Gerald Carter [Fri, 14 Jul 2000 16:31:06 +0000 (16:31 +0000)]
make proto
and a few changes to ntdomain for rpcclient printing functions
--jerry
Gerald Carter [Fri, 14 Jul 2000 16:29:22 +0000 (16:29 +0000)]
adding more spoolss command into rpcclient. They don't all work
currently. More to come later.
--jerry
Tim Potter [Thu, 13 Jul 2000 04:33:25 +0000 (04:33 +0000)]
Don't return winbind groups or users when responding to samr_enum_dom_users
and samr_enum_dom_aliases commands. Unfortunately the algorithm for
determining winbind groups from normal groups is simply to check for the
presence of the lp_winbind_separator() character. )-:
Tim Potter [Thu, 13 Jul 2000 01:21:21 +0000 (01:21 +0000)]
Uninitialised variables.
Jean-François Micouleau [Wed, 12 Jul 2000 16:11:33 +0000 (16:11 +0000)]
we are now sure the printer_info_2 timestamp is updated everytime
required.
J.F.
Jean-François Micouleau [Wed, 12 Jul 2000 14:10:40 +0000 (14:10 +0000)]
- The printers are indexed by the sharename in both get_a_printer() and
add_a_printer() now.
- correctly unpack the private part of a devmode and remove a memleak
- correctly retrieve the pair(value,data) for getprinterdata
- handle null devicemode in printer_info_2
I still have some bugs but I'm not crashing anymore NT4SP6 d/c build :-)
J.F.
Christopher R. Hertel [Wed, 12 Jul 2000 04:25:12 +0000 (04:25 +0000)]
An improved version of the Negative Query Response fix. The earlier fix
only did a short-cut on an rcode of 3, which is 'name not found'. This
does a short-cut on any non-zero rcode. It also puts out a DEBUG message
(if DEBUGLEVEL is >= 3) detailing the error.
Chris -)-----
Christopher R. Hertel [Wed, 12 Jul 2000 03:51:06 +0000 (03:51 +0000)]
Typo. It said "DEGUG" in the comments. I dunno how to degug, or gug for
that matter. crh
Gerald Carter [Tue, 11 Jul 2000 16:28:59 +0000 (16:28 +0000)]
#ifndef RPCCLIENT_TEST
use old prs_unistr()
#else
use new prs_unistr() which handles UNMARSHALL
#endif /* RPCCLIENT_TEST */
jerry
Jeremy Allison [Tue, 11 Jul 2000 01:05:24 +0000 (01:05 +0000)]
Allow name lookup to fail and fall back to using the "Everyone" SID
as SD owner. Allows smbd to work without winbindd running.
Check for security implications !
Jeremy.
Jeremy Allison [Tue, 11 Jul 2000 01:04:09 +0000 (01:04 +0000)]
Add local fallback for name lookup if no winbindd running...
Jeremy.
Jeremy Allison [Mon, 10 Jul 2000 22:30:13 +0000 (22:30 +0000)]
Ensure correct driver paths are returned in INFO_2 struct.
Jeremy.
Gerald Carter [Mon, 10 Jul 2000 19:58:18 +0000 (19:58 +0000)]
make proto
Gerald Carter [Mon, 10 Jul 2000 19:57:30 +0000 (19:57 +0000)]
spoolenum commend (when compiled with the new prs_unistr())
now works. :-)
jerry
Gerald Carter [Mon, 10 Jul 2000 19:56:15 +0000 (19:56 +0000)]
Fixed a bug in parsing the command line.
jerry
Gerald Carter [Mon, 10 Jul 2000 19:55:39 +0000 (19:55 +0000)]
included a a new prs_unistr(). Is currently #if'd out (denoted
by RPCCLIENT_TEST) in order to not break anything in the smbd
code (and to give time to review it). Originally written by JF.
In effect, this checkin makes no changes to parse_prs.c at all.
jerry
Tim Potter [Mon, 10 Jul 2000 06:42:47 +0000 (06:42 +0000)]
Added wbinfo and .libs
Tim Potter [Mon, 10 Jul 2000 06:41:04 +0000 (06:41 +0000)]
Fixes for various compile warnings on Solaris 8.
Tim Potter [Mon, 10 Jul 2000 05:40:43 +0000 (05:40 +0000)]
Moved winbind client functions from various odd locations to
nsswitch/wb_client.c
Merge of nsswitch/common.c rename to nsswitch/wb_common.c from TNG.
Tim Potter [Mon, 10 Jul 2000 05:17:01 +0000 (05:17 +0000)]
make proto
Tim Potter [Mon, 10 Jul 2000 05:08:21 +0000 (05:08 +0000)]
Re-instated lanman printing security checks (oops).
A user can now pause, resume or delete their own job even if they don't
have the Manage Documents privilege.
Added call to se_access_check() for changing printer properties. The Full
Access privilege is required for the user to perform this.
Several uninitialised variables and memory leaks plugged.
Modified default ACL created on new printers to be Everyone / Print instead
of Everyone / Full Access. This required some random stuffing around with
the value of the revision field to correspond with the ACL that NT produces
when setting the same permission on the printer.
Fixed dodgy function call in printing/printfsp.c
Tim Potter [Mon, 10 Jul 2000 04:57:09 +0000 (04:57 +0000)]
Spelling fixes.
Tim Potter [Mon, 10 Jul 2000 04:56:30 +0000 (04:56 +0000)]
Fix for passing NULL pointer as an array parameter in
domain_client_validate()
Tim Potter [Mon, 10 Jul 2000 04:54:09 +0000 (04:54 +0000)]
Added some useful debugging stuff.
Fixes for se_access_check() when you are the owner of the object.
Christopher R. Hertel [Sun, 9 Jul 2000 02:10:24 +0000 (02:10 +0000)]
Quick change to short-circuit WINS queries if the WINS server returns a
Negative Name Query Response. We should't wait through the timeouts and
retry twice if we've been told "No Such Entry".
Gerald Carter [Fri, 7 Jul 2000 06:24:16 +0000 (06:24 +0000)]
Just a few changes due to bringing some partial files back
from TNG to HEAD.
--jerry
Gerald Carter [Fri, 7 Jul 2000 06:20:46 +0000 (06:20 +0000)]
More rpcclient merge issues:
* fixes some readline bugs from the merge
* first attempt at commands (spoolenum almost works)
* no changes to existing functions in HEAD; only additions
of new functions. I'll weed out what I can as I go.
--jerry
Gerald Carter [Fri, 7 Jul 2000 06:18:00 +0000 (06:18 +0000)]
More rpcclient merge issues:
* fixes some readline bugs from the merge
* first attempt at commands (spoolenum almost works)
* no changes to existing functions in HEAD; only additions
of new functions. I'll weed out what I can as I go.
--jerry
Jeremy Allison [Thu, 6 Jul 2000 23:31:46 +0000 (23:31 +0000)]
printing/nt_printing.c: (From JF) use the driver name - already given to us.
printing/printing.c: priority needs to be 1 not zero (found by checked build).
rpc_server/srv_spoolss_nt.c: Log invalid handle access, also print out if this is a different
pid handle. This will help track down client access after a connection
is closed.
Jeremy.
Tim Potter [Thu, 6 Jul 2000 07:12:13 +0000 (07:12 +0000)]
se_access_check() tests.
Tim Potter [Thu, 6 Jul 2000 07:10:32 +0000 (07:10 +0000)]
Don't check NT permissions when printing from lanman.
Tim Potter [Thu, 6 Jul 2000 07:06:05 +0000 (07:06 +0000)]
Implemented NT printer descriptor checking. Yay!
User details are passed into the printing back end from the spoolss code.
For each print operation these details are checked using the
se_access_check() function using information from the winbind daemon.
Fixed bug in nt_printing_setsec() where the user and group SIDs were
trashed if the permissions were changed from NT. It is necessary to merge
these sids from the previous value of the security descriptor before
storing it in the tdb.
Tim Potter [Thu, 6 Jul 2000 07:01:37 +0000 (07:01 +0000)]
Moved authenticated pipe user details into a current_user struct.
Tim Potter [Thu, 6 Jul 2000 07:00:24 +0000 (07:00 +0000)]
Moved printer ACE mask values from nt_printing.h to rpc_spoolss.h
Tim Potter [Thu, 6 Jul 2000 06:59:27 +0000 (06:59 +0000)]
Include nss.h if present or define enough values to allow client access to
winbind.
Tim Potter [Thu, 6 Jul 2000 06:57:22 +0000 (06:57 +0000)]
Rewrite of se_access_check() function. Added comments and fixed a bunch of
bugs. I think there is a problem though with the permissions granted when
SEC_RIGHTS_MAXIMUM_ALLOWED is passed as the permissions requested.
Tim Potter [Thu, 6 Jul 2000 06:53:47 +0000 (06:53 +0000)]
Pass either an authenticated pipe or SMB user in a current_user struct down
to the printing back end functions.
Tim Potter [Thu, 6 Jul 2000 06:51:55 +0000 (06:51 +0000)]
Pass pipes_struct rather than vuid down to startdocprinter, setprinter and
setjob spoolss server commands.
Tim Potter [Thu, 6 Jul 2000 06:48:54 +0000 (06:48 +0000)]
Added global_sid_NULL S-1-0-0 to list of global sids.
Tim Potter [Thu, 6 Jul 2000 06:48:01 +0000 (06:48 +0000)]
Make prototypes for functions returning an enum nss_status.
Tim Potter [Thu, 6 Jul 2000 06:47:38 +0000 (06:47 +0000)]
Changed checking for WINBINDD_OK return value instead of NSS_STATUS_SUCCESS
when looking up sids from winbindd.
Tim Potter [Thu, 6 Jul 2000 06:43:30 +0000 (06:43 +0000)]
Moved lib/util_seaccess.o from LIB_OBJ to SMBD1_OBJ as it is only used by
smbd.
Andrew Tridgell [Thu, 6 Jul 2000 03:54:22 +0000 (03:54 +0000)]
new protos
Andrew Tridgell [Thu, 6 Jul 2000 03:54:07 +0000 (03:54 +0000)]
the smbw sample prog
Andrew Tridgell [Thu, 6 Jul 2000 03:53:49 +0000 (03:53 +0000)]
don't need shmem any more
Andrew Tridgell [Thu, 6 Jul 2000 03:52:47 +0000 (03:52 +0000)]
wrote a little sample smbw program
build using "make bin/smbw_sample"
this is to show people how to use smbw
Andrew Tridgell [Thu, 6 Jul 2000 03:39:11 +0000 (03:39 +0000)]
added -L option
Andrew Tridgell [Thu, 6 Jul 2000 02:28:44 +0000 (02:28 +0000)]
got smbw to compile again on Linux
Tim Potter [Thu, 6 Jul 2000 01:30:41 +0000 (01:30 +0000)]
Bracked unbracketed macro arguments while looking for another bug.
Tim Potter [Wed, 5 Jul 2000 11:24:26 +0000 (11:24 +0000)]
Merge of wbinfo program from TNG.
Jean-François Micouleau [Tue, 4 Jul 2000 22:51:05 +0000 (22:51 +0000)]
the dummy field in driver_info_6 is before the driver version and not
after.
I don't know who broke all that code, but I'm ******** (censured)
J.F.
Jean-François Micouleau [Tue, 4 Jul 2000 21:58:45 +0000 (21:58 +0000)]
driver_info_6 had a prs_align() that should not have been there.
J.F.
Tim Potter [Mon, 3 Jul 2000 06:52:31 +0000 (06:52 +0000)]
Some more sec_ctx changes. Modified some fields in the pipe_struct
structure so authenticated pipe users can have their unix groups set when
become_authenticated_pipe_user() is called.
Gerald Carter [Mon, 3 Jul 2000 04:29:17 +0000 (04:29 +0000)]
first pass at merging rpcclient from TNG to HEAD. You can get a
semi-connection and a rpcclient prompt, but no functionality there yet.
Will be a few more days on that.
I need to clean this up a little. Will work on that some more.
--jerry
Gerald Carter [Mon, 3 Jul 2000 04:28:29 +0000 (04:28 +0000)]
first pass at merging rpcclient from TNG to HEAD. You can get a
semi-connection and a rpcclient prompt, but no functionality there yet.
Will be a few more days on that.
--jerry
Gerald Carter [Mon, 3 Jul 2000 04:26:37 +0000 (04:26 +0000)]
first pass at merging rpcclient from TNG to HEAD. You can get a
semi-connection and a rpcclient prompt, but no functionality there yet.
Will be a few more days on that.
The changes to the header files were minor. A few struct's and a few
additional fields to existing ones. No deletions. **minimal change
necessary** :-) Well, maybe not minimal, but I tried.
All other programs compile, link and run ok from what I can tell so
I don;t think I broke anything.
--jerry
Gerald Carter [Mon, 3 Jul 2000 04:24:31 +0000 (04:24 +0000)]
first pass at merging rpcclient from TNG to HEAD. You can get a
semi-connection and a rpcclient prompt, but no functionality there yet.
Will be a few more days on that.
These files changed only with the addition of some support functions
from TNG
--jerry
Tim Potter [Mon, 3 Jul 2000 00:58:13 +0000 (00:58 +0000)]
Renamed generic_request() to winbindd_request()
Tim Potter [Mon, 3 Jul 2000 00:57:15 +0000 (00:57 +0000)]
Re-ran autoconf
Jean-François Micouleau [Sat, 1 Jul 2000 16:40:10 +0000 (16:40 +0000)]
reverting Jeremy's changes to enumprinterdata.
Jeremy, the out_max_value_len and out_max_data_len were good. Your change
is breaking NT4SP6 checked version.
J.F.
Jean-François Micouleau [Sat, 1 Jul 2000 09:34:37 +0000 (09:34 +0000)]
Found that the minimum priority is 1 and not 0 on NT.
Changed back the devicemode's devicename to "\\server\printer".
I'm 100% sure it is correct, it's what NT sends on the wire. And that's
the printer's name and NOT the port's name as it has to be unique. It must
also be a UNC because it's a remote printer (remote for the client).
J.F.
Jeremy Allison [Sat, 1 Jul 2000 05:44:49 +0000 (05:44 +0000)]
Removed unneccessary ()'s afer &'s that made it look like we
don't know how the C language works :-).
Jeremy
Tim Potter [Fri, 30 Jun 2000 06:48:47 +0000 (06:48 +0000)]
Merge from TNG.
Tim Potter [Fri, 30 Jun 2000 06:18:42 +0000 (06:18 +0000)]
Added more args to smbclient wrapper - there's probably a better way
to do this.
Tim Potter [Fri, 30 Jun 2000 06:10:36 +0000 (06:10 +0000)]
Updated documentation for wbinfo and winbindd.
Jeremy Allison [Fri, 30 Jun 2000 01:07:26 +0000 (01:07 +0000)]
Fixed oops with missing MANGLE_PATH directive.
Jeremy.
Andrew Tridgell [Thu, 29 Jun 2000 08:23:56 +0000 (08:23 +0000)]
simpler configure test
Andrew Tridgell [Thu, 29 Jun 2000 08:22:00 +0000 (08:22 +0000)]
slightly saner defaults
Jeremy Allison [Thu, 29 Jun 2000 00:52:40 +0000 (00:52 +0000)]
Tidy up current spool code - added some JRATEST ifdefs to allow
experimentation with what is making spoolss.exe crash - may be removed
later.
Jeremy.
Jeremy Allison [Wed, 28 Jun 2000 16:52:59 +0000 (16:52 +0000)]
Removed extra uint32 field in auto-notify reply. This fixes some spoolss.exe
crashes but there are still more to work on.
Jeremy.
Jeremy Allison [Mon, 26 Jun 2000 22:08:20 +0000 (22:08 +0000)]
Changing drivers using the properties page works - but only if getting/setting
security descriptors is disabled (as it is in this code).
If get/set sd's is enabled spooler.exe crashes on NT.
I'll investigate and fix that issue next.
Jeremy.
Jeremy Allison [Mon, 26 Jun 2000 17:41:06 +0000 (17:41 +0000)]
Fixed display of "Everyone" in SD's.
Jeremy.
Andrew Tridgell [Mon, 26 Jun 2000 08:18:42 +0000 (08:18 +0000)]
fixed size alignment in talloc
Jeremy Allison [Sat, 24 Jun 2000 00:15:08 +0000 (00:15 +0000)]
lib/util_sid.c: Uninitialized memory read.
rpc_parse/parse_spoolss.c: Added note about prs_align when marshalling a SEC_DESC...
rpc_server/srv_lsa.c: Tim - your changes broke the display of the 'everyone' group
when doing file access with no winbindd running. This is a partial
fix - more when I have analysed this more.
rpc_server/srv_spoolss_nt.c: Fix for the 'change driver' problem ! Hurrah !
Jeremy.
Jeremy Allison [Fri, 23 Jun 2000 19:57:42 +0000 (19:57 +0000)]
Fix a malloc of zero problem.
Jeremy.
Jeremy Allison [Fri, 23 Jun 2000 17:31:38 +0000 (17:31 +0000)]
lib/util_unistr.c: Off-by-one fix for dos_PutUniStr from John Reilly jreilly@hp.com.
Memory leak fix for new sec_ctx code (sorry Tim :-).
Jeremy.
Tim Potter [Fri, 23 Jun 2000 07:02:59 +0000 (07:02 +0000)]
Don't return a value for a void function.
Tim Potter [Fri, 23 Jun 2000 07:00:43 +0000 (07:00 +0000)]
Test harness stuff for compiling things.
Tim Potter [Fri, 23 Jun 2000 06:53:33 +0000 (06:53 +0000)]
make proto
Tim Potter [Fri, 23 Jun 2000 06:47:11 +0000 (06:47 +0000)]
Some compile fixes.
Tim Potter [Fri, 23 Jun 2000 06:43:08 +0000 (06:43 +0000)]
Got a bit carried away deleting things.
Tim Potter [Fri, 23 Jun 2000 06:36:22 +0000 (06:36 +0000)]
Removed unused variables.
Tim Potter [Fri, 23 Jun 2000 06:31:45 +0000 (06:31 +0000)]
Added parenthesis around definition of PRINTER_ACE_PRINT.
Tim Potter [Fri, 23 Jun 2000 06:27:05 +0000 (06:27 +0000)]
Added return for become_authenticated_pipe_user() function.
Tim Potter [Fri, 23 Jun 2000 06:21:08 +0000 (06:21 +0000)]
Tests for new security context stuff.
Tim Potter [Fri, 23 Jun 2000 06:20:03 +0000 (06:20 +0000)]
make proto
Tim Potter [Fri, 23 Jun 2000 06:19:26 +0000 (06:19 +0000)]
Added MAX_SEC_CTX_DEPTH
Tim Potter [Fri, 23 Jun 2000 05:57:48 +0000 (05:57 +0000)]
Delete OriginalDir stuff.
Tim Potter [Fri, 23 Jun 2000 05:57:20 +0000 (05:57 +0000)]
Moved some static functions to sec_ctx.c
Implemented become_root() and friends in terms of push/pop/set security
contexts.
Tim Potter [Fri, 23 Jun 2000 05:55:41 +0000 (05:55 +0000)]
Added smbd/sec_ctx.o to smbd objects.
Tim Potter [Fri, 23 Jun 2000 05:54:49 +0000 (05:54 +0000)]
Call init_sec_ctx() instead of init_uid().
Delete OriginalDir stuff.
Tim Potter [Fri, 23 Jun 2000 05:53:18 +0000 (05:53 +0000)]
Removed save directory argument to become_root() calls. Probably most of
this stuff doesn't need to be done as root anyway.
Tim Potter [Fri, 23 Jun 2000 05:49:11 +0000 (05:49 +0000)]
I've been working on refactoring some of the mess that is the become_user()
code. This code is now implemented as a stack of security contexts, where
a security context is defined as a set of effective user, group and
supplementary group ids.
The following functions are implemented:
BOOL push_sec_ctx(void);
Create a new security context on the stack which is the same as the
current security context.
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups);
Set the current security context to a given set of user and group
ids.
void set_root_sec_ctx(void);
Set to uid = gid = 0. No supplementary groups are set.
BOOL pop_sec_ctx(void);
Pop a security context from the stack and restore the user and group
permissions of the previous context.
void init_sec_ctx(void);
Initialise the security context stack. This must be called before any
of the other operations are used or weird things may happen.
The idea is that there is a base security context which is either root or
some authenticated unix user. Other security contexts can be pushed and
popped as needed for things like changing passwords, or rpc pipe operations
where the rpc pipe user is different from the smb user.
Gerald Carter [Fri, 23 Jun 2000 00:09:21 +0000 (00:09 +0000)]
just enough to get rpcclient to compile. Look for #if 0
blocks around a few unimplemented functions. Also had to
add cli_reg.c to Makefile.in
--jerry
Jeremy Allison [Thu, 22 Jun 2000 23:59:22 +0000 (23:59 +0000)]
Changed enumports to show printernames as ports. In line with 'the grand plan' :-)
Gerald & I discussed with HP. More changes to follow.
Jeremy.
Jeremy Allison [Thu, 22 Jun 2000 01:39:17 +0000 (01:39 +0000)]
lib/util_unistr.c: Removed ascii_to_unistr() as it does no codepage.
Removed unistr_to_ascii() as it was never used.
printing/nt_printing.c: Removed "DUMMY.XX" files.
rpc_server/srv_spoolss_nt.c: Use dos_PutUniCode() instead of ascii_to_unistr().
Attempted to fix the "return value" size code based on J.F's
comments. This needs looking at.
Jeremy.
Andrew Tridgell [Wed, 21 Jun 2000 12:14:51 +0000 (12:14 +0000)]
fixed two minor bugs in new sys_select()
Tim Potter [Wed, 21 Jun 2000 06:26:21 +0000 (06:26 +0000)]
A neater way of solving the S_ISSOCK, S_ISFIFO problem.
Moved the S_* macros from smb.h to includes.h
Jeremy Allison [Wed, 21 Jun 2000 02:24:59 +0000 (02:24 +0000)]
Changed default printer driver to "" from NULL.
Jeremy.
Jeremy Allison [Tue, 20 Jun 2000 23:58:56 +0000 (23:58 +0000)]
Fixes for Win2k "add printer driver" INFO_LEVEL_6 was wrong, also some
memory fixes.
Jeremy.