Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 84707fd95eec260a1cb22a165a0161a075f93ada)
|
|
NTLM Authentication:
- Add a 'privileged' mode to Winbindd. This is achieved by means of a directory
under lockdir, that the admin can change the group access for.
- This mode is now required to access with 'CRAP' authentication feature.
- This *will* break the current SQUID helper, so I've fixed up our ntlm_auth
replacement:
- Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a
challenge.
- Use this to make our ntlm_auth utility suitable for use in current Squid 2.5
servers.
- Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates
are needed.
- Now uses fgets(), not x_fgets() to cope with Squid environment (I think
somthing to do with non-blocking stdin).
- Add much more robust connection code to wb_common.c - it will not connect to
a server of a different protocol version, and it will automatically try and
reconnect to the 'privileged' pipe if possible.
- This could help with 'privileged' idmap operations etc in future.
- Add a generic HEX encode routine to util_str.c,
- fix a small line of dodgy C in StrnCpy_fn()
- Correctly pull our 'session key' out of the info3 from th the DC. This is
used in both the auth code, and in for export over the winbind pipe to
ntlm_auth.
- Given the user's challenge/response and access to the privileged pipe,
allow external access to the 'session key'. To be used for MSCHAPv2
integration.
Andrew Bartlett
(This used to be commit ec071ca3dcbd3881dc08e6a8d7ac2ff0bcd57664)
|
|
(This used to be commit 8315b9c3119dde62aeb72ad5e20f63aee89abd0b)
|
|
Small clenaup patches:
- safe_string.h - don't assume that __FUNCTION__ is available
- process.c - use new workaround from safe_string.h for the same
- util.c - Show how many bytes we smb_panic()ed trying to smb_xmalloc()
- gencache.c - Keep valgrind quiet by always null terminating.
- clistr.c - Add copyright
- srvstr.h - move srvstr_push into a .c file again, as a real function.
- srvstr.c - revive, with 'safe' checked srvstr_push
- loadparm.c - set a default for the display charset.
- connection.c - use safe_strcpy()
Andrew Bartlett
(This used to be commit c91e76bddbe1244ddc8d12b092eba875834029ac)
|
|
when sending(and vice versa when receiving).
(This used to be commit 5310447ec6e0df1c000e3ee14572f5b7fee31f28)
|
|
Apply the job returned limit across all requests for job queues.
Jeremy.
(This used to be commit bf795b684e608f82db822e0759e7b69afd451b65)
|
|
(This used to be commit 5078436d83f0fdc568d6687809c7c70dea5fd382)
|
|
Jeremy.
(This used to be commit da1271a95fce7fd217555fb161d4669d0b9b80e2)
|
|
(This used to be commit 38a6ad95d789b3ece7a8e697195c8851663b3cd9)
|
|
'set_local_machine_name' so that the client can't change it from under us.
(.NET RC2 and WinXP install calls the machine 'machinename' during NTLMSSP
on the domain join).
Andrew Bartlett
(This used to be commit 4c7163e7c2cc09bd95faa05156ee480957a7a4d8)
|
|
used to be commit f0d009c3e91979b0dc3443e16f3f545bcc64cfda)
|
|
grows too much larger.
(This used to be commit 4bbddbfc6a97ebb11e299aa7bd07ebebeab42c65)
|
|
requests, without needing --client-perms=yes.
(This used to be commit 412a8780c35ee9449c9682e3ef73afb2c4933285)
|
|
clobbering the region, just in case clobbering causes us to crash
immediately. (That might happen if we just shot ourselves in the
stack and strcpy was not inlined.)
Also, in DEVELOPER mode and when Valgrind is available, mark the
clobbered region as uninitialized. This is an even stronger
protection than clobbering with 0xf1.
(This used to be commit 5653a42ae695f4b8f4c14d3184ca76523d38b51b)
|
|
is as stable as possible in the string department and some pain now
will help later :-).
Jeremy.
(This used to be commit 86e3eddac698d90f4666b8492b4603a4efbbd67b)
|
|
Original message:
This patch attemptes to clean up winbindd's mutex locking.
The current locking scheme in winbind is a complete mess - indeed, the
next step should be to push the locking into cli_full_connection(), but
I'll leave it for now.
This patch works on the noted behaviour that 2 parts of the connection
process need protection - and independent protection. Tim Potter did
some work on this a little while back, verifying the second case.
The two cases are:
- between connect() and first session setup
- during the auth2 phase of the netlogon pipe setup.
I've removed the counter on the lock, as I fail to see what it gains us.
This patch also adds 'anonymous fallback' to our winbindd -> DC connection.
If the authenticated connection fails (wbinfo -A specifed) - say that
account isn't trusted by a trusted DC - then we try an anonymous.
Both tpot and mbp like the patch.
Andrew Bartlett
(This used to be commit b5283c00a900393b83f0edb2785c5caf402404eb)
|
|
- Make ReadDirName return a const char*.
- Consequential changes from that
- mark our fstring/pstring assumptions in function prototypes
Andrew Bartlett
(This used to be commit 10b53d7c6fd77f23433dd2ef12bb14b227147a48)
|
|
(This used to be commit 04a5cbc8964386774acdca759b4cfaded068c8f2)
|
|
I'm not merging the current HEAD string stuff quite yet.
(This used to be commit 9b8d12e081462566043bb51e9c95605609572a54)
|
|
- Consequential changes from that
- mark our fstring/pstring assumptions in function prototypes
Andrew Bartlett
(This used to be commit fe2bc64bc439b27387b8f326b0f4f3bfcc3d04a1)
|
|
Andrew Bartlett
(This used to be commit 67a0319d268dfc0e2154d3ab0f8bf866e3cbb6db)
|
|
This patch enables the compile-time checking of strings assable by means of
sizeof(). (Original code had the configure check reversed).
This is extended to all safe_strcpy() users, push_string and pull_string,
as well as the cli and srv derivitives. There is an attempt to cap strings
at the end of the cli buffer, and clobber_region() of the speified length
(when not -1 :-).
Becouse of the way they are declared, the 'overmalloc a string' users of
safe_strcpy() have been changed to use overmalloc_safe_strcpy() (which skips
some of the checks).
This whole ball of mud worked fine, until I pulled out my 'fix' for our
statcache. When jeremy fixes that, we should be able to get back to testing
this stuff.
This patch also includes a 'marker' of the last caller to clobber_region (ie,
the function that called pstrcpy() that called clobber_region) to assist in
debugging problems that may have smashed the stack. This is printed at
smb_panic() time. (Original idea and patch by metze).
It also removes some unsused functions, and #if 0's some others that are
unused but probably should be used in the near future.
For now, this patch gives us some confidence on one class of trivial parsing
error in our code.
Andrew Bartlett
(This used to be commit 31f4827acc2a2f00399a5528fc83a0dae5cebaf4)
|
|
dereferencing
(This used to be commit 2487480228b99183cab9e34ab497997e0c144ed6)
|
|
dereferencing
(This used to be commit 7bc5fc729f67ae16e09ea67efa9e2b8e2ba41c8f)
|
|
from .NET RC2)
(This used to be commit e074cab810f9299d0b27881cddf8a74f10fe233e)
|
|
from .NET RC2)
(This used to be commit 4c823e61d14a33344deb887043b60b2e3c83416f)
|
|
(This used to be commit 147a0c8b13d20e06c557fb817a36fddf9a920d65)
|
|
The current locking scheme in winbind is a complete mess - indeed, the
next step should be to push the locking into cli_full_connection(), but
I'll leave it for now.
This patch works on the noted behaviour that 2 parts of the connection
process need protection - and independent protection. Tim Potter did
some work on this a little while back, verifying the second case.
The two cases are:
- between connect() and first session setup
- during the auth2 phase of the netlogon pipe setup.
I've removed the counter on the lock, as I fail to see what it gains us.
This patch also adds 'anonymous fallback' to our winbindd -> DC connection.
If the authenticated connection fails (wbinfo -A specifed) - say that
account isn't trusted by a trusted DC - then we try an anonymous.
Both tpot and mbp like the patch.
Andrew Bartlett
(This used to be commit 0620320002082298a15cbba72bd79aecfc607947)
|
|
recent Valgrind relases and clashing with -DVALGRIND.
(This used to be commit 98479f1315cf8968152e1566966ac57e171008c3)
|
|
lengths are correct. Attempts to pstrcpy into an fstring or allocated
string should fail in developer builds.
This builds on abartlet's earlier overflow probe for safe_strcpy, but
by clobbering the whole string with a nonzero value is more likely to
find overflows on the stack.
This is only used in -DDEVELOPER mode.
Reviewed by abartlet, tpot.
(This used to be commit 8d915e266cd8ccc8b27e9c7ea8e9d003d05f8182)
|
|
(This used to be commit 25d210b90b6c0377046d89a1dce7a32f94fd7859)
|
|
reason, during a Win2003 installation, when you select 'domain join' it sends
one machine name in the name exchange, and litraly 'machinename' during the
NTLMSSP login.
Also fix up winbindd's logfile handling, so that it matches smbd and nmbd.
(This helps me, by seperating the logs by pid).
Andrew Bartlett
(This used to be commit afe5a3832f79131fb74461577f1db0e5e8bf4b6d)
|
|
-------------------------------------------------------------------------
I think there are basically two problem:
1. Windows clients do not always send ACEs for SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ,
and SMB_ACL_OTHER.
The function ensure_canon_entry_valid() is prepared for that, but tries
to "guess" values from group or other permissions, respectively, otherwise
falling back to minimum r-- for the owner. Even if the owner had full
permissions before setting ACL. This is the problem with W2k clients.
2. Function set_nt_acl() always chowns *before* attempting to set POSIX ACLs.
This is ok in a take-ownership situation, but must fail if the file is
to be given away. This is the problem with XP clients, trying to transfer
ownership of the original file to the temp file.
The problem with NT4 clients (no ACEs are transferred to the temp file, thus
are lost after moving the temp file to the original name) is a client problem.
It simply doesn't attempt to.
I have played around with that using posic_acls.c from 3.0 merged into 2.2.
As a result I can now present two patches, one for each branch. They
basically modify:
1. Interpret missing SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, or SMB_ACL_OTHER
as "preserve current value" instead of attempting to build one ourself.
The original code is still in, but only as fallback in case current values
can't be retrieved.
2. Rearrange set_nt_acl() such that chown is only done before setting
ACLs if there is either no change of owning user, or change of owning
user is towards the current user. Otherwise chown is done after setting
ACLs.
It now seems to produce reasonable results. (Well, as far as it can. If
NT4 doesn't even try to transfer ACEs, only deliberate use of named default
ACEs and/or "force group" or the crystal ball can help :)
-------------------------------------------------------------------------
Jeremy.
(This used to be commit 1d3b8c528bebfa1971d1affe454a03453335786e)
|
|
genparser works fine, and it is a marvelous tool to store objects in tdb :)
(This used to be commit 4c6d461a8572f03cd33cba95500cc837638b732c)
|
|
Jeremy.
(This used to be commit ff3827a62b37342b13fd8b4eafd256d91428c02b)
|
|
Jeremy.
(This used to be commit 54e5413a9267b7279cbde0ec129478a5a9c3116c)
|
|
(This used to be commit a4b9c5c2576c80a5f60d47d178b9b8c50d348893)
|
|
(This used to be commit 9af07173152c5e861d13b33a8d4aee8167a50b66)
|
|
(This used to be commit 42d9ec28cd55dbcfda546c84fb842938aeda544d)
|
|
how this interacts with it.
(This used to be commit eb876ee9cf24eda04e0856899b232d060c669c0c)
|
|
* distinguish WinXP from Win2k
* add a 1/3 of a second delay in OpenPrinter
in order to trigger a LAN/WAN optimization in
2k clients.
(This used to be commit c7712fa054d21b4884a78b7ea6c0fb8b3d637c6b)
|
|
* distinguish WinXP from Win2k
* add a 1/3 of a second delay in OpenPrinter
in order to trigger a LAN/WAN optimization in
2k clients.
(This used to be commit 96570699d1b715f47c35aa211da6ec18f6fc4109)
|
|
(This used to be commit 38fa2898967f607a17fd7fbd324f2940a05fb551)
|
|
(This used to be commit 67bf36c69d19463c28066b276d74ac4784b26bed)
|
|
init_valid_table: Fix a memory leak that would lose the
dynamically-created valid table every time the configuration was
reloaded.
(This used to be commit 3ff4845bc43736bfa091419c80b9a0ebdc9d156e)
|
|
- Add smb_probe_module()
- Add init_modules()
- Call these functions
(This used to be commit f8f21653225792c0001d183c6efe8b7d89a0785d)
|
|
dynamically-created valid table every time the configuration was
reloaded.
(This used to be commit e42b237d980461caf2dd2a8f82c17bf674facb7d)
|
|
strdup() instead.
Jeremy.
(This used to be commit 6521601bf8013c8809db13ccf7dd256ea4ad5dd7)
|
|
Andrew Bartlett
(This used to be commit c26881633d8a7f6d9b9ed9c6a97ce2b45bf2b317)
|
|
(This used to be commit 3761f8ebe339fbbeffee9d7b69f9483ebfd9ae6b)
|