Age | Commit message (Collapse) | Author | Files | Lines |
|
* Added SEC_CHAN_BDC
* Propagate sec_chan into the various functions which change trust account
passwords, so they can be used for domain control and inter-domain
trusts.
(This used to be commit ca540c21f78b4bc8ca36ac3d5af2b8f67cf716c3)
|
|
(This used to be commit 0f37e900fa0744573754796916abf967fee05ea2)
|
|
(This used to be commit c1cbe07c0391c36066b068fdd42bf1aa40259a5c)
|
|
void!
(This used to be commit e15da6882426edd39ff7fdcd47f1be30c053d4ec)
|
|
Use VFS I/O for fd_attempt_open() and check_access_allowed_for_current_user().
(This used to be commit abf31ca66f3dab1b8bd7772f83e736e41afb4b1e)
|
|
(This used to be commit 5ece1fcffbc5a5062c02edf6f2ecb405c2a2f43e)
|
|
(This used to be commit cbfd8a8990b4d06d0c866274e7d28e4a5e384686)
|
|
(This used to be commit 17d007daa3d1fa60501eae1eecfc2d0f88c1692e)
|
|
Modified args to read_predict to pass in fsp.
Renamed sync_file() function to sys_sync_file().
(This used to be commit 7ced7fd3958c76303e4b6019b5d54eda666d7b33)
|
|
Modified invocations of fd_attempt_close as it now takes a fsp instead
of a fd.
(This used to be commit ef24fcb7b2248aae9c3f1fb4df7466b5ae35f5ce)
|
|
Converted some useful routines from doscalls.c and changed them to use
VFS I/O functions:
dos_file_exist
dos_read_data
dos_write_data
dos_transfer_file
dos_readdirname
Some of these functions have been #ifdef'ed out of doscalls.c as they
are not used anywhere else. Not sure whether they should be deleted
or not. The remaining dos_* calls seem to be used by clients and for
locking stuff. This should be cleaned up sometime.
(This used to be commit ddde0ab9a1e1b90c2a96103721056eb035dcd49d)
|
|
tridge telling me why this needed to be done but I have since
forgotten. (-:
(This used to be commit 6e607ef760bd2c0eb3ac31252601ab30de626270)
|
|
(This used to be commit cfddbdb62485256a947a30e04c753200451cbe1c)
|
|
Initialise VFS function pointers with symbols from the 'vfs object'
file, use disk pointers otherwise.
Added a hook to check for a 'default' VFS share (like the [homes]
section). Currently empty - I'm unsure whether this will be useful or
not.
(This used to be commit 15805164fe77b127372eba1ec51c70758467adee)
|
|
Changed arg to fd_attempt_close() from fd to fsp_struct.
(This used to be commit c40124bc9a2ebccf0bb56b1fafa81a551d934aa5)
|
|
Pass files_struct and connection_struct to read_predict() and
do_read_prediction() functions, respectively.
(This used to be commit 6479abc5b985981f571cb1ee16a0dbb843fcd270)
|
|
Changed calls to dos_{opendir,readdir} to vfs_{opendir,readdir}
equivalents.
(This used to be commit 5051a210619374639121124e32d24217255e992e)
|
|
capabilities to Samba so that Samba could talk to the SGI PCP
(Performance Co-Pilot) apps.
This change adds a profiling shared memory area and uses it to count
two fairly trivial things, the number of uid switches and the number
of SMB packets processes. To add more just edit include/profile.h and
then increment it at the right place.
I've also added a -P switch to smbstatus to dump the profile area.
(This used to be commit ef3d61a80ad0b87c196a63ef2bd4fe8fc3863bd0)
|
|
----------------------------
- removed DOM_RID4
- removed SAMR_UNKNOWN_32
- added SAMR_SET_USERINFO (opcode 0x32)
- added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user)
- fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- added mod_sam21pwd_entry()
- preparing to call mod_sam21pwd_entry()
- added "user session key" to user_struct.dc. this is md4(nt#) and is
needed to decode user's clear-text passwords in SAMR_SET_USERINFO.
- split code out in chgpasswd.c to decode 516 byte password buffers.
(This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)
|
|
(This used to be commit f9f594c03e220a0d902c5c3c5835948348b19fee)
|
|
root if the ACB_PWLOCK bit is set (on a per-user basis). he also added
an extra smbpasswd option so that this bit can be modified from
command-line.
(This used to be commit 534fe319d9de8da2ed7e911dbba3c7df08193efa)
|
|
(This used to be commit 5fa3a3f710cfd3a51641d560a96bd08f92afca32)
|
|
whether the client supports 32-bit error codes.
(This used to be commit cb5428308d6978f7bd76c1b878dd4a43135a274d)
|
|
* Added SAMR_LOOKUP_DOMAIN (-> SamrLookupDomainInSamServer)
* Added real SAMR_ENUM_DOM_GROUPS (corresponding to
SamrEnumerateGroupsInDomain). The existing one is just an alias for
SamrQueryDisplayInformation (see below).
* Added three extra info levels to SAMR_QUERY_DISPINFO. Info level 3 is
what was previously SAMR_ENUM_DOM_GROUPS; info levels 4 and 5 are
simple user/group list requests used by Win9x and I suspect (haven't
checked) the "low speed connection" User Manager.
* Added another two aliases for SAMR_QUERY_DISPINFO, opcodes 0x30 and
0x33. Usually the first is with info level 3 and the second 4 but there is
some overlap so indeed these should be implemented as just aliases.
* Return ERRDOS/ERRmoredata on extra data instead of
STATUS_BUFFER_OVERFLOW for Win95's benefit. On a named pipe this results
in an SMBreadX as usual.
Still need to fix SAMR_QUERY_DOMAIN_INFO which has a hard-coded number of
users and groups - which Win95 proceeds to truncate at.
(This used to be commit 7d03e6e21908f3a759a4e65c5edd850622335e3e)
|
|
Also some string length and sizeof(pointer) corrections.
(This used to be commit ce24191939b82985d09eabe945199f38b0fea486)
|
|
No more ugly static library buffers and all functions take a destination
string length (especially unistrcpy was rather dangerous; we were only
saved by the fact that datagrams are limited in size).
(This used to be commit a1d39af1ce1d451b811dbd7c2ba391214851b87e)
|
|
(This used to be commit 6a437cfb33f24913e0c1f8484c0b08ef317e513b)
|
|
(This used to be commit c5109ff782be8774db47a92b48ca6335ec8d6065)
|
|
prev_pdu_file_offset was not being re-initialised to zero.
(This used to be commit fcaa1214412f5a417a648d4da5c4332f75f59f57)
|
|
(This used to be commit 9084b7e33dfe717bd8d5604ee71d137e3baef0f5)
|
|
get_myname.
(This used to be commit 9ab81caa065a0e08368fc9137d42ed810fd4b817)
|
|
(This used to be commit ed128c38a88746ec7822d598e72f0106a30a4af7)
|
|
However, it seems that the -s flag
in smbclient is also ignored :-(
(This used to be commit f6c78192664d611d4663ed7459a2789315861eec)
|
|
idiotic *SMBSERVER connectionism added to cli_connect_serverlist().
also added check for protocol < LANMAN2.
(This used to be commit c2bcb3a286f22ed4f0f55da2a3eb2bff17906fb1)
|
|
(This used to be commit 2cce78aa00f31b79d51aaf46da72019b926e8226)
|
|
(This used to be commit d06d6369942828ec89e90f99bd0d0d3f91d61d13)
|
|
creating locking masks
(This used to be commit 5e2844d5edb15de29b976d2ff077ffbe012b860c)
|
|
LsaLookupSids etc from within SamrQueryAliasMembers, for example.
fnum is now a parameter to client functions. thanks to mike black
for starting the ball rolling.
(This used to be commit bee8f7fa6b0f7f995f71303f4e14a4aaed0c2437)
|
|
this....
Jeremy.
(This used to be commit 5287f3d19b7d8e76970f1ce1abfd95b7341434e5)
|
|
DB API
(This used to be commit ef58e48bc9af338ed6c734205d4faf82371284ac)
|
|
(This used to be commit 9d4e810e7dd8d6d80b47204636f9a37774f95455)
|
|
samr_query_aliasmembers (cool!)
util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c :
pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID
if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5)
to obtain member and pdc sids.
(This used to be commit 3e1eb4f26b67e484b05e1dde94fd4e4dae982631)
|
|
modified map_nt_and_unix_names() to never refuse a mapping (returns void
now not BOOL).
(This used to be commit faffcb3c8955dcea3987e2978dc34b4dba580167)
|
|
restriction and "domain user map" seems to work.
amazing.
(This used to be commit 2c0d91e64a6b330b209ca62c3306ec1a53fda873)
|
|
i may simply go for a response in the NetSamLogon returning the
unix username, forcing the NT user to appear to be a unix user,
however even that is fraught with implications.
might just have to go the whole hog and do this tuple thing,
"unix_name + nt_name" always associated together...
issue with api_net_sam_logon, getsam21pwent() being called twice,
the second time overwriting static buffer data (argh) so had to
make a copy.
noticed a nested "become_root()"/"unbecome_root()" which will have
to be tracked down...
(This used to be commit 474f94f419a531e33b475249da7efb99ac22f454)
|
|
- lib/sids.c:
generate_sam_sid() modified to take a domain name: it now
generates "DOMAIN_NAME.SID". reasons:
1) if you run multiple samba servers on the same machine
under different netbios names as members of a domain,
they won't all use the same SID, which is a _big_ mistake
but it would happen _by default_.
2) we have (had) a problem with sid_to_string() and string_to_sid()
which cause SIDs to be incorrectly read. one of the major
reasons for *NOT* making this change was so as not to disrupt
existing users. but as they will be anyway by this bug,
we might as well go ahead.
- passdb/smbpass.c:
wanted to change the meaning of the name in the smbpasswd
file to an "nt" name not a "unix" name. this is probably
not a good idea: reverted this.
- output formatting / bug-fixing in rpcclient query_useraliases code.
(This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
|
|
added their replacements, added sam password database API modules
(This used to be commit b1d1c1337c69c6f6bf25ab932a1a6a757e3ea2ae)
|
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
processing.
(This used to be commit 702263bba555a1d7c7999d40e5789b7e920dbce4)
|
|
(This used to be commit 591c63e3e1e3201ddcd7582585b652fb848d80ca)
|