summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_netlog_nt.c
AgeCommit message (Collapse)AuthorFilesLines
2003-11-09Merge from 3.0:Andrew Bartlett1-6/+0
source/passdb/pdb_get_set.c: I agree with vl's #if 0 here, and am not quite sure what I was thinking with regard to the original code. Let's keep samba simple, and just remove it. source/rpc_server/srv_netlog_nt.c: Remove compleatly wrong comments. (There were correct, 2 years ago...) source/intl/lang_tdb.c: Add newline to debug message Andrew Bartlett (This used to be commit 2a8dbe03690b60f3d9c83de3cf6ce873aa0657bc)
2003-10-17* fix some compile warnings in the gums codeGerald Carter1-0/+14
* add server support for DsEnumerateDomainTrusts() (This used to be commit 06bacf6e3434db5bd09b48f84206441712e69a63)
2003-08-02port latest changes from SAMBA_3_0 treeSimo Sorce1-1/+1
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
2003-07-16trying to get HEAD building again. If you want the codeGerald Carter1-14/+12
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
2003-04-22Setting the credentials for the netsec netlogon pipe connect upon eachVolker Lendecke1-8/+0
samlogon call certainly breaks the credential chain. Do it once during the bind response. Volker (This used to be commit 616b6dd60fe621a968fef34e66550f86b7b735bc)
2003-04-04This is a merge of the NETLOGON schannel server code from SambaVolker Lendecke1-1/+33
TNG. Actually, it exists in the main Samba cvs tree in APPLIANCE_TNG as I found out later :-) It adds a new parameter: server schannel = yes/auto/no defaulting to auto. What does this mean to the user: No requireSignOrSeal registry patch for XP anymore. Many thanks for this code to Luke Leighton, Elrond and anybody else I forgot to mention. My next thing will be to see if this applies cleanly to 3_0. Please test and comment! Volker (This used to be commit e1f953241eb020f19fe657f29afdae28dcf5a03b)
2003-02-02Send the user's session key in the SAMLOGON reply, so that a member server canAndrew Bartlett1-2/+11
use smb signing. Andrew Bartlett (This used to be commit 574e8a8ab7c94ecd9113df42e395e83632980675)
2003-01-02BIG patch...Andrew Bartlett1-3/+3
This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett (This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
2002-11-25Instead of walking the entire group database, grabbing all members of eachAndrew Bartlett1-10/+8
group, testing for membership etc, use the already calculated NT_USER_TOKEN. (which is initgroups() based) So far we only fill out the 'domain' groups - we need to fill out the 'other sids' as well, and we possibly need to filter the list for 'domain groups' only (the old code did that), but Win2k doesn't seem to mind this for now. I also need to find out what the magic '7' is about. Fortunetly JF is in town, so I'll grill him tomorrow :-). Andrew Bartlett (This used to be commit 7e846e7387247f8bc2b07a1a1006014c6978143b)
2002-11-20more %U fixes for headAndrew Tridgell1-0/+1
(This used to be commit ea3787d819df14f8b451780a55d2bf76dc4030ef)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-4/+1
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
2002-10-12Nice *big* patch from metze.Andrew Bartlett1-2/+2
The actual design change is relitivly small however: It all goes back to jerry's 'BOOL store', added to many of the elements in a SAM_ACCOUNT. This ensured that smb.conf defaults did not get 'fixed' into ldap. This was a great win for admins, and this patch follows in the same way. This patch extends the concept - we don't store values back into LDAP unless they have been changed. So if we read a value, but don't update it, or we read a value, find it's not there and use a default, we will not update ldap with that value. This reduced clutter in our LDAP DB, and makes it easier to change defaults later on. Metze's particular problem was that when we 'write back' an unchanged value, we would clear any muliple values in that feild. Now he can still have his mulitivalued 'uid' feild, without Samba changing it for *every* other operation. This also applies to many other attributes, and helps to eliminate a nasty race condition. (Time between get and set) This patch is big, and needs more testing, but metze has tested usrmgr, and I've fixed some pdbedit bugs, and tested domain joins, so it isn't compleatly flawed ;-). The same system will be introduced into the SAM code shortly, but this fixes bugs that people were coming across in production uses of Samba 3.0/HEAD, hence it's inclusion here. Andrew Bartlett (This used to be commit 7f237bde212eb188df84a5d8adb598a93fba8155)
2002-09-23Ok, what's this? Samba as a PDC wants to authenticate a user coming inVolker Lendecke1-2/+2
to a native NT member server. If the logoff time in the samlogon reply is set to something else but infinity, the tree connect to the member server comes back with 'bad uid'. In my traces, NT PDC sends 0x7fff.. always. Weird, but true. I would really like others to double-check this. If you have questions regarding the setup, feel free to ask! Thanks! Volker (This used to be commit 066b163bde9419d32fe8ffe00c1841107357c138)
2002-07-21Name get and set dir drive functions consistently.Tim Potter1-1/+1
(This used to be commit 290a304d2c1b70d20129236e20a0ff664179023e)
2002-07-20Try to fix up warnings - particularly on the IRIX 64 bit compiler (which had aAndrew Bartlett1-2/+2
distinction between uchar and char). Lots of const etc. Andrew Bartlett (This used to be commit 8196ee908e10db2119e480fe1b0a71b31a16febc)
2002-06-18more debug classess activatedSimo Sorce1-0/+3
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
2002-06-15Update the netlogon code to better cope with trusted domains, where thingsAndrew Bartlett1-10/+29
like the domain name and SID come from the remote domain, not the local one. These are filled out by the code from the previous commit (auth_util.c, the make_server_info_info3() fn) and read back here. Andrew Bartlett (This used to be commit 6872de2e5b27fd2de61ed14c85475a0eacd637ca)
2002-06-07Globally replace 'global_sam_sid' with get_global_sam_sid(), a selfAndrew Bartlett1-2/+3
initialising function. This patch thanks to the work of "Stefan (metze) Metzmacher" <metze@metzemix.de> This is partly to enable the transition to SIDs in the the passdb. Andrew Bartlett (This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
2002-05-18Passdb:Andrew Bartlett1-4/+4
Kill off the silly code that attempts to do NT -> Unix username mapping. This is done well before here, no need to repeat it. Add some small fixes and extra debugs, trying to track down current build farm failures. pdb_unix: When 'updating' a pdb_unix account, instead add it to the default passdb. This means that you don't need to specify '-a' to smbpasswd any more when messing with an existing unix user, the account is simply 'upgraded'. The idea here is that these accounts are just as 'real' as any other, they just don't have the extra attributes an smbpasswd file does. I'm open for debate on the pdb_unix issue, and will remove it if given good reason. (without this, an attempt to add an account already in pdb_unix to smbpasswd would fail, as it would fail to update pdb_unix). rpc_server/srv_netlog_nt.c Change a couple of things around, so as to show the client workstation etc. WRONG_PASSWORD is certainly not the right default error. Try ACCESS_DENIED for now. Andrew Bartlett (This used to be commit d78b74b338df9accd9ad84c56a49fa4f787425e2)
2002-03-27merge from SAMBA_2_2Gerald Carter1-6/+6
(This used to be commit fe099006bbd1103edb5804d70743b211bbc584fb)
2002-03-17Renamed get_nt_error_msg() to nt_errstr().Tim Potter1-1/+1
(This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-03-05Spelling fixes.Tim Potter1-3/+3
(This used to be commit a7fa0733badad66ae610eac5e01569cf264976f3)
2002-03-03Some more fixes to enusre we execute the same code pathes as before thisAndrew Bartlett1-8/+8
change, just in different packets. (This used to be commit ffa6c61f0bb0c413d4bcc46da3bc879c40a40569)
2002-03-03This patch allows NT4 domains to trust Samba.Andrew Bartlett1-84/+81
Simply add an account (smbpasswd -a -i REMOTEDOM) and join with 'user manager' on the remote domain. The only issue (at the auth level at least) that prevented NT4 domains from trusting Samba was that our netlogon code was based on what appear to be invalid assumptions. The netlogon code appears to assume that the 'client name' specified corrosponds to an account of the same form. This doesn't apply in trusted domains, becouse the account is in the form domain$ Now that we use the supplied account name, and no longer make our access control checks at the challange stage (where this info is unavailable) we match the Win2k behaviour for invalid machine logins, and don't need to know the names of PDCs/BDCs in trusting domains. We also kill off the 'you logged on with a machine account, use your user account' error message, becouse the previous NT_STATUS return was compleatly bogus. (The ACCESS_DENIED we now return matches Win2k, and gives snane error messages on the client). TNG doesn't use this and has to do magic password syncs between the various accounts for domain/pdc/bdc. This patch feels like the much more natural way of doing things, and has been mildly tested. Andrew Bartlett (This used to be commit 542673fcd6654a1d0966dddadde177a4c4ce135d)
2002-03-01SECURITY FIXES:Andrew Bartlett1-1/+7
Remove a stray 'unbecome_root()' in the ntdomain an auth failure case. Only allow trust accounts to request a challange in srv_netlogon_nt.c. Currently any user can be the 'machine' for the domain logon. MERGE for 2.2. Andrew Bartlett (This used to be commit 0242d0e17827b05d8cd270f675d2595fa67fd5b9)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-26Try to move towards slightly sane linking for Samba by removing some pdb_...()Andrew Bartlett1-12/+30
calls from rpc_parse/parse_net.c - instead these values are passed as a paramater. Unfortunetly some there is still some samr work to be done before this is actually useful. Andrew Bartlett (This used to be commit 4fc9e16ad7a77cf2e37b27640c0dec2052e9cda0)
2002-01-20Fix the negation of the extra parinoia check on machine password changes.Andrew Bartlett1-1/+1
I *love* automated testing - this one got picked up by the build farm. Andew Bartlett (This used to be commit b19296172a75449a27eb9f674c74c462b146e717)
2002-01-20This is another *BIG* change...Andrew Bartlett1-1/+6
Samba now features a pluggable passdb interface, along the same lines as the one in use in the auth subsystem. In this case, only one backend may be active at a time by the 'normal' interface, and only one backend per passdb_context is permitted outside that. This pluggable interface is designed to allow any number of passdb backends to be compiled in, with the selection at runtime. The 'passdb backend' paramater has been created (and documented!) to support this. As such, configure has been modfied to allow (for example) --with-ldap and the old smbpasswd to be selected at the same time. This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua. These two backends accept 'non unix accounts', where the user does *not* exist in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to avoid conflicts in the algroitmic mapping of RIDs, they use the values specified in the 'non unix account range' paramter - in the same way as the winbind ranges are specifed. While I was at it, I cleaned up some of the code in pdb_tdb (code copied directly from smbpasswd and not really considered properly). Most of this was to do with % macro expansion on stored data. It isn't easy to get the macros into the tdb, and the first password change will 'expand' them. tdbsam needs to use a similar system to pdb_ldap in this regard. This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I don't have the test facilities for these. I plan to incoroprate at least pdb_ldap into this scheme after consultation with Jerry. Each (converted) passdb module now no longer has any 'static' variables, and only exports 1 init function outside its .c file. The non-unix-account support in this patch has been proven! It is now possible to join a win2k machine to a Samba PDC without an account in /etc/passwd! Other changes: Minor interface adjustments: pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*. pdb_update_sam_account() no longer takes the 'override' argument that was being ignored so often (every other passdb backend). Extra checks have been added in some places. Minor code changes: smbpasswd no longer attempts to initialise the passdb at startup, this is now done on first use. pdbedit has lost some of its 'machine account' logic, as this behaviour is now controlled by the passdb subsystem directly. The samr subsystem no longer calls 'local password change', but does the pdb interactions directly. This allow the ACB_ flags specifed to be transferred direct to the backend, without interference. Doco: I've updated the doco to reflect some of the changes, and removed some paramters no longer applicable to HEAD. (This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
2002-01-15Change the passdb interface to use allocated strings.Andrew Bartlett1-1/+1
These strings are allocated using talloc(), either using its own memory context stored on the SAM_ACCOUNT or one supplied by the caller. The pdb_init_sam() and pdb_free_sam() function have been modifed so that a call to pdb_free_sam() will either clean up (remove hashes from memory) and destroy the TALLOC_CTX or just clean up depending on who supplied it. The pdb_init_sam and pdb_free_sam functions now also return an NTSTATUS, and I have modified the 3 places that actually checked these returns. The only nasty thing about this patch is the small measure needed to maintin interface compatability - strings set to NULL are actually set to "". This is becouse there are too many places in Samba that do strlen() on these strings without checking if they are NULL pointers. A supp patch will follow to set all strings to "" in pdb_default_sam(). Andrew Bartlett (This used to be commit 144345b41d39a6f68d01f62b7aee64ca0d328085)
2002-01-09Better explanation message for dmalloc.Martin Pool1-2/+2
Also more insertion of parenthesis to handle struct members called 'free'. You can now get useful dmalloc output, as long as it is compatible with your C library. On RH7.1 it looks like you have to rebuild dmalloc to allow free(0) by default, because something in libcrypt does that. (sigh) (This used to be commit 391cbb690196537c8b6292b42c2e27408cc7e249)
2002-01-05I've decided to move the auth code around a bit more...Andrew Bartlett1-27/+35
The auth_authsupplied_info typedef is now just a plain struct - auth_context, but it has been modified to contain the function pointers to the rest of the auth subsystem's components. (Who needs non-static functions anyway?) In working all this mess out, I fixed a number of memory leaks and moved the entire auth subsystem over to talloc(). Note that the TALLOC_CTX attached to the auth_context can be rather long-lived, it is provided for things that are intended to live as long. (The global_negprot_auth_context lasts the whole life of the smbd). I've also adjusted a few things in auth_domain.c, mainly passing the domain as a paramater to a few functions instead of looking up lp_workgroup(). I'm hopign to make this entire thing a bit more trusted domains (as PDC) freindly in the near future. Other than that, I moved a bit of the code around, hence the rather messy diff. Andrew Bartlett (This used to be commit 12f5515f556cf39fea98134fe3e2ac4540501048)
2001-12-21Add an output parameter to message_send_all that says how manyMartin Pool1-1/+1
messages were sent, so you know how many replies to expect. Const and doc religion. (This used to be commit 22e510ea0d69356be4fd2fa5ad9e9f4e84f62337)
2001-12-08Fix domain logon that I broke 3 days ago.Jean-François Micouleau1-1/+4
And it's in sync with the docs, %U is really replaced by the name the user asked. Whereas in 2.2 that's false, %U is replaced by the name the user was mapped to. J.F. (This used to be commit 39f2b23347011acabe9dd3ab15025022da352b74)
2001-12-06again an intrusive patch:Jean-François Micouleau1-19/+3
- removed the ugly as hell sam_logon_in_ssb variable, I changed a bit the definition of standard_sub_basic() to cope with that. - removed the smb.conf: 'domain admin group' and 'domain guest group' parameters ! We're not playing anymore with the user's group RIDs ! - in get_domain_user_groups(), if the user's gid is a group, put it first in the group RID list. I just have to write an HOWTO now ;-) J.F. (This used to be commit fef52c4b96c987115fb1818c00c2352c67790e50)
2001-11-26challange -> challengeTim Potter1-5/+6
(This used to be commit d6318add27f6bca5be00cbedf2226b642341297a)
2001-11-25Unless the error is exactly NT_STATUS_OK, we might not have a server info, soAndrew Bartlett1-1/+1
we need to bail here. (This used to be commit ea0331354e5968aa0a25c0b12379a56c72d7946b)
2001-11-24This is another rather major change to the samba authenticaionAndrew Bartlett1-4/+22
subystem. The particular aim is to modularized the interface - so that we can have arbitrary password back-ends. This code adds one such back-end, a 'winbind' module to authenticate against the winbind_auth_crap functionality. While fully-functional this code is mainly useful as a demonstration, because we don't get back the info3 as we would for direct ntdomain authentication. This commit introduced the new 'auth methods' parameter, in the spirit of the 'auth order' discussed on the lists. It is renamed because not all the methods may be consulted, even if previous methods fail - they may not have a suitable challenge for example. Also, we have a 'local' authentication method, for old-style 'unix if plaintext, sam if encrypted' authentication and a 'guest' module to handle guest logins in a single place. While this current design is not ideal, I feel that it does provide a better infrastructure than the current design, and can be built upon. The following parameters have changed: - use rhosts = This has been replaced by the 'rhosts' authentication method, and can be specified like 'auth methods = guest rhosts' - hosts equiv = This needs both this parameter and an 'auth methods' entry to be effective. (auth methods = guest hostsequiv ....) - plaintext to smbpasswd = This is replaced by specifying 'sam' rather than 'local' in the auth methods. The security = parameter is unchanged, and now provides defaults for the 'auth methods' parameter. The available auth methods are: guest rhosts hostsequiv sam (passdb direct hash access) unix (PAM, crypt() etc) local (the combination of the above, based on encryption) smbserver (old security=server) ntdomain (old security=domain) winbind (use winbind to cache DC connections) Assistance in testing, or the production of new and interesting authentication modules is always appreciated. Andrew Bartlett (This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99)
2001-11-08Change to guest logon code.Andrew Bartlett1-1/+8
This changes the way we process guest logons - we now treat them as normal logons, but set the 'guest' flag. In particular this is needed becouse Win2k will do an NTLMSSP login with username "", therefore missing our previous guest connection code - this is getting a pain to do as a special case all over the shop. Tridge: We don't seem to be setting a guest bit for NTLMSSP, in either the anonymous or authenticated case, can you take a look at this? Also some cleanups in the check_password() code that should make some of the debugs clearer. Various other minor cleanups: - change the session code to just take a vuser, rather than having to do a vuid lookup on vuser.vuid - Change some of the global_client_caps linking - Better debug in authorise_login(): show the vuid. Andrew Bartlett (This used to be commit 62f4e4bd0aef9ade653b3f8d575d2864c166ab4d)
2001-11-07Initilising these variables before appending the domain groups to themAndrew Bartlett1-1/+3
(This used to be commit 8004cfea19e10ad942c59f2f6a6bd992791017ba)
2001-11-01Various post AuthRewrite cleanups, fixups and tidyups.Andrew Bartlett1-5/+5
Zero out some of the plaintext passwords for paranoia Fix up some of the other passdb backends with the change to *uid_t rather than uid_t. Make some of the code in srv_netlog_nt.c clearer, is passing an array around, so pass its lenght in is definition, not as a seperate paramater. Use sizeof() rather than magic numbers, it makes things easier to read. Cope with a PAM authenticated user who is not in /etc/passwd - currently by saying NO_SUCH_USER, but this can change in future. Andrew Bartlett (This used to be commit 514c91b16baca639bb04638042bf9894d881172a)
2001-10-31Fix up domain logons. Tested with NT4.Andrew Bartlett1-5/+4
(This used to be commit c8b2718adfe114b74a155116c5e74f014d6df887)
2001-10-31This is a farily large patch (3300 lines) and reworks most of the AuthRewriteAndrew Bartlett1-144/+53
code. In particular this assists tpot in some of his work, becouse it provides the connection between the authenticaion and the vuid generation. Major Changes: - Fully malloc'ed structures. - Massive rework of the code so that all structures are made and destroyed using malloc and free, rather than hanging around on the stack. - SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them to be declared 'invalid' without the chance that people might get ROOT by default. - kill off some of the "DOMAIN\user" lookups. These can be readded at a more appropriate place (probably domain_client_validate.c) in the future. They don't belong in session setups. - Massive introduction of DATA_BLOB structures, particularly for passwords. - Use NTLMSSP flags to tell the backend what its getting, rather than magic lenghths. - Fix winbind back up again, but tpot is redoing this soon anyway. - Abstract much of the work in srv_netlog_nt back into auth helper functions. This is a LARGE change, and any assistance is testing it is appriciated. Domain logons are still broken (as far as I can tell) but other functionality seems intact. Needs testing with a wide variety of MS clients. Andrew Bartlett (This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c)
2001-10-31Added some extra fields to the auth_serversupplied_info structure.Tim Potter1-0/+2
To obtain the full group membership of a user (i.e nested groups on a win2k native mode server) it is necessary to merge this list of groups with the groups returned by winbindd when creating an nt access token. This breaks winbindd linking while AB and I sync up our changes to the authentication subsystem. (This used to be commit 4eeb7bcd783d7cfb3ac232f1faa035773007401d)
2001-10-29This commit is number 4 of 4.Andrew Bartlett1-1/+1
In particular this commit focuses on: Actually adding the 'const' to the passdb interface, and the flow-on changes. Also kill off the 'disp_info' stuff, as its no longer used. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes introduces a large dose of 'const' to the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username --- This finishes this line of commits off, your tree should now compile again :-) Andrew Bartlett (This used to be commit c95f5aeb9327347674589ae313b75bee3bf8e317)
2001-10-29This commit is number 1 of 4.Andrew Bartlett1-0/+6
In particular this commit focusses on: Adding the new 'pass changed now' helper function. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. (This used to be commit a8971a5448cf6d203b379c3ed01e331d5263c9ee)
2001-10-18Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.Jeremy Allison1-1/+1
Ensure make_conection() can only be called as root. Jeremy. (This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-2/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-29Fix up a number of intertwined issues:Andrew Bartlett1-10/+22
The big one is a global change to allow us to NULLify the free'ed pointer to a former passdb object. This was done to allow idra's SAFE_FREE() macro to do its magic, and to satisfy the input test in pdb_init_sam() for a NULL pointer to start with. This NULL pointer test was what was breaking the adding of accounts up until now, and this code has been reworked to avoid duplicating work - I hope this will avoid a similar mess-up in future. Finally, I fixed a few nasty bugs where the pdb_ fuctions's return codes were being ignored. Some of these functions malloc() and are permitted to fail. Also, this caught a nasty bug where pdb_set_lanman_password(sam, NULL) acheived precisely didilly-squat, just returning False. Now that we check the returns this bug was spotted. This could allow different LM and NT passwords. - the pdbedit code needs to start checking these too, but I havn't had a chance to fix it. I have also fixed up where some of the password changing code was using the pdb_set functions to store *internal* data. I assume this is from a previous lot of mass conversion work... Most likally (and going on past experience) I have missed somthing, probably in the LanMan password change code which I havn't yet been able to test, but this lot is in much better shape than it was before. If all this is too much to swallow (particularly for 2.2.2) then just adding a sam_pass = NULL to the particular line of passdb.c should do the trick for the ovbious bug. Andrew Bartlett (This used to be commit 762c8758a7869809d89b4da9c2a5249678942930)
2001-09-26More updates to prevent account-guessing.Andrew Bartlett1-12/+10
This moves the check that ensures that the account being looked up is the same account as the machine logged in as to the front, before we even start with passdb. Merge for 2.2.2? Andrew Bartlett (This used to be commit f7ed0ecc14aeba5ad260f24a76ced70cf52f8e48)