| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This patch makes Samba compile cleanly with -Wwrite-strings.
- That is, all string literals are marked as 'const'. These strings are
always read only, this just marks them as such for passing to other functions.
What is most supprising is that I didn't need to change more than a few lines of code (all
in 'net', which got a small cleanup of net.h and extern variables). The rest
is just adding a lot of 'const'.
As far as I can tell, I have not added any new warnings - apart from making all
of tdbutil.c's function const (so they warn for adding that const string to
struct).
Andrew Bartlett
(This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
|
|
Jeremy.
(This used to be commit aa8439a49ec4b9f433745fefa1e769e45398f4df)
|
|
Jeremy.
(This used to be commit 784d15761c3271bfd602866f8f9f880dac77671c)
|
|
named. Ensure we can query them.
Jeremy.
(This used to be commit 842e08e52a665ae678eea239759bb2de1a0d7b33)
|
|
named. Ensure we can query them.
Jeremy.
(This used to be commit 09a218a9f6fb0bd922940467bf8500eb4f1bcf84)
|
|
server = DC1 *
(This used to be commit f49de4c5176bf635ac080e082fda412066b466c8)
|
|
server = DC1 *
(This used to be commit 6b18ca9511ddcf1718f222af3f61491d1e5f3b60)
|
|
Jeremy.
(This used to be commit ff3a8d37289216a2cb808406044a7abef1e564d0)
|
|
Jeremy.
(This used to be commit ec4ed45563f9d8e25fcfd88840944a90b3139c3e)
|
|
(This used to be commit 7d099e9a5b7164e8cdbdb93d8c4527f02c8bdefd)
|
|
should actual functional differences between HEAD and 3.0.
- Mostly reformatting
- Removal of unecessary #include "smb.h"
- Merge of dyn_DRIVERFILE removal
- Silly bug fix for python code
(This used to be commit d3998307adc50ba50defe610cb656c73799ae3b9)
|
|
90% fix for CR 1076. The password server parameter will no take things
like
password server = DC1 *
which means to contact DC1 first and the go to auto lookup if it
fails.
jerry
(This used to be commit 016ef8b36b30846311a5321803298f8e28719244)
|
|
90% fix for CR 1076. The password server parameter will no take things
like
password server = DC1 *
which means to contact DC1 first and the go to auto lookup if it
fails.
jerry
(This used to be commit c31a17889e3e4daf7c1e807038efc2c0fba78be3)
|
|
- const for PACKS() in lanman.c
- change auth to 'account before password'
- add help to net rpc {vampire,samsync}
- configure updates for sun workshop cc
- become_root() around pdb_ calls in auth_util for guest login.
Andrew Bartlett
(This used to be commit 43e90eb6e331d478013a9c038292f245edc51bd0)
|
|
- add static remove unnneded prototype
- move become_root() to just around pdb calls, so as to make it easier to
remove when we kill off this silly idea
- Change auth_sam to do 'account before password' rather than 'password before
account'. This means that we match Win2k in giving 'account disabled' instead
of 'wrong password' if the wrong password to a disabled account is used.
Andrew Bartlett
(This used to be commit e6d2debaf6064c3229f41c06545a1ccb83695a77)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
|
|
Jeremy.
(This used to be commit 90ac8184a0ae1f702d39f947ef5267765f3d2f88)
|
|
Jeremy.
(This used to be commit d46b4cb563850c77ee23b95df35a7f752a235d35)
|
|
- change auth_sam to use the initialisation flags to determine if
the password attributes are set
- add const to secrets.c, cliconnect.c
- passdb: fix spelling in pdb_ldap, add group mapping back to smbpasswd
- SAMR: add debugs to show what fails for group enum.
Andrew Bartlett
(This used to be commit 4e74d00b3634abf52aa24bfaa6dbe88202aa57a1)
|
|
lp_machine_password_timeout() is set to zero.
(This used to be commit 3692919aee186498848715505047a1cde83758b7)
|
|
lp_machine_password_timeout() is set to zero.
(This used to be commit 0fa87a68fea8b12242f644605aab7c2f81c1a4df)
|
|
(This used to be commit 6ba7847ce2756fde94e530fd0bf2a055f3e27373)
|
|
than the version in APPLIANCE so watch out for boogs.
(This used to be commit 1e054e3db654801fbb5580211529cdfdea9ed686)
|
|
NULL.
Andrew Bartlett
(This used to be commit 2115335857acd2c4f5c89b95227b3762f4c052b0)
|
|
(This used to be commit 918099f09618136c371e199803f5895f9cb702be)
|
|
The work here includes:
- metze' set/changed patch, which avoids making changes to ldap on unmodified
attributes.
- volker's group mapping in passdb patch
- volker's samsync stuff
- volkers SAMR changes.
- mezte's connection caching patch
- my recent changes (fix magic root check, ldap ssl)
Andrew Bartlett
(This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f)
|
|
that app-head does.
Jeremy.
(This used to be commit b521abd86b10573ca8f9116907c81e6deb55f049)
|
|
that app-head does.
Jeremy.
(This used to be commit ec7953f20145799f6286a295472df4826bfdfb8f)
|
|
The actual design change is relitivly small however:
It all goes back to jerry's 'BOOL store', added to many of the elements in a
SAM_ACCOUNT. This ensured that smb.conf defaults did not get 'fixed' into
ldap. This was a great win for admins, and this patch follows in the same way.
This patch extends the concept - we don't store values back into LDAP unless
they have been changed. So if we read a value, but don't update it, or we
read a value, find it's not there and use a default, we will not update
ldap with that value. This reduced clutter in our LDAP DB, and makes it
easier to change defaults later on.
Metze's particular problem was that when we 'write back' an unchanged value,
we would clear any muliple values in that feild. Now he can still have his
mulitivalued 'uid' feild, without Samba changing it for *every* other
operation.
This also applies to many other attributes, and helps to eliminate a nasty
race condition. (Time between get and set)
This patch is big, and needs more testing, but metze has tested usrmgr, and
I've fixed some pdbedit bugs, and tested domain joins, so it isn't compleatly
flawed ;-).
The same system will be introduced into the SAM code shortly, but this fixes
bugs that people were coming across in production uses of Samba 3.0/HEAD, hence
it's inclusion here.
Andrew Bartlett
(This used to be commit 7f237bde212eb188df84a5d8adb598a93fba8155)
|
|
from APP_HEAD
(This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
|
|
from APP_HEAD
(This used to be commit 38c9e4299845fd77cc8629945ce2d259489f7437)
|
|
- Fix segfaults in the 'net ads' commands when no password is provided
- Readd --with-ldapsam for 2.2 compatability. This conditionally compiles the
old options, but the actual code is available on all ldap systems.
- Fix shadow passwords (as per work with vl)
- Fix sending plaintext passwords to unicode servers (again vl)
- Add a bit of const to secrets.c functions
- Fix some spelling and grammer by vance.
- Document the -r option in smbgroupedit.
There are more changes in HEAD, I'm only merging the changes I've been involved
with.
Andrew Bartlett
(This used to be commit 83973c389355a5cc9ca74af467dfd8b5dabd2c8f)
|
|
Basicly, the password and the salt must be taken from the same place in both
passwd and shadow based systems. Taking salt from one, and password from the
other just doesn't work.
So pull them from passwd, then overwrite them if need be.
When modifying this file, watch the #ifdef hell - as vl found out, some
variables are globals - but only with #ifndef WITH_PAM, and the code jumps all
over the place with the password cracker.
Getting double-reviews of any change to this file highly advised, it is one of
our most system-specifc areas of code.
(So now I get to take the blame for this one... :-)
Andrew Bartlett
(This used to be commit f39f167900db3f06ec3c52c3ddf61e8bf3d57f56)
|
|
Volker, I would like to understand what you are trying to do here...
I'll trust that it's broken (this code is certainly not well tested) but I do
want to keep a close eye on the fixes...
Andrew Bartlett
(This used to be commit 4b72f84cf9bc3f7583318d5dff97257f9dc5b87f)
|
|
'security = user', 'encrypt passwords = no' did not work anymore.
This is on quite a standard SuSE 7.3, ./configure.developer --with-tdbsam.
I can provide a config.log / config.h on demand.
Please re-check for consequences, I don't really oversee that file.
Thanks,
Volker
(This used to be commit ba754b57ddb78dadedcb7b5877cbee5bab08181e)
|
|
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
|
|
NT_TOKEN and the unix credentials - as we incresingly use the NT stuff we want
to make it easy to check they don't get out of wack.
Andrew Bartlett
(This used to be commit a3882a19254811ace2f9545580c14ce3bd588095)
|
|
the DC being out of sync with the local machine.
(This used to be commit 0d28d769472ea3b98ae4c8757093dfd4499f6dd1)
|
|
(This used to be commit 2011a38f3bd1e51aa1ca0219a9e46da12426cbc3)
|
|
(This used to be commit 7decd4b3a9e6900ab35f7bf5b266361f308aa58d)
|
|
Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl>
It includes a conversion of make_user_info*() to NTSTATUS and some minor
changes to other files.
It also picks up on a nasty segfault that can occour in some security=domain
cases.
Andrew Bartlett
(This used to be commit d1e1fc3e4bf72717b3593685f0ea5750d676952a)
|
|
the CIFS conference - finally got purify working
(This used to be commit cf9bb66aa9c3217cb8394058c65c84ffc6ae269a)
|
|
changed cli_nt_setup_creds() to call cli_net_auth_2 or cli_net_auth_3 based on a switch.
pass also the negociation flags all the way.
all the places calling cli_nt_setup_creds() are still using cli_net_aut2(), it's just for future use and for rpcclient.
in the future we will be able to call auth_2 or auth_3 as we want.
J.F.
(This used to be commit 4d38caca40f98d0584fefb9d66424a3db5b5789e)
|
|
(This used to be commit 0d562b81bfd176111a1046560c39b03d986f90ec)
|
|
- Don't print an uninitialised buffer in service.c
- Change some charcnv.c functions to take smb_ucs2_t ** instead of void **
- Update NTLMv2 code to use dynamic buffers
- Update experimental SMB signing code - still more work to do
- Move sys_getgrouplist() to SAFE_FREE() and do a DEBUG() on initgroups()
failure.
Andrew Bartlett
(This used to be commit de1964f7fa855022258a84556b266100b917444b)
|
|
Andrew Bartlett
(This used to be commit 17096315a0f30f946ddecb79708604a111c37011)
|
|
(This used to be commit 24fa84bda49a3a77fbc092652a0b6b132f06ff7c)
|
|
Andrew Bartlett
(This used to be commit 7cad7814555645aa3bee95fb48fbd694e6a9e313)
|
|
our authenticaion code - removing some of the duplication from the current
code.
This also gets us *much* closer to supporting a real SAM backend, becouse the
SAM can give us the right info then.
This also changes our service.c code, so that we do a VUID (rather than uid)
cache on the connection struct, and do full NT ACL/NT_TOKEN checks (or cached
equivilant) on every packet, for the same r or rw mode the whole share was open
for.
Andrew Bartlett
(This used to be commit d8122cee059fc7098bfa7e42e638a9958b3ac902)
|
