Age | Commit message (Collapse) | Author | Files | Lines |
|
function table, selectable at compile time. This should make the
code that implements all the password functions much cleaner, as
it's now very clear exactly what a particular password database
needs to provide to Samba.
Jeremy.
(This used to be commit 27ca536ad974242524c12f7100e419d9e7f9647f)
|
|
ldap.c: Stoped dummy_function being prototyped.
loadparm.c: Fixed slprintf sizes.
nisppass.c: Fixed safe_strcpy sizes.
nmbd_processlogon.c: Changed back to getsmb... from getsam...
nttrans.c: Just a dump of new code.
passdb.c: Moved stuff around a lot - stopped any lookups by rid. This
needs to be indirected through a function table (soon).
password.c: Changed back to getsmb... from getsam...
reply.c: Changed back to getsmb... from getsam...
slprintf.c: Fixed prototype problems.
smb.h: Fixed prototype problems.
smbpass.c: Changed to getsmbfile....
smbpasswd.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup.
lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam...
Jeremy.
(This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
|
|
using nis+ on your system, so you get 100 linker errors...
(This used to be commit e325d9a81039152e8c57f7fab6cf948d8e1ec7d3)
|
|
instead, for use by nisppass.c
(This used to be commit 2253ca407267eb161cfcd8b53dcc9848d9398f4c)
|
|
code, use pdb_sam_to_smb(...sam21...) calls instead. this is a lot simpler.
(This used to be commit d92f4e71c12ce5010f05fa7dd3918a48e7386d1e)
|
|
back in (they had been taken out of includes.h because they are only
local to ldap.c.
(This used to be commit 98ab085b93fb25a4d9275c0d54a863fd9fae2548)
|
|
passdb.c sam_passwd <-> smb_passwd conversion routines
(This used to be commit 8082239c81dfed5e3cc34a4d0a4e7195398ae627)
|
|
(This used to be commit dea0c06eec44a7c2860f97d8f23584d30e482e0a)
|
|
functions
(This used to be commit 381df1e52bfc97b80422de2703db8cb521dc47e1)
|
|
- split smbpass.c "password file lock" routines into smbpassfile.c: moved
trust account routines into smbpassfile.c as well
(This used to be commit 3e48b4eb113cc5e1c6794d7ac699fd9ac47c654a)
|
|
taken to mean ":x".
(This used to be commit 660206e816f9be708e09a1aad3b342b94e5e4f53)
|
|
- added nisppass.c and NISPLUS_FLAGS
includes.h:
- renamed USE_LDAP to USE_LDAP_DB. renamed NISPLUS to USE_NISPLUS_DB.
added default define of USE_SMBPASS_DB.
- removed ldap headers: they are local only to ldap.c
ldap.c :
- made all ldap-specific functions static.
- added dummy sam21 functions
loadparm.c :
- renamed NISPLUS to NISPLUS_HOME
mkproto.awk
- commented out ldap-specific #ifdef generation code: it's not
needed now that ldap-specific functions in ldap.c are static
nisppass.c :
- first attempt at an add function from
(This used to be commit f215d375f0f1e12894c2a9e86bd28d4776d337c1)
|
|
in /etc/passwd. Fix from "Mike Black" <mblack@csihq.com>.
Jeremy.
(This used to be commit 0146883f8568de4642087bb769b0381c3217d792)
|
|
copying from a parameter into an unitialized variable (doh !).
Jeremy.
(This used to be commit a3a0dc14c2f9f703963ade67f30dd6c40bbe7144)
|
|
of passdb.c api.
(This used to be commit 2dd01b7c70f7e1f3158bd4bc75459892007e5418)
|
|
based on Benny Holmgren's samba patch (copyright acknowledged).
(This used to be commit 2a87cf09572bd2154d4b373e1aa2171106e96da7)
|
|
(This used to be commit d7ed2ee35c76a19e93453c23b5e56874b72cc0e5)
|
|
from private/smbpasswd.
(This used to be commit 1acdd9fd6c391ad4871c55c0ba8f5b00076ba115)
|
|
smbds started from the same parent won't use the same sequence.
Jeremy.
(This used to be commit d3f507d05df9d0dd313b39bc99ebf11451dc0120)
|
|
server.c: Moved generate_machine_sid() into passdb.c for Jean-Francois
(who might want an LDAP version). Changed locking to free exclusive
lock as soon as possible to prevent contention.
lib/rpc/parse/parse_samr.c
lib/rpc/server/srv_samr.c: Changed last SID-as-string manipulation
function to use DOM_SID structure.
Jeremy.
(This used to be commit 3b8f5aef57b4f37265c0403385053085f0df6f18)
|
|
(This used to be commit b924e378f82bfca23b47261a5d0991635b2962ba)
|
|
unreadable and unmaintainable
(This used to be commit eefeb61242449ea2a8d5f64e15d37f90789bdacc)
|
|
(This used to be commit da3d9602c71094df4dba0edd45ade71555f5e97b)
|
|
not present in smb.conf).
Jeremy.
(This used to be commit e7c1100390b714bf2f489a9032156b0c9272e403)
|
|
server.c: Added MACHINE.SID file generation - use lp_domain_sid() be default.
smbpass.c: Exposed do_file_lock() as I now use it in server.c
Jeremy.
(This used to be commit 5bf17840ac7d65d08dd3fdfe8b789010488f6808)
|
|
ipc.c: Caused samba password changing not to be done if UNIX password
changing requested and not successful.
util.c: Added string_to_sid() and sid_to_string() functions.
lib/rpc/client/cli_samr.c:
lib/rpc/include/rpc_misc.h:
lib/rpc/parse/parse_lsa.c:
lib/rpc/parse/parse_misc.c:
lib/rpc/parse/parse_net.c:
lib/rpc/parse/parse_samr.c:
lib/rpc/server/srv_lsa.c:
lib/rpc/server/srv_lsa_hnd.c:
lib/rpc/server/srv_netlog.c:
lib/rpc/server/srv_samr.c:
lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs
around as char *, they are converted to DOM_SID at the earliest
opportunity, and passed around as that. Also added dynamic memory
allocation of group sids. Preparing to auto-generate machine sid.
Jeremy.
(This used to be commit 134d6fa79c1b6b9505a2c84ba9bfb91dd3be76e5)
|
|
Jeremy.
(This used to be commit a7afda2e4ecab226c90db023293f5d460e81ae2f)
|
|
(This used to be commit 6074d09dbf7c9ae03a56773e6ff0a52a60cc75da)
|
|
(This used to be commit 204a939807d6fe66fcd721aabf7a88ee33eb23d6)
|
|
(This used to be commit 1c052f8744c3f1f64638eb4c0ea7b0db39d50040)
|
|
(This used to be commit 9907296225e35548dadd70e1be5a06517b27bb87)
|
|
have vsnprintf.
locking_slow.c: slight tidy.
make_smbcodepage.c: Use safe_strcpy instead of pstrcpy.
nmbd_winsserver.c: Use pstrcpy instead of fstrcpy.
smbmount.c: Fixed reported bug.
util.c: Removed old fstrcpy/fstrcat functions.
Jeremy.
(This used to be commit f257d2e4bafd3944cca737699913a8d868279ca6)
|
|
- #ifdef around putting 16 byte hashes instead of plaintext password.
(This used to be commit ca7bf597e4781ee1a82dc231584b16624d99e9f3)
|
|
(This used to be commit da11063cbd23c376c4e1afaad647adcb989934eb)
|
|
(This used to be commit 80d6a3bb0cf3853aa51594cce888e6c0a6e6f634)
|
|
the interface point.
(This used to be commit 27ba6fafc90d8de7107f39c848f1f34b021ed0a0)
|
|
kludge. It is a safe kludge with our current code but I would like to
revisit it at some point in the future.
The problem with the one I committed yesterday is it used non-portable
functions. (it also had a bug in it, but that's another matter)
This one works by just using vsprintf() into a 8k buffer and a memcpy
from there. No memory protection tricks or other non-portable
stuff. This is safe because all calls to slprintf() in samba use
strings which have been through a pstrcpy and thus are less than 1024
bytes. No call uses more than 2 of these strings. See what I mean by
kludge? Note that the 8k is way overkill but I like overkill :)
Someday (after autoconf) we will replace this with something better,
but meanwhile this is simple, secure and portable.
(This used to be commit 4cfcc398c35c6726f14f485ae8e9ebcef180392f)
|
|
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
|
|
ldap.c :
- added getldap21pwent() function
passdb.c :
- getsam21pwent() no longer a stub: calls ldap21 or smb21
smbpass.c :
- added getsmb21pwent() function (he he :-)
lib/rpc/server/srv_samr.c :
- removed "specific" calls to ldap functions; replaced with
call to get_sampwd_entries instead (which is unfinished).
- rewrote get_user_info_21 function to call getsam21pwrid.
(This used to be commit c760ebbf127796427c4602aae61952df938c6def)
|
|
and null session setup done.
smbpasswd.c: Fix from Gerald Carter <cartegw@Eng.Auburn.EDU> to fix incorrect
use of pointer.
Jeremy.
(This used to be commit 69ace0760986a6e892cd5b25ca85930b65e38c45)
|
|
from which an NT user can log in from. empty (default) indicates no
restrictions. exactly how this is enforced is unknown. from past experience
it's likely that the enforcement is left to the client to carry out...
(This used to be commit 6b2f9ea68f5754ca6caaf685a9538ab404e1bab4)
|
|
Makefile:
created PASSBD_OBJ group
includes.h:
added #ifdef USE_LDAP to #include <ldap> headers
ldap.c:
- renamed "_machine" to "_trust" everywhere.
- added sam_passwd support routines
- removed get_ldappwd_entry function: replaced with get_sampwd_entry
- removed getldappwnam/uid: replaced with getsampwnam/uid
- other messing about bits which are probably going to annoy the
hell out of jean-francois (sorry!)
mkproto.awk:
- added stuff to wrap ldap.c protos with #ifdef USE_LDAP
- added uid_t and gid_t return results to the prototype generation
passdb.c:
- created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry.
- modified getsampwnam/uid and created getsam21pwnam/rid functions
to replace the local get_smbpwd_entry() and get_ldappwd_entry()
functions, which jeremy didn't like anyway because they were
dual-purpose.
- added utility routines which are or may be useful to all the
password database routines.
password.c:
- renamed "machine_" to "trust_" everywhere.
smbpass.c:
- removed get_smbpwd_entry function: replaced it with get_sampwd_entry
functions in passdb.c
- moved code that decoded acct_ctrl into passdb.c
- moved encode_acct_ctrl into passdb.c
- removed getsmbpwnam/uid: replaced with getsampwnam/uid
- renamed "machine_" to "trust_" everywhere.
smbpasswd.c:
- renamed "machine_" to "trust_" everywhere.
util.c:
- moved gethexpwd function into passdb.c
lib/rpc/server/srv_util.c:
- moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c
(This used to be commit 673ab50c4c2c25db355d90efde3a6bfbb4d8369e)
|
|
get stuck on systems with broken headers (like SunOS4). In this case
use StrCaseCmp instead of strcasecmp
(This used to be commit 1386c6e25a2cf05c5c48b7a5094db3b2a6f5a5b3)
|
|
this but it really is necessary (sorry Chris!)
ubiqx code didn't compile on SunOS4 otherwise as stdlib didn't define
NULL.
(This used to be commit 4989db8b0b6fad8bd743615b1fe177adbb2594cf)
|
|
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
|
|
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit 6b0c1733d2ebf3b8f09f3bf88b8648d8b371bb1f)
|
|
This now tries Enhanced passwords first and if this fails trys Basic
mode (ie: Unix /etc/passwd) authentication. This only happens when
OSF1_ENH_SEC is defined at compilation.
(This used to be commit 29462c8d7a241eb462b1583170a0b5f16096ea3f)
|
|
(This used to be commit d42dd371fa2ab690bf4261a735f03a7380479ebe)
|
|
(This used to be commit d7975ef1e3f38e678ea20d3f86718b05f4fb1aff)
|
|
(This used to be commit beb56f083d6f9c557486f08b8266c53552684118)
|