Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 62d5611df0cf86c267d7fe820822d4d019ae28bd)
|
|
character sets and how we use this call.
Jeremy.
(This used to be commit a9709700eea3bb48ab4a79d74e0b8d22dc98576f)
|
|
Jeremy.
(This used to be commit b3176f2ec246441dd483dc9757a487535b1656e6)
|
|
to walk to the end anyway.
Jeremy.
(This used to be commit 467cafdb1f7ddfb4278824f385b732975246a4f5)
|
|
NBENCH calls. Requires fixed buffer size for strdup_upper().
Jeremy.
(This used to be commit e98fbfaf384bd2d3ebb002b0b981366377fb5ac0)
|
|
an error when a smb_probe_module() fails. Also tidy up debugs a bit.
Bug 375.
(This used to be commit 24a1720472f1340778dea76a88770520dca26f12)
|
|
Removed calls to clobber_region when not compiling with developer as
they were hiding speed problems.
Added fast path to convert_string() when dealing with ascii -> ascii,
ucs2-le to ascii and ascii to ucs2-le with values <= 0x7F. This
gives a speedup of 22% on my nbench tests.
Next I will do this on convert_string_allocate.
Jeremy.
(This used to be commit ef140d15ea0d76a3e7cdcadbfd3e917c210a9411)
|
|
Jeremy.
(This used to be commit e0c1460c6b6af2b83ea205d8abeb37c71ca1d4c1)
|
|
restored on next valid packet if a logon fails. This has relevence
if people are using su.exe within logon scripts !
Jeremy.
(This used to be commit d405a93a9d3f9a1d93bb3289b00683fba3160bbe)
|
|
(This used to be commit 66dd20c7eaa66abdf99fa57475ccc4c9f978f1b5)
|
|
converted to pull/push_ascii. This will not work right at the moment for non
English codepages, but compiles - I will finish the work over the weekend.
Then nmbd should be completely codepage correct.
Jeremy.
(This used to be commit 236d6adadf32397b28028ea82ae2ec027366f7c8)
|
|
Jeremy.
(This used to be commit 94d0f888c9abd52e26ef5fc597ade5426a521227)
|
|
conversion simply copy as is. Also fixed the horrid malloc-twice-copy code
in the convert alloc path.
Jeremy.
(This used to be commit cfde7477fd12caef943a9422b52174438092a135)
|
|
(This used to be commit ae452e51b02672a56adf18aa7a7e365eeaba9272)
|
|
(This used to be commit 398bd14fc6e2f8ab2f34211270e179b8928a6669)
|
|
(This used to be commit ae25e7746e87409aae554d390753c7a3e3717052)
|
|
(This used to be commit 61bea183a229cc11f25c4a7cb5341faad9833d7b)
|
|
(This used to be commit a6a39c61e8228c8b3b7552ab3c61ec3a6a639143)
|
|
(This used to be commit 589e94f4ffa325acfd6562a84906639e19fd5d33)
|
|
NTLMSSP with "" username, NULL password), and add --machine-pass (-P) to
all of Samba's clients.
When connecting to an Active Directory DC, you must initiate the CIFS level
session setup with Kerberos, not a guest login. If you don't, your machine
account is demoted to NT4.
Andrew Bartlett
(This used to be commit 3547cb3def45a90f99f67829a533eac1ccba5e77)
|
|
* bug #280 (my fault) - initialize sambaNextUserRid and
sambaNextGroupRid
* Unix users shared vis LDAP or NIS between a samba domain member
of a Samba domain are not seen as domain users on the member servers.
not as local users.
(This used to be commit a030fa373aefde8628def54ca8152f237a0467dc)
|
|
fixed buffer by me).
Jeremy.
(This used to be commit 6f68b8de4760a2103eae0a51b2aca356990ea526)
|
|
Jeremy.
(This used to be commit a4d2dd1d40f6b1322e69d430023aa89dac86fda3)
|
|
(This used to be commit 502b45b55d7ab1c32c9dbc3301f025b2eec620a4)
|
|
(This used to be commit c9b209be2b17c2e4677cc30b46b1074f48878f43)
|
|
(This used to be commit 15d2bc47854df75f8b2644ccbc887d0357d9cd27)
|
|
(This used to be commit 44bae9da9e03a1df738367f8d86adb0f315da41f)
|
|
connections. Overrides smb.conf parameter if set.
Jeremy.
(This used to be commit 879309671df6b530e0bff69559422a417da4a307)
|
|
nsswitch modules. Add required libraries to get rid of undefined
functions for libns_winbind.so and libns_wins.so
(This used to be commit cec5bf5f99ca98b0f5ee84636fc18f0cb3079683)
|
|
sysquotas interface detected (Linux at least) using native Windows tools. Also move default quota support for NT quotas to VFS module default_quota. Code by Metze
(This used to be commit e856a96c2c42c39843e5e1a3a6b0d538e7179900)
|
|
to contain multibyte charcters, as these should have been stripped.
Andrew Bartlett
(This used to be commit 0f7c1dda222d583212b8be2febe95ce7e1c0ba24)
|
|
Andrew Bartlett
(This used to be commit 605a89493e971f653413b06eda4bbca75029072b)
|
|
Remove strdup_upper/strdup_lower from their old file, now that they have
been moved to charcnv.c
Note that string_replace assumes that s is a pstring. (doco change only)
Andrew Bartlett
(This used to be commit 6c9056029bb3dfadb244f301598e12e69493fff9)
|
|
- Treat the NMB names in the 'session request' packet as 'ASCII'. This means
that we do not get invalid multibyte from the wire, even if we truncate
in the conversion. (Otherwise we panic when we try to strupper_m it).
- Remove acnv_uxu2(), as it was duplicated by push_ucs2_allocate()
- Remove acnv_dosu2(), as it is not used.
- In push_ucs2(), with the STR_UPPER flag, do the case conversion *after*
the UCS2 conversion, when it we know that the length can't change. Also
faster, as we don't need to do another 2 UCS2 conversions.
Andrew Bartlett
(This used to be commit 912035af1178424583d0bf887a391a0cac2acd87)
|
|
expire
(This used to be commit 833bc5c06018043cf0eb6bdcbb96922964286559)
|
|
(This used to be commit 850f4fafdbaf19ea13273a8bf82433ba50a11868)
|
|
time. )-:
(This used to be commit 59dae1da66a5eb7e128263bd578f167d8746e9f0)
|
|
(This used to be commit ba4d334b822248d8ab929c9568533431603d967e)
|
|
Final bit for bug 187.
(This used to be commit 13840704f5434bedef0ce21242e2dff7c2a0bddb)
|
|
to pstr_sprintf() and fstr_sprintf() to try to standardize.
lots of snprintf() calls were using len-1; some were using
len. At least this helps to be consistent.
(This used to be commit 9f835b85dd38cbe655eb19021ff763f31886ac00)
|
|
the build farm machines that I don't have direct access to (hpntc9I).
(This used to be commit b01965823341bbabb74dcbc09d379b43db2ec680)
|
|
displaying pid_t, uid_t and gid_t values. This removes a whole lot of warnings
on some of the 64-bit build farm machines as well as help us out when 64-bit
uid/gid/pid values come along.
(This used to be commit f93528ba007c8800a850678f35f499fb7360fb9a)
|
|
(This used to be commit 8b818ce381595cdcb36631a2440d6aa0038805f1)
|
|
This fix results in
- we no longer use fixed-size buffers in StrCaseCmp (previously limited to
a pstring)
- we return strcmp(s, t) if either of the strings is invalid
- for non-ascii cases, we call iconv twice, not 4 times.
The basic idea with this fix is that if a string is not valid in the currnet
charset, then (unless it is byte-equivilant) it cannot be case-equivilant
to any other string.
This should address the majority of our smb_panic() cases on this matter. It
will not fix them all - we still call unix_strupper(), aka strupper_m()
elsewhere, but this was being called on every file in the directory when
we performed unix_convert().
Tested with the stf unit tests for this routine.
Andrew Bartlett
(This used to be commit 9918fa73145a22b1d7adf001f0a9cf0e1bda4136)
|
|
Not strictly a bugfix, but it should considerably reduce the load we
put on LDAP servers given that at least nss_ldap on Linux keeps a
connection open.
And it should also stress our reconnect-code a bit more ;-)
Thanks to metze for this!
Volker
(This used to be commit e68d8eabeb9c64dc45d057619f9b3dd0cd507444)
|
|
Jeremy.
(This used to be commit 61fc9a7b2eafdf8cbed1f8d9aae016b828c91a08)
|
|
(This used to be commit 7d63b690004a59316a70059db0d9ad0ea9001288)
|
|
(This used to be commit 6770d69942a8841fb25448a8a238af7987ec860c)
|
|
the schannel code, but I've included that anyway. :-)
This patch revives the client-side NTLMSSP support for RPC named pipes
in Samba, and cleans up the client and server schannel code. The use of the
new code is enabled by the 'sign', 'seal' and 'schannel' commands in
rpcclient.
The aim was to prove that our separate NTLMSSP client library actually
implements NTLMSSP signing and sealing as per Microsoft's NTLMv1 implementation,
in the hope that knowing this will assist us in correctly implementing
NTLMSSP signing for SMB packets. (Still not yet functional)
This patch replaces the NTLMSSP implementation in rpc_client/cli_pipe.c with
calls to libsmb/ntlmssp.c. In the process, we have gained the ability to
use the more secure NT password, and the ability to sign-only, instead of
having to seal the pipe connection. (Previously we were limited to sealing,
and could only use the LM-password derived key).
Our new client-side NTLMSSP code also needed alteration to cope with our
comparatively simple server-side implementation. A future step is to replace
it with calls to the same NTLMSSP library.
Also included in this patch is the schannel 'sign only' patch I submitted to
the team earlier. While not enabled (and not functional, at this stage) the
work in this patch makes the code paths *much* easier to follow. I have also
included similar hooks in rpccleint to allow the use of schannel on *any* pipe.
rpcclient now defaults to not using schannel (or any other extra per-pipe
authenticiation) for any connection. The 'schannel' command enables schannel
for all pipes until disabled.
This code is also much more secure than the previous code, as changes to our
cli_pipe routines ensure that the authentication footer cannot be removed
by an attacker, and more error states are correctly handled.
(The same needs to be done to our server)
Andrew Bartlett
(This used to be commit 5472ddc9eaf4e79c5b2e1c8ee8c7f190dc285f19)
|
|
changes so
we end up freeing a pointer we didn't mallocate.
Also, calling strdup() in a frequently called function just to clear up a
const compiler warning seems inelegant and inefficient.
(This used to be commit a0da5ae1198082d0cf18707ed2cf05f728b00d0b)
|