#ifndef _SMB_H
#define _SMB_H
+#include "libcli/smb/smb_common.h"
+#include "libds/common/roles.h"
+
/* logged when starting the various Samba daemons */
-#define COPYRIGHT_STARTUP_MESSAGE "Copyright Andrew Tridgell and the Samba Team 1992-2010"
+#define COPYRIGHT_STARTUP_MESSAGE "Copyright Andrew Tridgell and the Samba Team 1992-2011"
#if defined(LARGE_SMB_OFF_T)
/* how long to wait for secondary SMB packets (milli-seconds) */
#define SMB_SECONDARY_WAIT (60*1000)
-/* Debugging stuff */
-#include "debug.h"
-
/* this defines the error codes that receive_smb can put in smb_read_error */
enum smb_read_errors {
SMB_READ_OK = 0,
#define DIR_STRUCT_SIZE 43
-/* these define the attribute byte as seen by DOS */
-#define aRONLY (1L<<0) /* 0x01 */
-#define aHIDDEN (1L<<1) /* 0x02 */
-#define aSYSTEM (1L<<2) /* 0x04 */
-#define aVOLID (1L<<3) /* 0x08 */
-#define aDIR (1L<<4) /* 0x10 */
-#define aARCH (1L<<5) /* 0x20 */
-
/* deny modes */
#define DENY_DOS 0
#define DENY_ALL 1
#define OPENX_FILE_CREATE_IF_NOT_EXIST 0x10
#define OPENX_FILE_FAIL_IF_NOT_EXIST 0
-#include "../libcli/util/doserr.h"
-
typedef union unid_t {
uid_t uid;
gid_t gid;
} unid_t;
/* pipe string names */
-#define PIPE_LANMAN "\\PIPE\\LANMAN"
-
-#define MAX_HOURS_LEN 32
#ifndef MAXSUBAUTHS
#define MAXSUBAUTHS 15 /* max sub authorities in a SID */
#define SID_MAX_SIZE ((size_t)(8+(MAXSUBAUTHS*4)))
-#define LOOKUP_NAME_NONE 0x00000000
-#define LOOKUP_NAME_ISOLATED 0x00000001 /* Look up unqualified names */
-#define LOOKUP_NAME_REMOTE 0x00000002 /* Ask others */
-#define LOOKUP_NAME_GROUP 0x00000004 /* (unused) This is a NASTY hack for
- valid users = @foo where foo also
- exists in as user. */
-#define LOOKUP_NAME_NO_NSS 0x00000008 /* no NSS calls to avoid
- winbind recursions */
-#define LOOKUP_NAME_BUILTIN 0x00000010 /* builtin names */
-#define LOOKUP_NAME_WKN 0x00000020 /* well known names */
-#define LOOKUP_NAME_DOMAIN 0x00000040 /* only lookup own domain */
-#define LOOKUP_NAME_LOCAL (LOOKUP_NAME_ISOLATED\
- |LOOKUP_NAME_BUILTIN\
- |LOOKUP_NAME_WKN\
- |LOOKUP_NAME_DOMAIN)
-#define LOOKUP_NAME_ALL (LOOKUP_NAME_ISOLATED\
- |LOOKUP_NAME_REMOTE\
- |LOOKUP_NAME_BUILTIN\
- |LOOKUP_NAME_WKN\
- |LOOKUP_NAME_DOMAIN)
-
-#include "librpc/gen_ndr/idmap.h"
-#include "librpc/gen_ndr/epmapper.h"
-#include "librpc/gen_ndr/krb5pac.h"
-#include "librpc/gen_ndr/dcerpc.h"
-#include "librpc/gen_ndr/spoolss.h"
-
-struct lsa_dom_info {
- bool valid;
- struct dom_sid sid;
- const char *name;
- int num_idxs;
- int *idxs;
-};
-
-struct lsa_name_info {
- uint32 rid;
- enum lsa_SidType type;
- const char *name;
- int dom_idx;
-};
-
-/* Some well-known SIDs */
-extern const struct dom_sid global_sid_World_Domain;
-extern const struct dom_sid global_sid_World;
-extern const struct dom_sid global_sid_Creator_Owner_Domain;
-extern const struct dom_sid global_sid_NT_Authority;
-extern const struct dom_sid global_sid_System;
-extern const struct dom_sid global_sid_NULL;
-extern const struct dom_sid global_sid_Authenticated_Users;
-extern const struct dom_sid global_sid_Network;
-extern const struct dom_sid global_sid_Creator_Owner;
-extern const struct dom_sid global_sid_Creator_Group;
-extern const struct dom_sid global_sid_Anonymous;
-extern const struct dom_sid global_sid_Builtin;
-extern const struct dom_sid global_sid_Builtin_Administrators;
-extern const struct dom_sid global_sid_Builtin_Users;
-extern const struct dom_sid global_sid_Builtin_Guests;
-extern const struct dom_sid global_sid_Builtin_Power_Users;
-extern const struct dom_sid global_sid_Builtin_Account_Operators;
-extern const struct dom_sid global_sid_Builtin_Server_Operators;
-extern const struct dom_sid global_sid_Builtin_Print_Operators;
-extern const struct dom_sid global_sid_Builtin_Backup_Operators;
-extern const struct dom_sid global_sid_Builtin_Replicator;
-extern const struct dom_sid global_sid_Builtin_PreWin2kAccess;
-extern const struct dom_sid global_sid_Unix_Users;
-extern const struct dom_sid global_sid_Unix_Groups;
+#include "librpc/gen_ndr/security.h"
/*
* The complete list of SIDS belonging to this user.
#define PRIMARY_USER_SID_INDEX 0
#define PRIMARY_GROUP_SID_INDEX 1
-typedef struct nt_user_token {
- size_t num_sids;
- struct dom_sid *user_sids;
- SE_PRIV privileges;
-} NT_USER_TOKEN;
-
-typedef struct unix_user_token {
- uid_t uid;
- gid_t gid;
- size_t ngroups;
- gid_t *groups;
-} UNIX_USER_TOKEN;
-
-/* 32 bit time (sec) since 01jan1970 - cifs6.txt, section 3.5, page 30 */
-typedef struct time_info {
- uint32 time;
-} UTIME;
-
typedef struct write_cache {
SMB_OFF_T file_size;
SMB_OFF_T offset;
char *data;
} write_cache;
-#include "fake_file.h"
-
struct fd_handle {
size_t ref_count;
int fd;
};
struct print_file_data {
+ char *svcname;
+ char *docname;
+ char *filename;
+ struct policy_handle handle;
+ uint32_t jobid;
uint16 rap_jobid;
};
bool initial_delete_on_close; /* Only set at NTCreateX if file was created. */
bool delete_on_close;
bool posix_open;
+ bool is_sparse;
struct smb_filename *fsp_name;
+ uint32_t name_hash; /* Jenkins hash of full pathname. */
struct vfs_fsp_data *vfs_extension;
struct fake_file_handle *fake_file_handle;
#include "ntquotas.h"
#include "sysquotas.h"
+struct client_address {
+ char addr[INET6_ADDRSTRLEN];
+ const char *name;
+};
+
struct vuid_cache_entry {
- struct auth_serversupplied_info *server_info;
+ struct auth_serversupplied_info *session_info;
uint16_t vuid;
bool read_only;
};
* This represents the user information on this connection. Depending
* on the vuid using this tid, this might change per SMB request.
*/
- struct auth_serversupplied_info *server_info;
+ struct auth_serversupplied_info *session_info;
/*
* If the "force group" parameter is set, this is the primary gid that
*/
gid_t force_group_gid;
- char client_address[INET6_ADDRSTRLEN]; /* String version of client IP address. */
-
uint16 vuid; /* vuid of user who *opened* this connection, or UID_FIELD_INVALID */
time_t lastused;
struct current_user {
connection_struct *conn;
uint16 vuid;
- UNIX_USER_TOKEN ut;
- NT_USER_TOKEN *nt_user_token;
+ struct security_unix_token ut;
+ struct security_token *nt_user_token;
};
struct smbd_smb2_request;
fstring domain; /* domain that the client specified */
} userdom_struct;
-/* Extra fields above "LPQ_PRINTING" are used to map extra NT status codes. */
-
-enum {LPQ_QUEUED=0,LPQ_PAUSED,LPQ_SPOOLING,LPQ_PRINTING,LPQ_ERROR,LPQ_DELETING,
- LPQ_OFFLINE,LPQ_PAPEROUT,LPQ_PRINTED,LPQ_DELETED,LPQ_BLOCKED,LPQ_USER_INTERVENTION};
-
-typedef struct _print_queue_struct {
- int job; /* normally the UNIX jobid -- see note in
- printing.c:traverse_fn_delete() */
- int size;
- int page_count;
- int status;
- int priority;
- time_t time;
- fstring fs_user;
- fstring fs_file;
-} print_queue_struct;
-
-enum {LPSTAT_OK, LPSTAT_STOPPED, LPSTAT_ERROR};
-
-typedef struct {
- fstring message;
- int qcount;
- int status;
-} print_status_struct;
-
/* used for server information: client, nameserv and ipc */
struct server_info_struct {
fstring name;
#define SHARE_MODE_FLAG_POSIX_OPEN 0x1
+#include "librpc/gen_ndr/server_id.h"
+
/* struct returned by get_share_modes */
struct share_mode_entry {
struct server_id pid;
unsigned long share_file_id;
uint32 uid; /* uid of file opener. */
uint16 flags; /* See SHARE_MODE_XX above. */
+ uint32_t name_hash; /* Jenkins hash of full pathname. */
};
/* oplock break message definition - linearization of share_mode_entry.
58 unsigned long file_id 4 bytes
62 uint32 uid 4 bytes
66 uint16 flags 2 bytes
-68
+68 uint32 name_hash 4 bytes
+72
*/
#define OP_BREAK_MSG_FILE_ID_OFFSET 58
#define OP_BREAK_MSG_UID_OFFSET 62
#define OP_BREAK_MSG_FLAGS_OFFSET 66
+#define OP_BREAK_MSG_NAME_HASH_OFFSET 68
-#ifdef CLUSTER_SUPPORT
-#define OP_BREAK_MSG_VNN_OFFSET 68
-#define MSG_SMB_SHARE_MODE_ENTRY_SIZE 72
-#else
-#define MSG_SMB_SHARE_MODE_ENTRY_SIZE 68
-#endif
+#define OP_BREAK_MSG_VNN_OFFSET 72
+#define MSG_SMB_SHARE_MODE_ENTRY_SIZE 76
+
+struct delete_token_list {
+ struct delete_token_list *next, *prev;
+ uint32_t name_hash;
+ struct security_unix_token *delete_token;
+};
struct share_mode_lock {
const char *servicepath; /* canonicalized. */
struct file_id id;
int num_share_modes;
struct share_mode_entry *share_modes;
- UNIX_USER_TOKEN *delete_token;
- bool delete_on_close;
+ struct delete_token_list *delete_tokens;
struct timespec old_write_time;
struct timespec changed_write_time;
bool fresh;
union {
struct {
int num_share_mode_entries;
- bool delete_on_close;
struct timespec old_write_time;
struct timespec changed_write_time;
- uint32 delete_token_size; /* Only valid if either of
- the two previous fields
- are True. */
+ uint32 num_delete_token_entries;
} s;
struct share_mode_entry dummy; /* Needed for alignment. */
} u;
/* The following four entries are implicit
- struct share_mode_entry modes[num_share_mode_entries];
- char unix_token[delete_token_size] (divisible by 4).
- char share_name[];
- char file_name[];
- */
-};
-/* Used to store pipe open records for NetFileEnum() */
+ (1) struct share_mode_entry modes[num_share_mode_entries];
-struct pipe_open_rec {
- struct server_id pid;
- uid_t uid;
- int pnum;
- fstring name;
-};
+ (2) A num_delete_token_entries of structs {
+ uint32_t len_delete_token;
+ char unix_token[len_delete_token] (divisible by 4).
+ };
+ (3) char share_name[];
+ (4) char file_name[];
+ */
+};
#define NT_HASH_LEN 16
#define LM_HASH_LEN 16
-/* Password history contants. */
-#define PW_HISTORY_SALT_LEN 16
-#define SALTED_MD5_HASH_LEN 16
-#define PW_HISTORY_ENTRY_LEN (PW_HISTORY_SALT_LEN+SALTED_MD5_HASH_LEN)
-#define MAX_PW_HISTORY_LEN 24
-
-/*
- * Flags for local user manipulation.
- */
-
-#define LOCAL_ADD_USER 0x1
-#define LOCAL_DELETE_USER 0x2
-#define LOCAL_DISABLE_USER 0x4
-#define LOCAL_ENABLE_USER 0x8
-#define LOCAL_TRUST_ACCOUNT 0x10
-#define LOCAL_SET_NO_PASSWORD 0x20
-#define LOCAL_SET_PASSWORD 0x40
-#define LOCAL_SET_LDAP_ADMIN_PW 0x80
-#define LOCAL_INTERDOM_ACCOUNT 0x100
-#define LOCAL_AM_ROOT 0x200 /* Act as root */
-
/* key and data in the connections database - used in smbstatus and smbd */
struct connections_key {
struct server_id pid;
char addr[24];
char machine[FSTRING_LEN];
time_t start;
- uint32 bcast_msg_flags;
+
+ /*
+ * This field used to hold the msg_flags. For compatibility reasons,
+ * keep the data structure in the tdb file the same.
+ */
+ uint32 unused_compatitibility_field;
};
#define FLAG_HIDE 0x2000 /* options that should be hidden in SWAT */
#define FLAG_DOS_STRING 0x4000 /* convert from UNIX to DOS codepage when reading this string. */
#define FLAG_META 0x8000 /* A meta directive - not a real parameter */
+#define FLAG_CMDLINE 0x10000 /* option has been overridden */
struct bitmap {
uint32 *b;
#define PIPE_RAW_MODE 0x4
#define PIPE_START_MESSAGE 0x8
-/* File Specific access rights */
-#define FILE_READ_DATA 0x00000001
-#define FILE_WRITE_DATA 0x00000002
-#define FILE_APPEND_DATA 0x00000004
-#define FILE_READ_EA 0x00000008 /* File and directory */
-#define FILE_WRITE_EA 0x00000010 /* File and directory */
-#define FILE_EXECUTE 0x00000020
-#define FILE_DELETE_CHILD 0x00000040
-#define FILE_READ_ATTRIBUTES 0x00000080
-#define FILE_WRITE_ATTRIBUTES 0x00000100
-
-#define FILE_ALL_ACCESS 0x000001FF
-
-/* Directory specific access rights */
-#define FILE_LIST_DIRECTORY 0x00000001
-#define FILE_ADD_FILE 0x00000002
-#define FILE_ADD_SUBDIRECTORY 0x00000004
-#define FILE_TRAVERSE 0x00000020
-#define FILE_DELETE_CHILD 0x00000040
-
/* the desired access to use when opening a pipe */
#define DESIRED_ACCESS_PIPE 0x2019f
-/* Generic access masks & rights. */
-#define DELETE_ACCESS 0x00010000 /* (1L<<16) */
-#define READ_CONTROL_ACCESS 0x00020000 /* (1L<<17) */
-#define WRITE_DAC_ACCESS 0x00040000 /* (1L<<18) */
-#define WRITE_OWNER_ACCESS 0x00080000 /* (1L<<19) */
-#define SYNCHRONIZE_ACCESS 0x00100000 /* (1L<<20) */
-
-#define SYSTEM_SECURITY_ACCESS 0x01000000 /* (1L<<24) */
-#define MAXIMUM_ALLOWED_ACCESS 0x02000000 /* (1L<<25) */
-#define GENERIC_ALL_ACCESS 0x10000000 /* (1<<28) */
-#define GENERIC_EXECUTE_ACCESS 0x20000000 /* (1<<29) */
-#define GENERIC_WRITE_ACCESS 0x40000000 /* (1<<30) */
-#define GENERIC_READ_ACCESS ((unsigned)0x80000000) /* (((unsigned)1)<<31) */
-
-/* Mapping of generic access rights for files to specific rights. */
-
-/* This maps to 0x1F01FF */
-#define FILE_GENERIC_ALL (STANDARD_RIGHTS_REQUIRED_ACCESS|\
- SYNCHRONIZE_ACCESS|\
- FILE_ALL_ACCESS)
-
-/* This maps to 0x120089 */
-#define FILE_GENERIC_READ (STANDARD_RIGHTS_READ_ACCESS|\
- FILE_READ_DATA|\
- FILE_READ_ATTRIBUTES|\
- FILE_READ_EA|\
- SYNCHRONIZE_ACCESS)
-
-/* This maps to 0x120116 */
-#define FILE_GENERIC_WRITE (SEC_STD_READ_CONTROL|\
- FILE_WRITE_DATA|\
- FILE_WRITE_ATTRIBUTES|\
- FILE_WRITE_EA|\
- FILE_APPEND_DATA|\
- SYNCHRONIZE_ACCESS)
-
-#define FILE_GENERIC_EXECUTE (STANDARD_RIGHTS_EXECUTE_ACCESS|\
- FILE_READ_ATTRIBUTES|\
- FILE_EXECUTE|\
- SYNCHRONIZE_ACCESS)
-
-/* Share specific rights. */
-#define SHARE_ALL_ACCESS FILE_GENERIC_ALL
-#define SHARE_READ_ONLY (FILE_GENERIC_READ|FILE_EXECUTE)
-
/* Mapping of access rights to UNIX perms. */
#define UNIX_ACCESS_RWX FILE_GENERIC_ALL
#define UNIX_ACCESS_R FILE_GENERIC_READ
#define FILE_SHARE_WRITE 2
#define FILE_SHARE_DELETE 4
-/* FileAttributesField */
-#define FILE_ATTRIBUTE_READONLY 0x001L
-#define FILE_ATTRIBUTE_HIDDEN 0x002L
-#define FILE_ATTRIBUTE_SYSTEM 0x004L
-#define FILE_ATTRIBUTE_DIRECTORY 0x010L
-#define FILE_ATTRIBUTE_ARCHIVE 0x020L
-#define FILE_ATTRIBUTE_NORMAL 0x080L
-#define FILE_ATTRIBUTE_TEMPORARY 0x100L
-#define FILE_ATTRIBUTE_SPARSE 0x200L
-#define FILE_ATTRIBUTE_REPARSE_POINT 0x400L
-#define FILE_ATTRIBUTE_COMPRESSED 0x800L
-#define FILE_ATTRIBUTE_OFFLINE 0x1000L
-#define FILE_ATTRIBUTE_NONINDEXED 0x2000L
-#define FILE_ATTRIBUTE_ENCRYPTED 0x4000L
-#define SAMBA_ATTRIBUTES_MASK 0x7F
-
/* Flags - combined with attributes. */
#define FILE_FLAG_WRITE_THROUGH 0x80000000L
#define FILE_FLAG_NO_BUFFERING 0x20000000L
#define NEGOTIATE_SECURITY_SIGNATURES_ENABLED 0x04
#define NEGOTIATE_SECURITY_SIGNATURES_REQUIRED 0x08
-/* NT Flags2 bits - cifs6.txt section 3.1.2 */
-
-#define FLAGS2_LONG_PATH_COMPONENTS 0x0001
-#define FLAGS2_EXTENDED_ATTRIBUTES 0x0002
-#define FLAGS2_SMB_SECURITY_SIGNATURES 0x0004
-#define FLAGS2_UNKNOWN_BIT4 0x0010
-#define FLAGS2_IS_LONG_NAME 0x0040
-#define FLAGS2_EXTENDED_SECURITY 0x0800
-#define FLAGS2_DFS_PATHNAMES 0x1000
-#define FLAGS2_READ_PERMIT_EXECUTE 0x2000
-#define FLAGS2_32_BIT_ERROR_CODES 0x4000
-#define FLAGS2_UNICODE_STRINGS 0x8000
-
-#define FLAGS2_WIN2K_SIGNATURE 0xC852 /* Hack alert ! For now... JRA. */
-
/* TCONX Flag (smb_vwv2). */
#define TCONX_FLAG_EXTENDED_RESPONSE 0x8
/* security levels */
enum security_types {SEC_SHARE,SEC_USER,SEC_SERVER,SEC_DOMAIN,SEC_ADS};
-/* server roles */
-enum server_types {
- ROLE_STANDALONE,
- ROLE_DOMAIN_MEMBER,
- ROLE_DOMAIN_BDC,
- ROLE_DOMAIN_PDC
-};
-
/* printing types */
enum printing_types {PRINT_BSD,PRINT_SYSV,PRINT_AIX,PRINT_HPUX,
PRINT_QNX,PRINT_PLP,PRINT_LPRNG,PRINT_SOFTQ,
#endif /* DEVELOPER */
};
-/* LDAP schema types */
-enum schema_types {SCHEMA_COMPAT, SCHEMA_AD, SCHEMA_SAMBA};
-
/* LDAP SSL options */
enum ldap_ssl_types {LDAP_SSL_OFF, LDAP_SSL_START_TLS};
/* LDAP PASSWD SYNC methods */
enum ldap_passwd_sync_types {LDAP_PASSWD_SYNC_ON, LDAP_PASSWD_SYNC_OFF, LDAP_PASSWD_SYNC_ONLY};
+/*
+ * This should be under the HAVE_KRB5 flag but since they're used
+ * in lp_kerberos_method(), they ned to be always available
+ * If you add any entries to KERBEROS_VERIFY defines, please modify USE.*KEYTAB macros
+ * so they remain accurate.
+ */
+
+#define KERBEROS_VERIFY_SECRETS 0
+#define KERBEROS_VERIFY_SYSTEM_KEYTAB 1
+#define KERBEROS_VERIFY_DEDICATED_KEYTAB 2
+#define KERBEROS_VERIFY_SECRETS_AND_KEYTAB 3
+
/* Remote architectures we know about. */
enum remote_arch_types {RA_UNKNOWN, RA_WFWG, RA_OS2, RA_WIN95, RA_WINNT,
RA_WIN2K, RA_WINXP, RA_WIN2K3, RA_VISTA,
- RA_SAMBA, RA_CIFSFS, RA_WINXP64};
+ RA_SAMBA, RA_CIFSFS, RA_WINXP64, RA_OSX};
/* case handling */
enum case_handling {CASE_LOWER,CASE_UPPER};
};
/* A netbios node status array element. */
-typedef struct node_status_ {
+struct node_status {
nstring name;
unsigned char type;
unsigned char flags;
-} NODE_STATUS_STRUCT;
+};
/* The extra info from a NetBIOS node status query */
struct node_status_extra {
TDB key string */
int homes_snum;
- struct auth_serversupplied_info *server_info;
+ struct auth_serversupplied_info *session_info;
struct auth_ntlmssp_state *auth_ntlmssp_state;
} user_struct;
-struct unix_error_map {
- int unix_error;
- int dos_class;
- int dos_code;
- NTSTATUS nt_error;
-};
-
-/*
- * Size of new password account encoding string. This is enough space to
- * hold 11 ACB characters, plus the surrounding [] and a terminating null.
- * Do not change unless you are adding new ACB bits!
- */
-
-#define NEW_PW_FORMAT_SPACE_PADDED_LEN 14
-
/*
Do you want session setups at user level security with a invalid
password to be rejected or allowed in as guest? WinNT rejects them
#define DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH 14
-#include "popt_common.h"
-
#define PORT_NONE 0
#ifndef LDAP_PORT
#define LDAP_PORT 389
unsigned port;
};
-/* Special name type used to cause a _kerberos DNS lookup. */
-#define KDC_NAME_TYPE 0xDCDC
-
struct ea_struct {
uint8 flags;
char *name;
/* Prefix for xattrs storing streams. */
#define SAMBA_XATTR_MARKER "user.SAMBA_STREAMS"
-#define UUID_SIZE 16
-
-#define UUID_FLAT_SIZE 16
-typedef struct uuid_flat {
- uint8 info[UUID_FLAT_SIZE];
-} UUID_FLAT;
-
/* map readonly options */
enum mapreadonly_options {MAP_READONLY_NO, MAP_READONLY_YES, MAP_READONLY_PERMISSIONS};
/* Used inside aio code. */
struct aio_extra;
+/*
+ * Reasons for cache flush.
+ */
+
+enum flush_reason_enum {
+ SEEK_FLUSH,
+ READ_FLUSH,
+ WRITE_FLUSH,
+ READRAW_FLUSH,
+ OPLOCK_RELEASE_FLUSH,
+ CLOSE_FLUSH,
+ SYNC_FLUSH,
+ SIZECHANGE_FLUSH,
+ /* NUM_FLUSH_REASONS must remain the last value in the enumeration. */
+ NUM_FLUSH_REASONS};
+
#endif /* _SMB_H */
git.samba.org / abartlet / samba.git / .git / blobdiff