| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
msrpc loop-back interface.
(This used to be commit adbf97c0a93149e17496b002ecc8ecdb3f360ed5)
|
|
(This used to be commit 55035b8984c135ddd2c4e3be18caf8833975841d)
|
|
Jeremy.
(This used to be commit 4914d2f161b6a82789f3a9decccb636fb21264c5)
|
|
is *missing* from samba cvs main, therefore it is set to all zeros.
this will cause, amongst other things, administrator-changing-user-passwords,
and setting up new accounts, to fail, as the user's password can only be
decoded with the session key (in this case, the administrator's usr sess key).
it's never a perfect world, is it?
(This used to be commit 3362fcdfa492cfd1d9d4ec35ef2108192302b984)
|
|
to using internal msrpc code in smbd.
(This used to be commit 8976e26d46cb991710bc77463f7f928ac00dd4d8)
|
|
that were in the head branch but weren't in SAMBA_2_0
(This used to be commit d7b208786590b5a28618590172b8d523627dda09)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
done a minimal amout of clean-up in the Makefile, removing unnecessary
modules from the link stage. this is not complete, yet, and will
involve some changes, for example to smbd, to remove dependencies on
the password database API that shouldn't be there. for example,
smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa
API.
this first implementation has minor problems with not reinstantiating
the same services as the caller. the "homes" service is a good example.
(This used to be commit caa50525220b0d0250fa139367593c2de2c12135)
|
|
pdus, and then feeds them over either a "local" function call or a "remote"
function call to an msrpc service. the "remote" msrpc daemon, on the
other side of a unix socket, then calls the same "local" function that
smbd would, if the msrpc service were being run from inside smbd.
this allows a transition from local msrpc services (inside the same smbd
process) to remote (over a unix socket).
removed reference to pipes_struct in msrpc services. all msrpc processing
functions take rpcsrv_struct which is a structure containing state info
for the msrpc functions to decode and create pdus.
created become_vuser() which does everything not related to connection_struct
that become_user() does.
removed, as best i could, connection_struct dependencies from the nt spoolss
printing code.
todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific
info on a per-connection basis, and if the connection dies then so does
the info, and that's a fairly serious problem.
had to put pretty much everything that is in user_struct into parse_creds.c
to feed unix user info over to the msrpc daemons. why? because it's
expensive to do unix password/group database lookups, and it's definitely
expensive to do nt user profile lookups, not to mention pretty difficult
and if you did either of these it would introduce a complication /
unnecessary interdependency. so, send uid/gid/num_groups/gid_t* +
SID+num_rids+domain_group_rids* + unix username + nt username + nt domain
+ user session key etc. this is the MINIMUM info identified so far that's
actually implemented. missing bits include the called and calling
netbios names etc. (basically, anything that can be loaded into
standard_sub() and standard_sub_basic()...)
(This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
|
|
at present, a unix password is missing from the unix credentials, but is
not _actually_ expected to be needed. weeelll... maybe :-)
this is used to transfer credentials between smbd and msrpc daemons, down
a unix socket, so that the unix and nt credentials can be inherited by
an msrpc daemon called up from smbd.
(This used to be commit 5e68403bbb6f18e754679d967fee9e259d24211c)
|
|
damn, this one is bad.
started, at least two days ago, to add an authentication mechanism to
the smbd<->msrpc redirector/relay, such that sufficient unix / nt
information could be transferred across the unix socket to do a
become_user() on the other side of the socket.
it is necessary that the msrpc daemon inherit the same unix and nt
credentials as the smbd process from which it was spawned, until
such time as the msrpc daemon receives an authentication request
of its own, whereupon the msrpc daemon is responsible for authenticating
the new credentials and doing yet another become_user() etc sequence.
(This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489)
|
|
one horrible cut / paste job from smbd, plus a code split of shared
components between the two.
the job is not _yet_ complete, as i need to be able to do a become_user()
call for security reasons. i picked lsarpcd first because you don't
_need_ security on it (microsoft botched so badly on this one, it's not
real. at least they fixed this in nt5 with restrictanonymous=0x2).
fixing this involves sending the current smb and unix credentials down
the unix pipe so that the daemon it eventually goes to can pick them
up at the other end.
i can't believe this all worked!!!
(This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)
|
|
in private .mac file (oops). ntlogin test now works.
(This used to be commit c98c66690683965612e9631d77c2dff91ec8a872)
|
|
(This used to be commit cef258f1c931ecb7c2dda9d5c9977153e4c1dc73)
|
|
and then set a default random password.
(This used to be commit 7846818432a93295651c8c67445a2d6a0f3b21d8)
|
|
(This used to be commit 44dd3efa6380544e9a515e91960f9271498cefaf)
|
|
(This used to be commit 7a696330586b9ad5157b0c1ab249cc66e9accef7)
|
|
(This used to be commit 4c3556fae73c60693355f95f48ac63834ba4dd10)
|
|
if microsoft bothered to publish it. actually, there are good reasons
for not publishing it: people might write programs for it, and then
those programs wouldn't work on nt5, for example...
(This used to be commit 8ce93b80d3b4e1c1e28aa1dde38cdef184eff3c1)
|
|
function, which takes \\server_name.
tested a _few_ functions. found that regcreatekey receives a Fault PDU.
(This used to be commit 45e92258e7df84c21d23c0be7e1d85457ccac551)
|
|
do so twice. possible memory corruption, revolving around getopt().
(This used to be commit 7cacf8bd026f1ee274f1d352c68cf79cf4f3b499)
|
|
attempted to fix regsetsec command
(This used to be commit eaac0923e0e5e3f4c3d944272a71f3235ac2a741)
|
|
command fails.
(This used to be commit 9193f0eff56399e9bc09787dbe785b603886eaa3)
|
|
(This used to be commit d5869df3716fec21d3a4237dbf5d2417d3350e11)
|
|
(This used to be commit e88e7d529b5bdf32ac3bc71fa8e18f6f2a98c695)
|
|
some of the server-side stuff. Realloc() was being used, so it
Realloc()d some random area of memory. oops.dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT()
some of the server-side stuff. Realloc() was being used, so it
Realloc()d some random area of memory. oops.dynamic memory allocation i added a month ago: forgot to ZERO_STRUCT()
some of the server-side stuff. Realloc() was being used, so it
Realloc()d some random area of memory. oops.
(This used to be commit a51f62f4cf610c23e45251cedb543144747a3e54)
|
|
have the string max length = string length + 1.
if not, then it gets its knickers in a twist over whether the string
is NULL-terminated or not.
four days.
four days i spent on this one.
(This used to be commit 9795e5948c698115e34c28993cdb82ba31377f5d)
|
|
after them is incredible. how did we get away with this for so long?
(This used to be commit 3152bde7d855d189f6f8ab9e6291828579cde2d0)
|
|
believe the XXXX that MIGHT be involved in getting nt5rc2 to join
a samba domain...
(This used to be commit 569babb3935950c1b64396955541abf276cc1d92)
|
|
samr opcode 0x25. _yet_ another failed attempt to get nt5rc2 to join
a samba domain. what _is_ it with this stuff, dammit?
(This used to be commit c3913f8ae272c496fc4519141accf01ee9f1e49e)
|
|
a char*. now copes with multiple types.
(This used to be commit 3df7c903c5b70f336294a95ad864aedbacf544b0)
|
|
reg_io_r_info() working properly. previously they weren't well
understood (well, they were the first of the registry functions i did,
back in december 97, ok??? :-)
set ntversion to 0x1 in SAMQUERY, so that we reply same as NT4 srv.
(This used to be commit 98ddeaf442cb30972cb281bf0489a6e5f7eb2883)
|
|
1) had to fix samr "create user" and "set user info" (level 23).
2) had to fix netlogon enum trust domains
3) registry key needed \\ in it not \.
(This used to be commit 70b2c1ecbb4fbbb86fea676c80754485aae5ab13)
|
|
these _may_ not actually ever get used, as trust relationships
really need to be established with shared secrets, and you need
to get the SID of the trusted and trusting domains, so this
may have to go in a private/xxx.mac file.
(This used to be commit 71f12138679251a9ebcada35969d9baea286a3e9)
|
|
happier in joining a Samba domain.
(This used to be commit 70274b5253182f3541584ecd844f07376a3d3df9)
|
|
(This used to be commit 60b0840106a6f5c283a8339428f3cfeb62398355)
|
|
for which a PDC is responsible. typical answers are:
<Name of Domain> plus <Builtin>.
against a hierarchical, down-level-compatible NT5 PDC, there's likely to
be more than these two entries!!!!!
(This used to be commit 3146aa6b6049a0d996e9abbe7dbee8526550e7e0)
|
|
- disabled (AGAIN) the GETDC "if (MAILSLOT\NTLOGON)" code that will get
NT5rc2 to work but WILL break win95 (AGAIN). this needs _not_ to be
re-enabled but to be replaced with a better mechanism.
- added SMBwrite support (note: SMBwriteX already existed) as NT5rc2 is
sending DCE/RPC over SMBwrite not SMBwriteX.
(This used to be commit 25c70e3c984c4fed19763ed405741e83fe14f87e)
|
|
to mention, there's a spooljobs <printer name> command, and it uses
command-line completion? prints out NT print jobs really nicely, too.
(This used to be commit e6e5caf16c8d120f0c11fa63061f2786098e3357)
|
|
spoolss_enumjobs parsing code to do read / writes not just writes.
(This used to be commit bc659a09f9103eee9616279e27fafacf89dcd9b9)
|
|
(This used to be commit e0eb390ab3e2a0cce191e78ea4ff90d088a8895c)
|
|
(This used to be commit 681cbb9ec1310fa81f4da40ef0cfed92500b5f4e)
|
|
(This used to be commit 0249ae50ad8135cf3fd11a3b85f771f2347fcb29)
|
|
spoolss_r_io_enumprinters doesn't decode strings correctly
as printer_info_1/2 code has only been written to write
structures, not read them.
(This used to be commit 135eaa977385cdd5f572a51f654f14d893347d7b)
|
|
experimental spoolopen <printer name> command added.
jean-francois, f.y.i. i changed the #define for SPOOLSS_OPENPRINTEREX from
op code 0x44 to 0x45.
(This used to be commit ef7fa58fd3c259c765c3bc82424d4c0f192ec90e)
|
|
(This used to be commit c86edef90e7c96d5a99be29e2d2a3679ed26d97d)
|
|
you have to use "ntlmv1" at the moment (i.e set client ntlmv2 = no).
(This used to be commit f52504c553becc64b89d546a57b1bd9cf1bc5b5c)
|
|
error wrong password against nt. ????
(This used to be commit b3f16e6b5aa5ba1b6afa38ad698646c8e765ec90)
|
|
(This used to be commit 3f9455c535607090103a371ff96051a5ce32e461)
|
|
(This used to be commit 6b919ebb4ed8c0082d8bffb299766bff9e718faf)
|
