Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy.
(This used to be commit 4fdd45f3ccde89e2ed022f7bfd91c225af6f161b)
|
|
Jeremy.
(This used to be commit 9f5405d425b2391ccddd919835c9c07cf4b9bf16)
|
|
The problem is we were trying to use mask_match as a generic
wildcard matcher for UNIX strings (like the password prompts).
We can't do that - we need a unix_wild_match (re-added into lib/util.c)
as the ms_fnmatch semantics for empty strings are completely wrong.
This caused partial reads to be accepted as correct passwd change
responses when they were not....
Also added paranioa test to stop passwd change being done as root
with no %u in the passwd program string.
Jeremy.
(This used to be commit 9333bbeb7627c8b21a3eaeae1683c34e17d14bf0)
|
|
interestingly, this shows that w2kp-jp and w2kp have the *same* case
equivalence table, but it is not the same as the Samba one.
(This used to be commit b97fbfcd7cfbafc40b4be558fb8d6e86ad656cb0)
|
|
other access. Problem was max time was being set to 0xffffffff, instead of
0x7fffffff.
Jeremy.
(This used to be commit 94403d841710391ec26539e4b4157439d5778ff7)
|
|
equivalence table for a server. This was inspired by the chargen win32
code from monyo.
This takes a *long* time to run against a Samba server due to the case
insensitive comparisons in the filesystem. That makes it a N^2
operation, and N is 64k. It is linear on NT.
(This used to be commit 441f9415b365787854fb0d3e04d1ea4938d7af73)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
(This used to be commit f9eb370806002eea0658f072988d96fca71bf18f)
|
|
(This used to be commit 9efa93556e3ed444b075a06d2706111b89a0e099)
|
|
(This used to be commit 70b7c900c907c4620faa7d82845296298b3820ff)
|
|
- move the arbitrary 21 day timeout to local.h
(This used to be commit 11075f543470c3283accce0246d0b2983420695a)
|
|
(This used to be commit 90dcbe16be065e2113fba1d3cee28f40be1bb86c)
|
|
need modifying
that makes constant strings OK
(This used to be commit 57196635d9b7edfcbfe1708dd22308ab30c02240)
|
|
in smbclient. Done. I had a little trouble because the "!" command is
a special case and must be listed last. Awkward.
Chris -)-----
(This used to be commit 14bfd9107a9c875c54e281262f8061c20a5e9398)
|
|
(This used to be commit 7802bc94e78932d24eb6658edc14d0d051246208)
|
|
(This used to be commit 663c1c91bdd020e2e8266d25909db12b28fbb7d8)
|
|
(This used to be commit 05910483351e9ef6375e4c49403ebe21b56315a9)
|
|
(This used to be commit c308459bda3f3036c305ee7b9307f740aec66811)
|
|
(This used to be commit d3cb139aff9d232b4d70b197e806759b6fbada3b)
|
|
(This used to be commit a91777fb4711bfffafa96e0393ad8159b30a8853)
|
|
(This used to be commit 5ab220efd7a1532e11370cb0fc9854d610a7f3d7)
|
|
first tests show it still does not work.
work in progress...
(This used to be commit a4c746ac474e2e4cead78076ffe2109fab74aefe)
|
|
this is because some platforms such as HP-UX do not have any msgfmt
command.
if someone updates po file,
then he has to update gmo files manually and commit.
(This used to be commit ca350fdf0343b0bc5e78a35a7a2345ada8aca410)
|
|
Of particular note is the change to pdb_free_sam() to take its sam argument by
reference, allowing it to be NULLified by the SAFE_FREE() macro, and the
changed to local_password_change() both to make it work and to remove the
duplicate code that caused so much breakage over the last few days.
- Small change in behaviour: when LOCAL_ADD_USER is set, the user doesn't
actually exist locally but does exist in the passdb we don't attempt to do a
GetPwnam(). (How the entry got there is another matter, and most passdbs won't
allow this anyway).
Andrew Bartlett
(This used to be commit 6b45e342fd1ed82d7f5bd613048fe862a6a6f2a1)
|
|
The big one is a global change to allow us to NULLify the free'ed pointer to a
former passdb object. This was done to allow idra's SAFE_FREE() macro to do
its magic, and to satisfy the input test in pdb_init_sam() for a NULL pointer
to start with.
This NULL pointer test was what was breaking the adding of accounts up until
now, and this code has been reworked to avoid duplicating work - I hope this
will avoid a similar mess-up in future.
Finally, I fixed a few nasty bugs where the pdb_ fuctions's return codes were
being ignored. Some of these functions malloc() and are permitted to fail.
Also, this caught a nasty bug where pdb_set_lanman_password(sam, NULL) acheived
precisely didilly-squat, just returning False. Now that we check the returns
this bug was spotted. This could allow different LM and NT passwords.
- the pdbedit code needs to start checking these too, but I havn't had a
chance to fix it.
I have also fixed up where some of the password changing code was using the
pdb_set functions to store *internal* data. I assume this is from a previous
lot of mass conversion work...
Most likally (and going on past experience) I have missed somthing, probably in
the LanMan password change code which I havn't yet been able to test, but this
lot is in much better shape than it was before.
If all this is too much to swallow (particularly for 2.2.2) then just adding a
sam_pass = NULL to the particular line of passdb.c should do the trick for the
ovbious bug.
Andrew Bartlett
(This used to be commit 762c8758a7869809d89b4da9c2a5249678942930)
|
|
(This used to be commit d38bc1dceccaa4cbdaf3ac4d561225229161714a)
|
|
warnings)
(This used to be commit b648cc669d16eb40b477c8dc51efeab485a15de5)
|
|
to support 2.0.x style WIn9x driver download.
(This used to be commit d0628d0d2d5f5366179d2508456ae06ce3879be3)
|
|
Jeremy.
(This used to be commit 4c5158d1e5620ccc3f2812a3fbedcb60a67caecc)
|
|
error in here...
Now you can change local passwords again. There is stil somthing broken about
remote (via windows/sampasswd) password changing.
I shall have to revise my testing, I honestly don't know how this slipped
through the net.
MERGE for 2.2.2.
Sorry,
Andrew Bartlett
(This used to be commit 1f83184f881d0cabb698947660a12f729e625fae)
|
|
these yesterday ?).
Jeremy.
(This used to be commit e25dc68843ed10d8454cb8166c39ff4b2e6a4159)
|
|
Jeremy.
(This used to be commit 76fac3eb945c7ced28c5685849d3616bb7c89ca2)
|
|
Jeremy.
(This used to be commit 65bf4a36ef5967b0844ab985d7b3ea31138dd4c5)
|
|
"Always compile before commit" :-((
Volker
(This used to be commit 69a3277fc5be35536168ba195968b8b76f0b5954)
|
|
store mangled filename in dos charset and unmangled in unicode.
clean ups
still lot to do.
againg compiled but not yet tested.
(This used to be commit 2d1aabb6d4bf23985a9ce0f7e065292aacedc80a)
|
|
to use the pdb_ formatting functions.
Similarly, it now uses pdb_set...() rather than accessing passdb members
directly.
Andrew Bartlett
(This used to be commit e3b7cac47f4fd9dff289a367ef6649b14c117d17)
|
|
(This used to be commit 758d923fa183b50acab9928e402f17bd25ba8f41)
|
|
- call pdb_reset_sam() after each getent call.
Fix bug in get_group_alias_entries(), were if num_entries was zero this caused
talloc() to return NULL, failing a test below with NT_STATUS_NO_MEMORY.
Fix pdb_reset_sam() to correctly initalise the sam structure.
Move default value code into a single place, likewise for sam freeing code.
- should make things easier if we decide to malloc other strings, or get more
non-zero default values.
Finally, add a function in init a sam struct from a getpwnam() return.
Andrew Bartlett
(This used to be commit a41fb44f5e90cf8734d57217e836e14f4a80bd47)
|
|
(This used to be commit 57e639bbdd115b51362caf7e3db4ba34ccdeddc2)
|
|
(This used to be commit 2f44756233e2655856f003bb15c3898118756b98)
|
|
(This used to be commit efc6df5a3914da9e7b792ccaccd1403c72c09f78)
|
|
Volker
(This used to be commit 50ea73426f58070859bbbe769c8353a11ff33dc9)
|
|
(This used to be commit 247b9c3eba78f0ddd26d836e5e18f6630bf302c7)
|
|
Fix the NT errror codes, this time in line with WinXP/2k.
- Return the normal error codes, expect for bad user/bad password. These map
to logon failure, as a quick security hack. We follow suit.
Simplfy some of the password extraction code, the auth subsytem has the
intelegence to sort this stuff out, no need to do it here.
Move to 'global_encrypted_passwords_negotiated' to determine the use of
unencrypted hacks, replacing the current mess.
Andrew Bartlett
(This used to be commit c04f063573c61d8ef3f43815bbb9b6b076dc23eb)
|
|
just like any other logon. Matching code removal in reply.c to follow.
Andrew Bartlett
(This used to be commit da4873d889928e9bd88e736e26e4e77e87bcd931)
|
|
first.
Add password expiry and 'must change before first logon' support.
- This requires that the passdb be up to the job to supply the info.
(This used to be commit 53c1c5091ea4e3ccc294f8b6f132be78c11c431f)
|
|
This whole area needs to be cleaned up. Should this kind of passowrd
change/check be permitted with encrypt passwords = yes?
In any case I've also had trouble testing this, as I can't find the right
software/configuration to exersise this behaviour. But its better than the
previous situation. Any assistance greatly appriciated.
Andrew Bartlett
(This used to be commit 37655b42897031f754d436435e64a2548de756b5)
|
|
(This used to be commit ce676f8bfc6222df1e05b164420efab30eb1b2e1)
|
|
decode_pw_buffer() and the samr password changing routines.
And yes, I know that we can lost some information in the Unicode->UTF->Unicode
bit of this, but its worth the code cleanup.
This also takes into account the possability of multibyte passwords.
Andrew Bartlett
(This used to be commit 42402c87d6bcff71b700e497b74d2600d7ce8b95)
|
|
Merge for 2.2.2
Should TDB cope with TDB pointers itself?
Andrew Bartlett
(This used to be commit 27f0510a0b458792293d5ce2957f61383569f62f)
|