summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
* first pass at the database code for Samba. This also includes a testAndrew Tridgell1999-12-218-1/+1541
| | | | | | | | | | | suite and a very simple tool for manuipulating the databases. the main code is in tdb/tdb.c and includes both mmap and file based IO. All databases auto-expand and allow multiple simultaneous writers. the next step is using this new capability in lots of places in Samba where we have existing ad-hoc databases (This used to be commit c89d29cc5e3b6d568928acace01144059f1668b3)
* Fix based on code from monyo@home.monyo.com to fix multibyte continuationJeremy Allison1999-12-211-17/+31
| | | | | | issues. Jeremy. (This used to be commit 023f90e7664d358ddf73272597e75041f5413e9f)
* Fix from tulipant-gergely@dbrt.hu for returning incorrect error codeJeremy Allison1999-12-211-1/+1
| | | | | | on user auth fail. Jeremy. (This used to be commit 886ad59d798175f037ea9249dcefa78660e4992a)
* *Finally*. Correct patch to fix timestamp problems from Paul Eggert ↵Jeremy Allison1999-12-201-3/+14
| | | | | | | | <eggert@twinsun.com>. I wish I had written this one :-). Jeremy. (This used to be commit 8f93c08881c22d121c7337d11de070e2b8f7ba33)
* added basic nsswitch support - this allows you to use a "wins" entryAndrew Tridgell1999-12-172-0/+142
| | | | | | | | | | | in a /etc/nsswitch.conf hosts line. Only tested on RH6.1, but should work on a broad range of Linux distributions. It could probably be made to work with Solaris pretty easily. It does not build by default. Build it with "make nsswitch" (This used to be commit 4058eb5bffeec539f71786580376419ea5749351)
* more files from 2.0.6Andrew Tridgell1999-12-172-0/+1632
| | | | (This used to be commit 4a205795710010c58ae14bcb950912727c4de466)
* update version to pre-3.0.0Andrew Tridgell1999-12-171-1/+1
| | | | (This used to be commit c3a30ce459d1e535b4aa9a39311e000a4474dbb8)
* client/smbspool.c from 2.0.6Andrew Tridgell1999-12-171-0/+366
| | | | (This used to be commit 599a7e7f9e73fb7c0da960b46f16990991e9424e)
* lib/fnmatch.c from 2.0.6Andrew Tridgell1999-12-171-0/+200
| | | | (This used to be commit dadad3ed675c8ec141abef7836f64de9da13b14d)
* printing/print_cups.c from 2.0.6Andrew Tridgell1999-12-171-0/+206
| | | | (This used to be commit 452776a5a7951c84437e424874ff110fc56296db)
* interfaces.h from 2.0.6Andrew Tridgell1999-12-171-0/+10
| | | | (This used to be commit a3d7ec0c9d06f18e656da354e2fec57aaf395fc5)
* interfaces.c from 2.0.6Andrew Tridgell1999-12-171-0/+401
| | | | (This used to be commit 4e1458b8c161f87339eba251c2179946d3b0405a)
* util_sec.c from 2.0.6Andrew Tridgell1999-12-171-0/+326
| | | | (This used to be commit 955d187139365d16f3fca1abd3853ca4e49f244c)
* Unicode conversion fix in Japanese environment from Motonobu TAKAHASHI.Jeremy Allison1999-12-132-2/+1319
| | | | | Jeremy. (This used to be commit decc6ebca29abd78754c275352de58b0de2e2aa5)
* 2nd phase of head branch sync with SAMBA_2_0 - this delets all the files ↵Andrew Tridgell1999-12-13104-41410/+0
| | | | | | that were in the head branch but weren't in SAMBA_2_0 (This used to be commit d7b208786590b5a28618590172b8d523627dda09)
* first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1999-12-13221-45540/+37593
| | | | (This used to be commit 453a822a76780063dff23526c35408866d0c0154)
* changed function name of get_home_dir() to get_unixhome_dir(), to stopLuke Leighton1999-12-129-12/+34
| | | | | | | | clash with gnu readline library. fixed issue with [homes] service not being there - call lp_add_home() just before starting the msrpc processing. (This used to be commit 054195df9b6187c663ede5cf4489499abbdc29fc)
* final part of "first" phase converting over to msrpc daemon architecture.Luke Leighton1999-12-1231-1170/+2024
| | | | | | | | | | | | | done a minimal amout of clean-up in the Makefile, removing unnecessary modules from the link stage. this is not complete, yet, and will involve some changes, for example to smbd, to remove dependencies on the password database API that shouldn't be there. for example, smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa API. this first implementation has minor problems with not reinstantiating the same services as the caller. the "homes" service is a good example. (This used to be commit caa50525220b0d0250fa139367593c2de2c12135)
* delineation between smb and msrpc more marked. smbd now constructsLuke Leighton1999-12-1242-869/+1308
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pdus, and then feeds them over either a "local" function call or a "remote" function call to an msrpc service. the "remote" msrpc daemon, on the other side of a unix socket, then calls the same "local" function that smbd would, if the msrpc service were being run from inside smbd. this allows a transition from local msrpc services (inside the same smbd process) to remote (over a unix socket). removed reference to pipes_struct in msrpc services. all msrpc processing functions take rpcsrv_struct which is a structure containing state info for the msrpc functions to decode and create pdus. created become_vuser() which does everything not related to connection_struct that become_user() does. removed, as best i could, connection_struct dependencies from the nt spoolss printing code. todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific info on a per-connection basis, and if the connection dies then so does the info, and that's a fairly serious problem. had to put pretty much everything that is in user_struct into parse_creds.c to feed unix user info over to the msrpc daemons. why? because it's expensive to do unix password/group database lookups, and it's definitely expensive to do nt user profile lookups, not to mention pretty difficult and if you did either of these it would introduce a complication / unnecessary interdependency. so, send uid/gid/num_groups/gid_t* + SID+num_rids+domain_group_rids* + unix username + nt username + nt domain + user session key etc. this is the MINIMUM info identified so far that's actually implemented. missing bits include the called and calling netbios names etc. (basically, anything that can be loaded into standard_sub() and standard_sub_basic()...) (This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
* OK. This code works on a RedHat 6.0 system. However smbpasswdGerald Carter1999-12-094-5/+16
| | | | | | | | | | | | | | | | | | time out of sending the session setup on Solaris 2.6. No idea. I'll work on it some tomorrow. This is to fix the "Unable to setup password vectors" thingy. Also changed an inet_aton() to inet_addr() as the former is not very portable :-) Luke, I set the redir flag to false because the connection to the smb-agent was failing and smbpasswd bombed. Double check me on this one. -jc (This used to be commit e1d2b174caf5f0c48a8fac25778f72a868ec6eb7)
* jerry spotted that get_domain_sids() was being called with the wrongLuke Leighton1999-12-084-17/+6
| | | | | | arguments: get_any_dc_name() was being called with a server name not a domain name. oops. (This used to be commit 631814302d6992138cfe024ba7bd456cc7e0d3bf)
* moved sys/un.h to after sys/socket.h. done a gnu autoconf around sys/un.hLuke Leighton1999-12-084-662/+578
| | | | (This used to be commit b2ea37a8f1a28a825719b46354a1244b359aca2c)
* parsing code for transferring unix and nt security credentials over-the-wire.Luke Leighton1999-12-082-0/+582
| | | | | | | | | | at present, a unix password is missing from the unix credentials, but is not _actually_ expected to be needed. weeelll... maybe :-) this is used to transfer credentials between smbd and msrpc daemons, down a unix socket, so that the unix and nt credentials can be inherited by an msrpc daemon called up from smbd. (This used to be commit 5e68403bbb6f18e754679d967fee9e259d24211c)
* ABOUT TIME!!!!!!!!Luke Leighton1999-12-0822-348/+423
| | | | | | | | | | | | | | | | damn, this one is bad. started, at least two days ago, to add an authentication mechanism to the smbd<->msrpc redirector/relay, such that sufficient unix / nt information could be transferred across the unix socket to do a become_user() on the other side of the socket. it is necessary that the msrpc daemon inherit the same unix and nt credentials as the smbd process from which it was spawned, until such time as the msrpc daemon receives an authentication request of its own, whereupon the msrpc daemon is responsible for authenticating the new credentials and doing yet another become_user() etc sequence. (This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489)
* the first independent msrpc daemon - lsarpcd.Luke Leighton1999-12-0618-550/+1904
| | | | | | | | | | | | | | | | one horrible cut / paste job from smbd, plus a code split of shared components between the two. the job is not _yet_ complete, as i need to be able to do a become_user() call for security reasons. i picked lsarpcd first because you don't _need_ security on it (microsoft botched so badly on this one, it's not real. at least they fixed this in nt5 with restrictanonymous=0x2). fixing this involves sending the current smb and unix credentials down the unix pipe so that the daemon it eventually goes to can pick them up at the other end. i can't believe this all worked!!! (This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)
* reenabled retry_time (commented out accidentally in name_status)Luke Leighton1999-12-051-1/+1
| | | | (This used to be commit bf9422832c335c8d283273eb1d0008ac15cd3531)
* first version of msrpc agent redirector code. client-side only.Luke Leighton1999-12-058-6/+953
| | | | (This used to be commit 5e5a1dceee0b6088822697284d3e0af04d197477)
* created create_pipe_socket() function.Luke Leighton1999-12-055-102/+77
| | | | (This used to be commit a3af3b4312144943413894b18b5845b56474ebb5)
* argh! how horrible! spent ages working out why packets weren't beingLuke Leighton1999-12-043-27/+50
| | | | | | | | | | | | | | | | | | | | | | | | | received properly when a UDP "retry" occurs. it's because reads and writes must be interleaved / matched. scenario: nmblookup connects to agent, sends request. agent receives request, broadcasts it on 137. agent RECEIVES 137 broadcast, sends it to nmblookup agent receives RESPONSE to 137 broadcast, sends it to nmblookup. if reads are not equally interspersed with writes, then second send will fail. if you think this is odd behaviour and that the agent should be filtering its own UDP traffic, think again. agent will be, potentially, redirecting nmbd traffic (including WINS server) not just client programs. (This used to be commit 43e158c4261e51678d6e7f77ceb4a1c7281a2525)
* argh. trying to get the nmb agent code to filter out "self" packets.Luke Leighton1999-12-041-9/+3
| | | | (This used to be commit 84d7cc63239ea67481f6382da58d0678a21011fb)
* even more cool! nmb-agent moved over to new vagent style, too!Luke Leighton1999-12-041-229/+46
| | | | (This used to be commit 49c157eae4bb24164f0f976d1bf6cf0cfc068863)
* cool! created higher-order function table for agent redirection.Luke Leighton1999-12-046-216/+340
| | | | (This used to be commit 7bb2e55d0d3a00a97bba99ebed722a4adf84093c)
* more similar agent codeLuke Leighton1999-12-042-47/+43
| | | | (This used to be commit 2c778313b8c2b4535f16e11aea81a61edb3b2d45)
* nmb agent memory free problemsLuke Leighton1999-12-041-7/+6
| | | | (This used to be commit b4306cbf06f70dd9d2760bb005e15059d6f904f0)
* trying to make redirector agent code same base.Luke Leighton1999-12-042-62/+78
| | | | (This used to be commit 9ba9df453abab1085b5537580b1da87d1dcdb7de)
* jeremy is going to hate me for this.Luke Leighton1999-12-0411-51/+785
| | | | | | | | | | | | created an "nmb-agent" utility that, yes: it connects to the 137 socket and accepts unix socket connections which it redirects onto port 137. it uses the name_trn_id field to filter requests to the correct location. name_query() and name_status() are the first victims to use this feature (by specifying a file descriptor of -1). (This used to be commit d923bc8da2cf996408194d98381409191dd81a16)
* argh! you wouldn't believe what i had to do: use the mid (multiplex id)Luke Leighton1999-12-043-15/+99
| | | | | | | to redirect multiple socket-based connnections onto a single client state. argh! (This used to be commit 06390e792cd8aa57a91c3a3d1d267fd1bcdc17a1)
* argh! smb-agent redirection client reusage is a nightmare!Luke Leighton1999-12-034-149/+251
| | | | | | | moved smb-agent over to a single-process model instead of fork() in order to reuse client connections. except, of course, you can't do a select() on the same socket connections! argh! (This used to be commit e9e5a34de8e8f9a69e817aceb8c16284334d4642)
* starting "connection reuse" system in smb-agent. added version numberLuke Leighton1999-12-036-76/+164
| | | | | which isn't actually used right now :-) (This used to be commit d54a64ae3ab7cdc1ac67fb49f7255e6a106d624e)
* i always get caught out with non-gnu-readline code mods :-)Luke Leighton1999-12-031-1/+1
| | | | (This used to be commit a47cc6447036d0a8b8e3e096d7b51a37d10d3325)
* smb-agent improvements. added -D (daemon) option. smb agent isLuke Leighton1999-12-032-18/+76
| | | | | | restricted to connections from the current user (socket is created with current user uid). (This used to be commit 5af076e4b7ee13eebe0b89748e3f5a1ef21f8c73)
* cool! a unix socket smb redirector. code based on smbfilter andLuke Leighton1999-12-039-6/+487
| | | | | | | | | ideas from ssh-agent. the intent is to be able to share smb sessions using cli_net_use_add() across multiple processes, where one process knows the target server name, user name and domain, but not the smb password. (This used to be commit 294b653f2e9cdc1864ec638ae8b4300df25723cf)
* promptline undefined (pline)Luke Leighton1999-12-031-1/+1
| | | | (This used to be commit f33e4ca930f8299c00f861215c5231eef9ecef94)
* new get_any_dc_name() function allows lookups of trusted domains fromLuke Leighton1999-12-022-15/+19
| | | | | | | | | | | | | | | | lp_trusted_domains() parameter, so trusted domain logins should work, right, if you put user = TRUSTED_DOMAIN\NTuser in "domain name map", right? right - as _long_ as you're not using NTLMv2, because the damn NT username gets mapped to the damn unix name too early, and NTLMv2 challenge-responses are based on the client's user name, client's domain name, client's host name etc damn etc. so it becomes necessary to stop using char* username because this allows for massive amounts of confusion as to which username is being referred to. the underlying unix username on the local unix system that is associated with the smbd process that represents the NT username? or the NT username itself? (This used to be commit dd3ccdd7d996c107766cdad3c403e8b8947b9e65)
* domain_client_validate() no longer takes serverlist, it callsLuke Leighton1999-12-023-14/+12
| | | | | get_any_dc_name(). (This used to be commit e21367c0ebdc5e202cdc39d50950bff089bf67f8)
* cleaning up: removing those horrible references to server listLuke Leighton1999-12-028-148/+23
| | | | | | functions (cli_net_use_addlist()). needed originally because there was no get_dc_any_name() function. (This used to be commit 3a2b920ea2e6704b2574f404e1e41c7cfc0f96b2)
* added get_any_dc_name() function.Luke Leighton1999-12-024-33/+147
| | | | (This used to be commit 455e17dbb7d451b462004f302f5c68770f17b65e)
* need a domain resolving function, but get_trusted_serverlist() will do.Luke Leighton1999-12-023-30/+41
| | | | | this is horrible. (This used to be commit 9df973fe711f322075d86d6792d6c0b8539c1d00)
* oops, pwdb_initialise() called unnecessarily from here (failure to readLuke Leighton1999-12-021-2/+0
| | | | | trusted domains may cause rpcclient to fail). (This used to be commit 12e2b973216c0798a939f68220b0e6a60acd5c01)
* default SID map now reads in "trusted domains" from smb.conf.Luke Leighton1999-12-027-27/+147
| | | | (This used to be commit f0946d1ccafeb5f541935b41f2d54bcbc06797ed)
generated by cgit (git 2.34.1) at 2024-09-30 13:36:45 +0000