16 years agoCommit sid<->[ug]id extensions to on Linux, as well as a
Volker Lendecke [Fri, 16 Jan 2004 13:11:01 +0000 (13:11 +0000)]
Commit sid<->[ug]id extensions to on Linux, as well as a
factored-out nss_winbind.[ch]. I took tridge's public domain license comment
for the nss_winbind.[ch].

This is probably not the last word on that extension, but as it is quite
non-intrusive to the main samba code, I would like to give it a start.


16 years agoBug 381: check builtin (not local) group SID. Patch from Jianliang Lu <
Gerald Carter [Thu, 15 Jan 2004 20:47:30 +0000 (20:47 +0000)]
Bug 381: check builtin (not local) group SID.  Patch from Jianliang Lu <>

16 years agosetting version to 3.0.2rc2
Gerald Carter [Thu, 15 Jan 2004 20:32:27 +0000 (20:32 +0000)]
setting version to 3.0.2rc2

16 years agoadding changelog for 3.0.2rc1
Gerald Carter [Thu, 15 Jan 2004 20:14:02 +0000 (20:14 +0000)]
adding changelog for 3.0.2rc1

16 years agoFix net rpc join (at least newstyle) after it was broken by changing
Jim McDonough [Thu, 15 Jan 2004 19:45:36 +0000 (19:45 +0000)]
Fix net rpc join (at least newstyle) after it was broken by changing
the parms to cli_lsa_query_info_policy without changing them here...

16 years ago* BUG 446
Gerald Carter [Thu, 15 Jan 2004 19:03:18 +0000 (19:03 +0000)]
* BUG 446
  - setup_logging() in smbclient to be interactive (remove the timestamps)
  - Fix bad return value in pull_ucs2( needs more testing to make sure this
    didn't break something else) that caused clistr_pull() to always read
    the same string from the buffer (pull_usc2() could return -1 if the original
    source length was given as -1)
  - increment some debugging messages to avoid printing them out so often

16 years agoBUG 958; don't use the -N option when invoking smbclient from the smbtar script
Gerald Carter [Thu, 15 Jan 2004 17:18:39 +0000 (17:18 +0000)]
BUG 958; don't use the -N option when invoking smbclient from the smbtar script

16 years agoreply_spnego_kerberos did not set the domain of the user handed to
Volker Lendecke [Thu, 15 Jan 2004 17:17:58 +0000 (17:17 +0000)]
reply_spnego_kerberos did not set the domain of the user handed to
register_vuid correctly. We ended up with the local netbios name in
substitutions for %D later.


P.S: Tridge, I can *really* see why you want to get rid of global variables

16 years agoDon't substitute stuff in lp_afs_username_map, this is explicitly
Volker Lendecke [Thu, 15 Jan 2004 17:05:08 +0000 (17:05 +0000)]
Don't substitute stuff in lp_afs_username_map, this is explicitly
done later.


16 years agoAnd another memory corruption in winbind. Arg 3 of safe_strcpy does not
Volker Lendecke [Thu, 15 Jan 2004 15:36:01 +0000 (15:36 +0000)]
And another memory corruption in winbind. Arg 3 of safe_strcpy does not
include the terminating 0.


16 years agoFix a segfault in winbindd. Calling getusersids with a SID that results in 0
Volker Lendecke [Thu, 15 Jan 2004 15:00:44 +0000 (15:00 +0000)]
Fix a segfault in winbindd. Calling getusersids with a SID that results in 0
groups winbind ended up freeing an uninitialised pointer.


16 years ago* Fix sys_chown() when no chown() is presend
Stefan Metzmacher [Thu, 15 Jan 2004 09:08:06 +0000 (09:08 +0000)]
* Fix sys_chown() when no chown() is presend


16 years ago* Fix XFS quotas: XFS_USER_QUOTA -> USRQUOTA
Stefan Metzmacher [Thu, 15 Jan 2004 08:49:30 +0000 (08:49 +0000)]
* Fix disk_free calculation with group quotas.
* Add debug class 'quota' and a lot of DEBUG()'s
  to the quota code.


16 years agoBUG 936: fix bind credentials for schannel binds in smbd (and add a comment to winbin...
Gerald Carter [Thu, 15 Jan 2004 06:55:10 +0000 (06:55 +0000)]
BUG 936: fix bind credentials for schannel binds in smbd (and add a comment to winbindd_cm about this

16 years agoFix for bug 905. Remove POBAD_CC as it doesn't seem to be applicable
Tim Potter [Thu, 15 Jan 2004 06:51:20 +0000 (06:51 +0000)]
Fix for bug 905.  Remove POBAD_CC as it doesn't seem to be applicable

16 years agoBUG 972; check pointer in cli_ds_getprimarydominfo() before trying to copy a structure
Gerald Carter [Thu, 15 Jan 2004 05:16:29 +0000 (05:16 +0000)]
BUG 972; check pointer in cli_ds_getprimarydominfo() before trying to copy a structure

16 years agosource/rpc_parse/parse_prs.c ZERO_STRUCTP(ps) not needed as it is done
Herb Lewis [Wed, 14 Jan 2004 22:53:50 +0000 (22:53 +0000)]
source/rpc_parse/parse_prs.c ZERO_STRUCTP(ps) not needed as it is done
in prs_init now

testsuite/printing/psec.c cannot do a prs_mem_free() when tdb_prs_fetch fails
as the prs structure has not been initialized

16 years agoFix initgroups() call nss_winbind on solaris; patch from John Klinger <john.klinger...
Gerald Carter [Wed, 14 Jan 2004 21:22:30 +0000 (21:22 +0000)]
Fix initgroups() call nss_winbind on solaris; patch from John Klinger <>

16 years agobug 770; correct fix this time; Make sure that we send the SMBjobid for unix jobs...
Gerald Carter [Wed, 14 Jan 2004 20:56:26 +0000 (20:56 +0000)]
bug 770; correct fix this time;  Make sure that we send the SMBjobid for unix jobs back to the client.  Allows windows client to remove print jobs submitted from lpr

16 years agobug 660; using byte order safe macros (or tdb_unpack) when reading 2 or 4 byte values...
Gerald Carter [Wed, 14 Jan 2004 19:12:06 +0000 (19:12 +0000)]
bug 660; using byte order safe macros (or tdb_unpack) when reading 2 or 4 byte values from a tdb buffer

16 years agorevert the cracklib changes until post 3.0.2
Gerald Carter [Wed, 14 Jan 2004 17:34:41 +0000 (17:34 +0000)]
revert the cracklib changes until post 3.0.2

16 years ago* Revert to using rpc for mixed mode AD domains.
Gerald Carter [Wed, 14 Jan 2004 16:25:39 +0000 (16:25 +0000)]
* Revert to using rpc for mixed mode AD domains.
  The reason for this are:
  (a) the set_dc_type_and_flags() cannot tell the different
      between connecting to an NT4 domain and an NT4 BDC
      of a mixed mode domain.
  (b) the connection management for the rpc backend only
      provides on named pipe per cli_state.  So it is possible
      to connect to an NT4 BDC for netlogon and an AD mixed mode
      DC for lsarpc.  RPC is the lowest common demonimator here.
  (c) Issue with the sequence number value between the
      highestCommittedUSN LDAP attribute and the seq_num returned
      via RPC.

We will revisit this later, but the changes need to make this
work right now are too broad and risky.

16 years agoRemove duplicate extern.
Jeremy Allison [Wed, 14 Jan 2004 06:44:20 +0000 (06:44 +0000)]
Remove duplicate extern.

16 years agoRemove references to 'jn' which gcc-3.4 with precompiled headers
Jeremy Allison [Wed, 14 Jan 2004 06:41:50 +0000 (06:41 +0000)]
Remove references to 'jn' which gcc-3.4 with precompiled headers
doesn't like.

16 years agofix XFS quotas the macro changed from HAVE_XFS_QUOTA -> HAVE_XFS_QUOTAS
Stefan Metzmacher [Wed, 14 Jan 2004 02:51:41 +0000 (02:51 +0000)]
fix XFS quotas the macro changed from HAVE_XFS_QUOTA -> HAVE_XFS_QUOTAS


16 years agoRemove duplicate comment.
Andrew Bartlett [Wed, 14 Jan 2004 01:17:21 +0000 (01:17 +0000)]
Remove duplicate comment.

Andrew Bartlett

16 years agoFinish adding cracklib support - this adds the configure test to enable
Andrew Bartlett [Wed, 14 Jan 2004 01:14:22 +0000 (01:14 +0000)]
Finish adding cracklib support - this adds the configure test to enable
it, on machines that actually have a working cracklib, for which we have
the correct path to the dictionary.

Andrew Bartlett

16 years ago* allow dns lookups to be disabled for DOMAIN#1c (and #1b)
Gerald Carter [Tue, 13 Jan 2004 19:42:53 +0000 (19:42 +0000)]
* allow dns lookups to be disabled for DOMAIN#1c (and #1b)
* fix some a mispelled variable name

16 years agoOn systems without a working cracklib, ensure we don't include the header
Andrew Bartlett [Mon, 12 Jan 2004 21:12:47 +0000 (21:12 +0000)]
On systems without a working cracklib, ensure we don't include the header
(the actual call to crack was already in this #ifdef)

Andrew Bartlett

16 years agofixing compile problems due to my recent ads.h changes
Gerald Carter [Mon, 12 Jan 2004 14:26:50 +0000 (14:26 +0000)]
fixing compile problems due to my recent ads.h changes

16 years agoFirst stab at cracklib support (password quality checking) in Samba 3.0
Andrew Bartlett [Mon, 12 Jan 2004 12:18:11 +0000 (12:18 +0000)]
First stab at cracklib support (password quality checking) in Samba 3.0

This adds a configure test, that tries to find out if we have a working
cracklib installation, and tries to pick up the debian hints on where
the dictionary might be found.  Default is per my Fedora Core 1 system -
I'm not sure how much it changes.

Andrew Bartlett

16 years agofix formatting
Gerald Carter [Sun, 11 Jan 2004 14:15:12 +0000 (14:15 +0000)]
fix formatting

16 years agoupdate copyright to -2004
Stefan Metzmacher [Sun, 11 Jan 2004 13:23:50 +0000 (13:23 +0000)]
update copyright to -2004


16 years agoFix swatdir location for --with-fhs
Jelmer Vernooij [Sat, 10 Jan 2004 22:05:38 +0000 (22:05 +0000)]
Fix swatdir location for --with-fhs

16 years agostarting new version of release notes -- post 3.0.2pre1
Gerald Carter [Fri, 9 Jan 2004 16:02:42 +0000 (16:02 +0000)]
starting new version of release notes -- post 3.0.2pre1

16 years agofix some warnings from the Sun compiler
Gerald Carter [Fri, 9 Jan 2004 14:54:33 +0000 (14:54 +0000)]
fix some warnings from the Sun compiler

16 years agoRomve debugging assertions (oops...)
Andrew Bartlett [Fri, 9 Jan 2004 02:47:35 +0000 (02:47 +0000)]
Romve debugging assertions (oops...)

Andrew Bartlett

16 years agoAdd a new type of name lookup 'ads'. This seperates this from normal
Andrew Bartlett [Fri, 9 Jan 2004 02:38:58 +0000 (02:38 +0000)]
Add a new type of name lookup 'ads'.  This seperates this from normal
hostname lookups, and ensures that we don't lookup 'short' (ie NetBIOS)
domain names in DNS.

Andrew Bartlett

16 years agoUse StrCaseCmp, not strcasecmp. Should fix winbind build on IRIX
Jelmer Vernooij [Thu, 8 Jan 2004 22:53:37 +0000 (22:53 +0000)]
Use StrCaseCmp, not strcasecmp. Should fix winbind build on IRIX

16 years agofix segfault when sid_ptr == 0 in DsEnumDomainTrusts() reply
Gerald Carter [Thu, 8 Jan 2004 22:21:29 +0000 (22:21 +0000)]
fix segfault when sid_ptr == 0 in DsEnumDomainTrusts() reply

16 years agofix a seg fault caused by abartlet's last checkin; there's no way this could have...
Gerald Carter [Thu, 8 Jan 2004 19:56:40 +0000 (19:56 +0000)]
fix a seg fault caused by abartlet's last checkin; there's no way this could have been tested against an NT4 DC

16 years agoWe might not have the 'samba' directory in the samba_3_0 build.
Andrew Bartlett [Thu, 8 Jan 2004 08:44:39 +0000 (08:44 +0000)]
We might not have the 'samba' directory in the samba_3_0 build.

Andrew Bartlett

16 years agouse SAFE_FREE(), not free().
Andrew Bartlett [Thu, 8 Jan 2004 08:41:26 +0000 (08:41 +0000)]
use SAFE_FREE(), not free().

Andrew Bartlett

16 years agoThis merges in my 'always use ADS' patch. Tested on a mix of NT and ADS
Andrew Bartlett [Thu, 8 Jan 2004 08:19:18 +0000 (08:19 +0000)]
This merges in my 'always use ADS' patch.  Tested on a mix of NT and ADS
domains, this patch ensures that we always use the ADS backend when
security=ADS, and the remote server is capable.

The routines used for this behaviour have been upgraded to modern Samba
codeing standards.

This is a change in behaviour for mixed mode domains, and if the trusted
domain cannot be reached with our current krb5.conf file, we will show
that domain as disconnected.

This is in line with existing behaviour for native mode domains, and for
our primary domain.

As a consequence of testing this patch, I found that our kerberos error
handling was well below par - we would often throw away useful error
values.  These changes move more routines to ADS_STATUS to return
kerberos errors.

Also found when valgrinding the setup, fix a few memory leaks.

While sniffing the resultant connections, I noticed we would query our
list of trusted domains twice - so I have reworked some of the code to
avoid that.

Andrew Bartlett

16 years agoIn tdb_allocate(), we would create a new record by writing a local variable
Andrew Bartlett [Thu, 8 Jan 2004 05:37:23 +0000 (05:37 +0000)]
In tdb_allocate(), we would create a new record by writing a local variable
'newrec' into the tdb.

This was not initialised, so valgrind warned about it.

(Note:  valgrind only makes sense on tdbs with 'mmap = no' in your smb.conf)

Andrew Bartlett

16 years agoMake it clearer that the domain here is the domain of the user for
Andrew Bartlett [Thu, 8 Jan 2004 02:57:42 +0000 (02:57 +0000)]
Make it clearer that the domain here is the domain of the user for

Andrew Bartlett

16 years agoMove more of winbind to use 'find_our_domain()' rather than the dangerous
Andrew Bartlett [Thu, 8 Jan 2004 02:15:46 +0000 (02:15 +0000)]
Move more of winbind to use 'find_our_domain()' rather than the dangerous

(as find_domain_from_name() can change the data in lp_workgroup())

Andrew Bartlett

16 years agoThe correct test for 'is our primary domain' is domain->primary
Andrew Bartlett [Thu, 8 Jan 2004 00:55:13 +0000 (00:55 +0000)]
The correct test for 'is our primary domain' is domain->primary

16 years agoMachines are people too!
Andrew Bartlett [Wed, 7 Jan 2004 23:46:47 +0000 (23:46 +0000)]
Machines are people too!

While machine accounts cannot use an NTLM login (NT4 style), they are
otherwise full and valid members of the domain, and expect to be able to
use kerberos to connect to CIFS servers.

This means that the LocalSystem account, used by various services, can
perform things like backups, without the admin needing to enter further

This particular issue (bug 722) has started to come up a lot on the lists.

I have only enabled it for winbindd-based systems, as the macros use use
to call the 'add user script' will strip the $ from the username for
security reasons.

Andrew Bartlett

16 years agoFix for bug #922. Fast path not called for strlower_m() and strupper_m().
Jeremy Allison [Wed, 7 Jan 2004 23:21:36 +0000 (23:21 +0000)]
Fix for bug #922. Fast path not called for strlower_m() and strupper_m().
From (Alexander Bokovoy).

16 years agoTypo fix.
Rafal Szczesniak [Wed, 7 Jan 2004 22:44:28 +0000 (22:44 +0000)]
Typo fix.


16 years agoDoxygen comment fix.
Rafal Szczesniak [Wed, 7 Jan 2004 22:43:36 +0000 (22:43 +0000)]
Doxygen comment fix.


16 years agoFix from Justin Baugh <> for bugid #948 for
Jeremy Allison [Wed, 7 Jan 2004 21:08:42 +0000 (21:08 +0000)]
Fix from Justin Baugh <> for bugid #948 for
FreeBSD winbindd.

16 years agocommiting jra's fix for Exchange clear test auth
Gerald Carter [Wed, 7 Jan 2004 19:57:08 +0000 (19:57 +0000)]
commiting jra's fix for Exchange clear test auth

16 years agoFix from Luke Howard <lukeh@PADL.COM> for incorrect early free().
Jeremy Allison [Wed, 7 Jan 2004 19:55:01 +0000 (19:55 +0000)]
Fix from Luke Howard <lukeh@PADL.COM> for incorrect early free().

16 years agoDon't duplicate pulling the 'IPC' username from secrets.tdb, instead
Andrew Bartlett [Wed, 7 Jan 2004 10:11:24 +0000 (10:11 +0000)]
Don't duplicate pulling the 'IPC' username from secrets.tdb, instead
just use one function for both places.

Andrew Bartlett

16 years agoThere is a German translation of swat -- surprise :-)
Volker Lendecke [Wed, 7 Jan 2004 10:02:10 +0000 (10:02 +0000)]
There is a German translation of swat -- surprise :-)

Fix some msgs


16 years agoAdd smbget utility, a simple wget-like utility that uses libsmbclient.
Jelmer Vernooij [Wed, 7 Jan 2004 00:43:52 +0000 (00:43 +0000)]
Add smbget utility, a simple wget-like utility that uses libsmbclient.
Supports recursive downloads and resume, progress indication and shows
estimated time remaining.

16 years agoFix segfualt caused by incorrect configuration. If lp_realm() was not set,
Andrew Bartlett [Tue, 6 Jan 2004 23:57:12 +0000 (23:57 +0000)]
Fix segfualt caused by incorrect configuration.  If lp_realm() was not set,
but security=ADS, we would attempt to free the principal name that krb5
never allocated.

Also fix the dump_data() of the session key, now that we use a data_blob to
store that.

Andrew Bartlett

16 years agoPatch penguin. Cleaning out old mbp patch.
Jeremy Allison [Tue, 6 Jan 2004 22:34:06 +0000 (22:34 +0000)]
Patch penguin. Cleaning out old mbp patch.

16 years agomore commits logged
Gerald Carter [Tue, 6 Jan 2004 20:56:59 +0000 (20:56 +0000)]
more commits logged

16 years agoWrite bug number like in the rest of the file
Jelmer Vernooij [Tue, 6 Jan 2004 20:03:34 +0000 (20:03 +0000)]
Write bug number like in the rest of the file

16 years agoFix -s option to smbcontrol (#908)
Jelmer Vernooij [Tue, 6 Jan 2004 20:01:48 +0000 (20:01 +0000)]
Fix -s option to smbcontrol (#908)

16 years agoremove unused seek_file(); don't hardcode '\' when printing the auth-user
Gerald Carter [Tue, 6 Jan 2004 19:57:14 +0000 (19:57 +0000)]
remove unused seek_file(); don't hardcode '\' when printing the auth-user

16 years agobumping to 3.0.2pre2
Gerald Carter [Tue, 6 Jan 2004 19:14:22 +0000 (19:14 +0000)]
bumping to 3.0.2pre2

16 years agomore commit logs
Gerald Carter [Tue, 6 Jan 2004 19:05:23 +0000 (19:05 +0000)]
more commit logs

16 years ago* making sure contributors are listed in alphabetical order
Gerald Carter [Tue, 6 Jan 2004 18:42:09 +0000 (18:42 +0000)]
* making sure contributors are listed in alphabetical order
* adding jra's fix for bug 815

16 years agoisolate ldap debug messages to the common smbldap_XXX() functions
Gerald Carter [Tue, 6 Jan 2004 18:26:18 +0000 (18:26 +0000)]
isolate ldap debug messages to the common smbldap_XXX() functions

16 years agoXFS quota patch from Stefan Metzmacher <>.
Jeremy Allison [Tue, 6 Jan 2004 18:13:32 +0000 (18:13 +0000)]
XFS quota patch from Stefan Metzmacher <>.

16 years agoUpdates for pread/pwrite code.
Jeremy Allison [Tue, 6 Jan 2004 17:53:34 +0000 (17:53 +0000)]
Updates for pread/pwrite code.

16 years agoCorrectly detect AFS headers on SuSE in /usr/include/afs/afs/
Volker Lendecke [Tue, 6 Jan 2004 15:41:32 +0000 (15:41 +0000)]
Correctly detect AFS headers on SuSE in /usr/include/afs/afs/


16 years agofix case in objectclass name (not that it really matters); patch from Darren Chew...
Gerald Carter [Tue, 6 Jan 2004 14:40:35 +0000 (14:40 +0000)]
fix case in objectclass name (not that it really matters); patch from Darren Chew <>

16 years agoPatch by Stefan Metzmacher <>:
Andrew Bartlett [Tue, 6 Jan 2004 10:22:13 +0000 (10:22 +0000)]
Patch by Stefan Metzmacher <>:

here's a small fix that fixes the new quota system on irix.

I need to reanable XFS quotas on irix for the new quota system
(Jerry do you want to wait for this for the release ?)

But the old system works and is the default on irix!

16 years agoFix typo..
Volker Lendecke [Tue, 6 Jan 2004 07:57:35 +0000 (07:57 +0000)]
Fix typo..


16 years agoPatch based on work from James Peach <> to convert over to
Jeremy Allison [Tue, 6 Jan 2004 01:22:14 +0000 (01:22 +0000)]
Patch based on work from James Peach <> to convert over to
using pread/pwrite. Modified a little to ensure fsp->pos is correct.
Fix for #889.

16 years agoEnsure that for wbinfo --set-auth-user, we actually use the domain.
Andrew Bartlett [Tue, 6 Jan 2004 00:32:24 +0000 (00:32 +0000)]
Ensure that for wbinfo --set-auth-user, we actually use the domain.

Andrew Bartlett

16 years agocifs mount helper merge
Steve French [Mon, 5 Jan 2004 22:18:44 +0000 (22:18 +0000)]
cifs mount helper merge

16 years agoworking on new format for relerase notes in 3.0.2pre1
Gerald Carter [Mon, 5 Jan 2004 21:51:01 +0000 (21:51 +0000)]
working on new format for relerase notes in 3.0.2pre1

16 years agoFix more cases to ensure that as a server, we don't complain to the client
Andrew Bartlett [Mon, 5 Jan 2004 21:24:27 +0000 (21:24 +0000)]
Fix more cases to ensure that as a server, we don't complain to the client
about our server-side lack of session key.

Andrew Bartlett

16 years agoAdded last missing file.
Jeremy Allison [Mon, 5 Jan 2004 21:03:12 +0000 (21:03 +0000)]
Added last missing file.

16 years agoOops. Broke the build. Added missing files.
Jeremy Allison [Mon, 5 Jan 2004 21:02:37 +0000 (21:02 +0000)]
Oops. Broke the build. Added missing files.

16 years agoFix from James Flemer <> to make HAVE_ATTR_LIST linked to
Jeremy Allison [Mon, 5 Jan 2004 21:01:08 +0000 (21:01 +0000)]
Fix from James Flemer <> to make HAVE_ATTR_LIST linked to

16 years agofix inverted check using krb5_kt_resolve() and HAVE_MEMORY_KEYTAB; bug 912
Gerald Carter [Mon, 5 Jan 2004 20:23:56 +0000 (20:23 +0000)]
fix inverted check using krb5_kt_resolve() and HAVE_MEMORY_KEYTAB; bug 912

16 years agoPatch from Stefan (metze) Metzmacher <metze at> to revert to 2.2.x quota...
Jeremy Allison [Mon, 5 Jan 2004 19:36:02 +0000 (19:36 +0000)]
Patch from Stefan (metze) Metzmacher <metze at> to revert to 2.2.x quota methods.


"here's a patch which ports the samba 2.2 samba_linux_quota.h stuff to 3_0.

This is needed because of so many broken quota files outthere.

Please, test this with old, new kernels
(strucr dqblk, struct mem_dqblk, and struct if_dqblk)
, quota.user, aquota.user formats

what is when a user is over soft quota and over hard quotas..."


16 years agoEnsure we set "always sign" flag if set. We don't currently do anything with
Jeremy Allison [Mon, 5 Jan 2004 19:21:06 +0000 (19:21 +0000)]
Ensure we set "always sign" flag if set. We don't currently do anything with
this but we should log the fact it was negotiated.

16 years agoFix warning
Volker Lendecke [Mon, 5 Jan 2004 16:58:37 +0000 (16:58 +0000)]
Fix warning


16 years agoDon't free the encrypted_session_key early - that causes the subsequent
Andrew Bartlett [Mon, 5 Jan 2004 12:36:21 +0000 (12:36 +0000)]
Don't free the encrypted_session_key early - that causes the subsequent
test for a valid length to fail...

This should fix 'security=server' and hosts-equiv failures picked up by
the build farm.

Andrew Bartlett

16 years agoshorten some more lines.
Andrew Bartlett [Mon, 5 Jan 2004 12:21:04 +0000 (12:21 +0000)]
shorten some more lines.

16 years agoTry to keep vl happy - shorten some of these lines.
Andrew Bartlett [Mon, 5 Jan 2004 12:20:15 +0000 (12:20 +0000)]
Try to keep vl happy - shorten some of these lines.

16 years agoGrumble... grumble... fix the build...
Andrew Bartlett [Mon, 5 Jan 2004 05:07:59 +0000 (05:07 +0000)]
Grumble... grumble... fix the build...

16 years agoShow the sid type in name->sid translatons in a way that can be easily
Andrew Bartlett [Mon, 5 Jan 2004 04:26:35 +0000 (04:26 +0000)]
Show the sid type in name->sid translatons in a way that can be easily
understood by humans.

Andrew Bartlett

16 years agoAlways call the auto-init funciton - this avoids tdb segfaulting under
Andrew Bartlett [Mon, 5 Jan 2004 04:15:55 +0000 (04:15 +0000)]
Always call the auto-init funciton - this avoids tdb segfaulting under
us if we failed to open it earlier.

Andrew Bartlett

16 years agoCorrectly handle per-pipe NTLMSSP inside a NULL session. Previously we
Andrew Bartlett [Mon, 5 Jan 2004 04:12:40 +0000 (04:12 +0000)]
Correctly handle per-pipe NTLMSSP inside a NULL session.  Previously we
would attempt to supply a password to the 'inside' NTLMSSP, which the
remote side naturally rejected.

Andrew Bartlett

16 years agoChange our Domain controller lookup routines to more carefully seperate
Andrew Bartlett [Mon, 5 Jan 2004 04:10:28 +0000 (04:10 +0000)]
Change our Domain controller lookup routines to more carefully seperate
DNS names (realms) from NetBIOS domain names.

Until now, we would experience delays as we broadcast lookups for DNS names
onto the local network segments.

Now if DNS comes back negative, we fall straight back to looking up the
short name.

Andrew Bartlett

16 years agoFix typo in RW2 torture test. Closes bugzilla bug #924.
Tim Potter [Mon, 5 Jan 2004 02:57:33 +0000 (02:57 +0000)]
Fix typo in RW2 torture test.  Closes bugzilla bug #924.

16 years agoAdd const.
Andrew Bartlett [Mon, 5 Jan 2004 02:16:51 +0000 (02:16 +0000)]
Add const.

16 years agoThere is some memory corruption hidden somewhere in our winbind code. If I
Andrew Bartlett [Mon, 5 Jan 2004 02:12:38 +0000 (02:12 +0000)]
There is some memory corruption hidden somewhere in our winbind code.  If I
could reproduce it, I would fix it, but for now just make sure we always
SAFE_FREE() and set our starting pointers to NULL.

Andrew Bartlett

16 years agoChange (unused) structure parameter for cli_ds_enum_domain_trusts() cleanup.
Andrew Bartlett [Mon, 5 Jan 2004 02:05:19 +0000 (02:05 +0000)]
Change (unused) structure parameter for cli_ds_enum_domain_trusts() cleanup.

16 years agorpc_client/cli_lsarpc.c:
Andrew Bartlett [Mon, 5 Jan 2004 02:04:37 +0000 (02:04 +0000)]
 - Add const

 - Cleanup function for use

 - Use new utility function ads_sid_to_dn
 - Don't search for 'dn=', rather call the ads_search_retry_dn()

 - Fixup braindamage in cli_ds_enum_domain_trusts():
    - This function was returning a UNISTR2 up to the caller, and
      was doing nasty (invalid, per valgrind) things with memcpy()
    - Create a new structure that represents this informaiton in a useful way
      and use talloc.

Andrew Bartlett

16 years agoFix for bug 707, getent group for huge ads groups (>1500 members)
Andrew Bartlett [Mon, 5 Jan 2004 01:48:21 +0000 (01:48 +0000)]
Fix for bug 707, getent group for huge ads groups (>1500 members)
This introduces range retrieval of ADS attributes.

VL rewrote most of G√ľnther's patch, partly to remove code duplication and
partly to get the retrieval of members in one rush, not interrupted by the
lookups for the DN.

I rewrote that patch, to ensure that we can keep an eye on the USN
(sequence number) of the entry - this allows us to ensure the read was

In particular, the range retrieval is now generic, for strings.  It
could easily be made generic for any attribute type, if need be.

Andrew Bartlett