diff options
Diffstat (limited to 'source/include')
-rw-r--r-- | source/include/ads.h | 3 | ||||
-rw-r--r-- | source/include/client.h | 2 | ||||
-rw-r--r-- | source/include/includes.h | 2 | ||||
-rw-r--r-- | source/include/passdb.h | 6 | ||||
-rw-r--r-- | source/include/privileges.h | 65 | ||||
-rw-r--r-- | source/include/rpc_lsa.h | 20 | ||||
-rw-r--r-- | source/include/rpc_misc.h | 7 | ||||
-rw-r--r-- | source/include/rpc_reg.h | 40 | ||||
-rw-r--r-- | source/include/rpc_samr.h | 8 | ||||
-rw-r--r-- | source/include/smb.h | 8 | ||||
-rw-r--r-- | source/include/smbldap.h | 3 | ||||
-rw-r--r-- | source/include/vfs_macros.h | 4 |
12 files changed, 116 insertions, 52 deletions
diff --git a/source/include/ads.h b/source/include/ads.h index de020f2a3f4..27f9384d5d0 100644 --- a/source/include/ads.h +++ b/source/include/ads.h @@ -76,9 +76,6 @@ typedef void **ADS_MODLIST; /* time between reconnect attempts */ #define ADS_RECONNECT_TIME 5 -/* timeout on searches */ -#define ADS_SEARCH_TIMEOUT 10 - /* ldap control oids */ #define ADS_PAGE_CTL_OID "1.2.840.113556.1.4.319" #define ADS_NO_REFERRALS_OID "1.2.840.113556.1.4.1339" diff --git a/source/include/client.h b/source/include/client.h index b556538f743..c182544362f 100644 --- a/source/include/client.h +++ b/source/include/client.h @@ -123,7 +123,7 @@ struct cli_state { of the pipe we're talking to, if any */ - uint16 nt_pipe_fnum; /* Pipe handle. */ + uint16 nt_pipe_fnum[PI_MAX_PIPES]; /* Pipe handle. */ /* Secure pipe parameters */ int pipe_auth_flags; diff --git a/source/include/includes.h b/source/include/includes.h index 66ff4fa9f02..45c7133f1ea 100644 --- a/source/include/includes.h +++ b/source/include/includes.h @@ -814,6 +814,8 @@ extern int errno; #include "version.h" +#include "privileges.h" + #include "smb.h" #include "nameserv.h" diff --git a/source/include/passdb.h b/source/include/passdb.h index db6bc2ac75e..1b9ccc50ee4 100644 --- a/source/include/passdb.h +++ b/source/include/passdb.h @@ -241,7 +241,7 @@ struct acct_info * this SAMBA will load. Increment this if *ANY* changes are made to the interface. */ -#define PASSDB_INTERFACE_VERSION 5 +#define PASSDB_INTERFACE_VERSION 6 typedef struct pdb_context { @@ -251,7 +251,7 @@ typedef struct pdb_context /* These functions are wrappers for the functions listed above. They may do extra things like re-reading a SAM_ACCOUNT on update */ - NTSTATUS (*pdb_setsampwent)(struct pdb_context *, BOOL update); + NTSTATUS (*pdb_setsampwent)(struct pdb_context *, BOOL update, uint16 acb_mask); void (*pdb_endsampwent)(struct pdb_context *); @@ -349,7 +349,7 @@ typedef struct pdb_methods struct pdb_methods *next; struct pdb_methods *prev; - NTSTATUS (*setsampwent)(struct pdb_methods *, BOOL update); + NTSTATUS (*setsampwent)(struct pdb_methods *, BOOL update, uint16 acb_mask); void (*endsampwent)(struct pdb_methods *); diff --git a/source/include/privileges.h b/source/include/privileges.h index b7e1b44c2af..76cabf3ba90 100644 --- a/source/include/privileges.h +++ b/source/include/privileges.h @@ -4,6 +4,8 @@ Copyright (C) Andrew Tridgell 1992-1997 Copyright (C) Luke Kenneth Casson Leighton 1996-1997 Copyright (C) Paul Ashton 1997 + Copyright (C) Simo Sorce 2003 + Copyright (C) Gerald (Jerry) Carter 2004 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -23,22 +25,62 @@ #ifndef PRIVILEGES_H #define PRIVILEGES_H -#define PRIV_ALL_INDEX 5 +/* privilege bitmask */ -#define SE_PRIV_NONE 0x0000 -#define SE_PRIV_ADD_MACHINES 0x0006 -#define SE_PRIV_SEC_PRIV 0x0008 -#define SE_PRIV_TAKE_OWNER 0x0009 -#define SE_PRIV_ADD_USERS 0xff01 -#define SE_PRIV_PRINT_OPERATOR 0xff03 -#define SE_PRIV_ALL 0xffff +#define SE_PRIV_MASKSIZE 4 +typedef struct { + uint32 mask[SE_PRIV_MASKSIZE]; +} SE_PRIV; + + +/* common privilege defines */ + +#define SE_END { { 0x00000000, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_NONE { { 0x00000000, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_ALL_PRIVS { { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF } } + + +/* + * We will use our own set of privileges since it makes no sense + * to implement all of the Windows set when only a portion will + * be used. Use 128-bit mask to give room to grow. + */ + +#define SE_NETWORK_LOGON { { 0x00000001, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_INTERACTIVE_LOGON { { 0x00000002, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_BATCH_LOGON { { 0x00000004, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_SERVICE_LOGON { { 0x00000008, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_MACHINE_ACCOUNT { { 0x00000010, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_PRINT_OPERATOR { { 0x00000020, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_ADD_USERS { { 0x00000040, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_DISK_OPERATOR { { 0x00000080, 0x00000000, 0x00000000, 0x00000000 } } +#define SE_REMOTE_SHUTDOWN { { 0x00000100, 0x00000000, 0x00000000, 0x00000000 } } + +/* defined in lib/privilegs.c */ + +extern const SE_PRIV se_machine_account; +extern const SE_PRIV se_print_operator; +extern const SE_PRIV se_add_users; +extern const SE_PRIV se_disk_operators; +extern const SE_PRIV se_remote_shutdown; + + +/* + * These are used in Lsa replies (srv_lsa_nt.c) + */ #define PR_NONE 0x0000 #define PR_LOG_ON_LOCALLY 0x0001 #define PR_ACCESS_FROM_NETWORK 0x0002 #define PR_LOG_ON_BATCH_JOB 0x0004 #define PR_LOG_ON_SERVICE 0x0010 + +#ifndef _BOOL +typedef int BOOL; +#define _BOOL /* So we don't typedef BOOL again in vfs.h */ +#endif + typedef struct LUID { uint32 low; @@ -49,7 +91,7 @@ typedef struct LUID_ATTR { LUID luid; uint32 attr; -} LUID_ATTR ; +} LUID_ATTR; typedef struct privilege_set { @@ -61,10 +103,9 @@ typedef struct privilege_set } PRIVILEGE_SET; typedef struct _PRIVS { - uint32 se_priv; - const char *priv; + SE_PRIV se_priv; + const char *name; const char *description; } PRIVS; - #endif /* PRIVILEGES_H */ diff --git a/source/include/rpc_lsa.h b/source/include/rpc_lsa.h index 43ffa37d597..a2bc72d2b2e 100644 --- a/source/include/rpc_lsa.h +++ b/source/include/rpc_lsa.h @@ -635,6 +635,20 @@ typedef struct lsa_r_unk_get_connuser } LSA_R_UNK_GET_CONNUSER; +typedef struct lsa_q_createaccount +{ + POLICY_HND pol; /* policy handle */ + DOM_SID2 sid; + uint32 access; /* access */ +} LSA_Q_CREATEACCOUNT; + +typedef struct lsa_r_createaccount +{ + POLICY_HND pol; /* policy handle */ + NTSTATUS status; +} LSA_R_CREATEACCOUNT; + + typedef struct lsa_q_openaccount { POLICY_HND pol; /* policy handle */ @@ -657,7 +671,7 @@ typedef struct lsa_r_enumprivsaccount { uint32 ptr; uint32 count; - PRIVILEGE_SET *set; + PRIVILEGE_SET set; NTSTATUS status; } LSA_R_ENUMPRIVSACCOUNT; @@ -703,7 +717,7 @@ typedef struct lsa_q_addprivs { POLICY_HND pol; /* policy handle */ uint32 count; - PRIVILEGE_SET *set; + PRIVILEGE_SET set; } LSA_Q_ADDPRIVS; typedef struct lsa_r_addprivs @@ -718,7 +732,7 @@ typedef struct lsa_q_removeprivs uint32 allrights; uint32 ptr; uint32 count; - PRIVILEGE_SET *set; + PRIVILEGE_SET set; } LSA_Q_REMOVEPRIVS; typedef struct lsa_r_removeprivs diff --git a/source/include/rpc_misc.h b/source/include/rpc_misc.h index ee8208e90ea..6abc85a4cac 100644 --- a/source/include/rpc_misc.h +++ b/source/include/rpc_misc.h @@ -124,11 +124,6 @@ typedef struct unihdr2_info uint32 buffer; /* 32 bit buffer pointer */ } UNIHDR2; -/* clueless as to what maximum length should be */ -#define MAX_UNISTRLEN 256 -#define MAX_STRINGLEN 256 -#define MAX_BUFFERLEN 512 - /* UNISTR - unicode string size and buffer */ typedef struct unistr_info { @@ -408,7 +403,7 @@ BUFHDR4; typedef struct buffer4_info { uint32 buf_len; - uint8 buffer[MAX_BUFFERLEN]; + uint8 *buffer; } BUFFER4; diff --git a/source/include/rpc_reg.h b/source/include/rpc_reg.h index 46ec88283df..bfb5f1e0763 100644 --- a/source/include/rpc_reg.h +++ b/source/include/rpc_reg.h @@ -158,7 +158,7 @@ typedef struct q_reg_open_hkcr_info typedef struct r_reg_open_hkcr_info { POLICY_HND pol; /* policy handle */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_OPEN_HKCR; @@ -178,7 +178,7 @@ REG_Q_OPEN_HKLM; typedef struct r_reg_open_hklm_info { POLICY_HND pol; /* policy handle */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_OPEN_HKLM; @@ -198,7 +198,7 @@ typedef struct q_reg_open_hku_info typedef struct r_reg_open_hku_info { POLICY_HND pol; /* policy handle */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_OPEN_HKU; @@ -213,7 +213,7 @@ typedef struct q_reg_open_flush_key_info /* REG_R_FLUSH_KEY */ typedef struct r_reg_open_flush_key_info { - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_FLUSH_KEY; @@ -234,7 +234,7 @@ typedef struct q_reg_set_key_sec_info /* REG_R_SET_KEY_SEC */ typedef struct r_reg_set_key_sec_info { - NTSTATUS status; + WERROR status; } REG_R_SET_KEY_SEC; @@ -261,7 +261,7 @@ typedef struct r_reg_get_key_sec_info BUFHDR hdr_sec; /* header for security data */ SEC_DESC_BUF *data; /* security data */ - NTSTATUS status; + WERROR status; } REG_R_GET_KEY_SEC; @@ -282,7 +282,7 @@ typedef struct q_reg_create_value_info /* REG_R_CREATE_VALUE */ typedef struct r_reg_create_value_info { - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_CREATE_VALUE; @@ -329,7 +329,7 @@ typedef struct r_reg_enum_value_info uint32 ptr2; /* pointer */ uint32 len_value2; /* */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_ENUM_VALUE; @@ -365,7 +365,7 @@ typedef struct r_reg_create_key_info POLICY_HND key_pol; /* policy handle */ uint32 unknown; /* 0x0000 0000 */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_CREATE_KEY; @@ -383,7 +383,7 @@ typedef struct r_reg_delete_key_info { POLICY_HND key_pol; /* policy handle */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_DELETE_KEY; @@ -402,7 +402,7 @@ typedef struct r_reg_delete_val_info { POLICY_HND key_pol; /* policy handle */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_DELETE_VALUE; @@ -430,7 +430,7 @@ typedef struct r_reg_query_key_info uint32 sec_desc; /* 0x0000 0078 */ NTTIME mod_time; /* modified time */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_QUERY_KEY; @@ -446,7 +446,7 @@ typedef struct q_reg_unk_1a_info typedef struct r_reg_unk_1a_info { uint32 unknown; /* 0x0500 0000 */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_UNKNOWN_1A; @@ -468,7 +468,7 @@ typedef struct q_reg_unknown_14 /* REG_R_UNKNOWN_1A */ typedef struct r_reg_unknown_14 { - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_SAVE_KEY; @@ -486,7 +486,7 @@ typedef struct reg_r_close_info { POLICY_HND pol; /* policy handle. should be all zeros. */ - NTSTATUS status; /* return code */ + WERROR status; /* return code */ } REG_R_CLOSE; @@ -531,7 +531,7 @@ typedef struct r_reg_enum_key_info uint32 ptr3; /* pointer */ NTTIME time; /* current time? */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_ENUM_KEY; @@ -575,7 +575,7 @@ typedef struct r_reg_info_info uint32 ptr_len; uint32 buf_len; - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_INFO; @@ -599,7 +599,7 @@ typedef struct q_reg_open_entry_info typedef struct r_reg_open_entry_info { POLICY_HND pol; /* policy handle */ - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_OPEN_ENTRY; @@ -620,7 +620,7 @@ typedef struct q_reg_shutdown_info /* REG_R_SHUTDOWN */ typedef struct r_reg_shutdown_info { - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_SHUTDOWN; @@ -635,7 +635,7 @@ typedef struct q_reg_abort_shutdown_info /* REG_R_ABORT_SHUTDOWN */ typedef struct r_reg_abort_shutdown_info { - NTSTATUS status; /* return status */ + WERROR status; /* return status */ } REG_R_ABORT_SHUTDOWN; diff --git a/source/include/rpc_samr.h b/source/include/rpc_samr.h index 9945f674c82..a007bcd2e57 100644 --- a/source/include/rpc_samr.h +++ b/source/include/rpc_samr.h @@ -412,6 +412,13 @@ typedef struct sam_user_info_10 } SAM_USER_INFO_10; +/* SAM_USER_INFO_7 */ +typedef struct sam_user_info_7 +{ + UNIHDR hdr_name; /* unicode header for name */ + UNISTR2 uni_name; /* unicode string for name */ + +} SAM_USER_INFO_7; /* SAMR_Q_CLOSE_HND - probably a policy handle close */ @@ -1273,6 +1280,7 @@ typedef struct sam_userinfo_ctr_info union { + SAM_USER_INFO_7 *id7; /* auth-level 0x07 */ SAM_USER_INFO_10 *id10; /* auth-level 0x10 */ SAM_USER_INFO_11 *id11; /* auth-level 0x11 */ SAM_USER_INFO_12 *id12; /* auth-level 0x12 */ diff --git a/source/include/smb.h b/source/include/smb.h index a7db0c0a868..913061014db 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -281,6 +281,11 @@ typedef struct sid_info } DOM_SID; +typedef struct sid_list { + uint32 count; + DOM_SID *list; +} SID_LIST; + /* * The complete list of SIDS belonging to this user. * Created when a vuid is registered. @@ -297,6 +302,7 @@ typedef struct sid_info typedef struct _nt_user_token { size_t num_sids; DOM_SID *user_sids; + SE_PRIV privileges; } NT_USER_TOKEN; /*** query a local group, get a list of these: shows who is in that group ***/ @@ -638,7 +644,7 @@ typedef struct { #define AP_RESET_COUNT_TIME 7 #define AP_BAD_ATTEMPT_LOCKOUT 8 #define AP_TIME_TO_LOGOUT 9 - +#define AP_REFUSE_MACHINE_PW_CHANGE 10 /* * Flags for local user manipulation. diff --git a/source/include/smbldap.h b/source/include/smbldap.h index 47f336cdb7a..adb51430dc6 100644 --- a/source/include/smbldap.h +++ b/source/include/smbldap.h @@ -1,5 +1,5 @@ /* - Unix SMB/CIFS mplementation. + Unix SMB/CIFS implementation. LDAP protocol helper functions for SAMBA Copyright (C) Gerald Carter 2001-2003 @@ -145,6 +145,7 @@ struct smbldap_state { const char *uri; char *bind_dn; char *bind_secret; + BOOL paged_results; unsigned int num_failures; diff --git a/source/include/vfs_macros.h b/source/include/vfs_macros.h index 79f5bbf3c16..7681b443ebd 100644 --- a/source/include/vfs_macros.h +++ b/source/include/vfs_macros.h @@ -40,7 +40,7 @@ #define SMB_VFS_READDIR(conn, dirp) ((conn)->vfs.ops.readdir((conn)->vfs.handles.readdir, (conn), (dirp))) #define SMB_VFS_SEEKDIR(conn, dirp, offset) ((conn)->vfs.ops.seekdir((conn)->vfs.handles.seekdir, (conn), (dirp), (offset))) #define SMB_VFS_TELLDIR(conn, dirp) ((conn)->vfs.ops.telldir((conn)->vfs.handles.telldir, (conn), (dirp))) -#define SMB_VFS_REWINDDIR(conn, dirp) ((conn)->vfs.ops.rewinddir((conn)->vfs.handles.rewinddir, (conn), (dirp))) +#define SMB_VFS_REWINDDIR(conn, dirp) ((conn)->vfs.ops.rewind_dir((conn)->vfs.handles.rewind_dir, (conn), (dirp))) #define SMB_VFS_MKDIR(conn, path, mode) ((conn)->vfs.ops.mkdir((conn)->vfs.handles.mkdir,(conn), (path), (mode))) #define SMB_VFS_RMDIR(conn, path) ((conn)->vfs.ops.rmdir((conn)->vfs.handles.rmdir, (conn), (path))) #define SMB_VFS_CLOSEDIR(conn, dir) ((conn)->vfs.ops.closedir((conn)->vfs.handles.closedir, (conn), dir)) @@ -141,7 +141,7 @@ #define SMB_VFS_OPAQUE_READDIR(conn, dirp) ((conn)->vfs_opaque.ops.readdir((conn)->vfs_opaque.handles.readdir, (conn), (dirp))) #define SMB_VFS_OPAQUE_SEEKDIR(conn, dirp, offset) ((conn)->vfs_opaque.ops.seekdir((conn)->vfs_opaque.handles.seekdir, (conn), (dirp), (offset))) #define SMB_VFS_OPAQUE_TELLDIR(conn, dirp) ((conn)->vfs_opaque.ops.telldir((conn)->vfs_opaque.handles.telldir, (conn), (dirp))) -#define SMB_VFS_OPAQUE_REWINDDIR(conn, dirp) ((conn)->vfs_opaque.ops.rewinddir((conn)->vfs_opaque.handles.rewinddir, (conn), (dirp))) +#define SMB_VFS_OPAQUE_REWINDDIR(conn, dirp) ((conn)->vfs_opaque.ops.rewind_dir((conn)->vfs_opaque.handles.rewind_dir, (conn), (dirp))) #define SMB_VFS_OPAQUE_MKDIR(conn, path, mode) ((conn)->vfs_opaque.ops.mkdir((conn)->vfs_opaque.handles.mkdir,(conn), (path), (mode))) #define SMB_VFS_OPAQUE_RMDIR(conn, path) ((conn)->vfs_opaque.ops.rmdir((conn)->vfs_opaque.handles.rmdir, (conn), (path))) #define SMB_VFS_OPAQUE_CLOSEDIR(conn, dir) ((conn)->vfs_opaque.ops.closedir((conn)->vfs_opaque.handles.closedir, (conn), dir)) |