| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
subystem.
The particular aim is to modularized the interface - so that we
can have arbitrary password back-ends.
This code adds one such back-end, a 'winbind' module to authenticate
against the winbind_auth_crap functionality. While fully-functional
this code is mainly useful as a demonstration, because we don't get
back the info3 as we would for direct ntdomain authentication.
This commit introduced the new 'auth methods' parameter, in the
spirit of the 'auth order' discussed on the lists. It is renamed
because not all the methods may be consulted, even if previous
methods fail - they may not have a suitable challenge for example.
Also, we have a 'local' authentication method, for old-style
'unix if plaintext, sam if encrypted' authentication and a
'guest' module to handle guest logins in a single place.
While this current design is not ideal, I feel that it does
provide a better infrastructure than the current design, and can
be built upon.
The following parameters have changed:
- use rhosts =
This has been replaced by the 'rhosts' authentication method,
and can be specified like 'auth methods = guest rhosts'
- hosts equiv =
This needs both this parameter and an 'auth methods' entry
to be effective. (auth methods = guest hostsequiv ....)
- plaintext to smbpasswd =
This is replaced by specifying 'sam' rather than 'local'
in the auth methods.
The security = parameter is unchanged, and now provides defaults
for the 'auth methods' parameter.
The available auth methods are:
guest
rhosts
hostsequiv
sam (passdb direct hash access)
unix (PAM, crypt() etc)
local (the combination of the above, based on encryption)
smbserver (old security=server)
ntdomain (old security=domain)
winbind (use winbind to cache DC connections)
Assistance in testing, or the production of new and interesting
authentication modules is always appreciated.
Andrew Bartlett
(This used to be commit 8d31eae52a9757739711dbb82035a4dfe6b40c99)
|
|
in smbd/process.c where the timezone is reinitialised. Was replaced with
check for a static is_initialised boolean.
(This used to be commit 8fc772c9e5770cd3a8857670214dcff033ebae32)
|
|
default, rather than in preprocessor macros.
(This used to be commit 79ec88f0da40faebe1e587f1b3e87b5f2b184f58)
|
|
of gettext for internationalisation support. There is more to do
(This used to be commit ab7f67677a1ade4669e5c2750d0a38422ea616a9)
|
|
Jeremy.
(This used to be commit d1adaee373f08020d350af2aa65b7651da94bdae)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
lookup' value.
(This used to be commit 5f5b4b48ca78b3981001965058a2b4e796ba815c)
|
|
(This used to be commit f41c3bb80f1e498a9d27f6e236b0ff3a742764c9)
|
|
replacemnt of stdio that doesn't suffer from the 8-bit filedescriptor
limit that we hit with nasty consequences on some systems
I would eventually prefer us to have a configure test to see if we need
to replace stdio, but for now this code needs to be tested widely so
I'm enabling it by default.
(This used to be commit 1af8bf34f1caa3e7ec312d8109c07d32a945a448)
|
|
to determine whether the 'wins server' parameter is set.
(This used to be commit 5b975d3a9cea39e9992a9b556b8a6d9d3ec14807)
|
|
can't redefine them. damn.
(This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
|
|
This commit gets rid of all our old codepage handling and replaces it with
iconv. All internal strings in Samba are now in "unix" charset, which may
be multi-byte. See internals.doc and my posting to samba-technical for
a more complete explanation.
(This used to be commit debb471267960e56005a741817ebd227ecfc512a)
|
|
it will avoid problems with lists being longer than 1024 bytes
just now only ip list parameters have been converted to the new type
(hosts allow, hosts deny, ssl hosts, ssl hosts resign)
(This used to be commit e1572f85d6247b760db10825b2fa688d7ed50bd3)
|
|
Original patch from Andrew Bartlett.
Jeremy.
(This used to be commit aae779d0a3d3c80e6fa010fdb397af3aff360551)
|
|
smb.conf
file in utf8.
Jeremy.
(This used to be commit 42052d6079479452aa43eb37ad3d679d28337779)
|
|
checked to see that only one server was listed. As I am working on an
enhancement that allows multiple servers to be listed...this was a bit
contrary. ;)
(This used to be commit 1b718f67675e52520f193a8c71c110246e70723f)
|
|
(This used to be commit 289d3cac38ae271175697f98d3eb01a21f3678a7)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
also allow specifying [host hostip] without [configfile]
updated man page
(This used to be commit 85fbd401026e7f1464c9a125cbaa505b768f8a10)
|
|
include/smb.h:
param/loadparm.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
printing/printing.c: Added J.F.'s latest fix.
rpc_parse/parse_misc.c:
parse_reg.c:
rpcclient/cmd_reg.c:
rpcclient/display.c: SGI compiler signed/unsigned issues.
smbd/reply.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
utils/testparm.c: Added extra test.
Jeremy.
(This used to be commit 9668a5ef50be2e6b575f9989e87ee2ff8da5ac1d)
|
|
prompted by the interpret_security() dead code that Jean-Francois
pointed out I added a make target "finddead" that finds potentially
dead (ie. unused) code. It spat out 304 function names ...
I went through these are deleted many of them, making others static
(finddead also reports functions that are used only in the local
file).
in doing this I have almost certainly deleted some useful code. I may
have even prevented compilation with some compile options. I
apologise. I decided it was better to get rid of this code now and add
back the one or two functions that are needed than to keep all this
baggage.
So, if I have done a bit too much "destroying" then let me know. Keep
the swearing to a minimum :)
One bit I didn't do is the ubibt code. Chris, can you look at that?
Heaps of unused functions there. Can they be made static?
(This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
|
|
bit file interface for the NT SMB's.
Created a new define, SMB_STRUCT_STAT that currently is
defined to be struct stat - this wil change to a user
defined type containing 64 bit info when the correct
wrappers are written for 64 bit stat(), fstat() and lstat()
calls.
Also changed all sys_xxxx() calls that were previously just
wrappers to the same call prefixed by a dos_to_unix() call
into dos_xxxx() calls. This makes it explicit when a pathname
translation is being done, and when it is not.
Now, all sys_xxx() calls are meant to be wrappers to mask
OS differences, and not silently converting filenames on
the fly.
Jeremy.
(This used to be commit 28aa182dbffaa4ffd86047e608400de4b26e80eb)
|
|
(This used to be commit 0d641d0cebfbd8cc6015d2361e088ce0410c5d20)
|
|
perms on lock dir should be 755 not 644.
(This used to be commit 930a4292e95947d20696b7ce08bbb936442fe327)
|
|
permissions.
(This used to be commit 10303a78d4b12a03166db89202759cd745c516c5)
|
|
(This used to be commit aa5648ce833a13b202e4d3e5304494c3bab6855f)
|
|
test all the heuristics we know about for validating smb.conf
file.
Jeremy.
(This used to be commit 76dec5b04e9c3b4b727bf9a44d31acf32b4b6b4c)
|
|
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
|
|
- added the ability to auto-refresh the status page. There is a
problem with this (it can kill inetd!). Hopefully we can fix that.
(This used to be commit 4488d8932fa072bf8a3ae236ab666618051b5e83)
|
|
testparm.
In particular I added:
- ability to optionally save default values of all parameters when
calling lp_load(). This can then be used to save only non-default
parameters in lp_dump(). This makes the saved smb.conf (and viewed
parameters in testparm) much shorter
- ability to not load ipc share in lp_load()
- separators in parm_table[] so parameters can be grouped logically.
- flag to mark parameters that are local but which should be also
viewed as global as far as parameters editing is concerned
(This used to be commit f9af35da26e58fb0b644b5f0169f1c212230047a)
|
|
nmbd_sendannounce.c: Remote announcement was announcing to the wrong name !
nmblookup.c: Fix for substitutions not seeing hostname.
testparm.c: Fix for substitutions not seeing hostname.
wsmbstatus.c: Fix for substitutions not seeing hostname.
util.c: Change read_udp_socket to use sockaddr_in rather than dubiously
messing around with an opaque data type (sockaddr).
Jeremy.
(This used to be commit 776ccf5c0641b5aa300236c2612b5f2761d1179f)
|
|
This is merely updating the Copyright statements from 1997 to 1998.
It's a once a year thing :-).
NO OTHER CHANGES WERE MADE.
Jeremy.
(This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c)
|
|
(This used to be commit 77f5bc87058dfb5c1b14e7cd8c6097a6bcb2c0cc)
|
|
a codepage_initialise(). Fixes problem with initialising dos map
twice.
charset.h: Changes to support charset changes.
client.c: Changes to support charset changes.
loadparm.c: follow symlinks parameter from David Clerc <David.Clerc@cui.unige.ch>
nmbd.c: Changes to support charset changes.
nmblookup.c:Changes to support charset changes.
proto.h: Changes to support charset changes.
reply.c: Don't call security=server with no user/no password guest. Fix from
Stefaan A Eeckels <Stefaan.Eeckels@ecc.lu>
server.c: follow symlinks code from David Clerc <David.Clerc@cui.unige.ch>
smbpasswd.c:Changes to support charset changes.
status.c: Changes to support charset changes.
testparm.c: Changes to support charset changes.
testprns.c: Changes to support charset changes.
uid.c: Fixed log message with no \n.
Jeremy (jallison@whistle.com)
(This used to be commit 2a28a6e5e461aca7fe6c19cd01d287010056cffb)
|
|
Makefile.RPM: Added quoata changes for Linux from Thorvald Natvig
charset.c: Large changes to add multiple client code pages.
charset.h: Changed charset_initialise() proto.
client.c: Fixed message sending bug. Changed charset_initialise().
ipc.c: Fixed #ifdef compile problems.
loadparm.c: Added "client code page" option.
nmbd.c: Changed charset_initialise(). Fixed lmhosts read.
nmblookup.c: Changed charset_initialise().
proto.h: Added lp_client_code_page(void).
quotas.c: Added quoata changes for Linux from Thorvald Natvig
reply.c: Changed debug level. Made SMBecho ignore tid.
server.c: Changed charset_initialise().
smb.h: Added DEFAULT_CLIENT_CODE_PAGE as 850.
smbpasswd.c: Changed charset_initialise().
status.c: Changed charset_initialise().
testparm.c: Changed charset_initialise().
testprns.c: Changed charset_initialise().
Jeremy Allison (jallison@whistle.com)
(This used to be commit 957025bace1bcff34d21a6caeca498e85abccb23)
|
|
Wed May 7 1997: Update for 1.9.17alpha1 release - 'browsefix release'
designed to make browsing across subnets work.
byteorder.h: Updated copyright to 1997.
charcnv.c: Updated copyright to 1997.
charset.c Updated copyright to 1997.
charset.h Updated copyright to 1997.
client.c Updated copyright to 1997.
clientutil.c Updated copyright to 1997.
dir.c Updated copyright to 1997.
fault.c Updated copyright to 1997.
includes.h Updated copyright to 1997.
interface.c Updated copyright to 1997.
ipc.c Updated copyright to 1997.
kanji.c Updated copyright to 1997.
kanji.h Updated copyright to 1997.
loadparm.c Updated copyright to 1997.
locking.c Updated copyright to 1997.
mangle.c Updated copyright to 1997.
message.c Updated copyright to 1997.
nameannounce.c
Made use of WINS subnet explicit.
Added reset_announce_timer() so announcement
can be made immediately when we become a master.
Expanded code to do sync with dmb.
namebrowse.c
Removed redundent checks for AM_MASTER in
sync code. Made use of WINS subnet explicit.
namedbname.c Made use of WINS subnet explicit.
namedbresp.c Made use of WINS subnet explicit.
namedbserver.c Made use of WINS subnet explicit.
namedbsubnet.c
Explicitly add workgroup to WINS subnet
when we become a dmb. Made use of WINS subnet explicit.
namedbwork.c
Made use of WINS subnet explicit. Removed
redundent check_work_servertype() function.
nameelect.c
Explicitly add workgroup to WINS subnet
when we become a master browser. Made use of WINS subnet explicit.
namelogon.c Updated copyright to 1997.
namepacket.c Updated copyright to 1997.
namequery.c Updated copyright to 1997.
nameresp.c
Made use of WINS subnet explicit. Made nmbd fail if
configured as master browser and one exists already.
nameserv.c
Made use of WINS subnet explicit. Remove redundent
logon server and domain master code.
nameserv.h Add emumerate subnet macros.
nameservreply.c Made use of WINS subnet explicit.
nameservresp.c Updated copyright to 1997.
namework.c
Made use of WINS subnet explicit. Updated code to
add sync browser entries to add subnet parameter.
nmbd.c
Added sanity check for misconfigured nmbd.
nmblib.c Updated copyright to 1997.
nmblookup.c Updated copyright to 1997.
nmbsync.c
Removed redundent AM_ANY_MASTER check.
params.c Updated copyright to 1997.
password.c Updated copyright to 1997.
pipes.c Updated copyright to 1997.
predict.c Updated copyright to 1997.
printing.c Updated copyright to 1997.
proto.h
Changed protos for new nmbd code.
quotas.c Updated copyright to 1997.
replace.c Updated copyright to 1997.
reply.c Updated copyright to 1997.
server.c Updated copyright to 1997.
shmem.c Updated copyright to 1997.
smb.h Updated copyright to 1997.
smbencrypt.c Updated copyright to 1997.
smbpasswd.c Updated copyright to 1997.
smbrun.c Updated copyright to 1997.
status.c Updated copyright to 1997.
system.c Updated copyright to 1997.
testparm.c Updated copyright to 1997.
testprns.c Updated copyright to 1997.
time.c Updated copyright to 1997.
trans2.c Updated copyright to 1997.
trans2.h Updated copyright to 1997.
uid.c Updated copyright to 1997.
username.c Updated copyright to 1997.
util.c Updated copyright to 1997.
version.h
Changed to 1.9.17alpha1.
(This used to be commit cf23a155a1315f50d488794a2caf88402bf3e3e6)
|
|
Luke, can you take special note of the bug fixes to nmbd so you can
propogate them to your new code.
- rewrote the code that used to use fromhost(). We now call
gethostbyaddr() only if necessary and a maximum of once per
connection. Calling gethostbyaddr() causes problems on some systems so
avoiding it if possible is a good thing :-)
- added the "fake oplocks" option. See the docs in smb.conf(5) and
Speed.txt
- fixed a serious bug in nmbd where it would try a DNS lookup on
FIND_SELF queries. This caused a lot of unnecessary (and incorrect)
DNS lookups to happen. FIND_SELF queries should only go to the
internal name tables.
- don't set FIND_SELF for name queries if we are a wins proxy, as we
are supposed to be answering queries for other hosts.
- fixed a bug in nmbd which had "if (search | FIND_LOCAL)" instead of
"if (search & FIND_LOCAL)". Luke, this was in nameservreply.c
- the above 3 bugs together meant that DNS queries were being cached,
but the cache wasn't being used, so every query was going to DNS, no
wonder nmbd has been chewing so much CPU time! Another side effect was
that queries on names in lmhosts weren't being answered for bcast
queries with "wins proxy" set.
- ignore the maxxmit for seconday session setups (see CIFS spec)
- close user opened files in a uLogoffX for user level security (see
CIFS spec)
- added uid into the files struct to support the above change
(This used to be commit ea472b7217b7693627a13a7b1e428a0a6a3d8755)
|
|
prototypes automatically using "make proto". This is much less prone
to error than the old method of manually adding prototypes
(This used to be commit b551dc98f7cc194a5fc2e67a4ebae7fd67a01bbc)
|
|
The biggest thing is the integration of Lukes new nmbd. Its still
largely untested, so we will really need some feedback
I've also added auto prototype generation and cleaned up a lot of
minor things as a result
(This used to be commit 0d8dcfa13c527ec2c8aca39ba49c09e4e694b26c)
|
|
- add faq info on NT printer handling
- add "delete readonly" option to help rcs users
- add stuff to man pages on new printer options
- add "proxy name resolution" option
- add "command string" -c option to smbclient (thanks Ken)
- split time functions into time.c
- rearrange the quotas stuff a bit and fix some bugs
- complete rehash of the time handling code thanks to Paul Eggert
- fix nmblookup output a bit
- add plp print queue parsing from Bertrand Wallrich
(This used to be commit 635b56f19c817527c52e9bbde31faa6a8a47777b)
|
|
(This used to be commit 291551d80711daab7b7581720bcd9a08d6096517)
|
