merge

author: Luke Leighton <lkcl@samba.org> 2000-04-23 07:54:36 +0000
committer: Luke Leighton <lkcl@samba.org> 2000-04-23 07:54:36 +0000
commit: 78b066dc6ff6be924791e33242825b661eabdc03 (patch)
tree: 5c5b6d7d0ad86acefdc06b04443dec769b35f860
parent: ae81e2f40d696e6d2e3a6b59b8a0d50344fff351 (diff)
download: samba-78b066dc6ff6be924791e33242825b661eabdc03.tar.gz
samba-78b066dc6ff6be924791e33242825b661eabdc03.tar.xz
samba-78b066dc6ff6be924791e33242825b661eabdc03.zip
4 files changed, 28 insertions, 17 deletions
diff --git a/source/include/proto.h b/source/include/proto.h
index 1d573e66714..24ecc99d799 100644
--- a/source/include/proto.h
+++ b/source/include/proto.h
@@ -1953,6 +1953,7 @@ BOOL lp_nt_smb_support(void);
 BOOL lp_nt_pipe_support(void);
 BOOL lp_nt_acl_support(void);
 BOOL lp_stat_cache(void);
+BOOL lp_restrict_anonymous(void);
 BOOL lp_host_msdfs(void);
 int lp_os_level(void);
 int lp_max_ttl(void);
@@ -2404,7 +2405,7 @@ int print_queue_snum(char *qname);
 BOOL print_queue_pause(int snum);
 BOOL print_queue_resume(int snum);
 BOOL print_queue_purge(int snum);
-void print_fsp_open(files_struct *fsp,connection_struct *conn,char *jobname);
+files_struct *print_fsp_open(connection_struct *conn,char *jobname);
 void print_fsp_end(files_struct *fsp);
 
 /*The following definitions come from  profile/profile.c  */
@@ -3804,6 +3805,7 @@ BOOL update_smbpassword_file(const char *user, const char *password);
 
 /*The following definitions come from  smbd/close.c  */
 
+void close_filestruct(files_struct *fsp);
 int close_file(files_struct *fsp, BOOL normal_close);
 
 /*The following definitions come from  smbd/conn.c  */
@@ -3912,8 +3914,7 @@ void send_trans_reply(char *outbuf,
 		      prs_struct *rparam,
 		      uint16 *setup, int lsetup, int max_data_ret,
 		      BOOL pipe_data_outstanding);
-int reply_trans(connection_struct * conn, char *inbuf, char *outbuf, int size,
-		int bufsize);
+int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int bufsize);
 
 /*The following definitions come from  smbd/lanman.c  */
 
@@ -3968,11 +3969,11 @@ int reply_nttrans(connection_struct *conn,
 /*The following definitions come from  smbd/open.c  */
 
 int fd_close(struct connection_struct *conn, files_struct *fsp);
-void open_file_shared(files_struct *fsp,connection_struct *conn,char *fname,int share_mode,int ofun,
+files_struct *open_file_shared(connection_struct *conn,char *fname,int share_mode,int ofun,
 		      mode_t mode,int oplock_request, int *Access,int *action);
-int open_file_stat(files_struct *fsp,connection_struct *conn,
+files_struct *open_file_stat(connection_struct *conn,
 		   char *fname, int smb_ofun, SMB_STRUCT_STAT *pst, int *action);
-int open_directory(files_struct *fsp,connection_struct *conn,
+files_struct *open_directory(connection_struct *conn,
 		   char *fname, int smb_ofun, mode_t unixmode, int *action);
 BOOL check_file_sharing(connection_struct *conn,char *fname, BOOL rename_op);
 
@@ -4205,6 +4206,7 @@ int vfswrap_lstat(char *path,
 int vfswrap_unlink(char *path);
 int vfswrap_chmod(char *path, mode_t mode);
 int vfswrap_utime(char *path, struct utimbuf *times);
+int vfswrap_ftruncate(int fd, SMB_OFF_T offset);
 
 /*The following definitions come from  smbd/vfs.c  */
 
diff --git a/source/param/loadparm.c b/source/param/loadparm.c
index 18838824775..82d0b2773a9 100644
--- a/source/param/loadparm.c
+++ b/source/param/loadparm.c
@@ -259,6 +259,7 @@ typedef struct
   BOOL bNTAclSupport;
   BOOL bStatCache;
   BOOL bKernelOplocks;
+  BOOL bRestrictAnonymous;
 #if defined(HAVE_MYSQL_H) && defined(WITH_MYSQLSAM)
   char *sMysqlDatabase;
   char *sMysqlTable;
@@ -646,6 +647,7 @@ static struct parm_struct parm_table[] =
   {"password level",   P_INTEGER, P_GLOBAL, &Globals.pwordlevel,        NULL,   NULL,  0},
   {"username level",   P_INTEGER, P_GLOBAL, &Globals.unamelevel,        NULL,   NULL,  0},
   {"unix password sync", P_BOOL,  P_GLOBAL, &Globals.bUnixPasswdSync,   NULL,   NULL,  0},
+  {"restrict anonymous", P_BOOL,  P_GLOBAL, &Globals.bRestrictAnonymous,NULL,   NULL,  0},
   {"revalidate",       P_BOOL,    P_LOCAL,  &sDefault.bRevalidate,      NULL,   NULL,  FLAG_GLOBAL|FLAG_SHARE},
   {"use rhosts",       P_BOOL,    P_GLOBAL, &Globals.bUseRhosts,        NULL,   NULL,  0},
   {"username",         P_STRING,  P_LOCAL,  &sDefault.szUsername,       NULL,   NULL,  FLAG_GLOBAL|FLAG_SHARE},
@@ -1089,6 +1091,7 @@ static void init_globals(void)
   Globals.bNTPipeSupport = True; /* Do NT pipes by default. */
   Globals.bNTAclSupport = True; /* Use NT ACLs by default. */
   Globals.bStatCache = True; /* use stat cache by default */
+  Globals.bRestrictAnonymous = False;
   Globals.map_to_guest = 0; /* By Default, "Never" */
   Globals.min_passwd_length = MINPASSWDLENGTH; /* By Default, 5. */
   Globals.oplock_break_wait_time = 10; /* By Default, 10 msecs. */
@@ -1463,6 +1466,7 @@ FN_GLOBAL_BOOL(lp_nt_smb_support,&Globals.bNTSmbSupport)
 FN_GLOBAL_BOOL(lp_nt_pipe_support,&Globals.bNTPipeSupport)
 FN_GLOBAL_BOOL(lp_nt_acl_support,&Globals.bNTAclSupport)
 FN_GLOBAL_BOOL(lp_stat_cache,&Globals.bStatCache)
+FN_GLOBAL_BOOL(lp_restrict_anonymous,&Globals.bRestrictAnonymous)
 FN_GLOBAL_BOOL(lp_host_msdfs,&Globals.bHostMSDfs)
 FN_GLOBAL_INTEGER(lp_os_level,&Globals.os_level)
 FN_GLOBAL_INTEGER(lp_max_ttl,&Globals.max_ttl)
diff --git a/source/smbd/ipc.c b/source/smbd/ipc.c
index 55ceee73d46..ed4a4b58e7b 100644
--- a/source/smbd/ipc.c
+++ b/source/smbd/ipc.c
@@ -198,7 +198,8 @@ static void api_rpc_trans_reply(char *outbuf, char *rdata, int rlen,
 /****************************************************************************
  WaitNamedPipeHandleState 
 ****************************************************************************/
-static BOOL api_WNPHS(char *outbuf, pipes_struct * p, char *param, int mdrcnt)
+
+static BOOL api_WNPHS(char *outbuf, pipes_struct *p, char *param, int param_len)
 {
 	uint16 priority;
 
@@ -211,7 +212,7 @@ static BOOL api_WNPHS(char *outbuf, pipes_struct * p, char *param, int mdrcnt)
 	if (wait_rpc_pipe_hnd_state(p, priority))
 	{
 		/* now send the reply */
-		send_trans_reply(outbuf, NULL, NULL, NULL, 0, mdrcnt, False);
+		send_trans_reply(outbuf, NULL, NULL, NULL, 0, param_len, False);
 
 		return True;
 	}
@@ -222,7 +223,8 @@ static BOOL api_WNPHS(char *outbuf, pipes_struct * p, char *param, int mdrcnt)
 /****************************************************************************
  SetNamedPipeHandleState 
 ****************************************************************************/
-static BOOL api_SNPHS(char *outbuf, pipes_struct * p, char *param, int mdrcnt)
+
+static BOOL api_SNPHS(char *outbuf, pipes_struct *p, char *param, int param_len)
 {
 	uint16 id;
 
@@ -235,7 +237,7 @@ static BOOL api_SNPHS(char *outbuf, pipes_struct * p, char *param, int mdrcnt)
 	if (set_rpc_pipe_hnd_state(p, id))
 	{
 		/* now send the reply */
-		send_trans_reply(outbuf, NULL, NULL, NULL, 0, mdrcnt, False);
+		send_trans_reply(outbuf, NULL, NULL, NULL, 0, param_len, False);
 
 		return True;
 	}
diff --git a/source/smbd/reply.c b/source/smbd/reply.c
index 0256deaa812..5c560485e3a 100644
--- a/source/smbd/reply.c
+++ b/source/smbd/reply.c
@@ -690,24 +690,27 @@ user %s attempted down-level SMB connection\n",
 	if ((user[strlen(user) - 1] == '$') && (smb_apasslen == 24)
 	    && (smb_ntpasslen == 24))
 	{
-		return session_trust_account(conn, inbuf, outbuf, user,
+		return session_trust_account(conn, inbuf, outbuf, user, domain,
 					     smb_apasswd, smb_apasslen,
 					     smb_ntpasswd, smb_ntpasslen);
 	}
 
 	if (done_sesssetup && lp_restrict_anonymous())
 	{
-		/* tests show that even if browsing is done over already validated connections
-		 * without a username and password the domain is still provided, which it
-		 * wouldn't be if it was a purely anonymous connection.  So, in order to
-		 * restrict anonymous, we only deny connections that have no session
-		 * information.  If a domain has been provided, then it's not a purely
+		/* tests show that even if browsing is done over
+		 * already validated connections without a username
+		 * and password the domain is still provided, which it
+		 * wouldn't be if it was a purely anonymous connection.
+		 * So, in order to restrict anonymous, we only deny
+		 * connections that have no session information.  If a
+		 * domain has been provided, then it's not a purely
 		 * anonymous connection. AAB
 		 */
 		if (!*user && !*smb_apasswd && !*domain)
 		{
 			DEBUG(0,
-			      ("restrict anonymous is True and anonymous connection attempted. Denying access.\n"));
+			      ("restrict anonymous is True and anonymous "
+			       "connection attempted. Denying access.\n"));
 			return (ERROR(ERRDOS, ERRnoaccess));
 		}
 	}
author	Luke Leighton <lkcl@samba.org>	2000-04-23 07:54:36 +0000
committer	Luke Leighton <lkcl@samba.org>	2000-04-23 07:54:36 +0000
commit	78b066dc6ff6be924791e33242825b661eabdc03 (patch)
tree	5c5b6d7d0ad86acefdc06b04443dec769b35f860
parent	ae81e2f40d696e6d2e3a6b59b8a0d50344fff351 (diff)
download	samba-78b066dc6ff6be924791e33242825b661eabdc03.tar.gz samba-78b066dc6ff6be924791e33242825b661eabdc03.tar.xz samba-78b066dc6ff6be924791e33242825b661eabdc03.zip