2 Unix SMB/CIFS implementation.
3 SMB parameters and setup, plus a whole lot more.
5 Copyright (C) Andrew Tridgell 1992-2000
6 Copyright (C) John H Terpstra 1996-2002
7 Copyright (C) Luke Kenneth Casson Leighton 1996-2000
8 Copyright (C) Paul Ashton 1998-2000
9 Copyright (C) Simo Sorce 2001-2002
10 Copyright (C) Martin Pool 2002
12 This program is free software; you can redistribute it and/or modify
13 it under the terms of the GNU General Public License as published by
14 the Free Software Foundation; either version 2 of the License, or
15 (at your option) any later version.
17 This program is distributed in the hope that it will be useful,
18 but WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 GNU General Public License for more details.
22 You should have received a copy of the GNU General Public License
23 along with this program; if not, write to the Free Software
24 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
31 #define DGRAM_PORT 138
34 #define SMB_PORTS "445 139"
42 #define _BOOL /* So we don't typedef BOOL again in vfs.h */
47 #ifndef DEF_CREATE_MASK
48 #define DEF_CREATE_MASK (0755)
51 /* string manipulation flags - see clistr.c and srvstr.c */
52 #define STR_TERMINATE 1
56 #define STR_NOALIGN 16
57 #define STR_NO_RANGE_CHECK 32
58 #define STR_LEN8BIT 64
59 #define STR_TERMINATE_ASCII 128 /* only terminate if ascii */
60 #define STR_LEN_NOTERM 256 /* the length field is the unterminated length */
65 /* types of socket errors */
66 enum socket_error {SOCKET_READ_TIMEOUT,
81 #define DOS_OPEN_RDONLY 0
82 #define DOS_OPEN_WRONLY 1
83 #define DOS_OPEN_RDWR 2
84 #define DOS_OPEN_FCB 0xF
87 /**********************************/
88 /* SMBopen field definitions */
89 #define OPEN_FLAGS_DENY_MASK 0x70
90 #define OPEN_FLAGS_DENY_DOS 0x00
91 #define OPEN_FLAGS_DENY_ALL 0x10
92 #define OPEN_FLAGS_DENY_WRITE 0x20
93 #define OPEN_FLAGS_DENY_READ 0x30
94 #define OPEN_FLAGS_DENY_NONE 0x40
96 #define OPEN_FLAGS_MODE_MASK 0x0F
97 #define OPEN_FLAGS_OPEN_READ 0
98 #define OPEN_FLAGS_OPEN_WRITE 1
99 #define OPEN_FLAGS_OPEN_RDWR 2
100 #define OPEN_FLAGS_FCB 0xFF
103 /**********************************/
104 /* SMBopenX field definitions */
106 /* OpenX Flags field. */
107 #define OPENX_FLAGS_ADDITIONAL_INFO 0x01
108 #define OPENX_FLAGS_REQUEST_OPLOCK 0x02
109 #define OPENX_FLAGS_REQUEST_BATCH_OPLOCK 0x04
110 #define OPENX_FLAGS_EA_LEN 0x08
111 #define OPENX_FLAGS_EXTENDED_RETURN 0x10
113 /* desired access (open_mode), split info 4 4-bit nibbles */
114 #define OPENX_MODE_ACCESS_MASK 0x000F
115 #define OPENX_MODE_ACCESS_READ 0x0000
116 #define OPENX_MODE_ACCESS_WRITE 0x0001
117 #define OPENX_MODE_ACCESS_RDWR 0x0002
118 #define OPENX_MODE_ACCESS_EXEC 0x0003
119 #define OPENX_MODE_ACCESS_FCB 0x000F
121 #define OPENX_MODE_DENY_SHIFT 4
122 #define OPENX_MODE_DENY_MASK (0xF << OPENX_MODE_DENY_SHIFT)
123 #define OPENX_MODE_DENY_DOS (DENY_DOS << OPENX_MODE_DENY_SHIFT)
124 #define OPENX_MODE_DENY_ALL (DENY_ALL << OPENX_MODE_DENY_SHIFT)
125 #define OPENX_MODE_DENY_WRITE (DENY_WRITE << OPENX_MODE_DENY_SHIFT)
126 #define OPENX_MODE_DENY_READ (DENY_READ << OPENX_MODE_DENY_SHIFT)
127 #define OPENX_MODE_DENY_NONE (DENY_NONE << OPENX_MODE_DENY_SHIFT)
128 #define OPENX_MODE_DENY_FCB (0xF << OPENX_MODE_DENY_SHIFT)
130 #define OPENX_MODE_LOCALITY_MASK 0x0F00 /* what does this do? */
132 #define OPENX_MODE_NO_CACHE 0x1000
133 #define OPENX_MODE_WRITE_THRU 0x4000
135 /* open function values */
136 #define OPENX_OPEN_FUNC_MASK 0x3
137 #define OPENX_OPEN_FUNC_FAIL 0x0
138 #define OPENX_OPEN_FUNC_OPEN 0x1
139 #define OPENX_OPEN_FUNC_TRUNC 0x2
141 /* The above can be OR'ed with... */
142 #define OPENX_OPEN_FUNC_CREATE 0x10
144 /* openx action in reply */
145 #define OPENX_ACTION_EXISTED 1
146 #define OPENX_ACTION_CREATED 2
147 #define OPENX_ACTION_TRUNCATED 3
150 /**********************************/
151 /* SMBntcreateX field definitions */
153 /* ntcreatex flags field. */
154 #define NTCREATEX_FLAGS_REQUEST_OPLOCK 0x02
155 #define NTCREATEX_FLAGS_REQUEST_BATCH_OPLOCK 0x04
156 #define NTCREATEX_FLAGS_OPEN_DIRECTORY 0x08
157 #define NTCREATEX_FLAGS_EXTENDED 0x10
159 /* the ntcreatex access_mask field
160 this is split into 4 pieces
161 AAAABBBBCCCCCCCCDDDDDDDDDDDDDDDD
167 which set of SA_RIGHT_* bits is applicable depends on the type
173 /* ntcreatex share_access field */
174 #define NTCREATEX_SHARE_ACCESS_NONE 0
175 #define NTCREATEX_SHARE_ACCESS_READ 1
176 #define NTCREATEX_SHARE_ACCESS_WRITE 2
177 #define NTCREATEX_SHARE_ACCESS_DELETE 4
179 /* ntcreatex open_disposition field */
180 #define NTCREATEX_DISP_SUPERSEDE 0 /* supersede existing file (if it exists) */
181 #define NTCREATEX_DISP_OPEN 1 /* if file exists open it, else fail */
182 #define NTCREATEX_DISP_CREATE 2 /* if file exists fail, else create it */
183 #define NTCREATEX_DISP_OPEN_IF 3 /* if file exists open it, else create it */
184 #define NTCREATEX_DISP_OVERWRITE 4 /* if exists overwrite, else fail */
185 #define NTCREATEX_DISP_OVERWRITE_IF 5 /* if exists overwrite, else create */
187 /* ntcreatex create_options field */
188 #define NTCREATEX_OPTIONS_DIRECTORY 0x0001
189 #define NTCREATEX_OPTIONS_WRITE_THROUGH 0x0002
190 #define NTCREATEX_OPTIONS_SEQUENTIAL_ONLY 0x0004
191 #define NTCREATEX_OPTIONS_SYNC_ALERT 0x0010
192 #define NTCREATEX_OPTIONS_ASYNC_ALERT 0x0020
193 #define NTCREATEX_OPTIONS_NON_DIRECTORY_FILE 0x0040
194 #define NTCREATEX_OPTIONS_NO_EA_KNOWLEDGE 0x0200
195 #define NTCREATEX_OPTIONS_EIGHT_DOT_THREE_ONLY 0x0400
196 #define NTCREATEX_OPTIONS_RANDOM_ACCESS 0x0800
197 #define NTCREATEX_OPTIONS_DELETE_ON_CLOSE 0x1000
198 #define NTCREATEX_OPTIONS_OPEN_BY_FILE_ID 0x2000
200 /* ntcreatex impersonation field */
201 #define NTCREATEX_IMPERSONATION_ANONYMOUS 0
202 #define NTCREATEX_IMPERSONATION_IDENTIFICATION 1
203 #define NTCREATEX_IMPERSONATION_IMPERSONATION 2
204 #define NTCREATEX_IMPERSONATION_DELEGATION 3
206 /* ntcreatex security flags bit field */
207 #define NTCREATEX_SECURITY_DYNAMIC 1
208 #define NTCREATEX_SECURITY_ALL 2
210 /* ntcreatex create_action in reply */
211 #define NTCREATEX_ACTION_EXISTED 1
212 #define NTCREATEX_ACTION_CREATED 2
213 #define NTCREATEX_ACTION_TRUNCATED 3
214 /* the value 5 can also be returned when you try to create a directory with
215 incorrect parameters - what does it mean? maybe created temporary file? */
216 #define NTCREATEX_ACTION_UNKNOWN 5
221 #define STYPE_DISKTREE 0 /* Disk drive */
222 #define STYPE_PRINTQ 1 /* Spooler queue */
223 #define STYPE_DEVICE 2 /* Serial device */
224 #define STYPE_IPC 3 /* Interprocess communication (IPC) */
225 #define STYPE_HIDDEN 0x80000000 /* share is a hidden one (ends with $) */
229 /* this is a trade with jeremy - I agreed to use uint_t instead of
230 * bare unsigned if he agreed to not use non-braced if statements
231 * (13/4/2003 - train to gottenginen) */
232 typedef unsigned int uint_t;
235 * SMB UCS2 (16-bit unicode) internal type.
238 typedef uint16 smb_ucs2_t;
240 /* ucs2 string types. */
241 typedef smb_ucs2_t wpstring[PSTRING_LEN];
242 typedef smb_ucs2_t wfstring[FSTRING_LEN];
244 /* This error code can go into the client smb_rw_error. */
245 #define WRITE_ERROR 4
247 #ifdef WORDS_BIGENDIAN
253 /* turn a 7 bit character into a ucs2 character */
254 #define UCS2_CHAR(c) ((c) << UCS2_SHIFT)
256 /* pipe string names */
257 #define PIPE_LANMAN "\\PIPE\\LANMAN"
258 #define PIPE_SRVSVC "\\PIPE\\srvsvc"
259 #define PIPE_SAMR "\\PIPE\\samr"
260 #define PIPE_WINREG "\\PIPE\\winreg"
261 #define PIPE_WKSSVC "\\PIPE\\wkssvc"
262 #define PIPE_NETLOGON "\\PIPE\\NETLOGON"
263 #define PIPE_NTLSA "\\PIPE\\ntlsa"
264 #define PIPE_NTSVCS "\\PIPE\\ntsvcs"
265 #define PIPE_LSASS "\\PIPE\\lsass"
266 #define PIPE_LSARPC "\\PIPE\\lsarpc"
267 #define PIPE_SPOOLSS "\\PIPE\\spoolss"
268 #define PIPE_NETDFS "\\PIPE\\netdfs"
271 #define PI_LSARPC_DS 1
273 #define PI_NETLOGON 3
279 #define PI_MAX_PIPES 9
281 /* Allowable account control bits */
282 #define ACB_DISABLED 0x0001 /* 1 = User account disabled */
283 #define ACB_HOMDIRREQ 0x0002 /* 1 = Home directory required */
284 #define ACB_PWNOTREQ 0x0004 /* 1 = User password not required */
285 #define ACB_TEMPDUP 0x0008 /* 1 = Temporary duplicate account */
286 #define ACB_NORMAL 0x0010 /* 1 = Normal user account */
287 #define ACB_MNS 0x0020 /* 1 = MNS logon user account */
288 #define ACB_DOMTRUST 0x0040 /* 1 = Interdomain trust account */
289 #define ACB_WSTRUST 0x0080 /* 1 = Workstation trust account */
290 #define ACB_SVRTRUST 0x0100 /* 1 = Server trust account */
291 #define ACB_PWNOEXP 0x0200 /* 1 = User password does not expire */
292 #define ACB_AUTOLOCK 0x0400 /* 1 = Account auto locked */
294 #define MAX_HOURS_LEN 32
297 #define MAXSUBAUTHS 15 /* max sub authorities in a SID */
303 SID_NAME_USE_NONE = 0,/* NOTUSED */
304 SID_NAME_USER = 1, /* user */
305 SID_NAME_DOM_GRP = 2, /* domain group */
306 SID_NAME_DOMAIN = 3, /* domain: don't know what this is */
307 SID_NAME_ALIAS = 4, /* local group */
308 SID_NAME_WKN_GRP = 5, /* well-known group */
309 SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
310 SID_NAME_INVALID = 7, /* invalid account */
311 SID_NAME_UNKNOWN = 8 /* oops. */
315 * @brief Security Identifier
317 * @sa http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/accctrl_38yn.asp
319 typedef struct sid_info
321 uint8 sid_rev_num; /**< SID revision number */
322 uint8 num_auths; /**< Number of sub-authorities */
323 uint8 id_auth[6]; /**< Identifier Authority */
325 * Pointer to sub-authorities.
327 * @note The values in these uint32's are in *native* byteorder, not
328 * neccessarily little-endian...... JRA.
330 uint32 sub_auths[MAXSUBAUTHS];
335 * The complete list of SIDS belonging to this user.
336 * Created when a vuid is registered.
337 * The definition of the user_sids array is as follows :
339 * token->user_sids[0] = primary user SID.
340 * token->user_sids[1] = primary group SID.
341 * token->user_sids[2..num_sids] = supplementary group SIDS.
344 #define PRIMARY_USER_SID_INDEX 0
345 #define PRIMARY_GROUP_SID_INDEX 1
347 typedef struct _nt_user_token {
352 /*** query a local group, get a list of these: shows who is in that group ***/
354 /* local group member info */
355 typedef struct local_grp_member_info
357 DOM_SID sid ; /* matches with name */
358 uint8 sid_use; /* usr=1 grp=2 dom=3 alias=4 wkng=5 del=6 inv=7 unk=8 */
359 fstring name ; /* matches with sid: must be of the form "DOMAIN\account" */
363 /* enumerate these to get list of local groups */
365 /* local group info */
366 typedef struct local_grp_info
373 /*** enumerate these to get list of domain groups ***/
375 /* domain group member info */
376 typedef struct domain_grp_info
380 uint32 rid; /* group rid */
381 uint8 attr; /* attributes forced to be set to 0x7: SE_GROUP_xxx */
385 /*** query a domain group, get a list of these: shows who is in that group ***/
387 /* domain group info */
388 typedef struct domain_grp_member_info
391 uint8 attr; /* attributes forced to be set to 0x7: SE_GROUP_xxx */
395 /* 32 bit time (sec) since 01jan1970 - cifs6.txt, section 3.5, page 30 */
396 typedef struct time_info
401 /* used to hold an arbitrary blob of data */
402 typedef struct data_blob {
405 void (*free)(struct data_blob *data_blob);
409 * Structure used to keep directory state information around.
410 * Used in NT change-notify code.
420 unsigned int entries;
421 uint16 list[VUID_CACHE_SIZE];
424 /* Include VFS stuff */
426 #include "smb_acls.h"
430 #include "smb_interfaces.h"
433 typedef struct smb_vfs_handle_struct
436 /* Handle on dlopen() call */
438 struct smb_vfs_handle_struct *next, *prev;
440 } smb_vfs_handle_struct;
442 struct tcon_context {
443 struct tcon_context *next, *prev;
445 /* the server context that this was created on */
446 struct server_context *smb;
448 /* a talloc context for all data in this structure */
451 /* a private structure used by the active NTVFS backend */
454 uint16 cnum; /* an index passed over the wire (the TID) */
456 enum ntvfs_type type;
460 /* the NTVFS operations - see source/ntvfs/ and include/ntvfs.h for details */
461 struct ntvfs_ops *ntvfs_ops;
463 /* the reported filesystem type */
466 /* the reported device type */
472 struct tcon_context *conn;
478 NT_USER_TOKEN *nt_user_token;
481 /* Defines for the sent_oplock_break field above. */
482 #define NO_BREAK_SENT 0
483 #define EXCLUSIVE_BREAK_SENT 1
484 #define LEVEL_II_BREAK_SENT 2
486 typedef struct userdom_struct {
487 fstring smb_name; /* user name from the client */
488 fstring unix_name; /* unix user name of a validated user */
489 fstring full_name; /* to store full name (such as "Joe Bloggs") from gecos field of password file */
490 fstring domain; /* domain that the client specified */
493 /* used for server information: client, nameserv and ipc */
494 struct server_info_struct
499 fstring domain; /* used ONLY in ipc.c NOT namework.c */
500 BOOL server_added; /* used ONLY in ipc.c NOT namework.c */
504 /* used for network interfaces */
507 struct interface *next, *prev;
509 struct in_addr bcast;
510 struct in_addr nmask;
513 /* struct returned by get_share_modes */
519 uint32 desired_access;
523 unsigned long share_file_id;
527 #define SHAREMODE_FN_CAST() \
528 void (*)(share_mode_entry *, char*)
530 #define SHAREMODE_FN(fn) \
531 void (*fn)(share_mode_entry *, char*)
533 #define NT_HASH_LEN 16
534 #define LM_HASH_LEN 16
537 * bit flags representing initialized fields in SAM_ACCOUNT
575 /* this must be the last element */
579 enum pdb_value_state {
585 #define IS_SAM_UNIX_USER(x) \
586 (( pdb_get_init_flags(x, PDB_UID) != PDB_DEFAULT ) \
587 && ( pdb_get_init_flags(x,PDB_GID) != PDB_DEFAULT ))
589 #define IS_SAM_SET(x, flag) (pdb_get_init_flags(x, flag) == PDB_SET)
590 #define IS_SAM_CHANGED(x, flag) (pdb_get_init_flags(x, flag) == PDB_CHANGED)
591 #define IS_SAM_DEFAULT(x, flag) (pdb_get_init_flags(x, flag) == PDB_DEFAULT)
593 typedef struct sam_passwd
597 void (*free_fn)(struct sam_passwd **);
599 struct pdb_methods *methods;
602 /* initiailization flags */
603 struct bitmap *change_flags;
604 struct bitmap *set_flags;
606 time_t logon_time; /* logon time */
607 time_t logoff_time; /* logoff time */
608 time_t kickoff_time; /* kickoff time */
609 time_t pass_last_set_time; /* password last set time */
610 time_t pass_can_change_time; /* password can change time */
611 time_t pass_must_change_time; /* password must change time */
613 const char * username; /* UNIX username string */
614 const char * domain; /* Windows Domain name */
615 const char * nt_username; /* Windows username string */
616 const char * full_name; /* user's full name string */
617 const char * unix_home_dir; /* UNIX home directory string */
618 const char * home_dir; /* home directory string */
619 const char * dir_drive; /* home directory drive string */
620 const char * logon_script; /* logon script string */
621 const char * profile_path; /* profile path string */
622 const char * acct_desc ; /* user description string */
623 const char * workstations; /* login from workstations string */
624 const char * unknown_str ; /* don't know what this is, yet. */
625 const char * munged_dial ; /* munged path name and dial-back tel number */
627 uid_t uid; /* this is a unix uid_t */
628 gid_t gid; /* this is a unix gid_t */
629 DOM_SID user_sid; /* Primary User SID */
630 DOM_SID group_sid; /* Primary Group SID */
632 DATA_BLOB lm_pw; /* .data is Null if no password */
633 DATA_BLOB nt_pw; /* .data is Null if no password */
634 char* plaintext_pw; /* is Null if not available */
636 uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
637 uint32 unknown_3; /* 0x00ff ffff */
639 uint16 logon_divs; /* 168 - number of hours in a week */
640 uint32 hours_len; /* normally 21 bytes */
641 uint8 hours[MAX_HOURS_LEN];
643 uint32 unknown_5; /* 0x0002 0000 */
644 uint32 unknown_6; /* 0x0000 04ec */
647 /* Lets see if the remaining code can get the hint that you
648 are meant to use the pdb_...() functions. */
653 * Flags for account policy.
655 #define AP_MIN_PASSWORD_LEN 1
656 #define AP_PASSWORD_HISTORY 2
657 #define AP_USER_MUST_LOGON_TO_CHG_PASS 3
658 #define AP_MAX_PASSWORD_AGE 4
659 #define AP_MIN_PASSWORD_AGE 5
660 #define AP_LOCK_ACCOUNT_DURATION 6
661 #define AP_RESET_COUNT_TIME 7
662 #define AP_BAD_ATTEMPT_LOCKOUT 8
663 #define AP_TIME_TO_LOGOUT 9
667 * Flags for local user manipulation.
670 #define LOCAL_ADD_USER 0x1
671 #define LOCAL_DELETE_USER 0x2
672 #define LOCAL_DISABLE_USER 0x4
673 #define LOCAL_ENABLE_USER 0x8
674 #define LOCAL_TRUST_ACCOUNT 0x10
675 #define LOCAL_SET_NO_PASSWORD 0x20
676 #define LOCAL_SET_PASSWORD 0x40
677 #define LOCAL_SET_LDAP_ADMIN_PW 0x80
678 #define LOCAL_INTERDOM_ACCOUNT 0x100
679 #define LOCAL_AM_ROOT 0x200 /* Act as root */
681 /* key and data in the connections database - used in smbstatus and smbd */
682 struct connections_key {
688 struct connections_data {
696 char machine[FSTRING_LEN];
698 uint32 bcast_msg_flags;
701 /* the following are used by loadparm for option lists */
704 P_BOOL,P_BOOLREV,P_CHAR,P_INTEGER,P_OCTAL,P_LIST,
705 P_STRING,P_USTRING,P_ENUM,P_SEP
710 P_LOCAL,P_GLOBAL,P_SEPARATOR,P_NONE
724 BOOL (*special)(const char *, char **);
725 const struct enum_list *enum_list;
741 #define FLAG_BASIC 0x0001 /* fundamental options */
742 #define FLAG_SHARE 0x0002 /* file sharing options */
743 #define FLAG_PRINT 0x0004 /* printing options */
744 #define FLAG_GLOBAL 0x0008 /* local options that should be globally settable in SWAT */
745 #define FLAG_WIZARD 0x0010 /* Parameters that the wizard will operate on */
746 #define FLAG_ADVANCED 0x0020 /* Parameters that the wizard will operate on */
747 #define FLAG_DEVELOPER 0x0040 /* Parameters that the wizard will operate on */
748 #define FLAG_DEPRECATED 0x1000 /* options that should no longer be used */
749 #define FLAG_HIDE 0x2000 /* options that should be hidden in SWAT */
750 #define FLAG_DOS_STRING 0x4000 /* convert from UNIX to DOS codepage when reading this string. */
751 #define FLAG_CMDLINE 0x8000 /* this option was set from the command line */
753 #ifndef LOCKING_VERSION
754 #define LOCKING_VERSION 4
755 #endif /* LOCKING_VERSION */
758 /* the basic packet size, assuming no words or bytes. Does not include the NBT header */
759 #define MIN_SMB_SIZE 35
761 /* when using NBT encapsulation every packet has a 4 byte header */
762 #define NBT_HDR_SIZE 4
764 /* offsets into message header for common items - NOTE: These have
765 changed from being offsets from the base of the NBT packet to the base of the SMB packet.
766 this has reduced all these values by 4
774 #define HDR_PIDHIGH 12
775 #define HDR_SS_FIELD 14
784 /* types of buffers in core SMB protocol */
785 #define SMB_DATA_BLOCK 0x1
786 #define SMB_ASCII4 0x4
789 /* flag defines. CIFS spec 3.1.1 */
790 #define FLAG_SUPPORT_LOCKREAD 0x01
791 #define FLAG_CLIENT_BUF_AVAIL 0x02
792 #define FLAG_RESERVED 0x04
793 #define FLAG_CASELESS_PATHNAMES 0x08
794 #define FLAG_CANONICAL_PATHNAMES 0x10
795 #define FLAG_REQUEST_OPLOCK 0x20
796 #define FLAG_REQUEST_BATCH_OPLOCK 0x40
797 #define FLAG_REPLY 0x80
800 #define SMBmkdir 0x00 /* create directory */
801 #define SMBrmdir 0x01 /* delete directory */
802 #define SMBopen 0x02 /* open file */
803 #define SMBcreate 0x03 /* create file */
804 #define SMBclose 0x04 /* close file */
805 #define SMBflush 0x05 /* flush file */
806 #define SMBunlink 0x06 /* delete file */
807 #define SMBmv 0x07 /* rename file */
808 #define SMBgetatr 0x08 /* get file attributes */
809 #define SMBsetatr 0x09 /* set file attributes */
810 #define SMBread 0x0A /* read from file */
811 #define SMBwrite 0x0B /* write to file */
812 #define SMBlock 0x0C /* lock byte range */
813 #define SMBunlock 0x0D /* unlock byte range */
814 #define SMBctemp 0x0E /* create temporary file */
815 #define SMBmknew 0x0F /* make new file */
816 #define SMBchkpth 0x10 /* check directory path */
817 #define SMBexit 0x11 /* process exit */
818 #define SMBlseek 0x12 /* seek */
819 #define SMBtcon 0x70 /* tree connect */
820 #define SMBtconX 0x75 /* tree connect and X*/
821 #define SMBtdis 0x71 /* tree disconnect */
822 #define SMBnegprot 0x72 /* negotiate protocol */
823 #define SMBdskattr 0x80 /* get disk attributes */
824 #define SMBsearch 0x81 /* search directory */
825 #define SMBsplopen 0xC0 /* open print spool file */
826 #define SMBsplwr 0xC1 /* write to print spool file */
827 #define SMBsplclose 0xC2 /* close print spool file */
828 #define SMBsplretq 0xC3 /* return print queue */
829 #define SMBsends 0xD0 /* send single block message */
830 #define SMBsendb 0xD1 /* send broadcast message */
831 #define SMBfwdname 0xD2 /* forward user name */
832 #define SMBcancelf 0xD3 /* cancel forward */
833 #define SMBgetmac 0xD4 /* get machine name */
834 #define SMBsendstrt 0xD5 /* send start of multi-block message */
835 #define SMBsendend 0xD6 /* send end of multi-block message */
836 #define SMBsendtxt 0xD7 /* send text of multi-block message */
839 #define SMBlockread 0x13 /* Lock a range and read */
840 #define SMBwriteunlock 0x14 /* write then range then unlock it */
841 #define SMBreadbraw 0x1a /* read a block of data with no smb header */
842 #define SMBwritebraw 0x1d /* write a block of data with no smb header */
843 #define SMBwritec 0x20 /* secondary write request */
844 #define SMBwriteclose 0x2c /* write a file then close it */
846 /* dos extended protocol */
847 #define SMBreadBraw 0x1A /* read block raw */
848 #define SMBreadBmpx 0x1B /* read block multiplexed */
849 #define SMBreadBs 0x1C /* read block (secondary response) */
850 #define SMBwriteBraw 0x1D /* write block raw */
851 #define SMBwriteBmpx 0x1E /* write block multiplexed */
852 #define SMBwriteBs 0x1F /* write block (secondary request) */
853 #define SMBwriteC 0x20 /* write complete response */
854 #define SMBsetattrE 0x22 /* set file attributes expanded */
855 #define SMBgetattrE 0x23 /* get file attributes expanded */
856 #define SMBlockingX 0x24 /* lock/unlock byte ranges and X */
857 #define SMBtrans 0x25 /* transaction - name, bytes in/out */
858 #define SMBtranss 0x26 /* transaction (secondary request/response) */
859 #define SMBioctl 0x27 /* IOCTL */
860 #define SMBioctls 0x28 /* IOCTL (secondary request/response) */
861 #define SMBcopy 0x29 /* copy */
862 #define SMBmove 0x2A /* move */
863 #define SMBecho 0x2B /* echo */
864 #define SMBopenX 0x2D /* open and X */
865 #define SMBreadX 0x2E /* read and X */
866 #define SMBwriteX 0x2F /* write and X */
867 #define SMBsesssetupX 0x73 /* Session Set Up & X (including User Logon) */
868 #define SMBffirst 0x82 /* find first */
869 #define SMBfunique 0x83 /* find unique */
870 #define SMBfclose 0x84 /* find close */
871 #define SMBkeepalive 0x85 /* keepalive */
872 #define SMBinvalid 0xFE /* invalid command */
874 /* Extended 2.0 protocol */
875 #define SMBtrans2 0x32 /* TRANS2 protocol set */
876 #define SMBtranss2 0x33 /* TRANS2 protocol set, secondary command */
877 #define SMBfindclose 0x34 /* Terminate a TRANSACT2_FINDFIRST */
878 #define SMBfindnclose 0x35 /* Terminate a TRANSACT2_FINDNOTIFYFIRST */
879 #define SMBulogoffX 0x74 /* user logoff */
881 /* NT SMB extensions. */
882 #define SMBnttrans 0xA0 /* NT transact */
883 #define SMBnttranss 0xA1 /* NT transact secondary */
884 #define SMBntcreateX 0xA2 /* NT create and X */
885 #define SMBntcancel 0xA4 /* NT cancel */
887 /* used to indicate end of chain */
888 #define SMB_CHAIN_NONE 0xFF
890 /* These are the trans subcommands */
891 #define TRANSACT_SETNAMEDPIPEHANDLESTATE 0x01
892 #define TRANSACT_DCERPCCMD 0x26
893 #define TRANSACT_WAITNAMEDPIPEHANDLESTATE 0x53
895 /* These are the NT transact sub commands. */
896 #define NT_TRANSACT_CREATE 1
897 #define NT_TRANSACT_IOCTL 2
898 #define NT_TRANSACT_SET_SECURITY_DESC 3
899 #define NT_TRANSACT_NOTIFY_CHANGE 4
900 #define NT_TRANSACT_RENAME 5
901 #define NT_TRANSACT_QUERY_SECURITY_DESC 6
903 /* this is used on a TConX. I'm not sure the name is very helpful though */
904 #define SMB_SUPPORT_SEARCH_BITS 0x0001
905 #define SMB_SHARE_IN_DFS 0x0002
907 /* Named pipe write mode flags. Used in writeX calls. */
908 #define PIPE_RAW_MODE 0x4
909 #define PIPE_START_MESSAGE 0x8
911 /* the desired access to use when opening a pipe */
912 #define DESIRED_ACCESS_PIPE 0x2019f
915 /* Mapping of generic access rights for files to specific rights. */
916 #define FILE_GENERIC_ALL (STANDARD_RIGHTS_REQUIRED_ACCESS| NT_ACCESS_SYNCHRONIZE_ACCESS|FILE_ALL_ACCESS)
918 #define FILE_GENERIC_READ (STANDARD_RIGHTS_READ_ACCESS|FILE_READ_DATA|FILE_READ_ATTRIBUTES|\
919 FILE_READ_EA|NT_ACCESS_SYNCHRONIZE_ACCESS)
921 #define FILE_GENERIC_WRITE (STANDARD_RIGHTS_WRITE_ACCESS|FILE_WRITE_DATA|FILE_WRITE_ATTRIBUTES|\
922 FILE_WRITE_EA|FILE_APPEND_DATA|NT_ACCESS_SYNCHRONIZE_ACCESS)
924 #define FILE_GENERIC_EXECUTE (STANDARD_RIGHTS_EXECUTE_ACCESS|FILE_READ_ATTRIBUTES|\
925 FILE_EXECUTE|NT_ACCESS_SYNCHRONIZE_ACCESS)
928 /* FileAttributes (search attributes) field */
929 #define FILE_ATTRIBUTE_READONLY 0x0001
930 #define FILE_ATTRIBUTE_HIDDEN 0x0002
931 #define FILE_ATTRIBUTE_SYSTEM 0x0004
932 #define FILE_ATTRIBUTE_VOLUME 0x0008
933 #define FILE_ATTRIBUTE_DIRECTORY 0x0010
934 #define FILE_ATTRIBUTE_ARCHIVE 0x0020
935 #define FILE_ATTRIBUTE_DEVICE 0x0040
936 #define FILE_ATTRIBUTE_NORMAL 0x0080
937 #define FILE_ATTRIBUTE_TEMPORARY 0x0100
938 #define FILE_ATTRIBUTE_SPARSE 0x0200
939 #define FILE_ATTRIBUTE_REPARSE_POINT 0x0400
940 #define FILE_ATTRIBUTE_COMPRESSED 0x0800
941 #define FILE_ATTRIBUTE_OFFLINE 0x1000
942 #define FILE_ATTRIBUTE_NONINDEXED 0x2000
943 #define FILE_ATTRIBUTE_ENCRYPTED 0x4000
945 /* Flags - combined with attributes. */
946 #define FILE_FLAG_WRITE_THROUGH 0x80000000L
947 #define FILE_FLAG_NO_BUFFERING 0x20000000L
948 #define FILE_FLAG_RANDOM_ACCESS 0x10000000L
949 #define FILE_FLAG_SEQUENTIAL_SCAN 0x08000000L
950 #define FILE_FLAG_DELETE_ON_CLOSE 0x04000000L
951 #define FILE_FLAG_BACKUP_SEMANTICS 0x02000000L
952 #define FILE_FLAG_POSIX_SEMANTICS 0x01000000L
954 /* Responses when opening a file. */
955 #define FILE_WAS_SUPERSEDED 0
956 #define FILE_WAS_OPENED 1
957 #define FILE_WAS_CREATED 2
958 #define FILE_WAS_OVERWRITTEN 3
960 /* File type flags */
961 #define FILE_TYPE_DISK 0
962 #define FILE_TYPE_BYTE_MODE_PIPE 1
963 #define FILE_TYPE_MESSAGE_MODE_PIPE 2
964 #define FILE_TYPE_PRINTER 3
965 #define FILE_TYPE_COMM_DEVICE 4
966 #define FILE_TYPE_UNKNOWN 0xFFFF
968 /* Flag for NT transact rename call. */
969 #define RENAME_REPLACE_IF_EXISTS 1
971 /* Filesystem Attributes. */
972 #define FILE_CASE_SENSITIVE_SEARCH 0x01
973 #define FILE_CASE_PRESERVED_NAMES 0x02
974 #define FILE_UNICODE_ON_DISK 0x04
975 /* According to cifs9f, this is 4, not 8 */
976 /* Acconding to testing, this actually sets the security attribute! */
977 #define FILE_PERSISTENT_ACLS 0x08
978 /* These entries added from cifs9f --tsb */
979 #define FILE_FILE_COMPRESSION 0x10
980 #define FILE_VOLUME_QUOTAS 0x20
981 /* I think this is wrong. JRA #define FILE_DEVICE_IS_MOUNTED 0x20 */
982 #define FILE_VOLUME_SPARSE_FILE 0x40
983 #define FILE_VOLUME_IS_COMPRESSED 0x8000
985 /* ChangeNotify flags. */
986 #define FILE_NOTIFY_CHANGE_FILE 0x001
987 #define FILE_NOTIFY_CHANGE_DIR_NAME 0x002
988 #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x004
989 #define FILE_NOTIFY_CHANGE_SIZE 0x008
990 #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x010
991 #define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x020
992 #define FILE_NOTIFY_CHANGE_CREATION 0x040
993 #define FILE_NOTIFY_CHANGE_EA 0x080
994 #define FILE_NOTIFY_CHANGE_SECURITY 0x100
995 #define FILE_NOTIFY_CHANGE_FILE_NAME 0x200
997 /* change notify action results */
998 #define NOTIFY_ACTION_ADDED 1
999 #define NOTIFY_ACTION_REMOVED 2
1000 #define NOTIFY_ACTION_MODIFIED 3
1001 #define NOTIFY_ACTION_OLD_NAME 4
1002 #define NOTIFY_ACTION_NEW_NAME 5
1003 #define NOTIFY_ACTION_ADDED_STREAM 6
1004 #define NOTIFY_ACTION_REMOVED_STREAM 7
1005 #define NOTIFY_ACTION_MODIFIED_STREAM 8
1007 /* seek modes for smb_seek */
1008 #define SEEK_MODE_START 0
1009 #define SEEK_MODE_CURRENT 1
1010 #define SEEK_MODE_END 2
1012 /* where to find the base of the SMB packet proper */
1013 /* REWRITE TODO: smb_base needs to be removed */
1014 #define smb_base(buf) (((char *)(buf))+4)
1016 /* we don't allow server strings to be longer than 48 characters as
1017 otherwise NT will not honour the announce packets */
1018 #define MAX_SERVER_STRING_LENGTH 48
1021 #define SMB_SUCCESS 0 /* The request was successful. */
1024 void dfs_unlogin(void);
1025 extern int dcelogin_atmost_once;
1029 char *strdup(char *s);
1033 #define SIGNAL_CAST (RETSIGTYPE (*)(int))
1040 /* these are used in NetServerEnum to choose what to receive */
1041 #define SV_TYPE_WORKSTATION 0x00000001
1042 #define SV_TYPE_SERVER 0x00000002
1043 #define SV_TYPE_SQLSERVER 0x00000004
1044 #define SV_TYPE_DOMAIN_CTRL 0x00000008
1045 #define SV_TYPE_DOMAIN_BAKCTRL 0x00000010
1046 #define SV_TYPE_TIME_SOURCE 0x00000020
1047 #define SV_TYPE_AFP 0x00000040
1048 #define SV_TYPE_NOVELL 0x00000080
1049 #define SV_TYPE_DOMAIN_MEMBER 0x00000100
1050 #define SV_TYPE_PRINTQ_SERVER 0x00000200
1051 #define SV_TYPE_DIALIN_SERVER 0x00000400
1052 #define SV_TYPE_SERVER_UNIX 0x00000800
1053 #define SV_TYPE_NT 0x00001000
1054 #define SV_TYPE_WFW 0x00002000
1055 #define SV_TYPE_SERVER_MFPN 0x00004000
1056 #define SV_TYPE_SERVER_NT 0x00008000
1057 #define SV_TYPE_POTENTIAL_BROWSER 0x00010000
1058 #define SV_TYPE_BACKUP_BROWSER 0x00020000
1059 #define SV_TYPE_MASTER_BROWSER 0x00040000
1060 #define SV_TYPE_DOMAIN_MASTER 0x00080000
1061 #define SV_TYPE_SERVER_OSF 0x00100000
1062 #define SV_TYPE_SERVER_VMS 0x00200000
1063 #define SV_TYPE_WIN95_PLUS 0x00400000
1064 #define SV_TYPE_DFS_SERVER 0x00800000
1065 #define SV_TYPE_ALTERNATE_XPORT 0x20000000
1066 #define SV_TYPE_LOCAL_LIST_ONLY 0x40000000
1067 #define SV_TYPE_DOMAIN_ENUM 0x80000000
1068 #define SV_TYPE_ALL 0xFFFFFFFF
1070 /* This was set by JHT in liaison with Jeremy Allison early 1997
1072 * Version 4.0 - never made public
1073 * Version 4.10 - New to 1.9.16p2, lost in space 1.9.16p3 to 1.9.16p9
1074 * - Reappeared in 1.9.16p11 with fixed smbd services
1075 * Version 4.20 - To indicate that nmbd and browsing now works better
1076 * Version 4.50 - Set at release of samba-2.2.0 by JHT
1078 * Note: In the presence of NT4.X do not set above 4.9
1079 * Setting this above 4.9 can have undesired side-effects.
1080 * This may change again in Samba-3.0 after further testing. JHT
1083 #define DEFAULT_MAJOR_VERSION 0x04
1084 #define DEFAULT_MINOR_VERSION 0x09
1086 /* Browser Election Values */
1087 #define BROWSER_ELECTION_VERSION 0x010f
1088 #define BROWSER_CONSTANT 0xaa55
1090 /* Sercurity mode bits. */
1091 #define NEGOTIATE_SECURITY_USER_LEVEL 0x01
1092 #define NEGOTIATE_SECURITY_CHALLENGE_RESPONSE 0x02
1093 #define NEGOTIATE_SECURITY_SIGNATURES_ENABLED 0x04
1094 #define NEGOTIATE_SECURITY_SIGNATURES_REQUIRED 0x08
1096 /* NT Flags2 bits - cifs6.txt section 3.1.2 */
1098 #define FLAGS2_LONG_PATH_COMPONENTS 0x0001
1099 #define FLAGS2_EXTENDED_ATTRIBUTES 0x0002
1100 #define FLAGS2_SMB_SECURITY_SIGNATURES 0x0004
1101 #define FLAGS2_IS_LONG_NAME 0x0040
1102 #define FLAGS2_EXTENDED_SECURITY 0x0800
1103 #define FLAGS2_DFS_PATHNAMES 0x1000
1104 #define FLAGS2_READ_PERMIT_NO_EXECUTE 0x2000
1105 #define FLAGS2_32_BIT_ERROR_CODES 0x4000
1106 #define FLAGS2_UNICODE_STRINGS 0x8000
1108 #define FLAGS2_WIN2K_SIGNATURE 0xC852 /* Hack alert ! For now... JRA. */
1110 /* Capabilities. see ftp.microsoft.com/developr/drg/cifs/cifs/cifs4.txt */
1112 #define CAP_RAW_MODE 0x0001
1113 #define CAP_MPX_MODE 0x0002
1114 #define CAP_UNICODE 0x0004
1115 #define CAP_LARGE_FILES 0x0008
1116 #define CAP_NT_SMBS 0x0010
1117 #define CAP_RPC_REMOTE_APIS 0x0020
1118 #define CAP_STATUS32 0x0040
1119 #define CAP_LEVEL_II_OPLOCKS 0x0080
1120 #define CAP_LOCK_AND_READ 0x0100
1121 #define CAP_NT_FIND 0x0200
1122 #define CAP_DFS 0x1000
1123 #define CAP_W2K_SMBS 0x2000
1124 #define CAP_LARGE_READX 0x4000
1125 #define CAP_LARGE_WRITEX 0x8000
1126 #define CAP_UNIX 0x800000 /* Capabilities for UNIX extensions. Created by HP. */
1127 #define CAP_EXTENDED_SECURITY 0x80000000
1130 * Global value meaing that the smb_uid field should be
1131 * ingored (in share level security and protocol level == CORE)
1134 #define UID_FIELD_INVALID 0
1135 #define VUID_OFFSET 100 /* Amount to bias returned vuid numbers */
1138 #define LOCKING_ANDX_SHARED_LOCK 0x1
1139 #define LOCKING_ANDX_OPLOCK_RELEASE 0x2
1140 #define LOCKING_ANDX_CHANGE_LOCKTYPE 0x4
1141 #define LOCKING_ANDX_CANCEL_LOCK 0x8
1142 #define LOCKING_ANDX_LARGE_FILES 0x10
1145 #define OPLOCKLEVEL_NONE 0
1146 #define OPLOCKLEVEL_II 1
1149 * Bits we test with.
1153 #define EXCLUSIVE_OPLOCK 1
1154 #define BATCH_OPLOCK 2
1155 #define LEVEL_II_OPLOCK 4
1157 #define CORE_OPLOCK_GRANTED (1<<5)
1158 #define EXTENDED_OPLOCK_GRANTED (1<<15)
1161 * Return values for oplock types.
1164 #define NO_OPLOCK_RETURN 0
1165 #define EXCLUSIVE_OPLOCK_RETURN 1
1166 #define BATCH_OPLOCK_RETURN 2
1167 #define LEVEL_II_OPLOCK_RETURN 3
1170 * Loopback command offsets.
1173 #define OPBRK_CMD_LEN_OFFSET 0
1174 #define OPBRK_CMD_PORT_OFFSET 4
1175 #define OPBRK_CMD_HEADER_LEN 6
1177 #define OPBRK_MESSAGE_CMD_OFFSET 0
1180 #define OPLOCK_BREAK_CMD 0x1
1181 #define KERNEL_OPLOCK_BREAK_CMD 0x2
1182 #define LEVEL_II_OPLOCK_BREAK_CMD 0x3
1183 #define ASYNC_LEVEL_II_OPLOCK_BREAK_CMD 0x4
1186 * Capabilities abstracted for different systems.
1189 #define KERNEL_OPLOCK_CAPABILITY 0x1
1192 * Oplock break command code sent via the kernel interface (if it exists).
1196 * 0 2 2+devsize 2+devsize+inodesize
1197 * +----+--------+--------+----------+
1198 * | cmd| dev | inode | fileid |
1199 * +----+--------+--------+----------+
1201 #define KERNEL_OPLOCK_BREAK_DEV_OFFSET 2
1202 #define KERNEL_OPLOCK_BREAK_INODE_OFFSET (KERNEL_OPLOCK_BREAK_DEV_OFFSET + sizeof(SMB_DEV_T))
1203 #define KERNEL_OPLOCK_BREAK_FILEID_OFFSET (KERNEL_OPLOCK_BREAK_INODE_OFFSET + sizeof(SMB_INO_T))
1204 #define KERNEL_OPLOCK_BREAK_MSG_LEN (KERNEL_OPLOCK_BREAK_FILEID_OFFSET + sizeof(unsigned long))
1207 #define CMD_REPLY 0x8000
1209 #include "smb_macros.h"
1211 /* A netbios name structure. */
1215 unsigned int name_type;
1219 /* A netbios node status array element. */
1220 struct node_status {
1223 unsigned char flags;
1234 uchar smb_lm_pwd[16];
1235 uchar smb_nt_pwd[16];
1237 uchar smb_lm_owf[24];
1238 uchar smb_nt_owf[128];
1241 uchar lm_cli_chal[8];
1242 uchar nt_cli_chal[128];
1243 size_t nt_cli_chal_len;
1248 #include "rpc_creds.h"
1249 #include "rpc_misc.h"
1250 #include "rpc_secdes.h"
1251 #include "nt_printing.h"
1253 typedef struct user_struct
1255 struct user_struct *next, *prev;
1256 uint16 vuid; /* Tag for this entry. */
1257 uid_t uid; /* uid of a validated user */
1258 gid_t gid; /* gid of a validated user */
1260 userdom_struct user;
1267 /* following groups stuff added by ih */
1268 /* This groups info is needed for when we become_user() for this uid */
1272 NT_USER_TOKEN *nt_user_token;
1274 uint8 session_key[16];
1276 char *session_keystr; /* used by utmp and pam session code.
1280 struct auth_serversupplied_info *server_info;
1285 struct unix_error_map {
1292 #include "ntdomain.h"
1297 * Size of new password account encoding string. This is enough space to
1298 * hold 11 ACB characters, plus the surrounding [] and a terminating null.
1299 * Do not change unless you are adding new ACB bits!
1302 #define NEW_PW_FORMAT_SPACE_PADDED_LEN 14
1305 Do you want session setups at user level security with a invalid
1306 password to be rejected or allowed in as guest? WinNT rejects them
1307 but it can be a pain as it means "net view" needs to use a password
1309 You have 3 choices in the setting of map_to_guest:
1311 "NEVER_MAP_TO_GUEST" means session setups with an invalid password
1312 are rejected. This is the default.
1314 "MAP_TO_GUEST_ON_BAD_USER" means session setups with an invalid password
1315 are rejected, unless the username does not exist, in which case it
1316 is treated as a guest login
1318 "MAP_TO_GUEST_ON_BAD_PASSWORD" means session setups with an invalid password
1319 are treated as a guest login
1321 Note that map_to_guest only has an effect in user or server
1325 #define NEVER_MAP_TO_GUEST 0
1326 #define MAP_TO_GUEST_ON_BAD_USER 1
1327 #define MAP_TO_GUEST_ON_BAD_PASSWORD 2
1329 #define SAFE_NETBIOS_CHARS ". -_"
1331 /* generic iconv conversion structure */
1333 size_t (*direct)(void *cd, const char **inbuf, size_t *inbytesleft,
1334 char **outbuf, size_t *outbytesleft);
1335 size_t (*pull)(void *cd, const char **inbuf, size_t *inbytesleft,
1336 char **outbuf, size_t *outbytesleft);
1337 size_t (*push)(void *cd, const char **inbuf, size_t *inbytesleft,
1338 char **outbuf, size_t *outbytesleft);
1339 void *cd_direct, *cd_pull, *cd_push;
1340 char *from_name, *to_name;
1343 /* The maximum length of a trust account password.
1344 Used when we randomly create it, 15 char passwords
1345 exceed NT4's max password length */
1347 #define DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH 14
1349 /* Module support */
1350 typedef int (init_module_function) (void);
1353 /* a set of flags to control handling of request structures */
1354 #define REQ_CONTROL_PROTECTED (1<<0) /* don't destroy this request */
1355 #define REQ_CONTROL_LARGE (1<<1) /* allow replies larger than max_xmit */
1356 #define REQ_CONTROL_ASYNC (1<<2) /* the backend will answer this one later */
1358 /* passed to br lock code */
1359 enum brl_type {READ_LOCK, WRITE_LOCK, PENDING_LOCK};
1361 #include "popt_common.h"