static void standard_sub_advanced(int snum, const char *user,
const char *connectpath, gid_t gid,
const char *smb_name, char *str, size_t len)
{
char *p, *s, *home;
for (s=str; (p=strchr_m(s, '%'));s=p) {
int l = (int)len - (int)(p-str);
if (l < 0)
l = 0;
switch (*(p+1)) {
case 'N' :
string_sub(p,"%N", automount_server(user),l);
break;
case 'H':
if ((home = get_user_home_dir(user)))
string_sub(p,"%H",home, l);
else
p += 2;
break;
case 'P':
string_sub(p,"%P", connectpath, l);
break;
case 'S':
string_sub(p,"%S", lp_servicename(snum), l);
break;
case 'g':
string_sub(p,"%g", gidtoname(gid), l);
break;
case 'u':
string_sub(p,"%u", user, l);
break;
/* Patch from [email protected] Left the %N (NIS
* server name) in standard_sub_basic as it is
* a feature for logon servers, hence uses the
* username. The %p (NIS server path) code is
* here as it is used instead of the default
* "path =" string in [homes] and so needs the
* service name, not the username. */
case 'p':
string_sub(p,"%p", automount_path(lp_servicename(snum)), l);
break;
case '\0':
p++;
break; /* don't run off the end of the string */
default: p+=2;
break;
}
}
standard_sub_basic(smb_name, str, len);
}
static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
{
struct cli_state *cli = NULL;
fstring desthost;
struct in_addr dest_ip;
const char *p;
char *pserver;
BOOL connected_ok = False;
if (!(cli = cli_initialise()))
return NULL;
/* security = server just can't function with spnego */
cli->use_spnego = False;
pserver = talloc_strdup(mem_ctx, lp_passwordserver());
p = pserver;
while(next_token( &p, desthost, LIST_SEP, sizeof(desthost))) {
standard_sub_basic(current_user_info.smb_name, current_user_info.domain,
desthost, sizeof(desthost));
strupper_m(desthost);
if(!resolve_name( desthost, &dest_ip, 0x20)) {
DEBUG(1,("server_cryptkey: Can't resolve address for %s\n",desthost));
continue;
}
if (ismyip(dest_ip)) {
DEBUG(1,("Password server loop - disabling password server %s\n",desthost));
continue;
}
/* we use a mutex to prevent two connections at once - when a
Win2k PDC get two connections where one hasn't completed a
session setup yet it will send a TCP reset to the first
connection (tridge) */
if (!grab_server_mutex(desthost)) {
return NULL;
}
if (cli_connect(cli, desthost, &dest_ip)) {
DEBUG(3,("connected to password server %s\n",desthost));
connected_ok = True;
break;
}
}
if (!connected_ok) {
release_server_mutex();
DEBUG(0,("password server not available\n"));
cli_shutdown(cli);
return NULL;
}
if (!attempt_netbios_session_request(&cli, global_myname(),
desthost, &dest_ip)) {
release_server_mutex();
DEBUG(1,("password server fails session request\n"));
cli_shutdown(cli);
return NULL;
}
if (strequal(desthost,myhostname())) {
exit_server_cleanly("Password server loop!");
}
DEBUG(3,("got session\n"));
if (!cli_negprot(cli)) {
DEBUG(1,("%s rejected the negprot\n",desthost));
release_server_mutex();
cli_shutdown(cli);
return NULL;
}
if (cli->protocol < PROTOCOL_LANMAN2 ||
!(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
DEBUG(1,("%s isn't in user level security mode\n",desthost));
release_server_mutex();
cli_shutdown(cli);
return NULL;
}
/* Get the first session setup done quickly, to avoid silly
Win2k bugs. (The next connection to the server will kill
this one...
*/
if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "", 0, "", 0,
""))) {
DEBUG(0,("%s rejected the initial session setup (%s)\n",
desthost, cli_errstr(cli)));
release_server_mutex();
cli_shutdown(cli);
return NULL;
}
release_server_mutex();
DEBUG(3,("password server OK\n"));
return cli;
}
/****************************************************************************
support for server level security
****************************************************************************/
struct cli_state *server_cryptkey(void)
{
fstring desthost;
struct in_addr dest_ip;
extern fstring local_machine;
char *p;
if (!cli_initialise(&cli))
return NULL;
for (p=strtok(lp_passwordserver(),LIST_SEP); p ; p = strtok(NULL,LIST_SEP)) {
fstrcpy(desthost,p);
standard_sub_basic(desthost);
strupper(desthost);
if(!resolve_name( desthost, &dest_ip)) {
DEBUG(1,("server_cryptkey: Can't resolve address for %s\n",p));
continue;
}
if (ismyip(dest_ip)) {
DEBUG(1,("Password server loop - disabling password server %s\n",p));
continue;
}
if (cli_connect(&cli, desthost, &dest_ip)) {
DEBUG(3,("connected to password server %s\n",p));
break;
}
}
if (!p) {
DEBUG(1,("password server not available\n"));
cli_shutdown(&cli);
return NULL;
}
if (!cli_session_request(&cli, desthost, 0x20, local_machine)) {
DEBUG(1,("%s rejected the session\n",desthost));
cli_shutdown(&cli);
return NULL;
}
DEBUG(3,("got session\n"));
if (!cli_negprot(&cli)) {
DEBUG(1,("%s rejected the negprot\n",desthost));
cli_shutdown(&cli);
return NULL;
}
if (cli.protocol < PROTOCOL_LANMAN2 ||
!(cli.sec_mode & 1)) {
DEBUG(1,("%s isn't in user level security mode\n",desthost));
cli_shutdown(&cli);
return NULL;
}
DEBUG(3,("password server OK\n"));
return &cli;
}
int main(int argc, char *argv[])
{
FILE *f;
pstring fname;
int uid, c;
static pstring servicesf = CONFIGFILE;
extern char *optarg;
int verbose = 0, brief =0;
BOOL processes_only=False;
int last_pid=0;
struct session_record *ptr;
TimeInit();
setup_logging(argv[0],True);
charset_initialise();
DEBUGLEVEL = 0;
dbf = fopen("/dev/null","w");
if (getuid() != geteuid()) {
printf("smbstatus should not be run setuid\n");
return(1);
}
while ((c = getopt(argc, argv, "pds:u:b")) != EOF) {
switch (c) {
case 'b':
brief = 1;
break;
case 'd':
verbose = 1;
break;
case 'p':
processes_only = 1;
break;
case 's':
pstrcpy(servicesf, optarg);
break;
case 'u': /* added by OH */
Ucrit_addUsername(optarg); /* added by OH */
break;
default:
fprintf(stderr, "Usage: %s [-d] [-p] [-s configfile] [-u username]\n", *argv); /* changed by OH */
return (-1);
}
}
get_myname(myhostname, NULL);
if (!lp_load(servicesf,False)) {
fprintf(stderr, "Can't load %s - run testparm to debug it\n", servicesf);
return (-1);
}
if (verbose) {
printf("using configfile = %s\n", servicesf);
printf("lockdir = %s\n", *lp_lockdir() ? lp_lockdir() : "NULL");
}
pstrcpy(fname,lp_lockdir());
standard_sub_basic(fname);
trim_string(fname,"","/");
pstrcat(fname,"/STATUS..LCK");
f = fopen(fname,"r");
if (!f) {
printf("Couldn't open status file %s\n",fname);
if (!lp_status(-1))
printf("You need to have status=yes in your smb config file\n");
return(0);
}
else if (verbose) {
printf("Opened status file %s\n", fname);
}
uid = getuid();
if (!processes_only) {
printf("\nSamba version %s\n",VERSION);
if (brief)
{
printf("PID Username Machine Time logged in\n");
printf("-------------------------------------------------------------------\n");
}
else
{
printf("Service uid gid pid machine\n");
printf("----------------------------------------------\n");
}
}
while (!feof(f))
{
if (fread(&crec,sizeof(crec),1,f) != 1)
break;
if ( crec.magic == 0x280267 && process_exists(crec.pid)
&& Ucrit_checkUsername(uidtoname(crec.uid)) /* added by OH */
)
{
if (brief)
{
ptr=srecs;
while (ptr!=NULL)
{
if ((ptr->pid==crec.pid)&&(strncmp(ptr->machine,crec.machine,30)==0))
{
if (ptr->start > crec.start)
ptr->start=crec.start;
break;
}
ptr=ptr->next;
}
if (ptr==NULL)
{
ptr=(struct session_record *) malloc(sizeof(struct session_record));
ptr->uid=crec.uid;
ptr->pid=crec.pid;
ptr->start=crec.start;
strncpy(ptr->machine,crec.machine,30);
ptr->machine[30]='\0';
ptr->next=srecs;
srecs=ptr;
}
}
else
{
Ucrit_addPid(crec.pid); /* added by OH */
if (processes_only) {
if (last_pid != crec.pid)
printf("%d\n",crec.pid);
last_pid = crec.pid; /* XXXX we can still get repeats, have to
add a sort at some time */
}
else
printf("%-10.10s %-8s %-8s %5d %-8s (%s) %s",
crec.name,uidtoname(crec.uid),gidtoname(crec.gid),crec.pid,
crec.machine,crec.addr,
asctime(LocalTime(&crec.start)));
}
}
}
fclose(f);
if (processes_only) exit(0);
if (brief)
{
ptr=srecs;
while (ptr!=NULL)
{
printf("%-8d%-10.10s%-30.30s%s",ptr->pid,uidtoname(ptr->uid),ptr->machine,asctime(LocalTime(&(ptr->start))));
ptr=ptr->next;
}
printf("\n");
exit(0);
}
printf("\n");
locking_init(1);
if (share_mode_forall(print_share_mode) <= 0)
printf("No locked files\n");
printf("\n");
share_status(stdout);
locking_end();
return (0);
}
/****************************************************************************
deliver the message
****************************************************************************/
static void msg_deliver(void)
{
pstring name;
int i;
int fd;
char *msg;
int len;
if (! (*lp_msg_command()))
{
DEBUG(1,("no messaging command specified\n"));
msgpos = 0;
return;
}
/* put it in a temporary file */
slprintf(name,sizeof(name)-1, "%s/msg.XXXXXX",tmpdir());
fd = smb_mkstemp(name);
if (fd == -1) {
DEBUG(1,("can't open message file %s\n",name));
return;
}
/*
* Incoming message is in DOS codepage format. Convert to UNIX.
*/
if ((len = convert_string_allocate(NULL,CH_DOS, CH_UNIX, msgbuf, msgpos, (void **) &msg)) < 0 || !msg) {
DEBUG(3,("Conversion failed, delivering message in DOS codepage format\n"));
for (i = 0; i < msgpos;) {
if (msgbuf[i] == '\r' && i < (msgpos-1) && msgbuf[i+1] == '\n') {
i++; continue;
}
write(fd, &msgbuf[i++], 1);
}
} else {
for (i = 0; i < len;) {
if (msg[i] == '\r' && i < (len-1) && msg[i+1] == '\n') {
i++; continue;
}
write(fd, &msg[i++],1);
}
SAFE_FREE(msg);
}
close(fd);
/* run the command */
if (*lp_msg_command())
{
fstring alpha_msgfrom;
fstring alpha_msgto;
pstring s;
pstrcpy(s,lp_msg_command());
pstring_sub(s,"%f",alpha_strcpy(alpha_msgfrom,msgfrom,NULL,sizeof(alpha_msgfrom)));
pstring_sub(s,"%t",alpha_strcpy(alpha_msgto,msgto,NULL,sizeof(alpha_msgto)));
standard_sub_basic(current_user_info.smb_name, s, sizeof(s));
pstring_sub(s,"%s",name);
smbrun(s,NULL);
}
msgpos = 0;
}
