Age | Commit message (Collapse) | Author | Files | Lines |
|
plus internal fixes
1st stage
(This used to be commit 6d036761e565bc93964bb3c939d5b7d78d5778a3)
|
|
SAM_ACCOUNT does not have anymore uid and gid fields
all the code that used them has been fixed to use the proper idmap calls
fix to idmap_tdb for first time idmap.tdb initialization.
auth_serversupplied_info structure has now an uid and gid field
few other fixes to make the system behave correctly with idmap
tested only with tdbsam, but smbpasswd and nisplus should be ok
have not tested ldap !
(This used to be commit 6a6f6032467e55aa9b76390e035623976477ba42)
|
|
(This used to be commit 5ac94535d7b7ce0cc0d44b9a77d6e42ddfd0cd26)
|
|
(This used to be commit 6fbee12a8170e0bce4e94806105786b38160ada5)
|
|
- Add a 'privileged' mode to Winbindd. This is achieved by means of a directory
under lockdir, that the admin can change the group access for.
- This mode is now required to access with 'CRAP' authentication feature.
- This *will* break the current SQUID helper, so I've fixed up our ntlm_auth
replacement:
- Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a
challenge.
- Use this to make our ntlm_auth utility suitable for use in current Squid 2.5
servers.
- Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates
are needed.
- Now uses fgets(), not x_fgets() to cope with Squid environment (I think
somthing to do with non-blocking stdin).
- Add much more robust connection code to wb_common.c - it will not connect to
a server of a different protocol version, and it will automatically try and
reconnect to the 'privileged' pipe if possible.
- This could help with 'privileged' idmap operations etc in future.
- Add a generic HEX encode routine to util_str.c,
- fix a small line of dodgy C in StrnCpy_fn()
- Correctly pull our 'session key' out of the info3 from th the DC. This is
used in both the auth code, and in for export over the winbind pipe to
ntlm_auth.
- Given the user's challenge/response and access to the privileged pipe,
allow external access to the 'session key'. To be used for MSCHAPv2
integration.
Andrew Bartlett
(This used to be commit dcdc75ebd89f504a0f6e3a3bc5b43298858d276b)
|
|
(This used to be commit 7154fe10969a34b97ddc8321bfb5271b8e6d4795)
|
|
- packing/unpacking utility functions for trusted domain
password struct; can be used to prepare buffer to store
in secrets.tdb or (soon) passdb backend
- similiar functions for DOM_SID
- respectively modified secrets_(fetch|store) routines
- new auth mapping code utilising introduced is_trusted_domain
function
- added tdb (un)packing of single bytes
Rafal
(This used to be commit 5281ee7e84421b9be746aed2f1718ceaf2a2fe3d)
|
|
We check passdb becouse the user might have things like a logon script set,
but we have to check the passdb becouse the user might not be in smbpasswd at
all.
This is in preperation for the removal of unixsam as an assuption.
Andrew Bartlett
(This used to be commit 61e3e2695860c58f9b0e8d1856972318666682c8)
|
|
running winbind has been broken. This fixes that, by removing assumptions
about being able to call sid_to_uid() at will. This whole area needs
revising when we get groups into the PDB.
Andrew Bartlett
(This used to be commit 980eda74b7df347c38b567ce976197826963324a)
|
|
set the 'guest' bit.
Andrew Bartlett
(This used to be commit 960c53bf952de4431da4e90da035fcfbe98f1bd7)
|
|
- Don't use pstrcpy into an allocated string - use safe_strcpy() directly
instead.
- Keep a copy of the 'server_info' attached to the vuid. In future use this
for things like the session key, homedir and full name instead of current
copies.
- Try to avoid memory leak/segfault on Realloc failure
- clear up #endif comments
Andrew Bartlett
(This used to be commit 162477bb086827950b6cb71afa9bef62c2753c2e)
|
|
Jeremy.
(This used to be commit faf443e5198e270f1a60d7a0939074efca750a94)
|
|
Realloc()ed, causing it to fail.
Big thanks to Sandor Sonfeld <sonf@linuxmail.org> for the debug, stack and
valgrind traces!
Andrew Bartlett
(This used to be commit 7abca6d281da6388899f78e3440d7ce37bf2094e)
|
|
(signed/unsigned mixup).
Andrew Bartlett
(This used to be commit f42cf0783fa3aeddc4992021df9ee6f3b1aa58f3)
|
|
don't need a second just for pdb.
Also, remove magic 'is lp_guest_account' test - the magic RID should be
up to the passdb backend to set.
Andrew Bartlett
(This used to be commit f71c8338d35a2e8c73c3d8006ea6858cb522c715)
|
|
- add static remove unnneded prototype
- move become_root() to just around pdb calls, so as to make it easier to
remove when we kill off this silly idea
- Change auth_sam to do 'account before password' rather than 'password before
account'. This means that we match Win2k in giving 'account disabled' instead
of 'wrong password' if the wrong password to a disabled account is used.
Andrew Bartlett
(This used to be commit e6d2debaf6064c3229f41c06545a1ccb83695a77)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
|
|
The actual design change is relitivly small however:
It all goes back to jerry's 'BOOL store', added to many of the elements in a
SAM_ACCOUNT. This ensured that smb.conf defaults did not get 'fixed' into
ldap. This was a great win for admins, and this patch follows in the same way.
This patch extends the concept - we don't store values back into LDAP unless
they have been changed. So if we read a value, but don't update it, or we
read a value, find it's not there and use a default, we will not update
ldap with that value. This reduced clutter in our LDAP DB, and makes it
easier to change defaults later on.
Metze's particular problem was that when we 'write back' an unchanged value,
we would clear any muliple values in that feild. Now he can still have his
mulitivalued 'uid' feild, without Samba changing it for *every* other
operation.
This also applies to many other attributes, and helps to eliminate a nasty
race condition. (Time between get and set)
This patch is big, and needs more testing, but metze has tested usrmgr, and
I've fixed some pdbedit bugs, and tested domain joins, so it isn't compleatly
flawed ;-).
The same system will be introduced into the SAM code shortly, but this fixes
bugs that people were coming across in production uses of Samba 3.0/HEAD, hence
it's inclusion here.
Andrew Bartlett
(This used to be commit 7f237bde212eb188df84a5d8adb598a93fba8155)
|
|
NT_TOKEN and the unix credentials - as we incresingly use the NT stuff we want
to make it easy to check they don't get out of wack.
Andrew Bartlett
(This used to be commit a3882a19254811ace2f9545580c14ce3bd588095)
|
|
(This used to be commit 2011a38f3bd1e51aa1ca0219a9e46da12426cbc3)
|
|
(This used to be commit 7decd4b3a9e6900ab35f7bf5b266361f308aa58d)
|
|
Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl>
It includes a conversion of make_user_info*() to NTSTATUS and some minor
changes to other files.
It also picks up on a nasty segfault that can occour in some security=domain
cases.
Andrew Bartlett
(This used to be commit d1e1fc3e4bf72717b3593685f0ea5750d676952a)
|
|
the CIFS conference - finally got purify working
(This used to be commit cf9bb66aa9c3217cb8394058c65c84ffc6ae269a)
|
|
Andrew Bartlett
(This used to be commit 17096315a0f30f946ddecb79708604a111c37011)
|
|
Andrew Bartlett
(This used to be commit 7cad7814555645aa3bee95fb48fbd694e6a9e313)
|
|
our authenticaion code - removing some of the duplication from the current
code.
This also gets us *much* closer to supporting a real SAM backend, becouse the
SAM can give us the right info then.
This also changes our service.c code, so that we do a VUID (rather than uid)
cache on the connection struct, and do full NT ACL/NT_TOKEN checks (or cached
equivilant) on every packet, for the same r or rw mode the whole share was open
for.
Andrew Bartlett
(This used to be commit d8122cee059fc7098bfa7e42e638a9958b3ac902)
|
|
the new accessor functions.
Andrew Bartlett
(This used to be commit f393de2310e997d05674eb7f1268655373e03647)
|
|
The previous code both had basic logic flaws in it, and some subtle
issues regarding the Win2k info3 response.
I've tested this against Samba (it looks like that was missed last time
due to the 'called name' corruption - which broke my testsuite) and
accomidated what I've seen from a info3 printout jmcd gave me.
I'll get this tested fully as soon as I get my VMware going again.
Andrew Bartlett
(This used to be commit 87eba4c811293d2428bfb9bc36de22e66dce7f8b)
|
|
It extends the 'server mutex' to conver security=server, becouse the connection
race condition exists here too, and while people *should* use security=domain,
some sites don't....
(This probably should be done in 2.2 as well).
Also, start to actually extract and use the information that the remote
server returns in the info3 struct.
The server mutex code is now in a new file.
Andrew Bartlett
(This used to be commit 9b0dabdf4ec3bb45879caae76e03b57ccdad8b4b)
|
|
(This used to be commit bfd8a33c68a3747cbad21667d7515aebd61ec537)
|
|
Importantly:
The removal of the silly 'delete user script' behaviour when secuity=domain.
I have left the name the same - as it still does the (previously documented,
but not in smb.conf(5)) sane behaviour of deleting users on request.
When we decide what to do with the 'add user' functionality, we might
rename it.
Andrew Bartlett
(This used to be commit cdcfe3671eb7570e15649b77f708e6579055e7bc)
|
|
(This used to be commit d222bc8c4b620095a21ba327940d4750d5dee753)
|
|
(This used to be commit ae5d24873ad0fb3df970cc9912e18e6a5067ae2d)
|
|
(This used to be commit a5ac2ac4ada48ee3be061a32ba40bd8c4b3b3865)
|
|
(This used to be commit aa5f125bc0efeee99254e03f36426420db676527)
|
|
use' duirng login).
Picked up from a post to a TNG list by Volker.
Andrew Bartlett
(This used to be commit f81882fc9510aadd7d1db77753b307800ab50f9b)
|
|
(This used to be commit 3bf4b42771d115500941be374bfdd9b8c2fdba4a)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
password check into its own helper funciton. (This will allow it to be called
from other places).
Andrew Bartlett
(This used to be commit 9e96f438057da21254f40facdd9a31dd20652f35)
|
|
Andrew Bartlett
(This used to be commit 9bfe54a3d484919fe830f9c6ae01f67663974af2)
|
|
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps
them around for a long time - often past the next call...
This adds a getpwnam_alloc and a getpwuid_alloc to the collection.
These function as expected, returning a malloced structure that can be
free()ed with passwd_free(&passwd).
This patch also cuts down on the number of calls to getpwnam - mostly by
taking advantage of the fact that the passdb interface is already
case-insensiteve.
With this patch most of the recursive cases have been removed (that I know
of) and the problems are reduced further by not using the sys_ interface
in the new code. This means that pointers to the cache won't be affected.
(This is a tempoary HACK, I intend to kill the password cache entirly).
The only change I'm a little worried about is the change to
rpc_server/srv_samr_nt.c for private groups. In this case we are getting
groups from the new group mapping DB. Do we still need to check for private
groups? I've toned down the check to a case sensitve match with the new code,
but we might be able to kill it entirly.
I've also added a make_modifyable_passwd() function, that copies a passwd
struct into the form that the old sys_getpw* code provided. As far as I can
tell this is only actually used in the pass_check.c crazies, where I moved
the final 'special case' for shadow passwords (out of _Get_Pwnam()).
The matching case for getpwent() is dealt with already, in lib/util_getent.c
Also included in here is a small change to register the [homes] share at vuid
creation rather than just in one varient of the session setup. (This picks
up the SPNEGO cases). The home directory is now stored on the vuid, and I
am hoping this might provide a saner way to do %H substitions.
TODO: Kill off remaining Get_Pwnam_Modify calls (they are not needed), change
the remaining sys_getpwnam() callers to use getpwnam_alloc() and move
Get_Pwnam to return an allocated struct.
Andrew Bartlett
(This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da)
|
|
Also set the default value of all the allocated strings to "" to avoid changing
the interface (becouse pdb_get...() would point to a null string, rather than a
null pointer and parts of samba rely on that).
Andrew Bartlett
(This used to be commit 5b4079f748e25f21162e21b439063249baf8dca6)
|
|
Replace this with some flags that *we* define. We can do a mapping later
if we actually get some more reliable info about what passwords are actually
valid.
Andrew Bartlett
(This used to be commit 7f7a42c3e4d5798ac87ea16a42e4976c3778a76b)
|
|
The auth_authsupplied_info typedef is now just a plain struct - auth_context,
but it has been modified to contain the function pointers to the rest
of the auth subsystem's components.
(Who needs non-static functions anyway?)
In working all this mess out, I fixed a number of memory leaks and moved the
entire auth subsystem over to talloc().
Note that the TALLOC_CTX attached to the auth_context can be rather long-lived,
it is provided for things that are intended to live as long. (The
global_negprot_auth_context lasts the whole life of the smbd).
I've also adjusted a few things in auth_domain.c, mainly passing the domain as
a paramater to a few functions instead of looking up lp_workgroup(). I'm
hopign to make this entire thing a bit more trusted domains (as PDC) freindly
in the near future.
Other than that, I moved a bit of the code around, hence the rather messy diff.
Andrew Bartlett
(This used to be commit 12f5515f556cf39fea98134fe3e2ac4540501048)
|
|
(This used to be commit 3d812aacff98eec62c748cb89109a2e58806d92d)
|
|
Andrew Bartlett
(This used to be commit 6673fdda3cb6b90189d8f82274fdffa89f68101b)
|
|
- fixed gid* bug in rpc_server
(This used to be commit 48aa90c48c5f0e3054c4acdc49668e222e7c0d36)
|
|
Fixed up error returns in get_correct_cversion().
Jeremy.
(This used to be commit 7ce2d1fe37d2be26c407f3dc9427851d00ca216a)
|
|
the method used for checking if a domain is a trusted domain is very
crude, we should really call a backend fn of some sort. For now I'm
using winbindd to do the dirty work.
(This used to be commit adf44a9bd0d997ba4dcfadc564a29149531525af)
|
|
and somehow this worked when both were provided, but not when only one was.
(This used to be commit 477309b1e653761b291daa4693976d341880beab)
|