summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2003-04-09Complete what I've seen (and then some)t of the PAC.Jim McDonough1-5/+17
I haven't seen the rid+attr arrays for group membership, nor sids or the same kind of arrays for resource domains, so I don't know how that will work. Also, the PAC info type 10 is now decoded, but I don't know what it's for. It has an NTTIME, a 16-bit name length, and a username. According to M$, it's not needed, because they didn't doc it... (This used to be commit 28ab8504cf6c181866106e5cc626a5896283d0a9)
2003-04-09This is the netlogon schannel client code. Try aVolker Lendecke2-0/+8
rpcclient -S pdc -U% -c "samlogon user password" and it should work with the schannel. Needs testing platforms different from NT4SP6. Volker (This used to be commit ecd0ee4d248e750168597ccf79c389513bb0f740)
2003-04-09no needed anymoreGerald Carter1-48/+0
(This used to be commit 8fd9450c8363021e23256903578fabbf77083978)
2003-04-09A little clarification in the rpc auth header struct.Volker Lendecke1-4/+3
Volker (This used to be commit 9fc3e4bf9fa7845b5d4a7eb4cacfec586045ebd0)
2003-04-08Added some preprocessor tricks to stop TRUE and FALSE from continuallyTim Potter1-1/+14
creeping back in to the source. Use True and False instead. (This used to be commit 5a5a7ce7479a56ca2d472658511a47c9147c0d5b)
2003-04-07Some comment updates, notably that I haven't seen the group membership arraysJim McDonough1-0/+9
yet (the ones that are rid-only). (This used to be commit 0a5b5d00db42de868c72ec3d9d1d747c9ef391e4)
2003-04-07Decode the PAC! This patch just decodes it and then frees it, so it's justJim McDonough2-1/+134
for doc purposes right now (you can see it in the debug logs). (This used to be commit 046c2087a11b9ce7a02aece34ffb129ce0d66b08)
2003-04-07Remove duplicate "tallocdump" message from tdb messaging system. TheTim Potter1-4/+0
same functionality exists as "pool-usage". Move initialisation of this and dmalloc messages inside message_init(). (This used to be commit af6ecafcbbf65dbedc49b3a86da39ce608bdadac)
2003-04-06fix commitSimo Sorce1-1/+1
(This used to be commit ad1a2ab0d6330a0b0fbce7b30ec5f6f502133921)
2003-04-06SMB signing updates - this gets NTLMSSP signing workin to the point where IAndrew Bartlett1-3/+4
just need to get the verifiction code working - we get back a signiture from the server, and just can't verify it yet. This also brings the short-packet checks into common code, and breaks the connection if the server sends a signed reply, on an established connection, that fails the test. This breaks our read/write code at the moment, as we need to keep a list of outstanding packets. (signing is not enabled by default, unless the server demands it) Not for 3.0 till I fix the outstanding packet list. Andrew Barlett (This used to be commit 808d1fcf20153970d587cb631a08607beb09703a)
2003-04-06This commit make winbindd copy winbindd_idmap.tdb into idmap.tdb on theSimo Sorce1-1/+1
first run if idmap.tdb is not found, and then eventually convert it to the new format. This is done to unify winbind and idmap databases and to make a backup of winbindd_idmap.tdb in case you want to downgrade (of course it will not be updated). This is needed because idmap.tdb contains also local mappings, not only foreign domains mappings. Added some other fixes/improvements Simo. (This used to be commit cf17261519fd8775500f9b9d6caa2bc462e04633)
2003-04-04This is a merge of the NETLOGON schannel server code from SambaVolker Lendecke2-2/+44
TNG. Actually, it exists in the main Samba cvs tree in APPLIANCE_TNG as I found out later :-) It adds a new parameter: server schannel = yes/auto/no defaulting to auto. What does this mean to the user: No requireSignOrSeal registry patch for XP anymore. Many thanks for this code to Luke Leighton, Elrond and anybody else I forgot to mention. My next thing will be to see if this applies cleanly to 3_0. Please test and comment! Volker (This used to be commit e1f953241eb020f19fe657f29afdae28dcf5a03b)
2003-04-03The ldap idmap backend from Anthony Liguori (aliguori@us.ibm.com):Jim McDonough2-0/+63
This patch moves the ldap routines out of passdb into a generic library and implements an LDAP backend for IDMAP. THe backend can be enabled with "idmap backend = ldap" in smb.conf. THere are also schema changes to make sure to update teh ldap schema files. (This used to be commit 87c7c582c60521da3a93d997386fe79935012aea)
2003-04-02Commit some more fixes for Coolo ...Richard Sharpe1-6/+4
(This used to be commit e1a159c55fdeaa1620a3147105be4efd205560ba)
2003-04-02Add const (from a patch by Stephan Kulow <coolo@kde.org>)Jelmer Vernooij1-4/+5
(This used to be commit 8b5ad24231e5001e612c5fd4bbde2762caef5856)
2003-04-02THE Idmap patch :-)Simo Sorce2-1/+3
includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. (This used to be commit 02781320476ed1b7ee5d943fa36f9a66ab67f208)
2003-03-31Cleanup of winbind client side code.Tim Potter1-1/+1
Mostly this consists of untangling the existing code and moving it in to operating system specific files. The winbind client code for all supported operating systems is now in nsswitch/winbind_nss_OSNAME.[ch] to make things a bit clearer. (This used to be commit 93ea047a16a292b23a1d8736ce9bc4098ba142ba)
2003-03-28don't include proto.h during autoconf tests since it doesn't exist yet; ↵Gerald Carter1-0/+2
fixed getsmbpass replacement test (This used to be commit ff43a292b9f8e0a39d19cb099913efd899de84fa)
2003-03-28it is possible for some of the real time signals to be used by glibc,Andrew Tridgell1-0/+4
which then changes SIGRTMIN. It is also possible for bash to leave some real time signals blocked at startup. This fixes both problems. (This used to be commit 8d45bf644aecb6993c2a82b86a4527b33029ed8f)
2003-03-27Use the new modules system in VFS. If a module can't be loaded with theJelmer Vernooij1-2/+2
new modules system, we still fall back to the old system. (This used to be commit cebe8d8b424f10006f2f791a8f086c6c8a7f5d57)
2003-03-27The definition of pstrcpy_base(), and the preceeding comments, were givenChristopher R. Hertel1-9/+3
twice (probably a cut/paste error). The definition of pstrcpy_base(), and the preceeding comments, were given twice (probably a cut/paste error). (This used to be commit 5306f6f7c88234d51c4ff13d5451d3489de6b00e)
2003-03-26Use execinfo.h to get prototypes for backtrace_symbols (fixesJelmer Vernooij1-0/+4
some warnings) (This used to be commit d453b656e56a9b836b76f1cdce8de65d7bc4eb6c)
2003-03-26Output backtrace to logfile in smb_panic(), as suggested by mbpJelmer Vernooij1-0/+4
(only on systems that support it, of course) (This used to be commit bf439d733df6a11a25ff561a853c3382a3b34b96)
2003-03-24- Add support to auth/ for the new modules systemJelmer Vernooij1-0/+4
- Quite some small fixes (also fixes the build) (This used to be commit 3defbd5e0633acfa4631531b49601c7706072d86)
2003-03-24Revoke some of the popt patch from metze I applied earlier today. It addedJelmer Vernooij1-1/+5
some double options and broke some parameters. (This used to be commit d5f9b0275c91512e1926504f22aaeec2d104430d)
2003-03-24Define POPT_TABLEEND if current popt.h doesn't contain it alreadyJelmer Vernooij1-0/+4
(This used to be commit de4bdf42d8f27b54260f58ff37d438c67623f446)
2003-03-24Patch from metze to generalise POPT_COMMON_SAMBA, with some minor changesJelmer Vernooij1-9/+2
(This used to be commit 2ddfed298d7f0b6e690275725a39c3ef107077ae)
2003-03-23NTLM Authentication:Andrew Bartlett1-1/+1
- Add a 'privileged' mode to Winbindd. This is achieved by means of a directory under lockdir, that the admin can change the group access for. - This mode is now required to access with 'CRAP' authentication feature. - This *will* break the current SQUID helper, so I've fixed up our ntlm_auth replacement: - Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a challenge. - Use this to make our ntlm_auth utility suitable for use in current Squid 2.5 servers. - Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates are needed. - Now uses fgets(), not x_fgets() to cope with Squid environment (I think somthing to do with non-blocking stdin). - Add much more robust connection code to wb_common.c - it will not connect to a server of a different protocol version, and it will automatically try and reconnect to the 'privileged' pipe if possible. - This could help with 'privileged' idmap operations etc in future. - Add a generic HEX encode routine to util_str.c, - fix a small line of dodgy C in StrnCpy_fn() - Correctly pull our 'session key' out of the info3 from th the DC. This is used in both the auth code, and in for export over the winbind pipe to ntlm_auth. - Given the user's challenge/response and access to the privileged pipe, allow external access to the 'session key'. To be used for MSCHAPv2 integration. Andrew Bartlett (This used to be commit dcdc75ebd89f504a0f6e3a3bc5b43298858d276b)
2003-03-22Add -U, -N, -i, -A, -W to popt.Jelmer Vernooij2-8/+48
(This used to be commit 5a88d78f67fd7853d6f7d5042807afa56091d52c)
2003-03-22Small clenaup patches:Andrew Bartlett2-28/+25
- safe_string.h - don't assume that __FUNCTION__ is available - process.c - use new workaround from safe_string.h for the same - util.c - Show how many bytes we smb_panic()ed trying to smb_xmalloc() - gencache.c - Keep valgrind quiet by always null terminating. - clistr.c - Add copyright - srvstr.h - move srvstr_push into a .c file again, as a real function. - srvstr.c - revive, with 'safe' checked srvstr_push - loadparm.c - set a default for the display charset. Andrew Bartlett (This used to be commit a7eba37aadeb0b04cb1bd89deddb58be8aba825c)
2003-03-20Cleanup bogus initialisation in SID_NAME_USE enum.Tim Potter1-8/+8
Added new sid type = 9 for "computer" from MSDN. (This used to be commit 45929d126932e5cac5a23fe76d28a4fa05b54b77)
2003-03-18Comment about deprecated macro overmalloc_safe_strcpy().Martin Pool1-0/+6
(This used to be commit 5ac062580690eee9b4bd423dbb82631c0cdb8b30)
2003-03-18Speling fixes and a little extra documentation.Martin Pool1-6/+6
(This used to be commit 8da383bb3e63d25ceb0204c775580f2f1b3336ec)
2003-03-16Fix nmbd under -DDEVELOPER (pstrcpy on not-pstring).Andrew Bartlett1-0/+2
Make a new macro to help in this situation, and add memcpy() parinoia Andrew Bartlett (This used to be commit 4d00626b6e003952df6715fa80615ec028facdf4)
2003-03-16More work on my macro mess - we need function prototypes of different types,Andrew Bartlett1-9/+12
and we were missing the 'char' type. Andrew Bartlett (This used to be commit 193e80fafbda9e3af58fec1e629ec607f29b4099)
2003-03-15A hack to get us building on a slightly older heimdal kerberos. It appearsAndrew Bartlett1-0/+7
that we don't need this flag - heimdal's internal password change routines don't set it. Andrew Bartlett (This used to be commit 069825bd78f2bf125e8a4e72933da924d393f5a5)
2003-03-15Fix the 'non-optomizing compiler' case...Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 94424c5d72246b2e58f3a21aa0de6949d7eb2da1)
2003-03-15Fix the non-DEVELOPER case of my macro madness...Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 618bda3a28f65417e3c31a70229f6da70cf223fc)
2003-03-15Minor fixes.Andrew Bartlett1-1/+1
- signed/unsigned - quieten warning about assignment as truth value - whitespace Andrew Bartlett (This used to be commit a13ce0df4b4a776fa635a1fb804dd00d195f58d0)
2003-03-15signed/unsigned fixAndrew Bartlett1-2/+2
(This used to be commit f6bcfa59447700e0ccfc069d0228019a9bdca9d2)
2003-03-15String handling parinoia fixes.Andrew Bartlett3-24/+174
This patch enables the compile-time checking of strings assable by means of sizeof(). (Original code had the configure check reversed). This is extended to all safe_strcpy() users, push_string and pull_string, as well as the cli and srv derivitives. There is an attempt to cap strings at the end of the cli buffer, and clobber_region() of the speified length (when not -1 :-). Becouse of the way they are declared, the 'overmalloc a string' users of safe_strcpy() have been changed to use overmalloc_safe_strcpy() (which skips some of the checks). This whole ball of mud worked fine, until I pulled out my 'fix' for our statcache. When jeremy fixes that, we should be able to get back to testing this stuff. This patch also includes a 'marker' of the last caller to clobber_region (ie, the function that called pstrcpy() that called clobber_region) to assist in debugging problems that may have smashed the stack. This is printed at smb_panic() time. (Original idea and patch by metze). It also removes some unsused functions, and #if 0's some others that are unused but probably should be used in the near future. For now, this patch gives us some confidence on one class of trivial parsing error in our code. Andrew Bartlett (This used to be commit 31f4827acc2a2f00399a5528fc83a0dae5cebaf4)
2003-03-14Fresh meat in trusted domains code:Rafal Szczesniak1-2/+2
- packing/unpacking utility functions for trusted domain password struct; can be used to prepare buffer to store in secrets.tdb or (soon) passdb backend - similiar functions for DOM_SID - respectively modified secrets_(fetch|store) routines - new auth mapping code utilising introduced is_trusted_domain function - added tdb (un)packing of single bytes Rafal (This used to be commit 5281ee7e84421b9be746aed2f1718ceaf2a2fe3d)
2003-03-13In Valgrind 1.9.4, the headers have moved to <valgrind/valgrind.h>,Martin Pool1-3/+7
etc. So check for that as well as the old names when including macros and conditionally defining -DVALGRIND. (This used to be commit c9151c7b1113e2f01bd33d4dd301a2e7e2040b35)
2003-03-12Change size parameters from signed to unsigned to fix up warnings.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 2e9880ef7c259b67eb75edc8098b734c3b7b22c1)
2003-03-12adding some initiaial code to sert %a to Win2K3 (using Native LanMan string ↵Gerald Carter1-1/+1
from .NET RC2) (This used to be commit 4c823e61d14a33344deb887043b60b2e3c83416f)
2003-03-11Remove valgrind_strlen function, hopefully no longer needed withMartin Pool1-4/+0
recent Valgrind relases and clashing with -DVALGRIND. (This used to be commit 98479f1315cf8968152e1566966ac57e171008c3)
2003-03-11If using --enable-developer and valgrind.h is present, define VALGRIND.Martin Pool1-0/+8
(This used to be commit 71c8e90117f00f168416f2f35a1c25755e2d0ed4)
2003-03-10Further work on NTLMSSP-based SMB signing. Current status is that I cannnotAndrew Bartlett1-0/+23
get Win2k to send a valid signiture in it's session setup reply - which it will give to win2k clients. So, I need to look at becoming 'more like MS', but for now I'll get this code into the tree. It's actually based on the TNG cli_pipe_ntlmssp.c, as it was slightly easier to understand than our own (but only the utility functions remain in any way intact...). This includes the mysical 'NTLM2' code - I have no idea if it actually works. (I couldn't get TNG to use it for its pipes either). Andrew Bartlett (This used to be commit a034a5e381ba5612be21e2ba640d11f82cd945da)
2003-03-10Include valgrind.h if present on the system.Martin Pool1-0/+5
(This used to be commit 65ba78c6bd4c5ab7ec9bf4d15e4410482e82588d)
2003-03-09Change the way we sign SMB packets, to a function pointer interface.Andrew Bartlett1-6/+7
The intention is to allow for NTLMSSP and kerberos signing of packets, but for now it's just what I call 'simple' signing. (aka SMB signing per the SNIA spec) Andrew Bartlett (This used to be commit b9cf95c3dc04a45de71fb16e85c1bfbae50e6d8f)