Jelmer Vernooij [Sat, 10 May 2003 10:53:48 +0000 (10:53 +0000)]
Patch from metze and me that adds dummy smb_register_*() functions so
that is now possible to, for example, load a module which contains
an auth method into a binary without the auth/ subsystem built in.
John Terpstra [Sat, 10 May 2003 05:26:05 +0000 (05:26 +0000)]
Typos and fixes resulting from VL feedback.
Jeremy Allison [Sat, 10 May 2003 02:05:24 +0000 (02:05 +0000)]
Fix from Tom.Lackemann@falconstor.com to correctly set the flags based
on the security entries sent.
Jeremy.
Jeremy Allison [Sat, 10 May 2003 00:35:38 +0000 (00:35 +0000)]
Optimisation. We don't need to do 2 strlen's when we're setting the stat
struct in the correct place.
Jeremy.
Jeremy Allison [Sat, 10 May 2003 00:30:47 +0000 (00:30 +0000)]
Fix for possible segfault in readline handler. Found by vitalyb@mail333.com.
Jeremy.
John Terpstra [Sat, 10 May 2003 00:03:58 +0000 (00:03 +0000)]
Fix typo.
Gerald Carter [Fri, 9 May 2003 21:52:49 +0000 (21:52 +0000)]
syncing README to go along with scripts
Gerald Carter [Fri, 9 May 2003 21:51:57 +0000 (21:51 +0000)]
syncing import/export smbpasswd file scripts from 2.2
Gerald Carter [Fri, 9 May 2003 21:47:32 +0000 (21:47 +0000)]
removing total print jobs since it is not used anymore
Andrew Bartlett [Fri, 9 May 2003 15:25:20 +0000 (15:25 +0000)]
Makefile changes to allow new NTLMv2 patch to work.
Andrew Bartlett [Fri, 9 May 2003 15:02:11 +0000 (15:02 +0000)]
Cleanups. My NTLMv2 changes also changed the preference from using an implicit
structure-memcpy for DATA_BLOB parameters to using a pointer to that DATA_BLOB.
auth_sam calls some of these functions, so I've cleaned it all up to use this
format now.
Also clean up some debug statements to make them easier to read.
Andrew Bartlett
Andrew Bartlett [Fri, 9 May 2003 14:42:20 +0000 (14:42 +0000)]
Finally get NTLMv2 working on the client!
With big thanks to tpot for the ethereal disector, and for the base code
behind this, we now fully support NTLMv2 as a client.
In particular, we support it with direct domain logons (tested with ntlm_auth
--diagnostics), with 'old style' session setups, and with NTLMSSP.
In fact, for NTLMSSP we recycle one of the parts of the server's reply directly...
(we might need to parse for unicode issues later).
In particular, a Win2k domain controller now supplies us with a session key
for this password, which means that doman joins, and non-spnego SMB signing
are now supported with NTLMv2!
Andrew Bartlett
Jim McDonough [Fri, 9 May 2003 12:58:28 +0000 (12:58 +0000)]
Fix bug #4 for net rap. Allow more than 50 chars for long form listings of users and groups.
Andrew Bartlett [Fri, 9 May 2003 09:45:37 +0000 (09:45 +0000)]
Fix comment - we now have 5 types of error...
Andrew Bartlett [Fri, 9 May 2003 09:41:08 +0000 (09:41 +0000)]
Make sure we always have some client data, not just the hash. An NTLMv2 or
LMv2 response less than 24 bytes is just silly.
Andrew Bartlett
Andrew Bartlett [Fri, 9 May 2003 09:37:12 +0000 (09:37 +0000)]
Elsewhere, we use a #define for this environment variable name, so do the
same here.
Andrew Bartlett
Andrew Bartlett [Fri, 9 May 2003 09:33:51 +0000 (09:33 +0000)]
When checking if a SID is in a domain, make sure that indeed the user RID is
one element longer than the domain sid.
Andrew Bartlett
Richard Sharpe [Fri, 9 May 2003 07:43:07 +0000 (07:43 +0000)]
Sync up to head ...
John Terpstra [Fri, 9 May 2003 06:48:00 +0000 (06:48 +0000)]
More edits, hackety hack.
Richard Sharpe [Fri, 9 May 2003 06:23:55 +0000 (06:23 +0000)]
Sync to the changes in head ...
Tim Potter [Fri, 9 May 2003 06:03:11 +0000 (06:03 +0000)]
Added some more diagnostic tests to check out a theory that having either hash
- auth with ntlmv2 and lmv2 but deliberately break the ntlmv2 hash
- auth with ntlmv2 and lmv2 but deliberately break the lmv2 hash
- auth with ntlm and lm but deliberately break the ntlm hash
- auth with ntlm and lm but deliberately break the lm hash
My theory is that the NTLM or NTLMv2 field must be correct and if it is,
it doesn't matter what the value of the LM or LMv2 field is.
Fixed cosmetic test name display bug.
Richard Sharpe [Fri, 9 May 2003 05:48:50 +0000 (05:48 +0000)]
Fix up a bunch of problems in editreg.c
Now the build farm will no doubt find more.
Jeremy Allison [Fri, 9 May 2003 01:06:27 +0000 (01:06 +0000)]
Fix nasty bug pointed out by samba-technical poster. If name is mangled
then we weren't always correctly detecting that it had a valid stat struct
and so might now return a 'file existed'. Finally realized this when installing
the W2K resource kit as a test case.
Jeremy.
Gerald Carter [Thu, 8 May 2003 21:19:58 +0000 (21:19 +0000)]
fix bug #47; revert registration of workgroup<1b> to 2.2 behavior
Gerald Carter [Thu, 8 May 2003 20:19:10 +0000 (20:19 +0000)]
fixed bug #75; add check for non-zero destlen
Jim McDonough [Thu, 8 May 2003 17:02:13 +0000 (17:02 +0000)]
Hopefully re-enable building heimdal. It needs -lresolv included in LIBS
to link during configure checks.
Volker Lendecke [Thu, 8 May 2003 08:12:57 +0000 (08:12 +0000)]
Revert a patch that somehow slipped in...
Volker
Volker Lendecke [Thu, 8 May 2003 08:02:52 +0000 (08:02 +0000)]
This puts real netlogon connection caching to winbind. This becomes
important once we start doing schannel, as there would be a lot more
roundtrips for the second PIPE open and bind. With this patch logging
in to a member server is a matter of two (three if you count the
ack...) packets between us and the DC.
Volker
John Terpstra [Thu, 8 May 2003 07:40:21 +0000 (07:40 +0000)]
Another set of updates to the docs.
Volker Lendecke [Thu, 8 May 2003 07:33:39 +0000 (07:33 +0000)]
This puts back wins.dat into nmbd for easy editing. It leaves most of
the other infrastructure with name owners etc in place. If anybody is
really going to tackle winsrepld, it will probably not be hard to put
the additional info back.
Volker
Tim Potter [Thu, 8 May 2003 05:10:44 +0000 (05:10 +0000)]
Another attempt at undoing my bogus patch 1.55.2.19
Andrew Bartlett [Wed, 7 May 2003 23:09:18 +0000 (23:09 +0000)]
Always initialise this - it helps callers who use this in a loop...
Andrew Bartlett
Andrew Bartlett [Wed, 7 May 2003 22:56:02 +0000 (22:56 +0000)]
Fix the spinning bug for 'net rpc user' as well - there are more errors in
this world than 'status more entires'...
Also move all the cases to 'NT_STATUS_EQUAL()' to test it.
Andrew Bartlett
Jeremy Allison [Wed, 7 May 2003 22:19:43 +0000 (22:19 +0000)]
SMB_QUERY_FILE_ALT_NAME_INFO and SMB_FILE_ALTERNATE_NAME_INFORMATION
are identical - noticed by "Dr. Tilo Levante" <tilo@levante.de>.
Jeremy.
Jeremy Allison [Wed, 7 May 2003 21:40:11 +0000 (21:40 +0000)]
Fix irritating typo - non arg functions should be fn(void).
Jeremy.
Jelmer Vernooij [Wed, 7 May 2003 18:49:34 +0000 (18:49 +0000)]
%f -> %p (reported by Kurt Pfeifle <kpfeifle@danka.de>
Jeremy Allison [Wed, 7 May 2003 18:28:24 +0000 (18:28 +0000)]
Make fchown, fchmod conditional for systems that don't have them.
Jeremy.
Andrew Bartlett [Wed, 7 May 2003 12:58:59 +0000 (12:58 +0000)]
SMB Signing with NTLMv2 works!
(well, under certain conditions :-)
There is no length limit on the size of the authentication response added
into the MD5 hash. (We had previously limited this to lengths like 40, 44 or
64 in attempts to make sense of what the SNIA spec tells us).
Instead, the entire authentication response is added in.
Currently, this only works on a Win2k domain members with a Samba PDC,
becouse our NTLMv2 code currently fails against an Win2k PDC.
However, this splits the problem in half - particularly as the NTLMv2 format
is known, and even has an ethereal disector! (thanks tpot).
Andrew Bartlett
Alexander Bokovoy [Wed, 7 May 2003 11:11:39 +0000 (11:11 +0000)]
Ignore generated file
Andrew Bartlett [Wed, 7 May 2003 08:21:06 +0000 (08:21 +0000)]
Set our 'global sam name' in one place. For domain controllers, this is
lp_workgroup(), for all other server this is global_myname().
This is the name of the domain for accounts on *this* system, and getting
this wrong caused interesting bugs with 'take ownership' on member servers
and standalone servers at Snap.
(They lookup the username that they got, then convert that to a SID - but
becouse the domain out of the smbpasswd entry was wrong, we would fail the
lookup).
Andrew Bartlett
John Terpstra [Wed, 7 May 2003 07:50:22 +0000 (07:50 +0000)]
Fix missing closing para marker.
John Terpstra [Wed, 7 May 2003 07:44:01 +0000 (07:44 +0000)]
More updates. Now working on BDC Documentation.
Tim Potter [Wed, 7 May 2003 05:52:44 +0000 (05:52 +0000)]
Whoops - that wasn't a whitespace syncup after all.
Jeremy Allison [Wed, 7 May 2003 02:00:58 +0000 (02:00 +0000)]
Force ASCII for client messages. Patch from David Lee <t.d.lee@durham.ac.uk>
Jeremy.
Jeremy Allison [Wed, 7 May 2003 01:00:36 +0000 (01:00 +0000)]
We used to use the name "*",0x0 here, but some Windows
servers don't answer that name. However we *know* they
have the name workgroup#1b (as we just looked it up).
So do the node status request on this name instead.
Found at LBL labs.
Jeremy.
John Terpstra [Tue, 6 May 2003 23:57:07 +0000 (23:57 +0000)]
More stuffing, this turkey will soon be done!
Jelmer Vernooij [Tue, 6 May 2003 21:55:00 +0000 (21:55 +0000)]
Fix <!DOCTYPE>'s
Jelmer Vernooij [Tue, 6 May 2003 21:54:10 +0000 (21:54 +0000)]
Add generating text versions of the docs using xmlto
Jelmer Vernooij [Tue, 6 May 2003 21:43:30 +0000 (21:43 +0000)]
Check for xmlto. Not required and not used (yet)
John Terpstra [Tue, 6 May 2003 17:19:33 +0000 (17:19 +0000)]
Merge from HEAD.
cvs2svn Import User [Tue, 6 May 2003 13:10:11 +0000 (13:10 +0000)]
This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.
Simo Sorce [Tue, 6 May 2003 13:10:10 +0000 (13:10 +0000)]
sort out some include dependencies
split out privileges from rpc_lsa.h
Simo Sorce [Tue, 6 May 2003 10:00:02 +0000 (10:00 +0000)]
add mapping.h here
Simo Sorce [Tue, 6 May 2003 09:36:51 +0000 (09:36 +0000)]
restore structures from previous erroneous commit
John Terpstra [Tue, 6 May 2003 06:03:58 +0000 (06:03 +0000)]
Hackety, hackety, hack. More edits.
John Terpstra [Tue, 6 May 2003 06:02:54 +0000 (06:02 +0000)]
A few more little fixes, a few more edits, a bit lost here, and a lot gained there! :)
This documentation process is tedious, but noone will notice it anyhow! :)
Jelmer Vernooij [Tue, 6 May 2003 02:45:31 +0000 (02:45 +0000)]
Update list of possible acctFlag values
Jelmer Vernooij [Tue, 6 May 2003 02:35:33 +0000 (02:35 +0000)]
Remove unused variables
Jelmer Vernooij [Tue, 6 May 2003 02:34:59 +0000 (02:34 +0000)]
Patch from metze to add exit and interval events. Useful for modules
Tim Potter [Tue, 6 May 2003 02:32:47 +0000 (02:32 +0000)]
There appears to be no reason why we have to execute the
initialisation code in winbindd_init_common() after the fork when
running in dual daemon mode.
The only tricky bit is we have to run a tdb_reopen_all() somewhere in
the child to avoid tdb corruption.
Fixed bug #60.
Richard Sharpe [Mon, 5 May 2003 22:52:45 +0000 (22:52 +0000)]
Fix up some of the warnings that the build farm is finding ...
John Terpstra [Mon, 5 May 2003 19:20:14 +0000 (19:20 +0000)]
Fix typo.
John Terpstra [Mon, 5 May 2003 19:19:36 +0000 (19:19 +0000)]
Fix typo.
Richard Sharpe [Mon, 5 May 2003 16:04:15 +0000 (16:04 +0000)]
Syncronize head editreg.c with 3.0.0 ...
Andrew Bartlett [Mon, 5 May 2003 13:23:07 +0000 (13:23 +0000)]
We also get back the LM session key on pure 'NTLM' logins.
Andrew Bartlett
Rafal Szczesniak [Mon, 5 May 2003 08:43:43 +0000 (08:43 +0000)]
Turn off using lsa_qos.
Rafal
Rafal Szczesniak [Mon, 5 May 2003 08:32:30 +0000 (08:32 +0000)]
Turn off using lsa_qos in OpenPolicy call. This way we avoid annoying
debug msg while establishing trust and listing relations of Samba PDC.
Rafal
John Terpstra [Mon, 5 May 2003 06:46:13 +0000 (06:46 +0000)]
More updates.
John Terpstra [Mon, 5 May 2003 06:45:53 +0000 (06:45 +0000)]
More updates.
Andrew Bartlett [Mon, 5 May 2003 06:33:58 +0000 (06:33 +0000)]
Add some comments.
Tim Potter [Mon, 5 May 2003 06:22:36 +0000 (06:22 +0000)]
Add a new entry to make check. If we have compiled python extensions,
run the pythoncheck.py test. At the moment this just checks every
python extension can be imported sucessfully.
Tim Potter [Mon, 5 May 2003 06:21:26 +0000 (06:21 +0000)]
Fix for bug #60. Our autoconf code adds both libraries and linker
flags in the $LIBS make variable. Separate the two so the python
extensions can build.
Andrew Bartlett [Mon, 5 May 2003 05:15:54 +0000 (05:15 +0000)]
Allow the NTLMv2 functions to spit out both possible varients on the session
key, so we can test it in ntlm_auth.
I suspect the 'lm' version doesn't exist, but it's easy to change back.
Andrew Bartlett
Andrew Bartlett [Mon, 5 May 2003 05:01:59 +0000 (05:01 +0000)]
Add some more tests to the ntlm_auth diagnositics package.
Our NTLMv2 client code needs work, becouse we don't get the session key for
any of the NTLMv2 stuff...
Also test some of the more 'odd' auth cases - like putting the NT password
into the LM feild.
Clean up some static globals into static locals.
Andrew Bartlett
John Terpstra [Mon, 5 May 2003 04:58:35 +0000 (04:58 +0000)]
Fixing Syntax Problems.
John Terpstra [Mon, 5 May 2003 04:58:07 +0000 (04:58 +0000)]
Fixing syntax problems.
Tim Potter [Mon, 5 May 2003 04:10:29 +0000 (04:10 +0000)]
Merge of backslash @LDAP_LIBS@ fix from HEAD.
Tim Potter [Mon, 5 May 2003 04:09:56 +0000 (04:09 +0000)]
A good reason to use make variables instead of autoconf substitutions
directly - fixed problem where the last line of the link command was
'\ @LDAP_LIBS@'. If @LDAP_LIBS@ is zero then the backslash
incorrectly includes the next line of the Makefile in the current
target.
This should fix a bucketload of build farm failures.
Tim Potter [Mon, 5 May 2003 03:34:19 +0000 (03:34 +0000)]
Fixed typo introduced when reverting patch from revision 1.19
Tim Potter [Mon, 5 May 2003 03:31:50 +0000 (03:31 +0000)]
Fixed typo introduced in reverted patch from version 1.12.4.5
Tim Potter [Mon, 5 May 2003 02:47:41 +0000 (02:47 +0000)]
Fix some compiler warnings.
Tim Potter [Mon, 5 May 2003 01:52:08 +0000 (01:52 +0000)]
AIX doesn't append $SHLIB_EXT to NSS libraries.
Also merged a little bit of abartlet's recent configure.in change of
duplicated IRIX stuff.
Tim Potter [Mon, 5 May 2003 01:40:10 +0000 (01:40 +0000)]
AIX doesn't append $SHLIB_EXT to NSS libraries.
John Terpstra [Mon, 5 May 2003 00:08:31 +0000 (00:08 +0000)]
Updatting docs further. More to come.
John Terpstra [Mon, 5 May 2003 00:07:53 +0000 (00:07 +0000)]
Updatting docs further. More to come.
Simo Sorce [Sun, 4 May 2003 23:41:51 +0000 (23:41 +0000)]
move some things around
John Terpstra [Sun, 4 May 2003 08:29:46 +0000 (08:29 +0000)]
More updates.
John Terpstra [Sun, 4 May 2003 08:29:25 +0000 (08:29 +0000)]
More updates.
Andrew Bartlett [Sun, 4 May 2003 02:48:11 +0000 (02:48 +0000)]
Patch from Ken Cross to allow an ADS domain join with a username of the form
user@realm, where realm might not be the realm we are joining.
Andrew Bartlett
John Terpstra [Sun, 4 May 2003 01:25:15 +0000 (01:25 +0000)]
Update.
John Terpstra [Sun, 4 May 2003 01:16:08 +0000 (01:16 +0000)]
Updating ServerType. Now almost complete.
Andrew Bartlett [Sun, 4 May 2003 01:05:39 +0000 (01:05 +0000)]
Add doco to our SMB signing code.
This should make it clearer what magic numbers refer to the magic numbers
in the CIFS spec, and what bits and peices are being appended into the MD5
calculation where.
Andrew Bartlett
Andrew Bartlett [Sun, 4 May 2003 00:55:52 +0000 (00:55 +0000)]
Fix up the setting up of the build_farm smb.conf from the templates in their
new directory.
Andrew Bartlett
Andrew Bartlett [Sat, 3 May 2003 15:30:41 +0000 (15:30 +0000)]
configure.in updates:
Now the IRIX and non-irix cases for one of these switch statements is the same,
eliminate the statement...
We now use autoconf > 2.50, so we can use some of it's features.
We also need to correctly include the magic for building vfs_fake_perms.
John Terpstra [Sat, 3 May 2003 05:57:09 +0000 (05:57 +0000)]
Merge of new edits from HEAD.
cvs2svn Import User [Sat, 3 May 2003 05:51:55 +0000 (05:51 +0000)]
This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.
John Terpstra [Sat, 3 May 2003 05:51:54 +0000 (05:51 +0000)]
Re-arrangement of Chapters 3-8, merges, updates - first installment only.
Andrew Bartlett [Sat, 3 May 2003 04:34:13 +0000 (04:34 +0000)]
Add a comment about the use of string functions in the modules code, and
add \n to the end of the non-dlopen case DEBUGs.
Andrew Bartlett
Andrew Bartlett [Sat, 3 May 2003 04:30:21 +0000 (04:30 +0000)]
Fix use of uninitialised value in TCONDEV test - found by sun1 on the build farm
Simo Sorce [Sat, 3 May 2003 01:29:18 +0000 (01:29 +0000)]
fixes to *_util.c files
add winbindd_passdb backend
this makes it possible to have nua accounts on security = user servers to
show up in unic through nss_winbind.so
the problem is that we do not have group support, so nss group support is
not very good at this time (read: totally absent)
we NEED group support in passdb