Age | Commit message (Collapse) | Author | Files | Lines |
|
This patch catches up on the rest of the work - as much string checking
as is possible is done at compile time, and the rest at runtime.
Lots of code converted to pstrcpy() etc, and other code reworked to correctly
call sizeof().
Andrew Bartlett
(This used to be commit c5b604e2ee67d74241ae2fa07ae904647d35a2be)
|
|
(This used to be commit 196628432130f826505187a27207a7b947e034cf)
|
|
(This used to be commit 454fb434195b8d46cbcbaee6a200070e5bcd7364)
|
|
'set_local_machine_name' so that the client can't change it from under us.
(.NET RC2 and WinXP install calls the machine 'machinename' during NTLMSSP
on the domain join).
Andrew Bartlett
(This used to be commit 4c7163e7c2cc09bd95faa05156ee480957a7a4d8)
|
|
- Make ReadDirName return a const char*.
- Consequential changes from that
- mark our fstring/pstring assumptions in function prototypes
Andrew Bartlett
(This used to be commit 10b53d7c6fd77f23433dd2ef12bb14b227147a48)
|
|
session key and auth verifier patches.
Andrew Bartlett
(This used to be commit 3f9616a68a855acbae3f405c27ee2358fbe7ba2c)
|
|
(This used to be commit 3b9db928fcaec322698d046db3a8a042b9a1d30c)
|
|
dereferencing
(This used to be commit 7bc5fc729f67ae16e09ea67efa9e2b8e2ba41c8f)
|
|
Jeremy.
(This used to be commit 8e956bc1d63425b0e1ca9410bf82a0a5d3e36ac7)
|
|
from .NET RC2)
(This used to be commit e074cab810f9299d0b27881cddf8a74f10fe233e)
|
|
Jeremy.
(This used to be commit 65c2a361a4a3461ccbed9b5c968f95281295faab)
|
|
Jeremy.
(This used to be commit 289e2e25b91da20ac02b90e5a9d6de3619ad308d)
|
|
Jeremy.
(This used to be commit 11077368ec30313c2e7ee1d23f9f348910aa36bf)
|
|
Jeremy.
(This used to be commit 723e9ee31cc1f5eb4b7aefefd58f7f13d0abda05)
|
|
Jeremy.
(This used to be commit 7f8d3a49b2cebab4b94db3cda54b3923442378c8)
|
|
-------------------------------------------------------------------------
I think there are basically two problem:
1. Windows clients do not always send ACEs for SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ,
and SMB_ACL_OTHER.
The function ensure_canon_entry_valid() is prepared for that, but tries
to "guess" values from group or other permissions, respectively, otherwise
falling back to minimum r-- for the owner. Even if the owner had full
permissions before setting ACL. This is the problem with W2k clients.
2. Function set_nt_acl() always chowns *before* attempting to set POSIX ACLs.
This is ok in a take-ownership situation, but must fail if the file is
to be given away. This is the problem with XP clients, trying to transfer
ownership of the original file to the temp file.
The problem with NT4 clients (no ACEs are transferred to the temp file, thus
are lost after moving the temp file to the original name) is a client problem.
It simply doesn't attempt to.
I have played around with that using posic_acls.c from 3.0 merged into 2.2.
As a result I can now present two patches, one for each branch. They
basically modify:
1. Interpret missing SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, or SMB_ACL_OTHER
as "preserve current value" instead of attempting to build one ourself.
The original code is still in, but only as fallback in case current values
can't be retrieved.
2. Rearrange set_nt_acl() such that chown is only done before setting
ACLs if there is either no change of owning user, or change of owning
user is towards the current user. Otherwise chown is done after setting
ACLs.
It now seems to produce reasonable results. (Well, as far as it can. If
NT4 doesn't even try to transfer ACEs, only deliberate use of named default
ACEs and/or "force group" or the crystal ball can help :)
-------------------------------------------------------------------------
Jeremy.
(This used to be commit 1d3b8c528bebfa1971d1affe454a03453335786e)
|
|
Jeremy.
(This used to be commit 05a8a61af83a6d85ddbb70749c8cd0abe9eb8180)
|
|
differently to W2K, cope with this.
Jeremy.
(This used to be commit 5e2755508f08ecf561348d4edf0a4064732c5213)
|
|
Jeremy.
(This used to be commit 30e8ae8e030b5dccaef9612dca24907be547acdf)
|
|
(This used to be commit 4aa611958ebedfafbb9bfc1070b7d632272e1aaf)
|
|
is..."
don't use pstrcpy() when you are not dealing with pstrings.
(This used to be commit e1b21381f3b5cf6f97c101642e9286df9987998e)
|
|
(This used to be commit 9b0a49a0bc177f9637f197b3ab4613f25db1b43d)
|
|
* distinguish WinXP from Win2k
* add a 1/3 of a second delay in OpenPrinter
in order to trigger a LAN/WAN optimization in
2k clients.
(This used to be commit c7712fa054d21b4884a78b7ea6c0fb8b3d637c6b)
|
|
for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb
(does not interfere with existing locks).
Jeremy.
(This used to be commit 766928bbba1e597c9c2b12458dd8d37e6080593e)
|
|
cache the printer_info_2 with the open printer handle.
cache is invalidated on a mod_a_printer() call **on that smbd**.
Yes, this means that the window for admins to step on each other
from different clients just got larger, but since handles a generally
short lived this is probably ok.
(This used to be commit 31272d3b6bb9ec62fd666301c7adfa0c1720a99b)
|
|
Andrew Bartlett
(This used to be commit 9ef0d40c3f8aef52ab321dc065264c42065bc876)
|
|
- user_ok() and user_in_group() now take a list of groups, instead of
looking for the user in the members of all groups.
- The 'server_info' returned from the authentication is now kept around
- in future we won't copy the sesion key, username etc, we will just
referece them directly.
- rhosts upgraded to use the SAM if possible, otherwise fake up based on
getpwnam().
- auth_util code to deal with groups upgraded to deal with non-winbind domain
members again.
Andrew Bartlett
(This used to be commit 74b5436c75114170ce7c780c19226103d0df9060)
|
|
must not be freed afterwards.
Jeremy.
(This used to be commit 4015e39d3666dbe240808c9007a8b8faca012a3d)
|
|
Jeremy.
(This used to be commit efc92697801f5e62a89eda33e1826094c096900f)
|
|
perms.
Jeremy.
(This used to be commit 793609cbc2f657b91a59aec4a3f403bf826c7156)
|
|
caching code. Reduces load on winbindd. Probably should be moved to
use gencache at some future date.
Jeremy.
(This used to be commit f2674d1ac94fd5928754b8176cdd65eda50bf66e)
|
|
file. This is a regression that was damaged by other code.
Jeremy.
(This used to be commit 7844a53df72af8fd2f70d51b784352aeb1298ed2)
|
|
Jeremy.
(This used to be commit 7812370cabd4a8809eed1eb4968d552bcb0df2f5)
|
|
Thanks to Nir Livni <nirl@cyber-ark.com> for giving me the test case to
track it down.
Jeremy.
(This used to be commit 41894489e82a474f4f8f66aa2c7a117ed05b33e1)
|
|
- use safe_strcpy() instead of pstrcpy() for malloc()ed strings
- CUPS: a failure in an attempt to automaticly add a printer is not level 0 stuff.
- Fix up a possible Realloc() failure segfault
Andrew Bartlett
(This used to be commit c1cfc296c2efdb2b5972202146e80f0e3b6a3da4)
|
|
(This used to be commit 8712bd1f8eb5321278e7c57bfdc7bdddbdaf1424)
|
|
(This used to be commit fd3216dbcbaec7d64dd24fe2af6c4156935c47e9)
|
|
Jeremy.
(This used to be commit be54b1b831b0bd6c428558131ea600c46433c090)
|
|
(This used to be commit 299233fbf2328d08546b3b03dceca67083b68493)
|
|
Jeremy.
(This used to be commit d8a42753cc1e1a94aa6b816222343e1569521f14)
|
|
Jeremy.
(This used to be commit b3df40bc803e7dc3b66a95eccb335e2b1775560e)
|
|
it work properly on 2.2 and the patch apply so I think it should be ok.
(This used to be commit 8498503f1d59636959fe9f97601c55d82a776199)
|
|
(This used to be commit e9f56a157bd472914eebf64fde586104d8274717)
|
|
messages. Stops build-up of large numbers of smbd's waiting to terminate
on large print throughput.
Jeremy.
(This used to be commit 07efebb98473cb3d4adc6b2e0afef3f06dcc99b8)
|
|
(This used to be commit 71e2b60d8f784174cd2a75c5e03bf2a6ab353900)
|
|
level 2 and a request for open with no oplock is received then the
smbd should send *synchronous* break messages, not asynchronous,
otherwise it spins very rapidly, releasing the lock, sending the
'break to none' messages and then re-acquiring the lock before
any other process has a chance to get the lock and remove it's own
oplock (at least on linux).
Jeremy
(This used to be commit 33e3e863eb7f35b852384e689f3272784261fc39)
|
|
- NTLMSSP over SPENGO (sesssion-setup-and-x) cleanup and code refactor.
- also consequential changes to the NTLMSSP and SPNEGO parsing functions
- and the client code that uses the same functions
- Add ntlm_auth, a NTLMSSP authentication interface for use by applications
like Squid and Apache.
- also consquential changes to use common code for base64 encode/decode.
- Winbind changes to support ntlm_auth (I don't want this program to need
to read smb.conf, instead getting all it's details over the pipe).
- nmbd changes for fstrcat() instead of fstrcpy().
Andrew Bartlett
(This used to be commit fbb46da79cf322570a7e3318100c304bbf33409e)
|
|
(This used to be commit d6c22e693efee88c17f1f0f6c861e7101b3fec99)
|
|
Jeremy.
(This used to be commit 7e2bc1fe58f5da437e55867d1205ca6ceade4c74)
|
|
open resources.
Jeremy.
(This used to be commit b7e5a2c5474e9edd8fa783462af8986b6bd426a5)
|