Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
(This used to be commit d9cb1bf20ac8a739102b03d9a70e34fe5cb2f0f7)
|
|
Jeremy.
(This used to be commit 9243a9778e52999d5c62cba484640637b24994d8)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
case.
Jeremy.
(This used to be commit 248770d73072e36fd9812ec5986dce5380dfab33)
|
|
Jeremy.
(This used to be commit 01ff6ce4963e1daff019f2b936cef218e1c93f67)
|
|
Jeremy.
(This used to be commit 2db99fa49b538e230f2c606d1004871111ea2bf6)
|
|
bug (renaming name -> name was failing, on W2K it succeeds). Simplified
the common case, did a lot of work to ensure NT error codes are correctly
reported back to client.
Jeremy.
(This used to be commit e6b27f3d8069ae304baaebe09341c58d46b05fe4)
|
|
Jeremy.
(This used to be commit fb1ab02553e01df0464f0df3eea7ae6a66b4104b)
|
|
(This used to be commit 79254d2b0490ba400832ef6d460895d45cc4273f)
|
|
correct way to ensure times set in 'pending modtime' and 'time close'
are always set correctly. Inspired by patch from Juergen Hasch.
Jeremy.
(This used to be commit 24053858543fa6c22c0c3222570109fbfdabab9e)
|
|
Jeremy.
(This used to be commit 84b62d3c8ebd78cd578ac36168631b3bbcafdd8c)
|
|
Jeremy.
(This used to be commit 9148bb9eaa67de60c3b0b4709a9c05a840c20c66)
|
|
Jeremy.
(This used to be commit 60983782ed078593d122e0c0bc6b4e17c3e56e63)
|
|
Jeremy.
(This used to be commit ab607cdf153d9187fe50af3377ece5a9fafde1b1)
|
|
This changes the way we process guest logons - we now treat them as normal
logons, but set the 'guest' flag. In particular this is needed becouse Win2k
will do an NTLMSSP login with username "", therefore missing our previous guest
connection code - this is getting a pain to do as a special case all over the
shop.
Tridge: We don't seem to be setting a guest bit for NTLMSSP, in either the
anonymous or authenticated case, can you take a look at this?
Also some cleanups in the check_password() code that should make some of the
debugs clearer.
Various other minor cleanups:
- change the session code to just take a vuser, rather than having to do a
vuid lookup on vuser.vuid
- Change some of the global_client_caps linking
- Better debug in authorise_login(): show the vuid.
Andrew Bartlett
(This used to be commit 62f4e4bd0aef9ade653b3f8d575d2864c166ab4d)
|
|
(This used to be commit dfb8566220c3e90ca2b757ea124f53aed103269e)
|
|
Zero out some of the plaintext passwords for paranoia
Fix up some of the other passdb backends with the change to *uid_t rather than
uid_t.
Make some of the code in srv_netlog_nt.c clearer, is passing an array around,
so pass its lenght in is definition, not as a seperate paramater.
Use sizeof() rather than magic numbers, it makes things easier to read.
Cope with a PAM authenticated user who is not in /etc/passwd - currently by
saying NO_SUCH_USER, but this can change in future.
Andrew Bartlett
(This used to be commit 514c91b16baca639bb04638042bf9894d881172a)
|
|
(This used to be commit 531e24973227ca4f1ae65ffb2454aedd5871de96)
|
|
code.
In particular this assists tpot in some of his work, becouse it provides the
connection between the authenticaion and the vuid generation.
Major Changes:
- Fully malloc'ed structures.
- Massive rework of the code so that all structures are made and destroyed
using malloc and free, rather than hanging around on the stack.
- SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them
to be declared 'invalid' without the chance that people might get ROOT by
default.
- kill off some of the "DOMAIN\user" lookups. These can be readded at a more
appropriate place (probably domain_client_validate.c) in the future. They
don't belong in session setups.
- Massive introduction of DATA_BLOB structures, particularly for passwords.
- Use NTLMSSP flags to tell the backend what its getting, rather than magic
lenghths.
- Fix winbind back up again, but tpot is redoing this soon anyway.
- Abstract much of the work in srv_netlog_nt back into auth helper functions.
This is a LARGE change, and any assistance is testing it is appriciated.
Domain logons are still broken (as far as I can tell) but other functionality
seems
intact.
Needs testing with a wide variety of MS clients.
Andrew Bartlett
(This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c)
|
|
(This used to be commit 92f953c156a39b54230c52c6102a319a4a5ca798)
|
|
(This used to be commit b16a15a13ed7d267c6366abaeeb3ccafa5776f5e)
|
|
Jeremy.
(This used to be commit 7c1688fd67c1bda1477aaf870371c825280db870)
|
|
NTLMSSP and kerberos support in smbd
(This used to be commit 38a43d75e25bbebe0f6cdfcf389129a842ede842)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
Fix the NT errror codes, this time in line with WinXP/2k.
- Return the normal error codes, expect for bad user/bad password. These map
to logon failure, as a quick security hack. We follow suit.
Simplfy some of the password extraction code, the auth subsytem has the
intelegence to sort this stuff out, no need to do it here.
Move to 'global_encrypted_passwords_negotiated' to determine the use of
unencrypted hacks, replacing the current mess.
Andrew Bartlett
(This used to be commit c04f063573c61d8ef3f43815bbb9b6b076dc23eb)
|
|
(This used to be commit b6048e28ab996ba5581cfa3b50401c0f775befdd)
|
|
(This used to be commit d417b6b5cbdbb244cc683387d73a9200eef53427)
|
|
than NT_STATUS_LOGON_FAILURE. This also brings us (almost) back in line with
their implementation.
Kill off SMBENCRYPT() macro
Kill off 'nt smb support' paramater - tridge okayed this one.
Andrew Bartlett
(This used to be commit 67947bf6e31ee9758f8a2186f83031ba21b716f2)
|
|
NTSTATUS. This gets the right error codes in SMBunlink
(This used to be commit c82f7828c05c747a5782d10c68cc2df80d4071bd)
|
|
(This used to be commit a95943fde0ad89ae3f2deca2f7ba9cb5ab612b74)
|
|
completely broken, and it's pointless to emulate their brokenness completely in this case, but at least this makes us use approximately the same packet format. The spec is complelet wrong in this case
(This used to be commit 2d507ec669def6d49304559e53d6c14af9b290a9)
|
|
they can have general effect.
Fixed up workstaion support in the rest of samba, so that we can do these
checks.
Pass through the workstation for cli_net_logon(), if supplied.
(This used to be commit 7f04a139b2ee34b4c282590509cdf21395815a7a)
|
|
Rework the 'map to guest' code, its now possible to follow what its trying
to do...
Add an NT_STATUS_EQUAL(x,y) macro to make this stuff sane to look at.
Andrew Bartlett
(This used to be commit d618880661976644a6ee713edf969ad561e82097)
|
|
This should help make much of this code simpiler.
Andrew Bartlett
(This used to be commit fb0c3629c360fd0c57129500474960e6da6f9ef0)
|
|
NTLMv1 passwords (and old LM passwords) are exactly 24 in lenghth.
(This used to be commit 51baa1614d1a338f50dbf8eaa5ea31ab58c11409)
|
|
Andrew Bartlett
(This used to be commit 21baa33946a24159ebe873ac37cf30581437aa1a)
|
|
- the usersupplied_info now contains a smb_username (as it comes across on
the wire) and a unix_username (after being passed through mapping
functions)
- when doing security={server,domain} use the smb_username, otherwise use
the unix_username
(This used to be commit d34fd8ec0716127c7a68eeb8e77d1ae8cc07b547)
|
|
(This used to be commit 60d297303488ed583537ca2853828fccd6da2ade)
|
|
Jeremy.
(This used to be commit fa8d626a2773569a454451e77ea56c707b33b69e)
|
|
Don. please check this out.
Jeremy.
(This used to be commit ce9f95996498f7795aaef069e1443ea1c7d524b3)
|
|
Jeremy.
(This used to be commit c05e79453655abb67fd47a2d3dba88b4c5377e35)
|
|
the client code still needs some work
(This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
|
|
(This used to be commit 8a49b2f7df46b2c990a980758fe1f3871e8b578e)
|
|
Jeremy.
(This used to be commit a6f04d16613a06c1aafa89d7373d1e4b4a5fb45b)
|
|
to make it type incompatible with BOOL so we catch errors sooner. This has already found a number of bugs
(This used to be commit 1b778bc7d22efff3f90dc450eb12baa1241cf68f)
|
|
major changes include:
- added NSTATUS type
- added automatic mapping between dos and nt error codes
- changed all ERROR() calls to ERROR_DOS() and many to ERROR_NT()
these calls auto-translate to the client error code system
- got rid of the cached error code and the writebmpx code
We eventually will need to also:
- get rid of BOOL, so we don't lose error info
- replace all ERROR_DOS() calls with ERROR_NT() calls
but that is too much for one night
(This used to be commit 83d9896c1ea8be796192b51a4678c2a3b87f7518)
|
|
(This used to be commit 0768991d04ea03e774ca8662c9cae5e1951b88e0)
|
|
(This used to be commit ef5f4866fbbfa6be07cdc3e612a8899967d48289)
|
|
nt_smb clients. As spotted by Thursby.
(This used to be commit 22de76a920671614144babac9f589419532d8671)
|
|
drop paramaters:
status
utmp hostname
change session code to always record each vuid current on the server. The sessionid struct is no longer packed, as I couldn't get that to work ;-)
change smbstatus to show this info and less of the connections.tdb info (its not actualy that accurate).
I'll get swat doing some of this shortly.
(This used to be commit b068ad300527c44673bbee0aede7849199c89de7)
|