summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2004-01-13sync HEAD with recent changes in 3.0Gerald Carter4-150/+505
(This used to be commit c98399e3c9d74e19b7c9d806ca8028b48866931e)
2004-01-09fix some warnings from the Sun compiler; also merge some of abartlet's error ↵Gerald Carter2-14/+14
code changes form 3.0 (This used to be commit 2279e98cb81faaf8a4e971fec339955f14c23858)
2004-01-07Prototype version of trust passwords moved to SAM/pdb. This isRafal Szczesniak1-1/+54
backend-independent part ie. interface - does build and (it seems) doesn't break anything else. rafal (This used to be commit 9ce6dc6476202d9db6ea1c2deab93e454e4db546)
2004-01-06Merge NTLMSSP fixes from 3.0 to HEAD.Andrew Bartlett1-4/+4
Andrew Bartlett (This used to be commit f7d39c787771616ddb015bd77e3e6cd33f0c7a15)
2004-01-06GUID is struct uuid in HEAD.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit ec24c7f42ac344d14c0e29d4b49c07d8ce213448)
2004-01-06Patch based on work from James Peach <jpeach@sgi.com> to convert over toJeremy Allison3-2/+21
using pread/pwrite. Modified a little to ensure fsp->pos is correct. Fix for #889. Jeremy. (This used to be commit 3a24dc868d95c9bcc2ac3a0dbd50e6e226ac0841)
2004-01-05rpc_client/cli_lsarpc.c:Andrew Bartlett1-0/+13
rpc_parse/parse_lsa.c: nsswitch/winbindd_rpc.c: nsswitch/winbindd.h: - Add const libads/ads_ldap.c: - Add ads_sid_to_dn utility function nsswitch/winbindd_ads.c: - Use new utility function ads_sid_to_dn - Don't search for 'dn=', rather call the ads_search_retry_dn() nsswitch/winbindd_ads.c: include/rpc_ds.h: rpc_client/cli_ds.c: - Fixup braindamage in cli_ds_enum_domain_trusts(): - This function was returning a UNISTR2 up to the caller, and was doing nasty (invalid, per valgrind) things with memcpy() - Create a new structure that represents this informaiton in a useful way and use talloc. Andrew Bartlett (This used to be commit 627d33d1667f0d4b1070f988494885b74c4c04dd)
2004-01-05Merge commit to 3_0: add pdb_pgsqlJelmer Vernooij1-0/+2
(This used to be commit 61cbd5c9be1962d0c33c28ff472a2f82d3aa2a80)
2003-12-25This is metze's LDAP rebind sleep patch:Volker Lendecke1-0/+2
When smb.conf tells us to write to a read-only LDAP replica and we are redirected by the LDAP server, the replication might take some seconds, especially over slow links. This patch delays the next read after a rebind for 'ldap rebind sleep' milliseconds. Metze, thanks for your patience. Volker (This used to be commit 7293550e3642e2553684a7011084dabb0b78fd24)
2003-12-22add well known rid for pre win2k compatible access group; bug 897Gerald Carter1-0/+1
(This used to be commit 426a02cf678236f902c143b56eaaf854fca2237f)
2003-12-10Fix UNISTR2 length bug in LsaQueryInfo(3) that cause SID resolution to fail ↵Gerald Carter1-1/+1
on local files on on domain members; bug 875 (This used to be commit a5c5dde1c34ba44f8d9bbb38720a089a6d61806c)
2003-12-04support munged dial for ldapsam; patch from Aurélien Degrémont; bug 800Gerald Carter1-0/+1
(This used to be commit acf9eae7b0c95776358292c3463951477575bcc6)
2003-12-04* fix RemoveSidForeignDomain() ; bug 252Gerald Carter1-7/+7
* don't fall back to unmapped UNIX group for get_local_group_from_sid() * remove an extra become/unbecome_root() pair from group enumeration (This used to be commit c0f34b42a6a4af09ae4b76721bc350784d87f686)
2003-11-22(merge from 3.0)Andrew Bartlett6-42/+73
Changes all over the shop, but all towards: - NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... Andrew Bartlett (This used to be commit 57a895aaabacc0c9147344d097d333793b77c947)
2003-11-20Typo fix.Rafal Szczesniak1-2/+2
(This used to be commit d1394f02cb0e369701217ce6610f4efe54438c3a)
2003-11-15Split smbldap in a core file and a utility fileSimo Sorce2-0/+35
Add module support for configuration loading Add a first implementation of config_ldap module to put samba configuration on ldap It worked on my test machine, please try it out and send bugfixes :-) have fun, Simo. INSTRUCTIONS: Just add something like this to your smb.conf file: config backend = config_ldap:ldap://localhost config_ldap:basedn = dc=samba,dc=org the config tree must follow this scheme: ou=foo, dc=samba, dc=org <- global section |- sambaOptionName=log level, ou=foo, ... <- options |- ... |- sambaShareName=testlc, ou=foo, ... == [testlc] |- sambaOptionName=path, sambaShareName=testlc, ou=foo, ... <- option here is a sample ldif: # foo, samba, org dn: ou=foo, dc=samba, dc=org objectClass: organizationalUnit objectClass: sambaConfig ou: foo description: Test Foo # log level, foo, samba, org dn: sambaOptionName=log level, ou=foo, dc=samba, dc=org objectClass: sambaConfigOption sambaOptionName: log level sambaIntegerOption: 10 description: log level 10 is suitable for good debugging # testlc, foo, samba, org dn: sambaShareName=testlc, ou=foo, dc=samba, dc=org objectClass: sambaShare sambaShareName: testlc description: share to test ldap config module actually works # path, testlc, foo, samba, org dn: sambaOptionName=path, sambaShareName=testlc, ou=foo, dc=samba, dc=org objectClass: sambaConfigOption sambaOptionName: path sambaStringOption: /tmp description: Path for share testlc # read only, testlc, foo, samba, org dn: sambaOptionName=read only, sambaShareName=testlc, ou=foo, dc=samba, dc=org objectClass: sambaConfigOption sambaOptionName: read only sambaBoolOption: TRUE description: Share testlc is read only # guest ok, testlc, foo, samba, org dn: sambaOptionName=guest ok, sambaShareName=testlc, ou=foo, dc=samba, dc=org objectClass: sambaConfigOption sambaOptionName: guest ok sambaBoolOption: TRUE description: Guest users are allowed to connect to testlc share (This used to be commit 207968eafc2c2a185e50e2132702d7bab2142aba)
2003-11-05Merge from 3.0:Tim Potter1-0/+11
Revision 1.16.2.6: Add prototype for smbc_remove_unused_server() to fix compiler warning. Bug #706. (This used to be commit 99f70d86fe17ce39d803fa23a135169e24d8a34e)
2003-11-03removing #include <compat.h> in hopes to avoid problems with apache header ↵Gerald Carter1-4/+0
files; will watch the build farm on this to make sure things don't blow up (This used to be commit b4d80ee74727a72aa8fe070d13e3ca5de71837ca)
2003-10-31Whitespace syncup with 3.0Tim Potter1-7/+7
(This used to be commit 9746ef376d2a52ef6ef6b84421d6b7e988a6ca13)
2003-10-31Formatting syncup with 3.0Tim Potter1-0/+4
(This used to be commit 98881672f5c094181be7988b4d39b451f292e423)
2003-10-31Sync up with 3.0Tim Potter1-3/+3
(This used to be commit 3cd8acb6c362bca82d7268aa283d3f6360b24604)
2003-10-30Last of the GUID->struct uuid changes.Jim McDonough1-7/+0
GUID has been removed. If you are dealing with a flattened version of a [gu]uid, use UUID_FLAT. smb_pack_uuid and smb_unpack_uuid will switch between the two. I'm not sure exactly what the genparse stuff is doing here, so I just switched it to a UUID_FLAT (no functional change), but I suspect this may not be the right way to go. (This used to be commit 001e9d0e814109a26d598001b3c23dfdb04510ff)
2003-10-30Ok, nearing the end of the GUID->struct uuid changes.Jim McDonough1-2/+2
Takes care of secdescs. Had to move the uuid marshall/unmarshalling code to parse_misc, because it's needed outside of parse_rpc.c (for no-auth calls) (This used to be commit 5d2bb079b65ccfec14604d8dcf0ce789d1795b46)
2003-10-30Another round of GUID->struct uuid.Jim McDonough1-1/+1
Takes care of the lsass pipe (This used to be commit 3dca3efa4b427fa3094a8cd392fe5744b5f6f6a8)
2003-10-30First round of merging various UUID structures.Jim McDonough4-19/+21
This eliminates RPC_UUID. It creates the following struct: struct uuid { uint32 time_low; uint16 time_mid; uint16 time_hi_and_version; uint8 clock_seq[2]; uint8 node[6]; }; which replaces RPC_UUID and various random struct uuid definitions and a flat version: #define UUID_FLAT_SIZE 16 typedef struct uuid_flat { uint8 info[UUID_FLAT_SIZE]; } UUID_FLAT; which pretty much looks like GUID (which I will start eliminating). I want us to use the FLAT one only on the wire (perhaps in files, too?), and I want it to be obvious to the coder that it is the FLAT version. This leaves a couple of compiler warnings, where GUID isn't completely replaced by FLAT_UUID yet...I'll get to those soon. (This used to be commit 1532b5d2e3c61df232b16394acedf6eac387588b)
2003-10-29Janitor for tridge.Jeremy Allison1-0/+3
parameterise the listen backlog in smbd and make it larger by default. A backlog of 5 is way too small these days. Jeremy. (This used to be commit 58b8f673945ad114d056dd79f509c93ab42b96d1)
2003-10-24Add initshutdown pipe commands to rpcclient. Second part of fix to bugJim McDonough2-2/+5
#534 (This used to be commit 99f4fa54497ba1c0fc0ba39d51b3ce201a8e6cd2)
2003-10-24New files for support of initshutdown pipe. Win2k doesn't respond properlyJim McDonough1-0/+70
to all requests on the winreg pipe, so we need to handle this new pipe. First part of fix for bug #534 (This used to be commit 532fab74c12d8c55872c2bad2abead2647f919d7)
2003-10-23Apply the changes to libsmbclient that derrell has contributed. Fix someRichard Sharpe1-0/+864
of the problems with this. From: Derrell.Lipman@unwireduniverse.com (This used to be commit 8e3d2708c5e5a9968aeb9a6fe6c828aa8a5b22a9)
2003-10-22Put strcasecmp/strncasecmp on the banned list (except for needed callsJeremy Allison1-0/+14
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. (This used to be commit 5c050a735f86927c7ef2a98b6f3a56abe39e4674)
2003-10-21Merge of mmap blacklist fix from HEAD.Tim Potter1-0/+7
(This used to be commit ff29be16e74361b02b0b7fbd83e393d68ae5b897)
2003-10-20Update structures after ethereal showed some marshalling/unmarshallingJim McDonough1-2/+3
errors. (This used to be commit 9d0f322a851f487cea320e57076213435e5c6481)
2003-10-20Several updates:Jim McDonough1-1/+3
- add support for named pipe and netbios queries in parse code - fix map request structure...unknown byte was alignment - add sample of named pipe over netbios query in rpcclient (comment only) (This used to be commit 71dcdf54e60204d6b499d25d8759ed20fc7a021a)
2003-10-20more 2.2.x compatibility fixes - allow user looksup in the kerb5Gerald Carter1-1/+1
sesssetup to fall back to 'user' instaed of failing is REA.LM\user doesn't exist. also fix include line in smb_acls.h as requested by metze (This used to be commit 5ccf6baad7ffb1f992aaf24b41ef5c83362cf613)
2003-10-17Add epmapper pipeJim McDonough2-1/+4
(This used to be commit 041c17bd665ea5fa771b111d7008036fb3e7b72f)
2003-10-17Add endpoint mapper rpc definitionsJim McDonough1-0/+115
(This used to be commit e604a9c0788a006663e7f939059c4120c1df3648)
2003-10-15created a new target: genparseSimo Sorce1-1/+0
this target will build parse file with genstruct it is the duty of the developer to commit updated files this is made to make build platforms independent of a working perl installation as always been with samba so currently you need to run: make genparse and commit: cvs ci include/tdbsam2_parse_info.h if you change anything in genparse/genstruct code or tdbsam2 code. Simo. (This used to be commit 7e2d5da2dcfad32b733c28535490e98e578bcc3a)
2003-10-14sorry folks, forgot to cvs add/remove before commit.Simo Sorce1-0/+164
(This used to be commit 0ed85e6a2dff0953dbbd5ff4723ef6941ec32850)
2003-10-14Ignore autogenerated tdbsam2_parse_info.hTim Potter1-3/+4
(This used to be commit bb2b8906a05109d5ba8ffff6c250d90d8658d444)
2003-10-13So here it is a non-intrusive patch with my latest work on gums (theSimo Sorce5-109/+256
laternative to the current passdb). Currently it is run through a comatibility module in the passdb layer, with a subset of the functionality it may provide. It is still work in progress, but as someone asked me about it, and as it should make no difference to the normal code, I tought it was a good idea to put it into. It adds a dependency on perl. I know it is not very nice, but I'm sure we will work out a solution for that. As always blame me if I break something, but try to fix yourself, as I am busy-busy-busy :-) Simo. (This used to be commit 7b3c94b5cfc1a9ceb430613353a937345f2eda74)
2003-10-09Merge from 3.0:Tim Potter1-0/+1
>Moving towards better i18n support in SWAT. This commit contains a >bunch of updates to bug 413 from Monyo: > >1) pick up proper strings to call msg strings for example to add > strings in wizard menu in web/swat.c, web/statuspage.c and > param/loadparm.c. > >2) define N_() macro in include/intl.h to pick up some strings > in param/loadparm.c > >3) quote all name and value tag with '"' > For example in swat.c:720 the "Edit Parameter Values" string is > displayd only as "Edit" because value tag is not quoted like: > value=Edit Parameter Values > These tags should be quoted though it sometimes works well > without quotation. > >4) modify the msg strings not to contain HTML tags or other > non-message strings. For example > dprintf(_("test\n")); is modified to dprintf("%s\n", _("test")); (This used to be commit 17efb306aa32d1e5b2546cfb2f3404ad3cf0fb68)
2003-10-06split some security related functions in their own files.Simo Sorce3-3/+26
(no need to include all of smbd files to use some basic sec functions) also minor compile fixes (This used to be commit 66074d3b097d8cf2a231bf08c7f4db62da68189d)
2003-10-01commit sign only patch from Andrew; bug 167; tested using 2k & XP ↵Gerald Carter1-2/+9
clientspreviously joined to the Samba domain (This used to be commit 9d2e585e5e6f9066c6901aa8d8308734f8667296)
2003-09-29Merge from 3.0:Tim Potter2-6/+4
>Fix for #480. Change the interface for init_unistr2 to not take a length >but a flags field. We were assuming that 2*strlen(mb_string) == length of ucs2-le string. >This is not the case. Count it after conversion. >Jeremy. (This used to be commit e2ab9e54cd0ec0002175cf18ff364f4aebaf85a0)
2003-09-24Another round of merges from 3.0:Tim Potter1-81/+59
>Reformat - preparing to fix bug #480 (which will be ugly). >Jeremy. (This used to be commit cd91dd9cd8392d1b9cfcbd8ef42237b813dc89b5)
2003-09-18The "unknown_5" 32 bit field in the user structs is actually 2 16-bitJeremy Allison3-4/+14
fields, bad_password_count and logon_count. Ensure this is stored/fetched in the various SAMs. As it replaces the unknown_5 field this fits exactly into the tdb SAM without any binary problems. It also is added to the LDAP SAM as two extra attributes. It breaks compatibility with the experimental SAMs xml and mysql. The maintainers of these SAMs must fix them so upgrades like this can be done transparently. I will insist on the "experimental" status until this is solved. Jeremy. (This used to be commit 71ecd10181cd35313b79f618c2928c2f45424812)
2003-09-10Remove obsolete files.Jelmer Vernooij1-238/+0
(This used to be commit 3d71340e5c1bf3397e69897bbc8434bbaa503a75)
2003-09-09version.h is autogenerated nowGerald Carter1-8/+0
(This used to be commit 04f8cbbca66024ffdcd2ebc0f4db7849d02ca99b)
2003-09-09removing unused filesGerald Carter1-59/+0
(This used to be commit 1a9145015d4b2ee7e7399099760cda13d619e740)
2003-09-09sync 3.0 into HEAD for the last timeGerald Carter23-216/+464
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)