Age | Commit message (Collapse) | Author | Files | Lines |
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.
This code still needs surgery :-(.
Jeremy.
(This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
|
|
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
|
|
smbwrapper not made
by default.
nmbd*: Changed all calls to namestr() to nmbd_namestr() to fix broken FreeBSD include
file problem...sigh.
Jeremy.
(This used to be commit 9ee8f39aed8772a05c203161b4ae6b7d90d67481)
|
|
nmbd/nmbd.c: Someone (a "yank" no doubt :-) Changed instances of "initialise" to
"initialize". Someone get that man an *English* dictionary.... :-) :-).
Jeremy.
(This used to be commit 6279be7f96802bb132e5e18dd8c6912652296e70)
|
|
(This used to be commit 5e2fc8b7ccf4a9c8b0a2acf4bd752531ac6fa775)
|
|
(ie. it breaks Sues machine).
Luke, your comment was:
put unicode strings after SAMLOGON query regardless of whether it's
an NT mailslot or a non-NT mailslot, after having observed this behaviour
out of NT machines.
perhaps you could post the relevant tcpdump or netmon capture so we
can see what is going on? I suspect that what you saw isn't exactly
what the win95 boxes are generating. Maybe you saw a GETDCxxx instead
of a GETDC000 ? Maybe we need a switch based on the GETDC request
type?
We won't know unless we see sniffs.
(This used to be commit a2bacc08955ba61aac4b45b63a54b279e5776261)
|
|
meant that one hex dump would fit within 80 characters in lynx after HTML
conversion.
(This used to be commit c391f076f29cff917fd51d58598e1ad11048e824)
|
|
The debug_browse_data() function does a hex dump of a browser packet. The
last line is often not a full 16 bytes, which would miss-align the hex
output. I've added the padding needed to align the hex output.
Chris -)-----
(This used to be commit 9f9b30abab118f0a2e007beddd79de38a2d5ea29)
|
|
When dumping the wins.dat, this module will also write the database
contents to the log file (don't do this if you have a large wins.dat!).
The output was in a sort of tabular format, except that the asctime()
function was used and it always terminates its output with a newline.
I did a bit of fussing, removed the '\n' character, and did my best to
line up the other columns. If the output format of asctime() is
different on different systems, then the columns won't line up, but
the output will still look better than it did before.
Chris -)-----
(This used to be commit 57295113feefcde77b429c661878444cd078b21f)
|
|
break up some very long lines in both the code and the output. The change
is mostly cosmetic, but should improve log file readability.
(This used to be commit fc4e0148ebf8ea45e4410224218c0c987965d36c)
|
|
put unicode strings after SAMLOGON query regardless of whether it's
an NT mailslot or a non-NT mailslot, after having observed this behaviour
out of NT machines.
(This used to be commit c101113ec20ed0ba633e78e4ee45596cdccaf1b5)
|
|
(This used to be commit 327eba774e5bb17a91f80617bd7359afe0c83f48)
|
|
Jeremy.
(This used to be commit 7958787d9beffcd0f025c7a85469844d2e520ce5)
|
|
Bug was caused by multiple C statements on a line.
IMHO this is a *BUG* and will be treated as such....
Fixed all such multiple statements in this file.
Jeremy.
(This used to be commit ea3ab46f12565ac6ccbb8c69825acedd3640ec12)
|
|
(This used to be commit 90a8a02484a0897b053fd6531b7fec5d23098b6f)
|
|
Changes to get Samba to compile cleanly with the IRIX compiler
with the options : -fullwarn -woff 1209,1174 (the -woff options
are to turn off warnings about unused function parameters and
controlling loop expressions being constants).
Split prototype generation as we hit a limit in IRIX nawk.
Removed "." code in smbd/filename.c (yet again :-).
Jeremy.
(This used to be commit e0567433bd72aec17bf5a54cc292701095d25f09)
|
|
dummy.in files are no longer needed, and new directories will be taken
care of automatically, at configure (or config.status --recheck) time
(This used to be commit 237a8e5fe62d757c04b8207cbbee4df1470cfe4e)
|
|
Added $(PROGS) $(SPROGS) as targets for make clean.
acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES.
configure.in: Added sys/capability.h header check.
Added function checks for srandom random srand rand.
Added HAVE_IRIX_SPECIFIC_CAPABILITIES test.
includes.h: Added #include <sys/capability.h>.
ntdomain.h: Moved struct acct_info into here from smb.h
smb.h: Added KERNEL_OPLOCK_CAPABILITY define.
Moved enum action_type into rpcclient.h
Moved struct cli_state into client.h
Moved struct nt_client_info, struct tar_client_info, struct client_info
into rpcclient.h
lib/genrand.c: Changed to use sys_random() & friends.
lib/smbrun.c: Lose capabilities after fork.
lib/system.c: Added set_process_capability(), set_inherited_process_capability()
sys_random(), sys_srandom().
lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an
32 bit mounted NFS filesystem.
nmbd/nmbd.c: Changed to use sys_random() & friends.
nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends.
passdb/ldap.c: Missed one pdb_encode_acct_ctrl call.
passdb/passdb.c: Changed to Ander's code for ' ' characters.
passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ.
script/mkproto.awk: Added 'long' to prototypes.
smbd/chgpasswd.c: Lose capabilities after fork.
smbd/open.c: Do the mmap *after* the kernel oplock.
smbd/oplock.c: Removed stub code from kernel oplock path.
Added set_process_capability(), set_inherited_process_capability() calls.
smbd/reply.c: Initialize count = 0, offset = 0.
smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls.
tests/summary.c: Ensure we have RANDOM or RAND.
utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ.
utils/torture.c: Changed to use sys_random() & friends.
Jeremy.
(This used to be commit e8be306f23963ac00b1a383ebe0cc1421529fb02)
|
|
(This used to be commit aa38f39d67fade4dfd7badb7a9b39c833a1dd1ca)
|
|
(This used to be commit 9a5bdf5c1bef689fe0d6879949df869efbc34783)
|
|
fix problems in builds with srcdir!=builddir
(This used to be commit 1ffc3b807a3f80644c974b454ff5e6f68e89b546)
|
|
save, so it started saving weird filenames (from an unitialised
fstring).
chaos reigns!
(This used to be commit 20a550d61e322cc9a0acfdf8fb974dafe0cd9603)
|
|
script/mkproto.awk: Added SMB_BIG_UINT.
Jeremy.
(This used to be commit c22c40f0caa7d6a9e8120e6415fa728db708db3e)
|
|
config.h.in: Added fseek64 and ftell64.
includes.h: Added definition of SMB_BIG_INTEGER.
smb.h: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
access.c: Tidyup of dbug statement.
system.c: Added sys_fseek and sys_ftell. Changed mode calls to use mode_t.
asyncdns.c: Tidyup of comment.
loadparm.c: Tidyup of set_default_server_announce_type() function definition.
ldap.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
nispass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
smbpass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER.
smbpassfile.c: Use sys_fseek().
chgpasswd.c: Tidyup of debug statement.
dosmode.c: Changed mode calls to use mode_t.
ipc.c: Removal of dead code.
nttrans.c: Changed mode calls to use mode_t.
open.c: Changed mode calls to use mode_t.
pipes.c: Removal of dead code.
reply.c: Removal of dead code.
trans2.c: Removal of dead code. Changed mode calls to use mode_t.
Jeremy.
(This used to be commit c381d32e3dc23fe887408016cae821aceb30da2c)
|
|
non-writeable for some reason.
(This used to be commit 9edd43dcd6cc040416f11e00320c53682558fd8a)
|
|
expected. wins_write_database() didn't exit after doing its stuff, so
when it returned you had two copies of nmbd :)
(This used to be commit 5e6488d4830016ea720a644c1b1ae25b336d3b8b)
|
|
(This used to be commit 31b4048362c63ab19e9ef35453c3763eec8b8f2b)
|
|
In sig_term() we were calling wins_write_database(0) which would fork a
child. This child might then get killed by the same process killing
off the parent. That process would then fork another child etc.
The solution is to pass a "background" flag to wins_write_database(0)
and only fork if this is set.
(This used to be commit 1e1a512e3ff59f962fb3de382f671618bed60839)
|
|
written continuously rather than once every 5 seconds (at most).
also changed it to 20 seconds :)
(This used to be commit 1b07de7079e81da9c0b930bdc30ae0451b57d53a)
|
|
Chris -)-----
(This used to be commit ac13c29d46f564fc340b652b4b71dfa92e4b5b16)
|
|
prompted by the interpret_security() dead code that Jean-Francois
pointed out I added a make target "finddead" that finds potentially
dead (ie. unused) code. It spat out 304 function names ...
I went through these are deleted many of them, making others static
(finddead also reports functions that are used only in the local
file).
in doing this I have almost certainly deleted some useful code. I may
have even prevented compilation with some compile options. I
apologise. I decided it was better to get rid of this code now and add
back the one or two functions that are needed than to keep all this
baggage.
So, if I have done a bit too much "destroying" then let me know. Keep
the swearing to a minimum :)
One bit I didn't do is the ubibt code. Chris, can you look at that?
Heaps of unused functions there. Can they be made static?
(This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
|
|
always. Don't even install a handler.
(This used to be commit 72c383f4b7bcce5374632dc972df16ab0e2542b9)
|
|
also doesn't switch to a registration if a refresh fails, instead the
name is removed! This makes it even more imortant that a Samba WINS
server accepts refresh requests as registration requests if the name
is not registered. I've gone ahead and implemented this.
(This used to be commit 07f825fc9491bb5adac047854e67c63f7757143b)
|
|
the local_master name on the unicast subnet if it is unknown.
(This used to be commit 222b6d90e09288091028f5e0435f1d4a74153f66)
|
|
amount of network traffic grows as the square of the number of
workgroups. It probably wouldn't have caused problems but to be safe I
changed the code to use random() to decrease the probability of a
DMB<->DMB sync in proportion to the number of known workgroups. This
keeps the nice browse connectivity while making the traffic rise only
linearly with the number of workgroups.
(This used to be commit 685f4ef2e1f83ab39e91229cf53a61eecb6181eb)
|
|
The previous code was strictly correct, but not very practical. self
names were only refreshed every 3 days. I hit a situation where the
Samba WINS server was restarted after deleting wins.dat and didn't
notice some remote subnets (also running Samba). I realised that the
complete database wouldn't have been rebuilt for 3 days, which is way
too long. In order to recover from WINS restarts we need a much
shorter maximum refresh time.
(This used to be commit 1d23dd0912e81ff72695bd043e8e2aee32da18a8)
|
|
(This used to be commit 3eade55dc7c842bdc50205c330802d211fae54d3)
|
|
the correct port in environments like ip masq.
(This used to be commit 7d455ee637b6ff70c95845f89d71573ca07b83f3)
|
|
(This used to be commit 03d343ddf5ef672afb3cf1fa65f86eb2c0a48772)
|
|
to work (not a lot of testing yet though).
Now we just need to deal with people worried about having more than
two nmbd processes sometimes. (the async processes are created on
demand for browse sync, so you'll only see more than 2 occasionally)
(This used to be commit a350a54680e4170e2adf571b010ea508e7291780)
|
|
then obtained a node status response we need to remember the server
name of the master browser so that other browse clients asking us for
a workgroup list will get a entry for the master of that workgroup.
(This used to be commit 601f995ffbfa0ee477ea628d92b9660d6bdd8cbc)
|
|
are now sorted by the number of common leading bits in the IP address
with the address of the querying host.
(This used to be commit 4460a1bc6aa7666d1c71d32ba73855d6ed32320a)
|
|
(This used to be commit f555a76df696a0625acc16fa365dc048e0c2447d)
|
|
It now has a line like this:
VERSION 1 251152
the first number is a version #define in nmbd_winsserver.c and will be
used if we ever have to change the format again.
The second number is a hash of the current interfaces setting. It is
used to detect the case where nmbd is restarted on a machine after the
IP of the machine has changed (or the interfaces list has changed in
any way). When that happens we need to discard the old wins.dat cache
or you end up with chaos. This has bitten quite a few people, they
find that when they move a machine it continues using the old IP for
some things for the next week until the wins entries time out!
I've checked, and the old nmbd can handle the new format, although it
does spit out a spurious error message about the VERSION line. So
users can safely run 2.0alpha then switch back to 1.9.18 without
problems.
(This used to be commit c4a8cdc60a5b01894ab2456e77b6d89d4c16a088)
|
|
areas of memory before freeing them.
While doing this I also found a couple of real bugs. In two places we
were freeing some memory that came from the stack, which leads to
a certain core dump on many sytems.
(This used to be commit c5e5c25c854e54f59291057ba47c4701b5910ebe)
|
|
(This used to be commit f18b4e95bffb25fa016dd6e7f9a128a9fc69466f)
|
|
correctly. Added new parameter "stat cache size" - set to 50 by default.
I now declare the statcache code officially "open" for business :-).
It gets a hit rate of 97% with a NetBench run and seems to make
using a case insensitive run as efficient as a case sensitive run.
Also tidied up our sys_select usage - added a maxfd parameter and
also added an implementation of select in terms of poll(), for systems
where poll() is much faster. This is disabled by default.
Jeremy.
(This used to be commit 779b924ec1f6c81ff578d22295b20fece698d1fc)
|
|
problem was a buffer overflow in process_node_status_request().
this really points out a general problem is allocating MAX_DGRAM_SIZE
packets on the stack in nmbd. There must be a better way.
(This used to be commit 7db45f169c33e0f3a67ba2260049226992de8bdf)
|
|
default to overwrite and smbd would default to append. Also, the -a option
(actually a toggle, such that "-a -a" would set the default) was documented
as append mode for nmbd, and *overwrite mode* for smbd.
nmbd now defaults to append mode, to match smbd. The -a option now always
means append, and I've added the -o option to both, meaning overwrite.
Note that the change to nmbd's default behavior may confuse some people.
I've not seen anything about 2.0.0 changes in the WHATSNEW.txt file.
Where would I document a change like this?
Chris -)-----
(This used to be commit b1d374fb14b1fb92a84260f1dcc59a39a4b99a3d)
|