Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
(This used to be commit cf8949f684ee9adcd35d56d923b2f5733efc05ac)
|
|
pulling back all recent rpc changes from trunk into
3.0. I've tested a compile and so don't think I've missed
any files. But if so, just mail me and I'll clean backup
in a couple of hours.
Changes include \winreg, \eventlog, \svcctl, and
general parse_misc.c updates.
I am planning on bracketing the event code with an
#ifdef ENABLE_EVENTLOG until I finish merging Marcin's
changes (very soon).
(This used to be commit 4e0ac63c36527cd8c52ef720cae17e84f67e7221)
|
|
filename, not returning one. Makes us pass one more Samba4 RAW-SEARCH test.
Jeremy.
(This used to be commit 228d1e1649a0b4952eb5603cb5e1851cdc8f0c72)
|
|
Jeremy.
(This used to be commit 9d131e94195df79e07c8fad20e12ba1b67441a81)
|
|
when we have it in smb_msleep.
Jeremy.
(This used to be commit 465c207ffbcd5ee859faee282ef220a6c72e4eeb)
|
|
been in the
bitmap code for ever. Remove silly extra space in paranoid malloc.
Jeremy.
(This used to be commit 0a7d17bc9b178628da371e627014412e9bef5d42)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
consistent
enum type for Protocol extern.
Jeremy.
(This used to be commit 65dfae7ea45d4c9452b2a08efa09b01d870142f3)
|
|
Guenther
(This used to be commit 14a0292250ee9975618b68701a48c72195286d85)
|
|
I've been grumbling about under-efficient calls in SAMR, and finally
got around to fixing some of them.
We now call sys_getgroups() (which in turn calls initgroups(), until
glibc 3.4 is released) to figure out a user's group membership. This
is far, far more efficient than scanning all the groups looking for a
match, and is still the 'posix way', just using an effiecient call.
The seperate issue of 'who is in this group' remains, but this one has
been biting some people.
I need to talk to VL about how best to exersise nasty corner cases,
but my initial tests hold strong. (The code is also much simpiler
than before, which has to count for something :-)
Andrew Bartlett
(This used to be commit dc19f161698dab5b71d61fa2bacc7e7b8da5fbba)
|
|
very rarely used, but we sohuldn't be removing a feature in a minor
release of this kind.
(This used to be commit 4ce0505bc369243aa77013519ce4e4f6e50f5a48)
|
|
At least temporarily, since I've got the impression that _real_ fix
is more complex...
rafal
(This used to be commit 982912f0c8547b0f0edc8d0b26e36e9701cdee82)
|
|
reuse when filling in the spolss replies (also gets rid of get_called_name()
(This used to be commit 57db8ca91f52329c7f8985c04463b6b69015b0c4)
|
|
* BUG 1627: fix for NIS compiles on HPUX 11.00, AIX 4.3 and 5.1
patch from Olaf Flebbe <o.flebbe@science-computing.de>.
Will need to watch this one in the build farm.
* Fix bug found by rwf@loonybin.net where the PRINT_ATTRIBUTE_PUBLISHED
was getting reset by attempts to sanitize the defined attributes
(PRINTER_ATTRIBUTE_SAMBA)
* Resolve name conflict on DEC OSF-5.1 (inspired by patch from
Adharsh Praveen <rprav@india.hp.com>)
* Work around parsing error in the print change notify code
(not that the alignment bug is still there but reording the
entries in the array works around it).
* remove duplicate declaration of getprintprocdir from rpcclient.
(This used to be commit 7474c6a446037f3ca2546cb6984d800bfc524029)
|
|
(This used to be commit 8b1c2126af3f29a3708b6823616ecec43ce63b95)
|
|
haven't broken krb5 ticket verification in the mainline code path,
also need to check with valgrind. Everything now compiles (MIT, need
to also check Heimdal) and the "net keytab" utility code will follow.
Jeremy.
(This used to be commit f0f2e28958cb9abfed216c71f291f19ea346d630)
|
|
Jeremy.
(This used to be commit 33fa4b8b27427874ac70af00908d97709c1cddc7)
|
|
*SMBSERVER and *SMBSERV -- fixes issue with connecting to printers via \ip.ad.dr.ess\printer UNC path
(This used to be commit 8ee268f0ed0c2f75ded9c2ddd66e0953f443c79e)
|
|
Jeremy.
(This used to be commit ea41d694270264557f740cd40ccc69b4acaa57e9)
|
|
to connection struct entries (as they should have been from
the start). Jerry, once you've cut over to 3.0.4 release
branch I'll add this to 3.0 also.
- Jerry cut over :-).
Jeremy.
(This used to be commit 578a508509d21226ad3332fc54c3ab54cd8ae452)
|
|
things more by calling SAFE_FREE() just before we exit our panic handler.
Andrew Bartlett
(This used to be commit d0b820562b8a7f8e5d0224926d46590b9f1ca9a3)
|
|
Apply Craig Barratt's fixes to allow multiple exlusion files and patterns.
Jeremy.
(This used to be commit 0272fac8ca40b3d4ea4de8ac8a2e371d450d12e6)
|
|
(should fix the mb service name problem, can't remember the bugid).
Jeremy.
(This used to be commit 94a272b9a881ec0004c5da2a7242b0a818da5630)
|
|
(This used to be commit 4319df7fdc2d878c509381923cc1db4d731620ba)
|
|
* remove corrupt tdb and shutdown (only for printing tdbs, connections,
sessionid & locking)
* decrement smbd counter in connections.tdb in smb_panic()
* various Makefile hack to get things to link
'max smbd processes' looks like it might be broken. The counter KEY is not
being set. Will look into that tomorrow.
(This used to be commit 6e22c5da929b6d9a4e32dc704c83112b2ad8fcfd)
|
|
Jeremy.
(This used to be commit 5379ad98241950c581d88acbee1e256187b13582)
|
|
Remove source_env handler (no longer used in any codepath).
Jeremy.
(This used to be commit 3a3e33603084048e647af86a9badaaf49433c789)
|
|
(This used to be commit 2f43a1c166dfc8679a9d03bd0f3cf9303aafcf74)
|
|
a mangled name. Added const. Fix inspired by Andrew Bartlett ideas.
Jeremy.
(This used to be commit 87eb336d659dfa5e92b495dd76a0f2e534931293)
|
|
(This used to be commit 0a79519bc4b92b2f6e88b921d5ede761cc8ee2af)
|
|
(This used to be commit addeb1c6c90faf5842db4a75f8db8d2325905b03)
|
|
(This used to be commit 23443e3aa079710221557e18158d0ddb8ff48a36)
|
|
as that's what they do. Fix string_replace() to fast-path ascii.
Jeremy.
(This used to be commit f35e9a8b909d3c74be47083ccc4a4e91a14938db)
|
|
(This used to be commit ae25e7746e87409aae554d390753c7a3e3717052)
|
|
fixed buffer by me).
Jeremy.
(This used to be commit 6f68b8de4760a2103eae0a51b2aca356990ea526)
|
|
(This used to be commit c9b209be2b17c2e4677cc30b46b1074f48878f43)
|
|
(This used to be commit 15d2bc47854df75f8b2644ccbc887d0357d9cd27)
|
|
to pstr_sprintf() and fstr_sprintf() to try to standardize.
lots of snprintf() calls were using len-1; some were using
len. At least this helps to be consistent.
(This used to be commit 9f835b85dd38cbe655eb19021ff763f31886ac00)
|
|
the schannel code, but I've included that anyway. :-)
This patch revives the client-side NTLMSSP support for RPC named pipes
in Samba, and cleans up the client and server schannel code. The use of the
new code is enabled by the 'sign', 'seal' and 'schannel' commands in
rpcclient.
The aim was to prove that our separate NTLMSSP client library actually
implements NTLMSSP signing and sealing as per Microsoft's NTLMv1 implementation,
in the hope that knowing this will assist us in correctly implementing
NTLMSSP signing for SMB packets. (Still not yet functional)
This patch replaces the NTLMSSP implementation in rpc_client/cli_pipe.c with
calls to libsmb/ntlmssp.c. In the process, we have gained the ability to
use the more secure NT password, and the ability to sign-only, instead of
having to seal the pipe connection. (Previously we were limited to sealing,
and could only use the LM-password derived key).
Our new client-side NTLMSSP code also needed alteration to cope with our
comparatively simple server-side implementation. A future step is to replace
it with calls to the same NTLMSSP library.
Also included in this patch is the schannel 'sign only' patch I submitted to
the team earlier. While not enabled (and not functional, at this stage) the
work in this patch makes the code paths *much* easier to follow. I have also
included similar hooks in rpccleint to allow the use of schannel on *any* pipe.
rpcclient now defaults to not using schannel (or any other extra per-pipe
authenticiation) for any connection. The 'schannel' command enables schannel
for all pipes until disabled.
This code is also much more secure than the previous code, as changes to our
cli_pipe routines ensure that the authentication footer cannot be removed
by an attacker, and more error states are correctly handled.
(The same needs to be done to our server)
Andrew Bartlett
(This used to be commit 5472ddc9eaf4e79c5b2e1c8ee8c7f190dc285f19)
|
|
(This used to be commit 2f7658d9ba1f43fb2d14adc4af7b681634ab5cb2)
|
|
strupper_m/strlower_m.
I really want people to think about when they're using multibyte strings.
Jeremy.
(This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
|
|
*) consolidates the dc location routines again (dns
and netbios) get_dc_list() or get_sorted_dc_list()
is the authoritative means of locating DC's again.
(also inludes a flag to get_dc_list() to define
if this should be a DNS only lookup or not)
(however, if you set "name resolve order = hosts wins"
you could still get DNS queries for domain name IFF
ldap_domain2hostlist() fails. The answer? Fix your DNS
setup)
*) enabled DOMAIN<0x1c> lookups to be funneled through
resolve_hosts resulting in a call to ldap_domain2hostlist()
if lp_security() == SEC_ADS
*) enables name cache for winbind ADS backend
*) enable the negative connection cache for winbind
ADS backend
*) removes some old dead code
*) consolidates some duplicate code
*) moves the internal_name_resolve() to use an IP/port pair
to deal with SRV RR dns replies. The namecache code
also supports the IP:port syntax now as well.
*) removes 'ads server' and moves the functionality back
into 'password server' (which can support "hostname:port"
syntax now but works fine with defaults depending on
the value of lp_security())
(This used to be commit d7f7fcda425bef380441509734eca33da943c091)
|
|
Volker
(This used to be commit c0e35f3be8a33f19823826c5a84c885764c62508)
|
|
(This used to be commit cdbe47a5d517eea95186aecdc3327160236a5d09)
|
|
1. Allows to change quota settings for shared mount points from Win2K and WinXP from Explorer properties tab
2. Disabled by default and when requested, will be probed and enabled only on Linux where it works
3. Was tested for approx. two weeks now on Linux by two independent QA teams, have not found any bugs so far
Documentation to follow
(This used to be commit 4bf022ce9e45be85609426762ba2644ac2031326)
|
|
include a domain portion, do a gethostbyname() lookup on that name.
Use this name in our PolicyPrimaryDomainInformation reply (_lsa_query_info2)
that Win2k uses when trying to trust us as a trusted domain.
(We need to do a better mapping between our Netbios and Win2k domain names,
but this will do for now - particularly annoying is the way this possibly needs
to map with our kerberos realm).
Andrew Bartlett
(This used to be commit 3be03271030208a69da29c6e2a7b92cdbaa8c6aa)
|
|
(This used to be commit 88fdc36f9373c63706907e48be317007aeba06d6)
|
|
(This used to be commit 429b373453a04fa6871324dd0a3ff8a203c519f8)
|
|
(This used to be commit 66fcf6b4938a87e5ded7c7e5830a6a54e4439544)
|
|
new rpc echo pipe.
(This used to be commit b7af3cda28cea859edf6266b6bd8da17a44c85eb)
|