Age | Commit message (Collapse) | Author | Files | Lines |
|
This fix results in
- we no longer use fixed-size buffers in StrCaseCmp (previously limited to
a pstring)
- we return strcmp(s, t) if either of the strings is invalid
- for non-ascii cases, we call iconv twice, not 4 times.
The basic idea with this fix is that if a string is not valid in the currnet
charset, then (unless it is byte-equivilant) it cannot be case-equivilant
to any other string.
This should address the majority of our smb_panic() cases on this matter. It
will not fix them all - we still call unix_strupper(), aka strupper_m()
elsewhere, but this was being called on every file in the directory when
we performed unix_convert().
Tested with the stf unit tests for this routine.
Andrew Bartlett
(This used to be commit 9918fa73145a22b1d7adf001f0a9cf0e1bda4136)
|
|
strupper_m/strlower_m.
I really want people to think about when they're using multibyte strings.
Jeremy.
(This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
|
|
size on upper casing. Based on patch from monyo@home.monyo.com.
Jeremy.
(This used to be commit 72e382e99b92666acdaf50a040b14aa16d48b80d)
|
|
*) consolidates the dc location routines again (dns
and netbios) get_dc_list() or get_sorted_dc_list()
is the authoritative means of locating DC's again.
(also inludes a flag to get_dc_list() to define
if this should be a DNS only lookup or not)
(however, if you set "name resolve order = hosts wins"
you could still get DNS queries for domain name IFF
ldap_domain2hostlist() fails. The answer? Fix your DNS
setup)
*) enabled DOMAIN<0x1c> lookups to be funneled through
resolve_hosts resulting in a call to ldap_domain2hostlist()
if lp_security() == SEC_ADS
*) enables name cache for winbind ADS backend
*) enable the negative connection cache for winbind
ADS backend
*) removes some old dead code
*) consolidates some duplicate code
*) moves the internal_name_resolve() to use an IP/port pair
to deal with SRV RR dns replies. The namecache code
also supports the IP:port syntax now as well.
*) removes 'ads server' and moves the functionality back
into 'password server' (which can support "hostname:port"
syntax now but works fine with defaults depending on
the value of lp_security())
(This used to be commit d7f7fcda425bef380441509734eca33da943c091)
|
|
1. Allows to change quota settings for shared mount points from Win2K and WinXP from Explorer properties tab
2. Disabled by default and when requested, will be probed and enabled only on Linux where it works
3. Was tested for approx. two weeks now on Linux by two independent QA teams, have not found any bugs so far
Documentation to follow
(This used to be commit 4bf022ce9e45be85609426762ba2644ac2031326)
|
|
(This used to be commit b6a77048886151435a4a5eeb9a04be44d397c504)
|
|
Andrew Bartlett
(This used to be commit 7ab39cba6a97ddd0879dd968167fc7809f87de6e)
|
|
NTLM Authentication:
- Add a 'privileged' mode to Winbindd. This is achieved by means of a directory
under lockdir, that the admin can change the group access for.
- This mode is now required to access with 'CRAP' authentication feature.
- This *will* break the current SQUID helper, so I've fixed up our ntlm_auth
replacement:
- Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a
challenge.
- Use this to make our ntlm_auth utility suitable for use in current Squid 2.5
servers.
- Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates
are needed.
- Now uses fgets(), not x_fgets() to cope with Squid environment (I think
somthing to do with non-blocking stdin).
- Add much more robust connection code to wb_common.c - it will not connect to
a server of a different protocol version, and it will automatically try and
reconnect to the 'privileged' pipe if possible.
- This could help with 'privileged' idmap operations etc in future.
- Add a generic HEX encode routine to util_str.c,
- fix a small line of dodgy C in StrnCpy_fn()
- Correctly pull our 'session key' out of the info3 from th the DC. This is
used in both the auth code, and in for export over the winbind pipe to
ntlm_auth.
- Given the user's challenge/response and access to the privileged pipe,
allow external access to the 'session key'. To be used for MSCHAPv2
integration.
Andrew Bartlett
(This used to be commit ec071ca3dcbd3881dc08e6a8d7ac2ff0bcd57664)
|
|
(This used to be commit 5078436d83f0fdc568d6687809c7c70dea5fd382)
|
|
Jeremy.
(This used to be commit da1271a95fce7fd217555fb161d4669d0b9b80e2)
|
|
is as stable as possible in the string department and some pain now
will help later :-).
Jeremy.
(This used to be commit 86e3eddac698d90f4666b8492b4603a4efbbd67b)
|
|
I'm not merging the current HEAD string stuff quite yet.
(This used to be commit 9b8d12e081462566043bb51e9c95605609572a54)
|
|
Andrew Bartlett
(This used to be commit 9ef0d40c3f8aef52ab321dc065264c42065bc876)
|
|
(This used to be commit d510ff85fb0dafddf3dea9412a09eeee6e70f0cb)
|
|
(This used to be commit fd3216dbcbaec7d64dd24fe2af6c4156935c47e9)
|
|
- NTLMSSP over SPENGO (sesssion-setup-and-x) cleanup and code refactor.
- also consequential changes to the NTLMSSP and SPNEGO parsing functions
- and the client code that uses the same functions
- Add ntlm_auth, a NTLMSSP authentication interface for use by applications
like Squid and Apache.
- also consquential changes to use common code for base64 encode/decode.
- Winbind changes to support ntlm_auth (I don't want this program to need
to read smb.conf, instead getting all it's details over the pipe).
- nmbd changes for fstrcat() instead of fstrcpy().
Andrew Bartlett
(This used to be commit fbb46da79cf322570a7e3318100c304bbf33409e)
|
|
fix some undefined behaviour with increments in C. In theory a
compiler could have produced complete crap for this code. (tridge).
Jeremy.
(This used to be commit 2b4335f06265940582f389f48dc4f87f452a2703)
|
|
*sync up configure.in
*don't build torture tools in make all
*make sure to remove torture tools as part of make clean
(This used to be commit 0fb724b3216eeeb97e61ff12755ca3a31bcad6ef)
|
|
(This used to be commit 5fc90b6cf438480c9fcf8d01f0a319a52c5914cc)
|
|
Andrew Bartlett
(This used to be commit f79324f730c400342f445c931b0d75ff756d7cc7)
|
|
warnings. (Adds a lot of const).
Andrew Bartlett
(This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
|
|
(This used to be commit 9e5297131cc53d7161aa74566f147b98e1c27aaa)
|
|
Jeremy.
(This used to be commit ec4ed45563f9d8e25fcfd88840944a90b3139c3e)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
|
|
Jeremy.
(This used to be commit 66531969dfe0935be2c9c4d89f5bba80d862a52f)
|
|
(i ignored the new SAMBA stuff, but the rest of this looks like it should
have been merged already).
(This used to be commit 3de09e5cf1f667e410ee8b9516a956860ce7290f)
|
|
- Fix segfaults in the 'net ads' commands when no password is provided
- Readd --with-ldapsam for 2.2 compatability. This conditionally compiles the
old options, but the actual code is available on all ldap systems.
- Fix shadow passwords (as per work with vl)
- Fix sending plaintext passwords to unicode servers (again vl)
- Add a bit of const to secrets.c functions
- Fix some spelling and grammer by vance.
- Document the -r option in smbgroupedit.
There are more changes in HEAD, I'm only merging the changes I've been involved
with.
Andrew Bartlett
(This used to be commit 83973c389355a5cc9ca74af467dfd8b5dabd2c8f)
|
|
(This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
|
|
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
|
|
(This used to be commit 7e92fb7453e4dbf1fe0c32c3dcc1e994cb95b5ea)
|
|
the hash for this scheme is *much* larger (approximately 31 bits) and
the code is written to be very fast, correctly handling multibyte
while not doing any actual multi-byte conversions in the vast majority
of cases
you can select this scheme using "mangling method = hash2", although I
may make it the default if it works out well.
(This used to be commit bb173c1a7e2408ced967ebac40b5e3f852ccd3a1)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
(This used to be commit 04f492980b73800b60dde764fdeb43f2eab79624)
|
|
and constness changes.
(This used to be commit cee0ec72746122c962e6c5278a736266a7f2c424)
|
|
(This used to be commit 8d106dc1f4a51112516d72ae68747ca6b5b904b7)
|
|
(This used to be commit cc6c263993eaf0715f231fc80ca7e6e65694548b)
|
|
(This used to be commit 4a6d29768665f71b72cf48ee34ee9a9c451232f6)
|
|
(This used to be commit 37edaeddce09193450b18b1b85aa41960cb39741)
|
|
(This used to be commit c8c7da237dc17d9b785bc15b9b569caeeb6d283e)
|
|
- old mangle code has gone, the new one based on tdb seem resonably ok
probably the valid.dat table need to be updated to treat wild chars as
invalid ones (work ok without it)
- a LOT of new string manipulation function for unicode, they are somewhat
tested but a review would not be bad
- some new function I will need for the new unix_convert function I'm writing,
this will be renamed filename_convert and use only unicode strings.
- charconv, I attached a comment, if someone wnat to look if I'm right or
just was hacking to late in the night to make a sane one :)
of course any bug is my responsibility an will be pleased to see patches if
you find any. :-)
Simo.
(This used to be commit ee19f7efb6ea9216fc91cf112ac1afa691983e9d)
|
|
(This used to be commit 3b5e72bda3263c6bdf81dfface4fae4f06b71032)
|
|
for unicode strings. The new method relies on 3 files that are mmap'd
at startup to provide the mapping tables. The upcase.dat and
lowcase.dat tables should be the same on all systems. The valid.dat
table says what characters are valid in 8.3 names, and differs between
systems. I'm committing the japanese valid.dat here, in future we need
some way of automatically installing and choosing a appropriate table.
This commit also adds my mini tdb based gettext replacement in
intl/lang_tdb.c. I have not enabled this yet and have not removed the
old gettext code as the new code is still being looked at by Monyo.
Right now the code assumes that the upcase.dat, lowcase.dat and
valid.dat files are installed in the Samba lib directory. That is not
a good choice, but I'll leave them there until we work out the new
install directory structure for Samba 3.0.
simo - please look at the isvalid_w() function and think about using
it in your new mangling code. That should be the final step to
correctly passing the chargen test code from monyo.
(This used to be commit 1c221994f118dd542a158b2db51e07d04d0e9314)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
(This used to be commit 60e907b7e8e1c008463a88ed2b076344278986ef)
|
|
(This used to be commit 67ca6cd8eb20621d3f5926e19822b479ac80cb9c)
|
|
can't redefine them. damn.
(This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
|
|
This commit gets rid of all our old codepage handling and replaces it with
iconv. All internal strings in Samba are now in "unix" charset, which may
be multi-byte. See internals.doc and my posting to samba-technical for
a more complete explanation.
(This used to be commit debb471267960e56005a741817ebd227ecfc512a)
|
|
source and destination.
(This used to be commit 30411d4004ce7062e73506d228ef402b99226eee)
|
|
fix for the problem.
Jeremy.
(This used to be commit e059fffd03a1382fb2b7059b6de369d9fc765a17)
|
|
but the code suffered from bitrot and is not now reentrant. That means
we can get bizarre behaviour
i've fixed this by making next_token() reentrant and creating a
next_token_nr() that is a small non-reentrant wrapper for those lumps
of code (mostly smbclient) that have come to rely on the non-reentrant
behaviour
(This used to be commit 674ee2f1d12b0afc164a9e9072758fd1c5e54df7)
|