Age | Commit message (Collapse) | Author | Files | Lines |
|
Ensure make_conection() can only be called as root.
Jeremy.
(This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
|
|
I'm wondering if I have to audit *all* the rpc code for that kind of
trouble ;-) Oh well I've done it twice already, I can do it a third time
;-)
J.F.
(This used to be commit 6be8ea28f98d71e04de18b317f4d7a99b55209e8)
|
|
again :-) :-).
Jeremy.
(This used to be commit 3b56239c51da3bb24d9ac1ee1442717f597c682a)
|
|
Jeremy.
(This used to be commit 4d57c7520fa106ef6c29c0678584e1726ded961f)
|
|
functions correctly deal with the SID_NAME_TYPE. One fix for connection user
lookup in LSA.
Jeremy.
(This used to be commit 29730027d8118ec7d207c89d0fd7fb24ac173fde)
|
|
(This used to be commit d30939a091b48f4d77f7618c75668ae151a5592e)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
The big one is a global change to allow us to NULLify the free'ed pointer to a
former passdb object. This was done to allow idra's SAFE_FREE() macro to do
its magic, and to satisfy the input test in pdb_init_sam() for a NULL pointer
to start with.
This NULL pointer test was what was breaking the adding of accounts up until
now, and this code has been reworked to avoid duplicating work - I hope this
will avoid a similar mess-up in future.
Finally, I fixed a few nasty bugs where the pdb_ fuctions's return codes were
being ignored. Some of these functions malloc() and are permitted to fail.
Also, this caught a nasty bug where pdb_set_lanman_password(sam, NULL) acheived
precisely didilly-squat, just returning False. Now that we check the returns
this bug was spotted. This could allow different LM and NT passwords.
- the pdbedit code needs to start checking these too, but I havn't had a
chance to fix it.
I have also fixed up where some of the password changing code was using the
pdb_set functions to store *internal* data. I assume this is from a previous
lot of mass conversion work...
Most likally (and going on past experience) I have missed somthing, probably in
the LanMan password change code which I havn't yet been able to test, but this
lot is in much better shape than it was before.
If all this is too much to swallow (particularly for 2.2.2) then just adding a
sam_pass = NULL to the particular line of passdb.c should do the trick for the
ovbious bug.
Andrew Bartlett
(This used to be commit 762c8758a7869809d89b4da9c2a5249678942930)
|
|
- call pdb_reset_sam() after each getent call.
Fix bug in get_group_alias_entries(), were if num_entries was zero this caused
talloc() to return NULL, failing a test below with NT_STATUS_NO_MEMORY.
Fix pdb_reset_sam() to correctly initalise the sam structure.
Move default value code into a single place, likewise for sam freeing code.
- should make things easier if we decide to malloc other strings, or get more
non-zero default values.
Finally, add a function in init a sam struct from a getpwnam() return.
Andrew Bartlett
(This used to be commit a41fb44f5e90cf8734d57217e836e14f4a80bd47)
|
|
decode_pw_buffer() and the samr password changing routines.
And yes, I know that we can lost some information in the Unicode->UTF->Unicode
bit of this, but its worth the code cleanup.
This also takes into account the possability of multibyte passwords.
Andrew Bartlett
(This used to be commit 42402c87d6bcff71b700e497b74d2600d7ce8b95)
|
|
This moves the check that ensures that the account being looked up is the same
account as the machine logged in as to the front, before we even start with
passdb.
Merge for 2.2.2?
Andrew Bartlett
(This used to be commit f7ed0ecc14aeba5ad260f24a76ced70cf52f8e48)
|
|
Jeremy.
(This used to be commit bca6419447e926e51aeecf3e484228f640cecb84)
|
|
Tidied up debug messages in lib/messages.c
Jeremy.
(This used to be commit dfb58f227609d6c8a255677b85ec853efa19f602)
|
|
(This used to be commit 374f76fa2d5dcd036943c3f968a94f097a971ac7)
|
|
(This used to be commit d103371e8028efb6eec3c4b917b68734832f5844)
|
|
fill out the user_info struct (otherwise we don't have a vuid for
make_connection()).
Also add a become_user() call, becouse it really looks like it was missing
(we must pass it anyway to finish make_connection()).
Is there any reason not to be the user when reading an ACL?
Finally, fix up some formatting to show that the two functions are almost
identical.
Andrew Bartlett
(This used to be commit 00c667c0ad922a1bf388b8a2b8c6137fc7f0acaa)
|
|
(This used to be commit 5ceecc7bef71b455ba7c4efd9928e2433dccc961)
|
|
(This used to be commit dbb21aedbf10ebc4ef0d549c4f919cf91459eef7)
|
|
they can have general effect.
Fixed up workstaion support in the rest of samba, so that we can do these
checks.
Pass through the workstation for cli_net_logon(), if supplied.
(This used to be commit 7f04a139b2ee34b4c282590509cdf21395815a7a)
|
|
argument.
(This used to be commit 0e1322227b0a91226b4b85c8e0ff838ebfd9e962)
|
|
This should help make much of this code simpiler.
Andrew Bartlett
(This used to be commit fb0c3629c360fd0c57129500474960e6da6f9ef0)
|
|
(This used to be commit f70b1707e42b3f7aaa38cc5637fcc5cbcdd5a26a)
|
|
The same function that adds machines to the system also adds users, and the
new 'add user script'/'add machine script' distinction needs to be made
correctly. Also introduces a sainity check for correct $ termination.
Andrew Bartlett
(This used to be commit ef377ea0cc55cb6647ecd7a634cf5983e11cfe99)
|
|
- the usersupplied_info now contains a smb_username (as it comes across on
the wire) and a unix_username (after being passed through mapping
functions)
- when doing security={server,domain} use the smb_username, otherwise use
the unix_username
(This used to be commit d34fd8ec0716127c7a68eeb8e77d1ae8cc07b547)
|
|
by default in Samba 3.x
- got rid of some unused parameters in Makefile.in
- declare DEBUGLEVEL in debug.h rather than in each file
(This used to be commit b8651acb9c0d7248a6a2e82c33b1e43633fd83fd)
|
|
(This used to be commit 97286570ef6f9151b5fe0be32aa4b294e7db9ab8)
|
|
(This used to be commit b2ed211df0cad2013fd8ff67f48bf73962cc1d39)
|
|
(This used to be commit 55bd514c4576a273dac1ac5c37207a96b41f6572)
|
|
(This used to be commit c26e0d3f27a05ecc8bd2390f9aab7f9451524e47)
|
|
Fixed compile warning.
(This used to be commit 3eee66516596835c70c8d652ca633d2e1158fbb7)
|
|
(This used to be commit 78f437b5073207606b23be42960e2b10f785a148)
|
|
the client code still needs some work
(This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
|
|
(This used to be commit ad648c5cd8ebe4be8304379117f403d7673dcbc8)
|
|
- added WERROR for win32 error codes
- added a configure test for immediate structures
still lots to do, so its not enabled by default, but the main
structure is there
(This used to be commit 24f9ab683dec52587ee56717e821b49c0fa3d70f)
|
|
(This used to be commit 73e1b708d0ab7a6e612f8910c5815a6ab6de66cd)
|
|
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
|
|
to make it type incompatible with BOOL so we catch errors sooner. This has already found a number of bugs
(This used to be commit 1b778bc7d22efff3f90dc450eb12baa1241cf68f)
|
|
of add user script.
(This used to be commit 9e0c9a99f6ca01cd6a0ee3084f85e1c36b11d7c3)
|
|
Jeremy.
(This used to be commit 5b665122f5a785f858f75c0a3c181ae193e2c503)
|
|
(This used to be commit 0768991d04ea03e774ca8662c9cae5e1951b88e0)
|
|
(This used to be commit f3bc6b5d68bdb01b07b9d780f5ba81c05e22f48c)
|
|
(This used to be commit 3b40ec4f149a8813c1d68f184858e2ddd605d8fd)
|
|
Jeremy
(This used to be commit 0f5b187387fb536a6866d9109eff82411798f79e)
|
|
(This used to be commit 6391fd7bdab07c83e9eed02e761db09918e60302)
|
|
LSA pipe.
(This used to be commit 95307a5d3881803e57639431da967ee3872aacc4)
|
|
(This used to be commit 3e60636f2b7003ea1e915bc7c2d2e8dec5667bbd)
|
|
Jeremy.
(This used to be commit 800e46ea7e724460be2ba5f71e5baa2f2ddd2d3b)
|
|
(This used to be commit 7049217eb40dbe3de6c05fe43742d2f684501723)
|
|
many possible mem leaks, and segfaults fixed.
someone should port this fix to 2.2 also.
(This used to be commit fa8e55b8b465114ce209344965c1ca0333b84db9)
|
|
problem.
Andrew Bartlett
(This used to be commit 895d1cd317d0838d711474f2f19186444a88b52c)
|