| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
other people this before then forgot myself :)
|
| | |
|
| |
|
|
|
|
|
|
| |
* Added SEC_CHAN_BDC
* Added -b switch to smbpasswd (for a BDC (server) trust account).
* Propagate sec_chan into the various functions which change trust account
passwords, so they can be used for domain control and inter-domain
trusts.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
capabilities to Samba so that Samba could talk to the SGI PCP
(Performance Co-Pilot) apps.
This change adds a profiling shared memory area and uses it to count
two fairly trivial things, the number of uid switches and the number
of SMB packets processes. To add more just edit include/profile.h and
then increment it at the right place.
I've also added a -P switch to smbstatus to dump the profile area.
|
| |
|
|
|
|
| |
root if the ACB_PWLOCK bit is set (on a per-user basis). he also added
an extra smbpasswd option so that this bit can be modified from
command-line.
|
| |
|
|
| |
using smbpasswd command.
|
| |
|
|
| |
don't wait for responses :-)
|
| | |
|
| |
|
|
|
|
| |
Added missing default: statements to two switch blocks.
Chris -)-----
|
| | |
|
| |
|
|
| |
multiple interfaces. (Jeremy already committed this in SAMBA_2_0).
|
| |
|
|
|
|
|
| |
command-line parameters. I've added that capability. Of course, the man
page is now wrong. Sigh.
Chris -)-----
|
| |
|
|
|
|
|
|
|
| |
I've added debug2html to Makefile.in so that it compiles as part of the
normal build. Fixed a typo in debug2html.c as well.
One problem: I found it necessary to link with both $(PARAM_OBJ) and
$(LIB_OBJ). The result is an executable that is much larger
than it really needs to be.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
better "fit" with other Samba code. This is a small first step toward
doing what (I think) we agreed to do.
I've moved the key function from ubiqx/debugparse.c into lib/debug.c. I
have also moved the enum from ubiqx/debugparse.h into the debug section in
smb.h.
The next thing to do is to get debug2html added into the Makefile.in so
that it is always produced when compiling the suite.
Chris -)-----
|
| |
|
|
|
|
| |
LsaLookupSids etc from within SamrQueryAliasMembers, for example.
fnum is now a parameter to client functions. thanks to mike black
for starting the ball rolling.
|
| |
|
|
|
|
|
|
|
|
| |
samr_query_aliasmembers (cool!)
util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c :
pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID
if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5)
to obtain member and pdc sids.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
|
| | |
|
| |
|
|
|
| |
also allow specifying [host hostip] without [configfile]
updated man page
|
| |
|
|
|
|
| |
groupdb/groupdb.c: Fixed compile error caught by IRIX compiler.
utils/smbpasswd.c: Fixed SunOS optind, optarg problem.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
| |
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.
This code still needs surgery :-(.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
|
| |
|
|
| |
Jeremy.
|
| | |
|
| | |
|
| |
|
|
| |
Now passes strings instead.
|
| |
|
|
|
|
| |
doesn't require a new password entry. Sets the 'enable/disable' code
back to being symmetrical.
Jeremy.
|
| |
|
|
| |
instead of opening pipes and other horrible stuff.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
should allow us to call a function in swat rather than piping to
smbpasswd.
while doing this I also fixed quite a few "const char *" versus "char *" issues
that cropped up while using const to track down bugs in the code. This
led to changes in several generic functions.
The smbpasswd changes should be correct but they have not been
extensively tested. At least if I have introduced bugs then we should
be able to fix them more easily than before.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
include/smb.h:
param/loadparm.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
printing/printing.c: Added J.F.'s latest fix.
rpc_parse/parse_misc.c:
parse_reg.c:
rpcclient/cmd_reg.c:
rpcclient/display.c: SGI compiler signed/unsigned issues.
smbd/reply.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-).
utils/testparm.c: Added extra test.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I did this when I saw yet another bug report complaining about
smbclient intermittently missing files. Rather than applying more
patches to smbclient it was better to move to the more robust
clientgen.c code.
The conversion wasn't perfect, I probably lost some features of
smbclient while doing it, but at least smbclient should be consistent
now. It if fails it should _always_ fail rather than giving people the
false impression of a reliable utility.
the tar stuff seems to work, but hasn't had much testing as I never
use it myself. I'm sure someone will find bugs in my conversion of
smbtar.c. It was quite tricky as it did a lot of its own SMB calls. It
now uses clientgen.c exclusively.
smbclient is still quite messy, but at least it doesn't build its own
SMB packets.
I haven't touched smbmount as I never use it. Mike, do you want to
convert smbmount to use clientgen.c?
|
| |
|
|
|
|
|
|
|
| |
param/loadparm.c: Removed "networkstation user login", "domain controller", and "domain sid" parameters.
passdb/passdb.c: Removed "networkstation user login" code and changed bug test code
to only check once for a bad password server. This will stop the
complaints of many "bad login" audit records in NT PDC logs.
utils/smbpasswd.c: Removed check for "domain controller".
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
| |
libsmb/namequery.c: Fix to remove 2 second wait is we are doing a unicast
and got a reply.
smbd/dfree.c:
smbd/noquotas.c:
smbd/quotas.c: Fixes from Dejan Ilic <svedja@lysator.liu.se> for the quota
code.
utils/smbpasswd.c: Fixes to allow smbpasswd to be called from swat.
Jeremy.
|
| | |
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
smbd/quotas.c:
Added quotas patch for autoconf from Dejan Ilic <svedja@lysator.liu.se>.
printing/printing.c: Filenames with spaces patch from Allan Bjorklund <allan@umich.edu>
utils/nmblookup.c: Fix usage() function.
smbd/reply.c: Split out the security=server and security=domain checks into
check_server_security() and check_domain_security() to aid the
writing of the 'hack' appliance mode invented by John Schimmel.
Jeremy.
|
| |
|
|
|
|
|
| |
password change server as anonymous - you don't need to have
logged on as the user to do the password change. Doh ! (Why
didn't *I* think of that one.... :-).
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
| |
know that 'make proto' will ignore them there. The debugparse.h header
file is included in includes.h, and includes.h is included in debugparse.c,
so all of the pieces "see" each other. I've compiled and tested this,
and it does seem to work. It's the same compromise model I used when
adding the ubiqx modules into the system, which is why I put it all into
the same directory.
Chris -)-----
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
current status is "it works". I need to add some syntax error recovery
and a usage message. Basic stuff.
I've also modified Makefile.in. If you want to compile it you'll have to
do a 'make debug2html', as I used smbtorture as a model. We can decide
later if this tool is useful enough to be compiled always.
BTW, a 'make realclean' fails because the bin directory isn't empty.
That's because it doesn't delete optionally compiled files such as
smbtorture and debug2html (and because of the CVS subdirectory, but I
think that's only a problem for developers).
Chris -)-----
|
| |
|
|
|
|
|
|
|
|
|
| |
* Debug message filtering.
* I need to add all this to Makefile.in
(If it looks at all strange I'll ask for help.)
If you want to compile debug2html, you'll need to do it by hand until I
make the changes to Makefile.in. Sorry.
Chris -)-----
|
| |
|
|
|
|
| |
changes uses the unique index number from a SMB_QUERY_FILE_ALL_INFO to
try to provide inode numbers. If it is 0 then use the hash of the
filename as before.
|
| | |
|
| |
|
|
|
| |
hey, you can see how many connections succeed while the rpctorture
command is running!
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
