| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This should remove some confusion from the ./configure, but does not affect the
'real' kerberos support currently residing in smbd/sesssetup.c.
This code is vunerable to a spoofed KDC, and is best replaced by --with-pam and
the pam_krb5 module. This module includes measures to prevent such spoofing.
Andrew Bartlett
|
| | | |
| | |
| | |
| | | |
note the useful acnv_uxu2 and acnv_u2ux functions in charcnv.c
|
| | | |
| | |
| | |
| | | |
Jeremy.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
from 2_2.
Volker
|
| | | |
| | |
| | |
| | | |
rpc_spoolss.h header file.
|
| | | |
| | |
| | |
| | | |
Jeremy.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
per-share. I beleive that almost all the things that this could have done on
a per-share basis can be done with other tools, like 'force user'.
Almost all the user's of this paramater used it as a global anyway...
While this is one step at a time, I hope it will allow me to considerably
simplfy the make_connection() code, particularly for the user-level security
case.
This already removes an absolute truckload of extra attempted password lookups
on the guest account.
Andrew Bartlett
|
| | | |
| | |
| | |
| | | |
grumble, mumble, ...
|
| | | |
| | |
| | |
| | | |
so that tdbtool can be compiled without having to make clean.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This changes the way we process guest logons - we now treat them as normal
logons, but set the 'guest' flag. In particular this is needed becouse Win2k
will do an NTLMSSP login with username "", therefore missing our previous guest
connection code - this is getting a pain to do as a special case all over the
shop.
Tridge: We don't seem to be setting a guest bit for NTLMSSP, in either the
anonymous or authenticated case, can you take a look at this?
Also some cleanups in the check_password() code that should make some of the
debugs clearer.
Various other minor cleanups:
- change the session code to just take a vuser, rather than having to do a
vuid lookup on vuser.vuid
- Change some of the global_client_caps linking
- Better debug in authorise_login(): show the vuid.
Andrew Bartlett
|
| | | | |
|
| | | |
| | |
| | |
| | | |
not ascii.
|
| | | |
| | |
| | |
| | | |
Jeremy.
|
| | | |
| | |
| | |
| | | |
Jeremy.
|
| | | |
| | |
| | |
| | | |
Jeremy.
|
| | | |
| | |
| | |
| | | |
Jeremy.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The problem is that we don't use the bitmap field, and so have to guess what
feilds to change. NT4 sets the RID to NULL in its reply, (as a no-change
value) and we were attempting to set that as a RID.
jfm: Can you get me the info on that bitmap, so I can construct a proper fix
to all this?
Thanks!
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Jeremy
|
| | | | |
|
| | | |
| | |
| | |
| | | |
domain_client_validate()
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Jeremy.
|
| | | |
| | |
| | |
| | |
| | | |
GetPrinterDataEx() and SetPrinterDataEx(). Not sure what the command
number is for the latter is - I haven't seen it on the wire yet.
|
| | | |
| | |
| | |
| | | |
2.2 to HEAD?
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
names of the other functions in this file.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
pam authentication. This allows us to link in less other crap.
Authenticating with a challenge/response doesn't seem to work though - we
always get back NT_STATUS_WRONG_PASSWORD.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Jeremy.
|
| | | |
| | |
| | |
| | |
| | | |
to detect this in configure.
Jeremy.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- old mangle code has gone, the new one based on tdb seem resonably ok
probably the valid.dat table need to be updated to treat wild chars as
invalid ones (work ok without it)
- a LOT of new string manipulation function for unicode, they are somewhat
tested but a review would not be bad
- some new function I will need for the new unix_convert function I'm writing,
this will be renamed filename_convert and use only unicode strings.
- charconv, I attached a comment, if someone wnat to look if I'm right or
just was hacking to late in the night to make a sane one :)
of course any bug is my responsibility an will be pleased to see patches if
you find any. :-)
Simo.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Andrew, this fixes domain logons in head. Please look at the change,
as I think you may have misunderstood the max_str_len field (which is
badly named)
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
groups obtained via a domain logon are respected in the attached NT_USER_TOKEN.
This functionality is only available in HEAD, becosue of the way authenticaion
has been abstracted.
Both vuid logins and authenticated pipes need to use the same code for this in
future.
Can sombody with the correct facilties check this please?\
Thanks,
Andrew Bartlett
|
| | | |
| | |
| | |
| | | |
- Now perfectly valid.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
- Basic functionality intact
- Now adds machine accounts without a uid. (using the machine uid range to
avoid conflict with real uid based accounts)
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
REMOVED BZERO CALLS YET AGAIN !!! Why do these keep creeping back in....
They are *NOT* POSIX. I'm also thinking of removing strncpy as I'm sure
it's not being used correctly....
Jeremy.
|
| | | |
| | |
| | |
| | |
| | | |
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
|
