Age | Commit message (Collapse) | Author | Files | Lines |
|
now in pipe struct (where used) rather than user_struct.
Secured machine account password changing in srv_netlog_nt.c - ensure
that only the given machine can change its own password. May need to
free this up later for NT admin tools, but this is a fail-safe secure
position for now.
Jeremy.
(This used to be commit 46b12f2275dcd4b3114085160cd456441f9e921e)
|
|
system header files...
Jeremy.
(This used to be commit 31e0ce310ec38b3a3a05b344d6450d442c6be471)
|
|
RPC code to merge with new passdb code.
Currently rpcclient doesn't compile. I'm working on it...
Jeremy.
(This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
|
|
jerry
(This used to be commit 2b18c4484313e77d98c8a7524cf9f5cc2c924dc2)
|
|
Jeremy.
(This used to be commit d04ed97ecab846def8467f313a71ef0e5c4005f6)
|
|
source/Makefile.in
- changes to ctags and etags rules that somehow got lost along the way.
source/include/proto.h
- make proto
source/smbd/sec_ctx.c
source/smbd/password.c
- merge debugs for debugging user groups and NT token stuff.
source/lib/util_str.c
- capitalise domain name returned from parse_domain_user()
source/nsswitch/wb_client.c
- fix broken conditional in debug statement.
source/include/rpc_secdes.h
source/include/rpc_spoolss.h
source/printing/nt_printing.c
source/lib/util_seaccess.c
- fix printer permission bugs related to ACE masks for printers.
This adds mapping of generic access rights to object specific
rights for NT printers. Still need to work out whether or not to
ignore ACEs with certain flags set, though. See comments in
util_seaccess.c:check_ace() for details.
source/printing/nt_printing.c
source/printing/printing.c
- use PRINTER_ACCESS_ADMINISTER instead of JOB_ACCESS_ADMINISTER
until we sort out printer/printjob permission stuff.
(This used to be commit 1dba9c5cd1e6389734c648f6903abcb7c8d5b2f0)
|
|
to search for a DC to authenticate to using the "*" syntax than ensure
that for the first hour after the password change is searches for the
PDC using the 1B name not the 1C name as domain replication may not
have occured.
Jeremy.
(This used to be commit c25533de9918ed9b0c79fd039e11d1b79f513db0)
|
|
Jeremy.
(This used to be commit f0d7867801e3f78bfc55fdb36ca965e35457f51b)
|
|
(correctly)
when the NT_USER_TOKEN is *created*.
Jeremy.
(This used to be commit 27d72ed1cf8ece2bede812341279ba5a7262ace4)
|
|
Jeremy.
(This used to be commit 63e2ebc4272cd8bc52ea80e1e12996ab273b8ea4)
|
|
on read.
Jeremy.
(This used to be commit 76b8dd376d13eb4469417be217c966d54d333367)
|
|
password (say for example if the tdb file format has changed). (-:
(This used to be commit 447fbb38a857a7e97cf2a99022576521c71a4512)
|
|
a single
statement after an 'if'. Tracking this down took 4 hours from my life and ANDREW I WANT
THEM BACK !!!!! :-).
include/smb.h smbd/password.c: Fixed the bug veritas reported with realloc of the validated_users
array growing without bounds. This is now a linked list as god (Andrew) intended :-).
Jeremy.
(This used to be commit 346f2f9206b9b4ed123e2a61c0a48de630397b8a)
|
|
-- jerry
(This used to be commit 445fd1dbd8bb93f56f20b5dd9e9d5b018147b21d)
|
|
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+)
are broken, but they were somewhat broken before. :)
The following functions implement the storage manipulation interface
/*The following definitions come from passdb/pdb_smbpasswd.c */
BOOL pdb_setsampwent (BOOL update);
void pdb_endsampwent (void);
SAM_ACCOUNT* pdb_getsampwent (void);
SAM_ACCOUNT* pdb_getsampwnam (char *username);
SAM_ACCOUNT* pdb_getsampwuid (uid_t uid);
SAM_ACCOUNT* pdb_getsampwrid (uint32 rid);
BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass);
BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override);
BOOL pdb_delete_sam_account (char* username);
There is also a host of pdb_set..() and pdb_get..() functions for
manipulating SAM_ACCOUNT struct members. Note that the struct
passdb_ops {} has gone away. Also notice that struct smb_passwd
(formally in smb.h) has been moved to passdb/pdb_smbpasswd.c
and is not accessed outisde of static internal functions in this
file. All local password searches should make use of the the SAM_ACCOUNT
struct and the previously mentioned functions.
I'll write some documentation for this later. The next step is to fix
the TDB passdb backend, then work on spliting the backends out into
share libraries, and finally get the LDAP backend going.
What works and may not:
o domain logons from Win9x works
o domain logons from WinNT 4 works
o user and group enumeration
as implemented by Tim works
o file and print access works
o changing password from
Win9x & NT ummm...i'll fix this tonight :)
If I broke anything else, just yell and I'll fix it. I think it
should be fairly quite.
-- jerry
(This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
|
|
Don't initialise groups twice.
(This used to be commit 5375261152b28a65de18e817c75cab79c2f556b8)
|
|
Jeremy.
(This used to be commit d4d55488397832df35b558564c263a307b0bb629)
|
|
authorising logins. If a user connected to a share as guest, then
the snum was getting flagged as "force guest", meaning that all
subsequent connections to it, even under a different vuid, would
be bounced to guest.
This explains several very hard to reproduce access denied bugs,
and as the NT client also has bugs in that it will sometimes
erroneously use guest instead of the correct vuid on an IPC$
connection lead to a *very* hard problem to find.
This fix should be propagated into all branches (TNG/Applience
take note) and I'll also make a separate patch availalble on the
samba-technical list.
Jeremy.
(This used to be commit 0264fdafe909cf9e995df3ae7b64bedbe0b4e8a1)
|
|
(This used to be commit 2f33ec41ac1d3243340455b6c3a6cea22d267f14)
|
|
with security=domain. Also fixed to dynamically allocate the SIDs and GIDs.
Jeremy.
(This used to be commit 2b1f66eb82f05fe0b85ac5b4916e32847b8de675)
|
|
smbd/reply.c: Fixed lowercasing UNIX character set problem.
Jeremy.
(This used to be commit 2b6e3ed7a6447d40d9dd7e9b5c286b1aabe4730d)
|
|
(This used to be commit cb717b4a2bb55eb2ff008e59203ebfeac6c5ab9f)
|
|
(This used to be commit 567b0095b1b8393b3b1e32533aa2860ab3dbfa47)
|
|
unbecome_root() - typo.
Jeremy.
(This used to be commit ebb160663ed55e44e44f1c3d17eb077a32c2ffb9)
|
|
Added a become_root()/unbecome_root() (push/pop security context)
around the initgroups() call to ensure it would succeed. Hmmm - I
wonder if this call being done as non-root might explain any "group access"
bugs we've had in the past....
Jeremy.
(This used to be commit 06a65972e872f37d88b84f22ea714feebd38f6c0)
|
|
with the current user. This will allow se_access_check() to quickly do
a SD check without having to translate uid/gid's to SIDs.
Still needs work on pipe calls.
Jeremy.
(This used to be commit e28d01b744b3dbd33e0e54af4e7f426fa8c082b8)
|
|
get ready and fix se_access_check().
Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid()
functions that look via winbind first the fall back on local lookup.
All Samba should use these rather than trying to call winbindd code
directly.
Added NT_USER_TOKEN struct in user_struct, contains list of NT sids
associated with this user.
se_access_check() should use this (cached) value rather than attempting
to do the same thing itself when given a uid/gid pair.
More work needs to be done to preserve these things accross security
context changes (especially with the tricky pipe problem) but I'm
beginning to see how this will be done..... probably by registering
a new vuid for an authenticated RPC pipe and not treating the
pipe calls specially.
More thoughts needed - but we're almost there...
Jeremy.
(This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
|
|
NT_STATUS_XXX).
Removed IS_BITS_xxx macros as they were just reproducing "C" syntax in a more
obscure way.
Jeremy.
(This used to be commit c55bcec817f47d6162466b193d533c877194124a)
|
|
(This used to be commit c1d242f1dd5b6addbe5d2df22e4759f6682fd9ef)
|
|
(This used to be commit 3d0f1845c8cefccfabcfd35694264c1e5f52c3af)
|
|
(This used to be commit efe7f818c927a925f2dee1ef4f6040c137e0c84e)
|
|
place to do this, not in smbd/passwd.c
Please don't change this without asking first, I have run this past
Andrew so talk to him (I'm on vacation next week).
I also removed the g_newXXX macros. There are essentially a private C extension,
not used anywhere else in the code, and add no functionality over malloc(XX)
and make the code harder to understand (everyone knows what malloc does).
Jeremy.
(This used to be commit e1b1b6fb6794ba02e1fea510a981fa0ce0d12b58)
|
|
(This used to be commit 2f056c2aadd2e16d89b66aabd1c166ab8d5abd76)
|
|
jeremy, the intent is to call se_access_check() with usr-sid, grp-sid,
array-of-group-rids (but array-of-group-sids would do).
please do look at smbd/lanman.c's api_NetWkstaGetInfo, it will show you
that we really do need to store the entire NET_USER_INFO_3 structure.
then again, api_NetWkstaGetInfo is only used by win9x so who cares :)
(This used to be commit bd34f652390adc32c4959d164c628687f526d977)
|
|
not just undercut work in progress, thank you.
(This used to be commit 86d440a88c948727bfcfedc694c52c58f9687d8b)
|
|
there (yet)
as there is no infrastructure for it. Replaced it with a dynamic array
of group SIDs plus a user.
passdb/passdb.c: Added setup_user_sids() function. This is where the lookup should be done,
eventually calling winbind.
smbd/password.c: Changed to call setup_user_sids(). Removed spurious DEBUG(0) statements.
smbd/reply.c: Removed extra parameter to register_vuid().
Jeremy.
(This used to be commit 425f4ad9a5e0e7d49620276100ade7a0cae47011)
|
|
register_vuid fills it with constructed info.
(This used to be commit b1889e4334012b1b2caa604b859da4271509fc87)
|
|
(This used to be commit f890bcf06786e7c63bf76fad2fd46d287a99a270)
|
|
(This used to be commit 8dea95e62c7f4723cd4b71c1b03c613386392c49)
|
|
(This used to be commit 6cbb826b154e61085fd651116caf472d4d438c1d)
|
|
(This used to be commit db90a4b9609a980fa2f4328d38a0d2c60a1384a0)
|
|
- finished ntdom -> winbind rename in head
(This used to be commit ada483cb56453afc6df4ec4be18bfe5e943c7150)
|
|
(This used to be commit 5a617c013cce65434d315dc33279a4bc28dc63de)
|
|
this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic -
this isn't permanent, it should go after another few merge steps have
been done
(This used to be commit 92109d7b3c06f240452d39f669ecb8c9c86ab610)
|
|
- don't call add/del user if the scripts are empty
(This used to be commit 43860215d4d16cb1bacdc77f1c46c54e4c54abd7)
|
|
it
(This used to be commit 88ad00b82acc4636ab57dfe710af08ea85b82ff1)
|
|
we needed to accept usernames of the form DOMAIN/user, which means we
needed to pass the domain to a getpwnam() like routine in certain
critical spots.
What I'd rather do is get rid of "char *user" everywhere and use the
new userdom_struct, but that will have to wait a few days.
(This used to be commit 8b7a10febead8be182e7d5b1d68259e31530b69c)
|
|
- got rid of guest map code in lpq parser
(This used to be commit 8e53f781d3cf6a7007764916a0d8e8f1abea1f66)
|
|
Jeremy.
(This used to be commit 577ddbfbec857dec3ade811f735ec6b183566435)
|
|
userdom_struct. As the name implies this also contains a domain
(unused at the moment).
This will be important shortly, as operation in appliance mode needs
the domain to be always carried with the username.
(This used to be commit ee8546342d5be90e730372b985710d764564b124)
|