summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
1998-05-19oops - got some of the default (conversion) functions wrong.Luke Leighton1-3/+0
(This used to be commit b836581cda2b58d285245f71f2bc419c6ece4911)
1998-05-19removed "default" system for password database api: all functions mustLuke Leighton2-1/+3
be supported. there are some stub routines in passdb.c which can be copied into a password database api which do conversion. the module writer can choose which of these to provide full support for instead of using the conversion routines. (This used to be commit d906ac5941fa22f93a38d65906b89a80f971b83c)
1998-05-19ldap.c :Luke Leighton2-7/+36
- added support for some of the new passdb_ops functions. - removed functions that are supported "indirectly" through passdb.c nisppass.c : - modified make_nisname_from_xxx() functions to take a "file" arg. - turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid() functionality is available through "indirect" support in passdb.c - removed functions that are supported "indirectly" through passdb.c - added support for some of the new passdb_ops functions. passdb.c : - created getsam21pwrid() function to go alongside getsam21pwuid. it is not expected that getsam21pwuid ever be used, certainly not from the lib/rpc code. - created getsamdisprid() and getsamdispent(). these are primarily for support of SamrQueryDisplayInfo, however given that they [struct sam_disp_info] return username, rid and fullname, there may be further instances where these functions will be useful. - added support where either the get/add/mod-smb or get/add/mod-sam21 functions are optional. this can be done very easily by checking whether the struct passdb_ops table functions are NULL or not. documented this capability in the notes at the top of the module. - where unix uid was referenced, use uid_t. - where unix gid was referenced, use gid_t. smb.h : - added sam_disp_info functions to passdb_ops. - added getsam21pwrid() function. smbpass.c : - added reference to iterate_getsam21pwrid(). lib/rpc/server/srv_samr.c : - removed group rid code added to get_user_info_21() code: this had been added in the wrong place. the client / server should already know whether it wants to do a lookup by user rid or by group rid. the test of whether the rid is a user or group rid has been left in because this may become useful consistency-check code. - converted back to getsam21pwrid() not getsam21pwuid(pdb_user_rid_to_uid()). this is because the unix uid to user rid mapping can be non-monotonic in some password database systems, and monotonic in others. imposing the restriction by converting immediately from rid to uid at this point is inadviseable, and will place this potential restriction on _all_ password database systems, not just some which, for whatever reason, do not support user rids. it should be up to the individual password database writer to convert from user rid to unix uid, should that module not support rids. lib/rpc/server/srv_util.c : - got lookup_user_name() to call getsamdisprid() not getsmbpwuid(). a bug was introduced (or at least the bug already there was not fixed) whereby the nt user rid was converted to a unix uid, and then not used. (This used to be commit 0193dd21c3c44e0611add742c6f92b92474de6b8)
1998-05-18Abstracted all the crappy password interfaces through an indirectJeremy Allison2-27/+45
function table, selectable at compile time. This should make the code that implements all the password functions much cleaner, as it's now very clear exactly what a particular password database needs to provide to Samba. Jeremy. (This used to be commit 27ca536ad974242524c12f7100e419d9e7f9647f)
1998-05-18chgpasswd.c: Changed back to getsmb... from getsam...Jeremy Allison2-29/+31
ldap.c: Stoped dummy_function being prototyped. loadparm.c: Fixed slprintf sizes. nisppass.c: Fixed safe_strcpy sizes. nmbd_processlogon.c: Changed back to getsmb... from getsam... nttrans.c: Just a dump of new code. passdb.c: Moved stuff around a lot - stopped any lookups by rid. This needs to be indirected through a function table (soon). password.c: Changed back to getsmb... from getsam... reply.c: Changed back to getsmb... from getsam... slprintf.c: Fixed prototype problems. smb.h: Fixed prototype problems. smbpass.c: Changed to getsmbfile.... smbpasswd.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup. lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam... Jeremy. (This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
1998-05-18removed references to some of the smb_passwd routines from ldap and nis+Luke Leighton1-6/+5
code, use pdb_sam_to_smb(...sam21...) calls instead. this is a lot simpler. (This used to be commit d92f4e71c12ce5010f05fa7dd3918a48e7386d1e)
1998-05-18creating and using some pdb_init_(sam/smb) routines. putting ldap headersLuke Leighton1-0/+4
back in (they had been taken out of includes.h because they are only local to ldap.c. (This used to be commit 98ab085b93fb25a4d9275c0d54a863fd9fae2548)
1998-05-18resolving compilation errorsLuke Leighton1-1/+0
(This used to be commit dea0c06eec44a7c2860f97d8f23584d30e482e0a)
1998-05-18received update from jean francois for ldap.c: he is doing add / modLuke Leighton1-4/+10
functions (This used to be commit 381df1e52bfc97b80422de2703db8cb521dc47e1)
1998-05-18Makefile:Luke Leighton3-23/+43
- added nisppass.c and NISPLUS_FLAGS includes.h: - renamed USE_LDAP to USE_LDAP_DB. renamed NISPLUS to USE_NISPLUS_DB. added default define of USE_SMBPASS_DB. - removed ldap headers: they are local only to ldap.c ldap.c : - made all ldap-specific functions static. - added dummy sam21 functions loadparm.c : - renamed NISPLUS to NISPLUS_HOME mkproto.awk - commented out ldap-specific #ifdef generation code: it's not needed now that ldap-specific functions in ldap.c are static nisppass.c : - first attempt at an add function from (This used to be commit f215d375f0f1e12894c2a9e86bd28d4776d337c1)
1998-05-14passdb.cJeremy Allison1-1/+2
server.c: Moved generate_machine_sid() into passdb.c for Jean-Francois (who might want an LDAP version). Changed locking to free exclusive lock as soon as possible to prevent contention. lib/rpc/parse/parse_samr.c lib/rpc/server/srv_samr.c: Changed last SID-as-string manipulation function to use DOM_SID structure. Jeremy. (This used to be commit 3b8f5aef57b4f37265c0403385053085f0df6f18)
1998-05-14robert frank - some Next3 compilation errors detected.Luke Leighton1-1/+1
(This used to be commit da3d9602c71094df4dba0edd45ade71555f5e97b)
1998-05-14namequery.c: Fixed SGI IRIX 5.x compiler problem.Jeremy Allison1-0/+1
server.c: Added MACHINE.SID file generation - use lp_domain_sid() be default. smbpass.c: Exposed do_file_lock() as I now use it in server.c Jeremy. (This used to be commit 5bf17840ac7d65d08dd3fdfe8b789010488f6808)
1998-05-14chgpasswd.c: Added comments to #ifdefsJeremy Allison2-11/+13
ipc.c: Caused samba password changing not to be done if UNIX password changing requested and not successful. util.c: Added string_to_sid() and sid_to_string() functions. lib/rpc/client/cli_samr.c: lib/rpc/include/rpc_misc.h: lib/rpc/parse/parse_lsa.c: lib/rpc/parse/parse_misc.c: lib/rpc/parse/parse_net.c: lib/rpc/parse/parse_samr.c: lib/rpc/server/srv_lsa.c: lib/rpc/server/srv_lsa_hnd.c: lib/rpc/server/srv_netlog.c: lib/rpc/server/srv_samr.c: lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs around as char *, they are converted to DOM_SID at the earliest opportunity, and passed around as that. Also added dynamic memory allocation of group sids. Preparing to auto-generate machine sid. Jeremy. (This used to be commit 134d6fa79c1b6b9505a2c84ba9bfb91dd3be76e5)
1998-05-13Fixed up HPUX entry.Jeremy Allison1-2/+4
Jeremy. (This used to be commit a7afda2e4ecab226c90db023293f5d460e81ae2f)
1998-05-13we don't need a typedef for stringAndrew Tridgell1-2/+0
(This used to be commit 9907296225e35548dadd70e1be5a06517b27bb87)
1998-05-12includes.h: SunOS doesn't have strcasecmp, solaris versions prior to 2.6 don'tJeremy Allison2-6/+3
have vsnprintf. locking_slow.c: slight tidy. make_smbcodepage.c: Use safe_strcpy instead of pstrcpy. nmbd_winsserver.c: Use pstrcpy instead of fstrcpy. smbmount.c: Fixed reported bug. util.c: Removed old fstrcpy/fstrcat functions. Jeremy. (This used to be commit f257d2e4bafd3944cca737699913a8d868279ca6)
1998-05-12removed lp_domain_workstation() parameterLuke Leighton1-6/+0
(This used to be commit 80d6a3bb0cf3853aa51594cce888e6c0a6e6f634)
1998-05-12This is a security audit change of the main source.Jeremy Allison3-7/+32
It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
1998-05-11add lp_domain_workstations() parameter. this is a list of workstation namesLuke Leighton1-0/+3
from which an NT user can log in from. empty (default) indicates no restrictions. exactly how this is enforced is unknown. from past experience it's likely that the enforcement is left to the client to carry out... (This used to be commit 6b2f9ea68f5754ca6caaf685a9538ab404e1bab4)
1998-05-11ldap back-end database developmentLuke Leighton2-20/+50
Makefile: created PASSBD_OBJ group includes.h: added #ifdef USE_LDAP to #include <ldap> headers ldap.c: - renamed "_machine" to "_trust" everywhere. - added sam_passwd support routines - removed get_ldappwd_entry function: replaced with get_sampwd_entry - removed getldappwnam/uid: replaced with getsampwnam/uid - other messing about bits which are probably going to annoy the hell out of jean-francois (sorry!) mkproto.awk: - added stuff to wrap ldap.c protos with #ifdef USE_LDAP - added uid_t and gid_t return results to the prototype generation passdb.c: - created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry. - modified getsampwnam/uid and created getsam21pwnam/rid functions to replace the local get_smbpwd_entry() and get_ldappwd_entry() functions, which jeremy didn't like anyway because they were dual-purpose. - added utility routines which are or may be useful to all the password database routines. password.c: - renamed "machine_" to "trust_" everywhere. smbpass.c: - removed get_smbpwd_entry function: replaced it with get_sampwd_entry functions in passdb.c - moved code that decoded acct_ctrl into passdb.c - moved encode_acct_ctrl into passdb.c - removed getsmbpwnam/uid: replaced with getsampwnam/uid - renamed "machine_" to "trust_" everywhere. smbpasswd.c: - renamed "machine_" to "trust_" everywhere. util.c: - moved gethexpwd function into passdb.c lib/rpc/server/srv_util.c: - moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c (This used to be commit 673ab50c4c2c25db355d90efde3a6bfbb4d8369e)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell2-0/+6
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
1998-05-08added sam_passwd structure: don't want smb_passwd to be "polluted".Luke Leighton1-6/+50
(This used to be commit d42dd371fa2ab690bf4261a735f03a7380479ebe)
1998-05-08clitar.c: #ifdef'ed out all the bits that were giving 'defined but not used'Jeremy Allison1-39/+6
messages. nttrans.c: More updates. smb.h: Removed stuff that didn't belong in the smb_passwd struct. Persuaded Luke to use a new structure. web/swat.c: Fixed gcc complaints about shadowing global 'string'. Jeremy. (This used to be commit 61c1dbb9785ed1e6fe40f93c7cc65024884df6f5)
1998-05-08Ho hum, someone deleted proto.h from cvs... re-adding.Jeremy Allison1-0/+2070
Jeremy. (This used to be commit 6dde50738fcdbaae799101b84ab6b6270696193d)
1998-05-08proto.h was being a pain. use "make proto" instead. check release andLuke Leighton1-2070/+0
release-alpha scripts operate correctly when it comes to generating a release or alpha release. (This used to be commit 6f792502d714c4883fe0831068c4ac703e7029ba)
1998-05-08added smb_grpid to smb_passwd structLuke Leighton1-0/+1
(This used to be commit bcafdcda85581cee4b7b5ead4526c30851e461bf)
1998-05-08Se-submitting clitar.c/Richard Sharpe1-5/+3
I now only have one warning in my code which is the result of some code I have started working on but am not yet using in the code, along with a warning that is caused by one of the include files (a nested comment). I used -Wall -Wshadow -Wstrict-prototypes (This used to be commit 7b98fd5b69282320af700833c2d2720c42a382d8)
1998-05-08added extra fields to struct smb_passwdLuke Leighton1-7/+37
the smbpw functions are expected to fill in the blanks by reading the appropriate smb.conf parameters. the ldappw functions are expected to fill in the fields from the ldap database. a separate utility can be written to fill in the ldap database fields from the smb.conf parameters, at a later date. (This used to be commit 0b6394c83ec20afdd8065da6785e057c35f3951f)
1998-05-08smb.h: Supporting defines for NT trans calls.Jeremy Allison1-0/+25
trans2.c: Paranoia bugfixes added when studying nttrans.c. Jeremy. (This used to be commit 94e70edef91c71703a7ebcdaf2b5a2bdce940a69)
1998-05-07moving gethexpwd into util.c, because it's used in both smbpass.c and ldap.cLuke Leighton1-0/+1
(This used to be commit abe261b2f5ea7036e7be6230876176d134ef4ee4)
1998-05-07This should (hopefully :-) be the final fix for the %U %G substitutionJeremy Allison1-1/+1
problem.... smbpass.c: Removed Luke's dire warning - as some of the functions in here *need* to be called externally :-). Jeremy. (This used to be commit 1fd8d12ca414066acec71b33eb8a13e16c2acd3a)
1998-05-07created "passdb.c" which is an interface point to (at present) eitherLuke Leighton1-4/+16
smbpasswd or ldap passwd, at compile-time (-DUSE_LDAP). _none_ of the functions in ldap.c or smbpass.c should be called directly: only those in passdb.c should be used. -DUSE_LDAP is unlikely to compile at the moment. (This used to be commit 57b01ad4ffb14ebd600d4e66602b54ed987f6106)
1998-05-06smbpass.c: Fixed machine_passwd_lock() problems.Jeremy Allison1-5/+5
password.c: Fixed machine_passwd_lock() problems. lib/rpc/server/srv_ldap_helpers.c: Oops - broke proto.h with dummy function. Fixed now. Jeremy. (This used to be commit d28427f21fff49da6b38c24625e3e2dae49a9713)
1998-05-06jean-francois micouleau's well-alpha code for ldap password database stuff!Luke Leighton2-3/+22
he's going to hate me for checking this in so early, but... (This used to be commit ad9ba0a1cbac5c4e6cbcbcadefe8f1df72231f74)
1998-05-06Real fix for clitar.c problems. Have now made all the rightRichard Sharpe1-3/+3
things static, and have done a 'make proto; make clean; make'. Still get 54 compiler warnings under Digital UNIX cc. Honest. :-) (This used to be commit 47eb7e5be2f12206bd2de0670be478d80e1d84de)
1998-05-06Fixes for the %U and %G problems people have reported.Jeremy Allison2-3/+4
Essentially, multiple session_setup_and_X's may be done to an smbd. As there is only one global variable containing the requested connection name (sessionsetup_user), then any subsequent sessionsetups overwrite this name (causing %U and %G to get the wrong name). This is particularly common when an NT client does a null session setup to get a browse list after the user has connected, but before a share has been mounted. These changes store the requested_name in the vuid structure (so this only really works for user level and above security) and copies this name back into the global variable before the standard_sub call. Jeremy. (This used to be commit b5187ad6a3b3af9fbbeee8bced0ab16b41e9825b)
1998-05-05genrand.c: SGI compile warning fix.Jeremy Allison1-2/+2
ipc.c: Fix for duplicate printer names being long. loadparm.c: Set bNetWkstaUserLogon to false by default - new code in password.c protects us. nmbd_logonnames.c: nmbd_namequery.c: nmbd_namerelease.c: Debug messages fix. password.c: SGI compile warning fix, fix for tcon() with bNetWkstaUserLogon call. reply.c: SGI compile warning fix. server.c Debug messages fix. smbpass.c: Fix for incorrect pointer. Jeremy. (This used to be commit 567d3f838988cafab4770fce1cf68b73085e6c71)
1998-04-30Added patch from Bruce Tenison <btenison@dibbs.net> to allow encryptedJeremy Allison1-2/+4
passwords to be stored over time, allowing a smbpasswd file migration. Adds new parameter "update encrypted". Will also add to 1.9.18 branch. Docs update to follow. Jeremy. (This used to be commit 5d3e874d780d595415cc27a7f5945fc2e694c3ac)
1998-04-29Makefile: Added files to smbpasswd.c.Jeremy Allison1-0/+1
loadparm.c: Patch from tim@quiknet.com for static string problems. server.c: Setup global_myname. smbpass.c: Fix up locking. Add machine_password_delete() call. smbpasswd.c: Added provisional code to add to a domain. lib/rpc/client/cli_login.c: Fixed incorrect cred_hash3 call when setting machine password. lib/rpc/server/srv_netlog.c: Fixed incorrect cred_hash3 call when setting machine password. Jeremy. (This used to be commit 6a7164233e3bf9d6bb57c44a53204068e454ae5c)
1998-04-29clientgen.c: Fixed null session setup bug.Jeremy Allison2-1/+2
password.c: Stopped cli_nt_logout call (we don't have it correct yet). Added Luke object-orientation fix :-). smb.h: Added clnt_name_slash to cli_state. lib/rpc/client/cli_login.c: Changed global_myname to clnt_name_slash where needed. lib/rpc/client/cli_netlogon.c: Fixed debug messages, don't check creds on error. lib/rpc/client/cli_pipe.c: Fixed debug messages, Added Luke object-orientation fix. lib/rpc/parse/parse_misc.c: Fixed STRING2 linearization bug that was adding 1. Jeremy. (This used to be commit c6c22df20196cb7f0ae84b1a1dd202a87adb8d4e)
1998-04-29This is the checkin that adds the security=domain functionality.Jeremy Allison3-10/+47
WARNING - so far this has only been tested against a Samba PDC (still waiting for IS to add me the machine accounts :-). Still missing is the code in smbpasswd that will add a machine account password and change it on the domain controller, but this is not hard, and I will check it in soon. Jeremy. (This used to be commit 17b94a7084621b3f0106dd4d3386f05cdfc56d19)
1998-04-25This looks like a big change but really isn't.Jeremy Allison2-52/+63
It is changing the global variables "myname" and "myworkgroup" to "global_myname" and "global_myworkgroup" respectively. This is to make it very explicit when we are messing with a global (don't ask - it makes the domain client code much clearer :-). Jeremy. (This used to be commit 866406bfe399cf757c8275093dacd5ce4843afa0)
1998-04-24ABOUT time. dce/rpc long packet format now works, server-side.Luke Leighton1-0/+2
turns out that [it can be deduced that] microsoft ignores the SMBreadX offset, and goes by the SMBreadX length only. this makes for a lot simpler code, in both client and server. (This used to be commit a8b641c027c8cce179455ac1f6fd0322a8ab017d)
1998-04-23Makefile: Added nterr.c into the mix.Jeremy Allison2-1/+6
clientgen.c: Added nt_error as an entry in the struct client_state. password.c: Open the netlogon pipe. smb.h: Added nt_error as an entry in the struct client_state. lib/rpc/parse/parse_net.c: Added comments on net logon. lib/rpc/server/srv_netlog.c: Added comments on net logon. Jeremy. (This used to be commit 899a9f0dce50c73e03c8da2ebe920957491c8ad7)
1998-04-23clientgen.c: Added rap error codes to cli_error, moved from smbpasswd.cJeremy Allison1-2/+3
password.c: Changed global cli -> pw_cli, removed strtok (bad strtok, bad :-) use in security=server, started to extend security=domain code. smbpasswd.c: Removed rap error code functions. Jeremy. (This used to be commit 0f00b8fce1a5cad7f8c212568fa33f09986e5bd6)
1998-04-23genrand.c: Changed SMB_PASSWD_FILE to lp_smb_passwd_file().Jeremy Allison1-2/+8
password.c: Started the initial code for domain_client_validate(). All bracketed with #ifdef DOMAIN_CLIENT for now. reply.c: Call to domain_client_validate(). All bracketed with #ifdef DOMAIN_CLIENT for now. smbpass.c: New code to get/set machine passwords. Tidied up nesting of lock calls. Jeremy. (This used to be commit 89fe059a6816f32d2cc5c4c04c4089b60590e7e6)
1998-04-22genrand.c: Improved generation of random values, more secure.Jeremy Allison1-0/+4
loadparm.c: Started add of 'security=domain' code. password.c: Fix for security=server NT bugs. reply.c: Started add of 'security=domain' code. server.c: Started add of 'security=domain' code. smb.h: Started add of 'security=domain' code. Jeremy. (This used to be commit e6bda112ebe0d41f54c4249b5c2e1f24011347e1)
1998-04-21put server-side long dce/rpc code in main branch.Luke Leighton1-44/+46
(This used to be commit 2e1a08b28c1c0c9ea988a09067cd149926f25c69)
1998-04-21clientgen.c: Added cli_ulogoff() call.Jeremy Allison1-0/+1
password.c: Added call to cli_ulogoff on successfull sessionsetup. Jeremy. (This used to be commit 77882f002b2a8203aad419e485fc885303d999a0)