summaryrefslogtreecommitdiffstats
path: root/source/smbd/process.c
Commit message (Collapse)AuthorAgeFilesLines
* Removed version number from file header.Tim Potter2002-01-301-2/+1
| | | | Changed "SMB/Netbios" to "SMB/CIFS" in file header.
* Check request flag for unicode capability and respond accordingly, rather ↵Jim McDonough2002-01-231-1/+2
| | | | than only doing unicode. smbfs didn't work.
* Report write fail in smb_dump.Jeremy Allison2002-01-191-1/+3
| | | | Jeremy.
* Same fix as went into 2.2 (I'm waiting for jerry to finish some code).Jeremy Allison2002-01-111-7/+7
| | | | Jeremy.
* Fixed up atomic update code.Jeremy Allison2002-01-091-2/+2
| | | | Jeremy.
* I've decided to move the auth code around a bit more...Andrew Bartlett2002-01-051-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | The auth_authsupplied_info typedef is now just a plain struct - auth_context, but it has been modified to contain the function pointers to the rest of the auth subsystem's components. (Who needs non-static functions anyway?) In working all this mess out, I fixed a number of memory leaks and moved the entire auth subsystem over to talloc(). Note that the TALLOC_CTX attached to the auth_context can be rather long-lived, it is provided for things that are intended to live as long. (The global_negprot_auth_context lasts the whole life of the smbd). I've also adjusted a few things in auth_domain.c, mainly passing the domain as a paramater to a few functions instead of looking up lp_workgroup(). I'm hopign to make this entire thing a bit more trusted domains (as PDC) freindly in the near future. Other than that, I moved a bit of the code around, hence the rather messy diff. Andrew Bartlett
* Fix talloc msg registrationMartin Pool2002-01-031-1/+1
|
* smbd children should also register for POOL_USAGEMartin Pool2002-01-031-0/+1
|
* cleanup a little namespace pollutionAndrew Tridgell2001-12-101-1/+1
|
* don't try to auto-change the trust password unless we are in domainAndrew Tridgell2001-11-271-1/+4
| | | | security
* challange -> challengeTim Potter2001-11-261-4/+4
|
* This is another rather major change to the samba authenticaionAndrew Bartlett2001-11-241-13/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett
* Don't put a \n on the end of the arg to exit_server()Tim Potter2001-11-051-1/+1
|
* Converted a bunch of 0x85 constants to SMBkeepalive.Tim Potter2001-10-201-2/+2
|
* Restored old Bmpx code - actually used by OS/2.Jeremy Allison2001-10-191-4/+4
| | | | Jeremy.
* Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.Jeremy Allison2001-10-181-6/+6
| | | | | Ensure make_conection() can only be called as root. Jeremy.
* added basic NTLMSSP support in smbd. This is still quite rough, andAndrew Tridgell2001-10-171-19/+18
| | | | | | loses things like username mapping. I wanted to get this in then discuss it a bit to see how we want to split up the existing session setup code
* Fixed inconsistent definitions of InBuf/OutBuf/last_char.Jeremy Allison2001-10-171-3/+0
| | | | | Noticed by albert chin (china@thewrittenword.com) . Jeremy.
* Fixed bug when status=no and max smbd processes > 0.Jeremy Allison2001-10-111-0/+6
| | | | Jeremy.
* Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter2001-10-021-2/+0
|
* move to SAFE_FREE()Simo Sorce2001-09-171-3/+3
|
* Fix for second logic bug when handing oplock breaks and client messagesJeremy Allison2001-09-101-1/+11
| | | | | simultaneously. Jeremy.
* Fix I think for the fcntl spinning problem. Re-prioritize soJeremy Allison2001-09-051-1/+7
| | | | | that oplock break messages get priority over incoming client messages. Jeremy.
* converted smbd to use NTSTATUS by defaultAndrew Tridgell2001-08-271-9/+9
| | | | | | | | | | | | | | | | major changes include: - added NSTATUS type - added automatic mapping between dos and nt error codes - changed all ERROR() calls to ERROR_DOS() and many to ERROR_NT() these calls auto-translate to the client error code system - got rid of the cached error code and the writebmpx code We eventually will need to also: - get rid of BOOL, so we don't lose error info - replace all ERROR_DOS() calls with ERROR_NT() calls but that is too much for one night
* force checking of log size after 200 smbd in a row or after 30 sec with noHerb Lewis2001-08-221-2/+3
| | | | | | | smbds. This should fix one case of logs not getting rotated properly. We may need to test this to make sure there is no big performance hit from the extra stat call.
* Fix inspired by Don @ HP. Close down password server connection if keepaliveJeremy Allison2001-08-091-1/+4
| | | | | fails. Jeremy.
* Fixed the nastiest locking bug to track down.... smb_pids are sent in theJeremy Allison2001-07-021-1/+1
| | | | | lockingX calls - use that instead of smb_pid in the packet. Jeremy.
* fixed usage of socklen_t and also tidied up SIG_ATOMIC_T, using a typedef ↵Andrew Tridgell2001-06-251-1/+1
| | | | instead of a define
* Fixed logic bug in timeout processing spotted by Ying Chen ↵Jeremy Allison2001-06-221-1/+1
| | | | | | <ying@almaden.ibm.com>. Jeremy.
* added a close-share smbcontrol message that forcibly closes a share in smbd ↵Andrew Tridgell2001-06-201-0/+9
| | | | (to allow unmount)
* *Wonderful* patch from Andrew Bartlett that will help ensure tdb's areJeremy Allison2001-06-091-2/+3
| | | | | cleaned on clients abending connections. Thanks Andrew ! Jeremy.
* Added tdb_change_int_atomic() to allow atomic updates of a tdb int value.Jeremy Allison2001-05-251-6/+6
| | | | Jeremy.
* Fixup the large_writex problem (a large_writex can send a full 64k of data,Jeremy Allison2001-05-241-3/+3
| | | | | we already have space for this we just need to understand the length correctly). Jeremy.
* Got "medieval on our ass" about adding the -1 to slprintf.Jeremy Allison2001-04-081-1/+1
| | | | Jeremy.
* this patch does a number of things:Andrew Tridgell2001-03-131-4/+2
| | | | | | | | | | | | | | | - removes SMB_ALIGNMENT. That macro caused all sorts of problems with getting unicode aligned right in sub-protocols (such as SMBtrans and SMBtrans2). I believe the performance reasons for having SMB_ALIGNMENT has gone away with the new variants of the SMB protocol anyway, as newer commands tend to have their own internal alignment. - fix the locations where we set smb_flg2 to absolute values. We must never do this if we want a hope of coping with unicode. - add initial support for unicode on the wire in smbd. Currently enabled using SMBD_USE_UNICODE environment variable.
* Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison2001-03-111-3/+0
| | | | | | RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy.
* Added total memory allocated counter to talloc, so we can tell if a tallocJeremy Allison2001-02-271-1/+1
| | | | | | | pool is getting bloated. Also added a talloc_zero function to return zeroed memory. Added debug in rpc_server/srv_pipe_hnd.c so we know when a talloc pool is being freed. Syncup with srv_pipe_hnd.c from 2.2 so we are freeing memory at the same time. Jeremy.
* Merge of JohnR's changes to appliance-head, JF's changes to 2.2,Jeremy Allison2001-02-121-2/+27
| | | | | updated the POSIX_ACL code to be in sync. Jeremy.
* smbd/process.c: & type with 0xff for paranioa sake...Jeremy Allison2001-01-241-0/+2
| | | | | | smbd/reply.c smbd/service.c: cause all "add home service" calls to go through a winbindd aware function. Jeremy.
* smbd/lanman.c: Fix for calling qsort with 0 number.Jeremy Allison2001-01-241-195/+330
| | | | | | | smbd/nttrans.c: Realloc mem fixes based on those that went into trans2.c smbd/process.c: Move to a table based dispatch, based on a comment from Andrew about Antons work. Jeremy.
* include/vfs.h:Jeremy Allison2001-01-231-3/+3
| | | | | | | | | | | | | smbd/vfs-wrap.c: smbd/vfs.c: Added fchmod_acl and chmod_acl. lib/substitute.c: smbd/lanman.c: smbd/open.c: smbd/process.c: smbd/reply.c: smbd/service.c: Removed sessetup_user variable. Added current_user_info struct which conatins domain info etc. Added '%D' for client domain parameter. Jeremy.
* Fix for updating of print queues changed from a local box. Essentially,Jeremy Allison2000-11-211-4/+9
| | | | | | this makes sure that the change messages sent to ourselves are handled synchronously w.r.t. other smb packets incoming. Jeremy.
* use macros for incrementing profile countersHerb Lewis2000-10-121-3/+1
|
* Remove lpq as root fix - do this in print_job_start insteadJeremy Allison2000-10-111-6/+0
| | | | | as part of print queue length processing. Jeremy.
* Fixes to periodically scan printing.tdb in idle time and occasionallyJeremy Allison2000-10-101-0/+6
| | | | | | | on exit. Needed to fix printing.tdb from groving to 300Mb+ if being driven by smbclient clients that never ask for status... (effective DOS attack :-). Jeremy.
* the first cut of the internal messaging system.Andrew Tridgell2000-09-111-0/+3
| | | | | The motivation for this system is to replace the UDP message for oplocks, but this commit only does the "set debug level" message.
* Started to canonicalize our handling of uid -> sid code in order toJeremy Allison2000-08-021-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | get ready and fix se_access_check(). Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid() functions that look via winbind first the fall back on local lookup. All Samba should use these rather than trying to call winbindd code directly. Added NT_USER_TOKEN struct in user_struct, contains list of NT sids associated with this user. se_access_check() should use this (cached) value rather than attempting to do the same thing itself when given a uid/gid pair. More work needs to be done to preserve these things accross security context changes (especially with the tricky pipe problem) but I'm beginning to see how this will be done..... probably by registering a new vuid for an authenticated RPC pipe and not treating the pipe calls specially. More thoughts needed - but we're almost there... Jeremy.
* Ok - this is a *BIG* change - but it fixes the problems with static stringsJeremy Allison2000-07-271-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | in the RPC code. This change was prompted by trying to save a long (>256) character comment in the printer properties page. The new system associates a TALLOC_CTX with the pipe struct, and frees the pool on return of a complete PDU. A global TALLOC_CTX is used for the odd buffer allocated in the BUFFERxx code, and is freed in the main loop. This code works with insure, and seems to be free of memory leaks and crashes (so far) but there are probably the occasional problem with code that uses UNISTRxx structs on the stack and expects them to contain storage without doing a init_unistrXX(). This means that rpcclient will probably be horribly broken. A TALLOC_CTX also needed associating with the struct cli_state also, to make the prs_xx code there work. The main interface change is the addition of a TALLOC_CTX to the prs_init calls - used for dynamic allocation in the prs_XXX calls. Now this is in place it should make dynamic allocation of all RPC memory on unmarshall *much* easier to fix. Jeremy.
* allow the notify implementation to choose the select timeout changeAndrew Tridgell2000-06-141-11/+11
|
* totally rewrote the async signal, notification and oplock notificationAndrew Tridgell2000-06-121-133/+120
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | handling in Samba. This was needed due to several limitations and races in the previous code - as a side effect the new code is much cleaner :) in summary: - changed sys_select() to avoid a signal/select race condition. It is a rare race but once we have signals doing notification and oplocks it is important. - changed our main processing loop to take advantage of the new sys_select semantics - split the notify code into implementaion dependent and general parts. Added the following structure that defines an implementation: struct cnotify_fns { void * (*register_notify)(connection_struct *conn, char *path, uint32 flags); BOOL (*check_notify)(connection_struct *conn, uint16 vuid, char *path, uint32 flags, void *data, time_t t); void (*remove_notify)(void *data); }; then I wrote two implementations, one using hash/poll (like our old code) and the other using the new Linux kernel change notify. It should be easy to add other change notify implementations by creating a sructure of the above type. - fixed a bug in change notify where we were returning the wrong error code. - rewrote the core change notify code to be much simpler - moved to real-time signals for leases and change notify Amazingly, it all seems to work. I was very surprised!
generated by cgit (git 2.34.1) at 2025-09-26 18:37:37 +0000