Jeremy Allison [Wed, 23 Jul 2003 06:04:20 +0000 (06:04 +0000)]
Don't check in two places for signing turned off...
Jeremy.
(This used to be commit
f4b02e52e25556e5b101d493e2e6404563bf96dd)
Tim Potter [Wed, 23 Jul 2003 03:59:57 +0000 (03:59 +0000)]
A fix for bug 174. I'm pushing this to the tree to test it on one of
the build farm machines that I don't have direct access to (hpntc9I).
(This used to be commit
b01965823341bbabb74dcbc09d379b43db2ec680)
Tim Potter [Wed, 23 Jul 2003 01:26:46 +0000 (01:26 +0000)]
Fix two memory leaks in the smb module:
- free talloc context when cli_query_secdesc() fails
- dispose of cli_state when python cli_state_object is garbage collected
(This used to be commit
36052f95ffad4f227596e8038d3f056312d0ad82)
Gerald Carter [Tue, 22 Jul 2003 15:08:34 +0000 (15:08 +0000)]
removing unused function
(This used to be commit
b8394a107d3448434f1a34076eaab8e6dd9a8a9d)
Gerald Carter [Tue, 22 Jul 2003 15:02:39 +0000 (15:02 +0000)]
bumping version string
(This used to be commit
e4cd21222dbd1a7a7f79618762799373230d4905)
Alexander Bokovoy [Tue, 22 Jul 2003 14:43:05 +0000 (14:43 +0000)]
Gerald Carter [Tue, 22 Jul 2003 13:10:57 +0000 (13:10 +0000)]
sync from bea3 release
(This used to be commit
e42cc1e920601883cd404e9b2292ca58554ccf63)
Tim Potter [Tue, 22 Jul 2003 06:52:39 +0000 (06:52 +0000)]
Another round of uid/gid/pid format string changes I missed the
first time.
(This used to be commit
6616485dbad74dab7506609c6bfd183fc9c1f93c)
Tim Potter [Tue, 22 Jul 2003 04:31:20 +0000 (04:31 +0000)]
Fixup a bunch of printf-style functions and debugs to use unsigned long when
displaying pid_t, uid_t and gid_t values. This removes a whole lot of warnings
on some of the 64-bit build farm machines as well as help us out when 64-bit
uid/gid/pid values come along.
(This used to be commit
f93528ba007c8800a850678f35f499fb7360fb9a)
Tim Potter [Tue, 22 Jul 2003 01:18:24 +0000 (01:18 +0000)]
Use %p for a pointer type in a printf-style format string. Also casting
a pointer to a uint32 value is incorrect on a 64-bit architecture.
(This used to be commit
afed2cbbcc07de9e453156972250f5f9d22e8e83)
Tim Potter [Tue, 22 Jul 2003 00:20:53 +0000 (00:20 +0000)]
Replace the eight (!) copies of dummy become/unbecome root with a single one.
(This used to be commit
8b818ce381595cdcb36631a2440d6aa0038805f1)
Tim Potter [Tue, 22 Jul 2003 00:16:39 +0000 (00:16 +0000)]
Use lp_idmap_[ug]id() instead of lp_winbind_[ug]id()
(This used to be commit
cfb86b4503c13b34583a61ef01ca8e1ed00fb9e4)
Tim Potter [Mon, 21 Jul 2003 23:42:45 +0000 (23:42 +0000)]
Metze's AD/LDAP detection patches mainly to do with library detection.
Tested on a large combination of operating systems and versions.
Hopefully the build farm will find any remaining nasties if they
exist.
(This used to be commit
2e42fa3d7217615d90ad64261513bd1e8a65f535)
Richard Sharpe [Mon, 21 Jul 2003 20:20:09 +0000 (20:20 +0000)]
Clarify a debug log a little. The path might not exist, so say so.
(This used to be commit
8409cf3e470df79f219f9a21c0cb780e9257186c)
Rafal Szczesniak [Sun, 20 Jul 2003 21:43:41 +0000 (21:43 +0000)]
This creates passdb backend files automatically when adding first account.
An extra message notifying that needed file didn't exist is displayed.
There's still a little catch with tdb backend, but it's better than it was,
from end-user's point of view.
This fixes #198
rafal
(This used to be commit
b0be700605c289ce8e9dd3abe49d78ac77256911)
Rafal Szczesniak [Sun, 20 Jul 2003 14:50:38 +0000 (14:50 +0000)]
Jelmer Vernooij [Sun, 20 Jul 2003 00:34:24 +0000 (00:34 +0000)]
Volker Lendecke [Sat, 19 Jul 2003 11:28:15 +0000 (11:28 +0000)]
Andrew Bartlett [Sat, 19 Jul 2003 00:36:43 +0000 (00:36 +0000)]
Fix StrCaseCmp() to avoid calling smb_panic() on invalid multibyte strings.
This fix results in
- we no longer use fixed-size buffers in StrCaseCmp (previously limited to
a pstring)
- we return strcmp(s, t) if either of the strings is invalid
- for non-ascii cases, we call iconv twice, not 4 times.
The basic idea with this fix is that if a string is not valid in the currnet
charset, then (unless it is byte-equivilant) it cannot be case-equivilant
to any other string.
This should address the majority of our smb_panic() cases on this matter. It
will not fix them all - we still call unix_strupper(), aka strupper_m()
elsewhere, but this was being called on every file in the directory when
we performed unix_convert().
Tested with the stf unit tests for this routine.
Andrew Bartlett
(This used to be commit
9918fa73145a22b1d7adf001f0a9cf0e1bda4136)
Rafal Szczesniak [Sat, 19 Jul 2003 00:23:08 +0000 (00:23 +0000)]
According to the result of voting, net has default debug level with
ability to change it by command line instead of turn-off cmdline switch
for debug messages.
It's a bit more comfortable to use now.
(This used to be commit
b65fe75bec8170ad48d1ad0a9017ccc4de651eba)
Volker Lendecke [Fri, 18 Jul 2003 11:36:16 +0000 (11:36 +0000)]
Volker Lendecke [Fri, 18 Jul 2003 09:05:30 +0000 (09:05 +0000)]
Fix two memleaks in pdb_ldap.c.
Whoever put the private.backend_private_data_free_fn thingy into
SAM_ACCOUNT, could you please revisit my change to pdb_get_set.c and
comment on my comment there?
Thanks,
Volker
(This used to be commit
922ec277d1c80b5532f5cac0ee99ae7cd20f83f1)
Andrew Tridgell [Fri, 18 Jul 2003 07:07:29 +0000 (07:07 +0000)]
make sure we don't allow the creation of directories containing
wildcard characters. I've only put this in mkdir at the moment, but I
suspect this will apply to all places that can create new filenames.
We need to allow the opening of existing filenames that contain
wildcards, but not allow the creation of new ones.
(This used to be commit
2fd5569938b8970f3e9d761eecad5bc0b8bb267e)
Andrew Tridgell [Fri, 18 Jul 2003 06:48:28 +0000 (06:48 +0000)]
this fixes a bug where Samba would under some circumstances return
incomplete directory listings. The problem was the exact_match
optimisation that short circuited directory listings on exact
matches. This optimisation doesn't work when the unix filename
contains Microsoft wildcard characters.
(This used to be commit
84cee2c3fcc34fe6356e842821a5f0a361477637)
Tim Potter [Fri, 18 Jul 2003 03:04:13 +0000 (03:04 +0000)]
Fix spelling typo.
(This used to be commit
5cb7d92751b6da58bb3ecd97cced5c963d348bed)
Tim Potter [Fri, 18 Jul 2003 02:57:43 +0000 (02:57 +0000)]
Uninstall modules as part of uninstall. Partial fix for 236.
We still don't uninstall swat or the man pages properly.
(This used to be commit
90157b9bd3d4122e647faa48b17a44d63b07e32e)
Andrew Tridgell [Fri, 18 Jul 2003 01:36:11 +0000 (01:36 +0000)]
fixed the pstrcpy() bug in directory recursion properly
(This used to be commit
132d6fdf635eb2bf2a1afd6e850d0f6967260f84)
Jeremy Allison [Fri, 18 Jul 2003 00:53:34 +0000 (00:53 +0000)]
Signing so far... the client code fails on a SMBtrans2 secondary transaction
I think (my changes haven't affected this I believe). Initial support on the
server side for smbclient. Still doesn't work for w2k clients I think...
Work in progress..... (don't change).
Jeremy.
(This used to be commit
e5714edc233424c2f74edb6d658f32f8e0ec9275)
Jeremy Allison [Thu, 17 Jul 2003 18:55:40 +0000 (18:55 +0000)]
Formatting tidyups to match the rest of the source.
Jeremy.
(This used to be commit
86c5ebcf8f5eb57e9885627b3da4e486ee3f62d9)
Volker Lendecke [Thu, 17 Jul 2003 11:24:54 +0000 (11:24 +0000)]
Disconnect an idle LDAP connection after 150 seconds.
Not strictly a bugfix, but it should considerably reduce the load we
put on LDAP servers given that at least nss_ldap on Linux keeps a
connection open.
And it should also stress our reconnect-code a bit more ;-)
Thanks to metze for this!
Volker
(This used to be commit
e68d8eabeb9c64dc45d057619f9b3dd0cd507444)
Volker Lendecke [Thu, 17 Jul 2003 10:03:37 +0000 (10:03 +0000)]
Ban getgrouplist on linux glibc systems with glibc <= 2.3.
This segfaults when you have to many group membership entries
in /etc/group.
Fixed in glibc CVS end of April 2003.
Volker
(This used to be commit
61bfdf0b12457689b08c19a6269259abf3d15410)
Tim Potter [Thu, 17 Jul 2003 04:17:58 +0000 (04:17 +0000)]
Fix for bug 222 from Marcin Owsiany.
Don't get stuck in an infinite loop listing directories recursively
if the server returns an empty directory name. This can happen with
incorrect i18n configuration on a Samba server.
(This used to be commit
f93a2831f1b4e5751ca86d46a6e5ede9adf660cb)
Tim Potter [Thu, 17 Jul 2003 03:53:43 +0000 (03:53 +0000)]
Don't use pstrcpy on non-pstrings.
(This used to be commit
3498624d941fe200b06f114ece3373d4c4cfb2d1)
Andrew Bartlett [Thu, 17 Jul 2003 01:34:05 +0000 (01:34 +0000)]
In the presense of RPC fragments, schannel is not strictly request/reply,
so the shared sequence number will not be strictly odd/even.
Andrew Bartlett
(This used to be commit
77c3e69aef545d3f9b7cec9efdc366cbeb0c745e)
Jeremy Allison [Thu, 17 Jul 2003 00:58:14 +0000 (00:58 +0000)]
Correctly toggle the signing state to what it was previosly when sending
an oplock break.
Jeremy.
(This used to be commit
9515de83a864250c417cf490b7be714c8e1e127e)
Jeremy Allison [Thu, 17 Jul 2003 00:53:37 +0000 (00:53 +0000)]
Don't allow read/write raw when signing is active.
Jeremy.
(This used to be commit
8d2a848052df03dad7bfeb5e7be96f8e9a509bbf)
Jeremy Allison [Thu, 17 Jul 2003 00:48:21 +0000 (00:48 +0000)]
Putting the framework for server signing in place. Ensure we don't use
sendfile when signing (I need to add this for readbraw/writebraw too...).
Jeremy.
(This used to be commit
f2e84f1ba67b13ff29e24a38099b559d9033a680)
Jeremy Allison [Wed, 16 Jul 2003 22:57:56 +0000 (22:57 +0000)]
Refactor signing code to remove most dependencies on 'struct cli'.
Ensure a server can't do a downgrade attack if client signing is mandatory.
Add a lp_server_signing() function and a 'server signing' parameter that
will act as the client one does.
Jeremy
(This used to be commit
203e4bf0bfb66fd9239e9a0656438a71280113cb)
Eloy Paris [Wed, 16 Jul 2003 21:30:02 +0000 (21:30 +0000)]
Further Debian fixes.
(This used to be commit
8f86cb196f9f2eaa4d6406f1082397dcf01897bf)
Jeremy Allison [Wed, 16 Jul 2003 21:06:21 +0000 (21:06 +0000)]
Add API framework for server SMB signing.
Jeremy.
(This used to be commit
61fc9a7b2eafdf8cbed1f8d9aae016b828c91a08)
Jeremy Allison [Wed, 16 Jul 2003 19:17:33 +0000 (19:17 +0000)]
Add krb5_princ_component to Heimdal. Remove cli_ from mark packet signed.
Jeremy.
(This used to be commit
dd46f8b22d6e8411081a1279e1cd32929e40370b)
Jeremy Allison [Wed, 16 Jul 2003 18:06:27 +0000 (18:06 +0000)]
Reformatting fixes to bring in line with the rest of the source.
Jeremy.
(This used to be commit
3c11d9362379f16bb0d14449f64e731efad97ffe)
Gerald Carter [Wed, 16 Jul 2003 16:51:51 +0000 (16:51 +0000)]
adding command for moving a record from one tdb to another
(This used to be commit
d0d85dd49c41c55e086714a45990d5cd6c36fa10)
Gerald Carter [Wed, 16 Jul 2003 16:26:40 +0000 (16:26 +0000)]
make tdbtool deal with NULL and non-NULL terminated keys
(This used to be commit
5df7b9a3efaf5b7828d0405bc14504d14d9e833a)
Gerald Carter [Wed, 16 Jul 2003 15:01:26 +0000 (15:01 +0000)]
sync with release tree
(This used to be commit
dd10e7c9bbef0d28f3c5330605ff3b18c278eeef)
Volker Lendecke [Wed, 16 Jul 2003 13:57:53 +0000 (13:57 +0000)]
Volker Lendecke [Wed, 16 Jul 2003 13:35:23 +0000 (13:35 +0000)]
Tim Potter [Wed, 16 Jul 2003 05:51:10 +0000 (05:51 +0000)]
John Terpstra [Wed, 16 Jul 2003 05:42:10 +0000 (05:42 +0000)]
Documentation Update for Beta3.
(This used to be commit
a88dc502cb3b6b2d905106675f50680bf22e2cfa)
Gerald Carter [Wed, 16 Jul 2003 04:53:57 +0000 (04:53 +0000)]
removing outdated scripts
(This used to be commit
b47b6f5825753b4ad130cdd372dbd023f78d3fd9)
Gerald Carter [Wed, 16 Jul 2003 04:50:45 +0000 (04:50 +0000)]
remove outdated doc
(This used to be commit
ee44d72a1bf24ecf99d485f4d9ff8359d54e19c3)
Gerald Carter [Wed, 16 Jul 2003 03:54:08 +0000 (03:54 +0000)]
adding another missing doc
(This used to be commit
ec92d856734e6d32189c3e90411fd02a20b8fe83)
Gerald Carter [Wed, 16 Jul 2003 03:51:25 +0000 (03:51 +0000)]
updating WHATSNEW
removing old readme (not part of WHATSNEW)
(This used to be commit
c9c5f68eeab5a36b279673c728411672b4b4449b)
Andrew Bartlett [Wed, 16 Jul 2003 03:22:43 +0000 (03:22 +0000)]
Fix up our auth_pipe code to always cope with fragmented datagrams,
in both SCHANNEL and NTLMSSP.
(Try not to deal with a general case as individual special cases...)
Andrew Bartlett
(This used to be commit
6ca77bd28f16f9f65ff40bf8996e39356de5b4f8)
Gerald Carter [Wed, 16 Jul 2003 02:51:28 +0000 (02:51 +0000)]
fix typo in debug log
(This used to be commit
074da426708555de082d0c2e5ae3a5cddaadcdf4)
Gerald Carter [Wed, 16 Jul 2003 02:20:53 +0000 (02:20 +0000)]
fixes for 'net rpc vampire'. I can now take a blank Samba host
and migrate an NT4 domain and still logon from domain members
(tested logon scripts, system policies, profiles, & home directories)
(passdb backend = tdbsam)
removed call to idmap_init_wellknown_sids() from winbindd.c
since the local domain should be handled by the guest passdb backend
(and you don't really always want the Administrator account to be root)
...and we didn't pay attention to this anyways now.
(This used to be commit
837d7c54d3ca780160aa0d6a2f0a109bb691948e)
Gerald Carter [Wed, 16 Jul 2003 02:17:55 +0000 (02:17 +0000)]
Volker's patch for open_socket_out() to speed up connections
(This used to be commit
7d63b690004a59316a70059db0d9ad0ea9001288)
Tim Potter [Wed, 16 Jul 2003 00:13:40 +0000 (00:13 +0000)]
Fix from Dragan Krnic for handling files in tar archives > 8GB.
Fixes bug 102.
(This used to be commit
b54183a7b23d1046faad0890de3fdda3df0fec88)
Jeremy Allison [Tue, 15 Jul 2003 23:05:57 +0000 (23:05 +0000)]
Added the "required" keyword to the "client signing" parameter to force it
on. Fail if missmatch. Small format tidyups in smbd/sesssetup.c. Preparing
to add signing on server side.
Jeremy.
(This used to be commit
c390b3e4cd68cfc233ddf14d139e25d40f050f27)
Jeremy Allison [Tue, 15 Jul 2003 22:26:47 +0000 (22:26 +0000)]
Add a cli_ prefix to a few functions to ensure everything that takes a struct cli_state
is so marked.
Jeremy
(This used to be commit
0b8724ed65799f94f2af5d1dbb9ba20f1bac53a7)
Gerald Carter [Tue, 15 Jul 2003 21:33:28 +0000 (21:33 +0000)]
fix schannel processing on fragmented PDUs. 'net rpc vampire' works again.
(This used to be commit
ff0c71148e405eeb49efbc51461325c7f2207433)
Volker Lendecke [Tue, 15 Jul 2003 17:27:39 +0000 (17:27 +0000)]
Volker Lendecke [Tue, 15 Jul 2003 17:23:36 +0000 (17:23 +0000)]
We should report if a group mapping fails. This should fix bug#225.
Jerry, this is assigned to you. Do you want to answer it?
However, we have to decide what to do if a mapping is to be done for a
unix group not in LDAP....
Volker
(This used to be commit
bf449d467cfe4987df17010490a16ab0472c0803)
Eloy Paris [Tue, 15 Jul 2003 17:22:38 +0000 (17:22 +0000)]
Debian updates. Brings files in packaging/Debian on par with the
latest Debian official packages for Debian unstable. Also fixes
patches that got out of date in the beta2->beta3 development process.
(This used to be commit
03871fd574bf9c0f6d88c96423f77e9ada7b16f7)
Alexander Bokovoy [Tue, 15 Jul 2003 17:21:21 +0000 (17:21 +0000)]
Add support for MSG_SMB_CONF_UPDATED and MSG_SHUTDOWN to all daemons (smbd, nmbd, winbindd). Reviewed by jerry and tridge.
(This used to be commit
02c5e2fc6f0721ebd82a9e6a2b34190607de55fe)
Volker Lendecke [Tue, 15 Jul 2003 17:00:11 +0000 (17:00 +0000)]
Volker Lendecke [Tue, 15 Jul 2003 16:46:20 +0000 (16:46 +0000)]
Volker Lendecke [Tue, 15 Jul 2003 16:07:50 +0000 (16:07 +0000)]
Jim, could you please look at this? smbpasswd -a <username> was broken
for me without this patch. I'm not sure if I interpreted your patch to
this code right.
Thanks,
Volker
(This used to be commit
46ec022f873416d2258fc8d84430b17319dce70f)
Gerald Carter [Tue, 15 Jul 2003 16:02:51 +0000 (16:02 +0000)]
Mandrake packaging updates from Buchan
(This used to be commit
3fec31d0fd91de6196d56fc7eae145f10c12483c)
Alexander Bokovoy [Tue, 15 Jul 2003 13:00:20 +0000 (13:00 +0000)]
Accept --with-expsam=no as valid option (do nothing on it). Simplifies automatic option generation for spec files
(This used to be commit
4042d965f26d8cc056792df50d0a2a6f3f640e50)
Alexander Bokovoy [Tue, 15 Jul 2003 12:12:15 +0000 (12:12 +0000)]
Fix cut&paste bug in strdup() usage example. Found by Metze
(This used to be commit
38f85593c41b5d9ea1c67beb626724b9e14a5dab)
Alexander Bokovoy [Tue, 15 Jul 2003 09:50:44 +0000 (09:50 +0000)]
Add mandir to installdir target. Otherwise installman fails for clean DESTDIR
(This used to be commit
bb31276c3dfd10bfbc41b7e77e1e1aca1f051453)
Gerald Carter [Tue, 15 Jul 2003 04:38:20 +0000 (04:38 +0000)]
odding some more docs
(This used to be commit
6fdf9f8cd53833294d34aa6dc8d660957c530ae5)
Gerald Carter [Tue, 15 Jul 2003 04:33:37 +0000 (04:33 +0000)]
adding docs on hew parameters I added.
(This used to be commit
7c91c4360ffd5683f063ac2ce8ebadb4b4db9342)
Gerald Carter [Tue, 15 Jul 2003 04:24:37 +0000 (04:24 +0000)]
update docs to reflect the change in default behavior for winbindd
(This used to be commit
140e2fd5d710f5c800399e20a64c8ac4349a7003)
Gerald Carter [Tue, 15 Jul 2003 04:19:57 +0000 (04:19 +0000)]
remove -B and default to dual-daemon mode (-Y to run as a single process)
(This used to be commit
369a914ebefd5625af19b76d71b502e5e13a7147)
Gerald Carter [Tue, 15 Jul 2003 02:27:00 +0000 (02:27 +0000)]
make sure to fallback to rid algoruthm for users not in smbpasswd (e.g. force user = foo)
(This used to be commit
399799c68cbc91cb3908b0d83ee4f51fa3bf3023)
Andrew Bartlett [Tue, 15 Jul 2003 01:07:12 +0000 (01:07 +0000)]
SPNEGO SMB signing is now fixed for NTLMSSP, with kerberos to follow shortly.
Andrew Bartlett
(This used to be commit
2b493813fc09ed9bf21f90bce708e6145cf1b4de)
Gerald Carter [Mon, 14 Jul 2003 19:51:34 +0000 (19:51 +0000)]
fix cache coherency bug in print handle print_info_2 cache.
Needs to be rewritten to use a reference counter, but this
will work for now.
also the memory allocation in the printing code needs to be cleaned
up to use talloc exclusively.
(This used to be commit
3d293027563b36411b7f84ed9d8f47f926271c6f)
Alexander Bokovoy [Mon, 14 Jul 2003 15:03:19 +0000 (15:03 +0000)]
Small documentation fixes from Metze
(This used to be commit
3f63bcb47182f69a7524bf9fcd0198aa116a9c45)
Andrew Bartlett [Mon, 14 Jul 2003 12:56:30 +0000 (12:56 +0000)]
Fix compile error noticed by Ken Cross, use the utility function instead
of an inline replacement...
Andrew Bartlett
(This used to be commit
d941255a97fc6d0d62eae1602075b1aa0481cde5)
Andrew Bartlett [Mon, 14 Jul 2003 10:38:23 +0000 (10:38 +0000)]
Fix SMB signing when using NTLMSSP...
It's so simple now I know how it works - and it has nothing to do with
NTLMSSP (it's just a slightly different use of the old algorithm). :-).
Note: This is actually less secure then the non-NTLMSSP code, as there is
no per-session random data included for NTLM logins. (NTLMv2 is better,
fortunetly).
Andrew Bartlett
(This used to be commit
95ec8317d4c6817d192bcd52eec44a22286e10ee)
Andrew Bartlett [Mon, 14 Jul 2003 08:46:32 +0000 (08:46 +0000)]
Jeremy requested that I get my NTLMSSP patch into CVS. He didn't request
the schannel code, but I've included that anyway. :-)
This patch revives the client-side NTLMSSP support for RPC named pipes
in Samba, and cleans up the client and server schannel code. The use of the
new code is enabled by the 'sign', 'seal' and 'schannel' commands in
rpcclient.
The aim was to prove that our separate NTLMSSP client library actually
implements NTLMSSP signing and sealing as per Microsoft's NTLMv1 implementation,
in the hope that knowing this will assist us in correctly implementing
NTLMSSP signing for SMB packets. (Still not yet functional)
This patch replaces the NTLMSSP implementation in rpc_client/cli_pipe.c with
calls to libsmb/ntlmssp.c. In the process, we have gained the ability to
use the more secure NT password, and the ability to sign-only, instead of
having to seal the pipe connection. (Previously we were limited to sealing,
and could only use the LM-password derived key).
Our new client-side NTLMSSP code also needed alteration to cope with our
comparatively simple server-side implementation. A future step is to replace
it with calls to the same NTLMSSP library.
Also included in this patch is the schannel 'sign only' patch I submitted to
the team earlier. While not enabled (and not functional, at this stage) the
work in this patch makes the code paths *much* easier to follow. I have also
included similar hooks in rpccleint to allow the use of schannel on *any* pipe.
rpcclient now defaults to not using schannel (or any other extra per-pipe
authenticiation) for any connection. The 'schannel' command enables schannel
for all pipes until disabled.
This code is also much more secure than the previous code, as changes to our
cli_pipe routines ensure that the authentication footer cannot be removed
by an attacker, and more error states are correctly handled.
(The same needs to be done to our server)
Andrew Bartlett
(This used to be commit
5472ddc9eaf4e79c5b2e1c8ee8c7f190dc285f19)
John Terpstra [Mon, 14 Jul 2003 05:17:52 +0000 (05:17 +0000)]
Typo fixes from Vorlon.
(This used to be commit
4cdadbbbe9d6311b32dfe8e9823ed55dab1c6f1c)
Tim Potter [Mon, 14 Jul 2003 05:13:30 +0000 (05:13 +0000)]
Don't bomb out when trying to unmarshall a zero length printerdata value.
Fixes remote printer publishing of shared printers from a Samba server.
(This used to be commit
7f363fa32d3b660567fc87d5d0b1e1d4dd58461a)
Tim Potter [Mon, 14 Jul 2003 01:49:07 +0000 (01:49 +0000)]
Delete obsolete comment.
(This used to be commit
5416c51133297e866210ec0d8454e04c25541d91)
Tim Potter [Mon, 14 Jul 2003 01:18:43 +0000 (01:18 +0000)]
Undo 'Fix compiler warning'. It didn't work because the value of inbuf changes so
we end up freeing a pointer we didn't mallocate.
Also, calling strdup() in a frequently called function just to clear up a
const compiler warning seems inelegant and inefficient.
(This used to be commit
a0da5ae1198082d0cf18707ed2cf05f728b00d0b)
Simo Sorce [Sun, 13 Jul 2003 21:41:23 +0000 (21:41 +0000)]
use the specific funtion we have to check if a SID belong to our domain
(This used to be commit
a926959391676d69bd7cbaf4ce0be0d3cb715418)
Rafal Szczesniak [Sun, 13 Jul 2003 16:25:55 +0000 (16:25 +0000)]
Fix compiler warning.
(This used to be commit
3a71b4873034b3fe9dc7b23a95e56c865e857507)
Volker Lendecke [Sun, 13 Jul 2003 09:43:58 +0000 (09:43 +0000)]
Argl. Thinking twice and looking at the rest of callers of sid_compare_domain
proved the last patch wrong.
Sorry.
Volker
(This used to be commit
d8695eccc7acdee69ca0d0593b56a417f1f89167)
Volker Lendecke [Sun, 13 Jul 2003 09:38:55 +0000 (09:38 +0000)]
We have an API to compare the domain parts of two SIDs, so use it.
Volker
(This used to be commit
39308ff138da88c1a4c0958cd4c7a9090261d3d5)
Jeremy Allison [Sat, 12 Jul 2003 00:27:22 +0000 (00:27 +0000)]
Fixed memory leaks, added krb5 replay cache. Now I need to add code to check
the incoming addresses....
Jeremy.
(This used to be commit
4e9359a1f67a44b2981579383327ba774e1c31f9)
Gerald Carter [Fri, 11 Jul 2003 18:12:24 +0000 (18:12 +0000)]
patch for domain groups with no members (rpc only) from Ken Cross
(This used to be commit
05ec9c40f40be4d4dbb10b33e0def2374468ff8a)
Richard Sharpe [Fri, 11 Jul 2003 17:50:59 +0000 (17:50 +0000)]
Fix a small typo in a comment and pretty it up a bit.
(This used to be commit
3b5ddd8e1f021f6a38434c0d9a47317ab6ff2614)
Gerald Carter [Fri, 11 Jul 2003 16:37:23 +0000 (16:37 +0000)]
fix sid_to_[uid|gid] (spotted by Volker).
Still testing this, but I'm checking it in
so Volker can test it as well. Should be right.
(This used to be commit
8edf193722f699cc33baed410917a78a5e28d0a4)
Gerald Carter [Fri, 11 Jul 2003 15:17:06 +0000 (15:17 +0000)]
fix unitialised variable
(This used to be commit
5efa0d7cc28d903c1986b8e40072ae49e9532a88)
Gerald Carter [Fri, 11 Jul 2003 15:09:57 +0000 (15:09 +0000)]
fix winbindd init sctipt
(This used to be commit
018b222f9248e6baa02e74e36adbf2332aa4431e)
Herb Lewis [Fri, 11 Jul 2003 14:33:13 +0000 (14:33 +0000)]
use names from enumerated type to get rid of compiler warnings
(This used to be commit
c9d6782e091406ed105b7dc34c8c83e53bfe515e)
Jim McDonough [Fri, 11 Jul 2003 14:33:03 +0000 (14:33 +0000)]
Doesn't re-prompt for password when it is specified on the cmdline
(This used to be commit
6ebe87d318658f28ad9b9f8169fc4400856d5812)
Herb Lewis [Fri, 11 Jul 2003 14:20:12 +0000 (14:20 +0000)]
get rid of CFLAGS from LDSHFLAGS and WINBIND_NSS_LDSHFLAGS and instead
define it in SHLD for those systems the use CC for SHLD.
(This used to be commit
d0e2f3d1098ac0b8fa9165b3a93cd8d325a7a0d9)