| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
(This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
|
|
(This used to be commit 3bfb828cf70489165b46281bf03ea7074d3ba07d)
|
|
code.
In particular this assists tpot in some of his work, becouse it provides the
connection between the authenticaion and the vuid generation.
Major Changes:
- Fully malloc'ed structures.
- Massive rework of the code so that all structures are made and destroyed
using malloc and free, rather than hanging around on the stack.
- SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them
to be declared 'invalid' without the chance that people might get ROOT by
default.
- kill off some of the "DOMAIN\user" lookups. These can be readded at a more
appropriate place (probably domain_client_validate.c) in the future. They
don't belong in session setups.
- Massive introduction of DATA_BLOB structures, particularly for passwords.
- Use NTLMSSP flags to tell the backend what its getting, rather than magic
lenghths.
- Fix winbind back up again, but tpot is redoing this soon anyway.
- Abstract much of the work in srv_netlog_nt back into auth helper functions.
This is a LARGE change, and any assistance is testing it is appriciated.
Domain logons are still broken (as far as I can tell) but other functionality
seems
intact.
Needs testing with a wide variety of MS clients.
Andrew Bartlett
(This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c)
|
|
To obtain the full group membership of a user (i.e nested groups on a
win2k native mode server) it is necessary to merge this list of groups
with the groups returned by winbindd when creating an nt access token.
This breaks winbindd linking while AB and I sync up our changes to the
authentication subsystem.
(This used to be commit 4eeb7bcd783d7cfb3ac232f1faa035773007401d)
|
|
more.
(Previously it set them to 'XXXX' or similar when only the flags were being
changed - a bug I must have introduced when I reworked the passdb end of things
a few weeks back.)
Adds a new local flag: LOCAL_SET_PASSWORD to specify that the password is
actually to be changed.
Andrew Bartlett
(This used to be commit cea6b6cb228c7e1f0c2d45951590e0d8fb8b315c)
|
|
In particular this commit focuses on:
The guts of the moving about inside passdb.
While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.
----
These changes allow for the introduction of a large dose of 'const' to
the Samba tree.
There are a number of good reasons to do this:
- I want to allow the SAM_ACCOUNT structure to move from wasteful
pstrings and fstrings to allocated strings. We can't do that if
people are modifying these outputs, as they may well make
assumptions about getting pstrings and fstrings
- I want --with-pam_smbpass to compile with a slightly sane
volume of warnings, currently its pretty bad, even in 2.2
where is compiles at all.
- Tridge assures me that he no longer opposes 'const religion'
based on the ability to #define const the problem away.
- Changed Get_Pwnam(x,y) into two variants (so that the const
parameter can work correctly): - Get_Pwnam(const x) and
Get_Pwnam_Modify(x).
- Reworked smbd/chgpasswd.c to work with these mods, passing
around a 'struct passwd' rather than the modified username
passdb/
- Kill off disp_info stuff, it isn't used any more - Kill off
support for writing to the old smbpasswd format, it isn't relevent
to Samba 3.0
- Move around and modify the pdb_...() helper functions, adding
one that sets the last changed time to 'now' and that sets the
must change time appropriately.
- Remove the ugly forced update of the LCT- value in
pdb_smbpasswd. - Remove the implicit modification of the ACB
flags when both NT and LM passwords are set.
- Removed substation in pdb_getsampwnam output, as a single
password change will render them inoperable in any case (they
will be substituted and stored)
- Added a default RID to the init_sam_from_pw() function, based on
our rid algorithm.
- Added checks that an smbpasswd stored user has a uid-based RID.
- Fail to store tdb based users without a RID
lib/
- Change the substituion code to use global_myname if there is
no connection (and therefore no called name) at the present time.
(This used to be commit 8f607810eb24ed1157bbd2e896c2c167bc34d986)
|
|
(This used to be commit df34e11d84a6fe89dc6654eb10de0a49383e1dea)
|
|
NTLMSSP in cli_establish_connection()
What we really need to do is kill off the pwd_cache code. It is horrible,
and assumes the challenge comes in the negprot reply.
(This used to be commit 3f919b4360b3bfcc133f7d88bc5177e9d93f2db2)
|
|
- accept a wide range of principal names in session setup
(This used to be commit 672df66296f540b606aa43effab5f021b8978e4b)
|
|
(This used to be commit b16a15a13ed7d267c6366abaeeb3ccafa5776f5e)
|
|
in a tdb.
Jeremy.
(This used to be commit 058ae6b58f61ef46013dd076af3a84de5fbaaab1)
|
|
caused problems but is tidier).
Fix debug statement in locking.c
Jeremy.
(This used to be commit eac6bbd24ebf00b35e50953bc11186111dc39059)
|
|
Jeremy
(This used to be commit dac22352cf051f301edf066cac8db81d24c7c459)
|
|
(This used to be commit 3545de4773438f859e64b3578c2bbf706257eced)
|
|
(This used to be commit 7c38daa54ac9a7c3cc36dbbf82d0a9f8c04ca0b9)
|
|
Jeremy.
(This used to be commit 7c1688fd67c1bda1477aaf870371c825280db870)
|
|
it should give something for others to hack on and possibly find what
I'm doing wrong.
(This used to be commit 353c290f059347265b9be2aa1010c2956da06485)
|
|
loses things like username mapping. I wanted to get this in then
discuss it a bit to see how we want to split up the existing
session setup code
(This used to be commit b74fda69bf23207c26d8b2af23910d8f2eb89875)
|
|
To speed up operations with the lpq command, it's now run in a separate
asynchronous process.
Opening the Printers folder on NT is now fast ;-) I think even faster than
with a ** server
Jeremy, you should look at that patch to include it in 2.2.3
J.F.
(This used to be commit 8ef9dff3074e7979579ce66a204e8ec7bf62a587)
|
|
(This used to be commit 6c61c50d4f9c94e38b5dbb43e013ce549c133500)
|
|
and also completes the switch to lang_tdb.c. SWAT should now work
with a po file in the lib/ directory
also removed useless SYSLOG defines in many files
(This used to be commit 5296b20ad85d7519c870768455cb4d8df048c55a)
|
|
(This used to be commit 3baa90470bfd2c409dd116bbe36d4867ee6fa372)
|
|
rpcclient code. Refactored cmd_* functions to move common mem_ctx and pipe
opening stuff up one level. Moved rpcclient.h into rpcclient directory and
out of includes/smb.h
(This used to be commit a40facba9651f9fb1dcc9e143f92ca298a324312)
|
|
(This used to be commit 7092beef9d7a68018ede569883b22c822300c7ff)
|
|
enabled it by default if the server supports it. Let me know if this breaks anything. Choose kerberos with the -k flag to smbclient, otherwise it will use SPNEGO/NTLMSSP/NTLM
(This used to be commit 076aa97bee54d182288d9e93ae160ae22a5f7757)
|
|
packet which means I can extract the service and realm, so we should
now work with realms other than the local realm.
it also means we now check the list of OIDs given by the server just
in case it says that it doesn't support kerberos. In that case we
should fall back to NTLMSSP but that isn't written yet.
(This used to be commit 395cfeea94febb5280ea57027e8a8a3c7c3f9291)
|
|
of gettext for internationalisation support. There is more to do
(This used to be commit ab7f67677a1ade4669e5c2750d0a38422ea616a9)
|
|
written MIT kerberos5 header files :(
(This used to be commit 13d168f13f07ad36407d5c7eebe078d956fbc22e)
|
|
activate you need to:
- install krb5 libraries
- run configure
- build smbclient
- run kinit to get a TGT
- run smbclient with the -k option to choose kerberos auth
(This used to be commit d33057585644e1337bac743e25ed7653bfb39eef)
|
|
(This used to be commit e7b84aee0832c9fa6509e55eba914c1515620e8a)
|
|
(This used to be commit f597cf047cd0b88ba11cbe0cfbb883bd7ba262a7)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
(This used to be commit f9eb370806002eea0658f072988d96fca71bf18f)
|
|
(This used to be commit 9efa93556e3ed444b075a06d2706111b89a0e099)
|
|
- move the arbitrary 21 day timeout to local.h
(This used to be commit 11075f543470c3283accce0246d0b2983420695a)
|
|
(This used to be commit 663c1c91bdd020e2e8266d25909db12b28fbb7d8)
|
|
(This used to be commit 05910483351e9ef6375e4c49403ebe21b56315a9)
|
|
Jeremy.
(This used to be commit 4c5158d1e5620ccc3f2812a3fbedcb60a67caecc)
|
|
Jeremy.
(This used to be commit 611bf806d569b70edabbc04a2f5408142370a550)
|
|
ran out of primes and used a power of two hash modulus. It ended up
sticking all the entries in just a few buckets. Yuck!
(This used to be commit fdc9952391027e209fbd24f7794b1c2b551b1f9f)
|
|
server. This is just a framework right now - I want this to eventually
replace the win32 test code from monyo
The interesting this about this test is that it shows up a really
horrible performance bug in our stat cache code. I'll see if I can fix
it.
(This used to be commit eb668b54af4925194c07b217724657f406ec00d0)
|
|
TO enable configure with --with-i18n-swat
to support this gettext is integrated
and a new directories name "po" and "intl" are created.
now these languages are supported:
en - English (default)
ja - Japanese
po - Polish
tr - Turkish
To add your language,
to create ${your_language}.po by translating source/po/en.po
into your language is needed.
some of html and image files of various language version are not
included yet, though message catalogue files are installed.
you need to copy files manually under
${swatdir}/lang/$ln/{help,images,included,using_samba}
And also added a option to intall manual pages:
of various lang version
To enable configure with --with-manlangs
but manual pages themself are not included yet.
(This used to be commit 486b79a6fc4ba20a751aab544bd0f7ccff2b3d19)
|
|
(and thus smbd) every time
(This used to be commit e78d0a3615d74cdd023d2d623abc27ac59356ae0)
|
|
Andrew Bartlett
(This used to be commit d1bc778301b31d77fdc3837ec3cff24ce37adcd7)
|
|
*HARD*, dammit !
Jeremy.
(This used to be commit 59a4684201fb72989698db5ac8169bd8880bd9a7)
|
|
(This used to be commit 26e523bf6e36d1aa355bbaa7d9b1d5c65c1b5e6b)
|
|
DEBUG(). Also included are details like build date/time, location and
compiler.
This should get most of the options we set, except those that don't affect
smbd, like WITH_PAM_SMBPASSWD or WITH_WINBINDD.
This work due to Vance Lankhaar <vlankhaar@hotmail.com>
Some work needs to be done to make it only rebuild when needed (ie smbd being
rebuilt) but its in pretty good shape already.
Also fix up some printf() -> d_printf().
Andrew Bartlett
(This used to be commit beff1d2beaf4337dba6bfc372c5e09a43cfd791a)
|
|
sizeof(struct locking_data)
was not forced to be 8 byte aligned. Use union to force it to be correctly aligned
for memcpy and use void *, to tell compiler not to optimize aligned copy (this last fix
suggested by Trond @ RedHat). The first fix should be sufficient, but this provides a
"belt and braces" fix.
Jeremy.
(This used to be commit 22c5915bb466529ac1bcb5c2574888b360a9775b)
|
|
Linux.
Jeremy.
(This used to be commit b4b891279b6292237113456f1bb0d4393f1f9af1)
|
|
(This used to be commit b7edd55885791f9aded11a0b0a131e02a819f374)
|
