Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
(This used to be commit 5379ad98241950c581d88acbee1e256187b13582)
|
|
of files to prevent this from happening
(This used to be commit 7a61c2ae450d3e41c45e6e3773ad00f6ab9beb16)
|
|
where getpwent_list() was overoverwriting the username for entries. However the code path to the bug was introduced only on January 25
(This used to be commit ec346adf34bd2bc1d514202e82b3713fb5b032ab)
|
|
Andrew Bartlett
(This used to be commit 25a09004e8a51eb3192adbb580239427bfee0ec9)
|
|
in lib/smbpasswd.c that were exact duplicates of functions in passdb/passdb.c
(These should perhaps be pulled back out to smbpasswd.c, but that can occour
later).
Andrew Bartlett
(This used to be commit fcdc5efb1e245c8fa95cd031f67ec56093b9056e)
|
|
Andrew Bartlett
(This used to be commit 128c328ddbc9f2283badde95ce743e696f94f6a4)
|
|
terminate correctly.
Jeremy.
(This used to be commit 49142c6352eb3645437ef86bcedca1b1895aef60)
|
|
Embarrassing number of goto's in this :-(. Fixes #830 I think.
Jeremy.
(This used to be commit 4c182d3220e87ea74d9c977b8ab1d740ef4cc30f)
|
|
try a crap conversion instead. Next this needs to be done to the convert_alloc
function.
Actually fixes some valgrind warnings as well - cool !
Jeremy.
(This used to be commit 6a7919f2544a689840fe46f3c58ed66f69aca65a)
|
|
packet-termination of strings. This change ensures that when we go
past the end of a packet we hit 2 null bytes, thus terminating. We are
relying on the SAFETY_MARGIN packet allocation stuff here.
(This used to be commit 655ec168288159f5c0961ed8cbdd84c4e14eab26)
|
|
one place where we checked "if (src_len > 0)".
I actually would greatly prefer to switch back to int for src_len. The
type *can* be negative, which means an unsigned type is
inappropriate. There is absolutely no reason why "int" should not be
used for a parameter like this.
I didn't change back to int as we are close to a release and I wanted
a mininal change, but please don't go changing types like this in
future without very careful testing and a damn good reason.
this bug broke pull_ucs2(), I would not be surprised if it caused all
sorts of nastiness. Thanks to vl for noticing the symptoms!
(This used to be commit 8b8f0c527959c707f274b435fc59156e37232981)
|
|
Remove source_env handler (no longer used in any codepath).
Jeremy.
(This used to be commit 3a3e33603084048e647af86a9badaaf49433c789)
|
|
Andrew Bartlett
(This used to be commit ca24ae50ea37942dde335e97019880b6ce518a6a)
|
|
Andrew Bartlett
(This used to be commit 7495cafd42617c0aa2ba9de69f87426ecacc1297)
|
|
value in the previous code.
Andrew Bartlett
(This used to be commit c97d3eb1622ee25c24b0cd81b65ec7d4b854e604)
|
|
an exact multiple of 3.
I also wrote a torture test and it survived some minutes of random stuff
coded/decoded up to 16 MB data. But that would be a bit too embarassing to
commit... :-)
Volker
(This used to be commit 6d22f0d8c36bea618ad0adf4eefc2f5a37cb3fda)
|
|
so we now got a backtrace, if we crash
in libldap with SIGABRT
metze
(This used to be commit b5e814294eb3ce44131084d89014cb8a8840fe74)
|
|
- setup_logging() in smbclient to be interactive (remove the timestamps)
- Fix bad return value in pull_ucs2( needs more testing to make sure this
didn't break something else) that caused clistr_pull() to always read
the same string from the buffer (pull_usc2() could return -1 if the original
source length was given as -1)
- increment some debugging messages to avoid printing them out so often
(This used to be commit 79fe75dcdf6cc38e18ca1231e4357893db4d4a08)
|
|
metze
(This used to be commit b0c0d736919079afc4f9bf5a406000048d26fe71)
|
|
XFS_GROUP_QUOTA -> GRPQUOTA
* Fix disk_free calculation with group quotas.
* Add debug class 'quota' and a lot of DEBUG()'s
to the quota code.
metze
(This used to be commit e9e5e2036f13ff847aa3ef52e8be657bef7d5774)
|
|
metze
(This used to be commit c73e845055163c1d814710fe4d9960c7f3587f12)
|
|
From ab@samba.org (Alexander Bokovoy).
Jeremy.
(This used to be commit fac9e6d7125fb9edfade3c92a3cd9e1f2c60cefd)
|
|
(This used to be commit 7d7a262f45182e67daecdca49df85445c2b9700a)
|
|
Jeremy.
(This used to be commit cae5f158e583572436a2f4c20d919816d763f93d)
|
|
here's a small fix that fixes the new quota system on irix.
I need to reanable XFS quotas on irix for the new quota system
(Jerry do you want to wait for this for the release ?)
But the old system works and is the default on irix!
(This used to be commit 5d43e00a49afc4cf523a531ae6db1a3a8b86c650)
|
|
using pread/pwrite. Modified a little to ensure fsp->pos is correct.
Fix for #889.
Jeremy.
(This used to be commit 019aaaf0df091c3f67048f591e70d4353a02bb9b)
|
|
Jeremy.
(This used to be commit ffaf9982dcf9e8d8aec1b3edb79ba7c93bfbb9ef)
|
|
Jeremy.
(This used to be commit 52eafc131e26ecc2c4ce8df856c380eb7fd8af69)
|
|
HAVE_SYS_ATTRIBUTES_H to fix AIX compile.
Jeremy.
(This used to be commit 1b1c216122e4dcf40e4ccaea528a7775521fa618)
|
|
2.2.x quota methods.
:-).
"here's a patch which ports the samba 2.2 samba_linux_quota.h stuff to 3_0.
This is needed because of so many broken quota files outthere.
Please, test this with old, new kernels
(strucr dqblk, struct mem_dqblk, and struct if_dqblk)
, quota.user, aquota.user formats
what is when a user is over soft quota and over hard quotas..."
Jeremy.
(This used to be commit 4350aa6ce6cfdaf71cdcfd2aebcdc9560fa7efcf)
|
|
us if we failed to open it earlier.
Andrew Bartlett
(This used to be commit 379368b0bec1f57cc5302b274362ce2f1df0fd9d)
|
|
- Fill in the 'backup' idea of a domain, if the DC didn't supply one. This
doesn't seem to occour in reality, hence why we missed the typo.
lib/charcnv.c:
lib/smbldap.c:
libads/ldap.c:
libsmb/libsmbclient.c:
printing/nt_printing.c:
- all the callers to pull_utf8_allocate() pass a char ** as the first
parammeter, so don't make them all cast it to a void **
nsswitch/winbind_util.c:
- Allow for a more 'correct' view of when usernames should be qualified
in winbindd. If we are a PDC, or have 'winbind trusted domains only',
then for the authentication returns stip the domain portion.
- Fix valgrind warning about use of free()ed name when looking up our
local domain. lp_workgroup() is maniplated inside a procedure that
uses it's former value. Instead, use the fact that our local domain is
always the first in the list.
Andrew Bartlett
(This used to be commit 494781f628683d6e68e8ba21ae54f738727e8c21)
|
|
is not significant in windows user names we should not lose information by
lower-casing the name before handing it to AFS.
Volker
(This used to be commit 6d2285b6d1599648661be47abaaa888419700d22)
|
|
This patch will change order how attributes are modified
from: add, delete
to: delete, add
This is needed to update single valued attributes in Novell NDS and
should not harm anyone else.
(This used to be commit fabf80169079483a1378aa0177d8d8335bd98bb3)
|
|
While writing documentation for metze's patch, it became clear that this is a
better name.
Andrew Bartlett
(This used to be commit 6f828ff3d3622c56ee732b976e7ab90b7897a8d3)
|
|
When smb.conf tells us to write to a read-only LDAP replica and we are
redirected by the LDAP server, the replication might take some seconds,
especially over slow links. This patch delays the next read after a rebind for
'ldap rebind sleep' milliseconds.
Metze, thanks for your patience.
Volker
(This used to be commit 63ffa770b67d700f138d19b4982da152f57674fc)
|
|
to have ldap_initialize.
Thanks to abartlet for the fix (and the bug in the first place ;-))
Volker
(This used to be commit 17473a65eb119ca2240b40a8c029d9a499cde177)
|
|
strings, only form input in SWAT.
Andrew Bartlett
(This used to be commit 8d54f5fe0c5689660f37788916b37014754ce23e)
|
|
by increasing bitmap size. Limited by "max connections" parameter.
Bug #716.
Jeremy.
(This used to be commit fbbeb55b230ffc477f5563af66ab65eb6598e025)
|
|
(This used to be commit ba95fe56d2db8243191d5dd6b75c6b65e0f5fbe9)
|
|
src & dest strings to alpha_strcpy(); reported by Michael Young
(This used to be commit b7df6849c9368aa2e5960de54a03be269ab89fef)
|
|
(This used to be commit 6cf91bce40f85879de00b9ce89ad9b5e04a50b35)
|
|
octets in hosts allow/deny
(This used to be commit 0348e85177ae90c350659451424ab521a4fc335a)
|
|
(This used to be commit 2f43a1c166dfc8679a9d03bd0f3cf9303aafcf74)
|
|
(This used to be commit 1c3c16abc94d197e69e3350de1e5cc1e99be4322)
|
|
(This used to be commit 2742e813fea2366f91bec62dca407f65ad5c4623)
|
|
Looking at crash bugs #809 and others.
Jeremy.
(This used to be commit cd2075580b0f35c8a414c995f03834c01efaa9be)
|
|
again; bug 846
(This used to be commit c816b44a9c1278d756f63044bb3a3bce3afec9b3)
|
|
obsolete comment by Luke Leighton.
(This used to be commit 316f83add76b56fe102f5dc4c9ce3a0413d9a1f4)
|
|
- NTLM2 support in the server
- KEY_EXCH support in the server
- variable length session keys.
In detail:
- NTLM2 is an extension of NTLMv1, that is compatible with existing
domain controllers (unlike NTLMv2, which requires a DC upgrade).
* This is known as 'NTLMv2 session security' *
(This is not yet implemented on the RPC pipes however, so there may
well still be issues for PDC setups, particuarly around password
changes. We do not fully understand the sign/seal implications of
NTLM2 on RPC pipes.)
This requires modifications to our authentication subsystem, as we
must handle the 'challege' input into the challenge-response algorithm
being changed. This also needs to be turned off for
'security=server', which does not support this.
- KEY_EXCH is another 'security' mechanism, whereby the session key
actually used by the server is sent by the client, rather than being
the shared-secret directly or indirectly.
- As both these methods change the session key, the auth subsystem
needed to be changed, to 'override' session keys provided by the
backend.
- There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation.
- The 'names blob' in NTLMSSP is always in unicode - never in ascii.
Don't make an ascii version ever.
- The other big change is to allow variable length session keys. We
have always assumed that session keys are 16 bytes long - and padded
to this length if shorter. However, Kerberos session keys are 8 bytes
long, when the krb5 login uses DES.
* This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. *
- Add better DEBUG() messages to ntlm_auth, warning administrators of
misconfigurations that prevent access to the privileged pipe. This
should help reduce some of the 'it just doesn't work' issues.
- Fix data_blob_talloc() to behave the same way data_blob() does when
passed a NULL data pointer. (just allocate)
REMEMBER to make clean after this commit - I have changed plenty of data structures...
(This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)
|