| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
(This used to be commit 0b2bd0a2290315056789f6aa1421678583086fc6)
|
|
passdb interface change, now the passdb modules will be asked for SID not for rid, the modules have been updated with a passthrough function that calls the old getsampwrid() functions.
srv_samr_nt.c functions that made use of the pdb_getsampwrid funcion has been updated to use the SID one.
(This used to be commit f5c6496c33fa7f5c2826540ffb4a49d8a5790fb3)
|
|
The problem was the NTLMv2 uses extra data in order to make reply/lookup
more difficult. That extra data includes the hostname, and the domain.
This matches Win2k (sort of) by sending this information.
Win2k connects with LMCompatibilityLevel=5 without a problem.
We can change the negotiation bits if we want, this should allow us to make
NTLMv2 the default for other clients as well.
Some of the extra #defines were found in the squid source.
Andrew Bartlett
(This used to be commit 17a5f67b3d1935baf6197ae967624eb847b66ac8)
|
|
(This used to be commit 44df5a13bc83dc331caa6788cf0805333ed79f8d)
|
|
unix and DOS strings.
This pushes all the 'have to uppercase, must be 14 chars' stuff behind the
the interface.
Andrew Bartlett
(This used to be commit dec650efa8ab1466114c2e6d469320a319499ea0)
|
|
Importantly:
The removal of the silly 'delete user script' behaviour when secuity=domain.
I have left the name the same - as it still does the (previously documented,
but not in smb.conf(5)) sane behaviour of deleting users on request.
When we decide what to do with the 'add user' functionality, we might
rename it.
Andrew Bartlett
(This used to be commit cdcfe3671eb7570e15649b77f708e6579055e7bc)
|
|
the whole record which could include things like photos's etc.
Andrew Bartlett
(This used to be commit bbc69545516f29cc4e05ba6238b03eb504f28226)
|
|
structs.
Andrew Bartlett
(This used to be commit 57097bf1ba10566389266a4863899a7f25cdbb43)
|
|
(This used to be commit f0226a1d836b69d179a1a2eda79fa26911b78096)
|
|
Tim, please check the prs_align() removed from sec_io_desc()
and make sure it doesn't break anything else. I know it is
right for the printing needs and I have tested some other
general things like viewing acls on directories, but I would
feel more comfortable if you would have a look as well.
jerry
(This used to be commit 83f109c940f30d9b35176540d8bdccbb22ffa3a1)
|
|
and secuirty=server.
I *love* automated testing...
Andrew Bartlett
(This used to be commit c92f4f4d72ffd307ca2d4d792b5e4154f1b85b91)
|
|
- convert net to popt
- convert status to popt
- adapt examples/pdb/ to multiple passdb system
- add dynamic debug class example to examples/pdb/
and some reformatting to better match the samba coding style.
Andrew Bartlett
(This used to be commit 2498bc69d4e5c38ec385f640489daa94c508c726)
|
|
(This used to be commit 2f74fb6e9893d306598ebedd54658f2dd56e988e)
|
|
didn't make any sense, and its was always just strlen(password) anyway.
This fixes it to be strlen(password)+1
Andrew Bartlett
(This used to be commit c205b18bd6b9b69200ff3db55f2c641631d4ab40)
|
|
that the passdb code now uses. Similarly, move the 'pluggable' stuff
over from passdb as well, allowing runtime loading of new authenticaion
modules.
(NOTE: The interfaces here can *and do* change - module writers are
not assured source-level compatibilty, and certainly not binary
compatibility).
(This used to be commit 3897cf5e048f50be91ae434f636affc6d539d0d1)
|
|
(This used to be commit 18c6db6a0014fd23383361485ec03eb871a85faa)
|
|
pointer.
(This used to be commit 38012edaca4c181f3d3a9e9df4fc434bba78f9dc)
|
|
Jeremy.
(This used to be commit f536ec62242c5c644e03afa19f4a3ebedf36f80d)
|
|
my removal of the goto. Oops !
Jeremy.
(This used to be commit 4d3679e03e0c30602b1345cbf2fbf8587dff1f26)
|
|
(This used to be commit 63e2c7c5fe6eca86222a7a76d81ce1ee93ebde22)
|
|
BOOL const secrets_init(...)
Broke AIX build.
(This used to be commit 37b6bf3aae4fd8ee3af7e5947b3e549dcef754cf)
|
|
rpc and rap too. Anyone know what key I'm supposed to use to encrypt
it for the rap one?
(This used to be commit 033faaa8cbfe7e368c554b26e7a506098d06fa02)
|
|
Wasn't this what got us some of the bugs with big-endien smbpasswd -j FOO -U ?
Anyway, it deserves to die.
Andrew Bartlett
(This used to be commit 7201720048b31e48fb2600de8f7396088cc9b533)
|
|
Make it static (till sombody needs its...)
(This used to be commit 89dc15732062b46276d1d7a155954ee565070491)
|
|
this:
More code cleanup - this lot a bit more dodgy than the last:
The aim is to trim pwd_cache down to size. Its overly complex, and a
pain to deal with. With a header comment like this:
'obfusticaion is planned'
I think it deserved to die (at least partly).
This was being done to allow 'cli_establish_connection' to die - its
functionality has been replaced by cli_full_connection(), which does
not duplicate code everywhere for creating names etc.
This also removes the little 'init' fucntions for the various pipes,
becouse they were only used in one place, and even then it was dodgy.
(I've reworked smbcacls not to use anonymous connections any more, as
this will (should) fail with a 'restrict anonymous' PDC).
This allowed me to remove cli_pipe_util.c, which was calling
cli_establish_connection.
tpot: I'm not sure what direction you were going with the client stuff,
and you may well have been wanting the init functions. If thats the case,
give me a yell and I'll reimplement them against cli_full_connection.
Andrew Bartlett
(This used to be commit fa67e4626bed623333c571e76e06ccd52cba5cc5)
|
|
(This used to be commit 08dcfff2a22fd35a3e5cdca8ed137a7e5891fe53)
|
|
(This used to be commit 1d75b548de8b667673cf136306388546eb3bd98d)
|
|
Jeremy.
(This used to be commit 5c8351228c55f2403214351f6fd16fe231aee917)
|
|
(This used to be commit 08356ec38a5be239b6ab53ee75f3735c29b677a7)
|
|
Jeremy.
(This used to be commit 490b95a35d1e2ccd3b80db5cfcf7b9804901d36e)
|
|
Jeremy.
(This used to be commit 7e6db250804e51ce0883b972831da455d389cdcd)
|
|
it, so we may as well reduce the complexity.
Andrew Bartlett
(This used to be commit 31e074cea50111a150db220603c3cfccaaf4339c)
|
|
These might be reimplmented as simple pass-through functions, but all users
really should be doing 'getpwnam_alloc' or 'getpwuid_alloc' to ensure that
there are not shared static buffers.
I don't beleive we actually need a getpw*() cache inside samba - if we do
then I think we should look at our code design first.
(some of these changes are for platforms I don't have access to, but
they look sane)
Andrew Bartlett
(This used to be commit 9d8431b04f41dceffe4c45cc969472ee59f7282f)
|
|
Make some code static, add some const to the PAM code, and make the plaintext
password code actually function - particulary without the requirement to
modify the 'struct passwd' (which it assumed was made up of fstrings)
This kills some particularly ugly code in lib/util_pw.c
Andrew Bartlett
(This used to be commit 302dad4990ba5194f072e435465d9adaa089ae06)
|
|
the DATA_BLOB code into its own file.
It would be nice to go over some of the other util.c functions, and check
that we still use them all, and that we use them in more than one place.
Andrew Bartlett
(This used to be commit d0ea70fce55df9a5b5878f50fce7bc115ffb37c2)
|
|
(This used to be commit 5512618d3493a04c84a43beaa752c307bce146fc)
|
|
from 2.2 format) and LDAP rebind support (untested, I don't have a setup
to match).
Andrew Bartlett
(This used to be commit 4f7ba78c9d50ac584497dcf1d78ce613112742d4)
|
|
while deleting a record. This leaves us with a non-free record on the
free list.
(This used to be commit e99b6a2b91e4022ce0a9a14415df71314b5e013f)
|
|
Jeremy.
(This used to be commit d4dbb9cb1338332bda3651dc4b86abcf47e9c2d2)
|
|
licensed under the GPL.
(This used to be commit aa3ec7618fe39ddc75755098433572b271197af4)
|
|
condition, as we look for the entry before locking the chain - thus
someone else could have legitimately deleted it.
Jeremy.
(This used to be commit bd64a291a8df63a6e0f9e166ad9ea7d92adbb4d5)
|
|
another smbd and an incoming SIGUSR1 message arrived we'd break out of
the wait early - as we have to use sys_select() to wait for an oplock
response message, not sys_select_intr() (which ignores EINTR errors)
because of the real time signal kernel interface.
Jeremy.
(This used to be commit 3bb26957e3e7fb5059d21115546d189eaca34646)
|
|
(This used to be commit 5b3b65aafe38e767e9b7206ffe6d7c89edb267ba)
|
|
(This used to be commit d222bc8c4b620095a21ba327940d4750d5dee753)
|
|
(This used to be commit efb119fb88a511e026239773422242fff636ae13)
|
|
(This used to be commit ae5d24873ad0fb3df970cc9912e18e6a5067ae2d)
|
|
locking and tdb traversal using python callbacks.
(This used to be commit f3530fd6180bb78a58a3f41ac1389c9f0ba7b183)
|
|
Jeremy.
(This used to be commit fda7a11b093315a77ca1199119b5421a029ee883)
|
|
Jeremy.
(This used to be commit 174df5d914b149e52bf260e6502f2436c2720958)
|
|
(This used to be commit 2424578c298ea11f67415bcfe2928353cd95819b)
|
