| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
passdb.c:
lib/rpc/include/rpc_misc.h: First cut at automatic uid/gid to rid mapping.
We can change this at a later date to make more bits available if neccessary.
Jeremy.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
password.c: Added code to tell server.c when machine password needs changing.
server.c: Change machine password in idle cycles if it needs it.
smbpassfile.c: Fixed up length calculations for machine password file.
smbpasswd.c: Moved domain joining code/machine password changing code.
lib/rpc/client/cli_netlogon.c: And this is where it now lives.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
| |
smbpass.c: Do *NOT* make this function static. It breaks the compile on gcc
util.c: Getting closer to MS wildcard semantics. A trailing '*' matches
any trailing dot-separated components.
trans2.c: Removed hacks that change multiple '?' -> '*' as this
breaks things now.
trans2.h: Removed NT_FILE_ATTRIBUTE_NORMAL - now FILE_ATTRIBUTE_NORMAL is defined
in smb.h.
Jeremy.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
not found. this gave me a clue...
#if 0 /* commented out until someone uses them jra */
...
#endif
|
| |
|
|
|
|
| |
store passwords in ascii format
- dealt with lots of signed/unsigned char thingies spotted by Tim Winders.
|
| | |
|
| |
|
|
| |
going on.
|
| |
|
|
| |
unnecessary "address of" warnings.
|
| |
|
|
|
|
|
|
| |
smb.h: Removed comments no longer valid.
smbpass.c: Stopped dummy function from being prototyped.
util.c: Fix for multibyte char problems with strlower, strupper
and string_replace.
Jeremy.
|
| |
|
|
| |
be exposed.
|
| | |
|
| |
|
|
|
|
|
| |
be supported. there are some stub routines in passdb.c which can be
copied into a password database api which do conversion. the module
writer can choose which of these to provide full support for instead
of using the conversion routines.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- added support for some of the new passdb_ops functions.
- removed functions that are supported "indirectly" through passdb.c
nisppass.c :
- modified make_nisname_from_xxx() functions to take a "file" arg.
- turned getnisp21pwuid() into getnisp21pwrid(). getnisp21pwuid()
functionality is available through "indirect" support in passdb.c
- removed functions that are supported "indirectly" through passdb.c
- added support for some of the new passdb_ops functions.
passdb.c :
- created getsam21pwrid() function to go alongside getsam21pwuid.
it is not expected that getsam21pwuid ever be used, certainly
not from the lib/rpc code.
- created getsamdisprid() and getsamdispent(). these are primarily
for support of SamrQueryDisplayInfo, however given that they
[struct sam_disp_info] return username, rid and fullname, there may
be further instances where these functions will be useful.
- added support where either the get/add/mod-smb or get/add/mod-sam21
functions are optional. this can be done very easily by checking
whether the struct passdb_ops table functions are NULL or not.
documented this capability in the notes at the top of the module.
- where unix uid was referenced, use uid_t.
- where unix gid was referenced, use gid_t.
smb.h :
- added sam_disp_info functions to passdb_ops.
- added getsam21pwrid() function.
smbpass.c :
- added reference to iterate_getsam21pwrid().
lib/rpc/server/srv_samr.c :
- removed group rid code added to get_user_info_21() code: this
had been added in the wrong place. the client / server should
already know whether it wants to do a lookup by user rid or
by group rid.
the test of whether the rid is a user or group rid has been left
in because this may become useful consistency-check code.
- converted back to getsam21pwrid() not
getsam21pwuid(pdb_user_rid_to_uid()).
this is because the unix uid to user rid mapping can be non-monotonic
in some password database systems, and monotonic in others. imposing
the restriction by converting immediately from rid to uid at this
point is inadviseable, and will place this potential restriction on
_all_ password database systems, not just some which, for whatever
reason, do not support user rids.
it should be up to the individual password database writer to
convert from user rid to unix uid, should that module not support
rids.
lib/rpc/server/srv_util.c :
- got lookup_user_name() to call getsamdisprid() not getsmbpwuid().
a bug was introduced (or at least the bug already there was not
fixed) whereby the nt user rid was converted to a unix uid, and
then not used.
|
| |
|
|
|
|
|
|
| |
function table, selectable at compile time. This should make the
code that implements all the password functions much cleaner, as
it's now very clear exactly what a particular password database
needs to provide to Samba.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ldap.c: Stoped dummy_function being prototyped.
loadparm.c: Fixed slprintf sizes.
nisppass.c: Fixed safe_strcpy sizes.
nmbd_processlogon.c: Changed back to getsmb... from getsam...
nttrans.c: Just a dump of new code.
passdb.c: Moved stuff around a lot - stopped any lookups by rid. This
needs to be indirected through a function table (soon).
password.c: Changed back to getsmb... from getsam...
reply.c: Changed back to getsmb... from getsam...
slprintf.c: Fixed prototype problems.
smb.h: Fixed prototype problems.
smbpass.c: Changed to getsmbfile....
smbpasswd.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup.
lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam...
Jeremy.
|
| |
|
|
| |
using nis+ on your system, so you get 100 linker errors...
|
| |
|
|
| |
instead, for use by nisppass.c
|
| |
|
|
| |
code, use pdb_sam_to_smb(...sam21...) calls instead. this is a lot simpler.
|
| |
|
|
|
| |
back in (they had been taken out of includes.h because they are only
local to ldap.c.
|
| |
|
|
| |
passdb.c sam_passwd <-> smb_passwd conversion routines
|
| | |
|
| |
|
|
| |
functions
|
| |
|
|
|
| |
- split smbpass.c "password file lock" routines into smbpassfile.c: moved
trust account routines into smbpassfile.c as well
|
| |
|
|
| |
taken to mean ":x".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- added nisppass.c and NISPLUS_FLAGS
includes.h:
- renamed USE_LDAP to USE_LDAP_DB. renamed NISPLUS to USE_NISPLUS_DB.
added default define of USE_SMBPASS_DB.
- removed ldap headers: they are local only to ldap.c
ldap.c :
- made all ldap-specific functions static.
- added dummy sam21 functions
loadparm.c :
- renamed NISPLUS to NISPLUS_HOME
mkproto.awk
- commented out ldap-specific #ifdef generation code: it's not
needed now that ldap-specific functions in ldap.c are static
nisppass.c :
- first attempt at an add function from
|
| |
|
|
| |
of passdb.c api.
|
| |
|
|
| |
based on Benny Holmgren's samba patch (copyright acknowledged).
|
| |
|
|
|
|
|
|
|
|
| |
server.c: Moved generate_machine_sid() into passdb.c for Jean-Francois
(who might want an LDAP version). Changed locking to free exclusive
lock as soon as possible to prevent contention.
lib/rpc/parse/parse_samr.c
lib/rpc/server/srv_samr.c: Changed last SID-as-string manipulation
function to use DOM_SID structure.
Jeremy.
|
| |
|
|
|
|
| |
server.c: Added MACHINE.SID file generation - use lp_domain_sid() be default.
smbpass.c: Exposed do_file_lock() as I now use it in server.c
Jeremy.
|
| | |
|
| |
|
|
| |
- #ifdef around putting 16 byte hashes instead of plaintext password.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ldap.c :
- added getldap21pwent() function
passdb.c :
- getsam21pwent() no longer a stub: calls ldap21 or smb21
smbpass.c :
- added getsmb21pwent() function (he he :-)
lib/rpc/server/srv_samr.c :
- removed "specific" calls to ldap functions; replaced with
call to get_sampwd_entries instead (which is unfinished).
- rewrote get_user_info_21 function to call getsam21pwrid.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Makefile:
created PASSBD_OBJ group
includes.h:
added #ifdef USE_LDAP to #include <ldap> headers
ldap.c:
- renamed "_machine" to "_trust" everywhere.
- added sam_passwd support routines
- removed get_ldappwd_entry function: replaced with get_sampwd_entry
- removed getldappwnam/uid: replaced with getsampwnam/uid
- other messing about bits which are probably going to annoy the
hell out of jean-francois (sorry!)
mkproto.awk:
- added stuff to wrap ldap.c protos with #ifdef USE_LDAP
- added uid_t and gid_t return results to the prototype generation
passdb.c:
- created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry.
- modified getsampwnam/uid and created getsam21pwnam/rid functions
to replace the local get_smbpwd_entry() and get_ldappwd_entry()
functions, which jeremy didn't like anyway because they were
dual-purpose.
- added utility routines which are or may be useful to all the
password database routines.
password.c:
- renamed "machine_" to "trust_" everywhere.
smbpass.c:
- removed get_smbpwd_entry function: replaced it with get_sampwd_entry
functions in passdb.c
- moved code that decoded acct_ctrl into passdb.c
- moved encode_acct_ctrl into passdb.c
- removed getsmbpwnam/uid: replaced with getsampwnam/uid
- renamed "machine_" to "trust_" everywhere.
smbpasswd.c:
- renamed "machine_" to "trust_" everywhere.
util.c:
- moved gethexpwd function into passdb.c
lib/rpc/server/srv_util.c:
- moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c
|
| |
|
|
|
|
|
| |
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
|
| |
|
|
|
|
| |
and "if (bool==False)" code from ldap.c - a boolean test may not necessarily
return exactly True or exactly False: True may be defined to be -1: you never
know...
|
| |
|
|
|
| |
of information will be lost as these functions currently return
struct smb_passwd not SAM_USER_INFO_21 or any other type of structure...
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
problem....
smbpass.c: Removed Luke's dire warning - as some of the functions in here
*need* to be called externally :-).
Jeremy.
|
| |
|
|
|
|
|
|
|
| |
smbpasswd or ldap passwd, at compile-time (-DUSE_LDAP).
_none_ of the functions in ldap.c or smbpass.c should be called directly:
only those in passdb.c should be used.
-DUSE_LDAP is unlikely to compile at the moment.
|
| |
|
|
|
|
| |
password.c: Fixed machine_passwd_lock() problems.
lib/rpc/server/srv_ldap_helpers.c: Oops - broke proto.h with dummy function. Fixed now.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
server.c: Moved %U, %G and %N into standard_sub() from standard_sub_basic()
as only smbd knows about usernames. Also fixes problem with calling
standard_sub_basic() from loadparm.c.
smbpass.c: Partial tidyup of machine_password_lock() code - not finished yet.
util.c: Moved %U, %G and %N into standard_sub() from standard_sub_basic()
as only smbd knows about usernames. Also fixes problem with calling
standard_sub_basic() from loadparm.c.
lib/rpc/server/srv_ldap_helpers.c: Added #ifdef USE_LDAP around ldap code.
lib/rpc/server/srv_samr.c: Added #ifdef USE_LDAP around ldap code.
Jeremy.
|
| |
|
|
| |
he's going to hate me for checking this in so early, but...
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
ipc.c: Fix for duplicate printer names being long.
loadparm.c: Set bNetWkstaUserLogon to false by default - new code in password.c
protects us.
nmbd_logonnames.c:
nmbd_namequery.c:
nmbd_namerelease.c: Debug messages fix.
password.c: SGI compile warning fix, fix for tcon() with bNetWkstaUserLogon call.
reply.c: SGI compile warning fix.
server.c Debug messages fix.
smbpass.c: Fix for incorrect pointer.
Jeremy.
|
| |
|
|
|
|
|
|
| |
passwords to be stored over time, allowing a smbpasswd file migration.
Adds new parameter "update encrypted".
Will also add to 1.9.18 branch.
Docs update to follow.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
| |
loadparm.c: Patch from tim@quiknet.com for static string problems.
server.c: Setup global_myname.
smbpass.c: Fix up locking. Add machine_password_delete() call.
smbpasswd.c: Added provisional code to add to a domain.
lib/rpc/client/cli_login.c: Fixed incorrect cred_hash3 call when setting machine password.
lib/rpc/server/srv_netlog.c: Fixed incorrect cred_hash3 call when setting machine password.
Jeremy.
|
