Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit aa5648ce833a13b202e4d3e5304494c3bab6855f)
|
|
(This used to be commit 7fecc3d5a2fb641237f24a3f39c6556fde648a8a)
|
|
I'll do the rest tomorrow.
(This used to be commit b92ce41c54fa187bce3287257996f7a3e9c9b9ff)
|
|
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
|
|
Also updated the documentation :-)
The code is ugly, we need to rewrite smbstatus someday.
(This used to be commit a2a9f55a76fc16ef1d4656332ef6b1b455bb6259)
|
|
MAX_OPEN_DIRECTORIES for nttrans I forgot to update the code that
enumerates the array.
Created new MAX_FNUMS in local.h, changed all code that iterates
through the files_struct array to use this.
(sorry Richard).
Jeremy.
(This used to be commit 339b10222269d71c7a493cc08b7b1bfd35fd55fc)
|
|
With apologies to Charlton Heston and Pierre Boule.
"You damn fools, you finally did it".
Changed default security mode to be security=user.
Yes this is a big (although small in code) change.
It's something we've been discussing for a while, to
finally wean people off the legacy security=share mode
which is *never* what you want.
Jeremy.
nmbd_incomingrequests.c: Bug fix for nmbd core dumps caused by overrun.
Found by <samuel@public.szonline.net>.
nttrans.c: More NT smb stuff.
reply.c: Unlink will overwrite an existing file. Well you learn
something new about POSIX every day. :-).
server.c: Tidyup unreadable code.
smbpasswd.c: Code to allow -U remote_username to allow ordinary
users to change remote passwords if their NT username
is different from their UNIX username.
Patch from <torbjorn.lindh@allgon.se>.
Jeremy.
(This used to be commit 4eccb47cfb3c8907a6558b6ea9a02b0184458e34)
|
|
belong to -uUsername are printed when running 'smbstatus -uUsername'
PaulB
(This used to be commit da08e486871992043c2650e6aac304cd29ba693c)
|
|
password.c: Added code to tell server.c when machine password needs changing.
server.c: Change machine password in idle cycles if it needs it.
smbpassfile.c: Fixed up length calculations for machine password file.
smbpasswd.c: Moved domain joining code/machine password changing code.
lib/rpc/client/cli_netlogon.c: And this is where it now lives.
Jeremy.
(This used to be commit b8fedca6191de96159df0d1d17082d82e8e44773)
|
|
test all the heuristics we know about for validating smb.conf
file.
Jeremy.
(This used to be commit 76dec5b04e9c3b4b727bf9a44d31acf32b4b6b4c)
|
|
function table, selectable at compile time. This should make the
code that implements all the password functions much cleaner, as
it's now very clear exactly what a particular password database
needs to provide to Samba.
Jeremy.
(This used to be commit 27ca536ad974242524c12f7100e419d9e7f9647f)
|
|
ldap.c: Stoped dummy_function being prototyped.
loadparm.c: Fixed slprintf sizes.
nisppass.c: Fixed safe_strcpy sizes.
nmbd_processlogon.c: Changed back to getsmb... from getsam...
nttrans.c: Just a dump of new code.
passdb.c: Moved stuff around a lot - stopped any lookups by rid. This
needs to be indirected through a function table (soon).
password.c: Changed back to getsmb... from getsam...
reply.c: Changed back to getsmb... from getsam...
slprintf.c: Fixed prototype problems.
smb.h: Fixed prototype problems.
smbpass.c: Changed to getsmbfile....
smbpasswd.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup.
lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam...
Jeremy.
(This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0)
|
|
in /etc/passwd. Fix from "Mike Black" <mblack@csihq.com>.
Jeremy.
(This used to be commit 0146883f8568de4642087bb769b0381c3217d792)
|
|
have vsnprintf.
locking_slow.c: slight tidy.
make_smbcodepage.c: Use safe_strcpy instead of pstrcpy.
nmbd_winsserver.c: Use pstrcpy instead of fstrcpy.
smbmount.c: Fixed reported bug.
util.c: Removed old fstrcpy/fstrcat functions.
Jeremy.
(This used to be commit f257d2e4bafd3944cca737699913a8d868279ca6)
|
|
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
|
|
and null session setup done.
smbpasswd.c: Fix from Gerald Carter <cartegw@Eng.Auburn.EDU> to fix incorrect
use of pointer.
Jeremy.
(This used to be commit 69ace0760986a6e892cd5b25ca85930b65e38c45)
|
|
Makefile:
created PASSBD_OBJ group
includes.h:
added #ifdef USE_LDAP to #include <ldap> headers
ldap.c:
- renamed "_machine" to "_trust" everywhere.
- added sam_passwd support routines
- removed get_ldappwd_entry function: replaced with get_sampwd_entry
- removed getldappwnam/uid: replaced with getsampwnam/uid
- other messing about bits which are probably going to annoy the
hell out of jean-francois (sorry!)
mkproto.awk:
- added stuff to wrap ldap.c protos with #ifdef USE_LDAP
- added uid_t and gid_t return results to the prototype generation
passdb.c:
- created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry.
- modified getsampwnam/uid and created getsam21pwnam/rid functions
to replace the local get_smbpwd_entry() and get_ldappwd_entry()
functions, which jeremy didn't like anyway because they were
dual-purpose.
- added utility routines which are or may be useful to all the
password database routines.
password.c:
- renamed "machine_" to "trust_" everywhere.
smbpass.c:
- removed get_smbpwd_entry function: replaced it with get_sampwd_entry
functions in passdb.c
- moved code that decoded acct_ctrl into passdb.c
- moved encode_acct_ctrl into passdb.c
- removed getsmbpwnam/uid: replaced with getsampwnam/uid
- renamed "machine_" to "trust_" everywhere.
smbpasswd.c:
- renamed "machine_" to "trust_" everywhere.
util.c:
- moved gethexpwd function into passdb.c
lib/rpc/server/srv_util.c:
- moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c
(This used to be commit 673ab50c4c2c25db355d90efde3a6bfbb4d8369e)
|
|
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6)
|
|
(This used to be commit abe261b2f5ea7036e7be6230876176d134ef4ee4)
|
|
Jeremy.
(This used to be commit dfdc9b0b1e47717b83e54f1cf726e40122cf9baf)
|
|
passwords to be stored over time, allowing a smbpasswd file migration.
Adds new parameter "update encrypted".
Will also add to 1.9.18 branch.
Docs update to follow.
Jeremy.
(This used to be commit 5d3e874d780d595415cc27a7f5945fc2e694c3ac)
|
|
loadparm.c: Patch from tim@quiknet.com for static string problems.
server.c: Setup global_myname.
smbpass.c: Fix up locking. Add machine_password_delete() call.
smbpasswd.c: Added provisional code to add to a domain.
lib/rpc/client/cli_login.c: Fixed incorrect cred_hash3 call when setting machine password.
lib/rpc/server/srv_netlog.c: Fixed incorrect cred_hash3 call when setting machine password.
Jeremy.
(This used to be commit 6a7164233e3bf9d6bb57c44a53204068e454ae5c)
|
|
It is changing the global variables "myname" and "myworkgroup"
to "global_myname" and "global_myworkgroup" respectively.
This is to make it very explicit when we are messing
with a global (don't ask - it makes the domain client
code much clearer :-).
Jeremy.
(This used to be commit 866406bfe399cf757c8275093dacd5ce4843afa0)
|
|
password.c: Changed global cli -> pw_cli, removed strtok (bad strtok, bad :-)
use in security=server, started to extend security=domain code.
smbpasswd.c: Removed rap error code functions.
Jeremy.
(This used to be commit 0f00b8fce1a5cad7f8c212568fa33f09986e5bd6)
|
|
smbpass.c: Added lock depth code so calls to pw_file_lock() can be nested.
Fixed codedump problems in add_smbpwd_entry().
smbpasswd.c: Removed all the code that manipulated the password file
directly. Now *all* smbpasswd file changes are done through
the interfaces defined in smbpass.c This should make
the life of people adding alternate backend databases
*much* easier.
lib/rpc/server/srv_netlog.c: Removed debug messages used to debug
machine password changing.
Jeremy.
(This used to be commit c9f61be08f3691a6421734d8b026a295d9cbd6ba)
|
|
regularized parameter syntax:
setup, setup_count, max_setup_count,
params, params_count, max_params_count,
data, data_count, max_data_count,
(and if a reply is needed)
*reply_params, *reply_data_len
*reply_data, *reply_data_len
This allows the pointers and the lengths
that relate to these pointers to be next
to each other in the parameter list. This
makes seeing what you are passing to these
functions much easier to see.
Getting ready for adding the lib/rpc/client
functions needed to do security=domain.
torture.c: Fixed it so it uses / rather than \\
internally for the //machine/share syntax.
Jeremy.
(This used to be commit 38350ea8b949d0908497490898ff04df7591ccac)
|
|
smbdes.c: Added cred_hash3.
smbpasswd.c: Fixes for adding a machine account (needs more work).
lib/rpc/server/srv_netlog.c: Turn on the machine password changing
code by default (calls cred_hash3).
Jeremy.
(This used to be commit 50aa513b969c6e41911aeee8207b065f93af0beb)
|
|
nmbd.c: Fix for always overwriting log despite append setting.
smb.h: Addition of last time password changed entry to account info.
smbpass.c: Changes to support last time changed field in smbpasswd file.
smbpasswd.c: Changes to support last time changed field in smbpasswd file.
util.c: Fix for always overwriting log despite append setting.
Jeremy.
(This used to be commit eb4fe9ecdf539209efab07dc992447ea7370cf93)
|
|
get_smbpwd_entry (now an internal function to smbpass.c)
to a more UNIX-like :
getsmbpwnam() - get entry by name.
getsmbpwuid() - get entry by uid.
Changed the type returned by the smbpasswd enumeration
functions to be a void * so that people don't come to
depend on it being a FILE *.
These abstractions should make it much easier to
replace the smbpasswd file with a better backend
in future.
Other files changed are to match the above changes.
Jeremy.
(This used to be commit 1161cfb7f2b0d5a6d3e2b524a14a6f325ce70efb)
|
|
with gcc. (Not a big change although it looks like it :-).
Jeremy.
(This used to be commit cd2613c57261456485fe4eeecfda209ada70de8e)
|
|
(This used to be commit 02786747ee6774f617d95b08a5c5912bf86e7586)
|
|
stn@techfak.uni-kiel.de (Stefan Nehlsen) to get homes from
the NIS+ map.
smbpasswd.c: Tidy up of cli_state structure.
Jeremy.
(This used to be commit fc2295e0f5729585fdb3ee47edb290851d4071c5)
|
|
Jeremy.
(This used to be commit 81cbfaacb11747830354f4a58be441015fe19ba8)
|
|
Jeremy.
(This used to be commit 38391b51cd9e1e9fc7e4b77335ed2c7f6befc8c6)
|
|
smb.conf.
smbpasswd.c: Removed bugs I put in yesterday (thanks Luke :-) and added error
message reporting for remote password changing.
Jeremy.
(This used to be commit 6a3394a285a250d1029cdd545dd0bf832284555a)
|
|
accounts when adding machine account types.
Jeremy.
(This used to be commit a402b5070f72d7a6948cc9885228efae16f6617d)
|
|
workstation.
smbpasswd.c: Added code to count down from last machine account
to add correct uid when adding a machine account.
Jeremy.
(This used to be commit 0601a41993d6ea4fb2a186b7ca55b2f3a6f6a53d)
|
|
field when adding a user via smbpasswd.
Jeremy.
(This used to be commit 607c64fadbf8c33459444466630f676800cba5ee)
|
|
root to disable users and set them to "NO PASSWORD".
Not quite finished with machine account stuff yet, but everything
compiles.
Jeremy.
(This used to be commit c66966ff00b0968f765e62b679279b7417988df9)
|
|
quotas.c: Linux quota fix.
util.c: Ensure smb_read_error is zero in all calls that can set it.
lib/rpc/include/rpc_misc.h lib/rpc/include/rpc_netlogon.h
lib/rpc/parse/parse_misc.c lib/rpc/parse/parse_net.c
lib/rpc/server/srv_netlog.c : Modify Luke's code to call
SamOEMhash().
Jeremy.
(This used to be commit 7f749708383b8b36c3f23a5fbc5cbdf39bc8e555)
|
|
includes (ie. unpatched RH5) Samba gets file corruption because of the
incorrect definition of the shmid_ds structure. Updating your RH5
installation of glibc-devel fixes this.
- don't try to fcntl_lock() a read-only fd in shmem.c
- allow level 0 debug messages to get through in smbstatus
(This used to be commit 45553771f90087a12db0153524146d42155d1d3f)
|
|
Changed smbpasswd to be client-server for a normal user, rather
than accessing the private/smbpasswd file directly (it still accesses
this file directly when run as root, so root can add users/change a
users password without knowing the old password).
A shakeout of this change is that smbpasswd can now be used to
change a users password on a remote NT machine (yep - you heard
that one right - we can now change a NT password from UNIX !!!!!).
Jeremy.
(This used to be commit 20770b6f1c25288e90d3e0d215afa7f0809ce124)
|
|
- added the ability to auto-refresh the status page. There is a
problem with this (it can kill inetd!). Hopefully we can fix that.
(This used to be commit 4488d8932fa072bf8a3ae236ab666618051b5e83)
|
|
the status page)
- split the claim_connection() code into its own file
- fixed the claim_connection() code to lock the file when manipulating
it
- always claim a null connection at startup
- fixed a bug in the pidfile code
(This used to be commit abd4a17e21d12be3d1747e94ceb1915abaf135e3)
|
|
testparm.
In particular I added:
- ability to optionally save default values of all parameters when
calling lp_load(). This can then be used to save only non-default
parameters in lp_dump(). This makes the saved smb.conf (and viewed
parameters in testparm) much shorter
- ability to not load ipc share in lp_load()
- separators in parm_table[] so parameters can be grouped logically.
- flag to mark parameters that are local but which should be also
viewed as global as far as parameters editing is concerned
(This used to be commit f9af35da26e58fb0b644b5f0169f1c212230047a)
|
|
all I saw" - the book of Jeremy, chapter 1 :-).
So here is the mega-merge of the NTDOM branch server code.
It doesn't include the new client side pieces, we'll look
at that later.
This should give the same functionality, server wise, as
the NTDOM branch does, only merged into the main branch.
Any fixes to domain controler functionality should be
added to the main branch, not the NTDOM branch.
This code compiles without warnings on gcc2.8, but will
need further testing before we are sure all the working
functionality of the NTDOM server branch has been
correctly carried over.
I hereby declare the server side of the NTDOM branch
dead (and all who sail in her :-).
Jeremy.
(This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7)
|
|
(This used to be commit bafc7768925109d0e8e87152054d37ec3f4e7fdd)
|
|
nmbd_sendannounce.c: Remote announcement was announcing to the wrong name !
nmblookup.c: Fix for substitutions not seeing hostname.
testparm.c: Fix for substitutions not seeing hostname.
wsmbstatus.c: Fix for substitutions not seeing hostname.
util.c: Change read_udp_socket to use sockaddr_in rather than dubiously
messing around with an opaque data type (sockaddr).
Jeremy.
(This used to be commit 776ccf5c0641b5aa300236c2612b5f2761d1179f)
|
|
Jeremy.
(This used to be commit 1a9e25d3bc610a1d49241e2fe39530813d983882)
|
|
(This used to be commit ab894c3e1de582864ad9c0f6ae797b73b4c2ba41)
|