Michael Adam [Tue, 11 Dec 2007 12:05:44 +0000 (13:05 +0100)]
Let get_trust_pw() determine the machine_account_name to use.
Up to now each caller used its own logic.
This eliminates code paths where there was a special treatment
of the following situation: the domain given is not our workgroup
(i.e. our own domain) and we are not a DC (i.e. it is not a typical
trusted domain situation). In situation the given domain name was
previously used as the machine account name, resulting in an account
name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me.
get_trust_pw would not have obtained a password in this situation
anyways.
I hope I have not missed an important point here!
Michael
Michael Adam [Tue, 11 Dec 2007 11:47:28 +0000 (12:47 +0100)]
Streamline logic in cm_connect_netlogon()
by retrieving trust password only, when it will be used.
Michael
Michael Adam [Tue, 11 Dec 2007 07:52:20 +0000 (08:52 +0100)]
In cm_prepare_connection(), only get auth user creds if we need to.
Michael
Michael Adam [Mon, 10 Dec 2007 22:53:55 +0000 (23:53 +0100)]
Remove two unneeded functions.
secrets_store_trust_account_password() and trust_password_delete()
are the write access functions to the SECRETS/$MACHINE.ACC/domain keys
in secrets.tdb, the md4 hashed machine passwords. These are not used
any more: Current code always writes the clear text password.
Michael
Michael Adam [Wed, 12 Dec 2007 17:03:20 +0000 (18:03 +0100)]
Fix for bug #4801: Correctly implement lsa lookup levels for lookupnames.
This is a first patch aimed at fixing bug #4801.
It is still incomplete in that winbindd does not walk
the the trusted domains to lookup unqualified names here.
Apart from that this fix should be pretty much complete.
Michael
James Peach [Thu, 13 Dec 2007 06:12:10 +0000 (22:12 -0800)]
Fix typo.
James Peach [Sat, 13 Oct 2007 05:16:22 +0000 (22:16 -0700)]
Autoconf support for detecting DNS Service Discovery support.
Patch from Rishi Srivatsavai <rishisv@gmail.com>, with some
adaptations.
Jeremy Allison [Thu, 13 Dec 2007 03:12:18 +0000 (19:12 -0800)]
Missed one strcpy call.
Jeremy.
Jeremy Allison [Thu, 13 Dec 2007 03:06:04 +0000 (19:06 -0800)]
Add a portable version of strlcpy and strlcat and convert
all strncpy/strcat calls to them.
Convert all sprintf calls to snprintf. Safety first !
Jeremy.
Jeremy Allison [Thu, 13 Dec 2007 02:45:13 +0000 (18:45 -0800)]
Fix bug #4784. Patch from Steve Langasek <vorlon@debian.org>.
Jeremy.
Jeremy Allison [Thu, 13 Dec 2007 02:38:52 +0000 (18:38 -0800)]
Developer doesn't cut it - need #define test for NSS_WRAPPER.
Hopefully this should fix the buildfarm.
Jeremy.
Jeremy Allison [Thu, 13 Dec 2007 02:07:02 +0000 (18:07 -0800)]
Only add the non-root escape on !developer.
Jeremy.
Jeremy Allison [Thu, 13 Dec 2007 01:56:28 +0000 (17:56 -0800)]
Fix the buildfarm until I figure out how to allow
smbpasswd -L for non-root on the buildfarm only.
Jeremy.
Jeremy Allison [Thu, 13 Dec 2007 01:26:49 +0000 (17:26 -0800)]
Fix bug #3727 with patch from Steve Langasek <vorlon@debian.org>
Jeremy.
Günther Deschner [Wed, 12 Dec 2007 17:57:45 +0000 (18:57 +0100)]
Make heimdal and MIT happy when iterating through auth data.
Guenther
Guenther Deschner [Wed, 12 Dec 2007 12:38:28 +0000 (13:38 +0100)]
Vista SP1-rc1 appears to break against Samba-3.0.27a
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Jason,
Jason Haar wrote:
> Patched 3.0.28, compiled, installed and here's the log file.
>
> Hope it helps. BTW I don't think it matters, but this is on 32bit
> CentOS4.5 systems.
yes, it helps. Thanks for that.
Very interesting, there are two auth data structures where the first one
is a PAC and the second something unknown (yet).
Can you please try the attached fix ? It should make it work again.
Guenther
- --
Günther Deschner GPG-ID:
8EE11688
Red Hat gdeschner@redhat.com
Samba Team gd@samba.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFHX9ZESOk3aI7hFogRAivSAJ9bMcD+PcsIzjYYLtAUoLNfVVEl1QCfV/Qd
MPsZW4G31VOVu64SPjgnJiI=
=Co+H
-----END PGP SIGNATURE-----
Michael Adam [Wed, 12 Dec 2007 12:50:48 +0000 (13:50 +0100)]
Fix logic and prevent segfaults in secrets trustdom tdb pack code.
New size calculation logic in tdb_trusted_dom_pass_pack()
and tdb_sid_pack() used accumulated sizes as successive offsets
to buffer pointer.
Michael
Michael Adam [Wed, 12 Dec 2007 12:37:46 +0000 (13:37 +0100)]
Fix secrets_store_trusted_domain_password() after pstring removal.
Jeremy, this small "&" sign has given me a headache... :-)
Michael
Jeremy Allison [Wed, 12 Dec 2007 17:42:58 +0000 (09:42 -0800)]
Allow cliconnect to loop through multiple ip addresses
for a server. We should have been doing this for a while,
but it's more critical with IPv6.
Original patch fixed up by James.
Jeremy.
Andreas Schneider [Fri, 23 Nov 2007 09:54:48 +0000 (10:54 +0100)]
Don't restart winbind if a corrupted tdb is found during initialization.
The tdb is validated before it gets initialized. Since then sighandlers changed
a restart isn't needed anymore.
Stefan Metzmacher [Wed, 12 Dec 2007 08:51:56 +0000 (09:51 +0100)]
winbindd: remove unused WINBINDD_DUMP_MAPS support
Also the design of this function was really bad,
instead do the dump into a file, the client should get
back the list of mappings.
metze
Stefan Metzmacher [Wed, 12 Dec 2007 08:02:23 +0000 (09:02 +0100)]
winbindd: remove unused WINBINDD_DUAL_NAME2*ID and WINBINDD_DUAL_*ID2NAME calls
WINBINDD_DUAL_UID2NAME
WINBINDD_DUAL_NAME2UID
WINBINDD_DUAL_GID2NAME
WINBINDD_DUAL_NAME2GID
metze
Günther Deschner [Tue, 11 Dec 2007 16:40:52 +0000 (17:40 +0100)]
Add lp_include_registry_globals().
Guenther
Günther Deschner [Tue, 11 Dec 2007 20:22:04 +0000 (21:22 +0100)]
Some cleanups for "net dom join".
Guenther
Günther Deschner [Tue, 11 Dec 2007 23:42:22 +0000 (00:42 +0100)]
Add split_domain_user() (not to mix with winbind variants).
Guenther
Günther Deschner [Tue, 11 Dec 2007 23:44:10 +0000 (00:44 +0100)]
Make decode_wkssvc_join_password_buffer() return WERRORs.
Guenther
Jeremy Allison [Tue, 11 Dec 2007 23:10:37 +0000 (15:10 -0800)]
Fix warning message about data type always true.
Jeremy.
Jeremy Allison [Tue, 11 Dec 2007 21:16:35 +0000 (13:16 -0800)]
Add patches for bug #4866 from jiri sasek - Sun Microsystems - Prague Czech Republic <Jiri.Sasek@Sun.COM>
- slightly modified - Jiri please check ! to allow Solaris to get passwords > 8 chars.
Jeremy.
Stefan Metzmacher [Tue, 11 Dec 2007 14:08:18 +0000 (15:08 +0100)]
winbindd: pass const char *logfile to winbindd_dump_maps_async()
metze
Volker Lendecke [Mon, 10 Dec 2007 20:36:28 +0000 (21:36 +0100)]
Convert the posix_pending_close_db to dbwrap_rbt
Volker Lendecke [Tue, 11 Dec 2007 10:14:30 +0000 (11:14 +0100)]
separate out create_file_unixpath()
Volker Lendecke [Tue, 11 Dec 2007 09:49:26 +0000 (10:49 +0100)]
Move more stuff out of the way
Volker Lendecke [Tue, 11 Dec 2007 09:36:59 +0000 (10:36 +0100)]
Move INTERNAL_OPEN_ONLY calculation out of the way
Günther Deschner [Tue, 11 Dec 2007 13:57:30 +0000 (14:57 +0100)]
When building nsswitch, make sure to also build smbcontrol.
Guenther
Günther Deschner [Tue, 11 Dec 2007 11:28:10 +0000 (12:28 +0100)]
Replace "unknown" with access_mask when calling samr_CreateUser2().
Guenther
Stefan Metzmacher [Fri, 7 Dec 2007 15:00:45 +0000 (16:00 +0100)]
winbindd: rename child table struct elements
Add struct_ prefix to struct based protocol specific
elemetens struct winbindd_child_dispatch_table.
metze
Stefan Metzmacher [Mon, 10 Dec 2007 18:19:54 +0000 (19:19 +0100)]
idmap: add a const to idmap_dump_maps()
metze
Kai Blin [Mon, 10 Dec 2007 21:30:24 +0000 (22:30 +0100)]
vlp: Build vlp (virtual line printer) against current git on make
everything.
Jeremy Allison [Mon, 10 Dec 2007 23:31:05 +0000 (15:31 -0800)]
Don't need an fstring here, we can talloc.
Jeremy.
Jeremy Allison [Mon, 10 Dec 2007 23:06:31 +0000 (15:06 -0800)]
Ensure we have a non-null flags. Pointed out by Andreas Schneider <anschneider@suse.de>.
Jeremy.
Jeremy Allison [Mon, 10 Dec 2007 22:21:28 +0000 (14:21 -0800)]
Fix errors from next_token conversion. Spotted by
Andreas Schneider <anschneider@suse.de>.
Jeremy.
Jeremy Allison [Mon, 10 Dec 2007 21:43:12 +0000 (13:43 -0800)]
Fix bug leftover from pstring conversion noticed by ceez
on irc.
Jeremy.
Volker Lendecke [Sun, 9 Dec 2007 16:40:48 +0000 (17:40 +0100)]
Remove two completely unnecessary globals
Can someone look over this? To me it looks as if bufr was only made static to
save a malloc during an included smb.conf file. I think that's pretty much
pointless.
Jeremy Allison [Mon, 10 Dec 2007 20:11:45 +0000 (12:11 -0800)]
Fix return values for invalid printers. Found by kblin
spoolss test.
Jeremy.
Jeremy Allison [Mon, 10 Dec 2007 19:37:20 +0000 (11:37 -0800)]
Forgot build options was generated... fix.
Jeremy.
Jeremy Allison [Mon, 10 Dec 2007 19:30:37 +0000 (11:30 -0800)]
Remove the char[1024] strings from dynconfig. Replace
them with malloc'ing accessor functions. Should save a
lot of static space :-).
Jeremy.
Volker Lendecke [Sat, 24 Nov 2007 20:42:46 +0000 (21:42 +0100)]
use dbwrap_rbt in loadparm.c
Volker Lendecke [Sat, 24 Nov 2007 18:56:41 +0000 (19:56 +0100)]
Convert ServiceHash to dbwrap
Volker Lendecke [Fri, 9 Nov 2007 22:43:24 +0000 (23:43 +0100)]
dbwrap_rbt
This is meant as a replacement for the internal tdb. To me it seems a bit silly
that for in-memory structures we do our own memory management. With this rbt
based approach we can make use of the system-supplied malloc.
Volker Lendecke [Mon, 10 Dec 2007 12:20:24 +0000 (13:20 +0100)]
Make the Linux rbtrees compile within Samba
Volker Lendecke [Mon, 10 Dec 2007 12:11:51 +0000 (13:11 +0100)]
Add rbtree.[ch] from the Linux kernel
These are copies taken from
94545baded0bfbabdc30a3a4cb48b3db479dd6ef from Linus' kernel tree
Volker Lendecke [Sat, 24 Nov 2007 19:21:19 +0000 (20:21 +0100)]
Add db_tdb_fetch
Volker Lendecke [Sat, 24 Nov 2007 18:56:16 +0000 (19:56 +0100)]
Add dbwrap bystring service routines
Volker Lendecke [Mon, 10 Dec 2007 10:47:17 +0000 (11:47 +0100)]
Correctly unbecome_root() on error
Volker Lendecke [Sun, 9 Dec 2007 18:03:49 +0000 (19:03 +0100)]
Simplify add_session_user
Volker Lendecke [Fri, 7 Dec 2007 09:45:33 +0000 (10:45 +0100)]
Increase debug level
Volker Lendecke [Wed, 5 Dec 2007 20:09:57 +0000 (21:09 +0100)]
Move stuff from data to text
Volker Lendecke [Wed, 5 Dec 2007 19:58:25 +0000 (20:58 +0100)]
int->bool
Volker Lendecke [Wed, 5 Dec 2007 19:53:22 +0000 (20:53 +0100)]
Tiny simplifications
locking.c:open_read_only was unused
don't export the silly boolean flag locking_init(bool read_only)
Volker Lendecke [Wed, 5 Dec 2007 19:41:24 +0000 (20:41 +0100)]
Remove a static
Volker Lendecke [Wed, 5 Dec 2007 19:30:53 +0000 (20:30 +0100)]
Remove two statics
Volker Lendecke [Wed, 5 Dec 2007 17:46:53 +0000 (18:46 +0100)]
remove a static
Jeremy Allison [Sun, 9 Dec 2007 22:59:07 +0000 (14:59 -0800)]
Many systems don't have sa_len as part of struct sockaddr.
Revert
5c347cb46d85d04bbba7c99dca7ff9628f977d84
"Choose a better default for sockaddr length.".
Jeremy.
James Peach [Sun, 9 Dec 2007 22:18:54 +0000 (14:18 -0800)]
Support fetching very long server lists with RAP_NetServerEnum3.
Use the RAP_NetServerEnum3 server list continuation API for retrieving
server lists that are too long to fit in a single reply.
Patch from George Colley <gcolley@apple.com>.
James Peach [Sun, 9 Dec 2007 22:02:23 +0000 (14:02 -0800)]
Choose a better default for sockaddr length.
James Peach [Sun, 9 Dec 2007 22:01:57 +0000 (14:01 -0800)]
Specifically ask for IP4 addresses if we don't have IP6 support.
James Peach [Sun, 9 Dec 2007 22:00:25 +0000 (14:00 -0800)]
Make sure NULL is defined to the IPv6 test doesn't spuriously fail.
James Peach [Sun, 9 Dec 2007 21:28:00 +0000 (13:28 -0800)]
Fix connect(2) callers to use correct sockaddr size.
Some systems (eg Mac OSX 10.5) require the length passed to match
the socket address family. This introduces sys_connect() that does
the right thing, and replaces all uses oc connect(2) with sys_connect().
Note that there are some LGPL callers that still call connect(2)
directly.
James Peach [Sun, 9 Dec 2007 21:22:19 +0000 (13:22 -0800)]
Move load_case_tables() to after logging is set up. This can log
errors.
Volker Lendecke [Sun, 9 Dec 2007 18:46:06 +0000 (19:46 +0100)]
Don't copy the rpc function pointers
This actually shows up in a valgrind massif run with 4.1% of allocated memory.
I don't see why we would have to make a copy here.
Metze?
Volker Lendecke [Sat, 8 Dec 2007 10:25:05 +0000 (11:25 +0100)]
C++ warning
Volker Lendecke [Sun, 9 Dec 2007 12:45:10 +0000 (13:45 +0100)]
Get rid of the msgbuf[1600]
Volker Lendecke [Sat, 8 Dec 2007 10:21:08 +0000 (11:21 +0100)]
Fix C++ warnings
Volker Lendecke [Sat, 8 Dec 2007 10:20:53 +0000 (11:20 +0100)]
Fix two incompatible pointer warnings
Jeremy, please check
Jeremy Allison [Sat, 8 Dec 2007 01:44:42 +0000 (17:44 -0800)]
Add define guards around FSTRING_LEN.
Jeremy.
Jeremy Allison [Sat, 8 Dec 2007 01:32:32 +0000 (17:32 -0800)]
Remove next_token - all uses must now be next_token_talloc.
No more temptations to use static length strings.
Jeremy.
Jeremy Allison [Fri, 7 Dec 2007 22:54:38 +0000 (14:54 -0800)]
A requiem for pstring.
--------------
/ \
/ REST \
/ IN \
/ PEACE \
/ \
| The infamous pstring |
| |
| |
| 7 December |
| |
| 2007 |
*| * * * | *
_________)/\\_//(\/(/\)/\//\/\///|_)_______
Jeremy
Jeremy Allison [Fri, 7 Dec 2007 22:43:31 +0000 (14:43 -0800)]
More null deref fixes.
Jeremy.
Jeremy Allison [Fri, 7 Dec 2007 22:37:00 +0000 (14:37 -0800)]
More null deref fixes.
Jeremy
Jeremy Allison [Fri, 7 Dec 2007 22:35:04 +0000 (14:35 -0800)]
Don't deref null pointers.
Jeremy.
Jeremy Allison [Fri, 7 Dec 2007 20:46:55 +0000 (12:46 -0800)]
After conversations with Jerry, remove smbctool until it's
maintained. Now I don't have to fix the pstrings in it :-).
Jeremy.
Jeremy Allison [Fri, 7 Dec 2007 20:43:10 +0000 (12:43 -0800)]
We don't need P_GSTRING or P_UGSTRING anymore.
Jeremy.
Jeremy Allison [Fri, 7 Dec 2007 20:26:32 +0000 (12:26 -0800)]
Don't build rpctorture anymore - not maintained. Just remove.
Remove all vestiges of pstring (except for smbctool as noted
in previous commit).
Jeremy
Jeremy Allison [Fri, 7 Dec 2007 20:08:55 +0000 (12:08 -0800)]
Fix call to clistr_pull_talloc.
Jeremy.
Jeremy Allison [Fri, 7 Dec 2007 20:04:40 +0000 (12:04 -0800)]
Don't double define fstring.
Jeremy.
Jeremy Allison [Fri, 7 Dec 2007 20:02:44 +0000 (12:02 -0800)]
Remove pstrings completely except for smbctool (what does this do ?).
Don't build this for now.
Jeremy.
Jeremy Allison [Fri, 7 Dec 2007 19:28:16 +0000 (11:28 -0800)]
Remove pstring from clitar.c
Jeremy
Jeremy Allison [Fri, 7 Dec 2007 17:57:19 +0000 (09:57 -0800)]
Merge branch 'v3-2-test' of ssh://jra@git.samba.org/data/git/samba into v3-2-test
Günther Deschner [Fri, 7 Dec 2007 15:19:34 +0000 (16:19 +0100)]
Add NT_STATUS_DOWNGRADE_DETECTED (thanks to Magnus Mertens).
Guenther
Volker Lendecke [Fri, 7 Dec 2007 14:55:57 +0000 (15:55 +0100)]
Attempt to fix make test :-)
Volker Lendecke [Fri, 7 Dec 2007 11:57:11 +0000 (12:57 +0100)]
Pass only internal oplock request values to create_file
Other callers (e.g. reply_open_and_X) might have other ideas of the bit
shuffling
Volker Lendecke [Fri, 7 Dec 2007 11:39:30 +0000 (12:39 +0100)]
More parameter shuffling
Volker Lendecke [Fri, 7 Dec 2007 10:58:40 +0000 (11:58 +0100)]
Re-arrange create_file() parameters
This changes them to be a bit closer to open_file_ntcreate and thus provides
less surprises to developers
Volker Lendecke [Fri, 7 Dec 2007 09:46:11 +0000 (10:46 +0100)]
Make fname arg to create_file a "const char *"
Volker Lendecke [Fri, 7 Dec 2007 08:20:45 +0000 (09:20 +0100)]
Fix two unused variable warnings
I know this will be overwritten by the next "make idl", but it just bugs me
*now* :-)
Volker
Günther Deschner [Fri, 7 Dec 2007 10:56:48 +0000 (11:56 +0100)]
Allow to set custom message in wkssvc messagebuffer.
Guenther
Günther Deschner [Mon, 3 Dec 2007 21:12:31 +0000 (22:12 +0100)]
Fix build with new werror based pidl rpc.
Guenther
Günther Deschner [Thu, 6 Dec 2007 18:06:30 +0000 (19:06 +0100)]
Add cmd_wkssvc_messagebuffersend().
Guenther
Günther Deschner [Mon, 3 Dec 2007 12:12:26 +0000 (13:12 +0100)]
Add getjoininformation to rpcclient.
Guenther
Jeremy Allison [Fri, 7 Dec 2007 03:15:56 +0000 (19:15 -0800)]
*Really* fix the no password -N opt :-).
Jeremy.