summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2003-07-19Fix StrCaseCmp() to avoid calling smb_panic() on invalid multibyte strings.Andrew Bartlett1-11/+24
This fix results in - we no longer use fixed-size buffers in StrCaseCmp (previously limited to a pstring) - we return strcmp(s, t) if either of the strings is invalid - for non-ascii cases, we call iconv twice, not 4 times. The basic idea with this fix is that if a string is not valid in the currnet charset, then (unless it is byte-equivilant) it cannot be case-equivilant to any other string. This should address the majority of our smb_panic() cases on this matter. It will not fix them all - we still call unix_strupper(), aka strupper_m() elsewhere, but this was being called on every file in the directory when we performed unix_convert(). Tested with the stf unit tests for this routine. Andrew Bartlett (This used to be commit 9918fa73145a22b1d7adf001f0a9cf0e1bda4136)
2003-07-19According to the result of voting, net has default debug level withRafal Szczesniak1-3/+12
ability to change it by command line instead of turn-off cmdline switch for debug messages. It's a bit more comfortable to use now. (This used to be commit b65fe75bec8170ad48d1ad0a9017ccc4de651eba)
2003-07-18Fix memleakVolker Lendecke1-1/+1
(This used to be commit 228fe54f0d65b895bef9e095ad996a48edf964df)
2003-07-18Fix two memleaks in pdb_ldap.c.Volker Lendecke2-1/+13
Whoever put the private.backend_private_data_free_fn thingy into SAM_ACCOUNT, could you please revisit my change to pdb_get_set.c and comment on my comment there? Thanks, Volker (This used to be commit 922ec277d1c80b5532f5cac0ee99ae7cd20f83f1)
2003-07-18make sure we don't allow the creation of directories containingAndrew Tridgell1-1/+5
wildcard characters. I've only put this in mkdir at the moment, but I suspect this will apply to all places that can create new filenames. We need to allow the opening of existing filenames that contain wildcards, but not allow the creation of new ones. (This used to be commit 2fd5569938b8970f3e9d761eecad5bc0b8bb267e)
2003-07-18this fixes a bug where Samba would under some circumstances returnAndrew Tridgell1-1/+7
incomplete directory listings. The problem was the exact_match optimisation that short circuited directory listings on exact matches. This optimisation doesn't work when the unix filename contains Microsoft wildcard characters. (This used to be commit 84cee2c3fcc34fe6356e842821a5f0a361477637)
2003-07-18Uninstall modules as part of uninstall. Partial fix for 236.Tim Potter1-1/+1
We still don't uninstall swat or the man pages properly. (This used to be commit 90157b9bd3d4122e647faa48b17a44d63b07e32e)
2003-07-18fixed the pstrcpy() bug in directory recursion properlyAndrew Tridgell1-1/+2
(This used to be commit 132d6fdf635eb2bf2a1afd6e850d0f6967260f84)
2003-07-18Signing so far... the client code fails on a SMBtrans2 secondary transactionJeremy Allison6-72/+159
I think (my changes haven't affected this I believe). Initial support on the server side for smbclient. Still doesn't work for w2k clients I think... Work in progress..... (don't change). Jeremy. (This used to be commit e5714edc233424c2f74edb6d658f32f8e0ec9275)
2003-07-17Formatting tidyups to match the rest of the source.Jeremy Allison1-23/+33
Jeremy. (This used to be commit 86c5ebcf8f5eb57e9885627b3da4e486ee3f62d9)
2003-07-17Disconnect an idle LDAP connection after 150 seconds.Volker Lendecke2-1/+46
Not strictly a bugfix, but it should considerably reduce the load we put on LDAP servers given that at least nss_ldap on Linux keeps a connection open. And it should also stress our reconnect-code a bit more ;-) Thanks to metze for this! Volker (This used to be commit e68d8eabeb9c64dc45d057619f9b3dd0cd507444)
2003-07-17Ban getgrouplist on linux glibc systems with glibc <= 2.3.Volker Lendecke1-1/+33
This segfaults when you have to many group membership entries in /etc/group. Fixed in glibc CVS end of April 2003. Volker (This used to be commit 61bfdf0b12457689b08c19a6269259abf3d15410)
2003-07-17Fix for bug 222 from Marcin Owsiany.Tim Potter1-0/+5
Don't get stuck in an infinite loop listing directories recursively if the server returns an empty directory name. This can happen with incorrect i18n configuration on a Samba server. (This used to be commit f93a2831f1b4e5751ca86d46a6e5ede9adf660cb)
2003-07-17Don't use pstrcpy on non-pstrings.Tim Potter1-1/+1
(This used to be commit 3498624d941fe200b06f114ece3373d4c4cfb2d1)
2003-07-17In the presense of RPC fragments, schannel is not strictly request/reply,Andrew Bartlett2-10/+0
so the shared sequence number will not be strictly odd/even. Andrew Bartlett (This used to be commit 77c3e69aef545d3f9b7cec9efdc366cbeb0c745e)
2003-07-17Correctly toggle the signing state to what it was previosly when sendingJeremy Allison2-15/+13
an oplock break. Jeremy. (This used to be commit 9515de83a864250c417cf490b7be714c8e1e127e)
2003-07-17Don't allow read/write raw when signing is active.Jeremy Allison1-0/+8
Jeremy. (This used to be commit 8d2a848052df03dad7bfeb5e7be96f8e9a509bbf)
2003-07-17Putting the framework for server signing in place. Ensure we don't useJeremy Allison3-6/+89
sendfile when signing (I need to add this for readbraw/writebraw too...). Jeremy. (This used to be commit f2e84f1ba67b13ff29e24a38099b559d9033a680)
2003-07-16Refactor signing code to remove most dependencies on 'struct cli'.Jeremy Allison5-110/+143
Ensure a server can't do a downgrade attack if client signing is mandatory. Add a lp_server_signing() function and a 'server signing' parameter that will act as the client one does. Jeremy (This used to be commit 203e4bf0bfb66fd9239e9a0656438a71280113cb)
2003-07-16Add API framework for server SMB signing.Jeremy Allison5-86/+128
Jeremy. (This used to be commit 61fc9a7b2eafdf8cbed1f8d9aae016b828c91a08)
2003-07-16Add krb5_princ_component to Heimdal. Remove cli_ from mark packet signed.Jeremy Allison3-5/+33
Jeremy. (This used to be commit dd46f8b22d6e8411081a1279e1cd32929e40370b)
2003-07-16Reformatting fixes to bring in line with the rest of the source.Jeremy Allison1-338/+325
Jeremy. (This used to be commit 3c11d9362379f16bb0d14449f64e731efad97ffe)
2003-07-16adding command for moving a record from one tdb to anotherGerald Carter1-0/+55
(This used to be commit d0d85dd49c41c55e086714a45990d5cd6c36fa10)
2003-07-16make tdbtool deal with NULL and non-NULL terminated keysGerald Carter1-4/+14
(This used to be commit 5df7b9a3efaf5b7828d0405bc14504d14d9e833a)
2003-07-16Fix memleakVolker Lendecke1-1/+4
(This used to be commit 42a59d691019ee328920be25a1c505037f74151f)
2003-07-16typoVolker Lendecke1-1/+1
(This used to be commit 09e00970d4b3ec80467a4a292c39650d6c945847)
2003-07-16Spelling.Tim Potter5-12/+12
(This used to be commit 2750418752e491c5e87f0f2adf253291e31ee4c2)
2003-07-16removing outdated scriptsGerald Carter2-91/+0
(This used to be commit b47b6f5825753b4ad130cdd372dbd023f78d3fd9)
2003-07-16Fix up our auth_pipe code to always cope with fragmented datagrams,Andrew Bartlett1-64/+41
in both SCHANNEL and NTLMSSP. (Try not to deal with a general case as individual special cases...) Andrew Bartlett (This used to be commit 6ca77bd28f16f9f65ff40bf8996e39356de5b4f8)
2003-07-16fix typo in debug logGerald Carter1-1/+1
(This used to be commit 074da426708555de082d0c2e5ae3a5cddaadcdf4)
2003-07-16fixes for 'net rpc vampire'. I can now take a blank Samba hostGerald Carter5-66/+47
and migrate an NT4 domain and still logon from domain members (tested logon scripts, system policies, profiles, & home directories) (passdb backend = tdbsam) removed call to idmap_init_wellknown_sids() from winbindd.c since the local domain should be handled by the guest passdb backend (and you don't really always want the Administrator account to be root) ...and we didn't pay attention to this anyways now. (This used to be commit 837d7c54d3ca780160aa0d6a2f0a109bb691948e)
2003-07-16Volker's patch for open_socket_out() to speed up connectionsGerald Carter1-3/+8
(This used to be commit 7d63b690004a59316a70059db0d9ad0ea9001288)
2003-07-16Fix from Dragan Krnic for handling files in tar archives > 8GB.Tim Potter1-0/+10
Fixes bug 102. (This used to be commit b54183a7b23d1046faad0890de3fdda3df0fec88)
2003-07-15Added the "required" keyword to the "client signing" parameter to force itJeremy Allison7-20/+58
on. Fail if missmatch. Small format tidyups in smbd/sesssetup.c. Preparing to add signing on server side. Jeremy. (This used to be commit c390b3e4cd68cfc233ddf14d139e25d40f050f27)
2003-07-15Add a cli_ prefix to a few functions to ensure everything that takes a ↵Jeremy Allison1-10/+10
struct cli_state is so marked. Jeremy (This used to be commit 0b8724ed65799f94f2af5d1dbb9ba20f1bac53a7)
2003-07-15fix schannel processing on fragmented PDUs. 'net rpc vampire' works again.Gerald Carter1-1/+1
(This used to be commit ff0c71148e405eeb49efbc51461325c7f2207433)
2003-07-15Fix memleakVolker Lendecke1-0/+2
(This used to be commit 517bb4d0df4cd120ef0ffc3cd879897971f0982e)
2003-07-15We should report if a group mapping fails. This should fix bug#225.Volker Lendecke1-3/+1
Jerry, this is assigned to you. Do you want to answer it? However, we have to decide what to do if a mapping is to be done for a unix group not in LDAP.... Volker (This used to be commit bf449d467cfe4987df17010490a16ab0472c0803)
2003-07-15Add support for MSG_SMB_CONF_UPDATED and MSG_SHUTDOWN to all daemons (smbd, ↵Alexander Bokovoy3-9/+59
nmbd, winbindd). Reviewed by jerry and tridge. (This used to be commit 02c5e2fc6f0721ebd82a9e6a2b34190607de55fe)
2003-07-15Fix memleaksVolker Lendecke1-1/+6
(This used to be commit 26134ac302f3296df6a65182f2585201a3ad833a)
2003-07-15Fix memleakVolker Lendecke1-1/+3
(This used to be commit 6770d69942a8841fb25448a8a238af7987ec860c)
2003-07-15Jim, could you please look at this? smbpasswd -a <username> was brokenVolker Lendecke1-2/+2
for me without this patch. I'm not sure if I interpreted your patch to this code right. Thanks, Volker (This used to be commit 46ec022f873416d2258fc8d84430b17319dce70f)
2003-07-15Accept --with-expsam=no as valid option (do nothing on it). Simplifies ↵Alexander Bokovoy1-0/+2
automatic option generation for spec files (This used to be commit 4042d965f26d8cc056792df50d0a2a6f3f640e50)
2003-07-15Add mandir to installdir target. Otherwise installman fails for clean DESTDIRAlexander Bokovoy1-1/+1
(This used to be commit bb31276c3dfd10bfbc41b7e77e1e1aca1f051453)
2003-07-15remove -B and default to dual-daemon mode (-Y to run as a single process)Gerald Carter1-2/+2
(This used to be commit 369a914ebefd5625af19b76d71b502e5e13a7147)
2003-07-15make sure to fallback to rid algoruthm for users not in smbpasswd (e.g. ↵Gerald Carter1-7/+17
force user = foo) (This used to be commit 399799c68cbc91cb3908b0d83ee4f51fa3bf3023)
2003-07-14fix cache coherency bug in print handle print_info_2 cache.Gerald Carter3-19/+48
Needs to be rewritten to use a reference counter, but this will work for now. also the memory allocation in the printing code needs to be cleaned up to use talloc exclusively. (This used to be commit 3d293027563b36411b7f84ed9d8f47f926271c6f)
2003-07-14Fix compile error noticed by Ken Cross, use the utility function insteadAndrew Bartlett1-14/+4
of an inline replacement... Andrew Bartlett (This used to be commit d941255a97fc6d0d62eae1602075b1aa0481cde5)
2003-07-14Fix SMB signing when using NTLMSSP...Andrew Bartlett2-93/+8
It's so simple now I know how it works - and it has nothing to do with NTLMSSP (it's just a slightly different use of the old algorithm). :-). Note: This is actually less secure then the non-NTLMSSP code, as there is no per-session random data included for NTLM logins. (NTLMv2 is better, fortunetly). Andrew Bartlett (This used to be commit 95ec8317d4c6817d192bcd52eec44a22286e10ee)
2003-07-14Jeremy requested that I get my NTLMSSP patch into CVS. He didn't requestAndrew Bartlett16-812/+1272
the schannel code, but I've included that anyway. :-) This patch revives the client-side NTLMSSP support for RPC named pipes in Samba, and cleans up the client and server schannel code. The use of the new code is enabled by the 'sign', 'seal' and 'schannel' commands in rpcclient. The aim was to prove that our separate NTLMSSP client library actually implements NTLMSSP signing and sealing as per Microsoft's NTLMv1 implementation, in the hope that knowing this will assist us in correctly implementing NTLMSSP signing for SMB packets. (Still not yet functional) This patch replaces the NTLMSSP implementation in rpc_client/cli_pipe.c with calls to libsmb/ntlmssp.c. In the process, we have gained the ability to use the more secure NT password, and the ability to sign-only, instead of having to seal the pipe connection. (Previously we were limited to sealing, and could only use the LM-password derived key). Our new client-side NTLMSSP code also needed alteration to cope with our comparatively simple server-side implementation. A future step is to replace it with calls to the same NTLMSSP library. Also included in this patch is the schannel 'sign only' patch I submitted to the team earlier. While not enabled (and not functional, at this stage) the work in this patch makes the code paths *much* easier to follow. I have also included similar hooks in rpccleint to allow the use of schannel on *any* pipe. rpcclient now defaults to not using schannel (or any other extra per-pipe authenticiation) for any connection. The 'schannel' command enables schannel for all pipes until disabled. This code is also much more secure than the previous code, as changes to our cli_pipe routines ensure that the authentication footer cannot be removed by an attacker, and more error states are correctly handled. (The same needs to be done to our server) Andrew Bartlett (This used to be commit 5472ddc9eaf4e79c5b2e1c8ee8c7f190dc285f19)
generated by cgit (git 2.34.1) at 2024-08-03 16:00:07 +0000