| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
| |
manpage, fix a typo in the text, add an example for anonymization usage."
This reverts commit abfdb52b60e84980d22e6c6c3479e67e20311b12.
|
|
|
|
| |
This reverts commit 9953885d0be6a2477f5fd29940f3f1d6a7136cf4.
|
|
|
|
|
|
| |
loses inheritance", based on"
This reverts commit 5d2d94b46bd2ab03e2f83036b4d7fa3e401c3458.
|
|
|
|
| |
This reverts commit fac5f4c8421b371b22d337853f1f8241c3bdbc5b.
|
|
|
|
| |
This reverts commit ec9f180390852a9356df11412bc7478f48f52b43.
|
|
|
|
| |
This reverts commit 520dcfffe78bb079bbdad6de5a4cdc392527f4b8.
|
|
|
|
|
|
| |
acesses old server."
This reverts commit f3b0e219f1a7660ff275db701935eecbe053fa25.
|
|
|
|
|
|
| |
pull_ucs2_base_talloc()."
This reverts commit 01fd94981e322da59ac2c00055220c89de135ebe.
|
|
|
|
| |
This reverts commit feb057d4503118e519b5dbd9d2c3ca2c1ee55380.
|
|
|
|
| |
This reverts commit afed4929f9c707fb72b0e8dd12b1a1e8dcab9a84.
|
|
|
|
| |
This reverts commit f8d4596ec2b8f35dd3cc05aa7ee356abb9c0920b.
|
|
|
|
| |
This reverts commit 1d86b5e003effb4bb56ef9b0444da63a909fbc3c.
|
|
|
|
| |
This reverts commit ddba89d7713923bfbf1c8492c5dc6c6d5b220f1e.
|
|
|
|
| |
This reverts commit 042e50f8709cfbe45d5b184cb3c4fe1b16bdc3b0.
|
|
|
|
| |
This reverts commit 369fecaeb2470a1f7e68417ccdddb61334e37d92.
|
|
|
|
|
|
| |
by "Cooper S. Blake" <the_analogkid@yahoo.com>."
This reverts commit 61046225de8a4cd77e94d8c5c4a8f510bc11b79e.
|
|
|
|
|
|
| |
on success."
This reverts commit ae01a98d49be39c258e479d610fa2e58ea2b6c62.
|
|
|
|
| |
This reverts commit b339f17132b18edad52b4c2f6b348e4b8d789bcb.
|
|
|
|
| |
This reverts commit 96b35c32ae99d74608ad95d063629554fee77979.
|
|
|
|
| |
This reverts commit fd93db7084fdb5899fb823046b9d6ed1d05221c7.
|
|
|
|
|
| |
Karolin
(cherry picked from commit 71de4d58bb2aea6a98e94055387ef6671aa64410)
|
|
|
|
|
| |
Guenther
(cherry picked from commit 25cb282f7042e8192c0bc6d720df0646b74e9a47)
|
|
|
|
|
|
| |
checks for all SAMR calls.
Jeremy.
(cherry picked from commit b848f96d747fb41c074dd073f24f186539257d71)
|
|
|
|
|
|
| |
Guenther
(cherry picked from commit 8a0054c6d273049bea235803db25912f6cf03610)
(cherry picked from commit 40a904ee021e4c9390235f1d476bc37b87ac9b70)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"Cooper S. Blake" <the_analogkid@yahoo.com>.
"I believe I have found two bugs in the 3.2 code and one bug that
carried on to the 3.3 branch. In the 3.2 code, everything is
located in the utils/net_rpc_samsync.c file. What I believe is the
first problem is that fetch_database() is calling
samsync_fix_delta_array() with rid_crypt set to true, which means
the password hashes are unencrypted from the RID encryption.
However, I believe this call is redundant, and the corresponding
call for samdump has rid_crypt set to false. So I think the
rid_crypt param should be false in fetch_database().
If you follow the code, it makes its way to sam_account_from_delta()
where the password hashes are decrypted a second time by calling
sam_pwd_hash(). I believe this is what is scrambling my passwords.
These methods were refactored somewhere in the 3.3 branch. Now the
net_rpc_samsync.c class calls rpc_vampire_internals, which calls
libnet/libnet_samsync.c, which calls samsync_fix_delta_array() with
rid_crypt always set to false. I think that's correct. But the
second bug has carried through in the sam_account_from_delta()
function:
208 if (memcmp(r->ntpassword.hash, zero_buf, 16) != 0) {
209 sam_pwd_hash(r->rid, r->ntpassword.hash, lm_passwd, 0);
210 pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED);
211 }
212
213 if (memcmp(r->lmpassword.hash, zero_buf, 16) != 0) {
214 sam_pwd_hash(r->rid, r->lmpassword.hash, nt_passwd, 0);
215 pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED);
If you look closely you'll see that the nt hash is going into the
lm_passwd variable and the decrypted value is being set in the lanman
hash, and the lanman hash is being decrypted and put into the nt hash
field. So the LanMan and NT hashes look like they're being put in
the opposite fields."
Fix this by removing the rid_crypt parameter.
Jeremy.
(cherry picked from commit e38436f731ff09333588cc0751c79029a569f390)
|
|
|
|
| |
(cherry picked from commit 79222e476edbccf81e70cf1c0d1f40db0b88e20b)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 82ec832f7edffe2fcfd1bb067e092c159bed2973)
|
|
|
|
|
|
| |
If winbind sets the KRB5CCNAME variable it should unset it when
the cache gets destroyed.
(cherry picked from commit e7b0d1c984a37600a234c1f4c95b06e9b5898f30)
|
|
|
|
|
| |
Karolin
(cherry picked from commit c5609611ef2af5dee47a380003c6ce94f3781f0b)
|
|
|
|
|
| |
Guenther
(cherry picked from commit 7c2831c5872ad26e1e0cd7df59d6c0b88d566760)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit ef15ff6abec34377ab7fa75201e2799c0bb72aeb)
|
|
|
|
|
|
|
|
|
| |
If total_data == 4 Windows doesn't care what values
are placed in that field, it just ignores them.
The System i QNTC IBM SMB client puts bad values here,
so ignore them.
Jeremy.
(cherry picked from commit 5b1d8588d01d11251541829c5a3dff211fe925fd)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 5109bd33719a4bb1534cb0e012c92ec778fb26df)
|
|
|
|
|
|
|
|
|
|
|
| |
old server.
Karolin this is a show-stopper for 3.2.5.
There was some code in pull_ucs2_base_talloc() to cope with this case which
hadn't been added to pull_ascii_base_talloc(). The older Samba returns non
unicode names which is why you are seeing this codepath being executed.
Jeremy.
(cherry picked from commit 09fa53d927436310ae3c17096d42e2fa4de1dd2e)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 7c53cde257515e7bfffc8f3c0b54b7c99554d240)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 84d9c849dd71d5b07de3239740d3874998ecbd8c)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 4cc0d89d2cc562e88e67ceeb035c440f38eeaae3)
|
|
|
|
|
|
|
|
|
|
|
| |
inheritance", based on
a patch from Paul Fertser <fercerpav@gmail.com>. I also added the ability to get/set hex
and symbolic inheritance flag names on ACE flags. I'm still investigating the effects
of setting the "SEC_DESC_DACL_AUTO_INHERIT_REQ" flag as I don't yet see what effects
this is having on the ACE sent.
Jeremy.
(cherry picked from commit e59a21e945e6336f3d7622bf77cf5c2304936b70)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 4f1cdfe0901f4c78dff56ae5c26d2801b97d50d5)
|
|
|
|
|
|
| |
typo in the text, add an example for anonymization usage.
(cherry picked from commit 1d202a8a7bccc65e47fc78b17d89b7e74a358487)
|
|
|
|
|
|
| |
anonymize_prefix option
(cherry picked from commit c67cf648331bf4b8268813cb005b7283dd65eb73)
|
|
|
|
|
|
| |
if the configuration parameter anonymization_prefix is defined in
smb.conf, and use the prefix given there.
(cherry picked from commit 86a621a1a3e08bad8a0b276d8444f1f69a500385)
|
|
|
|
| |
(cherry picked from commit 0f3f34033a80e44fa18cae452a164e445392138a)
|
|
|
|
| |
(cherry picked from commit 1ab2a5b958a900a078cadf98b83fba7fadbaedf9)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 48ee5a66d18b805d03f93c85e98a41374d82cfb9)
|
|
|
|
| |
(cherry picked from commit e42477caece1a2e861aa0698d2e06847819f0b0d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The manpage for /bin/mount specifies that the return code should be a
positive integer (actually, it's a bitfield). Clean up the return
codes from mount.cifs to make them match the expected return values
from /bin/mount. This necessary for proper integration with autofs.
This is the third attempt at this patch. The changes here are minor,
just changing some return's from main() into exit() calls for
consistency's sake.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit 2374799c8114ae3ed422d1cbe4ca12c4fd075274)
|
|
|
|
|
|
|
|
|
| |
We currently don't attempt to uppercase the device portion of the mount
string if there isn't a prefixpath. Fix that by making uppercase_string
return success without doing anything on a NULL pointer.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit 34b5cfe8a0cb8674da0c5ac7d81b6e64160ccaa2)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"rescan_trusted_domain".
From analysis by hargagan <shargagan@novell.com> :
"The winbindd_child_died() is also getting called from process_loop() in case of
SIGCHLD signal. In this case it doesn't make the timeout_handler to NULL for
the first request. It then initiate a new request using
schedule_async_request() which installs a new timeout handler for the same
request. In such a case, for a badly unresponsive system both the timeout
handler can be called. For the first call the "private_data" will be cleared
and for another call the timeout handler will be detecting the double free. So,
for such a case as well, the winbindd_child_died() should make the
timeout_handler to NULL."
Jeremy.
(cherry picked from commit ce8de496ec139b7a56db20c5ffbcbdc2f4db0a51)
|
|
|
|
|
|
|
|
|
|
| |
The fix explicitly makes the conversion from timeval to time_t using the
existing time utility functions.
Compiling modules/vfs_smb_traffic_analyzer.c
modules/vfs_smb_traffic_analyzer.c: In function `smb_traffic_analyzer_send_data':
modules/vfs_smb_traffic_analyzer.c:173: warning: passing arg 1 of `localtime' from incompatible pointer type
(cherry picked from commit 22852666ddf3e77404373042ceecb19747ae25cd)
|