summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2003-03-12Update usage message.Martin Pool1-1/+2
(This used to be commit 17f01f6959fb79ba11a56d6869ec9789e3ee2f74)
2003-03-12Add example of string overflow which is now caught in developer mode.Martin Pool1-0/+16
(This used to be commit dcf1705782f5d589120624c90b695b81a0332e6b)
2003-03-11We use unsigned now, so use %u.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 01727b0296ee407e49444b9d9c4e7993892cb537)
2003-03-11Fix up zero termination. Spotted by Sebastian Krahmer <krahmer@suse.de>.Jeremy Allison1-1/+2
Jeremy. (This used to be commit 69becdb563b2620513931811a6695481bebcceed)
2003-03-11This patch attemptes to clean up winbindd's mutex locking.Andrew Bartlett3-68/+46
The current locking scheme in winbind is a complete mess - indeed, the next step should be to push the locking into cli_full_connection(), but I'll leave it for now. This patch works on the noted behaviour that 2 parts of the connection process need protection - and independent protection. Tim Potter did some work on this a little while back, verifying the second case. The two cases are: - between connect() and first session setup - during the auth2 phase of the netlogon pipe setup. I've removed the counter on the lock, as I fail to see what it gains us. This patch also adds 'anonymous fallback' to our winbindd -> DC connection. If the authenticated connection fails (wbinfo -A specifed) - say that account isn't trusted by a trusted DC - then we try an anonymous. Both tpot and mbp like the patch. Andrew Bartlett (This used to be commit 0620320002082298a15cbba72bd79aecfc607947)
2003-03-11security=domain and domain logons = yes should be a BDC (of sorts).Andrew Bartlett1-2/+5
Matches 2.2 Andrew Bartlett (This used to be commit f6497fd639c5bb7d61eda0286c4c3c38609933b0)
2003-03-11Some further tought on the server role issue - try not to break it compeatly.Andrew Bartlett1-3/+6
Andrew Bartlett (This used to be commit 4c6a2d8d28d1752d7fee52d253ce2829bd0a0671)
2003-03-11After 'consultation' with idra, this is how I think the server roles should ↵Andrew Bartlett1-4/+9
work... Andrew Bartlett (This used to be commit 5c1f1005907bf50b809dfae1f8251c7122103098)
2003-03-11This is how combination of domain logons and security parameter best combine.Simo Sorce1-3/+3
Comments wellcome. Simo. (This used to be commit e1431424e7603d946f63cfe7fe669b0b32ac8095)
2003-03-11Remove valgrind_strlen function, hopefully no longer needed withMartin Pool3-23/+0
recent Valgrind relases and clashing with -DVALGRIND. (This used to be commit 98479f1315cf8968152e1566966ac57e171008c3)
2003-03-11Note about using Valgrind with tdbs.Martin Pool1-0/+21
(This used to be commit 36c6f67d4af50d8fc4c8bd54486df315861d55c2)
2003-03-11having sticky create times is not a bugAndrew Tridgell1-1/+0
(This used to be commit f283f71104319fa9f1e7d22fc91b8d7224ae157a)
2003-03-11fixed the MANGLE smbtorture test with the new paranoid string codeAndrew Tridgell1-1/+1
(This used to be commit 7be44dbe009a8d831c0720a2649fc871b067beef)
2003-03-11make sure we have an empty directory when we start the utable testAndrew Tridgell1-1/+5
(This used to be commit af415842b80f024ca26b4e3bc52fd73fce0a28f3)
2003-03-11If using --enable-developer and valgrind.h is present, define VALGRIND.Martin Pool1-0/+8
(This used to be commit 71c8e90117f00f168416f2f35a1c25755e2d0ed4)
2003-03-11When opening an existing DB, don't require the hash_size specified toMartin Pool1-2/+1
the open call to be the same as that of the existing tdb. The specified hash_size is only used if the tdb needs to be (re)created. With this patch in place, tdbtool can open the printing tdbs, which are created with a hash_size of 5000. Before it would fail with EIO. (This used to be commit e412dd6d7e5a41de94c07c64b186390ccce104cc)
2003-03-11Remove obsolete file.Tim Potter1-13/+0
(This used to be commit c5c1a7979385778c08d6dd7796cfe8be1815992f)
2003-03-11Patch from Ronan Waide:Martin Pool1-1/+1
> when doing "enumdomusers", rpcclient prints each one preceded by the > word "group" instead of "user" (This used to be commit 17567dd1d510d4cf1dffa67be78510ae51571ec6)
2003-03-10Some conversion to pstrcpy_base.Volker Lendecke1-6/+6
Volker (This used to be commit 329911e43681b724cb0579aad77b4a658759d7ba)
2003-03-10check a pointer before dereferencing it; not sure why userdata == NULL thoughGerald Carter1-1/+1
(This used to be commit 6fca29ddcdb111af24ee051b555ab4eec8cadd1d)
2003-03-10Don't segfault on make_server_info_guest() failure - instead return theAndrew Bartlett1-4/+2
error code. make_server_info_guest() requires an entry in the SAM at the moment, but this will change before release. Andrew Bartlett (This used to be commit 6a956390fa253e87e38b3f1909f13595fbf2767a)
2003-03-10Use "$@" to preserve shell quoting in case somebody passes an escapedMartin Pool1-1/+1
string as a configure parameter. (This used to be commit 3285c80cb0e41d6736b4f74b01a65d55753a7920)
2003-03-10fixed use_oplocks and the timeout in smbtorture startupAndrew Tridgell1-6/+16
(This used to be commit cec1ef09e5009cdac22e6c9ca101a49c5ef36b1a)
2003-03-10added -i option for ignoring dot errors in masktestAndrew Tridgell1-2/+9
(This used to be commit 0f4d1172a6add3f490fca22a45975d2588485146)
2003-03-10Makefile.in for NTLMSSP singing updateAndrew Bartlett1-1/+1
(This used to be commit 7717555438e4d74bb63d12abde3573933c15342a)
2003-03-10Further work on NTLMSSP-based SMB signing. Current status is that I cannnotAndrew Bartlett5-48/+447
get Win2k to send a valid signiture in it's session setup reply - which it will give to win2k clients. So, I need to look at becoming 'more like MS', but for now I'll get this code into the tree. It's actually based on the TNG cli_pipe_ntlmssp.c, as it was slightly easier to understand than our own (but only the utility functions remain in any way intact...). This includes the mysical 'NTLM2' code - I have no idea if it actually works. (I couldn't get TNG to use it for its pipes either). Andrew Bartlett (This used to be commit a034a5e381ba5612be21e2ba640d11f82cd945da)
2003-03-10Clobber strings with 0xf1f1f1f1 before writing to them to check bufferMartin Pool1-8/+33
lengths are correct. Attempts to pstrcpy into an fstring or allocated string should fail in developer builds. This builds on abartlet's earlier overflow probe for safe_strcpy, but by clobbering the whole string with a nonzero value is more likely to find overflows on the stack. This is only used in -DDEVELOPER mode. Reviewed by abartlet, tpot. (This used to be commit 8d915e266cd8ccc8b27e9c7ea8e9d003d05f8182)
2003-03-10Include valgrind.h if present on the system.Martin Pool1-0/+5
(This used to be commit 65ba78c6bd4c5ab7ec9bf4d15e4410482e82588d)
2003-03-10Check for valgrind.hMartin Pool1-0/+1
(This used to be commit 0ece70d631bf095bf9c8819180b6c59990159cd0)
2003-03-09Try not to clobber the session request.Andrew Bartlett1-3/+15
(This used to be commit 05cffbee56f0556f550b4d14f3111bd7db972621)
2003-03-09Add Ronan Waide's info about the setdriver call.Jelmer Vernooij1-4/+24
(This used to be commit ef6cb3ec1aa943d4e52ea08e7b43a47d781d3273)
2003-03-09Add some printing question & answersJelmer Vernooij2-0/+18
(This used to be commit 998537ca398100974075d11e28d5199997424f15)
2003-03-09Change the way we sign SMB packets, to a function pointer interface.Andrew Bartlett6-153/+346
The intention is to allow for NTLMSSP and kerberos signing of packets, but for now it's just what I call 'simple' signing. (aka SMB signing per the SNIA spec) Andrew Bartlett (This used to be commit b9cf95c3dc04a45de71fb16e85c1bfbae50e6d8f)
2003-03-09Don't fault on error returns (ptr == 0) for this LSA query.Andrew Bartlett1-10/+13
(for example, query to non-dc) Andrew Bartlett (This used to be commit d1dde5f684652f86e63ac6cfa34ff42a680693de)
2003-03-08This is C, not C++Andrew Bartlett1-4/+4
(This used to be commit 25d210b90b6c0377046d89a1dce7a32f94fd7859)
2003-03-08more on idmapSimo Sorce3-78/+207
two layers structure with - local tdb cache - remote idmap repository compiles (This used to be commit 8fb4e210bc7564ed491d121c20d598ba0bfbddff)
2003-03-08Add Q&A for people having trouble trying to log in without a properJelmer Vernooij1-0/+14
samba user database. (This used to be commit 957c11e40e0aedc24d2dce2aaae9888673d68e01)
2003-03-08Add notes on increasing performance on AIX, based on an email from William JojoJelmer Vernooij1-0/+12
(This used to be commit 7dc2b10215c2b015a36e78c3b9b8f13cecfdfeba)
2003-03-08Testparm needs the extra arg to set_local_machine_name() too.Andrew Bartlett1-1/+1
(This used to be commit 30ba31e6355b5dfb902e42d2b5edc71630db2923)
2003-03-08Make sure that the 'remote' machine name can only be set once. For some weirdAndrew Bartlett8-19/+39
reason, during a Win2003 installation, when you select 'domain join' it sends one machine name in the name exchange, and litraly 'machinename' during the NTLMSSP login. Also fix up winbindd's logfile handling, so that it matches smbd and nmbd. (This helps me, by seperating the logs by pid). Andrew Bartlett (This used to be commit afe5a3832f79131fb74461577f1db0e5e8bf4b6d)
2003-03-08Make it clear that this is a fstrcpy().Andrew Bartlett1-2/+2
(This used to be commit c2a266b7b661d319e13982bfdbc3a86e8502b8a4)
2003-03-08Fix typo in earlier fix, caught by Ranjit @ HP.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 13ab94fa73dbaf54da0169bbcf4d027d5c07d207)
2003-03-08some more codeSimo Sorce4-0/+474
(not tested yet) (This used to be commit 0d6cec90c13731827abcbc61974efc993e794003)
2003-03-07initial work for the new idmpa interfaceSimo Sorce2-0/+194
(This used to be commit 8338e74ac4e5f31150c96f459a67e52090dc6013)
2003-03-07Use ERROR_NT, not ERROR_DOS as Andrew Bartlett pointed out.Jeremy Allison3-3/+3
Jeremy. (This used to be commit c0930e6d15eb68f06453d9b67142ccd7fb1370a0)
2003-03-07Add early prototype of cifs mount helper for LinuxSteve French1-0/+389
(This used to be commit b20bcf8d336b4b2079eb42342a96d1fe714709de)
2003-03-07Missed parentheses around complex logic.Jeremy Allison1-1/+2
Jeremy. (This used to be commit e81427c2d69be166afad94bc083e750e8f48fba7)
2003-03-07Patch from Michael Steffens. In his own words :Jeremy Allison1-78/+199
------------------------------------------------------------------------- I think there are basically two problem: 1. Windows clients do not always send ACEs for SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, and SMB_ACL_OTHER. The function ensure_canon_entry_valid() is prepared for that, but tries to "guess" values from group or other permissions, respectively, otherwise falling back to minimum r-- for the owner. Even if the owner had full permissions before setting ACL. This is the problem with W2k clients. 2. Function set_nt_acl() always chowns *before* attempting to set POSIX ACLs. This is ok in a take-ownership situation, but must fail if the file is to be given away. This is the problem with XP clients, trying to transfer ownership of the original file to the temp file. The problem with NT4 clients (no ACEs are transferred to the temp file, thus are lost after moving the temp file to the original name) is a client problem. It simply doesn't attempt to. I have played around with that using posic_acls.c from 3.0 merged into 2.2. As a result I can now present two patches, one for each branch. They basically modify: 1. Interpret missing SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, or SMB_ACL_OTHER as "preserve current value" instead of attempting to build one ourself. The original code is still in, but only as fallback in case current values can't be retrieved. 2. Rearrange set_nt_acl() such that chown is only done before setting ACLs if there is either no change of owning user, or change of owning user is towards the current user. Otherwise chown is done after setting ACLs. It now seems to produce reasonable results. (Well, as far as it can. If NT4 doesn't even try to transfer ACEs, only deliberate use of named default ACEs and/or "force group" or the crystal ball can help :) ------------------------------------------------------------------------- Jeremy. (This used to be commit 8ec20cbae7ca7e685b1a4186d8482c7405915dc3)
2003-03-07Some progress towards gums and tdbsam2Simo Sorce10-286/+1166
genparser works fine, and it is a marvelous tool to store objects in tdb :) (This used to be commit 4c6d461a8572f03cd33cba95500cc837638b732c)
2003-03-07Limit the number of SIDs that may be looked up, in line with existing codeAndrew Bartlett1-0/+5
for name->sid. (This used to be commit 0ebccc0dbeecc10d423529909a2563fbc3bf9857)