Age | Commit message (Collapse) | Author | Files | Lines |
|
this....
Jeremy.
(This used to be commit 5287f3d19b7d8e76970f1ce1abfd95b7341434e5)
|
|
DB API
(This used to be commit ef58e48bc9af338ed6c734205d4faf82371284ac)
|
|
(This used to be commit 9d4e810e7dd8d6d80b47204636f9a37774f95455)
|
|
samr_query_aliasmembers (cool!)
util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c :
pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID
if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5)
to obtain member and pdc sids.
(This used to be commit 3e1eb4f26b67e484b05e1dde94fd4e4dae982631)
|
|
modified map_nt_and_unix_names() to never refuse a mapping (returns void
now not BOOL).
(This used to be commit faffcb3c8955dcea3987e2978dc34b4dba580167)
|
|
restriction and "domain user map" seems to work.
amazing.
(This used to be commit 2c0d91e64a6b330b209ca62c3306ec1a53fda873)
|
|
i may simply go for a response in the NetSamLogon returning the
unix username, forcing the NT user to appear to be a unix user,
however even that is fraught with implications.
might just have to go the whole hog and do this tuple thing,
"unix_name + nt_name" always associated together...
issue with api_net_sam_logon, getsam21pwent() being called twice,
the second time overwriting static buffer data (argh) so had to
make a copy.
noticed a nested "become_root()"/"unbecome_root()" which will have
to be tracked down...
(This used to be commit 474f94f419a531e33b475249da7efb99ac22f454)
|
|
- lib/sids.c:
generate_sam_sid() modified to take a domain name: it now
generates "DOMAIN_NAME.SID". reasons:
1) if you run multiple samba servers on the same machine
under different netbios names as members of a domain,
they won't all use the same SID, which is a _big_ mistake
but it would happen _by default_.
2) we have (had) a problem with sid_to_string() and string_to_sid()
which cause SIDs to be incorrectly read. one of the major
reasons for *NOT* making this change was so as not to disrupt
existing users. but as they will be anyway by this bug,
we might as well go ahead.
- passdb/smbpass.c:
wanted to change the meaning of the name in the smbpasswd
file to an "nt" name not a "unix" name. this is probably
not a good idea: reverted this.
- output formatting / bug-fixing in rpcclient query_useraliases code.
(This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
|
|
added their replacements, added sam password database API modules
(This used to be commit b1d1c1337c69c6f6bf25ab932a1a6a757e3ea2ae)
|
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
processing.
(This used to be commit 702263bba555a1d7c7999d40e5789b7e920dbce4)
|
|
(This used to be commit 591c63e3e1e3201ddcd7582585b652fb848d80ca)
|
|
aclocal.m4: Added AC_LIBTESTFUNC.
configure.in: Fixed -lsecurity -lsec problems.
client.c: dos_ fixes.
groupdb/aliasunix.c: Dead code removal.
include/includes.h: Added default PRINTCAP_NAME.
lib/genrand.c: dos_ fixes.
lib/replace.c: Added strtoul.
lib/system.c: dos_ fixes.
lib/util.c: dos_ fixes.
lib/util_sid.c: Signed/unsigned fixes.
lib/util_str.c: removed bad const.
locking/locking_slow.c: dos_ fixes.
printing/printing.c: dos_ fixes.
rpc_server/srv_samr.c: Dead code removal.
rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN !
smbd/dir.c: dos_ fixes.
smbd/open.c: dos_ fixes.
smbd/oplock.c: dos_ fixes.
smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes.
Jeremy.
(This used to be commit 6acb4b68f68d516e2ac3c47e500f5600d653435e)
|
|
(This used to be commit 68342a29a892e515cf2b22d759476d61944bcd59)
|
|
(This used to be commit 90a24664318da97a6e8cfe4622a8573c0e3cbe5e)
|
|
Jeremy.
(This used to be commit 252dd8b8929adbdff9917395d4f8caad2d7882b2)
|
|
Jeremy.
(This used to be commit 81b90208910528a4ace683f30e39c54d8cfa12b7)
|
|
(This used to be commit 82b6292dff38f4e22ee8feab1b54504b95d705fa)
|
|
(This used to be commit e76f593b3572ac881f1aa1fb3326d8b7169b0078)
|
|
use all_string_sub() if you don't want this.
(This used to be commit a3357ab49335106674fe7a7481cd0f146d74fbe5)
|
|
session_request fails.
(This used to be commit ab2370e7ac770f1e32b8d726ab955457fcc8c2d7)
|
|
(This used to be commit 94fc7fe3afa1dc5547050248738eb697c1eeef59)
|
|
web/swat.c: Changed '?' to help.
Jeremy.
(This used to be commit 631913ea856926a77304692c74a1bd27faead179)
|
|
Jeremy.
(This used to be commit 10f51b85722141f99ffecc3f19a39de108400828)
|
|
Added HPUX autoconf changes.
Added "gross hack" printer code.
Jeremy.
(This used to be commit 1ef6d3bd63722afe9c376793a6ea72046d1a0602)
|
|
(which is not the case with open directories).
Jeremy.
(This used to be commit c154b1601f5891d664fc538ec8874fa8ef2061e6)
|
|
If a client does a modify timestamp on an open file (which will
do no good at all on UNIX :-) then keep the modify request pending
in the files_struct and apply it at close instead.
Jeremy.
(This used to be commit 92a7a86f0e0255e3812dd35bebfcd653091514ae)
|
|
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.
This code still needs surgery :-(.
Jeremy.
(This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
|
|
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
|
|
script/installman.sh: Make installman ignore ROFF argument if it is "".
smbd/oplock.c: Move location of oplock test file to lockdir.
Jeremy.
(This used to be commit 6c25a3314243997508b0b2da4bfa10bb979e9c10)
|
|
Jeremy.
(This used to be commit 4ca71c90985b1c88d92bdd0f9079a4afc263dc46)
|
|
(This used to be commit d9d44d98ec719b7fc6d5b0fc35bf8727f4cd0372)
|
|
UNIXWARE.
groupdb/aliasdb.c groupdb/aliasfile.c groupdb/groupfile.c: Don't use snprinf, use slprintf.
include/includes.h: Fix YP problem.
include/smb.h: Fix ZERO_STRUCTP.
lib/util_sock.c: Added strerror() in debugs.
passdb/ldap.c: Don't use snprinf, use slprintf.
rpc_client/cli_lsarpc.c rpc_client/cli_pipe.c rpc_parse/parse_sec.c rpc_server/srv_pipe.c: Don't use snprinf, use slprintf.
script/installman.sh: DGUX changes.
smbd/open.c smbd/oplock.c: Fixed gcc warnings.
web/swat.c: Changes USER to SWAT_USER.
(This used to be commit 4c2b5a00983501e5d4aad1456ba8b5ab0dfd9b4c)
|
|
lib/util_sock.c: Added strerror() calls to getpeername failures (which seem to be giving IRIX trouble at the moment).
rpc_parse/parse_sec.c: Changed use of ZERO_STRUCTPN to ZERO_STRUCTP which again does zero pointer protection.
smbd/quotas.c: Fixed typo.
Jeremy.
(This used to be commit b62f008974c96e0302d6c146cf49bc2045bef005)
|
|
instead of opening pipes and other horrible stuff.
(This used to be commit 49bf19710345a59a2d17cd449be1a132885ed821)
|
|
Jeremy.
(This used to be commit 22df2dae30b815f1c86bd21ac0ccf02da5b85eba)
|
|
Jeremy.
(This used to be commit 74530677d5301abd2da5bcdcb1fde6e6f903ad70)
|
|
include/smb.h:
param/loadparm.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
printing/printing.c: Added J.F.'s latest fix.
rpc_parse/parse_misc.c:
parse_reg.c:
rpcclient/cmd_reg.c:
rpcclient/display.c: SGI compiler signed/unsigned issues.
smbd/reply.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
utils/testparm.c: Added extra test.
Jeremy.
(This used to be commit 9668a5ef50be2e6b575f9989e87ee2ff8da5ac1d)
|
|
client/client.c:
client/clitar.c:
include/client.h:
smbwrapper/smbw_dir.c:
smbwrapper/smbw_stat.c:
smbwrapper/smbw.c:
lib/util.c: Converted all use of 'mode' to uint16.
smbd/quotas.c: Fixed stupid comment bug I put in there :-(.
printing/printing.c: Fix from J.F. to new code.
Jeremy.
(This used to be commit bacd3e9d2036a804e73644a28fc498f229c8446c)
|
|
I did this when I saw yet another bug report complaining about
smbclient intermittently missing files. Rather than applying more
patches to smbclient it was better to move to the more robust
clientgen.c code.
The conversion wasn't perfect, I probably lost some features of
smbclient while doing it, but at least smbclient should be consistent
now. It if fails it should _always_ fail rather than giving people the
false impression of a reliable utility.
the tar stuff seems to work, but hasn't had much testing as I never
use it myself. I'm sure someone will find bugs in my conversion of
smbtar.c. It was quite tricky as it did a lot of its own SMB calls. It
now uses clientgen.c exclusively.
smbclient is still quite messy, but at least it doesn't build its own
SMB packets.
I haven't touched smbmount as I never use it. Mike, do you want to
convert smbmount to use clientgen.c?
(This used to be commit e14ca7765ace1b721dad8eca4a527a4e4a8f1ab8)
|
|
param/loadparm.c: Removed "networkstation user login", "domain controller", and "domain sid" parameters.
passdb/passdb.c: Removed "networkstation user login" code and changed bug test code
to only check once for a bad password server. This will stop the
complaints of many "bad login" audit records in NT PDC logs.
utils/smbpasswd.c: Removed check for "domain controller".
Jeremy.
(This used to be commit d6e6e936b5dd90dd8fc38d9404efbe5c546c15e5)
|
|
libsmb/namequery.c: Fix to remove 2 second wait is we are doing a unicast
and got a reply.
smbd/dfree.c:
smbd/noquotas.c:
smbd/quotas.c: Fixes from Dejan Ilic <svedja@lysator.liu.se> for the quota
code.
utils/smbpasswd.c: Fixes to allow smbpasswd to be called from swat.
Jeremy.
(This used to be commit b5981c0149ad8c6f13ea87db450080616538b5d5)
|
|
smbd/quotas.c:
Added quotas patch for autoconf from Dejan Ilic <svedja@lysator.liu.se>.
printing/printing.c: Filenames with spaces patch from Allan Bjorklund <allan@umich.edu>
utils/nmblookup.c: Fix usage() function.
smbd/reply.c: Split out the security=server and security=domain checks into
check_server_security() and check_domain_security() to aid the
writing of the 'hack' appliance mode invented by John Schimmel.
Jeremy.
(This used to be commit f09ab9b52251087a58af92ec753537ca34a970fc)
|
|
(This used to be commit 5e2fc8b7ccf4a9c8b0a2acf4bd752531ac6fa775)
|
|
that caused NetBench to fail as the wrong error code was being
returned from a getatr call. Change was not to set the
unix_ERR_class global when you are not returning an error. This
is a big of Samba internal folklore that is *important*.
Jeremy.
(This used to be commit a1923d465be4c63a40d55abb800cc9b16a4b87d0)
|
|
Chris - feel free to fix these things differently if these fixes don't
work for you.
Jeremy.
(This used to be commit 1f225abfbe6b021b589711c2e4c599a63050c5b2)
|
|
fix username overwriting problem in security=share.
Jeremy.
(This used to be commit 17621964344336c6303386c3c9e8a3e23b9e46e1)
|
|
(This used to be commit 22721b027139ffb7ff2625741b68701ba15fbb98)
|
|
Ensured offset was being reported correctly for 64 bit file access,
ensured delete on close bit was being reported correctly.
Jeremy.
(This used to be commit 4332bc06c6604a3e14007eda4f40e6183a1f8526)
|
|
changes uses the unique index number from a SMB_QUERY_FILE_ALL_INFO to
try to provide inode numbers. If it is 0 then use the hash of the
filename as before.
(This used to be commit 2565ccf9de9d5e80fdb5bcadbc7130faba386d95)
|