Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
(This used to be commit 605e257cab8041900ec9c6839c37e04d005a420e)
|
|
fields, bad_password_count and logon_count. Ensure this is stored/fetched
in the various SAMs. As it replaces the unknown_5 field this fits
exactly into the tdb SAM without any binary problems. It also is added
to the LDAP SAM as two extra attributes. It breaks compatibility with
the experimental SAMs xml and mysql. The maintainers of these SAMs must
fix them so upgrades like this can be done transparently. I will insist
on the "experimental" status until this is solved.
Jeremy.
(This used to be commit 71ecd10181cd35313b79f618c2928c2f45424812)
|
|
fields, bad_password_count and logon_count. Ensure this is stored/fetched
in the various SAMs. As it replaces the unknown_5 field this fits
exactly into the tdb SAM without any binary problems. It also is added
to the LDAP SAM as two extra attributes. It breaks compatibility with
the experimental SAMs xml and mysql. The maintainers of these SAMs must
fix them so upgrades like this can be done transparently. I will insist
on the "experimental" status until this is solved.
Jeremy.
(This used to be commit cd7bd8c2daff3293d48f3376a7c5a708a140fd94)
|
|
(This used to be commit 3d71340e5c1bf3397e69897bbc8434bbaa503a75)
|
|
(This used to be commit 04f8cbbca66024ffdcd2ebc0f4db7849d02ca99b)
|
|
(This used to be commit 1a9145015d4b2ee7e7399099760cda13d619e740)
|
|
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
|
|
This implements some kind of improved AFS support for Samba on Linux with
OpenAFS 1.2.10. ./configure --with-fake-kaserver assumes that you have
OpenAFS on your machine. To use this, you have to put the AFS server's KeyFile
into secrets.tdb with 'net afskey'. If this is done, on each tree connect
smbd creates a Kerberos V4 ticket suitable for use by the AFS client and
gives it to the kernel via the AFS syscall. This is meant to be very
light-weight, so I did not link in a whole lot of libraries to be more
platform-independent using the ka_SetToken function call.
Volker
(This used to be commit 5775690ee8e17d3e98355b5147e4aed47e8dc213)
|
|
Now all 8-bit charsets with gaps (not all symbols defined) could be produced through
one macro -- SMB_GENERATE_CHARSET_MODULE_8_BIT_GAP(CHARSETNAME) within source file
with three charset tables. Full source code for such modules can be generated by
source/script/gen-8bit-gap.sh script which was taken from GNU libc and changed slightly
to follow our data types and structure.
(This used to be commit 37042c7bc0f349370e93e4bed37d8fa371013247)
|
|
in heimdal it is an enum. Thanks to Guenther Deschner (gd@suse.de).
With this join will work, but without a keytab, cifs connections will still
fail with heimdal. Fix to come later.
(This used to be commit d30bef4c37e8203c273eb3852215a89348bece7a)
|
|
Jeremy.
(This used to be commit be534c8adf6c3cb8921ce49dbb79991c632d501e)
|
|
converted to pull/push_ascii. This will not work right at the moment for non
English codepages, but compiles - I will finish the work over the weekend.
Then nmbd should be completely codepage correct.
Jeremy.
(This used to be commit 236d6adadf32397b28028ea82ae2ec027366f7c8)
|
|
Jeremy.
(This used to be commit daf7b5fbd93c640c7660bdf173079fa1039794af)
|
|
(This used to be commit ae452e51b02672a56adf18aa7a7e365eeaba9272)
|
|
call.
(This used to be commit dd2cf4897ec3db25c24a2724ffdef4f905625f6a)
|
|
clean proto all; after this commit.
Jeremy.
(This used to be commit 27af1f9feab12542dc538bfceac4593e644ba3b4)
|
|
Jeremy.
(This used to be commit 4ee99d1c412ecc77541c988f6795ae3cb89907b8)
|
|
different (but by implicit conversion hopefully compatible... ;-)
prototype. Fix the build for that.
(This used to be commit 497b190edc42cec40fc80e9d9eb6aa4e1a466ac5)
|
|
(This used to be commit 327d26253ed21988d95303c4f8c85901199d8f40)
|
|
(This used to be commit 589e94f4ffa325acfd6562a84906639e19fd5d33)
|
|
Samba4 tester. You will need a make clean; make all after this !
Jeremy.
(This used to be commit 10d90171ed58bee3e5ab6476341059b585034134)
|
|
There is a workaround documented in the bug report.
This patch does:
* add server support for the LSA_DS UUID on the lsarpc pipe
* store a list of context_ids/api_structs in the pipe_struct
so that we don't have to lookup the function table for a pipe.
We just match the context_id. Note that a dce/rpc alter_context
does not destroy the previous context so it is possible to
have multiple bindings active on the same pipe. Observed from
standalone win2k sp4 client.
* added server code for DsROleGetPrimaryDOmainInfo() but disabled it
since it causes problems enumerating users and groups from a 2ksp4
domain member in a Samba domain.
(This used to be commit 96bc2abfcb0dd0912696fad76e43cb217b33e061)
|
|
to be able to ask a LMB for the servers in its workgroup. Against
W2k this only works on port 139....
Volker
(This used to be commit 62b04d7776852098dd768268500f36c3a362f688)
|
|
Jeremy.
(This used to be commit 68590b9e2266cf76b46a68cca0acaa47733811fe)
|
|
into a patch by "Stefan (metze) Metzmacher" <metze@metzemix.de>.
Jeremy.
(This used to be commit ce5c91d35dabc5ff6fb3df2b259ed186d6a7e0da)
|
|
Jeremy.
(This used to be commit 8516baf58d333a54bcbe1c1a08eee499b3dd2636)
|
|
Jeremy.
(This used to be commit 455ed2d51d86f39ce0fa6e6abca31a5425d2ea17)
|
|
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
|
|
(This used to be commit c9b209be2b17c2e4677cc30b46b1074f48878f43)
|
|
(This used to be commit 15d2bc47854df75f8b2644ccbc887d0357d9cd27)
|
|
Thanks to Herb for pointing this out!
(This used to be commit 87ede8d310db10d92b4ff57e67d3b53cbb7697fb)
|
|
(This used to be commit 692ff44ba39cd24dbc906e0319bc51c8be9cc267)
|
|
* use DsEnumerateDomainTrusts() instead of LDAP search.
wbinfo -m now lists all trusted downlevel domains and
all domains in the forest.
Thnigs to do:
o Look at Krb5 connection trusted domains
o make sure to initial the trusted domain cache as soon
as possible
(This used to be commit 0ab00ccaedf204b39c86a9e1c2fcac5f15d0e033)
|
|
maintain another tree then please apply!
On non-X86 machines out byte-order macros fails for one particular
value. If you asked for IVAL() of 0xFFFFFFFF and assigned it to a 64
bit quantity then you got a 63 bit number 0x7FFFFFFFFFFFFFFF rather
than the expected 0xFFFFFFFF. This is due to some rather bizarre and
obscure sign extension rules to do with unsigned chars and arithmetic
operators (basically if you | together two unsigned chars you get a
signed result!)
This affected a byte range lock using the large lockingX format and a
lock of offset 0 and length 0xFFFFFFFF. Microsoft Excel does one of
these locks when opening a .csv file. If the platform you run on does
not then handle locks of length 0x7FFFFFFFFFFFFFFF then the posix lock
fails and the client is given a lockingX failure. This causes the .csv
file to be trunated!!
(This used to be commit 886661c3777dbfd4fa431746c8a5f48674a12b8e)
|
|
connections. Overrides smb.conf parameter if set.
Jeremy.
(This used to be commit 879309671df6b530e0bff69559422a417da4a307)
|
|
trusted domains in a forest.
(This used to be commit c691c7f7d9afb8af542dc83cf934df1dfd38ef17)
|
|
sysquotas interface detected (Linux at least) using native Windows tools. Also move default quota support for NT quotas to VFS module default_quota. Code by Metze
(This used to be commit e856a96c2c42c39843e5e1a3a6b0d538e7179900)
|
|
from Jim McDonough. It is to enable cyrus sasl to provide the
gss-spnego support. For a preliminary patch to cyrus sasl see
http://samba.sernet.de/cyrus-gss-spnego.diff
Volker
(This used to be commit 45cef8f66e46abe4a25fd2b803a7d1051c1c6602)
|
|
cleanup of loadparm and swat.c
(This used to be commit 6956eb9a0b878f6fae37e4de14573cccd2af2156)
|
|
Note: The comments in this file regarding the FLAGS has been in need of
maintenance for some time.
(This used to be commit a0d2fa0f25abe22008080df2ad2e58e7ee424a2b)
|
|
Server code *should* also work (I'll check shortly). May be the odd memory
leak. Problem was we (a) weren't setting signing on in the client krb5 sessionsetup
code (b) we need to ask for a subkey... (c). The client and server need to
ask for local and remote subkeys respectively.
Thanks to Paul Nelson @ Thursby for some sage advice on this :-).
Jeremy.
(This used to be commit 3f9e3b60709df5ab755045a093e642510d4cde00)
|
|
discover names for the SAMR specific permissions that were previously unknown.
The existing constant names differ from what win2k calls them but since they
aren't heavily used in Samba at the moment I'll leave them as they are.
Jean-Baptiste's data is at:
http://ethereal.ntop.org/lists/ethereal-dev/200307/msg00314.html
(This used to be commit ae77e9e55438a9807da3696fd0d31fba6d0f7370)
|
|
due to w2k bug. I think this code is now working.... Need more testing of course
but works on all the obvious cases I can think of.
Jeremy.
(This used to be commit a6e537f6611cc1357fffea0b69901fba7c9ad6ea)
|
|
Returns True or False. Should support further encapsulation of VFS-specific structs
(This used to be commit 180e617f54021ced270c7c8cb86dd478d809d041)
|
|
the build farm machines that I don't have direct access to (hpntc9I).
(This used to be commit b01965823341bbabb74dcbc09d379b43db2ec680)
|
|
(This used to be commit e4cd21222dbd1a7a7f79618762799373230d4905)
|
|
(This used to be commit 04f1577a39b926317911f59714de5c5ca87f02bd)
|
|
Not strictly a bugfix, but it should considerably reduce the load we
put on LDAP servers given that at least nss_ldap on Linux keeps a
connection open.
And it should also stress our reconnect-code a bit more ;-)
Thanks to metze for this!
Volker
(This used to be commit e68d8eabeb9c64dc45d057619f9b3dd0cd507444)
|
|
Ensure a server can't do a downgrade attack if client signing is mandatory.
Add a lp_server_signing() function and a 'server signing' parameter that
will act as the client one does.
Jeremy
(This used to be commit 203e4bf0bfb66fd9239e9a0656438a71280113cb)
|
|
(This used to be commit 99feae7b5b1c229a925367b87c0c0f636d9a2d75)
|