| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
nt got confused and thought that the server password had been set instead
of refused. this is for the SRV_PWSET response.
|
| |
|
|
|
|
|
|
|
| |
WINS server did not respond to name registration!
this messages should only be produced when we are trying to register
our own names, not when we are the one with the name database and we
are doing a NAME_REGISTER_CHALLENGE on behalf of another host (for
secured wins registration)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
packets with no answer section in general.
The fix has 2 parts:
1) set ans_name to the name we queried if nmb->answers == NULL
2) check for nmb->answers == NULL in several other places where we
currently check for nmb->answers->data
While doing this, I noticed there are lots of places in our nmbd code
where we make assumptions about the packets being well formed. Someone
could easily implement a denial of service attack on nmbd by sending a
packet that causes a null pointer dereference. Does anyone feel like
going through the code and adding checks? Probably the best solution
is to have a single function that "validates" a packet, making sure
that all the required fields are there. This will be a bit tricky as
what fields are required varies a lot between packets. A first pass
would be a function that prints "SUSPECT PACKET" when it hits a packet
that it suspects does not have a required field (or the field is badly
formatted), then we could use this on a live system to find any cases
we've missed.
Any takers?
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
id_info_1 has a pointer at the front of it. so does return credentials,
and so does the client credentials. these are all from the sam logon.
auth_level is 16 bytes not 32 and is actually called a switch_level.
smbparse.c :
smb_io_unihdr() - uni_max_len and uni_str_len are 16 bytes not 32.
this may have a knock-on effect on smb_in_unihdr2() but we'll see...
|
| |
|
|
|
|
|
| |
deal_with_credentials() by moving important code to the beginning
of the function :-) :-) :-).
the new seed (old_cred + time + 1) was getting corrupted.
|
| |
|
|
|
|
|
| |
credentials for the calculation of the next credentials: i was storing
the auth 2 calculated credentials.
oops.
|
| | |
|
| |
|
|
| |
This patch has been checked over. JHT
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the server string option.
I fixed it by adding: trim_string(ret, "\"", "\"") to lp_string()
which means that it removes leading and trailing quotes from _all_
strings in smb.conf. I think this is what we want as I can't actually
think of any case where quoted strings are needed.
I suspect that this fix will actually fix browsing at quite a few
sites. It's not uncommon to see people putting "" marks around the
workgroup name or other essential strings.
The real reason it was causing browsing to fail is that the browse.dat
file uses " to delimit fields, which means that it wasn't being parsed
correctly. It would be nice to use a proper database format in
browse.dat sometime. In fact, we really need a generic database type
subsystem in Samba to replace the mish-mash we currrently use
(browse.dat, wins.dat, smbpasswd etc)
|
| |
|
|
|
|
| |
and renamed it COPYING.LGPL. This is because the ubi_* files are under
LGPL, not regular GPL.
Removed the last few things from the ubiqx directory and deleted it.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- They now use the ubi_dLinkList linked list code.
This is not a big gain, I suppose. It would be significant if there
were lots of doubly-linked lists in the code and I replaced them all.
The only other advantage is that the code is more modular, which
appeals to my own sense of order, if no one elses. :-}
- I allocate space for the entry structure and the strings in one go,
instead of using malloc() and separate strdup() calls. This should
be more efficient, and allows for a single call to free() to free the
whole thing.
These are very minor changes, but they do serve to make me more familiar
with the code overall.
|
| | |
|
| |
|
|
| |
so I've started to move them into the main directory.
|
| |
|
|
|
|
|
|
|
|
|
| |
locking.c: Adding Andrews become_root code to the main branch.
pipes.c: Fixing the close_file issue.
proto.h: The usual.
reply.c: Move smb_pass into NTDOMAIN defined code. Fixing the close_file issue.
server.c: Fixing the close_file issue.
trans2.c: Fixing the close_file issue.
uid.c: Adding Andrews become_root code to the main branch.
Jeremy (jallison@whistle.com)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
whoops, the SAM Logon structure was wrong. updated this, and
cifsntdomain.txt. more debug info in pipenetlog.c. the crash
is somewhere around deal_with_credentials().
byteorder.h :
put in uint8, uint16 and uint32 typecasts around debug info, because
sign extending was resulting in ffffffe8 being displayed instead of e8.
credentials.c :
some debugging info, because i'm tracking a coredump. without gdb.
nothing like making things difficult.
reply.c :
whoops, missed this (important) bit from paul's code, which tells
the NT workstation that the MACHINE$ entry doesn't already exist,
and we're going to create a default entry with a password "machine"
right now.
proto.h:
the usual.
|
| | |
|
| |
|
|
| |
and NETSERVERGETINFO.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) add a new parameter to queue_netbios_packet(), the "reply_id", this
is the id that should be used when sending a further response to the
packet (such as a response after we get back a reply to a name query
after senidnga WACK). reply_id is 0 (meaning unused) in most cases.
2) fix the id used in the reply in add_name_respond() from
response_name_query_register()
3) remember to remove the response record at the end of
response_name_query_register()
4) get the right IP address (it was 0.0.0.0) in
response_name_query_register()
5) add a new field reply_id to struct response_record
|
| |
|
|
|
|
|
|
|
|
| |
changed the order of arguments to smbhash() in credentials.c. Luke,
when you changed from E1() to smbhash() you didn't notice that the
arguments are in a different order. This is why your new code was
failing.
NT logon still fails, but now gets to SAMLOGON. It shouldn't take much
to get it working now.
|
| |
|
|
|
|
| |
to crypt()
This might solve some password problems, particulary on HPUX
|
| |
|
|
| |
Updated the linked list module, which has new and changed macros.
|
| | |
|
| |
|
|
| |
modules.
|
| |
|
|
|
|
|
|
| |
lsa close odd bug.
smbparse.c :
smb_io_dom_sid() _does_ need 4-byte alignment before it.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
created a RW_PIVAL macro which was missing.
smbparse.c:
smb_io_dom_sid() was storing its sub-authorities as uint16s instead
of uint32s. used the DBG_RW_PIVAL macro instead of DBG_RW_PSVAL.
pipentlsa.c:
not sure. something to do with the Query Info reply.
pipeutil.c:
make_rpc_reply() had the packed representation field set to 0x0100 0000
instead of 0x1000 0000, which had the interesting result of turning all
uint32 and uint16 field byte ordering the other way round!
|
| | |
|
| |
|
|
|
|
|
|
| |
Added comment right up front about "your server is being unfriendly"
type error messages.
source/Makefile:
Added compile options for RedHat Linux 5.0 series.
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Jeremy (jallison@whistle.com)
|
| |
|
|
| |
there are going to be a few of these...
|
| |
|
|
| |
strings.
|
| |
|
|
| |
quit the whole pipe, either...
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Luke, when you don't know what has been changed in the CVS tree I
highly recommend you point your browser at:
http://samba.anu.edu.au/cgi-bin/cvsweb/samba/source
If you click on a filename you can then see all the commits and
changes that have been made to it over time. You can also download any
version of the file or find the differences between any two versions.
All of this is not dependent on the state of your local CVS sandbox,
so it can be used to find out the "true" state of the tree at any
time.
If you suspect some sort of CVS problem (like a change getting
reverted) then please use the above URL to work out what has
happened. You should be able to see exactly who made what changes and
when.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
examples/smb.conf.default:
added line "share modes = no" to netlogon share parameter list
packaging/redhat:
updated RedHat RPM build files.
added smbadduser script (modified for RHL).
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
debugging output wasn't (still isn't) perfect.
credentials.c lsaparse.c smbparse.c :
added DEBUG strings.
pipes.c :
lost some changes, to do with setup of RPC headers. arg.
|
| | |
|
| | |
|
