| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
| |
pull_ucs2_base_talloc()."
This reverts commit 01fd94981e322da59ac2c00055220c89de135ebe.
|
|
|
|
| |
This reverts commit feb057d4503118e519b5dbd9d2c3ca2c1ee55380.
|
|
|
|
| |
This reverts commit afed4929f9c707fb72b0e8dd12b1a1e8dcab9a84.
|
|
|
|
| |
This reverts commit f8d4596ec2b8f35dd3cc05aa7ee356abb9c0920b.
|
|
|
|
| |
This reverts commit ddba89d7713923bfbf1c8492c5dc6c6d5b220f1e.
|
|
|
|
| |
This reverts commit 042e50f8709cfbe45d5b184cb3c4fe1b16bdc3b0.
|
|
|
|
| |
This reverts commit 369fecaeb2470a1f7e68417ccdddb61334e37d92.
|
|
|
|
|
|
| |
by "Cooper S. Blake" <the_analogkid@yahoo.com>."
This reverts commit 61046225de8a4cd77e94d8c5c4a8f510bc11b79e.
|
|
|
|
|
|
| |
on success."
This reverts commit ae01a98d49be39c258e479d610fa2e58ea2b6c62.
|
|
|
|
| |
This reverts commit b339f17132b18edad52b4c2f6b348e4b8d789bcb.
|
|
|
|
| |
This reverts commit 96b35c32ae99d74608ad95d063629554fee77979.
|
|
|
|
|
| |
Guenther
(cherry picked from commit 25cb282f7042e8192c0bc6d720df0646b74e9a47)
|
|
|
|
|
|
| |
checks for all SAMR calls.
Jeremy.
(cherry picked from commit b848f96d747fb41c074dd073f24f186539257d71)
|
|
|
|
|
|
| |
Guenther
(cherry picked from commit 8a0054c6d273049bea235803db25912f6cf03610)
(cherry picked from commit 40a904ee021e4c9390235f1d476bc37b87ac9b70)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"Cooper S. Blake" <the_analogkid@yahoo.com>.
"I believe I have found two bugs in the 3.2 code and one bug that
carried on to the 3.3 branch. In the 3.2 code, everything is
located in the utils/net_rpc_samsync.c file. What I believe is the
first problem is that fetch_database() is calling
samsync_fix_delta_array() with rid_crypt set to true, which means
the password hashes are unencrypted from the RID encryption.
However, I believe this call is redundant, and the corresponding
call for samdump has rid_crypt set to false. So I think the
rid_crypt param should be false in fetch_database().
If you follow the code, it makes its way to sam_account_from_delta()
where the password hashes are decrypted a second time by calling
sam_pwd_hash(). I believe this is what is scrambling my passwords.
These methods were refactored somewhere in the 3.3 branch. Now the
net_rpc_samsync.c class calls rpc_vampire_internals, which calls
libnet/libnet_samsync.c, which calls samsync_fix_delta_array() with
rid_crypt always set to false. I think that's correct. But the
second bug has carried through in the sam_account_from_delta()
function:
208 if (memcmp(r->ntpassword.hash, zero_buf, 16) != 0) {
209 sam_pwd_hash(r->rid, r->ntpassword.hash, lm_passwd, 0);
210 pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED);
211 }
212
213 if (memcmp(r->lmpassword.hash, zero_buf, 16) != 0) {
214 sam_pwd_hash(r->rid, r->lmpassword.hash, nt_passwd, 0);
215 pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED);
If you look closely you'll see that the nt hash is going into the
lm_passwd variable and the decrypted value is being set in the lanman
hash, and the lanman hash is being decrypted and put into the nt hash
field. So the LanMan and NT hashes look like they're being put in
the opposite fields."
Fix this by removing the rid_crypt parameter.
Jeremy.
(cherry picked from commit e38436f731ff09333588cc0751c79029a569f390)
|
|
|
|
| |
(cherry picked from commit 79222e476edbccf81e70cf1c0d1f40db0b88e20b)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 82ec832f7edffe2fcfd1bb067e092c159bed2973)
|
|
|
|
|
|
| |
If winbind sets the KRB5CCNAME variable it should unset it when
the cache gets destroyed.
(cherry picked from commit e7b0d1c984a37600a234c1f4c95b06e9b5898f30)
|
|
|
|
|
| |
Guenther
(cherry picked from commit 7c2831c5872ad26e1e0cd7df59d6c0b88d566760)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit ef15ff6abec34377ab7fa75201e2799c0bb72aeb)
|
|
|
|
|
|
|
|
|
| |
If total_data == 4 Windows doesn't care what values
are placed in that field, it just ignores them.
The System i QNTC IBM SMB client puts bad values here,
so ignore them.
Jeremy.
(cherry picked from commit 5b1d8588d01d11251541829c5a3dff211fe925fd)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 5109bd33719a4bb1534cb0e012c92ec778fb26df)
|
|
|
|
|
|
|
|
|
|
|
| |
old server.
Karolin this is a show-stopper for 3.2.5.
There was some code in pull_ucs2_base_talloc() to cope with this case which
hadn't been added to pull_ascii_base_talloc(). The older Samba returns non
unicode names which is why you are seeing this codepath being executed.
Jeremy.
(cherry picked from commit 09fa53d927436310ae3c17096d42e2fa4de1dd2e)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 7c53cde257515e7bfffc8f3c0b54b7c99554d240)
|
|
|
|
|
|
|
|
|
|
|
| |
inheritance", based on
a patch from Paul Fertser <fercerpav@gmail.com>. I also added the ability to get/set hex
and symbolic inheritance flag names on ACE flags. I'm still investigating the effects
of setting the "SEC_DESC_DACL_AUTO_INHERIT_REQ" flag as I don't yet see what effects
this is having on the ACE sent.
Jeremy.
(cherry picked from commit e59a21e945e6336f3d7622bf77cf5c2304936b70)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 4f1cdfe0901f4c78dff56ae5c26d2801b97d50d5)
|
|
|
|
|
|
| |
if the configuration parameter anonymization_prefix is defined in
smb.conf, and use the prefix given there.
(cherry picked from commit 86a621a1a3e08bad8a0b276d8444f1f69a500385)
|
|
|
|
| |
(cherry picked from commit 0f3f34033a80e44fa18cae452a164e445392138a)
|
|
|
|
| |
(cherry picked from commit 1ab2a5b958a900a078cadf98b83fba7fadbaedf9)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 48ee5a66d18b805d03f93c85e98a41374d82cfb9)
|
|
|
|
| |
(cherry picked from commit e42477caece1a2e861aa0698d2e06847819f0b0d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The manpage for /bin/mount specifies that the return code should be a
positive integer (actually, it's a bitfield). Clean up the return
codes from mount.cifs to make them match the expected return values
from /bin/mount. This necessary for proper integration with autofs.
This is the third attempt at this patch. The changes here are minor,
just changing some return's from main() into exit() calls for
consistency's sake.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit 2374799c8114ae3ed422d1cbe4ca12c4fd075274)
|
|
|
|
|
|
|
|
|
| |
We currently don't attempt to uppercase the device portion of the mount
string if there isn't a prefixpath. Fix that by making uppercase_string
return success without doing anything on a NULL pointer.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit 34b5cfe8a0cb8674da0c5ac7d81b6e64160ccaa2)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
"rescan_trusted_domain".
From analysis by hargagan <shargagan@novell.com> :
"The winbindd_child_died() is also getting called from process_loop() in case of
SIGCHLD signal. In this case it doesn't make the timeout_handler to NULL for
the first request. It then initiate a new request using
schedule_async_request() which installs a new timeout handler for the same
request. In such a case, for a badly unresponsive system both the timeout
handler can be called. For the first call the "private_data" will be cleared
and for another call the timeout handler will be detecting the double free. So,
for such a case as well, the winbindd_child_died() should make the
timeout_handler to NULL."
Jeremy.
(cherry picked from commit ce8de496ec139b7a56db20c5ffbcbdc2f4db0a51)
|
|
|
|
|
|
|
|
|
|
| |
The fix explicitly makes the conversion from timeval to time_t using the
existing time utility functions.
Compiling modules/vfs_smb_traffic_analyzer.c
modules/vfs_smb_traffic_analyzer.c: In function `smb_traffic_analyzer_send_data':
modules/vfs_smb_traffic_analyzer.c:173: warning: passing arg 1 of `localtime' from incompatible pointer type
(cherry picked from commit 22852666ddf3e77404373042ceecb19747ae25cd)
|
|
|
|
|
|
|
|
|
|
|
| |
The patch simply uses a more descriptive variable name for tcp_seq.
lib/socket_wrapper/socket_wrapper.c:753: warning: declaration of 'tcp_seq' shadows a global declaration
/usr/include/netinet/tcp.h:40: warning: shadowed declaration is here
lib/socket_wrapper/socket_wrapper.c: In function `swrap_marshall_packet':
lib/socket_wrapper/socket_wrapper.c:919: warning: declaration of 'tcp_seq' shadows a global declaration
/usr/include/netinet/tcp.h:40: warning: shadowed declaration is here
(cherry picked from commit 03cbea1d653c716b16347c831aa56dca0eb297ab)
|
|
|
|
|
|
|
| |
This is a workaround for the cases where you want to join under a netbios name
that is different from your hostname, i.e. a name that can not be found in
/etc/hosts or dns. In these cases, name_to_fqdn fails or gives invalid results.
(cherry picked from commit 84951b54bc1473aa9275c02cc37a9f0d7d4150e2)
|
|
|
|
| |
(cherry picked from commit f63bac521f0595ccbcf687678e325649f3e0e5e3)
|
|
|
|
|
|
| |
Jeff, Steve, please check!
(cherry picked from commit 110756cc7bcaed5a9d6aa58f3b3fe4481f8d1f31)
(cherry picked from commit 46b050e525b339fbac68329f668e47ebd11b3e08)
|
|
|
|
| |
(cherry picked from commit 41aed9f2f3c6d53e1b8b6d72467bc5d5a0689dce)
|
|
|
|
| |
(cherry picked from commit 1709a099c82e9b06771b3aa562c5488a71f10c62)
|
|
|
|
| |
(cherry picked from commit af055bb8d89a14ed572f76b5f8fe492e0ed98e12)
|
|
|
|
|
| |
Not sure if we can ever not get domain and dns_domain, but gcc complained
(cherry picked from commit e56b0b947a5c357c4e84b330c38d7a7f569be201)
|
|
|
|
| |
(cherry picked from commit 52365077e74e80959a42aa82cf9a6c959e2fcda5)
|
|
|
|
| |
(cherry picked from commit 65169e4b5f182f1614e102bb0e09326a26bd5b5d)
|
|
|
|
| |
(cherry picked from commit de581efedbc53a783a680ff366d37aeccd14ee23)
|
|
|
|
|
| |
Jeremy.
(cherry picked from commit 4dc2eb7f42bad6812d21bf4577e2901b04a5ca83)
|
|
|
|
|
|
|
| |
This is helpful on multihomed hosts that only require a subset
of IP addresses be registered with DNS.
(cherry picked from commit 17c9f8810598d8117befc896d12a597a52b0ac3b)
(cherry picked from commit 2fb742e127f725b56f308538852d7b10b86f29c1)
|
|
|
|
|
|
|
|
|
| |
Hostname, TYPE: CNAME, CLASS: NONE
This has to have been broken for ages. I cannot see
how it would have worked in any environment.
(cherry picked from commit 6b6402bce318a48b0890ed6fc23ed5b30440927b)
(cherry picked from commit adde53eddb85e9af391c3f77425a3376c5c60dbf)
|
|
|
|
|
|
|
|
|
|
| |
Unsupported character set.
Cups 1.3.4 expects utf8 to be used in all messages to/from the server. We may be using a
different character set so we need to use talloc utf8 push/pull functions in all communication.
Contains the !server fix already applied to 3.3.
Jeremy.
(cherry picked from commit a1323951a3264f81be07276f021201bee0d8d0f5)
|