Richard Sharpe [Mon, 10 Feb 2003 16:42:24 +0000 (16:42 +0000)]
Fix a mistake spotted by Metze
Andrew Bartlett [Mon, 10 Feb 2003 12:22:57 +0000 (12:22 +0000)]
Clean up our NTLMv2 code by moving the grunt work into a helper function.
Andrew Bartlett
Andrew Tridgell [Mon, 10 Feb 2003 11:31:23 +0000 (11:31 +0000)]
added the 'lsaenumacctwithright' command to rpcclient. This allows you
to lookup what SIDs have a particular privilege (that is how
privileges are stored).
Andrew Bartlett [Mon, 10 Feb 2003 10:36:09 +0000 (10:36 +0000)]
As metze mentioned, this is the proper way to find perl...
Andrew Bartlett
Andrew Bartlett [Mon, 10 Feb 2003 09:23:30 +0000 (09:23 +0000)]
perl might not be in /usr/bin/perl, so try and find it in the path.
Perhaps this generated file should be autobuilt on samba.org for the
build farm and the tarballs.
Andrew Bartlett
Andrew Bartlett [Mon, 10 Feb 2003 09:20:09 +0000 (09:20 +0000)]
Use safe_strcpy() instead of pstrcpy() for malloced strings.
Andrew Bartlett
Andrew Bartlett [Mon, 10 Feb 2003 09:18:04 +0000 (09:18 +0000)]
Failure to find a CUPS printer, when auto-adding printers is not a level 0 error.
Andrew Bartlett
Andrew Bartlett [Mon, 10 Feb 2003 09:16:05 +0000 (09:16 +0000)]
Some cleanups:
- Don't use pstrcpy into an allocated string - use safe_strcpy() directly
instead.
- Keep a copy of the 'server_info' attached to the vuid. In future use this
for things like the session key, homedir and full name instead of current
copies.
- Try to avoid memory leak/segfault on Realloc failure
- clear up #endif comments
Andrew Bartlett
Andrew Bartlett [Sun, 9 Feb 2003 12:26:58 +0000 (12:26 +0000)]
(only for HEAD at the moment).
Add NTLMv2 support to our client, used when so configured ('client use NTLMv2 =
yes') and only when 'client use spengo = no'. (A new option to allow the
client and server ends to chose spnego seperatly).
NTLMv2 signing doesn't yet work, and NTLMv2 is not done for NTLMSSP yet.
Also some parinoia checks in our input parsing.
Andrew Bartlett
Jeremy Allison [Sat, 8 Feb 2003 01:04:26 +0000 (01:04 +0000)]
Ensure we return NOSPACE if we can't fast allocate a print job.
Jeremy.
Andrew Bartlett [Sat, 8 Feb 2003 01:00:55 +0000 (01:00 +0000)]
One more fix for the difference between FILE and X_FILE.
Andrew Bartlett [Fri, 7 Feb 2003 23:39:47 +0000 (23:39 +0000)]
Ensure we don't get problems between FILE and X_FILE buffers - always use the
x_ varient of the command.
Andrew Bartlett
Jeremy Allison [Fri, 7 Feb 2003 22:52:35 +0000 (22:52 +0000)]
Samba janitors: applying mbp's redundant umask fix.
Jeremy.
Jeremy Allison [Fri, 7 Feb 2003 21:59:42 +0000 (21:59 +0000)]
Samba janitor: adding mbp's umask patch :-).
Jeremy.
Gerald Carter [Fri, 7 Feb 2003 16:20:58 +0000 (16:20 +0000)]
check pointer before dereferencing it
Volker Lendecke [Fri, 7 Feb 2003 08:02:18 +0000 (08:02 +0000)]
Revert Flag testing upon abartlet's request ;-)
Volker
John Terpstra [Fri, 7 Feb 2003 05:00:34 +0000 (05:00 +0000)]
Added extended audit module that logs to smbd log as well as syslog.
Andrew Tridgell [Fri, 7 Feb 2003 04:01:36 +0000 (04:01 +0000)]
make sure we don't run over the end of 'name' in unix_convert()
Thanks to Andrew Bartlett for spotting this.
Volker Lendecke [Thu, 6 Feb 2003 16:53:58 +0000 (16:53 +0000)]
Make account flags editable with pdbedit.
Volker
Andrew Tridgell [Thu, 6 Feb 2003 09:55:21 +0000 (09:55 +0000)]
ignore config.h.in in cvs as generated by autoheader
Andrew Tridgell [Thu, 6 Feb 2003 09:54:51 +0000 (09:54 +0000)]
ignore configure in cvs
Andrew Bartlett [Thu, 6 Feb 2003 09:20:32 +0000 (09:20 +0000)]
Remove configure and config.h.in from CVS.
configure and config.h.in is now regenerated by the 'autogen.sh' script.
However, samba.org will run autoconf and autoheader to keep the anonyomous
rsync 'unpacked' areas intact (helping the build farm), and released will ship
with the genereated files.
Andrew Bartlett
Andrew Tridgell [Thu, 6 Feb 2003 05:42:19 +0000 (05:42 +0000)]
added the LSA privileges server backend stubs. Right now they just log
what was requested.
Jeremy Allison [Wed, 5 Feb 2003 23:03:47 +0000 (23:03 +0000)]
Collapse duplicate messages before sending.
Jeremy.
Jeremy Allison [Wed, 5 Feb 2003 22:09:32 +0000 (22:09 +0000)]
Fixed type.
Jeremy.
Jeremy Allison [Wed, 5 Feb 2003 21:17:12 +0000 (21:17 +0000)]
Check for too many processes *before* the fork.
Jeremy.
Gerald Carter [Wed, 5 Feb 2003 06:37:54 +0000 (06:37 +0000)]
CUPS patch to log client name
Jeremy Allison [Tue, 4 Feb 2003 23:52:46 +0000 (23:52 +0000)]
Hold the lock for a much shorter time when allocating a new jobid.
Jeremy.
Jeremy Allison [Tue, 4 Feb 2003 23:44:05 +0000 (23:44 +0000)]
Mem alloc failure checks.
Jeremy.
Jeremy Allison [Tue, 4 Feb 2003 23:43:21 +0000 (23:43 +0000)]
Up the hash table size for printing tdb.c
Jeremy.
Jeremy Allison [Tue, 4 Feb 2003 23:40:17 +0000 (23:40 +0000)]
Ensure we overwrite a tdb if the hash size changes.
Jeremy.
Andrew Bartlett [Tue, 4 Feb 2003 10:54:01 +0000 (10:54 +0000)]
Add autogen.sh from distcc via mbp.
This to allow us to remove configure from CVS.
Andrew Bartlett [Tue, 4 Feb 2003 10:02:43 +0000 (10:02 +0000)]
Actually checking both the account and password tests would be a good idea...
Andrew Bartlett
Andrew Bartlett [Tue, 4 Feb 2003 08:26:04 +0000 (08:26 +0000)]
Patch from Edmund Lam <epl@unimelb.edu.au> to fix braindead Tru64 behaviour:
Apparently acl_type is #defined to acl_common.entry_type in their acl.h....
Andrew Bartlett
Jeremy Allison [Tue, 4 Feb 2003 01:43:11 +0000 (01:43 +0000)]
Ensure we only ever set fsp->conn in one place.
Jeremy.
Jim McDonough [Tue, 4 Feb 2003 01:39:06 +0000 (01:39 +0000)]
Try to allow old and new heimdal installs
Jeremy Allison [Tue, 4 Feb 2003 01:11:33 +0000 (01:11 +0000)]
Ensure Samba passes the open attribute truncate tests in smbtorture.
Jeremy.
Herb Lewis [Tue, 4 Feb 2003 00:19:10 +0000 (00:19 +0000)]
fix packaging
Jeremy Allison [Mon, 3 Feb 2003 23:17:24 +0000 (23:17 +0000)]
Got complete (I hope) coverage of the OPEN TRUNCATE ATTRIBUTES test.
Now to make Samba pass it :-).
Jeremy.
Jeremy Allison [Mon, 3 Feb 2003 20:37:16 +0000 (20:37 +0000)]
Grrr. Kill all BSD-isms... Spotted by Paul Green <paulg@sw.stratus.com>.
Jeremy.
Jim McDonough [Mon, 3 Feb 2003 18:10:27 +0000 (18:10 +0000)]
Try to get build working on systems with krb runtime but not devel libs.
Let's not assume that because one dir exists the whole shebang is there...
Tim Potter [Sun, 2 Feb 2003 22:49:28 +0000 (22:49 +0000)]
smb signing compile fix
Simo Sorce [Sun, 2 Feb 2003 18:08:43 +0000 (18:08 +0000)]
untest fix for wide links parameter bug.
it work properly on 2.2 and the patch apply so I think it should be ok.
Andrew Bartlett [Sun, 2 Feb 2003 11:11:24 +0000 (11:11 +0000)]
Add some return values, and don't attempt signing for NTLMSSP yet (it uses a
different algorithm).
Andrew Bartlett
Andrew Bartlett [Sun, 2 Feb 2003 05:10:26 +0000 (05:10 +0000)]
Send the user's session key in the SAMLOGON reply, so that a member server can
use smb signing.
Andrew Bartlett
Andrew Bartlett [Sun, 2 Feb 2003 00:11:12 +0000 (00:11 +0000)]
More signing updates - start checking that the server isn't being spoofed.
Andrew Bartlett
Jelmer Vernooij [Sat, 1 Feb 2003 19:32:42 +0000 (19:32 +0000)]
Remove textfile from CVS - it's available in SGML now
Jelmer Vernooij [Sat, 1 Feb 2003 19:30:03 +0000 (19:30 +0000)]
Convert Anthony's RPC doc to SGML/XML
Jelmer Vernooij [Sat, 1 Feb 2003 19:25:09 +0000 (19:25 +0000)]
First attempt to convert John's GroupProfiles stuff to SGML/XML
Jelmer Vernooij [Sat, 1 Feb 2003 19:22:26 +0000 (19:22 +0000)]
First attempt to migrate the GroupProfiles stuff by John to SGML/XML
Andrew Bartlett [Sat, 1 Feb 2003 13:01:31 +0000 (13:01 +0000)]
We now have client-side SMB signing support!
This checking allows us to connect to Microsoft servers the use SMB signing,
within a few restrictions:
- I've not get the NTLMSSP stuff going - it appears to work, but if you break
the sig - say by writing a zero in it - it still passes...
- We don't currently verfiy the server's reply
- It works against one of my test servers, but not the other...
However, it provides an excellent basis to work from. Enable it with 'client
signing' in your smb.conf.
Doc to come (tomorrow) and this is not for 3.0, till we get it complete.
The CIFS Spec is misleading - the session key (for NTLMv1 at least) is the
standard session key, ie MD4(NT#).
Thanks to jra for the early work on this.
Andrew Bartlett
Jelmer Vernooij [Sat, 1 Feb 2003 11:00:39 +0000 (11:00 +0000)]
NetBSD also supports dynamic libs
Andrew Bartlett [Sat, 1 Feb 2003 06:30:12 +0000 (06:30 +0000)]
Bitmap offsets and counts are always positive.
Andrew Bartlett [Sat, 1 Feb 2003 06:26:16 +0000 (06:26 +0000)]
Makefile.in change for ldap escaping fixes
Andrew Bartlett [Sat, 1 Feb 2003 06:25:08 +0000 (06:25 +0000)]
One more signed/unsigned fix
Andrew Bartlett [Sat, 1 Feb 2003 06:24:07 +0000 (06:24 +0000)]
Non-error connection numbers are always positive
Andrew Bartlett [Sat, 1 Feb 2003 06:17:32 +0000 (06:17 +0000)]
Prompted by RedHat bugzilla bug #77999, convert the user's username and
password from 'display' to 'unix' before we check them.
Andrew Bartlett
Andrew Bartlett [Sat, 1 Feb 2003 06:13:33 +0000 (06:13 +0000)]
More ldap parinoia - if we ever get more than one result, bail. The order we
get them in should be indeterminate, so just picking the first one would be
bad...
Andrew Bartlett
Andrew Bartlett [Sat, 1 Feb 2003 05:20:11 +0000 (05:20 +0000)]
Always escape ldap filter strings. Escaping code was from pam_ldap, but I'm to
blame for the realloc() stuff.
Plus a couple of minor updates to libads.
Andrew Bartlett
Andrew Bartlett [Sat, 1 Feb 2003 05:16:00 +0000 (05:16 +0000)]
More doco updates, in particular the fact that you must configure the smb.conf
*before* you join, otherwise we don't have all the info that 'net join' needs.
Also move from smbpasswd -j to 'net join' in the examples.
Andrew Bartlett
Andrew Bartlett [Sat, 1 Feb 2003 04:44:23 +0000 (04:44 +0000)]
Clarify that 'use spnego = yes' is fine in all known situations.
Andrew Bartlett
Andrew Bartlett [Sat, 1 Feb 2003 04:40:00 +0000 (04:40 +0000)]
Make it clear that the magic value is (size_t)-1.
Andrew Bartlett
Andrew Bartlett [Sat, 1 Feb 2003 04:39:15 +0000 (04:39 +0000)]
A couple more signed/unsigned issues.
Andrew Bartlett [Sat, 1 Feb 2003 04:34:40 +0000 (04:34 +0000)]
Minor doco updates - with a slightly bigger change to the
'security=server/domain' text, to try and explain the difference better, and
why you should always use the latter.
Also update the BDC-HOWTO to have some relation to current reality.
Andrew Bartlett
Andrew Bartlett [Sat, 1 Feb 2003 03:28:35 +0000 (03:28 +0000)]
Clarifications for the ADS docs.
Andrew Bartlett [Sat, 1 Feb 2003 03:26:53 +0000 (03:26 +0000)]
Clear up the winbind doco on ADS support, and specify 'net join' not 'net rpc
join' as people are using the 'wrong' one and wondering why it doesn't quite
work.
Andrew Bartlett
Jeremy Allison [Fri, 31 Jan 2003 20:01:32 +0000 (20:01 +0000)]
Added first part of attribute matrix tests. Not run and compiled in right now...
Jeremy.
Jeremy Allison [Fri, 31 Jan 2003 18:34:12 +0000 (18:34 +0000)]
Ensure Luke Howard's (C) is added.
Jeremy.
Jeremy Allison [Thu, 30 Jan 2003 23:55:13 +0000 (23:55 +0000)]
Add 3 second timeout when terminating server and sending print notify
messages. Stops build-up of large numbers of smbd's waiting to terminate
on large print throughput.
Jeremy.
Jeremy Allison [Thu, 30 Jan 2003 23:27:16 +0000 (23:27 +0000)]
More scalable print tdb fixes.
Jeremy.
Jeremy Allison [Thu, 30 Jan 2003 20:36:59 +0000 (20:36 +0000)]
Sync up with 3.0 heimdal.
Jeremy.
Jeremy Allison [Thu, 30 Jan 2003 20:16:18 +0000 (20:16 +0000)]
Fix kerberos compile after the tpot massicre :-).
Jeremy
Jeremy Allison [Thu, 30 Jan 2003 18:01:23 +0000 (18:01 +0000)]
Stop tpot from trampling over my Heimdal fixes by moving some of them
to HEAD :-).
Jeremy.
Gerald Carter [Thu, 30 Jan 2003 17:04:47 +0000 (17:04 +0000)]
Straus VOS detection patches from Paul Green
Tim Potter [Thu, 30 Jan 2003 04:01:21 +0000 (04:01 +0000)]
The REQ_DEBUGLEVEL message returns a string not a list of integers.
Tim Potter [Thu, 30 Jan 2003 04:00:28 +0000 (04:00 +0000)]
Move debug level message handling into debug.c from messages.c
Removed duplicate message_register() for REQ_DEBUGLEVEL message.
Jeremy Allison [Thu, 30 Jan 2003 01:42:08 +0000 (01:42 +0000)]
Fix for interesting resource constraint condition. When all opens are
level 2 and a request for open with no oplock is received then the
smbd should send *synchronous* break messages, not asynchronous,
otherwise it spins very rapidly, releasing the lock, sending the
'break to none' messages and then re-acquiring the lock before
any other process has a chance to get the lock and remove it's own
oplock (at least on linux).
Jeremy.
Andrew Bartlett [Wed, 29 Jan 2003 13:13:00 +0000 (13:13 +0000)]
Fix to findsmb by Waider
Andrew Bartlett [Wed, 29 Jan 2003 12:11:30 +0000 (12:11 +0000)]
Make the vampire code use just pdb calls - allowing better operation on systems
that are not configured with an add user script, and have an _nua backend for
storage.
We really need to get the PDB backends out of the IDMAP game...
Andrew Bartlett
Tim Potter [Wed, 29 Jan 2003 06:24:13 +0000 (06:24 +0000)]
Use new interface for cli_samr_query_dispinfo().
Tim Potter [Wed, 29 Jan 2003 06:20:08 +0000 (06:20 +0000)]
Pass down max_size parameter to cli_samr_query_dispinfo() instead of
using a hardcoded value later on.
Added a helper function that returns the observed values for
max_entries and max_size for each cli_samr_query_dispinfo() call.
These values were obtained from watching the NT4 user manager
application with ethereal and are the only ones that can enumerate a
60k user domain reliably under Windows 2000.
Tim Potter [Wed, 29 Jan 2003 06:13:18 +0000 (06:13 +0000)]
Pass down max_size parameter to init_samr_q_query_dispinfo() instead
of hardcoding it to 0xffff.
Tim Potter [Wed, 29 Jan 2003 05:16:16 +0000 (05:16 +0000)]
Removed duplicate fn to avoid compiler warning.
Tim Potter [Wed, 29 Jan 2003 02:57:03 +0000 (02:57 +0000)]
Remove NULL buffer checks before rpcstr_pull() as they're now done
inside this function.
Tim Potter [Wed, 29 Jan 2003 02:55:39 +0000 (02:55 +0000)]
Return 0 instead of crashing when a NULL source string is passed
to rpcstr_pull()
Tim Potter [Wed, 29 Jan 2003 02:54:36 +0000 (02:54 +0000)]
Quieten debug about gencache.tdb not being able to be opened.
Perhaps we should try to open O_RDONLY if O_RDWR fails?
Andrew Tridgell [Tue, 28 Jan 2003 21:31:45 +0000 (21:31 +0000)]
added LsaRemoveAccountRights
this now gives us complete remove privileges control in the client
libs, so we are in good shape for starting on the server side.
Gerald Carter [Tue, 28 Jan 2003 20:55:09 +0000 (20:55 +0000)]
patch from Paul Green to only build libsmbclient.so on platforms that support shared libraries
Jelmer Vernooij [Tue, 28 Jan 2003 14:39:01 +0000 (14:39 +0000)]
First step towards XML: Use correct syntax
Jelmer Vernooij [Tue, 28 Jan 2003 13:52:38 +0000 (13:52 +0000)]
First step in converting to XML: use strict syntax
Jelmer Vernooij [Tue, 28 Jan 2003 13:17:06 +0000 (13:17 +0000)]
Put in ab's conversion to XML. First step: Make all the SGML docs
conform to the (more strict) XML syntax.
Jelmer Vernooij [Tue, 28 Jan 2003 13:08:08 +0000 (13:08 +0000)]
Merge in ab's conversion to XML. First step: make SGML documents compatible
with the (more strict) XML format.
Andrew Tridgell [Tue, 28 Jan 2003 12:52:51 +0000 (12:52 +0000)]
cleaned up the lsa_enum_acct_rights function and added a
lsa_add_acct_rights function.
This allows us to add privileges remotely to accounts using rpcclient.
Andrew Bartlett [Tue, 28 Jan 2003 11:51:55 +0000 (11:51 +0000)]
As per a comment by herb a little while back, this should be >=, not == to keep
identical behaviour with previous versions
Andrew Bartlett [Tue, 28 Jan 2003 10:16:07 +0000 (10:16 +0000)]
Make this an fstrcat(), as this seems to fix some weird issue with the server
name being truncated... (either way, it's the correct thing to do).
Andrew Bartlett
Andrew Bartlett [Tue, 28 Jan 2003 05:13:07 +0000 (05:13 +0000)]
The previous patch (NTLMSSP common code factoring) was missing a minor detail -
testing :-). This gets the 'signiture' after the extended security blob,
rather than over the top of it.
Also move that code to the top of the file, with some of the other util functions.
Andrew Bartlett
Andrew Bartlett [Tue, 28 Jan 2003 03:37:14 +0000 (03:37 +0000)]
Factor out common code in the NTLMSSP/SPNEGO code.
The idea here is to seperate, as much as possible, the SPNEGO layer from the
NTLMSSP layer. This not only helps us with protocol correctness, but also
should allow further mechinisms to be added with relitive ease. I indend to
make the kerberos code use this shortly.
I've never seen the 'zero length blob' form of the anonymous login, so I've
removed that case.
Andrew Bartlett
Gerald Carter [Tue, 28 Jan 2003 02:14:33 +0000 (02:14 +0000)]
performance patch from HP-UX folks (cant remember who)
Gerald Carter [Tue, 28 Jan 2003 01:58:51 +0000 (01:58 +0000)]
CUPS-PRINTER_CLASS patch from Michael Sweet
Gerald Carter [Mon, 27 Jan 2003 17:57:24 +0000 (17:57 +0000)]
reran autoconf