Age | Commit message (Collapse) | Author | Files | Lines |
|
stupid compile errors with file_rename() call just created.
(This used to be commit f5cedb8c9618b83b63b5e2db867d238eebc7e13c)
|
|
added code that moves MACHINE.SID to DOMAIN_NAME.SID if it exists.
(This used to be commit 51c1c31768a92d9c57ee6c09b78419bcbc544f03)
|
|
(This used to be commit 3257b72c6e2722a6de6b40b4c16e934c02a7c508)
|
|
- lib/sids.c:
generate_sam_sid() modified to take a domain name: it now
generates "DOMAIN_NAME.SID". reasons:
1) if you run multiple samba servers on the same machine
under different netbios names as members of a domain,
they won't all use the same SID, which is a _big_ mistake
but it would happen _by default_.
2) we have (had) a problem with sid_to_string() and string_to_sid()
which cause SIDs to be incorrectly read. one of the major
reasons for *NOT* making this change was so as not to disrupt
existing users. but as they will be anyway by this bug,
we might as well go ahead.
- passdb/smbpass.c:
wanted to change the meaning of the name in the smbpasswd
file to an "nt" name not a "unix" name. this is probably
not a good idea: reverted this.
- output formatting / bug-fixing in rpcclient query_useraliases code.
(This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
|
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
SCO 3.2 (including it also requires lots of streams stuff, making it a
total mess).
If this causes problems on some other platform then please add a
comment stating what platform and why the include is needed so we can
work out how to test for it properly.
(This used to be commit 21d779bf7def71d5d9c899eabbb6a110860bd8e2)
|
|
now need search capability on S-1-5-20, which will need argh, a
"group database API" on S-1-5-20, and the ability to add BUILTIN\Admins
etc to "local group map" argh.
(This used to be commit a24f6eb00ba7486479cbcf7fadf5456521c56179)
|
|
(This used to be commit 591c63e3e1e3201ddcd7582585b652fb848d80ca)
|
|
aclocal.m4: Added AC_LIBTESTFUNC.
configure.in: Fixed -lsecurity -lsec problems.
client.c: dos_ fixes.
groupdb/aliasunix.c: Dead code removal.
include/includes.h: Added default PRINTCAP_NAME.
lib/genrand.c: dos_ fixes.
lib/replace.c: Added strtoul.
lib/system.c: dos_ fixes.
lib/util.c: dos_ fixes.
lib/util_sid.c: Signed/unsigned fixes.
lib/util_str.c: removed bad const.
locking/locking_slow.c: dos_ fixes.
printing/printing.c: dos_ fixes.
rpc_server/srv_samr.c: Dead code removal.
rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN !
smbd/dir.c: dos_ fixes.
smbd/open.c: dos_ fixes.
smbd/oplock.c: dos_ fixes.
smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes.
Jeremy.
(This used to be commit 6acb4b68f68d516e2ac3c47e500f5600d653435e)
|
|
(This used to be commit 68342a29a892e515cf2b22d759476d61944bcd59)
|
|
(This used to be commit 53339b63897f51913fef183fd3b4565dad2ffad1)
|
|
(This used to be commit 0fdac4b42fb55a26cdd73d6d5f4a3017d1b4db46)
|
|
(This used to be commit e76f593b3572ac881f1aa1fb3326d8b7169b0078)
|
|
use all_string_sub() if you don't want this.
(This used to be commit a3357ab49335106674fe7a7481cd0f146d74fbe5)
|
|
(This used to be commit bdcee2557bd243a1bfbde3353ebcfe3d82bf9fc5)
|
|
-lsecurity checks
in a more sane way.
rpc_client/cli_netlogon.c: Removed correct bits check to see if this works with an NT3.51 PDC.
rpc_parse/parse_samr.c: Fixed compile warnings.
Jeremy.
(This used to be commit 34d8f4b1c4d59ab3c009360fc67eef9361dd859b)
|
|
Jeremy.
(This used to be commit b02d21a73d7f098c5599c606abbb5c92ea4ba13e)
|
|
configure
configure.in
include/config.h.in: Fixes for AIX4.x. AIX *will not*
enable large file support of *any* description unless
either -D_LARGE_FILES or -D_LARGE_FILES_API are defined.
I chose "-D_LARGE_FILES" as this leads to cleaner code...
Also fixed bug where getpwnam was listed as getpw(a)nam in configure.in.
Jeremy.
(This used to be commit 2d62dc26f4e3a171ecbe56f33d94db2fea0ef0ad)
|
|
Added HPUX autoconf changes.
Added "gross hack" printer code.
Jeremy.
(This used to be commit 1ef6d3bd63722afe9c376793a6ea72046d1a0602)
|
|
acconfig.h configure configure.in include/config.h.in: Fixes to DEC OSF1.
libsmb/nmblib.c: Fixes to nmbd jumps in scope names.
Jeremy.
(This used to be commit 5ad77769be85e6727319afb0f02e5d94c2f9f16f)
|
|
groupdb/groupdb.c: Fixed compile error caught by IRIX compiler.
utils/smbpasswd.c: Fixed SunOS optind, optarg problem.
Jeremy.
(This used to be commit 30af39ae1edf51d5d06a1764982e5df431c142ac)
|
|
that cannot support it.
Jeremy.
(This used to be commit 7a6f25ac4ab0f0bef7a66f26004c15120248ff66)
|
|
If a client does a modify timestamp on an open file (which will
do no good at all on UNIX :-) then keep the modify request pending
in the files_struct and apply it at close instead.
Jeremy.
(This used to be commit 92a7a86f0e0255e3812dd35bebfcd653091514ae)
|
|
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.
This code still needs surgery :-(.
Jeremy.
(This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
|
|
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
|
|
be tuned per system type.
Jeremy.
(This used to be commit c1a3346547d887bfd2402a6b0bcc185680eb4470)
|
|
(This used to be commit 5f7d9d4656eb501e14b98f4ae1990a791c7901e3)
|
|
(This used to be commit d9d44d98ec719b7fc6d5b0fc35bf8727f4cd0372)
|
|
- much as I hate doing it I've removed the "commit changes" button for
users that don't have write access to smb.conf (Jeremy insisted)
(This used to be commit 8e8ab4df1fe77dfcae73a34f4de174afe09cd695)
|
|
smbwrapper not made
by default.
nmbd*: Changed all calls to namestr() to nmbd_namestr() to fix broken FreeBSD include
file problem...sigh.
Jeremy.
(This used to be commit 9ee8f39aed8772a05c203161b4ae6b7d90d67481)
|
|
(This used to be commit 26c3ff2bcb225f65002620fec07aa6423477e6d9)
|
|
UNIXWARE.
groupdb/aliasdb.c groupdb/aliasfile.c groupdb/groupfile.c: Don't use snprinf, use slprintf.
include/includes.h: Fix YP problem.
include/smb.h: Fix ZERO_STRUCTP.
lib/util_sock.c: Added strerror() in debugs.
passdb/ldap.c: Don't use snprinf, use slprintf.
rpc_client/cli_lsarpc.c rpc_client/cli_pipe.c rpc_parse/parse_sec.c rpc_server/srv_pipe.c: Don't use snprinf, use slprintf.
script/installman.sh: DGUX changes.
smbd/open.c smbd/oplock.c: Fixed gcc warnings.
web/swat.c: Changes USER to SWAT_USER.
(This used to be commit 4c2b5a00983501e5d4aad1456ba8b5ab0dfd9b4c)
|
|
(This used to be commit 24b2bf1741366045eca02cbd09e3283531d28422)
|
|
(This used to be commit 2908ccd14d1aa4ffb7d09714bae78cebb7eee755)
|
|
ZERO_STRUCTPN _does_ check argument for NULL.
(This used to be commit 0be34ca1402f95506680caa3461e94d4ae54bb7d)
|
|
(This used to be commit 5be3c37f50eac35cad3eadf0d24e7a4ee04c075e)
|
|
lib/util_sock.c: Added strerror() calls to getpeername failures (which seem to be giving IRIX trouble at the moment).
rpc_parse/parse_sec.c: Changed use of ZERO_STRUCTPN to ZERO_STRUCTP which again does zero pointer protection.
smbd/quotas.c: Fixed typo.
Jeremy.
(This used to be commit b62f008974c96e0302d6c146cf49bc2045bef005)
|
|
(This used to be commit 9412edfd4c11a26e4ef290839375e3959cf70a7e)
|
|
Now passes strings instead.
(This used to be commit 48af29bcc9e8094de6ba057a52dbae3c80ea7a05)
|
|
kanji const char* warnings.
(This used to be commit 06abdfd68e1d7fa8741afc3f56ec7a13b5fa4ccc)
|
|
client/client.c:
include/client.h: Added some debug messages that the old client used to
generate. These are needed to make scripts such as
'findsmb' work - there may be other changes to keep
backwards output compatibility. Do we need a -old-client-compat
argument ?
libsmb/clientgen.c: Fixed crash bug where malloc'ed data wasn't being
cleared - corrupted malloc chains.
web/swat.c: John's changes to get rid of "ghost" table entries.
(This used to be commit 3c45a3503ea57d17e98eb3e57514161a5c82e45e)
|
|
string wrappers.
printing/printing.c: Added OSF1 fix.
Jeremy.
(This used to be commit 9d05d80f811426f83a975d28e64c5d6b10574c25)
|
|
security descriptor testing. hey wow, you can get a SD then send it back!
(This used to be commit 7466c3113ef8f8a89b8496efadfeb611c9f3e069)
|
|
changes from yesterday by me, jeremy and andrew.
jeremy, your ACB_PWNOTREQ mod would have caused a crash if the user
didn't exist (first check should be for smb_pass != NULL)
(This used to be commit cbac0f165d351ba9497c222e55e453d781376e58)
|
|
(This used to be commit 9814ac8a65f4d8333527976f1d227e8cd3c2c8ce)
|
|
instead of opening pipes and other horrible stuff.
(This used to be commit 49bf19710345a59a2d17cd449be1a132885ed821)
|
|
should allow us to call a function in swat rather than piping to
smbpasswd.
while doing this I also fixed quite a few "const char *" versus "char *" issues
that cropped up while using const to track down bugs in the code. This
led to changes in several generic functions.
The smbpasswd changes should be correct but they have not been
extensively tested. At least if I have introduced bugs then we should
be able to fix them more easily than before.
(This used to be commit 713864dd0322ae2ae2d83e333d85be35a7eed4ec)
|
|
resons and my own piece of mind...
Jeremy.
(This used to be commit 45131501f23ce1eec2f23fe2c1060cd5a2736ec9)
|
|
user that authenticated to swat permanently (if not root).
Jeremy.
(This used to be commit 7d55bf379177a4a448e39577ae0af603d5e958f6)
|
|
(This used to be commit 52f47b8d2ef5ee64e2f8dcfeb6840071e57904d1)
|