summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2003-03-11Remove valgrind_strlen function, hopefully no longer needed withMartin Pool1-4/+0
recent Valgrind relases and clashing with -DVALGRIND. (This used to be commit 98479f1315cf8968152e1566966ac57e171008c3)
2003-03-11If using --enable-developer and valgrind.h is present, define VALGRIND.Martin Pool1-0/+8
(This used to be commit 71c8e90117f00f168416f2f35a1c25755e2d0ed4)
2003-03-10Further work on NTLMSSP-based SMB signing. Current status is that I cannnotAndrew Bartlett1-0/+23
get Win2k to send a valid signiture in it's session setup reply - which it will give to win2k clients. So, I need to look at becoming 'more like MS', but for now I'll get this code into the tree. It's actually based on the TNG cli_pipe_ntlmssp.c, as it was slightly easier to understand than our own (but only the utility functions remain in any way intact...). This includes the mysical 'NTLM2' code - I have no idea if it actually works. (I couldn't get TNG to use it for its pipes either). Andrew Bartlett (This used to be commit a034a5e381ba5612be21e2ba640d11f82cd945da)
2003-03-10Include valgrind.h if present on the system.Martin Pool1-0/+5
(This used to be commit 65ba78c6bd4c5ab7ec9bf4d15e4410482e82588d)
2003-03-09Change the way we sign SMB packets, to a function pointer interface.Andrew Bartlett1-6/+7
The intention is to allow for NTLMSSP and kerberos signing of packets, but for now it's just what I call 'simple' signing. (aka SMB signing per the SNIA spec) Andrew Bartlett (This used to be commit b9cf95c3dc04a45de71fb16e85c1bfbae50e6d8f)
2003-03-08more on idmapSimo Sorce1-9/+15
two layers structure with - local tdb cache - remote idmap repository compiles (This used to be commit 8fb4e210bc7564ed491d121c20d598ba0bfbddff)
2003-03-08some more codeSimo Sorce2-0/+2
(not tested yet) (This used to be commit 0d6cec90c13731827abcbc61974efc993e794003)
2003-03-07initial work for the new idmpa interfaceSimo Sorce1-0/+49
(This used to be commit 8338e74ac4e5f31150c96f459a67e52090dc6013)
2003-03-07Some progress towards gums and tdbsam2Simo Sorce3-51/+64
genparser works fine, and it is a marvelous tool to store objects in tdb :) (This used to be commit 4c6d461a8572f03cd33cba95500cc837638b732c)
2003-03-06add #define for the max device name length in a DEVICEMODEGerald Carter1-0/+2
(This used to be commit 21ec2b6ba3ddba6964f6ddb53f8494e4a8b48a83)
2003-03-05Use new configure test to turn on this automated test for correct stringAndrew Bartlett1-1/+1
function usage. Andrew Bartlett (This used to be commit cdc6139a9646b267a9921fc11fa532640a2e4c7f)
2003-03-01the new DEVELOPER checks for string overflows have (as expected)Andrew Tridgell1-0/+9
broken a lot of stuff. These two macros are meant to make life easier when fixing these bugs. I'm guessing we will see more macros like this (eg. fstrcpy_base) (This used to be commit 50389c0cb2504d7941ec691af21d6a20ae5c5de7)
2003-02-28*Excellent* patch from Michael Steffens <michael_steffens@hp.com> to limitJeremy Allison1-0/+2
the unix domain sockets used by winbindd (also solves FD_SETSIZE problem in winbindd to boot !). Adds a "last_access" field to winbindd connections, and will close the oldest idle connection once the number of open connections goes over WINBINDD_MAX_SIMULTANEOUS_CLIENTS (defined in local.h as 200 currently). Jeremy. (This used to be commit a82caefda49396641e8650db8a7ef51752ba6c41)
2003-02-27additional fix for CR 601Gerald Carter1-1/+1
* distinguish WinXP from Win2k * add a 1/3 of a second delay in OpenPrinter in order to trigger a LAN/WAN optimization in 2k clients. (This used to be commit 96570699d1b715f47c35aa211da6ec18f6fc4109)
2003-02-27Fix to allow blocking lock notification to be done rapidly (no waitJeremy Allison2-1/+2
for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb (does not interfere with existing locks). Jeremy. (This used to be commit 22fc0d48ff2052b4274c65f85050c58b235bf4e4)
2003-02-25Progress on CR 601Gerald Carter1-0/+45
cache the printer_info_2 with the open printer handle. cache is invalidated on a mod_a_printer() call **on that smbd**. Yes, this means that the window for admins to step on each other from different clients just got larger, but since handles a generally short lived this is probably ok. (This used to be commit 33c7b7522504fb15989f32add8e9a087c8d9d0fa)
2003-02-24Clean up non-krb5 breakages from my modifications to luke howard's patch.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit 32fd0c49009e38022523cc5c14567dd55de08206)
2003-02-24Patch from Luke Howard to add mutual kerberos authentication, and SMB sessionAndrew Bartlett2-0/+12
keys for kerberos authentication. Andrew Bartlett (This used to be commit 8b798f03dbbdd670ff9af4eb46f7b0845c611e0f)
2003-02-23forgot the altered include fileSimo Sorce1-4/+4
(This used to be commit f3be08472b8b34d8921ff23c52dd2ba030c96f25)
2003-02-22More signed/unsigned fixes (yes, I run with funny compiler options) andAndrew Bartlett1-2/+2
make x_fwrite() match fwrite() in returning a size_t. Andrew Bartlett (This used to be commit 2943c695787b742e9a96b2eefe2d75f681bacf7c)
2003-02-20Make init_module() and thus smb_load_module() return an int.Jelmer Vernooij1-1/+1
modules/developer.c: init_module() should return an int (This used to be commit 7f59703550378ff2333e3c851bf1a77037510abd)
2003-02-19Correct way to keep fucntion from proto.hJim McDonough1-1/+1
(This used to be commit 762b072efb0d6801775a874494cb19ea3d61fa97)
2003-02-19Improve detection of iconv(3) for various platforms. M4 code is similar to ↵Alexander Bokovoy1-0/+5
what I use in Midgard for past few years, modified for Samba needs. (This used to be commit 747d2d70a9eb4d9222d7b63e5fcec269eda76672)
2003-02-19Move to a in-memory ccache for winbind, and replace setenv() properly.Andrew Bartlett1-0/+4
(According to the manpages, you cannot put a stack variable into putenv()). Yes, this leaks memory. Andrew Bartlett (This used to be commit 50bced1e26434ecc7474964062746e2831e5f433)
2003-02-19Get non-krb systems to compile. How the heck do I keep something from being ↵Jim McDonough1-1/+1
sucked into proto.h? (This used to be commit 7e84497882df5bf933ab7ae7fe9af3728393202c)
2003-02-19Try to get heimdal working with HEAD.Jim McDonough1-2/+3
- Provide generic functions for - get valid encryption types - free encryption types - Add encryption type parm to generic function create_kerberos_key_from_string() - Try to merge the two versions (between HEAD and SAMBA_3_0) of kerberos_verify.c I think this should work for both MIT and heimdal, in HEAD. If all goes smooth, I'll move it over to 3.0 soon... (This used to be commit 45e409fc8da9f26cf888e13d004392660d7c55d4)
2003-02-16Add the 'session key' output of the NTLMSSP exchange to the cli struct, soAndrew Bartlett1-0/+4
it can be used for 'net rpc join'. Also fix a bug in our server-side NTLMSSP code - a client without any domain trust links to us may calculate the NTLMv2 response with "" as the domain. Andrew Bartlett (This used to be commit ddaa42423bc952e59b95362f5f5aa7cca10d1ad4)
2003-02-15* set PRINTER_ATTRIBUTE_RAW_ONLY; CR 1736Gerald Carter1-0/+4
* never save a pointer to an automatic variable (they go away) implement a deep copy for SPOOLSS_NOTIFY_MSG to correct messages being sent that have junk for strings; fix in response to changes for CR 1504 (This used to be commit 043b9dff22e909fc290c34d879cad8b4c980fc13)
2003-02-15Move our NTLMSSP client code into ntlmssp.c. The intention is to provide aAndrew Bartlett1-0/+19
relitivly useful external lib from this code, and to remove the dupicate NTLMSSP code elsewhere in samba (RPC pipes, LDAP client). The code I've replaced this with in cliconnect.c is relitivly ugly, and I hope to replace it with a more general SPENGO layer at some later date. Andrew Bartlett (This used to be commit b2b66909ac2e251f8189e0696b6075dbf748521a)
2003-02-15Remove obsolete file lib/netatalk.c - We have a VFS module nowJelmer Vernooij1-3/+0
(This used to be commit 28653989cfe5d705b99a4888c0c3fb79d1f89162)
2003-02-15Antti Andreimann <Antti.Andreimann@mail.ee> has done some changes to enableAndrew Bartlett1-0/+3
users w/o full administrative access on computer accounts to join a computer into AD domain. The patch and detailed changelog is available at: http://www.itcollege.ee/~aandreim/samba This is a list of changes in general: 1. When creating machine account do not fail if SD cannot be changed. setting SD is not mandatory and join will work perfectly without it. 2. Implement KPASSWD CHANGEPW protocol for changing trust password so machine account does not need to have reset password right for itself. 3. Command line utilities no longer interfere with user's existing kerberos ticket cache. 4. Command line utilities can do kerberos authentication even if username is specified (-U). Initial TGT will be requested in this case. I've modified the patch to share the kinit code, rather than copying it, and updated it to current CVS. The other change included in the original patch (local realms) has been left out for now. Andrew Bartlett (This used to be commit ce52f1c2ed4d3ddafe8ae6258c90b90fa434fe43)
2003-02-14Oops, forgot the header file changes.Andrew Bartlett1-0/+1
(This used to be commit 5492fc1144abac74959b7e0938ce1bb387fa7429)
2003-02-13A few typo fixes Andrew eventually let off to me.Rafal Szczesniak1-3/+3
Rafal (This used to be commit 16a66cf17a544a214b7c5b483c81c7568a18a779)
2003-02-10added the 'lsaenumacctwithright' command to rpcclient. This allows youAndrew Tridgell2-1/+33
to lookup what SIDs have a particular privilege (that is how privileges are stored). (This used to be commit 3ddb5fb0dd33992b7db54a661752551a3fefc0b4)
2003-02-10Some cleanups:Andrew Bartlett1-0/+2
- Don't use pstrcpy into an allocated string - use safe_strcpy() directly instead. - Keep a copy of the 'server_info' attached to the vuid. In future use this for things like the session key, homedir and full name instead of current copies. - Try to avoid memory leak/segfault on Realloc failure - clear up #endif comments Andrew Bartlett (This used to be commit 162477bb086827950b6cb71afa9bef62c2753c2e)
2003-02-09(only for HEAD at the moment).Andrew Bartlett1-1/+1
Add NTLMv2 support to our client, used when so configured ('client use NTLMv2 = yes') and only when 'client use spengo = no'. (A new option to allow the client and server ends to chose spnego seperatly). NTLMv2 signing doesn't yet work, and NTLMv2 is not done for NTLMSSP yet. Also some parinoia checks in our input parsing. Andrew Bartlett (This used to be commit 85e9c060eab59c7692198f14a447ad59f05af437)
2003-02-06ignore config.h.in in cvs as generated by autoheaderAndrew Tridgell1-0/+1
(This used to be commit 830423abd843dd20535755f910bc1e9563a0774f)
2003-02-06Remove configure and config.h.in from CVS.Andrew Bartlett1-1894/+0
configure and config.h.in is now regenerated by the 'autogen.sh' script. However, samba.org will run autoconf and autoheader to keep the anonyomous rsync 'unpacked' areas intact (helping the build farm), and released will ship with the genereated files. Andrew Bartlett (This used to be commit 15bba73dea51a6394294fc627933d026d6002091)
2003-02-06added the LSA privileges server backend stubs. Right now they just logAndrew Tridgell1-2/+0
what was requested. (This used to be commit 64ac6c2bcb729c4658de48e929cc792681903ecc)
2003-02-01We now have client-side SMB signing support!Andrew Bartlett1-0/+1
This checking allows us to connect to Microsoft servers the use SMB signing, within a few restrictions: - I've not get the NTLMSSP stuff going - it appears to work, but if you break the sig - say by writing a zero in it - it still passes... - We don't currently verfiy the server's reply - It works against one of my test servers, but not the other... However, it provides an excellent basis to work from. Enable it with 'client signing' in your smb.conf. Doc to come (tomorrow) and this is not for 3.0, till we get it complete. The CIFS Spec is misleading - the session key (for NTLMv1 at least) is the standard session key, ie MD4(NT#). Thanks to jra for the early work on this. Andrew Bartlett (This used to be commit 1a2738937e3d80b378bd0ed33cd8d395fba2d3c3)
2003-02-01Bitmap offsets and counts are always positive.Andrew Bartlett1-1/+1
(This used to be commit 8f495e8634a1777c4b03d3ec07c76f905ff2fb98)
2003-01-30Sync up with 3.0 heimdal.Jeremy Allison1-0/+8
Jeremy. (This used to be commit 371f4aca9204f3c093af622ec6c9ea7c5145bf85)
2003-01-30Fix kerberos compile after the tpot massicre :-).Jeremy Allison1-1006/+1115
Jeremy (This used to be commit d63849db6d02b1a9430072e6e15a67e1c526e5e7)
2003-01-30Fix for interesting resource constraint condition. When all opens areJeremy Allison1-1/+3
level 2 and a request for open with no oplock is received then the smbd should send *synchronous* break messages, not asynchronous, otherwise it spins very rapidly, releasing the lock, sending the 'break to none' messages and then re-acquiring the lock before any other process has a chance to get the lock and remove it's own oplock (at least on linux). Jeremy. (This used to be commit d1e8991a76a57b7d96dd7db3c1d9bbf5b28da88e)
2003-01-28added LsaRemoveAccountRightsAndrew Tridgell1-3/+20
this now gives us complete remove privileges control in the client libs, so we are in good shape for starting on the server side. (This used to be commit bf99440398db86f46233eb2f5adddffb61280a1b)
2003-01-28cleaned up the lsa_enum_acct_rights function and added aAndrew Tridgell2-8/+23
lsa_add_acct_rights function. This allows us to add privileges remotely to accounts using rpcclient. (This used to be commit 2e5e659e095a94b0716d97f673f993f0af99aabe)
2003-01-28Factor out common code in the NTLMSSP/SPNEGO code.Andrew Bartlett1-0/+4
The idea here is to seperate, as much as possible, the SPNEGO layer from the NTLMSSP layer. This not only helps us with protocol correctness, but also should allow further mechinisms to be added with relitive ease. I indend to make the kerberos code use this shortly. I've never seen the 'zero length blob' form of the anonymous login, so I've removed that case. Andrew Bartlett (This used to be commit a8773c9f825539c5bc17e4200b16d7ebbe0b7620)
2003-01-24Commit just a little more infrastructure for HAVE_GETDIRENTRIESRichard Sharpe1-1/+1
(This used to be commit fdd449fe7b4e858765f485cbbe2cc1b91a4e0c53)
2003-01-24At the prompting, start to add infrastructure to detect the presence ofRichard Sharpe1-0/+3
getdirentries. We would also detect getdents if present. This has some rudimentary support already. (This used to be commit 916c8784d21f566a1fb048301c3e78a9ecc52ea8)
2003-01-21Fixup proto generation to not include krb5 specific symbolsJeremy Allison1-0/+3
if no kerberos selected. Noticed by Metze. Jeremy. (This used to be commit 1684719695acb7168115b032fc1ec672509239ea)