summaryrefslogtreecommitdiff
path: root/source3/utils
AgeCommit message (Collapse)AuthorFilesLines
2003-11-26Get rid of a const warningVolker Lendecke1-2/+2
Volker (This used to be commit ab1096d58e2447bc91370e0a7f913d9375658c4c)
2003-11-23Merge from 3.0:Andrew Bartlett2-5/+5
Add support for variable-length session keys in our client code. This means that we now support 'net rpc join' with KRB5 (des based) logins. Now, you need to hack 'net' to do that, but the principal is important... When we add kerberos to 'net rpc', it should be possible to still do user management and the like over RPC. - Add server-side support for variable-length session keys (as used by DES based krb5 logins). Andrew Bartlett (This used to be commit 1287cf5f921327c9ea758de46220c4e2dedc485c)
2003-11-22(merge from 3.0)Andrew Bartlett1-72/+112
Changes all over the shop, but all towards: - NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... Andrew Bartlett (This used to be commit 57a895aaabacc0c9147344d097d333793b77c947)
2003-11-12show locked files for -u <user>; bug 590Gerald Carter1-10/+41
(This used to be commit 3290582cb0542d1e2a7e1e5213614fca8788b070)
2003-10-31Merge from 3.0:Tim Potter1-40/+40
Revision 1.45.2.23: Changed output so all debug output goes to stderr, and all file processing goes to stdout. Note: This change permits use of testparm processing of smb.conf to be redirected into a file that can be used as an smb.conf file. ie: All information that should not be in smb.conf will be on stderr, all pertinent smb.conf info will go to stdout. Example of use: A fully documented smb.conf.master file can be maintained. To create smb.conf do: testparm -s > smb.conf (This used to be commit f323b932f932a576d42a018a3e16b45758121891)
2003-10-30First round of merging various UUID structures.Jim McDonough1-5/+5
This eliminates RPC_UUID. It creates the following struct: struct uuid { uint32 time_low; uint16 time_mid; uint16 time_hi_and_version; uint8 clock_seq[2]; uint8 node[6]; }; which replaces RPC_UUID and various random struct uuid definitions and a flat version: #define UUID_FLAT_SIZE 16 typedef struct uuid_flat { uint8 info[UUID_FLAT_SIZE]; } UUID_FLAT; which pretty much looks like GUID (which I will start eliminating). I want us to use the FLAT one only on the wire (perhaps in files, too?), and I want it to be obvious to the coder that it is the FLAT version. This leaves a couple of compiler warnings, where GUID isn't completely replaced by FLAT_UUID yet...I'll get to those soon. (This used to be commit 1532b5d2e3c61df232b16394acedf6eac387588b)
2003-10-24Add shutdown abort try over initshutdown pipe first, then fall back toJim McDonough1-4/+49
winreg pipe if it doesn't work. Fixes bug #534. I will go back and add the same logic for the shutdown itself, even though that works so far against win2k (haven't tested all win clients). (This used to be commit e6d02117755d92d1b5ce029bf659d0fbe1a55585)
2003-10-23Fix bug 451. Stop net -P from prompting for machine account password.Jim McDonough3-3/+4
Based on work by Ken Cross (kcross@nssolutions.com). (This used to be commit 32aa749bf1328e43af629ade30b3fdc11dd5e3ec)
2003-10-22Put strcasecmp/strncasecmp on the banned list (except for needed callsJeremy Allison2-11/+11
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. (This used to be commit 5c050a735f86927c7ef2a98b6f3a56abe39e4674)
2003-10-14Set errno = ENOSYS if mmap not supported.Tim Potter1-0/+1
From Joachim Schmitz <schmitz@hp.com> (This used to be commit a94b91ee28fccba952e557f84886ff60251100b7)
2003-10-02Portability fixes from schmitz@hp.com (Joachim Schmitz). Bug #549.Jeremy Allison1-1/+7
Jeremy. (This used to be commit 6defe43e6d48619cee31b6c7fc602973e8eeef3f)
2003-09-29Merge from 3.0:Tim Potter1-16/+4
>Fix to parse the level-2 strings. From Anthony Liguori aliguor@us.ibm.com. >Jeremy. (This used to be commit 3420320714798427bf9b760ed89fa4ce9346ad19)
2003-09-29Testparm fixes:Jelmer Vernooij1-3/+9
- Also check global 'hosts allow'/'hosts deny' when checking access to share - Warn when user specifies 2 arguments instead of 1 or 3. Patch from Jay Fenlason <fenlason@redhat.com> (This used to be commit 034fe96f9c3d3328bc69ef328f10690336dc35b0)
2003-09-24* sync more files from 3.0Gerald Carter1-3/+3
* set version string to "CVS 3.1.0alpha1" (This used to be commit c6a61ffcbd0c95afd94bd33fd832b24bc8209de5)
2003-09-22fix some warnings found by the Sun C compilerGerald Carter2-4/+3
(This used to be commit 585764305aa84a7732f71f2e01227e1a6a08664f)
2003-09-21Fix typoJelmer Vernooij1-1/+1
(This used to be commit 68e044f60ddb6dc7d894f95eff8a866e713df253)
2003-09-19Ensure that dup_sec_desc copies the 'type' field correctly. This causedJeremy Allison1-3/+3
me to expose a type arguement to make_sec_desc(). We weren't copying the SE_DESC_DACL_AUTO_INHERITED flag which could cause errors on auto inherited checks. Jeremy. (This used to be commit 546b2271c08735ac1049a453abac996d794aa364)
2003-09-15Fix from gregory@networksentry.co.za, don't clobber the comment if itJeremy Allison1-2/+2
exists. Jeremy. (This used to be commit a7ef2ce34931d9fcdeb8ecbcad981d96db4c409a)
2003-09-15Fixed test and wording for long share names.Christopher R. Hertel1-3/+4
The RAP NetShareEnum() call has a length limit of 12 characters (not 8, as previously tested). Took DaveCB's suggested and added a note listing some of the client systems that might be affected. (This used to be commit cdfc0fc383ab63f47ddd547fddc4c28bbfddf5e5)
2003-09-15fix online helpSimo Sorce1-1/+1
-w option need the password on the command line (This used to be commit 0b8f32b7f53b145fb51f5537a7f42d11d69ed4c3)
2003-09-12Fix another crash bug in samsync.Tim Potter1-0/+3
(This used to be commit 675707c33e8447b9cb9fc2ae451663a56a14d792)
2003-09-11Merge from samba-3.0:Tim Potter1-5/+10
>Revision 1.8.2.33 >Fix error return path memory leaks in vampire code for creating users. > >Display an error if we can't create a posix account for the user >(e.g no add user/machine script was specified; bug #323). >Revision 1.8.2.32: >Use opt_target_workgroup instead of lp_workgroup() in vampire code so >we can override the value in smb.conf with the -w option. > >Migrating accounts from another domain can now be done like: > ># bin/net join bdc -w nt4dom -Uadministrator%password ># bin/net rpc vampire -w nt4dom -U administrator%password (This used to be commit 36f7d88edd15bff1b7dfa78f3908dae272b96215)
2003-09-11Merge from samba-3.0:Tim Potter1-2/+2
>Formatting fixups for help output. (This used to be commit fe7c8e39688f0966563c67dd61a9ad8ae2b98f99)
2003-09-11Merge from samba-3.0:Tim Potter1-1/+1
>Fix error message when calling namedtogid() fails adding a group map >entry. Bug #431. (This used to be commit 1befe1758351f43558808a3c91543752e7ff7823)
2003-09-09sync 3.0 into HEAD for the last timeGerald Carter16-632/+938
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
2003-08-02port latest changes from SAMBA_3_0 treeSimo Sorce13-83/+548
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
2003-07-16ading new files from 3.0Gerald Carter1-0/+156
(This used to be commit 99feae7b5b1c229a925367b87c0c0f636d9a2d75)
2003-07-16trying to get HEAD building again. If you want the codeGerald Carter18-470/+1278
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
2003-06-02More changes to editreg to make it less tetchy.Richard Sharpe1-17/+17
(This used to be commit 30e1431e937325da414493bf0a6d4281b9c1501f)
2003-06-02Some fixes for editreg.c, although I see that head seems broken ...Richard Sharpe1-5/+5
(This used to be commit b049c2f66f2bc7d8beb52c9a88c48b297738336b)
2003-05-29Setting account policy values is done using -C, not -V. Fixes bug #120Jelmer Vernooij1-1/+1
(This used to be commit fd16d4797881372fe0dc7b87a23c58efdef84fbd)
2003-05-15Patch from "Alex Deiter" <tiamat@komi.mts.ru> to fix incorrect error check.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 9202362ee13c14bd7127713e3976bb9ee11038df)
2003-05-12Fix compiler warnings.Jeremy Allison1-1/+0
Jeremy. (This used to be commit e12934c67b6aea9e3e449009e159ce6814dcbd11)
2003-05-10Reverse previous patch from Stefan and me after comments by Andrew Bartlett.Jelmer Vernooij15-34/+0
(This used to be commit d31509fe88da8727521586dced1da2c73bfee2bc)
2003-05-10Patch from metze and me that adds dummy smb_register_*() functionsJelmer Vernooij15-0/+34
(This used to be commit 367a5cad1edf6a49783806d5a8b59a62d8856706)
2003-05-09Fix bug #4 for net rap. Allow more than 50 chars for long form listings of ↵Jim McDonough1-2/+2
users and groups. (This used to be commit 27ca9bde6ba1a21326d89ab1dab52f7053fff9a4)
2003-05-09Some more static definitions ...Richard Sharpe1-0/+16
(This used to be commit 05d7850302d4369c4f8001c923217f8912261e7d)
2003-05-09Add some static ...Richard Sharpe1-34/+84
(This used to be commit 5368f10eabbca09eee1e2777e8cb2fcb7f92fc1d)
2003-05-09Some more fixes for syntax problems on AIX etc ...Richard Sharpe1-2/+2
(This used to be commit 20756925486b407fbb2cf06d776ad2ce19b00c74)
2003-05-09Fix up a bunch of compiler warnings ...Richard Sharpe1-13/+13
(This used to be commit cd1182ba75fbfa6b17964a3fefba2c2c0292cfb7)
2003-05-09Fix some compiler warnings about const etc ...Richard Sharpe2-6/+5
(This used to be commit edc51dbc9ce319c612e2ff9434ca5a7521ba016f)
2003-05-05Turn off using lsa_qos.Rafal Szczesniak1-5/+2
Rafal (This used to be commit d03124fbf182f194e48c4ef9ae6aedc4db4f13b0)
2003-05-01init wellknown in pdbedit tooSimo Sorce1-0/+6
add group mapping mappings to idmap at startup (This used to be commit 62365023db61d5a4fa32845af3db73bce6cb94ea)
2003-05-01*id_to_*id call reshape to return NTSTATUS errorsSimo Sorce1-0/+2
plus internal fixes 1st stage (This used to be commit 6d036761e565bc93964bb3c939d5b7d78d5778a3)
2003-04-29This is a nice rewrite:Simo Sorce1-33/+15
SAM_ACCOUNT does not have anymore uid and gid fields all the code that used them has been fixed to use the proper idmap calls fix to idmap_tdb for first time idmap.tdb initialization. auth_serversupplied_info structure has now an uid and gid field few other fixes to make the system behave correctly with idmap tested only with tdbsam, but smbpasswd and nisplus should be ok have not tested ldap ! (This used to be commit 6a6f6032467e55aa9b76390e035623976477ba42)
2003-04-29adding ifdef'd code to add alias membership for vampireGerald Carter1-0/+138
(This used to be commit 21867183e082a4ec7fec64a534677058cba1a598)
2003-04-29Merge 3.0's change to how we add users onto HEAD, including a few other bitsAndrew Bartlett1-12/+4
of sync-up for the rpc_server/srv_samr_nt.c Andrew Bartlett (This used to be commit 3c867aedd9abc29389f5d049dbc94ada6738d1b0)
2003-04-28Merge compile and other fixes from 3.0 to HEAD.Andrew Bartlett3-3/+3
Including smbtorture bugfixes, and a better TCONDEV test. Andrew Bartlett (This used to be commit 52c5806004022f153af7d022afdb3ec7cc0d2548)
2003-04-28Fix compiler warning.Tim Potter1-1/+1
(This used to be commit 6a783ca81cead3eed556570152608fd7a224f1ee)
2003-04-28Getting ready for code that actually writes a registry file out.Richard Sharpe1-7/+32
(This used to be commit 22e61a7e77eabd462f192fb03b5adb1d07fa7409)