diff options
author | Andrew Tridgell <tridge@samba.org> | 1997-10-02 03:14:32 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 1997-10-02 03:14:32 +0000 |
commit | 44bc9f239aa0b3cdf6cf9ad8d3911e397eba7335 (patch) | |
tree | 98556ed6635130b223af0ec9664727a0869884cd /source/param | |
parent | cb83c74a6ccfc44721af65b75625a949782c758a (diff) | |
download | samba-44bc9f239aa0b3cdf6cf9ad8d3911e397eba7335.tar.gz samba-44bc9f239aa0b3cdf6cf9ad8d3911e397eba7335.tar.xz samba-44bc9f239aa0b3cdf6cf9ad8d3911e397eba7335.zip |
change the semantics of hosts allow/hosts deny so that a global
setting applies to all shares regardless of any settings on other
shares. This allows us to immediately drop a connection if it does not
come from a allowed host, without even parsing the first SMB
packet. The next time we get a nasty security hole we can offer people
the option of just setting their hosts allow line.
If we drop a connection in this way we generate a "Not listening for
calling name" response and then exit.
add a per share "oplocks" option in smb.conf. I think its important to
be able to disable oplocks on a per-share basis as there are occasions
then they are definately not wanted, for example when sharing data
between a windows box and a unix application. This also allows us to
tell people "try disabling oplocks" when diagnosing problems.
fix a bug in process_smb(). It was taking the length of the packet
from outbuf, not inbuf (this bug was introduced with the oplocks
code). Jeremy, I assume this wasn't deliberate?
Diffstat (limited to 'source/param')
-rw-r--r-- | source/param/loadparm.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/source/param/loadparm.c b/source/param/loadparm.c index 1a9771df229..fb656aa627f 100644 --- a/source/param/loadparm.c +++ b/source/param/loadparm.c @@ -257,6 +257,7 @@ typedef struct BOOL bLocking; BOOL bStrictLocking; BOOL bShareModes; + BOOL bOpLocks; BOOL bOnlyUser; BOOL bMangledNames; BOOL bWidelinks; @@ -338,6 +339,7 @@ static service sDefault = True, /* bLocking */ False, /* bStrictLocking */ True, /* bShareModes */ + True, /* bOpLocks */ False, /* bOnlyUser */ True, /* bMangledNames */ True, /* bWidelinks */ @@ -541,6 +543,7 @@ struct parm_struct {"locking", P_BOOL, P_LOCAL, &sDefault.bLocking, NULL}, {"strict locking", P_BOOL, P_LOCAL, &sDefault.bStrictLocking, NULL}, {"share modes", P_BOOL, P_LOCAL, &sDefault.bShareModes, NULL}, + {"oplocks", P_BOOL, P_LOCAL, &sDefault.bOpLocks, NULL}, {"only user", P_BOOL, P_LOCAL, &sDefault.bOnlyUser, NULL}, {"wide links", P_BOOL, P_LOCAL, &sDefault.bWidelinks, NULL}, {"follow symlinks", P_BOOL, P_LOCAL, &sDefault.bSymlinks, NULL}, @@ -935,6 +938,7 @@ FN_LOCAL_BOOL(lp_map_archive,bMap_archive) FN_LOCAL_BOOL(lp_locking,bLocking) FN_LOCAL_BOOL(lp_strict_locking,bStrictLocking) FN_LOCAL_BOOL(lp_share_modes,bShareModes) +FN_LOCAL_BOOL(lp_oplocks,bOpLocks) FN_LOCAL_BOOL(lp_onlyuser,bOnlyUser) FN_LOCAL_BOOL(lp_manglednames,bMangledNames) FN_LOCAL_BOOL(lp_widelinks,bWidelinks) @@ -1138,6 +1142,8 @@ BOOL lp_add_printer(char *pszPrintername, int iDefaultService) iSERVICE(i).bRead_only = False; /* No share modes on printer services. */ iSERVICE(i).bShareModes = False; + /* No oplocks on printer services. */ + iSERVICE(i).bOpLocks = False; /* Printer services must be printable. */ iSERVICE(i).bPrint_ok = True; |