summaryrefslogtreecommitdiff
path: root/source3/lib
AgeCommit message (Collapse)AuthorFilesLines
2003-03-23NTLM Authentication:Andrew Bartlett1-2/+22
- Add a 'privileged' mode to Winbindd. This is achieved by means of a directory under lockdir, that the admin can change the group access for. - This mode is now required to access with 'CRAP' authentication feature. - This *will* break the current SQUID helper, so I've fixed up our ntlm_auth replacement: - Update our NTLMSSP code to cope with 'datagram' mode, where we don't get a challenge. - Use this to make our ntlm_auth utility suitable for use in current Squid 2.5 servers. - Tested - works for Win2k clients, but not Win9X at present. NTLMSSP updates are needed. - Now uses fgets(), not x_fgets() to cope with Squid environment (I think somthing to do with non-blocking stdin). - Add much more robust connection code to wb_common.c - it will not connect to a server of a different protocol version, and it will automatically try and reconnect to the 'privileged' pipe if possible. - This could help with 'privileged' idmap operations etc in future. - Add a generic HEX encode routine to util_str.c, - fix a small line of dodgy C in StrnCpy_fn() - Correctly pull our 'session key' out of the info3 from th the DC. This is used in both the auth code, and in for export over the winbind pipe to ntlm_auth. - Given the user's challenge/response and access to the privileged pipe, allow external access to the 'session key'. To be used for MSCHAPv2 integration. Andrew Bartlett (This used to be commit dcdc75ebd89f504a0f6e3a3bc5b43298858d276b)
2003-03-23Use True, not TRUEJelmer Vernooij1-2/+2
(This used to be commit eeeeb37fc6de60928f7efdeb05bb2c6516f24441)
2003-03-23Don't crash when initialising tdb failsJelmer Vernooij1-2/+2
(This used to be commit b18d02891be1ea3728239eee15a4aed3c3be2fea)
2003-03-22Add -U, -N, -i, -A, -W to popt.Jelmer Vernooij1-9/+231
(This used to be commit 5a88d78f67fd7853d6f7d5042807afa56091d52c)
2003-03-22- Use FUNCTION_MACRO, not __FUNCTION__.Jelmer Vernooij2-2/+2
- Add some const (This used to be commit e149e70717f38e082ce35d55f9b4d84ba8419af7)
2003-03-22Valgrind found a few memory leaks!Andrew Bartlett1-0/+4
Andrew Bartlett (This used to be commit fb680f610ceb9a0f350c99456cf7ab1a507543fe)
2003-03-22Small clenaup patches:Andrew Bartlett2-7/+9
- safe_string.h - don't assume that __FUNCTION__ is available - process.c - use new workaround from safe_string.h for the same - util.c - Show how many bytes we smb_panic()ed trying to smb_xmalloc() - gencache.c - Keep valgrind quiet by always null terminating. - clistr.c - Add copyright - srvstr.h - move srvstr_push into a .c file again, as a real function. - srvstr.c - revive, with 'safe' checked srvstr_push - loadparm.c - set a default for the display charset. Andrew Bartlett (This used to be commit a7eba37aadeb0b04cb1bd89deddb58be8aba825c)
2003-03-20Patch from Samuel Thibault to convert messages from unix to dos charset. WorksJelmer Vernooij1-1/+1
on 2000. sending messages to 9x needs to be fixed, but that didn't work anyway (This used to be commit ca066502a2a3dbdd8943d515c9c6d21e62d757b6)
2003-03-20lib/messages.c: Check return from chainlock before modifying message queue.Jeremy Allison1-1/+3
Apply the job returned limit across all requests for job queues. Jeremy. (This used to be commit dee1326a1d8a0bf8977df22a0fe014dd5d8dc769)
2003-03-20Cleanup bogus initialisation in SID_NAME_USE enum.Tim Potter1-1/+2
Added new sid type = 9 for "computer" from MSDN. (This used to be commit 45929d126932e5cac5a23fe76d28a4fa05b54b77)
2003-03-19use strnlen to prevent coredumpsJim McDonough1-3/+3
(This used to be commit 1960a650c1546323708ed6bea615dc7215a97b4f)
2003-03-19Put in the new modules system. It's now used by passdb and rpc. I willJelmer Vernooij1-0/+2
put a doc about it in dev-doc later today. (This used to be commit af7bfee0c6902c07fdb8d3abccf4c8d6bab00b5a)
2003-03-18Step one of optimizations for StrCaseCmp:Martin Pool1-7/+72
First of all, do a char-by-char walk through both buffers until we get to a non-ascii character, or a difference between the strings. This prefix can be directly compared without needing to call into iconv. This should be much faster for strings that are either all ascii, or differ near the start. (This used to be commit f7f692b2db4dd513068d6d8fed2792186933ddda)
2003-03-18Split "clobber" function and variables into its own file before itMartin Pool2-39/+60
grows too much larger. (This used to be commit 4bbddbfc6a97ebb11e299aa7bd07ebebeab42c65)
2003-03-18Update comment: Valgrind 1.9.4 seems to always respect clientMartin Pool1-1/+1
requests, without needing --client-perms=yes. (This used to be commit 412a8780c35ee9449c9682e3ef73afb2c4933285)
2003-03-18global_globber_region_function/line ought to be recorded beforeMartin Pool1-3/+15
clobbering the region, just in case clobbering causes us to crash immediately. (That might happen if we just shot ourselves in the stack and strcpy was not inlined.) Also, in DEVELOPER mode and when Valgrind is available, mark the clobbered region as uninitialized. This is an even stronger protection than clobbering with 0xf1. (This used to be commit 5653a42ae695f4b8f4c14d3184ca76523d38b51b)
2003-03-16 - Make ReadDirName return a const char*.Andrew Bartlett1-1/+1
- Consequential changes from that - mark our fstring/pstring assumptions in function prototypes Andrew Bartlett (This used to be commit fe2bc64bc439b27387b8f326b0f4f3bfcc3d04a1)
2003-03-15Remove an unused function and fix the build.Andrew Bartlett1-36/+0
Andrew Bartlett (This used to be commit 67a0319d268dfc0e2154d3ab0f8bf866e3cbb6db)
2003-03-15String handling parinoia fixes.Andrew Bartlett3-112/+59
This patch enables the compile-time checking of strings assable by means of sizeof(). (Original code had the configure check reversed). This is extended to all safe_strcpy() users, push_string and pull_string, as well as the cli and srv derivitives. There is an attempt to cap strings at the end of the cli buffer, and clobber_region() of the speified length (when not -1 :-). Becouse of the way they are declared, the 'overmalloc a string' users of safe_strcpy() have been changed to use overmalloc_safe_strcpy() (which skips some of the checks). This whole ball of mud worked fine, until I pulled out my 'fix' for our statcache. When jeremy fixes that, we should be able to get back to testing this stuff. This patch also includes a 'marker' of the last caller to clobber_region (ie, the function that called pstrcpy() that called clobber_region) to assist in debugging problems that may have smashed the stack. This is printed at smb_panic() time. (Original idea and patch by metze). It also removes some unsused functions, and #if 0's some others that are unused but probably should be used in the near future. For now, this patch gives us some confidence on one class of trivial parsing error in our code. Andrew Bartlett (This used to be commit 31f4827acc2a2f00399a5528fc83a0dae5cebaf4)
2003-03-14fix WinXP & Win2K3 remote_arch and check pointer in ntlmssp code before ↵Gerald Carter1-0/+16
dereferencing (This used to be commit 2487480228b99183cab9e34ab497997e0c144ed6)
2003-03-12adding some initiaial code to sert %a to Win2K3 (using Native LanMan string ↵Gerald Carter1-0/+3
from .NET RC2) (This used to be commit 4c823e61d14a33344deb887043b60b2e3c83416f)
2003-03-12Add constAndrew Bartlett1-2/+2
(This used to be commit 147a0c8b13d20e06c557fb817a36fddf9a920d65)
2003-03-11This patch attemptes to clean up winbindd's mutex locking.Andrew Bartlett1-4/+2
The current locking scheme in winbind is a complete mess - indeed, the next step should be to push the locking into cli_full_connection(), but I'll leave it for now. This patch works on the noted behaviour that 2 parts of the connection process need protection - and independent protection. Tim Potter did some work on this a little while back, verifying the second case. The two cases are: - between connect() and first session setup - during the auth2 phase of the netlogon pipe setup. I've removed the counter on the lock, as I fail to see what it gains us. This patch also adds 'anonymous fallback' to our winbindd -> DC connection. If the authenticated connection fails (wbinfo -A specifed) - say that account isn't trusted by a trusted DC - then we try an anonymous. Both tpot and mbp like the patch. Andrew Bartlett (This used to be commit 0620320002082298a15cbba72bd79aecfc607947)
2003-03-11Remove valgrind_strlen function, hopefully no longer needed withMartin Pool1-9/+0
recent Valgrind relases and clashing with -DVALGRIND. (This used to be commit 98479f1315cf8968152e1566966ac57e171008c3)
2003-03-10Clobber strings with 0xf1f1f1f1 before writing to them to check bufferMartin Pool1-8/+33
lengths are correct. Attempts to pstrcpy into an fstring or allocated string should fail in developer builds. This builds on abartlet's earlier overflow probe for safe_strcpy, but by clobbering the whole string with a nonzero value is more likely to find overflows on the stack. This is only used in -DDEVELOPER mode. Reviewed by abartlet, tpot. (This used to be commit 8d915e266cd8ccc8b27e9c7ea8e9d003d05f8182)
2003-03-08This is C, not C++Andrew Bartlett1-4/+4
(This used to be commit 25d210b90b6c0377046d89a1dce7a32f94fd7859)
2003-03-08Make sure that the 'remote' machine name can only be set once. For some weirdAndrew Bartlett1-2/+29
reason, during a Win2003 installation, when you select 'domain join' it sends one machine name in the name exchange, and litraly 'machinename' during the NTLMSSP login. Also fix up winbindd's logfile handling, so that it matches smbd and nmbd. (This helps me, by seperating the logs by pid). Andrew Bartlett (This used to be commit afe5a3832f79131fb74461577f1db0e5e8bf4b6d)
2003-03-07Some progress towards gums and tdbsam2Simo Sorce1-0/+18
genparser works fine, and it is a marvelous tool to store objects in tdb :) (This used to be commit 4c6d461a8572f03cd33cba95500cc837638b732c)
2003-03-03dlsym takes a const char *.Jeremy Allison1-1/+1
Jeremy. (This used to be commit ff3827a62b37342b13fd8b4eafd256d91428c02b)
2003-02-28Doxygen janitor: add note that strequal is in fact case-insensitive.Martin Pool1-6/+8
(This used to be commit a4b9c5c2576c80a5f60d47d178b9b8c50d348893)
2003-02-28Doxygen janitorMartin Pool2-8/+8
(This used to be commit 9af07173152c5e861d13b33a8d4aee8167a50b66)
2003-02-28Doxygen janitor: fix parameter names, grammar, tag names.Martin Pool1-14/+14
(This used to be commit 42d9ec28cd55dbcfda546c84fb842938aeda544d)
2003-02-28Add a comment about the meaning of samba's internal character set andMartin Pool1-0/+24
how this interacts with it. (This used to be commit eb876ee9cf24eda04e0856899b232d060c669c0c)
2003-02-27additional fix for CR 601Gerald Carter1-0/+3
* distinguish WinXP from Win2k * add a 1/3 of a second delay in OpenPrinter in order to trigger a LAN/WAN optimization in 2k clients. (This used to be commit 96570699d1b715f47c35aa211da6ec18f6fc4109)
2003-02-27Doxygen janitorMartin Pool1-5/+6
(This used to be commit 67bf36c69d19463c28066b276d74ac4784b26bed)
2003-02-27- Rename 'modules = ' to 'preload modules = 'Jelmer Vernooij1-3/+32
- Add smb_probe_module() - Add init_modules() - Call these functions (This used to be commit f8f21653225792c0001d183c6efe8b7d89a0785d)
2003-02-26init_valid_table: Fix a memory leak that would lose theMartin Pool1-8/+15
dynamically-created valid table every time the configuration was reloaded. (This used to be commit e42b237d980461caf2dd2a8f82c17bf674facb7d)
2003-02-24Move off-by-one buggy malloc()/safe_strcpy() combination to strdup() instead.Andrew Bartlett1-3/+1
Andrew Bartlett (This used to be commit c26881633d8a7f6d9b9ed9c6a97ce2b45bf2b317)
2003-02-24Merge documentation from 3_0.Martin Pool1-6/+13
(This used to be commit 5002555a9719987ccdc887ffff64ea8d02c9881d)
2003-02-24Add constAndrew Bartlett1-4/+4
(This used to be commit ffaa608be01d72075942ca3aff2325c6364e0556)
2003-02-24Fix 2 off-by-one bugs in the use of malloc()ed strings and safe_strcpy().Andrew Bartlett1-2/+4
safe_strcpy() isn't particularly safe (this has been noted before) as it does not take the size of the buffer, but instead the size of the buffer *minus 1* The locking.c fix was causing segfaults on machines running with --enable-developer, and was tracked down thanks to the fact that vance's build farm machine runs with such an option, and smbtorture's DIR1 test hits this bug very well. (The --enable-developer code writes to the last byte of the string, to check for incorrect use of safe_strcpy()). Andrew Bartlett (This used to be commit e908fd164d1b11b6f76a6fdffb22e139813cb3c0)
2003-02-23move genparser to use talloc contexts instead of [m|c|re]alloc() and free()sSimo Sorce2-152/+163
(This used to be commit 70fce680c01fa1baa65fb3cbc83dfaf822fdadd7)
2003-02-22More signed/unsigned fixes (yes, I run with funny compiler options) andAndrew Bartlett6-12/+13
make x_fwrite() match fwrite() in returning a size_t. Andrew Bartlett (This used to be commit 2943c695787b742e9a96b2eefe2d75f681bacf7c)
2003-02-21Doxygen janitorMartin Pool1-3/+10
(This used to be commit 367997562998adb3f80602596c770d9ac319065b)
2003-02-20Make init_module() and thus smb_load_module() return an int.Jelmer Vernooij1-9/+9
modules/developer.c: init_module() should return an int (This used to be commit 7f59703550378ff2333e3c851bf1a77037510abd)
2003-02-19Move to a in-memory ccache for winbind, and replace setenv() properly.Andrew Bartlett1-0/+18
(According to the manpages, you cannot put a stack variable into putenv()). Yes, this leaks memory. Andrew Bartlett (This used to be commit 50bced1e26434ecc7474964062746e2831e5f433)
2003-02-19base64_decode() with heimdal libs, so I've renamed it base64_decode_inplace().Jim McDonough1-1/+1
(This used to be commit 8c69212eeb4a0ec144b960d76319fd4940b8c239)
2003-02-18Ensure we use getgrnam() unless BROKEN_GETGRNAM is defined. I now needJeremy Allison1-0/+7
to set this for Tru64. Jeremy. (This used to be commit e7c4616c45ea5ec7c04022d6cca49ac70adde121)
2003-02-18Remove obsolete comment.Martin Pool1-2/+0
(This used to be commit e22465749dc7c2acd2441a897df592616fc275da)
2003-02-18Doxygen janitor and some doc typo fixes.Martin Pool1-68/+92
(This used to be commit 82414706e6659c1638936d9b9afdb9329109f58f)