) @POPTLIBS@ @SMBD_LIBS@ + $(ACL_LIBS) $(PASSDB_LIBS) $(LIBS) @POPTLIBS@ @SMBD_LIBS@ -bin/nmbd@EXEEXT@: $(NMBD_OBJ) @BUILD_POPT@ bin/.dummy +bin/nmbd@EXEEXT@: proto_exists $(NMBD_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) -bin/swat@EXEEXT@: $(SWAT_OBJ) @BUILD_POPT@ bin/.dummy +bin/swat@EXEEXT@: proto_exists $(SWAT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SWAT_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINT_LIBS) \ $(AUTH_LIBS) $(LIBS) $(PASSDB_LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) -bin/rpcclient@EXEEXT@: $(RPCCLIENT_OBJ) @BUILD_POPT@ bin/.dummy +bin/rpcclient@EXEEXT@: proto_exists $(RPCCLIENT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(PASSDB_LIBS) $(RPCCLIENT_OBJ) \ $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ \ $(KRB5LIBS) $(LDAP_LIBS) -bin/smbclient@EXEEXT@: $(CLIENT_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbclient@EXEEXT@: proto_exists $(CLIENT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(CLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) -bin/smbctool@EXEEXT@: $(TOOL_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbctool@EXEEXT@: proto_exists $(TOOL_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(TOOL_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) -Lbin -lsmbclient -bin/net@EXEEXT@: $(NET_OBJ) @BUILD_POPT@ @BUILD_INIPARSER@ bin/.dummy +bin/net@EXEEXT@: proto_exists $(NET_OBJ) @BUILD_POPT@ @BUILD_INIPARSER@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) @INIPARSERLIBS@ -bin/profiles@EXEEXT@: $(PROFILES_OBJ) @BUILD_POPT@ bin/.dummy +bin/profiles@EXEEXT@: proto_exists $(PROFILES_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(PROFILES_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(LDAP_LIBS) @POPTLIBS@ -bin/smbspool@EXEEXT@: $(CUPS_OBJ) bin/.dummy +bin/smbspool@EXEEXT@: proto_exists $(CUPS_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(CUPS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) -bin/smbmount@EXEEXT@: $(MOUNT_OBJ) bin/.dummy +bin/smbmount@EXEEXT@: proto_exists $(MOUNT_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(MOUNT_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) -bin/smbmnt@EXEEXT@: $(MNT_OBJ) bin/.dummy +bin/smbmnt@EXEEXT@: proto_exists $(MNT_OBJ) bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(MNT_OBJ) $(DYNEXP) $(LDFLAGS) + @$(CC) $(FLAGS) -o $@ $(MNT_OBJ) $(DYNEXP) $(LDFLAGS) -bin/smbumount@EXEEXT@: $(UMOUNT_OBJ) bin/.dummy +bin/smbumount@EXEEXT@: proto_exists $(UMOUNT_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(UMOUNT_OBJ) $(DYNEXP) $(LDFLAGS) @@ -1012,35 +1019,35 @@ bin/umount.cifs@EXEEXT@: $(CIFS_UMOUNT_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(CIFS_UMOUNT_OBJ) $(DYNEXP) $(LDFLAGS) -bin/testparm@EXEEXT@: $(TESTPARM_OBJ) @BUILD_POPT@ bin/.dummy +bin/testparm@EXEEXT@: proto_exists $(TESTPARM_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(TESTPARM_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(LDAP_LIBS) @POPTLIBS@ -bin/smbstatus@EXEEXT@: $(STATUS_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbstatus@EXEEXT@: proto_exists $(STATUS_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(STATUS_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(LDAP_LIBS) \ @POPTLIBS@ -bin/smbcontrol@EXEEXT@: $(SMBCONTROL_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbcontrol@EXEEXT@: proto_exists $(SMBCONTROL_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) -DUSING_SMBCONTROL $(FLAGS) -o $@ \ $(SMBCONTROL_OBJ) $(DYNEXP) $(LDFLAGS) \ $(LIBS) $(LDAP_LIBS) @LIBUNWIND_PTRACE@ @POPTLIBS@ -bin/smbtree@EXEEXT@: $(SMBTREE_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbtree@EXEEXT@: proto_exists $(SMBTREE_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) -bin/smbpasswd@EXEEXT@: $(SMBPASSWD_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbpasswd@EXEEXT@: proto_exists $(SMBPASSWD_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(LDFLAGS) $(PASSDB_LIBS) \ $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) -bin/pdbedit@EXEEXT@: $(PDBEDIT_OBJ) @BUILD_POPT@ bin/.dummy +bin/pdbedit@EXEEXT@: proto_exists $(PDBEDIT_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDB_LIBS) $(LDAP_LIBS) -bin/smbget@EXEEXT@: $(SMBGET_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbget@EXEEXT@: proto_exists $(SMBGET_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) @@ -1048,15 +1055,15 @@ bin/samtest@EXEEXT@: $(SAMTEST_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(PASSDB_LIBS) $(KRB5LIBS) $(LDAP_LIBS) -bin/nmblookup@EXEEXT@: $(NMBLOOKUP_OBJ) @BUILD_POPT@ bin/.dummy +bin/nmblookup@EXEEXT@: proto_exists $(NMBLOOKUP_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(NMBLOOKUP_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @POPTLIBS@ $(LDAP_LIBS) -bin/smbtorture@EXEEXT@: $(SMBTORTURE_OBJ) bin/.dummy +bin/smbtorture@EXEEXT@: proto_exists $(SMBTORTURE_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) -bin/talloctort@EXEEXT@: $(TALLOCTORT_OBJ) bin/.dummy +bin/talloctort@EXEEXT@: proto_exists $(TALLOCTORT_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(TALLOCTORT_OBJ) $(LDFLAGS) \ $(DYNEXP) $(LIBS) $(LDAP_LIBS) @@ -1066,45 +1073,45 @@ bin/replacetort@EXEEXT@: $(REPLACETORT_OBJ) bin/.dummy @$(CC) $(FLAGS) @PIE_LDFLAGS@ -o $@ $(REPLACETORT_OBJ) $(LDFLAGS) \ $(DYNEXP) $(LIBS) -bin/masktest@EXEEXT@: $(MASKTEST_OBJ) bin/.dummy +bin/masktest@EXEEXT@: proto_exists $(MASKTEST_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(MASKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) -bin/msgtest@EXEEXT@: $(MSGTEST_OBJ) bin/.dummy +bin/msgtest@EXEEXT@: proto_exists $(MSGTEST_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(MSGTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) -bin/smbcacls@EXEEXT@: $(SMBCACLS_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbcacls@EXEEXT@: proto_exists $(SMBCACLS_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ \ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) -bin/smbcquotas@EXEEXT@: $(SMBCQUOTAS_OBJ) @BUILD_POPT@ bin/.dummy +bin/smbcquotas@EXEEXT@: proto_exists $(SMBCQUOTAS_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @POPTLIBS@ \ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) -bin/eventlogadm@EXEEXT@: $(EVTLOGADM_OBJ) @BUILD_POPT@ bin/.dummy +bin/eventlogadm@EXEEXT@: proto_exists $(EVTLOGADM_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(EVTLOGADM_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(LDAP_LIBS) @POPTLIBS@ -bin/sharesec@EXEEXT@: $(SHARESEC_OBJ) @BUILD_POPT@ bin/.dummy +bin/sharesec@EXEEXT@: proto_exists $(SHARESEC_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ - @$(CC) $(FLAGS) -o $@ $(SHARESEC_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(LDAP_LIBS) @POPTLIBS@ + @$(CC) $(FLAGS) -o $@ $(SHARESEC_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(LDAP_LIBS) @POPTLIBS@ -bin/locktest@EXEEXT@: $(LOCKTEST_OBJ) bin/.dummy +bin/locktest@EXEEXT@: proto_exists $(LOCKTEST_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(LOCKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) -bin/nsstest@EXEEXT@: $(NSSTEST_OBJ) bin/.dummy +bin/nsstest@EXEEXT@: proto_exists $(NSSTEST_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) -bin/pdbtest@EXEEXT@: $(PDBTEST_OBJ) bin/.dummy +bin/pdbtest@EXEEXT@: proto_exists $(PDBTEST_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(PDBTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(LIBS) @POPTLIBS@ -bin/vfstest@EXEEXT@: $(VFSTEST_OBJ) @BUILD_POPT@ bin/.dummy +bin/vfstest@EXEEXT@: proto_exists $(VFSTEST_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) $(LIBS) @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) @SMBD_LIBS@ $(NSCD_LIBS) @@ -1112,11 +1119,11 @@ bin/smbiconv@EXEEXT@: $(SMBICONV_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBICONV_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @POPTLIBS@ -bin/log2pcap@EXEEXT@: $(LOG2PCAP_OBJ) @BUILD_POPT@ bin/.dummy +bin/log2pcap@EXEEXT@: proto_exists $(LOG2PCAP_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(LOG2PCAP_OBJ) $(LDFLAGS) $(DYNEXP) @POPTLIBS@ $(LIBS) -bin/locktest2@EXEEXT@: $(LOCKTEST2_OBJ) bin/.dummy +bin/locktest2@EXEEXT@: proto_exists $(LOCKTEST2_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) @@ -1124,55 +1131,55 @@ bin/rpctorture@EXEEXT@: $(RPCTORTURE_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(RPCTORTURE_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) -bin/debug2html@EXEEXT@: $(DEBUG2HTML_OBJ) bin/.dummy +bin/debug2html@EXEEXT@: proto_exists $(DEBUG2HTML_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(DEBUG2HTML_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) -bin/smbfilter@EXEEXT@: $(SMBFILTER_OBJ) bin/.dummy +bin/smbfilter@EXEEXT@: proto_exists $(SMBFILTER_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(SMBFILTER_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) -bin/libaddns.@SHLIBEXT@: $(LIBADDNS_OBJ) +bin/libaddns.@SHLIBEXT@: proto_exists $(LIBADDNS_OBJ) @echo Linking libaddns shared library $@ @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBADDNS_OBJ) $(LDFLAGS) $(LIBS) \ $(KRB5LIBS) $(UUID_LIBS)\ @SONAMEFLAG@`basename $@`.$(LIBADDNS_MAJOR) -bin/libaddns.a: $(LIBADDNS_OBJ) +bin/libaddns.a: proto_exists $(LIBADDNS_OBJ) @echo Linking libaddns non-shared library $@ @-$(AR) -rc $@ $(LIBADDNS_OBJ) -bin/libsmbclient.@SHLIBEXT@: $(LIBSMBCLIENT_OBJ) +bin/libsmbclient.@SHLIBEXT@: proto_exists $(LIBSMBCLIENT_OBJ) @echo Linking libsmbclient shared library $@ @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_OBJ) $(LDFLAGS) $(LIBS) \ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) \ @SONAMEFLAG@`basename $@`.$(LIBSMBCLIENT_MAJOR) -bin/libsmbclient.a: $(LIBSMBCLIENT_OBJ) +bin/libsmbclient.a: proto_exists $(LIBSMBCLIENT_OBJ) @echo Linking libsmbclient non-shared library $@ @-$(AR) -rc $@ $(LIBSMBCLIENT_OBJ) -bin/libsmbsharemodes.@SHLIBEXT@: $(LIBSMBSHAREMODES_OBJ) +bin/libsmbsharemodes.@SHLIBEXT@: proto_exists $(LIBSMBSHAREMODES_OBJ) @echo Linking libsmbsharemodes shared library $@ @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBSHAREMODES_OBJ) $(LDFLAGS) $(LIBS) \ $(KRB5LIBS) $(LDAP_LIBS) \ @SONAMEFLAG@`basename $@`.$(LIBSMBSHAREMODES_MAJOR) -bin/libsmbsharemodes.a: $(LIBSMBSHAREMODES_OBJ) +bin/libsmbsharemodes.a: proto_exists $(LIBSMBSHAREMODES_OBJ) @echo Linking libsmbsharemodes non-shared library $@ @-$(AR) -rc $@ $(LIBSMBSHAREMODES_OBJ) -bin/libmsrpc.@SHLIBEXT@: $(CAC_OBJ) +bin/libmsrpc.@SHLIBEXT@: proto_exists $(CAC_OBJ) @echo Linking libmsrpc shared library $@ @$(SHLD) $(LDSHFLAGS) -o $@ $(CAC_OBJ) $(LDFLAGS) $(LIBS) \ @SONAMEFLAG@`basename $@`.$(LIBMSRPC_MAJOR) -bin/libmsrpc.a: $(CAC_OBJ) +bin/libmsrpc.a: proto_exists $(CAC_OBJ) @echo Linking libmsrpc non-shared library $@ @-$(AR) -rc $@ $(CAC_OBJ) -# This is probably wrong for anything other than the GNU linker. -bin/libbigballofmud.@SHLIBEXT@: $(LIBBIGBALLOFMUD_OBJ) +# This is probably wrong for anything other than the GNU linker. +bin/libbigballofmud.@SHLIBEXT@: proto_exists $(LIBBIGBALLOFMUD_OBJ) @echo Linking bigballofmud shared library $@ @$(SHLD) $(LDSHFLAGS) -o $@ $(LIBBIGBALLOFMUD_OBJ) $(LIBS) \ $(PASSDB_LIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAP_LIBS) \ @@ -1189,82 +1196,82 @@ libsmbsharemodes: $(LIBSMBSHAREMODES) libmsrpc: $(LIBMSRPC) libaddns: $(LIBADDNS) -bin/librpc_lsarpc.@SHLIBEXT@: $(RPC_LSA_OBJ) +bin/librpc_lsarpc.@SHLIBEXT@: proto_exists $(RPC_LSA_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_LSA_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_samr.@SHLIBEXT@: $(RPC_SAMR_OBJ) +bin/librpc_samr.@SHLIBEXT@: proto_exists $(RPC_SAMR_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_SAMR_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_unixinfo.@SHLIBEXT@: $(RPC_UNIXINFO_OBJ) +bin/librpc_unixinfo.@SHLIBEXT@: proto_exists $(RPC_UNIXINFO_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_UNIXINFO_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_srvsvc.@SHLIBEXT@: $(RPC_SVC_OBJ) +bin/librpc_srvsvc.@SHLIBEXT@: proto_exists $(RPC_SVC_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_SVC_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_svcctl.@SHLIBEXT@: $(RPC_SVCCTL_OBJ) +bin/librpc_svcctl.@SHLIBEXT@: proto_exists $(RPC_SVCCTL_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_SVCCTL_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_ntsvcs.@SHLIBEXT@: $(RPC_NTSVCS_OBJ) +bin/librpc_ntsvcs.@SHLIBEXT@: proto_exists $(RPC_NTSVCS_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_NTSVCS_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_wkssvc.@SHLIBEXT@: $(RPC_WKS_OBJ) +bin/librpc_wkssvc.@SHLIBEXT@: proto_exists $(RPC_WKS_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_WKS_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_NETLOGON.@SHLIBEXT@: $(RPC_NETLOG_OBJ) +bin/librpc_NETLOGON.@SHLIBEXT@: proto_exists $(RPC_NETLOG_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_NETLOG_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_reg.@SHLIBEXT@: $(RPC_REG_OBJ) +bin/librpc_reg.@SHLIBEXT@: proto_exists $(RPC_REG_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_REG_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_initshutdown.@SHLIBEXT@: $(RPC_INITSHUTDOWN_OBJ) +bin/librpc_initshutdown.@SHLIBEXT@: proto_exists $(RPC_INITSHUTDOWN_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_INITSHUTDOWN_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_lsa_ds.@SHLIBEXT@: $(RPC_LSA_DS_OBJ) +bin/librpc_lsa_ds.@SHLIBEXT@: proto_exists $(RPC_LSA_DS_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_LSA_DS_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_spoolss.@SHLIBEXT@: $(RPC_SPOOLSS_OBJ) +bin/librpc_spoolss.@SHLIBEXT@: proto_exists $(RPC_SPOOLSS_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_SPOOLSS_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_eventlog.@SHLIBEXT@: $(RPC_EVENTLOG_OBJ) +bin/librpc_eventlog.@SHLIBEXT@: proto_exists $(RPC_EVENTLOG_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_EVENTLOG_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_netdfs.@SHLIBEXT@: $(RPC_DFS_OBJ) +bin/librpc_netdfs.@SHLIBEXT@: proto_exists $(RPC_DFS_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_DFS_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/librpc_echo.@SHLIBEXT@: $(RPC_ECHO_OBJ) +bin/librpc_echo.@SHLIBEXT@: proto_exists $(RPC_ECHO_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_ECHO_OBJ) -lc \ @SONAMEFLAG@`basename $@` -bin/winbindd@EXEEXT@: $(WINBINDD_OBJ) @BUILD_POPT@ bin/.dummy +bin/winbindd@EXEEXT@: proto_exists $(WINBINDD_OBJ) @BUILD_POPT@ bin/.dummy @echo "Linking $@" @$(CC) $(FLAGS) -o $@ $(WINBINDD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \ @POPTLIBS@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) @@ -1274,13 +1281,13 @@ bin/winbindd@EXEEXT@: $(WINBINDD_OBJ) @BUILD_POPT@ bin/.dummy @$(SHLD) $(WINBIND_NSS_LDSHFLAGS) -o $@ $(WINBIND_NSS_OBJ) \ @WINBIND_NSS_EXTRA_LIBS@ @SONAMEFLAG@`basename $@`@NSSSONAMEVERSIONSUFFIX@ -@WINBIND_WINS_NSS@: $(WINBIND_WINS_NSS_OBJ) +@WINBIND_WINS_NSS@: proto_exists $(WINBIND_WINS_NSS_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(WINBIND_WINS_NSS_OBJ) \ $(LDAP_LIBS) $(KRB5LIBS) $(LIBS) \ @SONAMEFLAG@`basename $@`@NSSSONAMEVERSIONSUFFIX@ -@SMB_KRB5_LOCATOR@: $(SMB_KRB5_LOCATOR_OBJ) +@SMB_KRB5_LOCATOR@: proto_exists $(SMB_KRB5_LOCATOR_OBJ) @echo "Linking $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(SMB_KRB5_LOCATOR_OBJ) \ $(LDAP_LIBS) $(LIBS) -lcom_err \ @@ -1289,33 +1296,33 @@ bin/winbindd@EXEEXT@: $(WINBINDD_OBJ) @BUILD_POPT@ bin/.dummy bin/pam_winbind.@SHLIBEXT@: $(PAM_WINBIND_OBJ) bin/.dummy @echo "Linking shared library $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_WINBIND_OBJ) -lpam @INIPARSERLIBS@ $(GPLIBS) \ - @SONAMEFLAG@`basename $@` + @SONAMEFLAG@`basename $@` -bin/builtin.@SHLIBEXT@: $(AUTH_BUILTIN_OBJ) +bin/builtin.@SHLIBEXT@: proto_exists $(AUTH_BUILTIN_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_BUILTIN_OBJ) @SONAMEFLAG@`basename $@` -bin/domain.@SHLIBEXT@: $(AUTH_DOMAIN_OBJ) +bin/domain.@SHLIBEXT@: proto_exists $(AUTH_DOMAIN_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_DOMAIN_OBJ) @SONAMEFLAG@`basename $@` -bin/script.@SHLIBEXT@: $(AUTH_SCRIPT_OBJ) +bin/script.@SHLIBEXT@: proto_exists $(AUTH_SCRIPT_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_SCRIPT_OBJ) @SONAMEFLAG@`basename $@` -bin/smbserver.@SHLIBEXT@: $(AUTH_SERVER_OBJ) +bin/smbserver.@SHLIBEXT@: proto_exists $(AUTH_SERVER_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_SERVER_OBJ) @SONAMEFLAG@`basename $@` -bin/winbind.@SHLIBEXT@: $(AUTH_WINBIND_OBJ) +bin/winbind.@SHLIBEXT@: proto_exists $(AUTH_WINBIND_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_WINBIND_OBJ) @SONAMEFLAG@`basename $@` -bin/unix.@SHLIBEXT@: $(AUTH_UNIX_OBJ) +bin/unix.@SHLIBEXT@: proto_exists $(AUTH_UNIX_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_UNIX_OBJ) @SONAMEFLAG@`basename $@` -bin/sam.@SHLIBEXT@: $(AUTH_SAM_OBJ) +bin/sam.@SHLIBEXT@: proto_exists $(AUTH_SAM_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(AUTH_SAM_OBJ) @SONAMEFLAG@`basename $@` @@ -1324,17 +1331,17 @@ bin/ldapsam.@SHLIBEXT@: passdb/pdb_ldap.o @$(SHLD) $(LDSHFLAGS) $(LDAP_LIBS) -o $@ passdb/pdb_ldap.o \ @SONAMEFLAG@`basename $@` -bin/tdbsam.@SHLIBEXT@: passdb/pdb_tdb.o +bin/tdbsam.@SHLIBEXT@: proto_exists passdb/pdb_tdb.o @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ passdb/pdb_tdb.o \ @SONAMEFLAG@`basename $@` -bin/smbpasswd.@SHLIBEXT@: passdb/pdb_smbpasswd.o +bin/smbpasswd.@SHLIBEXT@: proto_exists passdb/pdb_smbpasswd.o @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ passdb/pdb_smbpasswd.o \ @SONAMEFLAG@`basename $@` -bin/rid.@SHLIBEXT@: nsswitch/idmap_rid.o +bin/rid.@SHLIBEXT@: proto_exists nsswitch/idmap_rid.o @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ nsswitch/idmap_rid.o \ @SONAMEFLAG@`basename $@` @@ -1344,17 +1351,17 @@ bin/ad.@SHLIBEXT@: nsswitch/idmap_ad.o @$(SHLD) $(LDSHFLAGS) -o $@ nsswitch/idmap_ad.o \ @SONAMEFLAG@`basename $@` -bin/weird.@SHLIBEXT@: $(DEVEL_HELP_WEIRD_OBJ) +bin/weird.@SHLIBEXT@: proto_exists $(DEVEL_HELP_WEIRD_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(DEVEL_HELP_WEIRD_OBJ) \ @SONAMEFLAG@`basename $@` -bin/CP850.@SHLIBEXT@: $(CP850_OBJ) +bin/CP850.@SHLIBEXT@: proto_exists $(CP850_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(CP850_OBJ) \ @SONAMEFLAG@`basename $@` -bin/CP437.@SHLIBEXT@: $(CP437_OBJ) +bin/CP437.@SHLIBEXT@: proto_exists $(CP437_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(CP437_OBJ) \ @SONAMEFLAG@`basename $@` @@ -1367,57 +1374,57 @@ bin/macosxfs.@SHLIBEXT@: $(CHARSET_MACOSXFS_OBJ) # NOTE, there is no build rule for a dynamic default VFS module because # this one MUST MUST MUST be built statically. -bin/audit.@SHLIBEXT@: $(VFS_AUDIT_OBJ) +bin/audit.@SHLIBEXT@: proto_exists $(VFS_AUDIT_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_AUDIT_OBJ) \ @SONAMEFLAG@`basename $@` -bin/extd_audit.@SHLIBEXT@: $(VFS_EXTD_AUDIT_OBJ) +bin/extd_audit.@SHLIBEXT@: proto_exists $(VFS_EXTD_AUDIT_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_EXTD_AUDIT_OBJ) \ @SONAMEFLAG@`basename $@` -bin/full_audit.@SHLIBEXT@: $(VFS_FULL_AUDIT_OBJ) +bin/full_audit.@SHLIBEXT@: proto_exists $(VFS_FULL_AUDIT_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_FULL_AUDIT_OBJ) \ @SONAMEFLAG@`basename $@` -bin/recycle.@SHLIBEXT@: $(VFS_RECYCLE_OBJ) +bin/recycle.@SHLIBEXT@: proto_exists $(VFS_RECYCLE_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_RECYCLE_OBJ) \ @SONAMEFLAG@`basename $@` -bin/netatalk.@SHLIBEXT@: $(VFS_NETATALK_OBJ) +bin/netatalk.@SHLIBEXT@: proto_exists $(VFS_NETATALK_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_NETATALK_OBJ) \ @SONAMEFLAG@`basename $@` -bin/fake_perms.@SHLIBEXT@: $(VFS_FAKE_PERMS_OBJ) +bin/fake_perms.@SHLIBEXT@: proto_exists $(VFS_FAKE_PERMS_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_FAKE_PERMS_OBJ) \ @SONAMEFLAG@`basename $@` -bin/default_quota.@SHLIBEXT@: $(VFS_DEFAULT_QUOTA_OBJ) +bin/default_quota.@SHLIBEXT@: proto_exists $(VFS_DEFAULT_QUOTA_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_DEFAULT_QUOTA_OBJ) \ @SONAMEFLAG@`basename $@` -bin/readonly.@SHLIBEXT@: $(VFS_READONLY_OBJ) +bin/readonly.@SHLIBEXT@: proto_exists $(VFS_READONLY_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_READONLY_OBJ) \ @SONAMEFLAG@`basename $@` -bin/shadow_copy.@SHLIBEXT@: $(VFS_SHADOW_COPY_OBJ) +bin/shadow_copy.@SHLIBEXT@: proto_exists $(VFS_SHADOW_COPY_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_SHADOW_COPY_OBJ) \ @SONAMEFLAG@`basename $@` -bin/cap.@SHLIBEXT@: $(VFS_CAP_OBJ) +bin/cap.@SHLIBEXT@: proto_exists $(VFS_CAP_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_CAP_OBJ) \ @SONAMEFLAG@`basename $@` -bin/expand_msdfs.@SHLIBEXT@: $(VFS_EXPAND_MSDFS_OBJ) +bin/expand_msdfs.@SHLIBEXT@: proto_exists $(VFS_EXPAND_MSDFS_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_EXPAND_MSDFS_OBJ) \ @SONAMEFLAG@`basename $@` @@ -1447,12 +1454,12 @@ bin/solarisacl.@SHLIBEXT@: $(VFS_SOLARISACL_OBJ) @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_SOLARISACL_OBJ) \ @SONAMEFLAG@`basename $@` -bin/irixacl.@SHLIBEXT@: $(VFS_IRIXACL_OBJ) +bin/irixacl.@SHLIBEXT@: proto_exists $(VFS_IRIXACL_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_IRIXACL_OBJ) \ @SONAMEFLAG@`basename $@` -bin/hpuxacl.@SHLIBEXT@: $(VFS_HPUXACL_OBJ) +bin/hpuxacl.@SHLIBEXT@: proto_exists $(VFS_HPUXACL_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_HPUXACL_OBJ) \ @SONAMEFLAG@`basename $@` @@ -1462,22 +1469,22 @@ bin/tru64acl.@SHLIBEXT@: $(VFS_TRU64ACL_OBJ) @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_TRU64ACL_OBJ) \ @SONAMEFLAG@`basename $@` -bin/catia.@SHLIBEXT@: $(VFS_CATIA_OBJ) +bin/catia.@SHLIBEXT@: proto_exists $(VFS_CATIA_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_CATIA_OBJ) \ @SONAMEFLAG@`basename $@` -bin/cacheprime.@SHLIBEXT@: $(VFS_CACHEPRIME_OBJ) +bin/cacheprime.@SHLIBEXT@: proto_exists $(VFS_CACHEPRIME_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_CACHEPRIME_OBJ) \ @SONAMEFLAG@`basename $@` -bin/prealloc.@SHLIBEXT@: $(VFS_PREALLOC_OBJ) +bin/prealloc.@SHLIBEXT@: proto_exists $(VFS_PREALLOC_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_PREALLOC_OBJ) \ @SONAMEFLAG@`basename $@` -bin/commit.@SHLIBEXT@: $(VFS_COMMIT_OBJ) +bin/commit.@SHLIBEXT@: proto_exists $(VFS_COMMIT_OBJ) @echo "Building plugin $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_COMMIT_OBJ) \ @SONAMEFLAG@`basename $@` @@ -1492,17 +1499,22 @@ bin/notify_fam.@SHLIBEXT@: $(VFS_NOTIFY_FAM_OBJ) @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_NOTIFY_FAM_OBJ) \ @SONAMEFLAG@`basename $@` +bin/readahead.@SHLIBEXT@: $(VFS_READAHEAD_OBJ) + @echo "Building plugin $@" + @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_READAHEAD_OBJ) \ + @SONAMEFLAG@`basename $@` + ######################################################### ## IdMap NSS plugins ## None here right now ######################################################### -bin/wbinfo@EXEEXT@: $(WBINFO_OBJ) @BUILD_POPT@ bin/.dummy +bin/wbinfo@EXEEXT@: proto_exists $(WBINFO_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(WBINFO_OBJ) $(DYNEXP) $(LIBS) $(LDAP_LIBS) @POPTLIBS@ -bin/ntlm_auth@EXEEXT@: $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \ +bin/ntlm_auth@EXEEXT@: proto_exists $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \ @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(NTLM_AUTH_OBJ) \ @@ -1513,7 +1525,7 @@ bin/pam_smbpass.@SHLIBEXT@: $(PAM_SMBPASS_OBJ) @echo "Linking shared library $@" @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_OBJ) -lpam $(DYNEXP) $(LIBS) $(LDAP_LIBS) $(KRB5LIBS) $(NSCD_LIBS) -bin/tdbbackup@EXEEXT@: $(TDBBACKUP_OBJ) bin/.dummy +bin/tdbbackup@EXEEXT@: proto_exists $(TDBBACKUP_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBBACKUP_OBJ) @@ -1525,28 +1537,28 @@ bin/tdbdump@EXEEXT@: $(TDBDUMP_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBDUMP_OBJ) -bin/t_strcmp@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_strcmp.o +bin/t_strcmp@EXEEXT@: proto_exists bin/libbigballofmud.@SHLIBEXT@ torture/t_strcmp.o $(CC) $(FLAGS) -o $@ $(DYNEXP) $(LIBS) torture/t_strcmp.o -L ./bin -lbigballofmud -bin/t_strstr@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_strstr.o +bin/t_strstr@EXEEXT@: proto_exists bin/libbigballofmud.@SHLIBEXT@ torture/t_strstr.o $(CC) $(FLAGS) -o $@ $(DYNEXP) $(LIBS) torture/t_strstr.o -L ./bin -lbigballofmud -bin/t_strappend@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_strappend.o +bin/t_strappend@EXEEXT@: proto_exists bin/libbigballofmud.@SHLIBEXT@ torture/t_strappend.o $(CC) $(FLAGS) -o $@ $(DYNEXP) $(LIBS) torture/t_strappend.o -L ./bin -lbigballofmud bin/t_stringoverflow@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_stringoverflow.o $(CC) $(FLAGS) -o $@ $(DYNEXP) torture/t_stringoverflow.o -L./bin -lbigballofmud -bin/t_doschar@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_doschar.o +bin/t_doschar@EXEEXT@: proto_exists bin/libbigballofmud.@SHLIBEXT@ torture/t_doschar.o $(CC) $(FLAGS) -o $@ $(DYNEXP) $(LIBS) torture/t_doschar.o -L ./bin -lbigballofmud -bin/t_push_ucs2@EXEEXT@: bin/libbigballofmud.@SHLIBEXT@ torture/t_push_ucs2.o +bin/t_push_ucs2@EXEEXT@: proto_exists bin/libbigballofmud.@SHLIBEXT@ torture/t_push_ucs2.o $(CC) $(FLAGS) -o $@ $(DYNEXP) $(LIBS) torture/t_push_ucs2.o -L ./bin -lbigballofmud bin/timelimit@EXEEXT@: script/tests/timelimit.o @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(DYNEXP) script/tests/timelimit.o -install: installservers installbin @INSTALL_CIFSMOUNT@ installman installscripts installdat installswat installmodules @INSTALL_LIBSMBCLIENT@ @INSTALL_LIBMSRPC@ @INSTALL_PAM_MODULES@ @INSTALL_LIBSMBSHAREMODES@ +install: installservers installbin @INSTALL_CIFSMOUNT@ installman installscripts installdat installswat installmodules @INSTALL_LIBSMBCLIENT@ @INSTALL_LIBMSRPC@ @INSTALL_PAM_MODULES@ @INSTALL_LIBSMBSHAREMODES@ install-everything: install installmodules @@ -1572,7 +1584,7 @@ installcifsmount: @CIFSMOUNT_PROGS@ @$(SHELL) $(srcdir)/script/installdirs.sh $(INSTALLPERMS) $(DESTDIR) $(ROOTSBINDIR) @$(SHELL) script/installbin.sh $(INSTALLPERMS) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSMOUNT_PROGS@ -# Some symlinks are required for the 'probing' of modules. +# Some symlinks are required for the 'probing' of modules. # This mechanism should go at some point.. installmodules: modules installdirs @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR) $(prefix) $(VFSLIBDIR) $(VFS_MODULES) @@ -1662,7 +1674,7 @@ python_clean: # revert to the previously installed version revert: - @$(SHELL) $(srcdir)/script/revert.sh $(SBINDIR) $(SBIN_PROGS) + @$(SHELL) $(srcdir)/script/revert.sh $(SBINDIR) $(SBIN_PROGS) @$(SHELL) $(srcdir)/script/revert.sh $(BINDIR) $(BIN_PROGS) $(SCRIPTS) installman: installdirs @@ -1686,7 +1698,7 @@ showlayout: @echo " swatdir: $(SWATDIR)" -uninstall: uninstallman uninstallservers uninstallbin @UNINSTALL_CIFSMOUNT@ uninstallscripts uninstalldat uninstallswat uninstallmodules @UNINSTALL_LIBSMBCLIENT@ @UNINSTALL_LIBMSRPC@ @UNINSTALL_PAM_MODULES@ @UNINSTALL_LIBSMBSHAREMODES@ +uninstall: uninstallman uninstallservers uninstallbin @UNINSTALL_CIFSMOUNT@ uninstallscripts uninstalldat uninstallswat uninstallmodules @UNINSTALL_LIBSMBCLIENT@ @UNINSTALL_LIBMSRPC@ @UNINSTALL_PAM_MODULES@ @UNINSTALL_LIBSMBSHAREMODES@ uninstallman: @$(SHELL) $(srcdir)/script/uninstallman.sh $(DESTDIR)$(MANDIR) $(srcdir) C @@ -1720,21 +1732,21 @@ uninstallmsg: uninstallswat: uninstallmsg @$(SHELL) $(srcdir)/script/uninstallswat.sh $(DESTDIR) $(SWATDIR) $(srcdir) -uninstallclientlib: +uninstallclientlib: -$(UNINSTALLLIBCMD_SH) $(DESTDIR)$(LIBDIR)/libsmbclient.@SHLIBEXT@ -$(UNINSTALLLIBCMD_A) $(DESTDIR)$(LIBDIR)/libsmbclient.a -rm -f $(DESTDIR)${prefix}/include/libsmbclient.h -uninstalllibmsrpc: +uninstalllibmsrpc: -$(UNINSTALLLIBCMD_SH) $(DESTDIR)$(LIBDIR)/libmsrpc.@SHLIBEXT@ -$(UNINSTALLLIBCMD_A) $(DESTDIR)$(LIBDIR)/libmsrpc.a -rm -f $(DESTDIR)${prefix}/include/libmsrpc.h -uninstalllibsmbsharemodes: +uninstalllibsmbsharemodes: -$(UNINSTALLLIBCMD_SH) $(DESTDIR)$(LIBDIR)/libsmbsharemodes.@SHLIBEXT@ -$(UNINSTALLLIBCMD_A) $(DESTDIR)$(LIBDIR)/libsmbsharemodes.a -uninstalllibaddns: +uninstalllibaddns: -$(UNINSTALLLIBCMD_SH) $(DESTDIR)$(LIBDIR)/libaddns.@SHLIBEXT@ -$(UNINSTALLLIBCMD_A) $(DESTDIR)$(LIBDIR)/libaddns.a @@ -1753,7 +1765,7 @@ clean: delheaders python_clean $(TOPFILES) $(BIN_PROGS) $(SBIN_PROGS) $(ROOT_SBIN_PROGS) \ $(MODULES) $(TORTURE_PROGS) $(LIBSMBCLIENT) $(LIBADDNS) \ $(LIBSMBSHAREMODES) $(EVERYTHING_PROGS) $(LIBMSRPC) \ - .headers.stamp */src/*.o + .headers.stamp */src/*.o proto_exists -rm -rf t_dir # Making this target will just make sure that the prototype files @@ -1763,6 +1775,7 @@ clean: delheaders python_clean proto_exists: include/proto.h include/build_env.h \ nsswitch/winbindd_proto.h web/swat_proto.h \ client/client_proto.h utils/net_proto.h utils/ntlm_auth_proto.h smbd/build_options.c + @touch proto_exists delheaders: @echo Removing prototype headers @@ -1830,7 +1843,7 @@ headers: $(MAKE) utils/net_proto.h; \ $(MAKE) utils/passwd_proto.h; -proto: headers +proto: headers .PHONY: headers proto @@ -1861,7 +1874,7 @@ realdistclean: distclean finddead: nm */*.o |grep 'U ' | awk '{print $$2}' | sort -u > nmused.txt nm */*.o |grep 'T ' | awk '{print $$3}' | sort -u > nmfns.txt - comm -13 nmused.txt nmfns.txt + comm -13 nmused.txt nmfns.txt # when configure.in is updated, reconfigure @@ -1877,6 +1890,14 @@ Makefile: $(srcdir)/Makefile.in config.status ###################################################################### # Samba Testing Framework +# Check for NSS module problems. +test_nss_modules: nss_modules + @echo "Testing $(NSS_MODULES) " + @for module in $(NSS_MODULES); do \ + ./script/tests/dlopen.sh $${module} \ + || exit 1; \ + done + # Check for PAM module problems. Specifically, check that every module we # built can actually be loaded by a minimal PAM-aware application. test_pam_modules: pam_modules diff --git a/source/VERSION b/source/VERSION index 4d4416c8ee3..f7232a2130d 100644 --- a/source/VERSION +++ b/source/VERSION @@ -28,8 +28,7 @@ SAMBA_VERSION_MINOR=0 SAMBA_VERSION_RELEASE=25 ######################################################## -# If a official release has a serious bug # -# a security release will have 'a' sufffix # +# Bug fix releases use a letter for the patch revision # # # # so SAMBA's version will be # # <MAJOR>.<MINOR>.<RELEASE><REVISION> # @@ -47,7 +46,7 @@ SAMBA_VERSION_REVISION= # e.g. SAMBA_VERSION_PRE_RELEASE=1 # # -> "2.2.9pre1" # ######################################################## -SAMBA_VERSION_PRE_RELEASE=2 +SAMBA_VERSION_PRE_RELEASE= ######################################################## # For 'rc' releases the version will be # @@ -57,7 +56,7 @@ SAMBA_VERSION_PRE_RELEASE=2 # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # ######################################################## -SAMBA_VERSION_RC_RELEASE= +SAMBA_VERSION_RC_RELEASE=1 ######################################################## # To mark SVN snapshots this should be set to 'yes' # diff --git a/source/client/client.c b/source/client/client.c index e95b9ed9ce3..e1b19e495dc 100644 --- a/source/client/client.c +++ b/source/client/client.c @@ -3847,6 +3847,8 @@ static int do_message_op(void) char *p; int rc = 0; fstring new_workgroup; + BOOL tar_opt = False; + BOOL service_opt = False; struct poptOption long_options[] = { POPT_AUTOHELP @@ -3893,13 +3895,43 @@ static int do_message_op(void) x_setbuf( dbf, NULL ); } - pc = poptGetContext("smbclient", argc, (const char **) argv, long_options, - POPT_CONTEXT_KEEP_FIRST); + /* skip argv(0) */ + pc = poptGetContext("smbclient", argc, (const char **) argv, long_options, 0); poptSetOtherOptionHelp(pc, "service <password>"); in_client = True; /* Make sure that we tell lp_load we are */ while ((opt = poptGetNextOpt(pc)) != -1) { + + /* if the tar option has been called previouslt, now we need to eat out the leftovers */ + /* I see no other way to keep things sane --SSS */ + if (tar_opt == True) { + while (poptPeekArg(pc)) { + poptGetArg(pc); + } + tar_opt = False; + } + + /* if the service has not yet been specified lets see if it is available in the popt stack */ + if (!service_opt && poptPeekArg(pc)) { + pstrcpy(service, poptGetArg(pc)); + /* Convert any '/' characters in the service name to '\' characters */ + string_replace(service, '/','\\'); + + if (count_chars(service,'\\') < 3) { + d_printf("\n%s: Not enough '\\' characters in service\n",service); + poptPrintUsage(pc, stderr, 0); + exit(1); + } + service_opt = True; + } + + /* if the service has already been retrieved then check if we have also a password */ + if (service_opt && (!cmdline_auth_info.got_pass) && poptPeekArg(pc)) { + pstrcpy(cmdline_auth_info.password, poptGetArg(pc)); + cmdline_auth_info.got_pass = True; + } + switch (opt) { case 'M': /* Messages are sent to NetBIOS name type 0x3 @@ -3954,13 +3986,9 @@ static int do_message_op(void) poptPrintUsage(pc, stderr, 0); exit(1); } - /* Now we must eat (optnum - i) options - they have - * been processed by tar_parseargs(). - */ - optnum -= i; - for (i = 0; i < optnum; i++) - poptGetOptArg(pc); } + /* this must be the last option, mark we have parsed it so that we know we have */ + tar_opt = True; break; case 'D': pstrcpy(base_directory,poptGetOptArg(pc)); @@ -3971,8 +3999,34 @@ static int do_message_op(void) } } - poptGetArg(pc); + /* We may still have some leftovers after the last popt option has been called */ + if (tar_opt == True) { + while (poptPeekArg(pc)) { + poptGetArg(pc); + } + tar_opt = False; + } + + /* if the service has not yet been specified lets see if it is available in the popt stack */ + if (!service_opt && poptPeekArg(pc)) { + pstrcpy(service, poptGetArg(pc)); + /* Convert any '/' characters in the service name to '\' characters */ + string_replace(service, '/','\\'); + + if (count_chars(service,'\\') < 3) { + d_printf("\n%s: Not enough '\\' characters in service\n",service); + poptPrintUsage(pc, stderr, 0); + exit(1); + } + service_opt = True; + } + /* if the service has already been retrieved then check if we have also a password */ + if (service_opt && (!cmdline_auth_info.got_pass) && poptPeekArg(pc)) { + pstrcpy(cmdline_auth_info.password, poptGetArg(pc)); + cmdline_auth_info.got_pass = True; + } + /* check for the -P option */ if ( port != 0 ) @@ -4011,23 +4065,6 @@ static int do_message_op(void) else pstrcpy( calling_name, global_myname() ); - if(poptPeekArg(pc)) { - pstrcpy(service,poptGetArg(pc)); - /* Convert any '/' characters in the service name to '\' characters */ - string_replace(service, '/','\\'); - - if (count_chars(service,'\\') < 3) { - d_printf("\n%s: Not enough '\\' characters in service\n",service); - poptPrintUsage(pc, stderr, 0); - exit(1); - } - } - - if (poptPeekArg(pc) && !cmdline_auth_info.got_pass) { - cmdline_auth_info.got_pass = True; - pstrcpy(cmdline_auth_info.password,poptGetArg(pc)); - } - init_names(); if(new_name_resolve_order) diff --git a/source/configure.in b/source/configure.in index 13152f39b24..53e394f0024 100644 --- a/source/configure.in +++ b/source/configure.in @@ -36,7 +36,7 @@ pammodulesdir="\${LIBDIR}/security" configdir="\${LIBDIR}" swatdir="\${prefix}/swat" -AC_ARG_WITH(fhs, +AC_ARG_WITH(fhs, [ --with-fhs Use FHS-compliant paths (default=no)], [ case "$withval" in yes) @@ -294,7 +294,6 @@ AC_SUBST(IDMAP_LIBS) AC_SUBST(KRB5_LIBS) AC_SUBST(UUID_LIBS) AC_SUBST(LDAP_LIBS) -AC_SUBST(SHLIB_PROGS) AC_SUBST(PAM_MODULES) AC_SUBST(INSTALL_PAM_MODULES) AC_SUBST(UNINSTALL_PAM_MODULES) @@ -310,7 +309,7 @@ AC_SUBST(NSCD_LIBS) ## check for --enable-debug first before checking CFLAGS before ## so that we don't mix -O and -g -AC_ARG_ENABLE(debug, +AC_ARG_ENABLE(debug, [ --enable-debug Turn on compiler debugging information (default=no)], [if eval "test x$enable_debug = xyes"; then CFLAGS="${CFLAGS} -g" @@ -360,7 +359,7 @@ AC_ARG_WITH(smbtorture4_path, * ) smbtorture4_path="$withval" if test -z "$smbtorture4_path" -a ! -f $smbtorture4_path; then - AC_MSG_ERROR(['$smbtorture_path' does not exist!]) + AC_MSG_ERROR(['$smbtorture_path' does not exist!]) fi ;; esac @@ -399,7 +398,7 @@ AC_ARG_ENABLE(dmalloc, [ --enable-dmalloc Enable heap debugging [default if test "x$enable_dmalloc" = xyes then AC_DEFINE(ENABLE_DMALLOC, 1, [Define to turn on dmalloc debugging]) - AC_DEFINE(DMALLOC_FUNC_CHECK, 1, + AC_DEFINE(DMALLOC_FUNC_CHECK, 1, [Define to check invariants around some common functions]) LIBS="$LIBS -ldmalloc" fi @@ -435,7 +434,7 @@ dnl Check if we use GNU ld LD=ld AC_PROG_LD_GNU -dnl Certain versions of GNU ld the default is not to have the +dnl Certain versions of GNU ld the default is not to have the dnl --allow-shlib-undefined flag defined. This causes a stackload of dnl warnings when building modules. if test "$ac_cv_prog_gnu_ld" = "yes"; then @@ -489,7 +488,7 @@ AC_CACHE_CHECK([that the C compiler understands -Werror],samba_cv_HAVE_Werror, [ samba_cv_HAVE_Werror=yes,samba_cv_HAVE_Werror=no,samba_cv_HAVE_Werror=cross)]) if test x"$samba_cv_HAVE_Werror" = x"yes"; then Werror_FLAGS="-Werror" -else +else dnl Check if the C compiler understands -w2 AC_CACHE_CHECK([that the C compiler understands -w2],samba_cv_HAVE_w2, [ AC_TRY_RUN_STRICT([ @@ -592,7 +591,7 @@ dnl These have to be built static: default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_reg rpc_shutdown rpc_lsa_ds rpc_wkssvc rpc_svcctl rpc_ntsvcs rpc_net rpc_netdfs rpc_srvsvc rpc_spoolss rpc_eventlog rpc_echo auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin vfs_default nss_info_template" dnl These are preferably build shared, and static if dlopen() is not available -default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy charset_CP850 charset_CP437 auth_script" +default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy charset_CP850 charset_CP437 auth_script vfs_readahead" if test "x$developer" = xyes; then default_static_modules="$default_static_modules rpc_rpcecho" @@ -605,7 +604,6 @@ fi # case statement; its first reference must be unconditional. # case "$host_os" in -# Try to work out if this is the native HPUX compiler that uses the -Ae flag. *hpux*) # # Defines needed for HPUX support. @@ -649,7 +647,7 @@ case "$host_os" in AC_MSG_RESULT([enabling large file support]) CPPFLAGS="$CPPFLAGS -D_LARGE_FILES" AC_DEFINE(_LARGE_FILES, 1, [Whether to enable large file support]) - ;; + ;; # # Defines needed for Solaris 2.6/2.7 aka 7.0 to make it admit # to the existance of large files.. @@ -915,14 +913,14 @@ AC_CHECK_HEADERS(shadow.h) AC_CHECK_HEADERS(nss.h nss_common.h nsswitch.h ns_api.h sys/security.h) AC_CHECK_HEADERS(syscall.h sys/syscall.h) -AC_CHECK_HEADERS(sys/acl.h sys/attributes.h attr/xattr.h sys/xattr.h sys/extattr.h sys/uio.h) +AC_CHECK_HEADERS(sys/attributes.h attr/xattr.h sys/xattr.h sys/extattr.h sys/uio.h) AC_CHECK_HEADERS(sys/ea.h sys/proplist.h) AC_CHECK_HEADERS(sys/cdefs.h glob.h) # For experimental utmp support (lastlog on some BSD-like systems) AC_CHECK_HEADERS(utmp.h utmpx.h lastlog.h) - + AC_CHECK_SIZEOF(int,cross) AC_CHECK_SIZEOF(long,cross) AC_CHECK_SIZEOF(long long,cross) @@ -946,7 +944,7 @@ AC_CHECK_TYPE(loff_t,off_t) AC_CHECK_TYPE(offset_t,loff_t) AC_CHECK_TYPE(ssize_t, int) AC_CHECK_TYPE(wchar_t, unsigned short) -AC_CHECK_TYPE(comparison_fn_t, +AC_CHECK_TYPE(comparison_fn_t, [AC_DEFINE(HAVE_COMPARISON_FN_T, 1,[Whether or not we have comparison_fn_t])]) ############################################ @@ -1007,7 +1005,7 @@ AC_CACHE_CHECK([for unix domain sockets],samba_cv_unixsocket, [ #include <sys/socket.h> #include <sys/un.h>], [ - struct sockaddr_un sunaddr; + struct sockaddr_un sunaddr; sunaddr.sun_family = AF_UNIX; ], samba_cv_unixsocket=yes,samba_cv_unixsocket=no)]) @@ -1163,7 +1161,7 @@ AC_SUBST(TERMLDFLAGS) # code will generate warnings on one of them unless we have a few # special cases. AC_CHECK_LIB(readline, rl_completion_matches, - [AC_DEFINE(HAVE_NEW_LIBREADLINE, 1, + [AC_DEFINE(HAVE_NEW_LIBREADLINE, 1, [Do we have rl_completion_matches?])], [], [$TERMLIBS]) @@ -1201,7 +1199,7 @@ if test x"$ac_cv_func_connect" = x"no"; then esac dnl We can't just call AC_CHECK_FUNCS(connect) here, because the value dnl has been cached. - if test x"$ac_cv_lib_socket_connect" = x"yes" || + if test x"$ac_cv_lib_socket_connect" = x"yes" || test x"$ac_cv_lib_inet_connect" = x"yes"; then # ac_cv_func_connect=yes # don't! it would cause AC_CHECK_FUNC to succeed next time configure is run @@ -1222,7 +1220,8 @@ fi AC_CHECK_FUNCS(waitpid getcwd strdup strndup strnlen strerror chown fchown chmod fchmod chroot link mknod mknod64) AC_CHECK_FUNCS(strtol strtoll strtoul strtoull strtouq __strtoull) -AC_CHECK_FUNCS(fstat strchr utime utimes getrlimit fsync memset strlcpy strlcat setpgid) +AC_CHECK_FUNCS(fstat strchr utime utimes chflags) +AC_CHECK_FUNCS(getrlimit fsync memset strlcpy strlcat setpgid) AC_CHECK_FUNCS(memmove vsnprintf snprintf asprintf vasprintf setsid glob strpbrk pipe crypt16 getauthuid) AC_CHECK_FUNCS(strftime sigprocmask sigblock sigaction sigset innetgr setnetgrent getnetgrent endnetgrent) AC_CHECK_FUNCS(initgroups select poll rdchk getgrnam getgrent pathconf realpath) @@ -1283,7 +1282,7 @@ AC_TRY_LINK( ], [ unw_context_t ctx; unw_cursor_t cur; - char buf[256]; unw_word_t off; + char buf[256]; unw_word_t off; unw_getcontext(&ctx); unw_init_local(&cur, &ctx); unw_get_proc_name(&cur, buf, sizeof(buf), &off); ], @@ -1370,7 +1369,7 @@ AC_TRY_COMPILE([ AC_DEFINE(HAVE_PRCTL, 1, [Whether prctl is available]),[]) # -# +# # case "$host_os" in *linux*) @@ -1451,7 +1450,7 @@ fi # Check whether struct stat has timestamps with sub-second resolution. # At least IRIX and Solaris have these. # -# We check that +# We check that # all of st_mtim, st_atim and st_ctim exist # all of the members are in fact of type struct timespec # @@ -1677,9 +1676,9 @@ SHLIBEXT="so" *linux*) AC_DEFINE(LINUX,1,[Whether the host os is linux]) BLDSHARED="true" if test "${ac_cv_gnu_ld_no_default_allow_shlib_undefined}" = "yes"; then - LDSHFLAGS="-shared -Wl,-Bsymbolic -Wl,--allow-shlib-undefined" + LDSHFLAGS="-shared -Wl,-Bsymbolic -Wl,--allow-shlib-undefined" else - LDSHFLAGS="-shared -Wl,-Bsymbolic" + LDSHFLAGS="-shared -Wl,-Bsymbolic" fi DYNEXP="-Wl,--export-dynamic" PICFLAG="-fPIC" @@ -1698,7 +1697,7 @@ SHLIBEXT="so" fi else PICFLAG="-KPIC" - ## ${CFLAGS} added for building 64-bit shared + ## ${CFLAGS} added for building 64-bit shared ## libs using Sun's Compiler LDSHFLAGS="-G \${CFLAGS}" fi @@ -1713,7 +1712,7 @@ SHLIBEXT="so" AC_DEFINE(STAT_ST_BLOCKSIZE,512) AC_DEFINE(BROKEN_GETGRNAM,1,[Does getgrnam work correctly]) ;; - *netbsd* | *freebsd* | *dragonfly* ) + *netbsd* | *freebsd* | *dragonfly* ) BLDSHARED="true" LDSHFLAGS="-shared" DYNEXP="-Wl,--export-dynamic" @@ -1741,7 +1740,7 @@ SHLIBEXT="so" SHLD="\${LD}" if test "${GCC}" = "yes"; then PICFLAG="-fPIC" - else + else PICFLAG="-KPIC" fi AC_DEFINE(STAT_ST_BLOCKSIZE,512,[The size of a block]) @@ -1764,14 +1763,15 @@ SHLIBEXT="so" ;; *hpux*) AC_DEFINE(HPUX,1,[Whether the host os is HPUX]) # Use special PIC flags for the native HP-UX compiler. - if test $ac_cv_prog_cc_Ae = yes; then BLDSHARED="true" SHLD="cc" LDSHFLAGS="-b -Wl,-B,symbolic,-b,-z" SONAMEFLAG="-Wl,+h " PICFLAG="+z" - elif test "${GCC}" = "yes"; then + if test "${GCC}" = "yes"; then PICFLAG="-fPIC" + else + PICFLAG="+z" fi if test "$host_cpu" = "ia64"; then SHLIBEXT="so" @@ -1878,7 +1878,7 @@ AC_MSG_RESULT([$PICFLAG]) AC_MSG_CHECKING([NSSSONAMEVERSIONSUFFIX]) AC_MSG_RESULT([$NSSSONAMEVERSIONSUFFIX]) -AC_CACHE_CHECK([whether building shared libraries actually works], +AC_CACHE_CHECK([whether building shared libraries actually works], [ac_cv_shlib_works],[ # try building a trivial shared library ac_cv_shlib_works=no @@ -1934,7 +1934,7 @@ if test x"$samba_cv_compiler_supports_ll" = x"yes"; then AC_DEFINE(COMPILER_SUPPORTS_LL,1,[Whether the compiler supports the LL prefix on long long integers]) fi - + AC_CACHE_CHECK([for 64 bit off_t],samba_cv_SIZEOF_OFF_T,[ AC_TRY_RUN([#include <stdio.h> #include <sys/stat.h> @@ -2155,7 +2155,7 @@ AC_CACHE_CHECK([for C99 vsnprintf],samba_cv_HAVE_C99_VSNPRINTF,[ AC_TRY_RUN([ #include <sys/types.h> #include <stdarg.h> -void foo(const char *format, ...) { +void foo(const char *format, ...) { va_list ap; int len; char buf[5]; @@ -2218,7 +2218,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UT_UT_NAME=yes,samba_cv_HAVE_UT_UT_NAME=no,samba_cv_HAVE_UT_UT_NAME=cross)]) if test x"$samba_cv_HAVE_UT_UT_NAME" = x"yes"; then AC_DEFINE(HAVE_UT_UT_NAME,1,[Whether the utmp struct has a property ut_name]) -fi +fi AC_CACHE_CHECK([for ut_user in utmp],samba_cv_HAVE_UT_UT_USER,[ AC_TRY_COMPILE([#include <sys/types.h> @@ -2227,7 +2227,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UT_UT_USER=yes,samba_cv_HAVE_UT_UT_USER=no,samba_cv_HAVE_UT_UT_USER=cross)]) if test x"$samba_cv_HAVE_UT_UT_USER" = x"yes"; then AC_DEFINE(HAVE_UT_UT_USER,1,[Whether the utmp struct has a property ut_user]) -fi +fi AC_CACHE_CHECK([for ut_id in utmp],samba_cv_HAVE_UT_UT_ID,[ AC_TRY_COMPILE([#include <sys/types.h> @@ -2236,7 +2236,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UT_UT_ID=yes,samba_cv_HAVE_UT_UT_ID=no,samba_cv_HAVE_UT_UT_ID=cross)]) if test x"$samba_cv_HAVE_UT_UT_ID" = x"yes"; then AC_DEFINE(HAVE_UT_UT_ID,1,[Whether the utmp struct has a property ut_id]) -fi +fi AC_CACHE_CHECK([for ut_host in utmp],samba_cv_HAVE_UT_UT_HOST,[ AC_TRY_COMPILE([#include <sys/types.h> @@ -2245,7 +2245,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UT_UT_HOST=yes,samba_cv_HAVE_UT_UT_HOST=no,samba_cv_HAVE_UT_UT_HOST=cross)]) if test x"$samba_cv_HAVE_UT_UT_HOST" = x"yes"; then AC_DEFINE(HAVE_UT_UT_HOST,1,[Whether the utmp struct has a property ut_host]) -fi +fi AC_CACHE_CHECK([for ut_time in utmp],samba_cv_HAVE_UT_UT_TIME,[ AC_TRY_COMPILE([#include <sys/types.h> @@ -2254,7 +2254,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UT_UT_TIME=yes,samba_cv_HAVE_UT_UT_TIME=no,samba_cv_HAVE_UT_UT_TIME=cross)]) if test x"$samba_cv_HAVE_UT_UT_TIME" = x"yes"; then AC_DEFINE(HAVE_UT_UT_TIME,1,[Whether the utmp struct has a property ut_time]) -fi +fi AC_CACHE_CHECK([for ut_tv in utmp],samba_cv_HAVE_UT_UT_TV,[ AC_TRY_COMPILE([#include <sys/types.h> @@ -2263,7 +2263,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UT_UT_TV=yes,samba_cv_HAVE_UT_UT_TV=no,samba_cv_HAVE_UT_UT_TV=cross)]) if test x"$samba_cv_HAVE_UT_UT_TV" = x"yes"; then AC_DEFINE(HAVE_UT_UT_TV,1,[Whether the utmp struct has a property ut_tv]) -fi +fi AC_CACHE_CHECK([for ut_type in utmp],samba_cv_HAVE_UT_UT_TYPE,[ AC_TRY_COMPILE([#include <sys/types.h> @@ -2272,7 +2272,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UT_UT_TYPE=yes,samba_cv_HAVE_UT_UT_TYPE=no,samba_cv_HAVE_UT_UT_TYPE=cross)]) if test x"$samba_cv_HAVE_UT_UT_TYPE" = x"yes"; then AC_DEFINE(HAVE_UT_UT_TYPE,1,[Whether the utmp struct has a property ut_type]) -fi +fi AC_CACHE_CHECK([for ut_pid in utmp],samba_cv_HAVE_UT_UT_PID,[ AC_TRY_COMPILE([#include <sys/types.h> @@ -2281,7 +2281,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UT_UT_PID=yes,samba_cv_HAVE_UT_UT_PID=no,samba_cv_HAVE_UT_UT_PID=cross)]) if test x"$samba_cv_HAVE_UT_UT_PID" = x"yes"; then AC_DEFINE(HAVE_UT_UT_PID,1,[Whether the utmp struct has a property ut_pid]) -fi +fi AC_CACHE_CHECK([for ut_exit in utmp],samba_cv_HAVE_UT_UT_EXIT,[ AC_TRY_COMPILE([#include <sys/types.h> @@ -2290,7 +2290,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UT_UT_EXIT=yes,samba_cv_HAVE_UT_UT_EXIT=no,samba_cv_HAVE_UT_UT_EXIT=cross)]) if test x"$samba_cv_HAVE_UT_UT_EXIT" = x"yes"; then AC_DEFINE(HAVE_UT_UT_EXIT,1,[Whether the utmp struct has a property ut_exit]) -fi +fi AC_CACHE_CHECK([for ut_addr in utmp],samba_cv_HAVE_UT_UT_ADDR,[ AC_TRY_COMPILE([#include <sys/types.h> @@ -2299,7 +2299,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UT_UT_ADDR=yes,samba_cv_HAVE_UT_UT_ADDR=no,samba_cv_HAVE_UT_UT_ADDR=cross)]) if test x"$samba_cv_HAVE_UT_UT_ADDR" = x"yes"; then AC_DEFINE(HAVE_UT_UT_ADDR,1,[Whether the utmp struct has a property ut_addr]) -fi +fi if test x$ac_cv_func_pututline = xyes ; then AC_CACHE_CHECK([whether pututline returns pointer],samba_cv_PUTUTLINE_RETURNS_UTMP,[ @@ -2319,7 +2319,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_UX_UT_SYSLEN=yes,samba_cv_HAVE_UX_UT_SYSLEN=no,samba_cv_HAVE_UX_UT_SYSLEN=cross)]) if test x"$samba_cv_HAVE_UX_UT_SYSLEN" = x"yes"; then AC_DEFINE(HAVE_UX_UT_SYSLEN,1,[Whether the utmpx struct has a property ut_syslen]) -fi +fi fi # end utmp details @@ -2353,7 +2353,7 @@ dnl Perhaps we should always add a -L dnl Check lib and lib32 library variants to cater for IRIX ABI-specific dnl installation paths. This gets a little tricky since we might have iconv dnl in both libiconv and in libc. In this case the jm_ICONV test will always -dnl succeed when the header is found. To counter this, make sure the +dnl succeed when the header is found. To counter this, make sure the dnl library directory is there and check the ABI directory first (which dnl should be harmless on other systems. dnl For IA64 HPUX systems, the libs are located in lib/hpux32 instead of lib. @@ -2422,7 +2422,7 @@ dnl AC_CACHE_CHECK([for working iconv],samba_cv_HAVE_NATIVE_ICONV,[ if test "$default_dos_charset" != "no" -a \ "$default_dos_charset" != "cross" -a \ - "$default_display_charset" != "no" -a \ + "$default_display_charset" != "no" -a \ "$default_display_charset" != "cross" -a \ "$default_unix_charset" != "no" -a \ "$default_unix_charset" != "cross" @@ -2469,7 +2469,7 @@ unset libext if test x"$ICONV_FOUND" = x"no" -o x"$samba_cv_HAVE_NATIVE_ICONV" != x"yes" ; then - AC_MSG_WARN([Sufficient support for iconv function was not found. + AC_MSG_WARN([Sufficient support for iconv function was not found. Install libiconv from http://freshmeat.net/projects/libiconv/ for better charset compatibility!]) AC_DEFINE_UNQUOTED(DEFAULT_DOS_CHARSET,"ASCII",[Default dos charset name]) AC_DEFINE_UNQUOTED(DEFAULT_DISPLAY_CHARSET,"ASCII",[Default display charset name]) @@ -2745,10 +2745,10 @@ AC_TRY_RUN([#include <stdlib.h> #include <sys/types.h> #include <sys/stat.h> #include <unistd.h> -main() { +main() { struct stat st; - char tpl[20]="/tmp/test.XXXXXX"; - int fd = mkstemp(tpl); + char tpl[20]="/tmp/test.XXXXXX"; + int fd = mkstemp(tpl); if (fd == -1) exit(1); unlink(tpl); if (fstat(fd, &st) != 0) exit(1); @@ -2916,7 +2916,7 @@ else dnl dnl Don't check for 64 bit fcntl locking if we know that the dnl glibc2.1 broken check has succeeded. -dnl +dnl AC_CACHE_CHECK([for 64 bit fcntl locking],samba_cv_HAVE_STRUCT_FLOCK64,[ AC_TRY_RUN([ @@ -2955,7 +2955,7 @@ AC_TRY_COMPILE([#include <sys/types.h> samba_cv_HAVE_STAT_ST_BLOCKS=yes,samba_cv_HAVE_STAT_ST_BLOCKS=no,samba_cv_HAVE_STAT_ST_BLOCKS=cross)]) if test x"$samba_cv_HAVE_STAT_ST_BLOCKS" = x"yes"; then AC_DEFINE(HAVE_STAT_ST_BLOCKS,1,[Whether the stat struct has a st_block property]) -fi +fi AC_CACHE_CHECK([for st_blksize in struct stat],samba_cv_HAVE_STAT_ST_BLKSIZE,[ AC_TRY_COMPILE([#include <sys/types.h> @@ -3079,7 +3079,7 @@ if test x"$samba_cv_WITH_AFS" != x"no" || else AC_MSG_RESULT(no) fi - + # check for afs.h have_afs_headers=no AC_CHECK_HEADERS(afs.h afs/afs.h) @@ -3171,7 +3171,7 @@ if test x"$with_ldap_support" != x"no"; then # first test for ldap.h and lber.h # (ldap.h is required for this test) AC_CHECK_HEADERS(ldap.h lber.h) - + if test x"$ac_cv_header_ldap_h" != x"yes"; then if test x"$with_ldap_support" = x"yes"; then AC_MSG_ERROR(ldap.h is needed for LDAP support) @@ -3183,16 +3183,26 @@ if test x"$with_ldap_support" != x"no"; then fi ################################################################## - # HP/UX does not have ber_tag_t, disable LDAP there - AC_CHECK_TYPE(ber_tag_t,,,[#include <lber.h>]) - if test x"$ac_cv_type_ber_tag_t" != x"yes"; then - if test x"$with_ldap_support" = x"yes"; then - AC_MSG_ERROR(ber_tag_t is needed for LDAP support) - else + # HP/UX does not have ber_tag_t in lber.h - it must be configured as + # unsigned int in include/includes.h + case $host_os in + *hpux*) AC_MSG_WARN(ber_tag_t is needed for LDAP support) - fi - with_ldap_support=no - fi + AC_MSG_WARN(ber_tag_t must be configured in includes.h for hpux) + with_ldap_support=yes + ;; + *) + AC_CHECK_TYPE(ber_tag_t,,,[#include <lber.h>]) + if test x"$ac_cv_type_ber_tag_t" != x"yes"; then + if test x"$with_ldap_support" = x"yes"; then + AC_MSG_ERROR(ber_tag_t is needed for LDAP support) + else + AC_MSG_WARN(ber_tag_t is needed for LDAP support) + fi + with_ldap_support=no + fi + ;; + esac fi if test x"$with_ldap_support" != x"no"; then @@ -3216,17 +3226,17 @@ if test x"$with_ldap_support" != x"no"; then AC_CACHE_CHECK(whether ldap_set_rebind_proc takes 3 arguments, smb_ldap_cv_ldap_set_rebind_proc, [ AC_TRY_COMPILE([ #include <lber.h> - #include <ldap.h>], - [ldap_set_rebind_proc(0, 0, 0);], - [smb_ldap_cv_ldap_set_rebind_proc=3], + #include <ldap.h>], + [ldap_set_rebind_proc(0, 0, 0);], + [smb_ldap_cv_ldap_set_rebind_proc=3], [smb_ldap_cv_ldap_set_rebind_proc=2] - ) + ) ]) - + AC_DEFINE_UNQUOTED(LDAP_SET_REBIND_PROC_ARGS, $smb_ldap_cv_ldap_set_rebind_proc, [Number of arguments to ldap_set_rebind_proc]) AC_CHECK_FUNC_EXT(ldap_initialize,$LDAP_LIBS) - + if test x"$ac_cv_lib_ext_ldap_ldap_init" = x"yes"; then AC_DEFINE(HAVE_LDAP,1,[Whether ldap is available]) CPPFLAGS="$CPPFLAGS -DLDAP_DEPRECATED" @@ -3243,7 +3253,7 @@ if test x"$with_ldap_support" != x"no"; then else AC_MSG_WARN(libldap is needed for LDAP support) fi - + LDAP_LIBS="" with_ldap_support=no fi @@ -3284,6 +3294,21 @@ else # Check to see whether there is enough LDAP functionality to be able # to build AD support. +# HPUX only has ldap_init; ok, we take care of this in smbldap.c +case "$host_os" in + *hpux*) + AC_CHECK_FUNC_EXT(ldap_init,$LDAP_LIBS) + + if test x"$ac_cv_func_ext_ldap_init" != x"yes"; then + if test x"$with_ads_support" = x"yes"; then + AC_MSG_ERROR(Active Directory support on HPUX requires ldap_init) + elif test x"$with_ads_support" = x"auto"; then + AC_MSG_WARN(Disabling Active Directory support (requires ldap_init on HPUX)) + with_ads_support=no + fi + fi + ;; + *) AC_CHECK_FUNC_EXT(ldap_initialize,$LDAP_LIBS) if test x"$ac_cv_func_ext_ldap_initialize" != x"yes"; then @@ -3294,6 +3319,9 @@ else with_ads_support=no fi fi + ;; +esac + AC_CHECK_FUNC_EXT(ldap_add_result_entry,$LDAP_LIBS) @@ -3312,7 +3340,7 @@ if test x"$with_ads_support" != x"no"; then # Do no harm to the values of CFLAGS and LIBS while testing for # Kerberos support. - + if test x$FOUND_KRB5 = x"no"; then ################################################# # check for location of Kerberos 5 install @@ -3353,7 +3381,7 @@ if test x"$with_ads_support" != x"no"; then LDFLAGS="";export LDFLAGS KRB5_LIBS="`$KRB5CONFIG --libs gssapi`" KRB5_LDFLAGS="`$KRB5CONFIG --libs gssapi | sed s/-lgss.*//`" - KRB5_CFLAGS="`$KRB5CONFIG --cflags | sed s/@INCLUDE_des@//`" + KRB5_CFLAGS="`$KRB5CONFIG --cflags | sed s/@INCLUDE_des@//`" KRB5_CPPFLAGS="`$KRB5CONFIG --cflags | sed s/@INCLUDE_des@//`" CFLAGS=$ac_save_CFLAGS;export CFLAGS LDFLAGS=$ac_save_LDFLAGS;export LDFLAGS @@ -3362,7 +3390,7 @@ if test x"$with_ads_support" != x"no"; then else AC_MSG_RESULT(no. Fallback to previous krb5 detection strategy) fi - + if test x$FOUND_KRB5 = x"no"; then ################################################# # see if this box has the SuSE location for the heimdal krb implementation @@ -3426,7 +3454,7 @@ if test x"$with_ads_support" != x"no"; then # Turn off AD support and restore CFLAGS and LIBS variables with_ads_support="no" - + CFLAGS=$ac_save_CFLAGS CPPFLAGS=$ac_save_CPPFLAGS LDFLAGS=$ac_save_LDFLAGS @@ -3476,14 +3504,14 @@ if test x"$with_ads_support" != x"no"; then AC_CHECK_FUNC_EXT(krb5_set_default_tgs_ktypes, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_principal2salt, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_use_enctype, $KRB5_LIBS) - AC_CHECK_FUNC_EXT(krb5_string_to_key, $KRB5_LIBS) + AC_CHECK_FUNC_EXT(krb5_string_to_key, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_get_pw_salt, $KRB5_LIBS) - AC_CHECK_FUNC_EXT(krb5_string_to_key_salt, $KRB5_LIBS) + AC_CHECK_FUNC_EXT(krb5_string_to_key_salt, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_auth_con_setkey, $KRB5_LIBS) - AC_CHECK_FUNC_EXT(krb5_auth_con_setuseruserkey, $KRB5_LIBS) + AC_CHECK_FUNC_EXT(krb5_auth_con_setuseruserkey, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_locate_kdc, $KRB5_LIBS) - AC_CHECK_FUNC_EXT(krb5_get_permitted_enctypes, $KRB5_LIBS) - AC_CHECK_FUNC_EXT(krb5_get_default_in_tkt_etypes, $KRB5_LIBS) + AC_CHECK_FUNC_EXT(krb5_get_permitted_enctypes, $KRB5_LIBS) + AC_CHECK_FUNC_EXT(krb5_get_default_in_tkt_etypes, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_free_data_contents, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_principal_get_comp_string, $KRB5_LIBS) AC_CHECK_FUNC_EXT(krb5_free_unparsed_name, $KRB5_LIBS) @@ -3537,11 +3565,11 @@ if test x"$with_ads_support" != x"no"; then AC_CACHE_CHECK(whether krb5_verify_checksum takes 7 arguments, smb_krb5_verify_checksum, [ AC_TRY_COMPILE([ - #include <krb5.h>], - [krb5_verify_checksum(0, 0, 0, 0, 0, 0, 0);], - [smb_krb5_verify_checksum=7], - [smb_krb5_verify_checksum=6], - ) + #include <krb5.h>], + [krb5_verify_checksum(0, 0, 0, 0, 0, 0, 0);], + [smb_krb5_verify_checksum=7], + [smb_krb5_verify_checksum=6], + ) ]) AC_DEFINE_UNQUOTED(KRB5_VERIFY_CHECKSUM_ARGS, $smb_krb5_verify_checksum, [Number of arguments to krb5_verify_checksum]) @@ -3641,7 +3669,7 @@ if test x"$with_ads_support" != x"no"; then [Whether the krb5_address struct has a addr_type property]) fi - AC_CACHE_CHECK([for enc_part2 in krb5_ticket], + AC_CACHE_CHECK([for enc_part2 in krb5_ticket], samba_cv_HAVE_KRB5_TKT_ENC_PART2, [AC_TRY_COMPILE([#include <krb5.h>], [krb5_ticket tkt; tkt.enc_part2->authorization_data[0]->contents = NULL;], @@ -3743,7 +3771,7 @@ if test x"$with_ads_support" != x"no"; then AC_DEFINE(HAVE_KRB5_KU_OTHER_CKSUM,1, [Whether KRB5_KU_OTHER_CKSUM is available]) fi - + AC_CACHE_CHECK([for KRB5_KEYUSAGE_APP_DATA_CKSUM], samba_cv_HAVE_KRB5_KEYUSAGE_APP_DATA_CKSUM,[ AC_TRY_COMPILE([#include <krb5.h>], @@ -3868,7 +3896,7 @@ if test x"$with_ads_support" != x"no"; then # # # Now the decisions whether we can support krb5 - # + # # NOTE: all tests should be done before this block! # # @@ -3941,7 +3969,7 @@ if test x"$with_ads_support" != x"no"; then AC_REMOVE_DEFINE(HAVE_GSSAPI_GSSAPI_GENERIC_H) AC_REMOVE_DEFINE(HAVE_GSSAPI_GSSAPI_H) KRB5_LIBS="" - with_ads_support=no + with_ads_support=no fi AC_MSG_CHECKING(whether Active Directory and krb5 support is used) AC_MSG_RESULT([$use_ads]) @@ -3981,7 +4009,7 @@ if test x"$with_dnsupdate_support" != x"no"; then # then test for uuid.h (necessary to generate unique DNS keynames # (uuid.h is required for this test) AC_CHECK_HEADERS(uuid/uuid.h) - + if test x"$ac_cv_header_uuid_uuid_h" != x"yes"; then if test x"$with_dnsupdate_support" = x"yes"; then AC_MSG_ERROR(uuid.h is needed to enable DNS Updates support) @@ -3998,7 +4026,7 @@ if test x"$with_dnsupdate_support" != x"no"; then # Now see if we can find the uuid libs in standard paths # On some systems, the uuid API is in libc, so we have to # be careful not to insert a spurious -luuid. - + UUID_LIBS="" AC_LIBTESTFUNC(uuid, uuid_generate, [ @@ -4237,7 +4265,7 @@ fi fi ################################################# -# check for a NISPLUS_HOME support +# check for a NISPLUS_HOME support AC_MSG_CHECKING(whether to use NISPLUS_HOME) AC_ARG_WITH(nisplus-home, [ --with-nisplus-home Include NISPLUS_HOME support (default=no)], @@ -4413,7 +4441,7 @@ if test "$samba_cv_HAVE_SYS_QUOTA_XFS"x = "yes"x; then fi fi -# if we have struct dqblk .dqb_fsoftlimit instead of .dqb_isoftlimit on IRIX +# if we have struct dqblk .dqb_fsoftlimit instead of .dqb_isoftlimit on IRIX AC_CACHE_CHECK([if struct dqblk has .dqb_fsoftlimit],samba_cv_HAVE_DQB_FSOFTLIMIT, [ AC_TRY_COMPILE([ #include "confdefs.h" @@ -4494,13 +4522,13 @@ AC_CHECK_FUNCS(devnm) if test x"$samba_cv_WITH_SYS_QUOTAS" = x"yes"; then if test x"$samba_cv_SYSQUOTA_FOUND" != x"yes"; then - # if --with-sys-quotas=yes then build it + # if --with-sys-quotas=yes then build it # you have can use the get/set quota command smb.conf # options then samba_cv_SYSQUOTA_FOUND=auto fi if test x"$samba_cv_TRY_SYS_QUOTAS" != x"yes"; then - # if --with-sys-quotas=yes then build it + # if --with-sys-quotas=yes then build it # you have can use the get/set quota command smb.conf # options then samba_cv_TRY_SYS_QUOTAS=auto @@ -4523,7 +4551,7 @@ CPPFLAGS="$SAVE_CPPFLAGS" ]) if test x"$samba_cv_SYSQUOTA_WORKS" = x"yes"; then AC_MSG_CHECKING(whether to use the new lib/sysquotas.c interface) - if test x"$samba_cv_TRY_SYS_QUOTAS" != x"no"; then + if test x"$samba_cv_TRY_SYS_QUOTAS" != x"no"; then AC_DEFINE(WITH_QUOTAS,1,[Whether to use disk quota support]) AC_DEFINE(HAVE_SYS_QUOTAS,1,[Whether the new lib/sysquotas.c interface can be used]) samba_cv_WE_USE_SYS_QUOTAS=yes @@ -4642,7 +4670,7 @@ AC_MSG_CHECKING(whether to build the libmsrpc shared library) AC_ARG_WITH(libmsrpc, [ --with-libmsrpc Build the libmsrpc shared library (default=yes if shared libs supported)], [ case "$withval" in - no) + no) AC_MSG_RESULT(no) ;; *) @@ -4689,7 +4717,7 @@ AC_MSG_CHECKING(whether to build the libaddns shared library) AC_ARG_WITH(libaddns, [ --with-libaddns Build the libaddns shared library (default=yes if shared libs supported)], [ case "$withval" in - no) + no) AC_MSG_RESULT(no) ;; *) @@ -4735,7 +4763,7 @@ AC_MSG_CHECKING(whether to build the libsmbclient shared library) AC_ARG_WITH(libsmbclient, [ --with-libsmbclient Build the libsmbclient shared library (default=yes if shared libs supported)], [ case "$withval" in - no) + no) AC_MSG_RESULT(no) ;; *) @@ -5034,7 +5062,7 @@ AC_MSG_RESULT([$samba_cv_HAVE_EXPLICIT_LARGEFILE_SUPPORT]) # check for cluster extensions AC_MSG_CHECKING(whether to include cluster support) -AC_ARG_WITH(cluster-support, +AC_ARG_WITH(cluster-support, [ --with-cluster-support Enable cluster extensions (default=no)]) if test "x$with_cluster_support" = "xyes"; then AC_DEFINE(CLUSTER_SUPPORT,1,[Whether to enable cluster extensions]) @@ -5585,6 +5613,45 @@ samba_cv_HAVE_SENDFILE=yes,samba_cv_HAVE_SENDFILE=no)]) AC_MSG_RESULT(yes) ) +############################################ +# See if we have the Linux readahead syscall. + +AC_CACHE_CHECK([for Linux readahead], + samba_cv_HAVE_LINUX_READAHEAD,[ + AC_TRY_LINK([ +#if defined(HAVE_UNISTD_H) +#include <unistd.h> +#endif +#include <fcntl.h>], + [ssize_t err = readahead(0,0,0x80000);], + samba_cv_HAVE_LINUX_READAHEAD=yes, + samba_cv_HAVE_LINUX_READAHEAD=no)]) + +if test x"$samba_cv_HAVE_LINUX_READAHEAD" = x"yes"; then + AC_DEFINE(HAVE_LINUX_READAHEAD,1, + [Whether Linux readahead is available]) +fi + +############################################ +# See if we have the posix_fadvise syscall. + +AC_CACHE_CHECK([for posix_fadvise], + samba_cv_HAVE_POSIX_FADVISE,[ + AC_TRY_LINK([ +#if defined(HAVE_UNISTD_H) +#include <unistd.h> +#endif +#include <fcntl.h>], + [ssize_t err = posix_fadvise(0,0,0x80000,POSIX_FADV_WILLNEED);], + samba_cv_HAVE_POSIX_FADVISE=yes, + samba_cv_HAVE_POSIX_FADVISE=no)]) + +if test x"$samba_cv_HAVE_POSIX_FADVISE" = x"yes"; then + AC_DEFINE(HAVE_POSIX_FADVISE,1, + [Whether posix_fadvise is available]) +fi + + ################################################# # Check whether winbind is supported on this platform. If so we need to @@ -5681,7 +5748,7 @@ AC_SUBST(SMB_KRB5_LOCATOR) AC_ARG_WITH(winbind, [ --with-winbind Build winbind (default, if supported by OS)], -[ +[ case "$withval" in yes) HAVE_WINBIND=yes @@ -5715,14 +5782,10 @@ if test x"$HAVE_WINBIND" = x"yes"; then EXTRA_BIN_PROGS="$EXTRA_BIN_PROGS bin/wbinfo\$(EXEEXT)" EXTRA_SBIN_PROGS="$EXTRA_SBIN_PROGS bin/winbindd\$(EXEEXT)" - if test $BLDSHARED = true; then - SHLIB_PROGS="$SHLIB_PROGS $WINBIND_NSS $WINBIND_WINS_NSS" - - if test x"$create_pam_modules" = x"yes"; then - PAM_MODULES="$PAM_MODULES pam_winbind" - INSTALL_PAM_MODULES="installpammodules" - UNINSTALL_PAM_MODULES="uninstallpammodules" - fi + if test $BLDSHARED = true -a x"$create_pam_modules" = x"yes"; then + PAM_MODULES="$PAM_MODULES pam_winbind" + INSTALL_PAM_MODULES="installpammodules" + UNINSTALL_PAM_MODULES="uninstallpammodules" fi else AC_MSG_RESULT(no$winbind_no_reason) @@ -5734,8 +5797,8 @@ AC_CHECK_MEMBER(union nss_XbyY_key.ipnode.af_family, [#include <nss_dbdefs.h>]) # Solaris has some extra fields in struct passwd that need to be -# initialised otherwise nscd crashes. - +# initialised otherwise nscd crashes. + AC_CHECK_MEMBER(struct passwd.pw_comment, AC_DEFINE(HAVE_PASSWD_PW_COMMENT, 1, [Defined if struct passwd has pw_comment field]),, [#include <pwd.h>]) @@ -5765,11 +5828,11 @@ fi ################################################# -# Check to see if we should use the included popt +# Check to see if we should use the included popt AC_ARG_WITH(included-popt, [ --with-included-popt use bundled popt library, not from system], -[ +[ case "$withval" in yes) INCLUDED_POPT=yes @@ -5800,11 +5863,11 @@ AC_SUBST(POPTLIBS) AC_SUBST(FLAGS1) ################################################# -# Check to see if we should use the included iniparser +# Check to see if we should use the included iniparser AC_ARG_WITH(included-iniparser, [ --with-included-iniparser use bundled iniparser library, not from system], -[ +[ case "$withval" in yes) INCLUDED_INIPARSER=yes @@ -5906,7 +5969,7 @@ AC_ARG_WITH(shared-modules, done fi ]) -SMB_MODULE(pdb_ldap, passdb/pdb_ldap.o passdb/pdb_nds.o, "bin/ldapsam.$SHLIBEXT", PDB, +SMB_MODULE(pdb_ldap, passdb/pdb_ldap.o passdb/pdb_nds.o, "bin/ldapsam.$SHLIBEXT", PDB, [ PASSDB_LIBS="$PASSDB_LIBS $LDAP_LIBS" ] ) SMB_MODULE(pdb_smbpasswd, passdb/pdb_smbpasswd.o, "bin/smbpasswd.$SHLIBEXT", PDB) SMB_MODULE(pdb_tdbsam, passdb/pdb_tdb.o, "bin/tdbsam.$SHLIBEXT", PDB) @@ -5979,6 +6042,7 @@ SMB_MODULE(vfs_cacheprime, \$(VFS_CACHEPRIME_OBJ), "bin/cacheprime.$SHLIBEXT", V SMB_MODULE(vfs_prealloc, \$(VFS_PREALLOC_OBJ), "bin/prealloc.$SHLIBEXT", VFS) SMB_MODULE(vfs_commit, \$(VFS_COMMIT_OBJ), "bin/commit.$SHLIBEXT", VFS) SMB_MODULE(vfs_gpfs, \$(VFS_GPFS_OBJ), "bin/gpfs.$SHLIBEXT", VFS) +SMB_MODULE(vfs_readahead, \$(VFS_READAHEAD_OBJ), "bin/readahead.$SHLIBEXT", VFS) SMB_SUBSYSTEM(VFS,smbd/vfs.o) diff --git a/source/include/includes.h b/source/include/includes.h index bdd92f219ee..ca8f2ded8cc 100644 --- a/source/include/includes.h +++ b/source/include/includes.h @@ -173,6 +173,15 @@ #if HAVE_LBER_H #include <lber.h> +#ifdef HPUX +/* Define ber_tag_t and ber_int_t for using + * HP LDAP-UX Integration products' LDAP libraries. +*/ +#ifndef ber_tag_t +typedef unsigned long ber_tag_t; +typedef int ber_int_t; +#endif +#endif /* HPUX */ #ifndef LBER_USE_DER #define LBER_USE_DER 0x01 #endif @@ -1123,7 +1132,10 @@ int create_kerberos_key_from_string(krb5_context context, krb5_principal host_pr int create_kerberos_key_from_string_direct(krb5_context context, krb5_principal host_princ, krb5_data *password, krb5_keyblock *key, krb5_enctype enctype); BOOL get_auth_data_from_tkt(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, krb5_ticket *tkt); krb5_const_principal get_principal_from_tkt(krb5_ticket *tkt); +krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters); +#if defined(HAVE_KRB5_LOCATE_KDC) krb5_error_code krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters); +#endif krb5_error_code get_kerberos_allowed_etypes(krb5_context context, krb5_enctype **enctypes); BOOL get_krb5_smb_session_key(krb5_context context, krb5_auth_context auth_context, DATA_BLOB *session_key, BOOL remote); krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry); diff --git a/source/include/rpc_ds.h b/source/include/rpc_ds.h index bfe5179490c..4ca49871f6d 100644 --- a/source/include/rpc_ds.h +++ b/source/include/rpc_ds.h @@ -44,6 +44,7 @@ /* machine role */ +#define DSROLE_DOMAIN_MEMBER_WKS 1 #define DSROLE_STANDALONE_SRV 2 #define DSROLE_DOMAIN_MEMBER_SRV 3 #define DSROLE_BDC 4 @@ -60,18 +61,13 @@ typedef struct { uint16 machine_role; - uint16 unknown; /* 0x6173 -- maybe just alignment? */ - - uint32 flags; - + uint32 flags; uint32 netbios_ptr; uint32 dnsname_ptr; uint32 forestname_ptr; - struct GUID domain_guid; - + struct GUID domain_guid; UNISTR2 netbios_domain; - UNISTR2 dns_domain; /* our dns domain */ UNISTR2 forest_domain; /* root domain of the forest to which we belong */ } DSROLE_PRIMARY_DOMAIN_INFO_BASIC; diff --git a/source/include/rpc_spoolss.h b/source/include/rpc_spoolss.h index 069d2b3bf74..baa120445eb 100755 --- a/source/include/rpc_spoolss.h +++ b/source/include/rpc_spoolss.h @@ -961,7 +961,6 @@ PRINTER_INFO_2; typedef struct printer_info_3 { - uint32 flags; SEC_DESC *secdesc; } PRINTER_INFO_3; diff --git a/source/include/smb.h b/source/include/smb.h index a8fb39797b2..2ad3202ef9d 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -1249,17 +1249,24 @@ struct bitmap { /* Mapping of generic access rights for files to specific rights. */ +/* This maps to 0x1F01FF */ #define FILE_GENERIC_ALL (STANDARD_RIGHTS_REQUIRED_ACCESS| SYNCHRONIZE_ACCESS|FILE_ALL_ACCESS) +/* This maps to 0x120089 */ #define FILE_GENERIC_READ (STANDARD_RIGHTS_READ_ACCESS|FILE_READ_DATA|FILE_READ_ATTRIBUTES|\ FILE_READ_EA|SYNCHRONIZE_ACCESS) +/* This maps to 0x120116 */ #define FILE_GENERIC_WRITE (STD_RIGHT_READ_CONTROL_ACCESS|FILE_WRITE_DATA|FILE_WRITE_ATTRIBUTES|\ FILE_WRITE_EA|FILE_APPEND_DATA|SYNCHRONIZE_ACCESS) #define FILE_GENERIC_EXECUTE (STANDARD_RIGHTS_EXECUTE_ACCESS|\ FILE_EXECUTE|SYNCHRONIZE_ACCESS) +/* Share specific rights. */ +#define SHARE_ALL_ACCESS FILE_GENERIC_ALL +#define SHARE_READ_ONLY (FILE_GENERIC_READ|FILE_EXECUTE) + /* Mapping of access rights to UNIX perms. */ #define UNIX_ACCESS_RWX FILE_GENERIC_ALL #define UNIX_ACCESS_R FILE_GENERIC_READ @@ -1487,6 +1494,9 @@ char *strdup(char *s); #define FLAGS2_WIN2K_SIGNATURE 0xC852 /* Hack alert ! For now... JRA. */ +/* TCONX Flag (smb_vwv2). */ +#define TCONX_FLAG_EXTENDED_RESPONSE 0x8 + /* Capabilities. see ftp.microsoft.com/developr/drg/cifs/cifs/cifs4.txt */ #define CAP_RAW_MODE 0x0001 diff --git a/source/lib/fault.c b/source/lib/fault.c index b632a5c82fa..b214d9027ea 100644 --- a/source/lib/fault.c +++ b/source/lib/fault.c @@ -156,7 +156,7 @@ void dump_core_setup(const char *progname) * turned on in smb.conf and the relevant daemon is not restarted. */ if (!lp_enable_core_files()) { - DEBUG(0, ("Exiting on internal error (core file administratively disabled\n")); + DEBUG(0, ("Exiting on internal error (core file administratively disabled)\n")); exit(1); } diff --git a/source/lib/messages.c b/source/lib/messages.c index e2c8a6b52fa..08a94142572 100644 --- a/source/lib/messages.c +++ b/source/lib/messages.c @@ -183,13 +183,18 @@ static NTSTATUS message_notify(struct process_id procid) SMB_ASSERT(pid > 0); if (euid != 0) { - become_root_uid_only(); + /* If we're not root become so to send the message. */ + save_re_uid(); + set_effective_uid(0); } ret = kill(pid, SIGUSR1); if (euid != 0) { - unbecome_root_uid_only(); + /* Go back to who we were. */ + int saved_errno = errno; + restore_re_uid_fromroot(); + errno = saved_errno; } if (ret == -1) { diff --git a/source/lib/pidfile.c b/source/lib/pidfile.c index 49626acade5..89ab6d799b7 100644 --- a/source/lib/pidfile.c +++ b/source/lib/pidfile.c @@ -93,6 +93,13 @@ void pidfile_create(const char *program_name) strncpy( name, program_name, sizeof( name)-1); } else { short_configfile = strrchr( dyn_CONFIGFILE, '/'); + if (short_configfile == NULL) { + /* conf file in current directory */ + short_configfile = dyn_CONFIGFILE; + } else { + /* full/relative path provided */ + short_configfile++; + } slprintf( name, sizeof( name)-1, "%s-%s", program_name, short_configfile+1); } diff --git a/source/lib/replace/system/config.m4 b/source/lib/replace/system/config.m4 index 4d66317a5ee..74278787e71 100644 --- a/source/lib/replace/system/config.m4 +++ b/source/lib/replace/system/config.m4 @@ -1,6 +1,7 @@ # filesys AC_HEADER_DIRENT -AC_CHECK_HEADERS(fcntl.h sys/fcntl.h sys/acl.h sys/resource.h sys/ioctl.h sys/mode.h sys/filio.h sys/fs/s5param.h sys/filsys.h ) +AC_CHECK_HEADERS(fcntl.h sys/fcntl.h sys/resource.h sys/ioctl.h sys/mode.h sys/filio.h sys/fs/s5param.h sys/filsys.h) +AC_CHECK_HEADERS(sys/acl.h acl/libacl.h) # select AC_CHECK_HEADERS(sys/select.h) diff --git a/source/lib/replace/system/filesys.h b/source/lib/replace/system/filesys.h index 1e48f7ab404..3b68abe48ae 100644 --- a/source/lib/replace/system/filesys.h +++ b/source/lib/replace/system/filesys.h @@ -41,6 +41,10 @@ #include <sys/acl.h> #endif +#ifdef HAVE_ACL_LIBACL_H +#include <acl/libacl.h> +#endif + #ifdef HAVE_SYS_FS_S5PARAM_H #include <sys/fs/s5param.h> #endif diff --git a/source/lib/sysacls.c b/source/lib/sysacls.c index d31c1870c34..dcd76407144 100644 --- a/source/lib/sysacls.c +++ b/source/lib/sysacls.c @@ -181,7 +181,7 @@ char *sys_acl_to_text(SMB_ACL_T acl_d, ssize_t *len_p) id = idbuf; } else { id = gr->gr_name; - } + } case SMB_ACL_GROUP_OBJ: tag = "group"; break; diff --git a/source/lib/util.c b/source/lib/util.c index 45d3916ebe6..f49af133adb 100644 --- a/source/lib/util.c +++ b/source/lib/util.c @@ -3112,3 +3112,86 @@ int this_is_smp(void) return 0; #endif } + +/**************************************************************** + Check if an offset into a buffer is safe. + If this returns True it's safe to indirect into the byte at + pointer ptr+off. +****************************************************************/ + +BOOL is_offset_safe(const char *buf_base, size_t buf_len, char *ptr, size_t off) +{ + const char *end_base = buf_base + buf_len; + char *end_ptr = ptr + off; + + if (!buf_base || !ptr) { + return False; + } + + if (end_base < buf_base || end_ptr < ptr) { + return False; /* wrap. */ + } + + if (end_ptr < end_base) { + return True; + } + return False; +} + +/**************************************************************** + Return a safe pointer into a buffer, or NULL. +****************************************************************/ + +char *get_safe_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off) +{ + return is_offset_safe(buf_base, buf_len, ptr, off) ? + ptr + off : NULL; +} + +/**************************************************************** + Return a safe pointer into a string within a buffer, or NULL. +****************************************************************/ + +char *get_safe_str_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off) +{ + if (!is_offset_safe(buf_base, buf_len, ptr, off)) { + return NULL; + } + /* Check if a valid string exists at this offset. */ + if (skip_string(buf_base,buf_len, ptr + off) == NULL) { + return NULL; + } + return ptr + off; +} + +/**************************************************************** + Return an SVAL at a pointer, or failval if beyond the end. +****************************************************************/ + +int get_safe_SVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval) +{ + /* + * Note we use off+1 here, not off+2 as SVAL accesses ptr[0] and ptr[1], + * NOT ptr[2]. + */ + if (!is_offset_safe(buf_base, buf_len, ptr, off+1)) { + return failval; + } + return SVAL(ptr,off); +} + +/**************************************************************** + Return an IVAL at a pointer, or failval if beyond the end. +****************************************************************/ + +int get_safe_IVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval) +{ + /* + * Note we use off+3 here, not off+4 as IVAL accesses + * ptr[0] ptr[1] ptr[2] ptr[3] NOT ptr[4]. + */ + if (!is_offset_safe(buf_base, buf_len, ptr, off+3)) { + return failval; + } + return IVAL(ptr,off); +} diff --git a/source/lib/util_sec.c b/source/lib/util_sec.c index 3d997ee76ac..18992086975 100644 --- a/source/lib/util_sec.c +++ b/source/lib/util_sec.c @@ -265,7 +265,7 @@ void save_re_uid(void) and restore them! ****************************************************************************/ -static void restore_re_uid_fromroot(void) +void restore_re_uid_fromroot(void) { #if USE_SETRESUID setresuid(saved_ruid, saved_euid, -1); @@ -292,28 +292,6 @@ void restore_re_uid(void) } /**************************************************************************** - Lightweight become root - no group change. -****************************************************************************/ - -void become_root_uid_only(void) -{ - save_re_uid(); - set_effective_uid(0); -} - -/**************************************************************************** - Lightweight unbecome root - no group change. Expects we are root already, - saves errno across call boundary. -****************************************************************************/ - -void unbecome_root_uid_only(void) -{ - int saved_errno = errno; - restore_re_uid_fromroot(); - errno = saved_errno; -} - -/**************************************************************************** save the real and effective gid for later restoration. Used by the getgroups code ****************************************************************************/ diff --git a/source/lib/util_str.c b/source/lib/util_str.c index ccf0af8b623..457232c2b21 100644 --- a/source/lib/util_str.c +++ b/source/lib/util_str.c @@ -424,17 +424,42 @@ void string_replace( pstring s, char oldc, char newc ) } /** - Skip past some strings in a buffer. -**/ + * Skip past some strings in a buffer - old version - no checks. + * **/ -char *skip_string(char *buf,size_t n) +char *push_skip_string(char *buf) { - while (n--) - buf += strlen(buf) + 1; + buf += strlen(buf) + 1; return(buf); } /** + Skip past a string in a buffer. Buffer may not be + null terminated. end_ptr points to the first byte after + then end of the buffer. +**/ + +char *skip_string(const char *base, size_t len, char *buf) +{ + const char *end_ptr = base + len; + + if (end_ptr < base || !base || !buf || buf >= end_ptr) { + return NULL; + } + + /* Skip the string */ + while (*buf) { + buf++; + if (buf >= end_ptr) { + return NULL; + } + } + /* Skip the '\0' */ + buf++; + return buf; +} + +/** Count the number of characters in a string. Normally this will be the same as the number of bytes in a string for single byte strings, but will be different for multibyte. @@ -2591,4 +2616,3 @@ size_t utf16_len_n(const void *src, size_t n) return len; } - diff --git a/source/lib/util_tdb.c b/source/lib/util_tdb.c index 9136e2d6c1e..a1b5bf5bb16 100644 --- a/source/lib/util_tdb.c +++ b/source/lib/util_tdb.c @@ -25,18 +25,6 @@ #undef calloc #undef strdup -/*************************************************************** - Allow a caller to set a "alarm" flag that tdb can check to abort - a blocking lock on SIGALRM. -***************************************************************/ - -static sig_atomic_t *palarm_fired; - -static void tdb_set_lock_alarm(sig_atomic_t *palarm) -{ - palarm_fired = palarm; -} - /* these are little tdb utility functions that are meant to make dealing with a tdb database a little less cumbersome in Samba */ @@ -77,7 +65,6 @@ static int tdb_chainlock_with_timeout_internal( TDB_CONTEXT *tdb, TDB_DATA key, /* Allow tdb_chainlock to be interrupted by an alarm. */ int ret; gotalarm = 0; - tdb_set_lock_alarm(CONST_DISCARD(sig_atomic_t *, &gotalarm)); if (timeout) { CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig); diff --git a/source/libads/ldap.c b/source/libads/ldap.c index 1d08a01a263..b2ca68f67fe 100644 --- a/source/libads/ldap.c +++ b/source/libads/ldap.c @@ -2258,7 +2258,6 @@ int ads_count_replies(ADS_STRUCT *ads, void *res) LDAPMessage *msg, const char *field, SEC_DESC **sd) { struct berval **values; - prs_struct ps; BOOL ret = False; values = ldap_get_values_len(ads->ld, msg, field); @@ -2266,11 +2265,13 @@ int ads_count_replies(ADS_STRUCT *ads, void *res) if (!values) return False; if (values[0]) { + prs_struct ps; prs_init(&ps, values[0]->bv_len, mem_ctx, UNMARSHALL); prs_copy_data_in(&ps, values[0]->bv_val, values[0]->bv_len); prs_set_offset(&ps,0); ret = sec_io_desc("sd", sd, &ps, 1); + prs_mem_free(&ps); } ldap_value_free_len(values); diff --git a/source/libads/sasl.c b/source/libads/sasl.c index 013985a1215..0067a19d3b6 100644 --- a/source/libads/sasl.c +++ b/source/libads/sasl.c @@ -301,7 +301,7 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads) uint32 minor_status; gss_name_t serv_name; gss_buffer_desc input_name; - gss_ctx_id_t context_handle; + gss_ctx_id_t context_handle = GSS_C_NO_CONTEXT; gss_OID mech_type = GSS_C_NULL_OID; gss_buffer_desc output_token, input_token; uint32 ret_flags, conf_state; @@ -368,8 +368,6 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads) return ADS_ERROR_GSS(gss_rc, minor_status); } - context_handle = GSS_C_NO_CONTEXT; - input_token.value = NULL; input_token.length = 0; @@ -478,6 +476,8 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads) failed: gss_release_name(&minor_status, &serv_name); + if (context_handle != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&minor_status, &context_handle, GSS_C_NO_BUFFER); krb5_free_principal(ctx, principal); krb5_free_context(ctx); diff --git a/source/librpc/ndr/ndr_sec_helper.c b/source/librpc/ndr/ndr_sec_helper.c index 944b172d6cd..46dd5d55806 100644 --- a/source/librpc/ndr/ndr_sec_helper.c +++ b/source/librpc/ndr/ndr_sec_helper.c @@ -130,7 +130,7 @@ static NTSTATUS ndr_pull_security_ace_type(struct ndr_pull *ndr, int ndr_flags, { uint8_t v; NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &v)); - *r = v; + *r = (enum security_ace_type)v; return NT_STATUS_OK; } @@ -559,7 +559,7 @@ static NTSTATUS ndr_pull_security_acl_revision(struct ndr_pull *ndr, int ndr_fla { uint16_t v; NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v)); - *r = v; + *r = (enum security_acl_revision)v; return NT_STATUS_OK; } @@ -603,7 +603,7 @@ NTSTATUS ndr_pull_security_acl(struct ndr_pull *ndr, int ndr_flags, struct secur NDR_CHECK(ndr_pull_security_acl_revision(ndr, NDR_SCALARS, &r->revision)); NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->size)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_aces)); - if (r->num_aces < 0 || r->num_aces > 1000) { + if (r->num_aces > 1000) { /* num_aces is unsigned */ return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); } NDR_PULL_ALLOC_N(ndr, r->aces, r->num_aces); @@ -657,7 +657,7 @@ static NTSTATUS ndr_pull_security_descriptor_revision(struct ndr_pull *ndr, int { uint8_t v; NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &v)); - *r = v; + *r = (enum security_descriptor_revision)v; return NT_STATUS_OK; } diff --git a/source/librpc/ndr/sid.c b/source/librpc/ndr/sid.c index 0a9ddb883b2..61790b36306 100644 --- a/source/librpc/ndr/sid.c +++ b/source/librpc/ndr/sid.c @@ -211,7 +211,7 @@ NTSTATUS ndr_pull_sec_desc_buf(struct ndr_pull *ndr, int ndr_flags, struct sec_d if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 4)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sd_size)); - if (r->sd_size < 0 || r->sd_size > 0x40000) { + if (r->sd_size > 0x40000) { /* sd_size is unsigned */ return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); } NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sd)); diff --git a/source/libsmb/cliconnect.c b/source/libsmb/cliconnect.c index 0f09747dbf1..183cbe3bfc0 100644 --- a/source/libsmb/cliconnect.c +++ b/source/libsmb/cliconnect.c @@ -1065,6 +1065,7 @@ BOOL cli_send_tconX(struct cli_state *cli, cli_setup_packet(cli); SSVAL(cli->outbuf,smb_vwv0,0xFF); + SSVAL(cli->outbuf,smb_vwv2,TCONX_FLAG_EXTENDED_RESPONSE); SSVAL(cli->outbuf,smb_vwv3,passlen); p = smb_buf(cli->outbuf); diff --git a/source/libsmb/clidgram.c b/source/libsmb/clidgram.c index a983f485ab4..83ea81ddf1e 100644 --- a/source/libsmb/clidgram.c +++ b/source/libsmb/clidgram.c @@ -85,7 +85,10 @@ BOOL cli_send_mailslot(BOOL unique, const char *mailslot, SSVAL(ptr,smb_vwv16,2); p2 = smb_buf(ptr); fstrcpy(p2,mailslot); - p2 = skip_string(p2,1); + p2 = skip_string(ptr,MAX_DGRAM_SIZE,p2); + if (!p2) { + return False; + } memcpy(p2,buf,len); p2 += len; diff --git a/source/libsmb/clikrb5.c b/source/libsmb/clikrb5.c index 5018e146cad..993e32c1edd 100644 --- a/source/libsmb/clikrb5.c +++ b/source/libsmb/clikrb5.c @@ -393,7 +393,7 @@ BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ #if defined(KRB5_KRBHST_INIT) /* Heimdal */ - krb5_error_code krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters) + krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters) { krb5_krbhst_handle hnd; krb5_krbhst_info *hinfo; @@ -407,7 +407,7 @@ BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ rc = krb5_krbhst_init(ctx, realm->data, KRB5_KRBHST_KDC, &hnd); if (rc) { - DEBUG(0, ("krb5_locate_kdc: krb5_krbhst_init failed (%s)\n", error_message(rc))); + DEBUG(0, ("smb_krb5_locate_kdc: krb5_krbhst_init failed (%s)\n", error_message(rc))); return rc; } @@ -417,14 +417,14 @@ BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ krb5_krbhst_reset(ctx, hnd); if (!num_kdcs) { - DEBUG(0, ("krb5_locate_kdc: zero kdcs found !\n")); + DEBUG(0, ("smb_krb5_locate_kdc: zero kdcs found !\n")); krb5_krbhst_free(ctx, hnd); return -1; } sa = SMB_MALLOC_ARRAY( struct sockaddr, num_kdcs ); if (!sa) { - DEBUG(0, ("krb5_locate_kdc: malloc failed\n")); + DEBUG(0, ("smb_krb5_locate_kdc: malloc failed\n")); krb5_krbhst_free(ctx, hnd); naddrs = 0; return -1; @@ -454,7 +454,7 @@ BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ #else /* ! defined(KRB5_KRBHST_INIT) */ - krb5_error_code krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, + krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters) { DEBUG(0, ("unable to explicitly locate the KDC on this platform\n")); @@ -463,6 +463,14 @@ BOOL unwrap_pac(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, DATA_BLOB *unwrapped_ #endif /* KRB5_KRBHST_INIT */ +#else /* ! HAVE_KRB5_LOCATE_KDC */ + + krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, + struct sockaddr **addr_pp, int *naddrs, int get_masters) +{ + return krb5_locate_kdc(ctx, realm, addr_pp, naddrs, get_masters); +} + #endif /* HAVE_KRB5_LOCATE_KDC */ #if !defined(HAVE_KRB5_FREE_UNPARSED_NAME) diff --git a/source/libsmb/cliprint.c b/source/libsmb/cliprint.c index 5798e945541..cb04e0ddcc7 100644 --- a/source/libsmb/cliprint.c +++ b/source/libsmb/cliprint.c @@ -64,16 +64,16 @@ int cli_print_queue(struct cli_state *cli, SSVAL(p,0,76); /* API function number 76 (DosPrintJobEnum) */ p += 2; pstrcpy_base(p,"zWrLeh", param); /* parameter description? */ - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,"WWzWWDDzz", param); /* returned data format */ - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,cli->share, param); /* name of queue */ - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,2); /* API function level 2, PRJINFO_2 data structure */ SSVAL(p,2,1000); /* size of bytes of returned data buffer */ p += 4; pstrcpy_base(p,"", param); /* subformat */ - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); DEBUG(4,("doing cli_print_queue for %s\n", cli->share)); @@ -133,9 +133,9 @@ int cli_printjob_del(struct cli_state *cli, int job) SSVAL(p,0,81); /* DosPrintJobDel() */ p += 2; pstrcpy_base(p,"W", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,"", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,job); p += 2; diff --git a/source/libsmb/clirap.c b/source/libsmb/clirap.c index 05dc36e91c3..6008dfbe934 100644 --- a/source/libsmb/clirap.c +++ b/source/libsmb/clirap.c @@ -86,9 +86,9 @@ BOOL cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation) SSVAL(p,0,132); /* api number */ p += 2; pstrcpy_base(p,"OOWb54WrLh",param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,"WB21BWDWWDDDDDDDzzzD",param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,1); p += 2; pstrcpy_base(p,user,param); @@ -147,9 +147,9 @@ int cli_RNetShareEnum(struct cli_state *cli, void (*fn)(const char *, uint32, co SSVAL(p,0,0); /* api number */ p += 2; pstrcpy_base(p,"WrLeh",param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,"B13BWz",param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,1); /* * Win2k needs a *smaller* buffer than 0xFFFF here - @@ -225,11 +225,11 @@ BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype, SSVAL(p,0,0x68); /* api number */ p += 2; pstrcpy_base(p,"WrLehDz", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,"B16BBDz", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,uLevel); SSVAL(p,2,CLI_BUFFER_SIZE); p += 4; @@ -314,11 +314,11 @@ BOOL cli_oem_change_password(struct cli_state *cli, const char *user, const char SSVAL(p,0,214); /* SamOEMChangePassword command. */ p += 2; pstrcpy_base(p, "zsT", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p, "B516B16", param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); pstrcpy_base(p,user, param); - p = skip_string(p,1); + p = skip_string(param,sizeof(param),p); SSVAL(p,0,532); p += 2; diff --git a/source/libsmb/clirap2.c b/source/libsmb/clirap2.c index d6a44f4ea22..1730626066f 100644 --- a/source/libsmb/clirap2.c +++ b/source/libsmb/clirap2.c @@ -91,7 +91,7 @@ /* put string s at p with max len n and increment p past string */ #define PUTSTRING(p,s,n) do {\ push_ascii(p,s?s:"",n?n:256,STR_TERMINATE);\ - p = skip_string(p,1);\ + p = push_skip_string(p);\ } while(0) /* put string s and p, using fixed len l, and increment p by l */ #define PUTSTRINGF(p,s,l) do {\ @@ -111,7 +111,7 @@ /* get asciiz string s from p, increment p past string */ #define GETSTRING(p,s) do {\ pull_ascii_pstring(s,p);\ - p = skip_string(p,1);\ + p = push_skip_string(p);\ } while(0) /* get fixed length l string s from p, increment p by l */ #define GETSTRINGF(p,s,l) do {\ diff --git a/source/libsmb/credentials.c b/source/libsmb/credentials.c index 76fc5fc0621..3243719d5c9 100644 --- a/source/libsmb/credentials.c +++ b/source/libsmb/credentials.c @@ -101,7 +101,9 @@ static void creds_init_64(struct dcinfo *dc, unsigned char sum2[8]; /* Just in case this isn't already there */ - memcpy(dc->mach_pw, mach_pw, 16); + if (dc->mach_pw != mach_pw) { + memcpy(dc->mach_pw, mach_pw, 16); + } sum[0] = IVAL(clnt_chal_in->data, 0) + IVAL(srv_chal_in->data, 0); sum[1] = IVAL(clnt_chal_in->data, 4) + IVAL(srv_chal_in->data, 4); diff --git a/source/libsmb/libsmbclient.c b/source/libsmb/libsmbclient.c index 7fbf5a10c54..e305409b87c 100644 --- a/source/libsmb/libsmbclient.c +++ b/source/libsmb/libsmbclient.c @@ -339,14 +339,15 @@ smbc_parse_path(SMBCCTX *context, goto decoding; if (*p == '/') { + int wl = strlen(context->workgroup); - strncpy(server, context->workgroup, - ((strlen(context->workgroup) < 16) - ? strlen(context->workgroup) - : 16)); - server[server_len - 1] = '\0'; + if (wl > 16) { + wl = 16; + } + + strncpy(server, context->workgroup, wl); + server[wl] = '\0'; return 0; - } /* @@ -499,8 +500,30 @@ static int smbc_check_server(SMBCCTX * context, SMBCSRV * server) { - if ( send_keepalive(server->cli->fd) == False ) - return 1; + size_t size; + struct sockaddr addr; + + /* + * Although the use of port 139 is not a guarantee that we're using + * netbios, we assume so. We don't want to send a keepalive packet if + * not netbios because it's not valid, and Vista, at least, + * disconnects the client on such a request. + */ + if (server->cli->port == 139) { + /* Assuming netbios. Send a keepalive packet */ + if ( send_keepalive(server->cli->fd) == False ) { + return 1; + } + } else { + /* + * Assuming not netbios. Try a different method to detect if + * the connection is still alive. + */ + size = sizeof(addr); + if (getpeername(server->cli->fd, &addr, &size) == -1) { + return 1; + } + } /* connection is ok */ return 0; @@ -917,6 +940,7 @@ smbc_attr_server(SMBCCTX *context, fstring password, POLICY_HND *pol) { + int flags; struct in_addr ip; struct cli_state *ipc_cli; struct rpc_pipe_client *pipe_hnd; @@ -951,12 +975,17 @@ smbc_attr_server(SMBCCTX *context, } } + flags = 0; + if (context->flags & SMB_CTX_FLAG_USE_KERBEROS) { + flags |= CLI_FULL_CONNECTION_USE_KERBEROS; + } + zero_ip(&ip); nt_status = cli_full_connection(&ipc_cli, global_myname(), server, &ip, 0, "IPC$", "?????", username, workgroup, - password, 0, + password, flags, Undefined, NULL); if (! NT_STATUS_IS_OK(nt_status)) { DEBUG(1,("cli_full_connection failed! (%s)\n", diff --git a/source/libsmb/samlogon_cache.c b/source/libsmb/samlogon_cache.c index b242d0ef55b..c48c75f3efa 100644 --- a/source/libsmb/samlogon_cache.c +++ b/source/libsmb/samlogon_cache.c @@ -59,9 +59,9 @@ BOOL netsamlogon_cache_shutdown(void) ***********************************************************************/ void netsamlogon_clear_cached_user(TDB_CONTEXT *tdb, NET_USER_INFO_3 *user) { - fstring domain; - TDB_DATA key; BOOL got_tdb = False; + DOM_SID sid; + fstring key_str, sid_string; /* We may need to call this function from smbd which will not have winbindd_cache.tdb open. Open the tdb if a NULL is passed. */ @@ -77,29 +77,24 @@ void netsamlogon_clear_cached_user(TDB_CONTEXT *tdb, NET_USER_INFO_3 *user) got_tdb = True; } - unistr2_to_ascii(domain, &user->uni_logon_dom, sizeof(domain) - 1); + sid_copy(&sid, &user->dom_sid.sid); + sid_append_rid(&sid, user->user_rid); - /* Clear U/DOMAIN/RID cache entry */ + /* Clear U/SID cache entry */ - asprintf(&key.dptr, "U/%s/%d", domain, user->user_rid); - key.dsize = strlen(key.dptr) - 1; /* keys are not NULL terminated */ + fstr_sprintf(key_str, "U/%s", sid_to_string(sid_string, &sid)); - DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key.dptr)); + DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key_str)); - tdb_delete(tdb, key); + tdb_delete(tdb, string_tdb_data(key_str)); - SAFE_FREE(key.dptr); + /* Clear UG/SID cache entry */ - /* Clear UG/DOMAIN/RID cache entry */ + fstr_sprintf(key_str, "UG/%s", sid_to_string(sid_string, &sid)); - asprintf(&key.dptr, "UG/%s/%d", domain, user->user_rid); - key.dsize = strlen(key.dptr) - 1; /* keys are not NULL terminated */ + DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key_str)); - DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key.dptr)); - - tdb_delete(tdb, key); - - SAFE_FREE(key.dptr); + tdb_delete(tdb, string_tdb_data(key_str)); if (got_tdb) tdb_close(tdb); diff --git a/source/libsmb/smb_share_modes.c b/source/libsmb/smb_share_modes.c index 4c49ecb7bd9..9236a96c5b2 100644 --- a/source/libsmb/smb_share_modes.c +++ b/source/libsmb/smb_share_modes.c @@ -200,7 +200,7 @@ int smb_get_share_mode_entries(struct smbdb_ctx *db_ctx, memset(list, '\0', num_share_modes * sizeof(struct smb_share_mode_entry)); - shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct share_mode_entry)); + shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data)); list_num = 0; for (i = 0; i < num_share_modes; i++) { @@ -265,7 +265,8 @@ int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx, if (!db_data.dptr) { /* We must create the entry. */ db_data.dptr = (char *)malloc( - (2*sizeof(struct share_mode_entry)) + + sizeof(struct locking_data) + + sizeof(struct share_mode_entry) + strlen(sharepath) + 1 + strlen(filename) + 1); if (!db_data.dptr) { @@ -276,18 +277,18 @@ int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx, ld->u.s.num_share_mode_entries = 1; ld->u.s.delete_on_close = 0; ld->u.s.delete_token_size = 0; - shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct share_mode_entry)); + shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data)); create_share_mode_entry(shares, new_entry); - memcpy(db_data.dptr + 2*sizeof(struct share_mode_entry), + memcpy(db_data.dptr + sizeof(struct locking_data) + sizeof(struct share_mode_entry), sharepath, strlen(sharepath) + 1); - memcpy(db_data.dptr + 2*sizeof(struct share_mode_entry) + + memcpy(db_data.dptr + sizeof(struct locking_data) + sizeof(struct share_mode_entry) + strlen(sharepath) + 1, filename, strlen(filename) + 1); - db_data.dsize = 2*sizeof(struct share_mode_entry) + + db_data.dsize = sizeof(struct locking_data) + sizeof(struct share_mode_entry) + strlen(sharepath) + 1 + strlen(filename) + 1; if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_INSERT) == -1) { @@ -310,11 +311,11 @@ int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx, orig_num_share_modes = ld->u.s.num_share_mode_entries; /* Copy the original data. */ - memcpy(new_data_p, db_data.dptr, (orig_num_share_modes+1)*sizeof(struct share_mode_entry)); + memcpy(new_data_p, db_data.dptr, sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry))); /* Add in the new share mode */ - shares = (struct share_mode_entry *)(new_data_p + - ((orig_num_share_modes+1)*sizeof(struct share_mode_entry))); + shares = (struct share_mode_entry *)(new_data_p + sizeof(struct locking_data) + + (orig_num_share_modes * sizeof(struct share_mode_entry))); create_share_mode_entry(shares, new_entry); @@ -322,9 +323,9 @@ int smb_create_share_mode_entry_ex(struct smbdb_ctx *db_ctx, ld->u.s.num_share_mode_entries++; /* Append the original delete_token and filenames. */ - memcpy(new_data_p + ((ld->u.s.num_share_mode_entries+1)*sizeof(struct share_mode_entry)), - db_data.dptr + ((orig_num_share_modes+1)*sizeof(struct share_mode_entry)), - db_data.dsize - ((orig_num_share_modes+1) * sizeof(struct share_mode_entry))); + memcpy(new_data_p + sizeof(struct locking_data) + (ld->u.s.num_share_mode_entries * sizeof(struct share_mode_entry)), + db_data.dptr + sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry)), + db_data.dsize - sizeof(struct locking_data) - (orig_num_share_modes * sizeof(struct share_mode_entry))); new_data_size = db_data.dsize + sizeof(struct share_mode_entry); @@ -382,7 +383,7 @@ int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx, ld = (struct locking_data *)db_data.dptr; orig_num_share_modes = ld->u.s.num_share_mode_entries; - shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct share_mode_entry)); + shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data)); if (orig_num_share_modes == 1) { /* Only one entry - better be ours... */ @@ -405,7 +406,7 @@ int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx, } /* Copy the header. */ - memcpy(new_data_p, db_data.dptr, sizeof(struct share_mode_entry)); + memcpy(new_data_p, db_data.dptr, sizeof(struct locking_data)); num_share_modes = 0; for (i = 0; i < orig_num_share_modes; i++) { @@ -421,7 +422,8 @@ int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx, continue; /* This is our delete taget. */ } - memcpy(new_data_p + ((num_share_modes+1)*sizeof(struct share_mode_entry)), + memcpy(new_data_p + sizeof(struct locking_data) + + (num_share_modes * sizeof(struct share_mode_entry)), share, sizeof(struct share_mode_entry) ); num_share_modes++; @@ -435,10 +437,10 @@ int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx, } /* Copy any delete token plus the terminating filenames. */ - remaining_ptr = db_data.dptr + ((orig_num_share_modes+1) * sizeof(struct share_mode_entry)); + remaining_ptr = db_data.dptr + sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry)); remaining_size = db_data.dsize - (remaining_ptr - db_data.dptr); - memcpy(new_data_p + ((num_share_modes+1)*sizeof(struct share_mode_entry)), + memcpy(new_data_p + sizeof(struct locking_data) + (num_share_modes * sizeof(struct share_mode_entry)), remaining_ptr, remaining_size); @@ -450,7 +452,7 @@ int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx, ld = (struct locking_data *)db_data.dptr; ld->u.s.num_share_mode_entries = num_share_modes; - db_data.dsize = ((num_share_modes+1)*sizeof(struct share_mode_entry)) + remaining_size; + db_data.dsize = sizeof(struct locking_data) + (num_share_modes * sizeof(struct share_mode_entry)) + remaining_size; if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_REPLACE) == -1) { free(db_data.dptr); @@ -481,7 +483,7 @@ int smb_change_share_mode_entry(struct smbdb_ctx *db_ctx, ld = (struct locking_data *)db_data.dptr; num_share_modes = ld->u.s.num_share_mode_entries; - shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct share_mode_entry)); + shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data)); for (i = 0; i < num_share_modes; i++) { struct share_mode_entry *share = &shares[i]; diff --git a/source/modules/vfs_default.c b/source/modules/vfs_default.c index 4febc064d94..98e9aaa2631 100644 --- a/source/modules/vfs_default.c +++ b/source/modules/vfs_default.c @@ -632,7 +632,7 @@ static int vfswrap_ntimes(vfs_handle_struct *handle, const char *path, const str } #elif defined(HAVE_UTIME) { - struct utimebuf times; + struct utimbuf times; times.actime = convert_timespec_to_time_t(ts[0]); times.modtime = convert_timespec_to_time_t(ts[1]); result = utime(path, times); @@ -905,8 +905,12 @@ static NTSTATUS vfswrap_notify_watch(vfs_handle_struct *vfs_handle, static int vfswrap_chflags(vfs_handle_struct *handle, const char *path, int flags) { +#ifdef HAVE_CHFLAGS + return chflags(path, flags); +#else errno = ENOSYS; return -1; +#endif } static size_t vfswrap_fget_nt_acl(vfs_handle_struct *handle, files_struct *fsp, int fd, uint32 security_info, SEC_DESC **ppdesc) diff --git a/source/modules/vfs_recycle.c b/source/modules/vfs_recycle.c index 579cc94cf94..a20e09f0108 100644 --- a/source/modules/vfs_recycle.c +++ b/source/modules/vfs_recycle.c @@ -311,23 +311,48 @@ done: } /** - * Check if needle is contained exactly in haystack - * @param haystack list of parameters separated by delimimiter character - * @param needle string to be matched exactly to haystack - * @return True if found + * Check if any of the components of "exclude_list" are contained in path. + * Return True if found **/ -static BOOL checkparam(const char **haystack_list, const char *needle) + +static BOOL matchdirparam(const char **dir_exclude_list, char *path) { - int i; + char *startp = NULL, *endp = NULL; - if (haystack_list == NULL || haystack_list[0] == NULL || - *haystack_list[0] == '\0' || needle == NULL || *needle == '\0') { + if (dir_exclude_list == NULL || dir_exclude_list[0] == NULL || + *dir_exclude_list[0] == '\0' || path == NULL || *path == '\0') { return False; } - for(i=0; haystack_list[i] ; i++) { - if(strequal(haystack_list[i], needle)) { - return True; + /* + * Walk the components of path, looking for matches with the + * exclude list on each component. + */ + + for (startp = path; startp; startp = endp) { + int i; + + while (*startp == '/') { + startp++; + } + endp = strchr(startp, '/'); + if (endp) { + *endp = '\0'; + } + + for(i=0; dir_exclude_list[i] ; i++) { + if(unix_wild_match(dir_exclude_list[i], startp)) { + /* Repair path. */ + if (endp) { + *endp = '/'; + } + return True; + } + } + + /* Repair path. */ + if (endp) { + *endp = '/'; } } @@ -485,11 +510,7 @@ static int recycle_unlink(vfs_handle_struct *handle, const char *file_name) goto done; } - /* FIXME: this check will fail if we have more than one level of directories, - * we shoud check for every level 1, 1/2, 1/2/3, 1/2/3/4 .... - * ---simo - */ - if (checkparam(recycle_exclude_dir(handle), path_name)) { + if (matchdirparam(recycle_exclude_dir(handle), path_name)) { DEBUG(3, ("recycle: directory %s is excluded \n", path_name)); rc = SMB_VFS_NEXT_UNLINK(handle, file_name); goto done; diff --git a/source/nmbd/nmbd_browsesync.c b/source/nmbd/nmbd_browsesync.c index 9535a3115a6..54d02aac352 100644 --- a/source/nmbd/nmbd_browsesync.c +++ b/source/nmbd/nmbd_browsesync.c @@ -125,7 +125,7 @@ static void announce_local_master_browser_to_domain_master_browser( struct work_ /* The call below does CH_UNIX -> CH_DOS conversion. JRA */ push_pstring_base(p, myname, outbuf); - p = skip_string(p,1); + p = skip_string(outbuf,sizeof(outbuf),p); if( DEBUGLVL( 4 ) ) { dbgtext( "announce_local_master_browser_to_domain_master_browser:\n" ); diff --git a/source/nmbd/nmbd_elections.c b/source/nmbd/nmbd_elections.c index 3aadd70b83c..eb6f1b6e0aa 100644 --- a/source/nmbd/nmbd_elections.c +++ b/source/nmbd/nmbd_elections.c @@ -53,7 +53,7 @@ static void send_election_dgram(struct subnet_record *subrec, const char *workgr strupper_m(srv_name); /* The following call does UNIX -> DOS charset conversion. */ pstrcpy_base(p, srv_name, outbuf); - p = skip_string(p,1); + p = skip_string(outbuf,sizeof(outbuf),p); send_mailslot(False, BROWSE_MAILSLOT, outbuf, PTR_DIFF(p,outbuf), global_myname(), 0, diff --git a/source/nmbd/nmbd_incomingdgrams.c b/source/nmbd/nmbd_incomingdgrams.c index 880700c72cb..4f3b3d3a7b4 100644 --- a/source/nmbd/nmbd_incomingdgrams.c +++ b/source/nmbd/nmbd_incomingdgrams.c @@ -416,7 +416,7 @@ done: Process an incoming LanMan host announcement packet. *******************************************************************/ -void process_lm_host_announce(struct subnet_record *subrec, struct packet_struct *p, char *buf) +void process_lm_host_announce(struct subnet_record *subrec, struct packet_struct *p, char *buf, int len) { struct dgram_packet *dgram = &p->packet.dgram; uint32 servertype = IVAL(buf,1); @@ -429,10 +429,16 @@ void process_lm_host_announce(struct subnet_record *subrec, struct packet_struct unstring work_name; unstring source_name; fstring comment; - char *s = buf+9; + char *s = get_safe_str_ptr(buf,len,buf,9); START_PROFILE(lm_host_announce); - s = skip_string(s,1); + if (!s) { + goto done; + } + s = skip_string(buf,len,s); + if (!s) { + goto done; + } pull_ascii(comment, s, sizeof(fstring), 43, STR_TERMINATE); pull_ascii_nstring(announce_name,sizeof(announce_name),buf+9); @@ -568,7 +574,7 @@ static void send_backup_list_response(struct subnet_record *subrec, myname[15]='\0'; push_pstring_base(p, myname, outbuf); - p = skip_string(p,1); + p = skip_string(outbuf,sizeof(outbuf),p); /* Look for backup browsers in this workgroup. */ @@ -604,7 +610,7 @@ static void send_backup_list_response(struct subnet_record *subrec, DEBUG(5,("send_backup_list_response: Adding server %s number %d\n", p, count)); - p = skip_string(p,1); + p = skip_string(outbuf,sizeof(outbuf),p); } #endif @@ -809,7 +815,7 @@ done: through the "lm announce" parameter in smb.conf) ******************************************************************/ -void process_lm_announce_request(struct subnet_record *subrec, struct packet_struct *p, char *buf) +void process_lm_announce_request(struct subnet_record *subrec, struct packet_struct *p, char *buf, int len) { struct dgram_packet *dgram = &p->packet.dgram; unstring workgroup_name; diff --git a/source/nmbd/nmbd_packets.c b/source/nmbd/nmbd_packets.c index 89362392fe7..87a38b9d2a1 100644 --- a/source/nmbd/nmbd_packets.c +++ b/source/nmbd/nmbd_packets.c @@ -1153,10 +1153,10 @@ mismatch with our scope (%s).\n", inet_ntoa(p->ip), scope, global_scope())); switch (command) { case ANN_HostAnnouncement: debug_browse_data(buf, len); - process_lm_host_announce(subrec, p, buf+1); + process_lm_host_announce(subrec, p, buf+1, len > 1 ? len-1 : 0); break; case ANN_AnnouncementRequest: - process_lm_announce_request(subrec, p, buf+1); + process_lm_announce_request(subrec, p, buf+1, len > 1 ? len-1 : 0); break; default: DEBUG(0,("process_lanman_packet: On subnet %s ignoring browse packet \ @@ -1899,7 +1899,7 @@ BOOL send_mailslot(BOOL unique, const char *mailslot,char *buf, size_t len, SSVAL(ptr,smb_vwv16,2); p2 = smb_buf(ptr); safe_strcpy_base(p2, mailslot, dgram->data, sizeof(dgram->data)); - p2 = skip_string(p2,1); + p2 = skip_string(ptr,MAX_DGRAM_SIZE,p2); if (((p2+len) > dgram->data+sizeof(dgram->data)) || ((p2+len) < p2)) { DEBUG(0, ("send_mailslot: Cannot write beyond end of packet\n")); diff --git a/source/nmbd/nmbd_processlogon.c b/source/nmbd/nmbd_processlogon.c index 4a8d1db51db..1672b039792 100644 --- a/source/nmbd/nmbd_processlogon.c +++ b/source/nmbd/nmbd_processlogon.c @@ -91,7 +91,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); pstrcpy(my_name, global_myname()); - code = SVAL(buf,0); + code = get_safe_SVAL(buf,len,buf,0,-1); DEBUG(4,("process_logon_packet: Logon from %s: code = 0x%x\n", inet_ntoa(p->ip), code)); switch (code) { @@ -100,21 +100,21 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); fstring mach_str, user_str, getdc_str; char *q = buf + 2; char *machine = q; - char *user = skip_string(machine,1); + char *user = skip_string(buf,len,machine); - if (PTR_DIFF(user, buf) >= len) { + if (!user || PTR_DIFF(user, buf) >= len) { DEBUG(0,("process_logon_packet: bad packet\n")); return; } - getdc = skip_string(user,1); + getdc = skip_string(buf,len,user); - if (PTR_DIFF(getdc, buf) >= len) { + if (!getdc || PTR_DIFF(getdc, buf) >= len) { DEBUG(0,("process_logon_packet: bad packet\n")); return; } - q = skip_string(getdc,1); + q = skip_string(buf,len,getdc); - if (PTR_DIFF(q + 5, buf) > len) { + if (!q || PTR_DIFF(q + 5, buf) > len) { DEBUG(0,("process_logon_packet: bad packet\n")); return; } @@ -136,7 +136,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); fstrcpy(reply_name, "\\\\"); fstrcat(reply_name, my_name); push_ascii_fstring(q, reply_name); - q = skip_string(q, 1); /* PDC name */ + q = skip_string(outbuf,sizeof(outbuf),q); /* PDC name */ SSVAL(q, 0, token); q += 2; @@ -164,15 +164,15 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); return; } - getdc = skip_string(machine,1); + getdc = skip_string(buf,len,machine); - if (PTR_DIFF(getdc, buf) >= len) { + if (!getdc || PTR_DIFF(getdc, buf) >= len) { DEBUG(0,("process_logon_packet: bad packet\n")); return; } - q = skip_string(getdc,1); + q = skip_string(buf,len,getdc); - if (PTR_DIFF(q, buf) >= len) { + if (!q || PTR_DIFF(q, buf) >= len) { DEBUG(0,("process_logon_packet: bad packet\n")); return; } @@ -232,7 +232,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); fstrcpy(reply_name,my_name); push_ascii_fstring(q, reply_name); - q = skip_string(q, 1); /* PDC name */ + q = skip_string(outbuf,sizeof(outbuf),q); /* PDC name */ /* PDC and domain name */ if (!short_request) { @@ -301,9 +301,9 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", return; } - q = skip_string(getdc,1); + q = skip_string(buf,len,getdc); - if (PTR_DIFF(q + 8, buf) >= len) { + if (!q || PTR_DIFF(q + 8, buf) >= len) { DEBUG(0,("process_logon_packet: bad packet\n")); return; } @@ -540,16 +540,16 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", /* Domain info */ - q = skip_string(q, 1); /* PDC name */ + q = skip_string(buf,len,q); /* PDC name */ - if (PTR_DIFF(q, buf) >= len) { + if (!q || PTR_DIFF(q, buf) >= len) { DEBUG(0,("process_logon_packet: bad packet\n")); return; } - q = skip_string(q, 1); /* Domain name */ + q = skip_string(buf,len,q); /* Domain name */ - if (PTR_DIFF(q, buf) >= len) { + if (!q || PTR_DIFF(q, buf) >= len) { DEBUG(0,("process_logon_packet: bad packet\n")); return; } diff --git a/source/nmbd/nmbd_sendannounce.c b/source/nmbd/nmbd_sendannounce.c index 7fcedc557ee..e2dc130463c 100644 --- a/source/nmbd/nmbd_sendannounce.c +++ b/source/nmbd/nmbd_sendannounce.c @@ -566,7 +566,7 @@ for workgroup %s on subnet %s.\n", lp_workgroup(), FIRST_SUBNET->subnet_name )); myname[15]='\0'; push_pstring_base(p, myname, outbuf); - p = skip_string(p,1); + p = skip_string(outbuf,sizeof(outbuf),p); for (ptr=s; next_token(&ptr,s2,NULL,sizeof(s2)); ) { /* The entries are of the form a.b.c.d */ diff --git a/source/nsswitch/idmap.c b/source/nsswitch/idmap.c index c2a38fa9797..1bd93affac8 100644 --- a/source/nsswitch/idmap.c +++ b/source/nsswitch/idmap.c @@ -407,6 +407,7 @@ NTSTATUS idmap_init(void) /* check the set_mapping function exists otherwise mark the module as readonly */ if ( ! dom->methods->set_mapping) { + DEBUG(5, ("Forcing to readonly, as ithis module can't store arbitrary mappings.\n")); dom->readonly = True; } @@ -689,7 +690,9 @@ static struct idmap_domain* find_idmap_domain_from_sid( DOM_SID *account_sid ) if ( (pdb_dom_num != -1) && (sid_check_is_in_builtin(account_sid) || - sid_check_is_in_wellknown_domain(account_sid)) ) + sid_check_is_in_wellknown_domain(account_sid) || + sid_check_is_in_unix_groups(account_sid) || + sid_check_is_in_unix_users(account_sid)) ) { return idmap_domains[pdb_dom_num]; } diff --git a/source/nsswitch/idmap_ad.c b/source/nsswitch/idmap_ad.c index fee53a0539e..5ec543819ef 100644 --- a/source/nsswitch/idmap_ad.c +++ b/source/nsswitch/idmap_ad.c @@ -194,26 +194,6 @@ static NTSTATUS idmap_ad_initialize(struct idmap_domain *dom, const char *params } } - /* idmap AD can work well only if it is the default module (trusts) - * with additional BUILTIN and alloc using TDB */ - if ( ! dom->default_domain) { - DEBUG(1, ("WARNING: idmap_ad is not configured as the default domain.\n" - "For best results we suggest you to configure this module as\n" - "default and configure BULTIN to use idmap_tdb\n" - "ex: idmap domains = BUILTIN %s\n" - " idmap alloc config: range = 5000 - 9999\n" - " idmap config %s: default = yes\n" - " idmap config %s: backend = ad\n" - " idmap config %s: range = 10000 - 10000000 #this is optional\n" - "NOTE: make sure the ranges do not overlap\n", - dom->name, dom->name, dom->name, dom->name)); - } - - if ( !dom->readonly ) { - DEBUG(1, ("WARNING: forcing to readonly, as idmap_ad can't write on AD.\n")); - dom->readonly = true; - } - dom->private_data = ctx; talloc_free(config_option); diff --git a/source/nsswitch/idmap_cache.c b/source/nsswitch/idmap_cache.c index 13cb9f7eb97..689f363e535 100644 --- a/source/nsswitch/idmap_cache.c +++ b/source/nsswitch/idmap_cache.c @@ -109,6 +109,19 @@ NTSTATUS idmap_cache_set(struct idmap_cache_ctx *cache, const struct id_map *id) char *idkey; char *valstr; + /* Don't cache lookups in the S-1-22-{1,2} domain */ + if ( (id->xid.type == ID_TYPE_UID) && + sid_check_is_in_unix_users(id->sid) ) + { + return NT_STATUS_OK; + } + if ( (id->xid.type == ID_TYPE_GID) && + sid_check_is_in_unix_groups(id->sid) ) + { + return NT_STATUS_OK; + } + + ret = idmap_cache_build_sidkey(cache, &sidkey, id); if (!NT_STATUS_IS_OK(ret)) return ret; diff --git a/source/nsswitch/pam_winbind.c b/source/nsswitch/pam_winbind.c index 66f9a093144..9d52dc89d0a 100644 --- a/source/nsswitch/pam_winbind.c +++ b/source/nsswitch/pam_winbind.c @@ -436,7 +436,7 @@ static int pam_winbind_request(pam_handle_t * pamh, int ctrl, /* Fill in request and send down pipe */ init_request(request, req_type); - if (write_sock(request, sizeof(*request), 0, 1) == -1) { + if (write_sock(request, sizeof(*request), 0, 0) == -1) { _pam_log(pamh, ctrl, LOG_ERR, "pam_winbind_request: write to socket failed!"); close_sock(); return PAM_SERVICE_ERR; diff --git a/source/nsswitch/wbinfo.c b/source/nsswitch/wbinfo.c index 3ae97cfea0a..6db37fca80f 100644 --- a/source/nsswitch/wbinfo.c +++ b/source/nsswitch/wbinfo.c @@ -1417,7 +1417,7 @@ int main(int argc, char **argv, char **envp) "group %s\n", string_arg); goto done; } - break; + break; case 'r': if (!wbinfo_get_usergroups(string_arg)) { d_fprintf(stderr, "Could not get groups for user %s\n", diff --git a/source/nsswitch/winbind_nss_aix.c b/source/nsswitch/winbind_nss_aix.c index bc0f252d79b..92d4bee005f 100644 --- a/source/nsswitch/winbind_nss_aix.c +++ b/source/nsswitch/winbind_nss_aix.c @@ -629,8 +629,10 @@ static int wb_aix_user_attrib(const char *key, char *attributes[], if (strcmp(attributes[i], S_ID) == 0) { results[i].attr_un.au_int = pwd->pw_uid; +#ifdef _AIXVERSION_530 } else if (strcmp(attributes[i], S_PGID) == 0) { results[i].attr_un.au_int = pwd->pw_gid; +#endif } else if (strcmp(attributes[i], S_PWD) == 0) { results[i].attr_un.au_char = strdup(pwd->pw_passwd); } else if (strcmp(attributes[i], S_HOME) == 0) { @@ -769,7 +771,9 @@ static attrlist_t **wb_aix_attrlist(void) {S_PGRP, AL_USERATTR, SEC_CHAR}, {S_HOME, AL_USERATTR, SEC_CHAR}, {S_SHELL, AL_USERATTR, SEC_CHAR}, +#ifdef _AIXVERSION_530 {S_PGID, AL_USERATTR, SEC_INT}, +#endif {S_GECOS, AL_USERATTR, SEC_CHAR}, {S_SHELL, AL_USERATTR, SEC_CHAR}, {S_PGRP, AL_USERATTR, SEC_CHAR}, diff --git a/source/nsswitch/winbind_nss_irix.c b/source/nsswitch/winbind_nss_irix.c index 5c6679f0442..98c1326bb22 100644 --- a/source/nsswitch/winbind_nss_irix.c +++ b/source/nsswitch/winbind_nss_irix.c @@ -454,7 +454,7 @@ send_next_request(nsd_file_t *rq, struct winbindd_request *request) nsd_logprintf(NSD_LOG_MIN, "send_next_request (winbind) %d, timeout = %d sec\n", rq->f_cmd_data, timeout); - status = winbindd_send_request((int)rq->f_cmd_data,request,0); + status = winbindd_send_request((int)rq->f_cmd_data,0,request); SAFE_FREE(request); if (status != NSS_STATUS_SUCCESS) { diff --git a/source/nsswitch/winbindd_ads.c b/source/nsswitch/winbindd_ads.c index 3925228efc6..5988c6aff45 100644 --- a/source/nsswitch/winbindd_ads.c +++ b/source/nsswitch/winbindd_ads.c @@ -931,6 +931,8 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, if (num_retries < 5) { num_retries++; num_members = 0; + ads_msgfree(ads, res); + res = NULL; continue; } else { DEBUG(5, ("ads: lookup_groupmem USN on this record changed" @@ -947,6 +949,9 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, &num_members, &more_values); + ads_msgfree(ads, res); + res = NULL; + if ((members == NULL) || (num_members == 0)) break; diff --git a/source/nsswitch/winbindd_cred_cache.c b/source/nsswitch/winbindd_cred_cache.c index f161587e7aa..368090c3909 100644 --- a/source/nsswitch/winbindd_cred_cache.c +++ b/source/nsswitch/winbindd_cred_cache.c @@ -27,10 +27,20 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND +/* uncomment this to to fast debugging on the krb5 ticket renewal event */ +#ifdef DEBUG_KRB5_TKT_RENEWAL +#undef DEBUG_KRB5_TKT_RENEWAL +#endif + #define MAX_CCACHES 100 static struct WINBINDD_CCACHE_ENTRY *ccache_list; +/* The Krb5 ticket refresh handler should be scheduled + at one-half of the period from now till the tkt + expiration */ +#define KRB5_EVENT_REFRESH_TIME(x) ((x) - (((x) - time(NULL))/2)) + /**************************************************************** Find an entry by name. ****************************************************************/ @@ -115,7 +125,13 @@ static void krb5_ticket_refresh_handler(struct event_context *event_ctx, "for: %s in ccache: %s\n", entry->principal_name, entry->ccname)); - new_start = entry->refresh_time; +#if defined(DEBUG_KRB5_TKT_RENEWAL) + new_start = time(NULL) + 30; +#else + /* The tkt should be refreshed at one-half the period + from now to the expiration time */ + new_start = KRB5_EVENT_REFRESH_TIME(entry->refresh_time); +#endif goto done; } @@ -126,6 +142,12 @@ static void krb5_ticket_refresh_handler(struct event_context *event_ctx, entry->principal_name, entry->service, &new_start); +#if defined(DEBUG_KRB5_TKT_RENEWAL) + new_start = time(NULL) + 30; +#else + new_start = KRB5_EVENT_REFRESH_TIME(new_start); +#endif + gain_root_privilege(); if (ret) { @@ -168,7 +190,6 @@ static void krb5_ticket_gain_handler(struct event_context *event_ctx, talloc_get_type_abort(private_data, struct WINBINDD_CCACHE_ENTRY); #ifdef HAVE_KRB5 int ret; - time_t new_start; struct timeval t; struct WINBINDD_MEMORY_CREDS *cred_ptr = entry->cred_ptr; struct winbindd_domain *domain = NULL; @@ -215,9 +236,6 @@ static void krb5_ticket_gain_handler(struct event_context *event_ctx, DEBUG(10,("krb5_ticket_gain_handler: successful kinit for: %s in ccache: %s\n", entry->principal_name, entry->ccname)); - /* Renew at 1/2 the expiration time */ - new_start = entry->refresh_time / 2; - goto got_ticket; } @@ -233,11 +251,11 @@ static void krb5_ticket_gain_handler(struct event_context *event_ctx, got_ticket: -#if 0 /* TESTING */ +#if defined(DEBUG_KRB5_TKT_RENEWAL) t = timeval_set(time(NULL) + 30, 0); #else - t = timeval_set(new_start, 0); -#endif /* TESTING */ + t = timeval_set(KRB5_EVENT_REFRESH_TIME(entry->refresh_time), 0); +#endif entry->event = event_add_timed(winbind_event_context(), entry, t, @@ -372,7 +390,11 @@ NTSTATUS add_ccache_to_list(const char *princ_name, } else { /* Renew at 1/2 the ticket expiration time */ entry->event = event_add_timed(winbind_event_context(), entry, - timeval_set((ticket_end - 1)/2, 0), +#if defined(DEBUG_KRB5_TKT_RENEWAL) + timeval_set(time(NULL)+30, 0), +#else + timeval_set(KRB5_EVENT_REFRESH_TIME(ticket_end), 0), +#endif "krb5_ticket_refresh_handler", krb5_ticket_refresh_handler, entry); @@ -494,6 +516,7 @@ static NTSTATUS store_memory_creds(struct WINBINDD_MEMORY_CREDS *memcredp, const memcredp->len += strlen(pass)+1; } + #if defined(LINUX) /* aligning the memory on on x86_64 and compiling with gcc 4.1 using -O2 causes a segv in the diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c index d76cc07ce1e..ca5970875d1 100644 --- a/source/passdb/lookup_sid.c +++ b/source/passdb/lookup_sid.c @@ -466,10 +466,10 @@ static BOOL lookup_rids(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, return False; } - become_root_uid_only(); + become_root(); result = pdb_lookup_rids(domain_sid, num_rids, rids, *names, *types); - unbecome_root_uid_only(); + unbecome_root(); return (NT_STATUS_IS_OK(result) || NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) || @@ -1128,9 +1128,9 @@ static void legacy_uid_to_sid(DOM_SID *psid, uid_t uid) ZERO_STRUCTP(psid); - become_root_uid_only(); + become_root(); ret = pdb_uid_to_rid(uid, &rid); - unbecome_root_uid_only(); + unbecome_root(); if (ret) { /* This is a mapped user */ @@ -1161,9 +1161,9 @@ static void legacy_gid_to_sid(DOM_SID *psid, gid_t gid) ZERO_STRUCTP(psid); - become_root_uid_only(); + become_root(); ret = pdb_gid_to_sid(gid, psid); - unbecome_root_uid_only(); + unbecome_root(); if (ret) { /* This is a mapped group */ @@ -1201,9 +1201,9 @@ static BOOL legacy_sid_to_uid(const DOM_SID *psid, uid_t *puid) union unid_t id; BOOL ret; - become_root_uid_only(); + become_root(); ret = pdb_sid_to_id(psid, &id, &type); - unbecome_root_uid_only(); + unbecome_root(); if (ret) { if (type != SID_NAME_USER) { @@ -1252,9 +1252,9 @@ static BOOL legacy_sid_to_gid(const DOM_SID *psid, gid_t *pgid) sid_check_is_in_wellknown_domain(psid))) { BOOL ret; - become_root_uid_only(); + become_root(); ret = pdb_getgrsid(&map, *psid); - unbecome_root_uid_only(); + unbecome_root(); if (ret) { *pgid = map.gid; @@ -1267,9 +1267,9 @@ static BOOL legacy_sid_to_gid(const DOM_SID *psid, gid_t *pgid) if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) { BOOL ret; - become_root_uid_only(); + become_root(); ret = pdb_sid_to_id(psid, &id, &type); - unbecome_root_uid_only(); + unbecome_root(); if (ret) { if ((type != SID_NAME_DOM_GRP) && diff --git a/source/passdb/passdb.c b/source/passdb/passdb.c index d354a485c2d..be5d8e4ca64 100644 --- a/source/passdb/passdb.c +++ b/source/passdb/passdb.c @@ -702,7 +702,7 @@ NTSTATUS local_password_change(const char *user_name, int local_flags, } /* the 'other' acb bits not being changed here */ - other_acb = (pdb_get_acct_ctrl(sam_pass) & (!(ACB_WSTRUST|ACB_DOMTRUST|ACB_SVRTRUST|ACB_NORMAL))); + other_acb = (pdb_get_acct_ctrl(sam_pass) & (~(ACB_WSTRUST|ACB_DOMTRUST|ACB_SVRTRUST|ACB_NORMAL))); if (local_flags & LOCAL_TRUST_ACCOUNT) { if (!pdb_set_acct_ctrl(sam_pass, ACB_WSTRUST | other_acb, PDB_CHANGED) ) { slprintf(err_str, err_str_len - 1, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name); diff --git a/source/passdb/pdb_interface.c b/source/passdb/pdb_interface.c index ba251bc4cfb..66eb87752b1 100644 --- a/source/passdb/pdb_interface.c +++ b/source/passdb/pdb_interface.c @@ -1287,6 +1287,27 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods, goto done; } + /* check for "Unix User" */ + + if ( sid_peek_check_rid(&global_sid_Unix_Users, sid, &rid) ) { + id->uid = rid; + *type = SID_NAME_USER; + ret = True; + goto done; + } + + /* check for "Unix User" */ + + if ( sid_peek_check_rid(&global_sid_Unix_Groups, sid, &rid) ) { + id->gid = rid; + *type = SID_NAME_ALIAS; + ret = True; + goto done; + } + + + /* BUILTIN */ + if (sid_peek_check_rid(&global_sid_Builtin, sid, &rid)) { /* Here we only have aliases */ GROUP_MAP map; @@ -1309,7 +1330,7 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods, goto done; } - DEBUG(5, ("Sid %s is neither ours nor builtin, don't know it\n", + DEBUG(5, ("Sid %s is neither ours, a Unix SID, nor builtin\n", sid_string_static(sid))); done: diff --git a/source/passdb/pdb_plugin.c b/source/passdb/pdb_plugin.c deleted file mode 100644 index 9d835a48ad3..00000000000 --- a/source/passdb/pdb_plugin.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Loadable passdb module interface. - Copyright (C) Jelmer Vernooij 2002 - Copyright (C) Andrew Bartlett 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_PASSDB - -NTSTATUS pdb_init_plugin(struct pdb_methods **pdb_method, const char *location) -{ - void * dl_handle; - char *plugin_location, *plugin_name, *p; - pdb_init_function plugin_init; - int (*plugin_version)(void); - - if (location == NULL) { - DEBUG(0, ("The plugin module needs an argument!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - plugin_name = smb_xstrdup(location); - p = strchr(plugin_name, ':'); - if (p) { - *p = 0; - plugin_location = p+1; - trim_char(plugin_location, ' ', ' '); - } else { - plugin_location = NULL; - } - trim_char(plugin_name, ' ', ' '); - - DEBUG(5, ("Trying to load sam plugin %s\n", plugin_name)); - dl_handle = sys_dlopen(plugin_name, RTLD_NOW ); - if (!dl_handle) { - DEBUG(0, ("Failed to load sam plugin %s using sys_dlopen (%s)\n", plugin_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - plugin_version = sys_dlsym(dl_handle, "pdb_version"); - if (!plugin_version) { - sys_dlclose(dl_handle); - DEBUG(0, ("Failed to find function 'pdb_version' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - if (plugin_version() != PASSDB_INTERFACE_VERSION) { - sys_dlclose(dl_handle); - DEBUG(0, ("Wrong PASSDB_INTERFACE_VERSION! sam plugin has version %d and version %d is needed! Please update!\n", - plugin_version(),PASSDB_INTERFACE_VERSION)); - return NT_STATUS_UNSUCCESSFUL; - } - - plugin_init = sys_dlsym(dl_handle, "pdb_init"); - if (!plugin_init) { - sys_dlclose(dl_handle); - DEBUG(0, ("Failed to find function 'pdb_init' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - DEBUG(5, ("Starting sam plugin %s with location %s\n", plugin_name, plugin_location)); - return plugin_init(pdb_method, plugin_location); -} diff --git a/source/printing/print_cups.c b/source/printing/print_cups.c index 0fa73e5a6ca..e6c87873df6 100644 --- a/source/printing/print_cups.c +++ b/source/printing/print_cups.c @@ -1319,9 +1319,6 @@ BOOL cups_pull_comment_location(NT_PRINTER_INFO_LEVEL_2 *printer) } - ippDelete(response); - response = NULL; - ret = True; out: diff --git a/source/rpc_parse/parse_ds.c b/source/rpc_parse/parse_ds.c index c6131452226..61300f8a8d4 100644 --- a/source/rpc_parse/parse_ds.c +++ b/source/rpc_parse/parse_ds.c @@ -37,7 +37,7 @@ static BOOL ds_io_dominfobasic(const char *desc, DSROLE_PRIMARY_DOMAIN_INFO_BASI if ( !prs_uint16("machine_role", ps, depth, &p->machine_role) ) return False; - if ( !prs_uint16("unknown", ps, depth, &p->unknown) ) + if ( !prs_align(ps) ) return False; if ( !prs_uint32("flags", ps, depth, &p->flags) ) diff --git a/source/rpc_parse/parse_spoolss.c b/source/rpc_parse/parse_spoolss.c index 90c47950af7..57899ceff30 100644 --- a/source/rpc_parse/parse_spoolss.c +++ b/source/rpc_parse/parse_spoolss.c @@ -2388,6 +2388,7 @@ BOOL smb_io_printer_info_2(const char *desc, RPC_BUFFER *buffer, PRINTER_INFO_2 BOOL smb_io_printer_info_3(const char *desc, RPC_BUFFER *buffer, PRINTER_INFO_3 *info, int depth) { + uint32 offset = 0; prs_struct *ps=&buffer->prs; prs_debug(ps, depth, desc, "smb_io_printer_info_3"); @@ -2395,8 +2396,41 @@ BOOL smb_io_printer_info_3(const char *desc, RPC_BUFFER *buffer, PRINTER_INFO_3 buffer->struct_start=prs_offset(ps); - if (!prs_uint32("flags", ps, depth, &info->flags)) - return False; + if (MARSHALLING(ps)) { + /* Ensure the SD is 8 byte aligned in the buffer. */ + uint start = prs_offset(ps); /* Remember the start position. */ + uint off_val = 0; + + /* Write a dummy value. */ + if (!prs_uint32("offset", ps, depth, &off_val)) + return False; + + /* 8 byte align. */ + if (!prs_align_uint64(ps)) + return False; + + /* Remember where we must seek back to write the SD. */ + offset = prs_offset(ps); + + /* Calculate the real offset for the SD. */ + + off_val = offset - start; + + /* Seek back to where we store the SD offset & store. */ + prs_set_offset(ps, start); + if (!prs_uint32("offset", ps, depth, &off_val)) + return False; + + /* Return to after the 8 byte align. */ + prs_set_offset(ps, offset); + + } else { + if (!prs_uint32("offset", ps, depth, &offset)) + return False; + /* Seek within the buffer. */ + if (!prs_set_offset(ps, offset)) + return False; + } if (!sec_io_desc("sec_desc", &info->secdesc, ps, depth)) return False; @@ -3143,9 +3177,8 @@ return the size required by a struct in the stream uint32 spoolss_size_printer_info_3(PRINTER_INFO_3 *info) { - /* The 4 is for the self relative pointer.. */ - /* JRA !!!! TESTME - WHAT ABOUT prs_align.... !!! */ - return 4 + (uint32)sec_desc_size( info->secdesc ); + /* The 8 is for the self relative pointer - 8 byte aligned.. */ + return 8 + (uint32)sec_desc_size( info->secdesc ); } /******************************************************************* diff --git a/source/rpc_server/srv_dfs_nt.c b/source/rpc_server/srv_dfs_nt.c index e93b0077f0c..19d1693d924 100644 --- a/source/rpc_server/srv_dfs_nt.c +++ b/source/rpc_server/srv_dfs_nt.c @@ -69,7 +69,7 @@ WERROR _dfs_Add(pipes_struct *p, NETDFS_Q_DFS_ADD* q_u, NETDFS_R_DFS_ADD *r_u) pstrcat(altpath, sharename); /* The following call can change the cwd. */ - if(get_referred_path(p->mem_ctx, dfspath, &jn, &consumedcnt, &self_ref)) { + if(NT_STATUS_IS_OK(get_referred_path(p->mem_ctx, dfspath, &jn, &consumedcnt, &self_ref))) { exists = True; jn.referral_count += 1; old_referral_list = jn.referral_list; @@ -141,7 +141,7 @@ WERROR _dfs_Remove(pipes_struct *p, NETDFS_Q_DFS_REMOVE *q_u, DEBUG(5,("init_reply_dfs_remove: Request to remove %s -> %s\\%s.\n", dfspath, servername, sharename)); - if(!get_referred_path(p->mem_ctx, dfspath, &jn, &consumedcnt, &self_ref)) { + if(!NT_STATUS_IS_OK(get_referred_path(p->mem_ctx, dfspath, &jn, &consumedcnt, &self_ref))) { return WERR_DFS_NO_SUCH_VOL; } @@ -358,7 +358,7 @@ WERROR _dfs_GetInfo(pipes_struct *p, NETDFS_Q_DFS_GETINFO *q_u, return WERR_DFS_NO_SUCH_SERVER; /* The following call can change the cwd. */ - if(!get_referred_path(p->mem_ctx, path, &jn, &consumedcnt, &self_ref) || consumedcnt < strlen(path)) { + if(!NT_STATUS_IS_OK(get_referred_path(p->mem_ctx, path, &jn, &consumedcnt, &self_ref)) || consumedcnt < strlen(path)) { vfs_ChDir(p->conn,p->conn->connectpath); return WERR_DFS_NO_SUCH_VOL; } diff --git a/source/rpc_server/srv_lsa_ds.c b/source/rpc_server/srv_lsa_ds.c index 1e75175c2cd..db741a1b64a 100644 --- a/source/rpc_server/srv_lsa_ds.c +++ b/source/rpc_server/srv_lsa_ds.c @@ -25,9 +25,7 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_SRV -#if 0 /* disabled */ /******************************************************************* - api_reg_open_entry ********************************************************************/ static BOOL api_dsrole_get_primary_dominfo(pipes_struct *p) @@ -41,18 +39,17 @@ static BOOL api_dsrole_get_primary_dominfo(pipes_struct *p) ZERO_STRUCT(r_u); /* grab the request */ - if ( !ds_io_q_getprimdominfo("", data, 0, &q_u) ) + if ( !ds_io_q_getprimdominfo("", &q_u, data, 0) ) return False; /* construct reply. */ r_u.status = _dsrole_get_primary_dominfo( p, &q_u, &r_u ); - if ( !ds_io_r_getprimdominfo("", rdata, 0, &r_u) ) + if ( !ds_io_r_getprimdominfo("", &r_u, rdata, 0) ) return False; return True; } -#endif /******************************************************************* stub functions for unimplemented RPC @@ -70,12 +67,8 @@ static BOOL api_dsrole_stub( pipes_struct *p ) array of \PIPE\lsass (new windows 2000 UUID) operations ********************************************************************/ static struct api_struct api_lsa_ds_cmds[] = { - { "DS_NOP", DS_NOP, api_dsrole_stub } - -#if 0 /* disabled due to breakage with viewing domain users and groups - on a Samba PDC from win2k clients --jerry CIFS 2003 */ + { "DS_NOP", DS_NOP, api_dsrole_stub }, { "DS_GETPRIMDOMINFO", DS_GETPRIMDOMINFO, api_dsrole_get_primary_dominfo } -#endif }; diff --git a/source/rpc_server/srv_lsa_ds_nt.c b/source/rpc_server/srv_lsa_ds_nt.c index b410af8dedf..f387bec9b6d 100644 --- a/source/rpc_server/srv_lsa_ds_nt.c +++ b/source/rpc_server/srv_lsa_ds_nt.c @@ -36,7 +36,7 @@ static NTSTATUS fill_dsrole_dominfo_basic(TALLOC_CTX *ctx, DSROLE_PRIMARY_DOMAIN_INFO_BASIC **info) { DSROLE_PRIMARY_DOMAIN_INFO_BASIC *basic; - const char *netbios_domain; + const char *netbios_domain = ""; fstring dnsdomain; DEBUG(10,("fill_dsrole_dominfo_basic: enter\n")); @@ -46,49 +46,54 @@ static NTSTATUS fill_dsrole_dominfo_basic(TALLOC_CTX *ctx, DSROLE_PRIMARY_DOMAIN return NT_STATUS_NO_MEMORY; } - get_mydnsdomname(dnsdomain); - strlower_m(dnsdomain); - switch ( lp_server_role() ) { case ROLE_STANDALONE: basic->machine_role = DSROLE_STANDALONE_SRV; + basic->netbios_ptr = 1; + netbios_domain = get_global_sam_name(); break; case ROLE_DOMAIN_MEMBER: + basic->netbios_ptr = 1; + netbios_domain = lp_workgroup(); basic->machine_role = DSROLE_DOMAIN_MEMBER_SRV; break; case ROLE_DOMAIN_BDC: + basic->netbios_ptr = 1; + netbios_domain = get_global_sam_name(); basic->machine_role = DSROLE_BDC; - basic->flags = DSROLE_PRIMARY_DS_RUNNING|DSROLE_PRIMARY_DS_MIXED_MODE; - if ( secrets_fetch_domain_guid( lp_workgroup(), &basic->domain_guid ) ) - basic->flags |= DSROLE_PRIMARY_DOMAIN_GUID_PRESENT; break; case ROLE_DOMAIN_PDC: + basic->netbios_ptr = 1; + netbios_domain = get_global_sam_name(); basic->machine_role = DSROLE_PDC; - basic->flags = DSROLE_PRIMARY_DS_RUNNING|DSROLE_PRIMARY_DS_MIXED_MODE; - if ( secrets_fetch_domain_guid( lp_workgroup(), &basic->domain_guid ) ) - basic->flags |= DSROLE_PRIMARY_DOMAIN_GUID_PRESENT; break; } - basic->unknown = 0x6173; /* seen on the wire; maybe padding */ - /* always set netbios name */ - basic->netbios_ptr = 1; - netbios_domain = get_global_sam_name(); - init_unistr2( &basic->netbios_domain, netbios_domain, UNI_FLAGS_NONE); + init_unistr2( &basic->netbios_domain, netbios_domain, UNI_STR_TERMINATE); - basic->dnsname_ptr = 1; - init_unistr2( &basic->dns_domain, dnsdomain, UNI_FLAGS_NONE); - basic->forestname_ptr = 1; - init_unistr2( &basic->forest_domain, dnsdomain, UNI_FLAGS_NONE); - + if ( secrets_fetch_domain_guid( lp_workgroup(), &basic->domain_guid ) ) + basic->flags |= DSROLE_PRIMARY_DOMAIN_GUID_PRESENT; /* fill in some additional fields if we are a member of an AD domain */ - if ( lp_security() == SEC_ADS ) { - /* TODO */ - ;; + if ( lp_security() == SEC_ADS ) { + fstrcpy( dnsdomain, lp_realm() ); + strlower_m( dnsdomain ); + + basic->dnsname_ptr = 1; + init_unistr2( &basic->dns_domain, dnsdomain, UNI_STR_TERMINATE); + basic->forestname_ptr = 1; + init_unistr2( &basic->forest_domain, dnsdomain, UNI_STR_TERMINATE); + } else { + get_mydnsdomname(dnsdomain); + strlower_m(dnsdomain); + + basic->dnsname_ptr = 1; + init_unistr2( &basic->dns_domain, dnsdomain, UNI_FLAGS_NONE); + basic->forestname_ptr = 1; + init_unistr2( &basic->forest_domain, dnsdomain, UNI_FLAGS_NONE); } *info = basic; diff --git a/source/rpc_server/srv_spoolss_nt.c b/source/rpc_server/srv_spoolss_nt.c index 33bfaa6cc84..6b6306337cc 100644 --- a/source/rpc_server/srv_spoolss_nt.c +++ b/source/rpc_server/srv_spoolss_nt.c @@ -4208,8 +4208,6 @@ static BOOL construct_printer_info_3(Printer_entry *print_hnd, PRINTER_INFO_3 ** /* These are the components of the SD we are returning. */ - printer->flags = 0x4; - if (ntprinter->info_2->secdesc_buf && ntprinter->info_2->secdesc_buf->len != 0) { /* don't use talloc_steal() here unless you do a deep steal of all the SEC_DESC members */ diff --git a/source/rpcclient/cmd_spoolss.c b/source/rpcclient/cmd_spoolss.c index 6e6d7986f5a..2665a30dc3a 100644 --- a/source/rpcclient/cmd_spoolss.c +++ b/source/rpcclient/cmd_spoolss.c @@ -276,8 +276,6 @@ static void display_print_info_2(PRINTER_INFO_2 *i2) static void display_print_info_3(PRINTER_INFO_3 *i3) { - printf("\tflags:[0x%x]\n", i3->flags); - display_sec_desc(i3->secdesc); printf("\n"); @@ -2573,7 +2571,7 @@ static BOOL compare_printer_secdesc( struct rpc_pipe_client *cli1, POLICY_HND *h goto done; } - if ( (ctr1.printers_3->flags != ctr1.printers_3->flags ) || !sec_desc_equal( sd1, sd2 ) ) { + if (!sec_desc_equal( sd1, sd2 ) ) { printf("Security Descriptors *not* equal!\n"); result = False; goto done; diff --git a/source/script/tests/test_posix_s3.sh b/source/script/tests/test_posix_s3.sh index 690399f8212..94b399388c5 100755 --- a/source/script/tests/test_posix_s3.sh +++ b/source/script/tests/test_posix_s3.sh @@ -36,11 +36,16 @@ raw="$raw RAW-SAMBA3HIDE RAW-SAMBA3BADPATH" rpc="RPC-AUTHCONTEXT RPC-BINDSAMBA3 RPC-SAMBA3-SRVSVC RPC-SAMBA3-SHARESEC" rpc="$rpc RPC-UNIXINFO RPC-SAMBA3-SPOOLSS RPC-SAMBA3-WKSSVC" +# NOTE: to enable the UNIX-WHOAMI test, we need to change the default share +# config to allow guest access. I'm not sure whether this would break other +# tests, so leaving it alone for now -- jpeach +unix="UNIX-INFO2" + if test x$RUN_FROM_BUILD_FARM = xyes; then rpc="$rpc RPC-NETLOGSAMBA3 RPC-SAMBA3SESSIONKEY RPC-SAMBA3-GETUSERNAME" fi -tests="$base $raw $rpc" +tests="$base $raw $rpc $unix" skipped="BASE-CHARSET BASE-DEFER_OPEN BASE-DELAYWRITE BASE-OPENATTR BASE-TCONDEV" skipped="$skipped RAW-ACLS RAW-COMPOSITE RAW-CONTEXT RAW-EAS" diff --git a/source/smbd/ipc.c b/source/smbd/ipc.c index ca128d29d9c..6e5ff9f0359 100644 --- a/source/smbd/ipc.c +++ b/source/smbd/ipc.c @@ -478,8 +478,8 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, if (state->total_data) { /* Can't use talloc here, the core routines do realloc on the - * params and data. */ - state->data = (char *)SMB_MALLOC(state->total_data); + * params and data. Out of paranoia, 100 bytes too many. */ + state->data = (char *)SMB_MALLOC(state->total_data+100); if (state->data == NULL) { DEBUG(0,("reply_trans: data malloc fail for %u " "bytes !\n", (unsigned int)state->total_data)); @@ -487,6 +487,8 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, END_PROFILE(SMBtrans); return(ERROR_DOS(ERRDOS,ERRnomem)); } + /* null-terminate the slack space */ + memset(&state->data[state->total_data], 0, 100); if ((dsoff+dscnt < dsoff) || (dsoff+dscnt < dscnt)) goto bad_param; if ((smb_base(inbuf)+dsoff+dscnt > inbuf + size) || @@ -498,8 +500,8 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, if (state->total_param) { /* Can't use talloc here, the core routines do realloc on the - * params and data. */ - state->param = (char *)SMB_MALLOC(state->total_param); + * params and data. Out of paranoia, 100 bytes too many */ + state->param = (char *)SMB_MALLOC(state->total_param+100); if (state->param == NULL) { DEBUG(0,("reply_trans: param malloc fail for %u " "bytes !\n", (unsigned int)state->total_param)); @@ -508,6 +510,8 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, END_PROFILE(SMBtrans); return(ERROR_DOS(ERRDOS,ERRnomem)); } + /* null-terminate the slack space */ + memset(&state->param[state->total_param], 0, 100); if ((psoff+pscnt < psoff) || (psoff+pscnt < pscnt)) goto bad_param; if ((smb_base(inbuf)+psoff+pscnt > inbuf + size) || diff --git a/source/smbd/lanman.c b/source/smbd/lanman.c index 8ecc965c0d3..79aea8544f2 100644 --- a/source/smbd/lanman.c +++ b/source/smbd/lanman.c @@ -2,6 +2,7 @@ Unix SMB/CIFS implementation. Inter-process communication and named pipe handling Copyright (C) Andrew Tridgell 1992-1998 + Copyright (C) Jeremy Allison 2007. SMB Version handling Copyright (C) John H Terpstra 1995-1998 @@ -50,10 +51,13 @@ extern userdom_struct current_user_info; #define SHPWLEN 8 /* share password length */ -static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param, char *data, - int mdrcnt, int mprcnt, - char **rdata, char **rparam, - int *rdata_len, int *rparam_len); +static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, int mprcnt, + char **rdata, char **rparam, + int *rdata_len, int *rparam_len); + static BOOL api_TooSmall(connection_struct *conn, uint16 vuid, char *param, char *data, int mdrcnt, int mprcnt, char **rdata, char **rparam, @@ -437,12 +441,18 @@ static int check_printq_info(struct pack_desc* desc, desc->subformat = "z"; break; default: + DEBUG(0,("check_printq_info: invalid level %d\n", + uLevel )); return False; } - if (strcmp(desc->format,id1) != 0) { + if (id1 == NULL || strcmp(desc->format,id1) != 0) { + DEBUG(0,("check_printq_info: invalid format %s\n", + id1 ? id1 : "<NULL>" )); return False; } - if (desc->subformat && strcmp(desc->subformat,id2) != 0) { + if (desc->subformat && (id2 == NULL || strcmp(desc->subformat,id2) != 0)) { + DEBUG(0,("check_printq_info: invalid subformat %s\n", + id2 ? id2 : "<NULL>" )); return False; } return True; @@ -585,7 +595,7 @@ static void fill_printq_info_52(connection_struct *conn, int snum, lp_servicename(snum))); goto err; } - + if ( !W_ERROR_IS_OK(get_a_printer_driver(&driver, 3, printer->info_2->drivername, "Windows 4.0", 0)) ) { @@ -597,17 +607,17 @@ static void fill_printq_info_52(connection_struct *conn, int snum, trim_string(driver.info_3->driverpath, "\\print$\\WIN40\\0\\", 0); trim_string(driver.info_3->datafile, "\\print$\\WIN40\\0\\", 0); trim_string(driver.info_3->helpfile, "\\print$\\WIN40\\0\\", 0); - + PACKI(desc, "W", 0x0400); /* don't know */ PACKS(desc, "z", driver.info_3->name); /* long printer name */ PACKS(desc, "z", driver.info_3->driverpath); /* Driverfile Name */ PACKS(desc, "z", driver.info_3->datafile); /* Datafile name */ PACKS(desc, "z", driver.info_3->monitorname); /* language monitor */ - + fstrcpy(location, "\\\\%L\\print$\\WIN40\\0"); standard_sub_basic( "", "", location, sizeof(location)-1 ); PACKS(desc,"z", location); /* share to retrieve files */ - + PACKS(desc,"z", driver.info_3->defaultdatatype); /* default data type */ PACKS(desc,"z", driver.info_3->helpfile); /* helpfile name */ PACKS(desc,"z", driver.info_3->driverpath); /* driver name */ @@ -627,12 +637,12 @@ static void fill_printq_info_52(connection_struct *conn, int snum, PACKS(desc,"z",driver.info_3->dependentfiles[i]); /* driver files to copy */ DEBUG(3,("Dependent File: %s:\n",driver.info_3->dependentfiles[i])); } - + /* sanity check */ if ( i != count ) DEBUG(3,("fill_printq_info_52: file count specified by client [%d] != number of dependent files [%i]\n", count, i)); - + DEBUG(3,("fill_printq_info on <%s> gave %d entries\n", SERVICE(snum),i)); desc->errcode=NERR_Success; @@ -645,7 +655,7 @@ err: done: if ( printer ) free_a_printer( &printer, 2 ); - + if ( driver.info_3 ) free_a_printer_driver( driver, 3 ); } @@ -743,7 +753,7 @@ static int get_printerdrivernumber(int snum) lp_servicename(snum))); goto done; } - + if ( !W_ERROR_IS_OK(get_a_printer_driver(&driver, 3, printer->info_2->drivername, "Windows 4.0", 0)) ) { @@ -751,7 +761,7 @@ static int get_printerdrivernumber(int snum) printer->info_2->drivername)); goto done; } - + /* count the number of files */ while ( driver.info_3->dependentfiles && *driver.info_3->dependentfiles[result] ) result++; @@ -759,39 +769,47 @@ static int get_printerdrivernumber(int snum) done: if ( printer ) free_a_printer( &printer, 2 ); - + if ( driver.info_3 ) free_a_printer_driver( driver, 3 ); - + return result; } -static BOOL api_DosPrintQGetInfo(connection_struct *conn, - uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); char *QueueName = p; unsigned int uLevel; int count=0; int snum; - char* str3; + char *str3; struct pack_desc desc; print_queue_struct *queue=NULL; print_status_struct status; char* tmpdata=NULL; + if (!str1 || !str2 || !p) { + return False; + } memset((char *)&status,'\0',sizeof(status)); memset((char *)&desc,'\0',sizeof(desc)); - - p = skip_string(p,1); - uLevel = SVAL(p,0); - str3 = p + 4; - + + p = skip_string(param,tpscnt,p); + if (!p) { + return False; + } + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + str3 = get_safe_str_ptr(param,tpscnt,p,4); + /* str3 may be null here and is checked in check_printq_info(). */ + /* remove any trailing username */ if ((p = strchr_m(QueueName,'%'))) *p = 0; @@ -883,16 +901,18 @@ static BOOL api_DosPrintQGetInfo(connection_struct *conn, View list of all print jobs on all queues. ****************************************************************************/ -static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, char* data, - int mdrcnt, int mprcnt, - char **rdata, char** rparam, - int *rdata_len, int *rparam_len) +static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, int mprcnt, + char **rdata, char** rparam, + int *rdata_len, int *rparam_len) { - char *param_format = param+2; - char *output_format1 = skip_string(param_format,1); - char *p = skip_string(output_format1,1); - unsigned int uLevel = SVAL(p,0); - char *output_format2 = p + 4; + char *param_format = get_safe_str_ptr(param,tpscnt,param,2); + char *output_format1 = skip_string(param,tpscnt,param_format); + char *p = skip_string(param,tpscnt,output_format1); + unsigned int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + char *output_format2 = get_safe_str_ptr(param,tpscnt,p,4); int services = lp_numservices(); int i, n; struct pack_desc desc; @@ -901,6 +921,10 @@ static BOOL api_DosPrintQEnum(connection_struct *conn, uint16 vuid, char* param, int *subcntarr = NULL; int queuecnt = 0, subcnt = 0, succnt = 0; + if (!param_format || !output_format1 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); DEBUG(3,("DosPrintQEnum uLevel=%d\n",uLevel)); @@ -1252,16 +1276,18 @@ static BOOL srv_comp(struct srv_info_struct *s1,struct srv_info_struct *s2) extracted from lists saved by nmbd on the local host. ****************************************************************************/ -static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param, char *data, - int mdrcnt, int mprcnt, char **rdata, - char **rparam, int *rdata_len, int *rparam_len) +static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, int mprcnt, char **rdata, + char **rparam, int *rdata_len, int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); - uint32 servertype = IVAL(p,4); + char *str1 = get_safe_str_ptr(param, tpscnt, param, 2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); + int uLevel = get_safe_SVAL(param, tpscnt, p, 0, -1); + int buf_len = get_safe_SVAL(param,tpscnt, p, 2, 0); + uint32 servertype = get_safe_IVAL(param,tpscnt,p,4, 0); char *p2; int data_len, fixed_len, string_len; int f_len = 0, s_len = 0; @@ -1272,6 +1298,10 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param BOOL domain_request; BOOL local_request; + if (!str1 || !str2 || !p) { + return False; + } + /* If someone sets all the bits they don't really mean to set DOMAIN_ENUM and LOCAL_LIST_ONLY, they just want all the known servers. */ @@ -1307,6 +1337,9 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request))); if (strcmp(str1, "WrLehDz") == 0) { + if (skip_string(param,tpscnt,p) == NULL) { + return False; + } pull_ascii_fstring(domain, p); } else { fstrcpy(domain, lp_workgroup()); @@ -1399,18 +1432,24 @@ static BOOL api_RNetServerEnum(connection_struct *conn, uint16 vuid, char *param command 0x34 - suspected of being a "Lookup Names" stub api ****************************************************************************/ -static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, char *param, char *data, - int mdrcnt, int mprcnt, char **rdata, - char **rparam, int *rdata_len, int *rparam_len) +static BOOL api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, int mprcnt, char **rdata, + char **rparam, int *rdata_len, int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + int buf_len = get_safe_SVAL(param,tpscnt,p,2,0); int counted=0; int missed=0; + if (!str1 || !str2 || !p) { + return False; + } + DEBUG(5,("RNetGroupGetUsers: %s %s %s %d %d\n", str1, str2, p, uLevel, buf_len)); @@ -1582,18 +1621,25 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, return len; } -static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *netname = skip_string(str2,1); - char *p = skip_string(netname,1); - int uLevel = SVAL(p,0); - int snum = find_service(netname); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *netname = skip_string(param,tpscnt,str2); + char *p = skip_string(param,tpscnt,netname); + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + int snum; + if (!str1 || !str2 || !netname || !p) { + return False; + } + + snum = find_service(netname); if (snum < 0) { return False; } @@ -1638,22 +1684,21 @@ static BOOL api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *para Share names longer than 12 bytes must be skipped. ****************************************************************************/ -static BOOL api_RNetShareEnum( connection_struct *conn, - uint16 vuid, - char *param, - char *data, - int mdrcnt, - int mprcnt, - char **rdata, - char **rparam, - int *rdata_len, - int *rparam_len ) +static BOOL api_RNetShareEnum( connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, + int mprcnt, + char **rdata, + char **rparam, + int *rdata_len, + int *rparam_len ) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); - int buf_len = SVAL(p,2); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + int buf_len = get_safe_SVAL(param,tpscnt,p,2,0); char *p2; int count = 0; int total=0,counted=0; @@ -1662,6 +1707,10 @@ static BOOL api_RNetShareEnum( connection_struct *conn, int data_len, fixed_len, string_len; int f_len = 0, s_len = 0; + if (!str1 || !str2 || !p) { + return False; + } + if (!prefix_ok(str1,"WrLeh")) { return False; } @@ -1742,15 +1791,17 @@ static BOOL api_RNetShareEnum( connection_struct *conn, Add a share ****************************************************************************/ -static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); fstring sharename; fstring comment; pstring pathname; @@ -1759,6 +1810,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch int snum; int res = ERRunsup; + if (!str1 || !str2 || !p) { + return False; + } + /* check it's a supported varient */ if (!prefix_ok(str1,RAP_WShareAdd_REQ)) { return False; @@ -1770,6 +1825,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch return False; } + /* Do we have a string ? */ + if (skip_string(data,mdrcnt,data) == NULL) { + return False; + } pull_ascii_fstring(sharename,data); snum = find_service(sharename); if (snum >= 0) { /* already exists */ @@ -1777,6 +1836,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch goto error_exit; } + if (mdrcnt < 28) { + return False; + } + /* only support disk share adds */ if (SVAL(data,14)!=STYPE_DISKTREE) { return False; @@ -1788,6 +1851,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch goto error_exit; } + /* Do we have a string ? */ + if (skip_string(data,mdrcnt,data+offset) == NULL) { + return False; + } pull_ascii_fstring(comment, offset? (data+offset) : ""); offset = IVAL(data, 26); @@ -1797,6 +1864,10 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch goto error_exit; } + /* Do we have a string ? */ + if (skip_string(data,mdrcnt,data+offset) == NULL) { + return False; + } pull_ascii_pstring(pathname, offset? (data+offset) : ""); string_replace(sharename, '"', ' '); @@ -1857,23 +1928,29 @@ static BOOL api_RNetShareAdd(connection_struct *conn,uint16 vuid, char *param,ch view list of groups available ****************************************************************************/ -static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { int i; int errflags=0; int resume_context, cli_buf_size; - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); struct pdb_search *search; struct samr_displayentry *entries; int num_entries; + if (!str1 || !str2 || !p) { + return False; + } + if (strcmp(str1,"WrLeh") != 0) { return False; } @@ -1900,8 +1977,8 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c return False; } - resume_context = SVAL(p,0); - cli_buf_size=SVAL(p+2,0); + resume_context = get_safe_SVAL(param,tpscnt,p,0,-1); + cli_buf_size= get_safe_SVAL(param,tpscnt,p,2,0); DEBUG(10,("api_RNetGroupEnum:resume context: %d, client buffer size: " "%d\n", resume_context, cli_buf_size)); @@ -1957,16 +2034,18 @@ static BOOL api_RNetGroupEnum(connection_struct *conn,uint16 vuid, char *param,c Get groups that a user is a member of. ******************************************************************/ -static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *UserName = skip_string(str2,1); - char *p = skip_string(UserName,1); - int uLevel = SVAL(p,0); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *UserName = skip_string(param,tpscnt,str2); + char *p = skip_string(param,tpscnt,UserName); + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); const char *level_string; int count=0; struct samu *sampw = NULL; @@ -1980,6 +2059,10 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para enum lsa_SidType type; TALLOC_CTX *mem_ctx; + if (!str1 || !str2 || !UserName || !p) { + return False; + } + *rparam_len = 8; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); if (!*rparam) { @@ -2090,10 +2173,12 @@ done: Get all users. ******************************************************************/ -static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_RNetUserEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { int count_sent=0; int num_users=0; @@ -2102,9 +2187,13 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch struct pdb_search *search; struct samr_displayentry *users; - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); + + if (!str1 || !str2 || !p) { + return False; + } if (strcmp(str1,"WrLeh") != 0) return False; @@ -2116,8 +2205,8 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch * h -> return parameter total number of users */ - resume_context = SVAL(p,0); - cli_buf_size=SVAL(p+2,0); + resume_context = get_safe_SVAL(param,tpscnt,p,0,-1); + cli_buf_size= get_safe_SVAL(param,tpscnt,p,2,0); DEBUG(10,("api_RNetUserEnum:resume context: %d, client buffer size: %d\n", resume_context, cli_buf_size)); @@ -2188,10 +2277,12 @@ static BOOL api_RNetUserEnum(connection_struct *conn,uint16 vuid, char *param,ch Get the time of day info. ****************************************************************************/ -static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { struct tm *t; time_t unixdate = time(NULL); @@ -2244,21 +2335,46 @@ static BOOL api_NetRemoteTOD(connection_struct *conn,uint16 vuid, char *param,ch Set the user password. *****************************************************************************/ -static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *p = skip_string(param+2,2); + char *np = get_safe_str_ptr(param,tpscnt,param,2); + char *p = NULL; fstring user; fstring pass1,pass2; + /* Skip 2 strings. */ + p = skip_string(param,tpscnt,np); + p = skip_string(param,tpscnt,p); + + if (!np || !p) { + return False; + } + + /* Do we have a string ? */ + if (skip_string(param,tpscnt,p) == NULL) { + return False; + } pull_ascii_fstring(user,p); - p = skip_string(p,1); + p = skip_string(param,tpscnt,p); + if (!p) { + return False; + } memset(pass1,'\0',sizeof(pass1)); memset(pass2,'\0',sizeof(pass2)); + /* + * We use 31 here not 32 as we're checking + * the last byte we want to access is safe. + */ + if (!is_offset_safe(param,tpscnt,p,31)) { + return False; + } memcpy(pass1,p,16); memcpy(pass2,p+16,16); @@ -2330,19 +2446,24 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param Set the user password (SamOEM version - gets plaintext). ****************************************************************************/ -static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { fstring user; - char *p = param + 2; + char *p = get_safe_str_ptr(param,tpscnt,param,2); *rparam_len = 2; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); if (!*rparam) { return False; } + if (!p) { + return False; + } *rdata_len = 0; SSVAL(*rparam,0,NERR_badpass); @@ -2351,17 +2472,35 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * * Check the parameter definition is correct. */ - if(!strequal(param + 2, "zsT")) { - DEBUG(0,("api_SamOEMChangePassword: Invalid parameter string %s\n", param + 2)); + /* Do we have a string ? */ + if (skip_string(param,tpscnt,p) == 0) { + return False; + } + if(!strequal(p, "zsT")) { + DEBUG(0,("api_SamOEMChangePassword: Invalid parameter string %s\n", p)); + return False; + } + p = skip_string(param, tpscnt, p); + if (!p) { return False; } - p = skip_string(p, 1); + /* Do we have a string ? */ + if (skip_string(param,tpscnt,p) == 0) { + return False; + } if(!strequal(p, "B516B16")) { DEBUG(0,("api_SamOEMChangePassword: Invalid data parameter string %s\n", p)); return False; } - p = skip_string(p,1); + p = skip_string(param,tpscnt,p); + if (!p) { + return False; + } + /* Do we have a string ? */ + if (skip_string(param,tpscnt,p) == 0) { + return False; + } p += pull_ascii_fstring(user,p); DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user)); @@ -2385,21 +2524,33 @@ static BOOL api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, char * Form: <W> <> ****************************************************************************/ -static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - int function = SVAL(param,0); - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + int function = get_safe_SVAL(param,tpscnt,param,0,0); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); uint32 jobid; int snum; fstring sharename; int errcode; WERROR werr = WERR_OK; + if (!str1 || !str2 || !p) { + return False; + } + /* + * We use 1 here not 2 as we're checking + * the last byte we want to access is safe. + */ + if (!is_offset_safe(param,tpscnt,p,1)) { + return False; + } if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) return False; @@ -2456,19 +2607,25 @@ static BOOL api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, char *param Purge a print queue - or pause or resume it. ****************************************************************************/ -static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - int function = SVAL(param,0); - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *QueueName = skip_string(str2,1); + int function = get_safe_SVAL(param,tpscnt,param,0,0); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *QueueName = skip_string(param,tpscnt,str2); int errcode = NERR_notsupported; int snum; WERROR werr = WERR_OK; + if (!str1 || !str2 || !QueueName) { + return False; + } + /* check it's a supported varient */ if (!(strcsequal(str1,"z") && strcsequal(str2,""))) return(False); @@ -2480,6 +2637,9 @@ static BOOL api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, char *param } *rdata_len = 0; + if (skip_string(param,tpscnt,QueueName) == NULL) { + return False; + } snum = print_queue_snum(QueueName); if (snum == -1) { @@ -2526,27 +2686,46 @@ static int check_printjob_info(struct pack_desc* desc, case 2: desc->format = "WWzWWDDzz"; break; case 3: desc->format = "WWzWWDDzzzzzzzzzzlz"; break; case 4: desc->format = "WWzWWDDzzzzzDDDDDDD"; break; - default: return False; + default: + DEBUG(0,("check_printjob_info: invalid level %d\n", + uLevel )); + return False; + } + if (id == NULL || strcmp(desc->format,id) != 0) { + DEBUG(0,("check_printjob_info: invalid format %s\n", + id ? id : "<NULL>" )); + return False; } - if (strcmp(desc->format,id) != 0) return False; return True; } -static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_PrintJobInfo(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { struct pack_desc desc; - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); uint32 jobid; fstring sharename; - int uLevel = SVAL(p,2); - int function = SVAL(p,4); + int uLevel = get_safe_SVAL(param,tpscnt,p,2,-1); + int function = get_safe_SVAL(param,tpscnt,p,4,-1); int place, errcode; + if (!str1 || !str2 || !p) { + return False; + } + /* + * We use 1 here not 2 as we're checking + * the last byte we want to access is safe. + */ + if (!is_offset_safe(param,tpscnt,p,1)) { + return False; + } if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) return False; *rparam_len = 4; @@ -2608,18 +2787,24 @@ static BOOL api_PrintJobInfo(connection_struct *conn,uint16 vuid,char *param,cha Get info about the server. ****************************************************************************/ -static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - int uLevel = SVAL(p,0); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); char *p2; int struct_len; + if (!str1 || !str2 || !p) { + return False; + } + DEBUG(4,("NetServerGetInfo level %d\n",uLevel)); /* check it's a supported varient */ @@ -2714,7 +2899,10 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par current_user_info.domain, comment, sizeof(comment)); StrnCpy(p2,comment,MAX(mdrcnt - struct_len,0)); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } } } @@ -2740,16 +2928,22 @@ static BOOL api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, char *par Get info about the server. ****************************************************************************/ -static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); char *p2; - int level = SVAL(p,0); + int level = get_safe_SVAL(param,tpscnt,p,0,-1); + + if (!str1 || !str2 || !p) { + return False; + } DEBUG(4,("NetWkstaGetInfo level %d\n",level)); @@ -2774,23 +2968,35 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param SSVAL(*rparam,2,0); /* converter word */ p = *rdata; - p2 = p + 22; + p2 = get_safe_ptr(*rdata,*rdata_len,p,22); + if (!p2) { + return False; + } SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */ pstrcpy(p2,get_local_machine_name()); strupper_m(p2); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); pstrcpy(p2,current_user_info.smb_name); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */ pstrcpy(p2,lp_workgroup()); strupper_m(p2); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } p += 4; SCVAL(p,0,lp_major_announce_version()); /* system version - e.g 4 in 4.1 */ @@ -2799,12 +3005,18 @@ static BOOL api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, char *param SIVAL(p,0,PTR_DIFF(p2,*rdata)); pstrcpy(p2,lp_workgroup()); /* don't know. login domain?? */ - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } p += 4; SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */ pstrcpy(p2,""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } p += 4; *rdata_len = PTR_DIFF(p2,*rdata); @@ -2984,16 +3196,18 @@ There is no auxiliary data in the response. #define AF_OP_ACCOUNTS 3 -static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *UserName = skip_string(str2,1); - char *p = skip_string(UserName,1); - int uLevel = SVAL(p,0); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *UserName = skip_string(param,tpscnt,str2); + char *p = skip_string(param,tpscnt,UserName); + int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); char *p2; const char *level_string; @@ -3006,6 +3220,10 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param vuser->user.unix_name)); } + if (!str1 || !str2 || !UserName || !p) { + return False; + } + *rparam_len = 6; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); if (!*rparam) { @@ -3041,7 +3259,10 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SSVAL(*rparam,2,0); /* converter word */ p = *rdata; - p2 = p + usri11_end; + p2 = get_safe_ptr(*rdata,*rdata_len,p,usri11_end); + if (!p2) { + return False; + } memset(p,0,21); fstrcpy(p+usri11_name,UserName); /* 21 bytes - user name */ @@ -3054,16 +3275,25 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param if (uLevel >= 10) { SIVAL(p,usri11_comment,PTR_DIFF(p2,p)); /* comment */ pstrcpy(p2,"Comment"); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } SIVAL(p,usri11_usr_comment,PTR_DIFF(p2,p)); /* user_comment */ pstrcpy(p2,"UserComment"); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } /* EEK! the cifsrap.txt doesn't have this in!!!! */ SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */ pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } } if (uLevel == 11) { @@ -3073,22 +3303,34 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param SIVALS(p,usri11_password_age,-1); /* password age */ SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */ pstrcpy(p2, vuser && vuser->homedir ? vuser->homedir : ""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } SIVAL(p,usri11_parms,PTR_DIFF(p2,p)); /* parms */ pstrcpy(p2,""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } SIVAL(p,usri11_last_logon,0); /* last logon */ SIVAL(p,usri11_last_logoff,0); /* last logoff */ SSVALS(p,usri11_bad_pw_count,-1); /* bad pw counts */ SSVALS(p,usri11_num_logons,-1); /* num logons */ SIVAL(p,usri11_logon_server,PTR_DIFF(p2,p)); /* logon server */ pstrcpy(p2,"\\\\*"); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } SSVAL(p,usri11_country_code,0); /* country code */ SIVAL(p,usri11_workstations,PTR_DIFF(p2,p)); /* workstations */ pstrcpy(p2,""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } SIVALS(p,usri11_max_storage,-1); /* max storage */ SSVAL(p,usri11_units_per_week,168); /* units per week */ @@ -3097,7 +3339,10 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param /* a simple way to get logon hours at all times. */ memset(p2,0xff,21); SCVAL(p2,21,0); /* fix zero termination */ - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } SSVAL(p,usri11_code_page,0); /* code page */ } @@ -3109,22 +3354,34 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ pstrcpy(p2, vuser && vuser->homedir ? vuser->homedir : ""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } SIVAL(p,48,PTR_DIFF(p2,*rdata)); /* comment */ *p2++ = 0; SSVAL(p,52,0); /* flags */ SIVAL(p,54,PTR_DIFF(p2,*rdata)); /* script_path */ pstrcpy(p2,vuser && vuser->logon_script ? vuser->logon_script : ""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } if (uLevel == 2) { SIVAL(p,60,0); /* auth_flags */ SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ pstrcpy(p2,((vuser != NULL) ? vuser->user.full_name : UserName)); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } SIVAL(p,68,0); /* urs_comment */ SIVAL(p,72,PTR_DIFF(p2,*rdata)); /* parms */ pstrcpy(p2,""); - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } SIVAL(p,76,0); /* workstations */ SIVAL(p,80,0); /* last_logon */ SIVAL(p,84,0); /* last_logoff */ @@ -3143,7 +3400,10 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param standard_sub_basic("", "", tmp, sizeof(tmp)); pstrcpy(p2, tmp); } - p2 = skip_string(p2,1); + p2 = skip_string(*rdata,*rdata_len,p2); + if (!p2) { + return False; + } SSVAL(p,110,49); /* country_code */ SSVAL(p,112,860); /* code page */ } @@ -3156,14 +3416,16 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param return(True); } -static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; struct pack_desc desc; char* name; @@ -3171,13 +3433,20 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param Don't depend on vuser being non-null !!. JRA */ user_struct *vuser = get_valid_user_struct(vuid); + if (!str1 || !str2 || !p) { + return False; + } + if(vuser != NULL) { DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, vuser->user.unix_name)); } - uLevel = SVAL(p,0); - name = p + 2; + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); + name = get_safe_str_ptr(param,tpscnt,p,2); + if (!name) { + return False; + } memset((char *)&desc,'\0',sizeof(desc)); @@ -3250,16 +3519,25 @@ static BOOL api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, char *param api_WAccessGetUserPerms ****************************************************************************/ -static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *user = skip_string(str2,1); - char *resource = skip_string(user,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *user = skip_string(param,tpscnt,str2); + char *resource = skip_string(param,tpscnt,user); + if (!str1 || !str2 || !user || !resource) { + return False; + } + + if (skip_string(param,tpscnt,resource) == NULL) { + return False; + } DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user,resource)); /* check it's a supported varient */ @@ -3286,14 +3564,16 @@ static BOOL api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, char *p api_WPrintJobEnumerate ****************************************************************************/ -static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; int count; int i; @@ -3305,7 +3585,11 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para print_status_struct status; char *tmpdata=NULL; - uLevel = SVAL(p,2); + if (!str1 || !str2 || !p) { + return False; + } + + uLevel = get_safe_SVAL(param,tpscnt,p,2,-1); memset((char *)&desc,'\0',sizeof(desc)); memset((char *)&status,'\0',sizeof(status)); @@ -3379,15 +3663,17 @@ static BOOL api_WPrintJobGetInfo(connection_struct *conn,uint16 vuid, char *para return True; } -static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); - char* name = p; + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); + char *name = p; int uLevel; int count; int i, succnt=0; @@ -3396,11 +3682,18 @@ static BOOL api_WPrintJobEnumerate(connection_struct *conn,uint16 vuid, char *pa print_queue_struct *queue=NULL; print_status_struct status; + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); memset((char *)&status,'\0',sizeof(status)); - p = skip_string(p,1); - uLevel = SVAL(p,0); + p = skip_string(param,tpscnt,p); + if (!p) { + return False; + } + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name)); @@ -3479,9 +3772,13 @@ static int check_printdest_info(struct pack_desc* desc, desc->format = "zzzWWzzzWW"; break; default: + DEBUG(0,("check_printdest_info: invalid level %d\n", + uLevel)); return False; } - if (strcmp(desc->format,id) != 0) { + if (id == NULL || strcmp(desc->format,id) != 0) { + DEBUG(0,("check_printdest_info: invalid string %s\n", + id ? id : "<NULL>" )); return False; } return True; @@ -3523,24 +3820,33 @@ static void fill_printdest_info(connection_struct *conn, int snum, int uLevel, } } -static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); char* PrinterName = p; int uLevel; struct pack_desc desc; int snum; char *tmpdata=NULL; + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); - p = skip_string(p,1); - uLevel = SVAL(p,0); + p = skip_string(param,tpscnt,p); + if (!p) { + return False; + } + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintDestGetInfo uLevel=%d PrinterName=%s\n",uLevel,PrinterName)); @@ -3594,23 +3900,29 @@ static BOOL api_WPrintDestGetInfo(connection_struct *conn,uint16 vuid, char *par return True; } -static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintDestEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; int queuecnt; int i, n, succnt=0; struct pack_desc desc; int services = lp_numservices(); + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintDestEnum uLevel=%d\n",uLevel)); @@ -3669,21 +3981,27 @@ static BOOL api_WPrintDestEnum(connection_struct *conn,uint16 vuid, char *param, return True; } -static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; int succnt; struct pack_desc desc; + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintDriverEnum uLevel=%d\n",uLevel)); @@ -3726,21 +4044,26 @@ static BOOL api_WPrintDriverEnum(connection_struct *conn,uint16 vuid, char *para return True; } -static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param,char *data, +static BOOL api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, int mdrcnt,int mprcnt, char **rdata,char **rparam, int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; int succnt; struct pack_desc desc; + if (!str1 || !str2 || !p) { + return False; + } memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintQProcEnum uLevel=%d\n",uLevel)); @@ -3784,21 +4107,27 @@ static BOOL api_WPrintQProcEnum(connection_struct *conn,uint16 vuid, char *param return True; } -static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param,char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) +static BOOL api_WPrintPortEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; int succnt; struct pack_desc desc; + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("WPrintPortEnum uLevel=%d\n",uLevel)); @@ -3843,27 +4172,33 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param, return True; } - /**************************************************************************** List open sessions ****************************************************************************/ -static BOOL api_RNetSessionEnum(connection_struct *conn,uint16 vuid, char *param, char *data, - int mdrcnt,int mprcnt, - char **rdata,char **rparam, - int *rdata_len,int *rparam_len) + +static BOOL api_RNetSessionEnum(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt,int mprcnt, + char **rdata,char **rparam, + int *rdata_len,int *rparam_len) { - char *str1 = param+2; - char *str2 = skip_string(str1,1); - char *p = skip_string(str2,1); + char *str1 = get_safe_str_ptr(param,tpscnt,param,2); + char *str2 = skip_string(param,tpscnt,str1); + char *p = skip_string(param,tpscnt,str2); int uLevel; struct pack_desc desc; struct sessionid *session_list; int i, num_sessions; + if (!str1 || !str2 || !p) { + return False; + } + memset((char *)&desc,'\0',sizeof(desc)); - uLevel = SVAL(p,0); + uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); DEBUG(3,("RNetSessionEnum uLevel=%d\n",uLevel)); DEBUG(7,("RNetSessionEnum req string=%s\n",str1)); @@ -3950,10 +4285,12 @@ static BOOL api_TooSmall(connection_struct *conn,uint16 vuid, char *param, char The request is not supported. ****************************************************************************/ -static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, char *param, char *data, - int mdrcnt, int mprcnt, - char **rdata, char **rparam, - int *rdata_len, int *rparam_len) +static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, + char *param, int tpscnt, + char *data, int tdscnt, + int mdrcnt, int mprcnt, + char **rdata, char **rparam, + int *rdata_len, int *rparam_len) { *rparam_len = 4; *rparam = SMB_REALLOC_LIMIT(*rparam,*rparam_len); @@ -3974,7 +4311,9 @@ static BOOL api_Unsupported(connection_struct *conn, uint16 vuid, char *param, c static const struct { const char *name; int id; - BOOL (*fn)(connection_struct *,uint16,char *,char *, + BOOL (*fn)(connection_struct *, uint16, + char *, int, + char *, int, int,int,char **,char **,int *,int *); BOOL auth_user; /* Deny anonymous access? */ } api_commands[] = { @@ -4029,6 +4368,8 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * int api_command; char *rdata = NULL; char *rparam = NULL; + const char *name1 = NULL; + const char *name2 = NULL; int rdata_len = 0; int rparam_len = 0; BOOL reply=False; @@ -4039,12 +4380,25 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * return 0; } + if (tpscnt < 2) { + return 0; + } api_command = SVAL(params,0); + /* Is there a string at position params+2 ? */ + if (skip_string(params,tpscnt,params+2)) { + name1 = params + 2; + } else { + name1 = ""; + } + name2 = skip_string(params,tpscnt,params+2); + if (!name2) { + name2 = ""; + } DEBUG(3,("Got API command %d of form <%s> <%s> (tdscnt=%d,tpscnt=%d,mdrcnt=%d,mprcnt=%d)\n", api_command, - params+2, - skip_string(params+2,1), + name1, + name2, tdscnt,tpscnt,mdrcnt,mprcnt)); for (i=0;api_commands[i].name;i++) { @@ -4081,7 +4435,11 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * return -1; } - reply = api_commands[i].fn(conn,vuid,params,data,mdrcnt,mprcnt, + reply = api_commands[i].fn(conn, + vuid, + params,tpscnt, /* params + length */ + data,tdscnt, /* data + length */ + mdrcnt,mprcnt, &rdata,&rparam,&rdata_len,&rparam_len); @@ -4092,7 +4450,7 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * /* if we get False back then it's actually unsupported */ if (!reply) { - reply = api_Unsupported(conn,vuid,params,data,mdrcnt,mprcnt, + reply = api_Unsupported(conn,vuid,params,tpscnt,data,tdscnt,mdrcnt,mprcnt, &rdata,&rparam,&rdata_len,&rparam_len); } diff --git a/source/smbd/msdfs.c b/source/smbd/msdfs.c index 284061331bf..6fa81ddc29b 100644 --- a/source/smbd/msdfs.c +++ b/source/smbd/msdfs.c @@ -170,7 +170,7 @@ static NTSTATUS parse_dfs_path(const char *pathname, Note this CHANGES CWD !!!! JRA. *********************************************************/ -static BOOL create_conn_struct(connection_struct *conn, int snum, const char *path) +static NTSTATUS create_conn_struct(connection_struct *conn, int snum, const char *path) { pstring connpath; @@ -183,12 +183,12 @@ static BOOL create_conn_struct(connection_struct *conn, int snum, const char *pa if ((conn->mem_ctx=talloc_init("connection_struct")) == NULL) { DEBUG(0,("talloc_init(connection_struct) failed!\n")); - return False; + return NT_STATUS_NO_MEMORY; } if (!(conn->params = TALLOC_ZERO_P(conn->mem_ctx, struct share_params))) { DEBUG(0, ("TALLOC failed\n")); - return False; + return NT_STATUS_NO_MEMORY; } conn->params->service = snum; @@ -196,9 +196,10 @@ static BOOL create_conn_struct(connection_struct *conn, int snum, const char *pa set_conn_connectpath(conn, connpath); if (!smbd_vfs_init(conn)) { + NTSTATUS status = map_nt_error_from_unix(errno); DEBUG(0,("create_conn_struct: smbd_vfs_init failed.\n")); conn_free_internal(conn); - return False; + return status; } /* @@ -208,13 +209,14 @@ static BOOL create_conn_struct(connection_struct *conn, int snum, const char *pa */ if (vfs_ChDir(conn,conn->connectpath) != 0) { + NTSTATUS status = map_nt_error_from_unix(errno); DEBUG(3,("create_conn_struct: Can't ChDir to new conn path %s. Error was %s\n", conn->connectpath, strerror(errno) )); conn_free_internal(conn); - return False; + return status; } - return True; + return NT_STATUS_OK; } /********************************************************************** @@ -249,6 +251,10 @@ static BOOL parse_msdfs_symlink(TALLOC_CTX *ctx, pstrcpy(temp,target); prot = strtok(temp,":"); + if (!prot) { + DEBUG(0,("parse_msdfs_symlink: invalid path !\n")); + return False; + } /* parse out the alternate paths */ while((count<MAX_REFERRAL_COUNT) && @@ -538,7 +544,7 @@ static NTSTATUS dfs_redirect( connection_struct *conn, Return a self referral. **********************************************************************/ -static BOOL self_ref(TALLOC_CTX *ctx, +static NTSTATUS self_ref(TALLOC_CTX *ctx, const char *dfs_path, struct junction_map *jucn, int *consumedcntp, @@ -551,7 +557,7 @@ static BOOL self_ref(TALLOC_CTX *ctx, jucn->referral_count = 1; if((ref = TALLOC_ZERO_P(ctx, struct referral)) == NULL) { DEBUG(0,("self_ref: talloc failed for referral\n")); - return False; + return NT_STATUS_NO_MEMORY; } pstrcpy(ref->alternate_path,dfs_path); @@ -559,7 +565,7 @@ static BOOL self_ref(TALLOC_CTX *ctx, ref->ttl = REFERRAL_TTL; jucn->referral_list = ref; *consumedcntp = strlen(dfs_path); - return True; + return NT_STATUS_OK; } /********************************************************************** @@ -567,7 +573,7 @@ static BOOL self_ref(TALLOC_CTX *ctx, junction_map structure. **********************************************************************/ -BOOL get_referred_path(TALLOC_CTX *ctx, +NTSTATUS get_referred_path(TALLOC_CTX *ctx, const char *dfs_path, struct junction_map *jucn, int *consumedcntp, @@ -579,8 +585,7 @@ BOOL get_referred_path(TALLOC_CTX *ctx, pstring conn_path; pstring targetpath; int snum; - NTSTATUS status; - BOOL ret = False; + NTSTATUS status = NT_STATUS_NOT_FOUND; BOOL dummy; ZERO_STRUCT(conns); @@ -589,14 +594,14 @@ BOOL get_referred_path(TALLOC_CTX *ctx, status = parse_dfs_path(dfs_path, False, &dp, &dummy); if (!NT_STATUS_IS_OK(status)) { - return False; + return status; } /* Verify hostname in path */ if (!is_myname_or_ipaddr(dp.hostname)) { DEBUG(3, ("get_referred_path: Invalid hostname %s in path %s\n", dp.hostname, dfs_path)); - return False; + return NT_STATUS_NOT_FOUND; } fstrcpy(jucn->service_name, dp.servicename); @@ -606,14 +611,14 @@ BOOL get_referred_path(TALLOC_CTX *ctx, snum = lp_servicenumber(jucn->service_name); if(snum < 0) { if ((snum = find_service(jucn->service_name)) < 0) { - return False; + return NT_STATUS_NOT_FOUND; } } if (!lp_msdfs_root(snum)) { DEBUG(3,("get_referred_path: |%s| in dfs path %s is not a dfs root.\n", dp.servicename, dfs_path)); - goto out; + return NT_STATUS_NOT_FOUND; } /* @@ -642,7 +647,7 @@ BOOL get_referred_path(TALLOC_CTX *ctx, jucn->referral_count = 1; if ((ref = TALLOC_ZERO_P(ctx, struct referral)) == NULL) { DEBUG(0, ("malloc failed for referral\n")); - goto out; + return NT_STATUS_NO_MEMORY; } pstrcpy(ref->alternate_path, lp_msdfs_proxy(snum)); @@ -653,13 +658,13 @@ BOOL get_referred_path(TALLOC_CTX *ctx, ref->ttl = REFERRAL_TTL; jucn->referral_list = ref; *consumedcntp = strlen(dfs_path); - ret = True; - goto out; + return NT_STATUS_OK; } pstrcpy(conn_path, lp_pathname(snum)); - if (!create_conn_struct(conn, snum, conn_path)) { - return False; + status = create_conn_struct(conn, snum, conn_path); + if (!NT_STATUS_IS_OK(status)) { + return status; } /* If this is a DFS path dfs_lookup should return @@ -671,7 +676,8 @@ BOOL get_referred_path(TALLOC_CTX *ctx, if (!NT_STATUS_EQUAL(status, NT_STATUS_PATH_NOT_COVERED)) { DEBUG(3,("get_referred_path: No valid referrals for path %s\n", dfs_path)); - goto out; + conn_free_internal(conn); + return status; } /* We know this is a valid dfs link. Parse the targetpath. */ @@ -680,15 +686,12 @@ BOOL get_referred_path(TALLOC_CTX *ctx, &jucn->referral_count)) { DEBUG(3,("get_referred_path: failed to parse symlink " "target %s\n", targetpath )); - goto out; + conn_free_internal(conn); + return NT_STATUS_NOT_FOUND; } - ret = True; - -out: - conn_free_internal(conn); - return ret; + return NT_STATUS_OK; } static int setup_ver2_dfs_referral(const char *pathname, @@ -886,7 +889,7 @@ static int setup_ver3_dfs_referral(const char *pathname, int setup_dfs_referral(connection_struct *orig_conn, const char *dfs_path, int max_referral_level, - char **ppdata) + char **ppdata, NTSTATUS *pstatus) { struct junction_map junction; int consumedcnt = 0; @@ -897,6 +900,7 @@ int setup_dfs_referral(connection_struct *orig_conn, TALLOC_CTX *ctx; if (!(ctx=talloc_init("setup_dfs_referral"))) { + *pstatus = NT_STATUS_NO_MEMORY; return -1; } @@ -905,6 +909,7 @@ int setup_dfs_referral(connection_struct *orig_conn, /* get the junction entry */ if (!dfs_path) { talloc_destroy(ctx); + *pstatus = NT_STATUS_NOT_FOUND; return -1; } @@ -920,7 +925,8 @@ int setup_dfs_referral(connection_struct *orig_conn, } /* The following call can change cwd. */ - if (!get_referred_path(ctx, pathnamep, &junction, &consumedcnt, &self_referral)) { + *pstatus = get_referred_path(ctx, pathnamep, &junction, &consumedcnt, &self_referral); + if (!NT_STATUS_IS_OK(*pstatus)) { vfs_ChDir(orig_conn,orig_conn->connectpath); talloc_destroy(ctx); return -1; @@ -961,6 +967,7 @@ int setup_dfs_referral(connection_struct *orig_conn, default: DEBUG(0,("setup_dfs_referral: Invalid dfs referral version: %d\n", max_referral_level)); talloc_destroy(ctx); + *pstatus = NT_STATUS_INVALID_LEVEL; return -1; } @@ -970,6 +977,7 @@ int setup_dfs_referral(connection_struct *orig_conn, } talloc_destroy(ctx); + *pstatus = NT_STATUS_OK; return reply_size; } @@ -1037,7 +1045,7 @@ static BOOL junction_to_local_path(struct junction_map *jucn, safe_strcat(path, jucn->volume_name, max_pathlen-1); pstrcpy(conn_path, lp_pathname(snum)); - if (!create_conn_struct(conn_out, snum, conn_path)) { + if (!NT_STATUS_IS_OK(create_conn_struct(conn_out, snum, conn_path))) { return False; } @@ -1156,7 +1164,7 @@ static int form_junctions(TALLOC_CTX *ctx, * Fake up a connection struct for the VFS layer. */ - if (!create_conn_struct(&conn, snum, connect_path)) { + if (!NT_STATUS_IS_OK(create_conn_struct(&conn, snum, connect_path))) { return 0; } @@ -1252,7 +1260,7 @@ NTSTATUS resolve_dfspath(connection_struct *conn, BOOL dfs_pathnames, pstring na { NTSTATUS status = NT_STATUS_OK; BOOL dummy; - if (dfs_pathnames && lp_host_msdfs() && lp_msdfs_root(SNUM(conn))) { + if (dfs_pathnames) { status = dfs_redirect(conn, name, False, &dummy); } return status; @@ -1268,7 +1276,7 @@ NTSTATUS resolve_dfspath(connection_struct *conn, BOOL dfs_pathnames, pstring na NTSTATUS resolve_dfspath_wcard(connection_struct *conn, BOOL dfs_pathnames, pstring name, BOOL *ppath_contains_wcard) { NTSTATUS status = NT_STATUS_OK; - if (dfs_pathnames && lp_host_msdfs() && lp_msdfs_root(SNUM(conn))) { + if (dfs_pathnames) { status = dfs_redirect(conn, name, True, ppath_contains_wcard); } return status; diff --git a/source/smbd/nttrans.c b/source/smbd/nttrans.c index 2a49e1f4a64..fe2cb05bf3e 100644 --- a/source/smbd/nttrans.c +++ b/source/smbd/nttrans.c @@ -374,6 +374,7 @@ static int do_ntcreate_pipe_open(connection_struct *conn, int ret; int pnum = -1; char *p = NULL; + uint32 flags = IVAL(inbuf,smb_ntcreate_Flags); srvstr_pull_buf(inbuf, fname, smb_buf(inbuf), sizeof(fname), STR_TERMINATE); @@ -385,7 +386,17 @@ static int do_ntcreate_pipe_open(connection_struct *conn, * Deal with pipe return. */ - set_message(outbuf,34,0,True); + if (flags & EXTENDED_RESPONSE_REQUIRED) { + /* This is very strange. We + * return 50 words, but only set + * the wcnt to 42 ? It's definately + * what happens on the wire.... + */ + set_message(outbuf,50,0,True); + SCVAL(outbuf,smb_wct,42); + } else { + set_message(outbuf,34,0,True); + } p = outbuf + smb_vwv2; p++; @@ -400,6 +411,18 @@ static int do_ntcreate_pipe_open(connection_struct *conn, SSVAL(p,0,FILE_TYPE_MESSAGE_MODE_PIPE); /* Device state. */ SSVAL(p,2, 0x5FF); /* ? */ + p += 4; + + if (flags & EXTENDED_RESPONSE_REQUIRED) { + p += 26; + SIVAL(p,0,FILE_GENERIC_ALL); + /* + * For pipes W2K3 seems to return + * 0x12019B next. + * This is ((FILE_GENERIC_READ|FILE_GENERIC_WRITE) & ~FILE_APPEND_DATA) + */ + SIVAL(p,4,(FILE_GENERIC_READ|FILE_GENERIC_WRITE)&~FILE_APPEND_DATA); + } DEBUG(5,("do_ntcreate_pipe_open: open pipe = %s\n", fname)); @@ -847,13 +870,18 @@ int reply_ntcreate_and_X(connection_struct *conn, extended_oplock_granted = True; } -#if 0 - /* W2K sends back 42 words here ! If we do the same it breaks offline sync. Go figure... ? JRA. */ - set_message(outbuf,42,0,True); -#else - set_message(outbuf,34,0,True); -#endif - + if (flags & EXTENDED_RESPONSE_REQUIRED) { + /* This is very strange. We + * return 50 words, but only set + * the wcnt to 42 ? It's definately + * what happens on the wire.... + */ + set_message(outbuf,50,0,True); + SCVAL(outbuf,smb_wct,42); + } else { + set_message(outbuf,34,0,True); + } + p = outbuf + smb_vwv2; /* @@ -914,6 +942,17 @@ int reply_ntcreate_and_X(connection_struct *conn, p += 4; SCVAL(p,0,fsp->is_directory ? 1 : 0); + if (flags & EXTENDED_RESPONSE_REQUIRED) { + uint32 perms = 0; + p += 26; + if (fsp->is_directory || can_write_to_file(conn, fname, &sbuf)) { + perms = FILE_GENERIC_ALL; + } else { + perms = FILE_GENERIC_READ|FILE_EXECUTE; + } + SIVAL(p,0,perms); + } + DEBUG(5,("reply_ntcreate_and_X: fnum = %d, open name = %s\n", fsp->fnum, fsp->fsp_name)); result = chain_reply(inbuf,outbuf,length,bufsize); @@ -936,6 +975,8 @@ static int do_nt_transact_create_pipe( connection_struct *conn, char *inbuf, cha int pnum = -1; char *p = NULL; NTSTATUS status; + size_t param_len; + uint32 flags; /* * Ensure minimum number of parameters sent. @@ -946,6 +987,8 @@ static int do_nt_transact_create_pipe( connection_struct *conn, char *inbuf, cha return ERROR_DOS(ERRDOS,ERRnoaccess); } + flags = IVAL(params,0); + srvstr_get_path(inbuf, fname, params+53, sizeof(fname), parameter_count-53, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { return ERROR_NT(status); @@ -956,7 +999,13 @@ static int do_nt_transact_create_pipe( connection_struct *conn, char *inbuf, cha } /* Realloc the size of parameters and data we will return */ - params = nttrans_realloc(ppparams, 69); + if (flags & EXTENDED_RESPONSE_REQUIRED) { + /* Extended response is 32 more byyes. */ + param_len = 101; + } else { + param_len = 69; + } + params = nttrans_realloc(ppparams, param_len); if(params == NULL) { return ERROR_DOS(ERRDOS,ERRnomem); } @@ -977,11 +1026,23 @@ static int do_nt_transact_create_pipe( connection_struct *conn, char *inbuf, cha SSVAL(p,0,FILE_TYPE_MESSAGE_MODE_PIPE); /* Device state. */ SSVAL(p,2, 0x5FF); /* ? */ + p += 4; + if (flags & EXTENDED_RESPONSE_REQUIRED) { + p += 26; + SIVAL(p,0,FILE_GENERIC_ALL); + /* + * For pipes W2K3 seems to return + * 0x12019B next. + * This is ((FILE_GENERIC_READ|FILE_GENERIC_WRITE) & ~FILE_APPEND_DATA) + */ + SIVAL(p,4,(FILE_GENERIC_READ|FILE_GENERIC_WRITE)&~FILE_APPEND_DATA); + } + DEBUG(5,("do_nt_transact_create_pipe: open name = %s\n", fname)); /* Send the required number of replies */ - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, 69, *ppdata, 0); + send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, param_len, *ppdata, 0); return -1; } @@ -1126,6 +1187,7 @@ static int call_nt_transact_create(connection_struct *conn, char *inbuf, char *o TALLOC_CTX *ctx = NULL; char *pdata = NULL; NTSTATUS status; + size_t param_len; DEBUG(5,("call_nt_transact_create\n")); @@ -1496,7 +1558,13 @@ static int call_nt_transact_create(connection_struct *conn, char *inbuf, char *o } /* Realloc the size of parameters and data we will return */ - params = nttrans_realloc(ppparams, 69); + if (flags & EXTENDED_RESPONSE_REQUIRED) { + /* Extended response is 32 more byyes. */ + param_len = 101; + } else { + param_len = 69; + } + params = nttrans_realloc(ppparams, param_len); if(params == NULL) { return ERROR_DOS(ERRDOS,ERRnomem); } @@ -1555,10 +1623,21 @@ static int call_nt_transact_create(connection_struct *conn, char *inbuf, char *o p += 4; SCVAL(p,0,fsp->is_directory ? 1 : 0); + if (flags & EXTENDED_RESPONSE_REQUIRED) { + uint32 perms = 0; + p += 26; + if (fsp->is_directory || can_write_to_file(conn, fname, &sbuf)) { + perms = FILE_GENERIC_ALL; + } else { + perms = FILE_GENERIC_READ|FILE_EXECUTE; + } + SIVAL(p,0,perms); + } + DEBUG(5,("call_nt_transact_create: open name = %s\n", fname)); /* Send the required number of replies */ - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, 69, *ppdata, 0); + send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, param_len, *ppdata, 0); return -1; } diff --git a/source/smbd/quotas.c b/source/smbd/quotas.c index bb88957731f..ddfcb8e0f86 100644 --- a/source/smbd/quotas.c +++ b/source/smbd/quotas.c @@ -238,7 +238,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB if (!found) return(False); - become_root_uid_only(); + become_root(); if (strcmp(mnt->mnt_type, "xfs")==0) { r=get_smb_linux_xfs_quota(mnt->mnt_fsname, euser_id, egrp_id, &D); @@ -251,7 +251,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB } } - unbecome_root_uid_only(); + unbecome_root(); /* Use softlimit to determine disk space, except when it has been exceeded */ *bsize = D.bsize; @@ -655,20 +655,20 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB if ( ! found ) return(False) ; - become_root_uid_only(); + become_root(); #if defined(SUNOS5) if ( strcmp( mnt.mnt_fstype, "nfs" ) == 0) { BOOL retval; DEBUG(5,("disk_quotas: looking for mountpath (NFS) \"%s\"\n", mnt.mnt_special)); retval = nfs_quotas(mnt.mnt_special, euser_id, bsize, dfree, dsize); - unbecome_root_uid_only(); + unbecome(); return retval; } DEBUG(5,("disk_quotas: looking for quotas file \"%s\"\n", name)); if((file=sys_open(name, O_RDONLY,0))<0) { - unbecome_root_uid_only(); + unbecome_root(); return(False); } command.op = Q_GETQUOTA; @@ -681,7 +681,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB ret = quotactl(Q_GETQUOTA, name, euser_id, &D); #endif - unbecome_root_uid_only(); + unbecome_root(); if (ret < 0) { DEBUG(5,("disk_quotas ioctl (Solaris) failed. Error = %s\n", strerror(errno) )); @@ -841,7 +841,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB } euser_id=geteuid(); - become_root_uid_only(); + become_root(); /* Use softlimit to determine disk space, except when it has been exceeded */ @@ -851,7 +851,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB { r=quotactl (Q_GETQUOTA, mnt->mnt_fsname, euser_id, (caddr_t) &D); - unbecome_root_uid_only(); + unbecome_root(); if (r==-1) return(False); @@ -882,7 +882,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB { r=quotactl (Q_XGETQUOTA, mnt->mnt_fsname, euser_id, (caddr_t) &F); - unbecome_root_uid_only(); + unbecome_root(); if (r==-1) { @@ -916,7 +916,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB } else { - unbecome_root_uid_only(); + unbecome_root(); return(False); } @@ -936,6 +936,10 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB #define dqb_curfiles dqb_curinodes #define dqb_fhardlimit dqb_ihardlimit #define dqb_fsoftlimit dqb_isoftlimit +#ifdef _AIXVERSION_530 +#include <sys/statfs.h> +#include <sys/vmount.h> +#endif /* AIX 5.3 */ #else /* !__FreeBSD__ && !AIX && !__OpenBSD__ && !__DragonFly__ */ #include <sys/quota.h> #include <devnm.h> @@ -1180,13 +1184,13 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB return False; #endif - become_root_uid_only(); + become_root(); #if defined(__FreeBSD__) || defined(__DragonFly__) if (strcmp(mnts[i].f_fstypename,"nfs") == 0) { BOOL retval; retval = nfs_quotas(mnts[i].f_mntfromname,euser_id,bsize,dfree,dsize); - unbecome_root_uid_only(); + unbecome_root(); return retval; } #endif @@ -1200,16 +1204,42 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB r= quotactl(path,QCMD(Q_GETQUOTA,GRPQUOTA),egrp_id,(char *) &D); } - unbecome_root_uid_only(); + unbecome_root(); } #elif defined(AIX) /* AIX has both USER and GROUP quotas: Get the USER quota (ohnielse@fysik.dtu.dk) */ +#ifdef _AIXVERSION_530 + { + struct statfs statbuf; + quota64_t user_quota; + if (statfs(path,&statbuf) != 0) + return False; + if(statbuf.f_vfstype == MNT_J2) + { + /* For some reason we need to be root for jfs2 */ + become_root(); + r = quotactl(path,QCMD(Q_J2GETQUOTA,USRQUOTA),euser_id,(char *) &user_quota); + unbecome_root(); + /* Copy results to old struct to let the following code work as before */ + D.dqb_curblocks = user_quota.bused; + D.dqb_bsoftlimit = user_quota.bsoft; + D.dqb_bhardlimit = user_quota.bhard; + } + else if(statbuf.f_vfstype == MNT_JFS) + { +#endif /* AIX 5.3 */ save_re_uid(); if (set_re_uid() != 0) return False; r= quotactl(path,QCMD(Q_GETQUOTA,USRQUOTA),euser_id,(char *) &D); restore_re_uid(); +#ifdef _AIXVERSION_530 + } + else + r = 1; /* Fail for other FS-types */ + } +#endif /* AIX 5.3 */ #else /* !__FreeBSD__ && !AIX && !__OpenBSD__ && !__DragonFly__ */ r=quotactl(Q_GETQUOTA, dev_disk, euser_id, &D); #endif /* !__FreeBSD__ && !AIX && !__OpenBSD__ && !__DragonFly__ */ diff --git a/source/smbd/reply.c b/source/smbd/reply.c index 14b16e1ae23..98d72ba742b 100644 --- a/source/smbd/reply.c +++ b/source/smbd/reply.c @@ -451,6 +451,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt int passlen = SVAL(inbuf,smb_vwv3); pstring path; char *p, *q; + uint16 tcon_flags = SVAL(inbuf,smb_vwv2); START_PROFILE(SMBtconX); @@ -521,7 +522,27 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt /* NT sets the fstype of IPC$ to the null string */ const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); - set_message(outbuf,3,0,True); + if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) { + /* Return permissions. */ + uint32 perm1 = 0; + uint32 perm2 = 0; + + set_message(outbuf,7,0,True); + + if (IS_IPC(conn)) { + perm1 = FILE_ALL_ACCESS; + perm2 = FILE_ALL_ACCESS; + } else { + perm1 = CAN_WRITE(conn) ? + SHARE_ALL_ACCESS : + SHARE_READ_ONLY; + } + + SIVAL(outbuf, smb_vwv3, perm1); + SIVAL(outbuf, smb_vwv5, perm2); + } else { + set_message(outbuf,3,0,True); + } p = smb_buf(outbuf); p += srvstr_push(outbuf, p, server_devicetype, -1, diff --git a/source/smbd/service.c b/source/smbd/service.c index b38a4c869c8..bfe9649ea4a 100644 --- a/source/smbd/service.c +++ b/source/smbd/service.c @@ -814,10 +814,28 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, */ { + BOOL can_write = False; NT_USER_TOKEN *token = conn->nt_user_token ? - conn->nt_user_token : vuser->nt_user_token; + conn->nt_user_token : + (vuser ? vuser->nt_user_token : NULL); + + /* + * I don't believe this can happen. But the + * logic above is convoluted enough to confuse + * automated checkers, so be sure. JRA. + */ + + if (token == NULL) { + DEBUG(0,("make_connection: connection to %s " + "denied due to missing " + "NT token.\n", + lp_servicename(snum))); + conn_free(conn); + *status = NT_STATUS_ACCESS_DENIED; + return NULL; + } - BOOL can_write = share_access_check(token, + can_write = share_access_check(token, lp_servicename(snum), FILE_WRITE_DATA); diff --git a/source/smbd/sesssetup.c b/source/smbd/sesssetup.c index ff1b2821cca..05a5962056c 100644 --- a/source/smbd/sesssetup.c +++ b/source/smbd/sesssetup.c @@ -1060,6 +1060,11 @@ static int reply_sesssetup_and_X_spnego(connection_struct *conn, char *inbuf, native_os, native_lanman, primary_domain)); if ( ra_type == RA_WIN2K ) { + /* Vista sets neither the OS or lanman strings */ + + if ( !strlen(native_os) && !strlen(native_lanman) ) + set_remote_arch(RA_VISTA); + /* Windows 2003 doesn't set the native lanman string, but does set primary domain which is a bug I think */ diff --git a/source/smbd/trans2.c b/source/smbd/trans2.c index deb5db1bafe..5efad04b550 100644 --- a/source/smbd/trans2.c +++ b/source/smbd/trans2.c @@ -1601,13 +1601,17 @@ static BOOL get_lanman2_dir_entry(connection_struct *conn, DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_FILE_UNIX\n")); p = store_file_unix_basic(conn, p, NULL, &sbuf); + len = srvstr_push(outbuf, p, fname, -1, STR_TERMINATE); } else { DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_FILE_UNIX_INFO2\n")); p = store_file_unix_basic_info2(conn, p, NULL, &sbuf); + nameptr = p; + p += 4; + len = srvstr_push(outbuf, p, fname, -1, 0); + SIVAL(nameptr, 0, len); } - len = srvstr_push(outbuf, p, fname, -1, STR_TERMINATE); p += len; SIVAL(p,0,0); /* Ensure any padding is null. */ @@ -5295,17 +5299,20 @@ static NTSTATUS smb_posix_mkdir(connection_struct *conn, SIVAL(pdata,4,info); /* Was directory created. */ switch (info_level_return) { - case SMB_QUERY_FILE_UNIX_BASIC: - SSVAL(pdata,8,SMB_QUERY_FILE_UNIX_BASIC); - SSVAL(pdata,10,0); /* Padding. */ - store_file_unix_basic(conn, pdata + 12, fsp, psbuf); - case SMB_QUERY_FILE_UNIX_INFO2: - SSVAL(pdata,8,SMB_QUERY_FILE_UNIX_INFO2); - SSVAL(pdata,10,0); /* Padding. */ - store_file_unix_basic_info2(conn, pdata + 12, fsp, psbuf); - default: - SSVAL(pdata,8,SMB_NO_INFO_LEVEL_RETURNED); - SSVAL(pdata,10,0); /* Padding. */ + case SMB_QUERY_FILE_UNIX_BASIC: + SSVAL(pdata,8,SMB_QUERY_FILE_UNIX_BASIC); + SSVAL(pdata,10,0); /* Padding. */ + store_file_unix_basic(conn, pdata + 12, fsp, psbuf); + break; + case SMB_QUERY_FILE_UNIX_INFO2: + SSVAL(pdata,8,SMB_QUERY_FILE_UNIX_INFO2); + SSVAL(pdata,10,0); /* Padding. */ + store_file_unix_basic_info2(conn, pdata + 12, fsp, psbuf); + break; + default: + SSVAL(pdata,8,SMB_NO_INFO_LEVEL_RETURNED); + SSVAL(pdata,10,0); /* Padding. */ + break; } return status; @@ -5479,17 +5486,20 @@ static NTSTATUS smb_posix_open(connection_struct *conn, SIVAL(pdata,4,info); /* Was file created etc. */ switch (info_level_return) { - case SMB_QUERY_FILE_UNIX_BASIC: - SSVAL(pdata,8,SMB_QUERY_FILE_UNIX_BASIC); - SSVAL(pdata,10,0); /* padding. */ - store_file_unix_basic(conn, pdata + 12, fsp, psbuf); - case SMB_QUERY_FILE_UNIX_INFO2: - SSVAL(pdata,8,SMB_QUERY_FILE_UNIX_INFO2); - SSVAL(pdata,10,0); /* padding. */ - store_file_unix_basic_info2(conn, pdata + 12, fsp, psbuf); - default: - SSVAL(pdata,8,SMB_NO_INFO_LEVEL_RETURNED); - SSVAL(pdata,10,0); /* padding. */ + case SMB_QUERY_FILE_UNIX_BASIC: + SSVAL(pdata,8,SMB_QUERY_FILE_UNIX_BASIC); + SSVAL(pdata,10,0); /* padding. */ + store_file_unix_basic(conn, pdata + 12, fsp, psbuf); + break; + case SMB_QUERY_FILE_UNIX_INFO2: + SSVAL(pdata,8,SMB_QUERY_FILE_UNIX_INFO2); + SSVAL(pdata,10,0); /* padding. */ + store_file_unix_basic_info2(conn, pdata + 12, fsp, psbuf); + break; + default: + SSVAL(pdata,8,SMB_NO_INFO_LEVEL_RETURNED); + SSVAL(pdata,10,0); /* padding. */ + break; } return NT_STATUS_OK; } @@ -6153,6 +6163,7 @@ static int call_trans2getdfsreferral(connection_struct *conn, char* inbuf, char* pstring pathname; int reply_size = 0; int max_referral_level; + NTSTATUS status = NT_STATUS_OK; DEBUG(10,("call_trans2getdfsreferral\n")); @@ -6166,8 +6177,8 @@ static int call_trans2getdfsreferral(connection_struct *conn, char* inbuf, char* return ERROR_DOS(ERRDOS,ERRbadfunc); srvstr_pull(inbuf, pathname, ¶ms[2], sizeof(pathname), total_params - 2, STR_TERMINATE); - if((reply_size = setup_dfs_referral(conn, pathname,max_referral_level,ppdata)) < 0) - return UNIXERROR(ERRDOS,ERRbadfile); + if((reply_size = setup_dfs_referral(conn, pathname,max_referral_level,ppdata,&status)) < 0) + return ERROR_NT(status); SSVAL(outbuf,smb_flg2,SVAL(outbuf,smb_flg2) | FLAGS2_DFS_PATHNAMES); send_trans2_replies(outbuf,bufsize,0,0,*ppdata,reply_size, max_data_bytes); diff --git a/source/smbd/vfs.c b/source/smbd/vfs.c index 82ea602187c..0803ffb7e70 100644 --- a/source/smbd/vfs.c +++ b/source/smbd/vfs.c @@ -174,7 +174,7 @@ BOOL vfs_init_custom(connection_struct *conn, const char *vfs_object) DEBUG(5, ("Checking operation #%d (type %d, layer %d)\n", i, ops[i].type, ops[i].layer)); if(ops[i].layer == SMB_VFS_LAYER_OPAQUE) { /* If this operation was already made opaque by different module, it - * will be overridded here. + * will be overridden here. */ DEBUGADD(5, ("Making operation type %d opaque [module %s]\n", ops[i].type, vfs_object)); vfs_set_operation(&conn->vfs_opaque, ops[i].type, handle, ops[i].op); diff --git a/source/torture/pdbtest.c b/source/torture/pdbtest.c index 8b15f9629b9..b51e36e3550 100644 --- a/source/torture/pdbtest.c +++ b/source/torture/pdbtest.c @@ -236,7 +236,7 @@ int main(int argc, char **argv) uint32 expire, min_age, history; struct pdb_methods *pdb; poptContext pc; - static char *backend = NULL; + static const char *backend = NULL; static const char *unix_user = "nobody"; struct poptOption long_options[] = { {"username", 'u', POPT_ARG_STRING, &unix_user, 0, "Unix user to use for testing", "USERNAME" }, diff --git a/source/torture/torture.c b/source/torture/torture.c index 5ab28438f21..925cac3f32c 100644 --- a/source/torture/torture.c +++ b/source/torture/torture.c @@ -369,6 +369,8 @@ static BOOL rw_torture(struct cli_state *c) char buf[1024]; BOOL correct = True; + memset(buf, '\0', sizeof(buf)); + fnum2 = cli_open(c, lockfname, O_RDWR | O_CREAT | O_EXCL, DENY_NONE); if (fnum2 == -1) @@ -1049,6 +1051,8 @@ static BOOL run_tcon_test(int dummy) char buf[4]; BOOL ret = True; + memset(buf, '\0', sizeof(buf)); + if (!torture_open_connection(&cli, 0)) { return False; } diff --git a/source/utils/net_lookup.c b/source/utils/net_lookup.c index 19ba5ae7f46..1cc837248f4 100644 --- a/source/utils/net_lookup.c +++ b/source/utils/net_lookup.c @@ -238,9 +238,9 @@ static int net_lookup_kdc(int argc, const char **argv) realm.length = strlen((const char *)realm.data); } - rc = krb5_locate_kdc(ctx, &realm, (struct sockaddr **)(void *)&addrs, &num_kdcs, 0); + rc = smb_krb5_locate_kdc(ctx, &realm, (struct sockaddr **)(void *)&addrs, &num_kdcs, 0); if (rc) { - DEBUG(1, ("krb5_locate_kdc failed (%s)\n", error_message(rc))); + DEBUG(1, ("smb_krb5_locate_kdc failed (%s)\n", error_message(rc))); return -1; } for (i=0;i<num_kdcs;i++) |