Andrew Bartlett [Mon, 12 Nov 2001 00:08:30 +0000 (00:08 +0000)]
Code duplication is bad. So add an add_signiture() function and just refernce
that.
Andrew Bartlett [Sun, 11 Nov 2001 12:42:39 +0000 (12:42 +0000)]
Kill off 'restrict anonymous' becouse it is useless in its current form.
To be replaced with a real restriction in consultation with jra. (Hence why
I've not touched loadparm.c).
Andrew Bartlett
Andrew Bartlett [Sun, 11 Nov 2001 11:34:46 +0000 (11:34 +0000)]
Fix up some DEBUG()s
Add and fix comments
Add 'const' to some more input paramaters.
Andrew Bartlett [Sun, 11 Nov 2001 11:18:45 +0000 (11:18 +0000)]
Add back the not null checks in a better place.
Check the pdb_init_sam() for failure.
Andrew Bartlett [Sun, 11 Nov 2001 11:15:28 +0000 (11:15 +0000)]
make sam_account_ok static.
remove rudundent not null checks
fix indenting
Andrew Bartlett [Sun, 11 Nov 2001 11:11:56 +0000 (11:11 +0000)]
This extra check isn't needed, we can only get here if secuirty=domain
Andrew Bartlett [Sun, 11 Nov 2001 11:00:38 +0000 (11:00 +0000)]
Minor updates. A small dose of const.
Andrew Bartlett [Sun, 11 Nov 2001 10:42:41 +0000 (10:42 +0000)]
autoconf
Andrew Bartlett [Sun, 11 Nov 2001 10:42:07 +0000 (10:42 +0000)]
Remove built-in support for clear-text kerberos authentication.
This should remove some confusion from the ./configure, but does not affect the
'real' kerberos support currently residing in smbd/sesssetup.c.
This code is vunerable to a spoofed KDC, and is best replaced by --with-pam and
the pam_krb5 module. This module includes measures to prevent such spoofing.
Andrew Bartlett
Simo Sorce [Sat, 10 Nov 2001 15:21:54 +0000 (15:21 +0000)]
fixed, moved and added some functions
note the useful acnv_uxu2 and acnv_u2ux functions in charcnv.c
Jeremy Allison [Sat, 10 Nov 2001 01:49:50 +0000 (01:49 +0000)]
Use defined constants not integers.
Jeremy.
Volker Lendecke [Fri, 9 Nov 2001 22:15:33 +0000 (22:15 +0000)]
As pdb_ldap.c does not compile in HEAD anyway, a not-compiled merge
from 2_2.
Volker
Gerald Carter [Fri, 9 Nov 2001 20:59:18 +0000 (20:59 +0000)]
Fixed a few typos and added the opnum for ADDPRINTERDRIVEREX to the
rpc_spoolss.h header file.
Jeremy Allison [Fri, 9 Nov 2001 20:34:12 +0000 (20:34 +0000)]
Fixup __LPID -> _LPID.
Jeremy.
Andrew Bartlett [Fri, 9 Nov 2001 11:16:06 +0000 (11:16 +0000)]
This change updates lp_guestaccount() to be a *global* paramater, rather than
per-share. I beleive that almost all the things that this could have done on
a per-share basis can be done with other tools, like 'force user'.
Almost all the user's of this paramater used it as a global anyway...
While this is one step at a time, I hope it will allow me to considerably
simplfy the make_connection() code, particularly for the user-level security
case.
This already removes an absolute truckload of extra attempted password lookups
on the guest account.
Andrew Bartlett
Andrew Tridgell [Fri, 9 Nov 2001 02:44:49 +0000 (02:44 +0000)]
fix the tree so it compiles again
grumble, mumble, ...
Tim Potter [Fri, 9 Nov 2001 01:26:13 +0000 (01:26 +0000)]
Removed #ifdef TDB_DEBUG around tdb_dump_all() and tdb_printfreelist()
so that tdbtool can be compiled without having to make clean.
Andrew Bartlett [Thu, 8 Nov 2001 22:19:01 +0000 (22:19 +0000)]
Change to guest logon code.
This changes the way we process guest logons - we now treat them as normal
logons, but set the 'guest' flag. In particular this is needed becouse Win2k
will do an NTLMSSP login with username "", therefore missing our previous guest
connection code - this is getting a pain to do as a special case all over the
shop.
Tridge: We don't seem to be setting a guest bit for NTLMSSP, in either the
anonymous or authenticated case, can you take a look at this?
Also some cleanups in the check_password() code that should make some of the
debugs clearer.
Various other minor cleanups:
- change the session code to just take a vuser, rather than having to do a
vuid lookup on vuser.vuid
- Change some of the global_client_caps linking
- Better debug in authorise_login(): show the vuid.
Andrew Bartlett
Tim Potter [Thu, 8 Nov 2001 04:41:13 +0000 (04:41 +0000)]
Fixed incorrect debug message. )-:
Martin Pool [Thu, 8 Nov 2001 03:12:22 +0000 (03:12 +0000)]
spoolss_io_devmode private data is binary and should be shown in hex,
not ascii.
Jeremy Allison [Thu, 8 Nov 2001 02:17:03 +0000 (02:17 +0000)]
Only 1mb allocate slop.
Jeremy.
Jeremy Allison [Thu, 8 Nov 2001 01:49:57 +0000 (01:49 +0000)]
Merge overdue changes from 2.2. Fix <4gb write problem.
Jeremy.
Jeremy Allison [Thu, 8 Nov 2001 00:21:26 +0000 (00:21 +0000)]
Added more define bits. Fixed error in vol attributes.
Jeremy.
Jeremy Allison [Wed, 7 Nov 2001 23:47:20 +0000 (23:47 +0000)]
Added debug in truncate, fixed warning with gcc3.
Jeremy.
Steve French [Wed, 7 Nov 2001 23:01:44 +0000 (23:01 +0000)]
Add function to add those hosts who have added msbrowse (domain master browsers)
Tim Potter [Wed, 7 Nov 2001 22:38:03 +0000 (22:38 +0000)]
Added delheaders as a dependency for clean.
Simo Sorce [Wed, 7 Nov 2001 18:14:46 +0000 (18:14 +0000)]
add convert_string_allocate() function
Andrew Bartlett [Wed, 7 Nov 2001 08:15:45 +0000 (08:15 +0000)]
UGLY HACK to get machines to join tdbsam domains again.
The problem is that we don't use the bitmap field, and so have to guess what
feilds to change. NT4 sets the RID to NULL in its reply, (as a no-change
value) and we were attempting to set that as a RID.
jfm: Can you get me the info on that bitmap, so I can construct a proper fix
to all this?
Thanks!
Andrew Bartlett [Wed, 7 Nov 2001 02:16:22 +0000 (02:16 +0000)]
Initilising these variables before appending the domain groups to them
Jeremy Allison [Tue, 6 Nov 2001 22:07:04 +0000 (22:07 +0000)]
Fixed unsigned / long unsigned format missmatch.
Jeremy
Jim McDonough [Tue, 6 Nov 2001 16:28:50 +0000 (16:28 +0000)]
Internationalization enbalement for net utility - replace printf with d_printf
Tim Potter [Mon, 5 Nov 2001 23:00:46 +0000 (23:00 +0000)]
Fixed looking up domain (winbind) users ahead of local users in
domain_client_validate()
Tim Potter [Mon, 5 Nov 2001 22:57:14 +0000 (22:57 +0000)]
Removed totally annoying verbose debug in sid_to_string()
Andrew Tridgell [Mon, 5 Nov 2001 15:18:17 +0000 (15:18 +0000)]
free the negTokenInit structure
Jeremy Allison [Mon, 5 Nov 2001 07:42:55 +0000 (07:42 +0000)]
Changed MAX_OPEN_PIPES to 2048.
Jeremy.
Tim Potter [Mon, 5 Nov 2001 06:15:02 +0000 (06:15 +0000)]
Wrote some stubs for new win2k only spoolss rpc commands:
GetPrinterDataEx() and SetPrinterDataEx(). Not sure what the command
number is for the latter is - I haven't seen it on the wire yet.
Gerald Carter [Mon, 5 Nov 2001 05:41:32 +0000 (05:41 +0000)]
merge from 2.2. Why is STR_CONVERT missing when comparing
2.2 to HEAD?
Gerald Carter [Mon, 5 Nov 2001 05:28:03 +0000 (05:28 +0000)]
old merge from 2.2
Tim Potter [Mon, 5 Nov 2001 01:41:16 +0000 (01:41 +0000)]
Fixed some compiler warnings.
Tim Potter [Mon, 5 Nov 2001 01:04:45 +0000 (01:04 +0000)]
Renamed make_user_info_for_winbindd() to be more consistent with the
names of the other functions in this file.
Tim Potter [Mon, 5 Nov 2001 00:42:33 +0000 (00:42 +0000)]
Fixed compiler warnings.
Tim Potter [Mon, 5 Nov 2001 00:21:17 +0000 (00:21 +0000)]
Use cli_nt_login_network() instead of domain_client_validate() to perform
pam authentication. This allows us to link in less other crap.
Authenticating with a challenge/response doesn't seem to work though - we
always get back NT_STATUS_WRONG_PASSWORD.
Tim Potter [Mon, 5 Nov 2001 00:12:23 +0000 (00:12 +0000)]
Removed duplicate debug.
Tim Potter [Mon, 5 Nov 2001 00:02:38 +0000 (00:02 +0000)]
Don't put a \n on the end of the arg to exit_server()
Jeremy Allison [Sun, 4 Nov 2001 21:10:17 +0000 (21:10 +0000)]
Added missing strchr_wa.
Jeremy.
Jeremy Allison [Sun, 4 Nov 2001 20:50:30 +0000 (20:50 +0000)]
Fix for broken-as-shipped RedHat 7.2 system headers. Now we have
to detect this in configure.
Jeremy.
Simo Sorce [Sun, 4 Nov 2001 18:26:53 +0000 (18:26 +0000)]
a big one:
- old mangle code has gone, the new one based on tdb seem resonably ok
probably the valid.dat table need to be updated to treat wild chars as
invalid ones (work ok without it)
- a LOT of new string manipulation function for unicode, they are somewhat
tested but a review would not be bad
- some new function I will need for the new unix_convert function I'm writing,
this will be renamed filename_convert and use only unicode strings.
- charconv, I attached a comment, if someone wnat to look if I'm right or
just was hacking to late in the night to make a sane one :)
of course any bug is my responsibility an will be pleased to see patches if
you find any. :-)
Simo.
Andrew Tridgell [Sun, 4 Nov 2001 18:13:33 +0000 (18:13 +0000)]
get the string lengths right in domain logons
Andrew, this fixes domain logons in head. Please look at the change,
as I think you may have misunderstood the max_str_len field (which is
badly named)
Andrew Tridgell [Sun, 4 Nov 2001 18:10:31 +0000 (18:10 +0000)]
remove {} from default valid char list
Andrew Bartlett [Sun, 4 Nov 2001 04:58:17 +0000 (04:58 +0000)]
Fix segfault. sup_tok might not always be with us.
Andrew Bartlett [Sun, 4 Nov 2001 01:14:15 +0000 (01:14 +0000)]
Fix up authenticated pipes in line with vuser changes. This ensures that global
groups obtained via a domain logon are respected in the attached NT_USER_TOKEN.
This functionality is only available in HEAD, becosue of the way authenticaion
has been abstracted.
Both vuid logins and authenticated pipes need to use the same code for this in
future.
Can sombody with the correct facilties check this please?\
Thanks,
Andrew Bartlett
Andrew Bartlett [Sun, 4 Nov 2001 01:10:21 +0000 (01:10 +0000)]
Fixup for accounts without a local /etc/passwd entry.
- Now perfectly valid.
Andrew Bartlett [Sun, 4 Nov 2001 01:09:04 +0000 (01:09 +0000)]
Fix up pdbedit so that it at least compiles without warnings.
- Basic functionality intact
- Now adds machine accounts without a uid. (using the machine uid range to
avoid conflict with real uid based accounts)
Jeremy Allison [Sun, 4 Nov 2001 00:14:08 +0000 (00:14 +0000)]
Got serious about const again.
REMOVED BZERO CALLS YET AGAIN !!! Why do these keep creeping back in....
They are *NOT* POSIX. I'm also thinking of removing strncpy as I'm sure
it's not being used correctly....
Jeremy.
Jeremy Allison [Sat, 3 Nov 2001 23:34:24 +0000 (23:34 +0000)]
Added NT_USER_TOKEN into server_info to fix extra groups problem.
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
Steve French [Sat, 3 Nov 2001 21:13:42 +0000 (21:13 +0000)]
Added many more defines in service category, user category and others
Steve French [Sat, 3 Nov 2001 21:12:44 +0000 (21:12 +0000)]
Added support for UserListGroups, ServiceEnum
Steve French [Sat, 3 Nov 2001 21:11:28 +0000 (21:11 +0000)]
Adding support for net password, net service, net user info, fixing net helps
Andrew Bartlett [Sat, 3 Nov 2001 00:59:57 +0000 (00:59 +0000)]
anonymous logins are guest logins, so mark them as such. (Otherwise they can
browse non-guest shares).
Andrew Bartlett [Sat, 3 Nov 2001 00:20:31 +0000 (00:20 +0000)]
Minor cleanups/fixes in the NTLMv2 code
Andrew Bartlett [Sat, 3 Nov 2001 00:19:56 +0000 (00:19 +0000)]
Move the test for non-SPNEGO session setups when using SPNEGO, becouse its a
perfectly vailid behaviour for guest logins.
Andrew Bartlett [Fri, 2 Nov 2001 11:31:49 +0000 (11:31 +0000)]
Return 1 (rather than 0) on failure. This may well help get the build farm
back into order, becouse its the inverse tests that are 'failing' - they get
error 0 back and think that we just let sombody in without a password and the
like.
Andrew Bartlett
Andrew Bartlett [Thu, 1 Nov 2001 05:02:41 +0000 (05:02 +0000)]
Various post AuthRewrite cleanups, fixups and tidyups.
Zero out some of the plaintext passwords for paranoia
Fix up some of the other passdb backends with the change to *uid_t rather than
uid_t.
Make some of the code in srv_netlog_nt.c clearer, is passing an array around,
so pass its lenght in is definition, not as a seperate paramater.
Use sizeof() rather than magic numbers, it makes things easier to read.
Cope with a PAM authenticated user who is not in /etc/passwd - currently by
saying NO_SUCH_USER, but this can change in future.
Andrew Bartlett
Andrew Tridgell [Thu, 1 Nov 2001 03:54:52 +0000 (03:54 +0000)]
zero the data, not a pointer to the data ...
Tim Potter [Wed, 31 Oct 2001 12:45:50 +0000 (12:45 +0000)]
Removed unneeded extern.
Andrew Bartlett [Wed, 31 Oct 2001 12:37:56 +0000 (12:37 +0000)]
This should fix up the compile with krb5.
This needs to use the auth interface at some stage, but for now this will do.
Andrew Bartlett [Wed, 31 Oct 2001 12:28:40 +0000 (12:28 +0000)]
When you make a data_blob() then you probably need to free it too...
Andrew Bartlett [Wed, 31 Oct 2001 12:07:59 +0000 (12:07 +0000)]
Fix up domain logons. Tested with NT4.
Andrew Bartlett [Wed, 31 Oct 2001 11:10:29 +0000 (11:10 +0000)]
... and clean up the unused variables.
Andrew Bartlett [Wed, 31 Oct 2001 11:09:21 +0000 (11:09 +0000)]
Small changes for guest authenticated pipes.
Andrew Bartlett [Wed, 31 Oct 2001 10:46:25 +0000 (10:46 +0000)]
This is a farily large patch (3300 lines) and reworks most of the AuthRewrite
code.
In particular this assists tpot in some of his work, becouse it provides the
connection between the authenticaion and the vuid generation.
Major Changes:
- Fully malloc'ed structures.
- Massive rework of the code so that all structures are made and destroyed
using malloc and free, rather than hanging around on the stack.
- SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them
to be declared 'invalid' without the chance that people might get ROOT by
default.
- kill off some of the "DOMAIN\user" lookups. These can be readded at a more
appropriate place (probably domain_client_validate.c) in the future. They
don't belong in session setups.
- Massive introduction of DATA_BLOB structures, particularly for passwords.
- Use NTLMSSP flags to tell the backend what its getting, rather than magic
lenghths.
- Fix winbind back up again, but tpot is redoing this soon anyway.
- Abstract much of the work in srv_netlog_nt back into auth helper functions.
This is a LARGE change, and any assistance is testing it is appriciated.
Domain logons are still broken (as far as I can tell) but other functionality
seems
intact.
Needs testing with a wide variety of MS clients.
Andrew Bartlett
Andrew Bartlett [Wed, 31 Oct 2001 06:57:28 +0000 (06:57 +0000)]
More const.
Andrew Bartlett [Wed, 31 Oct 2001 06:24:25 +0000 (06:24 +0000)]
SPNEGO works perfectly well with security=domain, so don't exclude it.
Andrew Bartlett [Wed, 31 Oct 2001 06:22:19 +0000 (06:22 +0000)]
Small 'const' updates ahead of some AuthRewrite merging.
Tim Potter [Wed, 31 Oct 2001 06:20:58 +0000 (06:20 +0000)]
Added some extra fields to the auth_serversupplied_info structure.
To obtain the full group membership of a user (i.e nested groups on a
win2k native mode server) it is necessary to merge this list of groups
with the groups returned by winbindd when creating an nt access token.
This breaks winbindd linking while AB and I sync up our changes to the
authentication subsystem.
Tim Potter [Wed, 31 Oct 2001 04:55:43 +0000 (04:55 +0000)]
This one's a doozy. A cut&paste bug incorrectly sets the max string length
of the lm challenge/response header in the NET_ID_INFO_2 structure included
in a network logon request. It seems Windows 2000 is the only OS that
cares about this.
Tim Potter [Wed, 31 Oct 2001 04:42:16 +0000 (04:42 +0000)]
Don't accidentally return success when sending a broken NET_SAMLOGON
request. This exposes a domain authentication bug with win2k where a rpc
fault is returned but not propagated up as an error.
Tim Potter [Wed, 31 Oct 2001 04:26:36 +0000 (04:26 +0000)]
Some tweaking to make the samlogon function look more like NT on the wire.
Andrew Bartlett [Wed, 31 Oct 2001 01:52:34 +0000 (01:52 +0000)]
Parionia to ensure people don't install libsmb based programs setuid root.
libsmb has not been written to be setuid, with things like LIBSMB_PROG allowing
all sort of fun and games.
Andrew Bartlett
Andrew Bartlett [Tue, 30 Oct 2001 13:54:54 +0000 (13:54 +0000)]
Spnego on the 'server' end of security=server just does not work, so set the
flags so we just do a 'normal' session setup.
Also add some parinoia code to detect when sombody attempts to do a 'normal'
session setup when spnego had been negoitiated.
Andrew Bartlett
Tim Potter [Tue, 30 Oct 2001 05:54:38 +0000 (05:54 +0000)]
Fix debug in domain_client_validate() when password server = *.
Tim Potter [Tue, 30 Oct 2001 05:41:07 +0000 (05:41 +0000)]
Allow the logon level to be passed to cli_netlogon_sam_logon() rather than
the validation level.
Tim Potter [Tue, 30 Oct 2001 05:38:41 +0000 (05:38 +0000)]
Allow the logon level to be passed to cli_netlogon_sam_logon() rather than
the validation level. This allows us to test interactive or network logons.
Interestingly enough a win2k native mode server generates a rpc fault when
presented with a network logon!
Tim Potter [Tue, 30 Oct 2001 05:29:37 +0000 (05:29 +0000)]
Removed confusing comment.
Andrew Bartlett [Tue, 30 Oct 2001 05:21:16 +0000 (05:21 +0000)]
Fix up smbpasswd -e/-d so that it doesn't change the password under you any
more.
(Previously it set them to 'XXXX' or similar when only the flags were being
changed - a bug I must have introduced when I reworked the passdb end of things
a few weeks back.)
Adds a new local flag: LOCAL_SET_PASSWORD to specify that the password is
actually to be changed.
Andrew Bartlett
Tim Potter [Tue, 30 Oct 2001 04:21:53 +0000 (04:21 +0000)]
Display some errors if the initial connection to the server could not be
made.
Tim Potter [Tue, 30 Oct 2001 01:49:44 +0000 (01:49 +0000)]
Added samlogon command to test against win2k native mode server. I think
there's a bug in the marshalling of net_sam_logon.
Tim Potter [Tue, 30 Oct 2001 00:19:43 +0000 (00:19 +0000)]
Fixed typo in debug message.
Andrew Bartlett [Mon, 29 Oct 2001 22:28:21 +0000 (22:28 +0000)]
Fix up auth_smbpasswd.c to use the password interface, rather than the
structures directly.
Andrew Bartlett
Andrew Bartlett [Mon, 29 Oct 2001 22:14:17 +0000 (22:14 +0000)]
Add a bit of 'const' for the data_blob code.
Add a new data_blob_clear_free() function - that zero's out the buffer
when its done.
Volker Lendecke [Mon, 29 Oct 2001 15:00:45 +0000 (15:00 +0000)]
Don't force winbind to use non-local DC's.
Volker
Simo Sorce [Mon, 29 Oct 2001 13:31:01 +0000 (13:31 +0000)]
clear errno before a call, tdbsam will not update it.
just a hack to make things work.
Simo Sorce [Mon, 29 Oct 2001 13:21:29 +0000 (13:21 +0000)]
another few changes to the new mangle code
Simo Sorce [Mon, 29 Oct 2001 13:19:22 +0000 (13:19 +0000)]
change some more functions to the new mangle interface.
Simo Sorce [Mon, 29 Oct 2001 11:37:42 +0000 (11:37 +0000)]
- fix string len for an ucs2_to_dos function as any ucs2 char may be up to 4 dos hars...
- addedd ascii compatibility functions
Andrew Bartlett [Mon, 29 Oct 2001 08:26:45 +0000 (08:26 +0000)]
More spelling and grammer from Vance. <vance@digital-host.net>
Thanks!
Andrew Bartlett
Andrew Bartlett [Mon, 29 Oct 2001 08:12:44 +0000 (08:12 +0000)]
This patch applied, except without the structure changes to nmblib.c
Andrew Bartlett.
From kai@cmail.ru Mon Oct 29 18:50:42 2001
Date: Fri, 19 Oct 2001 17:26:06 +0300
From: Andrew V. Samoilov <kai@cmail.ru>
To: samba-technical@lists.samba.org
Subject: [patch]: makes some arrays const to be shared between processes
Hi!
This patch makes some arrays const. So these arrays go to text/rodata
segment and are shared between all of the processes which use shared
library with these arrays.
Regards,
Andrew V. Samoilov.
P.S. Please cc your answer to kai@cmail.ru,
I don't subscribed to this list.
ChangeLog:
* cliconnect.c (prots): Make const.
* clierror.c (rap_errmap): Likewise.
* nmblib.c (nmb_header_opcode_names): Likewise.
(lookup_opcode_name): Make opcode_namep const. Eliminate i.
* nterr.c (nt_err_code_struct): Typedef const.
* smberr.c (err_code_struct): Make const.
(err_classes): Likewise.
Andrew Bartlett [Mon, 29 Oct 2001 07:35:11 +0000 (07:35 +0000)]
This commit is number 4 of 4.
In particular this commit focuses on:
Actually adding the 'const' to the passdb interface, and the flow-on changes.
Also kill off the 'disp_info' stuff, as its no longer used.
While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.
----
These changes introduces a large dose of 'const' to the Samba tree.
There are a number of good reasons to do this:
- I want to allow the SAM_ACCOUNT structure to move from wasteful
pstrings and fstrings to allocated strings. We can't do that if
people are modifying these outputs, as they may well make
assumptions about getting pstrings and fstrings
- I want --with-pam_smbpass to compile with a slightly sane
volume of warnings, currently its pretty bad, even in 2.2
where is compiles at all.
- Tridge assures me that he no longer opposes 'const religion'
based on the ability to #define const the problem away.
- Changed Get_Pwnam(x,y) into two variants (so that the const
parameter can work correctly): - Get_Pwnam(const x) and
Get_Pwnam_Modify(x).
- Reworked smbd/chgpasswd.c to work with these mods, passing
around a 'struct passwd' rather than the modified username
---
This finishes this line of commits off, your tree should now compile again :-)
Andrew Bartlett
Andrew Bartlett [Mon, 29 Oct 2001 07:28:32 +0000 (07:28 +0000)]
This commit is number 3 of 4.
In particular this commit focuses on:
Changing the Get_Pwnam code so that it can work in a const-enforced
environment.
While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.
----
These changes allow for 'const' in the Samba tree.
There are a number of good reasons to do this:
- I want to allow the SAM_ACCOUNT structure to move from wasteful
pstrings and fstrings to allocated strings. We can't do that if
people are modifying these outputs, as they may well make
assumptions about getting pstrings and fstrings
- I want --with-pam_smbpass to compile with a slightly sane
volume of warnings, currently its pretty bad, even in 2.2
where is compiles at all.
- Tridge assures me that he no longer opposes 'const religion'
based on the ability to #define const the problem away.
- Changed Get_Pwnam(x,y) into two variants (so that the const
parameter can work correctly): - Get_Pwnam(const x) and
Get_Pwnam_Modify(x).
- Reworked smbd/chgpasswd.c to work with these mods, passing
around a 'struct passwd' rather than the modified username
Andrew Bartlett [Mon, 29 Oct 2001 07:24:49 +0000 (07:24 +0000)]
This commit is number 2 of 4.
In particular this commit focuses on:
The guts of the moving about inside passdb.
While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.
----
These changes allow for the introduction of a large dose of 'const' to
the Samba tree.
There are a number of good reasons to do this:
- I want to allow the SAM_ACCOUNT structure to move from wasteful
pstrings and fstrings to allocated strings. We can't do that if
people are modifying these outputs, as they may well make
assumptions about getting pstrings and fstrings
- I want --with-pam_smbpass to compile with a slightly sane
volume of warnings, currently its pretty bad, even in 2.2
where is compiles at all.
- Tridge assures me that he no longer opposes 'const religion'
based on the ability to #define const the problem away.
- Changed Get_Pwnam(x,y) into two variants (so that the const
parameter can work correctly): - Get_Pwnam(const x) and
Get_Pwnam_Modify(x).
- Reworked smbd/chgpasswd.c to work with these mods, passing
around a 'struct passwd' rather than the modified username
passdb/
- Kill off disp_info stuff, it isn't used any more - Kill off
support for writing to the old smbpasswd format, it isn't relevent
to Samba 3.0
- Move around and modify the pdb_...() helper functions, adding
one that sets the last changed time to 'now' and that sets the
must change time appropriately.
- Remove the ugly forced update of the LCT- value in
pdb_smbpasswd. - Remove the implicit modification of the ACB
flags when both NT and LM passwords are set.
- Removed substation in pdb_getsampwnam output, as a single
password change will render them inoperable in any case (they
will be substituted and stored)
- Added a default RID to the init_sam_from_pw() function, based on
our rid algorithm.
- Added checks that an smbpasswd stored user has a uid-based RID.
- Fail to store tdb based users without a RID
lib/
- Change the substituion code to use global_myname if there is
no connection (and therefore no called name) at the present time.