summaryrefslogtreecommitdiff
path: root/source3/lib
AgeCommit message (Collapse)AuthorFilesLines
2003-03-11This patch attemptes to clean up winbindd's mutex locking.Andrew Bartlett1-4/+2
The current locking scheme in winbind is a complete mess - indeed, the next step should be to push the locking into cli_full_connection(), but I'll leave it for now. This patch works on the noted behaviour that 2 parts of the connection process need protection - and independent protection. Tim Potter did some work on this a little while back, verifying the second case. The two cases are: - between connect() and first session setup - during the auth2 phase of the netlogon pipe setup. I've removed the counter on the lock, as I fail to see what it gains us. This patch also adds 'anonymous fallback' to our winbindd -> DC connection. If the authenticated connection fails (wbinfo -A specifed) - say that account isn't trusted by a trusted DC - then we try an anonymous. Both tpot and mbp like the patch. Andrew Bartlett (This used to be commit 0620320002082298a15cbba72bd79aecfc607947)
2003-03-11Remove valgrind_strlen function, hopefully no longer needed withMartin Pool1-9/+0
recent Valgrind relases and clashing with -DVALGRIND. (This used to be commit 98479f1315cf8968152e1566966ac57e171008c3)
2003-03-10Clobber strings with 0xf1f1f1f1 before writing to them to check bufferMartin Pool1-8/+33
lengths are correct. Attempts to pstrcpy into an fstring or allocated string should fail in developer builds. This builds on abartlet's earlier overflow probe for safe_strcpy, but by clobbering the whole string with a nonzero value is more likely to find overflows on the stack. This is only used in -DDEVELOPER mode. Reviewed by abartlet, tpot. (This used to be commit 8d915e266cd8ccc8b27e9c7ea8e9d003d05f8182)
2003-03-08This is C, not C++Andrew Bartlett1-4/+4
(This used to be commit 25d210b90b6c0377046d89a1dce7a32f94fd7859)
2003-03-08Make sure that the 'remote' machine name can only be set once. For some weirdAndrew Bartlett1-2/+29
reason, during a Win2003 installation, when you select 'domain join' it sends one machine name in the name exchange, and litraly 'machinename' during the NTLMSSP login. Also fix up winbindd's logfile handling, so that it matches smbd and nmbd. (This helps me, by seperating the logs by pid). Andrew Bartlett (This used to be commit afe5a3832f79131fb74461577f1db0e5e8bf4b6d)
2003-03-07Patch from Michael Steffens. In his own words :Jeremy Allison1-3/+3
------------------------------------------------------------------------- I think there are basically two problem: 1. Windows clients do not always send ACEs for SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, and SMB_ACL_OTHER. The function ensure_canon_entry_valid() is prepared for that, but tries to "guess" values from group or other permissions, respectively, otherwise falling back to minimum r-- for the owner. Even if the owner had full permissions before setting ACL. This is the problem with W2k clients. 2. Function set_nt_acl() always chowns *before* attempting to set POSIX ACLs. This is ok in a take-ownership situation, but must fail if the file is to be given away. This is the problem with XP clients, trying to transfer ownership of the original file to the temp file. The problem with NT4 clients (no ACEs are transferred to the temp file, thus are lost after moving the temp file to the original name) is a client problem. It simply doesn't attempt to. I have played around with that using posic_acls.c from 3.0 merged into 2.2. As a result I can now present two patches, one for each branch. They basically modify: 1. Interpret missing SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, or SMB_ACL_OTHER as "preserve current value" instead of attempting to build one ourself. The original code is still in, but only as fallback in case current values can't be retrieved. 2. Rearrange set_nt_acl() such that chown is only done before setting ACLs if there is either no change of owning user, or change of owning user is towards the current user. Otherwise chown is done after setting ACLs. It now seems to produce reasonable results. (Well, as far as it can. If NT4 doesn't even try to transfer ACEs, only deliberate use of named default ACEs and/or "force group" or the crystal ball can help :) ------------------------------------------------------------------------- Jeremy. (This used to be commit 1d3b8c528bebfa1971d1affe454a03453335786e)
2003-03-07Some progress towards gums and tdbsam2Simo Sorce1-0/+18
genparser works fine, and it is a marvelous tool to store objects in tdb :) (This used to be commit 4c6d461a8572f03cd33cba95500cc837638b732c)
2003-03-03dlsym takes a const char *.Jeremy Allison1-1/+1
Jeremy. (This used to be commit ff3827a62b37342b13fd8b4eafd256d91428c02b)
2003-03-03dlysym takes a const char *.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 54e5413a9267b7279cbde0ec129478a5a9c3116c)
2003-02-28Doxygen janitor: add note that strequal is in fact case-insensitive.Martin Pool1-6/+8
(This used to be commit a4b9c5c2576c80a5f60d47d178b9b8c50d348893)
2003-02-28Doxygen janitorMartin Pool2-8/+8
(This used to be commit 9af07173152c5e861d13b33a8d4aee8167a50b66)
2003-02-28Doxygen janitor: fix parameter names, grammar, tag names.Martin Pool1-14/+14
(This used to be commit 42d9ec28cd55dbcfda546c84fb842938aeda544d)
2003-02-28Add a comment about the meaning of samba's internal character set andMartin Pool1-0/+24
how this interacts with it. (This used to be commit eb876ee9cf24eda04e0856899b232d060c669c0c)
2003-02-27additional fix for CR 601Gerald Carter1-0/+3
* distinguish WinXP from Win2k * add a 1/3 of a second delay in OpenPrinter in order to trigger a LAN/WAN optimization in 2k clients. (This used to be commit c7712fa054d21b4884a78b7ea6c0fb8b3d637c6b)
2003-02-27additional fix for CR 601Gerald Carter1-0/+3
* distinguish WinXP from Win2k * add a 1/3 of a second delay in OpenPrinter in order to trigger a LAN/WAN optimization in 2k clients. (This used to be commit 96570699d1b715f47c35aa211da6ec18f6fc4109)
2003-02-27Doxygen merge from headMartin Pool1-5/+6
(This used to be commit 38fa2898967f607a17fd7fbd324f2940a05fb551)
2003-02-27Doxygen janitorMartin Pool1-5/+6
(This used to be commit 67bf36c69d19463c28066b276d74ac4784b26bed)
2003-02-27Merge 1.100 patch from HEAD:Martin Pool1-8/+15
init_valid_table: Fix a memory leak that would lose the dynamically-created valid table every time the configuration was reloaded. (This used to be commit 3ff4845bc43736bfa091419c80b9a0ebdc9d156e)
2003-02-27- Rename 'modules = ' to 'preload modules = 'Jelmer Vernooij1-3/+32
- Add smb_probe_module() - Add init_modules() - Call these functions (This used to be commit f8f21653225792c0001d183c6efe8b7d89a0785d)
2003-02-26init_valid_table: Fix a memory leak that would lose theMartin Pool1-8/+15
dynamically-created valid table every time the configuration was reloaded. (This used to be commit e42b237d980461caf2dd2a8f82c17bf674facb7d)
2003-02-24Merge from head. Move off-by-one buggy malloc()/safe_strcpy() combination to ↵Jeremy Allison1-3/+1
strdup() instead. Jeremy. (This used to be commit 6521601bf8013c8809db13ccf7dd256ea4ad5dd7)
2003-02-24Move off-by-one buggy malloc()/safe_strcpy() combination to strdup() instead.Andrew Bartlett1-3/+1
Andrew Bartlett (This used to be commit c26881633d8a7f6d9b9ed9c6a97ce2b45bf2b317)
2003-02-24Merge documentation from HEADMartin Pool1-6/+13
(This used to be commit 3761f8ebe339fbbeffee9d7b69f9483ebfd9ae6b)
2003-02-24Merge documentation from 3_0.Martin Pool1-6/+13
(This used to be commit 5002555a9719987ccdc887ffff64ea8d02c9881d)
2003-02-24Merge doxygen, signed/unsigned, const and other small fixes from HEAD to 3.0.Andrew Bartlett10-235/+275
Andrew Bartlett (This used to be commit 9ef0d40c3f8aef52ab321dc065264c42065bc876)
2003-02-24Merge from HEAD client-side authentication changes:Andrew Bartlett1-0/+1
- new kerberos code, allowing the account to change it's own password without special SD settings required - NTLMSSP client code, now seperated from cliconnect.c - NTLMv2 client code - SMB signing fixes Andrew Bartlett (This used to be commit 837680ca517982f2e5944730581a83012d4181ae)
2003-02-24Merge of server-side authentication changes to 3.0:Andrew Bartlett1-15/+42
- user_ok() and user_in_group() now take a list of groups, instead of looking for the user in the members of all groups. - The 'server_info' returned from the authentication is now kept around - in future we won't copy the sesion key, username etc, we will just referece them directly. - rhosts upgraded to use the SAM if possible, otherwise fake up based on getpwnam(). - auth_util code to deal with groups upgraded to deal with non-winbind domain members again. Andrew Bartlett (This used to be commit 74b5436c75114170ce7c780c19226103d0df9060)
2003-02-24Add constAndrew Bartlett1-4/+4
(This used to be commit ffaa608be01d72075942ca3aff2325c6364e0556)
2003-02-24Fix 2 off-by-one bugs in the use of malloc()ed strings and safe_strcpy().Andrew Bartlett1-2/+4
safe_strcpy() isn't particularly safe (this has been noted before) as it does not take the size of the buffer, but instead the size of the buffer *minus 1* The locking.c fix was causing segfaults on machines running with --enable-developer, and was tracked down thanks to the fact that vance's build farm machine runs with such an option, and smbtorture's DIR1 test hits this bug very well. (The --enable-developer code writes to the last byte of the string, to check for incorrect use of safe_strcpy()). Andrew Bartlett (This used to be commit e908fd164d1b11b6f76a6fdffb22e139813cb3c0)
2003-02-24Add comment about Samba character sets, from explanation by abartlet.Martin Pool1-0/+13
(This used to be commit 822f6c2f38b9b30dca2358e99ad6a379f5890c89)
2003-02-23move genparser to use talloc contexts instead of [m|c|re]alloc() and free()sSimo Sorce2-152/+163
(This used to be commit 70fce680c01fa1baa65fb3cbc83dfaf822fdadd7)
2003-02-22More signed/unsigned fixes (yes, I run with funny compiler options) andAndrew Bartlett6-12/+13
make x_fwrite() match fwrite() in returning a size_t. Andrew Bartlett (This used to be commit 2943c695787b742e9a96b2eefe2d75f681bacf7c)
2003-02-21Doxygen janitorMartin Pool1-3/+10
(This used to be commit 367997562998adb3f80602596c770d9ac319065b)
2003-02-20Make init_module() and thus smb_load_module() return an int.Jelmer Vernooij1-9/+9
modules/developer.c: init_module() should return an int (This used to be commit 7f59703550378ff2333e3c851bf1a77037510abd)
2003-02-20Merge in smb_load_module() function from HEADJelmer Vernooij1-24/+0
(This used to be commit 6cb124247d10de86bdf6a98f3dd703b3a9eb1d35)
2003-02-19Merge cleanups of return values.Tim Potter1-5/+5
(This used to be commit bae354a20c07458722b5193911e7eaaf9bfbaeb7)
2003-02-19Merge minor library fixes from HEAD to 3.0.Andrew Bartlett2-4/+29
- setenv() replacement - mimir's ASN1/SPNEGO typo fixes - (size_t)-1 fixes for push_* returns - function argument signed/unsigned correction - ASN1 error handling (ensure we don't use initiailsed data) - extra net ads join error checking - allow 'set security discriptor' to fail - escape ldap strings in libads. - getgrouplist() correctness fixes (include primary gid) Andrew Bartlett (This used to be commit e9d6e2ea9a3dc01d3849b925c50702cda6ddf225)
2003-02-19Move to a in-memory ccache for winbind, and replace setenv() properly.Andrew Bartlett1-0/+18
(According to the manpages, you cannot put a stack variable into putenv()). Yes, this leaks memory. Andrew Bartlett (This used to be commit 50bced1e26434ecc7474964062746e2831e5f433)
2003-02-19base64_decode() with heimdal libs, so I've renamed it base64_decode_inplace().Jim McDonough1-1/+1
(This used to be commit 8c69212eeb4a0ec144b960d76319fd4940b8c239)
2003-02-18base64_decode() with heimdal libs, so I've renamed it base64_decode_inplace().Jim McDonough1-1/+1
(This used to be commit d510ff85fb0dafddf3dea9412a09eeee6e70f0cb)
2003-02-18Ensure we use getgrnam() unless BROKEN_GETGRNAM is defined. I now needJeremy Allison1-0/+7
to set this for Tru64. Jeremy. (This used to be commit e7c4616c45ea5ec7c04022d6cca49ac70adde121)
2003-02-18Ensure we use getgrnam() unless BROKEN_GETGRNAM is defined. I now needJeremy Allison1-0/+7
to set this for Tru64. Jeremy. (This used to be commit a21154961135def29d7ede302ed09ce52fc22fc1)
2003-02-18Remove obsolete comment.Martin Pool1-2/+0
(This used to be commit e22465749dc7c2acd2441a897df592616fc275da)
2003-02-18Doxygen janitor and some doc typo fixes.Martin Pool1-68/+92
(This used to be commit 82414706e6659c1638936d9b9afdb9329109f58f)
2003-02-18Doxygen janitor. No other changes.Martin Pool1-120/+119
(This used to be commit fa38e7956c21b828ba208282ef0ac85c2b66ff22)
2003-02-17Add comment explaining the -DDEVELOPER safe_strcpy overflow hack.Martin Pool1-1/+5
(This used to be commit 90e1d8bdfa9ec0a4f3795d9a89db1d2324447b68)
2003-02-17This is a very nice way to detect pstrcpy() into a malloc()ed string, butAndrew Bartlett1-0/+2
it really is a developer hack... Andrew Bartlett (This used to be commit 3588ebb35b14422141d4070413185195b525038e)
2003-02-17This patch fixes one of my longest-standing pet hates with Samba :-).Andrew Bartlett2-18/+47
When we look see if a user is in a list, and we try to 'expand' an @group, we should lookup the user's own list of groups, rather than looking for all the members of a group. I'm sure this will fix some nasty performance issues, particularly on large domains etc. In particular, this avoids contacting winbind at all, if the group is not a winbind group. (This caused a deadlock on my winbind-on-PDC setup). The groups list always includes the user's primary group, as per the getgrouplist manpage, and my recent changes to our implementation. Andrew Bartlett (This used to be commit 9be21976f7662ebe6eb92fff7cecbdb352eca334)
2003-02-17Set the length back to zero when we free the data_blob.Andrew Bartlett1-0/+1
(This used to be commit 4560594a67056ee1a5e51a122d1b254944e7c266)
2003-02-17Try to make our getgrouplist replacement better match the 'real' implemenations.Andrew Bartlett1-4/+11
In particular, make sure we include the primary gid in the list. Andrew Bartlett (This used to be commit 0cd4b339b7eff55019caaeaa998d5e70b2eed200)
generated by cgit (git 2.34.1) at 2024-12-04 02:07:57 +0000