summaryrefslogtreecommitdiffstats
path: root/source/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* there are places in the samba3 code that don't check properly forAndrew Tridgell2004-02-021-0/+4
| | | | | | packet-termination of strings. This change ensures that when we go past the end of a packet we hit 2 null bytes, thus terminating. We are relying on the SAFETY_MARGIN packet allocation stuff here.
* the conversion from int to size_t in charcnv did not take into accountAndrew Tridgell2004-02-021-1/+1
| | | | | | | | | | | | | | | | one place where we checked "if (src_len > 0)". I actually would greatly prefer to switch back to int for src_len. The type *can* be negative, which means an unsigned type is inappropriate. There is absolutely no reason why "int" should not be used for a parameter like this. I didn't change back to int as we are close to a release and I wanted a mininal change, but please don't go changing types like this in future without very careful testing and a damn good reason. this bug broke pull_ucs2(), I would not be surprised if it caused all sorts of nastiness. Thanks to vl for noticing the symptoms!
* Fix up name canonicalization (needed for krb5 keytab support later).Jeremy Allison2004-01-301-46/+28
| | | | | Remove source_env handler (no longer used in any codepath). Jeremy.
* Clarify comment on set_effective_uid()Andrew Bartlett2004-01-271-2/+10
| | | | Andrew Bartlett
* Add a few more NTSTATUS <=> PAM error mappings.Andrew Bartlett2004-01-261-1/+3
| | | | Andrew Bartlett
* Fix removal of attributes in LDAP - we would not actually remove the oldAndrew Bartlett2004-01-251-16/+16
| | | | | | value in the previous code. Andrew Bartlett
* Fix decoding of base64. We got the length wrong when the result was notVolker Lendecke2004-01-231-0/+2
| | | | | | | | | | an exact multiple of 3. I also wrote a torture test and it survived some minutes of random stuff coded/decoded up to 16 MB data. But that would be a bit too embarassing to commit... :-) Volker
* * Add SIGABRT to fault handlingStefan Metzmacher2004-01-221-3/+6
| | | | | | | so we now got a backtrace, if we crash in libldap with SIGABRT metze
* * BUG 446Gerald Carter2004-01-151-0/+4
| | | | | | | | | - setup_logging() in smbclient to be interactive (remove the timestamps) - Fix bad return value in pull_ucs2( needs more testing to make sure this didn't break something else) that caused clistr_pull() to always read the same string from the buffer (pull_usc2() could return -1 if the original source length was given as -1) - increment some debugging messages to avoid printing them out so often
* * Fix sys_chown() when no chown() is presendStefan Metzmacher2004-01-151-0/+2
| | | | metze
* * Fix XFS quotas: XFS_USER_QUOTA -> USRQUOTAStefan Metzmacher2004-01-155-34/+181
| | | | | | | | | XFS_GROUP_QUOTA -> GRPQUOTA * Fix disk_free calculation with group quotas. * Add debug class 'quota' and a lot of DEBUG()'s to the quota code. metze
* fix XFS quotas the macro changed from HAVE_XFS_QUOTA -> HAVE_XFS_QUOTASStefan Metzmacher2004-01-141-2/+2
| | | | metze
* Fix for bug #922. Fast path not called for strlower_m() and strupper_m().Jeremy Allison2004-01-071-2/+2
| | | | | From ab@samba.org (Alexander Bokovoy). Jeremy.
* isolate ldap debug messages to the common smbldap_XXX() functionsGerald Carter2004-01-061-4/+9
|
* XFS quota patch from Stefan Metzmacher <metze@metzemix.de>.Jeremy Allison2004-01-063-37/+48
| | | | Jeremy.
* Patch by Stefan Metzmacher <metze@metzemix.de>:Andrew Bartlett2004-01-061-0/+4
| | | | | | | | | here's a small fix that fixes the new quota system on irix. I need to reanable XFS quotas on irix for the new quota system (Jerry do you want to wait for this for the release ?) But the old system works and is the default on irix!
* Patch based on work from James Peach <jpeach@sgi.com> to convert over toJeremy Allison2004-01-061-0/+41
| | | | | | using pread/pwrite. Modified a little to ensure fsp->pos is correct. Fix for #889. Jeremy.
* Added last missing file.Jeremy Allison2004-01-051-0/+486
| | | | Jeremy.
* Oops. Broke the build. Added missing files.Jeremy Allison2004-01-052-0/+608
| | | | Jeremy.
* Fix from James Flemer <jflemer@uvm.edu> to make HAVE_ATTR_LIST linked toJeremy Allison2004-01-051-3/+3
| | | | | HAVE_SYS_ATTRIBUTES_H to fix AIX compile. Jeremy.
* Patch from Stefan (metze) Metzmacher <metze at metzemix.de> to revert to ↵Jeremy Allison2004-01-051-529/+0
| | | | | | | | | | | | | | | | | | 2.2.x quota methods. :-). "here's a patch which ports the samba 2.2 samba_linux_quota.h stuff to 3_0. This is needed because of so many broken quota files outthere. Please, test this with old, new kernels (strucr dqblk, struct mem_dqblk, and struct if_dqblk) , quota.user, aquota.user formats what is when a user is over soft quota and over hard quotas..." Jeremy.
* Always call the auto-init funciton - this avoids tdb segfaulting underAndrew Bartlett2004-01-051-0/+6
| | | | | | us if we failed to open it earlier. Andrew Bartlett
* auth/auth_util.c:Andrew Bartlett2003-12-312-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | - Fill in the 'backup' idea of a domain, if the DC didn't supply one. This doesn't seem to occour in reality, hence why we missed the typo. lib/charcnv.c: lib/smbldap.c: libads/ldap.c: libsmb/libsmbclient.c: printing/nt_printing.c: - all the callers to pull_utf8_allocate() pass a char ** as the first parammeter, so don't make them all cast it to a void ** nsswitch/winbind_util.c: - Allow for a more 'correct' view of when usernames should be qualified in winbindd. If we are a PDC, or have 'winbind trusted domains only', then for the authentication returns stip the domain portion. - Fix valgrind warning about use of free()ed name when looking up our local domain. lp_workgroup() is maniplated inside a procedure that uses it's former value. Instead, use the fact that our local domain is always the first in the list. Andrew Bartlett
* The AFS pts command always generates completely lower-case user names. As caseVolker Lendecke2003-12-301-1/+4
| | | | | | | is not significant in windows user names we should not lose information by lower-casing the name before handing it to AFS. Volker
* Based on patch by Petri Asikainen <paca@sci.fi> fix bug #387 and #330.Andrew Bartlett2003-12-261-14/+15
| | | | | | | | | This patch will change order how attributes are modified from: add, delete to: delete, add This is needed to update single valued attributes in Novell NDS and should not harm anyone else.
* ldap rebind sleep -> ldap replication sleepAndrew Bartlett2003-12-251-1/+1
| | | | | | | While writing documentation for metze's patch, it became clear that this is a better name. Andrew Bartlett
* This is metze's LDAP rebind sleep patch:Volker Lendecke2003-12-251-0/+28
| | | | | | | | | | | When smb.conf tells us to write to a read-only LDAP replica and we are redirected by the LDAP server, the replication might take some seconds, especially over slow links. This patch delays the next read after a rebind for 'ldap rebind sleep' milliseconds. Metze, thanks for your patience. Volker
* Fix our parsing of the LDAP url. We get around it as all decent systems seemVolker Lendecke2003-12-251-1/+1
| | | | | | | | to have ldap_initialize. Thanks to abartlet for the fix (and the bug in the first place ;-)) Volker
* Fix bug 916 - do not perform a + -> space substitution for squid URL encodedAndrew Bartlett2003-12-251-5/+0
| | | | | | strings, only form input in SWAT. Andrew Bartlett
* Patch from James Peach <jpeach@sgi.com>. Remove the MAX_CONNECTIONS limitJeremy Allison2003-12-111-0/+14
| | | | | | by increasing bitmap size. Limited by "max connections" parameter. Bug #716. Jeremy.
* Fix #558 -- support ISO-8859-1 internally. Makes Solaris users a bit happierAlexander Bokovoy2003-12-101-0/+28
|
* fix bug in get_peer_name() caused by --enable-developer and using the same ↵Gerald Carter2003-12-091-3/+11
| | | | src & dest strings to alpha_strcpy(); reported by Michael Young
* working on bug 687; protect against null src strings in alloc_sub_basic()Gerald Carter2003-12-081-0/+7
|
* make sure we use a real network address in case there are extra non-zero ↵Gerald Carter2003-12-081-1/+1
| | | | octets in hosts allow/deny
* fix %a variable for Windows 2003 -> Win2K3Gerald Carter2003-12-051-10/+14
|
* support munged dial for ldapsam; patch from Aurélien Degrémont; bug 800Gerald Carter2003-12-041-0/+1
|
* don't crash on a NULL priviledge pointer; patch from Jianliang LuGerald Carter2003-12-041-0/+6
|
* Get a little paranoid about memfree use in convert_string_allocate..Jeremy Allison2003-12-011-7/+6
| | | | | Looking at crash bugs #809 and others. Jeremy.
* fix inverted logic caused by s/strcmp/strequal/; host allow/deny works ↵Gerald Carter2003-12-011-1/+1
| | | | again; bug 846
* Clean up a comment noticed by Jonathan Shao@Panasas.com and remove anRichard Sharpe2003-11-261-3/+2
| | | | obsolete comment by Luke Leighton.
* Changes all over the shop, but all towards:Andrew Bartlett2003-11-221-4/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures...
* Ensure that items in a list of strings containing whitespaceGerald Carter2003-11-221-1/+1
| | | | | | | | | | | are written out surrounded by single quotes. This means that both double and single quotes are now used to surround strings in smb.conf. This is a slight change from the previous behavior but needed or else things like printer admin = +ntadmin, 'VALE\Domain, Admin' get written to smb.conf by SWAT.
* Look at error before using it in debug statement.Jeremy Allison2003-11-191-3/+2
| | | | Jeremy.
* Added useful information to debug lines.Rafal Szczesniak2003-11-191-4/+4
| | | | | | | Patch by metze. rafal
* Useful debug message. Patch by metze.Rafal Szczesniak2003-11-181-2/+4
| | | | rafal
* Remove unneeded second open for filename ending in '.' now we know it'sJeremy Allison2003-11-181-1/+1
| | | | | a mangled name. Added const. Fix inspired by Andrew Bartlett ideas. Jeremy.
* Squelch some warnings with more casty-foo.Richard Sharpe2003-11-131-2/+2
|
* Fix a couple of warnings with casts.Richard Sharpe2003-11-131-2/+2
|
* Implement %i-Macro for the locally used IP address. With this you can againVolker Lendecke2003-11-072-0/+31
| | | | | | | have virtual hosts with different configurations on a single smbd even on port 445. Volker
* Simple rename of get_socket_addr to get_peer_addr and get_socket_name toVolker Lendecke2003-11-072-13/+13
| | | | | | | | | | get_peer_name. This is to get closer to the getsockname/getpeername system functions. Next step will be the %i macro for the local IP address. I still want to play %L-games in times of port 445. Volker
generated by cgit (git 2.34.1) at 2025-09-30 08:47:08 +0000