Jeremy Allison [Tue, 6 Jan 2004 01:21:59 +0000 (01:21 +0000)]
Patch based on work from James Peach <jpeach@sgi.com> to convert over to
using pread/pwrite. Modified a little to ensure fsp->pos is correct.
Fix for #889.
Jeremy.
(This used to be commit
3a24dc868d95c9bcc2ac3a0dbd50e6e226ac0841)
Andrew Bartlett [Tue, 6 Jan 2004 01:20:01 +0000 (01:20 +0000)]
(merge from 3.0)
I think this was tpot's originally:
Fix format types for 64 bit systems.
Andrew Bartlett
(This used to be commit
256b2da7c96e8313f4f98ce700fc7634eaccb72b)
Andrew Bartlett [Tue, 6 Jan 2004 01:15:13 +0000 (01:15 +0000)]
(merge from 3.0)
Always call the auto-init funciton - this avoids tdb segfaulting under
us if we failed to open it earlier.
Andrew Bartlett
(This used to be commit
34f16eaeaa81a0cc6ae564f4be8a02752ee5624d)
Andrew Bartlett [Tue, 6 Jan 2004 00:41:13 +0000 (00:41 +0000)]
(merge from 3.0)
Ensure that for wbinfo --set-auth-user, we actually use the domain.
Andrew Bartlett
(This used to be commit
8a63bed29315acb3fe9cc2973426ef8392987c8c)
Andrew Bartlett [Tue, 6 Jan 2004 00:27:34 +0000 (00:27 +0000)]
(merge from 3.0)
Try to keep vl happy - shorten some of these lines.
--
Grumble... grumble... fix the build...
--
Show the sid type in name->sid translatons in a way that can be easily
understood by humans.
Andrew Bartlett
(This used to be commit
c5d1e2112baa7d87cd6b9f0855c2fd8b006af01d)
Andrew Bartlett [Tue, 6 Jan 2004 00:13:56 +0000 (00:13 +0000)]
(merge from 3.0)
Change our Domain controller lookup routines to more carefully seperate
DNS names (realms) from NetBIOS domain names.
Until now, we would experience delays as we broadcast lookups for DNS names
onto the local network segments.
Now if DNS comes back negative, we fall straight back to looking up the
short name.
Andrew Bartlett
(This used to be commit
4c3bd0a99e464198d243da302ff1868189b4dcff)
Andrew Bartlett [Tue, 6 Jan 2004 00:08:53 +0000 (00:08 +0000)]
(merge from 3.0)
Add const.
Andrew Bartlett
(This used to be commit
b08502a8fb1083cc49fd2976880b7bef3f14a72a)
Andrew Bartlett [Tue, 6 Jan 2004 00:06:49 +0000 (00:06 +0000)]
(merge from 3.0)
There is some memory corruption hidden somewhere in our winbind code. If I
could reproduce it, I would fix it, but for now just make sure we always
SAFE_FREE() and set our starting pointers to NULL.
Andrew Bartlett
(This used to be commit
a00f29624d10df7f31fa978b79bc71b40d696359)
Andrew Bartlett [Tue, 6 Jan 2004 00:05:31 +0000 (00:05 +0000)]
(merge from 3.0)
Change (unused) structure parameter for cli_ds_enum_domain_trusts() cleanup.
Andrew Bartlett
(This used to be commit
3c02aad8b3a4b28ca492ca1abbbd594ba75975e4)
Andrew Bartlett [Mon, 5 Jan 2004 23:54:37 +0000 (23:54 +0000)]
rpc_client/cli_lsarpc.c:
rpc_parse/parse_lsa.c:
nsswitch/winbindd_rpc.c:
nsswitch/winbindd.h:
- Add const
libads/ads_ldap.c:
- Add ads_sid_to_dn utility function
nsswitch/winbindd_ads.c:
- Use new utility function ads_sid_to_dn
- Don't search for 'dn=', rather call the ads_search_retry_dn()
nsswitch/winbindd_ads.c:
include/rpc_ds.h:
rpc_client/cli_ds.c:
- Fixup braindamage in cli_ds_enum_domain_trusts():
- This function was returning a UNISTR2 up to the caller, and
was doing nasty (invalid, per valgrind) things with memcpy()
- Create a new structure that represents this informaiton in a useful way
and use talloc.
Andrew Bartlett
(This used to be commit
627d33d1667f0d4b1070f988494885b74c4c04dd)
Andrew Bartlett [Mon, 5 Jan 2004 23:51:34 +0000 (23:51 +0000)]
(merge from 3.0)
Fix for bug 707, getent group for huge ads groups (>1500 members)
This introduces range retrieval of ADS attributes.
VL rewrote most of Güther's patch, partly to remove code duplication and
partly to get the retrieval of members in one rush, not interrupted by the
lookups for the DN.
I rewrote that patch, to ensure that we can keep an eye on the USN
(sequence number) of the entry - this allows us to ensure the read was
atomic.
In particular, the range retrieval is now generic, for strings. It
could easily be made generic for any attribute type, if need be.
Andrew Bartlett
(This used to be commit
08e851c7417d52a86e31982fcfce695c8a6360b7)
Andrew Bartlett [Mon, 5 Jan 2004 23:48:04 +0000 (23:48 +0000)]
(merge from 3.0)
Even if the 'device type' is always an ascii string, use push_string to get
it out onto the wire. Avoids valgrind warnings because the fstrcpy() causes
part of the wire buffer to be 'marked'.
Andrew Bartlett
(This used to be commit
326becbde23c8039e1f0f00930bcab094bf91ed2)
Andrew Bartlett [Mon, 5 Jan 2004 23:45:14 +0000 (23:45 +0000)]
(merge from 3.0)
Match Win2k, and return NT_STATUS_INVALID_PARAMETER
if this parameter is not an account type
Andrew Bartlett
(This used to be commit
43ee2e0b6a6f95ce2864befeb08b5de2ace41c7c)
Andrew Bartlett [Mon, 5 Jan 2004 23:43:07 +0000 (23:43 +0000)]
(merge from 3.0)
Having no members of a group is a perfectly valid (if unusual) situation.
Andrew Bartlett
(This used to be commit
bc77b586be6992a662422304dbefbd4b833818fb)
Andrew Bartlett [Mon, 5 Jan 2004 23:41:50 +0000 (23:41 +0000)]
(merge from 3.0)
JHT came up with a nasty (broken) torture case in preparing examples for
his book.
This prompted me to look at the code that reads the unix group list. This
code did a lot of name -> uid -> name -> sid translations, which caused
problems. Instead, we now do just name -> sid
I also cleaned up some interfaces, and client tools.
Andrew Bartlett
(This used to be commit
cc535a6c70d8dcf677322e31b24dec58b23d80f0)
Andrew Bartlett [Mon, 5 Jan 2004 23:38:49 +0000 (23:38 +0000)]
(merge from 3.0)
Changes to our PAM code to cope with the fact that we can't handle some
domains (in particular, the domain of the current machine, if it is not a PDC)
By changing the error codes, we now return values that PAM can correctly
use for better stacking of PAM modules - in particular of the password change
module.
This allows pam_winbind to co-exist with other pam modules for password changes.
Andrew Bartlett
(This used to be commit
06b4eb4b9f867998c8faf9a91830ba3181cdf605)
Andrew Bartlett [Mon, 5 Jan 2004 23:37:07 +0000 (23:37 +0000)]
(merge from 3.0)
auth/auth_util.c:
- Fill in the 'backup' idea of a domain, if the DC didn't supply one. This
doesn't seem to occour in reality, hence why we missed the typo.
lib/charcnv.c:
lib/smbldap.c:
libads/ldap.c:
libsmb/libsmbclient.c:
printing/nt_printing.c:
- all the callers to pull_utf8_allocate() pass a char ** as the first
parammeter, so don't make them all cast it to a void **
nsswitch/winbind_util.c:
- Allow for a more 'correct' view of when usernames should be qualified
in winbindd. If we are a PDC, or have 'winbind trusted domains only',
then for the authentication returns stip the domain portion.
- Fix valgrind warning about use of free()ed name when looking up our
local domain. lp_workgroup() is maniplated inside a procedure that
uses it's former value. Instead, use the fact that our local domain is
always the first in the list.
--
Jerry rightly complained that we can't assume that the first domain is
our primary domain - new domains are added to the front of the list. :-(
Use a much more reliable 'flag test' instead. (note: changes winbind
structures, make clean).
--
Forgot to commit this for the 'get our primary domain' change.
Andrew Bartlett
(This used to be commit
acacd27ba25f7ebfec40bfa66d34ece543569e23)
Andrew Bartlett [Mon, 5 Jan 2004 23:28:50 +0000 (23:28 +0000)]
(merge from 3.0)
Try to gain a bit more consistancy in the output of usernames from ntlm_auth:
Instead of returning a name in DOMAIN\user format, we now return it in the
same way that nsswtich does - following the rules of 'winbind use default
domain', in the correct case and with the correct seperator.
This should help sites who are using Squid or the new SASL code I'm working
on, to match back to their unix usernames.
--
Get the DOMAIN\username around the right way (I had username\domain...)
Push the unix username into utf8 for it's trip across the socket.
Andrew Bartlett
(This used to be commit
4c2e1189ff84d254f19b604999d011fdb17e538d)
Andrew Bartlett [Mon, 5 Jan 2004 23:25:56 +0000 (23:25 +0000)]
(merge from 3.0)
Remove testing hack
Make the name of the NTLMSSP client more consistant before we lock it in stone.
Andrew Bartlett
(This used to be commit
273dcda9ce62eb04c9cce673bb49b41982b26d98)
Andrew Bartlett [Mon, 5 Jan 2004 23:23:59 +0000 (23:23 +0000)]
(merge from 3.0)
Move our basic password checking code from inside the authentication
subsystem into a seperate file - ntlm_check.c.
This allows us to call these routines from ntlm_auth. The purpose of this
exercise is to allow ntlm_auth (when operating as an NTLMSSP server) to
avoid talking to winbind. This should allow for easier debugging.
ntlm_auth itself has been reorgainised, so as to share more code between
the SPNEGO-wrapped and 'raw' NTLMSSP modes. A new 'client' NTLMSSP mode
has been added, for use with a Cyrus-SASL module I am writing (based on vl's
work)
Andrew Bartlett
(This used to be commit
2f196bb31ac83cf7922583063c74a5f679ca5be7)
Andrew Bartlett [Mon, 5 Jan 2004 23:22:00 +0000 (23:22 +0000)]
(merge from 3.0)
Refactor our authentication and authentication testing code.
The next move will be to remove our password checking code from the SAM
authentication backend, and into a file where other parts of samba can use
it.
The ntlm_auth changes provide for better use of common code.
Andrew Bartlett
(This used to be commit
0d97b10248347398fbee66767baac0c7adf6889d)
Andrew Bartlett [Mon, 5 Jan 2004 23:20:59 +0000 (23:20 +0000)]
(merge from 3.0)
Add the alignment required before all 2-byte quantities in NDR. Allows us
to correctly parse plaintext netlogon calls with odd-length passwords
Andrew Bartlett
(This used to be commit
39d8a9e488eb31796e8e7eca42fe27f8218ce5d6)
Andrew Bartlett [Mon, 5 Jan 2004 23:19:49 +0000 (23:19 +0000)]
(merge from 3.0)
Shutting down the connection closes outstanding sessions, so we don't need
to do it twice...
Amdrew Bartlett
(This used to be commit
77b3515981ebe972a4c78e14b205d0c70a34b69f)
Andrew Bartlett [Mon, 5 Jan 2004 23:18:06 +0000 (23:18 +0000)]
(merge from 3.0)
Check the return value of string_to_sid in a few more places. (But
string_to_sid also needs to be less permissive on what it thinks are
valid sids...)
Andrew Bartlett
(This used to be commit
74ea8682e4b5c78f456cc9284e953e35e4146a8b)
Andrew Bartlett [Mon, 5 Jan 2004 23:16:47 +0000 (23:16 +0000)]
(merge from 3.0)
Show the error message for failure to set the ldap password.
(For 'ldap password sync = yes')
Andrew Bartlett
(This used to be commit
ef5d2309c2252c9d6111738075f863b69b616722)
Andrew Bartlett [Mon, 5 Jan 2004 23:15:33 +0000 (23:15 +0000)]
(merge from 3.0)
Based on patch by Petri Asikainen <paca@sci.fi> fix bug #387 and #330.
This patch will change order how attributes are modified
from: add, delete
to: delete, add
This is needed to update single valued attributes in Novell NDS and
should not harm anyone else.
(This used to be commit
e925cae0f3846ea95633d38afd652e0f3d8acfb9)
Jeremy Allison [Mon, 5 Jan 2004 21:01:06 +0000 (21:01 +0000)]
Fix from James Flemer <jflemer@uvm.edu> to make HAVE_ATTR_LIST linked to
HAVE_SYS_ATTRIBUTES_H to fix AIX compile.
Jeremy.
(This used to be commit
1d90cc2034c023755981a07a49c3d9958b60fb74)
Gerald Carter [Mon, 5 Jan 2004 20:24:21 +0000 (20:24 +0000)]
fix inverted check using krb5_kt_resolve() and HAVE_MEMORY_KEYTAB; bug 912
(This used to be commit
cca2afecd505881412df65c21c0389a0079cf023)
Jelmer Vernooij [Mon, 5 Jan 2004 00:57:53 +0000 (00:57 +0000)]
Merge commit to 3_0: add pdb_pgsql
(This used to be commit
61cbd5c9be1962d0c33c28ff472a2f82d3aa2a80)
Volker Lendecke [Sun, 4 Jan 2004 11:59:11 +0000 (11:59 +0000)]
Commit the translation of the realm to the netbios domain name in the kerberos
session setup. After talking to jht and abartlet I made this unconditional, no
additional parameter.
Jerry: This is a change in behaviour, but I think it is necessary.
Volker
(This used to be commit
d32f47fedcff3fdf46f42926d1cd84433e7ab487)
Volker Lendecke [Sat, 3 Jan 2004 20:21:37 +0000 (20:21 +0000)]
And yet another const
Volker
(This used to be commit
6121a866659c3b81e790a79432b6d89d7865fbd3)
Volker Lendecke [Thu, 1 Jan 2004 21:11:33 +0000 (21:11 +0000)]
After talking with abartlet remove the fix for bug 707 again.
Volker
(This used to be commit
a2e384262d0203772a6237b566c294f15bfd8948)
Volker Lendecke [Thu, 1 Jan 2004 20:33:45 +0000 (20:33 +0000)]
Fix for bug 707, getent group for huge ads groups (>1500 members)
This introduces range retrieval of ADS attributes.
I've rewritten most of Günther's patch, partly to remove code duplication and
partly to get the retrieval of members in one rush, not interrupted by the
lookups for the DN.
Andrew, you told me that you would like to see a check whether the AD sequence
number is the same before and after the retrieval to achieve atomicity. This
would be trivial to add, but I'm not sure that we want this, as this adds two
roundtrips to every membership query. We can not know before the first query
whether we get additional range values, and at that point it's too late to ask
for the USN.
Tested with a group of 4000 members along with lots of small groups.
Volker
(This used to be commit
a2aa6e41e552abfb6d1056ab3a7c75e8fd0a150c)
Gerald Carter [Tue, 30 Dec 2003 22:18:40 +0000 (22:18 +0000)]
Move to short lived TALLOC_CTX* for allocating printer
objects from the print handle cache. Fixes bug that
caused smbd to consume large amounts of RAM when
(a) a printer handle was kept open over an extended
period of time, and
(b) the client issued frequent requests that resulted
in a call to get_a_printer()
(This used to be commit
b84ea23f99481f9260dedbe8dd715112ccdc7d7a)
Volker Lendecke [Tue, 30 Dec 2003 21:12:57 +0000 (21:12 +0000)]
Another little one: Make pdb_test.c at least compile, although its way out of
date.
Volker
(This used to be commit
0a84173555b29b77b241741c7b1ae4fac595c28f)
Volker Lendecke [Tue, 30 Dec 2003 16:01:24 +0000 (16:01 +0000)]
The AFS pts command always generates completely lower-case user names. As case
is not significant in windows user names we should not lose information by
lower-casing the name before handing it to AFS.
Volker
(This used to be commit
097e8d44b4a6eb49f36debae1f2cc8af7565b0eb)
Volker Lendecke [Tue, 30 Dec 2003 15:20:07 +0000 (15:20 +0000)]
Fix Bug # 924
Volker
(This used to be commit
1f0e045502f802f819738d1b89574b07dfaa6bc6)
Volker Lendecke [Sat, 27 Dec 2003 10:13:20 +0000 (10:13 +0000)]
Preliminary fix for our signing problem with failed NTLMSSP logins. This patch
solves the problem for me here, I can still successfully set up signing using
NTLMSSP against w2k3 and it does not show a signing error anymoe when the
password was wrong.
Jeremy, you might want to take a further look at it as this is not
particularly elegant.
Volker
(This used to be commit
8a82060e3aee6d5ef38b1448035d865f9bce63a7)
Volker Lendecke [Fri, 26 Dec 2003 21:35:39 +0000 (21:35 +0000)]
Collecting another little patch from gd@suse.de
As broken as it might be, smbwrapper.so should be put into the
libdir and not bindir.
Volker
(This used to be commit
c374fd982e63209cf555fe8fbf15cfae0f79aca1)
Volker Lendecke [Fri, 26 Dec 2003 19:39:50 +0000 (19:39 +0000)]
Collecting some minor patches...
This adds the ability to specify the new user password for 'net ads password'
on the command line. As this needs the admin password on the command line, the
information leak is minimally more.
Patch from gd@suse.de
Volker
(This used to be commit
68af56f517014476ab4549de72a0585a0a07c72f)
Andrew Bartlett [Thu, 25 Dec 2003 23:35:27 +0000 (23:35 +0000)]
(merge from 3.0)
ldap rebind sleep -> ldap replication sleep
While writing documentation for metze's patch, it became clear that this is a
better name.
Andrew Bartlett
(This used to be commit
bac2c20adf6a8f541f227652d4da3d8f31f1a648)
Volker Lendecke [Thu, 25 Dec 2003 22:45:15 +0000 (22:45 +0000)]
This is metze's LDAP rebind sleep patch:
When smb.conf tells us to write to a read-only LDAP replica and we are
redirected by the LDAP server, the replication might take some seconds,
especially over slow links. This patch delays the next read after a rebind for
'ldap rebind sleep' milliseconds.
Metze, thanks for your patience.
Volker
(This used to be commit
7293550e3642e2553684a7011084dabb0b78fd24)
Volker Lendecke [Thu, 25 Dec 2003 22:31:30 +0000 (22:31 +0000)]
Fix our parsing of the LDAP url. We get around it as all decent systems seem
to have ldap_initialize.
Thanks to abartlet for the fix (and the bug in the first place ;-))
Volker
(This used to be commit
943e156788ea361cb3ec0ab37a87653494e47f2e)
Volker Lendecke [Thu, 25 Dec 2003 10:10:49 +0000 (10:10 +0000)]
abartlet pointed me at the fact that the order and flags in loadparm.c are
actually used.... 'afs username map' should not show up in the swat basic
view. :-)
Maybe I should use swat from time to time....
Volker
(This used to be commit
82f47aeca3d376d766efc36fdf2efe158f975484)
Andrew Bartlett [Thu, 25 Dec 2003 09:57:39 +0000 (09:57 +0000)]
(merge from 3.0)
Fix bug 916 - do not perform a + -> space substitution for squid URL encoded
strings, only form input in SWAT.
Andrew Bartlett
(This used to be commit
794ff4da03a3c5b6afa3ee4802f83f04571a5652)
Andrew Bartlett [Wed, 24 Dec 2003 10:02:57 +0000 (10:02 +0000)]
(merge from 3.0)
Thanks to Serassio Guido for noticing issues in our Squid NTLMSSP
implementation. We were not resetting the NTLMSSP state for new
negotiate packets.
Andrew Bartlett
(This used to be commit
ada064af72e120aacd733245292e988dd696d059)
Jeremy Allison [Tue, 23 Dec 2003 07:33:38 +0000 (07:33 +0000)]
Fix for special files being hidden from admins by Dmitry Butskoj <buc@odusz.elektra.ru>
Jeremy.
(This used to be commit
a14259d885291c138d3d62d36737472048840aa6)
Gerald Carter [Mon, 22 Dec 2003 21:26:29 +0000 (21:26 +0000)]
correct typo in delete user script; bug 887
(This used to be commit
44ef3dd2b346176e756b5e361a38da19ea93e071)
Gerald Carter [Mon, 22 Dec 2003 21:24:40 +0000 (21:24 +0000)]
add well known rid for pre win2k compatible access group; bug 897
(This used to be commit
426a02cf678236f902c143b56eaaf854fca2237f)
Jeremy Allison [Mon, 22 Dec 2003 11:12:12 +0000 (11:12 +0000)]
Patch from Jianliang Lu j.lu@tiesse.com to manage Power Users
group.
Jeremy.
(This used to be commit
72174634aa26c01431ccf85331aaa8b51e70c8ff)
Gerald Carter [Fri, 19 Dec 2003 00:33:27 +0000 (00:33 +0000)]
* add a few useful debug lines
* fix bug involving Win9x clients. Make sure we
save the right case for the located username
in fill_sam_account()
(This used to be commit
d22b4097d4c2bde7989af31ccb572871c6e63424)
Jeremy Allison [Wed, 17 Dec 2003 21:57:29 +0000 (21:57 +0000)]
Add in comments explaining NTLMv2 selection. Use lm session key if that's
all there is.
Jeremy.
(This used to be commit
3e6abeffe176cdba43d251f55f3b7aecd8fa55b1)
Jeremy Allison [Wed, 17 Dec 2003 20:11:35 +0000 (20:11 +0000)]
Tidyup debug message in ntlmssp code. Add brackets around dodgy if statement.
Jeremy
(This used to be commit
6cd0f6e7c0a28ddccf55acb1e411e5ed5bd3cf47)
Gerald Carter [Wed, 17 Dec 2003 06:18:41 +0000 (06:18 +0000)]
Make sure we correctly generate the lm session key.
This fixes a problem joining a Samba domain from a
vanilla win2k client that doesn't set the
NTLMSSP_NEGOTIATE_NTLM2 flag.
Reported on samba ml as "decode_pw: incorrect password length"
when handling a samr_set_userinfo(23 or 24) RPC.
(This used to be commit
14558c942beb05cd12c0e40c1bb30c3dcde8ce48)
Gerald Carter [Tue, 16 Dec 2003 18:36:05 +0000 (18:36 +0000)]
make sure we delete the group mapping before calling the delete group script; patch from Jianliang Lu <j.lu@tiesse.com>
(This used to be commit
66edeb855e7d7a0bfa20cbe93275c86880bd453d)
Jeremy Allison [Sat, 13 Dec 2003 01:43:52 +0000 (01:43 +0000)]
Fix from ndb@theghet.to to allow an existing LDAP machine account to be
re-used, rather than created from scratch.
Jeremy.
(This used to be commit
1bcc4c244dd127643c66ed75550f405e90c99c76)
Jeremy Allison [Fri, 12 Dec 2003 22:54:41 +0000 (22:54 +0000)]
Fix for bug #815. Make plaintext unicode passwords work with NT4.x
Jeremy.
(This used to be commit
29bac18b6971f459c3cb138366ae493d5805f643)
Jeremy Allison [Fri, 12 Dec 2003 20:15:47 +0000 (20:15 +0000)]
Fix detection of elements in in-memory keytab code.
Jeremy.
(This used to be commit
c208ea44aa4cc8c0cde6aa02d98d87f36aed9589)
Gerald Carter [Thu, 11 Dec 2003 22:31:00 +0000 (22:31 +0000)]
fix bug that prevent --mandir from overriding the defaults given in the --with-fhs macro
(This used to be commit
824218d086d90f6fcf3789e8e87f047e2da55c25)
Jeremy Allison [Thu, 11 Dec 2003 20:54:55 +0000 (20:54 +0000)]
Correctly detect in-memory krb5 keytab support. Fix for bug #863 from
gschafer@zip.com.au (Greg Schafer).
Jeremy.
(This used to be commit
25d91f8d8c4e3bd8237716052b53350587ffb8dc)
Jeremy Allison [Thu, 11 Dec 2003 19:59:05 +0000 (19:59 +0000)]
Patch from James Peach <jpeach@sgi.com>. Remove the MAX_CONNECTIONS limit
by increasing bitmap size. Limited by "max connections" parameter.
Bug #716.
Jeremy.
(This used to be commit
0be57a2eb015f832c6bb6d84525719a3d632f741)
Gerald Carter [Thu, 11 Dec 2003 15:35:44 +0000 (15:35 +0000)]
fixed bad formal parameter type in get_static(); patch Andy Polyakov
(This used to be commit
67d893701f09f29e8af56cd98f04131658b39713)
Alexander Bokovoy [Thu, 11 Dec 2003 10:31:20 +0000 (10:31 +0000)]
Fix uninitialized variable in passdb code. Reported by Andy Polyakov <appro@fy.chalmers.se>
(This used to be commit
ca21dd3bb682700d628e9fc1aeedd1594cda3094)
Gerald Carter [Wed, 10 Dec 2003 21:14:39 +0000 (21:14 +0000)]
Fix UNISTR2 length bug in LsaQueryInfo(3) that cause SID resolution to fail on local files on on domain members; bug 875
(This used to be commit
a5c5dde1c34ba44f8d9bbb38720a089a6d61806c)
Gerald Carter [Wed, 10 Dec 2003 16:42:44 +0000 (16:42 +0000)]
more group lookup access fixes on the neverending bug 281
(This used to be commit
975ac6f5aa4d8d709733757e4e003f3c551fc9ba)
Alexander Bokovoy [Wed, 10 Dec 2003 16:01:20 +0000 (16:01 +0000)]
Fix #558 -- support ISO-8859-1 internally. Makes Solaris users a bit happier
(This used to be commit
808fc7e9d52ccc61ceb56821f6b977936817b88b)
Gerald Carter [Wed, 10 Dec 2003 14:10:39 +0000 (14:10 +0000)]
patch from TAKEDA yasuma to bypass any missing language files
(This used to be commit
c65f63be1eb8bb9350cc7e843c858050c5ce5095)
Jeremy Allison [Tue, 9 Dec 2003 22:32:55 +0000 (22:32 +0000)]
IRIX spinlock patch from James Peach <jpeach@sgi.com>.
Jeremy.
(This used to be commit
04abff372b8939bd33c6dceb48baac9fdb7e27b6)
Gerald Carter [Tue, 9 Dec 2003 21:31:38 +0000 (21:31 +0000)]
working on packaging; also fixed some path issues in configure.in & Makefile.in
(This used to be commit
c16e51bfaf59b2d5b1b800ee272ac45b13b9a9fc)
Jeremy Allison [Tue, 9 Dec 2003 18:34:26 +0000 (18:34 +0000)]
Final part of fix for #445. Don't add user for machine accounts.
Jeremy.
(This used to be commit
0785295fe067093ea1483fc19e30c63512018db3)
Gerald Carter [Tue, 9 Dec 2003 18:20:48 +0000 (18:20 +0000)]
fix bug in get_peer_name() caused by --enable-developer and using the same src & dest strings to alpha_strcpy(); reported by Michael Young
(This used to be commit
0054ce8707038444bec8c4ac8f0deea12ef65820)
Jeremy Allison [Tue, 9 Dec 2003 02:29:24 +0000 (02:29 +0000)]
Make intent to return only one address clear.
Jeremy.
(This used to be commit
08b6b1e43ce354cfb77701c8953565e1163ff76b)
Gerald Carter [Mon, 8 Dec 2003 17:42:26 +0000 (17:42 +0000)]
working on bug 687; protect against null src strings in alloc_sub_basic()
(This used to be commit
b187511920dc6245faeb5ea6b48132bd5ba69ef9)
Gerald Carter [Mon, 8 Dec 2003 17:42:21 +0000 (17:42 +0000)]
make sure we use a real network address in case there are extra non-zero octets in hosts allow/deny
(This used to be commit
f891d434a1406d18f9842ac6b3d1ea49ee96b9bc)
Andrew Bartlett [Sun, 7 Dec 2003 11:06:40 +0000 (11:06 +0000)]
Merge from 3.0:
source/libsmb/ntlmssp.c:
Picked up by the build farm - despite all my efforts, security=server was
broken by my NTLM2 commit. This should correctly cause the NTLM2 case
not to be negotiated when 'security=server' is in effect.
testsuide/build_farm/runlist:
Without 'non unix accounts' we can't test security=domain on the build farm.
source/rpc_server/srv_samr_nt.c:
Match Win2k and return 'invalid parameter' for creating of a new account with
account flags of 0.
Andrew Bartlett
(This used to be commit
e97f1eb62ae01b5259d7ecfab9b55b07103379c7)
Jeremy Allison [Sat, 6 Dec 2003 02:33:59 +0000 (02:33 +0000)]
Fix for bug #445 (missing unix user on kerberos auth doesn't call add user
script).
Jeremy.
(This used to be commit
881c5c60977d15b5d4b34fde8743deac80f11a99)
Gerald Carter [Fri, 5 Dec 2003 21:52:17 +0000 (21:52 +0000)]
fix %a variable for Windows 2003 -> Win2K3
(This used to be commit
d7db1439a626ae13b77dc262c82e713fcab1ab4f)
Jeremy Allison [Fri, 5 Dec 2003 21:01:23 +0000 (21:01 +0000)]
Janitor for tridge...
Jeremy.
(This used to be commit
d9790a76d88b8c46d665f2294878ee13d438b791)
Gerald Carter [Fri, 5 Dec 2003 17:21:00 +0000 (17:21 +0000)]
packaging updates from Buchan
(This used to be commit
9a5b5be68e6ba2c3ab06eb4a8104b7d2d71f0c2a)
Gerald Carter [Fri, 5 Dec 2003 15:27:58 +0000 (15:27 +0000)]
create libdir for installclientlib; patch from Bill Knox
(This used to be commit
915b5eb67f8d4acc901d78b7b7d4d615aef817cd)
Gerald Carter [Thu, 4 Dec 2003 20:22:19 +0000 (20:22 +0000)]
fix process_incoming_data() to return the number of bytes handled this call whether we have a complete pdu or not; fixes bug with multiple pdu request rpc's broken over SMBwriteX calls each
(This used to be commit
514acc655d58a660b2a2542ff81a880f1bdfc3f6)
Gerald Carter [Thu, 4 Dec 2003 16:39:11 +0000 (16:39 +0000)]
typo in BASEDIR; patch from Darren Chew
(This used to be commit
c0710a34ba737ebdd078beb223df528b297057a1)
Gerald Carter [Thu, 4 Dec 2003 05:02:25 +0000 (05:02 +0000)]
readding schema items that were accidentally deleted
(This used to be commit
14dd4403fe006345a9cdf55b2b35a31176463349)
Gerald Carter [Thu, 4 Dec 2003 04:52:49 +0000 (04:52 +0000)]
support munged dial for ldapsam; patch from Aurélien Degrémont; bug 800
(This used to be commit
acf9eae7b0c95776358292c3463951477575bcc6)
Gerald Carter [Thu, 4 Dec 2003 04:32:22 +0000 (04:32 +0000)]
don't crash on a NULL priviledge pointer; patch from Jianliang Lu
(This used to be commit
5bbfa9989bcade2e1192a68596de3e574faed1d5)
Gerald Carter [Thu, 4 Dec 2003 04:08:32 +0000 (04:08 +0000)]
* fix RemoveSidForeignDomain() ; bug 252
* don't fall back to unmapped UNIX group for
get_local_group_from_sid()
* remove an extra become/unbecome_root() pair
from group enumeration
(This used to be commit
c0f34b42a6a4af09ae4b76721bc350784d87f686)
Jeremy Allison [Wed, 3 Dec 2003 23:16:24 +0000 (23:16 +0000)]
Fix for "hash" (not hash2) type mangling. Noticed by "Forrest W. Christian" <fwc@mt.net>
Jeremy.
(This used to be commit
b2d63007608944fff05e45b1f6b312373d022062)
Volker Lendecke [Tue, 2 Dec 2003 11:41:42 +0000 (11:41 +0000)]
Two trivial warnings
Volker
(This used to be commit
6b46ee6fd5c47d04e9c61e6cec3f0b16b268cd2d)
Jeremy Allison [Mon, 1 Dec 2003 22:55:41 +0000 (22:55 +0000)]
Client connect signing error messages should be level zero else
they're easy to miss.
Jeremy.
(This used to be commit
b5f32a0869017a3ce457bf45e4aa2c1b621162c6)
Jeremy Allison [Mon, 1 Dec 2003 22:46:49 +0000 (22:46 +0000)]
Get a little paranoid about memfree use in convert_string_allocate..
Looking at crash bugs #809 and others.
Jeremy.
(This used to be commit
e122891bebd33fc7bd654146a5cbec1feb307555)
Gerald Carter [Mon, 1 Dec 2003 19:58:53 +0000 (19:58 +0000)]
another strequal() == 0 fix
(This used to be commit
818bba4b796440453e5911369adf5bd147e9b961)
Gerald Carter [Mon, 1 Dec 2003 19:26:32 +0000 (19:26 +0000)]
fix inverted logic caused by s/strcmp/strequal/; host allow/deny works again; bug 846
(This used to be commit
18fe1681c15cc25a41e738e615b759d759f9ecf4)
Gerald Carter [Mon, 1 Dec 2003 18:38:08 +0000 (18:38 +0000)]
add Replicator and RAS Servers to list of builtin SIDs we resolve; bug 608
(This used to be commit
1bb2281e177d1f312c0c3c117c5b0dcabe57125b)
Gerald Carter [Mon, 1 Dec 2003 18:02:30 +0000 (18:02 +0000)]
don't mistake pre-existing UNIX jobs for smb jobs; patch from SATOH Fumiyasu bug 770
(This used to be commit
d6333ae8d707c17a6fa26a39b14a802bc816ab3f)
Volker Lendecke [Mon, 1 Dec 2003 14:13:20 +0000 (14:13 +0000)]
In the brief 'net rpc group' listing, don't cut off group names at 21 chars.
Volker
(This used to be commit
d623f695c48736f21a79f02cf669d5bcf39cd920)
Volker Lendecke [Mon, 1 Dec 2003 14:08:15 +0000 (14:08 +0000)]
Beautify the net status help message a bit
Volker
(This used to be commit
f8ffa207e05920f28502b45b550a394aba9648a7)
Volker Lendecke [Mon, 1 Dec 2003 14:02:24 +0000 (14:02 +0000)]
I needed a decently parseable format of smbstatus. Looking at smbstatus code
tells me that this should not be expanded, so I implemented
net status [sessions|shares] [parseable]
Volker
(This used to be commit
ed38341c8a6454a8ec0f8240d83239f6869536b8)
Jeremy Allison [Mon, 1 Dec 2003 06:59:56 +0000 (06:59 +0000)]
Fix spurious error msg. when seq=0.
Jeremy.
(This used to be commit
fd71acd1ffb3d3c2f2f82395c86512124769d592)
Jeremy Allison [Mon, 1 Dec 2003 06:53:21 +0000 (06:53 +0000)]
Ensure the server can cope with multiple secondary trans
requests when signing is turned on.
Jeremy.
(This used to be commit
b97596df7834a80b648022e22983cab5dfb0f7dd)
Jeremy Allison [Mon, 1 Dec 2003 06:19:14 +0000 (06:19 +0000)]
Subtract NT_STATUS from common flag, don't add it...
Jeremy.
(This used to be commit
0ed153af55279ba1e621c688b5e78f842e72ea1e)