| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
|
|
This patch may not yet compile with -DUSE_SSL enabled, further
Makefile changes may be needed. But it was important to get
this code in place before I go off to USENIX.
Jeremy.
(This used to be commit 31e768369fdc61e07c59630c86c62239f3d3f3f7)
|
|
clientutil.c: Fixed NT session to add NT password.
groupname.c: Added lookup function.
Jeremy.
(This used to be commit 8216363e83fcdccfade70f983830b56b7e6546a4)
|
|
available) when scanning server/workgroup/share lists.
ipc.c: Removed redundent definition of ERROR_MORE_DATA (234) we already have
ERRmoredata in smb.h
Jeremy.
(This used to be commit ae3510e9fb309be343e245d8460c1ceb8164077b)
|
|
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
|
|
get stuck on systems with broken headers (like SunOS4). In this case
use StrCaseCmp instead of strcasecmp
(This used to be commit 1386c6e25a2cf05c5c48b7a5094db3b2a6f5a5b3)
|
|
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
|
|
It is changing the global variables "myname" and "myworkgroup"
to "global_myname" and "global_myworkgroup" respectively.
This is to make it very explicit when we are messing
with a global (don't ask - it makes the domain client
code much clearer :-).
Jeremy.
(This used to be commit 866406bfe399cf757c8275093dacd5ce4843afa0)
|
|
with gcc. (Not a big change although it looks like it :-).
Jeremy.
(This used to be commit cd2613c57261456485fe4eeecfda209ada70de8e)
|
|
action is passed to do_dir.
Changes to clitar.c as requested by Canon Information Systems Research Australia:
1. Support restoring long file names
2. Write directory entries to TAR files as first part of setting directory create
times
3. Ensure zero length files get correct mtime
4. Allow DOS and UNIX pathnames in command line parameters.
(This used to be commit 0c228f0b33950c8d38de0529e88a38848742a50d)
|
|
smb.conf.
smbpasswd.c: Removed bugs I put in yesterday (thanks Luke :-) and added error
message reporting for remote password changing.
Jeremy.
(This used to be commit 6a3394a285a250d1029cdd545dd0bf832284555a)
|
|
Changed smbpasswd to be client-server for a normal user, rather
than accessing the private/smbpasswd file directly (it still accesses
this file directly when run as root, so root can add users/change a
users password without knowing the old password).
A shakeout of this change is that smbpasswd can now be used to
change a users password on a remote NT machine (yep - you heard
that one right - we can now change a NT password from UNIX !!!!!).
Jeremy.
(This used to be commit 20770b6f1c25288e90d3e0d215afa7f0809ce124)
|
|
"name resolve order" parameter.
source/Makefile: Re-ordered link for name resolve order code.
source/clientgen.c:
source/clientutil.c: Added calls to resolve_name().
source/includes.h: Added HPUX zombie fix.
source/loadparm.c: Added new name resolve order parameter.
source/namequery.c: Re-wrote to include parsing of lmhosts file, new resolve_name()
function requested by John.
source/nmbd.c: Tell resolve_name not to do WINS lookups if we are the WINS server.
source/nmbd_lmhosts.c: Call lmhosts parsing functions in namequery.c
source/password.c: Call resolve_name() to lookup security=server name.
source/reply.c:
source/time.c:
source/trans2.c: "fake directory create times" fix from Jim Hague - hague@research.canon.com.au.
source/util.c: Removed isalnum() test in Get_Hostname() that seems to cause
problems on many systems.
Jeremy.
(This used to be commit 7f118970da7c43eaddcf92dc056d3e849f1e7d5c)
|
|
testparm.
In particular I added:
- ability to optionally save default values of all parameters when
calling lp_load(). This can then be used to save only non-default
parameters in lp_dump(). This makes the saved smb.conf (and viewed
parameters in testparm) much shorter
- ability to not load ipc share in lp_load()
- separators in parm_table[] so parameters can be grouped logically.
- flag to mark parameters that are local but which should be also
viewed as global as far as parameters editing is concerned
(This used to be commit f9af35da26e58fb0b644b5f0169f1c212230047a)
|
|
Kanji support is one case of multibyte character
support, rather than being a specific case in
single byte character support.
This allows us to add Big5 Chinese support (code page 950)
and Korean Hangul support (code page 949) at very little
cost. Also allows us to easily add future multibyte
code pages.
Makefile: Added codepages 949, 950 as we now support more multibyte
codepages.
asyncdns.c: Fixed problem with child being re-spawned when parent killed.
charcnv.c
charset.c
client.c
clitar.c
kanji.c
kanji.h
smb.h
util.c
loadparm.c: Generic multibyte codepage support (adding Big5 Chinese
and Korean Hangul).
nmbd.c: Fixed problem with child being re-spawned when parent killed.
mangle.c: Modified str_checksum so that first 15 characters have more
effect on outcome. This helps with short name mangling as
most 'long' names are still shorter than 15 chars (bug was
foobar_mng and foobar_sum would hash to the same value, with
the modified code they hash differently.
Jeremy.
(This used to be commit 299016338cfb47f0c585875ef9b468121fcee97d)
|
|
(This used to be commit 140fba461bc22f26055c13b04a084d2df16ac604)
|
|
<james.szinger@yale.edu>).
Jeremy.
(This used to be commit 7123405d6351cf6457adb1199dab3c6416bf9865)
|
|
This is merely updating the Copyright statements from 1997 to 1998.
It's a once a year thing :-).
NO OTHER CHANGES WERE MADE.
Jeremy.
(This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c)
|
|
smbmount: This is a stripped down smbclient that communicates with
the Linux 2.1.x kernel to supply authenticated smb connections for
smbfs mount points.
smbmnt/smbumount: setuid commands that do the actual smb mount system
call after having done the appropriate security checks
(This used to be commit ccbbc4e647ad900b215dae949d5bcd45671c68c8)
|
|
- client.c had a workaround embedded in it for his
earlier bug in StrnCaseCmp - removed this.
Jeremy.
(This used to be commit 7cb4e4b099cef0be3a7440bd5feb8b3d0c3c5f18)
|
|
clientgen.c:
clientutil.c:
clitar.c: Changed usage of receive_smb to new function client_receive_smb
except for one use of receive_smb in client.c. This is the
receive_smb used to discard packets received whilst in a
keyboard wait state.
util.c: Created new function client_receive_smb that ignores session
keepalives just as the old receive_smb used to do. Created
internal function read_smb_length_return_keepalive that is
used internally by the changed receive_smb call.
Changed read_smb_len to not use an internal buffer - it is
never called with a null buffer so such code is redundant.
Jeremy.
(This used to be commit 1084fb46821cb96702da35439da4a8df9d255698)
|
|
(This used to be commit c779ed654ec7d9f1fc870476a05d2294e8c0faea)
|
|
(This used to be commit 8ced76c4c71c67c54bf0deedff5a7adfca04e4f3)
|
|
"interpret_security" and similar functions. This also means that
testparm produces string values for these enumerated types rather than
an integer. This was done to make the web interface much cleaner.
While I was doing this I found a couple of very nasty bugs in the
parm_table code. Someone had added a handle_character_set() function
that treated the char** pointer for a P_STRING as an integer! This
would have caused memory corruption for anyone using the "character
set" option. The loadparm code is delicate - please be careful about
using it's more esoteric features!
I've also removed the "coding system" global and made it a
P_STRING. The integer value was never used anywhere in Samba.
(This used to be commit bac6b0daa288e879330e3d585582122bb93a1ffb)
|
|
remove problems.
Jeremy
(This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
|
|
separated out smb server-mode password validation into a separate file.
added called and calling netbios names to client gen state: referenced
section in rfc1002.txt.
created workstation trust account checking code in ntclient.c
there might be a bug in reply_session_setup_andX. i indented and added { }
around single-line if statements: the lm password checking code now doesn't
look right (around the GUEST_SESSSETUP bits). *no code semantics have been
changed by the indentation process*.
(This used to be commit f27966957fa7f16d337a4a58719239d036deab4c)
|
|
rpc_pipes/ntclientlsa.c rpc_pipes/ntclientnet.c
rpc_pipes/ntclientpipe.c :
added extra argument to cli_call_api() to allow specifying the length of
the \PIPE\ name. it appears that, like when the name of the pipe is NULL
and OS-2 requires two extra bytes _after_ the NULL name, that NT requires
two bytes after the NULL-terminated name "\PIPE\". these two bytes vary,
but values seen so far are: 0x72 0x70; 0x63 0x65; 0x44 0x65; 0x4E 0x00.
there appears not to be much logic to this. purpose unknown.
ntclient.c:
put Set Named Pipe Handle State call directly after SMBopenX call.
(This used to be commit 54c245be152e5fa8f5b535c93f8d11c5f591e23f)
|
|
techniques more accurately.
(This used to be commit 054e3b2ae3a8cfb98fde72becef9b05de34d2ba7)
|
|
in clientutil.c (Luke, you can't just copy a global variable
declaration from one file to another, you need to declare one of them
extern)
(This used to be commit 944ecbcbd47afcc20e2e408a06d57c7b8d0d86a8)
|
|
adding bits for new nt domain code
byteorder.h :
trying to get macros right, and not to crash on SUNOS5...
client.c :
added #ifdef NTDOMAIN, and created do_nt_login() function. don't
want to have to recompile client.c unless absolutely necessary.
credentials.c :
moved deal_with_creds() [possibly inappropriately] into credentials.c
ipc.c reply.c server.c uid.c :
attempting to make (un)become_root() functions calleable from smbclient.
this is a little tricky: smbclient might have to be another setuid
root program, immediately setuid'ing to non-root, so that we can
reset-uid to root to get at the smbpasswd file. or, have a secure
pipe mechanism to smbd to grab smbpasswd entries. or the like.
smbdes.c smbencrypt.c :
created a function to generate lm and nt owf hashes.
lsaparse.c ntclient.c smbparse.c :
added nt client LSA_AUTH2 code. it works, too!
pipenetlog.c pipentlsa.c pipesrvsvc.c :
simplification. code-shuffling. getting that damn offset right
for the opcode in RPC_HDR.
smb.h :
changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL.
we might need to store the server times as well.
proto.h :
the usual.
(This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
|
|
added a structure that wraps nt errors as strings and enums, so we
can do a smb_nt_error() function.
Makefile ntclient.c :
added ntclient.c, broken out nt domain stuff into a separate file.
getting fed up of compile-times and size of client.c.
fixed the do_lsa_req_chal() function. made it read the response,
and return the challenge credentials received from the server.
next stop: do_lsa_auth_2().
client.c :
removed nt domain logon functions into a separate file.
pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c :
i'd broken the offsets of the RPC_HDR while trying to sort out the
nt client code. fixed it again. added some robustness stuff.
util.c :
the unistrn2() function was null-terminating the string at one
character too many.
(This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
|
|
cli_call_api(). sorting this for jeremy.
there is a discrepancy between the client.c list_servers() and the nmbsync.c
add_info() calls to cli_call_api() - one has an mdrcount of 1024, the other
of zero.
i don't know what difference this makes.
(This used to be commit d8c265c515985414962bb5187c9f92d016281dcc)
|
|
trying to set up the data parameters etc and not understanding what's going on.
in api_netlogTNP, added smb_io_rpc_hdr() call to decode the header received
(and in this instance, generated by do_lsa_req_chal()). and then noticed
that it's two bytes out. but i don't know how to do "byte parameters"
and it's not the same format as the LSA_REQCHAL received from nt workstations.
agh!
(This used to be commit 0cc8ce43e1d54b44237bb525f4cf6b77e7ca3ced)
|
|
and then send a LSA_REQ_CHAL down it.
(This used to be commit 473f21071fad603865358821b83df6b58c9a06a5)
|
|
send to \PIPE\ not \PIPE\NETLOGON.
ipc.c :
fstring name not being bzero'd caused problems when calling named_pipe().
(This used to be commit 2393c49b0509b8ce021f0acfba135219cd753cf9)
|
|
adding start of undocumented options to do NT domain logons, client-side.
starting with LSA_REQCHAL.
the code here happily crashes smbd: i'll investigate this further... :-)
smbparse.c pipeutil.c lsaparse.c :
moved some of the common make_xxxx() functions out of pipeutil.c
so that the make_xxxx and (smb/lsa)_io_xxxx functions now sit
together. makes sense, really...
added a make_q_req_chal() function.
restructured make_rpc_reply() and called it make_rpc_hdr(). created
functions create_rpc_reply() and create_rpc_response().
pipenetlog.c pipentlsa.c pipesrvsvc.c
calling new create_rpc_reply() function instead of old make_rpc_reply().
proto.h :
usual.
smb.h:
added enum for RPC_PACKET_TYPE
(This used to be commit b88ee3e16c6b671069f53ca2e9c5694ec8b1c030)
|
|
redid the split that i did a year ago, taking the functions in client.c
out into clientutil.c. guess what? we could now do encrypted password
NetServerEnum2 calls in nmbd, if we wanted to.
i can now use cli_call_api() to send to different pipes. i hope.
pipenetlog.c:
allow adding to users group _and_ to admin group. if adding to
guest group, don't allow adding to users or admin as well.
smb.h :
added some pipe #defines (\PIPE\NETLOGON \PIPE\srvsvc ...)
proto.h :
usual.
(This used to be commit 6ee065ce6e099acfc7e83ad399ef6e60b4c625c1)
|
|
I'm actually hoping to remove this module completely once we convert
nmbd to using the new (much cleaner) clientgen.c
smbclient now also reports if it connects as a guest user
(This used to be commit 3af8d855facfc436cb4b64fa58aca8c056a5348e)
|
|
(This used to be commit 1cccd7c519b8a706567477629bee70f7b7267b5c)
|
|
locking.c: Removed USE_OPLOCKS - now the default.
params.c: Removed unused variable.
proto.h: Updated.
reply.c: Removed USE_OPLOCKS - now the default.
server.c: Removed USE_OPLOCKS - now the default.
smb.h: Removed USE_OPLOCKS - now the default.
smbparse.c: Changed shadowed variable.
status.c: Removed USE_OPLOCKS - now the default.
util.c: Removed USE_OPLOCKS - now the default.
Jeremy (jallison@whistle.com)
(This used to be commit b93509846d6291771787af457500eec8984ee6bd)
|
|
(This used to be commit 0eb9a590430c328e6ebc46ff8ab05f181921769a)
|
|
Caused proto.h to be from a sorted list of C files.
arcfour.h: Added prototypes.
client.c: Added username%password in environment patch from John Blair <jdblair@frodo.tucc.uab.edu>
loadparm.c: Added username manipulation code from Peter McCool [SMTP:peter@qimr.edu.au]
username.c: Added username manipulation code from Peter McCool [SMTP:peter@qimr.edu.au]
mkproto.awk: Added arc4_key type.
proto.h: Updated & sorted.
Jeremy (jallison@whistle.com)
(This used to be commit 97ed4fea67095dfb83227e7b5fffc236ff277e02)
|
|
1) put the encryption code in by default, with no #ifdef. It is still
disabled by default so you need to add "encrypt passwords = yes" in
smb.conf but at least all binaries will have it.
2) cleanup the kanji code so it compiles with no warnings
3) get rid of lots of uses of ugly non-portable C code. The main
offender being things like "register" but also remove uses of the
"const" keyword as there are compilers out there that don't support it
and even those that do often complain about its usage. Users don't
like warnings :-(
There is still some work to do. We need to replace the md4 code with
our own implementation. The current code (from rfc1186) is PD but is
not very portable. The new RFC (rfc1320) is more portable but adds
copyright restrictions. I'll do a from-scratch MD4 soon.
We also need to test that what I've implemented is portable. It should
be, but I'm too tired right now to test it on anything other than
intel linux.
(This used to be commit db917c62c14315afe6f0745a8097c1bca25cbf07)
|
|
mangle.c smb.h util.c:
Big merge to allow KANJI support to be in the main
binary without explicitly compiling with it.
locking.c: Fix for smbstatus not being able to read files.
namepacket.c: Removed unneccesary debug statement.
trans2.c: Added Luke's proposed fix (ifdefed out until further testing).
nmblookup.c: Fixed bug where query fails and status is done on bogus IP.
Jeremy (jallison@whistle.com)
(This used to be commit 9196255022ae8c51b527412747b324819bea2c13)
|
|
status.c: Made sure myhostname was initialised before substitutions.
server.c
trans2.c: Moved OS/2 WPS fix.
Jeremy (jallison@whistle.com)
(This used to be commit 8a12b6a4f0feec712f5c4e02e21198c455b060ae)
|
|
client.c : Fix crash bug. Add code to use BUFFER_SIZE for NetServerEnum calls.
namepacket.c: Fixed cast.
nmbsync.c : Add code to use BUFFER_SIZE for NetServerEnum calls.
smb.h : Set default client code page to 932 for KANJI.
system.c : Remove vendor specific code that crept in :-).
util.c : Added #define to allow Samba to behave as Win95 when doing
KANJI case insensitivity tests.
Jeremy (jallison@whistle.com)
(This used to be commit 7f7d2faa07b81ad435b2acc9318bc39d813020c6)
|
|
clientutil.c: Minor change to cast parameters for DEC unix.
ipc.c: Fixes to parameterise the stuff John wants.
loadparm.c: Fixes to parameterise the stuff John wants.
nameannounce.c: Fixes to parameterise the stuff John wants.
namedbwork.c: Fixes to parameterise the stuff John wants.
nameserv.h: Fixes to parameterise the stuff John wants.
proto.h: Fixes to parameterise the stuff John wants.
smb.h: Fixes to parameterise the stuff John wants.
util.c: tidy.
Jeremy (jallison@whistle.com)
(This used to be commit 9fbca2594ba775450d5dca13cbce257b4362ca66)
|
|
Dan
(This used to be commit 632bf0dab06bccd082a9fc64a62ff7c99982d2b6)
|
|
clitar.c: Added amanda fixes.
nameannounce.c: Removed redundent code.
nameelect.c: Removed redundent code.
nameserv.h: Removed redundent code.
nameservresp.c: Removed redundent code.
namework.c: Removed redundent code.
password.c: Prevented crash if getpwnam fails.
Jeremy (jallison@whistle.com)
(This used to be commit 760fe30353de66e8e6571f8ff4ec1064261b5428)
|
|
client.c: Made prompt appear at debug level 0. Fixed strcasecmp redefinition.
Caused client to use set_blocking rather than making fcntl calls itself.
dir.c: Removed redundent snum parameters.
includes.h: Added SCO fixes.
loadparm.c: Made default 'files to hide' a null string.
nmbd.c: Removed O_NONBLOCK from pid file open for platforms that dont have it.
proto.h: Changed snum to cnum where needed. Changed is_xx_path to is_in_path
(now called via MACRO).
quotas.c: Swapped setuid/seteuid calls when restoring uid.
reply.c: Removed redundent snum parameters.
server.c: Changed snum to cnum where needed. Setup new veto_list, hide_list
namelists. Added standard_sub changes from
Stefaan A Eeckels <Stefaan.Eeckels@ecc.lu> and
Paul Rippin <pr3245@nopc.eurostat.cec.be>
shmem.c: Changed cast for sizeof to be int before negating.
smb.h: Added new veto_list, hide_list entries to connections.
Added IS_PRINT, IS_HIDDEN_PATH, IS_VETO_PATH macros.
trans2.c: Removed redundent snum parameters.
util.c: Added standard_sub_basic changes from
Stefaan A Eeckels <Stefaan.Eeckels@ecc.lu> and
Paul Rippin <pr3245@nopc.eurostat.cec.be>
Fixed up veto/hidden path processing so the paths are
pres-parsed and checked for wildcards (for speed).
Jeremy (jallison@whistle.com)
(This used to be commit 9afa36f7874cfd527aa6ef1e7965c1d35d46ab1f)
|
