Age | Commit message (Collapse) | Author | Files | Lines |
|
rebind proc (some give an extra paramter to pass a void* paramater) and
some small changes for the SMB signing code to reset things when the
signing starts, and to 'turn off' signing if the session setup failed.
Andrew Bartlett
(This used to be commit a8805a34e5d96eeb5ffe15681b241d5a449a6144)
|
|
The problem was that *all* packets were being signed, even packets before
signing was set up. (This broke the session request).
This fixes it to be an 'opt in' measure - that is, we only attempt to sign
things after we have got a valid, non-guest session setup as per the CIFS spec.
I've not tested this against an MS server, becouse my VMware is down, but
at least it doesn't break the build farm any more.
Andrew Bartlett
(This used to be commit 1dc5a8765876c1ca822e454651f8fd4a551965e9)
|
|
Jeremy.
(This used to be commit 0e7e8d44627ad9645a90e96001f8550b68b67a62)
|
|
Jeremy.
(This used to be commit 9d461933766f26ce772f6d5ea849ef9218c4d534)
|
|
Jeremy.
(This used to be commit c1b20db4bb4bb1ba485466f50b9795470027327c)
|
|
(This used to be commit aff65bf6c9f339ae1d3122d12114005c017b9b5d)
|
|
(const, takes unix string as arg)
Also update cli_full_connection to take NULL pointers as 'undefined' correctly,
and therefore do its own lookup etc. This what was intended, but previously
you needed to supply a 0.0.0.0 IP address.
Andrew Bartlett
(This used to be commit 8fb1a9c6ba07dbf04a6aa1e30fa7bbd4c676ed28)
|
|
(This used to be commit f7e75952306296b11a859f425ff5ec7082239dc2)
|
|
Some reformatting.
(This used to be commit d6dd7c7b14a4e3be4d7d435b6ac6bb8189070ff7)
|
|
(This used to be commit a8b2e76c5b90d3dcd00f26462614f56936c13110)
|
|
(This used to be commit 4b18a94590a25882f06f88c3c7dd1a08bf990044)
|
|
Jeremy.
(This used to be commit 3c05f7c06fc8c45307ea75128b160a5945fc5197)
|
|
(This used to be commit f37d85babf1061bb2b5ffdf96c72427f8ad5e832)
|
|
of files. This was done to better enable net rpc file. Perhaps we can start
giving back real info this way, too.
(This used to be commit b3fea72ee9abd2441a49c35442c54819e4ba16ba)
|
|
(This used to be commit 099b750b4ed8f04a1fd8a018508d412691e37df6)
|
|
when using restrictanonymous.
(This used to be commit 0c65978ed07903af808da5f32cc29531aef23225)
|
|
(This used to be commit ca61f68d5ca8791bea34732bd358cfb63273fc5c)
|
|
so muchos dodgy code is required to copy the results out of the parse
buffer into the client's talloc context.
(This used to be commit 496d3cf02c15ece7e13fa023deea740ee00486a8)
|
|
warning/error.
(This used to be commit 8d6270cadf7f99ee8ee441ee6c3e58eca623d519)
|
|
The problem was the NTLMv2 uses extra data in order to make reply/lookup
more difficult. That extra data includes the hostname, and the domain.
This matches Win2k (sort of) by sending this information.
Win2k connects with LMCompatibilityLevel=5 without a problem.
We can change the negotiation bits if we want, this should allow us to make
NTLMv2 the default for other clients as well.
Some of the extra #defines were found in the squid source.
Andrew Bartlett
(This used to be commit 17a5f67b3d1935baf6197ae967624eb847b66ac8)
|
|
unix and DOS strings.
This pushes all the 'have to uppercase, must be 14 chars' stuff behind the
the interface.
Andrew Bartlett
(This used to be commit dec650efa8ab1466114c2e6d469320a319499ea0)
|
|
Importantly:
The removal of the silly 'delete user script' behaviour when secuity=domain.
I have left the name the same - as it still does the (previously documented,
but not in smb.conf(5)) sane behaviour of deleting users on request.
When we decide what to do with the 'add user' functionality, we might
rename it.
Andrew Bartlett
(This used to be commit cdcfe3671eb7570e15649b77f708e6579055e7bc)
|
|
didn't make any sense, and its was always just strlen(password) anyway.
This fixes it to be strlen(password)+1
Andrew Bartlett
(This used to be commit c205b18bd6b9b69200ff3db55f2c641631d4ab40)
|
|
Wasn't this what got us some of the bugs with big-endien smbpasswd -j FOO -U ?
Anyway, it deserves to die.
Andrew Bartlett
(This used to be commit 7201720048b31e48fb2600de8f7396088cc9b533)
|
|
this:
More code cleanup - this lot a bit more dodgy than the last:
The aim is to trim pwd_cache down to size. Its overly complex, and a
pain to deal with. With a header comment like this:
'obfusticaion is planned'
I think it deserved to die (at least partly).
This was being done to allow 'cli_establish_connection' to die - its
functionality has been replaced by cli_full_connection(), which does
not duplicate code everywhere for creating names etc.
This also removes the little 'init' fucntions for the various pipes,
becouse they were only used in one place, and even then it was dodgy.
(I've reworked smbcacls not to use anonymous connections any more, as
this will (should) fail with a 'restrict anonymous' PDC).
This allowed me to remove cli_pipe_util.c, which was calling
cli_establish_connection.
tpot: I'm not sure what direction you were going with the client stuff,
and you may well have been wanting the init functions. If thats the case,
give me a yell and I'll reimplement them against cli_full_connection.
Andrew Bartlett
(This used to be commit fa67e4626bed623333c571e76e06ccd52cba5cc5)
|
|
(only function that used it was unused, and this helps bring TNG and HEAD
closer)
Its also cleaner.
Andrew Bartlett
(This used to be commit 78f47c83332a6408a718a3dee45645935638b364)
|
|
I think we may still need to look at our server enumeration code, but
other than that, its much better in the tree than out.
Andrew Bartlett
(This used to be commit d57a1b4629d12a0374cc6d74dfc6f5d4793fcef8)
|
|
This option was badly maintained, useless and confused our users and
distirbutors. (its SSL, therfore it must be good...)
No windows client uses this protocol without help from an SSL tunnel.
I can't see any reason why setting up a unix-side SSL wrapper would
be any more difficult than the > 10 config options this mess added
to samba in any case.
On the Samba client end, I think the LIBSMB_PROG hack should be
sufficient to start stunnel on the unix side. We might extend this
to take %i and %p (IP and port) if there is demand.
Andrew Bartlett
(This used to be commit b04561d3fd3ee732877790fb4193b20ad72a75f8)
|
|
call so we probably should as well.
(This used to be commit 39c0218e5b4132e60401c2fc25fcbc88be94f87f)
|
|
(This used to be commit c986a19cde0dfa96b512eb24d873203981e68c48)
|
|
(This used to be commit 217ae50acd8cf088e268e7d2a6a7c192aca9e2f1)
|
|
(This used to be commit a1934a7a8eda592e283a01014280ddb373564927)
|
|
The setprinterdata routine was rewritten slightly to take more arguments.
(This used to be commit a9a5702c88ea9c4a6a9197cf4e3444b26be858cc)
|
|
(This used to be commit 38de5025fb1f6396e456e26bfb071223da247f03)
|
|
endpageprinter, setjob and getjob.
(This used to be commit d091a9d300c70b708218067d355c8282a6f14ab6)
|
|
(This used to be commit aaa996355287fcd86873697f51a069ccb5a908b9)
|
|
is detected.
(This used to be commit 0377448b8c3e2bd8d5bc9f49a585292dc5c5b5a1)
|
|
(This used to be commit 0827bd4184256a87d6cf6c58bc314309503da7be)
|
|
is freakier... the name or the fact that a seven-year-old knows what it
means.
Small change to correct the value we place in the DGM_LENGTH field of
NBT Datagram messages. We have been counting the full datagram, but it's
fairly clear in the RFCs that we should only count the source name,
destination name, and payload. We've been overcharging by 14 bytes
(the size of the NBT DGM header).
This fix brings us in line with what Windows does, and what the RFCs
say should be done. I'm a little surprised that this didn't cause any
bugs or error messages. I guess no one actually checks this field.
(This used to be commit 3156c020e5b6f12a448d58669977ad4449789460)
|
|
(This used to be commit b2329039d255928faf53474ee7ab06b6353b9fbe)
|
|
param/loadparm.c: Added missing debugs that would have helped me find a misconfiguration
I lost a day on....
Jeremy.
(This used to be commit 6e9572379784c77f3c4e6a95e18a9641880a8ffc)
|
|
(This used to be commit 7f923d738b94eef042b21e4d0143861755620d91)
|
|
information when one or more of the names/sids being queried were not
resolvable. We now return a list the same length as the parameters passed
instead of an array of just the resolvable names/sids.
(This used to be commit 245468dbabb7c849ce423cc3cb586fa913d0adfe)
|
|
(This used to be commit f736e115c00e02e3f131ccceb7769559dd4d908a)
|
|
<mimir@diament.ists.pwr.wroc.pl>) this patch allows samba to correctly
enumerate its trusted domains - by exaimining the keys in the secrets.tdb file.
This patch has been tested with both NT4 and rpcclient/wbinfo, and adds
some extra functionality to talloc and rpc_parse to allow it to deal with
already unicode strings.
Finally, this cleans up some const warnings that were in net_rpc.c by pushing
another dash of const into the rpc client code.
Andrew Bartlett
(This used to be commit 0bdd94cb992b40942aaf2e5e0efd2868b4686296)
|
|
(This used to be commit 952eb866f44ac0d8ba2032cf251d3a4298a750d3)
|
|
(This used to be commit 908b70f3e23846d0b438a68e45e076e65016e95e)
|
|
Jeremy.
(This used to be commit 146fb9d12bd3621087193f439e99c13d609ff658)
|
|
spotted by alexander bokovoy.
it shouldn't break anything. if it's wrong, feel free to revert but
explain why.
J.F.
(This used to be commit 638c692525c050ecdf414d461ef6b4aed3ce51db)
|
|
POLICY_HND structure when passing new handles back from the appropriate
cli_* functions. When closing the policy handle free the memory.
Insure (and indeed other memory checkers) should detect handles that have
not been closed properly as memory leaks. Unfortunately this can only be
done when the program terminates (set insure++.summarize leaks in your
.psrc file) rather than when the policy handle falls out of scope.
Looks like Jeremy has squished all the policy handle leaks at the moment
but more are bound to crop up later.
(This used to be commit 6dc80d625752f0a3ce6fd7b2278095529c6ec29f)
|