Age | Commit message (Collapse) | Author | Files | Lines |
|
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE
(This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
|
|
(This used to be commit 2ff89e1ee830ee2496861396ff69a232b0605b2f)
|
|
(This used to be commit e599eba851db40816c684da2b7b1be4b978166e0)
|
|
split out privileges from rpc_lsa.h
(This used to be commit 37d7cc8162d02a664095dbe0fc8d7250d1ed51c9)
|
|
(This used to be commit fb03fafed14a2816808e98fd95850db3e655d5d9)
|
|
(This used to be commit a4fc9c3b2dfbdbb3f75bf38415741ff66dbe1367)
|
|
SAM_ACCOUNT does not have anymore uid and gid fields
all the code that used them has been fixed to use the proper idmap calls
fix to idmap_tdb for first time idmap.tdb initialization.
auth_serversupplied_info structure has now an uid and gid field
few other fixes to make the system behave correctly with idmap
tested only with tdbsam, but smbpasswd and nisplus should be ok
have not tested ldap !
(This used to be commit 6a6f6032467e55aa9b76390e035623976477ba42)
|
|
function. Patch by metze with some minor modifications.
(This used to be commit f4576757d1d52a8f1b96894c869bb76450003fd1)
|
|
(This used to be commit 74fab8f0d24004b1dfd5ce0fd7402895652f941f)
|
|
requests and responses and is only compiled in when --enable-developer
is passed to configure. It includes server and client side code for
generating and responding to functions on this pipe. The functions are:
- AddOne: add one to the uint32 argument and return ig
- EchoData: echo back a variable sized char array to the caller
- SourceData: request a variable sized char array
- SinkData: send a variable sized char array and throw it away
There's a win32 implementation of the client and server in the
junkcode CVS repository in the rpcecho-win32 subdirectory.
(This used to be commit 4ccd34ef836eba05f81dc2da73fd7cfaac201798)
|
|
rpcclient -S pdc -U% -c "samlogon user password"
and it should work with the schannel. Needs testing platforms
different from NT4SP6.
Volker
(This used to be commit ecd0ee4d248e750168597ccf79c389513bb0f740)
|
|
just need to get the verifiction code working - we get back a signiture from
the server, and just can't verify it yet.
This also brings the short-packet checks into common code, and breaks the
connection if the server sends a signed reply, on an established connection,
that fails the test.
This breaks our read/write code at the moment, as we need to keep a list
of outstanding packets.
(signing is not enabled by default, unless the server demands it)
Not for 3.0 till I fix the outstanding packet list.
Andrew Barlett
(This used to be commit 808d1fcf20153970d587cb631a08607beb09703a)
|
|
(This used to be commit 5a88d78f67fd7853d6f7d5042807afa56091d52c)
|
|
Added new sid type = 9 for "computer" from MSDN.
(This used to be commit 45929d126932e5cac5a23fe76d28a4fa05b54b77)
|
|
from .NET RC2)
(This used to be commit 4c823e61d14a33344deb887043b60b2e3c83416f)
|
|
* distinguish WinXP from Win2k
* add a 1/3 of a second delay in OpenPrinter
in order to trigger a LAN/WAN optimization in
2k clients.
(This used to be commit 96570699d1b715f47c35aa211da6ec18f6fc4109)
|
|
for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb
(does not interfere with existing locks).
Jeremy.
(This used to be commit 22fc0d48ff2052b4274c65f85050c58b235bf4e4)
|
|
modules/developer.c: init_module() should return an int
(This used to be commit 7f59703550378ff2333e3c851bf1a77037510abd)
|
|
- Don't use pstrcpy into an allocated string - use safe_strcpy() directly
instead.
- Keep a copy of the 'server_info' attached to the vuid. In future use this
for things like the session key, homedir and full name instead of current
copies.
- Try to avoid memory leak/segfault on Realloc failure
- clear up #endif comments
Andrew Bartlett
(This used to be commit 162477bb086827950b6cb71afa9bef62c2753c2e)
|
|
(This used to be commit 8f495e8634a1777c4b03d3ec07c76f905ff2fb98)
|
|
level 2 and a request for open with no oplock is received then the
smbd should send *synchronous* break messages, not asynchronous,
otherwise it spins very rapidly, releasing the lock, sending the
'break to none' messages and then re-acquiring the lock before
any other process has a chance to get the lock and remove it's own
oplock (at least on linux).
Jeremy.
(This used to be commit d1e8991a76a57b7d96dd7db3c1d9bbf5b28da88e)
|
|
Jeremy.
(This used to be commit 6e0cfec16594ade6e6c499f521781348fee25040)
|
|
This patch makes Samba compile cleanly with -Wwrite-strings.
- That is, all string literals are marked as 'const'. These strings are
always read only, this just marks them as such for passing to other functions.
What is most supprising is that I didn't need to change more than a few lines of code (all
in 'net', which got a small cleanup of net.h and extern variables). The rest
is just adding a lot of 'const'.
As far as I can tell, I have not added any new warnings - apart from making all
of tdbutil.c's function const (so they warn for adding that const string to
struct).
Andrew Bartlett
(This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
|
|
server = DC1 *
(This used to be commit 6b18ca9511ddcf1718f222af3f61491d1e5f3b60)
|
|
jobid. This was causing Win9x client "set name" calls to fail.
Still need one cleanup fix to finish.
Jeremy.
(This used to be commit 15f0bad1fc72ff44cd195d34fd530c25a739f42d)
|
|
Jeremy.
(This used to be commit 4a9c995e50b24e6ee6ec58c46da32100a8197724)
|
|
(This used to be commit 759bcd881dd259d5ad43715f6979c5282b094d52)
|
|
Jeremy.
(This used to be commit e39e2b4c3488fbd9e9a08dd5629a672d1459e64e)
|
|
-V Version information
-n Set netbios name
-l Set directory to store log files in
-d Set debuglevel
-s Load specified configuration file
-O Set socket options
(This used to be commit 1602d5894947b59fd36c161053a66c0afe2c959c)
|
|
(This used to be commit a15434314fd8cd88eab40e7cbc8f06a7d0d0169e)
|
|
- make smb_load_module() return the return value of init_module()
(This used to be commit a8d2dd8d009797486105188f8fdb898a65bb25b0)
|
|
(This used to be commit 4d1206be5275a8af7dfb612f1747fba484a7d017)
|
|
Added directory specific access mask bits.
(This used to be commit edbd942a8d0edcb5e7cc3086c3d98c6ff1d6cd80)
|
|
The actual design change is relitivly small however:
It all goes back to jerry's 'BOOL store', added to many of the elements in a
SAM_ACCOUNT. This ensured that smb.conf defaults did not get 'fixed' into
ldap. This was a great win for admins, and this patch follows in the same way.
This patch extends the concept - we don't store values back into LDAP unless
they have been changed. So if we read a value, but don't update it, or we
read a value, find it's not there and use a default, we will not update
ldap with that value. This reduced clutter in our LDAP DB, and makes it
easier to change defaults later on.
Metze's particular problem was that when we 'write back' an unchanged value,
we would clear any muliple values in that feild. Now he can still have his
mulitivalued 'uid' feild, without Samba changing it for *every* other
operation.
This also applies to many other attributes, and helps to eliminate a nasty
race condition. (Time between get and set)
This patch is big, and needs more testing, but metze has tested usrmgr, and
I've fixed some pdbedit bugs, and tested domain joins, so it isn't compleatly
flawed ;-).
The same system will be introduced into the SAM code shortly, but this fixes
bugs that people were coming across in production uses of Samba 3.0/HEAD, hence
it's inclusion here.
Andrew Bartlett
(This used to be commit 7f237bde212eb188df84a5d8adb598a93fba8155)
|
|
(This used to be commit 738b9237eda8fdb8adb534ab1a84070923f352f1)
|
|
also try to uniform names to a clean scheme.
first part.
(This used to be commit a123e05877caf90c28980be2d84b1d0b46e4fd21)
|
|
the ones for debuglevel and configuration file in pdbedit
(This used to be commit cb0d03a393d9009c3e16b9d05d88c171de9a9414)
|
|
(This used to be commit f70caa25e4ee198151b915cf2bc0a26b2d0e243d)
|
|
from APP_HEAD
(This used to be commit 38c9e4299845fd77cc8629945ce2d259489f7437)
|
|
Jeremy.
(This used to be commit 736a7bab487d7e217eed452e2089adb6b4164ad5)
|
|
pdb_ldap and adds a 'ldap passwd sync' option.
The idea with this option is to do allow an ldap backend to do all the fancy
password hashing etc - and to tell smbd no to try and double-up. Using 'ldap
passwd sync = only' will do this, but is not recommended unless such a backend
is in place...
Running 'ldap passwd sync = yes' just gets you the same as doing 'pam passwd
sync = yes' and having both PAM and pam_ldap correctly configured for 'magic
root' behaviour, but only using ldap connection, and one set of credentials.
This also gets us closer to allowing ldap to say 'password too short' etc,
which might assist in maintaining a consistant password policy.
Andrew Bartlett
(This used to be commit f13e243f1a13d34ae057b40b01f561e8b95d4570)
|
|
Added new SWAT Flags for Advanced and Developer modes.
(This used to be commit 0250e2c52c7d7aa25308b6c20b8e2a51184cb598)
|
|
The global winbind file descriptor can cause havoc in some situations -
particulary when it becomes 0, 1 or 2. This patch (based on some very nice
work by Hannes Schmidt <mail@schmidt-net.via.t-online.de>) starts to recitfy
the problem by ensuring that the close-on-exec flag is set, and that we move
above 3 in the file descriptor table.
I've also decided that the PAM module can close it's pipe handle on every
request - this isn't performance-critical code.
The next step is to do the same for nss_winbind. (But things like getent()
might get in our way there).
This also cleans up some function prototypes, puts them in just one place.
Andrew Bartlett
(This used to be commit 442eb39657b98f67cd229ed3110b63aae8bf4e3c)
|
|
in includes.h
Andrew Bartlett
(This used to be commit ed184ed1905b49956528b6835f48a69ba3c1a045)
|
|
sending broadcast messages. Also initial cut-down of printing notify
messages (not yet finished).
Jeremy.
(This used to be commit aca333719695b278843c59e1c6eb07d6655fd59c)
|
|
Jeremy.
(This used to be commit df3e467eb7cce059782870bfec222293577c4f69)
|
|
Jeremy.
(This used to be commit 095e2bf9469a4c26814fb049f2870983c090ed81)
|
|
(Wrapping to zero does not create problems in this cache)
Andrew Bartlett
(This used to be commit c58e3d5c7d78dd02584b1490a27f7007e11b8712)
|
|
Jeremy.
(This used to be commit e53a81261ed189881c0f07e1b46f97aa6770cab7)
|
|
our authenticaion code - removing some of the duplication from the current
code.
This also gets us *much* closer to supporting a real SAM backend, becouse the
SAM can give us the right info then.
This also changes our service.c code, so that we do a VUID (rather than uid)
cache on the connection struct, and do full NT ACL/NT_TOKEN checks (or cached
equivilant) on every packet, for the same r or rw mode the whole share was open
for.
Andrew Bartlett
(This used to be commit d8122cee059fc7098bfa7e42e638a9958b3ac902)
|