summaryrefslogtreecommitdiffstats
path: root/source/smbd
Commit message (Collapse)AuthorAgeFilesLines
* Change which session key we negotiate. This uses the NT-based session key thatAndrew Bartlett2002-08-171-1/+1
| | | | | | | | we previously expected, rather than the LM based key. A Win2k SPNEGO enabled join goes a *lot* further with this option on. Andrew Bartlett
* Add const.Andrew Bartlett2002-08-171-1/+1
|
* Add 'const'.Andrew Bartlett2002-08-171-1/+1
|
* Becouse of changes to the meaning of this feild over time, this doesn'tAndrew Bartlett2002-08-171-5/+0
| | | | | | | | | actually work. Also, the idea of 'loopback winbind' isn't that bad an idea anyway (potential PDC/BDC applications). Given all that, remove it... Andrew Bartlett
* Re-add the last empty item to the NTLMSSP info list, but this time do itJim McDonough2002-08-161-3/+4
| | | | | | with an empty string, not a NULL pointer... Also, check for security=ads before giving a kerberos spnego response.
* Add some const to the 'in' paramaters for these functions.Andrew Bartlett2002-08-161-2/+2
| | | | Andrew Bartlett
* Fix segfault in the new NTLMSSP code. jmcd: can you look at this - whatAndrew Bartlett2002-08-161-3/+2
| | | | | | exactly were you trying to do here? Andrew Bartlett
* Merge of netbios namecache code from APPLIANCE_HEAD.Tim Potter2002-08-161-0/+2
| | | | | | | Tridge suggested a generic caching mechanism for Samba to avoid the proliferation of little cache files hanging around limpet like in the locks directory. Someone should probably implement this at some stage.
* Fix NTLMSSP challenge command and auth response. We can now service joinsJim McDonough2002-08-151-31/+37
| | | | | from win2k AND still use SPNEGO (provided you don't build with kerberos...I still have to fix that, as we are not properly falling back).
* Bugfix for problem pointed out by Sean Trace <Sean.Trace@aveva.com>. We can'tJeremy Allison2002-08-121-10/+13
| | | | | | check for POSIX errors in the blocking lock code as we may have never made a POSIX call (could have denied lock before POSIX checked). Jeremy.
* Add RESOLVE_DFSPATH to mkdir operations in HEAD.Shirish Kalele2002-08-121-0/+2
|
* Make 'remote_machine' private to lib/substitute.c, and fix all the user to useAndrew Bartlett2002-08-118-18/+9
| | | | | | the new accessor functions. Andrew Bartlett
* Fix the %m security bug again - and try to make it harder to reintroduce inAndrew Bartlett2002-08-103-20/+13
| | | | | | | | | | | future. This moves us from fstrcpy() and global variables to 'get' and 'set' functions. In particular, the 'set' function sainity-checks the input, in the same way as we always have. Andrew Bartlett
* This fixes a number of ADS problems, particularly with netbioslessAndrew Tridgell2002-08-053-5/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | setups. - split up the ads structure into logical pieces. This makes it much easier to keep things like the authentication realm and the server realm separate (they can be different). - allow ads callers to specify that no sasl bind should be performed (used by "net ads info" for example) - fix an error with handing ADS_ERROR_SYSTEM() when errno is 0 - completely rewrote the code for finding the LDAP server. Now try DNS methods first, and try all DNS servers returned from the SRV DNS query, sorted by closeness to our interfaces (using the same sort code as we use in replies from WINS servers). This allows us to cope with ADS DCs that are down, and ensures we don't pick one that is on the other side of the country unless absolutely necessary. - recognise dnsRecords as binary when displaying them - cope with the realm not being configured in smb.conf (work it out from the LDAP server) - look at the trustDirection when looking up trusted domains and don't include trusts that trust our domains but we don't trust theirs. - use LDAP to query the alternate (netbios) name for a realm, and make sure that both and long and short forms of the name are accepted by winbindd. Use the short form by default for listing users/groups. - rescan the list of trusted domains every 5 minutes in case new trust relationships are added while winbindd is running - include transient trust relationships (ie. C trusts B, B trusts A, so C trusts A) in winbindd. - don't do a gratuituous node status lookup when finding an ADS DC (we don't need it and it could fail) - remove unused sid_to_distinguished_name function - make sure we find the allternate name of our primary domain when operating with a netbiosless ADS DC (using LDAP to do the lookup) - fixed the rpc trusted domain enumeration to support up to approx 2000 trusted domains (the old limit was 3) - use the IP for the remote_machine (%m) macro when the client doesn't supply us with a name via a netbios session request (eg. port 445) - if the client uses SPNEGO then use the machine name from the SPNEGO auth packet for remote_machine (%m) macro - add new 'net ads workgroup' command to find the netbios workgroup name for a realm
* Merge of print notify fixes from APPLIANCE_HEAD.Tim Potter2002-08-021-0/+5
|
* Fixed compiler warning.Tim Potter2002-08-011-1/+1
|
* make sure we null terminate plaintext passwordsAndrew Tridgell2002-08-011-1/+1
|
* Rework parinioa to ensure we never get passwords longer than MAX_PASS_LEN, norAndrew Bartlett2002-07-311-18/+11
| | | | | | | | longer than the buffer they claim to be in. Many thanks to tridge for explaining the macros. Andrew Bartlett
* fixed the length checking for plaintext passwords (thanks to andrewbAndrew Tridgell2002-07-311-2/+11
| | | | for spotting this)
* fix debug, at idra's suggestion.Andrew Bartlett2002-07-311-1/+1
| | | | Andrew Bartlett
* added support for smbd listening on port 445 and 139. It now listensAndrew Tridgell2002-07-311-45/+80
| | | | | | | on both by default, and you can specify a list of ports to listen on either with "smb ports = " in smb.conf or using the -p option to smbd. this is needed for proper netbiosless operation.
* this fixes plaintext passwords with win2000Andrew Tridgell2002-07-302-5/+8
| | | | | | | | | | there were 2 bugs: 1) we were sending a null challenge when we should have sent an empty challenge 2) the password can be in unicode if unicode is negotiated. This means our client code was wrong too :(
* always include the (void) for void fns ...Andrew Tridgell2002-07-301-1/+1
|
* OK!Simo Sorce2002-07-302-40/+130
| | | | | | | | Finally the cascaded VFS patch is in. Testing is very welcome, specially with layered multiple vfs modules. A big thank to Alexander Bokovoy for his work and patience :) Simo.
* Update a pile of Samba's SID lookup code to ensure:Andrew Bartlett2002-07-301-35/+39
| | | | | | | | | | | | | | | - That we never call winbind recursivly - That we never use an 'algorithmic' RID when we have a fixed uid or gid mapping in either the passdb or the group mapping db. Also, remove restrictions that say 'this domain only'. If we have a mapping configured, allow it to be returned. If we later decide certian mappings are invalid, then we sould put that in the code that actually does the map. Allow 'sid->name' transtations on the fixed 'well known' groups for NT, even if they are not represented by Unix groups yet. Andrew Bartlett
* introduced a get_file_size() macro in trans2.c to make it easier toAndrew Tridgell2002-07-291-19/+21
| | | | experiment with file size returns
* an initial fix for handling sparse files in smbdAndrew Tridgell2002-07-293-72/+111
| | | | | | | | This gets my test code working, where we previously failed with files above 20G in size. I'm still not completely happy with this. There are just too many fields in trans2.c that we don't fill in.
* as suggested by Alexander Oswald <oswald@is.haw-hamburg.de>Simo Sorce2002-07-291-4/+4
| | | | | | hide only unwriteable files and not dirs with this one. may be a hide unwriteable dirs param will follow.
* found nasty bug in intl/lang_tdb.c tdb structure was not tested to not be ↵Simo Sorce2002-07-281-1/+1
| | | | | | | | | | | | null before close this one fixes swat not working with browsers that set more then one language. along the way implemented language priority in web/neg_lang.c with bubble sort also changet str_list_make to be able to use a different separator string Simo.
* minor portability fixAndrew Tridgell2002-07-281-0/+2
| | | | samba-patches 820
* Fix a missing 'no memory' return in last night's svrsvc code, and useAndrew Bartlett2002-07-281-3/+3
| | | | | | sys_dup2() in a couple more places. Andrew Bartlett
* Another item off my long-term todo list:Andrew Bartlett2002-07-281-23/+47
| | | | | | | | | Remove the n^2 search for valid 'tty' names from the sesion code when we don't actually need it. Its main value is in getting 'well behaved' numbers for use with utmp, so when we are not doing utmp we don't need this to get in the way. Andrew Bartlett
* This should fix a nastly little bug where if a user had already done oneAndrew Bartlett2002-07-272-9/+14
| | | | | | | | | | | | session setup, it would not correctly pick up the [homes] share on a subsequent session setup. The new rules are: If you want to connect to [homes], then it must have been available at session setup time, or you must be in security=share. At each session setup, the user's copy of [homes] is updated to ensure it has the right path etc. Andrew Bartlett
* nice day todaySimo Sorce2002-07-271-0/+69
| | | | add also hide unwriteable as per user request
* Mimir has been busy with patches again, and sent in the followingAndrew Bartlett2002-07-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | patches: Andrew Bartlett From his e-mail: Below I attach the following patches as a result of my work on trusted domains support: 1) srv_samr_nt.c.diff This fixes a bug which caused to return null string as the first entry of enumerated accounts list (no matter what entry, it was always null string and rid) and possibly spoiled further names, depeding on their length. I found that while testing my 'net rpc trustdom list' against nt servers and samba server. 2) libsmb.diff Now, fallback to anonymous connection works correctly. 3) smbpasswd.c.diff Just a little fix which actually allows one to create a trusting domain account using smbpasswd 4) typos.diff As the name suggests, it's just a few typos fix :)
* If lp_add_home() fails, don't go any further, just return -1.Andrew Bartlett2002-07-241-1/+3
| | | | Andrew Bartlett
* We must be root to access the passdb, so ensure all calls to local_lookup_sid()Andrew Bartlett2002-07-241-1/+5
| | | | | | | | have become_root()/unbecome_root() wrappers. (this should be the last of them, the rest were done ages ago). Andrew Bartlett
* Give an idea what service didn't have the directory.Andrew Bartlett2002-07-241-1/+1
|
* Add some const & static, remove unused functions.Andrew Bartlett2002-07-212-24/+1
|
* Make it clear that the 'service' isn't to be touched. (Make it const).Andrew Bartlett2002-07-201-1/+1
| | | | Andrew Bartlett
* Update the smbd reply code a little:Andrew Bartlett2002-07-202-5/+25
| | | | | | | | | | | | I don't like the idea of muliple netprots - becouse I see potential problems with people being able to maniplate internal samba variables. This applies in particular to remote names, so don't allow muliple session requests either. Also remove a pstrcpy() from the tcon code, we really don't need it. Andrew Bartlett
* Move some startup time initialisation to server.c, so it is all in one place.Andrew Bartlett2002-07-202-11/+11
| | | | | | | | I'm not sure that we need that "dummy" talloc init, but anyway... Also, add some 'const' to the table of smb reply functions. Andrew Bartlett
* Add support for duplicating stderr into our logfiles.Andrew Bartlett2002-07-201-8/+8
| | | | | | | | | | | This is for two things: To allow panic actions etc to pump out backtraces to stderr and to allow vangrind to put its stuff in a logfile - making it possible to debug smbd when launched from inetd. I've also cleaned up some of the duplicate names in procedures between smbd and nmbd. Andrew Bartlett
* Allow trans2 and nttrans messages to be processed in oplock break state.Jeremy Allison2002-07-192-5/+7
| | | | | | | As noticed by Lev Iserovich <lev@ciprico.com> this seems to fix a problem with oplock breaks and Win2k, and we are protected from problems by existing code in trans2.c and nttrans.c Jeremy.
* Formatting fixup. Fix shadow warning.Jeremy Allison2002-07-191-452/+455
| | | | Jeremy.
* Don't crash on setfileinfo on printer fsp.Jeremy Allison2002-07-181-1/+2
| | | | Jeremy.
* Unneded extra check on lenSimo Sorce2002-07-181-1/+1
|
* We have to look at the length before checking for "~" as the stringJeremy Allison2002-07-181-3/+3
| | | | | may be shorter than 6 chars. Caught by valgrind. Jeremy.
* Use of uninitialized variable caught by valgrind.Jeremy Allison2002-07-181-1/+1
| | | | Jeremy.
* Gone back to explicit queue number passing as snum - removed encoding ofJeremy Allison2002-07-175-20/+29
| | | | | | queueid in job number. This means we must have an internal tdb to store mapping from 16 bit RAP jobid's to 32 bit RPC jobids. Jeremy.
generated by cgit (git 2.34.1) at 2025-09-25 22:25:24 +0000