Age | Commit message (Collapse) | Author | Files | Lines |
|
Add in new ones that run STF, after setting up a PATH and
LD_LIBRARY_PATH that will let them find samba in the build directory.
LD_LIBRARY_PATH is probably not portable but without libtool I don't
know a portable way to do it. Perhaps the simple solution is just to
link these things statically?
(This used to be commit 27c1626ae0a30bf0f01ea6d6df5836425e6f9547)
|
|
(This used to be commit 2c17cb1bd27658ac7a72cb9eccb4b048e9d0ec5f)
|
|
grows too much larger.
(This used to be commit 4bbddbfc6a97ebb11e299aa7bd07ebebeab42c65)
|
|
Add bin/t_stringoverflow test case. Not built by default.
(This used to be commit 7741bb8d18e7ba16522c00513174f2909d75535d)
|
|
(This used to be commit 97daece056516e52e56bf5a749676e7c53e087e3)
|
|
This patch enables the compile-time checking of strings assable by means of
sizeof(). (Original code had the configure check reversed).
This is extended to all safe_strcpy() users, push_string and pull_string,
as well as the cli and srv derivitives. There is an attempt to cap strings
at the end of the cli buffer, and clobber_region() of the speified length
(when not -1 :-).
Becouse of the way they are declared, the 'overmalloc a string' users of
safe_strcpy() have been changed to use overmalloc_safe_strcpy() (which skips
some of the checks).
This whole ball of mud worked fine, until I pulled out my 'fix' for our
statcache. When jeremy fixes that, we should be able to get back to testing
this stuff.
This patch also includes a 'marker' of the last caller to clobber_region (ie,
the function that called pstrcpy() that called clobber_region) to assist in
debugging problems that may have smashed the stack. This is printed at
smb_panic() time. (Original idea and patch by metze).
It also removes some unsused functions, and #if 0's some others that are
unused but probably should be used in the near future.
For now, this patch gives us some confidence on one class of trivial parsing
error in our code.
Andrew Bartlett
(This used to be commit 31f4827acc2a2f00399a5528fc83a0dae5cebaf4)
|
|
dereferencing
(This used to be commit 2487480228b99183cab9e34ab497997e0c144ed6)
|
|
(This used to be commit 3f4cb7b2c4d9b54b41bcc184ccfd00032e2b021b)
|
|
for testing than the .so. (http://www.laputan.org/mud/mud.html)
(This used to be commit 386087d77f836b8133afc977c9c3e8e7845125dc)
|
|
(This used to be commit 7717555438e4d74bb63d12abde3573933c15342a)
|
|
The intention is to allow for NTLMSSP and kerberos signing of packets, but
for now it's just what I call 'simple' signing. (aka SMB signing per the SNIA
spec)
Andrew Bartlett
(This used to be commit b9cf95c3dc04a45de71fb16e85c1bfbae50e6d8f)
|
|
The intention is to remove the muliple passdb backends, but we need the
'guest' account to always be there. If the admin adds the guest account to
(say) LDAP, there will only be one backend required for operation.
This helps remove some nasty behaviours with adding accounts to the system
for both the RPC 'create user' and the SAMSYNC code. Users 'added' with
an 'add user/machine' script won't magicly appear, and machine accounts
'pre-added' to unix, but not the smbpasswd file will not cause mayhem.
This commit also implements somthing tridge discussed with me, the concept
of 'default' passdb operation pointers - so that each backend does not
need it's own stub funcitons wrapping the default tdb privilages/group
mapping code.
This also removes an implicit 'sid->name' and 'name->sid' mapping from our
own local SID space, to winbind usernames. When adding mapping for NIS/LDAP
non-sam users in future, we need to be careful.
Andrew Bartlett
(This used to be commit 6f32fa234961a525760a05418a08ec48d22d7617)
|
|
(This used to be commit 3805a9c5d5e98e089e1cd9e794f7204fc354a311)
|
|
This patch adds the architecture for an IDMAP backend system including a new
smb.conf parameter "winbind backend". Right now, the only valid value is "tdb"
but I'm currently working on an LDAP backend.
(This used to be commit 35e4448dcb2deb0d5d34d9e974a49f2fb31f1356)
|
|
(pdbedit already has a -V option..)
(This used to be commit 5de622968d95c1436dbd34edc8d0a9bbff68916b)
|
|
(This used to be commit 8d166ae093655a5a14a7478c7a84474b43e8ee97)
|
|
and vfstest.
(This used to be commit bcbc2213230e95d732a774b5aee67295fba4380b)
|
|
(This used to be commit 651be759b3db98133feb6fe8c578964ec7b5cf71)
|
|
(This used to be commit ba25db83f241a28200132f3dc52f7f5f93a3b00e)
|
|
users w/o full administrative access on computer accounts to join a
computer into AD domain.
The patch and detailed changelog is available at:
http://www.itcollege.ee/~aandreim/samba
This is a list of changes in general:
1. When creating machine account do not fail if SD cannot be changed.
setting SD is not mandatory and join will work perfectly without it.
2. Implement KPASSWD CHANGEPW protocol for changing trust password so
machine account does not need to have reset password right for itself.
3. Command line utilities no longer interfere with user's existing
kerberos ticket cache.
4. Command line utilities can do kerberos authentication even if
username is specified (-U). Initial TGT will be requested in this case.
I've modified the patch to share the kinit code, rather than copying it,
and updated it to current CVS. The other change included in the original patch
(local realms) has been left out for now.
Andrew Bartlett
(This used to be commit ce52f1c2ed4d3ddafe8ae6258c90b90fa434fe43)
|
|
of libsmb.
Andrew Bartlett
(This used to be commit b5ec7efa80478187124c1cfa8c7fcc4036506a37)
|
|
(This used to be commit b44be1c7c4b8c7a8c1d35fe8b24aeff0ff0af32b)
|
|
hooked into pdb, and we need some access control on changing privileges. That's next
(This used to be commit f4f1f84a6bf1d356ccc83f0ecb135bef4a39619e)
|
|
(This used to be commit fa4961b1fc9f0ab2a1c32c56c6200d86a61093c9)
|
|
(This used to be commit cf167e9249fee0ea871c0dac28e9a21aeeebd614)
|
|
Andrew Bartlett
(This used to be commit f364921864bf4c33580c432f0d328c7ffc48a7df)
|
|
Perhaps this generated file should be autobuilt on samba.org for the
build farm and the tarballs.
Andrew Bartlett
(This used to be commit b8a07da68053b3eebb4f8c9ca9e620a67c878d15)
|
|
(This used to be commit d2fe7e38b287b87d6c76a9b73724118928941e93)
|
|
(This used to be commit 9f3525967d3a55a0156544733a1e83711bf4be78)
|
|
support shared libraries
(This used to be commit f739a7263d9da6edc2ecba5b942253c22f7cb3f8)
|
|
(This used to be commit 58a7744f4abebfbf87b9050b98db25c51321defa)
|
|
(This used to be commit a96592fb69fdebc5abe97a0b46055bd1486e7b94)
|
|
I have not tested this in a GNU MAKE environment yet.
(This used to be commit 5e99472d5b68dc393a5468b8949c3ad962a239f7)
|
|
for instructions.
(This used to be commit d51e12df78ff8fc721d693fedbd1c633f39edd49)
|
|
Andrew Bartlett
(This used to be commit 9128aa3dd2f4bf4a21adac51be1da7c6380d23a0)
|
|
(This used to be commit dfeab6ff24e87e3459d28aa4bbaa5187505c199c)
|
|
eliminate the dependency on the auth subsystem. The next step is to add
the required code to 'ntlm_auth', for export to Squid etc.
Andrew Bartlett
(This used to be commit 9e48ab86da40e4c1cafa70c04fb9ebdcce23dfab)
|
|
This tries to extract our server-side code out of sessetup.c, and into a more
general lib. I hope this is only a temporay resting place - I indend to
refactor it again into an auth-subsystem independent lib, using callbacks.
Move some of our our NTLMSSP #defines into a new file, and add two that I found
in the COMsource docs - we seem to have a double-up, but I've verified from
traces that the NTLMSSP_TARGET_TYPE_{DOMAIN,SERVER} is real.
This code also copes with ASCII clients - not that we will ever see any here,
but I hope to use this for HTTP, were we can get them. Win2k authenticates
fine under forced ASCII, btw.
Tested with Win2k, NTLMv2 and Samba's smbclient.
Andrew Bartlett
(This used to be commit b6641badcbb2fb3bfec9d00a6466318203ea33e1)
|
|
(This used to be commit 0f8ba688d427febecfd94e02f1779f4a699a0df2)
|
|
(This used to be commit 63d057fc7880d2522202451288087306e8fa3806)
|
|
objects.
Andrew Bartlett
(This used to be commit 23abf75adef2f400414dfafa1248f5f886ae27c0)
|
|
make it fiddle with NT ACLs (or report no ACL, so Samba fakes it up).
The idea here is that Samba reports an NT ACL to Windows clients, which use
that ACL in downloaded profiles.
If the user doesn't have write permissions on the directories being downloaded,
then it cant put the subfolders in (yes, NT will set perms so that it can't
access the dir as the user the created it) and the profile download fails.
The current solution it to give the user unix write perms to the folders, but
this is rather dangerous - sombody could trojen the profile. This should
avoid that mess.
I'll test this out properly next week, but it works in vfstest (thanks idra!).
Andrew Bartlett
(This used to be commit 1ad782282a3eb4f89c489a77ad8404099d41d0f9)
|
|
(This used to be commit 773e5af6eb61fc38f8e45ea0a2afd6922cc71fd5)
|
|
introduce genparser will be used by tdbsam2
(This used to be commit 831d3d1ec751f23481f26b31d22b09f3d9c0709a)
|
|
server = DC1 *
(This used to be commit 6b18ca9511ddcf1718f222af3f61491d1e5f3b60)
|
|
Fix a couple of duplicated macros.
(This used to be commit 5273844a748230f710d860e33bdcde1c0b1e6c6f)
|
|
Less Fir needed.
(This used to be commit 481fa87154a15eebd5a59ac4de9912fa932a42e7)
|
|
strncpy() to make it clear that we must operate on a PATH_MAX sized buffer.
Andrew Bartlett
(This used to be commit 49d9698ef08d66dc238b2e3469da8944b444dfa1)
|
|
Andrew Bartlett
(This used to be commit 3f5608c7e0175184fa599176178d391d54087b3d)
|
|
(This used to be commit f5fa4801ceb56b21facccb382db09165936df319)
|