static void standard_sub_advanced(int snum, const char *user, const char *connectpath, gid_t gid, const char *smb_name, char *str, size_t len) { char *p, *s, *home; for (s=str; (p=strchr_m(s, '%'));s=p) { int l = (int)len - (int)(p-str); if (l < 0) l = 0; switch (*(p+1)) { case 'N' : string_sub(p,"%N", automount_server(user),l); break; case 'H': if ((home = get_user_home_dir(user))) string_sub(p,"%H",home, l); else p += 2; break; case 'P': string_sub(p,"%P", connectpath, l); break; case 'S': string_sub(p,"%S", lp_servicename(snum), l); break; case 'g': string_sub(p,"%g", gidtoname(gid), l); break; case 'u': string_sub(p,"%u", user, l); break; /* Patch from [email protected] Left the %N (NIS * server name) in standard_sub_basic as it is * a feature for logon servers, hence uses the * username. The %p (NIS server path) code is * here as it is used instead of the default * "path =" string in [homes] and so needs the * service name, not the username. */ case 'p': string_sub(p,"%p", automount_path(lp_servicename(snum)), l); break; case '\0': p++; break; /* don't run off the end of the string */ default: p+=2; break; } } standard_sub_basic(smb_name, str, len); }
static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) { struct cli_state *cli = NULL; fstring desthost; struct in_addr dest_ip; const char *p; char *pserver; BOOL connected_ok = False; if (!(cli = cli_initialise())) return NULL; /* security = server just can't function with spnego */ cli->use_spnego = False; pserver = talloc_strdup(mem_ctx, lp_passwordserver()); p = pserver; while(next_token( &p, desthost, LIST_SEP, sizeof(desthost))) { standard_sub_basic(current_user_info.smb_name, current_user_info.domain, desthost, sizeof(desthost)); strupper_m(desthost); if(!resolve_name( desthost, &dest_ip, 0x20)) { DEBUG(1,("server_cryptkey: Can't resolve address for %s\n",desthost)); continue; } if (ismyip(dest_ip)) { DEBUG(1,("Password server loop - disabling password server %s\n",desthost)); continue; } /* we use a mutex to prevent two connections at once - when a Win2k PDC get two connections where one hasn't completed a session setup yet it will send a TCP reset to the first connection (tridge) */ if (!grab_server_mutex(desthost)) { return NULL; } if (cli_connect(cli, desthost, &dest_ip)) { DEBUG(3,("connected to password server %s\n",desthost)); connected_ok = True; break; } } if (!connected_ok) { release_server_mutex(); DEBUG(0,("password server not available\n")); cli_shutdown(cli); return NULL; } if (!attempt_netbios_session_request(&cli, global_myname(), desthost, &dest_ip)) { release_server_mutex(); DEBUG(1,("password server fails session request\n")); cli_shutdown(cli); return NULL; } if (strequal(desthost,myhostname())) { exit_server_cleanly("Password server loop!"); } DEBUG(3,("got session\n")); if (!cli_negprot(cli)) { DEBUG(1,("%s rejected the negprot\n",desthost)); release_server_mutex(); cli_shutdown(cli); return NULL; } if (cli->protocol < PROTOCOL_LANMAN2 || !(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) { DEBUG(1,("%s isn't in user level security mode\n",desthost)); release_server_mutex(); cli_shutdown(cli); return NULL; } /* Get the first session setup done quickly, to avoid silly Win2k bugs. (The next connection to the server will kill this one... */ if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "", 0, "", 0, ""))) { DEBUG(0,("%s rejected the initial session setup (%s)\n", desthost, cli_errstr(cli))); release_server_mutex(); cli_shutdown(cli); return NULL; } release_server_mutex(); DEBUG(3,("password server OK\n")); return cli; }
/**************************************************************************** support for server level security ****************************************************************************/ struct cli_state *server_cryptkey(void) { fstring desthost; struct in_addr dest_ip; extern fstring local_machine; char *p; if (!cli_initialise(&cli)) return NULL; for (p=strtok(lp_passwordserver(),LIST_SEP); p ; p = strtok(NULL,LIST_SEP)) { fstrcpy(desthost,p); standard_sub_basic(desthost); strupper(desthost); if(!resolve_name( desthost, &dest_ip)) { DEBUG(1,("server_cryptkey: Can't resolve address for %s\n",p)); continue; } if (ismyip(dest_ip)) { DEBUG(1,("Password server loop - disabling password server %s\n",p)); continue; } if (cli_connect(&cli, desthost, &dest_ip)) { DEBUG(3,("connected to password server %s\n",p)); break; } } if (!p) { DEBUG(1,("password server not available\n")); cli_shutdown(&cli); return NULL; } if (!cli_session_request(&cli, desthost, 0x20, local_machine)) { DEBUG(1,("%s rejected the session\n",desthost)); cli_shutdown(&cli); return NULL; } DEBUG(3,("got session\n")); if (!cli_negprot(&cli)) { DEBUG(1,("%s rejected the negprot\n",desthost)); cli_shutdown(&cli); return NULL; } if (cli.protocol < PROTOCOL_LANMAN2 || !(cli.sec_mode & 1)) { DEBUG(1,("%s isn't in user level security mode\n",desthost)); cli_shutdown(&cli); return NULL; } DEBUG(3,("password server OK\n")); return &cli; }
int main(int argc, char *argv[]) { FILE *f; pstring fname; int uid, c; static pstring servicesf = CONFIGFILE; extern char *optarg; int verbose = 0, brief =0; BOOL processes_only=False; int last_pid=0; struct session_record *ptr; TimeInit(); setup_logging(argv[0],True); charset_initialise(); DEBUGLEVEL = 0; dbf = fopen("/dev/null","w"); if (getuid() != geteuid()) { printf("smbstatus should not be run setuid\n"); return(1); } while ((c = getopt(argc, argv, "pds:u:b")) != EOF) { switch (c) { case 'b': brief = 1; break; case 'd': verbose = 1; break; case 'p': processes_only = 1; break; case 's': pstrcpy(servicesf, optarg); break; case 'u': /* added by OH */ Ucrit_addUsername(optarg); /* added by OH */ break; default: fprintf(stderr, "Usage: %s [-d] [-p] [-s configfile] [-u username]\n", *argv); /* changed by OH */ return (-1); } } get_myname(myhostname, NULL); if (!lp_load(servicesf,False)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", servicesf); return (-1); } if (verbose) { printf("using configfile = %s\n", servicesf); printf("lockdir = %s\n", *lp_lockdir() ? lp_lockdir() : "NULL"); } pstrcpy(fname,lp_lockdir()); standard_sub_basic(fname); trim_string(fname,"","/"); pstrcat(fname,"/STATUS..LCK"); f = fopen(fname,"r"); if (!f) { printf("Couldn't open status file %s\n",fname); if (!lp_status(-1)) printf("You need to have status=yes in your smb config file\n"); return(0); } else if (verbose) { printf("Opened status file %s\n", fname); } uid = getuid(); if (!processes_only) { printf("\nSamba version %s\n",VERSION); if (brief) { printf("PID Username Machine Time logged in\n"); printf("-------------------------------------------------------------------\n"); } else { printf("Service uid gid pid machine\n"); printf("----------------------------------------------\n"); } } while (!feof(f)) { if (fread(&crec,sizeof(crec),1,f) != 1) break; if ( crec.magic == 0x280267 && process_exists(crec.pid) && Ucrit_checkUsername(uidtoname(crec.uid)) /* added by OH */ ) { if (brief) { ptr=srecs; while (ptr!=NULL) { if ((ptr->pid==crec.pid)&&(strncmp(ptr->machine,crec.machine,30)==0)) { if (ptr->start > crec.start) ptr->start=crec.start; break; } ptr=ptr->next; } if (ptr==NULL) { ptr=(struct session_record *) malloc(sizeof(struct session_record)); ptr->uid=crec.uid; ptr->pid=crec.pid; ptr->start=crec.start; strncpy(ptr->machine,crec.machine,30); ptr->machine[30]='\0'; ptr->next=srecs; srecs=ptr; } } else { Ucrit_addPid(crec.pid); /* added by OH */ if (processes_only) { if (last_pid != crec.pid) printf("%d\n",crec.pid); last_pid = crec.pid; /* XXXX we can still get repeats, have to add a sort at some time */ } else printf("%-10.10s %-8s %-8s %5d %-8s (%s) %s", crec.name,uidtoname(crec.uid),gidtoname(crec.gid),crec.pid, crec.machine,crec.addr, asctime(LocalTime(&crec.start))); } } } fclose(f); if (processes_only) exit(0); if (brief) { ptr=srecs; while (ptr!=NULL) { printf("%-8d%-10.10s%-30.30s%s",ptr->pid,uidtoname(ptr->uid),ptr->machine,asctime(LocalTime(&(ptr->start)))); ptr=ptr->next; } printf("\n"); exit(0); } printf("\n"); locking_init(1); if (share_mode_forall(print_share_mode) <= 0) printf("No locked files\n"); printf("\n"); share_status(stdout); locking_end(); return (0); }
/**************************************************************************** deliver the message ****************************************************************************/ static void msg_deliver(void) { pstring name; int i; int fd; char *msg; int len; if (! (*lp_msg_command())) { DEBUG(1,("no messaging command specified\n")); msgpos = 0; return; } /* put it in a temporary file */ slprintf(name,sizeof(name)-1, "%s/msg.XXXXXX",tmpdir()); fd = smb_mkstemp(name); if (fd == -1) { DEBUG(1,("can't open message file %s\n",name)); return; } /* * Incoming message is in DOS codepage format. Convert to UNIX. */ if ((len = convert_string_allocate(NULL,CH_DOS, CH_UNIX, msgbuf, msgpos, (void **) &msg)) < 0 || !msg) { DEBUG(3,("Conversion failed, delivering message in DOS codepage format\n")); for (i = 0; i < msgpos;) { if (msgbuf[i] == '\r' && i < (msgpos-1) && msgbuf[i+1] == '\n') { i++; continue; } write(fd, &msgbuf[i++], 1); } } else { for (i = 0; i < len;) { if (msg[i] == '\r' && i < (len-1) && msg[i+1] == '\n') { i++; continue; } write(fd, &msg[i++],1); } SAFE_FREE(msg); } close(fd); /* run the command */ if (*lp_msg_command()) { fstring alpha_msgfrom; fstring alpha_msgto; pstring s; pstrcpy(s,lp_msg_command()); pstring_sub(s,"%f",alpha_strcpy(alpha_msgfrom,msgfrom,NULL,sizeof(alpha_msgfrom))); pstring_sub(s,"%t",alpha_strcpy(alpha_msgto,msgto,NULL,sizeof(alpha_msgto))); standard_sub_basic(current_user_info.smb_name, s, sizeof(s)); pstring_sub(s,"%s",name); smbrun(s,NULL); } msgpos = 0; }