Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 32bd7137122eedf44dbb092da5ae3106d8fe994e)
|
|
IRIX+gcc-2.8.1)
(This used to be commit ddffbcbcb1284b6ead5f7f7b6665ba2456c0071a)
|
|
time test instead. This also allows us to get rid of the igroups
element of a couple of structures.
(This used to be commit 8b25fe734166b76ceebf8d9543c706ebe0fddc96)
|
|
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
|
|
as the code in reply_lockingX wasn't taking account of
the difference between read and write locks ! How did this
ever work :-) !
reply.c:
server.c: Add lock type to is_locked() and do_lock().
util.c: Also added code from klausr@ITAP.Physik.Uni-Stuttgart.De
to fix problem with log files growing too large if an
smbd writes less than 100 debug messages.
Jeremy.
(This used to be commit 80080abf772a470d5f0f4dcd4a75fb2a09a9fb2a)
|
|
ipc.c:
loadparm.c:
printing.c:
Added code from <Dirk.DeWachter@rug.ac.be> to implement print
queue pausing. New parameters are "queuepause command" and
"queueresume command".
util.c: Added fix for mount options in autmount map.
lib/rpc/include/rpc_misc.h: Removed duplicate pipe names for Jean-Francois.
Jeremy.
(This used to be commit 559a9bf2bbdeae3e76ba9178779cd3a9537c4e91)
|
|
mem_dup() allocates the required memory before copying the
source data. It returns NULL if memory could not be allcoated,
else a pointer to the newly allocated memory.
proto.h: Rebuilt to add the prototype for mem_dup().
(This used to be commit 7f7e265ab457d046441d502d4b8447bc2c966675)
|
|
- the Files array was storing the 'dos_to_unix' translated name,
rather than the untranslated name. This could case problems when
the name was run through dos_to_unix again.
Jeremy.
(This used to be commit 5f4be1498f7c907a539fe9b5998dfbcaa9e20e20)
|
|
map_username wasn't returning true on a map which
was causing find_service not to find a home directory.
Jeremy.
(This used to be commit 97209a29467699173caf79e1c81729eb2afedda5)
|
|
Jeremy.
(This used to be commit 108284cc28d44ffea028209cf28b746008bdf455)
|
|
smb.h: More code towards NT protocol.
time.c: Fix for sco bug.
Jeremy.
(This used to be commit e53f4396ead540bcf9ecd18f3253e49216404a1b)
|
|
clitar.c: Added 'Samba style' comments before string_create_s().
loadparm.c: Fixed missing comma in SSL code.
util.c: Removed string_create_s(). Currently it's only called from
clitar.c and having it here as well as a static in clitar
causes the compile to break (Richard, please decide where
you want this function).
lib/rpc/parse/parse_net.c: Fix from <anders.blomdell@control.lth.se>
to stop coredump on missing parameter.
Jeremy.
(This used to be commit d23b44322570cb9a7aa2b86407bf4f91010a237b)
|
|
(This used to be commit e1468dac0333eacea0a6f85f968e0a6d85af7f4c)
|
|
This patch may not yet compile with -DUSE_SSL enabled, further
Makefile changes may be needed. But it was important to get
this code in place before I go off to USENIX.
Jeremy.
(This used to be commit 31e768369fdc61e07c59630c86c62239f3d3f3f7)
|
|
groupname.o
includes.h: Added ubi_sLinkList.h include.
loadparm.c: Added groupname map parameter.
password.c: Fix HPUX big_crypt.
username.c: New user_in_list() code. Moved groupname map code to groupname.c
lib/rpc/server/srv_util.c: Added lookup_wellknown_sid_from_name().
New groupname map stuff. Note that nothing currently uses this but at
compiles ok.
Jeremy.
(This used to be commit beef636a4d772457816ef068c62ea965d07131f6)
|
|
reply.c: map_username is now a BOOL function.
server.c: Added capability to do map_username on service names
when looking for a home directory. That's what the
original code would do.
lib/rpc/server/srv_util.c: Changed domain_ to builtin_ for
BUILTIN aliases.
username.c: Work in progress on groupname map parameter.
Jeremy
(This used to be commit fa95fae5eed95aff64f0a01825477610a101bbc7)
|
|
does the signed/unsigned warnings I've been missing.
Jeremy
(This used to be commit 6d94e67624d1f2c08ac2e1c0eea23facd1e618f2)
|
|
username case conversion wrapper. It is now (very) explicit where we are
mapping between an incoming Windows username, and when we are doing a
UNIX password entry lookup, which may change the case of the given
username.
This makes things *much* clearer (IMHO:-) and will ease the adding of
the 'groupname map' parameter, and the addition of the special 'jeremy'
mode for Samba where unix users will not be needed. (We must think of
a better name for it :-).
Jeremy.
(This used to be commit fb6ed81844e7cb6049749e43ac9b4adfaf4ca2de)
|
|
cause nmbd to run out of fd's. Test case found by Eloy Paris.
Jeremy.
(This used to be commit 9e2570317138cc6a7ffdc603564f863ff20139b8)
|
|
Jeremy.
(This used to be commit 6721c28ea6bdb5210836352bb5ffc43d787907fa)
|
|
Jeremy
(This used to be commit 6baeb4ad96bc58cf1bd53f6621067af8344c9556)
|
|
help of Ums Harald <Harald.Ums@pro-sieben.de>, who has been
testing our 8.3 wildcards with a test suite.
With his new code for 8.3 matching, this is the test done
(I'm quoting from his email)
"I tested it by generating a directory with about 7600 Files and run
automatc tests with about 4000 patterns. The result from Win95 -> WinNT
and Win95 -> Samba where identical according to diff."
I have also re-written the long filename wildcard code,
so that doing DIR a*z now matches files :
AAA.BBB.CCCC....ZZZZ
correctly, and other fixes besides.
I sincerely hope I can lay this (horrid) issue to rest
now :-).
Jeremy.
(This used to be commit 94e3f0d9b48c1ac6d9235eb6600aff1c47e024bc)
|
|
smbpass.c: Do *NOT* make this function static. It breaks the compile on gcc
util.c: Getting closer to MS wildcard semantics. A trailing '*' matches
any trailing dot-separated components.
trans2.c: Removed hacks that change multiple '?' -> '*' as this
breaks things now.
trans2.h: Removed NT_FILE_ATTRIBUTE_NORMAL - now FILE_ATTRIBUTE_NORMAL is defined
in smb.h.
Jeremy.
(This used to be commit 42a65511068cd9006350c80bbed2f346f3f01cb0)
|
|
(This used to be commit 4aaf8b6a8bc521e738840fe72708add251eaaccb)
|
|
Jeremy.
(This used to be commit 170070b9c793805df9f8629e70027f17b949425f)
|
|
smb.h: Removed comments no longer valid.
smbpass.c: Stopped dummy function from being prototyped.
util.c: Fix for multibyte char problems with strlower, strupper
and string_replace.
Jeremy.
(This used to be commit cd244b45a5d35fceee2a4034b0c6aabdb58871aa)
|
|
Jeremy.
(This used to be commit 6b6539cad8962f2913d892abae811afc72432678)
|
|
ldap.c: Stoped dummy_function being prototyped.
loadparm.c: Fixed slprintf sizes.
nisppass.c: Fixed safe_strcpy sizes.
nmbd_processlogon.c: Changed back to getsmb... from getsam...
nttrans.c: Just a dump of new code.
passdb.c: Moved stuff around a lot - stopped any lookups by rid. This
needs to be indirected through a function table (soon).
password.c: Changed back to getsmb... from getsam...
reply.c: Changed back to getsmb... from getsam...
slprintf.c: Fixed prototype problems.
smb.h: Fixed prototype problems.
smbpass.c: Changed to getsmbfile....
smbpasswd.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup.
lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam...
Jeremy.
(This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
|
|
- added nisppass.c and NISPLUS_FLAGS
includes.h:
- renamed USE_LDAP to USE_LDAP_DB. renamed NISPLUS to USE_NISPLUS_DB.
added default define of USE_SMBPASS_DB.
- removed ldap headers: they are local only to ldap.c
ldap.c :
- made all ldap-specific functions static.
- added dummy sam21 functions
loadparm.c :
- renamed NISPLUS to NISPLUS_HOME
mkproto.awk
- commented out ldap-specific #ifdef generation code: it's not
needed now that ldap-specific functions in ldap.c are static
nisppass.c :
- first attempt at an add function from
(This used to be commit f215d375f0f1e12894c2a9e86bd28d4776d337c1)
|
|
smbds started from the same parent won't use the same sequence.
Jeremy.
(This used to be commit d3f507d05df9d0dd313b39bc99ebf11451dc0120)
|
|
unreadable and unmaintainable
(This used to be commit eefeb61242449ea2a8d5f64e15d37f90789bdacc)
|
|
ipc.c: Caused samba password changing not to be done if UNIX password
changing requested and not successful.
util.c: Added string_to_sid() and sid_to_string() functions.
lib/rpc/client/cli_samr.c:
lib/rpc/include/rpc_misc.h:
lib/rpc/parse/parse_lsa.c:
lib/rpc/parse/parse_misc.c:
lib/rpc/parse/parse_net.c:
lib/rpc/parse/parse_samr.c:
lib/rpc/server/srv_lsa.c:
lib/rpc/server/srv_lsa_hnd.c:
lib/rpc/server/srv_netlog.c:
lib/rpc/server/srv_samr.c:
lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs
around as char *, they are converted to DOM_SID at the earliest
opportunity, and passed around as that. Also added dynamic memory
allocation of group sids. Preparing to auto-generate machine sid.
Jeremy.
(This used to be commit 134d6fa79c1b6b9505a2c84ba9bfb91dd3be76e5)
|
|
have vsnprintf.
locking_slow.c: slight tidy.
make_smbcodepage.c: Use safe_strcpy instead of pstrcpy.
nmbd_winsserver.c: Use pstrcpy instead of fstrcpy.
smbmount.c: Fixed reported bug.
util.c: Removed old fstrcpy/fstrcat functions.
Jeremy.
(This used to be commit f257d2e4bafd3944cca737699913a8d868279ca6)
|
|
kludge. It is a safe kludge with our current code but I would like to
revisit it at some point in the future.
The problem with the one I committed yesterday is it used non-portable
functions. (it also had a bug in it, but that's another matter)
This one works by just using vsprintf() into a 8k buffer and a memcpy
from there. No memory protection tricks or other non-portable
stuff. This is safe because all calls to slprintf() in samba use
strings which have been through a pstrcpy and thus are less than 1024
bytes. No call uses more than 2 of these strings. See what I mean by
kludge? Note that the 8k is way overkill but I like overkill :)
Someday (after autoconf) we will replace this with something better,
but meanwhile this is simple, secure and portable.
(This used to be commit 4cfcc398c35c6726f14f485ae8e9ebcef180392f)
|
|
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
|
|
Makefile:
created PASSBD_OBJ group
includes.h:
added #ifdef USE_LDAP to #include <ldap> headers
ldap.c:
- renamed "_machine" to "_trust" everywhere.
- added sam_passwd support routines
- removed get_ldappwd_entry function: replaced with get_sampwd_entry
- removed getldappwnam/uid: replaced with getsampwnam/uid
- other messing about bits which are probably going to annoy the
hell out of jean-francois (sorry!)
mkproto.awk:
- added stuff to wrap ldap.c protos with #ifdef USE_LDAP
- added uid_t and gid_t return results to the prototype generation
passdb.c:
- created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry.
- modified getsampwnam/uid and created getsam21pwnam/rid functions
to replace the local get_smbpwd_entry() and get_ldappwd_entry()
functions, which jeremy didn't like anyway because they were
dual-purpose.
- added utility routines which are or may be useful to all the
password database routines.
password.c:
- renamed "machine_" to "trust_" everywhere.
smbpass.c:
- removed get_smbpwd_entry function: replaced it with get_sampwd_entry
functions in passdb.c
- moved code that decoded acct_ctrl into passdb.c
- moved encode_acct_ctrl into passdb.c
- removed getsmbpwnam/uid: replaced with getsampwnam/uid
- renamed "machine_" to "trust_" everywhere.
smbpasswd.c:
- renamed "machine_" to "trust_" everywhere.
util.c:
- moved gethexpwd function into passdb.c
lib/rpc/server/srv_util.c:
- moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c
(This used to be commit 673ab50c4c2c25db355d90efde3a6bfbb4d8369e)
|
|
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
|
|
(This used to be commit abe261b2f5ea7036e7be6230876176d134ef4ee4)
|
|
problem....
smbpass.c: Removed Luke's dire warning - as some of the functions in here
*need* to be called externally :-).
Jeremy.
(This used to be commit 1fd8d12ca414066acec71b33eb8a13e16c2acd3a)
|
|
server.c: Moved %U, %G and %N into standard_sub() from standard_sub_basic()
as only smbd knows about usernames. Also fixes problem with calling
standard_sub_basic() from loadparm.c.
smbpass.c: Partial tidyup of machine_password_lock() code - not finished yet.
util.c: Moved %U, %G and %N into standard_sub() from standard_sub_basic()
as only smbd knows about usernames. Also fixes problem with calling
standard_sub_basic() from loadparm.c.
lib/rpc/server/srv_ldap_helpers.c: Added #ifdef USE_LDAP around ldap code.
lib/rpc/server/srv_samr.c: Added #ifdef USE_LDAP around ldap code.
Jeremy.
(This used to be commit 446b98ca071170fc950bad86ad96b58308a5b75c)
|
|
also print out the first 50 chars of an overflowing string so we have
some chance of working out what is causng them.
(This used to be commit 7a67e76722521ac8099cbcda054b0f4bf45c7bfe)
|
|
ipc.c: Fix for duplicate printer names being long.
loadparm.c: Set bNetWkstaUserLogon to false by default - new code in password.c
protects us.
nmbd_logonnames.c:
nmbd_namequery.c:
nmbd_namerelease.c: Debug messages fix.
password.c: SGI compile warning fix, fix for tcon() with bNetWkstaUserLogon call.
reply.c: SGI compile warning fix.
server.c Debug messages fix.
smbpass.c: Fix for incorrect pointer.
Jeremy.
(This used to be commit 567d3f838988cafab4770fce1cf68b73085e6c71)
|
|
It is changing the global variables "myname" and "myworkgroup"
to "global_myname" and "global_myworkgroup" respectively.
This is to make it very explicit when we are messing
with a global (don't ask - it makes the domain client
code much clearer :-).
Jeremy.
(This used to be commit 866406bfe399cf757c8275093dacd5ce4843afa0)
|
|
password.c: Started the initial code for domain_client_validate(). All
bracketed with #ifdef DOMAIN_CLIENT for now.
reply.c: Call to domain_client_validate(). All
bracketed with #ifdef DOMAIN_CLIENT for now.
smbpass.c: New code to get/set machine passwords. Tidied up nesting
of lock calls.
Jeremy.
(This used to be commit 89fe059a6816f32d2cc5c4c04c4089b60590e7e6)
|
|
loadparm.c: Started add of 'security=domain' code.
password.c: Fix for security=server NT bugs.
reply.c: Started add of 'security=domain' code.
server.c: Started add of 'security=domain' code.
smb.h: Started add of 'security=domain' code.
Jeremy.
(This used to be commit e6bda112ebe0d41f54c4249b5c2e1f24011347e1)
|
|
making encrypted passwords secret. For example, with secure NIS+ only
root can get the encrypted password.
hash in the encrypted password of "root" to provide a nice source of
secret on such systems. On systems that don't have this (ie. any user
can get roots encrypted password) then the security is so slack that
it probably doesn't matter what we do to generate the secret.
(This used to be commit 3271e4c29fdc15a1ae61dec94517e484c2457411)
|
|
and smbpasswd if possible, and doesn't put it all through a 32 bit
bottleneck.
(This used to be commit 356ec24840da98f9e0b49b8eecb56aeec5ed848e)
|
|
lib/rpc/server/srv_netlog.c: Changed to use generate_random_buffer().
Jeremy.
(This used to be commit 093d060a06d75c6ee5b1329d524334f4db97cba6)
|
|
clientgen.c: Changed to fill change password buffer with random stuff.
password.c: Changed to get challenge from genrand.c
server.c: Added #ifdef around O_SYNC.
version.h: Changed to 1.9.19prealpha.
genrand.c:
New code to generate (hopefully) good random numbers for
use in crypto challenges/session keys etc.
PLEASE REVIEW THIS CODE AND SUGGEST IMPROVEMENTS !!!!!!
Jeremy.
(This used to be commit 608e98546392fd0aac9b33f4feac43615dbb4405)
|
|
internals after Andrews' code had memset it to zero (this was causing core
dumps).
charcnv.c: Fixes for ISO8859-2 from Petr Hubeny <psh@capitol.cz>.
Jeremy.
(This used to be commit df8783ca76d543d200c743f515a185cfea2880df)
|