summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2008-10-25Add proxied named pipe supportVolker Lendecke2-29/+146
This is a central piece of the "merged build" thing: Forward named pipes from samba3 to samba4. This patch is not finished yet, as we will have to forward the smb-level authentication information to samba4, but I'm pushing this patch already to demonstrate the implementation without clutter. It adds an intermediate parameter np:proxy = srvsvc samr winreg wkssvc ... and so on that states which of the pipes should be forwarded to the s4 unix domain socket DEFAULT. The parameter is intermediate because once we have a proper endpoint mapper implementation, this information will be retrieved out of a database. If anybody wants to try this, do the merged build and configure s4 with server services = samba3_smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl samba3:smbd = /data/inst/sbin/smbd and s3 with auth methods = guest netlogond np:proxy = srvsvc samr winreg wkssvc netlogon ntlsa ntsvcs lsass lsarpc netdfs \ rpcecho initshutdown epmapper svcctl eventlog drsuapi Then run rpcclient against samba4. It will fork s3, which authenticates against s4, and then forwards the rpc requests to s4. Volker
2008-10-25Move the is_known_pipename check into np_openVolker Lendecke3-21/+16
2008-10-25Add str_list_check[_ci] to s3's proto.hVolker Lendecke1-0/+3
Jelmer, when I include lib/util/util.h into some s3 file I get errors, this is why I put those prototypes here as a workaround. Might be fixed differently later.
2008-10-25Fix "make etags" -- the args list gets really long for s4 with the prefixVolker Lendecke1-1/+34
2008-10-25Remove "pipe_handle_offset" -- pipes now use "struct files_struct"Volker Lendecke3-22/+0
2008-10-24Error return is False, not -1Derrell Lipman1-3/+3
- There were a few places in SMBC_getatr() that returned -1 instead of a boolean. -1 was intended to mean error, but that's what False is for, and the usages of this function assume that it returns a boolean with False as the error condition. Derrell
2008-10-24Revert Samba3 back to using its own charset handling code.Jelmer Vernooij1-1/+1
2008-10-24Remove more uses of global_loadparm.Jelmer Vernooij1-1/+1
2008-10-24Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij11-95/+280
2008-10-24Fix merged build paths.Jelmer Vernooij2-2/+2
2008-10-23s3: fix simple "incompatible pointer type" build warningTim Prouty1-1/+1
2008-10-23Fix "ndr_size_PAC_LOGON_INFO defined but not used" build warningTim Prouty2-6/+1
This patch removes the gensize option from krb5pac.idl because it generates an unused function that has been causing warnings during the s3 build. I re-ran 'make samba3-idl' to update the generated files for s3. For s4 I ran a full build with no problems.
2008-10-24netapi: make sure to always cleanup after testing NetUser calls.Günther Deschner1-0/+4
Guenther
2008-10-24netapi: add more group tests to netapitest.Günther Deschner1-3/+220
Guenther
2008-10-24s3-samr-server: return NT_STATUS_NOT_SUPPORTED for group rename.Günther Deschner1-0/+3
Guenther
2008-10-24s3-samr-server: remove unused historic code.Günther Deschner1-60/+0
Guenther
2008-10-24svcctl: move some non-rpc related bits out of rpc_svcctl.h.Günther Deschner3-23/+49
Guenther
2008-10-23Fix prototype for set_sockaddr_port.Jelmer Vernooij2-2/+2
2008-10-23Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij1-1/+0
2008-10-23Fix "parameter has incomplete type" build warning.Tim Prouty1-1/+0
When libcli-util was moved to the top level (3be0f6ea56ed8e43cd287ed020e942efb675b87b) it introduced a build warning. Since ndr_map_error2ntstatus depends on the definition of enum ndr_err_code and libndr.h can't be easily included in error.h, I moved the definition of enum ndr_err_code to libndr.h. This also eliminates the need for the duplicate definition in proto.h
2008-10-23Move set_sockaddr_port to libutil.Jelmer Vernooij1-12/+0
2008-10-23Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij2-4/+6
2008-10-23Use common net utility code (address and sockaddr manipulation).Jelmer Vernooij9-409/+21
2008-10-23s3-build: add missing generated svcctl changes.Günther Deschner2-4/+6
Guenther
2008-10-23Use sockaddr_storage only where we rely on the size, use sockaddrJelmer Vernooij17-115/+118
otherwise (to clarify we can also pass in structs smaller than sockaddr_storage, such as sockaddr_in).
2008-10-23Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij2-70/+8
2008-10-23Use libutil genrand.Jelmer Vernooij4-225/+6
2008-10-23s3-build: remove duplicate svcctl bits and re-run make samba3-idl.Günther Deschner2-70/+8
Guenther
2008-10-23Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij1-0/+3
2008-10-23Make use of a large buffer for smbclient put commandVolker Lendecke1-0/+3
2008-10-23Import talloc_stack into util library.Jelmer Vernooij4-189/+3
2008-10-23Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij4-1/+1
2008-10-23Share codepages.Jelmer Vernooij4-1/+1
2008-10-23Use WERR_FILE_EXISTS which is the equivalent of WERR_ALREADY_EXISTSJelmer Vernooij6-6/+6
previously present in Samba 3.
2008-10-23Use common error definitions.Jelmer Vernooij11-999/+8
2008-10-23s3-build: fix another build warning with the new ASN1 code.Günther Deschner1-2/+5
Guenther
2008-10-23netapi: fix add_GROUP_USERS_INFO_X_buffer.Günther Deschner1-4/+12
Guenther
2008-10-23netapi: fix NetUserGetGroups_r returning partial results.Günther Deschner1-2/+3
Guenther
2008-10-23s3-samr-server: unify callback convention: _samr_UserSetInfo.Günther Deschner1-34/+19
Guenther
2008-10-23s3-samr-server: unify callback convention: _samr_QueryDomainInfo.Günther Deschner1-32/+18
Guenther
2008-10-23s3-samr-server: fix return code in _samr_QueryDisplayInformation.Günther Deschner1-1/+1
Guenther
2008-10-23Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij3-3/+5
2008-10-23Remove unused copy of tables.plJelmer Vernooij1-89/+0
2008-10-23Remove unused copy of ndrdump.c.Jelmer Vernooij1-445/+0
2008-10-23s3-build: fix some const build warnings.Günther Deschner1-2/+2
Guenther
2008-10-23netapi: NetGroupEnum_r needs to handle servers with no groups.Günther Deschner1-1/+1
Guenther
2008-10-23s3-samr-server: _samr_DeleteUser needs to wipe out the user_handle on success.Günther Deschner1-0/+2
Guenther
2008-10-22s3-samr-server: fix access check in _samr_QuerySecurity().Günther Deschner1-1/+1
Guenther
2008-10-22s3-build: fix the build.Günther Deschner1-2/+2
Guenther
2008-10-22Fix net rpc vampire, based on an *amazing* piece of debugging work by ↵Jeremy Allison5-45/+50
"Cooper S. Blake" <the_analogkid@yahoo.com>. "I believe I have found two bugs in the 3.2 code and one bug that carried on to the 3.3 branch. In the 3.2 code, everything is located in the utils/net_rpc_samsync.c file. What I believe is the first problem is that fetch_database() is calling samsync_fix_delta_array() with rid_crypt set to true, which means the password hashes are unencrypted from the RID encryption. However, I believe this call is redundant, and the corresponding call for samdump has rid_crypt set to false. So I think the rid_crypt param should be false in fetch_database(). If you follow the code, it makes its way to sam_account_from_delta() where the password hashes are decrypted a second time by calling sam_pwd_hash(). I believe this is what is scrambling my passwords. These methods were refactored somewhere in the 3.3 branch. Now the net_rpc_samsync.c class calls rpc_vampire_internals, which calls libnet/libnet_samsync.c, which calls samsync_fix_delta_array() with rid_crypt always set to false. I think that's correct. But the second bug has carried through in the sam_account_from_delta() function: 208 if (memcmp(r->ntpassword.hash, zero_buf, 16) != 0) { 209 sam_pwd_hash(r->rid, r->ntpassword.hash, lm_passwd, 0); 210 pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED); 211 } 212 213 if (memcmp(r->lmpassword.hash, zero_buf, 16) != 0) { 214 sam_pwd_hash(r->rid, r->lmpassword.hash, nt_passwd, 0); 215 pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED); If you look closely you'll see that the nt hash is going into the lm_passwd variable and the decrypted value is being set in the lanman hash, and the lanman hash is being decrypted and put into the nt hash field. So the LanMan and NT hashes look like they're being put in the opposite fields." Fix this by removing the rid_crypt parameter. Jeremy.