Günther Deschner [Tue, 18 Dec 2007 12:38:14 +0000 (13:38 +0100)]
Merge WERR_NO_SUCH_LOGON_SESSION from Samba4.
Guenther
(This used to be commit
7b528647879bb55c9c85243a3e2906c09490edc9)
Günther Deschner [Wed, 19 Dec 2007 09:58:58 +0000 (10:58 +0100)]
Add and use some keystr functions using talloc_tos() in secrets api.
Guenther
(This used to be commit
6ccbf67a0c6f117978df55d4e2565d34fddf9317)
Günther Deschner [Wed, 19 Dec 2007 10:08:27 +0000 (11:08 +0100)]
Add cmd_wkssvc_enumeratecomputernames to rpcclient.
Guenther
(This used to be commit
289151393a43c7f0c2baafdd79d1163fc80aad6a)
Jeremy Allison [Wed, 19 Dec 2007 02:16:40 +0000 (18:16 -0800)]
Two more static fstrings gone.
Jeremy.
(This used to be commit
4056bb8645821fba95d6e9ca4d82e2d5084c1e5c)
Jeremy Allison [Wed, 19 Dec 2007 02:10:09 +0000 (18:10 -0800)]
Remove last_message completely as it's no longer used.
Jeremy.
(This used to be commit
c378c3edc1197d46c5d6eb2bcabbf9e774c03ffc)
Jeremy Allison [Wed, 19 Dec 2007 02:01:34 +0000 (18:01 -0800)]
Remove another static fstring.
Jeremy.
(This used to be commit
f9182bbe628cb5f5395a08b2e09d4a282a99d7dc)
Jeremy Allison [Wed, 19 Dec 2007 01:30:02 +0000 (17:30 -0800)]
We've finished with the old node once we've copied the
keyval.
Jeremy.
(This used to be commit
39f3efbcc5fbdff1db1b12e5fc7368968f240993)
Jeremy Allison [Wed, 19 Dec 2007 00:03:57 +0000 (16:03 -0800)]
Fix valgrind error in dbwrap_rbt where rec_priv->node was
being accessed after free. VALOKER PLEASE CHECK THIS VERY
CAREFULLY !!!! This is a correct fix in that it fixes the
valgrind error, but it looks inelegant to me. I think if
I understood this code better I could craft a more subtle
fix. Still looking at it....
Jeremy.
(This used to be commit
12cce3be2a24fd72106d747890caf6c7f29db43d)
Michael Adam [Tue, 18 Dec 2007 15:32:57 +0000 (16:32 +0100)]
Fix an error when accessing unallocated sid in error path.
Michael
(This used to be commit
2a0585d3093265a499c9fef60d500059f79b4112)
Volker Lendecke [Tue, 18 Dec 2007 09:07:08 +0000 (10:07 +0100)]
Add forgotten cache.h
(This used to be commit
0dc4d6a8de84c191e339ee08c7f06ca63f83e6f3)
Volker Lendecke [Tue, 18 Dec 2007 08:41:03 +0000 (09:41 +0100)]
Add a in-memory cache
This is a more general API that caches data with a LRU scheme. See
include/cache.h. No comments yet, I'm still working on it. But Jeremy has given
me a hint in one of his checkins that he would like to make use of this now.
The idea is that we get rid of all our silly little caches and merge them all
into one cache that we can then very easily trim, for example even with a
smbcontrol message if someone decides memory is tight. The main user is the
stat cache, this patch also converts the getwd cache. More caches to come.
(This used to be commit
7a911b35713538d82001a3c9f34152e293fe1943)
Michael Adam [Tue, 18 Dec 2007 06:58:22 +0000 (07:58 +0100)]
Fix a debug message: add missing space.
Michael
(This used to be commit
6a7f2a59fc370e226ddacb195059155f28c6c157)
Rishi Srivatsavai [Tue, 18 Dec 2007 06:09:09 +0000 (22:09 -0800)]
Add smbclient support for basic mDNS browsing.
Patch from Rishi Srivatsavai (bugzilla #4150), with tallocification
and minor syle changes by me.
(This used to be commit
db74b99d0ef1a60894c838b4c9d0d454db6cf620)
Jeremy Allison [Tue, 18 Dec 2007 02:32:27 +0000 (18:32 -0800)]
More static pstring elimination.
Jeremy.
(This used to be commit
92acc0115d8d4111289c2ade1db7bb060ee908db)
Jeremy Allison [Tue, 18 Dec 2007 02:00:43 +0000 (18:00 -0800)]
More static fstring elimination.
Jeremy.
(This used to be commit
b4dfec09e89428cac9b21a94ce4d24e60d4a54f4)
Jeremy Allison [Tue, 18 Dec 2007 01:27:29 +0000 (17:27 -0800)]
Remove more static fstrings (yes this little cache should be
in the rbtree....).
Jeremy.
(This used to be commit
97cfdae4052d46a35040d4c1a4ade8bf2c41dbc7)
Jeremy Allison [Tue, 18 Dec 2007 01:13:31 +0000 (17:13 -0800)]
Correctly define prototypes for accessor functions.
Jeremy.
(This used to be commit
299ea5d122e173adf6edb6399fc90798747b0c97)
Jeremy Allison [Tue, 18 Dec 2007 01:03:07 +0000 (17:03 -0800)]
Merge branch 'v3-2-test' of ssh://jra@git.samba.org/data/git/samba into v3-2-test
(This used to be commit
8223624fea7c1b61e9231168cb4d82771576cbc5)
Jeremy Allison [Tue, 18 Dec 2007 01:02:48 +0000 (17:02 -0800)]
More static fstring removal.
Jeremy.
(This used to be commit
dcf624aa02cf7415a4a55e6d45606e813ae6b91f)
Michael Adam [Tue, 18 Dec 2007 00:55:48 +0000 (01:55 +0100)]
Fix logic error in cm_connect_sam().
Don't fall back to schannel when trust creds could be obtained.
This is still not complete, but I am getting closer.
Michael
(This used to be commit
7c9fa597d684a25822b4db6615f28336f2d64ef3)
Michael Adam [Tue, 18 Dec 2007 00:30:52 +0000 (01:30 +0100)]
Prevent another segfault.
Michael
(This used to be commit
0a9874c1c76c0ccc71caba7ee85a0ee1a91808c5)
Jeremy Allison [Tue, 18 Dec 2007 00:20:44 +0000 (16:20 -0800)]
Use the %*s feature of snprintf to remove anothe static fstring.
Jeremy.
(This used to be commit
4ae4b2358688bf289305a2db0ed01b653ac073b2)
Gerald (Jerry) Carter [Mon, 17 Dec 2007 23:33:48 +0000 (17:33 -0600)]
Fix a segv in winbindd caused by trying to free an fstring.
Make a copy of the machine_password and machine_account strings
in all conditional paths so that SAFE_FREE() will always be valid.
(This used to be commit
194c4640b158457a6d0d5ea91e28d41d619c77de)
Michael Adam [Mon, 17 Dec 2007 22:02:39 +0000 (23:02 +0100)]
Do not close netlogon pipe in get_schannel_session_key_common().
This removes one forgotten call of cli_rpc_pipe_close(netlogon_pipe).
Correction of
e77c4022cfbb868e608edcb06b676658b0e201ad.
Michael
(This used to be commit
7f6593cddef048dd05140b05d306c708d8134f0e)
Simo Sorce [Mon, 17 Dec 2007 20:26:16 +0000 (15:26 -0500)]
Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-simo
(This used to be commit
e940537d5be870ae622712a3b76dff891739df8c)
Simo Sorce [Mon, 17 Dec 2007 20:21:38 +0000 (15:21 -0500)]
While 'data' is usually 0 terminated, nothing in the spec requires that. The correct way is to copy only 'length' bytes.
Simo.
(This used to be commit
814c1b0e0034fb67c7718760dfcf913904f3e7fa)
Jeremy Allison [Mon, 17 Dec 2007 18:44:09 +0000 (10:44 -0800)]
Fix bug #5121 (unix passwd sync not working on a streams based
system).
Jeremy.
(This used to be commit
545cd2139cfc9484b733693814d4724d37125942)
Simo Sorce [Mon, 17 Dec 2007 14:43:18 +0000 (09:43 -0500)]
Merge in J.Layton patch and resolve conflict.
(This used to be commit
6b1a118eaaab405eeef0cf3c0488a2747af562ba)
Michael Adam [Mon, 17 Dec 2007 13:51:37 +0000 (14:51 +0100)]
Remove direct caller of secrets_fetch_trusted_domain_password().
This is a regession introduced by
f7efc0eca9426e63b751c07a90265a12bb39cf95.
This calls pdb_get_trusteddom_pw() instead, again.
Michael
(This used to be commit
91be824d2ba0b8dccf42ba2b8555a204aa1fa56c)
Michael Adam [Mon, 17 Dec 2007 09:34:29 +0000 (10:34 +0100)]
Reformat: Remove trailing spaces.
Michael
(This used to be commit
5249b3d204bf5f9191c2a4a7e81d09227eb5ddea)
Michael Adam [Mon, 17 Dec 2007 10:57:14 +0000 (11:57 +0100)]
Make usage message for net sam rights list a little more precise.
Michael
(This used to be commit
d466a5136d5151e2a3cae7464cb346f0db650554)
Michael Adam [Wed, 12 Dec 2007 17:03:20 +0000 (18:03 +0100)]
Fix for bug #4801: Correctly implement lsa lookup levels for lookupnames.
This patch is still incomplete in that winbindd does not walk
the the trusted domains to lookup unqualified names here.
Apart from that this fix should be pretty much complete.
Michael
(This used to be commit
f7efc0eca9426e63b751c07a90265a12bb39cf95)
Michael Adam [Mon, 17 Dec 2007 09:54:05 +0000 (10:54 +0100)]
Fix flags in caller of lookup_name() in create_builtin_administrators().
Michael
(This used to be commit
46bfbf5c8af6c030e67219a29c49fd2d40003b18)
Michael Adam [Mon, 17 Dec 2007 10:55:05 +0000 (11:55 +0100)]
Fix flags in all callers of lookup_name() in net_sam.c.
Michael
(This used to be commit
6d0db17a9e255235d40eabc63e91c9f5d4febcde)
Michael Adam [Mon, 17 Dec 2007 10:32:21 +0000 (11:32 +0100)]
Fix flags in call of lookup_name() in srv_samr_nt.c: can_create().
Use LOOKUP_NAME_LOCAL instead of LOOKUP_NAME_ISOLATED.
Michael
(This used to be commit
1d4e0ad1142c61de402c925306f02f5de2c872f6)
Michael Adam [Mon, 17 Dec 2007 09:55:37 +0000 (10:55 +0100)]
Fix flags in call of lookup_name() in pdb_default_create_alias().
Use new flag LOOKUP_NAME_LOCAL.
Michael
(This used to be commit
280d6cb6c8e834ce0a08769e9187b0f40321716f)
Michael Adam [Mon, 17 Dec 2007 10:28:56 +0000 (11:28 +0100)]
Add combined flag LOOKUP_NAME_LOCAL.
Presence of LOOKUP_NAME_ISOLATED as the only flag is not the sign
for doing local lookups only but the sign for allowing lookups
of unqualified names. The correct sign is absence of the flag
LOOKUP_NAME_REMOTE.
Michael
(This used to be commit
cd8c0057446a1311a860f6cc3876a113568f6c30)
Volker Lendecke [Mon, 17 Dec 2007 06:18:30 +0000 (07:18 +0100)]
Remove t_doschar.c
(This used to be commit
b89f87242b9c949401f3fa9b352211906cb76895)
Jeremy Allison [Mon, 17 Dec 2007 02:32:03 +0000 (18:32 -0800)]
Remove another static string and static passwd.
Jeremy.
(This used to be commit
2a700c5a57a417add3b1975b2c396d20c8a5f301)
Jeremy Allison [Mon, 17 Dec 2007 02:02:32 +0000 (18:02 -0800)]
Remove a static fstring.
Jeremy.
(This used to be commit
898c56c0ead6331721de9645ce55608cbe7cf34d)
Volker Lendecke [Sat, 15 Dec 2007 23:25:49 +0000 (00:25 +0100)]
get rid of doschar_table[]
If I'm not completely blind, then check_dos_char is *only* used in the case
when we can't mmap() valid.dat. To me this looks as if we initialize the 65536
bits in doschar_table[] with check_dos_char_slowly, use it once to initialize
valid_table[] and *never* use them again. I think there's no point in keeping
these 8k of modified memory around for an unlikely case (no "valid.dat") and
even that only to use it exactly once.
(This used to be commit
0bfea7259e4091c6d914528a0e65fc10d8a56fb8)
Volker Lendecke [Sat, 15 Dec 2007 23:19:42 +0000 (00:19 +0100)]
Tiny fixes to init_valid_table()
(This used to be commit
a8948e0727b100945ab730d4d144ccbe219bbc94)
Volker Lendecke [Sat, 15 Dec 2007 23:17:41 +0000 (00:17 +0100)]
Make init_doschar_table() static
It's only called directly before init_valid_table() anyway, so move it there.
(This used to be commit
b6d1d2428866712a550a354732e2386b4f87b67b)
Volker Lendecke [Sat, 15 Dec 2007 23:15:34 +0000 (00:15 +0100)]
Make check_dos_char static
It's only called in t_doschar, a pretty bogus test program that is not compiled
by default
(This used to be commit
99c59e809ef3c5abcdfb796d50be7c40f7033787)
Volker Lendecke [Sun, 16 Dec 2007 13:15:16 +0000 (14:15 +0100)]
make use of unmarshall_sec_desc
(This used to be commit
ced0c42f055a672f6b4ab6ba809b0f63c83b431e)
Volker Lendecke [Sun, 25 Nov 2007 17:26:52 +0000 (18:26 +0100)]
make use of [un]marshall_sec_desc, allow for fd==-1 in get/set_secdesc
(This used to be commit
585f5f8831f13260808a82611656fc6ca5caee81)
Volker Lendecke [Thu, 13 Dec 2007 21:20:58 +0000 (22:20 +0100)]
Cut down memory usage of registry initialization
(This used to be commit
264d5dfe9fe97db0b69d7cd04086ad8ed9f78e74)
Volker Lendecke [Sat, 15 Dec 2007 23:03:56 +0000 (00:03 +0100)]
Remove a static fstring
(This used to be commit
a9c62c57db9e580640d0265b08b3178496de76a8)
Volker Lendecke [Sun, 16 Dec 2007 11:58:07 +0000 (12:58 +0100)]
Make smb_np_struct talloc'ed
Convert "name" from string to a talloc'ed char *
(This used to be commit
e82069f921b3a22295db91e092c22c459ccd7215)
Volker Lendecke [Sun, 16 Dec 2007 11:57:06 +0000 (12:57 +0100)]
Remove unused code
(This used to be commit
fcd45ad6fb8d89bf6106fbed101060dbe422661a)
Jeremy Allison [Sun, 16 Dec 2007 07:32:28 +0000 (23:32 -0800)]
Doh, fix typo in error exit.
Jeremy.
(This used to be commit
44918f39c0598eec681eb9e5c65452f04809c375)
Jeremy Allison [Sun, 16 Dec 2007 07:22:25 +0000 (23:22 -0800)]
Added patch originally by Andreas Schneider <anschneider@suse.de>
to cause us to behave like Vista when looking for remote
machine principal. Modified by me.
Jeremy.
(This used to be commit
d0e33840fb4cfc85990d3ee327428b0854a22722)
Jeremy Allison [Sun, 16 Dec 2007 07:05:30 +0000 (23:05 -0800)]
Cope with valgrind > 3.2.x.
Jeremy.
(This used to be commit
e799eb8da6f5e7a2173ba6b8fb040430fd1c6f34)
Jeremy Allison [Sun, 16 Dec 2007 06:28:38 +0000 (22:28 -0800)]
More work on bug #5082, use LC_ALL as this takes
precedence.
Jeremy.
(This used to be commit
446ebae76d6796b30e4c71ff7190337c28637be6)
Volker Lendecke [Sat, 15 Dec 2007 21:47:30 +0000 (22:47 +0100)]
s/sid_to_string/sid_to_fstring/
least surprise for callers
(This used to be commit
eb523ba77697346a365589101aac379febecd546)
Volker Lendecke [Sat, 15 Dec 2007 21:33:52 +0000 (22:33 +0100)]
Use dom_sid_string for sid_string_talloc
Remove some code duplication, but introduce one more dependency on librpc/ndr.
Easily turned around so that librpc/ndr depends on lib/util_sid if necessary
(This used to be commit
3a0b1b2060facd5f1ac1461b23dd86c75cdd9458)
Volker Lendecke [Sat, 15 Dec 2007 21:08:09 +0000 (22:08 +0100)]
sid_string_static is no more :-)
We now have four ways to do sid_to_string:
sid_to_string: Convert it into an existing fstring, when you have one
sid_string_talloc: The obvious thing
sid_string_tos: For the lazy, use only with care
sid_string_dbg: The one to use in DEBUG statements
(This used to be commit
7b8276aaa48852270c6b70b081c3f28e316a7a2c)
Volker Lendecke [Sat, 15 Dec 2007 21:00:39 +0000 (22:00 +0100)]
Replace sid_string_static with sid_to_string
This adds 28 fstrings on the stack, but I think an fstring on the stack is
still far better than a static one.
(This used to be commit
c7c885078be8fd3024c186044ac28275d7609679)
Volker Lendecke [Sat, 15 Dec 2007 20:58:28 +0000 (21:58 +0100)]
Use sid_to_string directly
It seems a bit pointless to do a fstrcpy(dst, sid_string_static(src))
(This used to be commit
c221c246b10e2dbbd54a9af2dc45de2eae237380)
Volker Lendecke [Sat, 15 Dec 2007 20:53:26 +0000 (21:53 +0100)]
Replace sid_string_static with sid_string_tos
In utils/ I was a bit lazy...
(This used to be commit
60e830b0f4571bd5d9039f2edd199534f2a4c341)
Volker Lendecke [Sat, 15 Dec 2007 20:49:15 +0000 (21:49 +0100)]
Use sid_string_talloc where we have a tmp talloc ctx
(This used to be commit
0a911d38b8f4be382a9df60f9c6de0c500464b3a)
Volker Lendecke [Sat, 15 Dec 2007 20:11:36 +0000 (21:11 +0100)]
Replace sid_string_static by sid_string_dbg in DEBUGs
(This used to be commit
bb35e794ec129805e874ceba882bcc1e84791a09)
Volker Lendecke [Sat, 15 Dec 2007 20:06:20 +0000 (21:06 +0100)]
Add sid_string_dbg
This makes use of the just added debug_ctx and will kill many
sid_string_static() calls
(This used to be commit
3e4148c280efe154c3f8d552731c8b29d6977507)
Volker Lendecke [Sat, 15 Dec 2007 20:05:11 +0000 (21:05 +0100)]
Add debug_ctx according to an idea by Tridge
Sorry, Jeremy, I think for debug messages this is just the right way to do it.
(This used to be commit
6312016e2727c2b5b1a4964a98cfb9585d77cc8c)
Volker Lendecke [Sat, 15 Dec 2007 20:10:58 +0000 (21:10 +0100)]
Use sid_string_talloc where we have a tmp talloc ctx
(This used to be commit
f00ab810d2540679bec109498ac89e1eafe18f03)
Volker Lendecke [Sat, 15 Dec 2007 18:00:42 +0000 (19:00 +0100)]
add sid_string_talloc
(This used to be commit
9e3ef0923d71cc06b8445be2625ebd8dfed1b42d)
Volker Lendecke [Sat, 15 Dec 2007 10:38:28 +0000 (11:38 +0100)]
Fix a segfault
sid_to_string still expects a fstring
(This used to be commit
1f352cdd1976ad36484e146165df585b88ec5527)
Jeremy Allison [Sat, 15 Dec 2007 01:02:50 +0000 (17:02 -0800)]
Fix for bug #5082 from Mathias Gug <mathiaz@ubuntu.com>, Steve Langasek <vorlon@debian.org>.
Recent versions of Linux-PAM support localization of user prompts,
so Samba must use the C locale when invoking PAM (directly or via
/usr/bin/passwd) to ensure that password chat values match the prompts in a
locale-invariant fashion.
Jeremy.
(This used to be commit
bc13e939546a5bcb78925a6b117e89fde20f6451)
Stefan Metzmacher [Fri, 14 Dec 2007 18:39:49 +0000 (19:39 +0100)]
selftest: reenable wbinfo tests and pass --configfile instead of -s
metze
(This used to be commit
56251f78524416435299e26fca405e77d0f42043)
Stefan Metzmacher [Fri, 14 Dec 2007 18:38:23 +0000 (19:38 +0100)]
wbinfo: use POPT_COMMON_CONFIGFILE
We can't use POPT_COMMON_SAMBA as the -s option is
already used by -s, --sid-to-name=SID.
Also load the config file after processing the cmdline options
metze
(This used to be commit
33cbd6903e8b468a782fb5d6913eb82824d3b347)
Stefan Metzmacher [Fri, 14 Dec 2007 18:36:14 +0000 (19:36 +0100)]
add POPT_COMMON_CONFIGFILE which only provides --configfile (not -s)
metze
(This used to be commit
af3392cc20942158ac9e0a533799c5904ff23347)
Stefan Metzmacher [Fri, 14 Dec 2007 17:02:05 +0000 (18:02 +0100)]
selftest: disable wbinfo tests
wbinfo needs to take --config-file to work...
metze
(This used to be commit
a8a74fc88cb6f4be1efdc1afab9b91defcd015ae)
Stefan Metzmacher [Fri, 14 Dec 2007 15:54:01 +0000 (16:54 +0100)]
selftest: add a bunch of wbinfo based tests for winbindd
metze
(This used to be commit
88b6d2c0e83f515e2f83e5b4edc0728c434c7294)
Stefan Metzmacher [Fri, 14 Dec 2007 15:14:32 +0000 (16:14 +0100)]
selftest: move workgroup name into WORKGROUP envvar
metze
(This used to be commit
8ace8fa82c2ccd6fdb9ca076fb2d6fed203c8126)
Karolin Seeger [Fri, 14 Dec 2007 11:02:49 +0000 (12:02 +0100)]
Revert smbclient changes.
Patch broke option -p.
Sorry for breaking the build!
Karolin
(This used to be commit
81dab4145ffaf21d5d2176b16b5989f4035dd791)
Karolin Seeger [Fri, 14 Dec 2007 09:52:31 +0000 (10:52 +0100)]
Make smbclient to display error message and usage in the case of invalid options.
(This used to be commit
04131b26de08b3cea948ef89921c56561d69dd1d)
Stefan Metzmacher [Thu, 13 Dec 2007 11:27:57 +0000 (12:27 +0100)]
winbindd: move domain child specific stuff into its own file
metze
(This used to be commit
075d315e0f72d506b70040da10940e4af131b4e2)
Stefan Metzmacher [Fri, 14 Dec 2007 06:47:07 +0000 (07:47 +0100)]
Revert "Fix for bug #4801: Correctly implement lsa lookup levels for lookupnames."
As it breaks all tests which try to join a new machine account.
So more testing is needed...
metze
This reverts commit
dd320c0924ce393a89b1cab020fd5cffc5b80380.
(This used to be commit
cccb80b7b7980fbe1298ce266375e51bacb4a425)
Stefan Metzmacher [Fri, 14 Dec 2007 07:21:59 +0000 (08:21 +0100)]
debug: fix crash bug when DEBUG() is used before setup_logging()
this was introduced by the pstring removal
(
1ea3ac80146b83c2522b69e7747c823366a2b47d)
metze
(This used to be commit
a412e6c7c676a054acd9db371221a50078cfe1d9)
James Peach [Fri, 14 Dec 2007 06:12:21 +0000 (22:12 -0800)]
Move dns_sd.h include to fix the build.
(This used to be commit
cf221a94bd8794add508a2b9305b8c0d40c3346a)
James Peach [Fri, 14 Dec 2007 04:56:53 +0000 (20:56 -0800)]
Merge branch 'v3-2-test' of git://git.samba.org/samba into v3-2-test
(This used to be commit
0de2b3eb515f2da21ffd1ce54979bb1f8063024b)
Rishi Srivatsavai [Fri, 14 Dec 2007 04:56:29 +0000 (20:56 -0800)]
Register the smb service with mDNS if mSDN is supported.
If mDNS is supported, attempt to register the first port we are
listening on for the _smb._tcp service. This provides more reliable
service discovery than NetBIOS browsing.
(This used to be commit
1e7241517d1f55d60af22570e0c9feb280e3fdb5)
Jeremy Allison [Fri, 14 Dec 2007 01:25:26 +0000 (17:25 -0800)]
We don't need to call endpwent if we never call getpwent.
Jeremy.
(This used to be commit
27078d1292e8588956ae78e4cddb1bcebbe84478)
Jeremy Allison [Fri, 14 Dec 2007 01:18:48 +0000 (17:18 -0800)]
Add a varient of Steve Langasek <vorlon@debian.org> patch
for bug #4780. Cause user mounts to inherit uid= and gid= from the
calling user when called as non-root, except when overridden on the
commandline.
Jeremy.
(This used to be commit
7fad5f38ea86ef76dc8e0853926b3248230616be)
Jeremy Allison [Fri, 14 Dec 2007 00:46:42 +0000 (16:46 -0800)]
Merge branch 'v3-2-test' of ssh://jra@git.samba.org/data/git/samba into v3-2-test
(This used to be commit
c9496e97cf91c5f29f19c123377f03f44d1a32f6)
Jeremy Allison [Fri, 14 Dec 2007 00:44:24 +0000 (16:44 -0800)]
Arg. The fix for CVE-2007-6015 hadn't been merged into 3.2.
Do so now....
Jeremy.
(This used to be commit
6b1246c29a0241c8e4bb98d659d847d010826b36)
Michael Adam [Thu, 13 Dec 2007 13:38:05 +0000 (14:38 +0100)]
Fix typo in debug statement.
Michael
(This used to be commit
da23684261f40c06dea30ab2df0c878ebb0d0d81)
Alexander Bokovoy [Thu, 13 Dec 2007 11:23:04 +0000 (14:23 +0300)]
Fix codepagedir to follow predefined libdir when using FHS. Fixes x86_64 build.
(This used to be commit
b8e582c9941d2466a403e476c52026f4b4201062)
Alexander Bokovoy [Thu, 13 Dec 2007 09:57:24 +0000 (12:57 +0300)]
Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-test
(This used to be commit
45636efa39cbcc2ecf7af4dfd1ac6a90f197ba01)
Alexander Bokovoy [Thu, 13 Dec 2007 09:55:32 +0000 (12:55 +0300)]
Fix pam_smbpass build
(This used to be commit
fbc510f1717fe82338262c18c252d18987c55b5c)
Michael Adam [Wed, 28 Nov 2007 01:15:37 +0000 (02:15 +0100)]
Add flags for correctly implementing lsa_lookup_name levels.
(Prepare fix for Bug #4801.)
Michael
(This used to be commit
537b12647e25adcb7da3581f18d2e9feca1caf0c)
Michael Adam [Tue, 11 Dec 2007 15:34:39 +0000 (16:34 +0100)]
Make cm_connect_sam() try harder to connect autheticated.
Even if the session setup was anonymous, try and collect
trust creds with get_trust_creds() and use these before
falling back to schannel.
This is the first attempt to fix interdomain trusts.
(get password policy and stuff)
Michael
(This used to be commit
e180bbd45452435e981192028a0ad90078c04236)
Michael Adam [Tue, 11 Dec 2007 15:32:38 +0000 (16:32 +0100)]
Refactor out assembling of trust creds (pw, account name, principal).
Michael
(This used to be commit
481f18b20d6d5ee12c62120a3559bb16cc98e465)
Michael Adam [Tue, 11 Dec 2007 14:39:36 +0000 (15:39 +0100)]
Streamline and fix logic of cm_prepare_connection().
Do not attempt to do a session setup when in a trusted domain
situation (this gives STATUS_NOLOGON_TRUSTED_DOMAIN_ACCOUNT).
Use get_trust_pw_clear to get machine trust account.
Only call this when the results is really used.
Use the proper domain and account name for session setup.
Michael
(This used to be commit
18c66a364e0ddc4960769871ca190944f7fe5c44)
Michael Adam [Tue, 11 Dec 2007 13:36:11 +0000 (14:36 +0100)]
Refactoring out get_schannel_session_key logic.
Refactor the actual retrieval of the session key through the
established netlogon pipe out of get_schannel_session_key()
and get_schannel_session_key_auth_ntlmssp() into a new
function get_schannel_session_key_common().
(To avoid code duplication.)
Michael
(This used to be commit
e77c4022cfbb868e608edcb06b676658b0e201ad)
Michael Adam [Tue, 11 Dec 2007 13:12:49 +0000 (14:12 +0100)]
Pass NULL instead of unneeded &sid: pdb_get_trusteddom_pw() checks.
Michael
(This used to be commit
b2e12365b56f24586a7dfcb845f4de51f0b0e7d5)
Michael Adam [Tue, 11 Dec 2007 13:07:32 +0000 (14:07 +0100)]
Rename get_trust_pw() to get_trust_pw_hash().
Michael
(This used to be commit
0cde7ac9cb39a0026a38ccf66dbecefc12931074)
Michael Adam [Tue, 11 Dec 2007 12:59:54 +0000 (13:59 +0100)]
Export logic of get_trust_pw() to new function get_trust_pw_clear().
get_trust_pw() just now computes the md4 hash of the result of
get_trust_pw_clear() if that was successful. As a last resort,
in the non-trusted-domain-situation, get_trust_pw() now tries to
directly obtain the hashed version of the password out of secrets.tdb.
Michael
(This used to be commit
4562342eb84e6fdcec15d8b7ae83aa146aabe2b7)
Michael Adam [Tue, 11 Dec 2007 13:02:45 +0000 (14:02 +0100)]
Refactor the lagacy part of secrets_fetch_trust_account_password() out
into a new function secrets_fetch_trust_account_password_legacy() that
does only try to obtain the hashed version of the machine password directly
from secrets.tdb.
Michael
(This used to be commit
91da12b751b3168dc40049f3e90c10d840393efc)
Michael Adam [Tue, 11 Dec 2007 12:05:44 +0000 (13:05 +0100)]
Let get_trust_pw() determine the machine_account_name to use.
Up to now each caller used its own logic.
This eliminates code paths where there was a special treatment
of the following situation: the domain given is not our workgroup
(i.e. our own domain) and we are not a DC (i.e. it is not a typical
trusted domain situation). In situation the given domain name was
previously used as the machine account name, resulting in an account
name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me.
get_trust_pw would not have obtained a password in this situation
anyways.
I hope I have not missed an important point here!
Michael
(This used to be commit
6ced4a7f88798dc449a667d63bc29bf6c569291f)
git.samba.org / ira / wip.git / log