summaryrefslogtreecommitdiff
path: root/source3/rpc_server
AgeCommit message (Collapse)AuthorFilesLines
1998-05-11ldap back-end database developmentLuke Leighton1-126/+38
Makefile: created PASSBD_OBJ group includes.h: added #ifdef USE_LDAP to #include <ldap> headers ldap.c: - renamed "_machine" to "_trust" everywhere. - added sam_passwd support routines - removed get_ldappwd_entry function: replaced with get_sampwd_entry - removed getldappwnam/uid: replaced with getsampwnam/uid - other messing about bits which are probably going to annoy the hell out of jean-francois (sorry!) mkproto.awk: - added stuff to wrap ldap.c protos with #ifdef USE_LDAP - added uid_t and gid_t return results to the prototype generation passdb.c: - created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry. - modified getsampwnam/uid and created getsam21pwnam/rid functions to replace the local get_smbpwd_entry() and get_ldappwd_entry() functions, which jeremy didn't like anyway because they were dual-purpose. - added utility routines which are or may be useful to all the password database routines. password.c: - renamed "machine_" to "trust_" everywhere. smbpass.c: - removed get_smbpwd_entry function: replaced it with get_sampwd_entry functions in passdb.c - moved code that decoded acct_ctrl into passdb.c - moved encode_acct_ctrl into passdb.c - removed getsmbpwnam/uid: replaced with getsampwnam/uid - renamed "machine_" to "trust_" everywhere. smbpasswd.c: - renamed "machine_" to "trust_" everywhere. util.c: - moved gethexpwd function into passdb.c lib/rpc/server/srv_util.c: - moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c (This used to be commit 673ab50c4c2c25db355d90efde3a6bfbb4d8369e)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell2-9/+9
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
1998-05-07created "passdb.c" which is an interface point to (at present) eitherLuke Leighton3-44/+46
smbpasswd or ldap passwd, at compile-time (-DUSE_LDAP). _none_ of the functions in ldap.c or smbpass.c should be called directly: only those in passdb.c should be used. -DUSE_LDAP is unlikely to compile at the moment. (This used to be commit 57b01ad4ffb14ebd600d4e66602b54ed987f6106)
1998-05-06smbpass.c: Fixed machine_passwd_lock() problems.Jeremy Allison1-2/+3
password.c: Fixed machine_passwd_lock() problems. lib/rpc/server/srv_ldap_helpers.c: Oops - broke proto.h with dummy function. Fixed now. Jeremy. (This used to be commit d28427f21fff49da6b38c24625e3e2dae49a9713)
1998-05-06loadparm.c: Added #ifdef USE_LDAP around ldap code.Jeremy Allison2-5/+8
server.c: Moved %U, %G and %N into standard_sub() from standard_sub_basic() as only smbd knows about usernames. Also fixes problem with calling standard_sub_basic() from loadparm.c. smbpass.c: Partial tidyup of machine_password_lock() code - not finished yet. util.c: Moved %U, %G and %N into standard_sub() from standard_sub_basic() as only smbd knows about usernames. Also fixes problem with calling standard_sub_basic() from loadparm.c. lib/rpc/server/srv_ldap_helpers.c: Added #ifdef USE_LDAP around ldap code. lib/rpc/server/srv_samr.c: Added #ifdef USE_LDAP around ldap code. Jeremy. (This used to be commit 446b98ca071170fc950bad86ad96b58308a5b75c)
1998-05-06jean-francois micouleau's well-alpha code for ldap password database stuff!Luke Leighton2-52/+236
he's going to hate me for checking this in so early, but... (This used to be commit ad9ba0a1cbac5c4e6cbcbcadefe8f1df72231f74)
1998-05-06compiler warning for unimportant uninitialised variableLuke Leighton1-4/+4
(This used to be commit 81bf26309248b63cc7e167170a8b384c11126ded)
1998-05-05patches from jean francois: couple of minor bugsLuke Leighton1-2/+1
(This used to be commit 532b3956c66eda1b7e787b1c6906bcf574f66216)
1998-04-30Added patch from Bruce Tenison <btenison@dibbs.net> to allow encryptedJeremy Allison1-1/+1
passwords to be stored over time, allowing a smbpasswd file migration. Adds new parameter "update encrypted". Will also add to 1.9.18 branch. Docs update to follow. Jeremy. (This used to be commit 5d3e874d780d595415cc27a7f5945fc2e694c3ac)
1998-04-29Makefile: Added files to smbpasswd.c.Jeremy Allison1-1/+1
loadparm.c: Patch from tim@quiknet.com for static string problems. server.c: Setup global_myname. smbpass.c: Fix up locking. Add machine_password_delete() call. smbpasswd.c: Added provisional code to add to a domain. lib/rpc/client/cli_login.c: Fixed incorrect cred_hash3 call when setting machine password. lib/rpc/server/srv_netlog.c: Fixed incorrect cred_hash3 call when setting machine password. Jeremy. (This used to be commit 6a7164233e3bf9d6bb57c44a53204068e454ae5c)
1998-04-29This is the checkin that adds the security=domain functionality.Jeremy Allison1-11/+11
WARNING - so far this has only been tested against a Samba PDC (still waiting for IS to add me the machine accounts :-). Still missing is the code in smbpasswd that will add a machine account password and change it on the domain controller, but this is not hard, and I will check it in soon. Jeremy. (This used to be commit 17b94a7084621b3f0106dd4d3386f05cdfc56d19)
1998-04-25This looks like a big change but really isn't.Jeremy Allison3-10/+7
It is changing the global variables "myname" and "myworkgroup" to "global_myname" and "global_myworkgroup" respectively. This is to make it very explicit when we are messing with a global (don't ask - it makes the domain client code much clearer :-). Jeremy. (This used to be commit 866406bfe399cf757c8275093dacd5ce4843afa0)
1998-04-24ABOUT time. dce/rpc long packet format now works, server-side.Luke Leighton2-5/+90
turns out that [it can be deduced that] microsoft ignores the SMBreadX offset, and goes by the SMBreadX length only. this makes for a lot simpler code, in both client and server. (This used to be commit a8b641c027c8cce179455ac1f6fd0322a8ab017d)
1998-04-23Makefile: Added nterr.c into the mix.Jeremy Allison1-1/+1
clientgen.c: Added nt_error as an entry in the struct client_state. password.c: Open the netlogon pipe. smb.h: Added nt_error as an entry in the struct client_state. lib/rpc/parse/parse_net.c: Added comments on net logon. lib/rpc/server/srv_netlog.c: Added comments on net logon. Jeremy. (This used to be commit 899a9f0dce50c73e03c8da2ebe920957491c8ad7)
1998-04-22Fixed bug found by Gerald Carter <cartegw@Eng.Auburn.EDU> whereJeremy Allison3-4/+0
global myname was being overwritten incorrectly. Jeremy. (This used to be commit a3e7cf1b8a2fc950d41f5f2d5318cf88874165cd)
1998-04-21put server-side long dce/rpc code in main branch.Luke Leighton1-28/+61
(This used to be commit 2e1a08b28c1c0c9ea988a09067cd149926f25c69)
1998-04-20genrand.c: Improved filename based random seed generation.Jeremy Allison1-4/+3
lib/rpc/server/srv_netlog.c: Changed to use generate_random_buffer(). Jeremy. (This used to be commit 093d060a06d75c6ee5b1329d524334f4db97cba6)
1998-04-18includes.h: Added John's redhat fix for QSORT_CAST.Jeremy Allison1-3/+3
smbpass.c: Added lock depth code so calls to pw_file_lock() can be nested. Fixed codedump problems in add_smbpwd_entry(). smbpasswd.c: Removed all the code that manipulated the password file directly. Now *all* smbpasswd file changes are done through the interfaces defined in smbpass.c This should make the life of people adding alternate backend databases *much* easier. lib/rpc/server/srv_netlog.c: Removed debug messages used to debug machine password changing. Jeremy. (This used to be commit c9f61be08f3691a6421734d8b026a295d9cbd6ba)
1998-04-17Changing of machine passwords now works !!!!!!Jeremy Allison1-32/+26
smbdes.c: Added cred_hash3. smbpasswd.c: Fixes for adding a machine account (needs more work). lib/rpc/server/srv_netlog.c: Turn on the machine password changing code by default (calls cred_hash3). Jeremy. (This used to be commit 50aa513b969c6e41911aeee8207b065f93af0beb)
1998-04-14Modified interfaces to getting smb password entries fromJeremy Allison3-13/+13
get_smbpwd_entry (now an internal function to smbpass.c) to a more UNIX-like : getsmbpwnam() - get entry by name. getsmbpwuid() - get entry by uid. Changed the type returned by the smbpasswd enumeration functions to be a void * so that people don't come to depend on it being a FILE *. These abstractions should make it much easier to replace the smbpasswd file with a better backend in future. Other files changed are to match the above changes. Jeremy. (This used to be commit 1161cfb7f2b0d5a6d3e2b524a14a6f325ce70efb)
1998-04-10includes.h: Moved HPUX undefine of SEMMSL to where it actually does something.Jeremy Allison2-12/+31
ipc.c: Added Luke's debug statement. locking_slow.c: Added FTRUNCATE_NEEDS_ROOT code for broken systems that need it (not sure what these are yet). membuffer.c ntdomain.h proto.h lib/rpc/include/rpc_dce.h lib/rpc/include/rpc_srvsvc.h lib/rpc/parse/parse_prs.c lib/rpc/parse/parse_rpc.c lib/rpc/server/srv_pipe_hnd.c lib/rpc/server/srv_util.c: Re-merge of Luke's NTDOM changes 'cos he's a lazy git with carpel tunnel syndrome :-). Jeremy. (This used to be commit 52e3966fbcf7b5fbdbc7cbe9ac0b453ab5bf3217)
1998-04-02Changed code to check NT password *first* - if it exists.Jeremy Allison1-11/+14
The NT password is a higher quality password, and should always be looked at before the LM password, if available (sorry, Luke, just a minor change, the other changes you made were fine :-). Jeremy. (This used to be commit c1367bf5336485ceafd7125f608dc923ecebd32d)
1998-04-01cli_login.c :Luke Leighton1-18/+41
start to create the calls needed for client-side of "network" logins, which will be used for domain version of pass-through authentication. unfortunately, none of this code is called in the main branch, because smbclient BRANCH_NTDOM code isn't in use, yet! srv_netlog.c : fixed a problem with static net_login_network() which was being stubborn: the if() statement looked horrendous, so i split it into two if() statements, one to deal with the lm password; the other to deal with the nt password. the smb_password_check() functions should _not_ be called here, in case we decide to disable lm hashes for security reasons, just like nt does. so, we now get a response to the SAM_LOGON "network" call, but the connection is still dropped. a trace is needed from an nt server, which is why i started on the client-side code. see above, which is why i'm calling it a day :-) (This used to be commit 2c29a7d9cf2d8b35e4b6e37e5d24caa91af3a9be)
1998-04-01Rolling back machine password change code - this doesn't work (yet).Jeremy Allison1-13/+24
Jeremy. (This used to be commit 66affb3dc301d71565d789c06f105da3bb1d65b3)
1998-03-31includes.h: Added semaphore fix for HPUX10.xJeremy Allison1-24/+13
server.c trans2.c: Added oplock deadlock bug fix. lib/rpc/server/srv_netlog.c: Made code that changes machine account password the default. Jeremy. (This used to be commit 3b56fbc11e9d1cb7d4930d9782238c2610cac30d)
1998-03-24clientgen.c ipc.c smbpasswd.c: Fixes for warnings (from Herb).Jeremy Allison1-16/+9
quotas.c: Linux quota fix. util.c: Ensure smb_read_error is zero in all calls that can set it. lib/rpc/include/rpc_misc.h lib/rpc/include/rpc_netlogon.h lib/rpc/parse/parse_misc.c lib/rpc/parse/parse_net.c lib/rpc/server/srv_netlog.c : Modify Luke's code to call SamOEMhash(). Jeremy. (This used to be commit 7f749708383b8b36c3f23a5fbc5cbdf39bc8e555)
1998-03-17this isn't a big commit, it just looks like it :-)Andrew Tridgell1-2/+3
I needed the client_name() and client_addr() functions in swat so I could tell who was connecting from where. The problem was that these functions didn't take a file descriptor parameter they just used the global "Client". So I needed to change all calls to pass a parameter ... lots of files. (This used to be commit a776058900a727591bd7b69debdaa25c0e31d693)
1998-03-11"For I have laboured mightily on Luke's code, and hath brokenJeremy Allison9-0/+5104
all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)