Age | Commit message (Collapse) | Author | Files | Lines |
|
typecasting for the debug messages of the data dump. hm.
#ifdef NTDOMAIN
ntclient.c rpc_pipes/lsaparse.c rpc_pipes/ntclientnet.c rpc_pipes/smbparse.c :
adding "Net Server Password Set" functionality to smbclient.
#endif
(This used to be commit ad43183d2dd62a808c9fba03f81562362d4de713)
|
|
separated out smb server-mode password validation into a separate file.
added called and calling netbios names to client gen state: referenced
section in rfc1002.txt.
created workstation trust account checking code in ntclient.c
there might be a bug in reply_session_setup_andX. i indented and added { }
around single-line if statements: the lm password checking code now doesn't
look right (around the GUEST_SESSSETUP bits). *no code semantics have been
changed by the indentation process*.
(This used to be commit f27966957fa7f16d337a4a58719239d036deab4c)
|
|
uninitialised variable warnings.
(This used to be commit 1b0bd98bb3bfd3d8cd02e8983e825199e839ec05)
|
|
understand the full range of byte offsets in locking requests. Samba
doesn't (due to the 31 bit limitation in fcntl locking)
(This used to be commit af1f408a05a42a7ec5c2f4cc5b67c08b3c6cf61f)
|
|
are ones that I know Samba fails. They are:
1) correct support for retaining locks over a close (ie. the server
must not use posix semantics)
2) support for lock timeouts
3) the server supports multiple locking contexts on the one SMB
connection, distinguished by PID.
4) the server correctly fails overlapping locks made by the same PID (this
goes against POSIX behaviour, which is why it is tricky to implement)
5) the server denies unlock requests by an incorrect client PID
I've been discussing with Jeremy ways that we can re-implement the
locking code to handle these correctly. This test code will be useful
to see that we have got it right.
(This used to be commit 097781e2992f12c545170c82ada2f4023a9784f5)
|
|
chris' computer (probably about four minutes) meant that chris' commits
didn't get downloaded when i did a cvs update.
therefore, i did a cvs update; make proto; cvs commit, and still got problems.
so, five minutes later, i do a cvs update, and _then_ chris' server.c and
mangle.c mods get downloaded, and i have to do another make proto.
this particular problem has hit us *really* badly in the past, because i
was taking files home (onto a portable that i hadn't reset the time on
since i went to the states) and then recopying them back onto the computer
here. if i do this, i do a touch *.c *.h; cvs -t update. *then* a cvs commit.
(This used to be commit edb9c52948159baa48d9decd253a401737bd5363)
|
|
added a #define around the alignment thing: it's a way to stop
NetMonitor from decoding your packets!!!!
proto.h :
usual.
reply.c :
added what i believe to be the correct error messages for getting
correct domain joining.
smb.h :
some guesses at good names of the SAMR_XXXX functions. sorting
out the SAMR_LOOKUP_RIDS function. this is *not* the same as
the LSA_LOOKUP_RIDS function, unless paul accidentally put it
on the ntlsa pipe by mistake, instead of the samr pipe :-)
rpc_pipes/lsa_hnd.c rpc_pipes/pipe_hnd.c :
moved creation and allocation of unique policy handles into this module.
rpc_pipes/pipesamr.c rpc_pipes/samrparse.c rpc_pipes/smbparse.c :
SAMR_LOOKUP_RIDS is beginning to look _suspiciously_ like the
LSA_LOOKUP_RIDS function. but i know that there are subtle
discrepancies.
(This used to be commit 6bc07b0b4193e28b13a675fece8d9d6b365a7eb0)
|
|
mangle.c server.c proto.h
mangle.c
I am planning to replace the mangled_stack array with a proper stack,
but found many style inconsistencies (no, really). As you might expect,
I have standardized on my own preferences. ;)
I also found a potential problem in create_mangled_stack (which I've
renamed as reset_mangled_stack). If the stack size were passed into
the function as 0 or less, there was the possibility that the array
would have been freed twice. I doubt that this ever happens, but I
don't like to leave holes.
Of course, the fix will be irrelevent once I replace the array with
a linked-list-based stack.
server.c
Changed the call to create_mangled_stack() to a call to reset_mangled_stack().
proto.h
Regenerated to match the above changes. (A real comment! How unusual!)
(This used to be commit 34d1b3e4fa7a1158f3a3c5c47adf0417c7144095)
|
|
luke changed it.
proto.h: The usual.
uid.c: Fix crash bug when attaching with smbclient -mCORE. A vuid
pointer was being used when it was null.
Jeremy.
(This used to be commit ff94f97cf2b0f62cbbddbfd3d126df7f4d649334)
|
|
Modified Files:
---------------
Makefile:
adding extra files
ipc.c :
send_trans_reply() - alignment issue. this makes the alignment
the same as that in NT. this should be looked at by people who
understand the SMB stuff better than i.
api_fd_commands[] - added samr and wkssvc pipes.
loadparm.c :
lp_domain_controller() changed to mean "samba is a domain controller".
it's a "yes/no" parameter, now. no, it isn't used _anywhere_.
namedbwork.c nameelect.c :
if "domain controller = yes" then add SV_TYPE_DOMAIN_CTRL to the
host _and_ workgroup announcements. yes, you must do both: nt does.
namelogon.c :
important NETLOGON bug in SAMLOGON request parsing, which may be
the source of some people's problems with logging on to the Samba PDC.
password.c :
get_smbpwnam() renamed to get_smbpwd_entry().
pipes.c :
added samr and wkssvc pipes.
proto.h :
usual. can we actually _remove_ proto.h from the cvs tree, and
have it as one of the Makefile dependencies, or something?
reply.c :
get_smbpwnam() renamed to get_smbpwd_entry() - also changed response
error code when logging in from a WORKSTATION$ account. yes, paul
is right: we need to know when to return the right error code, and why.
server.c :
added call to reset_chain_pnum().
#ifdef NTDOMAIN added call to init_lsa_policy_hnd() #endif. jeremy,
you'd be proud: i did a compile without NTDOMAIN, and caught a link
error for this function.
smb.h :
defines and structures for samr and wkssvc pipes.
smbpass.c :
modified get_smbpwnam() to get_smbpwd_entry() and it now takes
two arguments. one for the name; if this is null, it looks up
by smb_userid instead.
oh, by the way, smb_userids are actually domain relative ids
(RIDs). concatenate a RID with the domain SID, and you have
an internet globally unique way of identifying a user.
we're using RIDs in the wrong way....
added mod_smbpwnam() function. this was based on code in smbpasswd.c
rpc_pipes/lsaparse.c :
added enum trusted domain parsing. this is incomplete: i need
a packet trace to write it properly.
rpc_pipes/pipe_hnd.c :
added reset_chain_pnum() function.
rpc_pipes/pipenetlog.c :
get_smbpwnam() function renamed to get_smbpwd_entry().
arcfour() issues.
removed capability of get_md4pw() function to automatically add
workstation accounts. this should either be done using
smbpasswd -add MACHINE$, or by using \PIPE\samr.
rpc_pipes/pipe_util.c :
create_pol_hnd() - creates a unique LSA Policy Handle. overkill
function: uses a 64 bit sequence number; current unix time and
the smbd pid.
rpc_pipes/smbparse.c :
arcfour() issues.
smb_io_unistr2() should advance by uni_str_len not uni_max_len.
smb_io_smb_hdr_rb() - request bind uses uint16 for the context
id, and uint8 for the num_syntaxes. oops, i put these both as
uint32s.
Added Files:
------------
rpc_pipes/lsa_hnd.c :
on the samr pipe, allocate and associate an LSA Policy Handle
with a SID. you receive queries with the LSA Policy Handle,
and have to turn this back into a SID in order to answer the
query...
rpc_pipes/pipesamr.c rpc_pipes/samrparse.c
\PIPE\samr processing. samr i presume is the SAM Replication pipe.
rpc_pipes/pipewkssvc.c rpc_pipes/wksparse.c
\PIPE\wkssvc processing. the Workstation Service pipe?
holy cow.
(This used to be commit 1bd084b3e690eb26a1006d616075e53d711ecd2f)
|
|
proto.h: The usual.
server.c: Added timestring() messages to oplock logs. Added fix
to allow file open processing to continue is an oplock
break message times out.
Jeremy.
(This used to be commit c45369217169fac261b32db71469c007db4b4a03)
|
|
as it is only for logging but it will prevent people from writing in
to say that we are not y2k compliant after running auto-diagnostic
tests.
(This used to be commit b4e55cd4765085fc2465c6ff757094e05eabc51e)
|
|
add auto username from LOGNAME for smbtorture
proto fix in ufc.c
(This used to be commit f13dbdf307ccffc15a74e2ffa72da666e53a72b6)
|
|
Jeremy.
(This used to be commit 313fdcd3e99e0fa2bd44b30545cf32e36cd13119)
|
|
I really wish you could say
#ifndef "struct foo_struct"
in C :-)
(This used to be commit acffb39f1aea9816ece41d66e9369375e9aa7df4)
|
|
LSA_OPENSECRET and three other unknown #defines are commented as not
being the real defines for these!!!
rpc_pipes/pipenetlog.c :
USE_ARCFOUR for Server Password Set. and then ignore the password (agh!)
this will *fail* to do logins, by the way. i need to add a routine
to update the smb password (next job).
(This used to be commit b9d26344cc9b64ef3578931d099d52eab080fdd3)
|
|
loadparm.c : to equivalent to version 1.67
reply.c : to equivalent to version 1.69
server.c : to equivalent to version 1.122
util.c : to equivalent to version 1.98
to remove the incorrect changes.
proto.h: The usual.
rpc_pipes/smbparse.c : Backeting stuff that SHOULD NOT BE IN THE
none-NTDOMAIN build !
Jeremy.
(This used to be commit 6064c9d80fd9fcc3ceec528494ba5e2591610098)
|
|
like it, has *not* been added.
this is the client and server side of the SAM Logon NT and LM OWF password
obfuscation (rc4 with the long-term session key).
(This used to be commit 4cf4dd696714492f8e51661cab4736d66ab2916b)
|
|
(This used to be commit cadd772df72aa13018ea6e909ed0d7e294f24b5e)
|
|
'<' and '|' characters indicate read file and execute command respectively,
and feed the output into the parameter (!!!).
'<$' and '|$' means run standard_sub_basic() on them.
this is going to be fun to document in smb.conf.5....
also, Christian created a new "online" service parameter. services can
be taken "off-line"....
(This used to be commit 15f44d28916cdc1432bffdbb999c7cf7efd8fb86)
|
|
(This used to be commit f39fe3b62dd869f218bd8a2c66de7b91c0044192)
|
|
(This used to be commit 34325448542e307198635a15d5ff3bc895c24413)
|
|
(This used to be commit adf3119245148d517913efb549e8b88d5ba66b39)
|
|
added "domain hosts allow" and "domain hosts deny". these are to be
used to specify which workstations can log in to a samba PDC from.
it is also used to check whether to add an initial machine password
into the smbpasswd database or not
smbpass.c :
added capability to add a machine password to the smbpasswd database.
***** the default uid is zero *****
rpc_pipes/pipenetlog.c :
use of "domain hosts allow/deny" parameters to allow login access.
proto.h :
usual.
(This used to be commit 2e7d3410306640aa6402e0506430a53988cc583e)
|
|
(This used to be commit c164681dfe2ad9623a59f01eea914bf27d4801e5)
|
|
This should fix the byte order problems (maybe!)
(This used to be commit 21878e7d8628d05786c3c76f2943e31df1096577)
|
|
(This used to be commit 1a454f818841bf016ff04fd70cd73a5964d56f2e)
|
|
(This used to be commit b3fd976b6c5c8342d04d87a7523864b09918d260)
|
|
only allow one query in the async dns pipe at a time. The others are
queued in the parent.
(This used to be commit f1004dd52adb29d088f0725e2c940ed44d3a764f)
|
|
(This used to be commit cc6e7706635ba4bf044ebd5a525113c1b2fd93e3)
|
|
- start it earlier
- set DEBUGLEVEL to -1 to prevent any debug calls in child
- exit with _exit() to prevent logfile corruption
(This used to be commit 21dd073a2003fa4707c1577a6b07bcef30eb6a50)
|
|
(This used to be commit fa251b7eba48c9ef2d8d3d798ce5b99c8508c243)
|
|
(This used to be commit f49eb1e03780f7c5e6355517b8f6134c571be246)
|
|
(This used to be commit 4de4571855d8c9695035beaa3353bdd9c9a0eb78)
|
|
Logon server, with encrypted passwords *prior* to trying out the NT Domain
Logons.
(This used to be commit f39608ec065503920aafed9655178ce36e67f1f9)
|
|
rpc_pipes/ntclientlsa.c rpc_pipes/ntclientnet.c
rpc_pipes/ntclientpipe.c :
added extra argument to cli_call_api() to allow specifying the length of
the \PIPE\ name. it appears that, like when the name of the pipe is NULL
and OS-2 requires two extra bytes _after_ the NULL name, that NT requires
two bytes after the NULL-terminated name "\PIPE\". these two bytes vary,
but values seen so far are: 0x72 0x70; 0x63 0x65; 0x44 0x65; 0x4E 0x00.
there appears not to be much logic to this. purpose unknown.
ntclient.c:
put Set Named Pipe Handle State call directly after SMBopenX call.
(This used to be commit 54c245be152e5fa8f5b535c93f8d11c5f591e23f)
|
|
(This used to be commit 4525c3b6e57bcc7b878eb4194e21603f33e9d7ea)
|
|
(This used to be commit 32fecea63b892e0a15c398cfc65d53c4ece74d86)
|
|
techniques more accurately.
(This used to be commit 054e3b2ae3a8cfb98fde72becef9b05de34d2ba7)
|
|
(This used to be commit d8b896a90fb693187a11456e46971c873e9f0d60)
|
|
OSes. Instead add explicit checks for dead locks at startup.
(This used to be commit 79858d610c37675b9dc56a949723053ac9b67620)
|
|
(This used to be commit 6d77311d6cecabafb86c02e26b30724425ef6208)
|
|
don't need to restart smbd after a DST change.
(This used to be commit 2a50d5d5ed4ca7d2b546d7337ec88c527ec82689)
|
|
(This used to be commit 01df21c22d567a0cc6d69a03fd3246dcfd92217d)
|
|
the device number happened to divide the number of hash buckets we
would only use a small fraction of the hash buckets, which would slow
things down.
(This used to be commit 623ffd701f2f966875d396d8b2df74f0cf874cda)
|
|
(This used to be commit a43fa71a5fa740ae8757989c4177f21d8193de94)
|
|
(This used to be commit af7700aa2e3c736f86ae3217a424dfb0910f5f45)
|
|
(This used to be commit 0d9b0d0fffc2b11fe4897b8b99f321fc7d9a143c)
|
|
(This used to be commit 4d9cd22c9e885a3b1535ab4d80f0622121abc7a6)
|
|
(This used to be commit 642ef3c78ad6d1c75ac127ff2169a9081a1c1454)
|