Age | Commit message (Collapse) | Author | Files | Lines |
|
protocol < LANMAN1
(This used to be commit 95ad2c284dad9c5042ac113eb7067a10531d34a1)
|
|
back into the main tree.
For the cvs logs of all the files starting nmbd_*.c, look
in the JRA_NMBD_REWRITE branch. That branch has now been
discontinued.
Jeremy.
(This used to be commit d80b0cb645f81d16734929a0b27a91c6650499bb)
|
|
(This used to be commit c779ed654ec7d9f1fc870476a05d2294e8c0faea)
|
|
(This used to be commit 8ced76c4c71c67c54bf0deedff5a7adfca04e4f3)
|
|
"interpret_security" and similar functions. This also means that
testparm produces string values for these enumerated types rather than
an integer. This was done to make the web interface much cleaner.
While I was doing this I found a couple of very nasty bugs in the
parm_table code. Someone had added a handle_character_set() function
that treated the char** pointer for a P_STRING as an integer! This
would have caused memory corruption for anyone using the "character
set" option. The loadparm code is delicate - please be careful about
using it's more esoteric features!
I've also removed the "coding system" global and made it a
P_STRING. The integer value was never used anywhere in Samba.
(This used to be commit bac6b0daa288e879330e3d585582122bb93a1ffb)
|
|
remove problems.
Jeremy
(This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a)
|
|
typecasting for the debug messages of the data dump. hm.
#ifdef NTDOMAIN
ntclient.c rpc_pipes/lsaparse.c rpc_pipes/ntclientnet.c rpc_pipes/smbparse.c :
adding "Net Server Password Set" functionality to smbclient.
#endif
(This used to be commit ad43183d2dd62a808c9fba03f81562362d4de713)
|
|
separated out smb server-mode password validation into a separate file.
added called and calling netbios names to client gen state: referenced
section in rfc1002.txt.
created workstation trust account checking code in ntclient.c
there might be a bug in reply_session_setup_andX. i indented and added { }
around single-line if statements: the lm password checking code now doesn't
look right (around the GUEST_SESSSETUP bits). *no code semantics have been
changed by the indentation process*.
(This used to be commit f27966957fa7f16d337a4a58719239d036deab4c)
|
|
like it, has *not* been added.
this is the client and server side of the SAM Logon NT and LM OWF password
obfuscation (rc4 with the long-term session key).
(This used to be commit 4cf4dd696714492f8e51661cab4736d66ab2916b)
|
|
This should fix the byte order problems (maybe!)
(This used to be commit 21878e7d8628d05786c3c76f2943e31df1096577)
|
|
rpc_pipes/ntclientlsa.c rpc_pipes/ntclientnet.c
rpc_pipes/ntclientpipe.c :
added extra argument to cli_call_api() to allow specifying the length of
the \PIPE\ name. it appears that, like when the name of the pipe is NULL
and OS-2 requires two extra bytes _after_ the NULL name, that NT requires
two bytes after the NULL-terminated name "\PIPE\". these two bytes vary,
but values seen so far are: 0x72 0x70; 0x63 0x65; 0x44 0x65; 0x4E 0x00.
there appears not to be much logic to this. purpose unknown.
ntclient.c:
put Set Named Pipe Handle State call directly after SMBopenX call.
(This used to be commit 54c245be152e5fa8f5b535c93f8d11c5f591e23f)
|
|
techniques more accurately.
(This used to be commit 054e3b2ae3a8cfb98fde72becef9b05de34d2ba7)
|
|
exactly when you call this (before or after a bind). can sort that out
later.
(This used to be commit a64ba16db615f83739c147a521ccff3f7c42987b)
|
|
which are pipes on the IPC$ connection.
created mechanism to record pipe names in a separate pipes_struct. it
is planned to expand this, to return sensible things like interface
structures, and policy handles (RPC_IFACE and LSA_POL_HND). and the like.
(This used to be commit 33cce5fac0e2f818a19a6c4e6a797ef44f3b5c75)
|
|
(This used to be commit 50d7e4d6f6b5d770742ee83523d6146cf51f8259)
|
|
(This used to be commit 6b0e51929495582bc48a4d5fba24aa7c1f7caaf6)
|
|
added mode for printing debug array data as chars not uint8/16/32s.
only really useful for (uint8) strings or (uint16) unicode strings
lsaparse.c smbparse.c smb.h :
rpc bind and rpc bind ack structures and parsing and creation functions.
ipc.c pipes.c pipenetlog.c pipentlsa.c pipesrvsvc.c :
using rpc bind / bind ack parsing routines instead of incorrect use of
api_LsarpcTNP1 function.
ntclient.c :
creation of do_rpc_bind() function.
THAT'S IT, FOLKS!
(This used to be commit 21c89e2f17c51939fd6b53dddbe3072419eb0db2)
|
|
added bind and bind ack structures and parsing functions. restructured
rpc header stuff.
ntclient.c pipenetlog.c pipentlsa.c pipesrvsvc.c :
having to deal with restructuring above.
(This used to be commit 9f2c4f1fee7e411adba8f529b7666a7325584457)
|
|
updated Query Info Policy to report domain name and domain sid for info levels
3 and 5.
fixed bug in dom_sid_to_string (idauths decoded wrong). fixed bug in DOM_SID:
subauths are 32 bit not 16.
(This used to be commit 2f3cca23e2465ca6a3a31fda005af1fd74f6af92)
|
|
Jeremy.
(This used to be commit 598e98e5612250966696826a98de35356f8f03d8)
|
|
fixed a problem with byte ordering (doing an SIVAL of the setup parameters
which was _also_ being done in the creation of the SMB header. oops).
(This used to be commit 541fb82895008cc30477019cdcafed9fdbbeac43)
|
|
(This used to be commit 16cc27852bf54999db4b0a3665b0743d9fe0e74a)
|
|
Q/R LSA_REQ_CHAL; Q/R LSA_AUTH2; Q/R LSA_SAMLOGON; Q/R LSA_SAMLOGOFF.
the last (non-essential right now) bit is the LSA_SRV_PWSET.
the next stage is to do LSA_OPENPOLICY; add the pipe binds (missing right
now); then we can test against an NT Server.
(This used to be commit 0a549e62fbf11a3ff1f1de663176e30006553e08)
|
|
in clientutil.c (Luke, you can't just copy a global variable
declaration from one file to another, you need to declare one of them
extern)
(This used to be commit 944ecbcbd47afcc20e2e408a06d57c7b8d0d86a8)
|
|
code, which means we don't have to link with a fake getpass routine
and we don't have a whole pile of global variables that really have
nothing to do with nmbd and were there to keep the client code happy.
The code should function identically to what it did before (hopefully
it was correct)
The only thing that now uses the horrible clientutil.c code is
smbclient.
(This used to be commit 4bf5c03b18f88b566f3ac12cc4b3a9c5c96fd35d)
|
|
Logon query. i think i even got the client-side checking of the response
credentials right!
(This used to be commit f14c111835e18e361468cc6a1666a02654afe743)
|
|
YEAH!
need to add:
- client-side credential calculation
- client-side parsing of the SAM logon response.
(This used to be commit 349677de3f06bb0892862de0e11172adeffda18a)
|
|
adding bits for new nt domain code
byteorder.h :
trying to get macros right, and not to crash on SUNOS5...
client.c :
added #ifdef NTDOMAIN, and created do_nt_login() function. don't
want to have to recompile client.c unless absolutely necessary.
credentials.c :
moved deal_with_creds() [possibly inappropriately] into credentials.c
ipc.c reply.c server.c uid.c :
attempting to make (un)become_root() functions calleable from smbclient.
this is a little tricky: smbclient might have to be another setuid
root program, immediately setuid'ing to non-root, so that we can
reset-uid to root to get at the smbpasswd file. or, have a secure
pipe mechanism to smbd to grab smbpasswd entries. or the like.
smbdes.c smbencrypt.c :
created a function to generate lm and nt owf hashes.
lsaparse.c ntclient.c smbparse.c :
added nt client LSA_AUTH2 code. it works, too!
pipenetlog.c pipentlsa.c pipesrvsvc.c :
simplification. code-shuffling. getting that damn offset right
for the opcode in RPC_HDR.
smb.h :
changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL.
we might need to store the server times as well.
proto.h :
the usual.
(This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07)
|
|
added a structure that wraps nt errors as strings and enums, so we
can do a smb_nt_error() function.
Makefile ntclient.c :
added ntclient.c, broken out nt domain stuff into a separate file.
getting fed up of compile-times and size of client.c.
fixed the do_lsa_req_chal() function. made it read the response,
and return the challenge credentials received from the server.
next stop: do_lsa_auth_2().
client.c :
removed nt domain logon functions into a separate file.
pipenetlog.c pipentlsa.c pipesrvsvc.c smbparse.c :
i'd broken the offsets of the RPC_HDR while trying to sort out the
nt client code. fixed it again. added some robustness stuff.
util.c :
the unistrn2() function was null-terminating the string at one
character too many.
(This used to be commit 39cec7f698c4461aee05cfbb213879fbd486117d)
|
|
cli_call_api(). sorting this for jeremy.
there is a discrepancy between the client.c list_servers() and the nmbsync.c
add_info() calls to cli_call_api() - one has an mdrcount of 1024, the other
of zero.
i don't know what difference this makes.
(This used to be commit d8c265c515985414962bb5187c9f92d016281dcc)
|
|
trying to set up the data parameters etc and not understanding what's going on.
in api_netlogTNP, added smb_io_rpc_hdr() call to decode the header received
(and in this instance, generated by do_lsa_req_chal()). and then noticed
that it's two bytes out. but i don't know how to do "byte parameters"
and it's not the same format as the LSA_REQCHAL received from nt workstations.
agh!
(This used to be commit 0cc8ce43e1d54b44237bb525f4cf6b77e7ca3ced)
|
|
and then send a LSA_REQ_CHAL down it.
(This used to be commit 473f21071fad603865358821b83df6b58c9a06a5)
|
|
send to \PIPE\ not \PIPE\NETLOGON.
ipc.c :
fstring name not being bzero'd caused problems when calling named_pipe().
(This used to be commit 2393c49b0509b8ce021f0acfba135219cd753cf9)
|
|
adding start of undocumented options to do NT domain logons, client-side.
starting with LSA_REQCHAL.
the code here happily crashes smbd: i'll investigate this further... :-)
smbparse.c pipeutil.c lsaparse.c :
moved some of the common make_xxxx() functions out of pipeutil.c
so that the make_xxxx and (smb/lsa)_io_xxxx functions now sit
together. makes sense, really...
added a make_q_req_chal() function.
restructured make_rpc_reply() and called it make_rpc_hdr(). created
functions create_rpc_reply() and create_rpc_response().
pipenetlog.c pipentlsa.c pipesrvsvc.c
calling new create_rpc_reply() function instead of old make_rpc_reply().
proto.h :
usual.
smb.h:
added enum for RPC_PACKET_TYPE
(This used to be commit b88ee3e16c6b671069f53ca2e9c5694ec8b1c030)
|
|
redid the split that i did a year ago, taking the functions in client.c
out into clientutil.c. guess what? we could now do encrypted password
NetServerEnum2 calls in nmbd, if we wanted to.
i can now use cli_call_api() to send to different pipes. i hope.
pipenetlog.c:
allow adding to users group _and_ to admin group. if adding to
guest group, don't allow adding to users or admin as well.
smb.h :
added some pipe #defines (\PIPE\NETLOGON \PIPE\srvsvc ...)
proto.h :
usual.
(This used to be commit 6ee065ce6e099acfc7e83ad399ef6e60b4c625c1)
|
|
I'm actually hoping to remove this module completely once we convert
nmbd to using the new (much cleaner) clientgen.c
smbclient now also reports if it connects as a guest user
(This used to be commit 3af8d855facfc436cb4b64fa58aca8c056a5348e)
|
|
(This used to be commit 1cccd7c519b8a706567477629bee70f7b7267b5c)
|
|
change MAX_PASSWORD_LENGTH to MAX_PASS_LEN to prevent conflict on some
systems
add #ifdef around soft link dependent code (for systems that don't
have soft links)
(This used to be commit e10ba4b97a219e87b62d32834bf15ed2e323ed2e)
|
|
locking.c: Removed USE_OPLOCKS - now the default.
params.c: Removed unused variable.
proto.h: Updated.
reply.c: Removed USE_OPLOCKS - now the default.
server.c: Removed USE_OPLOCKS - now the default.
smb.h: Removed USE_OPLOCKS - now the default.
smbparse.c: Changed shadowed variable.
status.c: Removed USE_OPLOCKS - now the default.
util.c: Removed USE_OPLOCKS - now the default.
Jeremy (jallison@whistle.com)
(This used to be commit b93509846d6291771787af457500eec8984ee6bd)
|
|
(This used to be commit d40199f4fe1344058267859820cb36b77a20442a)
|
|
(This used to be commit 0eb9a590430c328e6ebc46ff8ab05f181921769a)
|
|
Jeremy (jallison@whistle.com)
(This used to be commit e7eb1f044d3101679dc7a118820ea5efe0cd837c)
|
|
(This used to be commit 2c5587a6fe425b1cc57cf28e92e77ba84f08ce33)
|
|
Caused proto.h to be from a sorted list of C files.
arcfour.h: Added prototypes.
client.c: Added username%password in environment patch from John Blair <jdblair@frodo.tucc.uab.edu>
loadparm.c: Added username manipulation code from Peter McCool [SMTP:peter@qimr.edu.au]
username.c: Added username manipulation code from Peter McCool [SMTP:peter@qimr.edu.au]
mkproto.awk: Added arc4_key type.
proto.h: Updated & sorted.
Jeremy (jallison@whistle.com)
(This used to be commit 97ed4fea67095dfb83227e7b5fffc236ff277e02)
|
|
handle file paths longer than 100 characters (the limit of the normal
tar format).
This patch adds support for producing GNU tar files (which have no
real limit on the path length) in smbclient.
Note that I have only added support for producing GNU tar files, I
haven't added support for accepting them when restoring. I thought I'd
leave that up to John :-)
(This used to be commit d5daf85162e844c9e953cc4dfbb3f1d800747130)
|
|
1) put the encryption code in by default, with no #ifdef. It is still
disabled by default so you need to add "encrypt passwords = yes" in
smb.conf but at least all binaries will have it.
2) cleanup the kanji code so it compiles with no warnings
3) get rid of lots of uses of ugly non-portable C code. The main
offender being things like "register" but also remove uses of the
"const" keyword as there are compilers out there that don't support it
and even those that do often complain about its usage. Users don't
like warnings :-(
There is still some work to do. We need to replace the md4 code with
our own implementation. The current code (from rfc1186) is PD but is
not very portable. The new RFC (rfc1320) is more portable but adds
copyright restrictions. I'll do a from-scratch MD4 soon.
We also need to test that what I've implemented is portable. It should
be, but I'm too tired right now to test it on anything other than
intel linux.
(This used to be commit db917c62c14315afe6f0745a8097c1bca25cbf07)
|
|
mangle.c smb.h util.c:
Big merge to allow KANJI support to be in the main
binary without explicitly compiling with it.
locking.c: Fix for smbstatus not being able to read files.
namepacket.c: Removed unneccesary debug statement.
trans2.c: Added Luke's proposed fix (ifdefed out until further testing).
nmblookup.c: Fixed bug where query fails and status is done on bogus IP.
Jeremy (jallison@whistle.com)
(This used to be commit 9196255022ae8c51b527412747b324819bea2c13)
|
|
status.c: Made sure myhostname was initialised before substitutions.
server.c
trans2.c: Moved OS/2 WPS fix.
Jeremy (jallison@whistle.com)
(This used to be commit 8a12b6a4f0feec712f5c4e02e21198c455b060ae)
|
|
nmbsync.c: Make sure REPLACE_GETPASS is defined before including includes.h
clientutil.c: Catch null passwords.
Fixes for a nmbd crash bug found by Herb Lewis @ SGI.
Jermey(jallison@whistle.com)
(This used to be commit 45c266baaea8755f1a3c0c4c7a87eb0752848ca2)
|
|
Leos Bitto <bitto@altec.cz>.
clitar.c:
proto.h: Fixed proto mismatch for strslashcmp().
Jermey (jallison@netcom.com)
(This used to be commit c7a4647b7a84641f5fed6b67d45c241fff19c2b3)
|