first public release of samba4 code
authorAndrew Tridgell <tridge@samba.org>
Wed, 13 Aug 2003 01:53:07 +0000 (01:53 +0000)
committerAndrew Tridgell <tridge@samba.org>
Wed, 13 Aug 2003 01:53:07 +0000 (01:53 +0000)
779 files changed:
source/.cvsignore [new file with mode: 0644]
source/.dmallocrc [new file with mode: 0644]
source/Doxyfile [new file with mode: 0644]
source/Makefile.in [new file with mode: 0644]
source/aclocal.m4 [new file with mode: 0644]
source/auth/auth.c [new file with mode: 0644]
source/auth/auth_builtin.c [new file with mode: 0644]
source/auth/auth_compat.c [new file with mode: 0644]
source/auth/auth_domain.c [new file with mode: 0644]
source/auth/auth_ntlmssp.c [new file with mode: 0644]
source/auth/auth_sam.c [new file with mode: 0644]
source/auth/auth_server.c [new file with mode: 0644]
source/auth/auth_unix.c [new file with mode: 0644]
source/auth/auth_util.c [new file with mode: 0644]
source/auth/auth_winbind.c [new file with mode: 0644]
source/auth/pampass.c [new file with mode: 0644]
source/auth/pass_check.c [new file with mode: 0644]
source/autogen.sh [new file with mode: 0755]
source/build/tests/README [new file with mode: 0644]
source/build/tests/crypttest.c [new file with mode: 0644]
source/build/tests/fcntl_lock.c [new file with mode: 0644]
source/build/tests/fcntl_lock64.c [new file with mode: 0644]
source/build/tests/fcntl_lock_thread.c [new file with mode: 0644]
source/build/tests/ftruncate.c [new file with mode: 0644]
source/build/tests/getgroups.c [new file with mode: 0644]
source/build/tests/shared_mmap.c [new file with mode: 0644]
source/build/tests/shlib.c [new file with mode: 0644]
source/build/tests/summary.c [new file with mode: 0644]
source/build/tests/trivial.c [new file with mode: 0644]
source/build/tests/unixsock.c [new file with mode: 0644]
source/change-log [new file with mode: 0644]
source/client/.cvsignore [new file with mode: 0644]
source/client/client.c [new file with mode: 0644]
source/client/clitar.c [new file with mode: 0644]
source/client/mount.cifs.c [new file with mode: 0644]
source/client/smbmnt.c [new file with mode: 0644]
source/client/smbmount.c [new file with mode: 0644]
source/client/smbspool.c [new file with mode: 0644]
source/client/smbumount.c [new file with mode: 0644]
source/client/tree.c [new file with mode: 0644]
source/codepages/.cvsignore [new file with mode: 0644]
source/codepages/valid.dat [new file with mode: 0644]
source/config.sub [new file with mode: 0755]
source/configure.developer [new file with mode: 0755]
source/configure.in [new file with mode: 0644]
source/configure.nodebug.developer [new file with mode: 0755]
source/configure.tridge.opt [new file with mode: 0755]
source/dynconfig.c [new file with mode: 0644]
source/groupdb/mapping.c [new file with mode: 0644]
source/ignore.txt [new file with mode: 0644]
source/include/.cvsignore [new file with mode: 0644]
source/include/MacExtensions.h [new file with mode: 0644]
source/include/ads.h [new file with mode: 0644]
source/include/adt_tree.h [new file with mode: 0644]
source/include/asn_1.h [new file with mode: 0644]
source/include/auth.h [new file with mode: 0644]
source/include/byteorder.h [new file with mode: 0644]
source/include/charset.h [new file with mode: 0644]
source/include/cli_context.h [new file with mode: 0644]
source/include/client.h [new file with mode: 0644]
source/include/clitar.h [new file with mode: 0644]
source/include/context.h [new file with mode: 0644]
source/include/debug.h [new file with mode: 0644]
source/include/dlinklist.h [new file with mode: 0644]
source/include/doserr.h [new file with mode: 0644]
source/include/dynconfig.h [new file with mode: 0644]
source/include/enums.h [new file with mode: 0644]
source/include/events.h [new file with mode: 0644]
source/include/genparser.h [new file with mode: 0644]
source/include/genparser_samba.h [new file with mode: 0644]
source/include/gums.h [new file with mode: 0644]
source/include/hmacmd5.h [new file with mode: 0644]
source/include/includes.h [new file with mode: 0644]
source/include/interfaces.h [new file with mode: 0644]
source/include/intl.h [new file with mode: 0644]
source/include/ioctl.h [new file with mode: 0644]
source/include/libsmb_internal.h [new file with mode: 0644]
source/include/libsmbclient.h [new file with mode: 0644]
source/include/local.h [new file with mode: 0644]
source/include/mangle.h [new file with mode: 0644]
source/include/mapping.h [new file with mode: 0644]
source/include/md5.h [new file with mode: 0644]
source/include/messages.h [new file with mode: 0644]
source/include/msdfs.h [new file with mode: 0644]
source/include/mutex.h [new file with mode: 0644]
source/include/nameserv.h [new file with mode: 0644]
source/include/nt_printing.h [new file with mode: 0644]
source/include/nt_status.h [new file with mode: 0644]
source/include/ntdomain.h [new file with mode: 0644]
source/include/nterr.h [new file with mode: 0644]
source/include/ntlmssp.h [new file with mode: 0644]
source/include/ntvfs.h [new file with mode: 0644]
source/include/passdb.h [new file with mode: 0644]
source/include/popt_common.h [new file with mode: 0644]
source/include/printing.h [new file with mode: 0644]
source/include/process_model.h [new file with mode: 0644]
source/include/pstring.h [new file with mode: 0644]
source/include/rap.h [new file with mode: 0755]
source/include/rpc_brs.h [new file with mode: 0644]
source/include/rpc_client.h [new file with mode: 0644]
source/include/rpc_creds.h [new file with mode: 0644]
source/include/rpc_dce.h [new file with mode: 0644]
source/include/rpc_dfs.h [new file with mode: 0644]
source/include/rpc_ds.h [new file with mode: 0644]
source/include/rpc_lsa.h [new file with mode: 0644]
source/include/rpc_misc.h [new file with mode: 0644]
source/include/rpc_netlogon.h [new file with mode: 0644]
source/include/rpc_parse.h [new file with mode: 0644]
source/include/rpc_reg.h [new file with mode: 0644]
source/include/rpc_samr.h [new file with mode: 0644]
source/include/rpc_secdes.h [new file with mode: 0644]
source/include/rpc_spoolss.h [new file with mode: 0755]
source/include/rpc_srvsvc.h [new file with mode: 0644]
source/include/rpc_wkssvc.h [new file with mode: 0644]
source/include/safe_string.h [new file with mode: 0644]
source/include/sam.h [new file with mode: 0644]
source/include/secrets.h [new file with mode: 0644]
source/include/session.h [new file with mode: 0644]
source/include/smb.h [new file with mode: 0644]
source/include/smb_acls.h [new file with mode: 0644]
source/include/smb_interfaces.h [new file with mode: 0644]
source/include/smb_macros.h [new file with mode: 0644]
source/include/stamp-h.in [new file with mode: 0644]
source/include/talloc.h [new file with mode: 0644]
source/include/tdbsam2.h [new file with mode: 0644]
source/include/trans2.h [new file with mode: 0644]
source/include/util_getent.h [new file with mode: 0644]
source/include/version.h [new file with mode: 0644]
source/include/vt_mode.h [new file with mode: 0644]
source/include/xfile.h [new file with mode: 0644]
source/install-sh [new file with mode: 0644]
source/intl/.cvsignore [new file with mode: 0644]
source/intl/lang_tdb.c [new file with mode: 0644]
source/intl/linux-msg.sed [new file with mode: 0644]
source/lib/.cvsignore [new file with mode: 0644]
source/lib/account_pol.c [new file with mode: 0644]
source/lib/adt_tree.c [new file with mode: 0644]
source/lib/bitmap.c [new file with mode: 0644]
source/lib/charcnv.c [new file with mode: 0644]
source/lib/cmdline/popt_common.c [new file with mode: 0644]
source/lib/cmdline/readline.c [new file with mode: 0644]
source/lib/crc32.c [new file with mode: 0644]
source/lib/crypto/crc32.c [new file with mode: 0644]
source/lib/crypto/hmacmd5.c [new file with mode: 0644]
source/lib/crypto/md4.c [new file with mode: 0644]
source/lib/crypto/md5.c [new file with mode: 0644]
source/lib/data_blob.c [new file with mode: 0644]
source/lib/debug.c [new file with mode: 0644]
source/lib/dmallocmsg.c [new file with mode: 0644]
source/lib/dprintf.c [new file with mode: 0644]
source/lib/events.c [new file with mode: 0644]
source/lib/fault.c [new file with mode: 0644]
source/lib/fsusage.c [new file with mode: 0644]
source/lib/gencache.c [new file with mode: 0644]
source/lib/genparser.c [new file with mode: 0644]
source/lib/genparser_samba.c [new file with mode: 0644]
source/lib/genrand.c [new file with mode: 0644]
source/lib/getsmbpass.c [new file with mode: 0644]
source/lib/hmacmd5.c [new file with mode: 0644]
source/lib/iconv.c [new file with mode: 0644]
source/lib/interface.c [new file with mode: 0644]
source/lib/interfaces.c [new file with mode: 0644]
source/lib/ldap_escape.c [new file with mode: 0644]
source/lib/md4.c [new file with mode: 0644]
source/lib/md5.c [new file with mode: 0644]
source/lib/messages.c [new file with mode: 0644]
source/lib/module.c [new file with mode: 0644]
source/lib/ms_fnmatch.c [new file with mode: 0644]
source/lib/mutex.c [new file with mode: 0644]
source/lib/pam_errors.c [new file with mode: 0644]
source/lib/pidfile.c [new file with mode: 0644]
source/lib/popt/CHANGES [new file with mode: 0644]
source/lib/popt/COPYING [new file with mode: 0644]
source/lib/popt/README [new file with mode: 0644]
source/lib/popt/dummy.in [new file with mode: 0644]
source/lib/popt/findme.c [new file with mode: 0644]
source/lib/popt/findme.h [new file with mode: 0644]
source/lib/popt/popt.c [new file with mode: 0644]
source/lib/popt/popt.h [new file with mode: 0644]
source/lib/popt/poptconfig.c [new file with mode: 0644]
source/lib/popt/popthelp.c [new file with mode: 0644]
source/lib/popt/poptint.h [new file with mode: 0644]
source/lib/popt/poptparse.c [new file with mode: 0644]
source/lib/popt/system.h [new file with mode: 0644]
source/lib/popt_common.c [new file with mode: 0644]
source/lib/readline.c [new file with mode: 0644]
source/lib/replace.c [new file with mode: 0644]
source/lib/select.c [new file with mode: 0644]
source/lib/sendfile.c [new file with mode: 0644]
source/lib/server_mutex.c [new file with mode: 0644]
source/lib/signal.c [new file with mode: 0644]
source/lib/smbpasswd.c [new file with mode: 0644]
source/lib/smbrun.c [new file with mode: 0644]
source/lib/snprintf.c [new file with mode: 0644]
source/lib/substitute.c [new file with mode: 0644]
source/lib/sysacls.c [new file with mode: 0644]
source/lib/system.c [new file with mode: 0644]
source/lib/system_smbd.c [new file with mode: 0644]
source/lib/talloc.c [new file with mode: 0644]
source/lib/tallocmsg.c [new file with mode: 0644]
source/lib/talloctort.c [new file with mode: 0644]
source/lib/tdb/README [new file with mode: 0644]
source/lib/tdb/spinlock.c [new file with mode: 0644]
source/lib/tdb/spinlock.h [new file with mode: 0644]
source/lib/tdb/tdb.c [new file with mode: 0644]
source/lib/tdb/tdb.h [new file with mode: 0644]
source/lib/tdb/tdb.magic [new file with mode: 0644]
source/lib/tdb/tdbutil.c [new file with mode: 0644]
source/lib/tdb/tdbutil.h [new file with mode: 0644]
source/lib/time.c [new file with mode: 0644]
source/lib/username.c [new file with mode: 0644]
source/lib/util.c [new file with mode: 0644]
source/lib/util_file.c [new file with mode: 0644]
source/lib/util_getent.c [new file with mode: 0644]
source/lib/util_pw.c [new file with mode: 0644]
source/lib/util_seaccess.c [new file with mode: 0644]
source/lib/util_sid.c [new file with mode: 0644]
source/lib/util_smbd.c [new file with mode: 0644]
source/lib/util_sock.c [new file with mode: 0644]
source/lib/util_str.c [new file with mode: 0644]
source/lib/util_unistr.c [new file with mode: 0644]
source/lib/util_uuid.c [new file with mode: 0644]
source/lib/wins_srv.c [new file with mode: 0644]
source/lib/xfile.c [new file with mode: 0644]
source/libads/.cvsignore [new file with mode: 0644]
source/libads/ads_ldap.c [new file with mode: 0644]
source/libads/ads_status.c [new file with mode: 0644]
source/libads/ads_struct.c [new file with mode: 0644]
source/libads/ads_utils.c [new file with mode: 0644]
source/libads/disp_sec.c [new file with mode: 0644]
source/libads/kerberos.c [new file with mode: 0644]
source/libads/kerberos_verify.c [new file with mode: 0644]
source/libads/krb5_setpw.c [new file with mode: 0644]
source/libads/ldap.c [new file with mode: 0644]
source/libads/ldap_printer.c [new file with mode: 0644]
source/libads/ldap_user.c [new file with mode: 0644]
source/libads/ldap_utils.c [new file with mode: 0644]
source/libads/sasl.c [new file with mode: 0644]
source/libads/util.c [new file with mode: 0644]
source/libcli/.cvsignore [new file with mode: 0644]
source/libcli/cliconnect.c [new file with mode: 0644]
source/libcli/clideltree.c [new file with mode: 0644]
source/libcli/clidfs.c [new file with mode: 0644]
source/libcli/clifile.c [new file with mode: 0644]
source/libcli/clilist.c [new file with mode: 0644]
source/libcli/climessage.c [new file with mode: 0644]
source/libcli/clireadwrite.c [new file with mode: 0644]
source/libcli/clisecdesc.c [new file with mode: 0644]
source/libcli/clitrans2.c [new file with mode: 0644]
source/libcli/namecache.c [new file with mode: 0644]
source/libcli/namequery.c [new file with mode: 0644]
source/libcli/namequery_dc.c [new file with mode: 0644]
source/libcli/nmblib.c [new file with mode: 0644]
source/libcli/ntlmssp.c [new file with mode: 0644]
source/libcli/ntlmssp_parse.c [new file with mode: 0644]
source/libcli/raw/README [new file with mode: 0644]
source/libcli/raw/clikrb5.c [new file with mode: 0644]
source/libcli/raw/clioplock.c [new file with mode: 0644]
source/libcli/raw/clirewrite.c [new file with mode: 0644]
source/libcli/raw/clisession.c [new file with mode: 0644]
source/libcli/raw/clisocket.c [new file with mode: 0644]
source/libcli/raw/clispnego.c [new file with mode: 0644]
source/libcli/raw/clitransport.c [new file with mode: 0644]
source/libcli/raw/clitree.c [new file with mode: 0644]
source/libcli/raw/raweas.c [new file with mode: 0644]
source/libcli/raw/rawfile.c [new file with mode: 0644]
source/libcli/raw/rawfileinfo.c [new file with mode: 0644]
source/libcli/raw/rawfsinfo.c [new file with mode: 0644]
source/libcli/raw/rawioctl.c [new file with mode: 0644]
source/libcli/raw/rawnegotiate.c [new file with mode: 0644]
source/libcli/raw/rawnotify.c [new file with mode: 0644]
source/libcli/raw/rawreadwrite.c [new file with mode: 0644]
source/libcli/raw/rawrequest.c [new file with mode: 0644]
source/libcli/raw/rawsearch.c [new file with mode: 0644]
source/libcli/raw/rawsetfileinfo.c [new file with mode: 0644]
source/libcli/raw/rawtrans.c [new file with mode: 0644]
source/libcli/raw/smb_signing.c [new file with mode: 0644]
source/libcli/unexpected.c [new file with mode: 0644]
source/libcli/util/asn1.c [new file with mode: 0644]
source/libcli/util/clierror.c [new file with mode: 0644]
source/libcli/util/cliutil.c [new file with mode: 0644]
source/libcli/util/credentials.c [new file with mode: 0644]
source/libcli/util/doserr.c [new file with mode: 0644]
source/libcli/util/errormap.c [new file with mode: 0644]
source/libcli/util/nterr.c [new file with mode: 0644]
source/libcli/util/ntlmssp_sign.c [new file with mode: 0644]
source/libcli/util/pwd_cache.c [new file with mode: 0644]
source/libcli/util/smbdes.c [new file with mode: 0644]
source/libcli/util/smbencrypt.c [new file with mode: 0644]
source/libcli/util/smberr.c [new file with mode: 0644]
source/locking/brlock.c [new file with mode: 0644]
source/locking/locking.c [new file with mode: 0644]
source/locking/posix.c [new file with mode: 0644]
source/modules/developer.c [new file with mode: 0644]
source/modules/mysql.c [new file with mode: 0644]
source/modules/vfs_audit.c [new file with mode: 0644]
source/modules/vfs_extd_audit.c [new file with mode: 0644]
source/modules/vfs_fake_perms.c [new file with mode: 0644]
source/modules/vfs_netatalk.c [new file with mode: 0644]
source/modules/vfs_recycle.c [new file with mode: 0644]
source/modules/xml.c [new file with mode: 0644]
source/msdfs/README [new file with mode: 0644]
source/msdfs/msdfs.c [new file with mode: 0644]
source/nmbd/.cvsignore [new file with mode: 0644]
source/nmbd/asyncdns.c [new file with mode: 0644]
source/nmbd/nmbd.c [new file with mode: 0644]
source/nmbd/nmbd_become_dmb.c [new file with mode: 0644]
source/nmbd/nmbd_become_lmb.c [new file with mode: 0644]
source/nmbd/nmbd_browserdb.c [new file with mode: 0644]
source/nmbd/nmbd_browsesync.c [new file with mode: 0644]
source/nmbd/nmbd_elections.c [new file with mode: 0644]
source/nmbd/nmbd_incomingdgrams.c [new file with mode: 0644]
source/nmbd/nmbd_incomingrequests.c [new file with mode: 0644]
source/nmbd/nmbd_lmhosts.c [new file with mode: 0644]
source/nmbd/nmbd_logonnames.c [new file with mode: 0644]
source/nmbd/nmbd_mynames.c [new file with mode: 0644]
source/nmbd/nmbd_namelistdb.c [new file with mode: 0644]
source/nmbd/nmbd_namequery.c [new file with mode: 0644]
source/nmbd/nmbd_nameregister.c [new file with mode: 0644]
source/nmbd/nmbd_namerelease.c [new file with mode: 0644]
source/nmbd/nmbd_nodestatus.c [new file with mode: 0644]
source/nmbd/nmbd_packets.c [new file with mode: 0644]
source/nmbd/nmbd_processlogon.c [new file with mode: 0644]
source/nmbd/nmbd_responserecordsdb.c [new file with mode: 0644]
source/nmbd/nmbd_sendannounce.c [new file with mode: 0644]
source/nmbd/nmbd_serverlistdb.c [new file with mode: 0644]
source/nmbd/nmbd_subnetdb.c [new file with mode: 0644]
source/nmbd/nmbd_synclists.c [new file with mode: 0644]
source/nmbd/nmbd_winsproxy.c [new file with mode: 0644]
source/nmbd/nmbd_winsserver.c [new file with mode: 0644]
source/nmbd/nmbd_workgroupdb.c [new file with mode: 0644]
source/nsswitch/.cvsignore [new file with mode: 0644]
source/nsswitch/README [new file with mode: 0644]
source/nsswitch/hp_nss_common.h [new file with mode: 0644]
source/nsswitch/hp_nss_dbdefs.h [new file with mode: 0644]
source/nsswitch/nss.h [new file with mode: 0644]
source/nsswitch/pam_winbind.c [new file with mode: 0644]
source/nsswitch/pam_winbind.h [new file with mode: 0644]
source/nsswitch/wb_client.c [new file with mode: 0644]
source/nsswitch/wb_common.c [new file with mode: 0644]
source/nsswitch/wbinfo.c [new file with mode: 0644]
source/nsswitch/winbind_client.h [new file with mode: 0644]
source/nsswitch/winbind_nss.c [new file with mode: 0644]
source/nsswitch/winbind_nss_config.h [new file with mode: 0644]
source/nsswitch/winbind_nss_solaris.c [new file with mode: 0644]
source/nsswitch/winbindd.c [new file with mode: 0644]
source/nsswitch/winbindd.h [new file with mode: 0644]
source/nsswitch/winbindd_ads.c [new file with mode: 0644]
source/nsswitch/winbindd_cache.c [new file with mode: 0644]
source/nsswitch/winbindd_cm.c [new file with mode: 0644]
source/nsswitch/winbindd_dual.c [new file with mode: 0644]
source/nsswitch/winbindd_group.c [new file with mode: 0644]
source/nsswitch/winbindd_idmap.c [new file with mode: 0644]
source/nsswitch/winbindd_idmap_tdb.c [new file with mode: 0644]
source/nsswitch/winbindd_misc.c [new file with mode: 0644]
source/nsswitch/winbindd_nss.h [new file with mode: 0644]
source/nsswitch/winbindd_pam.c [new file with mode: 0644]
source/nsswitch/winbindd_rpc.c [new file with mode: 0644]
source/nsswitch/winbindd_sid.c [new file with mode: 0644]
source/nsswitch/winbindd_user.c [new file with mode: 0644]
source/nsswitch/winbindd_util.c [new file with mode: 0644]
source/nsswitch/winbindd_wins.c [new file with mode: 0644]
source/nsswitch/wins.c [new file with mode: 0644]
source/ntvfs/README [new file with mode: 0644]
source/ntvfs/cifs/README [new file with mode: 0644]
source/ntvfs/cifs/vfs_cifs.c [new file with mode: 0644]
source/ntvfs/ipc/README [new file with mode: 0644]
source/ntvfs/ipc/vfs_ipc.c [new file with mode: 0644]
source/ntvfs/ntvfs_base.c [new file with mode: 0644]
source/ntvfs/ntvfs_dfs.c [new file with mode: 0644]
source/ntvfs/ntvfs_generic.c [new file with mode: 0644]
source/ntvfs/ntvfs_util.c [new file with mode: 0644]
source/ntvfs/posix/vfs_posix.c [new file with mode: 0644]
source/ntvfs/print/README [new file with mode: 0644]
source/ntvfs/print/vfs_print.c [new file with mode: 0644]
source/ntvfs/reference/ref.h [new file with mode: 0644]
source/ntvfs/reference/ref_util.c [new file with mode: 0644]
source/ntvfs/reference/vfs_ref.c [new file with mode: 0644]
source/ntvfs/simple/svfs.h [new file with mode: 0644]
source/ntvfs/simple/svfs_util.c [new file with mode: 0644]
source/ntvfs/simple/vfs_simple.c [new file with mode: 0644]
source/pam_smbpass/CHANGELOG [new file with mode: 0644]
source/pam_smbpass/INSTALL [new file with mode: 0644]
source/pam_smbpass/README [new file with mode: 0644]
source/pam_smbpass/TODO [new file with mode: 0644]
source/pam_smbpass/general.h [new file with mode: 0644]
source/pam_smbpass/pam_smb_acct.c [new file with mode: 0644]
source/pam_smbpass/pam_smb_auth.c [new file with mode: 0644]
source/pam_smbpass/pam_smb_passwd.c [new file with mode: 0644]
source/pam_smbpass/samples/README [new file with mode: 0644]
source/pam_smbpass/samples/kdc-pdc [new file with mode: 0644]
source/pam_smbpass/samples/password-mature [new file with mode: 0644]
source/pam_smbpass/samples/password-migration [new file with mode: 0644]
source/pam_smbpass/samples/password-sync [new file with mode: 0644]
source/pam_smbpass/support.c [new file with mode: 0644]
source/pam_smbpass/support.h [new file with mode: 0644]
source/param/.cvsignore [new file with mode: 0644]
source/param/loadparm.c [new file with mode: 0644]
source/param/params.c [new file with mode: 0644]
source/passdb/.cvsignore [new file with mode: 0644]
source/passdb/machine_sid.c [new file with mode: 0644]
source/passdb/passdb.c [new file with mode: 0644]
source/passdb/pdb_compat.c [new file with mode: 0644]
source/passdb/pdb_get_set.c [new file with mode: 0644]
source/passdb/pdb_guest.c [new file with mode: 0644]
source/passdb/pdb_interface.c [new file with mode: 0644]
source/passdb/pdb_ldap.c [new file with mode: 0644]
source/passdb/pdb_nisplus.c [new file with mode: 0644]
source/passdb/pdb_smbpasswd.c [new file with mode: 0644]
source/passdb/pdb_tdb.c [new file with mode: 0644]
source/passdb/pdb_unix.c [new file with mode: 0644]
source/passdb/privileges.c [new file with mode: 0644]
source/passdb/secrets.c [new file with mode: 0644]
source/passdb/util_sam_sid.c [new file with mode: 0644]
source/po/de.msg [new file with mode: 0644]
source/po/en.msg [new file with mode: 0644]
source/po/fr.msg [new file with mode: 0644]
source/po/it.msg [new file with mode: 0644]
source/po/ja.msg [new file with mode: 0644]
source/po/pl.msg [new file with mode: 0644]
source/po/tr.msg [new file with mode: 0644]
source/popt/.cvsignore [new file with mode: 0644]
source/popt/CHANGES [new file with mode: 0644]
source/popt/COPYING [new file with mode: 0644]
source/popt/README [new file with mode: 0644]
source/popt/dummy.in [new file with mode: 0644]
source/popt/findme.c [new file with mode: 0644]
source/popt/findme.h [new file with mode: 0644]
source/popt/popt.c [new file with mode: 0644]
source/popt/popt.h [new file with mode: 0644]
source/popt/poptconfig.c [new file with mode: 0644]
source/popt/popthelp.c [new file with mode: 0644]
source/popt/poptint.h [new file with mode: 0644]
source/popt/poptparse.c [new file with mode: 0644]
source/popt/system.h [new file with mode: 0644]
source/printing/.cvsignore [new file with mode: 0644]
source/printing/load.c [new file with mode: 0644]
source/printing/lpq_parse.c [new file with mode: 0644]
source/printing/notify.c [new file with mode: 0644]
source/printing/nt_printing.c [new file with mode: 0644]
source/printing/pcap.c [new file with mode: 0644]
source/printing/print_cups.c [new file with mode: 0644]
source/printing/print_generic.c [new file with mode: 0644]
source/printing/print_svid.c [new file with mode: 0644]
source/printing/printfsp.c [new file with mode: 0644]
source/printing/printing.c [new file with mode: 0644]
source/printing/printing_db.c [new file with mode: 0644]
source/python/.cvsignore [new file with mode: 0644]
source/python/README [new file with mode: 0644]
source/python/examples/spoolss/changeid.py [new file with mode: 0755]
source/python/examples/spoolss/enumprinters.py [new file with mode: 0755]
source/python/examples/spoolss/psec.py [new file with mode: 0755]
source/python/examples/tdbpack/.cvsignore [new file with mode: 0644]
source/python/examples/tdbpack/oldtdbutil.py [new file with mode: 0644]
source/python/examples/tdbpack/tdbtimetrial.py [new file with mode: 0755]
source/python/examples/tdbpack/test_tdbpack.py [new file with mode: 0755]
source/python/gprinterdata [new file with mode: 0755]
source/python/gtdbtool [new file with mode: 0755]
source/python/gtkdictbrowser.py [new file with mode: 0755]
source/python/mkpatch [new file with mode: 0755]
source/python/py_common.c [new file with mode: 0644]
source/python/py_common.h [new file with mode: 0644]
source/python/py_conv.c [new file with mode: 0644]
source/python/py_conv.h [new file with mode: 0644]
source/python/py_lsa.c [new file with mode: 0644]
source/python/py_lsa.h [new file with mode: 0644]
source/python/py_ntsec.c [new file with mode: 0644]
source/python/py_samba.c [new file with mode: 0644]
source/python/py_samr.c [new file with mode: 0644]
source/python/py_samr.h [new file with mode: 0644]
source/python/py_samr_conv.c [new file with mode: 0644]
source/python/py_smb.c [new file with mode: 0644]
source/python/py_smb.h [new file with mode: 0644]
source/python/py_spoolss.c [new file with mode: 0644]
source/python/py_spoolss.h [new file with mode: 0644]
source/python/py_spoolss_common.c [new file with mode: 0644]
source/python/py_spoolss_drivers.c [new file with mode: 0644]
source/python/py_spoolss_drivers_conv.c [new file with mode: 0644]
source/python/py_spoolss_forms.c [new file with mode: 0644]
source/python/py_spoolss_forms_conv.c [new file with mode: 0644]
source/python/py_spoolss_jobs.c [new file with mode: 0644]
source/python/py_spoolss_jobs_conv.c [new file with mode: 0644]
source/python/py_spoolss_ports.c [new file with mode: 0644]
source/python/py_spoolss_ports_conv.c [new file with mode: 0644]
source/python/py_spoolss_printerdata.c [new file with mode: 0644]
source/python/py_spoolss_printers.c [new file with mode: 0644]
source/python/py_spoolss_printers_conv.c [new file with mode: 0644]
source/python/py_srvsvc.c [new file with mode: 0644]
source/python/py_srvsvc.h [new file with mode: 0644]
source/python/py_srvsvc_conv.c [new file with mode: 0644]
source/python/py_tdb.c [new file with mode: 0644]
source/python/py_tdb.h [new file with mode: 0644]
source/python/py_tdbpack.c [new file with mode: 0644]
source/python/py_winbind.c [new file with mode: 0644]
source/python/py_winbind.h [new file with mode: 0644]
source/python/py_winbind_conv.c [new file with mode: 0644]
source/python/py_winreg.c [new file with mode: 0644]
source/python/py_winreg.h [new file with mode: 0644]
source/python/samba/.cvsignore [new file with mode: 0644]
source/python/samba/__init__.py [new file with mode: 0644]
source/python/samba/printerdata.py [new file with mode: 0644]
source/python/setup.py [new file with mode: 0755]
source/registry/reg_cachehook.c [new file with mode: 0644]
source/registry/reg_db.c [new file with mode: 0644]
source/registry/reg_frontend.c [new file with mode: 0644]
source/registry/reg_objects.c [new file with mode: 0644]
source/registry/reg_printing.c [new file with mode: 0644]
source/rpc_client/cli_dfs.c [new file with mode: 0644]
source/rpc_client/cli_ds.c [new file with mode: 0644]
source/rpc_client/cli_lsarpc.c [new file with mode: 0644]
source/rpc_client/cli_netlogon.c [new file with mode: 0644]
source/rpc_client/cli_pipe.c [new file with mode: 0644]
source/rpc_client/cli_reg.c [new file with mode: 0644]
source/rpc_client/cli_samr.c [new file with mode: 0644]
source/rpc_client/cli_spoolss.c [new file with mode: 0644]
source/rpc_client/cli_spoolss_notify.c [new file with mode: 0644]
source/rpc_client/cli_srvsvc.c [new file with mode: 0644]
source/rpc_client/cli_wkssvc.c [new file with mode: 0644]
source/rpc_parse/.cvsignore [new file with mode: 0644]
source/rpc_parse/parse_dfs.c [new file with mode: 0644]
source/rpc_parse/parse_ds.c [new file with mode: 0644]
source/rpc_parse/parse_lsa.c [new file with mode: 0644]
source/rpc_parse/parse_misc.c [new file with mode: 0644]
source/rpc_parse/parse_net.c [new file with mode: 0644]
source/rpc_parse/parse_prs.c [new file with mode: 0644]
source/rpc_parse/parse_reg.c [new file with mode: 0644]
source/rpc_parse/parse_rpc.c [new file with mode: 0644]
source/rpc_parse/parse_samr.c [new file with mode: 0644]
source/rpc_parse/parse_sec.c [new file with mode: 0644]
source/rpc_parse/parse_spoolss.c [new file with mode: 0644]
source/rpc_parse/parse_srv.c [new file with mode: 0644]
source/rpc_parse/parse_wks.c [new file with mode: 0644]
source/rpc_server/.cvsignore [new file with mode: 0644]
source/rpc_server/srv_dfs.c [new file with mode: 0644]
source/rpc_server/srv_dfs_nt.c [new file with mode: 0644]
source/rpc_server/srv_lsa.c [new file with mode: 0644]
source/rpc_server/srv_lsa_hnd.c [new file with mode: 0644]
source/rpc_server/srv_lsa_nt.c [new file with mode: 0644]
source/rpc_server/srv_netlog.c [new file with mode: 0644]
source/rpc_server/srv_netlog_nt.c [new file with mode: 0644]
source/rpc_server/srv_pipe.c [new file with mode: 0644]
source/rpc_server/srv_pipe_hnd.c [new file with mode: 0644]
source/rpc_server/srv_reg.c [new file with mode: 0644]
source/rpc_server/srv_reg_nt.c [new file with mode: 0644]
source/rpc_server/srv_samr.c [new file with mode: 0644]
source/rpc_server/srv_samr_nt.c [new file with mode: 0644]
source/rpc_server/srv_samr_util.c [new file with mode: 0644]
source/rpc_server/srv_spoolss.c [new file with mode: 0755]
source/rpc_server/srv_spoolss_nt.c [new file with mode: 0644]
source/rpc_server/srv_srvsvc.c [new file with mode: 0644]
source/rpc_server/srv_srvsvc_nt.c [new file with mode: 0644]
source/rpc_server/srv_util.c [new file with mode: 0644]
source/rpc_server/srv_wkssvc.c [new file with mode: 0644]
source/rpc_server/srv_wkssvc_nt.c [new file with mode: 0644]
source/rpcclient/cmd_dfs.c [new file with mode: 0644]
source/rpcclient/cmd_ds.c [new file with mode: 0644]
source/rpcclient/cmd_lsarpc.c [new file with mode: 0644]
source/rpcclient/cmd_netlogon.c [new file with mode: 0644]
source/rpcclient/cmd_reg.c [new file with mode: 0644]
source/rpcclient/cmd_samr.c [new file with mode: 0644]
source/rpcclient/cmd_spoolss.c [new file with mode: 0644]
source/rpcclient/cmd_srvsvc.c [new file with mode: 0644]
source/rpcclient/cmd_wkssvc.c [new file with mode: 0644]
source/rpcclient/display_sec.c [new file with mode: 0644]
source/rpcclient/rpcclient.c [new file with mode: 0644]
source/rpcclient/rpcclient.h [new file with mode: 0644]
source/sam/SAM-interface_handles.txt [new file with mode: 0644]
source/sam/account.c [new file with mode: 0644]
source/sam/get_set_account.c [new file with mode: 0644]
source/sam/get_set_domain.c [new file with mode: 0644]
source/sam/get_set_group.c [new file with mode: 0644]
source/sam/group.c [new file with mode: 0644]
source/sam/gumm_tdb.c [new file with mode: 0644]
source/sam/gums.c [new file with mode: 0644]
source/sam/gums_api.c [new file with mode: 0644]
source/sam/gums_helper.c [new file with mode: 0644]
source/sam/interface.c [new file with mode: 0644]
source/sam/sam_ads.c [new file with mode: 0755]
source/sam/sam_plugin.c [new file with mode: 0644]
source/sam/sam_skel.c [new file with mode: 0644]
source/script/.cvsignore [new file with mode: 0644]
source/script/addtosmbpass [new file with mode: 0644]
source/script/build_env.sh [new file with mode: 0644]
source/script/convert_smbpasswd [new file with mode: 0755]
source/script/creategroup [new file with mode: 0755]
source/script/extract_allparms.sh [new file with mode: 0755]
source/script/find_missing_doc.pl [new file with mode: 0755]
source/script/findsmb.in [new file with mode: 0755]
source/script/findstatic.pl [new file with mode: 0755]
source/script/genstruct.pl [new file with mode: 0755]
source/script/installbin.sh [new file with mode: 0644]
source/script/installdat.sh [new file with mode: 0755]
source/script/installdirs.sh [new file with mode: 0755]
source/script/installman.sh [new file with mode: 0644]
source/script/installmodules.sh [new file with mode: 0644]
source/script/installscripts.sh [new file with mode: 0644]
source/script/installswat.sh [new file with mode: 0644]
source/script/makeunicodecasemap.awk [new file with mode: 0644]
source/script/mkinstalldirs [new file with mode: 0755]
source/script/mknissmbpasswd.sh [new file with mode: 0755]
source/script/mknissmbpwdtbl.sh [new file with mode: 0755]
source/script/mkproto.awk [new file with mode: 0644]
source/script/mkproto.sh [new file with mode: 0644]
source/script/mksmbpasswd.sh [new file with mode: 0644]
source/script/revert.sh [new file with mode: 0644]
source/script/scancvslog.pl [new file with mode: 0755]
source/script/smbtar [new file with mode: 0644]
source/script/uninstallbin.sh [new file with mode: 0644]
source/script/uninstallman.sh [new file with mode: 0644]
source/script/uninstallmodules.sh [new file with mode: 0644]
source/script/uninstallscripts.sh [new file with mode: 0644]
source/script/updatesmbpasswd.sh [new file with mode: 0644]
source/smbadduser [new file with mode: 0755]
source/smbd/.cvsignore [new file with mode: 0644]
source/smbd/build_options.c [new file with mode: 0644]
source/smbd/conn.c [new file with mode: 0644]
source/smbd/connection.c [new file with mode: 0644]
source/smbd/negprot.c [new file with mode: 0644]
source/smbd/password.c [new file with mode: 0644]
source/smbd/process.c [new file with mode: 0644]
source/smbd/process_model.c [new file with mode: 0644]
source/smbd/process_single.c [new file with mode: 0644]
source/smbd/process_standard.c [new file with mode: 0644]
source/smbd/process_thread.c [new file with mode: 0644]
source/smbd/reply.c [new file with mode: 0644]
source/smbd/request.c [new file with mode: 0644]
source/smbd/rewrite.c [new file with mode: 0644]
source/smbd/server.c [new file with mode: 0644]
source/smbd/service.c [new file with mode: 0644]
source/smbd/session.c [new file with mode: 0644]
source/smbd/sesssetup.c [new file with mode: 0644]
source/smbd/tcon.c [new file with mode: 0644]
source/smbd/trans2.c [new file with mode: 0644]
source/smbwrapper/.cvsignore [new file with mode: 0644]
source/smbwrapper/PORTING [new file with mode: 0644]
source/smbwrapper/README [new file with mode: 0644]
source/smbwrapper/realcalls.c [new file with mode: 0644]
source/smbwrapper/realcalls.h [new file with mode: 0644]
source/smbwrapper/shared.c [new file with mode: 0644]
source/smbwrapper/smbsh.c [new file with mode: 0644]
source/smbwrapper/smbsh.in [new file with mode: 0644]
source/smbwrapper/smbw.c [new file with mode: 0644]
source/smbwrapper/smbw.h [new file with mode: 0644]
source/smbwrapper/smbw_cache.c [new file with mode: 0644]
source/smbwrapper/smbw_dir.c [new file with mode: 0644]
source/smbwrapper/smbw_stat.c [new file with mode: 0644]
source/smbwrapper/wrapped.c [new file with mode: 0644]
source/tdb/.cvsignore [new file with mode: 0644]
source/tdb/Makefile [new file with mode: 0644]
source/tdb/README [new file with mode: 0644]
source/tdb/spinlock.c [new file with mode: 0644]
source/tdb/spinlock.h [new file with mode: 0644]
source/tdb/tdb.c [new file with mode: 0644]
source/tdb/tdb.h [new file with mode: 0644]
source/tdb/tdb.magic [new file with mode: 0644]
source/tdb/tdbbackup.c [new file with mode: 0644]
source/tdb/tdbdump.c [new file with mode: 0644]
source/tdb/tdbtest.c [new file with mode: 0644]
source/tdb/tdbtool.c [new file with mode: 0644]
source/tdb/tdbtorture.c [new file with mode: 0644]
source/tdb/tdbutil.c [new file with mode: 0644]
source/tdb/tdbutil.h [new file with mode: 0644]
source/tests/.cvsignore [new file with mode: 0644]
source/tests/README [new file with mode: 0644]
source/tests/crypttest.c [new file with mode: 0644]
source/tests/fcntl_lock.c [new file with mode: 0644]
source/tests/fcntl_lock64.c [new file with mode: 0644]
source/tests/fcntl_lock_thread.c [new file with mode: 0644]
source/tests/ftruncate.c [new file with mode: 0644]
source/tests/getgroups.c [new file with mode: 0644]
source/tests/shared_mmap.c [new file with mode: 0644]
source/tests/shlib.c [new file with mode: 0644]
source/tests/summary.c [new file with mode: 0644]
source/tests/trivial.c [new file with mode: 0644]
source/tests/unixsock.c [new file with mode: 0644]
source/torture/.cvsignore [new file with mode: 0644]
source/torture/aliases.c [new file with mode: 0644]
source/torture/cmd_sam.c [new file with mode: 0644]
source/torture/cmd_vfs.c [new file with mode: 0644]
source/torture/denytest.c [new file with mode: 0644]
source/torture/dfstest.c [new file with mode: 0644]
source/torture/genbit.c [new file with mode: 0644]
source/torture/gendefs.h [new file with mode: 0644]
source/torture/genparm.c [new file with mode: 0644]
source/torture/gentest.c [new file with mode: 0644]
source/torture/locktest.c [new file with mode: 0644]
source/torture/locktest2.c [new file with mode: 0644]
source/torture/mangle_test.c [new file with mode: 0644]
source/torture/masktest.c [new file with mode: 0644]
source/torture/msgtest.c [new file with mode: 0644]
source/torture/nbio.c [new file with mode: 0644]
source/torture/nsstest.c [new file with mode: 0644]
source/torture/qfileinfo.c [new file with mode: 0644]
source/torture/qfsinfo.c [new file with mode: 0644]
source/torture/raw/chkpath.c [new file with mode: 0644]
source/torture/raw/close.c [new file with mode: 0644]
source/torture/raw/context.c [new file with mode: 0644]
source/torture/raw/ioctl.c [new file with mode: 0644]
source/torture/raw/lock.c [new file with mode: 0644]
source/torture/raw/missing.txt [new file with mode: 0644]
source/torture/raw/mkdir.c [new file with mode: 0644]
source/torture/raw/mux.c [new file with mode: 0644]
source/torture/raw/notify.c [new file with mode: 0644]
source/torture/raw/open.c [new file with mode: 0644]
source/torture/raw/oplock.c [new file with mode: 0644]
source/torture/raw/qfileinfo.c [new file with mode: 0644]
source/torture/raw/qfsinfo.c [new file with mode: 0644]
source/torture/raw/read.c [new file with mode: 0644]
source/torture/raw/rename.c [new file with mode: 0644]
source/torture/raw/search.c [new file with mode: 0644]
source/torture/raw/seek.c [new file with mode: 0644]
source/torture/raw/setfileinfo.c [new file with mode: 0644]
source/torture/raw/unlink.c [new file with mode: 0644]
source/torture/raw/write.c [new file with mode: 0644]
source/torture/rpctorture.c [new file with mode: 0644]
source/torture/samtest.c [new file with mode: 0644]
source/torture/samtest.h [new file with mode: 0644]
source/torture/scanner.c [new file with mode: 0644]
source/torture/search.c [new file with mode: 0644]
source/torture/setfileinfo.c [new file with mode: 0644]
source/torture/t_strcmp.c [new file with mode: 0644]
source/torture/torture.c [new file with mode: 0644]
source/torture/torture_util.c [new file with mode: 0644]
source/torture/utable.c [new file with mode: 0644]
source/torture/vfstest.c [new file with mode: 0644]
source/torture/vfstest.h [new file with mode: 0644]
source/ubiqx/.cvsignore [new file with mode: 0644]
source/utils/.cvsignore [new file with mode: 0644]
source/utils/debug2html.c [new file with mode: 0644]
source/utils/editreg.c [new file with mode: 0644]
source/utils/net.c [new file with mode: 0644]
source/utils/net.h [new file with mode: 0644]
source/utils/net_ads.c [new file with mode: 0644]
source/utils/net_ads_cldap.c [new file with mode: 0644]
source/utils/net_cache.c [new file with mode: 0644]
source/utils/net_help.c [new file with mode: 0644]
source/utils/net_lookup.c [new file with mode: 0644]
source/utils/net_rap.c [new file with mode: 0644]
source/utils/net_rpc.c [new file with mode: 0644]
source/utils/net_rpc_join.c [new file with mode: 0644]
source/utils/net_rpc_samsync.c [new file with mode: 0644]
source/utils/net_time.c [new file with mode: 0644]
source/utils/nmblookup.c [new file with mode: 0644]
source/utils/ntlm_auth.c [new file with mode: 0644]
source/utils/pdbedit.c [new file with mode: 0644]
source/utils/profiles.c [new file with mode: 0644]
source/utils/rewrite.c [new file with mode: 0644]
source/utils/rpccheck.c [new file with mode: 0644]
source/utils/smbcacls.c [new file with mode: 0644]
source/utils/smbcontrol.c [new file with mode: 0644]
source/utils/smbfilter.c [new file with mode: 0644]
source/utils/smbgroupedit.c [new file with mode: 0644]
source/utils/smbpasswd.c [new file with mode: 0644]
source/utils/smbtree.c [new file with mode: 0644]
source/utils/smbw_sample.c [new file with mode: 0644]
source/utils/status.c [new file with mode: 0644]
source/utils/tdb/Makefile [new file with mode: 0644]
source/utils/tdb/README [new file with mode: 0644]
source/utils/tdb/tdb.magic [new file with mode: 0644]
source/utils/tdb/tdbbackup.c [new file with mode: 0644]
source/utils/tdb/tdbdump.c [new file with mode: 0644]
source/utils/tdb/tdbtest.c [new file with mode: 0644]
source/utils/tdb/tdbtool.c [new file with mode: 0644]
source/utils/tdb/tdbtorture.c [new file with mode: 0644]
source/utils/testparm.c [new file with mode: 0644]
source/utils/testprns.c [new file with mode: 0644]
source/web/.cvsignore [new file with mode: 0644]
source/web/cgi.c [new file with mode: 0644]
source/web/diagnose.c [new file with mode: 0644]
source/web/neg_lang.c [new file with mode: 0644]
source/web/startstop.c [new file with mode: 0644]
source/web/statuspage.c [new file with mode: 0644]
source/web/swat.c [new file with mode: 0644]
source/wrepld/parser.c [new file with mode: 0644]
source/wrepld/partners.c [new file with mode: 0644]
source/wrepld/process.c [new file with mode: 0644]
source/wrepld/server.c [new file with mode: 0644]
source/wrepld/socket.c [new file with mode: 0644]
source/wrepld/wins_repl.h [new file with mode: 0644]

diff --git a/source/.cvsignore b/source/.cvsignore
new file mode 100644 (file)
index 0000000..d1c7873
--- /dev/null
@@ -0,0 +1,34 @@
+libsmb
+*.po
+*.po32
+.headers.stamp
+.inslog2
+.ix*
+.proto.check
+.proto.stamp
+autom4te.cache
+ID
+ID
+Makefile
+bin
+build
+config.cache
+config.log
+config.status
+configure.tridge
+cvs.log
+diffs
+dmalloc.log
+dmallog.log
+dox
+libtool
+so_locations
+tca.log
+testdir
+testtmp
+trace.out
+typescript*
+configure
+config.jjm
+config.stfs
+*.dat
diff --git a/source/.dmallocrc b/source/.dmallocrc
new file mode 100644 (file)
index 0000000..5e5c45e
--- /dev/null
@@ -0,0 +1,2 @@
+samba allow-free-null, log-stats, log-non-free, log-trans, \
+        check-fence, check-heap, check-lists, error-abort
\ No newline at end of file
diff --git a/source/Doxyfile b/source/Doxyfile
new file mode 100644 (file)
index 0000000..c104078
--- /dev/null
@@ -0,0 +1,176 @@
+# Doxyfile 0.1
+
+#---------------------------------------------------------------------------
+# General configuration options
+#---------------------------------------------------------------------------
+PROJECT_NAME           = Samba
+PROJECT_NUMBER         = HEAD
+
+# NOTE: By default, Doxygen writes into the dox/ subdirectory of the
+# invocation directory.  If you want to put it somewhere else, for
+# example, to write straight into a webserver directory, then override
+# this variable in a configuration concatenated to this one: Doxygen
+# doesn't mind variables being redefined.
+
+OUTPUT_DIRECTORY       = dox
+
+OUTPUT_LANGUAGE        = English
+EXTRACT_ALL            = YES
+EXTRACT_PRIVATE        = YES
+EXTRACT_STATIC         = YES
+HIDE_UNDOC_MEMBERS     = NO
+HIDE_UNDOC_CLASSES     = NO
+BRIEF_MEMBER_DESC      = YES
+REPEAT_BRIEF           = YES
+ALWAYS_DETAILED_SEC    = NO
+FULL_PATH_NAMES        = YES
+STRIP_FROM_PATH        = $(PWD)/
+INTERNAL_DOCS          = YES
+CLASS_DIAGRAMS         = YES
+SOURCE_BROWSER         = YES
+INLINE_SOURCES         = YES
+STRIP_CODE_COMMENTS    = NO
+CASE_SENSE_NAMES       = YES
+SHORT_NAMES            = NO
+HIDE_SCOPE_NAMES       = YES
+VERBATIM_HEADERS       = YES
+SHOW_INCLUDE_FILES     = YES
+JAVADOC_AUTOBRIEF      = YES
+INHERIT_DOCS           = YES
+INLINE_INFO            = YES
+SORT_MEMBER_DOCS       = NO
+DISTRIBUTE_GROUP_DOC   = NO
+TAB_SIZE               = 8
+GENERATE_TODOLIST      = YES
+GENERATE_TESTLIST      = YES
+GENERATE_BUGLIST       = YES
+ALIASES                = 
+ENABLED_SECTIONS       = 
+MAX_INITIALIZER_LINES  = 30
+OPTIMIZE_OUTPUT_FOR_C  = YES
+SHOW_USED_FILES        = YES
+REFERENCED_BY_RELATION = YES
+#---------------------------------------------------------------------------
+# configuration options related to warning and progress messages
+#---------------------------------------------------------------------------
+QUIET                  = YES
+WARNINGS               = NO
+WARN_IF_UNDOCUMENTED   = NO
+WARN_FORMAT            = "$file:$line: $text"
+WARN_LOGFILE           = 
+#---------------------------------------------------------------------------
+# configuration options related to the input files
+#---------------------------------------------------------------------------
+INPUT                  = . 
+FILE_PATTERNS          = *.c \
+                         *.h \
+                         *.idl
+RECURSIVE              = YES
+EXCLUDE                = include/includes.h \
+                         include/proto.h
+EXCLUDE_PATTERNS       = 
+EXAMPLE_PATH           = 
+EXAMPLE_PATTERNS       = 
+IMAGE_PATH             = 
+INPUT_FILTER           = 
+FILTER_SOURCE_FILES    = NO
+#---------------------------------------------------------------------------
+# configuration options related to the alphabetical class index
+#---------------------------------------------------------------------------
+ALPHABETICAL_INDEX     = YES
+COLS_IN_ALPHA_INDEX    = 1
+IGNORE_PREFIX          = 
+#---------------------------------------------------------------------------
+# configuration options related to the HTML output
+#---------------------------------------------------------------------------
+GENERATE_HTML          = YES
+HTML_OUTPUT            = .
+HTML_HEADER            = 
+HTML_FOOTER            = 
+HTML_STYLESHEET        = 
+HTML_ALIGN_MEMBERS     = YES
+GENERATE_HTMLHELP      = NO
+GENERATE_CHI           = NO
+BINARY_TOC             = NO
+TOC_EXPAND             = NO
+DISABLE_INDEX          = NO
+ENUM_VALUES_PER_LINE   = 3
+GENERATE_TREEVIEW      = NO
+TREEVIEW_WIDTH         = 250
+#---------------------------------------------------------------------------
+# configuration options related to the LaTeX output
+#---------------------------------------------------------------------------
+GENERATE_LATEX         = NO
+LATEX_OUTPUT           = latex
+COMPACT_LATEX          = NO
+PAPER_TYPE             = a4wide
+EXTRA_PACKAGES         = 
+LATEX_HEADER           = 
+PDF_HYPERLINKS         = YES
+USE_PDFLATEX           = YES
+LATEX_BATCHMODE        = YES
+#---------------------------------------------------------------------------
+# configuration options related to the RTF output
+#---------------------------------------------------------------------------
+GENERATE_RTF           = NO
+RTF_OUTPUT             = rtf
+COMPACT_RTF            = NO
+RTF_HYPERLINKS         = NO
+RTF_STYLESHEET_FILE    = 
+RTF_EXTENSIONS_FILE    = 
+#---------------------------------------------------------------------------
+# configuration options related to the man page output
+#---------------------------------------------------------------------------
+GENERATE_MAN           = NO
+MAN_OUTPUT             = man
+MAN_EXTENSION          = .3
+MAN_LINKS              = NO
+#---------------------------------------------------------------------------
+# configuration options related to the XML output
+#---------------------------------------------------------------------------
+GENERATE_XML           = NO
+#---------------------------------------------------------------------------
+# configuration options related to the preprocessor   
+#---------------------------------------------------------------------------
+ENABLE_PREPROCESSING   = NO
+MACRO_EXPANSION        = NO
+EXPAND_ONLY_PREDEF     = NO
+SEARCH_INCLUDES        = YES
+INCLUDE_PATH           = 
+INCLUDE_FILE_PATTERNS  = 
+PREDEFINED             = 
+EXPAND_AS_DEFINED      = 
+SKIP_FUNCTION_MACROS   = YES
+#---------------------------------------------------------------------------
+# configuration::additions related to external references   
+#---------------------------------------------------------------------------
+TAGFILES               = 
+GENERATE_TAGFILE       = 
+ALLEXTERNALS           = NO
+PERL_PATH              = /usr/bin/perl
+#---------------------------------------------------------------------------
+# configuration options related to the dot tool   
+#---------------------------------------------------------------------------
+HAVE_DOT               = NO
+CLASS_GRAPH            = YES
+COLLABORATION_GRAPH    = YES
+TEMPLATE_RELATIONS     = YES
+INCLUDE_GRAPH          = YES
+INCLUDED_BY_GRAPH      = YES
+GRAPHICAL_HIERARCHY    = YES
+DOT_PATH               = 
+DOTFILE_DIRS           = 
+MAX_DOT_GRAPH_WIDTH    = 1024
+MAX_DOT_GRAPH_HEIGHT   = 1024
+GENERATE_LEGEND        = YES
+DOT_CLEANUP            = YES
+#---------------------------------------------------------------------------
+# configuration::additions related to the search engine   
+#---------------------------------------------------------------------------
+SEARCHENGINE           = NO
+CGI_NAME               = search.cgi
+CGI_URL                = 
+DOC_URL                = 
+DOC_ABSPATH            = 
+BIN_ABSPATH            = /usr/local/bin/
+EXT_DOC_PATHS          = 
diff --git a/source/Makefile.in b/source/Makefile.in
new file mode 100644 (file)
index 0000000..d6541a7
--- /dev/null
@@ -0,0 +1,1338 @@
+#########################################################################
+# Makefile.in for Samba - rewritten for autoconf support
+# Copyright Andrew Tridgell 1992-1998
+# Copyright (C) 2001 by Martin Pool <mbp@samba.org>
+# Copyright Andrew Barteltt 2002
+# Copyright (C) 2003 Anthony Liguori <aliguor@us.ibm.com>
+# Copyright (C) 2003 James Myers <myersjj@us.ibm.com>
+###########################################################################
+
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+mandir=@mandir@
+
+LIBS=@LIBS@ 
+CC=@CC@
+SHLD=@SHLD@
+CFLAGS=@CFLAGS@
+CPPFLAGS=@CPPFLAGS@
+EXEEXT=@EXEEXT@
+LDFLAGS=@LDFLAGS@
+LDSHFLAGS=@LDSHFLAGS@ @LDFLAGS@ @CFLAGS@
+AWK=@AWK@
+DYNEXP=@DYNEXP@
+PYTHON=@PYTHON@
+
+TERMLDFLAGS=@TERMLDFLAGS@
+TERMLIBS=@TERMLIBS@
+PRINTLIBS=@PRINTLIBS@
+AUTHLIBS=@AUTHLIBS@
+ACLLIBS=@ACLLIBS@
+
+LINK=$(CC) $(FLAGS) $(LDFLAGS)
+
+INSTALLCMD=@INSTALL@
+INSTALLCLIENTCMD_SH=@INSTALLCLIENTCMD_SH@
+INSTALLCLIENTCMD_A=@INSTALLCLIENTCMD_A@
+
+VPATH=@srcdir@
+srcdir=@srcdir@
+builddir=@builddir@
+SHELL=/bin/sh
+
+BASEDIR= @prefix@
+BINDIR = @bindir@
+# sbindir is mapped to bindir when compiling SAMBA in 2.0.x compatibility mode.
+SBINDIR = @sbindir@
+LIBDIR = @libdir@
+VFSLIBDIR = $(LIBDIR)/vfs
+PDBLIBDIR = $(LIBDIR)/pdb
+RPCLIBDIR = $(LIBDIR)/rpc
+CONFIGDIR = @configdir@
+VARDIR = @localstatedir@
+MANDIR = @mandir@
+
+# The permissions to give the executables
+INSTALLPERMS = 0755
+
+# set these to where to find various files
+# These can be overridden by command line switches (see smbd(8))
+# or in smb.conf (see smb.conf(5))
+LOGFILEBASE = @logfilebase@
+CONFIGFILE = $(CONFIGDIR)/smb.conf
+LMHOSTSFILE = $(CONFIGDIR)/lmhosts
+
+# This is where smbpasswd et al go
+PRIVATEDIR = @privatedir@
+
+SMB_PASSWD_FILE = $(PRIVATEDIR)/smbpasswd
+PRIVATE_DIR = $(PRIVATEDIR)
+
+# This is where SWAT images and help files go
+SWATDIR = @swatdir@
+
+# the directory where lock files go
+LOCKDIR = @lockdir@
+
+# the directory where pid files go
+PIDDIR = @piddir@
+# man pages language(s)
+man_langs = "@manlangs@"
+
+LIBSMBCLIENT_MAJOR=0
+LIBSMBCLIENT_MINOR=1
+
+
+FLAGS1 = $(CFLAGS) @FLAGS1@ -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I. $(CPPFLAGS) -I$(srcdir)
+FLAGS2 = -I/usr/src/newport/csm/include/linuxusp -I/usr/src/newport/csm/include/common -I/usr/src/newport/stp/include
+FLAGS3 = 
+FLAGS4 = 
+FLAGS5 = $(FLAGS1) $(FLAGS2) $(FLAGS3) $(FLAGS4)
+FLAGS  = $(ISA) $(FLAGS5) 
+FLAGS32  = $(ISA32) $(FLAGS5)
+
+PASSWD_FLAGS = -DSMB_PASSWD_FILE=\"$(SMB_PASSWD_FILE)\" -DPRIVATE_DIR=\"$(PRIVATE_DIR)\"
+PATH_FLAGS1 = -DCONFIGFILE=\"$(CONFIGFILE)\"  -DSBINDIR=\"$(SBINDIR)\"
+PATH_FLAGS2 = $(PATH_FLAGS1) -DBINDIR=\"$(BINDIR)\" -DDRIVERFILE=\"$(DRIVERFILE)\" 
+PATH_FLAGS3 = $(PATH_FLAGS2) -DLMHOSTSFILE=\"$(LMHOSTSFILE)\" 
+PATH_FLAGS4 = $(PATH_FLAGS3) -DSWATDIR=\"$(SWATDIR)\"  -DLOCKDIR=\"$(LOCKDIR)\" -DPIDDIR=\"$(PIDDIR)\"
+PATH_FLAGS5 = $(PATH_FLAGS4) -DLIBDIR=\"$(LIBDIR)\" \
+             -DLOGFILEBASE=\"$(LOGFILEBASE)\" -DSHLIBEXT=\"@SHLIBEXT@\"
+PATH_FLAGS6 = $(PATH_FLAGS5) -DCONFIGDIR=\"$(CONFIGDIR)\"
+PATH_FLAGS = $(PATH_FLAGS6) $(PASSWD_FLAGS)
+
+# Note that all executable programs now provide for an optional executable suffix.
+
+SBIN_PROGS = bin/smbd@EXEEXT@ bin/nmbd@EXEEXT@ bin/swat@EXEEXT@ \
+       bin/wrepld@EXEEXT@ @EXTRA_SBIN_PROGS@ 
+
+BIN_PROGS1 = bin/smbclient@EXEEXT@ bin/net@EXEEXT@ bin/smbspool@EXEEXT@ \
+       bin/testparm@EXEEXT@ bin/testprns@EXEEXT@ bin/smbstatus@EXEEXT@ 
+BIN_PROGS2 = bin/smbcontrol@EXEEXT@ bin/smbtree@EXEEXT@ bin/tdbbackup@EXEEXT@ \
+       bin/nmblookup@EXEEXT@ bin/pdbedit@EXEEXT@
+BIN_PROGS3 = bin/smbpasswd@EXEEXT@ bin/rpcclient@EXEEXT@ bin/smbcacls@EXEEXT@ \
+       bin/profiles@EXEEXT@ bin/smbgroupedit@EXEEXT@ bin/ntlm_auth@EXEEXT@ \
+       bin/editreg@EXEEXT@
+
+TORTURE_PROGS = bin/smbtorture@EXEEXT@ bin/gentest@EXEEXT@
+#bin/msgtest@EXEEXT@ \
+#      bin/masktest@EXEEXT@ bin/locktest@EXEEXT@ \
+#      bin/locktest2@EXEEXT@ bin/nsstest@EXEEXT@ bin/vfstest@EXEEXT@ \
+
+BIN_PROGS = $(BIN_PROGS1) $(BIN_PROGS2) $(BIN_PROGS3) @EXTRA_BIN_PROGS@
+
+SHLIBS = @SHLIB_PROGS@ @LIBSMBCLIENT@
+
+SCRIPTS = $(srcdir)/script/smbtar $(srcdir)/script/addtosmbpass $(srcdir)/script/convert_smbpasswd \
+         $(builddir)/script/findsmb
+
+# QUOTAOBJS=@QUOTAOBJS@
+
+VFS_MODULES = bin/vfs_audit.@SHLIBEXT@ bin/vfs_extd_audit.@SHLIBEXT@ bin/vfs_recycle.@SHLIBEXT@ \
+       bin/vfs_netatalk.@SHLIBEXT@ bin/vfs_fake_perms.@SHLIBEXT@
+PDB_MODULES = @MODULE_MYSQL@ @MODULE_XML@
+MODULES = bin/developer.@SHLIBEXT@ 
+
+######################################################################
+# object file lists
+######################################################################
+
+TDBBASE_OBJ = tdb/tdb.o tdb/spinlock.o
+TDB_OBJ = $(TDBBASE_OBJ) tdb/tdbutil.o 
+
+LIB_OBJ = lib/charcnv.o lib/debug.o lib/fault.o \
+          lib/getsmbpass.o lib/interface.o lib/md4.o \
+          lib/interfaces.o lib/pidfile.o lib/replace.o \
+          lib/signal.o lib/system.o lib/sendfile.o lib/time.o \
+         lib/genrand.o lib/username.o \
+         lib/util_getent.o lib/util_pw.o lib/smbrun.o \
+         lib/bitmap.o lib/crc32.o lib/snprintf.o lib/dprintf.o \
+         lib/xfile.o lib/wins_srv.o \
+         lib/util_str.o lib/util_sid.o lib/util_uuid.o \
+         lib/util_unistr.o lib/util_file.o lib/data_blob.o \
+         lib/util.o lib/util_sock.o \
+         lib/talloc.o lib/substitute.o lib/fsusage.o \
+         lib/ms_fnmatch.o lib/select.o lib/messages.o \
+         lib/tallocmsg.o lib/dmallocmsg.o \
+         lib/md5.o lib/hmacmd5.o lib/iconv.o lib/smbpasswd.o \
+         nsswitch/wb_client.o nsswitch/wb_common.o \
+         lib/pam_errors.o intl/lang_tdb.o lib/account_pol.o \
+         lib/gencache.o $(TDB_OBJ) \
+         lib/module.o lib/genparser.o \
+         lib/ldap_escape.o lib/events.o lib/mutex.o
+
+LIB_SMBD_OBJ = lib/system_smbd.o lib/util_smbd.o $(LIB_OBJ)
+
+READLINE_OBJ = lib/readline.o
+
+POPT_LIB_OBJ = lib/popt_common.o 
+
+PARAM_OBJ = param/loadparm.o param/params.o dynconfig.o
+
+KRBCLIENT_OBJ = libads/kerberos.o
+
+#LIBADS_OBJ = libads/ldap.o libads/ldap_printer.o libads/sasl.o \
+#           libads/krb5_setpw.o libads/ldap_user.o \
+#           libads/ads_struct.o libads/ads_status.o \
+#             libads/disp_sec.o libads/ads_utils.o libads/ldap_utils.o \
+#           libads/ads_ldap.o
+
+#LIBADS_SERVER_OBJ = libads/util.o libads/kerberos_verify.o
+
+SECRETS_OBJ = passdb/secrets.o
+
+LIBNMB_OBJ = libcli/unexpected.o libcli/namecache.o libcli/nmblib.o \
+            libcli/namequery.o 
+
+LIBNTLMSSP_OBJ = libcli/ntlmssp.o libcli/ntlmssp_parse.o libcli/util/ntlmssp_sign.o
+
+LIBSAMBA_OBJ = libcli/util/nterr.o libcli/util/smbdes.o libcli/util/smbencrypt.o
+
+LIBCLIUTIL_OBJ = libcli/util/asn1.o \
+            libcli/util/smberr.o libcli/util/credentials.o \
+            libcli/util/doserr.o libcli/util/errormap.o \
+            libcli/util/pwd_cache.o libcli/util/clierror.o libcli/util/cliutil.o
+
+LIBRAW_OBJ = libcli/raw/rawfile.o libcli/raw/smb_signing.o  \
+            libcli/raw/clisocket.o libcli/raw/clitransport.o \
+            libcli/raw/clisession.o libcli/raw/clitree.o \
+            libcli/raw/clikrb5.o libcli/raw/clispnego.o libcli/raw/rawrequest.o \
+            libcli/raw/rawreadwrite.o \
+            libcli/raw/rawsearch.o libcli/raw/rawsetfileinfo.o libcli/raw/raweas.o \
+            libcli/raw/rawtrans.o libcli/raw/clioplock.o \
+            libcli/raw/rawnegotiate.o libcli/raw/rawfsinfo.o \
+            libcli/raw/rawfileinfo.o libcli/raw/rawnotify.o \
+            libcli/raw/rawioctl.o \
+            $(LIBSAMBA_OBJ) $(LIBCLIUTIL_OBJ) \
+            $(RPC_PARSE_OBJ1) $(LIBNTLMSSP_OBJ) $(LIBNMB_OBJ) $(KRBCLIENT_OBJ)
+
+LIBSMB_OBJ = libcli/clireadwrite.o libcli/cliconnect.o \
+            libcli/clifile.o libcli/clilist.o libcli/clitrans2.o  \
+            libcli/clisecdesc.o libcli/climessage.o \
+            libcli/clideltree.o \
+            $(LIBRAW_OBJ)
+
+# LIBDFS_OBJ = libcli/clidfs.o
+
+LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \
+              rpc_client/cli_netlogon.o rpc_client/cli_srvsvc.o \
+              rpc_client/cli_wkssvc.o rpc_client/cli_dfs.o \
+              rpc_client/cli_reg.o rpc_client/cli_pipe.o \
+              rpc_client/cli_spoolss.o rpc_client/cli_spoolss_notify.o  \
+              rpc_client/cli_ds.o libcli/namequery_dc.o
+
+#LIBMSRPC_SERVER_OBJ = libcli/trust_passwd.o
+
+#REGOBJS_OBJ = registry/reg_objects.o
+#REGISTRY_OBJ = registry/reg_frontend.o registry/reg_cachehook.o registry/reg_printing.o \
+#               registry/reg_db.o 
+
+#RPC_LSA_OBJ = rpc_server/srv_lsa.o rpc_server/srv_lsa_nt.o
+
+#RPC_NETLOG_OBJ = rpc_server/srv_netlog.o rpc_server/srv_netlog_nt.o
+
+#RPC_SAMR_OBJ = rpc_server/srv_samr.o rpc_server/srv_samr_nt.o \
+#               rpc_server/srv_samr_util.o
+
+#RPC_REG_OBJ =  rpc_server/srv_reg.o rpc_server/srv_reg_nt.o
+
+#RPC_SVC_OBJ = rpc_server/srv_srvsvc.o rpc_server/srv_srvsvc_nt.o
+
+#RPC_WKS_OBJ =  rpc_server/srv_wkssvc.o rpc_server/srv_wkssvc_nt.o
+
+#RPC_DFS_OBJ =  rpc_server/srv_dfs.o rpc_server/srv_dfs_nt.o
+#RPC_SPOOLSS_OBJ = rpc_server/srv_spoolss.o rpc_server/srv_spoolss_nt.o 
+
+RPC_PIPE_OBJ = rpc_server/srv_pipe_hnd.o rpc_server/srv_util.o \
+               rpc_server/srv_pipe.o rpc_server/srv_lsa_hnd.o
+
+# These are like they are to avoid a dependency on GNU MAKE
+@LSA_DYNAMIC_YES@RPC_MODULES1 = bin/librpc_lsarpc.@SHLIBEXT@
+@NETLOG_DYNAMIC_YES@RPC_MODULES2 = bin/librpc_NETLOGON.@SHLIBEXT@
+@SAMR_DYNAMIC_YES@RPC_MODULES3 = bin/librpc_samr.@SHLIBEXT@
+@SVC_DYNAMIC_YES@RPC_MODULES4 = bin/librpc_srvsvc.@SHLIBEXT@
+@WKS_DYNAMIC_YES@RPC_MODULES5 = bin/librpc_wkssvc.@SHLIBEXT@
+@REG_DYNAMIC_YES@RPC_MODULES6 = bin/librpc_winreg.@SHLIBEXT@
+@SPOOLSS_DYNAMIC_YES@RPC_MODULES7 = bin/librpc_spoolss.@SHLIBEXT@
+@DFS_DYNAMIC_YES@RPC_MODULES8 = bin/librpc_netdfs.@SHLIBEXT@
+RPC_MODULES = $(RPC_MODULES1) $(RPC_MODULES2) $(RPC_MODULES3) $(RPC_MODULES4) \
+       $(RPC_MODULES5) $(RPC_MODULES6) $(RPC_MODULES7) $(RPC_MODULES8)
+
+@LSA_DYNAMIC_NO@RPC_PIPE_OBJ1 = $(RPC_LSA_OBJ)
+@NETLOG_DYNAMIC_NO@RPC_PIPE_OBJ2 = $(RPC_NETLOG_OBJ)
+@SAMR_DYNAMIC_NO@RPC_PIPE_OBJ3 = $(RPC_SAMR_OBJ)
+@SVC_DYNAMIC_NO@RPC_PIPE_OBJ4 = $(RPC_SVC_OBJ)
+@WKS_DYNAMIC_NO@RPC_PIPE_OBJ5 = $(RPC_WKS_OBJ)
+@REG_DYNAMIC_NO@RPC_PIPE_OBJ6 = $(RPC_REG_OBJ)
+@SPOOLSS_DYNAMIC_NO@RPC_PIPE_OBJ7 = $(RPC_SPOOLSS_OBJ)
+@DFS_DYNAMIC_NO@RPC_PIPE_OBJ8 =        $(RPC_DFS_OBJ)
+RPC_SERVER_OBJ = $(RPC_PIPE_OBJ1) $(RPC_PIPE_OBJ2) $(RPC_PIPE_OBJ3) \
+       $(RPC_PIPE_OBJ4) $(RPC_PIPE_OBJ5) $(RPC_PIPE_OBJ6) $(RPC_PIPE_OBJ7) \
+       $(RPC_PIPE_OBJ8) $(RPC_PIPE_OBJ)
+
+# this includes only the low level parse code, not stuff
+# that requires knowledge of security contexts
+RPC_PARSE_OBJ1 = rpc_parse/parse_prs.o rpc_parse/parse_sec.o \
+                rpc_parse/parse_misc.o
+
+RPC_PARSE_OBJ = rpc_parse/parse_lsa.o rpc_parse/parse_net.o \
+                rpc_parse/parse_reg.o rpc_parse/parse_rpc.o \
+                rpc_parse/parse_samr.o rpc_parse/parse_srv.o \
+                rpc_parse/parse_wks.o rpc_parse/parse_ds.o \
+               rpc_parse/parse_spoolss.o rpc_parse/parse_dfs.o \
+               $(REGOBJS_OBJ)
+
+
+RPC_CLIENT_OBJ = rpc_client/cli_pipe.o 
+
+#LOCKING_OBJ = locking/locking.o locking/brlock.o locking/posix.o
+
+PASSDB_GET_SET_OBJ = passdb/pdb_get_set.o
+
+PASSDB_OBJ = $(PASSDB_GET_SET_OBJ) passdb/passdb.o passdb/pdb_interface.o \
+               passdb/machine_sid.o passdb/pdb_smbpasswd.o \
+               passdb/pdb_tdb.o passdb/pdb_ldap.o \
+               passdb/pdb_unix.o passdb/pdb_guest.o passdb/util_sam_sid.o \
+               passdb/pdb_compat.o passdb/pdb_nisplus.o \
+               passdb/privileges.o 
+
+XML_OBJ = modules/xml.o
+MYSQL_OBJ = modules/mysql.o
+DEVEL_HELP_OBJ = modules/developer.o
+
+SAM_STATIC_MODULES = sam/sam_plugin.o sam/sam_skel.o sam/sam_ads.o
+
+SAM_OBJ = sam/account.o sam/get_set_account.o sam/get_set_group.o \
+               sam/get_set_domain.o sam/interface.o $(SAM_STATIC_MODULES)
+
+SAMTEST_OBJ = torture/samtest.o torture/cmd_sam.o $(SAM_OBJ) $(LIB_OBJ) $(PARAM_OBJ) $(LIBSMB_OBJ) $(READLINE_OBJ) lib/util_seaccess.o $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(GROUPDB_OBJ)
+
+GROUPDB_OBJ = groupdb/mapping.o
+
+# passdb/smbpass.o passdb/ldap.o passdb/nispass.o 
+
+#PROFILE_OBJ = profile/profile.o
+
+# OPLOCK_OBJ = smbd/oplock.o smbd/oplock_irix.o smbd/oplock_linux.o
+
+# NOTIFY_OBJ = smbd/notify.o smbd/notify_hash.o smbd/notify_kernel.o
+
+PLAINTEXT_AUTH_OBJ = auth/pampass.o auth/pass_check.o
+
+# UNIGRP_OBJ = libcli/netlogon_unigrp.o 
+
+AUTH_OBJ = auth/auth.o auth/auth_sam.o \
+          auth/auth_unix.o auth/auth_util.o    \
+          auth/auth_builtin.o auth/auth_compat.o \
+          $(PLAINTEXT_AUTH_OBJ) $(UNIGRP_OBJ)
+
+# auth/auth_server.o auth/auth_domain.o auth/auth_winbind.o auth/auth_ntlmssp.o 
+
+MANGLE_OBJ = smbd/mangle.o smbd/mangle_hash.o smbd/mangle_map.o smbd/mangle_hash2.o
+
+SMBD_OBJ_MAIN = smbd/server.o
+
+CSM_NTVFS_MAIN = ntvfs/tank/vfs_tank.o
+#we don't want these in main proto.h
+CSM_NTVFS_OBJ = ntvfs/tank/csm_init.o ntvfs/tank/csm_unlink.o \
+               ntvfs/tank/csm_util.o ntvfs/tank/csm_error.o ntvfs/tank/csm_lookup.o \
+               ntvfs/tank/csm_blockmap.o ntvfs/tank/csm_dir.o \
+               ntvfs/tank/csm_fcntl.o ntvfs/tank/csm_io.o ntvfs/tank/csm_mkdir.o \
+               ntvfs/tank/csm_open.o ntvfs/tank/csm_rename.o \
+               ntvfs/tank/csm_attr.o ntvfs/tank/csm_truncate.o \
+               ntvfs/tank/csm_fd.o
+
+@STFS_ENABLED@STFS_MAIN = $(CSM_NTVFS_MAIN)
+@STFS_ENABLED@STFS_OBJS = $(CSM_NTVFS_OBJ)
+@STFS_ENABLED@STFS_LIBS = -L/usr/lib -L/usr/src/newport/csm/lib -Wl,"-(,-lcsm,-lcsmlinuxusp,-)"
+
+SMBD_NTVFS_OBJ = ntvfs/ntvfs_base.o ntvfs/ntvfs_util.o ntvfs/ntvfs_generic.o \
+       ntvfs/simple/vfs_simple.o ntvfs/simple/svfs_util.o \
+       ntvfs/ipc/vfs_ipc.o ntvfs/cifs/vfs_cifs.o \
+       ntvfs/print/vfs_print.o
+
+SMBD_OBJ_SRV = smbd/connection.o \
+              smbd/session.o \
+           smbd/password.o smbd/conn.o \
+           smbd/negprot.o smbd/request.o \
+           smbd/reply.o smbd/sesssetup.o \
+          smbd/trans2.o \
+           lib/sysacls.o lib/server_mutex.o \
+           smbd/build_options.o smbd/service.o \
+          smbd/rewrite.o \
+              $(SMBD_NTVFS_OBJ) $(STFS_MAIN) @SMBD_EXTRA_OBJS@ 
+
+PROCESS_MODEL_OBJ = smbd/process.o smbd/process_model.o smbd/process_standard.o \
+                       smbd/process_single.o
+
+# lib/util_seaccess.o 
+
+# printing/printfsp.o
+
+SMBD_OBJ_BASE = $(PROCESS_MODEL_OBJ) $(SMBD_OBJ_SRV) $(STFS_OBJS) \
+               $(MSDFS_OBJ) $(PARAM_OBJ) \
+               $(SECRETS_OBJ) \
+               $(PASSDB_OBJ)  \
+               $(AUTH_OBJ) $(GROUPDB_OBJ) \
+               $(LIB_SMBD_OBJ) $(POPT_LIB_OBJ) $(LIBSMB_OBJ)           
+
+#  $(RPC_SERVER_OBJ) $(RPC_PARSE_OBJ)  $(LOCKING_OBJ) $(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) $(LIBADS_OBJ) $(KRBCLIENT_OBJ) $(LIBADS_SERVER_OBJ) 
+# $(PRINTING_OBJ) $(PROFILE_OBJ) $(PRINTBACKEND_OBJ) $(QUOTAOBJS) $(OPLOCK_OBJ) $(NOTIFY_OBJ) $(REGISTRY_OBJ) 
+
+#PRINTING_OBJ = printing/pcap.o printing/print_svid.o \
+#                              printing/print_cups.o printing/print_generic.o \
+#                              printing/lpq_parse.o printing/load.o
+
+#PRINTBACKEND_OBJ = printing/printing.o printing/nt_printing.o printing/notify.o \
+#              printing/printing_db.o
+
+# MSDFS_OBJ = msdfs/msdfs.o 
+
+SMBD_OBJ = $(SMBD_OBJ_MAIN) $(SMBD_OBJ_BASE)
+
+NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
+            nmbd/nmbd_become_lmb.o nmbd/nmbd_browserdb.o \
+            nmbd/nmbd_browsesync.o nmbd/nmbd_elections.o \
+            nmbd/nmbd_incomingdgrams.o nmbd/nmbd_incomingrequests.o \
+            nmbd/nmbd_lmhosts.o nmbd/nmbd_logonnames.o nmbd/nmbd_mynames.o \
+            nmbd/nmbd_namelistdb.o nmbd/nmbd_namequery.o \
+            nmbd/nmbd_nameregister.o nmbd/nmbd_namerelease.o \
+            nmbd/nmbd_nodestatus.o nmbd/nmbd_packets.o \
+            nmbd/nmbd_processlogon.o nmbd/nmbd_responserecordsdb.o \
+            nmbd/nmbd_sendannounce.o nmbd/nmbd_serverlistdb.o \
+            nmbd/nmbd_subnetdb.o nmbd/nmbd_winsproxy.o nmbd/nmbd_winsserver.o \
+            nmbd/nmbd_workgroupdb.o nmbd/nmbd_synclists.o
+
+NMBD_OBJ = $(NMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+           $(PROFILE_OBJ) $(LIB_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ)
+
+WREPL_OBJ1 = wrepld/server.o wrepld/process.o wrepld/parser.o wrepld/socket.o \
+             wrepld/partners.o
+
+WREPL_OBJ = $(WREPL_OBJ1)  $(PARAM_OBJ) \
+           $(PROFILE_OBJ) $(LIB_OBJ)
+
+SWAT_OBJ1 = web/cgi.o web/diagnose.o web/startstop.o web/statuspage.o \
+           web/swat.o web/neg_lang.o 
+
+SWAT_OBJ = $(SWAT_OBJ1) $(PRINTING_OBJ) $(LIBSMB_OBJ) $(LOCKING_OBJ) \
+           $(PARAM_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(KRBCLIENT_OBJ) \
+          $(LIB_OBJ) $(GROUPDB_OBJ) $(PLAINTEXT_AUTH_OBJ)
+
+SMBSH_OBJ = smbwrapper/smbsh.o smbwrapper/shared.o \
+            $(PARAM_OBJ) $(LIB_OBJ)
+
+STATUS_OBJ = utils/status.o utils/rewrite.o $(LOCKING_OBJ) $(PARAM_OBJ) \
+             $(PROFILE_OBJ) $(LIB_OBJ) $(POPT_LIB_OBJ)
+
+SMBCONTROL_OBJ = utils/smbcontrol.o $(LOCKING_OBJ) $(PARAM_OBJ) \
+       $(PROFILE_OBJ) $(LIB_OBJ) utils/rewrite.o 
+#      printing/notify.o printing/printing_db.o
+
+SMBTREE_OBJ = utils/smbtree.o $(LOCKING_OBJ) $(PARAM_OBJ) \
+             $(PROFILE_OBJ) $(LIB_OBJ) $(LIBSMB_OBJ) \
+            $(KRBCLIENT_OBJ)
+
+TESTPARM_OBJ = utils/testparm.o \
+               $(PARAM_OBJ) $(LIB_OBJ) $(POPT_LIB_OBJ)
+
+TESTPRNS_OBJ = utils/testprns.o $(PARAM_OBJ) $(PRINTING_OBJ) $(LIB_OBJ)
+
+SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(SECRETS_OBJ) \
+               $(LIBSMB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ)\
+                $(LIB_OBJ) $(KRBCLIENT_OBJ)
+
+PDBEDIT_OBJ = utils/pdbedit.o $(PARAM_OBJ) $(PASSDB_OBJ) $(LIBSAMBA_OBJ) \
+               $(LIB_OBJ) $(GROUPDB_OBJ) $(SECRETS_OBJ) \
+               $(POPT_LIB_OBJ)
+
+SMBGROUPEDIT_OBJ = utils/smbgroupedit.o $(GROUPDB_OBJ) $(PARAM_OBJ) \
+               $(LIBSAMBA_OBJ) $(PASSDB_OBJ) $(SECRETS_OBJ) $(LIB_OBJ)
+
+RPCCLIENT_OBJ1 = rpcclient/rpcclient.o rpcclient/cmd_lsarpc.o \
+                rpcclient/cmd_samr.o rpcclient/cmd_spoolss.o \
+                rpcclient/cmd_netlogon.o rpcclient/cmd_srvsvc.o \
+                rpcclient/cmd_dfs.o rpcclient/cmd_reg.o \
+                rpcclient/display_sec.o rpcclient/cmd_ds.o
+
+RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \
+             $(PARAM_OBJ) $(LIBSMB_OBJ) $(LIB_OBJ) \
+             $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(LIBMSRPC_OBJ) \
+             $(READLINE_OBJ) $(GROUPDB_OBJ) $(KRBCLIENT_OBJ) \
+            $(LIBADS_OBJ) $(SECRETS_OBJ) $(POPT_LIB_OBJ)
+
+PAM_WINBIND_OBJ = nsswitch/pam_winbind.po nsswitch/wb_common.po lib/snprintf.po
+
+#SMBW_OBJ1 = smbwrapper/smbw.o \
+#              smbwrapper/smbw_dir.o smbwrapper/smbw_stat.o \
+#              smbwrapper/realcalls.o smbwrapper/shared.o \
+#              smbwrapper/smbw_cache.o
+
+SMBW_OBJ = $(SMBW_OBJ1) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) \
+                $(LIB_OBJ)
+
+SMBWRAPPER_OBJ1 = smbwrapper/wrapped.o
+
+SMBWRAPPER_OBJ = $(SMBW_OBJ) $(SMBWRAPPER_OBJ1)
+
+LIBSMBCLIENT_OBJ = libcli/libcliclient.o libcli/libcli_compat.o \
+                  libcli/libcli_cache.o $(LIB_OBJ) \
+                  $(LIBSMB_OBJ) $(PARAM_OBJ)
+
+# This shared library is intended for linking with unit test programs
+# to test Samba internals.  It's called libbigballofmud.so to
+# discourage casual usage.
+
+LIBBIGBALLOFMUD_MAJOR = 0
+
+LIBBIGBALLOFMUD_OBJ = $(LIB_OBJ) $(PARAM_OBJ) $(SECRETS_OBJ) \
+       $(LIBSMB_OBJ) $(LIBMSRPC_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_OBJ) \
+       $(GROUPDB_OBJ) $(KRBCLIENT_OBJ)
+
+LIBBIGBALLOFMUD_PICOBJS = $(LIBBIGBALLOFMUD_OBJ:.o=.po)
+
+CLIENT_OBJ1 = client/client.o client/clitar.o libcli/raw/clirewrite.o
+
+CLIENT_OBJ = $(CLIENT_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) \
+            $(LIB_OBJ) \
+             $(READLINE_OBJ) $(POPT_LIB_OBJ) 
+
+NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_ads_cldap.o utils/net_help.o \
+          utils/net_rap.o utils/net_rpc.o utils/net_rpc_samsync.o \
+          utils/net_rpc_join.o utils/net_time.o utils/net_lookup.o \
+          utils/net_cache.o
+
+NET_OBJ = $(NET_OBJ1) $(SECRETS_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+         $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
+         $(PARAM_OBJ) $(LIB_OBJ) \
+         $(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) \
+         $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) $(POPT_LIB_OBJ)
+
+CUPS_OBJ = client/smbspool.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
+         $(LIB_OBJ) $(KRBCLIENT_OBJ)
+
+MOUNT_OBJ = client/smbmount.o \
+             $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(LIB_OBJ) 
+
+MNT_OBJ = client/smbmnt.o              
+
+UMOUNT_OBJ = client/smbumount.o
+
+NMBLOOKUP_OBJ = utils/nmblookup.o $(PARAM_OBJ) $(LIBNMB_OBJ) \
+               $(LIB_OBJ)
+
+
+SMBTORTURE_RAW_OBJ = torture/raw/qfsinfo.o torture/raw/qfileinfo.o torture/raw/setfileinfo.o \
+               torture/raw/search.o torture/raw/close.o torture/raw/open.o torture/raw/mkdir.o \
+               torture/raw/oplock.o torture/raw/notify.o torture/raw/mux.o torture/raw/ioctl.o \
+               torture/raw/chkpath.o torture/raw/unlink.o torture/raw/read.o torture/raw/context.o \
+               torture/raw/write.o torture/raw/lock.o torture/raw/rename.o torture/raw/seek.o 
+
+SMBTORTURE_OBJ1 = torture/torture.o torture/torture_util.o torture/nbio.o torture/scanner.o \
+               torture/utable.o torture/denytest.o torture/mangle_test.o \
+               torture/aliases.o libcli/raw/clirewrite.o $(SMBTORTURE_RAW_OBJ)
+
+SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) \
+       $(LIBSMB_OBJ) $(LIBDFS_OBJ) $(PARAM_OBJ) $(LIB_OBJ)
+
+
+MASKTEST_OBJ = torture/masktest.o $(LIBSMB_OBJ) $(PARAM_OBJ) \
+                 $(LIB_OBJ) libcli/raw/clirewrite.o
+
+MSGTEST_OBJ = torture/msgtest.o $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) \
+                 $(LIB_OBJ)
+
+LOCKTEST_OBJ = torture/locktest.o $(LOCKING_OBJ) $(LIBSMB_OBJ) $(PARAM_OBJ) \
+                 $(LIB_OBJ) libcli/raw/clirewrite.o
+
+GENTEST_OBJ = torture/gentest.o torture/torture_util.o $(LOCKING_OBJ) $(LIBSMB_OBJ) $(PARAM_OBJ) \
+                 $(LIB_OBJ) libcli/raw/clirewrite.o
+
+NSSTEST_OBJ = torture/nsstest.o $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) $(PARAM_OBJ) \
+                 $(LIB_OBJ)
+
+VFSTEST_OBJ = torture/cmd_vfs.o torture/vfstest.o $(READLINE_OBJ)
+
+VFS_AUDIT_OBJ = modules/vfs_audit.o
+VFS_EXTD_AUDIT_OBJ = modules/vfs_extd_audit.o
+VFS_RECYCLE_OBJ = modules/vfs_recycle.o
+VFS_NETATALK_OBJ = modules/vfs_netatalk.o
+VFS_FAKE_PERMS_OBJ = modules/vfs_fake_perms.o
+
+LOCKTEST2_OBJ = torture/locktest2.o $(LOCKING_OBJ) $(LIBSMB_OBJ) \
+               $(KRBCLIENT_OBJ) $(PARAM_OBJ) \
+                 $(LIB_OBJ)
+
+SMBCACLS_OBJ = utils/smbcacls.o $(LOCKING_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \
+               $(PARAM_OBJ) \
+                 $(LIB_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_GET_SET_OBJ) \
+                $(LIBMSRPC_OBJ) $(SECRETS_OBJ)
+
+TALLOCTORT_OBJ = lib/talloctort.o  $(LIB_OBJ) $(PARAM_OBJ)
+
+RPCTORTURE_OBJ = torture/rpctorture.o \
+             rpcclient/display.o \
+             rpcclient/cmd_lsarpc.o \
+             rpcclient/cmd_wkssvc.o \
+             rpcclient/cmd_samr.o \
+             rpcclient/cmd_srvsvc.o \
+             rpcclient/cmd_netlogon.o \
+             $(PARAM_OBJ) $(LIBSMB_OBJ) $(LIB_OBJ) $(KRBCLIENT_OBJ) \
+             $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) $(PASSDB_GET_SET_OBJ)
+
+DEBUG2HTML_OBJ = utils/debug2html.o ubiqx/debugparse.o
+
+SMBFILTER_OBJ = utils/smbfilter.o $(LIBSMB_OBJ) $(PARAM_OBJ) \
+                 $(LIB_OBJ) $(KRBCLIENT_OBJ) 
+
+PROTO_OBJ = $(SMBD_OBJ_SRV) \
+           $(SMBD_OBJ_MAIN) $(PROCESS_MODEL_OBJ) \
+           $(NMBD_OBJ1) $(SWAT_OBJ1) $(LIBSMB_OBJ) \
+           $(LIBRAW_OBJ) $(LIBDFS_OBJ) $(LIBCLIUTIL) $(LIBNTLMSSP_OBJ) \
+           $(SMBW_OBJ1) $(SMBWRAPPER_OBJ1) $(SMBTORTURE_OBJ1) $(RPCCLIENT_OBJ1) \
+           $(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) $(RPC_CLIENT_OBJ) \
+           $(RPC_PIPE_OBJ) $(RPC_PARSE_OBJ) $(KRBCLIENT_OBJ) \
+           $(AUTH_OBJ) $(PARAM_OBJ) $(LOCKING_OBJ) $(SECRETS_OBJ) \
+           $(PRINTING_OBJ) $(PRINTBACKEND_OBJ) $(OPLOCK_OBJ) $(NOTIFY_OBJ) \
+           $(QUOTAOBJS) $(PASSDB_OBJ) $(GROUPDB_OBJ) $(MSDFS_OBJ) \
+           $(READLINE_OBJ) $(PROFILE_OBJ) $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) \
+           $(LIB_SMBD_OBJ) $(SAM_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \
+           $(RPC_LSA_OBJ) $(RPC_NETLOG_OBJ) $(RPC_SAMR_OBJ) $(RPC_REG_OBJ) \
+           $(RPC_SVC_OBJ) $(RPC_WKS_OBJ) $(RPC_DFS_OBJ) $(RPC_SPOOLSS_OBJ)
+
+NSS_OBJ_0 = nsswitch/wins.o $(PARAM_OBJ) $(LIBSMB_OBJ) \
+           $(LIB_OBJ) $(NSSWINS_OBJ)
+
+NSS_OBJ = $(NSS_OBJ_0:.o=.po)
+
+PICOBJS = $(SMBWRAPPER_OBJ:.o=.po)
+PICOBJS32 = $(SMBWRAPPER_OBJ:.o=.po32)
+LIBSMBCLIENT_PICOBJS = $(LIBSMBCLIENT_OBJ:.o=.po)
+
+PAM_SMBPASS_OBJ_0 = pam_smbpass/pam_smb_auth.o pam_smbpass/pam_smb_passwd.o \
+               pam_smbpass/pam_smb_acct.o pam_smbpass/support.o \
+               libcli/smbencrypt.o libcli/smbdes.o libcli/nterr.o \
+               $(PARAM_OBJ) $(LIB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
+               $(SECRETS_OBJ)
+
+PAM_SMBPASS_PICOOBJ = $(PAM_SMBPASS_OBJ_0:.o=.po)
+
+WINBINDD_OBJ1 = \
+               nsswitch/winbindd.o       \
+               nsswitch/winbindd_user.o  \
+               nsswitch/winbindd_group.o \
+               nsswitch/winbindd_idmap.o \
+               nsswitch/winbindd_idmap_tdb.o \
+               nsswitch/winbindd_util.o  \
+               nsswitch/winbindd_cache.o \
+               nsswitch/winbindd_pam.o   \
+               nsswitch/winbindd_sid.o   \
+               nsswitch/winbindd_misc.o  \
+               nsswitch/winbindd_cm.o \
+               nsswitch/winbindd_wins.o \
+               nsswitch/winbindd_rpc.o \
+               nsswitch/winbindd_ads.o \
+               nsswitch/winbindd_dual.o
+
+WINBINDD_OBJ = \
+               $(WINBINDD_OBJ1) $(PASSDB_GET_SET_OBJ) \
+               $(PARAM_OBJ) $(LIB_OBJ) \
+               $(LIBSMB_OBJ) $(LIBMSRPC_OBJ) $(RPC_PARSE_OBJ) \
+               $(PROFILE_OBJ) $(UNIGRP_OBJ) \
+               $(SECRETS_OBJ) $(LIBADS_OBJ) $(KRBCLIENT_OBJ)
+
+WBINFO_OBJ = nsswitch/wbinfo.o libcli/smbencrypt.o libcli/smbdes.o $(POPT_LIB_OBJ)
+
+WINBIND_NSS_OBJ = nsswitch/winbind_nss.o nsswitch/wb_common.o @WINBIND_NSS_EXTRA_OBJS@
+
+WINBIND_NSS_PICOBJS = $(WINBIND_NSS_OBJ:.o=.po)
+
+POPT_OBJS=popt/findme.o popt/popt.o popt/poptconfig.o \
+          popt/popthelp.o popt/poptparse.o
+
+TDBBACKUP_OBJ = tdb/tdbbackup.o $(TDBBASE_OBJ)
+
+NTLM_AUTH_OBJ = utils/ntlm_auth.o $(LIBNTLMSSP_OBJ) $(LIBSAMBA_OBJ) $(POPT_LIB_OBJ)
+
+######################################################################
+# now the rules...
+######################################################################
+all: bin/smbd bin/smbclient bin/smbtorture bin/locktest bin/masktest bin/gentest
+
+#SHOWFLAGS proto_exists $(SBIN_PROGS) $(BIN_PROGS) $(SHLIBS) \
+#      $(TORTURE_PROGS) $(RPC_MODULES) @EXTRA_ALL_TARGETS@
+
+pam_smbpass : SHOWFLAGS bin/pam_smbpass.@SHLIBEXT@
+
+smbwrapper : SHOWFLAGS @SMBWRAPPER@
+
+torture : SHOWFLAGS $(TORTURE_PROGS)
+
+smbtorture : SHOWFLAGS bin/smbtorture@EXEEXT@
+
+gentest: SHOWFLAGS bin/gentest@EXEEXT@
+
+masktest : SHOWFLAGS bin/masktest@EXEEXT@
+
+msgtest : SHOWFLAGS bin/msgtest@EXEEXT@
+
+locktest : SHOWFLAGS bin/locktest@EXEEXT@
+
+smbcacls : SHOWFLAGS bin/smbcacls@EXEEXT@
+
+locktest2 : SHOWFLAGS bin/locktest2@EXEEXT@
+
+rpctorture : SHOWFLAGS bin/rpctorture@EXEEXT@
+
+debug2html : SHOWFLAGS bin/debug2html@EXEEXT@
+
+smbfilter : SHOWFLAGS bin/smbfilter@EXEEXT@
+
+talloctort : SHOWFLAGS bin/talloctort@EXEEXT@
+
+nsswitch : SHOWFLAGS bin/winbindd@EXEEXT@ bin/wbinfo@EXEEXT@ nsswitch/libnss_winbind.@SHLIBEXT@ nsswitch/pam_winbind.@SHLIBEXT@
+
+wins : SHOWFLAGS nsswitch/libnss_wins.@SHLIBEXT@
+
+modules: SHOWFLAGS proto_exists $(VFS_MODULES) $(PDB_MODULES) $(MODULES)
+
+everything: all libsmbclient debug2html smbfilter talloctort
+
+.SUFFIXES:
+.SUFFIXES: .c .o .po .po32 .lo
+
+SHOWFLAGS:
+       @echo "Using FLAGS = $(FLAGS)"
+       @echo "      FLAGS32 = $(FLAGS32)"
+       @echo "      LIBS = $(LIBS)"
+       @echo "      LDSHFLAGS = $(LDSHFLAGS)"
+       @echo "      LDFLAGS = $(LDFLAGS)"
+
+MAKEDIR = || exec false; \
+         if test -d "$$dir"; then :; else \
+         echo mkdir "$$dir"; \
+         mkdir -p "$$dir" >/dev/null 2>&1 || \
+         test -d "$$dir" || \
+         mkdir "$$dir" || \
+         exec false; fi || exec false
+
+.c.o:
+       @if (: >> $@ || : > $@) >/dev/null 2>&1; then rm -f $@; else \
+        dir=`echo $@ | sed 's,/[^/]*$$,,;s,^$$,.,'` $(MAKEDIR); fi
+       @echo Compiling $*.c
+       @$(CC) -I. -I$(srcdir) $(FLAGS) -c $< \
+         -o $@ 
+@BROKEN_CC@    -mv `echo $@ | sed 's%^.*/%%g'` $@
+
+# 'make pch' is extremely useful for fast compiles if you have gcc-3.4
+pch:
+       $(CC) -I. -I$(srcdir) $(FLAGS) -c $(srcdir)/include/includes.h -o $(srcdir)/include/includes.h.gch
+
+
+# These dependencies are only approximately correct: we want to make
+# sure Samba's paths are updated if ./configure is re-run.  Really it
+# would be nice if "make prefix=/opt/samba all" also rebuilt things,
+# but since we also require "make install prefix=/opt/samba" *not* to
+# rebuild it's a bit hard.
+
+dynconfig.o: dynconfig.c Makefile
+       @echo Compiling $*.c
+       @$(CC) $(FLAGS) $(PATH_FLAGS) -c $< -o $@ 
+
+dynconfig.po: dynconfig.c Makefile
+       @if (: >> $@ || : > $@) >/dev/null 2>&1; then rm -f $@; else \
+         dir=`echo $@ | sed 's,/[^/]*$$,,;s,^$$,.,'` $(MAKEDIR); fi
+       @echo Compiling $*.c with @PICFLAG@
+       @$(CC) -I. -I$(srcdir) $(FLAGS) $(PATH_FLAGS) @PICFLAG@ -c $< -o $*.@PICSUFFIX@
+@BROKEN_CC@    -mv `echo $@ | sed -e 's%^.*/%%g' -e 's%\.po$$%.o%'` $@
+@POBAD_CC@     @mv $*.po.o $@
+
+.c.po: 
+       @if (: >> $@ || : > $@) >/dev/null 2>&1; then rm -f $@; else \
+         dir=`echo $@ | sed 's,/[^/]*$$,,;s,^$$,.,'` $(MAKEDIR); fi
+       @echo Compiling $*.c with @PICFLAG@
+       @$(CC) -I. -I$(srcdir) $(FLAGS) @PICFLAG@ -c $< -o $*.@PICSUFFIX@
+@BROKEN_CC@    -mv `echo $@ | sed -e 's%^.*/%%g' -e 's%\.po$$%.o%'` $@
+@POBAD_CC@     @mv $*.po.o $@
+
+# this is for IRIX
+.c.po32: 
+       @if (: >> $@ || : > $@) >/dev/null 2>&1; then rm -f $@; else \
+         dir=`echo $@ | sed 's,/[^/]*$$,,;s,^$$,.,'` $(MAKEDIR); fi
+       @echo Compiling $*.c with @PICFLAG@ and -32
+       @$(CC) -32 -I. -I$(srcdir) $(FLAGS32) $(PATH_FLAGS) @PICFLAG@ -c $< \
+         -o $*.po32.o 
+@BROKEN_CC@    -mv `echo $@ | sed -e 's%^.*/%%g' -e 's%\.po32$$%.o%'` $@.o
+       @mv $*.po32.o $@
+
+bin/.dummy:
+       @if (: >> $@ || : > $@) >/dev/null 2>&1; then :; else \
+         dir=bin $(MAKEDIR); fi
+       @: >> $@ || : > $@ # what a fancy emoticon!
+
+bin/smbd@EXEEXT@: $(SMBD_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \
+         $(AUTHLIBS) $(ACLLIBS) $(LIBS) $(PTHREAD_LIB) @SMBD_EXTRA_LIBS@ $(STFS_LIBS) @BUILD_POPT@
+
+bin/nmbd@EXEEXT@: $(NMBD_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@
+
+bin/wrepld@EXEEXT@: $(WREPL_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(WREPL_OBJ) $(LDFLAGS) $(LIBS) 
+
+bin/swat@EXEEXT@: $(SWAT_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SWAT_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINTLIBS) \
+         $(AUTHLIBS) $(LIBS) 
+
+bin/rpcclient@EXEEXT@: $(RPCCLIENT_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(RPCCLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @BUILD_POPT@
+
+bin/smbclient@EXEEXT@: $(CLIENT_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(CLIENT_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @BUILD_POPT@
+
+bin/net@EXEEXT@: $(NET_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @BUILD_POPT@
+
+bin/profiles@EXEEXT@: utils/profiles.o bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ utils/profiles.o $(LDFLAGS) $(LIBS)
+
+bin/editreg@EXEEXT@: utils/editreg.o bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ utils/editreg.o $(LDFLAGS) $(LIBS)
+
+bin/smbspool@EXEEXT@: $(CUPS_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(CUPS_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/smbmount@EXEEXT@: $(MOUNT_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(MOUNT_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/smbmnt@EXEEXT@: $(MNT_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(MNT_OBJ) $(LDFLAGS) 
+
+bin/smbumount@EXEEXT@: $(UMOUNT_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(UMOUNT_OBJ) $(LDFLAGS)
+
+bin/testparm@EXEEXT@: $(TESTPARM_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(TESTPARM_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@
+
+bin/testprns@EXEEXT@: $(TESTPRNS_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(TESTPRNS_OBJ) $(LDFLAGS) $(PRINTLIBS) $(LIBS)
+
+bin/smbstatus@EXEEXT@: $(STATUS_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(STATUS_OBJ) $(LDFLAGS) $(LIBS) @BUILD_POPT@
+
+bin/smbcontrol@EXEEXT@: $(SMBCONTROL_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) -DUSING_SMBCONTROL $(FLAGS) -o $@ $(SMBCONTROL_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/smbtree@EXEEXT@: $(SMBTREE_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SMBTREE_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/smbpasswd@EXEEXT@: $(SMBPASSWD_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS)
+
+bin/pdbedit@EXEEXT@: $(PDBEDIT_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @BUILD_POPT@
+
+bin/samtest@EXEEXT@: $(SAMTEST_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SAMTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @BUILD_POPT@
+
+bin/smbgroupedit@EXEEXT@: $(SMBGROUPEDIT_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SMBGROUPEDIT_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/nmblookup@EXEEXT@: $(NMBLOOKUP_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(NMBLOOKUP_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/smbtorture@EXEEXT@: $(SMBTORTURE_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/gentest@EXEEXT@: $(GENTEST_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(GENTEST_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/talloctort@EXEEXT@: $(TALLOCTORT_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(TALLOCTORT_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/masktest@EXEEXT@: $(MASKTEST_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(MASKTEST_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/msgtest@EXEEXT@: $(MSGTEST_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(MSGTEST_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/smbcacls@EXEEXT@: $(SMBCACLS_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS)
+
+bin/locktest@EXEEXT@: $(LOCKTEST_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(LOCKTEST_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/nsstest@EXEEXT@: $(NSSTEST_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(NSSTEST_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/vfstest@EXEEXT@: $(VFSTEST_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINTLIBS) $(AUTHLIBS) $(ACLLIBS) $(LIBS) @BUILD_POPT@
+
+bin/locktest2@EXEEXT@: $(LOCKTEST2_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/rpctorture@EXEEXT@: $(RPCTORTURE_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(RPCTORTURE_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS)
+
+bin/debug2html@EXEEXT@: $(DEBUG2HTML_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(DEBUG2HTML_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/smbfilter@EXEEXT@: $(SMBFILTER_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SMBFILTER_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/smbw_sample@EXEEXT@: $(SMBW_OBJ) utils/smbw_sample.o bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SMBW_OBJ) utils/smbw_sample.o $(LDFLAGS) $(LIBS)
+
+bin/smbsh@EXEEXT@: $(SMBSH_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(SMBSH_OBJ) $(LDFLAGS) $(LIBS)
+
+bin/smbwrapper.@SHLIBEXT@: $(PICOBJS) bin/.dummy
+       @echo Linking shared library $@
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(PICOBJS) $(LIBS) \
+               @SONAMEFLAG@`basename $@`
+
+bin/smbwrapper.32.@SHLIBEXT@: $(PICOBJS32)
+       @echo Linking shared library $@
+       @$(SHLD) -32 $(LDSHFLAGS) -o $@ $(PICOBJS32) $(LIBS) \
+               @SONAMEFLAG@`basename $@`
+
+bin/libsmbclient.@SHLIBEXT@: $(LIBSMBCLIENT_PICOBJS)
+       @echo Linking libsmbclient shared library $@
+       $(SHLD) $(LDSHFLAGS) -o $@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(LIBS) \
+               @SONAMEFLAG@`basename $@`.$(LIBSMBCLIENT_MAJOR)
+
+bin/libsmbclient.a: $(LIBSMBCLIENT_PICOBJS)
+       @echo Linking libsmbclient non-shared library $@
+       -$(AR) -rc $@ $(LIBSMBCLIENT_PICOBJS) 
+
+bin/libbigballofmud.@SHLIBEXT@: $(LIBBIGBALLOFMUD_PICOBJS)
+       @echo Linking bigballofmud shared library $@
+       $(SHLD) $(LDSHFLAGS) -o $@ $(LIBBIGBALLOFMUD_PICOBJS) $(LIBS) \
+               @SONAMEFLAG@`basename $@`.$(LIBBIGBALLOFMUD_MAJOR)
+
+libsmbclient: bin/libsmbclient.a @LIBSMBCLIENT_SHARED@
+
+bin/librpc_lsarpc.@SHLIBEXT@: $(RPC_LSA_OBJ)
+       @echo "Linking $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_LSA_OBJ) -lc \
+               @SONAMEFLAG@`basename $@`
+
+bin/librpc_samr.@SHLIBEXT@: $(RPC_SAMR_OBJ)
+       @echo "Linking $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_SAMR_OBJ) -lc \
+               @SONAMEFLAG@`basename $@`
+
+bin/librpc_srvsvc.@SHLIBEXT@: $(RPC_SVC_OBJ)
+       @echo "Linking $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_SVC_OBJ) -lc \
+               @SONAMEFLAG@`basename $@`
+
+bin/librpc_wkssvc.@SHLIBEXT@: $(RPC_WKS_OBJ)
+       @echo "Linking $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_WKS_OBJ) -lc \
+               @SONAMEFLAG@`basename $@`
+
+bin/librpc_NETLOGON.@SHLIBEXT@: $(RPC_NETLOG_OBJ)
+       @echo "Linking $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_NETLOG_OBJ) -lc \
+               @SONAMEFLAG@`basename $@`
+
+bin/librpc_winreg.@SHLIBEXT@: $(RPC_REG_OBJ)
+       @echo "Linking $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_REG_OBJ) -lc \
+               @SONAMEFLAG@`basename $@`
+
+bin/librpc_spoolss.@SHLIBEXT@: $(RPC_SPOOLSS_OBJ)
+       @echo "Linking $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_SPOOLSS_OBJ) -lc \
+               @SONAMEFLAG@`basename $@`
+
+bin/librpc_netdfs.@SHLIBEXT@: $(RPC_DFS_OBJ)
+       @echo "Linking $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(RPC_DFS_OBJ) -lc \
+               @SONAMEFLAG@`basename $@`
+
+nsswitch/libnss_wins.@SHLIBEXT@: $(NSS_OBJ)
+       @echo "Linking $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(NSS_OBJ) -lc \
+               @SONAMEFLAG@`basename $@`
+
+bin/winbindd@EXEEXT@: $(WINBINDD_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(LINK) -o $@ $(WINBINDD_OBJ) $(DYNEXP) $(LIBS)
+
+nsswitch/libns_winbind.@SHLIBEXT@: $(WINBIND_NSS_PICOBJS)
+       @echo "Linking $@"
+       @$(SHLD) @LDSHFLAGS@ -o $@ $(WINBIND_NSS_PICOBJS) @WINBIND_NSS_EXTRA_LIBS@ \
+               @SONAMEFLAG@`basename $@`
+
+nsswitch/libnss_winbind.@SHLIBEXT@: $(WINBIND_NSS_PICOBJS)
+       @echo "Linking $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(WINBIND_NSS_PICOBJS) @WINBIND_NSS_EXTRA_LIBS@ \
+               @SONAMEFLAG@`basename $@`
+
+nsswitch/pam_winbind.@SHLIBEXT@: $(PAM_WINBIND_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(PAM_WINBIND_OBJ) \
+               @SONAMEFLAG@`basename $@` -lpam
+
+bin/mysql.@SHLIBEXT@: $(MYSQL_OBJ)
+       @echo "Building plugin $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(MYSQL_OBJ) @MYSQL_LIBS@ \
+               @SONAMEFLAG@`basename $@`
+
+bin/developer.@SHLIBEXT@: $(DEVEL_HELP_OBJ)
+       @echo "Building plugin $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(DEVEL_HELP_OBJ) \
+               @SONAMEFLAG@`basename $@`
+
+bin/xml.@SHLIBEXT@: $(XML_OBJ)
+       @echo "Building plugin $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(XML_OBJ) @XML_LIBS@ \
+               @SONAMEFLAG@`basename $@`
+
+bin/vfs_audit.@SHLIBEXT@: $(VFS_AUDIT_OBJ)
+       @echo "Building plugin $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_AUDIT_OBJ) \
+               @SONAMEFLAG@`basename $@`
+
+bin/vfs_extd_audit.@SHLIBEXT@: $(VFS_EXTD_AUDIT_OBJ)
+       @echo "Building plugin $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_AUDIT_OBJ) \
+               @SONAMEFLAG@`basename $@`
+
+bin/vfs_recycle.@SHLIBEXT@: $(VFS_RECYCLE_OBJ)
+       @echo "Building plugin $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_RECYCLE_OBJ) \
+               @SONAMEFLAG@`basename $@`
+
+bin/vfs_netatalk.@SHLIBEXT@: $(VFS_NETATALK_OBJ)
+       @echo "Building plugin $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_NETATALK_OBJ) \
+               @SONAMEFLAG@`basename $@`
+
+bin/vfs_fake_perms.@SHLIBEXT@: $(VFS_FAKE_PERMS_OBJ)
+       @echo "Building plugin $@"
+       @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_FAKE_PERMS_OBJ) \
+               @SONAMEFLAG@`basename $@`
+
+bin/wbinfo@EXEEXT@: $(WBINFO_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \
+               $(SECRETS_OBJ) @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(LINK) -o $@ $(WBINFO_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \
+               $(SECRETS_OBJ) $(LIBS) @BUILD_POPT@
+
+bin/ntlm_auth@EXEEXT@: $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \
+               @BUILD_POPT@ bin/.dummy
+       @echo Linking $@
+       @$(LINK) -o $@ $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_OBJ) \
+               $(LIBS) @BUILD_POPT@
+
+bin/pam_smbpass.@SHLIBEXT@: $(PAM_SMBPASS_PICOOBJ)
+       @echo "Linking shared library $@"
+       $(SHLD) $(LDSHFLAGS) -o $@ $(PAM_SMBPASS_PICOOBJ) -lpam $(DYNEXP) $(LIBS) -lc
+
+bin/libmsrpc.a: $(LIBMSRPC_PICOBJ)
+       -$(AR) -rc $@ $(LIBMSRPC_PICOBJ) 
+
+bin/tdbbackup@EXEEXT@: $(TDBBACKUP_OBJ) bin/.dummy
+       @echo Linking $@
+       @$(CC) $(FLAGS) -o $@ $(TDBBACKUP_OBJ)
+
+install: installbin installman installscripts installdat installswat 
+
+# DESTDIR is used here to prevent packagers wasting their time
+# duplicating the Makefile. Remove it and you will have the privelege
+# of package each samba release for muliple versions of multiple
+# distributions and operating systems, or at least supplying patches
+# to all the packaging files required for this, prior to committing
+# the removal of DESTDIR. Do not remove it even though you think it
+# is not used
+
+installdirs:
+       @$(SHELL) $(srcdir)/script/installdirs.sh $(DESTDIR)$(BASEDIR) $(DESTDIR)$(BINDIR) $(DESTDIR)$(SBINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(DESTDIR)$(PRIVATEDIR) $(DESTDIR)$(VFSLIBDIR) $(DESTDIR)$(PDBLIBDIR) $(DESTDIR)$(PIDDIR) $(DESTDIR)$(LOCKDIR)
+
+installservers: all installdirs
+       @$(SHELL) $(srcdir)/script/installbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(SBINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(SBIN_PROGS)
+
+installbin: all installdirs
+       @$(SHELL) $(srcdir)/script/installbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(SBINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(SBIN_PROGS)
+       @$(SHELL) $(srcdir)/script/installbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(BINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(BIN_PROGS)
+
+       @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(RPC_MODULES)
+
+installmodules: all installdirs
+       @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(VFSLIBDIR) $(VFS_MODULES)
+       @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(PDBLIBDIR) $(PDB_MODULES)
+
+installscripts: installdirs
+       @$(SHELL) $(srcdir)/script/installscripts.sh $(INSTALLPERMS) $(DESTDIR)$(BINDIR) $(SCRIPTS)
+
+installdat: installdirs
+       @$(SHELL) $(srcdir)/script/installdat.sh $(DESTDIR)$(LIBDIR) $(srcdir)
+
+installswat: installdirs
+       @$(SHELL) $(srcdir)/script/installswat.sh $(DESTDIR)$(SWATDIR) $(srcdir)
+
+installclientlib:
+       -$(INSTALLCLIENTCMD_SH) bin/libsmbclient.@SHLIBEXT@ $(DESTDIR)${prefix}/lib
+       -$(INSTALLCLIENTCMD_A) bin/libsmbclient.a $(DESTDIR)${prefix}/lib
+       -$(INSTALLCMD) -d $(DESTDIR)${prefix}/include
+       -$(INSTALLCMD) include/libsmbclient.h $(DESTDIR)${prefix}/include
+
+# Python extensions
+
+PYTHON_OBJS = $(LIB_OBJ) $(LIBSMB_OBJ) $(RPC_PARSE_OBJ) \
+       $(PARAM_OBJ) $(LIBMSRPC_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
+       $(SECRETS_OBJ) $(KRBCLIENT_OBJ)
+
+python_ext: $(PYTHON_OBJS)
+       @if test -z "$(PYTHON)"; then \
+               echo Use the option --with-python to configure python; \
+               exit 1; fi
+       PYTHON_OBJS="$(PYTHON_OBJS)" PYTHON_CFLAGS="$(CFLAGS) $(CPPFLAGS) $(FLAGS)" \
+       LIBS="$(LIBS)" \
+               $(PYTHON) python/setup.py build
+
+python_install: $(PYTHON_OBJS)
+       @if test -z "$(PYTHON)"; then \
+               echo Use the option --with-python to configure python; \
+               exit 1; fi
+       PYTHON_OBJS="$(PYTHON_OBJS)" PYTHON_CFLAGS="$(CFLAGS) $(CPPFLAGS)" \
+       LIBS="$(LIBS)" \
+               $(PYTHON) python/setup.py install
+
+python_clean:
+       @-if test -n "$(PYTHON)"; then $(PYTHON) python/setup.py clean; fi
+
+# revert to the previously installed version
+revert:
+       @$(SHELL) $(srcdir)/script/revert.sh $(SBINDIR) $(SBIN_PROGS) 
+       @$(SHELL) $(srcdir)/script/revert.sh $(BINDIR) $(BIN_PROGS) $(SCRIPTS)
+
+installman:
+       @$(SHELL) $(srcdir)/script/installman.sh $(DESTDIR)$(MANDIR) $(srcdir) $(man_langs) "@ROFF@"
+
+.PHONY: showlayout
+
+showlayout: 
+       @echo "Samba will be installed into:"
+       @echo "  basedir: $(BASEDIR)"
+       @echo "  bindir:  $(BINDIR)"
+       @echo "  sbindir: $(SBINDIR)"
+       @echo "  libdir:  $(LIBDIR)"
+       @echo "  vardir:  $(VARDIR)"
+       @echo "  mandir:  $(MANDIR)"
+
+
+uninstall: uninstallman uninstallbin uninstallscripts
+
+uninstallman:
+       @$(SHELL) $(srcdir)/script/uninstallman.sh $(DESTDIR)$(MANDIR) $(srcdir) $(man_langs)
+
+uninstallbin:
+       @$(SHELL) $(srcdir)/script/uninstallbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(SBINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(DESTDIR)$(SBIN_PROGS)
+       @$(SHELL) $(srcdir)/script/uninstallbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(BINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(DESTDIR)$(BIN_PROGS)
+       @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(DESTDIR)$(RPC_MODULES)
+
+uninstallmodules:
+       @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(VFSLIBDIR) $(DESTDIR)$(VFS_MODULES)
+       @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(PDBLIBDIR) $(DESTDIR)$(PDB_MODULES)
+       @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(MODULES)
+
+uninstallscripts:
+       @$(SHELL) $(srcdir)/script/uninstallscripts.sh $(INSTALLPERMS) $(DESTDIR)$(BINDIR) $(SCRIPTS)
+
+# Toplevel clean files
+TOPFILES=dynconfig.o dynconfig.po
+
+clean: delheaders python_clean
+       -rm -f core */*~ *~ */*.o */*/*.o */*/*.po */*/*.po32 */*.po */*.po32 */*.@SHLIBEXT@ \
+               $(TOPFILES) $(BIN_PROGS) $(SBIN_PROGS) $(MODULES) $(TORTURE_PROGS) .headers.stamp
+
+# Making this target will just make sure that the prototype files
+# exist, not necessarily that they are up to date.  Since they're
+# removed by "make clean" this will always be run when you do anything
+# afterwards.
+proto_exists: include/proto.h include/wrepld_proto.h include/build_env.h \
+               nsswitch/winbindd_proto.h web/swat_proto.h \
+@STFS_ENABLED@ ntvfs/tank/vfs_tank_proto.h \
+               client/client_proto.h utils/net_proto.h \
+               include/tdbsam2_parse_info.h
+
+delheaders:
+       @echo Removing prototype headers
+       @/bin/rm -f $(srcdir)/include/proto.h $(srcdir)/include/build_env.h 
+       @/bin/rm -f $(srcdir)/include/wrepld_proto.h $(srcdir)/nsswitch/winbindd_proto.h 
+       @/bin/rm -f $(srcdir)/web/swat_proto.h
+       @/bin/rm -f $(srcdir)/client/client_proto.h $(srcdir)/utils/net_proto.h
+       @/bin/rm -f $(srcdir)/include/tdbsam2_parse_info.h
+@STFS_ENABLED@ @/bin/rm -f $(srcdir)/ntvfs/tank/vfs_tank_proto.h
+
+include/proto.h:
+       @echo Building include/proto.h
+       @cd $(srcdir) && $(SHELL) script/mkproto.sh $(AWK) \
+         -h _PROTO_H_ $(builddir)/include/proto.h \
+         $(PROTO_OBJ)
+
+include/build_env.h:
+       @echo Building include/build_env.h
+       @cd $(srcdir) && $(SHELL) script/build_env.sh $(srcdir) $(builddir) $(CC) > $(builddir)/include/build_env.h
+
+include/wrepld_proto.h:
+       @echo Building include/wrepld_proto.h
+       @cd $(srcdir) && $(SHELL) script/mkproto.sh $(AWK) \
+         -h _WREPLD_PROTO_H_ $(builddir)/include/wrepld_proto.h \
+         $(WREPL_OBJ1)
+
+nsswitch/winbindd_proto.h: 
+       @cd $(srcdir) && $(SHELL) script/mkproto.sh $(AWK) \
+         -h _WINBINDD_PROTO_H_ nsswitch/winbindd_proto.h \
+         $(WINBINDD_OBJ1)
+
+ntvfs/tank/vfs_tank_proto.h: 
+       @cd $(srcdir) && $(SHELL) script/mkproto.sh $(AWK) \
+         -h _VFS_TANK_PROTO_H_ ntvfs/tank/vfs_tank_proto.h \
+         $(STFS_OBJS)
+
+web/swat_proto.h: 
+       @cd $(srcdir) && $(SHELL) script/mkproto.sh $(AWK) \
+         -h _SWAT_PROTO_H_ web/swat_proto.h \
+         $(SWAT_OBJ1)
+
+client/client_proto.h: 
+       @cd $(srcdir) && $(SHELL) script/mkproto.sh $(AWK) \
+         -h _CLIENT_PROTO_H_ client/client_proto.h \
+         $(CLIENT_OBJ1)
+
+utils/net_proto.h: 
+       @cd $(srcdir) && $(SHELL) script/mkproto.sh $(AWK) \
+         -h _CLIENT_PROTO_H_ utils/net_proto.h \
+         $(NET_OBJ1)
+
+include/tdbsam2_parse_info.h:
+       @cd $(srcdir) && @PERL@ -w script/genstruct.pl \
+       -o include/tdbsam2_parse_info.h $(CC) -E -g \
+       include/tdbsam2.h
+
+# "make headers" or "make proto" calls a subshell because we need to
+# make sure these commands are executed in sequence even for a
+# parallel make.
+headers: 
+       $(MAKE) delheaders; \
+       $(MAKE) include/proto.h; \
+       $(MAKE) include/build_env.h; \
+       $(MAKE) include/wrepld_proto.h; \
+       $(MAKE) nsswitch/winbindd_proto.h; \
+       $(MAKE) web/swat_proto.h; \
+       $(MAKE) client/client_proto.h; \
+       $(MAKE) utils/net_proto.h; \
+       $(MAKE) include/tdbsam2_parse_info.h; \
+@STFS_ENABLED@ $(MAKE) ntvfs/tank/vfs_tank_proto.h
+
+proto: headers 
+
+.PHONY: headers proto
+
+etags:
+       etags `find $(srcdir) -name "*.[ch]" | grep -v /CVS/`
+
+ctags:
+       ctags `find $(srcdir) -name "*.[ch]" | grep -v /CVS/`
+
+realclean: clean delheaders
+       -rm -f config.log $(BIN_PROGS) $(MODULES) $(SBIN_PROGS) bin/.dummy script/findsmb
+
+distclean: realclean
+       -rm -f include/stamp-h
+       -rm -f include/config.h Makefile
+       -rm -f config.status config.cache so_locations
+       -rm -rf .deps
+
+# this target is really just for my use. It only works on a limited
+# range of machines and is used to produce a list of potentially
+# dead (ie. unused) functions in the code. (tridge)
+finddead:
+       nm */*.o |grep 'U ' | awk '{print $$2}' | sort -u > nmused.txt
+       nm */*.o |grep 'T ' | awk '{print $$3}' | sort -u > nmfns.txt
+       comm -13 nmused.txt nmfns.txt 
+
+
+# when configure.in is updated, reconfigure
+$(srcdir)/configure: $(srcdir)/configure.in
+       @echo "WARNING: you need to rerun autoconf"
+
+config.status: $(srcdir)/configure
+       @echo "WARNING: you need to run configure"
+
+Makefile: $(srcdir)/Makefile.in config.status
+       @echo "WARNING: you need to run ./config.status"
+
+test_prefix=/tmp/test-samba
+# Run regression suite using the external "satyr" framework
+check:
+       @echo "** Sorry, samba self-test without installation does not work "
+       @echo "** yet.  Please try specifying a scratch directory to"
+       @echo "**       ./configure --prefix DIR"
+       @echo "** then run \"make install installcheck\""
+       exit 1
+
+#      -rm -rf $(test_prefix)/lib
+#      mkdir $(test_prefix)/lib -p ./testdir 
+#      PATH=$(builddir)/bin:$(PATH) \
+#      SATYR_SUITEDIR=../testsuite/build_farm/ prefix=$(test_prefix) \
+#      testdir=./testdir $(SHELL) satyr
+
+# Run regression suite on the installed version.
+
+# `installcheck'
+#      Perform installation tests (if any).  The user must build and
+#      install the program before running the tests.  You should not
+#      assume that `$(bindir)' is in the search path.
+
+dangerous-installcheck:
+       mkdir -p $(BASEDIR)/lib
+       mkdir -p $(BASEDIR)/var
+       PATH=$(BINDIR):$(SBINDIR):$(PATH) \
+       SATYR_DISCOURAGE=1 \
+       SATYR_SUITEDIR=../testsuite/satyr/ prefix=$(BASEDIR) \
+       LIBSMB_PROG=$(SBINDIR)/smbd \
+       testdir=./testdir $(SHELL) satyr
diff --git a/source/aclocal.m4 b/source/aclocal.m4
new file mode 100644 (file)
index 0000000..7bec88d
--- /dev/null
@@ -0,0 +1,643 @@
+dnl AC_VALIDATE_CACHE_SYSTEM_TYPE[(cmd)]
+dnl if the cache file is inconsistent with the current host,
+dnl target and build system types, execute CMD or print a default
+dnl error message.
+AC_DEFUN(AC_VALIDATE_CACHE_SYSTEM_TYPE, [
+    AC_REQUIRE([AC_CANONICAL_SYSTEM])
+    AC_MSG_CHECKING([config.cache system type])
+    if { test x"${ac_cv_host_system_type+set}" = x"set" &&
+         test x"$ac_cv_host_system_type" != x"$host"; } ||
+       { test x"${ac_cv_build_system_type+set}" = x"set" &&
+         test x"$ac_cv_build_system_type" != x"$build"; } ||
+       { test x"${ac_cv_target_system_type+set}" = x"set" &&
+         test x"$ac_cv_target_system_type" != x"$target"; }; then
+       AC_MSG_RESULT([different])
+       ifelse($#, 1, [$1],
+               [AC_MSG_ERROR(["you must remove config.cache and restart configure"])])
+    else
+       AC_MSG_RESULT([same])
+    fi
+    ac_cv_host_system_type="$host"
+    ac_cv_build_system_type="$build"
+    ac_cv_target_system_type="$target"
+])
+
+
+dnl test whether dirent has a d_off member
+AC_DEFUN(AC_DIRENT_D_OFF,
+[AC_CACHE_CHECK([for d_off in dirent], ac_cv_dirent_d_off,
+[AC_TRY_COMPILE([
+#include <unistd.h>
+#include <sys/types.h>
+#include <dirent.h>], [struct dirent d; d.d_off;],
+ac_cv_dirent_d_off=yes, ac_cv_dirent_d_off=no)])
+if test $ac_cv_dirent_d_off = yes; then
+  AC_DEFINE(HAVE_DIRENT_D_OFF,1,[Whether dirent has a d_off member])
+fi
+])
+
+
+dnl AC_PROG_CC_FLAG(flag)
+AC_DEFUN(AC_PROG_CC_FLAG,
+[AC_CACHE_CHECK(whether ${CC-cc} accepts -$1, ac_cv_prog_cc_$1,
+[echo 'void f(){}' > conftest.c
+if test -z "`${CC-cc} -$1 -c conftest.c 2>&1`"; then
+  ac_cv_prog_cc_$1=yes
+else
+  ac_cv_prog_cc_$1=no
+fi
+rm -f conftest*
+])])
+
+dnl see if a declaration exists for a function or variable
+dnl defines HAVE_function_DECL if it exists
+dnl AC_HAVE_DECL(var, includes)
+AC_DEFUN(AC_HAVE_DECL,
+[
+ AC_CACHE_CHECK([for $1 declaration],ac_cv_have_$1_decl,[
+    AC_TRY_COMPILE([$2],[int i = (int)$1],
+        ac_cv_have_$1_decl=yes,ac_cv_have_$1_decl=no)])
+ if test x"$ac_cv_have_$1_decl" = x"yes"; then
+    AC_DEFINE([HAVE_]translit([$1], [a-z], [A-Z])[_DECL],1,[Whether $1() is available])
+ fi
+])
+
+
+dnl check for a function in a library, but don't
+dnl keep adding the same library to the LIBS variable.
+dnl AC_LIBTESTFUNC(lib,func)
+AC_DEFUN(AC_LIBTESTFUNC,
+[case "$LIBS" in
+  *-l$1*) AC_CHECK_FUNCS($2) ;;
+  *) AC_CHECK_LIB($1, $2) 
+     AC_CHECK_FUNCS($2)
+  ;;
+  esac
+])
+
+dnl Define an AC_DEFINE with ifndef guard.
+dnl AC_N_DEFINE(VARIABLE [, VALUE])
+define(AC_N_DEFINE,
+[cat >> confdefs.h <<\EOF
+[#ifndef] $1
+[#define] $1 ifelse($#, 2, [$2], $#, 3, [$2], 1)
+[#endif]
+EOF
+])
+
+dnl Add an #include
+dnl AC_ADD_INCLUDE(VARIABLE)
+define(AC_ADD_INCLUDE,
+[cat >> confdefs.h <<\EOF
+[#include] $1
+EOF
+])
+
+dnl Copied from libtool.m4
+AC_DEFUN(AC_PROG_LD_GNU,
+[AC_CACHE_CHECK([if the linker ($LD) is GNU ld], ac_cv_prog_gnu_ld,
+[# I'd rather use --version here, but apparently some GNU ld's only accept -v.
+if $LD -v 2>&1 </dev/null | egrep '(GNU|with BFD)' 1>&5; then
+  ac_cv_prog_gnu_ld=yes
+else
+  ac_cv_prog_gnu_ld=no
+fi])
+])
+
+# Configure paths for LIBXML2
+# Toshio Kuratomi 2001-04-21
+# Adapted from:
+# Configure paths for GLIB
+# Owen Taylor     97-11-3
+
+dnl AM_PATH_XML2([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]])
+dnl Test for XML, and define XML_CFLAGS and XML_LIBS
+dnl
+AC_DEFUN(AM_PATH_XML2,[ 
+AC_ARG_WITH(xml-prefix,
+            [  --with-xml-prefix=PFX   Prefix where libxml is installed (optional)],
+            xml_config_prefix="$withval", xml_config_prefix="")
+AC_ARG_WITH(xml-exec-prefix,
+            [  --with-xml-exec-prefix=PFX Exec prefix where libxml is installed (optional)],
+            xml_config_exec_prefix="$withval", xml_config_exec_prefix="")
+AC_ARG_ENABLE(xmltest,
+              [  --disable-xmltest       Do not try to compile and run a test LIBXML program],,
+              enable_xmltest=yes)
+
+  if test x$xml_config_exec_prefix != x ; then
+     xml_config_args="$xml_config_args --exec-prefix=$xml_config_exec_prefix"
+     if test x${XML2_CONFIG+set} != xset ; then
+        XML2_CONFIG=$xml_config_exec_prefix/bin/xml2-config
+     fi
+  fi
+  if test x$xml_config_prefix != x ; then
+     xml_config_args="$xml_config_args --prefix=$xml_config_prefix"
+     if test x${XML2_CONFIG+set} != xset ; then
+        XML2_CONFIG=$xml_config_prefix/bin/xml2-config
+     fi
+  fi
+
+  AC_PATH_PROG(XML2_CONFIG, xml2-config, no)
+  min_xml_version=ifelse([$1], ,2.0.0,[$1])
+  AC_MSG_CHECKING(for libxml - version >= $min_xml_version)
+  no_xml=""
+  if test "$XML2_CONFIG" = "no" ; then
+    no_xml=yes
+  else
+    XML_CFLAGS=`$XML2_CONFIG $xml_config_args --cflags`
+    XML_LIBS=`$XML2_CONFIG $xml_config_args --libs`
+    xml_config_major_version=`$XML2_CONFIG $xml_config_args --version | \
+           sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'`
+    xml_config_minor_version=`$XML2_CONFIG $xml_config_args --version | \
+           sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'`
+    xml_config_micro_version=`$XML2_CONFIG $xml_config_args --version | \
+           sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'`
+    if test "x$enable_xmltest" = "xyes" ; then
+      ac_save_CFLAGS="$CFLAGS"
+      ac_save_LIBS="$LIBS"
+      CFLAGS="$CFLAGS $XML_CFLAGS"
+      LIBS="$XML_LIBS $LIBS"
+dnl
+dnl Now check if the installed libxml is sufficiently new.
+dnl (Also sanity checks the results of xml2-config to some extent)
+dnl
+      rm -f conf.xmltest
+      AC_TRY_RUN([
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <libxml/xmlversion.h>
+
+int 
+main()
+{
+  int xml_major_version, xml_minor_version, xml_micro_version;
+  int major, minor, micro;
+  char *tmp_version;
+
+  system("touch conf.xmltest");
+
+  /* Capture xml2-config output via autoconf/configure variables */
+  /* HP/UX 9 (%@#!) writes to sscanf strings */
+  tmp_version = (char *)strdup("$min_xml_version");
+  if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, &micro) != 3) {
+     printf("%s, bad version string from xml2-config\n", "$min_xml_version");
+     exit(1);
+   }
+   free(tmp_version);
+
+   /* Capture the version information from the header files */
+   tmp_version = (char *)strdup(LIBXML_DOTTED_VERSION);
+   if (sscanf(tmp_version, "%d.%d.%d", &xml_major_version, &xml_minor_version, &xml_micro_version) != 3) {
+     printf("%s, bad version string from libxml includes\n", "LIBXML_DOTTED_VERSION");
+     exit(1);
+   }
+   free(tmp_version);
+
+ /* Compare xml2-config output to the libxml headers */
+  if ((xml_major_version != $xml_config_major_version) ||
+      (xml_minor_version != $xml_config_minor_version) ||
+      (xml_micro_version != $xml_config_micro_version))
+    {
+      printf("*** libxml header files (version %d.%d.%d) do not match\n",
+         xml_major_version, xml_minor_version, xml_micro_version);
+      printf("*** xml2-config (version %d.%d.%d)\n",
+         $xml_config_major_version, $xml_config_minor_version, $xml_config_micro_version);
+      return 1;
+    } 
+/* Compare the headers to the library to make sure we match */
+  /* Less than ideal -- doesn't provide us with return value feedback, 
+   * only exits if there's a serious mismatch between header and library.
+   */
+    LIBXML_TEST_VERSION;
+
+    /* Test that the library is greater than our minimum version */
+    if ((xml_major_version > major) ||
+        ((xml_major_version == major) && (xml_minor_version > minor)) ||
+        ((xml_major_version == major) && (xml_minor_version == minor) &&
+        (xml_micro_version >= micro)))
+      {
+        return 0;
+       }
+     else
+      {
+        printf("\n*** An old version of libxml (%d.%d.%d) was found.\n",
+               xml_major_version, xml_minor_version, xml_micro_version);
+        printf("*** You need a version of libxml newer than %d.%d.%d. The latest version of\n",
+           major, minor, micro);
+        printf("*** libxml is always available from ftp://ftp.xmlsoft.org.\n");
+        printf("***\n");
+        printf("*** If you have already installed a sufficiently new version, this error\n");
+        printf("*** probably means that the wrong copy of the xml2-config shell script is\n");
+        printf("*** being found. The easiest way to fix this is to remove the old version\n");
+        printf("*** of LIBXML, but you can also set the XML2_CONFIG environment to point to the\n");
+        printf("*** correct copy of xml2-config. (In this case, you will have to\n");
+        printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n");
+        printf("*** so that the correct libraries are found at run-time))\n");
+    }
+  return 1;
+}
+],, no_xml=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"])
+       CFLAGS="$ac_save_CFLAGS"
+       LIBS="$ac_save_LIBS"
+     fi
+  fi
+
+  if test "x$no_xml" = x ; then
+     AC_MSG_RESULT(yes (version $xml_config_major_version.$xml_config_minor_version.$xml_config_micro_version))
+     ifelse([$2], , :, [$2])     
+  else
+     AC_MSG_RESULT(no)
+     if test "$XML2_CONFIG" = "no" ; then
+       echo "*** The xml2-config script installed by LIBXML could not be found"
+       echo "*** If libxml was installed in PREFIX, make sure PREFIX/bin is in"
+       echo "*** your path, or set the XML2_CONFIG environment variable to the"
+       echo "*** full path to xml2-config."
+     else
+       if test -f conf.xmltest ; then
+        :
+       else
+          echo "*** Could not run libxml test program, checking why..."
+          CFLAGS="$CFLAGS $XML_CFLAGS"
+          LIBS="$LIBS $XML_LIBS"
+          AC_TRY_LINK([
+#include <libxml/xmlversion.h>
+#include <stdio.h>
+],      [ LIBXML_TEST_VERSION; return 0;],
+        [ echo "*** The test program compiled, but did not run. This usually means"
+          echo "*** that the run-time linker is not finding LIBXML or finding the wrong"
+          echo "*** version of LIBXML. If it is not finding LIBXML, you'll need to set your"
+          echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point"
+          echo "*** to the installed location  Also, make sure you have run ldconfig if that"
+          echo "*** is required on your system"
+          echo "***"
+          echo "*** If you have an old version installed, it is best to remove it, although"
+          echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH" ],
+        [ echo "*** The test program failed to compile or link. See the file config.log for the"
+          echo "*** exact error that occured. This usually means LIBXML was incorrectly installed"
+          echo "*** or that you have moved LIBXML since it was installed. In the latter case, you"
+          echo "*** may want to edit the xml2-config script: $XML2_CONFIG" ])
+          CFLAGS="$ac_save_CFLAGS"
+          LIBS="$ac_save_LIBS"
+       fi
+     fi
+
+     XML_CFLAGS=""
+     XML_LIBS=""
+     ifelse([$3], , :, [$3])
+  fi
+  AC_SUBST(XML_CFLAGS)
+  AC_SUBST(XML_LIBS)
+  rm -f conf.xmltest
+])
+
+# =========================================================================
+# AM_PATH_MYSQL : MySQL library
+
+dnl AM_PATH_MYSQL([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]]])
+dnl Test for MYSQL, and define MYSQL_CFLAGS and MYSQL_LIBS
+dnl
+AC_DEFUN(AM_PATH_MYSQL,
+[dnl
+dnl Get the cflags and libraries from the mysql_config script
+dnl
+AC_ARG_WITH(mysql-prefix,[  --with-mysql-prefix=PFX   Prefix where MYSQL is installed (optional)],
+            mysql_prefix="$withval", mysql_prefix="")
+AC_ARG_WITH(mysql-exec-prefix,[  --with-mysql-exec-prefix=PFX Exec prefix where MYSQL is installed (optional)],
+            mysql_exec_prefix="$withval", mysql_exec_prefix="")
+AC_ARG_ENABLE(mysqltest, [  --disable-mysqltest       Do not try to compile and run a test MYSQL program],
+         , enable_mysqltest=yes)
+
+  if test x$mysql_exec_prefix != x ; then
+     mysql_args="$mysql_args --exec-prefix=$mysql_exec_prefix"
+     if test x${MYSQL_CONFIG+set} != xset ; then
+        MYSQL_CONFIG=$mysql_exec_prefix/bin/mysql_config
+     fi
+  fi
+  if test x$mysql_prefix != x ; then
+     mysql_args="$mysql_args --prefix=$mysql_prefix"
+     if test x${MYSQL_CONFIG+set} != xset ; then
+        MYSQL_CONFIG=$mysql_prefix/bin/mysql_config
+     fi
+  fi
+
+  AC_REQUIRE([AC_CANONICAL_TARGET])
+  AC_PATH_PROG(MYSQL_CONFIG, mysql_config, no)
+  min_mysql_version=ifelse([$1], ,0.11.0,$1)
+  AC_MSG_CHECKING(for MYSQL - version >= $min_mysql_version)
+  no_mysql=""
+  if test "$MYSQL_CONFIG" = "no" ; then
+    no_mysql=yes
+  else
+    MYSQL_CFLAGS=`$MYSQL_CONFIG $mysqlconf_args --cflags | sed -e "s/'//g"`
+    MYSQL_LIBS=`$MYSQL_CONFIG $mysqlconf_args --libs | sed -e "s/'//g"`
+
+    mysql_major_version=`$MYSQL_CONFIG $mysql_args --version | \
+           sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'`
+    mysql_minor_version=`$MYSQL_CONFIG $mysql_args --version | \
+           sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'`
+    mysql_micro_version=`$MYSQL_CONFIG $mysql_config_args --version | \
+           sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'`
+    if test "x$enable_mysqltest" = "xyes" ; then
+      ac_save_CFLAGS="$CFLAGS"
+      ac_save_LIBS="$LIBS"
+      CFLAGS="$CFLAGS $MYSQL_CFLAGS"
+      LIBS="$LIBS $MYSQL_LIBS"
+dnl
+dnl Now check if the installed MYSQL is sufficiently new. (Also sanity
+dnl checks the results of mysql_config to some extent
+dnl
+      rm -f conf.mysqltest
+      AC_TRY_RUN([
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <mysql.h>
+
+char*
+my_strdup (char *str)
+{
+  char *new_str;
+
+  if (str)
+    {
+      new_str = (char *)malloc ((strlen (str) + 1) * sizeof(char));
+      strcpy (new_str, str);
+    }
+  else
+    new_str = NULL;
+
+  return new_str;
+}
+
+int main (int argc, char *argv[])
+{
+int major, minor, micro;
+  char *tmp_version;
+
+  /* This hangs on some systems (?)
+  system ("touch conf.mysqltest");
+  */
+  { FILE *fp = fopen("conf.mysqltest", "a"); if ( fp ) fclose(fp); }
+
+  /* HP/UX 9 (%@#!) writes to sscanf strings */
+  tmp_version = my_strdup("$min_mysql_version");
+  if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, &micro) != 3) {
+     printf("%s, bad version string\n", "$min_mysql_version");
+     exit(1);
+   }
+
+   if (($mysql_major_version > major) ||
+      (($mysql_major_version == major) && ($mysql_minor_version > minor)) ||
+      (($mysql_major_version == major) && ($mysql_minor_version == minor) && ($mysql_micro_version >= micro)))
+    {
+      return 0;
+    }
+  else
+    {
+      printf("\n*** 'mysql_config --version' returned %d.%d.%d, but the minimum version\n", $mysql_major_version, $mysql_minor_version, $mysql_micro_version);
+      printf("*** of MYSQL required is %d.%d.%d. If mysql_config is correct, then it is\n", major, minor, micro);
+      printf("*** best to upgrade to the required version.\n");
+      printf("*** If mysql_config was wrong, set the environment variable MYSQL_CONFIG\n");
+      printf("*** to point to the correct copy of mysql_config, and remove the file\n");
+      printf("*** config.cache before re-running configure\n");
+      return 1;
+    }
+}
+
+],, no_mysql=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"])
+       CFLAGS="$ac_save_CFLAGS"
+       LIBS="$ac_save_LIBS"
+     fi
+  fi
+  if test "x$no_mysql" = x ; then
+     AC_MSG_RESULT(yes)
+     ifelse([$2], , :, [$2])
+  else
+     AC_MSG_RESULT(no)
+     if test "$MYSQL_CONFIG" = "no" ; then
+       echo "*** The mysql_config script installed by MYSQL could not be found"
+       echo "*** If MYSQL was installed in PREFIX, make sure PREFIX/bin is in"
+       echo "*** your path, or set the MYSQL_CONFIG environment variable to the"
+       echo "*** full path to mysql_config."
+     else
+       if test -f conf.mysqltest ; then
+        :
+       else
+          echo "*** Could not run MYSQL test program, checking why..."
+          CFLAGS="$CFLAGS $MYSQL_CFLAGS"
+          LIBS="$LIBS $MYSQL_LIBS"
+          AC_TRY_LINK([
+#include <stdio.h>
+#include <mysql.h>
+
+int main(int argc, char *argv[])
+{ return 0; }
+#undef  main
+#define main K_and_R_C_main
+],      [ return 0; ],
+        [ echo "*** The test program compiled, but did not run. This usually means"
+          echo "*** that the run-time linker is not finding MYSQL or finding the wrong"
+          echo "*** version of MYSQL. If it is not finding MYSQL, you'll need to set your"
+          echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point"
+          echo "*** to the installed location  Also, make sure you have run ldconfig if that"
+          echo "*** is required on your system"
+    echo "***"
+          echo "*** If you have an old version installed, it is best to remove it, although"
+          echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH"],
+        [ echo "*** The test program failed to compile or link. See the file config.log for the"
+          echo "*** exact error that occured. This usually means MYSQL was incorrectly installed"
+          echo "*** or that you have moved MYSQL since it was installed. In the latter case, you"
+          echo "*** may want to edit the mysql_config script: $MYSQL_CONFIG" ])
+          CFLAGS="$ac_save_CFLAGS"
+          LIBS="$ac_save_LIBS"
+       fi
+     fi
+     MYSQL_CFLAGS=""
+     MYSQL_LIBS=""
+     ifelse([$3], , :, [$3])
+  fi
+  AC_SUBST(MYSQL_CFLAGS)
+  AC_SUBST(MYSQL_LIBS)
+  rm -f conf.mysqltest
+])
+
+dnl Removes -I/usr/include/? from given variable
+AC_DEFUN(CFLAGS_REMOVE_USR_INCLUDE,[
+  ac_new_flags=""
+  for i in [$]$1; do
+    case [$]i in
+    -I/usr/include|-I/usr/include/) ;;
+    *) ac_new_flags="[$]ac_new_flags [$]i" ;;
+    esac
+  done
+  $1=[$]ac_new_flags
+])
+    
+dnl Removes -L/usr/lib/? from given variable
+AC_DEFUN(LIB_REMOVE_USR_LIB,[
+  ac_new_flags=""
+  for i in [$]$1; do
+    case [$]i in
+    -L/usr/lib|-L/usr/lib/) ;;
+    *) ac_new_flags="[$]ac_new_flags [$]i" ;;
+    esac
+  done
+  $1=[$]ac_new_flags
+])
+
+dnl From Bruno Haible.
+
+AC_DEFUN(jm_ICONV,
+[
+  dnl Some systems have iconv in libc, some have it in libiconv (OSF/1 and
+  dnl those with the standalone portable libiconv installed).
+  AC_MSG_CHECKING(for iconv in $1)
+    jm_cv_func_iconv="no"
+    jm_cv_lib_iconv=no
+    jm_cv_giconv=no
+    AC_TRY_LINK([#include <stdlib.h>
+#include <giconv.h>],
+      [iconv_t cd = iconv_open("","");
+       iconv(cd,NULL,NULL,NULL,NULL);
+       iconv_close(cd);],
+      jm_cv_func_iconv=yes
+      jm_cv_giconv=yes)
+
+    if test "$jm_cv_func_iconv" != yes; then
+      AC_TRY_LINK([#include <stdlib.h>
+#include <iconv.h>],
+        [iconv_t cd = iconv_open("","");
+         iconv(cd,NULL,NULL,NULL,NULL);
+         iconv_close(cd);],
+        jm_cv_func_iconv=yes)
+
+        if test "$jm_cv_lib_iconv" != yes; then
+          jm_save_LIBS="$LIBS"
+          LIBS="$LIBS -lgiconv"
+          AC_TRY_LINK([#include <stdlib.h>
+#include <giconv.h>],
+            [iconv_t cd = iconv_open("","");
+             iconv(cd,NULL,NULL,NULL,NULL);
+             iconv_close(cd);],
+            jm_cv_lib_iconv=yes
+            jm_cv_func_iconv=yes
+            jm_cv_giconv=yes)
+          LIBS="$jm_save_LIBS"
+
+      if test "$jm_cv_func_iconv" != yes; then
+        jm_save_LIBS="$LIBS"
+        LIBS="$LIBS -liconv"
+        AC_TRY_LINK([#include <stdlib.h>
+#include <iconv.h>],
+          [iconv_t cd = iconv_open("","");
+           iconv(cd,NULL,NULL,NULL,NULL);
+           iconv_close(cd);],
+          jm_cv_lib_iconv=yes
+          jm_cv_func_iconv=yes)
+        LIBS="$jm_save_LIBS"
+        fi
+      fi
+    fi
+
+  if test "$jm_cv_func_iconv" = yes; then
+    if test "$jm_cv_giconv" = yes; then
+      AC_DEFINE(HAVE_GICONV, 1, [What header to include for iconv() function: giconv.h])
+      AC_MSG_RESULT(yes)
+      ICONV_FOUND=yes
+    else
+      AC_DEFINE(HAVE_ICONV, 1, [What header to include for iconv() function: iconv.h])
+      AC_MSG_RESULT(yes)
+      ICONV_FOUND=yes
+    fi
+  else
+    AC_MSG_RESULT(no)
+  fi
+  if test "$jm_cv_lib_iconv" = yes; then
+    if test "$jm_cv_giconv" = yes; then
+      LIBS="$LIBS -lgiconv"
+    else
+      LIBS="$LIBS -liconv"
+    fi
+  fi
+])
+
+dnl CFLAGS_ADD_DIR(CFLAGS, $INCDIR)
+dnl This function doesn't add -I/usr/include into CFLAGS
+AC_DEFUN(CFLAGS_ADD_DIR,[
+if test "$2" != "/usr/include" ; then
+    $1="$$1 -I$2"
+fi
+])
+
+dnl LIB_ADD_DIR(LDFLAGS, $LIBDIR)
+dnl This function doesn't add -L/usr/lib into LDFLAGS
+AC_DEFUN(LIB_ADD_DIR,[
+if test "$2" != "/usr/lib" ; then
+    $1="$$1 -L$2"
+fi
+])
+
+dnl AC_ENABLE_SHARED - implement the --enable-shared flag
+dnl Usage: AC_ENABLE_SHARED[(DEFAULT)]
+dnl   Where DEFAULT is either `yes' or `no'.  If omitted, it defaults to
+dnl   `yes'.
+AC_DEFUN([AC_ENABLE_SHARED],
+[define([AC_ENABLE_SHARED_DEFAULT], ifelse($1, no, no, yes))dnl
+AC_ARG_ENABLE(shared,
+changequote(<<, >>)dnl
+<<  --enable-shared[=PKGS]    build shared libraries [default=>>AC_ENABLE_SHARED_DEFAULT],
+changequote([, ])dnl
+[p=${PACKAGE-default}
+case $enableval in
+yes) enable_shared=yes ;;
+no) enable_shared=no ;;
+*)
+  enable_shared=no
+  # Look at the argument we got.  We use all the common list separators.
+  IFS="${IFS=   }"; ac_save_ifs="$IFS"; IFS="${IFS}:,"
+  for pkg in $enableval; do
+    if test "X$pkg" = "X$p"; then
+      enable_shared=yes
+    fi
+
+  done
+  IFS="$ac_save_ifs"
+  ;;
+esac],
+enable_shared=AC_ENABLE_SHARED_DEFAULT)dnl
+])
+
+dnl AC_ENABLE_STATIC - implement the --enable-static flag
+dnl Usage: AC_ENABLE_STATIC[(DEFAULT)]
+dnl   Where DEFAULT is either `yes' or `no'.  If omitted, it defaults to
+dnl   `yes'.
+AC_DEFUN([AC_ENABLE_STATIC],
+[define([AC_ENABLE_STATIC_DEFAULT], ifelse($1, no, no, yes))dnl
+AC_ARG_ENABLE(static,
+changequote(<<, >>)dnl
+<<  --enable-static[=PKGS]    build static libraries [default=>>AC_ENABLE_STATIC_DEFAULT],
+changequote([, ])dnl
+[p=${PACKAGE-default}
+case $enableval in
+yes) enable_static=yes ;;
+no) enable_static=no ;;
+*)
+  enable_static=no
+  # Look at the argument we got.  We use all the common list separators.
+  IFS="${IFS=   }"; ac_save_ifs="$IFS"; IFS="${IFS}:,"
+  for pkg in $enableval; do
+    if test "X$pkg" = "X$p"; then
+      enable_static=yes
+    fi
+  done
+  IFS="$ac_save_ifs"
+  ;;
+esac],
+enable_static=AC_ENABLE_STATIC_DEFAULT)dnl
+])
+
+dnl AC_DISABLE_STATIC - set the default static flag to --disable-static
+AC_DEFUN([AC_DISABLE_STATIC],
+[AC_BEFORE([$0],[AC_LIBTOOL_SETUP])dnl
+AC_ENABLE_STATIC(no)])
diff --git a/source/auth/auth.c b/source/auth/auth.c
new file mode 100644 (file)
index 0000000..74c60f6
--- /dev/null
@@ -0,0 +1,456 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Password and authentication handling
+   Copyright (C) Andrew Bartlett         2001-2002
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_AUTH
+
+/** List of various built-in authentication modules */
+
+static const struct auth_init_function_entry builtin_auth_init_functions[] = {
+       { "guest", auth_init_guest },
+//     { "rhosts", auth_init_rhosts },
+//     { "hostsequiv", auth_init_hostsequiv },
+       { "sam", auth_init_sam },       
+       { "samstrict", auth_init_samstrict },
+       { "samstrict_dc", auth_init_samstrict_dc },
+       { "unix", auth_init_unix },
+//     { "smbserver", auth_init_smbserver },
+//     { "ntdomain", auth_init_ntdomain },
+//     { "trustdomain", auth_init_trustdomain },
+//     { "winbind", auth_init_winbind },
+#ifdef DEVELOPER
+       { "name_to_ntstatus", auth_init_name_to_ntstatus },
+       { "fixed_challenge", auth_init_fixed_challenge },
+#endif
+       { "plugin", auth_init_plugin },
+       { NULL, NULL}
+};
+
+/****************************************************************************
+ Try to get a challenge out of the various authentication modules.
+ Returns a const char of length 8 bytes.
+****************************************************************************/
+
+static const uint8 *get_ntlm_challenge(struct auth_context *auth_context) 
+{
+       DATA_BLOB challenge = data_blob(NULL, 0);
+       const char *challenge_set_by = NULL;
+       auth_methods *auth_method;
+       TALLOC_CTX *mem_ctx;
+
+       if (auth_context->challenge.length) {
+               DEBUG(5, ("get_ntlm_challenge (auth subsystem): returning previous challenge by module %s (normal)\n", 
+                         auth_context->challenge_set_by));
+               return auth_context->challenge.data;
+       }
+
+       for (auth_method = auth_context->auth_method_list; auth_method; auth_method = auth_method->next) {
+               if (auth_method->get_chal == NULL) {
+                       DEBUG(5, ("auth_get_challenge: module %s did not want to specify a challenge\n", auth_method->name));
+                       continue;
+               }
+
+               DEBUG(5, ("auth_get_challenge: getting challenge from module %s\n", auth_method->name));
+               if (challenge_set_by != NULL) {
+                       DEBUG(1, ("auth_get_challenge: CONFIGURATION ERROR: authentication method %s has already specified a challenge.  Challenge by %s ignored.\n", 
+                                 challenge_set_by, auth_method->name));
+                       continue;
+               }
+
+               mem_ctx = talloc_init("auth_get_challenge for module %s", auth_method->name);
+               if (!mem_ctx) {
+                       smb_panic("talloc_init() failed!");
+               }
+               
+               challenge = auth_method->get_chal(auth_context, &auth_method->private_data, mem_ctx);
+               if (!challenge.length) {
+                       DEBUG(3, ("auth_get_challenge: getting challenge from authentication method %s FAILED.\n", 
+                                 auth_method->name));
+               } else {
+                       DEBUG(5, ("auth_get_challenge: sucessfully got challenge from module %s\n", auth_method->name));
+                       auth_context->challenge = challenge;
+                       challenge_set_by = auth_method->name;
+                       auth_context->challenge_set_method = auth_method;
+               }
+               talloc_destroy(mem_ctx);
+       }
+       
+       if (!challenge_set_by) {
+               uchar chal[8];
+               
+               generate_random_buffer(chal, sizeof(chal), False);
+               auth_context->challenge = data_blob_talloc(auth_context->mem_ctx, 
+                                                          chal, sizeof(chal));
+               
+               challenge_set_by = "random";
+       } 
+       
+       DEBUG(5, ("auth_context challenge created by %s\n", challenge_set_by));
+       DEBUG(5, ("challenge is: \n"));
+       dump_data(5, auth_context->challenge.data, auth_context->challenge.length);
+       
+       SMB_ASSERT(auth_context->challenge.length == 8);
+
+       auth_context->challenge_set_by=challenge_set_by;
+
+       return auth_context->challenge.data;
+}
+
+
+/**
+ * Check user is in correct domain (if required)
+ *
+ * @param user Only used to fill in the debug message
+ * 
+ * @param domain The domain to be verified
+ *
+ * @return True if the user can connect with that domain, 
+ *         False otherwise.
+**/
+
+static BOOL check_domain_match(const char *user, const char *domain) 
+{
+       /*
+        * If we aren't serving to trusted domains, we must make sure that
+        * the validation request comes from an account in the same domain
+        * as the Samba server
+        */
+
+       if (!lp_allow_trusted_domains() &&
+           !(strequal("", domain) || 
+             strequal(lp_workgroup(), domain) || 
+             is_myname(domain))) {
+               DEBUG(1, ("check_domain_match: Attempt to connect as user %s from domain %s denied.\n", user, domain));
+               return False;
+       } else {
+               return True;
+       }
+}
+
+/**
+ * Check a user's Plaintext, LM or NTLM password.
+ *
+ * Check a user's password, as given in the user_info struct and return various
+ * interesting details in the server_info struct.
+ *
+ * This function does NOT need to be in a become_root()/unbecome_root() pair
+ * as it makes the calls itself when needed.
+ *
+ * The return value takes precedence over the contents of the server_info 
+ * struct.  When the return is other than NT_STATUS_OK the contents 
+ * of that structure is undefined.
+ *
+ * @param user_info Contains the user supplied components, including the passwords.
+ *                  Must be created with make_user_info() or one of its wrappers.
+ *
+ * @param auth_context Supplies the challenges and some other data. 
+ *                  Must be created with make_auth_context(), and the challenges should be 
+ *                  filled in, either at creation or by calling the challenge geneation 
+ *                  function auth_get_challenge().  
+ *
+ * @param server_info If successful, contains information about the authentication, 
+ *                    including a SAM_ACCOUNT struct describing the user.
+ *
+ * @return An NTSTATUS with NT_STATUS_OK or an appropriate error.
+ *
+ **/
+
+static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
+                                   const struct auth_usersupplied_info *user_info, 
+                                   struct auth_serversupplied_info **server_info)
+{
+       
+       NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
+       const char *pdb_username;
+       auth_methods *auth_method;
+       TALLOC_CTX *mem_ctx;
+
+       if (!user_info || !auth_context || !server_info)
+               return NT_STATUS_LOGON_FAILURE;
+
+       DEBUG(3, ("check_ntlm_password:  Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n", 
+                 user_info->client_domain.str, user_info->smb_name.str, user_info->wksta_name.str));
+
+       DEBUG(3, ("check_ntlm_password:  mapped user is: [%s]\\[%s]@[%s]\n", 
+                 user_info->domain.str, user_info->internal_username.str, user_info->wksta_name.str));
+
+       if (auth_context->challenge.length != 8) {
+               DEBUG(0, ("check_ntlm_password:  Invalid challenge stored for this auth context - cannot continue\n"));
+               return NT_STATUS_LOGON_FAILURE;
+       }
+
+       if (auth_context->challenge_set_by)
+               DEBUG(10, ("check_ntlm_password: auth_context challenge created by %s\n",
+                                       auth_context->challenge_set_by));
+
+       DEBUG(10, ("challenge is: \n"));
+       dump_data(5, auth_context->challenge.data, auth_context->challenge.length);
+
+#ifdef DEBUG_PASSWORD
+       DEBUG(100, ("user_info has passwords of length %d and %d\n", 
+                   user_info->lm_resp.length, user_info->nt_resp.length));
+       DEBUG(100, ("lm:\n"));
+       dump_data(100, user_info->lm_resp.data, user_info->lm_resp.length);
+       DEBUG(100, ("nt:\n"));
+       dump_data(100, user_info->nt_resp.data, user_info->nt_resp.length);
+#endif
+
+       /* This needs to be sorted:  If it doesn't match, what should we do? */
+       if (!check_domain_match(user_info->smb_name.str, user_info->domain.str))
+               return NT_STATUS_LOGON_FAILURE;
+
+       for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) {
+               mem_ctx = talloc_init("%s authentication for user %s\\%s", auth_method->name, 
+                                           user_info->domain.str, user_info->smb_name.str);
+
+               nt_status = auth_method->auth(auth_context, auth_method->private_data, mem_ctx, user_info, server_info);
+               if (NT_STATUS_IS_OK(nt_status)) {
+                       DEBUG(3, ("check_ntlm_password: %s authentication for user [%s] suceeded\n", 
+                                 auth_method->name, user_info->smb_name.str));
+               } else {
+                       DEBUG(5, ("check_ntlm_password: %s authentication for user [%s] FAILED with error %s\n", 
+                                 auth_method->name, user_info->smb_name.str, nt_errstr(nt_status)));
+               }
+
+               talloc_destroy(mem_ctx);
+
+               if (NT_STATUS_IS_OK(nt_status))
+                       break;
+       }
+
+       /* This is one of the few places the *relies* (rather than just sets defaults
+          on the value of lp_security().  This needs to change.  A new paramater 
+          perhaps? */
+       if (lp_security() >= SEC_SERVER)
+               smb_user_control(user_info, *server_info, nt_status);
+
+       if (NT_STATUS_IS_OK(nt_status)) {
+               pdb_username = pdb_get_username((*server_info)->sam_account);
+               if (!(*server_info)->guest) {
+                       /* We might not be root if we are an RPC call */
+                       become_root();
+                       nt_status = smb_pam_accountcheck(pdb_username);
+                       unbecome_root();
+                       
+                       if (NT_STATUS_IS_OK(nt_status)) {
+                               DEBUG(5, ("check_ntlm_password:  PAM Account for user [%s] suceeded\n", 
+                                         pdb_username));
+                       } else {
+                               DEBUG(3, ("check_ntlm_password:  PAM Account for user [%s] FAILED with error %s\n", 
+                                         pdb_username, nt_errstr(nt_status)));
+                       } 
+               }
+               
+               if (NT_STATUS_IS_OK(nt_status)) {
+                       DEBUG((*server_info)->guest ? 5 : 2, 
+                             ("check_ntlm_password:  %sauthentication for user [%s] -> [%s] -> [%s] suceeded\n", 
+                              (*server_info)->guest ? "guest " : "", 
+                              user_info->smb_name.str, 
+                              user_info->internal_username.str, 
+                              pdb_username));
+               }
+       }
+
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               DEBUG(2, ("check_ntlm_password:  Authentication for user [%s] -> [%s] FAILED with error %s\n", 
+                         user_info->smb_name.str, user_info->internal_username.str, 
+                         nt_errstr(nt_status)));
+               ZERO_STRUCTP(server_info);
+       }
+       return nt_status;
+}
+
+/***************************************************************************
+ Clear out a auth_context, and destroy the attached TALLOC_CTX
+***************************************************************************/
+
+static void free_auth_context(struct auth_context **auth_context)
+{
+       if (*auth_context != NULL)
+               talloc_destroy((*auth_context)->mem_ctx);
+       *auth_context = NULL;
+}
+
+/***************************************************************************
+ Make a auth_info struct
+***************************************************************************/
+
+static NTSTATUS make_auth_context(struct auth_context **auth_context) 
+{
+       TALLOC_CTX *mem_ctx;
+
+       mem_ctx = talloc_init("authentication context");
+       
+       *auth_context = talloc(mem_ctx, sizeof(**auth_context));
+       if (!*auth_context) {
+               DEBUG(0,("make_auth_context: talloc failed!\n"));
+               talloc_destroy(mem_ctx);
+               return NT_STATUS_NO_MEMORY;
+       }
+       ZERO_STRUCTP(*auth_context);
+
+       (*auth_context)->mem_ctx = mem_ctx;
+       (*auth_context)->check_ntlm_password = check_ntlm_password;
+       (*auth_context)->get_ntlm_challenge = get_ntlm_challenge;
+       (*auth_context)->free = free_auth_context;
+       
+       return NT_STATUS_OK;
+}
+
+/***************************************************************************
+ Make a auth_info struct for the auth subsystem
+***************************************************************************/
+
+static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, char **text_list) 
+{
+       auth_methods *list = NULL;
+       auth_methods *t = NULL;
+       auth_methods *tmp;
+       int i;
+       NTSTATUS nt_status;
+
+       if (!text_list) {
+               DEBUG(2,("make_auth_context_text_list: No auth method list!?\n"));
+               return NT_STATUS_UNSUCCESSFUL;
+       }
+       
+       if (!NT_STATUS_IS_OK(nt_status = make_auth_context(auth_context)))
+               return nt_status;
+       
+       for (;*text_list; text_list++) { 
+               DEBUG(5,("make_auth_context_text_list: Attempting to find an auth method to match %s\n",
+                                       *text_list));
+               for (i = 0; builtin_auth_init_functions[i].name; i++) {
+                       char *module_name = smb_xstrdup(*text_list);
+                       char *module_params = NULL;
+                       char *p;
+
+                       p = strchr(module_name, ':');
+                       if (p) {
+                               *p = 0;
+                               module_params = p+1;
+                               trim_string(module_params, " ", " ");
+                       }
+
+                       trim_string(module_name, " ", " ");
+
+                       if (strequal(builtin_auth_init_functions[i].name, module_name)) {
+                               DEBUG(5,("make_auth_context_text_list: Found auth method %s (at pos %d)\n", *text_list, i));
+                               if (NT_STATUS_IS_OK(builtin_auth_init_functions[i].init(*auth_context, module_params, &t))) {
+                                       DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n",
+                                                               *text_list));
+                                       DLIST_ADD_END(list, t, tmp);
+                               } else {
+                                       DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n",
+                                                               *text_list));
+                               }
+                               break;
+                       }
+                       SAFE_FREE(module_name);
+               }
+       }
+       
+       (*auth_context)->auth_method_list = list;
+       
+       return nt_status;
+}
+
+/***************************************************************************
+ Make a auth_context struct for the auth subsystem
+***************************************************************************/
+
+NTSTATUS make_auth_context_subsystem(struct auth_context **auth_context) 
+{
+       char **auth_method_list = NULL; 
+       NTSTATUS nt_status;
+
+       if (lp_auth_methods() && !str_list_copy(&auth_method_list, lp_auth_methods())) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       if (auth_method_list == NULL) {
+               switch (lp_security()) 
+               {
+               case SEC_DOMAIN:
+                       DEBUG(5,("Making default auth method list for security=domain\n"));
+                       auth_method_list = str_list_make("guest sam winbind ntdomain", NULL);
+                       break;
+               case SEC_SERVER:
+                       DEBUG(5,("Making default auth method list for security=server\n"));
+                       auth_method_list = str_list_make("guest sam smbserver", NULL);
+                       break;
+               case SEC_USER:
+                       if (lp_encrypted_passwords()) { 
+                               DEBUG(5,("Making default auth method list for security=user, encrypt passwords = yes\n"));
+                               auth_method_list = str_list_make("guest sam", NULL);
+                       } else {
+                               DEBUG(5,("Making default auth method list for security=user, encrypt passwords = no\n"));
+                               auth_method_list = str_list_make("guest unix", NULL);
+                       }
+                       break;
+               case SEC_SHARE:
+                       if (lp_encrypted_passwords()) {
+                               DEBUG(5,("Making default auth method list for security=share, encrypt passwords = yes\n"));
+                               auth_method_list = str_list_make("guest sam", NULL);
+                       } else {
+                               DEBUG(5,("Making default auth method list for security=share, encrypt passwords = no\n"));
+                               auth_method_list = str_list_make("guest unix", NULL);
+                       }
+                       break;
+               case SEC_ADS:
+                       DEBUG(5,("Making default auth method list for security=ADS\n"));
+                       auth_method_list = str_list_make("guest sam ads winbind ntdomain", NULL);
+                       break;
+               default:
+                       DEBUG(5,("Unknown auth method!\n"));
+                       return NT_STATUS_UNSUCCESSFUL;
+               }
+       } else {
+               DEBUG(5,("Using specified auth order\n"));
+       }
+       
+       if (!NT_STATUS_IS_OK(nt_status = make_auth_context_text_list(auth_context, auth_method_list))) {
+               str_list_free(&auth_method_list);
+               return nt_status;
+       }
+       
+       str_list_free(&auth_method_list);
+       return nt_status;
+}
+
+/***************************************************************************
+ Make a auth_info struct with a fixed challenge
+***************************************************************************/
+
+NTSTATUS make_auth_context_fixed(struct auth_context **auth_context, uchar chal[8]) 
+{
+       NTSTATUS nt_status;
+       if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(auth_context))) {
+               return nt_status;
+       }
+       
+       (*auth_context)->challenge = data_blob(chal, 8);
+       (*auth_context)->challenge_set_by = "fixed";
+       return nt_status;
+}
+
+
diff --git a/source/auth/auth_builtin.c b/source/auth/auth_builtin.c
new file mode 100644 (file)
index 0000000..32f3931
--- /dev/null
@@ -0,0 +1,210 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Generic authenticaion types
+   Copyright (C) Andrew Bartlett         2001-2002
+   Copyright (C) Jelmer Vernooij              2002
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_AUTH
+
+/**
+ * Return a guest logon for guest users (username = "")
+ *
+ * Typically used as the first module in the auth chain, this allows
+ * guest logons to be dealt with in one place.  Non-guest logons 'fail'
+ * and pass onto the next module.
+ **/
+
+static NTSTATUS check_guest_security(const struct auth_context *auth_context,
+                                    void *my_private_data, 
+                                    TALLOC_CTX *mem_ctx,
+                                    const auth_usersupplied_info *user_info, 
+                                    auth_serversupplied_info **server_info)
+{
+       NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
+
+       if (!(user_info->internal_username.str 
+             && *user_info->internal_username.str)) {
+               nt_status = make_server_info_guest(server_info);
+       }
+
+       return nt_status;
+}
+
+/* Guest modules initialisation */
+
+NTSTATUS auth_init_guest(struct auth_context *auth_context, const char *options, auth_methods **auth_method) 
+{
+       if (!make_auth_methods(auth_context, auth_method))
+               return NT_STATUS_NO_MEMORY;
+
+       (*auth_method)->auth = check_guest_security;
+       (*auth_method)->name = "guest";
+       return NT_STATUS_OK;
+}
+
+/** 
+ * Return an error based on username
+ *
+ * This function allows the testing of obsure errors, as well as the generation
+ * of NT_STATUS -> DOS error mapping tables.
+ *
+ * This module is of no value to end-users.
+ *
+ * The password is ignored.
+ *
+ * @return An NTSTATUS value based on the username
+ **/
+
+static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_context,
+                                               void *my_private_data, 
+                                               TALLOC_CTX *mem_ctx,
+                                               const auth_usersupplied_info *user_info, 
+                                               auth_serversupplied_info **server_info)
+{
+       NTSTATUS nt_status;
+       fstring user;
+       long error_num;
+       fstrcpy(user, user_info->smb_name.str);
+       
+       if (strncasecmp("NT_STATUS", user, strlen("NT_STATUS")) == 0) {
+               strupper(user);
+               return nt_status_string_to_code(user);
+       }
+
+       strlower(user);
+       error_num = strtoul(user, NULL, 16);
+       
+       DEBUG(5,("check_name_to_ntstatus_security: Error for user %s was %lx\n", user, error_num));
+
+       nt_status = NT_STATUS(error_num);
+       
+       return nt_status;
+}
+
+/** Module initailisation function */
+
+NTSTATUS auth_init_name_to_ntstatus(struct auth_context *auth_context, const char *param, auth_methods **auth_method) 
+{
+       if (!make_auth_methods(auth_context, auth_method))
+               return NT_STATUS_NO_MEMORY;
+
+       (*auth_method)->auth = check_name_to_ntstatus_security;
+       (*auth_method)->name = "name_to_ntstatus";
+       return NT_STATUS_OK;
+}
+
+/** 
+ * Return a 'fixed' challenge instead of a varaible one.
+ *
+ * The idea of this function is to make packet snifs consistant
+ * with a fixed challenge, so as to aid debugging.
+ *
+ * This module is of no value to end-users.
+ *
+ * This module does not actually authenticate the user, but
+ * just pretenteds to need a specified challenge.  
+ * This module removes *all* security from the challenge-response system
+ *
+ * @return NT_STATUS_UNSUCCESSFUL
+ **/
+
+static NTSTATUS check_fixed_challenge_security(const struct auth_context *auth_context,
+                                              void *my_private_data, 
+                                              TALLOC_CTX *mem_ctx,
+                                              const auth_usersupplied_info *user_info, 
+                                              auth_serversupplied_info **server_info)
+{
+       return NT_STATUS_UNSUCCESSFUL;
+}
+
+/****************************************************************************
+ Get the challenge out of a password server.
+****************************************************************************/
+
+static DATA_BLOB auth_get_fixed_challenge(const struct auth_context *auth_context,
+                                         void **my_private_data, 
+                                         TALLOC_CTX *mem_ctx)
+{
+       const char *challenge = "I am a teapot";   
+       return data_blob(challenge, 8);
+}
+
+
+/** Module initailisation function */
+
+NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char *param, auth_methods **auth_method) 
+{
+       if (!make_auth_methods(auth_context, auth_method))
+               return NT_STATUS_NO_MEMORY;
+
+       (*auth_method)->auth = check_fixed_challenge_security;
+       (*auth_method)->get_chal = auth_get_fixed_challenge;
+       (*auth_method)->name = "fixed_challenge";
+       return NT_STATUS_OK;
+}
+
+/**
+ * Outsorce an auth module to an external loadable .so
+ *
+ * Only works on systems with dlopen() etc.
+ **/
+
+/* Plugin modules initialisation */
+
+NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param, auth_methods **auth_method) 
+{
+       void * dl_handle;
+       char *plugin_param, *plugin_name, *p;
+       auth_init_function plugin_init;
+
+       if (param == NULL) {
+               DEBUG(0, ("auth_init_plugin: The plugin module needs an argument!\n"));
+               return NT_STATUS_UNSUCCESSFUL;
+       }
+
+       plugin_name = smb_xstrdup(param);
+       p = strchr(plugin_name, ':');
+       if (p) {
+               *p = 0;
+               plugin_param = p+1;
+               trim_string(plugin_param, " ", " ");
+       } else plugin_param = NULL;
+
+       trim_string(plugin_name, " ", " ");
+
+       DEBUG(5, ("auth_init_plugin: Trying to load auth plugin %s\n", plugin_name));
+       dl_handle = sys_dlopen(plugin_name, RTLD_NOW );
+       if (!dl_handle) {
+               DEBUG(0, ("auth_init_plugin: Failed to load auth plugin %s using sys_dlopen (%s)\n",
+                                       plugin_name, sys_dlerror()));
+               return NT_STATUS_UNSUCCESSFUL;
+       }
+    
+       plugin_init = sys_dlsym(dl_handle, "auth_init");
+       if (!plugin_init){
+               DEBUG(0, ("Failed to find function 'auth_init' using sys_dlsym in sam plugin %s (%s)\n",
+                                       plugin_name, sys_dlerror()));       
+               return NT_STATUS_UNSUCCESSFUL;
+       }
+
+       DEBUG(5, ("Starting sam plugin %s with paramater %s\n", plugin_name, plugin_param?plugin_param:"(null)"));
+       return plugin_init(auth_context, plugin_param, auth_method);
+}
diff --git a/source/auth/auth_compat.c b/source/auth/auth_compat.c
new file mode 100644 (file)
index 0000000..49cd2e8
--- /dev/null
@@ -0,0 +1,122 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Password and authentication handling
+   Copyright (C) Andrew Bartlett         2001-2002
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_AUTH
+
+/****************************************************************************
+ COMPATIBILITY INTERFACES:
+ ***************************************************************************/
+
+/****************************************************************************
+check if a username/password is OK assuming the password is a 24 byte
+SMB hash
+return True if the password is correct, False otherwise
+****************************************************************************/
+
+NTSTATUS check_plaintext_password(const char *smb_name, DATA_BLOB plaintext_password, auth_serversupplied_info **server_info)
+{
+       struct auth_context *plaintext_auth_context = NULL;
+       auth_usersupplied_info *user_info = NULL;
+       const uint8 *chal;
+       NTSTATUS nt_status;
+       if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&plaintext_auth_context))) {
+               return nt_status;
+       }
+       
+       chal = plaintext_auth_context->get_ntlm_challenge(plaintext_auth_context);
+       
+       if (!make_user_info_for_reply(&user_info, 
+                                     smb_name, lp_workgroup(), chal,
+                                     plaintext_password)) {
+               return NT_STATUS_NO_MEMORY;
+       }
+       
+       nt_status = plaintext_auth_context->check_ntlm_password(plaintext_auth_context, 
+                                                               user_info, server_info); 
+       
+       (plaintext_auth_context->free)(&plaintext_auth_context);
+       free_user_info(&user_info);
+       return nt_status;
+}
+
+static NTSTATUS pass_check_smb(struct server_context *smb,
+                              const char *smb_name,
+                              const char *domain, 
+                              DATA_BLOB lm_pwd,
+                              DATA_BLOB nt_pwd,
+                              DATA_BLOB plaintext_password,
+                              BOOL encrypted)
+
+{
+       NTSTATUS nt_status;
+       auth_serversupplied_info *server_info = NULL;
+       if (encrypted) {                
+               auth_usersupplied_info *user_info = NULL;
+               make_user_info_for_reply_enc(&user_info, smb_name, 
+                                            domain,
+                                            lm_pwd, 
+                                            nt_pwd);
+               nt_status = smb->negotiate.auth_context->check_ntlm_password(smb->negotiate.auth_context, 
+                                                                            user_info, &server_info);
+               free_user_info(&user_info);
+       } else {
+               nt_status = check_plaintext_password(smb_name, plaintext_password, &server_info);
+       }               
+       free_server_info(&server_info);
+       return nt_status;
+}
+
+/****************************************************************************
+check if a username/password pair is ok via the auth subsystem.
+return True if the password is correct, False otherwise
+****************************************************************************/
+BOOL password_ok(struct server_context *smb, const char *smb_name, DATA_BLOB password_blob)
+{
+
+       DATA_BLOB null_password = data_blob(NULL, 0);
+       BOOL encrypted = (smb->negotiate.encrypted_passwords && password_blob.length == 24);
+       NTSTATUS status;
+
+       if (encrypted) {
+               /* 
+                * The password could be either NTLM or plain LM.  Try NTLM first, 
+                * but fall-through as required.
+                * NTLMv2 makes no sense here.
+                */
+               status = pass_check_smb(smb, smb_name, lp_workgroup(), null_password, 
+                                       password_blob, null_password, encrypted);
+               if (NT_STATUS_IS_OK(status)) {
+                       return True;
+               }
+               
+               status = pass_check_smb(smb, smb_name, lp_workgroup(), password_blob, 
+                                       null_password, null_password, encrypted);
+       } else {
+               status = pass_check_smb(smb, smb_name, lp_workgroup(), null_password, 
+                                       null_password, password_blob, encrypted);
+       }
+
+       return NT_STATUS_IS_OK(status);
+}
+
+
diff --git a/source/auth/auth_domain.c b/source/auth/auth_domain.c
new file mode 100644 (file)
index 0000000..ff75953
--- /dev/null
@@ -0,0 +1,554 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Authenticate against a remote domain
+   Copyright (C) Andrew Tridgell 1992-1998
+   Copyright (C) Andrew Bartlett 2001
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_AUTH
+
+BOOL global_machine_password_needs_changing = False;
+
+extern userdom_struct current_user_info;
+
+
+/*
+  resolve the name of a DC in ways appropriate for an ADS domain mode
+  an ADS domain may not have Netbios enabled at all, so this is 
+  quite different from the RPC case
+  Note that we ignore the 'server' parameter here. That has the effect of using
+  the 'ADS server' smb.conf parameter, which is what we really want anyway
+ */
+static NTSTATUS ads_resolve_dc(fstring remote_machine, 
+                              struct in_addr *dest_ip)
+{
+       ADS_STRUCT *ads;
+       ads = ads_init_simple();
+       if (!ads) {
+               return NT_STATUS_NO_LOGON_SERVERS;              
+       }
+
+       DEBUG(4,("ads_resolve_dc: realm=%s\n", ads->config.realm));
+
+       ads->auth.flags |= ADS_AUTH_NO_BIND;
+
+#ifdef HAVE_ADS
+       /* a full ads_connect() is actually overkill, as we don't srictly need
+          to do the SASL auth in order to get the info we need, but libads
+          doesn't offer a better way right now */
+       ads_connect(ads);
+#endif
+
+       fstrcpy(remote_machine, ads->config.ldap_server_name);
+       strupper(remote_machine);
+       *dest_ip = ads->ldap_ip;
+       ads_destroy(&ads);
+       
+       if (!*remote_machine || is_zero_ip(*dest_ip)) {
+               return NT_STATUS_NO_LOGON_SERVERS;              
+       }
+
+       DEBUG(4,("ads_resolve_dc: using server='%s' IP=%s\n",
+                remote_machine, inet_ntoa(*dest_ip)));
+       
+       return NT_STATUS_OK;
+}
+
+/*
+  resolve the name of a DC in ways appropriate for RPC domain mode
+  this relies on the server supporting netbios and port 137 not being
+  firewalled
+ */
+static NTSTATUS rpc_resolve_dc(const char *server, 
+                              fstring remote_machine, 
+                              struct in_addr *dest_ip)
+{
+       if (is_ipaddress(server)) {
+               struct in_addr to_ip = *interpret_addr2(server);
+
+               /* we need to know the machines netbios name - this is a lousy
+                  way to find it, but until we have a RPC call that does this
+                  it will have to do */
+               if (!name_status_find("*", 0x20, 0x20, to_ip, remote_machine)) {
+                       DEBUG(2, ("rpc_resolve_dc: Can't resolve name for IP %s\n", server));
+                       return NT_STATUS_NO_LOGON_SERVERS;
+               }
+
+               *dest_ip = to_ip;
+               return NT_STATUS_OK;
+       } 
+
+       fstrcpy(remote_machine, server);
+       strupper(remote_machine);
+       if (!resolve_name(remote_machine, dest_ip, 0x20)) {
+               DEBUG(1,("rpc_resolve_dc: Can't resolve address for %s\n", 
+                        remote_machine));
+               return NT_STATUS_NO_LOGON_SERVERS;
+       }
+
+       DEBUG(4,("rpc_resolve_dc: using server='%s' IP=%s\n",
+                remote_machine, inet_ntoa(*dest_ip)));
+
+       return NT_STATUS_OK;
+}
+
+/**
+ * Connect to a remote server for domain security authenticaion.
+ *
+ * @param cli the cli to return containing the active connection
+ * @param server either a machine name or text IP address to
+ *               connect to.
+ * @param trust_passwd the trust password to establish the
+ *                       credentials with.
+ *
+ **/
+
+static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, 
+                                                 const char *server, 
+                                                 const char *setup_creds_as,
+                                                 uint16 sec_chan,
+                                                 const unsigned char *trust_passwd,
+                                                 BOOL *retry)
+{
+       struct in_addr dest_ip;
+       fstring remote_machine;
+        NTSTATUS result;
+       uint32 neg_flags = 0x000001ff;
+
+       *retry = False;
+
+       if (lp_security() == SEC_ADS)
+               result = ads_resolve_dc(remote_machine, &dest_ip);
+       else
+               result = rpc_resolve_dc(server, remote_machine, &dest_ip);
+
+       if (!NT_STATUS_IS_OK(result)) {
+               DEBUG(2,("connect_to_domain_password_server: unable to resolve DC: %s\n", 
+                        nt_errstr(result)));
+               return result;
+       }
+
+       if (ismyip(dest_ip)) {
+               DEBUG(1,("connect_to_domain_password_server: Password server loop - not using password server %s\n",
+                        remote_machine));
+               return NT_STATUS_NO_LOGON_SERVERS;
+       }
+  
+       /* TODO: Send a SAMLOGON request to determine whether this is a valid
+          logonserver.  We can avoid a 30-second timeout if the DC is down
+          if the SAMLOGON request fails as it is only over UDP. */
+
+       /* we use a mutex to prevent two connections at once - when a 
+          Win2k PDC get two connections where one hasn't completed a 
+          session setup yet it will send a TCP reset to the first 
+          connection (tridge) */
+
+       /*
+        * With NT4.x DC's *all* authentication must be serialized to avoid
+        * ACCESS_DENIED errors if 2 auths are done from the same machine. JRA.
+        */
+
+       *retry = True;
+
+       if (!grab_server_mutex(server))
+               return NT_STATUS_NO_LOGON_SERVERS;
+       
+       /* Attempt connection */
+       result = cli_full_connection(cli, lp_netbios_name(), remote_machine,
+                                    &dest_ip, 0, "IPC$", "IPC", "", "", "",0, retry);
+
+       if (!NT_STATUS_IS_OK(result)) {
+               release_server_mutex();
+               return result;
+       }
+
+       /*
+        * We now have an anonymous connection to IPC$ on the domain password server.
+        */
+
+       /*
+        * Even if the connect succeeds we need to setup the netlogon
+        * pipe here. We do this as we may just have changed the domain
+        * account password on the PDC and yet we may be talking to
+        * a BDC that doesn't have this replicated yet. In this case
+        * a successful connect to a DC needs to take the netlogon connect
+        * into account also. This patch from "Bjart Kvarme" <bjart.kvarme@usit.uio.no>.
+        */
+
+       if(cli_nt_session_open(*cli, PI_NETLOGON) == False) {
+               DEBUG(0,("connect_to_domain_password_server: unable to open the domain client session to \
+machine %s. Error was : %s.\n", remote_machine, cli_errstr(*cli)));
+               cli_nt_session_close(*cli);
+               cli_ulogoff(*cli);
+               cli_shutdown(*cli);
+               release_server_mutex();
+               return NT_STATUS_NO_LOGON_SERVERS;
+       }
+
+       snprintf((*cli)->mach_acct, sizeof((*cli)->mach_acct) - 1, "%s$", setup_creds_as);
+
+       if (!(*cli)->mach_acct) {
+               release_server_mutex();
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       result = cli_nt_setup_creds(*cli, sec_chan, trust_passwd, &neg_flags, 2);
+
+        if (!NT_STATUS_IS_OK(result)) {
+               DEBUG(0,("connect_to_domain_password_server: unable to setup the NETLOGON credentials to machine \
+%s. Error was : %s.\n", remote_machine, nt_errstr(result)));
+               cli_nt_session_close(*cli);
+               cli_ulogoff(*cli);
+               cli_shutdown(*cli);
+               release_server_mutex();
+               return result;
+       }
+
+       /* We exit here with the mutex *locked*. JRA */
+
+       return NT_STATUS_OK;
+}
+
+/***********************************************************************
+ Utility function to attempt a connection to an IP address of a DC.
+************************************************************************/
+
+static NTSTATUS attempt_connect_to_dc(struct cli_state **cli, 
+                                     const char *domain, 
+                                     struct in_addr *ip, 
+                                     const char *setup_creds_as, 
+                                     uint16 sec_chan,
+                                     const unsigned char *trust_passwd)
+{
+       NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+       BOOL retry = True;
+       fstring dc_name;
+       int i;
+
+       /*
+        * Ignore addresses we have already tried.
+        */
+
+       if (is_zero_ip(*ip))
+               return NT_STATUS_NO_LOGON_SERVERS;
+
+       if (!lookup_dc_name(lp_netbios_name(), domain, ip, dc_name))
+               return NT_STATUS_NO_LOGON_SERVERS;
+
+       for (i = 0; (!NT_STATUS_IS_OK(ret)) && retry && (i < 3); i++)
+               ret = connect_to_domain_password_server(cli, dc_name, setup_creds_as,
+                               sec_chan, trust_passwd, &retry);
+       return ret;
+}
+
+/***********************************************************************
+ We have been asked to dynamically determine the IP addresses of
+ the PDC and BDC's for DOMAIN, and query them in turn.
+************************************************************************/
+static NTSTATUS find_connect_dc(struct cli_state **cli, 
+                                const char *domain,
+                                const char *setup_creds_as,
+                                uint16 sec_chan,
+                                unsigned char *trust_passwd, 
+                                time_t last_change_time)
+{
+       struct in_addr dc_ip;
+       fstring srv_name;
+
+       if ( !rpc_find_dc(lp_workgroup(), srv_name, &dc_ip) ) {
+               DEBUG(0,("find_connect_dc: Failed to find an DCs for %s\n", lp_workgroup()));
+               return NT_STATUS_NO_LOGON_SERVERS;
+       }
+       
+       return attempt_connect_to_dc( cli, domain, &dc_ip, setup_creds_as, 
+                       sec_chan, trust_passwd );
+}
+
+/***********************************************************************
+ Do the same as security=server, but using NT Domain calls and a session
+ key from the machine password.  If the server parameter is specified
+ use it, otherwise figure out a server from the 'password server' param.
+************************************************************************/
+
+static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
+                                      const auth_usersupplied_info *user_info, 
+                                      const char *domain,
+                                      uchar chal[8],
+                                      auth_serversupplied_info **server_info, 
+                                      const char *server, const char *setup_creds_as,
+                                      uint16 sec_chan,
+                                      unsigned char trust_passwd[16],
+                                      time_t last_change_time)
+{
+       fstring remote_machine;
+       NET_USER_INFO_3 info3;
+       struct cli_state *cli = NULL;
+       NTSTATUS nt_status = NT_STATUS_NO_LOGON_SERVERS;
+
+       /*
+        * At this point, smb_apasswd points to the lanman response to
+        * the challenge in local_challenge, and smb_ntpasswd points to
+        * the NT response to the challenge in local_challenge. Ship
+        * these over the secure channel to a domain controller and
+        * see if they were valid.
+        */
+
+       while (!NT_STATUS_IS_OK(nt_status) &&
+              next_token(&server,remote_machine,LIST_SEP,sizeof(remote_machine))) {
+               if(lp_security() != SEC_ADS && strequal(remote_machine, "*")) {
+                       nt_status = find_connect_dc(&cli, domain, setup_creds_as, sec_chan, trust_passwd, last_change_time);
+               } else {
+                       int i;
+                       BOOL retry = True;
+                       for (i = 0; !NT_STATUS_IS_OK(nt_status) && retry && (i < 3); i++)
+                               nt_status = connect_to_domain_password_server(&cli, remote_machine, setup_creds_as,
+                                               sec_chan, trust_passwd, &retry);
+               }
+       }
+
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               DEBUG(0,("domain_client_validate: Domain password server not available.\n"));
+               return nt_status;
+       }
+
+       ZERO_STRUCT(info3);
+
+        /*
+         * If this call succeeds, we now have lots of info about the user
+         * in the info3 structure.  
+         */
+
+       nt_status = cli_netlogon_sam_network_logon(cli, mem_ctx,
+                                                  user_info->smb_name.str, user_info->domain.str, 
+                                                  user_info->wksta_name.str, chal, 
+                                                  user_info->lm_resp, user_info->nt_resp, 
+                                                  &info3);
+        
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               DEBUG(0,("domain_client_validate: unable to validate password "
+                         "for user %s in domain %s to Domain controller %s. "
+                         "Error was %s.\n", user_info->smb_name.str,
+                         user_info->domain.str, cli->srv_name_slash, 
+                         nt_errstr(nt_status)));
+       } else {
+               nt_status = make_server_info_info3(mem_ctx, user_info->internal_username.str, 
+                                                  user_info->smb_name.str, domain, server_info, &info3);
+#if 0 
+               /* The stuff doesn't work right yet */
+               SMB_ASSERT(sizeof((*server_info)->session_key) == sizeof(info3.user_sess_key)); 
+               memcpy((*server_info)->session_key, info3.user_sess_key, sizeof((*server_info)->session_key)/* 16 */);
+               SamOEMhash((*server_info)->session_key, trust_passwd, sizeof((*server_info)->session_key));
+#endif         
+
+               uni_group_cache_store_netlogon(mem_ctx, &info3);
+       }
+
+#if 0
+       /* 
+        * We don't actually need to do this - plus it fails currently with
+        * NT_STATUS_INVALID_INFO_CLASS - we need to know *exactly* what to
+        * send here. JRA.
+        */
+
+       if (NT_STATUS_IS_OK(status)) {
+               if(cli_nt_logoff(&cli, &ctr) == False) {
+                       DEBUG(0,("domain_client_validate: unable to log off user %s in domain \
+%s to Domain controller %s. Error was %s.\n", user, domain, remote_machine, cli_errstr(&cli)));        
+                       nt_status = NT_STATUS_LOGON_FAILURE;
+               }
+       }
+#endif /* 0 */
+
+       /* Note - once the cli stream is shutdown the mem_ctx used
+          to allocate the other_sids and gids structures has been deleted - so
+          these pointers are no longer valid..... */
+
+       cli_nt_session_close(cli);
+       cli_ulogoff(cli);
+       cli_shutdown(cli);
+       release_server_mutex();
+       return nt_status;
+}
+
+/****************************************************************************
+ Check for a valid username and password in security=domain mode.
+****************************************************************************/
+
+static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
+                                       void *my_private_data, 
+                                       TALLOC_CTX *mem_ctx,
+                                       const auth_usersupplied_info *user_info, 
+                                       auth_serversupplied_info **server_info)
+{
+       NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
+       char *password_server;
+       unsigned char trust_passwd[16];
+       time_t last_change_time;
+       const char *domain = lp_workgroup();
+
+       if (!user_info || !server_info || !auth_context) {
+               DEBUG(1,("check_ntdomain_security: Critical variables not present.  Failing.\n"));
+               return NT_STATUS_INVALID_PARAMETER;
+       }
+
+       /* 
+        * Check that the requested domain is not our own machine name.
+        * If it is, we should never check the PDC here, we use our own local
+        * password file.
+        */
+
+       if(is_myname(user_info->domain.str)) {
+               DEBUG(3,("check_ntdomain_security: Requested domain was for this machine.\n"));
+               return NT_STATUS_LOGON_FAILURE;
+       }
+
+       /*
+        * Get the machine account password for our primary domain
+        * No need to become_root() as secrets_init() is done at startup.
+        */
+
+       if (!secrets_fetch_trust_account_password(domain, trust_passwd, &last_change_time))
+       {
+               DEBUG(0, ("check_ntdomain_security: could not fetch trust account password for domain '%s'\n", domain));
+               return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
+       }
+
+       /* Test if machine password has expired and needs to be changed */
+       if (lp_machine_password_timeout()) {
+               if (last_change_time > 0 && 
+                   time(NULL) > (last_change_time + 
+                                 lp_machine_password_timeout())) {
+                       global_machine_password_needs_changing = True;
+               }
+       }
+
+       /*
+        * Treat each name in the 'password server =' line as a potential
+        * PDC/BDC. Contact each in turn and try and authenticate.
+        */
+
+       password_server = lp_passwordserver();
+
+       nt_status = domain_client_validate(mem_ctx, user_info, domain,
+                                          (uchar *)auth_context->challenge.data, 
+                                          server_info, 
+                                          password_server, lp_netbios_name(), SEC_CHAN_WKSTA, trust_passwd, last_change_time);
+       return nt_status;
+}
+
+/* module initialisation */
+NTSTATUS auth_init_ntdomain(struct auth_context *auth_context, const char* param, auth_methods **auth_method) 
+{
+       if (!make_auth_methods(auth_context, auth_method)) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       (*auth_method)->name = "ntdomain";
+       (*auth_method)->auth = check_ntdomain_security;
+       return NT_STATUS_OK;
+}
+
+
+/****************************************************************************
+ Check for a valid username and password in a trusted domain
+****************************************************************************/
+
+static NTSTATUS check_trustdomain_security(const struct auth_context *auth_context,
+                                          void *my_private_data, 
+                                          TALLOC_CTX *mem_ctx,
+                                          const auth_usersupplied_info *user_info, 
+                                          auth_serversupplied_info **server_info)
+{
+       NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
+       unsigned char trust_md4_password[16];
+       char *trust_password;
+       time_t last_change_time;
+       DOM_SID sid;
+
+       if (!user_info || !server_info || !auth_context) {
+               DEBUG(1,("check_trustdomain_security: Critical variables not present.  Failing.\n"));
+               return NT_STATUS_INVALID_PARAMETER;
+       }
+
+       /* 
+        * Check that the requested domain is not our own machine name.
+        * If it is, we should never check the PDC here, we use our own local
+        * password file.
+        */
+
+       if(is_myname(user_info->domain.str)) {
+               DEBUG(3,("check_trustdomain_security: Requested domain was for this machine.\n"));
+               return NT_STATUS_LOGON_FAILURE;
+       }
+
+       /* 
+        * Check that the requested domain is not our own domain,
+        * If it is, we should use our own local password file.
+        */
+
+       if(strequal(lp_workgroup(), (user_info->domain.str))) {
+               DEBUG(3,("check_trustdomain_security: Requested domain was for this domain.\n"));
+               return NT_STATUS_LOGON_FAILURE;
+       }
+
+       /*
+        * Get the trusted account password for the trusted domain
+        * No need to become_root() as secrets_init() is done at startup.
+        */
+
+       if (!secrets_fetch_trusted_domain_password(user_info->domain.str, &trust_password, &sid, &last_change_time))
+       {
+               DEBUG(0, ("check_trustdomain_security: could not fetch trust account password for domain %s\n", user_info->domain.str));
+               return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
+       }
+
+#ifdef DEBUG_PASSWORD
+       DEBUG(100, ("Trust password for domain %s is %s\n", user_info->domain.str, trust_password));
+#endif
+       E_md4hash(trust_password, trust_md4_password);
+       SAFE_FREE(trust_password);
+
+#if 0
+       /* Test if machine password is expired and need to be changed */
+       if (time(NULL) > last_change_time + lp_machine_password_timeout())
+       {
+               global_machine_password_needs_changing = True;
+       }
+#endif
+
+       nt_status = domain_client_validate(mem_ctx, user_info, user_info->domain.str,
+                                          (uchar *)auth_context->challenge.data, 
+                                          server_info, "*" /* Do a lookup */, 
+                                          lp_workgroup(), SEC_CHAN_DOMAIN, trust_md4_password, last_change_time);
+       
+       return nt_status;
+}
+
+/* module initialisation */
+NTSTATUS auth_init_trustdomain(struct auth_context *auth_context, const char* param, auth_methods **auth_method) 
+{
+       if (!make_auth_methods(auth_context, auth_method)) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       (*auth_method)->name = "trustdomain";
+       (*auth_method)->auth = check_trustdomain_security;
+       return NT_STATUS_OK;
+}
diff --git a/source/auth/auth_ntlmssp.c b/source/auth/auth_ntlmssp.c
new file mode 100644 (file)
index 0000000..b3dff8d
--- /dev/null
@@ -0,0 +1,138 @@
+/* 
+   Unix SMB/Netbios implementation.
+   Version 3.0
+   handle NLTMSSP, server side
+
+   Copyright (C) Andrew Tridgell      2001
+   Copyright (C) Andrew Bartlett 2001-2003
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+static const uint8 *auth_ntlmssp_get_challenge(struct ntlmssp_state *ntlmssp_state)
+{
+       AUTH_NTLMSSP_STATE *auth_ntlmssp_state = ntlmssp_state->auth_context;
+       return auth_ntlmssp_state->auth_context->get_ntlm_challenge(auth_ntlmssp_state->auth_context);
+}
+
+static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state) 
+{
+       AUTH_NTLMSSP_STATE *auth_ntlmssp_state = ntlmssp_state->auth_context;
+       uint32 auth_flags = AUTH_FLAG_NONE;
+       auth_usersupplied_info *user_info = NULL;
+       DATA_BLOB plaintext_password = data_blob(NULL, 0);
+       NTSTATUS nt_status;
+
+       if (auth_ntlmssp_state->ntlmssp_state->lm_resp.length) {
+               auth_flags |= AUTH_FLAG_LM_RESP;
+       }
+
+       if (auth_ntlmssp_state->ntlmssp_state->nt_resp.length == 24) {
+               auth_flags |= AUTH_FLAG_NTLM_RESP;
+       } else  if (auth_ntlmssp_state->ntlmssp_state->nt_resp.length > 24) {
+               auth_flags |= AUTH_FLAG_NTLMv2_RESP;
+       };
+
+       /* the client has given us its machine name (which we otherwise would not get on port 445).
+          we need to possibly reload smb.conf if smb.conf includes depend on the machine name */
+
+       sub_set_remote_machine(auth_ntlmssp_state->ntlmssp_state->workstation);
+
+       /* setup the string used by %U */
+       /* sub_set_smb_name checks for weird internally */
+       sub_set_user_name(auth_ntlmssp_state->ntlmssp_state->user);
+
+       reload_services(True);
+
+       nt_status = make_user_info_map(&user_info, 
+                                      auth_ntlmssp_state->ntlmssp_state->user, 
+                                      auth_ntlmssp_state->ntlmssp_state->domain, 
+                                      auth_ntlmssp_state->ntlmssp_state->workstation, 
+                                      auth_ntlmssp_state->ntlmssp_state->lm_resp, 
+                                      auth_ntlmssp_state->ntlmssp_state->nt_resp, 
+                                      plaintext_password, 
+                                      auth_flags, True);
+
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               return nt_status;
+       }
+
+       nt_status = auth_ntlmssp_state->auth_context->check_ntlm_password(auth_ntlmssp_state->auth_context, user_info, &auth_ntlmssp_state->server_info); 
+                       
+       free_user_info(&user_info);
+
+       return nt_status;
+}
+
+NTSTATUS auth_ntlmssp_start(AUTH_NTLMSSP_STATE **auth_ntlmssp_state)
+{
+       NTSTATUS nt_status;
+       TALLOC_CTX *mem_ctx;
+
+       mem_ctx = talloc_init("AUTH NTLMSSP context");
+       
+       *auth_ntlmssp_state = talloc_zero(mem_ctx, sizeof(**auth_ntlmssp_state));
+       if (!*auth_ntlmssp_state) {
+               DEBUG(0,("auth_ntlmssp_start: talloc failed!\n"));
+               talloc_destroy(mem_ctx);
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       ZERO_STRUCTP(*auth_ntlmssp_state);
+
+       (*auth_ntlmssp_state)->mem_ctx = mem_ctx;
+
+       if (!NT_STATUS_IS_OK(nt_status = ntlmssp_server_start(&(*auth_ntlmssp_state)->ntlmssp_state))) {
+               return nt_status;
+       }
+
+       if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&(*auth_ntlmssp_state)->auth_context))) {
+               return nt_status;
+       }
+
+       (*auth_ntlmssp_state)->ntlmssp_state->auth_context = (*auth_ntlmssp_state);
+       (*auth_ntlmssp_state)->ntlmssp_state->get_challenge = auth_ntlmssp_get_challenge;
+       (*auth_ntlmssp_state)->ntlmssp_state->check_password = auth_ntlmssp_check_password;
+       (*auth_ntlmssp_state)->ntlmssp_state->server_role = lp_server_role();
+
+       return NT_STATUS_OK;
+}
+
+NTSTATUS auth_ntlmssp_end(AUTH_NTLMSSP_STATE **auth_ntlmssp_state)
+{
+       TALLOC_CTX *mem_ctx = (*auth_ntlmssp_state)->mem_ctx;
+
+       if ((*auth_ntlmssp_state)->ntlmssp_state) {
+               ntlmssp_server_end(&(*auth_ntlmssp_state)->ntlmssp_state);
+       }
+       if ((*auth_ntlmssp_state)->auth_context) {
+               ((*auth_ntlmssp_state)->auth_context->free)(&(*auth_ntlmssp_state)->auth_context);
+       }
+       if ((*auth_ntlmssp_state)->server_info) {
+               free_server_info(&(*auth_ntlmssp_state)->server_info);
+       }
+       talloc_destroy(mem_ctx);
+       *auth_ntlmssp_state = NULL;
+       return NT_STATUS_OK;
+}
+
+NTSTATUS auth_ntlmssp_update(AUTH_NTLMSSP_STATE *auth_ntlmssp_state, 
+                            const DATA_BLOB request, DATA_BLOB *reply) 
+{
+       return ntlmssp_server_update(auth_ntlmssp_state->ntlmssp_state, request, reply);
+}
+
diff --git a/source/auth/auth_sam.c b/source/auth/auth_sam.c
new file mode 100644 (file)
index 0000000..1d097c9
--- /dev/null
@@ -0,0 +1,564 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Password and authentication handling
+   Copyright (C) Andrew Tridgell              1992-2000
+   Copyright (C) Luke Kenneth Casson Leighton 1996-2000
+   Copyright (C) Andrew Bartlett              2001
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_AUTH
+
+/****************************************************************************
+core of smb password checking routine.
+****************************************************************************/
+static BOOL smb_pwd_check_ntlmv1(DATA_BLOB nt_response,
+                                const uchar *part_passwd,
+                                DATA_BLOB sec_blob,
+                                uint8 user_sess_key[16])
+{
+       /* Finish the encryption of part_passwd. */
+       uchar p24[24];
+       
+       if (part_passwd == NULL) {
+               DEBUG(10,("No password set - DISALLOWING access\n"));
+               /* No password set - always false ! */
+               return False;
+       }
+       
+       if (sec_blob.length != 8) {
+               DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challenge size (%d)\n", sec_blob.length));
+               return False;
+       }
+       
+       if (nt_response.length != 24) {
+               DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect password length (%d)\n", nt_response.length));
+               return False;
+       }
+
+       SMBOWFencrypt(part_passwd, sec_blob.data, p24);
+       if (user_sess_key != NULL)
+       {
+               SMBsesskeygen_ntv1(part_passwd, NULL, user_sess_key);
+       }
+       
+       
+       
+#if DEBUG_PASSWORD
+       DEBUG(100,("Part password (P16) was |"));
+       dump_data(100, part_passwd, 16);
+       DEBUG(100,("Password from client was |"));
+       dump_data(100, nt_response.data, nt_response.length);
+       DEBUG(100,("Given challenge was |"));
+       dump_data(100, sec_blob.data, sec_blob.length);
+       DEBUG(100,("Value from encryption was |"));
+       dump_data(100, p24, 24);
+#endif
+  return (memcmp(p24, nt_response.data, 24) == 0);
+}
+
+
+/****************************************************************************
+core of smb password checking routine. (NTLMv2, LMv2)
+
+Note:  The same code works with both NTLMv2 and LMv2.
+****************************************************************************/
+static BOOL smb_pwd_check_ntlmv2(const DATA_BLOB ntv2_response,
+                                const uchar *part_passwd,
+                                const DATA_BLOB sec_blob,
+                                const char *user, const char *domain,
+                                uint8 user_sess_key[16])
+{
+       /* Finish the encryption of part_passwd. */
+       uchar kr[16];
+       uchar value_from_encryption[16];
+       uchar client_response[16];
+       DATA_BLOB client_key_data;
+
+       if (part_passwd == NULL)
+       {
+               DEBUG(10,("No password set - DISALLOWING access\n"));
+               /* No password set - always False */
+               return False;
+       }
+
+       if (ntv2_response.length < 16) {
+               /* We MUST have more than 16 bytes, or the stuff below will go
+                  crazy... */
+               DEBUG(0, ("smb_pwd_check_ntlmv2: incorrect password length (%d)\n", 
+                         ntv2_response.length));
+               return False;
+       }
+
+       client_key_data = data_blob(ntv2_response.data+16, ntv2_response.length-16);
+       /* 
+          todo:  should we be checking this for anything?  We can't for LMv2, 
+          but for NTLMv2 it is meant to contain the current time etc.
+       */
+
+       memcpy(client_response, ntv2_response.data, sizeof(client_response));
+
+       if (!ntv2_owf_gen(part_passwd, user, domain, kr)) {
+               return False;
+       }
+
+       SMBOWFencrypt_ntv2(kr, sec_blob, client_key_data, value_from_encryption);
+       if (user_sess_key != NULL)
+       {
+               SMBsesskeygen_ntv2(kr, value_from_encryption, user_sess_key);
+       }
+
+#if DEBUG_PASSWORD
+       DEBUG(100,("Part password (P16) was |"));
+       dump_data(100, part_passwd, 16);
+       DEBUG(100,("Password from client was |"));
+       dump_data(100, ntv2_response.data, ntv2_response.length);
+       DEBUG(100,("Variable data from client was |"));
+       dump_data(100, client_key_data.data, client_key_data.length);
+       DEBUG(100,("Given challenge was |"));
+       dump_data(100, sec_blob.data, sec_blob.length);
+       DEBUG(100,("Value from encryption was |"));
+       dump_data(100, value_from_encryption, 16);
+#endif
+       data_blob_clear_free(&client_key_data);
+       return (memcmp(value_from_encryption, client_response, 16) == 0);
+}
+
+
+/****************************************************************************
+ Do a specific test for an smb password being correct, given a smb_password and
+ the lanman and NT responses.
+****************************************************************************/
+static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
+                               TALLOC_CTX *mem_ctx,
+                               SAM_ACCOUNT *sampass, 
+                               const auth_usersupplied_info *user_info, 
+                               uint8 user_sess_key[16])
+{
+       uint16 acct_ctrl;
+       const uint8 *nt_pw, *lm_pw;
+       uint32 auth_flags;
+
+       acct_ctrl = pdb_get_acct_ctrl(sampass);
+       if (acct_ctrl & ACB_PWNOTREQ) 
+       {
+               if (lp_null_passwords()) 
+               {
+                       DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", pdb_get_username(sampass)));
+                       return(NT_STATUS_OK);
+               } 
+               else 
+               {
+                       DEBUG(3,("Account for user '%s' has no password and null passwords are NOT allowed.\n", pdb_get_username(sampass)));
+                       return(NT_STATUS_LOGON_FAILURE);
+               }               
+       }
+
+       auth_flags = user_info->auth_flags;
+
+       if (IS_SAM_DEFAULT(sampass, PDB_NTPASSWD)) {
+               DEBUG(3,("sam_password_ok: NO NT password stored for user %s.\n", 
+                        pdb_get_username(sampass)));
+               /* No return, we want to check the LM hash below in this case */
+               auth_flags &= (~(AUTH_FLAG_NTLMv2_RESP |  AUTH_FLAG_NTLM_RESP));
+       }
+       
+       if (auth_flags & AUTH_FLAG_NTLMv2_RESP) {
+               nt_pw = pdb_get_nt_passwd(sampass);
+               /* We have the NT MD4 hash challenge available - see if we can
+                  use it (ie. does it exist in the smbpasswd file).
+               */
+               DEBUG(4,("sam_password_ok: Checking NTLMv2 password with domain [%s]\n", user_info->client_domain.str));
+               if (smb_pwd_check_ntlmv2( user_info->nt_resp, 
+                                         nt_pw, auth_context->challenge, 
+                                         user_info->smb_name.str, 
+                                         user_info->client_domain.str,
+                                         user_sess_key))
+               {
+                       return NT_STATUS_OK;
+               }
+
+               DEBUG(4,("sam_password_ok: Checking NTLMv2 password without a domain\n"));
+               if (smb_pwd_check_ntlmv2( user_info->nt_resp, 
+                                         nt_pw, auth_context->challenge, 
+                                         user_info->smb_name.str, 
+                                         "",
+                                         user_sess_key))
+               {
+                       return NT_STATUS_OK;
+               } else {
+                       DEBUG(3,("sam_password_ok: NTLMv2 password check failed\n"));
+                       return NT_STATUS_WRONG_PASSWORD;
+               }
+       } else if (auth_flags & AUTH_FLAG_NTLM_RESP) {
+               if (lp_ntlm_auth()) {           
+                       nt_pw = pdb_get_nt_passwd(sampass);
+                       /* We have the NT MD4 hash challenge available - see if we can
+                          use it (ie. does it exist in the smbpasswd file).
+                       */
+                       DEBUG(4,("sam_password_ok: Checking NT MD4 password\n"));
+                       if (smb_pwd_check_ntlmv1(user_info->nt_resp, 
+                                                nt_pw, auth_context->challenge,
+                                                user_sess_key)) 
+                       {
+                               return NT_STATUS_OK;
+                       } else {
+                               DEBUG(3,("sam_password_ok: NT MD4 password check failed for user %s\n",pdb_get_username(sampass)));
+                               return NT_STATUS_WRONG_PASSWORD;
+                       }
+               } else {
+                       DEBUG(2,("sam_password_ok: NTLMv1 passwords NOT PERMITTED for user %s\n",pdb_get_username(sampass)));                   
+                       /* no return, becouse we might pick up LMv2 in the LM feild */
+               }
+       }
+       
+       if (auth_flags & AUTH_FLAG_LM_RESP) {
+               if (user_info->lm_resp.length != 24) {
+                       DEBUG(2,("sam_password_ok: invalid LanMan password length (%d) for user %s\n", 
+                                user_info->nt_resp.length, pdb_get_username(sampass)));                
+               }
+               
+               if (!lp_lanman_auth()) {
+                       DEBUG(3,("sam_password_ok: Lanman passwords NOT PERMITTED for user %s\n",pdb_get_username(sampass)));
+               } else if (IS_SAM_DEFAULT(sampass, PDB_LMPASSWD)) {
+                       DEBUG(3,("sam_password_ok: NO LanMan password set for user %s (and no NT password supplied)\n",pdb_get_username(sampass)));
+               } else {
+                       lm_pw = pdb_get_lanman_passwd(sampass);
+                       
+                       DEBUG(4,("sam_password_ok: Checking LM password\n"));
+                       if (smb_pwd_check_ntlmv1(user_info->lm_resp, 
+                                                lm_pw, auth_context->challenge,
+                                                user_sess_key)) 
+                       {
+                               return NT_STATUS_OK;
+                       }
+               }
+
+               if (IS_SAM_DEFAULT(sampass, PDB_NTPASSWD)) {
+                       DEBUG(4,("sam_password_ok: LM password check failed for user, no NT password %s\n",pdb_get_username(sampass)));
+                       return NT_STATUS_WRONG_PASSWORD;
+               } 
+               
+               nt_pw = pdb_get_nt_passwd(sampass);
+
+               /* This is for 'LMv2' authentication.  almost NTLMv2 but limited to 24 bytes.
+                  - related to Win9X, legacy NAS pass-though authentication
+               */
+               DEBUG(4,("sam_password_ok: Checking LMv2 password with domain %s\n", user_info->client_domain.str));
+               if (smb_pwd_check_ntlmv2( user_info->lm_resp, 
+                                         nt_pw, auth_context->challenge, 
+                                         user_info->smb_name.str, 
+                                         user_info->client_domain.str,
+                                         user_sess_key))
+               {
+                       return NT_STATUS_OK;
+               }
+
+               DEBUG(4,("sam_password_ok: Checking LMv2 password without a domain\n"));
+               if (smb_pwd_check_ntlmv2( user_info->lm_resp, 
+                                         nt_pw, auth_context->challenge, 
+                                         user_info->smb_name.str, 
+                                         "",
+                                         user_sess_key))
+               {
+                       return NT_STATUS_OK;
+               }
+
+               /* Apparently NT accepts NT responses in the LM field
+                  - I think this is related to Win9X pass-though authentication
+               */
+               DEBUG(4,("sam_password_ok: Checking NT MD4 password in LM field\n"));
+               if (lp_ntlm_auth()) 
+               {
+                       if (smb_pwd_check_ntlmv1(user_info->lm_resp, 
+                                                nt_pw, auth_context->challenge,
+                                                user_sess_key)) 
+                       {
+                               return NT_STATUS_OK;
+                       }
+                       DEBUG(3,("sam_password_ok: LM password, NT MD4 password in LM field and LMv2 failed for user %s\n",pdb_get_username(sampass)));
+                       return NT_STATUS_WRONG_PASSWORD;
+               } else {
+                       DEBUG(3,("sam_password_ok: LM password and LMv2 failed for user %s, and NT MD4 password in LM field not permitted\n",pdb_get_username(sampass)));
+                       return NT_STATUS_WRONG_PASSWORD;
+               }
+                       
+       }
+               
+       /* Should not be reached, but if they send nothing... */
+       DEBUG(3,("sam_password_ok: NEITHER LanMan nor NT password supplied for user %s\n",pdb_get_username(sampass)));
+       return NT_STATUS_WRONG_PASSWORD;
+}
+
+/****************************************************************************
+ Do a specific test for a SAM_ACCOUNT being vaild for this connection 
+ (ie not disabled, expired and the like).
+****************************************************************************/
+static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx,
+                              SAM_ACCOUNT *sampass, 
+                              const auth_usersupplied_info *user_info)
+{
+       uint16  acct_ctrl = pdb_get_acct_ctrl(sampass);
+       char *workstation_list;
+       time_t kickoff_time;
+       
+       DEBUG(4,("sam_account_ok: Checking SMB password for user %s\n",pdb_get_username(sampass)));
+
+       /* Quit if the account was disabled. */
+       if (acct_ctrl & ACB_DISABLED) {
+               DEBUG(1,("Account for user '%s' was disabled.\n", pdb_get_username(sampass)));
+               return NT_STATUS_ACCOUNT_DISABLED;
+       }
+
+       /* Test account expire time */
+       
+       kickoff_time = pdb_get_kickoff_time(sampass);
+       if (kickoff_time != 0 && time(NULL) > kickoff_time) {
+               DEBUG(1,("Account for user '%s' has expried.\n", pdb_get_username(sampass)));
+               DEBUG(3,("Account expired at '%ld' unix time.\n", (long)kickoff_time));
+               return NT_STATUS_ACCOUNT_EXPIRED;
+       }
+
+       if (!(pdb_get_acct_ctrl(sampass) & ACB_PWNOEXP)) {
+               time_t must_change_time = pdb_get_pass_must_change_time(sampass);
+               time_t last_set_time = pdb_get_pass_last_set_time(sampass);
+
+               /* check for immediate expiry "must change at next logon" */
+               if (must_change_time == 0 && last_set_time != 0) {
+                       DEBUG(1,("Account for user '%s' password must change!.\n", pdb_get_username(sampass)));
+                       return NT_STATUS_PASSWORD_MUST_CHANGE;
+               }
+
+               /* check for expired password */
+               if (must_change_time < time(NULL) && must_change_time != 0) {
+                       DEBUG(1,("Account for user '%s' password expired!.\n", pdb_get_username(sampass)));
+                       DEBUG(1,("Password expired at '%s' (%ld) unix time.\n", http_timestring(mem_ctx, must_change_time), (long)must_change_time));
+                       return NT_STATUS_PASSWORD_EXPIRED;
+               }
+       }
+
+       /* Test workstation. Workstation list is comma separated. */
+
+       workstation_list = talloc_strdup(mem_ctx, pdb_get_workstations(sampass));
+
+       if (!workstation_list) return NT_STATUS_NO_MEMORY;
+
+       if (*workstation_list) {
+               BOOL invalid_ws = True;
+               const char *s = workstation_list;
+                       
+               fstring tok;
+                       
+               while (next_token(&s, tok, ",", sizeof(tok))) {
+                       DEBUG(10,("checking for workstation match %s and %s (len=%d)\n",
+                                 tok, user_info->wksta_name.str, user_info->wksta_name.len));
+                       if(strequal(tok, user_info->wksta_name.str)) {
+                               invalid_ws = False;
+                               break;
+                       }
+               }
+               
+               if (invalid_ws) 
+                       return NT_STATUS_INVALID_WORKSTATION;
+       }
+
+       if (acct_ctrl & ACB_DOMTRUST) {
+               DEBUG(2,("sam_account_ok: Domain trust account %s denied by server\n", pdb_get_username(sampass)));
+               return NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT;
+       }
+       
+       if (acct_ctrl & ACB_SVRTRUST) {
+               DEBUG(2,("sam_account_ok: Server trust account %s denied by server\n", pdb_get_username(sampass)));
+               return NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT;
+       }
+       
+       if (acct_ctrl & ACB_WSTRUST) {
+               DEBUG(4,("sam_account_ok: Wksta trust account %s denied by server\n", pdb_get_username(sampass)));
+               return NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT;
+       }
+       
+       return NT_STATUS_OK;
+}
+
+
+/****************************************************************************
+check if a username/password is OK assuming the password is a 24 byte
+SMB hash supplied in the user_info structure
+return an NT_STATUS constant.
+****************************************************************************/
+
+static NTSTATUS check_sam_security(const struct auth_context *auth_context,
+                                  void *my_private_data, 
+                                  TALLOC_CTX *mem_ctx,
+                                  const auth_usersupplied_info *user_info, 
+                                  auth_serversupplied_info **server_info)
+{
+       SAM_ACCOUNT *sampass=NULL;
+       BOOL ret;
+       NTSTATUS nt_status;
+       uint8 user_sess_key[16];
+       const uint8* lm_hash;
+
+       if (!user_info || !auth_context) {
+               return NT_STATUS_UNSUCCESSFUL;
+       }
+
+       /* Can't use the talloc version here, becouse the returned struct gets
+          kept on the server_info */
+       if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(&sampass))) {
+               return nt_status;
+       }
+
+       /* get the account information */
+
+       become_root();
+       ret = pdb_getsampwnam(sampass, user_info->internal_username.str);
+       unbecome_root();
+
+       if (ret == False)
+       {
+               DEBUG(3,("Couldn't find user '%s' in passdb file.\n", user_info->internal_username.str));
+               pdb_free_sam(&sampass);
+               return NT_STATUS_NO_SUCH_USER;
+       }
+
+       nt_status = sam_account_ok(mem_ctx, sampass, user_info);
+       
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               pdb_free_sam(&sampass);
+               return nt_status;
+       }
+
+       nt_status = sam_password_ok(auth_context, mem_ctx, sampass, user_info, user_sess_key);
+
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               pdb_free_sam(&sampass);
+               return nt_status;
+       }
+
+       if (!NT_STATUS_IS_OK(nt_status = make_server_info_sam(server_info, sampass))) {         
+               DEBUG(0,("check_sam_security: make_server_info_sam() failed with '%s'\n", nt_errstr(nt_status)));
+               return nt_status;
+       }
+
+       lm_hash = pdb_get_lanman_passwd((*server_info)->sam_account);
+       if (lm_hash) {
+               memcpy((*server_info)->first_8_lm_hash, lm_hash, 8);
+       }
+       
+       memcpy((*server_info)->session_key, user_sess_key, sizeof(user_sess_key));
+
+       return nt_status;
+}
+
+/* module initialisation */
+NTSTATUS auth_init_sam(struct auth_context *auth_context, const char *param, auth_methods **auth_method) 
+{
+       if (!make_auth_methods(auth_context, auth_method)) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       (*auth_method)->auth = check_sam_security;      
+       (*auth_method)->name = "sam";
+       return NT_STATUS_OK;
+}
+
+
+/****************************************************************************
+Check SAM security (above) but with a few extra checks.
+****************************************************************************/
+
+static NTSTATUS check_samstrict_security(const struct auth_context *auth_context,
+                                        void *my_private_data, 
+                                        TALLOC_CTX *mem_ctx,
+                                        const auth_usersupplied_info *user_info, 
+                                        auth_serversupplied_info **server_info)
+{
+
+       if (!user_info || !auth_context) {
+               return NT_STATUS_LOGON_FAILURE;
+       }
+
+       /* If we are a domain member, we must not 
+          attempt to check the password locally,
+          unless it is one of our aliases. */
+       
+       if (!is_myname(user_info->domain.str)) {
+               DEBUG(7,("The requested user domain is not the local server name. [%s]\\[%s]\n",
+                       user_info->domain.str,user_info->internal_username.str));
+               return NT_STATUS_NO_SUCH_USER;
+       }
+       
+       return check_sam_security(auth_context, my_private_data, mem_ctx, user_info, server_info);
+}
+
+/* module initialisation */
+NTSTATUS auth_init_samstrict(struct auth_context *auth_context, const char *param, auth_methods **auth_method) 
+{
+       if (!make_auth_methods(auth_context, auth_method)) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       (*auth_method)->auth = check_samstrict_security;
+       (*auth_method)->name = "samstrict";
+       return NT_STATUS_OK;
+}
+
+/****************************************************************************
+Check SAM security (above) but with a few extra checks if we're a DC.
+****************************************************************************/
+
+static NTSTATUS check_samstrict_dc_security(const struct auth_context *auth_context,
+                                        void *my_private_data, 
+                                        TALLOC_CTX *mem_ctx,
+                                        const auth_usersupplied_info *user_info, 
+                                        auth_serversupplied_info **server_info)
+{
+
+       if (!user_info || !auth_context) {
+               return NT_STATUS_LOGON_FAILURE;
+       }
+
+       /* If we are a domain member, we must not 
+          attempt to check the password locally,
+          unless it is one of our aliases, empty
+          or our domain if we are a logon server.*/
+       
+
+       if ((strcasecmp(lp_workgroup(), user_info->domain.str) != 0) &&
+           (!is_myname(user_info->domain.str))) {
+               DEBUG(7,("The requested user domain is not the local server name or our domain. [%s]\\[%s]\n",
+                       user_info->domain.str,user_info->internal_username.str));
+               return NT_STATUS_NO_SUCH_USER;
+       }               
+
+       return check_sam_security(auth_context, my_private_data, mem_ctx, user_info, server_info);
+}
+
+/* module initialisation */
+NTSTATUS auth_init_samstrict_dc(struct auth_context *auth_context, const char *param, auth_methods **auth_method) 
+{
+       if (!make_auth_methods(auth_context, auth_method)) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       (*auth_method)->auth = check_samstrict_dc_security;
+       (*auth_method)->name = "samstrict_dc";
+       return NT_STATUS_OK;
+}
diff --git a/source/auth/auth_server.c b/source/auth/auth_server.c
new file mode 100644 (file)
index 0000000..620d9a3
--- /dev/null
@@ -0,0 +1,402 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Authenticate to a remote server
+   Copyright (C) Andrew Tridgell 1992-1998
+   Copyright (C) Andrew Bartlett 2001
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_AUTH
+
+extern userdom_struct current_user_info;
+
+/****************************************************************************
+ Support for server level security.
+****************************************************************************/
+
+static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
+{
+       struct cli_state *cli = NULL;
+       fstring desthost;
+       struct in_addr dest_ip;
+       const char *p;
+       char *pserver;
+       BOOL connected_ok = False;
+
+       if (!(cli = cli_initialise(cli)))
+               return NULL;
+
+       /* security = server just can't function with spnego */
+       cli->use_spnego = False;
+
+        pserver = talloc_strdup(mem_ctx, lp_passwordserver());
+       p = pserver;
+
+        while(next_token( &p, desthost, LIST_SEP, sizeof(desthost))) {
+               standard_sub_basic(current_user_info.smb_name, desthost, sizeof(desthost));
+               strupper(desthost);
+
+               if(!resolve_name( desthost, &dest_ip, 0x20)) {
+                       DEBUG(1,("server_cryptkey: Can't resolve address for %s\n",desthost));
+                       continue;
+               }
+
+               if (ismyip(dest_ip)) {
+                       DEBUG(1,("Password server loop - disabling password server %s\n",desthost));
+                       continue;
+               }
+
+               /* we use a mutex to prevent two connections at once - when a 
+                  Win2k PDC get two connections where one hasn't completed a 
+                  session setup yet it will send a TCP reset to the first 
+                  connection (tridge) */
+
+               if (!grab_server_mutex(desthost)) {
+                       return NULL;
+               }
+
+               if (cli_connect(cli, desthost, &dest_ip)) {
+                       DEBUG(3,("connected to password server %s\n",desthost));
+                       connected_ok = True;
+                       break;
+               }
+       }
+
+       if (!connected_ok) {
+               release_server_mutex();
+               DEBUG(0,("password server not available\n"));
+               cli_shutdown(cli);
+               return NULL;
+       }
+       
+       if (!attempt_netbios_session_request(cli, lp_netbios_name(), 
+                                            desthost, &dest_ip)) {
+               release_server_mutex();
+               DEBUG(1,("password server fails session request\n"));
+               cli_shutdown(cli);
+               return NULL;
+       }
+       
+       if (strequal(desthost,myhostname(mem_ctx))) {
+               exit_server("Password server loop!");
+       }
+       
+       DEBUG(3,("got session\n"));
+
+       if (!cli_negprot(cli)) {
+               DEBUG(1,("%s rejected the negprot\n",desthost));
+               release_server_mutex();
+               cli_shutdown(cli);
+               return NULL;
+       }
+
+       if (cli->protocol < PROTOCOL_LANMAN2 ||
+           !(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
+               DEBUG(1,("%s isn't in user level security mode\n",desthost));
+               release_server_mutex();
+               cli_shutdown(cli);
+               return NULL;
+       }
+
+       /* Get the first session setup done quickly, to avoid silly 
+          Win2k bugs.  (The next connection to the server will kill
+          this one... 
+       */
+
+       if (!cli_session_setup(cli, "", "", 0, "", 0,
+                              "")) {
+               DEBUG(0,("%s rejected the initial session setup (%s)\n",
+                        desthost, cli_errstr(cli)));
+               release_server_mutex();
+               cli_shutdown(cli);
+               return NULL;
+       }
+       
+       release_server_mutex();
+       
+       DEBUG(3,("password server OK\n"));
+       
+       return cli;
+}
+
+/****************************************************************************
+ Clean up our allocated cli.
+****************************************************************************/
+
+static void free_server_private_data(void **private_data_pointer) 
+{
+       struct cli_state **cli = (struct cli_state **)private_data_pointer;
+       if (*cli && (*cli)->initialised) {
+               cli_shutdown(*cli);
+       }
+}
+
+/****************************************************************************
+ Send a 'keepalive' packet down the cli pipe.
+****************************************************************************/
+
+static void send_server_keepalive(void **private_data_pointer) 
+{
+       struct cli_state **cli = (struct cli_state **)private_data_pointer;
+       
+       /* also send a keepalive to the password server if its still
+          connected */
+       if (cli && *cli && (*cli)->initialised) {
+               if (!send_nbt_keepalive((*cli)->fd)) {
+                       DEBUG( 2, ( "password server keepalive failed.\n"));
+                       cli_shutdown(*cli);
+               }
+       }
+}
+
+/****************************************************************************
+ Get the challenge out of a password server.
+****************************************************************************/
+
+static DATA_BLOB auth_get_challenge_server(const struct auth_context *auth_context,
+                                          void **my_private_data, 
+                                          TALLOC_CTX *mem_ctx)
+{
+       struct cli_state *cli = server_cryptkey(mem_ctx);
+       
+       if (cli) {
+               DEBUG(3,("using password server validation\n"));
+
+               if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0) {
+                       /* We can't work with unencrypted password servers
+                          unless 'encrypt passwords = no' */
+                       DEBUG(5,("make_auth_info_server: Server is unencrypted, no challenge available..\n"));
+                       
+                       /* However, it is still a perfectly fine connection
+                          to pass that unencrypted password over */
+                       *my_private_data = (void *)cli;
+                       return data_blob(NULL, 0);
+                       
+               } else if (cli->secblob.length < 8) {
+                       /* We can't do much if we don't get a full challenge */
+                       DEBUG(2,("make_auth_info_server: Didn't receive a full challenge from server\n"));
+                       cli_shutdown(cli);
+                       return data_blob(NULL, 0);
+               }
+
+               *my_private_data = (void *)cli;
+
+               /* The return must be allocated on the caller's mem_ctx, as our own will be
+                  destoyed just after the call. */