| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Now smbclient, net, and swat use their own proto files - now the global
proto.h
The change to libads/kerberos.c was to break up the dependency on secrets.c -
we want to be able to write an ADS client that doesn't need local secrets.
I have other breakups in the works - I will remove the dependency of
rpc_parse on passdb (and therefore secrets.c) shortly.
(NOTE: This patch does *not* break up includes.h, or other such forbidden
actions).
Andrew Bartlett
(This used to be commit edb41dad2df0ae3db364dbc3896cc75956262edf)
|
|
Andrew Bartlett
(This used to be commit 3b2464ffdad5e64a05e227b50116cb59f6d34204)
|
|
spinning if a signal is received at an inconvenient moment
(This used to be commit d8d7dd523d897ea25a572c8f21903e94e8485404)
|
|
(This used to be commit 73ba155a6bba150b5bd8385fd609ed7fea30f02f)
|
|
here because HEAD does it differently, someone let me know. This looks ok
and compiles fine from what I can tell.
(This used to be commit 68841ae76289369c0b2e9e964bad1746e6e2cc8b)
|
|
(This used to be commit 708c6b8297e720c0d0146e66e3a011feabe01531)
|
|
to revisit this some.
(This used to be commit f471c880db8562231f2d6623124d3e9c31559f4c)
|
|
(This used to be commit 5a4a7e5a88f4fdc5891436b05e44b05d1e7ad3f1)
|
|
(This used to be commit e3422addeb2a74ba92e3b5374d1a1efbcc825d5a)
|
|
(This used to be commit b07d6d4cebecd77314b123d83c7c2265eb62e1c1)
|
|
(This used to be commit 8b805be8e8d1a5616158d39427ad640de4210de9)
|
|
Mostly formatting and s/free/SAFE_FREE/g changes with the two exceptions
being
* John driver init changes
* Tim's printer enumeration bug fix
(This used to be commit f7536762863811f96364e8acd3716bdb7d665bbf)
|
|
though it is up to the calling function to decide whether values are
strings or not. Attributes are not converted at this point, though support
for it would be simple.
I have tested it with users and groups using non-ascii chars, and if the
check for alphanumeric user/domain names is removed form sesssetup.c, even
a user with accented chars can connect, or even login (via winbind).
I have also simplified the interfaces to ads_mod_*, though we will probably
want to expand this by a few functions in the near future. We just had
too many ways to do the same thing...
(This used to be commit f924cb53580bc081ff34e45abba57629018c68d6)
|
|
now supported in HEAD.
Jeremy.
(This used to be commit 082c5c084ef870709d3046f580eef597bb2aeef3)
|
|
(This used to be commit 2947b7624f921032bcd2cc5507747b2f7ef190de)
|
|
The previous code both had basic logic flaws in it, and some subtle
issues regarding the Win2k info3 response.
I've tested this against Samba (it looks like that was missed last time
due to the 'called name' corruption - which broke my testsuite) and
accomidated what I've seen from a info3 printout jmcd gave me.
I'll get this tested fully as soon as I get my VMware going again.
Andrew Bartlett
(This used to be commit 87eba4c811293d2428bfb9bc36de22e66dce7f8b)
|
|
All passdb modules need to include a 'magic' macro that creates simple
'return my version number' function.
(from metze and jelmer)
Also fix up the dir_drive autosubsitute code to correctly use lp_logon_drive().
(from metze)
Andrew Bartlett
(This used to be commit 4a57c445dd4354034fc41b132a484afe6ab66e16)
|
|
Andrew Bartlett
(This used to be commit 5c0e4ecfaf9bf7e6e799dceeb275b5db2d4142dd)
|
|
Replaced with "unsigned int".
Jeremy.
(This used to be commit 5841ca54b6a8c36f3d76c12570ff8f2211ed2363)
|
|
(This used to be commit a905b5f49db6a12c9a562e1d5e3981dc3525fd27)
|
|
print queue).
Jeremy.
(This used to be commit 6544a500d0696c9fe1f1abc067a8b963a0e2b8da)
|
|
(This used to be commit de00428ef12b597e5c29896bf961cfd7a1e122dd)
|
|
Jeremy.
(This used to be commit 629cea2ff4f640cd60d9ecfa72acf2707b3f1ff4)
|
|
Jeremy.
(This used to be commit 4a5aa918d9eecc130a5126a255f8a6b5cde8044f)
|
|
Added an auth_user field which denotes whether the api call can be made
anonymously. In combination with lp_restrict_anonymous() this can
decrease the amount of information that can be retrieved anonymously.
So far NetShareEnum, NetSessionEnum, NetGroupEnum, NetGroupGetUsers,
NetUserEnum, PrintQEnum, NetFileEnum cannot be called anonymously.
SamOEMChangePassword and NetServerEnum can be called anonymously.
All other functions can be called anonymously until it can be proven
that they can't to avoid breaking anything.
(This used to be commit ead6ab9602640aca5d1d8ac336f3a129f9466159)
|
|
(This used to be commit 93309c0ad4cd66680f94d7a46028b4d392d1cc06)
|
|
(This used to be commit 97f70f2cfff72d6040c72d34a569f5c889cbff2e)
|
|
(This used to be commit 0d05c8ce54c3fa859abb8bd2ac13cacaed63e95c)
|
|
(This used to be commit c29cef7f3408714d4e6e18906760d74016c6748f)
|
|
(This used to be commit 80e7f8f2f59136f53c236a37b5f16f6ffa0d391a)
|
|
interfaces yet. Instead of giving up, nmbd will now wait for some
interfaces to appear
(This used to be commit 612ae5313250aec80c94782d55cbf755dd4a9a4f)
|
|
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
|
|
(This used to be commit 3167ec8a49a8da58f77b7c4f202c865ef9f9414c)
|
|
(This used to be commit 29874f4b8fecdc7cbd84d656dafce54cca49e0b1)
|
|
(This used to be commit 41f036ab37274ce7cdd782ead764dd1a36ecba1d)
|
|
(This used to be commit 27bba80c0e36f823e653439a829c285cc0663485)
|
|
Andrew Bartlett
(This used to be commit 11b6d283d3c1408c89b03918f3a0c034411f5966)
|
|
and we seem to have eliminated the segfault.
Unfortunetly I'm still at a bit of a loss as to why it did segfault, but
the patch is correct in any case.
Andrew Bartlett
(This used to be commit 70c16188c7a267f9f3f8de0b6830f66c9e68a2c7)
|
|
rebind proc (some give an extra paramter to pass a void* paramater) and
some small changes for the SMB signing code to reset things when the
signing starts, and to 'turn off' signing if the session setup failed.
Andrew Bartlett
(This used to be commit a8805a34e5d96eeb5ffe15681b241d5a449a6144)
|
|
The problem was that *all* packets were being signed, even packets before
signing was set up. (This broke the session request).
This fixes it to be an 'opt in' measure - that is, we only attempt to sign
things after we have got a valid, non-guest session setup as per the CIFS spec.
I've not tested this against an MS server, becouse my VMware is down, but
at least it doesn't break the build farm any more.
Andrew Bartlett
(This used to be commit 1dc5a8765876c1ca822e454651f8fd4a551965e9)
|
|
platforms :-)
(This used to be commit bda8f12ff551f24a6f2a8e8f7a120b2e0e45a269)
|
|
paths handle the rest later.
Andrew Bartlett
(This used to be commit 09754ec797c4232d2016c7eff2e74044f28ebb7c)
|
|
(This used to be commit 957c865cee7f799145f9f1d30dfd0d0a25d826cf)
|
|
The aim of this execise is to give the 'security>=user' code a straight paper
path. Security=share will sill call authorise_login(), but otherwise we avoid
that mess.
This allow *much* more accurate error code reporting, beocuse we don't start
pretending that we can use the (nonexistant) password etc.
Also in this patch is code to create the 'homes' share at session setup time
(as we have done in the past - been broken recently) and to record this on
the user's vuser struct for later reference. The changes here should also
allow for much better use of %H (some more changes to come here).
The service.c changes move a lot of code around, but are not as drastric
as they look...
(Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not
'*total_entries' was compared).
This code is needs testing, but passes my basic tests.
I expect we have lost some functionality, but the stuff I had expected
to loose was already broken before I started. In particular, we don't 'fall
back' to guest if the user cannot access a share (for security=user). If you
want this kind of stuff then you really want security=share anyway.
Andrew Bartlett
(This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c)
|
|
like the domain name and SID come from the remote domain, not the local
one. These are filled out by the code from the previous commit (auth_util.c,
the make_server_info_info3() fn) and read back here.
Andrew Bartlett
(This used to be commit 6872de2e5b27fd2de61ed14c85475a0eacd637ca)
|
|
(This used to be commit a07f2c08ff145f414618165739fe7f2d203931e8)
|
|
It extends the 'server mutex' to conver security=server, becouse the connection
race condition exists here too, and while people *should* use security=domain,
some sites don't....
(This probably should be done in 2.2 as well).
Also, start to actually extract and use the information that the remote
server returns in the info3 struct.
The server mutex code is now in a new file.
Andrew Bartlett
(This used to be commit 9b0dabdf4ec3bb45879caae76e03b57ccdad8b4b)
|
|
deveopers hack to always send a fixed challange, for the benifit
of tutorials and packet sniffing etc.
Enabling this module removes all security, so its a --enable-developer
option.
Andrew Bartlett
(This used to be commit 622e6b64dfb0a2c53d2c9dbd7b8ff438492eaf02)
|
|
and that local accounts are perfectly fine.
(This used to be commit 9fe8da6dd1b7fecfee0a2778fec0b7dd0fd40bfb)
|
|
(This used to be commit fb89be135575561f759a299048ed1eb5363183c3)
|
