2 Unix SMB/CIFS implementation.
3 SMB parameters and setup, plus a whole lot more.
5 Copyright (C) Andrew Tridgell 1992-2000
6 Copyright (C) John H Terpstra 1996-2002
7 Copyright (C) Luke Kenneth Casson Leighton 1996-2000
8 Copyright (C) Paul Ashton 1998-2000
9 Copyright (C) Simo Sorce 2001-2002
10 Copyright (C) Martin Pool 2002
12 This program is free software; you can redistribute it and/or modify
13 it under the terms of the GNU General Public License as published by
14 the Free Software Foundation; either version 2 of the License, or
15 (at your option) any later version.
17 This program is distributed in the hope that it will be useful,
18 but WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 GNU General Public License for more details.
22 You should have received a copy of the GNU General Public License
23 along with this program; if not, write to the Free Software
24 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
31 #define DGRAM_PORT 138
34 #define SMB_PORTS "445 139"
42 #define _BOOL /* So we don't typedef BOOL again in vfs.h */
47 #ifndef DEF_CREATE_MASK
48 #define DEF_CREATE_MASK (0755)
51 /* string manipulation flags - see clistr.c and srvstr.c */
52 #define STR_TERMINATE 1
56 #define STR_NOALIGN 16
57 #define STR_NO_RANGE_CHECK 32
58 #define STR_LEN8BIT 64
59 #define STR_TERMINATE_ASCII 128 /* only terminate if ascii */
60 #define STR_LEN_NOTERM 256 /* the length field is the unterminated length */
65 /* types of socket errors */
66 enum socket_error {SOCKET_READ_TIMEOUT,
81 #define DOS_OPEN_RDONLY 0
82 #define DOS_OPEN_WRONLY 1
83 #define DOS_OPEN_RDWR 2
84 #define DOS_OPEN_FCB 0xF
87 /**********************************/
88 /* SMBopen field definitions */
89 #define OPEN_FLAGS_DENY_MASK 0x70
90 #define OPEN_FLAGS_DENY_DOS 0x00
91 #define OPEN_FLAGS_DENY_ALL 0x10
92 #define OPEN_FLAGS_DENY_WRITE 0x20
93 #define OPEN_FLAGS_DENY_READ 0x30
94 #define OPEN_FLAGS_DENY_NONE 0x40
96 #define OPEN_FLAGS_MODE_MASK 0x0F
97 #define OPEN_FLAGS_OPEN_READ 0
98 #define OPEN_FLAGS_OPEN_WRITE 1
99 #define OPEN_FLAGS_OPEN_RDWR 2
100 #define OPEN_FLAGS_FCB 0xFF
103 /**********************************/
104 /* SMBopenX field definitions */
106 /* OpenX Flags field. */
107 #define OPENX_FLAGS_ADDITIONAL_INFO 0x01
108 #define OPENX_FLAGS_REQUEST_OPLOCK 0x02
109 #define OPENX_FLAGS_REQUEST_BATCH_OPLOCK 0x04
110 #define OPENX_FLAGS_EA_LEN 0x08
111 #define OPENX_FLAGS_EXTENDED_RETURN 0x10
113 /* desired access (open_mode), split info 4 4-bit nibbles */
114 #define OPENX_MODE_ACCESS_MASK 0x000F
115 #define OPENX_MODE_ACCESS_READ 0x0000
116 #define OPENX_MODE_ACCESS_WRITE 0x0001
117 #define OPENX_MODE_ACCESS_RDWR 0x0002
118 #define OPENX_MODE_ACCESS_EXEC 0x0003
119 #define OPENX_MODE_ACCESS_FCB 0x000F
121 #define OPENX_MODE_DENY_SHIFT 4
122 #define OPENX_MODE_DENY_MASK (0xF << OPENX_MODE_DENY_SHIFT)
123 #define OPENX_MODE_DENY_DOS (DENY_DOS << OPENX_MODE_DENY_SHIFT)
124 #define OPENX_MODE_DENY_ALL (DENY_ALL << OPENX_MODE_DENY_SHIFT)
125 #define OPENX_MODE_DENY_WRITE (DENY_WRITE << OPENX_MODE_DENY_SHIFT)
126 #define OPENX_MODE_DENY_READ (DENY_READ << OPENX_MODE_DENY_SHIFT)
127 #define OPENX_MODE_DENY_NONE (DENY_NONE << OPENX_MODE_DENY_SHIFT)
128 #define OPENX_MODE_DENY_FCB (0xF << OPENX_MODE_DENY_SHIFT)
130 #define OPENX_MODE_LOCALITY_MASK 0x0F00 /* what does this do? */
132 #define OPENX_MODE_NO_CACHE 0x1000
133 #define OPENX_MODE_WRITE_THRU 0x4000
135 /* open function values */
136 #define OPENX_OPEN_FUNC_MASK 0x3
137 #define OPENX_OPEN_FUNC_FAIL 0x0
138 #define OPENX_OPEN_FUNC_OPEN 0x1
139 #define OPENX_OPEN_FUNC_TRUNC 0x2
141 /* The above can be OR'ed with... */
142 #define OPENX_OPEN_FUNC_CREATE 0x10
144 /* openx action in reply */
145 #define OPENX_ACTION_EXISTED 1
146 #define OPENX_ACTION_CREATED 2
147 #define OPENX_ACTION_TRUNCATED 3
150 /**********************************/
151 /* SMBntcreateX field definitions */
153 /* ntcreatex flags field. */
154 #define NTCREATEX_FLAGS_REQUEST_OPLOCK 0x02
155 #define NTCREATEX_FLAGS_REQUEST_BATCH_OPLOCK 0x04
156 #define NTCREATEX_FLAGS_OPEN_DIRECTORY 0x08
157 #define NTCREATEX_FLAGS_EXTENDED 0x10
159 /* the ntcreatex access_mask field
160 this is split into 4 pieces
161 AAAABBBBCCCCCCCCDDDDDDDDDDDDDDDD
167 which set of SA_RIGHT_* bits is applicable depends on the type
173 /* ntcreatex share_access field */
174 #define NTCREATEX_SHARE_ACCESS_NONE 0
175 #define NTCREATEX_SHARE_ACCESS_READ 1
176 #define NTCREATEX_SHARE_ACCESS_WRITE 2
177 #define NTCREATEX_SHARE_ACCESS_DELETE 4
179 /* ntcreatex open_disposition field */
180 #define NTCREATEX_DISP_SUPERSEDE 0 /* supersede existing file (if it exists) */
181 #define NTCREATEX_DISP_OPEN 1 /* if file exists open it, else fail */
182 #define NTCREATEX_DISP_CREATE 2 /* if file exists fail, else create it */
183 #define NTCREATEX_DISP_OPEN_IF 3 /* if file exists open it, else create it */
184 #define NTCREATEX_DISP_OVERWRITE 4 /* if exists overwrite, else fail */
185 #define NTCREATEX_DISP_OVERWRITE_IF 5 /* if exists overwrite, else create */
187 /* ntcreatex create_options field */
188 #define NTCREATEX_OPTIONS_DIRECTORY 0x0001
189 #define NTCREATEX_OPTIONS_WRITE_THROUGH 0x0002
190 #define NTCREATEX_OPTIONS_SEQUENTIAL_ONLY 0x0004
191 #define NTCREATEX_OPTIONS_SYNC_ALERT 0x0010
192 #define NTCREATEX_OPTIONS_ASYNC_ALERT 0x0020
193 #define NTCREATEX_OPTIONS_NON_DIRECTORY_FILE 0x0040
194 #define NTCREATEX_OPTIONS_NO_EA_KNOWLEDGE 0x0200
195 #define NTCREATEX_OPTIONS_EIGHT_DOT_THREE_ONLY 0x0400
196 #define NTCREATEX_OPTIONS_RANDOM_ACCESS 0x0800
197 #define NTCREATEX_OPTIONS_DELETE_ON_CLOSE 0x1000
198 #define NTCREATEX_OPTIONS_OPEN_BY_FILE_ID 0x2000
200 /* ntcreatex impersonation field */
201 #define NTCREATEX_IMPERSONATION_ANONYMOUS 0
202 #define NTCREATEX_IMPERSONATION_IDENTIFICATION 1
203 #define NTCREATEX_IMPERSONATION_IMPERSONATION 2
204 #define NTCREATEX_IMPERSONATION_DELEGATION 3
206 /* ntcreatex security flags bit field */
207 #define NTCREATEX_SECURITY_DYNAMIC 1
208 #define NTCREATEX_SECURITY_ALL 2
210 /* ntcreatex create_action in reply */
211 #define NTCREATEX_ACTION_EXISTED 1
212 #define NTCREATEX_ACTION_CREATED 2
213 #define NTCREATEX_ACTION_TRUNCATED 3
214 /* the value 5 can also be returned when you try to create a directory with
215 incorrect parameters - what does it mean? maybe created temporary file? */
216 #define NTCREATEX_ACTION_UNKNOWN 5
221 * SMB UCS2 (16-bit unicode) internal type.
224 typedef uint16 smb_ucs2_t;
226 /* ucs2 string types. */
227 typedef smb_ucs2_t wpstring[PSTRING_LEN];
228 typedef smb_ucs2_t wfstring[FSTRING_LEN];
230 #ifdef WORDS_BIGENDIAN
236 /* turn a 7 bit character into a ucs2 character */
237 #define UCS2_CHAR(c) ((c) << UCS2_SHIFT)
239 /* Allowable account control bits */
240 #define ACB_DISABLED 0x0001 /* 1 = User account disabled */
241 #define ACB_HOMDIRREQ 0x0002 /* 1 = Home directory required */
242 #define ACB_PWNOTREQ 0x0004 /* 1 = User password not required */
243 #define ACB_TEMPDUP 0x0008 /* 1 = Temporary duplicate account */
244 #define ACB_NORMAL 0x0010 /* 1 = Normal user account */
245 #define ACB_MNS 0x0020 /* 1 = MNS logon user account */
246 #define ACB_DOMTRUST 0x0040 /* 1 = Interdomain trust account */
247 #define ACB_WSTRUST 0x0080 /* 1 = Workstation trust account */
248 #define ACB_SVRTRUST 0x0100 /* 1 = Server trust account */
249 #define ACB_PWNOEXP 0x0200 /* 1 = User password does not expire */
250 #define ACB_AUTOLOCK 0x0400 /* 1 = Account auto locked */
252 #define MAX_HOURS_LEN 32
255 #define MAXSUBAUTHS 15 /* max sub authorities in a SID */
258 /* for compatibility */
259 #define SID_NAME_USE samr_SidType
262 * @brief Security Identifier
264 * @sa http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/accctrl_38yn.asp
266 typedef struct sid_info
268 uint8 sid_rev_num; /**< SID revision number */
269 uint8 num_auths; /**< Number of sub-authorities */
270 uint8 id_auth[6]; /**< Identifier Authority */
272 * Pointer to sub-authorities.
274 * @note The values in these uint32's are in *native* byteorder, not
275 * neccessarily little-endian...... JRA.
277 uint32 sub_auths[MAXSUBAUTHS];
282 * The complete list of SIDS belonging to this user.
283 * Created when a vuid is registered.
284 * The definition of the user_sids array is as follows :
286 * token->user_sids[0] = primary user SID.
287 * token->user_sids[1] = primary group SID.
288 * token->user_sids[2..num_sids] = supplementary group SIDS.
291 #define PRIMARY_USER_SID_INDEX 0
292 #define PRIMARY_GROUP_SID_INDEX 1
294 typedef struct nt_user_token {
299 /* 32 bit time (sec) since 01jan1970 - cifs6.txt, section 3.5, page 30 */
300 typedef struct time_info
305 /* used to hold an arbitrary blob of data */
306 typedef struct data_blob {
309 void (*free)(struct data_blob *data_blob);
314 #include "librpc/gen_ndr/ndr_misc.h"
315 #include "smb_interfaces.h"
316 #include "librpc/ndr/libndr.h"
318 typedef struct userdom_struct {
319 fstring smb_name; /* user name from the client */
320 fstring unix_name; /* unix user name of a validated user */
321 fstring full_name; /* to store full name (such as "Joe Bloggs") from gecos field of password file */
322 fstring domain; /* domain that the client specified */
326 /* used for server information: client, nameserv and ipc */
327 struct server_info_struct
332 fstring domain; /* used ONLY in ipc.c NOT namework.c */
333 BOOL server_added; /* used ONLY in ipc.c NOT namework.c */
337 /* used for network interfaces */
340 struct interface *next, *prev;
342 struct in_addr bcast;
343 struct in_addr nmask;
346 /* struct returned by get_share_modes */
352 uint32 desired_access;
356 unsigned long share_file_id;
360 #define SHAREMODE_FN_CAST() \
361 void (*)(share_mode_entry *, char*)
363 #define SHAREMODE_FN(fn) \
364 void (*fn)(share_mode_entry *, char*)
366 #define NT_HASH_LEN 16
367 #define LM_HASH_LEN 16
370 * bit flags representing initialized fields in SAM_ACCOUNT
408 /* this must be the last element */
412 enum pdb_value_state {
418 #define IS_SAM_UNIX_USER(x) \
419 (( pdb_get_init_flags(x, PDB_UID) != PDB_DEFAULT ) \
420 && ( pdb_get_init_flags(x,PDB_GID) != PDB_DEFAULT ))
422 #define IS_SAM_SET(x, flag) (pdb_get_init_flags(x, flag) == PDB_SET)
423 #define IS_SAM_CHANGED(x, flag) (pdb_get_init_flags(x, flag) == PDB_CHANGED)
424 #define IS_SAM_DEFAULT(x, flag) (pdb_get_init_flags(x, flag) == PDB_DEFAULT)
426 typedef struct sam_passwd
430 void (*free_fn)(struct sam_passwd **);
432 struct pdb_methods *methods;
435 /* initiailization flags */
436 struct bitmap *change_flags;
437 struct bitmap *set_flags;
439 time_t logon_time; /* logon time */
440 time_t logoff_time; /* logoff time */
441 time_t kickoff_time; /* kickoff time */
442 time_t pass_last_set_time; /* password last set time */
443 time_t pass_can_change_time; /* password can change time */
444 time_t pass_must_change_time; /* password must change time */
446 const char * username; /* UNIX username string */
447 const char * domain; /* Windows Domain name */
448 const char * nt_username; /* Windows username string */
449 const char * full_name; /* user's full name string */
450 const char * unix_home_dir; /* UNIX home directory string */
451 const char * home_dir; /* home directory string */
452 const char * dir_drive; /* home directory drive string */
453 const char * logon_script; /* logon script string */
454 const char * profile_path; /* profile path string */
455 const char * acct_desc ; /* user description string */
456 const char * workstations; /* login from workstations string */
457 const char * unknown_str ; /* don't know what this is, yet. */
458 const char * munged_dial ; /* munged path name and dial-back tel number */
460 uid_t uid; /* this is a unix uid_t */
461 gid_t gid; /* this is a unix gid_t */
462 DOM_SID user_sid; /* Primary User SID */
463 DOM_SID group_sid; /* Primary Group SID */
465 DATA_BLOB lm_pw; /* .data is Null if no password */
466 DATA_BLOB nt_pw; /* .data is Null if no password */
467 char* plaintext_pw; /* is Null if not available */
469 uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
470 uint32 unknown_3; /* 0x00ff ffff */
472 uint16 logon_divs; /* 168 - number of hours in a week */
473 uint32 hours_len; /* normally 21 bytes */
474 uint8 hours[MAX_HOURS_LEN];
476 uint32 unknown_5; /* 0x0002 0000 */
477 uint32 unknown_6; /* 0x0000 04ec */
480 /* Lets see if the remaining code can get the hint that you
481 are meant to use the pdb_...() functions. */
486 * Flags for account policy.
488 #define AP_MIN_PASSWORD_LEN 1
489 #define AP_PASSWORD_HISTORY 2
490 #define AP_USER_MUST_LOGON_TO_CHG_PASS 3
491 #define AP_MAX_PASSWORD_AGE 4
492 #define AP_MIN_PASSWORD_AGE 5
493 #define AP_LOCK_ACCOUNT_DURATION 6
494 #define AP_RESET_COUNT_TIME 7
495 #define AP_BAD_ATTEMPT_LOCKOUT 8
496 #define AP_TIME_TO_LOGOUT 9
500 * Flags for local user manipulation.
503 #define LOCAL_ADD_USER 0x1
504 #define LOCAL_DELETE_USER 0x2
505 #define LOCAL_DISABLE_USER 0x4
506 #define LOCAL_ENABLE_USER 0x8
507 #define LOCAL_TRUST_ACCOUNT 0x10
508 #define LOCAL_SET_NO_PASSWORD 0x20
509 #define LOCAL_SET_PASSWORD 0x40
510 #define LOCAL_SET_LDAP_ADMIN_PW 0x80
511 #define LOCAL_INTERDOM_ACCOUNT 0x100
512 #define LOCAL_AM_ROOT 0x200 /* Act as root */
514 /* key and data in the connections database - used in smbstatus and smbd */
515 struct connections_key {
521 struct connections_data {
529 char machine[FSTRING_LEN];
531 uint32 bcast_msg_flags;
534 /* the following are used by loadparm for option lists */
537 P_BOOL,P_BOOLREV,P_CHAR,P_INTEGER,P_OCTAL,P_LIST,
538 P_STRING,P_USTRING,P_ENUM,P_SEP
543 P_LOCAL,P_GLOBAL,P_SEPARATOR,P_NONE
557 BOOL (*special)(const char *, char **);
558 const struct enum_list *enum_list;
574 #define FLAG_BASIC 0x0001 /* fundamental options */
575 #define FLAG_SHARE 0x0002 /* file sharing options */
576 #define FLAG_PRINT 0x0004 /* printing options */
577 #define FLAG_GLOBAL 0x0008 /* local options that should be globally settable in SWAT */
578 #define FLAG_WIZARD 0x0010 /* Parameters that the wizard will operate on */
579 #define FLAG_ADVANCED 0x0020 /* Parameters that the wizard will operate on */
580 #define FLAG_DEVELOPER 0x0040 /* Parameters that the wizard will operate on */
581 #define FLAG_DEPRECATED 0x1000 /* options that should no longer be used */
582 #define FLAG_HIDE 0x2000 /* options that should be hidden in SWAT */
583 #define FLAG_DOS_STRING 0x4000 /* convert from UNIX to DOS codepage when reading this string. */
584 #define FLAG_CMDLINE 0x8000 /* this option was set from the command line */
586 #ifndef LOCKING_VERSION
587 #define LOCKING_VERSION 4
588 #endif /* LOCKING_VERSION */
591 /* the basic packet size, assuming no words or bytes. Does not include the NBT header */
592 #define MIN_SMB_SIZE 35
594 /* when using NBT encapsulation every packet has a 4 byte header */
595 #define NBT_HDR_SIZE 4
597 /* offsets into message header for common items - NOTE: These have
598 changed from being offsets from the base of the NBT packet to the base of the SMB packet.
599 this has reduced all these values by 4
607 #define HDR_PIDHIGH 12
608 #define HDR_SS_FIELD 14
617 /* types of buffers in core SMB protocol */
618 #define SMB_DATA_BLOCK 0x1
619 #define SMB_ASCII4 0x4
622 /* flag defines. CIFS spec 3.1.1 */
623 #define FLAG_SUPPORT_LOCKREAD 0x01
624 #define FLAG_CLIENT_BUF_AVAIL 0x02
625 #define FLAG_RESERVED 0x04
626 #define FLAG_CASELESS_PATHNAMES 0x08
627 #define FLAG_CANONICAL_PATHNAMES 0x10
628 #define FLAG_REQUEST_OPLOCK 0x20
629 #define FLAG_REQUEST_BATCH_OPLOCK 0x40
630 #define FLAG_REPLY 0x80
633 #define SMBmkdir 0x00 /* create directory */
634 #define SMBrmdir 0x01 /* delete directory */
635 #define SMBopen 0x02 /* open file */
636 #define SMBcreate 0x03 /* create file */
637 #define SMBclose 0x04 /* close file */
638 #define SMBflush 0x05 /* flush file */
639 #define SMBunlink 0x06 /* delete file */
640 #define SMBmv 0x07 /* rename file */
641 #define SMBgetatr 0x08 /* get file attributes */
642 #define SMBsetatr 0x09 /* set file attributes */
643 #define SMBread 0x0A /* read from file */
644 #define SMBwrite 0x0B /* write to file */
645 #define SMBlock 0x0C /* lock byte range */
646 #define SMBunlock 0x0D /* unlock byte range */
647 #define SMBctemp 0x0E /* create temporary file */
648 #define SMBmknew 0x0F /* make new file */
649 #define SMBchkpth 0x10 /* check directory path */
650 #define SMBexit 0x11 /* process exit */
651 #define SMBlseek 0x12 /* seek */
652 #define SMBtcon 0x70 /* tree connect */
653 #define SMBtconX 0x75 /* tree connect and X*/
654 #define SMBtdis 0x71 /* tree disconnect */
655 #define SMBnegprot 0x72 /* negotiate protocol */
656 #define SMBdskattr 0x80 /* get disk attributes */
657 #define SMBsearch 0x81 /* search directory */
658 #define SMBsplopen 0xC0 /* open print spool file */
659 #define SMBsplwr 0xC1 /* write to print spool file */
660 #define SMBsplclose 0xC2 /* close print spool file */
661 #define SMBsplretq 0xC3 /* return print queue */
662 #define SMBsends 0xD0 /* send single block message */
663 #define SMBsendb 0xD1 /* send broadcast message */
664 #define SMBfwdname 0xD2 /* forward user name */
665 #define SMBcancelf 0xD3 /* cancel forward */
666 #define SMBgetmac 0xD4 /* get machine name */
667 #define SMBsendstrt 0xD5 /* send start of multi-block message */
668 #define SMBsendend 0xD6 /* send end of multi-block message */
669 #define SMBsendtxt 0xD7 /* send text of multi-block message */
672 #define SMBlockread 0x13 /* Lock a range and read */
673 #define SMBwriteunlock 0x14 /* write then range then unlock it */
674 #define SMBreadbraw 0x1a /* read a block of data with no smb header */
675 #define SMBwritebraw 0x1d /* write a block of data with no smb header */
676 #define SMBwritec 0x20 /* secondary write request */
677 #define SMBwriteclose 0x2c /* write a file then close it */
679 /* dos extended protocol */
680 #define SMBreadBraw 0x1A /* read block raw */
681 #define SMBreadBmpx 0x1B /* read block multiplexed */
682 #define SMBreadBs 0x1C /* read block (secondary response) */
683 #define SMBwriteBraw 0x1D /* write block raw */
684 #define SMBwriteBmpx 0x1E /* write block multiplexed */
685 #define SMBwriteBs 0x1F /* write block (secondary request) */
686 #define SMBwriteC 0x20 /* write complete response */
687 #define SMBsetattrE 0x22 /* set file attributes expanded */
688 #define SMBgetattrE 0x23 /* get file attributes expanded */
689 #define SMBlockingX 0x24 /* lock/unlock byte ranges and X */
690 #define SMBtrans 0x25 /* transaction - name, bytes in/out */
691 #define SMBtranss 0x26 /* transaction (secondary request/response) */
692 #define SMBioctl 0x27 /* IOCTL */
693 #define SMBioctls 0x28 /* IOCTL (secondary request/response) */
694 #define SMBcopy 0x29 /* copy */
695 #define SMBmove 0x2A /* move */
696 #define SMBecho 0x2B /* echo */
697 #define SMBopenX 0x2D /* open and X */
698 #define SMBreadX 0x2E /* read and X */
699 #define SMBwriteX 0x2F /* write and X */
700 #define SMBsesssetupX 0x73 /* Session Set Up & X (including User Logon) */
701 #define SMBffirst 0x82 /* find first */
702 #define SMBfunique 0x83 /* find unique */
703 #define SMBfclose 0x84 /* find close */
704 #define SMBkeepalive 0x85 /* keepalive */
705 #define SMBinvalid 0xFE /* invalid command */
707 /* Extended 2.0 protocol */
708 #define SMBtrans2 0x32 /* TRANS2 protocol set */
709 #define SMBtranss2 0x33 /* TRANS2 protocol set, secondary command */
710 #define SMBfindclose 0x34 /* Terminate a TRANSACT2_FINDFIRST */
711 #define SMBfindnclose 0x35 /* Terminate a TRANSACT2_FINDNOTIFYFIRST */
712 #define SMBulogoffX 0x74 /* user logoff */
714 /* NT SMB extensions. */
715 #define SMBnttrans 0xA0 /* NT transact */
716 #define SMBnttranss 0xA1 /* NT transact secondary */
717 #define SMBntcreateX 0xA2 /* NT create and X */
718 #define SMBntcancel 0xA4 /* NT cancel */
719 #define SMBntrename 0xA5 /* NT rename */
721 /* used to indicate end of chain */
722 #define SMB_CHAIN_NONE 0xFF
724 /* These are the trans subcommands */
725 #define TRANSACT_SETNAMEDPIPEHANDLESTATE 0x01
726 #define TRANSACT_DCERPCCMD 0x26
727 #define TRANSACT_WAITNAMEDPIPEHANDLESTATE 0x53
729 /* These are the NT transact sub commands. */
730 #define NT_TRANSACT_CREATE 1
731 #define NT_TRANSACT_IOCTL 2
732 #define NT_TRANSACT_SET_SECURITY_DESC 3
733 #define NT_TRANSACT_NOTIFY_CHANGE 4
734 #define NT_TRANSACT_RENAME 5
735 #define NT_TRANSACT_QUERY_SECURITY_DESC 6
737 /* this is used on a TConX. I'm not sure the name is very helpful though */
738 #define SMB_SUPPORT_SEARCH_BITS 0x0001
739 #define SMB_SHARE_IN_DFS 0x0002
741 /* Named pipe write mode flags. Used in writeX calls. */
742 #define PIPE_RAW_MODE 0x4
743 #define PIPE_START_MESSAGE 0x8
745 /* the desired access to use when opening a pipe */
746 #define DESIRED_ACCESS_PIPE 0x2019f
749 /* Mapping of generic access rights for files to specific rights. */
750 #define FILE_GENERIC_ALL (STANDARD_RIGHTS_REQUIRED_ACCESS| NT_ACCESS_SYNCHRONIZE_ACCESS|FILE_ALL_ACCESS)
752 #define FILE_GENERIC_READ (STANDARD_RIGHTS_READ_ACCESS|FILE_READ_DATA|FILE_READ_ATTRIBUTES|\
753 FILE_READ_EA|NT_ACCESS_SYNCHRONIZE_ACCESS)
755 #define FILE_GENERIC_WRITE (STANDARD_RIGHTS_WRITE_ACCESS|FILE_WRITE_DATA|FILE_WRITE_ATTRIBUTES|\
756 FILE_WRITE_EA|FILE_APPEND_DATA|NT_ACCESS_SYNCHRONIZE_ACCESS)
758 #define FILE_GENERIC_EXECUTE (STANDARD_RIGHTS_EXECUTE_ACCESS|FILE_READ_ATTRIBUTES|\
759 FILE_EXECUTE|NT_ACCESS_SYNCHRONIZE_ACCESS)
762 /* FileAttributes (search attributes) field */
763 #define FILE_ATTRIBUTE_READONLY 0x0001
764 #define FILE_ATTRIBUTE_HIDDEN 0x0002
765 #define FILE_ATTRIBUTE_SYSTEM 0x0004
766 #define FILE_ATTRIBUTE_VOLUME 0x0008
767 #define FILE_ATTRIBUTE_DIRECTORY 0x0010
768 #define FILE_ATTRIBUTE_ARCHIVE 0x0020
769 #define FILE_ATTRIBUTE_DEVICE 0x0040
770 #define FILE_ATTRIBUTE_NORMAL 0x0080
771 #define FILE_ATTRIBUTE_TEMPORARY 0x0100
772 #define FILE_ATTRIBUTE_SPARSE 0x0200
773 #define FILE_ATTRIBUTE_REPARSE_POINT 0x0400
774 #define FILE_ATTRIBUTE_COMPRESSED 0x0800
775 #define FILE_ATTRIBUTE_OFFLINE 0x1000
776 #define FILE_ATTRIBUTE_NONINDEXED 0x2000
777 #define FILE_ATTRIBUTE_ENCRYPTED 0x4000
779 /* Flags - combined with attributes. */
780 #define FILE_FLAG_WRITE_THROUGH 0x80000000L
781 #define FILE_FLAG_NO_BUFFERING 0x20000000L
782 #define FILE_FLAG_RANDOM_ACCESS 0x10000000L
783 #define FILE_FLAG_SEQUENTIAL_SCAN 0x08000000L
784 #define FILE_FLAG_DELETE_ON_CLOSE 0x04000000L
785 #define FILE_FLAG_BACKUP_SEMANTICS 0x02000000L
786 #define FILE_FLAG_POSIX_SEMANTICS 0x01000000L
788 /* Responses when opening a file. */
789 #define FILE_WAS_SUPERSEDED 0
790 #define FILE_WAS_OPENED 1
791 #define FILE_WAS_CREATED 2
792 #define FILE_WAS_OVERWRITTEN 3
794 /* File type flags */
795 #define FILE_TYPE_DISK 0
796 #define FILE_TYPE_BYTE_MODE_PIPE 1
797 #define FILE_TYPE_MESSAGE_MODE_PIPE 2
798 #define FILE_TYPE_PRINTER 3
799 #define FILE_TYPE_COMM_DEVICE 4
800 #define FILE_TYPE_UNKNOWN 0xFFFF
802 /* Flag for NT transact rename call. */
803 #define RENAME_REPLACE_IF_EXISTS 1
805 /* flags for SMBntrename call */
806 #define RENAME_FLAG_MOVE_CLUSTER_INFORMATION 0x102 /* ???? */
807 #define RENAME_FLAG_HARD_LINK 0x103
808 #define RENAME_FLAG_RENAME 0x104
809 #define RENAME_FLAG_COPY 0x105
811 /* Filesystem Attributes. */
812 #define FILE_CASE_SENSITIVE_SEARCH 0x01
813 #define FILE_CASE_PRESERVED_NAMES 0x02
814 #define FILE_UNICODE_ON_DISK 0x04
815 /* According to cifs9f, this is 4, not 8 */
816 /* Acconding to testing, this actually sets the security attribute! */
817 #define FILE_PERSISTENT_ACLS 0x08
818 /* These entries added from cifs9f --tsb */
819 #define FILE_FILE_COMPRESSION 0x10
820 #define FILE_VOLUME_QUOTAS 0x20
821 /* I think this is wrong. JRA #define FILE_DEVICE_IS_MOUNTED 0x20 */
822 #define FILE_VOLUME_SPARSE_FILE 0x40
823 #define FILE_VOLUME_IS_COMPRESSED 0x8000
825 /* ChangeNotify flags. */
826 #define FILE_NOTIFY_CHANGE_FILE 0x001
827 #define FILE_NOTIFY_CHANGE_DIR_NAME 0x002
828 #define FILE_NOTIFY_CHANGE_ATTRIBUTES 0x004
829 #define FILE_NOTIFY_CHANGE_SIZE 0x008
830 #define FILE_NOTIFY_CHANGE_LAST_WRITE 0x010
831 #define FILE_NOTIFY_CHANGE_LAST_ACCESS 0x020
832 #define FILE_NOTIFY_CHANGE_CREATION 0x040
833 #define FILE_NOTIFY_CHANGE_EA 0x080
834 #define FILE_NOTIFY_CHANGE_SECURITY 0x100
835 #define FILE_NOTIFY_CHANGE_FILE_NAME 0x200
837 /* change notify action results */
838 #define NOTIFY_ACTION_ADDED 1
839 #define NOTIFY_ACTION_REMOVED 2
840 #define NOTIFY_ACTION_MODIFIED 3
841 #define NOTIFY_ACTION_OLD_NAME 4
842 #define NOTIFY_ACTION_NEW_NAME 5
843 #define NOTIFY_ACTION_ADDED_STREAM 6
844 #define NOTIFY_ACTION_REMOVED_STREAM 7
845 #define NOTIFY_ACTION_MODIFIED_STREAM 8
847 /* seek modes for smb_seek */
848 #define SEEK_MODE_START 0
849 #define SEEK_MODE_CURRENT 1
850 #define SEEK_MODE_END 2
852 /* where to find the base of the SMB packet proper */
853 /* REWRITE TODO: smb_base needs to be removed */
854 #define smb_base(buf) (((char *)(buf))+4)
856 /* we don't allow server strings to be longer than 48 characters as
857 otherwise NT will not honour the announce packets */
858 #define MAX_SERVER_STRING_LENGTH 48
861 #define SMB_SUCCESS 0 /* The request was successful. */
864 void dfs_unlogin(void);
865 extern int dcelogin_atmost_once;
869 char *strdup(char *s);
873 #define SIGNAL_CAST (RETSIGTYPE (*)(int))
880 /* these are used in NetServerEnum to choose what to receive */
881 #define SV_TYPE_WORKSTATION 0x00000001
882 #define SV_TYPE_SERVER 0x00000002
883 #define SV_TYPE_SQLSERVER 0x00000004
884 #define SV_TYPE_DOMAIN_CTRL 0x00000008
885 #define SV_TYPE_DOMAIN_BAKCTRL 0x00000010
886 #define SV_TYPE_TIME_SOURCE 0x00000020
887 #define SV_TYPE_AFP 0x00000040
888 #define SV_TYPE_NOVELL 0x00000080
889 #define SV_TYPE_DOMAIN_MEMBER 0x00000100
890 #define SV_TYPE_PRINTQ_SERVER 0x00000200
891 #define SV_TYPE_DIALIN_SERVER 0x00000400
892 #define SV_TYPE_SERVER_UNIX 0x00000800
893 #define SV_TYPE_NT 0x00001000
894 #define SV_TYPE_WFW 0x00002000
895 #define SV_TYPE_SERVER_MFPN 0x00004000
896 #define SV_TYPE_SERVER_NT 0x00008000
897 #define SV_TYPE_POTENTIAL_BROWSER 0x00010000
898 #define SV_TYPE_BACKUP_BROWSER 0x00020000
899 #define SV_TYPE_MASTER_BROWSER 0x00040000
900 #define SV_TYPE_DOMAIN_MASTER 0x00080000
901 #define SV_TYPE_SERVER_OSF 0x00100000
902 #define SV_TYPE_SERVER_VMS 0x00200000
903 #define SV_TYPE_WIN95_PLUS 0x00400000
904 #define SV_TYPE_DFS_SERVER 0x00800000
905 #define SV_TYPE_ALTERNATE_XPORT 0x20000000
906 #define SV_TYPE_LOCAL_LIST_ONLY 0x40000000
907 #define SV_TYPE_DOMAIN_ENUM 0x80000000
908 #define SV_TYPE_ALL 0xFFFFFFFF
910 /* This was set by JHT in liaison with Jeremy Allison early 1997
912 * Version 4.0 - never made public
913 * Version 4.10 - New to 1.9.16p2, lost in space 1.9.16p3 to 1.9.16p9
914 * - Reappeared in 1.9.16p11 with fixed smbd services
915 * Version 4.20 - To indicate that nmbd and browsing now works better
916 * Version 4.50 - Set at release of samba-2.2.0 by JHT
918 * Note: In the presence of NT4.X do not set above 4.9
919 * Setting this above 4.9 can have undesired side-effects.
920 * This may change again in Samba-3.0 after further testing. JHT
923 #define DEFAULT_MAJOR_VERSION 0x04
924 #define DEFAULT_MINOR_VERSION 0x09
926 /* Browser Election Values */
927 #define BROWSER_ELECTION_VERSION 0x010f
928 #define BROWSER_CONSTANT 0xaa55
930 /* Sercurity mode bits. */
931 #define NEGOTIATE_SECURITY_USER_LEVEL 0x01
932 #define NEGOTIATE_SECURITY_CHALLENGE_RESPONSE 0x02
933 #define NEGOTIATE_SECURITY_SIGNATURES_ENABLED 0x04
934 #define NEGOTIATE_SECURITY_SIGNATURES_REQUIRED 0x08
936 /* NT Flags2 bits - cifs6.txt section 3.1.2 */
938 #define FLAGS2_LONG_PATH_COMPONENTS 0x0001
939 #define FLAGS2_EXTENDED_ATTRIBUTES 0x0002
940 #define FLAGS2_SMB_SECURITY_SIGNATURES 0x0004
941 #define FLAGS2_IS_LONG_NAME 0x0040
942 #define FLAGS2_EXTENDED_SECURITY 0x0800
943 #define FLAGS2_DFS_PATHNAMES 0x1000
944 #define FLAGS2_READ_PERMIT_NO_EXECUTE 0x2000
945 #define FLAGS2_32_BIT_ERROR_CODES 0x4000
946 #define FLAGS2_UNICODE_STRINGS 0x8000
948 #define FLAGS2_WIN2K_SIGNATURE 0xC852 /* Hack alert ! For now... JRA. */
950 /* Capabilities. see ftp.microsoft.com/developr/drg/cifs/cifs/cifs4.txt */
952 #define CAP_RAW_MODE 0x0001
953 #define CAP_MPX_MODE 0x0002
954 #define CAP_UNICODE 0x0004
955 #define CAP_LARGE_FILES 0x0008
956 #define CAP_NT_SMBS 0x0010
957 #define CAP_RPC_REMOTE_APIS 0x0020
958 #define CAP_STATUS32 0x0040
959 #define CAP_LEVEL_II_OPLOCKS 0x0080
960 #define CAP_LOCK_AND_READ 0x0100
961 #define CAP_NT_FIND 0x0200
962 #define CAP_DFS 0x1000
963 #define CAP_W2K_SMBS 0x2000
964 #define CAP_LARGE_READX 0x4000
965 #define CAP_LARGE_WRITEX 0x8000
966 #define CAP_UNIX 0x800000 /* Capabilities for UNIX extensions. Created by HP. */
967 #define CAP_EXTENDED_SECURITY 0x80000000
970 * Global value meaing that the smb_uid field should be
971 * ingored (in share level security and protocol level == CORE)
974 #define UID_FIELD_INVALID 0
975 #define VUID_OFFSET 100 /* Amount to bias returned vuid numbers */
978 #define LOCKING_ANDX_SHARED_LOCK 0x1
979 #define LOCKING_ANDX_OPLOCK_RELEASE 0x2
980 #define LOCKING_ANDX_CHANGE_LOCKTYPE 0x4
981 #define LOCKING_ANDX_CANCEL_LOCK 0x8
982 #define LOCKING_ANDX_LARGE_FILES 0x10
985 #define OPLOCKLEVEL_NONE 0
986 #define OPLOCKLEVEL_II 1
993 #define EXCLUSIVE_OPLOCK 1
994 #define BATCH_OPLOCK 2
995 #define LEVEL_II_OPLOCK 4
997 #define CORE_OPLOCK_GRANTED (1<<5)
998 #define EXTENDED_OPLOCK_GRANTED (1<<15)
1001 * Return values for oplock types.
1004 #define NO_OPLOCK_RETURN 0
1005 #define EXCLUSIVE_OPLOCK_RETURN 1
1006 #define BATCH_OPLOCK_RETURN 2
1007 #define LEVEL_II_OPLOCK_RETURN 3
1010 * Loopback command offsets.
1013 #define OPBRK_CMD_LEN_OFFSET 0
1014 #define OPBRK_CMD_PORT_OFFSET 4
1015 #define OPBRK_CMD_HEADER_LEN 6
1017 #define OPBRK_MESSAGE_CMD_OFFSET 0
1020 #define OPLOCK_BREAK_CMD 0x1
1021 #define KERNEL_OPLOCK_BREAK_CMD 0x2
1022 #define LEVEL_II_OPLOCK_BREAK_CMD 0x3
1023 #define ASYNC_LEVEL_II_OPLOCK_BREAK_CMD 0x4
1026 * Capabilities abstracted for different systems.
1029 #define KERNEL_OPLOCK_CAPABILITY 0x1
1032 * Oplock break command code sent via the kernel interface (if it exists).
1036 * 0 2 2+devsize 2+devsize+inodesize
1037 * +----+--------+--------+----------+
1038 * | cmd| dev | inode | fileid |
1039 * +----+--------+--------+----------+
1041 #define KERNEL_OPLOCK_BREAK_DEV_OFFSET 2
1042 #define KERNEL_OPLOCK_BREAK_INODE_OFFSET (KERNEL_OPLOCK_BREAK_DEV_OFFSET + sizeof(SMB_DEV_T))
1043 #define KERNEL_OPLOCK_BREAK_FILEID_OFFSET (KERNEL_OPLOCK_BREAK_INODE_OFFSET + sizeof(SMB_INO_T))
1044 #define KERNEL_OPLOCK_BREAK_MSG_LEN (KERNEL_OPLOCK_BREAK_FILEID_OFFSET + sizeof(unsigned long))
1047 #define CMD_REPLY 0x8000
1049 #include "smb_macros.h"
1051 /* A netbios name structure. */
1055 unsigned int name_type;
1059 /* A netbios node status array element. */
1060 struct node_status {
1063 unsigned char flags;
1074 uchar smb_lm_pwd[16];
1075 uchar smb_nt_pwd[16];
1077 uchar smb_lm_owf[24];
1078 uchar smb_nt_owf[128];
1081 uchar lm_cli_chal[8];
1082 uchar nt_cli_chal[128];
1083 size_t nt_cli_chal_len;
1088 #include "rpc_misc.h"
1089 #include "rpc_secdes.h"
1091 typedef struct user_struct
1093 struct user_struct *next, *prev;
1094 uint16 vuid; /* Tag for this entry. */
1095 uid_t uid; /* uid of a validated user */
1096 gid_t gid; /* gid of a validated user */
1098 userdom_struct user;
1105 /* following groups stuff added by ih */
1106 /* This groups info is needed for when we become_user() for this uid */
1110 NT_USER_TOKEN *nt_user_token;
1112 DATA_BLOB session_key;
1114 char *session_keystr; /* used by utmp and pam session code.
1118 struct auth_serversupplied_info *server_info;
1122 struct unix_error_map {
1132 * Size of new password account encoding string. This is enough space to
1133 * hold 11 ACB characters, plus the surrounding [] and a terminating null.
1134 * Do not change unless you are adding new ACB bits!
1137 #define NEW_PW_FORMAT_SPACE_PADDED_LEN 14
1140 Do you want session setups at user level security with a invalid
1141 password to be rejected or allowed in as guest? WinNT rejects them
1142 but it can be a pain as it means "net view" needs to use a password
1144 You have 3 choices in the setting of map_to_guest:
1146 "NEVER_MAP_TO_GUEST" means session setups with an invalid password
1147 are rejected. This is the default.
1149 "MAP_TO_GUEST_ON_BAD_USER" means session setups with an invalid password
1150 are rejected, unless the username does not exist, in which case it
1151 is treated as a guest login
1153 "MAP_TO_GUEST_ON_BAD_PASSWORD" means session setups with an invalid password
1154 are treated as a guest login
1156 Note that map_to_guest only has an effect in user or server
1160 #define NEVER_MAP_TO_GUEST 0
1161 #define MAP_TO_GUEST_ON_BAD_USER 1
1162 #define MAP_TO_GUEST_ON_BAD_PASSWORD 2
1164 #define SAFE_NETBIOS_CHARS ". -_"
1166 /* generic iconv conversion structure */
1168 size_t (*direct)(void *cd, const char **inbuf, size_t *inbytesleft,
1169 char **outbuf, size_t *outbytesleft);
1170 size_t (*pull)(void *cd, const char **inbuf, size_t *inbytesleft,
1171 char **outbuf, size_t *outbytesleft);
1172 size_t (*push)(void *cd, const char **inbuf, size_t *inbytesleft,
1173 char **outbuf, size_t *outbytesleft);
1174 void *cd_direct, *cd_pull, *cd_push;
1175 char *from_name, *to_name;
1178 /* The maximum length of a trust account password.
1179 Used when we randomly create it, 15 char passwords
1180 exceed NT4's max password length */
1182 #define DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH 14
1185 /* a set of flags to control handling of request structures */
1186 #define REQ_CONTROL_PROTECTED (1<<0) /* don't destroy this request */
1187 #define REQ_CONTROL_LARGE (1<<1) /* allow replies larger than max_xmit */
1188 #define REQ_CONTROL_ASYNC (1<<2) /* the backend will answer this one later */
1190 /* passed to br lock code */
1191 enum brl_type {READ_LOCK, WRITE_LOCK, PENDING_LOCK};
1193 #include "popt_common.h"