samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2010-01-08	testprogs: pass down architecture in spoolss test.	Günther Deschner	1	-28/+37
	Guenther
2010-01-08	testprogs: add win32 spoolss testsuite.	Günther Deschner	11	-0/+1277
	Guenther
2010-01-07	s4 torture: Add RAW-OPEN-NTCREATEDIR to test error checking for open ↵	Tim Prouty	1	-0/+198
	directories as files
2010-01-07	s3 torture: Prevent smbcli segfault when running smbtorture3 against an smbd ↵	Tim Prouty	1	-0/+5
	with security=share
2010-01-07	s3:auth: don't update the bad pw count if pw is among last 2 history entries	Michael Adam	1	-1/+73
	This conforms to the behaviour of Windows 2003: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/bpactlck.mspx This is supposed to fixes Bug #4347 . Michael
2010-01-07	s3:auth:check_sam_security: introduce a bool var to control pad_pw_count ↵	Michael Adam	1	-1/+7
	incrementation This is a preparatory patch for the last part in fixing bug #4347 . Michael
2010-01-07	s3:passdb: store the plain nt passwords hashes in history, not salted md5	Michael Adam	1	-5/+10
	This is in order to be able to do challenge response with the history, so that this can be checked when an invalid password was entered: If the given password is wrong but in the history, then the bad password count should not be updated... The "lucky" bit here is that the md5 has and the nt hash (md4) both are 16 bytes long. This is part of the fix for bug #4347 . Michael
2010-01-07	s3:smbd:password_in_history: treat entry with 0 salt as 0 + plain nt hash	Michael Adam	1	-6/+24
	This is to introduce a new format of the password history, maintaining backwards compatibility: The old format was 16 byte hash + 16 byte md5(salt + nt hash). The new format is 16 zero bytes and 16 bytes nt hash. This will allow us to respect the last X entries of the nt password history when deciding whether to increment the bad password count. This is part of the fix for bug #4347 . Michael
2010-01-07	s3: Remove some code that has become unnecessary	Volker Lendecke	1	-8/+0
	The code I just removed was checked in with e5466fffc286a99f as a bug fix for https://bugzilla.samba.org/show_bug.cgi?id=3319. With the changes to is_visible_file made with 9e8b8f8c16612 these lines have become unnecessary, even with "hide unreadable = yes" dead msdfs symlinks show. This is because we can not stat(2) them and default to showing them. Why this change? I have a user who wants to use "hide unreadable" on msdfs links. Because you can't edit acls on symlinks themselves, the user created the targets as bogus, empty files that just exist as acl placeholders. With the code in place that this patch removes, we never allow this to work. Jeremy, please check! :-) Thanks, Volker
2010-01-07	s3-docs: fix eventlogadm manpage typo.	Günther Deschner	1	-1/+1
	Guenther
2010-01-07	s3: Lock down some srvsvc calls according to what w2k3 seems to do	Volker Lendecke	1	-0/+21

2010-01-07	s3:auth:check_sam_security: improve calling and logging of ↵	Michael Adam	1	-4/+16
	pdb_update_sam_account Log what went wrongl, and also call pdb_update_sam_account inside become_root/unbecome_root: do the logging outside. Michael
2010-01-07	s3:auth:check_sam_security: fix a leading tab/ws mixup	Michael Adam	1	-1/+1
	Michael
2010-01-07	s3:auth:check_sam_security: create (and use) a common exit point	Michael Adam	1	-11/+7
	for use after sam_password_ok() has been called. Michael
2010-01-07	s3:auth:check_sam_security: null out sampass after it has been stolen.	Michael Adam	1	-0/+1
	So that a later talloc_free would not harm. I could have used talloc_move instead of talloc steal in make_server_info_sam(), but this would have required a change of the signature. Michael
2010-01-07	s3:auth:sam_password_ok: take username, acct_ctrl and nt/lm hashes, not sampass	Michael Adam	1	-14/+20
	This is in preparation to extending check_sam_security to also check against the password history before updating the bad password count. This way, sam_password_ok can more easily be reused for that purpose. Michael
2010-01-07	s3:auth: use data_blob_null instead of data_blob(NULL, 0) in sam_password_ok()	Michael Adam	1	-2/+2
	This way it is more explicit that there is no allocated data here that may leak. Michael
2010-01-07	s3:auth:sam_password_ok: fix allocation of a data blob.	Michael Adam	1	-1/+1
	data_blob(mem_ctx, 16) does not use mem_ctx as a talloc ctx but copies 16 bytes from mem_ctx into the newly allocated data blob. This can not have been intentional. A blank uint8_t array of length 16 is allocated by passing NULL instead of mem_ctx. And using data_blob_talloc(mem_ctx, NULL, 16) adds the allocated blank 16 byte array to mem_ctx - so this is what must have been intended. Michael
2010-01-07	s3:auth:sam_password_ok: enhance readability (imho) by adding some pointers	Michael Adam	1	-17/+24
	and removing bool variables and several checks. Michael
2010-01-07	s3:check_sam_security: untangle assignment from statement	Michael Adam	1	-1/+2
	Michael
2010-01-07	s3: Factor password_in_history() out of check_passwd_history()	Volker Lendecke	2	-25/+44

2010-01-07	Simplify E_md5hash a bit	Volker Lendecke	1	-6/+2

2010-01-07	s3: Simplify pdb_set_plaintext_passwd: pwhistory==NULL can not happen anymore	Volker Lendecke	1	-24/+19

2010-01-07	s3: Simplify pdb_set_plaintext_passwd: pwHistLen==0 was checked above	Volker Lendecke	1	-2/+4

2010-01-07	s3: Add a paranoia check to pdb_set_plaintext_passwd()	Volker Lendecke	1	-0/+5

2010-01-07	s3: Simplify pdb_set_plaintext_passwd() by removing a redundant condition	Volker Lendecke	1	-22/+11
	if (current_history_len != pwHistLen) { if (current_history_len < pwHistLen) { } } The second "if" is a bit pointless here
2010-01-07	s3: Simplify pdb_set_plaintext_passwd: memcpy deals fine with 0 bytes	Volker Lendecke	1	-5/+2

2010-01-07	s3: Simplify pdb_set_plaintext_passwd by using talloc_zero_array	Volker Lendecke	1	-5/+2

2010-01-07	s3: Make use of talloc_array in pdb_set_plaintext_passwd()	Volker Lendecke	1	-2/+3

2010-01-07	s3: Simplify pdb_set_plaintext_passwd() a bit	Volker Lendecke	1	-66/+63
	Remove an indentation by the early return in + if (pwHistLen == 0) { + /* Set the history length to zero. */ + pdb_set_pw_history(sampass, NULL, 0, PDB_CHANGED); + return true; + }
2010-01-07	s3: Simplify pdb_set_plaintext_passwd() slightly	Volker Lendecke	1	-56/+83
	No functional change, this just removes an indentation level by the early "return True;" in + if ((pdb_get_acct_ctrl(sampass) & ACB_NORMAL) == 0) { + /* + * No password history for non-user accounts + */ + return true; + } Volker
2010-01-07	s3: Fix a typo	Volker Lendecke	1	-1/+1

2010-01-07	s3: Avoid a memset(, 0, ) call	Volker Lendecke	1	-2/+1

2010-01-07	s3:pdb_set_pw_history: free the old history before setting the new.	Michael Adam	1	-0/+1
	This is not strictly necessary, since this only leaks into the struct samu, and this is not so long-lived in the code path that changes the password, but it definitely correct and does not harm. Michael
2010-01-07	s3:pdb_ldap:init_sam_from_ldap: untangle an assignment from the check	Michael Adam	1	-3/+3
	to enhance readability and denbuggability. Michael
2010-01-06	s4/torture: fix small bug in lock test	Steven Danneman	1	-0/+1
	Cleanup path should unlock, not cancel existing locked range.
2010-01-06	s4/torture: add more lock cancellation tests	Steven Danneman	1	-2/+95
	* Test the SMB1 behavior when multiple lock ranges are requested, pend, and then are cancelled. The entire LockingAndX request fails.
2010-01-07	s3:lib/time: remove TIME_T_MIN/MAX defines	Björn Jacke	1	-8/+0
	we already get them from lib/util/time.h
2010-01-07	lib/util: move TIME_T_MIN/MAX defines into header file	Björn Jacke	2	-14/+14

2010-01-07	ѕ3:lib/time: replace make_dos_ and put_dos_ functions with those from lib/util/	Björn Jacke	1	-89/+6

2010-01-07	s3:lib/time: remoce null_mtime() - use null_time()	Björn Jacke	2	-14/+2

2010-01-07	s3:lib/time: remove unused nt_time_equals	Björn Jacke	2	-9/+0
	we have nt_time_equal doing the same in lib/util/
2010-01-06	Second part of the fix for bug #7020 - smbd using 2G memory.	Jeremy Allison	1	-0/+7
	There was a second leak in the processing of the out_data.frag prs_struct. It needs freeing once the current pdu has been returned asynchronously. Jeremy.
2010-01-06	s4-smbtorture: add test_ChangeID to RPC-SPOOLSS.	Günther Deschner	1	-0/+179
	This tests ChangeID consistency between spoolss_GetPrinterData, spoolss_GetPrinterDataEx and spoolss_GetPrinter (level 0). Guenther
2010-01-06	s4-smbtorture: add test_SetPrinter to RPC-SPOOLSS.	Günther Deschner	1	-0/+26
	Guenther
2010-01-06	s4-smbtorture: refactor test_GetPrinter in RPC-SPOOLSS.	Günther Deschner	1	-28/+50
	Guenther
2010-01-06	ѕ3:configure: use gettimeofday check from lib/util/	Björn Jacke	1	-9/+1

2010-01-06	vfs_commit: print warning when no fsync support is there	Björn Jacke	1	-0/+2
	this one was part of an old patch from jpeach.
2010-01-06	tdb: fix standalone 'make installdocs'	Stefan Metzmacher	2	-3/+4
	metze
2010-01-06	tdb: create symbol links to shared libraries see ↵	Brian Lu	1	-0/+4
	https://bugzilla.samba.org/show_bug.cgi?id=6991 for details Signed-off-by: Stefan Metzmacher <metze@samba.org>