| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
As a client, we no longer send plaintext or LM responses, unless
reconfigured.
As a server, we no longer accept LM responses (encrypt passwords = yes
has been set for a while), unless reconfigured.
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Simplify calling convention of timeout_processing. lp_deadtime is only
referenced in conn_idle_all().
Move sending keepalives out of the main processing loop into idle event.
On the way, make lp_keepalive() a proper parameter.
Move sending auth_server keepalives out of the main loop into an idle event.
Move deadtime processing into an idle event. While there, simplify
conn_idle_all() a bit.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the two functions talloc_stackframe() and talloc_tos().
* When a new talloc stackframe is allocated with talloc_stackframe(), then
* the TALLOC_CTX returned with talloc_tos() is reset to that new
* frame. Whenever that stack frame is TALLOC_FREE()'ed, then the reverse
* happens: The previous talloc_tos() is restored.
*
* This API is designed to be robust in the sense that if someone forgets to
* TALLOC_FREE() a stackframe, then the next outer one correctly cleans up and
* resets the talloc_tos().
The original motivation for this patch was to get rid of the
sid_string_static & friends buffers. Explicitly passing talloc context
everywhere clutters code too much for my taste, so an implicit
talloc_tos() is introduced here. Many of these static buffers are
replaced by a single static pointer.
The intended use would thus be that low-level functions can rather
freely push stuff to talloc_tos, the upper layers clean up by freeing
the stackframe. The more of these stackframes are used and correctly
freed the more exact the memory cleanup happens.
This patch removes the main_loop_talloc_ctx, tmp_talloc_ctx and
lp_talloc_ctx (did I forget any?)
So, never do a
tmp_ctx = talloc_init("foo");
anymore, instead, use
tmp_ctx = talloc_stackframe()
:-)
Volker
|
| | |
|
| |
|
|
|
|
| |
use of directory name cache, 100 by default. Will be needed
to turn this off for *BSD systems.
Jeremy.
|
| |
|
|
|
|
| |
issue a level 0 debug message.
Michael
|
| |
|
|
|
|
| |
if parsing of the boolean string was successful.
Also, initialize the local result variable
(although not strictly necessary anymore, now.)
|
| |
|
|
|
|
|
|
|
| |
contains a correct representation of a boolean value (in the
understanding of loadparm.c).
Make set_boolean() catch passing NULL for the boolean target.
Michael
|
| |
|
|
|
|
|
|
|
| |
be called with inverse == NULL.
Add a new function lp_parameter_is_canonical() to check whether a
parameter name is the canonical name (as apposed to an alias).
Michael
|
| |
|
|
|
|
|
|
|
| |
a parameter and value into the canonical paramter with the value
inverted if it was in invers boolean synonym.
Make net conf use this function when storing parameters.
Michael
|
| |
|
|
|
|
|
| |
parameter given in string representation into a function of its
own (map_parameter_canonical).
Michael
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Also simplify lp_canonicalize_parameter by making use of
the new function "is_synonym_of".
Michael
Note: If anything depends on the exact former output format of
show_parameter list, I would trigger the output of synonym information
by a boolean verbose switch (that could be passed to testparm
via the "-v" command line switch).
|
| | |
|
| |
|
|
| |
Michael
|
| |
|
|
|
|
|
|
|
|
|
|
| |
and produces the "canonical" (or main) name of the parameter (the one
synonym that does not have the flag FLAG_HIDE). The function also sets
a flag as to whether the synonym is a reverse boolean synonym.
Add some functions for the handling of string representations of boolean
values: return the canonical string representation of a bool, invert
a bool given as a string, canonicalize a bool given as a string.
Michael
|
| |
|
|
| |
This has been superseded by the "tdb_hashsize:<tdbname>" parameter
|
| |
|
|
|
|
|
| |
Add "client ldap sasl wrapping" parameter.
Possible values are "plain" (default), "sign" or "seal".
metze
|
| |
|
|
|
|
|
|
|
| |
add in any cluster addresses. We need to response to these,
but not listen on them. This allows us to run nmbd on every
node in the cluster, and have all of them register with a
WINS server correctly
metze
|
| | |
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
| |
Michael
|
| |
|
|
|
|
| |
in "net conf setparm".
Michael
|
| |
|
|
|
|
|
| |
given to "net conf setparm". Add a utility function
lp_parameter_valid() for this to loadparm.c.
Michael
|
| |
|
|
|
|
|
| |
(This will be used in a next step to prevent storing these
values in reg_smbconf.c.)
Michael
|
| |
|
|
|
|
| |
net as a non-root user, e.g.
Michael
|
| |
|
|
|
|
|
|
|
|
|
|
| |
not effective for the global section (snum < 0). This checkin
makes it effective for the global section, too.
This does not produce changes in the results of the present calls of
lp_next_parameter: Beside the new use in utils/net_conf.c (which is
hereby fixed), the only calls of lp_next_parameter are in web/swat.c,
where it is effectively always called with allparameters == 1.
Michael
|
| |
|
|
| |
Michael
|
| |
|
|
| |
Michael
|
| |
|
|
| |
Michael
|
| |
|
|
| |
Michael
|
| |
|
|
| |
Michael
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
Tidy calls to smb_panic by removing trailing newlines. Print the
failed expression in SMB_ASSERT.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The global options are stored as values in the subkey "global"
of the SMBCONF registry key.
The activation is accomplished in smb.conf though a new special
semantic of the "include" parameter: "include = registry" triggers
the processing of the registry global options exactly at the
position of the include statement. Options read from the registry
take the same precedence as parameters loaded from a file via
include. Need to reload the registry globals is detected by
watching the tdb sequence number.
Registry shares are automatically activated when the registry
globals are processed.
So a "registry only" configuration can be realized by an
smb.conf that looks as follows:
================================
[global]
include = registry
================================
The global options and registry shares can be conveniently
edited with the "net conf" utility.
Caveat:
A possible pitfall consists in using "include = registry"
together with the "lock directory" directive in the registry.
This problem will be addressed in the next time.
Note on the code:
Processing of the registry options is accomplished by a function
process_registry_globals() in loadparm.c The current version is
only an interim solution: It is handcoded instead of using the
infrastructure of reg_api.c. The reason for this is that using
reg_api still has too large linker dependencies, bloating virtually
all targets by PASSDB_OBJ, SMBLDAP_OBJ, GROUPDB_OBJ and LDB stuff.
A version of process_registry_globals that uses reg_api is
included but commented out. The goal is to eventually refactor
and restructure the registry code so that one can use the reg_api
to access only the registry tdb and not link all the dynamic
backends with all their linking implications.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
in the winbindd_getgrnam() call. Couple of comments:
* Adds "winbind expand groups" parameter which defines the
max depth winbindd will expand group members. The default
is the current behavior of one level of expansion.
* The entire getrgnam() interface should be async. I
haven't done that.
* Refactors the domain users hack in fill_grent_mem() into
its own function.
|
| |
|
|
| |
Michael
|
| |
|
|
|
|
| |
Refuse registry shares without path.
Michael
|
| |
|
|
|
|
| |
Add 'registry shares = yes' and registry key security descriptors.
Michael
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I'm 100% certain I've forgotten to merge something, but the main code
should be in. It's mainly in dbwrap_ctdb.c, ctdbd_conn.c and
messages_ctdbd.c.
There should be no changes to the non-cluster case, it does survive make
test on my laptop.
It survives some very basic tests with ctdbd enables, I did not do the
full test suite for clusters yet.
Phew...
Volker
|
| |
|
|
| |
the patch :-)
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
32 unicode chars. Windows XP doesn't like that :-).
Jeremy
|
| |
|
|
|
| |
idmap expire time -> idmap cache time
idmap negative time -> idmap negative cache time
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
idmap domains as these should only be handled by the
winbindd_passdb.c backend
* Allow the alloc init to fail for backwards compatible
configurations like
idmap backend = ad
idmap uid = 1000-100000
....
* Remove the deprecated flags from idmap backend, et. al.
These are mutually exclusive with the new configuration
options (idmap domains). Logging annoying messages
about deprecated parameters is confusing. So we'll try
this apprpach for now.
|
| | |
|
| |
|
|
| |
added to debug messages
|
| |
|
|
| |
Guenther
|
