Age | Commit message (Collapse) | Author | Files | Lines |
|
source/Makefile.in
- changes to ctags and etags rules that somehow got lost along the way.
source/include/proto.h
- make proto
source/smbd/sec_ctx.c
source/smbd/password.c
- merge debugs for debugging user groups and NT token stuff.
source/lib/util_str.c
- capitalise domain name returned from parse_domain_user()
source/nsswitch/wb_client.c
- fix broken conditional in debug statement.
source/include/rpc_secdes.h
source/include/rpc_spoolss.h
source/printing/nt_printing.c
source/lib/util_seaccess.c
- fix printer permission bugs related to ACE masks for printers.
This adds mapping of generic access rights to object specific
rights for NT printers. Still need to work out whether or not to
ignore ACEs with certain flags set, though. See comments in
util_seaccess.c:check_ace() for details.
source/printing/nt_printing.c
source/printing/printing.c
- use PRINTER_ACCESS_ADMINISTER instead of JOB_ACCESS_ADMINISTER
until we sort out printer/printjob permission stuff.
(This used to be commit 1dba9c5cd1e6389734c648f6903abcb7c8d5b2f0)
|
|
to search for a DC to authenticate to using the "*" syntax than ensure
that for the first hour after the password change is searches for the
PDC using the 1B name not the 1C name as domain replication may not
have occured.
Jeremy.
(This used to be commit c25533de9918ed9b0c79fd039e11d1b79f513db0)
|
|
(which currently uses chmod) in preparation for ACL creation.
Jeremy.
(This used to be commit 0f39895ab007a7300aed6c011c487593ee8c91f0)
|
|
easier wrapping of non-POSIX ACL interfaces.
Jeremy.
(This used to be commit 1a31b4eb082b23d60e3d9040b3c0110eef1f9385)
|
|
Jeremy.
(This used to be commit c48e95297e63c8b6f0c6686e5bcfa52229710dbc)
|
|
Jeremy.
(This used to be commit 43ca0d991cc6489be16722a7ea89e01a42f2ca2f)
|
|
in fixes from appliance-head and 2.2. Fixed multiple connection.tdb open
problem.
Jeremy.
(This used to be commit 0a40bc83e14c69a09948ec09bb6fc5026c4f4c14)
|
|
Jeremy.
(This used to be commit f0d7867801e3f78bfc55fdb36ca965e35457f51b)
|
|
Jeremy.
(This used to be commit 1e719a807669876b4d11f4653e9712f25fcba20b)
|
|
(This used to be commit 806185ca8cc8d28f16745a1db9427f52eb8d22e4)
|
|
(correctly)
when the NT_USER_TOKEN is *created*.
Jeremy.
(This used to be commit 27d72ed1cf8ece2bede812341279ba5a7262ace4)
|
|
it's working :-).
Jeremy.
(This used to be commit e18c104ee35d00dcbe2e73e6c9699300a3947364)
|
|
Jeremy.
(This used to be commit ebf754400f443452948020d68e29f597f1b2d60c)
|
|
to the cache during the look returned a blank stat struct. Made
weird occurrences such as...
$ smbclient //pogo/print$
smb:\ > cd w32x86
ERROR: Invalid path
smb:\ > cd w32x86
smb:\w32x86\ >
(This used to be commit 8938dc183112b039c21a5a0beadb60068a8c5b00)
|
|
Jeremy.
(This used to be commit bcf0a5c316ee8cf333d9d838b041e44a11cb5f1b)
|
|
a choice of invalid share mode and access denied. We must return the
access denied by preference, but also remember to break the oplocks...
This is needed for multi-user MS-Access.
Jeremy.
(This used to be commit 7eb7241442ea0f1e065b009c3cccd5821b89a8b6)
|
|
Jeremy.
(This used to be commit e6a1a1e444631f0d674f33b5b8d1d71435de0511)
|
|
Jeremy.
(This used to be commit f4c32a75e6e60eae6078449478d04ff22373d817)
|
|
Jeremy.
(This used to be commit 63e2ebc4272cd8bc52ea80e1e12996ab273b8ea4)
|
|
being used if last component lookup failed, but was found in the directory
scan.
Jeremy.
(This used to be commit 7055fa0bc43f6e2b3f04b8901fccea80d59bf490)
|
|
one printq case. Now goes though common function.
Jeremy.
(This used to be commit e9f48c9cec960b6190fb7a2485c9476640863071)
|
|
on read.
Jeremy.
(This used to be commit 76b8dd376d13eb4469417be217c966d54d333367)
|
|
ACL patch from http://acl.bestbits.at/.
configure support needs more work (just assumes correct headers at
the moment). ACL writing needs adding.
Jeremy.
(This used to be commit 6ae63e502e6adf3666a34aa87860c74e106fdb84)
|
|
Currently does exactly the same thing (returns ACLs the same way). This
code is written to try and get a POSIX ACL via the abstract sys_XX interface,
then fall back to providing a UNIX based ACL if the calls fail. Seems to
work. Next step is to add a --with-posix-acls to configure.in and then
check on a POSIX ACL system that a complex ACL is returned correctly
as an NT ACL. Note that the ACL set (a more complex problem) is not
addressed yet.
Jeremy.
(This used to be commit 4339e20202a876dbadc07980b731f711463b7299)
|
|
password (say for example if the tdb file format has changed). (-:
(This used to be commit 447fbb38a857a7e97cf2a99022576521c71a4512)
|
|
include/smb_acls.h lib/sysacls.c: Added as interface definitions.
Jeremy.
(This used to be commit 8359375bba5b3ae24956f66b066dedf11d3583df)
|
|
(This used to be commit 5e81151e53300a8c58adca09d02d0b075a13c322)
|
|
specific ACL calls to be dealt with elsewhere. This file will eventually
be able to replace the old UNIX acl interface.
Jeremy.
(This used to be commit b27cac77628a4b332b529115b0854c71f9eea374)
|
|
(This used to be commit 80c192244fdb07e8e9cf4c0376bbea60dde244a0)
|
|
Jeremy.
(This used to be commit 52e9311bc2a837d1f4791f36c3477c430f841378)
|
|
Jeremy.
(This used to be commit 8f0062b873b2f4e8b27bb937ad213c4aa29443a7)
|
|
Jeremy.
(This used to be commit bcac4ede7608a91643f5fcd034f6b273a45b5c7a)
|
|
a single
statement after an 'if'. Tracking this down took 4 hours from my life and ANDREW I WANT
THEM BACK !!!!! :-).
include/smb.h smbd/password.c: Fixed the bug veritas reported with realloc of the validated_users
array growing without bounds. This is now a linked list as god (Andrew) intended :-).
Jeremy.
(This used to be commit 346f2f9206b9b4ed123e2a61c0a48de630397b8a)
|
|
written to transition from an old DOMAIN.MACHINE.MAC file to secrets.tdb.
printing/nt_printing.c: Fix case insensitive name lookups for driver files.
John - this should fix the Win9x/WinME problem correctly.
Jeremy.
(This used to be commit 8f3332a9acf413ac5d12053ca5c52733a4e946cc)
|
|
Jeremy.
(This used to be commit 349d58fb5758cebc5a8575f80103150b8cd0a080)
|
|
Jeremy.
(This used to be commit 2a797f9aa26b2d0c703b9d67f6e1ec97e4f408d2)
|
|
Jeremy.
(This used to be commit a08b08f7782234f26b2656a229007a411c6fb521)
|
|
Company
Jeremy.
(This used to be commit e041b144b2c7c6c9fdd6cd20256a197876aaf353)
|
|
winbindd.
Jeremy.
(This used to be commit 00cd72c385f1e5d075dbacf834b68769b5ac38f3)
|
|
-- jerry
(This used to be commit 445fd1dbd8bb93f56f20b5dd9e9d5b018147b21d)
|
|
Jeremy.
(This used to be commit 63cafb34b39443d03d17ae01b47adc0926b05fe2)
|
|
this makes sure that the change messages sent to ourselves are handled
synchronously w.r.t. other smb packets incoming.
Jeremy.
(This used to be commit 78a13074455618308d048d1c69f62e660988eb90)
|
|
(This used to be commit 209e20365e562371aafafea301b4ffecc3d4c3ed)
|
|
the problem had nothing to do with being your own pid, it was instead
a problem with IPC$ connections not being registered in the
connections database and an incorrect test for -1 in the messaging
code.
These changes also mean that IPC$ shares now show up in
smbstatus. That is probably a good thing.
(This used to be commit 3575ad10985a18f897e38179ca69fa9a49a7ea02)
|
|
Jeremy.
(This used to be commit f571e1efd01c7b1b500a833df3bd074a8c4c65ec)
|
|
a byte range lock (write lock only, but Win2k breaks on read lock also so I
do the same) - if you think about why, this is obvious. Also fixed our client
code to do level II oplocks, if requested, and fixed the code where we would
assume the client wanted level II if it advertised itself as being level II
capable - it may not want that.
Jeremy.
(This used to be commit 213cd0b5192307cd4b0026cae94b2f52fb1b0c02)
|
|
Jeremy.
(This used to be commit cdbd2e99775642dc2e92004be9014bf38a92d80f)
|
|
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+)
are broken, but they were somewhat broken before. :)
The following functions implement the storage manipulation interface
/*The following definitions come from passdb/pdb_smbpasswd.c */
BOOL pdb_setsampwent (BOOL update);
void pdb_endsampwent (void);
SAM_ACCOUNT* pdb_getsampwent (void);
SAM_ACCOUNT* pdb_getsampwnam (char *username);
SAM_ACCOUNT* pdb_getsampwuid (uid_t uid);
SAM_ACCOUNT* pdb_getsampwrid (uint32 rid);
BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass);
BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override);
BOOL pdb_delete_sam_account (char* username);
There is also a host of pdb_set..() and pdb_get..() functions for
manipulating SAM_ACCOUNT struct members. Note that the struct
passdb_ops {} has gone away. Also notice that struct smb_passwd
(formally in smb.h) has been moved to passdb/pdb_smbpasswd.c
and is not accessed outisde of static internal functions in this
file. All local password searches should make use of the the SAM_ACCOUNT
struct and the previously mentioned functions.
I'll write some documentation for this later. The next step is to fix
the TDB passdb backend, then work on spliting the backends out into
share libraries, and finally get the LDAP backend going.
What works and may not:
o domain logons from Win9x works
o domain logons from WinNT 4 works
o user and group enumeration
as implemented by Tim works
o file and print access works
o changing password from
Win9x & NT ummm...i'll fix this tonight :)
If I broke anything else, just yell and I'll fix it. I think it
should be fairly quite.
-- jerry
(This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
|
|
(This used to be commit 18fa724a7969666dd5aa176af187054abc94bfd3)
|
|
versions don't match.
Jeremy.
(This used to be commit d0fbb4f5d999abade8930cc6fff231a2af6cccfb)
|