summaryrefslogtreecommitdiff
path: root/source3/web
AgeCommit message (Collapse)AuthorFilesLines
1999-03-09mods to allow inter-domain trust accounts to be added to SAM databaseLuke Leighton1-3/+18
using smbpasswd command. (This used to be commit 62d499f83256c6e8b3308dc4bd8e9f5df873b14b)
1998-12-01rpc_samr.h parse_samr.c srv_samr.c :Luke Leighton1-1/+1
samr_query_aliasmembers (cool!) util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c : pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5) to obtain member and pdc sids. (This used to be commit 3e1eb4f26b67e484b05e1dde94fd4e4dae982631)
1998-11-29weekend work. user / group database API.Luke Leighton1-1/+2
- split sam_passwd and smb_passwd into separate higher-order function tables - renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user" plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd password databases to fill in the blank entries that are not obtained from whatever password database API instance is being used. NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c for the only example outside of the password database APIs i could find. - added query_useraliases code to rpcclient. - dealt with some nasty interdependencies involving non-smbd programs and the password database API. this is still not satisfactorily resolved completelely, but it's the best i can do for now. - #ifdef'd out some password database options so that people don't mistakenly set them unless they recompile to _use_ those options. lots of debugging done, it's still not finished. the unix/NT uid/gid and user-rid/group-rid issues are better, but not perfect. the "BUILTIN" domain is still missing: users cannot be added to "BUILTIN" groups yet, as we only have an "alias" db API and a "group" db API but not "builtin-alias" db API... (This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
1998-11-27make the help links appear in a separate window, so you can read theAndrew Tridgell1-1/+1
docs and do configuration at the same time. (This used to be commit 386a3bfd337f4b248f6c88b9c98b9d6471cc9b25)
1998-11-27better layout of password options.Andrew Tridgell1-19/+23
(This used to be commit d3fa0dd7a80a8d20e2d9db0b5ca24988059280fb)
1998-11-23changed string_sub() to replace " ; and ` in the inserted string with _Andrew Tridgell1-1/+1
use all_string_sub() if you don't want this. (This used to be commit a3357ab49335106674fe7a7481cd0f146d74fbe5)
1998-11-21make SWAT obey the global "hosts allow" and "hosts deny" settings.Andrew Tridgell2-13/+29
any attempt to run swat from a host that is disallowed will give an error. (This used to be commit fe4ef4bbef01aed75807c884249ca8efa5de4140)
1998-11-21smbd/password.c: Added *SMBSERVER fix is name is too long.Jeremy Allison1-1/+1
web/swat.c: Changed '?' to help. Jeremy. (This used to be commit 631913ea856926a77304692c74a1bd27faead179)
1998-11-20wrong directory path for smbd and nmbdHerb Lewis1-2/+2
(This used to be commit a33b4f623f196ca7e8056454b9212fe0ffa389c2)
1998-11-17Added the same open()/fopen()/creat()/mmap() -> sys_XXX calls.Jeremy Allison3-7/+7
Tidied up some of the mess (no other word for it). Still doesn't compile cleanly. There are calls with incorrect parameters that don't seem to be doing the right thing. This code still needs surgery :-(. Jeremy. (This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-1/+1
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-11-14- new prototypesAndrew Tridgell1-3/+16
- much as I hate doing it I've removed the "commit changes" button for users that don't have write access to smb.conf (Jeremy insisted) (This used to be commit 8e8ab4df1fe77dfcae73a34f4de174afe09cd695)
1998-11-14allow all user to view the configAndrew Tridgell1-36/+22
(This used to be commit ab35d99e52225b0e9f519903ae99e575075187e7)
1998-11-14remove code that allows installation via cgiAndrew Tridgell2-21/+36
swat will now give an error message if run via cgi (This used to be commit 55377e3cdd5d8428e89b40946f0535b8cf5247ae)
1998-11-13Makefile.in configure configure.in include/config.h.in: Changes for DGUX and ↵Jeremy Allison1-9/+9
UNIXWARE. groupdb/aliasdb.c groupdb/aliasfile.c groupdb/groupfile.c: Don't use snprinf, use slprintf. include/includes.h: Fix YP problem. include/smb.h: Fix ZERO_STRUCTP. lib/util_sock.c: Added strerror() in debugs. passdb/ldap.c: Don't use snprinf, use slprintf. rpc_client/cli_lsarpc.c rpc_client/cli_pipe.c rpc_parse/parse_sec.c rpc_server/srv_pipe.c: Don't use snprinf, use slprintf. script/installman.sh: DGUX changes. smbd/open.c smbd/oplock.c: Fixed gcc warnings. web/swat.c: Changes USER to SWAT_USER. (This used to be commit 4c2b5a00983501e5d4aad1456ba8b5ab0dfd9b4c)
1998-11-12%\ is an interesting printf argument, but I prefer %sAndrew Tridgell1-1/+1
(This used to be commit b93f686655e871d7bfec9c7601cf3c175008041a)
1998-11-12Removed code that used printf/fprintf in password changin libraries.Herb Lewis1-3/+19
Now passes strings instead. (This used to be commit 48af29bcc9e8094de6ba057a52dbae3c80ea7a05)
1998-11-12.cvsignore: Removed old entries.Herb Lewis1-21/+24
client/client.c: include/client.h: Added some debug messages that the old client used to generate. These are needed to make scripts such as 'findsmb' work - there may be other changes to keep backwards output compatibility. Do we need a -old-client-compat argument ? libsmb/clientgen.c: Fixed crash bug where malloc'ed data wasn't being cleared - corrupted malloc chains. web/swat.c: John's changes to get rid of "ghost" table entries. (This used to be commit 3c45a3503ea57d17e98eb3e57514161a5c82e45e)
1998-11-12changes from John Sygulla for changing remote passwordsHerb Lewis1-17/+79
(This used to be commit e3fc90d0b5b21d49615c951a475d85f15fa01271)
1998-11-12handle null usernamesAndrew Tridgell1-8/+5
(This used to be commit ee60d9a289f8d94f8e4d8405f7b41690b891bbb1)
1998-11-12show all buttons in demo modeAndrew Tridgell1-1/+1
(This used to be commit d076daaaf8690ae0b1ff9c8782619e518f868109)
1998-11-12fixed demo modeAndrew Tridgell1-5/+10
(This used to be commit 530a98022e5207772980fc7d286547686713927a)
1998-11-12extracted the password change code from smbpasswd and used it in swatAndrew Tridgell1-299/+54
instead of opening pipes and other horrible stuff. (This used to be commit 49bf19710345a59a2d17cd449be1a132885ed821)
1998-11-12Added the security changes suggested by Andrew - become theJeremy Allison2-79/+107
user that authenticated to swat permanently (if not root). Jeremy. (This used to be commit 7d55bf379177a4a448e39577ae0af603d5e958f6)
1998-11-12Added enable user button. Fixed bug where log was always printed.Jeremy Allison1-5/+15
Jeremy. (This used to be commit 43ddc857793ffe507017fc989d60403e33e2ada3)
1998-11-11changed is_root() to am_root() to prevent clash with variable names.Andrew Tridgell2-13/+11
(This used to be commit 52f47b8d2ef5ee64e2f8dcfeb6840071e57904d1)
1998-11-11J.F.'s latest printer fixes plus his gcc -picky fix for web/cgi.cJeremy Allison1-1/+1
Jeremy. (This used to be commit bd4e2972f50cafd932a5c915cdeeef7eedda07cc)
1998-11-11rpc_server/srv_netlog.c: Fixed crash bug with ACB_PWNOTREQ.Jeremy Allison2-7/+5
script/makeyodldocs.sh: Added code to make text docs for non-man page YODL docs. web/cgi.c web/swat.c: SGI compiler warnings fixed. Jeremy. (This used to be commit 80e0f7e1071f032c5004aecb01a91d1397e6a161)
1998-11-11added password change functionality to swatHerb Lewis2-60/+534
(This used to be commit 06d4026cf1521766b52766193774f1fd8dd70c81)
1998-11-11swat.c updated to use new yodl generated smb.conf.5.html file for helpHerb Lewis1-5/+17
added smb.conf.5.html to swat/help (This used to be commit 9f250a80c66fb3e2b9039218771f0b4d5088a0ae)
1998-10-26report ourselves as HTTP/1.0 not HTTP/1.1Andrew Tridgell1-3/+3
(This used to be commit b2210614e810c8e84c9a14a8e32e05f95d92479b)
1998-09-29get away with dummy and .dummy filesAlexandre Oliva1-1/+0
(This used to be commit 90a8a02484a0897b053fd6531b7fec5d23098b6f)
1998-09-28Changes to test in configure if capabilities are enabled on a system.Jeremy Allison2-5/+3
Changes to get Samba to compile cleanly with the IRIX compiler with the options : -fullwarn -woff 1209,1174 (the -woff options are to turn off warnings about unused function parameters and controlling loop expressions being constants). Split prototype generation as we hit a limit in IRIX nawk. Removed "." code in smbd/filename.c (yet again :-). Jeremy. (This used to be commit e0567433bd72aec17bf5a54cc292701095d25f09)
1998-09-28automated generation of .dummy files for each subdirectory;Alexandre Oliva1-1/+0
dummy.in files are no longer needed, and new directories will be taken care of automatically, at configure (or config.status --recheck) time (This used to be commit 237a8e5fe62d757c04b8207cbbee4df1470cfe4e)
1998-09-21replace getpass() with getsmbpass() if getsmbpass.c compilesAlexandre Oliva1-1/+1
(This used to be commit 9a5bdf5c1bef689fe0d6879949df869efbc34783)
1998-09-21major autoconf clean-upAlexandre Oliva1-0/+1
fix problems in builds with srcdir!=builddir (This used to be commit 1ffc3b807a3f80644c974b454ff5e6f68e89b546)
1998-09-05tridge the destroyer returns!Andrew Tridgell1-168/+0
prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
1998-09-02use /swat/ prefix in both inetd and cgi modes, to enable a static header.htmlAndrew Tridgell2-19/+8
(This used to be commit ddb788c24d043b18506138a7759b8128df1673aa)
1998-09-01More abstraction of file system data types, to move to a 64Jeremy Allison1-1/+1
bit file interface for the NT SMB's. Created a new define, SMB_STRUCT_STAT that currently is defined to be struct stat - this wil change to a user defined type containing 64 bit info when the correct wrappers are written for 64 bit stat(), fstat() and lstat() calls. Also changed all sys_xxxx() calls that were previously just wrappers to the same call prefixed by a dos_to_unix() call into dos_xxxx() calls. This makes it explicit when a pathname translation is being done, and when it is not. Now, all sys_xxx() calls are meant to be wrappers to mask OS differences, and not silently converting filenames on the fly. Jeremy. (This used to be commit 28aa182dbffaa4ffd86047e608400de4b26e80eb)
1998-09-01spruced up SWAT a bit - it now uses the new Samba logo at the top andAndrew Tridgell1-21/+27
a table to give it a little border (This used to be commit d35c6e80988d96049d4624b47ae9ea015edafc59)
1998-09-01fixed a bug in the base64 hanlding that led to auth failures for someAndrew Tridgell1-2/+6
passwords with SWAT (This used to be commit edcde70108ab643a29f3e0e0cc97609287da6e87)
1998-08-15this checkin gets rid of the global Files[] array and makes it localAndrew Tridgell1-1/+0
in files.c it should now be faily easy to expand the default MAX_OPEN_FILES to many thousands. (This used to be commit b088c804f98908eb02f05ab2f2e8a61691a0a582)
1998-08-15configure: Changes for extra headers.Jeremy Allison1-1/+1
configure.in: Source for header changes. client/clitar.c: Fixed isXXX macros & debugs for gcc pedantic compile. include/config.h.in: Added MEMSET, BZERO, MEMORY, RPCSVC_YPCLNT, STRINGS headers. include/includes.h: Headers for the above. include/smb.h: Made SIGNAL_CAST POSIX by default void (*)(int). lib/access.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/charset.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/debug.c: Fixed signal functs. lib/kanji.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/smbrun.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/util.c: Fixed isXXX macros & debugs for gcc pedantic compile. libsmb/namequery.c: Fixed isXXX macros & debugs for gcc pedantic compile. locking/shmem.c: Fixed isXXX macros & debugs for gcc pedantic compile. locking/shmem_sysv.c: Fixed error messages in sysV stuff. nmbd/asyncdns.c: Fixed signal functs. nmbd/nmbd.c: Fixed isXXX macros & debugs for gcc pedantic compile. passdb/passdb.c: Fixed isXXX macros & debugs for gcc pedantic compile. passdb/smbpassfile.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/chgpasswd.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/ipc.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/nttrans.c: Fixed fsp code path. smbd/password.c: fixed HAVE_YP_GET_DEFAULT_DOMAIN problem. smbd/printing.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/reply.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/server.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/trans2.c: Fixed core dump bug. smbd/uid.c: Fixed isXXX macros & debugs for gcc pedantic compile. Jeremy. (This used to be commit 1b9cbcd02e575dc0a95fa589f720df30a4acc46b)
1998-08-14this is the bug change to using connection_struct* instead of cnum.Andrew Tridgell1-2/+0
Connections[] is now a local array in server.c I might have broken something with this change. In particular the oplock code is suspect and some .dll files aren't being oplocked when I expected them to be. I'll look at it after I've got some sleep. (This used to be commit c7ee025ead4a85b6fa44a832047b878451845fb6)
1998-08-10split the system password checking routines out of smbd/password.c andAndrew Tridgell1-1/+1
into passdb/pass_check.c. This means SWAT no longer needs to link to smbd/password.c (This used to be commit 90d93889d722670cbb517017531264630af759bf)
1998-07-29some merge cleanupsAndrew Tridgell1-0/+0
(This used to be commit 1d655b7c64231b0aec0548bb90fc3dcc3f37791c)
1998-07-29merge from the autoconf2 branch to the main branchAndrew Tridgell1-0/+1
(This used to be commit 3bda7ac417107a7b01d91805ca71c4330657ed21)
1998-05-12This is a security audit change of the main source.Jeremy Allison3-9/+9
It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
1998-05-11changed to use slprintf() instead of sprintf() just aboutAndrew Tridgell1-1/+1
everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit 6b0c1733d2ebf3b8f09f3bf88b8648d8b371bb1f)
1998-05-08clitar.c: #ifdef'ed out all the bits that were giving 'defined but not used'Jeremy Allison1-5/+5
messages. nttrans.c: More updates. smb.h: Removed stuff that didn't belong in the smb_passwd struct. Persuaded Luke to use a new structure. web/swat.c: Fixed gcc complaints about shadowing global 'string'. Jeremy. (This used to be commit 61c1dbb9785ed1e6fe40f93c7cc65024884df6f5)