| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
using smbpasswd command.
(This used to be commit 62d499f83256c6e8b3308dc4bd8e9f5df873b14b)
|
|
samr_query_aliasmembers (cool!)
util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c :
pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID
if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5)
to obtain member and pdc sids.
(This used to be commit 3e1eb4f26b67e484b05e1dde94fd4e4dae982631)
|
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
docs and do configuration at the same time.
(This used to be commit 386a3bfd337f4b248f6c88b9c98b9d6471cc9b25)
|
|
(This used to be commit d3fa0dd7a80a8d20e2d9db0b5ca24988059280fb)
|
|
use all_string_sub() if you don't want this.
(This used to be commit a3357ab49335106674fe7a7481cd0f146d74fbe5)
|
|
any attempt to run swat from a host that is disallowed will give an
error.
(This used to be commit fe4ef4bbef01aed75807c884249ca8efa5de4140)
|
|
web/swat.c: Changed '?' to help.
Jeremy.
(This used to be commit 631913ea856926a77304692c74a1bd27faead179)
|
|
(This used to be commit a33b4f623f196ca7e8056454b9212fe0ffa389c2)
|
|
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.
This code still needs surgery :-(.
Jeremy.
(This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
|
|
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
|
|
- much as I hate doing it I've removed the "commit changes" button for
users that don't have write access to smb.conf (Jeremy insisted)
(This used to be commit 8e8ab4df1fe77dfcae73a34f4de174afe09cd695)
|
|
(This used to be commit ab35d99e52225b0e9f519903ae99e575075187e7)
|
|
swat will now give an error message if run via cgi
(This used to be commit 55377e3cdd5d8428e89b40946f0535b8cf5247ae)
|
|
UNIXWARE.
groupdb/aliasdb.c groupdb/aliasfile.c groupdb/groupfile.c: Don't use snprinf, use slprintf.
include/includes.h: Fix YP problem.
include/smb.h: Fix ZERO_STRUCTP.
lib/util_sock.c: Added strerror() in debugs.
passdb/ldap.c: Don't use snprinf, use slprintf.
rpc_client/cli_lsarpc.c rpc_client/cli_pipe.c rpc_parse/parse_sec.c rpc_server/srv_pipe.c: Don't use snprinf, use slprintf.
script/installman.sh: DGUX changes.
smbd/open.c smbd/oplock.c: Fixed gcc warnings.
web/swat.c: Changes USER to SWAT_USER.
(This used to be commit 4c2b5a00983501e5d4aad1456ba8b5ab0dfd9b4c)
|
|
(This used to be commit b93f686655e871d7bfec9c7601cf3c175008041a)
|
|
Now passes strings instead.
(This used to be commit 48af29bcc9e8094de6ba057a52dbae3c80ea7a05)
|
|
client/client.c:
include/client.h: Added some debug messages that the old client used to
generate. These are needed to make scripts such as
'findsmb' work - there may be other changes to keep
backwards output compatibility. Do we need a -old-client-compat
argument ?
libsmb/clientgen.c: Fixed crash bug where malloc'ed data wasn't being
cleared - corrupted malloc chains.
web/swat.c: John's changes to get rid of "ghost" table entries.
(This used to be commit 3c45a3503ea57d17e98eb3e57514161a5c82e45e)
|
|
(This used to be commit e3fc90d0b5b21d49615c951a475d85f15fa01271)
|
|
(This used to be commit ee60d9a289f8d94f8e4d8405f7b41690b891bbb1)
|
|
(This used to be commit d076daaaf8690ae0b1ff9c8782619e518f868109)
|
|
(This used to be commit 530a98022e5207772980fc7d286547686713927a)
|
|
instead of opening pipes and other horrible stuff.
(This used to be commit 49bf19710345a59a2d17cd449be1a132885ed821)
|
|
user that authenticated to swat permanently (if not root).
Jeremy.
(This used to be commit 7d55bf379177a4a448e39577ae0af603d5e958f6)
|
|
Jeremy.
(This used to be commit 43ddc857793ffe507017fc989d60403e33e2ada3)
|
|
(This used to be commit 52f47b8d2ef5ee64e2f8dcfeb6840071e57904d1)
|
|
Jeremy.
(This used to be commit bd4e2972f50cafd932a5c915cdeeef7eedda07cc)
|
|
script/makeyodldocs.sh: Added code to make text docs for non-man page YODL docs.
web/cgi.c web/swat.c: SGI compiler warnings fixed.
Jeremy.
(This used to be commit 80e0f7e1071f032c5004aecb01a91d1397e6a161)
|
|
(This used to be commit 06d4026cf1521766b52766193774f1fd8dd70c81)
|
|
added smb.conf.5.html to swat/help
(This used to be commit 9f250a80c66fb3e2b9039218771f0b4d5088a0ae)
|
|
(This used to be commit b2210614e810c8e84c9a14a8e32e05f95d92479b)
|
|
(This used to be commit 90a8a02484a0897b053fd6531b7fec5d23098b6f)
|
|
Changes to get Samba to compile cleanly with the IRIX compiler
with the options : -fullwarn -woff 1209,1174 (the -woff options
are to turn off warnings about unused function parameters and
controlling loop expressions being constants).
Split prototype generation as we hit a limit in IRIX nawk.
Removed "." code in smbd/filename.c (yet again :-).
Jeremy.
(This used to be commit e0567433bd72aec17bf5a54cc292701095d25f09)
|
|
dummy.in files are no longer needed, and new directories will be taken
care of automatically, at configure (or config.status --recheck) time
(This used to be commit 237a8e5fe62d757c04b8207cbbee4df1470cfe4e)
|
|
(This used to be commit 9a5bdf5c1bef689fe0d6879949df869efbc34783)
|
|
fix problems in builds with srcdir!=builddir
(This used to be commit 1ffc3b807a3f80644c974b454ff5e6f68e89b546)
|
|
prompted by the interpret_security() dead code that Jean-Francois
pointed out I added a make target "finddead" that finds potentially
dead (ie. unused) code. It spat out 304 function names ...
I went through these are deleted many of them, making others static
(finddead also reports functions that are used only in the local
file).
in doing this I have almost certainly deleted some useful code. I may
have even prevented compilation with some compile options. I
apologise. I decided it was better to get rid of this code now and add
back the one or two functions that are needed than to keep all this
baggage.
So, if I have done a bit too much "destroying" then let me know. Keep
the swearing to a minimum :)
One bit I didn't do is the ubibt code. Chris, can you look at that?
Heaps of unused functions there. Can they be made static?
(This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
|
|
(This used to be commit ddb788c24d043b18506138a7759b8128df1673aa)
|
|
bit file interface for the NT SMB's.
Created a new define, SMB_STRUCT_STAT that currently is
defined to be struct stat - this wil change to a user
defined type containing 64 bit info when the correct
wrappers are written for 64 bit stat(), fstat() and lstat()
calls.
Also changed all sys_xxxx() calls that were previously just
wrappers to the same call prefixed by a dos_to_unix() call
into dos_xxxx() calls. This makes it explicit when a pathname
translation is being done, and when it is not.
Now, all sys_xxx() calls are meant to be wrappers to mask
OS differences, and not silently converting filenames on
the fly.
Jeremy.
(This used to be commit 28aa182dbffaa4ffd86047e608400de4b26e80eb)
|
|
a table to give it a little border
(This used to be commit d35c6e80988d96049d4624b47ae9ea015edafc59)
|
|
passwords with SWAT
(This used to be commit edcde70108ab643a29f3e0e0cc97609287da6e87)
|
|
in files.c
it should now be faily easy to expand the default MAX_OPEN_FILES to
many thousands.
(This used to be commit b088c804f98908eb02f05ab2f2e8a61691a0a582)
|
|
configure.in: Source for header changes.
client/clitar.c: Fixed isXXX macros & debugs for gcc pedantic compile.
include/config.h.in: Added MEMSET, BZERO, MEMORY, RPCSVC_YPCLNT, STRINGS headers.
include/includes.h: Headers for the above.
include/smb.h: Made SIGNAL_CAST POSIX by default void (*)(int).
lib/access.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/charset.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/debug.c: Fixed signal functs.
lib/kanji.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/smbrun.c: Fixed isXXX macros & debugs for gcc pedantic compile.
lib/util.c: Fixed isXXX macros & debugs for gcc pedantic compile.
libsmb/namequery.c: Fixed isXXX macros & debugs for gcc pedantic compile.
locking/shmem.c: Fixed isXXX macros & debugs for gcc pedantic compile.
locking/shmem_sysv.c: Fixed error messages in sysV stuff.
nmbd/asyncdns.c: Fixed signal functs.
nmbd/nmbd.c: Fixed isXXX macros & debugs for gcc pedantic compile.
passdb/passdb.c: Fixed isXXX macros & debugs for gcc pedantic compile.
passdb/smbpassfile.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/chgpasswd.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/ipc.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/nttrans.c: Fixed fsp code path.
smbd/password.c: fixed HAVE_YP_GET_DEFAULT_DOMAIN problem.
smbd/printing.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/reply.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/server.c: Fixed isXXX macros & debugs for gcc pedantic compile.
smbd/trans2.c: Fixed core dump bug.
smbd/uid.c: Fixed isXXX macros & debugs for gcc pedantic compile.
Jeremy.
(This used to be commit 1b9cbcd02e575dc0a95fa589f720df30a4acc46b)
|
|
Connections[] is now a local array in server.c
I might have broken something with this change. In particular the
oplock code is suspect and some .dll files aren't being oplocked when
I expected them to be. I'll look at it after I've got some sleep.
(This used to be commit c7ee025ead4a85b6fa44a832047b878451845fb6)
|
|
into passdb/pass_check.c. This means SWAT no longer needs to link to
smbd/password.c
(This used to be commit 90d93889d722670cbb517017531264630af759bf)
|
|
(This used to be commit 1d655b7c64231b0aec0548bb90fc3dcc3f37791c)
|
|
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
|
|
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
|
|
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit 6b0c1733d2ebf3b8f09f3bf88b8648d8b371bb1f)
|
|
messages.
nttrans.c: More updates.
smb.h: Removed stuff that didn't belong in the smb_passwd struct. Persuaded Luke
to use a new structure.
web/swat.c: Fixed gcc complaints about shadowing global 'string'.
Jeremy.
(This used to be commit 61c1dbb9785ed1e6fe40f93c7cc65024884df6f5)
|
