diff options
author | Luke Leighton <lkcl@samba.org> | 2000-04-23 07:54:36 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 2000-04-23 07:54:36 +0000 |
commit | 78b066dc6ff6be924791e33242825b661eabdc03 (patch) | |
tree | 5c5b6d7d0ad86acefdc06b04443dec769b35f860 | |
parent | ae81e2f40d696e6d2e3a6b59b8a0d50344fff351 (diff) | |
download | samba-78b066dc6ff6be924791e33242825b661eabdc03.tar.gz samba-78b066dc6ff6be924791e33242825b661eabdc03.tar.xz samba-78b066dc6ff6be924791e33242825b661eabdc03.zip |
merge
-rw-r--r-- | source/include/proto.h | 14 | ||||
-rw-r--r-- | source/param/loadparm.c | 4 | ||||
-rw-r--r-- | source/smbd/ipc.c | 10 | ||||
-rw-r--r-- | source/smbd/reply.c | 17 |
4 files changed, 28 insertions, 17 deletions
diff --git a/source/include/proto.h b/source/include/proto.h index 1d573e66714..24ecc99d799 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -1953,6 +1953,7 @@ BOOL lp_nt_smb_support(void); BOOL lp_nt_pipe_support(void); BOOL lp_nt_acl_support(void); BOOL lp_stat_cache(void); +BOOL lp_restrict_anonymous(void); BOOL lp_host_msdfs(void); int lp_os_level(void); int lp_max_ttl(void); @@ -2404,7 +2405,7 @@ int print_queue_snum(char *qname); BOOL print_queue_pause(int snum); BOOL print_queue_resume(int snum); BOOL print_queue_purge(int snum); -void print_fsp_open(files_struct *fsp,connection_struct *conn,char *jobname); +files_struct *print_fsp_open(connection_struct *conn,char *jobname); void print_fsp_end(files_struct *fsp); /*The following definitions come from profile/profile.c */ @@ -3804,6 +3805,7 @@ BOOL update_smbpassword_file(const char *user, const char *password); /*The following definitions come from smbd/close.c */ +void close_filestruct(files_struct *fsp); int close_file(files_struct *fsp, BOOL normal_close); /*The following definitions come from smbd/conn.c */ @@ -3912,8 +3914,7 @@ void send_trans_reply(char *outbuf, prs_struct *rparam, uint16 *setup, int lsetup, int max_data_ret, BOOL pipe_data_outstanding); -int reply_trans(connection_struct * conn, char *inbuf, char *outbuf, int size, - int bufsize); +int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int bufsize); /*The following definitions come from smbd/lanman.c */ @@ -3968,11 +3969,11 @@ int reply_nttrans(connection_struct *conn, /*The following definitions come from smbd/open.c */ int fd_close(struct connection_struct *conn, files_struct *fsp); -void open_file_shared(files_struct *fsp,connection_struct *conn,char *fname,int share_mode,int ofun, +files_struct *open_file_shared(connection_struct *conn,char *fname,int share_mode,int ofun, mode_t mode,int oplock_request, int *Access,int *action); -int open_file_stat(files_struct *fsp,connection_struct *conn, +files_struct *open_file_stat(connection_struct *conn, char *fname, int smb_ofun, SMB_STRUCT_STAT *pst, int *action); -int open_directory(files_struct *fsp,connection_struct *conn, +files_struct *open_directory(connection_struct *conn, char *fname, int smb_ofun, mode_t unixmode, int *action); BOOL check_file_sharing(connection_struct *conn,char *fname, BOOL rename_op); @@ -4205,6 +4206,7 @@ int vfswrap_lstat(char *path, int vfswrap_unlink(char *path); int vfswrap_chmod(char *path, mode_t mode); int vfswrap_utime(char *path, struct utimbuf *times); +int vfswrap_ftruncate(int fd, SMB_OFF_T offset); /*The following definitions come from smbd/vfs.c */ diff --git a/source/param/loadparm.c b/source/param/loadparm.c index 18838824775..82d0b2773a9 100644 --- a/source/param/loadparm.c +++ b/source/param/loadparm.c @@ -259,6 +259,7 @@ typedef struct BOOL bNTAclSupport; BOOL bStatCache; BOOL bKernelOplocks; + BOOL bRestrictAnonymous; #if defined(HAVE_MYSQL_H) && defined(WITH_MYSQLSAM) char *sMysqlDatabase; char *sMysqlTable; @@ -646,6 +647,7 @@ static struct parm_struct parm_table[] = {"password level", P_INTEGER, P_GLOBAL, &Globals.pwordlevel, NULL, NULL, 0}, {"username level", P_INTEGER, P_GLOBAL, &Globals.unamelevel, NULL, NULL, 0}, {"unix password sync", P_BOOL, P_GLOBAL, &Globals.bUnixPasswdSync, NULL, NULL, 0}, + {"restrict anonymous", P_BOOL, P_GLOBAL, &Globals.bRestrictAnonymous,NULL, NULL, 0}, {"revalidate", P_BOOL, P_LOCAL, &sDefault.bRevalidate, NULL, NULL, FLAG_GLOBAL|FLAG_SHARE}, {"use rhosts", P_BOOL, P_GLOBAL, &Globals.bUseRhosts, NULL, NULL, 0}, {"username", P_STRING, P_LOCAL, &sDefault.szUsername, NULL, NULL, FLAG_GLOBAL|FLAG_SHARE}, @@ -1089,6 +1091,7 @@ static void init_globals(void) Globals.bNTPipeSupport = True; /* Do NT pipes by default. */ Globals.bNTAclSupport = True; /* Use NT ACLs by default. */ Globals.bStatCache = True; /* use stat cache by default */ + Globals.bRestrictAnonymous = False; Globals.map_to_guest = 0; /* By Default, "Never" */ Globals.min_passwd_length = MINPASSWDLENGTH; /* By Default, 5. */ Globals.oplock_break_wait_time = 10; /* By Default, 10 msecs. */ @@ -1463,6 +1466,7 @@ FN_GLOBAL_BOOL(lp_nt_smb_support,&Globals.bNTSmbSupport) FN_GLOBAL_BOOL(lp_nt_pipe_support,&Globals.bNTPipeSupport) FN_GLOBAL_BOOL(lp_nt_acl_support,&Globals.bNTAclSupport) FN_GLOBAL_BOOL(lp_stat_cache,&Globals.bStatCache) +FN_GLOBAL_BOOL(lp_restrict_anonymous,&Globals.bRestrictAnonymous) FN_GLOBAL_BOOL(lp_host_msdfs,&Globals.bHostMSDfs) FN_GLOBAL_INTEGER(lp_os_level,&Globals.os_level) FN_GLOBAL_INTEGER(lp_max_ttl,&Globals.max_ttl) diff --git a/source/smbd/ipc.c b/source/smbd/ipc.c index 55ceee73d46..ed4a4b58e7b 100644 --- a/source/smbd/ipc.c +++ b/source/smbd/ipc.c @@ -198,7 +198,8 @@ static void api_rpc_trans_reply(char *outbuf, char *rdata, int rlen, /**************************************************************************** WaitNamedPipeHandleState ****************************************************************************/ -static BOOL api_WNPHS(char *outbuf, pipes_struct * p, char *param, int mdrcnt) + +static BOOL api_WNPHS(char *outbuf, pipes_struct *p, char *param, int param_len) { uint16 priority; @@ -211,7 +212,7 @@ static BOOL api_WNPHS(char *outbuf, pipes_struct * p, char *param, int mdrcnt) if (wait_rpc_pipe_hnd_state(p, priority)) { /* now send the reply */ - send_trans_reply(outbuf, NULL, NULL, NULL, 0, mdrcnt, False); + send_trans_reply(outbuf, NULL, NULL, NULL, 0, param_len, False); return True; } @@ -222,7 +223,8 @@ static BOOL api_WNPHS(char *outbuf, pipes_struct * p, char *param, int mdrcnt) /**************************************************************************** SetNamedPipeHandleState ****************************************************************************/ -static BOOL api_SNPHS(char *outbuf, pipes_struct * p, char *param, int mdrcnt) + +static BOOL api_SNPHS(char *outbuf, pipes_struct *p, char *param, int param_len) { uint16 id; @@ -235,7 +237,7 @@ static BOOL api_SNPHS(char *outbuf, pipes_struct * p, char *param, int mdrcnt) if (set_rpc_pipe_hnd_state(p, id)) { /* now send the reply */ - send_trans_reply(outbuf, NULL, NULL, NULL, 0, mdrcnt, False); + send_trans_reply(outbuf, NULL, NULL, NULL, 0, param_len, False); return True; } diff --git a/source/smbd/reply.c b/source/smbd/reply.c index 0256deaa812..5c560485e3a 100644 --- a/source/smbd/reply.c +++ b/source/smbd/reply.c @@ -690,24 +690,27 @@ user %s attempted down-level SMB connection\n", if ((user[strlen(user) - 1] == '$') && (smb_apasslen == 24) && (smb_ntpasslen == 24)) { - return session_trust_account(conn, inbuf, outbuf, user, + return session_trust_account(conn, inbuf, outbuf, user, domain, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen); } if (done_sesssetup && lp_restrict_anonymous()) { - /* tests show that even if browsing is done over already validated connections - * without a username and password the domain is still provided, which it - * wouldn't be if it was a purely anonymous connection. So, in order to - * restrict anonymous, we only deny connections that have no session - * information. If a domain has been provided, then it's not a purely + /* tests show that even if browsing is done over + * already validated connections without a username + * and password the domain is still provided, which it + * wouldn't be if it was a purely anonymous connection. + * So, in order to restrict anonymous, we only deny + * connections that have no session information. If a + * domain has been provided, then it's not a purely * anonymous connection. AAB */ if (!*user && !*smb_apasswd && !*domain) { DEBUG(0, - ("restrict anonymous is True and anonymous connection attempted. Denying access.\n")); + ("restrict anonymous is True and anonymous " + "connection attempted. Denying access.\n")); return (ERROR(ERRDOS, ERRnoaccess)); } } |