/*
Unix SMB/Netbios implementation.
- Version 1.9.
- SMB parameters and setup
+ SMB parameters and setup, plus a whole lot more.
+
Copyright (C) Andrew Tridgell 1992-2000
Copyright (C) John H Terpstra 1996-2000
Copyright (C) Luke Kenneth Casson Leighton 1996-2000
Copyright (C) Paul Ashton 1998-2000
+ Copyright (C) Martin Pool 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#define BUFFER_SIZE (0xFFFF)
#define SAFETY_MARGIN 1024
+#define LARGE_WRITEX_HDR_SIZE 65
#define NMB_PORT 137
#define DGRAM_PORT 138
#define True (1)
#define Auto (2)
-typedef unsigned char BYTE;
-
#ifndef _BOOL
typedef int BOOL;
#define _BOOL /* So we don't typedef BOOL again in vfs.h */
#define DEF_CREATE_MASK (0755)
#endif
+/* string manipulation flags - see clistr.c and srvstr.c */
+#define STR_TERMINATE 1
+#define STR_UPPER 2
+#define STR_ASCII 4
+#define STR_UNICODE 8
+#define STR_NOALIGN 16
+
/* how long to wait for secondary SMB packets (milli-seconds) */
#define SMB_SECONDARY_WAIT (60*1000)
#define GET_OPEN_MODE(x) ((x) & OPEN_MODE_MASK)
#define SET_OPEN_MODE(x) ((x) & OPEN_MODE_MASK)
#define GET_DENY_MODE(x) (((x)>>SHARE_MODE_SHIFT) & SHARE_MODE_MASK)
-#define SET_DENY_MODE(x) ((x)<<SHARE_MODE_SHIFT)
+#define SET_DENY_MODE(x) (((x) & SHARE_MODE_MASK) <<SHARE_MODE_SHIFT)
/* Sync on open file (not sure if used anymore... ?) */
#define FILE_SYNC_OPENMODE (1<<14)
#define GET_DELETE_ON_CLOSE_FLAG(x) (((x) & DELETE_ON_CLOSE_FLAG) ? True : False)
#define SET_DELETE_ON_CLOSE_FLAG(x) ((x) ? DELETE_ON_CLOSE_FLAG : 0)
+/* was delete access requested in NT open ? */
+#define DELETE_ACCESS_REQUESTED (1<<17)
+#define GET_DELETE_ACCESS_REQUESTED(x) (((x) & DELETE_ACCESS_REQUESTED) ? True : False)
+#define SET_DELETE_ACCESS_REQUESTED(x) ((x) ? DELETE_ACCESS_REQUESTED : 0)
+
/* open disposition values */
#define FILE_EXISTS_FAIL 0
#define FILE_EXISTS_OPEN 1
#define STYPE_IPC 3 /* Interprocess communication (IPC) */
#define STYPE_HIDDEN 0x80000000 /* share is a hidden one (ends with $) */
-/* SMB X/Open error codes for the ERRDOS error class */
-#define ERRbadfunc 1 /* Invalid function (or system call) */
-#define ERRbadfile 2 /* File not found (pathname error) */
-#define ERRbadpath 3 /* Directory not found */
-#define ERRnofids 4 /* Too many open files */
-#define ERRnoaccess 5 /* Access denied */
-#define ERRbadfid 6 /* Invalid fid */
-#define ERRnomem 8 /* Out of memory */
-#define ERRbadmem 9 /* Invalid memory block address */
-#define ERRbadenv 10 /* Invalid environment */
-#define ERRbadaccess 12 /* Invalid open mode */
-#define ERRbaddata 13 /* Invalid data (only from ioctl call) */
-#define ERRres 14 /* reserved */
-#define ERRbaddrive 15 /* Invalid drive */
-#define ERRremcd 16 /* Attempt to delete current directory */
-#define ERRdiffdevice 17 /* rename/move across different filesystems */
-#define ERRnofiles 18 /* no more files found in file search */
-#define ERRbadshare 32 /* Share mode on file conflict with open mode */
-#define ERRlock 33 /* Lock request conflicts with existing lock */
-#define ERRunsup 50 /* Request unsupported, returned by Win 95, RJS 20Jun98 */
-#define ERRnosuchshare 67 /* You specified an invalid share name */
-#define ERRfilexists 80 /* File in operation already exists */
-#define ERRcannotopen 110 /* Cannot open the file specified */
-#define ERRunknownlevel 124
-#define ERRrename 183
-#define ERRbadpipe 230 /* Named pipe invalid */
-#define ERRpipebusy 231 /* All instances of pipe are busy */
-#define ERRpipeclosing 232 /* named pipe close in progress */
-#define ERRnotconnected 233 /* No process on other end of named pipe */
-#define ERRmoredata 234 /* More data to be returned */
-#define ERRbaddirectory 267 /* Invalid directory name in a path. */
-#define ERRunknownipc 2142
-#define ERRbuftoosmall 2123
-
-#define ERROR_INVALID_FUNCTION (1)
-#define ERROR_ACCESS_DENIED (5)
-#define ERROR_INVALID_HANDLE (6)
-#define ERROR_NOT_ENOUGH_MEMORY (8)
-#define ERROR_INVALID_PARAMETER (87)
-#define ERROR_INSUFFICIENT_BUFFER (122)
-#define ERROR_INVALID_NAME (123)
-#define ERROR_INVALID_LEVEL (124)
-#define ERROR_MORE_DATA (234)
-#define ERROR_NO_MORE_ITEMS (259)
-#define ERROR_EAS_DIDNT_FIT (275) /* Extended attributes didn't fit */
-#define ERROR_EAS_NOT_SUPPORTED (282) /* Extended attributes not supported */
-#define ERROR_NOTIFY_ENUM_DIR (1022) /* Buffer too small to return change notify. */
-#define ERROR_UNKNOWN_PRINTER_DRIVER (1797)
-#define ERROR_INVALID_PRINTER_NAME (1801)
-#define ERROR_INVALID_DATATYPE (1804)
-#define ERROR_INVALID_ENVIRONMENT (1805)
-
-/* here's a special one from observing NT */
-#define ERRnoipc 66 /* don't support ipc */
-
-/* Error codes for the ERRSRV class */
-
-#define ERRerror 1 /* Non specific error code */
-#define ERRbadpw 2 /* Bad password */
-#define ERRbadtype 3 /* reserved */
-#define ERRaccess 4 /* No permissions to do the requested operation */
-#define ERRinvnid 5 /* tid invalid */
-#define ERRinvnetname 6 /* Invalid servername */
-#define ERRinvdevice 7 /* Invalid device */
-#define ERRqfull 49 /* Print queue full */
-#define ERRqtoobig 50 /* Queued item too big */
-#define ERRinvpfid 52 /* Invalid print file in smb_fid */
-#define ERRsmbcmd 64 /* Unrecognised command */
-#define ERRsrverror 65 /* smb server internal error */
-#define ERRfilespecs 67 /* fid and pathname invalid combination */
-#define ERRbadlink 68 /* reserved */
-#define ERRbadpermits 69 /* Access specified for a file is not valid */
-#define ERRbadpid 70 /* reserved */
-#define ERRsetattrmode 71 /* attribute mode invalid */
-#define ERRpaused 81 /* Message server paused */
-#define ERRmsgoff 82 /* Not receiving messages */
-#define ERRnoroom 83 /* No room for message */
-#define ERRrmuns 87 /* too many remote usernames */
-#define ERRtimeout 88 /* operation timed out */
-#define ERRnoresource 89 /* No resources currently available for request. */
-#define ERRtoomanyuids 90 /* too many userids */
-#define ERRbaduid 91 /* bad userid */
-#define ERRuseMPX 250 /* temporarily unable to use raw mode, use MPX mode */
-#define ERRuseSTD 251 /* temporarily unable to use raw mode, use standard mode */
-#define ERRcontMPX 252 /* resume MPX mode */
-#define ERRbadPW /* reserved */
-#define ERRnosupport 0xFFFF
-#define ERRunknownsmb 22 /* from NT 3.5 response */
-
-
-/* Error codes for the ERRHRD class */
-
-#define ERRnowrite 19 /* read only media */
-#define ERRbadunit 20 /* Unknown device */
-#define ERRnotready 21 /* Drive not ready */
-#define ERRbadcmd 22 /* Unknown command */
-#define ERRdata 23 /* Data (CRC) error */
-#define ERRbadreq 24 /* Bad request structure length */
-#define ERRseek 25
-#define ERRbadmedia 26
-#define ERRbadsector 27
-#define ERRnopaper 28
-#define ERRwrite 29 /* write fault */
-#define ERRread 30 /* read fault */
-#define ERRgeneral 31 /* General hardware failure */
-#define ERRwrongdisk 34
-#define ERRFCBunavail 35
-#define ERRsharebufexc 36 /* share buffer exceeded */
-#define ERRdiskfull 39
+#include "doserr.h"
+
+
#ifndef _PSTRING
#define PSTRING_LEN 1024
-#define FSTRING_LEN 128
+#define FSTRING_LEN 256
+
+#ifdef PSTRING_SANCTIFY
+
+/* If you define this, pstring and fstring become distinguished types,
+ * so that it's harder to accidentally overflow them by for example
+ * passing an fstring on the lhs of pstrcpy.
+ *
+ * The types are defined as one-element union arrays so that with
+ * "fstring f" the name "f" will be a pointer and with a big hammer
+ * you can cast it to (char *). So code that tries to just use it
+ * directly will get a loud warning, but hopefully nothing worse.
+ *
+ * To pass them to non-pstring-aware functions, use PSTR and check
+ * that the function takes a const. They should almost never be
+ * modified except by special calls. In those unusual cases, use
+ * PSTR_MUTABLE.
+ *
+ * This is off by default so as not to produce too many warnings. As
+ * the code is vetted it can become the default. */
+
+typedef union { char pstring_contents[PSTRING_LEN]; } pstring[1];
+typedef union { char fstring_contents[FSTRING_LEN]; } fstring[1];
+
+# define PSTR(p) ((const char *) ((p)->pstring_contents))
+# define FSTR(f) ((const char *) ((f)->fstring_contents))
+
+/* You should not normally use these. Instead, use pstrcpy, etc. */
+# define PSTR_MUTABLE(p) ((p)->pstring_contents)
+# define FSTR_MUTABLE(f) ((f)->fstring_contents)
+
+/* See also safe_string.h */
+
+#else /* ndef PSTRING_SANCTIFY */
+
+/* Old interface. */
typedef char pstring[PSTRING_LEN];
typedef char fstring[FSTRING_LEN];
+#define PSTR(p) (p)
+#define FSTR(f) (f)
+#define PSTR_MUTABLE(p) (p)
+#define FSTR_MUTABLE(f) (f)
+
+#endif /* ndef PSTRING_SANCTIFY */
+
#define _PSTRING
-#endif
+#endif /* ndef _PSTRING */
+
+
/*
* SMB UCS2 (16-bit unicode) internal type.
typedef uint16 smb_ucs2_t;
/* ucs2 string types. */
-typedef smb_ucs2_t wpstring[1024];
-typedef smb_ucs2_t wfstring[128];
+typedef smb_ucs2_t wpstring[PSTRING_LEN];
+typedef smb_ucs2_t wfstring[FSTRING_LEN];
+
+
+#ifdef WORDS_BIGENDIAN
+#define UCS2_SHIFT 8
+#else
+#define UCS2_SHIFT 0
+#endif
+
+/* turn a 7 bit character into a ucs2 character */
+#define UCS2_CHAR(c) ((c) << UCS2_SHIFT)
/* pipe string names */
#define PIPE_LANMAN "\\PIPE\\LANMAN"
{
uint32 low;
uint32 high;
-
} NTTIME;
+
+/* the following rather strange looking definitions of NTSTATUS and WERROR
+ and there in order to catch common coding errors where different error types
+ are mixed up. This is especially important as we slowly convert Samba
+ from using BOOL for internal functions
+*/
+#if defined(HAVE_IMMEDIATE_STRUCTURES)
+typedef struct {uint32 v;} NTSTATUS;
+#define NT_STATUS(x) ((NTSTATUS) { x })
+#define NT_STATUS_V(x) ((x).v)
+#else
+typedef uint32 NTSTATUS;
+#define NT_STATUS(x) (x)
+#define NT_STATUS_V(x) (x)
+#endif
+
+#if defined(HAVE_IMMEDIATE_STRUCTURES)
+typedef struct {uint32 v;} WERROR;
+#define W_ERROR(x) ((WERROR) { x })
+#define W_ERROR_V(x) ((x).v)
+#else
+typedef uint32 WERROR;
+#define W_ERROR(x) (x)
+#define W_ERROR_V(x) (x)
+#endif
+
+#define NT_STATUS_IS_OK(x) (NT_STATUS_V(x) == 0)
+#define NT_STATUS_IS_ERR(x) ((NT_STATUS_V(x) & 0xc0000000) == 0xc0000000)
+#define NT_STATUS_EQUAL(x,y) (NT_STATUS_V(x) == NT_STATUS_V(y))
+#define W_ERROR_IS_OK(x) (W_ERROR_V(x) == 0)
+
+
/* Allowable account control bits */
#define ACB_DISABLED 0x0001 /* 1 = User account disabled */
#define ACB_HOMDIRREQ 0x0002 /* 1 = Home directory required */
#define MAX_HOURS_LEN 32
-struct sam_disp_info
-{
- uint32 user_rid; /* Primary User ID */
- char *smb_name; /* username string */
- char *full_name; /* user's full name string */
-};
-
typedef struct
{
uint32 pid;
#endif
#ifndef _DOM_SID
-/* DOM_SID - security id */
+/**
+ * @brief Security Identifier
+ *
+ * @sa http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/accctrl_38yn.asp
+ **/
typedef struct sid_info
{
- uint8 sid_rev_num; /* SID revision number */
- uint8 num_auths; /* number of sub-authorities */
- uint8 id_auth[6]; /* Identifier Authority */
+ uint8 sid_rev_num; /**< SID revision number */
+ uint8 num_auths; /**< Number of sub-authorities */
+ uint8 id_auth[6]; /**< Identifier Authority */
/*
- * Note that the values in these uint32's are in *native* byteorder,
- * not neccessarily little-endian...... JRA.
+ * Pointer to sub-authorities.
+ *
+ * @note The values in these uint32's are in *native* byteorder, not
+ * neccessarily little-endian...... JRA.
*/
- uint32 sub_auths[MAXSUBAUTHS]; /* pointer to sub-authorities. */
+ uint32 sub_auths[MAXSUBAUTHS];
} DOM_SID;
#define _DOM_SID
*
* token->user_sids[0] = primary user SID.
* token->user_sids[1] = primary group SID.
- * token->user_sids[2-num_sids] = supplementary group SIDS.
+ * token->user_sids[2..num_sids] = supplementary group SIDS.
*/
+#define PRIMARY_USER_SID_INDEX 0
+#define PRIMARY_GROUP_SID_INDEX 1
+
#ifndef _NT_USER_TOKEN
typedef struct _nt_user_token {
size_t num_sids;
} DOMAIN_GRP_MEMBER;
-/* DOM_CHAL - challenge info */
-typedef struct chal_info
-{
- uchar data[8]; /* credentials */
-} DOM_CHAL;
-
/* 32 bit time (sec) since 01jan1970 - cifs6.txt, section 3.5, page 30 */
typedef struct time_info
{
uint32 time;
} UTIME;
-/* DOM_CREDs - timestamped client or server credentials */
-typedef struct cred_info
-{
- DOM_CHAL challenge; /* credentials */
- UTIME timestamp; /* credential time-stamp */
-} DOM_CRED;
-
/* Structure used when SMBwritebmpx is active */
typedef struct
{
char *data;
} write_cache;
+typedef struct
+{
+ smb_ucs2_t *path;
+ smb_ucs2_t *name;
+ smb_ucs2_t *unixname;
+ smb_ucs2_t *dosname;
+ SMB_STRUCT_STAT *statinfo;
+} smb_filename;
+
+
typedef struct files_struct
{
struct files_struct *next, *prev;
time_t pending_modtime;
int oplock_type;
int sent_oplock_break;
+ unsigned long file_id;
BOOL can_lock;
BOOL can_read;
BOOL can_write;
char *fsp_name;
} files_struct;
+/* used to hold an arbitrary blob of data */
+typedef struct data_blob {
+ uint8 *data;
+ size_t length;
+ void (*free)(struct data_blob *data_blob);
+} DATA_BLOB;
+
/*
* Structure used to keep directory state information around.
* Used in NT change-notify code.
#define EXCLUSIVE_BREAK_SENT 1
#define LEVEL_II_BREAK_SENT 2
-/* Domain controller authentication protocol info */
-struct dcinfo
-{
- DOM_CHAL clnt_chal; /* Initial challenge received from client */
- DOM_CHAL srv_chal; /* Initial server challenge */
- DOM_CRED clnt_cred; /* Last client credential */
- DOM_CRED srv_cred; /* Last server credential */
-
- uchar sess_key[8]; /* Session key */
- uchar md4pw[16]; /* md4(machine password) */
-};
-
-
typedef struct {
fstring smb_name; /* user name from the client */
fstring unix_name; /* unix user name of a validated user */
fstring domain; /* domain that the client specified */
} userdom_struct;
-enum {LPQ_QUEUED,LPQ_PAUSED,LPQ_SPOOLING,LPQ_PRINTING};
+/* Extra fields above "LPQ_PRINTING" are used to map extra NT status codes. */
+
+enum {LPQ_QUEUED=0,LPQ_PAUSED,LPQ_SPOOLING,LPQ_PRINTING,LPQ_ERROR,LPQ_DELETING,
+ LPQ_OFFLINE,LPQ_PAPEROUT,LPQ_PRINTED,LPQ_DELETED,LPQ_BLOCKED,LPQ_USER_INTERVENTION};
typedef struct _print_queue_struct
{
};
/* struct returned by get_share_modes */
-typedef struct
-{
- pid_t pid;
- uint16 op_port;
- uint16 op_type;
- int share_mode;
- struct timeval time;
+typedef struct {
+ pid_t pid;
+ uint16 op_port;
+ uint16 op_type;
+ int share_mode;
+ struct timeval time;
+ SMB_DEV_T dev;
+ SMB_INO_T inode;
+ unsigned long share_file_id;
} share_mode_entry;
#define SHAREMODE_FN(fn) \
void (*fn)(share_mode_entry *, char*)
+#define NT_HASH_LEN 16
+#define LM_HASH_LEN 16
+
+/*
+ * bit flags representing initialized fields in SAM_ACCOUNT
+ */
+#define FLAG_SAM_UNINIT 0x00000000
+#define FLAG_SAM_UID 0x00000001
+#define FLAG_SAM_GID 0x00000002
+#define FLAG_SAM_SMBHOME 0x00000004
+#define FLAG_SAM_PROFILE 0x00000008
+#define FLAG_SAM_LOGONSCRIPT 0x00000010
+#define FLAG_SAM_DRIVE 0x00000020
+
+#define IS_SAM_UNIX_USER(x) \
+ ((pdb_get_init_flag(x) & FLAG_SAM_UID) \
+ && (pdb_get_init_flag(x) & FLAG_SAM_GID))
+
+#define IS_SAM_SET(x, flag) ((x)->private.init_flag & (flag))
+
typedef struct sam_passwd
{
- BOOL own_memory; /* do we own the memory allocated for the
- pointers in this struct? */
+ TALLOC_CTX *mem_ctx;
- time_t logon_time; /* logon time */
- time_t logoff_time; /* logoff time */
- time_t kickoff_time; /* kickoff time */
- time_t pass_last_set_time; /* password last set time */
- time_t pass_can_change_time; /* password can change time */
- time_t pass_must_change_time; /* password must change time */
-
- char *username; /* UNIX username string */
- char *domain; /* Windows Domain name */
- char *nt_username; /* Windows username string */
- char *full_name; /* user's full name string */
- char *home_dir; /* home directory string */
- char *dir_drive; /* home directory drive string */
- char *logon_script; /* logon script string */
- char *profile_path; /* profile path string */
- char *acct_desc ; /* user description string */
- char *workstations; /* login from workstations string */
- char *unknown_str ; /* don't know what this is, yet. */
- char *munged_dial ; /* munged path name and dial-back tel number */
-
- uid_t uid; /* this is actually the unix uid_t */
- gid_t gid; /* this is actually the unix gid_t */
- uint32 user_rid; /* Primary User ID */
- uint32 group_rid; /* Primary Group ID */
-
- unsigned char *lm_pw; /* Null if no password */
- unsigned char *nt_pw; /* Null if no password */
-
- uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
- uint32 unknown_3; /* 0x00ff ffff */
-
- uint16 logon_divs; /* 168 - number of hours in a week */
- uint32 hours_len; /* normally 21 bytes */
- uint8 hours[MAX_HOURS_LEN];
-
- uint32 unknown_5; /* 0x0002 0000 */
- uint32 unknown_6; /* 0x0000 04ec */
+ void (*free_fn)(struct sam_passwd **);
+
+ struct user_data {
+ /* initiailization flags */
+ uint32 init_flag;
+
+ time_t logon_time; /* logon time */
+ time_t logoff_time; /* logoff time */
+ time_t kickoff_time; /* kickoff time */
+ time_t pass_last_set_time; /* password last set time */
+ time_t pass_can_change_time; /* password can change time */
+ time_t pass_must_change_time; /* password must change time */
+
+ char * username; /* UNIX username string */
+ char * domain; /* Windows Domain name */
+ char * nt_username; /* Windows username string */
+ char * full_name; /* user's full name string */
+ char * home_dir; /* home directory string */
+ char * dir_drive; /* home directory drive string */
+ char * logon_script; /* logon script string */
+ char * profile_path; /* profile path string */
+ char * acct_desc ; /* user description string */
+ char * workstations; /* login from workstations string */
+ char * unknown_str ; /* don't know what this is, yet. */
+ char * munged_dial ; /* munged path name and dial-back tel number */
+
+ uid_t uid; /* this is a unix uid_t */
+ gid_t gid; /* this is a unix gid_t */
+ uint32 user_rid; /* Primary User ID */
+ uint32 group_rid; /* Primary Group ID */
+
+ DATA_BLOB lm_pw; /* .data is Null if no password */
+ DATA_BLOB nt_pw; /* .data is Null if no password */
+
+ uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
+ uint32 unknown_3; /* 0x00ff ffff */
+
+ uint16 logon_divs; /* 168 - number of hours in a week */
+ uint32 hours_len; /* normally 21 bytes */
+ uint8 hours[MAX_HOURS_LEN];
+
+ uint32 unknown_5; /* 0x0002 0000 */
+ uint32 unknown_6; /* 0x0000 04ec */
+ } private;
+ /* Lets see if the remaining code can get the hint that you
+ are meant to use the pdb_...() functions. */
} SAM_ACCOUNT;
+/*
+ * Flags for account policy.
+ */
+#define AP_MIN_PASSWORD_LEN 1
+#define AP_PASSWORD_HISTORY 2
+#define AP_USER_MUST_LOGON_TO_CHG_PASS 3
+#define AP_MAX_PASSWORD_AGE 4
+#define AP_MIN_PASSWORD_AGE 5
+#define AP_LOCK_ACCOUNT_DURATION 6
+#define AP_RESET_COUNT_TIME 7
+#define AP_BAD_ATTEMPT_LOCKOUT 8
+#define AP_TIME_TO_LOGOUT 9
+
+
/*
* Flags for local user manipulation.
*/
#define LOCAL_ENABLE_USER 0x8
#define LOCAL_TRUST_ACCOUNT 0x10
#define LOCAL_SET_NO_PASSWORD 0x20
+#define LOCAL_SET_PASSWORD 0x40
+#define LOCAL_SET_LDAP_ADMIN_PW 0x80
+#define LOCAL_INTERDOM_ACCOUNT 0x100
/* key and data in the connections database - used in smbstatus and smbd */
struct connections_key {
gid_t gid;
char name[24];
char addr[24];
- char machine[128];
+ char machine[FSTRING_LEN];
time_t start;
};
};
struct locking_data {
- int num_share_mode_entries;
+ union {
+ int num_share_mode_entries;
+ share_mode_entry dummy; /* Needed for alignment. */
+ } u;
/* the following two entries are implicit
share_mode_entry modes[num_share_mode_entries];
char file_name[];
/* the following are used by loadparm for option lists */
typedef enum
{
- P_BOOL,P_BOOLREV,P_CHAR,P_INTEGER,P_OCTAL,
+ P_BOOL,P_BOOLREV,P_CHAR,P_INTEGER,P_OCTAL,P_LIST,
P_STRING,P_USTRING,P_GSTRING,P_UGSTRING,P_ENUM,P_SEP
} parm_type;
int ivalue;
char *svalue;
char cvalue;
+ char **lvalue;
} def;
};
#define FLAG_GLOBAL 0x08 /* local options that should be globally settable in SWAT */
#define FLAG_DEPRECATED 0x10 /* options that should no longer be used */
#define FLAG_HIDE 0x20 /* options that should be hidden in SWAT */
-#define FLAG_DOS_STRING 0x40 /* convert from UNIX to DOS codepage when reading this string. */
#ifndef LOCKING_VERSION
#define LOCKING_VERSION 4
#define SMBffirst 0x82 /* find first */
#define SMBfunique 0x83 /* find unique */
#define SMBfclose 0x84 /* find close */
+#define SMBkeepalive 0x85 /* keepalive */
#define SMBinvalid 0xFE /* invalid command */
/* Extended 2.0 protocol */
#define FILE_READ_ATTRIBUTES 0x080
#define FILE_WRITE_ATTRIBUTES 0x100
-#define FILE_ALL_ATTRIBUTES 0x1FF
+#define FILE_ALL_ACCESS 0x1FF
/* the desired access to use when opening a pipe */
#define DESIRED_ACCESS_PIPE 0x2019f
/* Generic access masks & rights. */
#define SPECIFIC_RIGHTS_MASK 0x00FFFFL
#define STANDARD_RIGHTS_MASK 0xFF0000L
-#define DELETE_ACCESS (1L<<16)
-#define READ_CONTROL_ACCESS (1L<<17)
-#define WRITE_DAC_ACCESS (1L<<18)
-#define WRITE_OWNER_ACCESS (1L<<19)
-#define SYNCHRONIZE_ACCESS (1L<<20)
+#define DELETE_ACCESS (1L<<16) /* 0x00010000 */
+#define READ_CONTROL_ACCESS (1L<<17) /* 0x00020000 */
+#define WRITE_DAC_ACCESS (1L<<18) /* 0x00040000 */
+#define WRITE_OWNER_ACCESS (1L<<19) /* 0x00080000 */
+#define SYNCHRONIZE_ACCESS (1L<<20) /* 0x00100000 */
/* Combinations of standard masks. */
#define STANDARD_RIGHTS_ALL_ACCESS (DELETE_ACCESS|READ_CONTROL_ACCESS|WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS|SYNCHRONIZE_ACCESS)
#define STANDARD_RIGHTS_REQUIRED_ACCESS (DELETE_ACCESS|READ_CONTROL_ACCESS|WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS)
#define STANDARD_RIGHTS_WRITE_ACCESS (READ_CONTROL_ACCESS)
-#define SYSTEM_SECURITY_ACCESS (1L<<24)
-#define MAXIMUM_ALLOWED_ACCESS (1L<<25)
-#define GENERIC_ALL_ACCESS (1<<28)
-#define GENERIC_EXECUTE_ACCESS (1<<29)
-#define GENERIC_WRITE_ACCESS (1<<30)
-#define GENERIC_READ_ACCESS (((unsigned)1)<<31)
+#define SYSTEM_SECURITY_ACCESS (1L<<24) /* 0x01000000 */
+#define MAXIMUM_ALLOWED_ACCESS (1L<<25) /* 0x02000000 */
+#define GENERIC_ALL_ACCESS (1<<28) /* 0x10000000 */
+#define GENERIC_EXECUTE_ACCESS (1<<29) /* 0x20000000 */
+#define GENERIC_WRITE_ACCESS (1<<30) /* 0x40000000 */
+#define GENERIC_READ_ACCESS (((unsigned)1)<<31) /* 0x80000000 */
+
+/* Mapping of generic access rights for files to specific rights. */
+
+#define FILE_GENERIC_ALL (STANDARD_RIGHTS_REQUIRED_ACCESS| SYNCHRONIZE_ACCESS|FILE_ALL_ACCESS)
+
+#define FILE_GENERIC_READ (STANDARD_RIGHTS_READ_ACCESS|FILE_READ_DATA|FILE_READ_ATTRIBUTES|\
+ FILE_READ_EA|SYNCHRONIZE_ACCESS)
+
+#define FILE_GENERIC_WRITE (STANDARD_RIGHTS_WRITE_ACCESS|FILE_WRITE_DATA|FILE_WRITE_ATTRIBUTES|\
+ FILE_WRITE_EA|FILE_APPEND_DATA|SYNCHRONIZE_ACCESS)
+
+#define FILE_GENERIC_EXECUTE (STANDARD_RIGHTS_EXECUTE_ACCESS|FILE_READ_ATTRIBUTES|\
+ FILE_EXECUTE|SYNCHRONIZE_ACCESS)
/* Mapping of access rights to UNIX perms. */
+#define UNIX_ACCESS_RWX FILE_GENERIC_ALL
+#define UNIX_ACCESS_R FILE_GENERIC_READ
+#define UNIX_ACCESS_W FILE_GENERIC_WRITE
+#define UNIX_ACCESS_X FILE_GENERIC_EXECUTE
+
+#if 0
+/*
+ * This is the old mapping we used to use. To get W2KSP2 profiles
+ * working we need to map to the canonical file perms.
+ */
#define UNIX_ACCESS_RWX (UNIX_ACCESS_R|UNIX_ACCESS_W|UNIX_ACCESS_X)
#define UNIX_ACCESS_R (READ_CONTROL_ACCESS|SYNCHRONIZE_ACCESS|\
FILE_READ_ATTRIBUTES|FILE_READ_EA|FILE_READ_DATA)
FILE_APPEND_DATA|FILE_WRITE_DATA)
#define UNIX_ACCESS_X (READ_CONTROL_ACCESS|SYNCHRONIZE_ACCESS|\
FILE_EXECUTE|FILE_READ_ATTRIBUTES)
+#endif
#define UNIX_ACCESS_NONE (WRITE_OWNER_ACCESS)
#define FILE_ATTRIBUTE_ARCHIVE aARCH
#define FILE_ATTRIBUTE_NORMAL 0x80L
#define FILE_ATTRIBUTE_TEMPORARY 0x100L
+#define FILE_ATTRIBUTE_SPARSE 0x200L
#define FILE_ATTRIBUTE_COMPRESSED 0x800L
+#define FILE_ATTRIBUTE_NONINDEXED 0x2000L
#define SAMBA_ATTRIBUTES_MASK 0x7F
/* Flags - combined with attributes. */
/* Acconding to testing, this actually sets the security attribute! */
#define FILE_PERSISTENT_ACLS 0x08
/* These entries added from cifs9f --tsb */
-#define FILE_FILE_COMPRESSION 0x08
-#define FILE_VOLUME_QUOTAS 0x10
-#define FILE_DEVICE_IS_MOUNTED 0x20
+#define FILE_FILE_COMPRESSION 0x10
+#define FILE_VOLUME_QUOTAS 0x20
+/* I think this is wrong. JRA #define FILE_DEVICE_IS_MOUNTED 0x20 */
+#define FILE_VOLUME_SPARSE_FILE 0x40
#define FILE_VOLUME_IS_COMPRESSED 0x8000
/* ChangeNotify flags. */
#define SMB_SUCCESS 0 /* The request was successful. */
-#define ERRDOS 0x01 /* Error is from the core DOS operating system set. */
-#define ERRSRV 0x02 /* Error is generated by the server network file manager.*/
-#define ERRHRD 0x03 /* Error is an hardware error. */
-#define ERRCMD 0xFF /* Command was not in the "SMB" format. */
-
-#ifdef HAVE_STDARG_H
-int slprintf(char *str, int n, char *format, ...)
-#ifdef __GNUC__
- __attribute__ ((format (__printf__, 3, 4)))
-#endif
-;
-#else
-int slprintf();
-#endif
-
-#ifdef HAVE_STDARG_H
-int fdprintf(int fd, char *format, ...)
-#ifdef __GNUC__
- __attribute__ ((format (__printf__, 2, 3)))
-#endif
-;
-#else
-int fdprintf();
-#endif
#ifdef WITH_DFS
void dfs_unlogin(void);
#define SV_TYPE_DOMAIN_ENUM 0x80000000
#define SV_TYPE_ALL 0xFFFFFFFF
-/* what server type are we currently - JHT Says we ARE 4.20 */
-/* this was set by JHT in liaison with Jeremy Allison early 1997 */
-/* setting to 4.20 at same time as announcing ourselves as NT Server */
-/* History: */
-/* Version 4.0 - never made public */
-/* Version 4.10 - New to 1.9.16p2, lost in space 1.9.16p3 to 1.9.16p9 */
-/* - Reappeared in 1.9.16p11 with fixed smbd services */
-/* Version 4.20 - To indicate that nmbd and browsing now works better */
-
+/* This was set by JHT in liaison with Jeremy Allison early 1997
+ * History:
+ * Version 4.0 - never made public
+ * Version 4.10 - New to 1.9.16p2, lost in space 1.9.16p3 to 1.9.16p9
+ * - Reappeared in 1.9.16p11 with fixed smbd services
+ * Version 4.20 - To indicate that nmbd and browsing now works better
+ * Version 4.50 - Set at release of samba-2.2.0 by JHT
+ *
+ * Note: In the presence of NT4.X do not set above 4.9
+ * Setting this above 4.9 can have undesired side-effects.
+ * This may change again in Samba-3.0 after further testing. JHT
+ */
+
#define DEFAULT_MAJOR_VERSION 0x04
-#define DEFAULT_MINOR_VERSION 0x02
+#define DEFAULT_MINOR_VERSION 0x05
/* Browser Election Values */
#define BROWSER_ELECTION_VERSION 0x010f
#define FLAGS2_LONG_PATH_COMPONENTS 0x0001
#define FLAGS2_EXTENDED_ATTRIBUTES 0x0002
+#define FLAGS2_EXTENDED_SECURITY 0x0800
#define FLAGS2_DFS_PATHNAMES 0x1000
#define FLAGS2_READ_PERMIT_NO_EXECUTE 0x2000
#define FLAGS2_32_BIT_ERROR_CODES 0x4000
#define CAP_LOCK_AND_READ 0x0100
#define CAP_NT_FIND 0x0200
#define CAP_DFS 0x1000
+#define CAP_W2K_SMBS 0x2000
#define CAP_LARGE_READX 0x4000
+#define CAP_LARGE_WRITEX 0x8000
+#define CAP_UNIX 0x800000 /* Capabilities for UNIX extensions. Created by HP. */
#define CAP_EXTENDED_SECURITY 0x80000000
/* protocol types. It assumes that higher protocols include lower protocols
enum protocol_types {PROTOCOL_NONE,PROTOCOL_CORE,PROTOCOL_COREPLUS,PROTOCOL_LANMAN1,PROTOCOL_LANMAN2,PROTOCOL_NT1};
/* security levels */
-enum security_types {SEC_SHARE,SEC_USER,SEC_SERVER,SEC_DOMAIN};
+enum security_types {SEC_SHARE,SEC_USER,SEC_SERVER,SEC_DOMAIN,SEC_ADS};
/* server roles */
enum server_types
#endif /* DEVELOPER */
};
+/* LDAP schema types */
+enum schema_types {SCHEMA_COMPAT, SCHEMA_AD, SCHEMA_SAMBA};
+
+/* LDAP SSL options */
+enum ldap_ssl_types {LDAP_SSL_ON, LDAP_SSL_OFF, LDAP_SSL_START_TLS};
+
/* Remote architectures we know about. */
enum remote_arch_types {RA_UNKNOWN, RA_WFWG, RA_OS2, RA_WIN95, RA_WINNT, RA_WIN2K, RA_SAMBA};
*
* The form of this is :
*
- * 0 2 6 10 14 14+devsize 14+devsize+inodesize
- * +----+--------+--------+--------+-------+--------+
- * | cmd| pid | sec | usec | dev | inode |
- * +----+--------+--------+--------+-------+--------+
+ * 0 2 2+pid 2+pid+dev 2+pid+dev+ino
+ * +----+--------+-------+--------+---------+
+ * | cmd| pid | dev | inode | fileid |
+ * +----+--------+-------+--------+---------+
*/
#define OPLOCK_BREAK_CMD 0x1
#define OPLOCK_BREAK_PID_OFFSET 2
-#define OPLOCK_BREAK_SEC_OFFSET (OPLOCK_BREAK_PID_OFFSET + sizeof(pid_t))
-#define OPLOCK_BREAK_USEC_OFFSET (OPLOCK_BREAK_SEC_OFFSET + sizeof(time_t))
-#define OPLOCK_BREAK_DEV_OFFSET (OPLOCK_BREAK_USEC_OFFSET + sizeof(long))
+#define OPLOCK_BREAK_DEV_OFFSET (OPLOCK_BREAK_PID_OFFSET + sizeof(pid_t))
#define OPLOCK_BREAK_INODE_OFFSET (OPLOCK_BREAK_DEV_OFFSET + sizeof(SMB_DEV_T))
-#define OPLOCK_BREAK_MSG_LEN (OPLOCK_BREAK_INODE_OFFSET + sizeof(SMB_INO_T))
+#define OPLOCK_BREAK_FILEID_OFFSET (OPLOCK_BREAK_INODE_OFFSET + sizeof(SMB_INO_T))
+#define OPLOCK_BREAK_MSG_LEN (OPLOCK_BREAK_FILEID_OFFSET + sizeof(unsigned long))
#define KERNEL_OPLOCK_BREAK_CMD 0x2
#define LEVEL_II_OPLOCK_BREAK_CMD 0x3
* Form of this is :
*
* 0 2 2+devsize 2+devsize+inodesize
- * +----+--------+--------+
- * | cmd| dev | inode |
- * +----+--------+--------+
+ * +----+--------+--------+----------+
+ * | cmd| dev | inode | fileid |
+ * +----+--------+--------+----------+
*/
#define KERNEL_OPLOCK_BREAK_DEV_OFFSET 2
#define KERNEL_OPLOCK_BREAK_INODE_OFFSET (KERNEL_OPLOCK_BREAK_DEV_OFFSET + sizeof(SMB_DEV_T))
-#define KERNEL_OPLOCK_BREAK_MSG_LEN (KERNEL_OPLOCK_BREAK_INODE_OFFSET + sizeof(SMB_INO_T))
+#define KERNEL_OPLOCK_BREAK_FILEID_OFFSET (KERNEL_OPLOCK_BREAK_INODE_OFFSET + sizeof(SMB_INO_T))
+#define KERNEL_OPLOCK_BREAK_MSG_LEN (KERNEL_OPLOCK_BREAK_FILEID_OFFSET + sizeof(unsigned long))
/* if a kernel does support oplocks then a structure of the following
BOOL (*receive_message)(fd_set *fds, char *buffer, int buffer_len);
BOOL (*set_oplock)(files_struct *fsp, int oplock_type);
void (*release_oplock)(files_struct *fsp);
- BOOL (*parse_message)(char *msg_start, int msg_len, SMB_INO_T *inode, SMB_DEV_T *dev);
+ BOOL (*parse_message)(char *msg_start, int msg_len, SMB_INO_T *inode, SMB_DEV_T *dev, unsigned long *file_id);
BOOL (*msg_waiting)(fd_set *fds);
int notification_fd;
};
uchar sess_key[16];
};
-struct ntdom_info
-{
- unsigned char sess_key[16]; /* Current session key. */
- unsigned char ntlmssp_hash[258]; /* ntlmssp data. */
- uint32 ntlmssp_cli_flgs; /* ntlmssp client flags */
- uint32 ntlmssp_srv_flgs; /* ntlmssp server flags */
- uint32 ntlmssp_seq_num; /* ntlmssp sequence number */
- DOM_CRED clnt_cred; /* Client credential. */
-
- int max_recv_frag;
- int max_xmit_frag;
-
- vuser_key key;
-};
-
/*
* Network Computing Architechture Context Name Named Pipe
* See MSDN docs for more information
NT_USER_TOKEN *nt_user_token;
- /* per-user authentication information on NT RPCs */
- /* lkclXXXX - THIS SHOULD NOT BE HERE! */
- struct dcinfo dc;
+ int session_id; /* used by utmp and pam session code */
} user_struct;
+
#include "ntdomain.h"
#include "client.h"
-#include "rpcclient.h"
/*
- * Size of new password account encoding string. DO NOT CHANGE.
+ * Size of new password account encoding string. This is enough space to
+ * hold 11 ACB characters, plus the surrounding [] and a terminating null.
+ * Do not change unless you are adding new ACB bits!
*/
#define NEW_PW_FORMAT_SPACE_PADDED_LEN 14
#define MAP_TO_GUEST_ON_BAD_USER 1
#define MAP_TO_GUEST_ON_BAD_PASSWORD 2
+#define SAFE_NETBIOS_CHARS ". -_"
+
#include "nsswitch/winbindd_nss.h"
#include "smb_acls.h"
+/* generic iconv conversion structure */
+typedef struct {
+ size_t (*direct)(void *cd, char **inbuf, size_t *inbytesleft,
+ char **outbuf, size_t *outbytesleft);
+ size_t (*pull)(void *cd, char **inbuf, size_t *inbytesleft,
+ char **outbuf, size_t *outbytesleft);
+ size_t (*push)(void *cd, char **inbuf, size_t *inbytesleft,
+ char **outbuf, size_t *outbytesleft);
+ void *cd_direct, *cd_pull, *cd_push;
+ char *from_name, *to_name;
+} *smb_iconv_t;
+
+/* The maximum length of a trust account password.
+ Used when we randomly create it, 15 char passwords
+ exceed NT4's max password length */
+
+#define DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH 14
+
#endif /* _SMB_H */
git.samba.org / ira / wip.git / blobdiff