| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
| |
| |
| |
| |
| | |
wire... so.
Jeremy.
|
| | |
| |
| |
| | |
Jeremy.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Replace this with some flags that *we* define. We can do a mapping later
if we actually get some more reliable info about what passwords are actually
valid.
Andrew Bartlett
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| |
| | |
Make it up as we go along... :-).
Jeremy.
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| | |
Jeremy
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
the specifies the units that st_blocks is in. The reason for this is
that HPUX uses 8k, AIX uses a #defined constant and everyone else (tm)
uses 512 byte units.
Needed for the CIFS UNIX extensions - coming to a Samba server near
you soon.... :-).
Jeremy.
|
| | |
| |
| |
| |
| | |
prompt dmalloc to log information about what happening, so you can see
in flight why smbd is getting bloated.
|
| | |
| |
| |
| | |
like strcat
|
| | |
| |
| |
| | |
gcc warnings about unused parameters.
|
| | | |
|
| | |
| |
| |
| | |
but a plain old uint32.
|
| | |
| |
| |
| | |
to NT_STATUS_UNSUCCESSFUL according to AB's funky new error map.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The auth_authsupplied_info typedef is now just a plain struct - auth_context,
but it has been modified to contain the function pointers to the rest
of the auth subsystem's components.
(Who needs non-static functions anyway?)
In working all this mess out, I fixed a number of memory leaks and moved the
entire auth subsystem over to talloc().
Note that the TALLOC_CTX attached to the auth_context can be rather long-lived,
it is provided for things that are intended to live as long. (The
global_negprot_auth_context lasts the whole life of the smbd).
I've also adjusted a few things in auth_domain.c, mainly passing the domain as
a paramater to a few functions instead of looking up lp_workgroup(). I'm
hopign to make this entire thing a bit more trusted domains (as PDC) freindly
in the near future.
Other than that, I moved a bit of the code around, hence the rather messy diff.
Andrew Bartlett
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Also change the structure so it has its own (optional) 'free' pointer - so we
don't free() a talloc'ed version.
also split out the data_blob_clear() functionaility.
Andrew Bartlett
|
| | |
| |
| |
| | |
Jeremy.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This new table is rather different to the old one (see diff posted to the
list for a sorted list of differences) and needs a *lot* of testing.
It does however seem to line up much better with what NT is using, as
exampled by the change to the OBJECT_NAME_COLLISION DOS error, it now matches
win2k where it didn't before.
I can't see any critical errors we now get wrong, and I know that the auth
errors are correct as per my on-the-wire observations.
This table was produced (and I hope to comment this better later) by
using the ERRMAPEXTRACT smbtorture tool, a Win2k domain member and the
'name_to_ntstatus' auth module on the HEAD PDC. This module returned
the username as the error, and the NT box was forced to give me a dos
error becouse thats all I negotiated on that connection. Hence the map.
Andrew Bartlett
|
| | | |
|
| | |
| |
| |
| |
| | |
contain new print-formatted information. (Also
talloc_vasprintf_append.) Idea borrowed from glib.
|
| | |
| |
| |
| |
| |
| |
| | |
stop smb_macros.h and tdb.h from fighting with each other.
I tried to rearrange the #include file order but that breaks other stuff.
Aargh!
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Thou shalt not reference SAM_ACCOUNT members directly - always use
pdb_get/pdb_set.
This is achived by making the whole of SAM_ACCOUNT have a .private member,
where the real members live. This caught a pile of examples, and these have
beeen fixed.
The pdb_get..() functions are 'const' (have been for some time) and this
required a few small changes to constify other functions.
I've also added some debugs to the pdb get and set, they can be removed if
requested.
I've rewritten the copy_id2x_to_sam_pass() functions to use the new passdb
interface, but I need the flags info to do it properly.
The pdb_free_sam() funciton now blanks out the LM and NT hashes, and as such
I have removed many extra 'samr_clear_sam_passwd(smbpass)' calls as a result.
Finally, any and all testing is always appriciated - but the basics seem to
work.
Andrew Bartlett
|
| | |
| |
| |
| |
| | |
This means different return sizes depending on client bugs. This sucks :-(.
Jeremy.
|
| | | |
|
| | |
| |
| |
| | |
so that we can print it in later debug messages.
|
| | |
| |
| |
| | |
on some platforms using "" instead of <> in include statements
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Move rpc_client/cli_trust.c to smbd/change_trust_pw.c
- It hasn't been used by anything else since smbpasswd lost its -j
- Add a TALLOC_CTX to the auth subsytem. These are only valid for the length
of the calls to the individual modules, if you want a longer context hide it
in your private data.
Similarly, all returns (like the server_info) should still be malloced.
- Move the 'ntdomain' module (security=domain in oldspeak) over to use the new
libsmb domain logon code. Also rework much of the code to use some better
helper functions for the connection - getting us much better error returns
(the new code is NTSTATUS).
The only remaining thing to do is to figure out if tpot's 0xdead 0xbeef for
the LUID feilds is sufficient, or if we should do random LUIDs as per the old
code.
Similarly, I'll move winbind over to this when I get a chance.
This leaves the SPOOLSS code and some cli_pipe code as the only stuff still in
rpc_client, at least as far as smbd is concerned.
While I've given this a basic rundown, any testing is as always appriciated.
Andrew Bartlett
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
member server. Firstly, use the same max enumeration size (0x400) as W2K
uses, otherwise W2K won't ask for any more. Secondly, if a enumeration
request with a non-zero offset comes in on a handle that hasn't started
an enumeration, don't bitch about it (return NT_STATUS_UNSUCCESSFUL),
just load the db on that handle and return at that offset.
Jeremy.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
These two little features are very useful, but the passing of options about
needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out
until the main popt loop can be convinced not to chew on the options :-(
Andrew Bartlett
|
| | |
| |
| |
| |
| | |
but it will take more time as I don't want to loose any fixes that
are only in HEAD.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We now include the libber.h file if required, but currently we just don't use
ldap. (I'll chase this up).
In the meantime, I've moved the ads_status code about, its now in its own file,
and has a couple of #ifdefs to allow smbd to link - becouse the lack of LDAP
caused HAVE_ADS to be undefined. (I hope its not too ugly).
Andrew Bartlett
|
| | |
| |
| |
| |
| | |
signal management.
Jeremy.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
members (such as uid and gid). This way we will be able to
keep ourselves from writing out default smb.conf settings when
the admin doesn't want to, That part is not done yet.
Tested compiles with ldap/tdb/smbpasswd. Tested connection with smbpasswd
backend.
oh...and smbpasswd doesn'y automatically expire accounts after 21 days
from the last password change either now. Just ifdef'd out that code
in build_sam_account().
Will merge updates into 2.2 as they are necessary.
jerry
|
| | |
| |
| |
| | |
J.F.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
calculate them and always reply a size of 32 bytes whereas NT4 did the
maths. Anyway, it looks like the clients don't complain.
in query_dom_info() at level 2, return the real number of users and
groups. That's the fix to the W95/98 userlist bug !
as W95/98 does a query_dom_info(2) followed by a query_disp_info(4) on
the SAME context handle (err we call it an lsa policy handle ! plain
wrong name), I was tempted to keep the snapshoot in memory, to prevent
2 full user db enumerations in a row and just have one shared. But if some
client does the 2 calls on two different handles, we would have 2 copies
in memory not free'ed before the samr_close().
We still have too many fixed constant and too many magic values in that
code. And btw, I really hates how the sequence number is generated !
J.F.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
instead of enumerating the whole user db or group db every time, we store
a in memory copy linked to the handle.
that's much faster for large enumeration where the db can't fit in a
single rpc packet. And as it's a copy, it's constant between enumeration.
still some stuff to clean. But now I can fix the W95 userlist bug, as I've
finally found it.
J.F.
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
the need for valid.dat
|
| | | |
|
| | |
| |
| |
| |
| | |
It's not as strong as Insure, but it's free, reasonably efficient and
works on every platform.
|
| | |
| |
| |
| |
| |
| | |
nsswitch code uses vsyslog without checking for it.
Provide replacement for vsyslog in lib/snprintf if not found by configure.
Jeremy.
|
