summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2003-12-25This is metze's LDAP rebind sleep patch:Volker Lendecke1-0/+2
When smb.conf tells us to write to a read-only LDAP replica and we are redirected by the LDAP server, the replication might take some seconds, especially over slow links. This patch delays the next read after a rebind for 'ldap rebind sleep' milliseconds. Metze, thanks for your patience. Volker (This used to be commit 7293550e3642e2553684a7011084dabb0b78fd24)
2003-12-22add well known rid for pre win2k compatible access group; bug 897Gerald Carter1-0/+1
(This used to be commit 426a02cf678236f902c143b56eaaf854fca2237f)
2003-12-10Fix UNISTR2 length bug in LsaQueryInfo(3) that cause SID resolution to fail ↵Gerald Carter1-1/+1
on local files on on domain members; bug 875 (This used to be commit a5c5dde1c34ba44f8d9bbb38720a089a6d61806c)
2003-12-04support munged dial for ldapsam; patch from Aurélien Degrémont; bug 800Gerald Carter1-0/+1
(This used to be commit acf9eae7b0c95776358292c3463951477575bcc6)
2003-12-04* fix RemoveSidForeignDomain() ; bug 252Gerald Carter1-7/+7
* don't fall back to unmapped UNIX group for get_local_group_from_sid() * remove an extra become/unbecome_root() pair from group enumeration (This used to be commit c0f34b42a6a4af09ae4b76721bc350784d87f686)
2003-11-22(merge from 3.0)Andrew Bartlett6-42/+73
Changes all over the shop, but all towards: - NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... Andrew Bartlett (This used to be commit 57a895aaabacc0c9147344d097d333793b77c947)
2003-11-20Typo fix.Rafal Szczesniak1-2/+2
(This used to be commit d1394f02cb0e369701217ce6610f4efe54438c3a)
2003-11-15Split smbldap in a core file and a utility fileSimo Sorce2-0/+35
Add module support for configuration loading Add a first implementation of config_ldap module to put samba configuration on ldap It worked on my test machine, please try it out and send bugfixes :-) have fun, Simo. INSTRUCTIONS: Just add something like this to your smb.conf file: config backend = config_ldap:ldap://localhost config_ldap:basedn = dc=samba,dc=org the config tree must follow this scheme: ou=foo, dc=samba, dc=org <- global section |- sambaOptionName=log level, ou=foo, ... <- options |- ... |- sambaShareName=testlc, ou=foo, ... == [testlc] |- sambaOptionName=path, sambaShareName=testlc, ou=foo, ... <- option here is a sample ldif: # foo, samba, org dn: ou=foo, dc=samba, dc=org objectClass: organizationalUnit objectClass: sambaConfig ou: foo description: Test Foo # log level, foo, samba, org dn: sambaOptionName=log level, ou=foo, dc=samba, dc=org objectClass: sambaConfigOption sambaOptionName: log level sambaIntegerOption: 10 description: log level 10 is suitable for good debugging # testlc, foo, samba, org dn: sambaShareName=testlc, ou=foo, dc=samba, dc=org objectClass: sambaShare sambaShareName: testlc description: share to test ldap config module actually works # path, testlc, foo, samba, org dn: sambaOptionName=path, sambaShareName=testlc, ou=foo, dc=samba, dc=org objectClass: sambaConfigOption sambaOptionName: path sambaStringOption: /tmp description: Path for share testlc # read only, testlc, foo, samba, org dn: sambaOptionName=read only, sambaShareName=testlc, ou=foo, dc=samba, dc=org objectClass: sambaConfigOption sambaOptionName: read only sambaBoolOption: TRUE description: Share testlc is read only # guest ok, testlc, foo, samba, org dn: sambaOptionName=guest ok, sambaShareName=testlc, ou=foo, dc=samba, dc=org objectClass: sambaConfigOption sambaOptionName: guest ok sambaBoolOption: TRUE description: Guest users are allowed to connect to testlc share (This used to be commit 207968eafc2c2a185e50e2132702d7bab2142aba)
2003-11-05Merge from 3.0:Tim Potter1-0/+11
Revision 1.16.2.6: Add prototype for smbc_remove_unused_server() to fix compiler warning. Bug #706. (This used to be commit 99f70d86fe17ce39d803fa23a135169e24d8a34e)
2003-11-03removing #include <compat.h> in hopes to avoid problems with apache header ↵Gerald Carter1-4/+0
files; will watch the build farm on this to make sure things don't blow up (This used to be commit b4d80ee74727a72aa8fe070d13e3ca5de71837ca)
2003-10-31Whitespace syncup with 3.0Tim Potter1-7/+7
(This used to be commit 9746ef376d2a52ef6ef6b84421d6b7e988a6ca13)
2003-10-31Formatting syncup with 3.0Tim Potter1-0/+4
(This used to be commit 98881672f5c094181be7988b4d39b451f292e423)
2003-10-31Sync up with 3.0Tim Potter1-3/+3
(This used to be commit 3cd8acb6c362bca82d7268aa283d3f6360b24604)
2003-10-30Last of the GUID->struct uuid changes.Jim McDonough1-7/+0
GUID has been removed. If you are dealing with a flattened version of a [gu]uid, use UUID_FLAT. smb_pack_uuid and smb_unpack_uuid will switch between the two. I'm not sure exactly what the genparse stuff is doing here, so I just switched it to a UUID_FLAT (no functional change), but I suspect this may not be the right way to go. (This used to be commit 001e9d0e814109a26d598001b3c23dfdb04510ff)
2003-10-30Ok, nearing the end of the GUID->struct uuid changes.Jim McDonough1-2/+2
Takes care of secdescs. Had to move the uuid marshall/unmarshalling code to parse_misc, because it's needed outside of parse_rpc.c (for no-auth calls) (This used to be commit 5d2bb079b65ccfec14604d8dcf0ce789d1795b46)
2003-10-30Another round of GUID->struct uuid.Jim McDonough1-1/+1
Takes care of the lsass pipe (This used to be commit 3dca3efa4b427fa3094a8cd392fe5744b5f6f6a8)
2003-10-30First round of merging various UUID structures.Jim McDonough4-19/+21
This eliminates RPC_UUID. It creates the following struct: struct uuid { uint32 time_low; uint16 time_mid; uint16 time_hi_and_version; uint8 clock_seq[2]; uint8 node[6]; }; which replaces RPC_UUID and various random struct uuid definitions and a flat version: #define UUID_FLAT_SIZE 16 typedef struct uuid_flat { uint8 info[UUID_FLAT_SIZE]; } UUID_FLAT; which pretty much looks like GUID (which I will start eliminating). I want us to use the FLAT one only on the wire (perhaps in files, too?), and I want it to be obvious to the coder that it is the FLAT version. This leaves a couple of compiler warnings, where GUID isn't completely replaced by FLAT_UUID yet...I'll get to those soon. (This used to be commit 1532b5d2e3c61df232b16394acedf6eac387588b)
2003-10-29Janitor for tridge.Jeremy Allison1-0/+3
parameterise the listen backlog in smbd and make it larger by default. A backlog of 5 is way too small these days. Jeremy. (This used to be commit 58b8f673945ad114d056dd79f509c93ab42b96d1)
2003-10-24Add initshutdown pipe commands to rpcclient. Second part of fix to bugJim McDonough2-2/+5
#534 (This used to be commit 99f4fa54497ba1c0fc0ba39d51b3ce201a8e6cd2)
2003-10-24New files for support of initshutdown pipe. Win2k doesn't respond properlyJim McDonough1-0/+70
to all requests on the winreg pipe, so we need to handle this new pipe. First part of fix for bug #534 (This used to be commit 532fab74c12d8c55872c2bad2abead2647f919d7)
2003-10-23Apply the changes to libsmbclient that derrell has contributed. Fix someRichard Sharpe1-0/+864
of the problems with this. From: Derrell.Lipman@unwireduniverse.com (This used to be commit 8e3d2708c5e5a9968aeb9a6fe6c828aa8a5b22a9)
2003-10-22Put strcasecmp/strncasecmp on the banned list (except for needed callsJeremy Allison1-0/+14
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. (This used to be commit 5c050a735f86927c7ef2a98b6f3a56abe39e4674)
2003-10-21Merge of mmap blacklist fix from HEAD.Tim Potter1-0/+7
(This used to be commit ff29be16e74361b02b0b7fbd83e393d68ae5b897)
2003-10-20Update structures after ethereal showed some marshalling/unmarshallingJim McDonough1-2/+3
errors. (This used to be commit 9d0f322a851f487cea320e57076213435e5c6481)
2003-10-20Several updates:Jim McDonough1-1/+3
- add support for named pipe and netbios queries in parse code - fix map request structure...unknown byte was alignment - add sample of named pipe over netbios query in rpcclient (comment only) (This used to be commit 71dcdf54e60204d6b499d25d8759ed20fc7a021a)
2003-10-20more 2.2.x compatibility fixes - allow user looksup in the kerb5Gerald Carter1-1/+1
sesssetup to fall back to 'user' instaed of failing is REA.LM\user doesn't exist. also fix include line in smb_acls.h as requested by metze (This used to be commit 5ccf6baad7ffb1f992aaf24b41ef5c83362cf613)
2003-10-17Add epmapper pipeJim McDonough2-1/+4
(This used to be commit 041c17bd665ea5fa771b111d7008036fb3e7b72f)
2003-10-17Add endpoint mapper rpc definitionsJim McDonough1-0/+115
(This used to be commit e604a9c0788a006663e7f939059c4120c1df3648)
2003-10-15created a new target: genparseSimo Sorce1-1/+0
this target will build parse file with genstruct it is the duty of the developer to commit updated files this is made to make build platforms independent of a working perl installation as always been with samba so currently you need to run: make genparse and commit: cvs ci include/tdbsam2_parse_info.h if you change anything in genparse/genstruct code or tdbsam2 code. Simo. (This used to be commit 7e2d5da2dcfad32b733c28535490e98e578bcc3a)
2003-10-14sorry folks, forgot to cvs add/remove before commit.Simo Sorce1-0/+164
(This used to be commit 0ed85e6a2dff0953dbbd5ff4723ef6941ec32850)
2003-10-14Ignore autogenerated tdbsam2_parse_info.hTim Potter1-3/+4
(This used to be commit bb2b8906a05109d5ba8ffff6c250d90d8658d444)
2003-10-13So here it is a non-intrusive patch with my latest work on gums (theSimo Sorce5-109/+256
laternative to the current passdb). Currently it is run through a comatibility module in the passdb layer, with a subset of the functionality it may provide. It is still work in progress, but as someone asked me about it, and as it should make no difference to the normal code, I tought it was a good idea to put it into. It adds a dependency on perl. I know it is not very nice, but I'm sure we will work out a solution for that. As always blame me if I break something, but try to fix yourself, as I am busy-busy-busy :-) Simo. (This used to be commit 7b3c94b5cfc1a9ceb430613353a937345f2eda74)
2003-10-09Merge from 3.0:Tim Potter1-0/+1
>Moving towards better i18n support in SWAT. This commit contains a >bunch of updates to bug 413 from Monyo: > >1) pick up proper strings to call msg strings for example to add > strings in wizard menu in web/swat.c, web/statuspage.c and > param/loadparm.c. > >2) define N_() macro in include/intl.h to pick up some strings > in param/loadparm.c > >3) quote all name and value tag with '"' > For example in swat.c:720 the "Edit Parameter Values" string is > displayd only as "Edit" because value tag is not quoted like: > value=Edit Parameter Values > These tags should be quoted though it sometimes works well > without quotation. > >4) modify the msg strings not to contain HTML tags or other > non-message strings. For example > dprintf(_("test\n")); is modified to dprintf("%s\n", _("test")); (This used to be commit 17efb306aa32d1e5b2546cfb2f3404ad3cf0fb68)
2003-10-06split some security related functions in their own files.Simo Sorce3-3/+26
(no need to include all of smbd files to use some basic sec functions) also minor compile fixes (This used to be commit 66074d3b097d8cf2a231bf08c7f4db62da68189d)
2003-10-01commit sign only patch from Andrew; bug 167; tested using 2k & XP ↵Gerald Carter1-2/+9
clientspreviously joined to the Samba domain (This used to be commit 9d2e585e5e6f9066c6901aa8d8308734f8667296)
2003-09-29Merge from 3.0:Tim Potter2-6/+4
>Fix for #480. Change the interface for init_unistr2 to not take a length >but a flags field. We were assuming that 2*strlen(mb_string) == length of ucs2-le string. >This is not the case. Count it after conversion. >Jeremy. (This used to be commit e2ab9e54cd0ec0002175cf18ff364f4aebaf85a0)
2003-09-24Another round of merges from 3.0:Tim Potter1-81/+59
>Reformat - preparing to fix bug #480 (which will be ugly). >Jeremy. (This used to be commit cd91dd9cd8392d1b9cfcbd8ef42237b813dc89b5)
2003-09-18The "unknown_5" 32 bit field in the user structs is actually 2 16-bitJeremy Allison3-4/+14
fields, bad_password_count and logon_count. Ensure this is stored/fetched in the various SAMs. As it replaces the unknown_5 field this fits exactly into the tdb SAM without any binary problems. It also is added to the LDAP SAM as two extra attributes. It breaks compatibility with the experimental SAMs xml and mysql. The maintainers of these SAMs must fix them so upgrades like this can be done transparently. I will insist on the "experimental" status until this is solved. Jeremy. (This used to be commit 71ecd10181cd35313b79f618c2928c2f45424812)
2003-09-10Remove obsolete files.Jelmer Vernooij1-238/+0
(This used to be commit 3d71340e5c1bf3397e69897bbc8434bbaa503a75)
2003-09-09version.h is autogenerated nowGerald Carter1-8/+0
(This used to be commit 04f8cbbca66024ffdcd2ebc0f4db7849d02ca99b)
2003-09-09removing unused filesGerald Carter1-59/+0
(This used to be commit 1a9145015d4b2ee7e7399099760cda13d619e740)
2003-09-09sync 3.0 into HEAD for the last timeGerald Carter23-216/+464
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
2003-08-02port latest changes from SAMBA_3_0 treeSimo Sorce16-43/+131
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
2003-07-16ading new files from 3.0Gerald Carter3-0/+655
(This used to be commit 99feae7b5b1c229a925367b87c0c0f636d9a2d75)
2003-07-16trying to get HEAD building again. If you want the codeGerald Carter23-329/+509
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
2003-05-29Fix the events API. Patch by metze with some minor modifications.Jelmer Vernooij1-13/+7
(This used to be commit df24c4e839b3de0dc23400463d7489a991f61f49)
2003-05-28Merge of NTLMSSP name type fix from 3.0Tim Potter1-2/+2
(This used to be commit 587bd1b83d13ab83aca28bd543755c5862ed8e75)
2003-05-27Sync up sid types enum.Tim Potter1-1/+2
(This used to be commit 2ff89e1ee830ee2496861396ff69a232b0605b2f)
2003-05-27Merge: add DFS error constant.Tim Potter1-0/+1
(This used to be commit c9dfc35e95719af8b7c9511668d0d4053b73f9a0)
2003-05-27Whitespace syncup.Tim Potter1-1/+0
(This used to be commit 39e1b6338f14a8403b6d612000d6976be9630bac)