summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r17016: Different and smaller fix for the valid users = username problem.Volker Lendecke1-1/+7
If no winbind is around, the best we can do to get the user's token correct is to ask unix via create_token_from_username. More investigation is needed if this also fixes the +groupname for unmapped groups problems more cleanly. Volker (This used to be commit f6e3ee147ffde572532fb44b619dda01388d4a31)
2007-10-10r17011: Back out r17010 after talking to Jerry. Another fix pending...Volker Lendecke1-34/+9
Volker (This used to be commit 7a629118ee6f468505172147724f7f532f0f4a4f)
2007-10-10r17010: If winbind is not around, add S-1-22-1-<uid> to the user's token.Volker Lendecke1-9/+34
See the comment in the patch for the reason. Volker (This used to be commit 5e07ab750af3744e1ee5bfc813d5c6532aff4ecb)
2007-10-10r17007: Increment winbind protocol version number.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit ed51b6293b7577cb2d9e661a8491606abf349406)
2007-10-10r17005: Add a new helper mode to ntlm_auth: ntlm-change-password-1Andrew Bartlett6-1/+502
This mode proxies pre-calculated blobs from a remote (probably VPN) client into the domain. This allows clients to change their password over a PPTP connection (where they would not be able to connect to SAMR directly). The precalculated blobs do not reveal the plaintext password. Original patch by Alexey Kobozev <cobedump@gmail.com> (This used to be commit 967292b7136c5100c0b9a2783c34b1948b16dad4)
2007-10-10r17003: Fix coverity #303 - possible null deref. Jerry pleaseJeremy Allison1-0/+1
check this is your new code. Jeremy. (This used to be commit 144067783d1c56b574911532f074bdaa7cea9c6e)
2007-10-10r17000: Allow CIFS POSIX locks to coexist with Windows locks.Jeremy Allison1-1/+1
We shouldn't allow this on the same smbd, but the cifsfs client negotiates POSIX locks then sends Windows ones. Doh ! Can't fix shipped client code.... Jeremy. (This used to be commit 2f8cabe98d3776cb0bdf6b4ef1490fe0119e260a)
2007-10-10r16998: patch from Paul Griffith <paulg@cs.yorku.ca> to fix compile of the ↵Gerald Carter1-12/+12
test.c pdb file (This used to be commit 34ad8e183cf882913c32b4d03c9ab5fc09181ad2)
2007-10-10r16997: Simo's patch (based on repotr from Seth Elssworth of Quest) to try ↵Gerald Carter1-2/+21
to be more robust in the precense of more broken /etc/hosts files when determining our fwdn (This used to be commit 6413df8348829659807c0c30e6eaef511815e0ed)
2007-10-10r16994: Fix bug #3923, reported by jason@ncac.gwu.edu. Incorrect typeJeremy Allison1-1/+1
used. Jeremy. (This used to be commit 738b99078c6e0ececa6c0268258510a4e97f84e7)
2007-10-10r16992: Fix bug #3922 reported by jason@ncac.gwu.edu, correctlyJeremy Allison1-1/+1
look at the return code. Jeremy. (This used to be commit f11933b3ac91c6fbacd6b410f4d2c0d400df23ee)
2007-10-10r16990: Fix bug #3921 spotted by jason@ncac.gwu.edu. CorrectlyJeremy Allison1-1/+1
obey blocking/non-blocking request for POSIX locks. Jeremy. (This used to be commit f62c01316ef3ce0351f8b34229307a75d8f9f156)
2007-10-10r16987: Fix the logic errors in ref-counting Windows locks.Jeremy Allison2-9/+14
Hopefully will fix the build farm. Still a few errors in RAW-LOCK to look at though... Jeremy. (This used to be commit edd72d37de570fdad09f7ee983b5b22a1613e558)
2007-10-10r16973: Fix subtle logic error in lock ref counting found byJeremy Allison2-11/+11
cifsfs client code. Jeremy. (This used to be commit 53094435d89088124041d57078c21a12e761e2bf)
2007-10-10r16971: Ensure we use the correct separator for pathnamesJeremy Allison1-34/+135
in POSIX mode (clitar needs fixing too). Add test posix lock/unlock commands. Jeremy. (This used to be commit 596497ccc250896025253be1d67711d6d7f059f0)
2007-10-10r16968: The function parse_processed_dfs_path() is dependent on theJeremy Allison1-5/+11
fact that check_path_syntax() will convert '\\' characters to '/'. When POSIX pathnames have been selected this doesn't happen, so we must look for the unaltered separator of '\\' instead of the modified '/'. Stevef please check this with the CIFSFS MS-DFS code ! Jeremy (This used to be commit 883bb398e58f54ee79160487b49b79a4774ef939)
2007-10-10r16962: Add a few utility fns into client. Allow POSIX capabilitiesJeremy Allison2-2/+122
to be selected. Jeremy. (This used to be commit 2d8d4bd77bac6f5e7865657e12affd8b94aa85c3)
2007-10-10r16960: Some warnings from host "opi"Volker Lendecke3-9/+10
(This used to be commit 083ef11cc9be8f1299f233bde194173e092e2c3c)
2007-10-10r16957: fix cut-n-paste error. The check for 'if (\!salt)' make no sense ↵Gerald Carter1-5/+0
when fetching the DES salting principal (This used to be commit baf554c7934cbd591635196453c19d402358e073)
2007-10-10r16955: Fix an uninitialized var -- Jerry, please check.Volker Lendecke1-2/+2
(This used to be commit bf701f51294dacd0d4077b5304772c40119460eb)
2007-10-10r16954: Volker reminded me we already have code to do this check.Gerald Carter1-8/+4
Reuse can_create() to prevent renameing a group to an existing user or group. (This used to be commit ce7091fda1eb3c7ea0900f455cec48c3b95a17f6)
2007-10-10r16953: Don't allow groups to be renamed to an existing user or other groupGerald Carter1-5/+22
(This used to be commit 7d619f127ee70fdd486ffaab4546a53d76a2288c)
2007-10-10r16952: New derive DES salt code and Krb5 keytab generationGerald Carter7-749/+573
Major points of interest: * Figure the DES salt based on the domain functional level and UPN (if present and applicable) * Only deal with the DES-CBC-MD5, DES-CBC-CRC, and RC4-HMAC keys * Remove all the case permutations in the keytab entry generation (to be partially re-added only if necessary). * Generate keytab entries based on the existing SPN values in AD The resulting keytab looks like: ktutil: list -e slot KVNO Principal ---- ---- --------------------------------------------------------------------- 1 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32) 2 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5) 3 6 host/suse10.plainjoe.org@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5) 4 6 host/suse10@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32) 5 6 host/suse10@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5) 6 6 host/suse10@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5) 7 6 suse10$@COLOR.PLAINJOE.ORG (DES cbc mode with CRC-32) 8 6 suse10$@COLOR.PLAINJOE.ORG (DES cbc mode with RSA-MD5) 9 6 suse10$@COLOR.PLAINJOE.ORG (ArcFour with HMAC/md5) The list entries are the two basic SPN values (host/NetBIOSName & host/dNSHostName) and the sAMAccountName value. The UPN will be added as well if the machine has one. This fixes 'kinit -k'. Tested keytab using mod_auth_krb and MIT's telnet. ads_verify_ticket() continues to work with RC4-HMAC and DES keys. (This used to be commit 6261dd3c67d10db6cfa2e77a8d304d3dce4050a4)
2007-10-10r16948: Sync the exmaples code from trunk.Jeremy Allison2-200/+200
Jeremy. (This used to be commit 508ba05a8e4a7df8bf7f6ffe3d09a3c461026f78)
2007-10-10r16947: Fix warning with profile separator when profiles notJeremy Allison1-0/+2
being used. Jeremy. (This used to be commit 441c289fd21d00398fb7c4c7c0338b03129a7545)
2007-10-10r16945: Sync trunk -> 3.0 for 3.0.24 code. Still needJeremy Allison259-9042/+19090
to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2007-10-10r16943: Add Jim's code.Jeremy Allison23-0/+2176
Jeremy. (This used to be commit f131bf8f16fd8b7c49e6065ecbf6f8686b2f4269)
2007-10-10r16941: Fix crash bug when the pam conversation receives an empty token.Günther Deschner1-2/+2
Thanks to Bjoern Jacke for the report and test-case. Guenther (This used to be commit f2ebc0e3de396f44f49dabbfe42cb3ad1c1a7ec1)
2007-10-10r16940: libnscd sets errno, use that to display error message.Günther Deschner1-2/+2
Guenther (This used to be commit df10448e2c6166d1c129c2d9a9a74c5b4a42555f)
2007-10-10r16939: Still clear the winbind_cache.tdb when offline logons are not enabled.Günther Deschner1-2/+4
Guenther (This used to be commit 4121ccfc3e39001d5b7b8288e3bc27d919f79167)
2007-10-10r16927: back merge of a packaging fix for release numbers (from 3.0.23)Gerald Carter1-1/+7
(This used to be commit 5b4c4928ac63d6872cf13c3cdc4a9a63405bbda4)
2007-10-10r16866: No idea why I did not see the warning, sorry....Volker Lendecke1-1/+1
(This used to be commit 84913caebdb461fed2c94fadfa0039b32a83cb6d)
2007-10-10r16865: This is a proposal to fix bug 3915. Before sending patches around, ↵Volker Lendecke3-8/+24
this is what svn is for. The idea is that we fall back to a pure unix user with S-1-22 SIDs in the token in case anything weird is going on with the 'force user'. Volker (This used to be commit 9ec5ccfe851ac8a1f88b88c8c8461a5cf75b4c57)
2007-10-10r16864: Intermediate checkin -- swap the sid_check_is_in_unix_users andVolker Lendecke1-38/+38
sid_check_is_in_our_domain cases. Volker (This used to be commit dc403cec88d91fdeb09cbd04321d88bbdc0f490c)
2007-10-10r16862: Reverting accidential changes in ads_try_connect() from previous commit.Günther Deschner1-2/+2
Guenther (This used to be commit 6257f9af93f2391940b2c60fe39c0bf106de15dd)
2007-10-10r16861: Fixing crash bug when passing no domain/realm name to the CLDAP request.Günther Deschner2-7/+10
Guenther (This used to be commit 863aeb621afa7dcec1bfef8e503ef8ed363e3742)
2007-10-10r16845: Properly report the error during join when the set password failsGerald Carter1-0/+7
(This used to be commit ef6e9ca5276586c081fcf18bb178a2326309b539)
2007-10-10r16836: When receiving a CLDAP reply make sure that we always store the correctGünther Deschner1-1/+3
netbios domain name in server affinity cache. Guenther (This used to be commit 08958411eeff430fb523d9b73e0259d060bac17b)
2007-10-10r16823: Allow to call wbinfo --domain-info="" or --domain-info="." to get domainGünther Deschner1-4/+7
info for our own domain. Guenther (This used to be commit ebd3c547e508e191d5e1b5bb001797666db7b269)
2007-10-10r16800: correct a probable cut&paste errorSimo Sorce1-1/+1
(This used to be commit c139a2293bfb66554e1be09c6824d04381de58e1)
2007-10-10r16799: Fix remote smbd crash bug by removing half-implemented info level 4Günther Deschner1-8/+0
dfs_Enum. Guenther (This used to be commit 4e5ea585c3482c38f2624e45f1268d3864a99faa)
2007-10-10r16797: Add msdfs proxy junctions in the netdfs rpc enumeration.Günther Deschner1-0/+1
Guenther (This used to be commit 6bf350895a648ef9b824c94b894e8d7a8989eb97)
2007-10-10r16790: Fix memleak.Günther Deschner1-0/+1
Guenther (This used to be commit 48ab7f46814dfbd777f142cdd8f59e6c1962eb15)
2007-10-10r16789: Fix bug #3909, when using ea's getting a directory tries toJeremy Allison2-3/+59
read ea's from an msdfs link. Stop it from doing that. Jerry please merge to 3.0.23. Jeremy. (This used to be commit 95e5ace6b4f348a3244b6a3ea0fd8badf55271f5)
2007-10-10r16785: BUG 3908: Fix rpc bin authentication failure which broke user ↵Gerald Carter1-0/+3
password changes Jeremy, please review. (This used to be commit 154e4a281503f0cbc2e654640f1dfa4b4d35a3cd)
2007-10-10r16766: A warning found by RHEL3. This might actually be 3.0.23 code, maybe ↵Volker Lendecke2-2/+2
there are vasprintf implementations that don't like a NULL format. Volker (This used to be commit 03c665c307e518c9ff66096904873266b145637c)
2007-10-10r16755: Hunting warning has some benefits....Volker Lendecke1-2/+2
Solaris found this one that needs to go into 3.0.23, actually munlock the password memory. Volker (This used to be commit 6fa928f96a70b7b063dd1bdbb08c6a3f5d942229)
2007-10-10r16752: remove the 'socket options' setting from the shipped default smb.confGerald Carter4-238/+180
(This used to be commit eac00a45efe96411ab8574b3a3d436a285b7e88a)
2007-10-10r16751: The precompiled header should really be in the $(buildir) andGerald Carter1-2/+2
not the $(srcdir) to allow multiple concurrent compiles when the source tree is shared via nfs. (This used to be commit b79e1c011d577581eebb90b95dbdee11f8a96c3b)
2007-10-10r16749: BUG 3905: don't fail in create_local_nt_token() when aGerald Carter1-3/+4
checking for the builtin Administrators group membership. security = server has no domain info in secrets.tdb (This used to be commit fa477969fbbcd9f707461a2d9015bebf719ddfbb)