summaryrefslogtreecommitdiff
path: root/source3/include
AgeCommit message (Collapse)AuthorFilesLines
2001-11-25oops, I forgot to include the header fileAndrew Bartlett1-0/+2
(This used to be commit c28956d8601c103c3f8dab4253de80e6a00a02d7)
2001-11-24added "net join" commandAndrew Tridgell2-0/+13
this completes the first stage of the smbd ADS support (This used to be commit 058a5aee901e6609969ef7e1d482a720a84a4a12)
2001-11-24This is another rather major change to the samba authenticaionAndrew Bartlett1-6/+48
subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett (This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99)
2001-11-24added lsaenumprivsaccount and lsalookupprivvalue to rpcclientJean-François Micouleau1-0/+13
and more to come ... J.F. (This used to be commit 1748d5a2af1f2dcf718d6f162ed483b001542494)
2001-11-23Changed how the privileges are stored in the group mapping code. It's nowJean-François Micouleau1-12/+14
an array of uint32. That's not perfect but that's better. Added more privileges too. Changed the local_lookup_rid/name functions in passdb.c to check if the group is mapped. Makes the LSA rpc calls return correct groups Corrected the return code in the LSA server code enum_sids. Only enumerate well known aliases if they are mapped to real unix groups. Won't confuse user seeing groups not available. Added a short/long view to smbgroupedit. now decoding rpc calls to add/remove privileges to sid. J.F. (This used to be commit f29774e58973f421bfa163c45bfae201a140f28c)
2001-11-23Finally worked out why a enumerate trusted domains was returning aTim Potter1-1/+20
NT_STATUS_UNABLE_TO_FREE_VM error. This error code was mis-defined as 0x8000001a instead of 0xc000001a. The former is actually a NT_STATUS_NO_MORE_ENTRIES warning which is what we see in the status code. Removed the & 0xffffff from the loop in get_nt_error_msg() as all the error constants now have the correct high bits set. (This used to be commit 80dca2c9e46753d87e673d712c96c76ffde0b276)
2001-11-23Added constants and error message for dos error code 1326 (logon failure).Tim Potter1-0/+1
(This used to be commit 6ce1eec09de64f19d969a67fc236abd4ae277926)
2001-11-23Reference about SIDs from tpot.Martin Pool1-7/+13
(This used to be commit 53963eae7d5930246c6c0c0b947f425d50d382c3)
2001-11-22added lsa_enum_sids to rpcclientJean-François Micouleau1-1/+1
fixed lsa_enum_rpivs server code. This time it works as W2K. fixed smbgroupedit to compile and work. J.F. (This used to be commit 646651018a2736833e49e76f6ca735a4647d9746)
2001-11-22sync up with 2.2Gerald Carter1-0/+9
(This used to be commit 0c0f3223731cfb46a0e3b8e289c13c8f908e0cf2)
2001-11-22merge from 2.2Gerald Carter2-8/+65
(This used to be commit 96b3a65a73d403a41bf1b3aba79bd743698344ac)
2001-11-22--with-msdfs wsa removedGerald Carter1-1/+0
(This used to be commit f1143cd02c24f7c56b2e4ec70f77f22dbc01b113)
2001-11-22Made a libsmbclient doxygen group and moved all the libsmbclient groupsTim Potter1-13/+21
under it. (This used to be commit 43c496598f8e1aedc9c80222e60bb8e7b3027e03)
2001-11-21samr_querydom_info level 1: found the meaning of the unknow fields. AndJean-François Micouleau1-4/+48
discovered that our reply is short by 4 bytes since day 1 of this code. Added a decode function to rpcclient too. splitted the STRING2 fields filling while trying to understand the win9x userlist bug. (didn't fix the bug, but the reply looks closer to NT). J.F. (This used to be commit bfbe7f377e5fcb09e87bfc866196dfc51a8fe64d)
2001-11-21Fix up libsmbclient in head.Richard Sharpe1-93/+96
Apply the patches from Tom Jansen, get rid of fprintfs and change them to DEBUGs, etc ... (This used to be commit 7ac404c85303c9c3fbd48054fc4876bd4bc1567b)
2001-11-20forgot this fileAndrew Tridgell1-0/+29
(This used to be commit 1dd255b06d4c8669d839a387d4c63ff3475ab1ab)
2001-11-20added the beginnings of ADS support in smbdAndrew Tridgell2-0/+35
(This used to be commit c7f611691941ca92f57665e19d6e46b161599427)
2001-11-20added ANS1 integer defineAndrew Tridgell1-0/+1
(This used to be commit 1e833f3564be439cd778e517e6689cea61e02a2b)
2001-11-19Move all other paths into dynconfigMartin Pool1-0/+3
(This used to be commit d51ef6bfa3d194b58c3ee7706a7d475ef042676d)
2001-11-19Fix obvious typo.Martin Pool1-1/+1
(This used to be commit d761a3860ba7b11b446d3a9865ddfeff8e2f658d)
2001-11-19Detect libreadline>=4.0, and set HAVE_NEW_LIBREADLINE. At the momentMartin Pool1-1/+4
this is only to get the cast right, but it might help with other parts of the API that changed later. (This used to be commit b792c9317ab62fe407de34ed811cc883a7652cc4)
2001-11-19dyn_LOCKDIR should be const because it's never modified directly --Martin Pool1-1/+2
it's just copied in to the parameter table and optionally overridden there. (This used to be commit 988fe772a39e08dec738b045021cd6e06b4e59c8)
2001-11-19LIBDIR and LOCKDIR are dynamically configured too.Martin Pool2-5/+1
(This used to be commit 868999ad3c82ad72f11d5b3208b0e42b1ed95096)
2001-11-19LMHOSTSFILE is now dynamically configured too.Martin Pool1-1/+1
(This used to be commit a779710fff5fddcbf65a8ddc8e9169b586b85481)
2001-11-19Store some path names in global variables initialized to configureMartin Pool2-0/+32
default, rather than in preprocessor macros. (This used to be commit 79ec88f0da40faebe1e587f1b3e87b5f2b184f58)
2001-11-16I *love* removing code :-). Removed 4 files that weren't being used.Jeremy Allison1-0/+1
All this stuff was being pulled in due to *one* unneeded call to fetch a domain SID which smbpasswd already puts in the database... Jeremy. (This used to be commit 6bf2505cce7db770fd4db5b19999a78588e96b58)
2001-11-15Tidyups and things I discovered during the merge...Jeremy Allison1-1/+1
Jeremy. (This used to be commit 9c8439f25b90d80adcd7161bfed3664af6256940)
2001-11-15more Win2k RPC opnums (EnumPrinterKey() and DeletePrinterDriverEx())Gerald Carter1-0/+2
(This used to be commit 08df688b284c5589718f954187c4cb44086b9c19)
2001-11-15SETPRINTERDATAEX is 0x4d (not 0x50). My mistake.Gerald Carter1-1/+1
(This used to be commit 27c6e1242d311cc24e758281890872694e083b67)
2001-11-14Fix compile on RedHat 7.2 systems with broken system headers.Jeremy Allison1-3/+1
Jeremy. (This used to be commit b14ac75666939b4f98213719ce7bc72fa9d37ce4)
2001-11-13verified two new win2k rpc's EnumPrinterDataEx() and DeletePrinterdataEx()Gerald Carter1-6/+3
(This used to be commit 253c5eadc21cdf2ea5a4c237d3b48e9df04c66a2)
2001-11-13Fix typo.Martin Pool1-2/+0
(This used to be commit 33904decbcf858a5cf799429c17330b0fafd1da4)
2001-11-13new Win2k spoolss rpc opnum (unknown right now).Gerald Carter1-0/+6
(This used to be commit d636e73295343e5f3e44cbf61a63edaff8a243d1)
2001-11-12Fixed allocation bug in database prog. Some format fixes.Jeremy Allison2-0/+4
Jeremy. (This used to be commit 9ff6b0c20cc88ef0bcd62a596fcb96f898b5b29d)
2001-11-09Fixed a few typos and added the opnum for ADDPRINTERDRIVEREX to theGerald Carter1-1/+8
rpc_spoolss.h header file. (This used to be commit d4cafc076be99a66d0660f695995801b4f1d7bfd)
2001-11-09Fixup __LPID -> _LPID.Jeremy Allison1-1/+1
Jeremy. (This used to be commit ab607cdf153d9187fe50af3377ece5a9fafde1b1)
2001-11-08Added more define bits. Fixed error in vol attributes.Jeremy Allison1-3/+6
Jeremy. (This used to be commit eba8204bfadb176fafb686a35295a09f0f35b894)
2001-11-05Wrote some stubs for new win2k only spoolss rpc commands:Tim Potter1-1/+40
GetPrinterDataEx() and SetPrinterDataEx(). Not sure what the command number is for the latter is - I haven't seen it on the wire yet. (This used to be commit 87614c74b3d66cf2ca706b33e6cf0a32b4166e7a)
2001-11-04Fix for broken-as-shipped RedHat 7.2 system headers. Now we haveJeremy Allison1-0/+12
to detect this in configure. Jeremy. (This used to be commit 44fb1992c98e7cca5663b17ea9a4833fcf0a8478)
2001-11-04a big one:Simo Sorce2-0/+11
- old mangle code has gone, the new one based on tdb seem resonably ok probably the valid.dat table need to be updated to treat wild chars as invalid ones (work ok without it) - a LOT of new string manipulation function for unicode, they are somewhat tested but a review would not be bad - some new function I will need for the new unix_convert function I'm writing, this will be renamed filename_convert and use only unicode strings. - charconv, I attached a comment, if someone wnat to look if I'm right or just was hacking to late in the night to make a sane one :) of course any bug is my responsibility an will be pleased to see patches if you find any. :-) Simo. (This used to be commit ee19f7efb6ea9216fc91cf112ac1afa691983e9d)
2001-11-03Added NT_USER_TOKEN into server_info to fix extra groups problem.Jeremy Allison2-3/+5
Got "medieval on our ass" about const warnings (as many as I could :-). Jeremy. (This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
2001-11-03Added many more defines in service category, user category and othersSteve French1-0/+26
(This used to be commit 3bfb828cf70489165b46281bf03ea7074d3ba07d)
2001-10-31This is a farily large patch (3300 lines) and reworks most of the AuthRewriteAndrew Bartlett2-33/+24
code. In particular this assists tpot in some of his work, becouse it provides the connection between the authenticaion and the vuid generation. Major Changes: - Fully malloc'ed structures. - Massive rework of the code so that all structures are made and destroyed using malloc and free, rather than hanging around on the stack. - SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them to be declared 'invalid' without the chance that people might get ROOT by default. - kill off some of the "DOMAIN\user" lookups. These can be readded at a more appropriate place (probably domain_client_validate.c) in the future. They don't belong in session setups. - Massive introduction of DATA_BLOB structures, particularly for passwords. - Use NTLMSSP flags to tell the backend what its getting, rather than magic lenghths. - Fix winbind back up again, but tpot is redoing this soon anyway. - Abstract much of the work in srv_netlog_nt back into auth helper functions. This is a LARGE change, and any assistance is testing it is appriciated. Domain logons are still broken (as far as I can tell) but other functionality seems intact. Needs testing with a wide variety of MS clients. Andrew Bartlett (This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c)
2001-10-31Added some extra fields to the auth_serversupplied_info structure.Tim Potter1-0/+5
To obtain the full group membership of a user (i.e nested groups on a win2k native mode server) it is necessary to merge this list of groups with the groups returned by winbindd when creating an nt access token. This breaks winbindd linking while AB and I sync up our changes to the authentication subsystem. (This used to be commit 4eeb7bcd783d7cfb3ac232f1faa035773007401d)
2001-10-30Fix up smbpasswd -e/-d so that it doesn't change the password under you anyAndrew Bartlett1-0/+1
more. (Previously it set them to 'XXXX' or similar when only the flags were being changed - a bug I must have introduced when I reworked the passdb end of things a few weeks back.) Adds a new local flag: LOCAL_SET_PASSWORD to specify that the password is actually to be changed. Andrew Bartlett (This used to be commit cea6b6cb228c7e1f0c2d45951590e0d8fb8b315c)
2001-10-29This commit is number 2 of 4.Andrew Bartlett1-7/+0
In particular this commit focuses on: The guts of the moving about inside passdb. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes allow for the introduction of a large dose of 'const' to the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username passdb/ - Kill off disp_info stuff, it isn't used any more - Kill off support for writing to the old smbpasswd format, it isn't relevent to Samba 3.0 - Move around and modify the pdb_...() helper functions, adding one that sets the last changed time to 'now' and that sets the must change time appropriately. - Remove the ugly forced update of the LCT- value in pdb_smbpasswd. - Remove the implicit modification of the ACB flags when both NT and LM passwords are set. - Removed substation in pdb_getsampwnam output, as a single password change will render them inoperable in any case (they will be substituted and stored) - Added a default RID to the init_sam_from_pw() function, based on our rid algorithm. - Added checks that an smbpasswd stored user has a uid-based RID. - Fail to store tdb based users without a RID lib/ - Change the substituion code to use global_myname if there is no connection (and therefore no called name) at the present time. (This used to be commit 8f607810eb24ed1157bbd2e896c2c167bc34d986)
2001-10-23Add popt for parsing commandline optionsJim McDonough2-1/+6
(This used to be commit df34e11d84a6fe89dc6654eb10de0a49383e1dea)
2001-10-22a quick fix to get rpcclient working again. This just disablesAndrew Tridgell1-0/+1
NTLMSSP in cli_establish_connection() What we really need to do is kill off the pwd_cache code. It is horrible, and assumes the challenge comes in the negprot reply. (This used to be commit 3f919b4360b3bfcc133f7d88bc5177e9d93f2db2)
2001-10-22- fixed link order of krb5 libsAndrew Tridgell1-6/+0
- accept a wide range of principal names in session setup (This used to be commit 672df66296f540b606aa43effab5f021b8978e4b)
2001-10-20Converted a bunch of 0x85 constants to SMBkeepalive.Tim Potter1-0/+1
(This used to be commit b16a15a13ed7d267c6366abaeeb3ccafa5776f5e)