sfrench/samba-autobuild/.git
16 years agostarting on Fedora packaging; reference point to begin with taken from RH 3.0.0-15...
Gerald Carter [Tue, 9 Dec 2003 17:36:11 +0000 (17:36 +0000)]
starting on Fedora packaging; reference point to begin with taken from RH 3.0.0-15 packaging files
(This used to be commit 4062cc38fde129056ea7ff796f7d00cfb6abf263)

16 years agostarting on Fedora packaging
Gerald Carter [Tue, 9 Dec 2003 15:48:40 +0000 (15:48 +0000)]
starting on Fedora packaging
(This used to be commit a78079286ec2a73ca26f9706d063d6b30553486d)

16 years agoMake intent to return only one address clear.
Jeremy Allison [Tue, 9 Dec 2003 02:29:27 +0000 (02:29 +0000)]
Make intent to return only one address clear.
Jeremy.
(This used to be commit d3d0353baeba580d8a7a4688f847463b1b2e750c)

16 years agoworking on bug 687; protect against null src strings in alloc_sub_basic()
Gerald Carter [Mon, 8 Dec 2003 17:40:44 +0000 (17:40 +0000)]
working on bug 687; protect against null src strings in alloc_sub_basic()
(This used to be commit 6cf91bce40f85879de00b9ce89ad9b5e04a50b35)

16 years agomake sure we use a real network address in case there are extra non-zero octets in...
Gerald Carter [Mon, 8 Dec 2003 17:40:15 +0000 (17:40 +0000)]
make sure we use a real network address in case there are extra non-zero octets in hosts allow/deny
(This used to be commit 0348e85177ae90c350659451424ab521a4fc335a)

16 years agoFix comment.
Tim Potter [Sun, 7 Dec 2003 10:48:31 +0000 (10:48 +0000)]
Fix comment.
(This used to be commit a999f7f23fc68e51dd04f1c5a2c84f19d5c4a0a5)

16 years agoFix for bug #445 (missing unix user on kerberos auth doesn't call add user
Jeremy Allison [Sat, 6 Dec 2003 02:34:02 +0000 (02:34 +0000)]
Fix for bug #445 (missing unix user on kerberos auth doesn't call add user
script).
Jeremy.
(This used to be commit 5d9f06bdae4e7b878a87fb97367cf10afbc5f6b2)

16 years agofix %a variable for Windows 2003 -> Win2K3
Gerald Carter [Fri, 5 Dec 2003 21:51:51 +0000 (21:51 +0000)]
fix %a variable for Windows 2003 -> Win2K3
(This used to be commit 2f43a1c166dfc8679a9d03bd0f3cf9303aafcf74)

16 years agopackaging updates from Buchan
Gerald Carter [Fri, 5 Dec 2003 17:14:16 +0000 (17:14 +0000)]
packaging updates from Buchan
(This used to be commit b67929cc3e2339e0865f2924b930f1d834c20ed9)

16 years agocreate libdir for installclientlib; patch from Bill Knox
Gerald Carter [Fri, 5 Dec 2003 15:23:21 +0000 (15:23 +0000)]
create libdir for installclientlib; patch from Bill Knox
(This used to be commit b19472e108508935e6c80f61fd1394e852cb0902)

16 years agoremoving RCS tags
Gerald Carter [Fri, 5 Dec 2003 14:06:55 +0000 (14:06 +0000)]
removing RCS tags
(This used to be commit 9a7774306dfa29f0b343343844a2c08650d5ba1a)

16 years ago* removing extra file
Gerald Carter [Fri, 5 Dec 2003 13:57:02 +0000 (13:57 +0000)]
* removing extra file
* updating version in Makefile
(This used to be commit 3249e69274c00922c6d8710019c19d8c8add8255)

16 years agofixed a problem with "net rpc vampire" mis-parsing the alias member
Andrew Tridgell [Fri, 5 Dec 2003 11:30:47 +0000 (11:30 +0000)]
fixed a problem with "net rpc vampire" mis-parsing the alias member
info reply

Thanks to a bug report by 'musb'
(This used to be commit 310f90f3689d4acd16368a833f23ea5f9aaa0133)

16 years agoChange PICFLAG -> PICFLAGS to keep in line with version from source
Tim Potter [Fri, 5 Dec 2003 11:12:05 +0000 (11:12 +0000)]
Change PICFLAG -> PICFLAGS to keep in line with version from source
directory and fix display bug.
(This used to be commit f43546d0af7c7ad74b3bf0bae1652822184a04da)

16 years agoupdating top 0.8.2-1 of the smbldap tools
Gerald Carter [Thu, 4 Dec 2003 21:59:20 +0000 (21:59 +0000)]
updating top 0.8.2-1 of the smbldap tools
(This used to be commit b798f30f0a83ba00ebbe1b82983ca6690642ad02)

16 years agobumping version in preparation for 3.0.1rc1
Gerald Carter [Thu, 4 Dec 2003 21:38:47 +0000 (21:38 +0000)]
bumping version in preparation for 3.0.1rc1
(This used to be commit 91c95391c3efd4c1009032acc6af9f7886447c55)

16 years agoFix incorrect smb flags2 for connections to pre-NT servers (causes smbclient to
Steve French [Thu, 4 Dec 2003 21:26:14 +0000 (21:26 +0000)]
Fix incorrect smb flags2 for connections to pre-NT servers (causes smbclient to
fail to OS2 for example)
(This used to be commit 54e2fcb8f4a9d603b3210baa014b3f5f15070a22)

16 years agofix process_incoming_data() to return the number of bytes handled this call whether...
Gerald Carter [Thu, 4 Dec 2003 20:20:59 +0000 (20:20 +0000)]
fix process_incoming_data() to return the number of bytes handled this call whether we have a complete pdu or not; fixes bug with multiple pdu request rpc's broken over SMBwriteX calls each
(This used to be commit ff06f3ca8e597d093b8a76b5cfabfa6009f4b591)

16 years agofix debug message
Gerald Carter [Thu, 4 Dec 2003 19:22:44 +0000 (19:22 +0000)]
fix debug message
(This used to be commit 550b309a65d138364502c720894e2099de6b5076)

16 years agotypo in BASEDIR; patch from Darren Chew
Gerald Carter [Thu, 4 Dec 2003 16:38:50 +0000 (16:38 +0000)]
typo in BASEDIR; patch from Darren Chew
(This used to be commit 21b0758a88a2469a61d13acf7ecc006152a07273)

16 years agosync OID with HEAD
Gerald Carter [Thu, 4 Dec 2003 05:02:53 +0000 (05:02 +0000)]
sync OID with HEAD
(This used to be commit d463abb035a19dce84902039623275cd72e16edc)

16 years agosupport munged dial for ldapsam; patch from Aurélien Degrémont; bug 800
Gerald Carter [Thu, 4 Dec 2003 04:52:00 +0000 (04:52 +0000)]
support munged dial for ldapsam; patch from Aurélien Degrémont; bug 800
(This used to be commit 1c3c16abc94d197e69e3350de1e5cc1e99be4322)

16 years agodon't crash on a NULL priviledge pointer; patch from Jianliang Lu
Gerald Carter [Thu, 4 Dec 2003 04:31:29 +0000 (04:31 +0000)]
don't crash on a NULL priviledge pointer; patch from Jianliang Lu
(This used to be commit 2742e813fea2366f91bec62dca407f65ad5c4623)

16 years agoPicked up by the build farm - despite all my efforts, security=server was
Andrew Bartlett [Thu, 4 Dec 2003 04:16:16 +0000 (04:16 +0000)]
Picked up by the build farm - despite all my efforts, security=server was
broken by my NTLM2 commit.  This should correctly cause the NTLM2 case
not to be negotiated when 'security=server' is in effect.

Andrew Bartlett
(This used to be commit 19bb4b582f98eb1da41e22c9a2a2c11602cb95e4)

16 years agoWithout 'non unix accounts' we can't test security=domain on the build farm.
Andrew Bartlett [Thu, 4 Dec 2003 03:55:12 +0000 (03:55 +0000)]
Without 'non unix accounts' we can't test security=domain on the build farm.
(This used to be commit c8485d3f00727fb363b45e48581eeb0b0b0cb851)

16 years ago* fix RemoveSidForeignDomain() ; bug 252
Gerald Carter [Thu, 4 Dec 2003 03:35:46 +0000 (03:35 +0000)]
* fix RemoveSidForeignDomain() ; bug 252
* don't fall back to unmapped UNIX group for
  get_local_group_from_sid()
* remove an extra become/unbecome_root() pair
  from group enumeration
(This used to be commit da12bbdb0dd9179b1ed457fa009679e2da4a8440)

16 years agoFix for "hash" (not hash2) type mangling. Noticed by "Forrest W. Christian" <fwc...
Jeremy Allison [Wed, 3 Dec 2003 23:16:27 +0000 (23:16 +0000)]
Fix for "hash" (not hash2) type mangling. Noticed by "Forrest W. Christian" <fwc@mt.net>
Jeremy.
(This used to be commit 3a8fe3b2ef30cbe0cf441d6c4ffa9c309dc71e54)

16 years agoMatch Win2k and return 'invalid parameter' for creating of a new account with
Andrew Bartlett [Tue, 2 Dec 2003 12:48:15 +0000 (12:48 +0000)]
Match Win2k and return 'invalid parameter' for creating of a new account with
account flags of 0.

Andrew Bartlett
(This used to be commit 601120f335b69e5b8a003038dfac00f3f234a5c1)

16 years agoTwo trivial warnings
Volker Lendecke [Tue, 2 Dec 2003 11:36:02 +0000 (11:36 +0000)]
Two trivial warnings

Volker
(This used to be commit a13e088493d91d39f730ba4b5138d5c4c5aa113a)

16 years agoClient connect signing error messages should be level zero else
Jeremy Allison [Mon, 1 Dec 2003 22:55:43 +0000 (22:55 +0000)]
Client connect signing error messages should be level zero else
they're easy to miss.
Jeremy.
(This used to be commit 7fa89b093709053650d197d2d0f091b9a1cd8218)

16 years agoGet a little paranoid about memfree use in convert_string_allocate..
Jeremy Allison [Mon, 1 Dec 2003 22:46:46 +0000 (22:46 +0000)]
Get a little paranoid about memfree use in convert_string_allocate..
Looking at crash bugs #809 and others.
Jeremy.
(This used to be commit cd2075580b0f35c8a414c995f03834c01efaa9be)

16 years agoanother strequal() == 0 fix
Gerald Carter [Mon, 1 Dec 2003 19:59:25 +0000 (19:59 +0000)]
another strequal() == 0 fix
(This used to be commit 464b410734c46bc55f2427e99ecf61bad7e3b244)

16 years agofix inverted logic caused by s/strcmp/strequal/; host allow/deny works again; bug 846
Gerald Carter [Mon, 1 Dec 2003 19:25:41 +0000 (19:25 +0000)]
fix inverted logic caused by s/strcmp/strequal/; host allow/deny works again; bug 846
(This used to be commit c816b44a9c1278d756f63044bb3a3bce3afec9b3)

16 years agoadd Replicator and RAS Servers to list of builtin SIDs we resolve; bug 608
Gerald Carter [Mon, 1 Dec 2003 18:37:47 +0000 (18:37 +0000)]
add Replicator and RAS Servers to list of builtin SIDs we resolve; bug 608
(This used to be commit 4bc58129e073973620aed1bfb161ee83c1863f81)

16 years agodon't mistake pre-existing UNIX jobs for smb jobs; patch from SATOH Fumiyasu bug 770
Gerald Carter [Mon, 1 Dec 2003 18:02:05 +0000 (18:02 +0000)]
don't mistake pre-existing UNIX jobs for smb jobs; patch from SATOH Fumiyasu bug 770
(This used to be commit 3a55788dca537248d0aea9973a84075e142b7736)

16 years agoIn the brief 'net rpc group' listing, don't cut off group names at 21 chars.
Volker Lendecke [Mon, 1 Dec 2003 14:12:26 +0000 (14:12 +0000)]
In the brief 'net rpc group' listing, don't cut off group names at 21 chars.

Volker
(This used to be commit 5d0b8280f6c4990ee3a26c310efebfa859ee21be)

16 years agoBeautify the net status help message a bit
Volker Lendecke [Mon, 1 Dec 2003 14:07:22 +0000 (14:07 +0000)]
Beautify the net status help message a bit

Volker
(This used to be commit e9391e206a8cdbcc08597a33b557b86f9a5d73ce)

16 years agoI needed a decently parseable format of smbstatus. Looking at smbstatus code
Volker Lendecke [Mon, 1 Dec 2003 13:58:43 +0000 (13:58 +0000)]
I needed a decently parseable format of smbstatus. Looking at smbstatus code
tells me that this should not be expanded, so I implemented

net status [sessions|shares] [parseable]

Volker
(This used to be commit 63d877c6b4786dcddf5f389842f798857be282c0)

16 years agoFix spurious error msg. when seq=0.
Jeremy Allison [Mon, 1 Dec 2003 06:59:54 +0000 (06:59 +0000)]
Fix spurious error msg. when seq=0.
Jeremy
(This used to be commit 4912ad8f18041c9c3abe2cfa67dd26a324c9c31e)

16 years agoEnsure the server can cope with multiple secondary trans
Jeremy Allison [Mon, 1 Dec 2003 06:53:10 +0000 (06:53 +0000)]
Ensure the server can cope with multiple secondary trans
requests when signing is turned on.
Jeremy.
(This used to be commit 206464a748a59b1d485d4d3d0cb4d257d60fbd00)

16 years agoSubtract NT_STATUS from common flag, don't add it...
Jeremy Allison [Mon, 1 Dec 2003 06:19:17 +0000 (06:19 +0000)]
Subtract NT_STATUS from common flag, don't add it...
Jeremy.
(This used to be commit 4e73faa7b4af7f73bdce9fcc2ee1825249dc7da7)

16 years agoEnsure we use the same mid for the secondary trans requests, W2K3
Jeremy Allison [Mon, 1 Dec 2003 03:24:50 +0000 (03:24 +0000)]
Ensure we use the same mid for the secondary trans requests, W2K3
does this.
Jeremy.
(This used to be commit 8adf0cd27a23b1bc6e0da08789a8b1e9eefb54a7)

16 years agoDon't automatically set nt status code flag unless client tells us it can
Jeremy Allison [Mon, 1 Dec 2003 02:25:56 +0000 (02:25 +0000)]
Don't automatically set nt status code flag unless client tells us it can
cope.
Jeremy.
(This used to be commit 0d82ac57a59276adb403f8e023578c2d6d5136e4)

16 years agoBetter fix for client signing bug. Ensure we don't malloc/free trans signing
Jeremy Allison [Mon, 1 Dec 2003 01:04:04 +0000 (01:04 +0000)]
Better fix for client signing bug. Ensure we don't malloc/free trans signing
state info each packet.
Jeremy.
(This used to be commit 818cf32d6330f7e7855ce662326003e75d4a1d46)

16 years agoFix signing bug with secondary client trans requests. Turns out the last
Jeremy Allison [Sun, 30 Nov 2003 19:40:57 +0000 (19:40 +0000)]
Fix signing bug with secondary client trans requests. Turns out the last
packet is the one that matters for checking the signing replies. Need to
check the server code does this correctly too....
Bug #832 reported by Volker.
Jeremy.
(This used to be commit 6750dc33b46c422582176b704592d9b2f1fb04d7)

16 years agoImplement 'net rpc group list [global|local|builtin]*' for a select listing of
Volker Lendecke [Fri, 28 Nov 2003 15:10:00 +0000 (15:10 +0000)]
Implement 'net rpc group list [global|local|builtin]*' for a select listing of
the respective user databases.

Volker
(This used to be commit 39e4ee0c5be9f8d5a26b03ae17865b8e576b0b62)

16 years agoFix for pdbedit error code returns (sorry, forgot who sent in the patch).
Jeremy Allison [Thu, 27 Nov 2003 18:34:42 +0000 (18:34 +0000)]
Fix for pdbedit error code returns (sorry, forgot who sent in the patch).
Jeremy.
(This used to be commit 685097bc50a8ef387c5082401858d482329c37bc)

16 years agoOnly ask for 512 names at a time.
Volker Lendecke [Thu, 27 Nov 2003 17:31:18 +0000 (17:31 +0000)]
Only ask for 512 names at a time.

Volker
(This used to be commit d5775b7106dc5d6326db89f7369d2ffd61646426)

16 years agoCorrect freebsd 5.1 support for winbind contributed by Aaron Collins.
Tim Potter [Thu, 27 Nov 2003 05:11:14 +0000 (05:11 +0000)]
Correct freebsd 5.1 support for winbind contributed by Aaron Collins.
Let the build farm chew on it for a bit.
(This used to be commit 41e4b036dff0af7be69bf95ea3d64dfccd3a4b8e)

16 years agouse samr_dispinfo(level == 1) for enumerating domain users so we can include the...
Gerald Carter [Thu, 27 Nov 2003 04:39:53 +0000 (04:39 +0000)]
use samr_dispinfo(level == 1) for enumerating domain users so we can include the full name in gecos field; bug 587
(This used to be commit 329065d7cddb52c52667c93e0a0218c0e89938be)

16 years agoPatch from Benjamin Riefenstahl <Benjamin.Riefenstahl@epost.de> to add
Jeremy Allison [Wed, 26 Nov 2003 20:58:53 +0000 (20:58 +0000)]
Patch from Benjamin Riefenstahl <Benjamin.Riefenstahl@epost.de> to add
MacOSX (Darwin) specific charset module code. Also had to add AC_CHECK_CPP
to configure.in (this took a *long* time to track down) to make autoconf
work correctly on Fedora Core 1.
Jeremy.
(This used to be commit c51d974b18e31a38608a3837d3fee04a209f91c8)

16 years agoThis commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This used to...
cvs2svn Import User [Wed, 26 Nov 2003 20:58:52 +0000 (20:58 +0000)]
This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.(This used to be commit 9ccf8c530def31ccf6aca4f56b53676512131e66)

16 years agoPatch from Benjamin Riefenstahl <Benjamin.Riefenstahl@epost.de> to add
Jeremy Allison [Wed, 26 Nov 2003 20:58:51 +0000 (20:58 +0000)]
Patch from Benjamin Riefenstahl <Benjamin.Riefenstahl@epost.de> to add
MacOSX (Darwin) specific charset module code. Also had to add AC_CHECK_CPP
to configure.in (this took a *long* time to track down) to make autoconf
work correctly on Fedora Core 1.
Jeremy.
(This used to be commit a5711943428e4b586fb7f064739c78fa0a3ebd52)

16 years agoClean up a comment noticed by Jonathan Shao@Panasas.com and remove an
Richard Sharpe [Wed, 26 Nov 2003 19:15:22 +0000 (19:15 +0000)]
Clean up a comment noticed by Jonathan Shao@Panasas.com and remove an
obsolete comment by Luke Leighton.
(This used to be commit 316f83add76b56fe102f5dc4c9ce3a0413d9a1f4)

16 years agoFixing barfed idmap entries and adding not on use of FLAG_HIDE.
John Terpstra [Wed, 26 Nov 2003 18:43:26 +0000 (18:43 +0000)]
Fixing barfed idmap entries and adding not on use of FLAG_HIDE.
(This used to be commit 25aa5df5c79070d0f1273a71617e64fba7831742)

16 years agoImplement "net rpc group members": Get members of a domain group in
Volker Lendecke [Wed, 26 Nov 2003 10:09:59 +0000 (10:09 +0000)]
Implement "net rpc group members": Get members of a domain group in
human-readable format.

Volker
(This used to be commit e5770a9433099f86a1f828a35bbecbe5691c000c)

16 years agoImplement "net rpc group members": Get members of a domain group in
Volker Lendecke [Wed, 26 Nov 2003 10:07:07 +0000 (10:07 +0000)]
Implement "net rpc group members": Get members of a domain group in
human-readable format.

Volker
(This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)

16 years agoGet rid of a const warning
Volker Lendecke [Wed, 26 Nov 2003 10:01:31 +0000 (10:01 +0000)]
Get rid of a const warning

Volker
(This used to be commit ab1096d58e2447bc91370e0a7f913d9375658c4c)

16 years agoGet rid of a const warning
Volker Lendecke [Wed, 26 Nov 2003 09:58:41 +0000 (09:58 +0000)]
Get rid of a const warning

Volker
(This used to be commit 94860687c535ace0c962ca3fe7da59df05325c62)

16 years agoMerge from 3.0:
Andrew Bartlett [Wed, 26 Nov 2003 00:07:55 +0000 (00:07 +0000)]
Merge from 3.0:

 - NTLM2 fixes, don't force NTLM2
 - Don't use NTLM2 for RPC, it doesn't work yet
 - Add comments to winbindd_pam.c
 - Merge 64 bit fixes and better debug messages in winbindd.c

Andrew Bartlett
(This used to be commit ba94e4a1ab6dc3335bbb29686ca6795d0ffad5b0)

16 years agoPatch from Jim McDonough for bug #802. Retrieve the correct ACL group bits
Jeremy Allison [Tue, 25 Nov 2003 23:25:42 +0000 (23:25 +0000)]
Patch from Jim McDonough for bug #802. Retrieve the correct ACL group bits
if the file has an ACL.
Jeremy.
(This used to be commit 7bf5ed30ce74ba658ca35059955748c1d8cbd6d2)

16 years agoPatch from Jim McDonough for bug #802. Retrieve the correct ACL group bits
Jeremy Allison [Tue, 25 Nov 2003 23:25:15 +0000 (23:25 +0000)]
Patch from Jim McDonough for bug #802. Retrieve the correct ACL group bits
if the file has an ACL.
Jeremy.
(This used to be commit a51d9e947ef012fabf5a13250df6232d23722f68)

16 years agoAdd a comment, and a useful debug message.
Andrew Bartlett [Tue, 25 Nov 2003 23:24:14 +0000 (23:24 +0000)]
Add a comment, and a useful debug message.
(This used to be commit df14b0af31863680218b06ae9de2f010a38fba6e)

16 years agoFix build of winbindd with static pdb modules
Jelmer Vernooij [Tue, 25 Nov 2003 19:41:47 +0000 (19:41 +0000)]
Fix build of winbindd with static pdb modules
(This used to be commit 92a138f027cf2f1c2b13c6f3d59493fb21885d5e)

16 years agoallow users to delete jobs with cups printing backend
Gerald Carter [Tue, 25 Nov 2003 19:17:20 +0000 (19:17 +0000)]
allow users to delete jobs with cups printing backend
The changes the name of the job passed off to cups
from "Test Page" to "smbprn.00000033 Test Page" so that
we can get the smb jobid back from lpq.  Working on bug
770.
(This used to be commit 3a84daf24f80cf44605841c844a0ba516354420b)

16 years agoallow users to delete jobs with cups printing backend
Gerald Carter [Tue, 25 Nov 2003 19:16:35 +0000 (19:16 +0000)]
allow users to delete jobs with cups printing backend
The changes the name of the job passed off to cups
from "Test Page" to "smbprn.00000033 Test Page" so that
we can get the smb jobid back from lpq.  Working on bug
770.
(This used to be commit 5979f4d645e84fb22223e6cbf0043f2fa21acb2f)

16 years agoIf signing starts successfully, don't just turn it off automatically if
Jeremy Allison [Tue, 25 Nov 2003 18:15:52 +0000 (18:15 +0000)]
If signing starts successfully, don't just turn it off automatically if
it fails later. Only turn it off automatically if it fails at the start.
Jeremy.
(This used to be commit 4a145531c2b6353291cd25f14f5572aa31e86594)

16 years agoIf signing starts successfully, don't just turn it off automatically if
Jeremy Allison [Tue, 25 Nov 2003 18:15:49 +0000 (18:15 +0000)]
If signing starts successfully, don't just turn it off automatically if
it fails later. Only turn it off automatically if it fails at the start.
Jeremy.
(This used to be commit 2a00d538da61253455db1734b74ef1debaea24ea)

16 years agoDo not add NTLM2 to the NTLMSSP flags unconditionally - allow the
Andrew Bartlett [Tue, 25 Nov 2003 11:25:38 +0000 (11:25 +0000)]
Do not add NTLM2 to the NTLMSSP flags unconditionally - allow the
defaults specified by the caller to prevail.

Don't use NTLM2 for RPC pipes, until we know how it works in signing or sealing.

Call ntlmssp_sign_init() unconditionally in the client - we setup the
session key, why not setup the rest of the data.

Andrew Bartlett
(This used to be commit 48123f7e42c3fde85887de23c80ceee04c2f6281)

16 years agoPatch for #263 from jpjanosi@us.ibm.com.
Jeremy Allison [Tue, 25 Nov 2003 02:04:10 +0000 (02:04 +0000)]
Patch for #263 from jpjanosi@us.ibm.com.
Jeremy.
(This used to be commit 6543bca0cbf6030d2400e30bb7491237d9c818f8)

16 years agoPatch for #263 from jpjanosi@us.ibm.com.
Jeremy Allison [Tue, 25 Nov 2003 02:04:03 +0000 (02:04 +0000)]
Patch for #263 from jpjanosi@us.ibm.com.
Jeremy.
(This used to be commit 0f2a50316d8245ea9c441f0ea08e1a0fd9a92583)

16 years agoWhen server signing is set to "auto", if the client doesn't sign just
Jeremy Allison [Tue, 25 Nov 2003 00:32:51 +0000 (00:32 +0000)]
When server signing is set to "auto", if the client doesn't sign just
ignore it. Only fail if signing is set to "required".
Jeremy.
(This used to be commit 8916ddfc39c3e70265188926f24034152f0e7b6b)

16 years agoWhen server signing is set to "auto", if the client doesn't sign just
Jeremy Allison [Tue, 25 Nov 2003 00:32:48 +0000 (00:32 +0000)]
When server signing is set to "auto", if the client doesn't sign just
ignore it. Only fail if signing is set to "required".
Jeremy.
(This used to be commit ab5db8873e2882900baa1c74706bb907baaff7fd)

16 years agostrequal() returns a BOOL, not an int like strcmp(); this fixes a bug in check_bind_r...
Gerald Carter [Mon, 24 Nov 2003 20:22:41 +0000 (20:22 +0000)]
strequal() returns a BOOL, not an int like strcmp(); this fixes a bug in check_bind_response()
(This used to be commit 84f0e97e5882375b765b818e89a6d96736cd5932)

16 years agostrequal() returns a BOOL, not an int like strcmp(); this fixes a bug in check_bind_r...
Gerald Carter [Mon, 24 Nov 2003 20:22:12 +0000 (20:22 +0000)]
strequal() returns a BOOL, not an int like strcmp(); this fixes a bug in check_bind_response()
(This used to be commit 5e062f72baad6f7a70f1a3c8cf190535ccacc89e)

16 years agoAdded "passwd chat timeout" parameter. Docs to follow.
Jeremy Allison [Mon, 24 Nov 2003 20:18:47 +0000 (20:18 +0000)]
Added "passwd chat timeout" parameter. Docs to follow.
Jeremy.
(This used to be commit 16097f2072085432f4c669d9e008023f36f7afbb)

16 years agoAdded "passwd chat timeout" parameter. Docs to follow.
Jeremy Allison [Mon, 24 Nov 2003 20:18:44 +0000 (20:18 +0000)]
Added "passwd chat timeout" parameter. Docs to follow.
Jeremy.
(This used to be commit 4d49fb806db6868f97069a603a28a85dc31cfe21)

16 years agopatch from Matthias Hilbig for bug 467; use the dns name (or IP) as the originating...
Gerald Carter [Mon, 24 Nov 2003 18:38:15 +0000 (18:38 +0000)]
patch from Matthias Hilbig for bug 467; use the dns name (or IP) as the originating client name when using CUPS
(This used to be commit eae48cda0f7f1346cd66d5a581c1273880f214d4)

16 years agopatch from Matthias Hilbig for bug 467; use the dns name (or IP) as the originating...
Gerald Carter [Mon, 24 Nov 2003 18:37:19 +0000 (18:37 +0000)]
patch from Matthias Hilbig for bug 467; use the dns name (or IP) as the originating client name when using CUPS
(This used to be commit 71333299a6e6bc6d74d2172f71e3fe21ef75aa3c)

16 years agomore access fixes for group enumeration in LDAP; bug 281
Gerald Carter [Mon, 24 Nov 2003 17:33:15 +0000 (17:33 +0000)]
more access fixes for group enumeration in LDAP; bug 281
(This used to be commit c4ce92e80688fe7fd4b2fde2c31e94baf3e4dca0)

16 years agomore access fixes for group enumeration in LDAP; bug 281
Gerald Carter [Mon, 24 Nov 2003 17:31:38 +0000 (17:31 +0000)]
more access fixes for group enumeration in LDAP; bug 281
(This used to be commit 68283407e0f366d8315f4be6caed67eb6fe84b85)

16 years ago(Merge from 3.0)
Andrew Bartlett [Sun, 23 Nov 2003 00:23:26 +0000 (00:23 +0000)]
(Merge from 3.0)

Patch by emil@disksites.com <Emil Rasamat> to ensure we always always
free() each auth method. (We had relied on the use of talloc() only,
despite providing the free() callback)

Andrew Bartlett
(This used to be commit 58c4963a8389dff4d925548217fabed1c9932abd)

16 years agoMerge from 3.0:
Andrew Bartlett [Sun, 23 Nov 2003 00:22:17 +0000 (00:22 +0000)]
Merge from 3.0:

Add support for variable-length session keys in our client code.

This means that we now support 'net rpc join' with KRB5 (des based)
logins.  Now, you need to hack 'net' to do that, but the principal is
important...

When we add kerberos to 'net rpc', it should be possible to still do
user management and the like over RPC.

-

Add server-side support for variable-length session keys (as used by
DES based krb5 logins).

Andrew Bartlett
(This used to be commit 1287cf5f921327c9ea758de46220c4e2dedc485c)

16 years agoPatch by emil@disksites.com <Emil Rasamat> to ensure we always always
Andrew Bartlett [Sun, 23 Nov 2003 00:16:54 +0000 (00:16 +0000)]
Patch by emil@disksites.com <Emil Rasamat> to ensure we always always
free() each auth method. (We had relied on the use of talloc() only, despite providing the free() callback)

Andrew Bartlett
(This used to be commit 5872c0e26e3407c7c1dcf2074a36896a3ca1325a)

16 years agoAdd server-side support for variable-length session keys (as used by
Andrew Bartlett [Sun, 23 Nov 2003 00:04:29 +0000 (00:04 +0000)]
Add server-side support for variable-length session keys (as used by
DES based krb5 logins).

Andrew Bartlett
(This used to be commit 240b0d178e1b4a3556207bdf2e342c70155f64ee)

16 years agoAdd support for variable-length session keys in our client code.
Andrew Bartlett [Sat, 22 Nov 2003 23:38:41 +0000 (23:38 +0000)]
Add support for variable-length session keys in our client code.

This means that we now support 'net rpc join' with KRB5 (des based)
logins.  Now, you need to hack 'net' to do that, but the principal is
important...

When we add kerberos to 'net rpc', it should be possible to still do
user management and the like over RPC.

(server-side support to follow shortly)

Andrew Bartlett
(This used to be commit 9ecf9408d98639186b283f1acf0fac46417547d0)

16 years ago(merge from 3.0)
Andrew Bartlett [Sat, 22 Nov 2003 13:29:02 +0000 (13:29 +0000)]
(merge from 3.0)

Changes all over the shop, but all towards:
 - NTLM2 support in the server
 - KEY_EXCH support in the server
 - variable length session keys.

In detail:

 - NTLM2 is an extension of NTLMv1, that is compatible with existing
domain controllers (unlike NTLMv2, which requires a DC upgrade).

 * This is known as 'NTLMv2 session security' *

(This is not yet implemented on the RPC pipes however, so there may
well still be issues for PDC setups, particuarly around password
changes.  We do not fully understand the sign/seal implications of
NTLM2 on RPC pipes.)

This requires modifications to our authentication subsystem, as we
must handle the 'challege' input into the challenge-response algorithm
being changed.  This also needs to be turned off for
'security=server', which does not support this.

- KEY_EXCH is another 'security' mechanism, whereby the session key
actually used by the server is sent by the client, rather than being
the shared-secret directly or indirectly.

- As both these methods change the session key, the auth subsystem
needed to be changed, to 'override' session keys provided by the
backend.

- There has also been a major overhaul of the NTLMSSP subsystem, to
merge the 'client' and 'server' functions, so they both operate on a
single structure.  This should help the SPNEGO implementation.

- The 'names blob' in NTLMSSP is always in unicode - never in ascii.
Don't make an ascii version ever.

- The other big change is to allow variable length session keys.  We
have always assumed that session keys are 16 bytes long - and padded
to this length if shorter.  However, Kerberos session keys are 8 bytes
long, when the krb5 login uses DES.

 * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. *

- Add better DEBUG() messages to ntlm_auth, warning administrators of
misconfigurations that prevent access to the privileged pipe.  This
should help reduce some of the 'it just doesn't work' issues.

- Fix data_blob_talloc() to behave the same way data_blob() does when
passed a NULL data pointer.  (just allocate)

REMEMBER to make clean after this commit - I have changed plenty of
data structures...

Andrew Bartlett
(This used to be commit 57a895aaabacc0c9147344d097d333793b77c947)

16 years agoChanges all over the shop, but all towards:
Andrew Bartlett [Sat, 22 Nov 2003 13:19:38 +0000 (13:19 +0000)]
Changes all over the shop, but all towards:
 - NTLM2 support in the server
 - KEY_EXCH support in the server
 - variable length session keys.

In detail:

 - NTLM2 is an extension of NTLMv1, that is compatible with existing
domain controllers (unlike NTLMv2, which requires a DC upgrade).

 * This is known as 'NTLMv2 session security' *

(This is not yet implemented on the RPC pipes however, so there may
well still be issues for PDC setups, particuarly around password
changes.  We do not fully understand the sign/seal implications of
NTLM2 on RPC pipes.)

This requires modifications to our authentication subsystem, as we
must handle the 'challege' input into the challenge-response algorithm
being changed.  This also needs to be turned off for
'security=server', which does not support this.

- KEY_EXCH is another 'security' mechanism, whereby the session key
actually used by the server is sent by the client, rather than being
the shared-secret directly or indirectly.

- As both these methods change the session key, the auth subsystem
needed to be changed, to 'override' session keys provided by the
backend.

- There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure.  This should help the SPNEGO implementation.

- The 'names blob' in NTLMSSP is always in unicode - never in ascii.
Don't make an ascii version ever.

- The other big change is to allow variable length session keys.  We
have always assumed that session keys are 16 bytes long - and padded
to this length if shorter.  However, Kerberos session keys are 8 bytes
long, when the krb5 login uses DES.

 * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. *

- Add better DEBUG() messages to ntlm_auth, warning administrators of
misconfigurations that prevent access to the privileged pipe.  This
should help reduce some of the 'it just doesn't work' issues.

- Fix data_blob_talloc() to behave the same way data_blob() does when
passed a NULL data pointer.  (just allocate)

REMEMBER to make clean after this commit - I have changed plenty of data structures...
(This used to be commit f3bbc87b0dac63426cda6fac7a295d3aad810ecc)

16 years agodebug and swat fixes from 3.0
Gerald Carter [Sat, 22 Nov 2003 06:17:46 +0000 (06:17 +0000)]
debug and swat fixes from 3.0
(This used to be commit 52c1973f39f4c4161097843fcf395e0102531575)

16 years agoinclude WWW-Authenticate field in 401 response for bad auth attempt; bug 629
Gerald Carter [Sat, 22 Nov 2003 06:16:01 +0000 (06:16 +0000)]
include WWW-Authenticate field in 401 response for bad auth attempt; bug 629
(This used to be commit 879d0f15ea260d61c56c5b841065ecb2f5ec26ca)

16 years agoadding a useful debug
Gerald Carter [Sat, 22 Nov 2003 06:15:28 +0000 (06:15 +0000)]
adding a useful debug
(This used to be commit e374ce779efaec001c1476e0710ceaa9c3b84e8d)

16 years agofix winbind ping call so that SWAT correctly determines if winbindd is running; bug 398
Gerald Carter [Sat, 22 Nov 2003 04:49:32 +0000 (04:49 +0000)]
fix winbind ping call so that SWAT correctly determines if winbindd is running; bug 398
(This used to be commit cb12d519cc40b964d022886538044e8613931199)

16 years agofix winbind ping call so that SWAT correctly determines if winbindd is running; bug 398
Gerald Carter [Sat, 22 Nov 2003 04:47:34 +0000 (04:47 +0000)]
fix winbind ping call so that SWAT correctly determines if winbindd is running; bug 398
(This used to be commit 04e37283f230b28f3019bfab3a71dde5e4ae4e23)

16 years agoEnsure that items in a list of strings containing whitespace
Gerald Carter [Sat, 22 Nov 2003 04:35:36 +0000 (04:35 +0000)]
Ensure that items in a list of strings containing whitespace
are written out surrounded by single quotes.  This means that
both double and single quotes are now used to surround
strings in smb.conf.  This is a slight change from the previous
behavior but needed or else things like

    printer admin = +ntadmin, 'VALE\Domain, Admin'

get written to smb.conf by SWAT.
(This used to be commit 59e9d6e301c752e99fb6a50204d7941f7f84566a)

16 years agoEnsure that items in a list of strings containing whitespace
Gerald Carter [Sat, 22 Nov 2003 04:33:36 +0000 (04:33 +0000)]
Ensure that items in a list of strings containing whitespace
are written out surrounded by single quotes.  This means that
both double and single quotes are now used to surround
strings in smb.conf.  This is a slight change from the previous
behavior but needed or else things like

    printer admin = +ntadmin, 'VALE\Domain, Admin'

get written to smb.conf by SWAT.
(This used to be commit 5bf91c79d620e34ac71d72c80f74e47754d49dcb)

16 years agoFix for rename across filesystems. Noticed by Rainer Link <link@foo.fh-furtwangen...
Jeremy Allison [Fri, 21 Nov 2003 23:01:37 +0000 (23:01 +0000)]
Fix for rename across filesystems. Noticed by Rainer Link <link@foo.fh-furtwangen.de>.
Jeremy.
(This used to be commit 598d9d3e5f612133e0528a1a8907745d715b61ed)

16 years agoFix for rename across filesystems. Noticed by Rainer Link <link@foo.fh-furtwangen...
Jeremy Allison [Fri, 21 Nov 2003 23:01:34 +0000 (23:01 +0000)]
Fix for rename across filesystems. Noticed by Rainer Link <link@foo.fh-furtwangen.de>.
Jeremy.
(This used to be commit f68c2ff0f3307612ddbe62b8cc2ea12251d54ec6)

16 years agoFix Jerry's no-proto bug :-).
Jeremy Allison [Fri, 21 Nov 2003 19:20:51 +0000 (19:20 +0000)]
Fix Jerry's no-proto bug :-).
Jeremy.
(This used to be commit 2b39e3f12a12f0863bf76d996c0d0db422d593bc)

16 years agoFix Jerry's no-proto bug :-).
Jeremy Allison [Fri, 21 Nov 2003 19:20:07 +0000 (19:20 +0000)]
Fix Jerry's no-proto bug :-).
Jeremy.
(This used to be commit 48153f7a07cc04b849a79778fdc3e76af6c6eb13)

16 years agomake sure we don't append the ldap suffix when writing out the ldap XXX suffix values...
Gerald Carter [Fri, 21 Nov 2003 19:12:33 +0000 (19:12 +0000)]
make sure we don't append the ldap suffix when writing out the ldap XXX suffix values in SWAT; based on tpot's original patch; bug 328
(This used to be commit b1d5173b16c40d55cfb6265f1d1947ec78952b6f)