Volker Lendecke [Wed, 21 Apr 2004 15:04:05 +0000 (15:04 +0000)]
r316: Fix split_domain_name. This defaulted to get_myname() instead of
get_global_sam_name().
Error case: Adding a domain user to a XP local group did a lsalookupname on
the user without domain prefix, and this then failed.
Jerry: This is a must-fix before 3.0.3.
Volker
Gerald Carter [Tue, 20 Apr 2004 20:29:01 +0000 (20:29 +0000)]
r299: updating release notes
Gerald Carter [Tue, 20 Apr 2004 16:33:30 +0000 (16:33 +0000)]
r296: patch from j.lu -- don't force an upper case domain name in the ntlmssp code
Gerald Carter [Tue, 20 Apr 2004 02:37:49 +0000 (02:37 +0000)]
r294: checking in volker's winbindd patches; tested on domain members (Samba and AD) as well as on a Samba DC
Gerald Carter [Tue, 20 Apr 2004 02:32:17 +0000 (02:32 +0000)]
r293: keeping a single default smb.conf to maintain
Gerald Carter [Tue, 20 Apr 2004 02:30:43 +0000 (02:30 +0000)]
r292: removing some outdated files and directories (I love subversion!)
Gerald Carter [Tue, 20 Apr 2004 02:16:25 +0000 (02:16 +0000)]
r291: adding printer and driver migration shell script from Kurt Pfeifle
Gerald Carter [Tue, 20 Apr 2004 01:36:04 +0000 (01:36 +0000)]
r289: BUG 1246 -- fix syntax error
Gerald Carter [Tue, 20 Apr 2004 01:24:47 +0000 (01:24 +0000)]
r288: combination of BUG 1081 and patch from J. Klinger -- added remove_duplicate_gids() to smbd and winbindd
Gerald Carter [Mon, 19 Apr 2004 17:05:31 +0000 (17:05 +0000)]
r283: removing --with-cracklib after discussion with abartklet @ sambaXP
Volker Lendecke [Sun, 18 Apr 2004 20:24:32 +0000 (20:24 +0000)]
r272: mention net rpc group delete
Volker Lendecke [Sun, 18 Apr 2004 20:22:31 +0000 (20:22 +0000)]
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'.
Volker
Gerald Carter [Fri, 16 Apr 2004 17:49:11 +0000 (17:49 +0000)]
r252: add backtrace to examples so people know about it (slight change from lars @suse)
Richard Sharpe [Fri, 16 Apr 2004 03:57:30 +0000 (03:57 +0000)]
r248: Add support for printing out the MAC address on nmblookup.
Jeremy Allison [Thu, 15 Apr 2004 23:08:41 +0000 (23:08 +0000)]
r247: Fixup a couple of debug messages.
Jeremy.
Gerald Carter [Thu, 15 Apr 2004 20:40:26 +0000 (20:40 +0000)]
r242: adding 'cups options' parameter to allow raw printing without changing /etc/cups/cupsd.conf -- documentation to follow
Andrew Bartlett [Thu, 15 Apr 2004 17:31:02 +0000 (17:31 +0000)]
r240: I'm pretty happy with the 'ntlm-server-1' helper protocol now, and as
there is now a public patch that uses it, make it always available.
(It was #ifdef DEVELOPER)
Andrew Bartlett
Volker Lendecke [Thu, 15 Apr 2004 15:59:59 +0000 (15:59 +0000)]
r238: Fix memleak
Volker Lendecke [Thu, 15 Apr 2004 09:07:32 +0000 (09:07 +0000)]
r229: Don't list domain groups from BUILTIN.
Volker
Jeremy Allison [Wed, 14 Apr 2004 23:31:03 +0000 (23:31 +0000)]
r227: Patch from James Peach <jpeach@sgi.com> to search RIX ABI paths for libiconv.
Based on inital fix from Jason Mader.
Jeremy.
Jeremy Allison [Wed, 14 Apr 2004 22:35:28 +0000 (22:35 +0000)]
r225: Patch from Pat.Hayward@propero.net to make the session_users list dynamic.
I restricted it to 128k max to prevent DOS attacks.
Jeremy.
Volker Lendecke [Wed, 14 Apr 2004 20:44:26 +0000 (20:44 +0000)]
r223: According to Thomas Mueller, thomas.mueller@christ-wasser.de, the two lines
removed (modifiersName and modifyTimestamp) lead to warnings upon startup of
the netscape directory server. I can't check this, but it sounds logical.
Thanks,
Volker
Jim McDonough [Wed, 14 Apr 2004 19:06:45 +0000 (19:06 +0000)]
r221: Remainder of bug 1208. We do not remove creds from _any_ FILE ccache,
because not only does it not work on Heimdal, but also since ccaches
created within samba are memory-based, so we shouldn't touch a
FILE-based one (it was probably created via kinit or similar).
Jim McDonough [Wed, 14 Apr 2004 17:34:48 +0000 (17:34 +0000)]
r219: Obtain new tickets if current ones are expired. Next part of fix for
bug 1208. Based on a fix from Guether Deschener.
Outstanding pieces:
- Heimdal FILE-based ccaches don't actually remove creds properly, so we
need to code a check for this
- what if ticket expires between our check and when we use it?
Guenther has coded up fixes for these parts, but I still need
to review them, as I'm not totally comfortable with the solutions.
Stefan Metzmacher [Wed, 14 Apr 2004 15:17:34 +0000 (15:17 +0000)]
r215: merge over svk fixes from 4_0
metze
Stefan Metzmacher [Wed, 14 Apr 2004 08:47:53 +0000 (08:47 +0000)]
r208: merge the version schema changes from 4_0
metze
Andrew Bartlett [Tue, 13 Apr 2004 20:57:26 +0000 (20:57 +0000)]
r201: Fix bugs in the --helper-protocol=ntlm-server-1 implementation.
(allow the use of base64 encoded strings, LM or NT passwords)
Andrew Bartlett
Gerald Carter [Tue, 13 Apr 2004 14:52:13 +0000 (14:52 +0000)]
r197: mistaken merge from trunk
Gerald Carter [Tue, 13 Apr 2004 14:39:48 +0000 (14:39 +0000)]
r196: merging struct uuid from trunk
Gerald Carter [Tue, 13 Apr 2004 14:38:52 +0000 (14:38 +0000)]
r195: adding files to ignore list
Paul Green [Tue, 13 Apr 2004 12:28:38 +0000 (12:28 +0000)]
r192: Fix configure.in to only use $BLDSHARED to select whether to build static or shared libraries.
Andrew Bartlett [Tue, 13 Apr 2004 08:58:02 +0000 (08:58 +0000)]
r191: Only send the ntlm_auth 'ntlm-server-1' helper client a '.' after the
server had said something (such as an error).
Andrew Bartlett
Andrew Bartlett [Mon, 12 Apr 2004 20:46:13 +0000 (20:46 +0000)]
r188: Add a new 'helper protocol' to ntlm_auth.
This protocol looks rather like SMTP headers/LDAP:
NT-Domain: TESTWG
Username: abartlet
...
Password: foo
Challenge-response passwords are in hexideciaml, while any 'plain'
string can be base64 encoded when like this:
Password:: Zm9vCg==
(the :: indicates it, just like LDAP - I hope)
The protocol is not final, so it is #ifdef DEVELOPER for now (so
nobody starts to rely on it until I'm happy), but we may as well get
this into subversion.
My intention is to use this to power the next version of my
PPP/ntlm_auth plugin, and hopefully entice a FreeRadius plugin out of
the woods.
Andrew Bartlett
Gerald Carter [Mon, 12 Apr 2004 19:00:54 +0000 (19:00 +0000)]
r185: fix linking prob surrounding --with-fake-kaserver and -lcrypto
Andrew Bartlett [Mon, 12 Apr 2004 14:19:48 +0000 (14:19 +0000)]
r177: Split ntlm_auth --diagnostics into a seperate file, so as not to clutter
the main ntlm_auth program.
It quite possibly should belong in smbtorture, but relies on the
winbind client for now.
Andrew Bartlett
Andrew Bartlett [Mon, 12 Apr 2004 11:18:32 +0000 (11:18 +0000)]
r176: Improve our fallback code for password changes - this would be better
with more correct NTLMSSP support in client and server, but it will do
for now.
Also implement LANMAN password only in the classical session setup code, but
#ifdef'ed out. In Samba4, I'll make this run-time so we can torture it.
Lanman passwords over 14 dos characters long could be considered
'invalid' (they are truncated) - so SMBencrypt now returns 'False' if
it generates such a password.
Andrew Bartlett
Andrew Bartlett [Mon, 12 Apr 2004 11:15:14 +0000 (11:15 +0000)]
r175: Move this comment to the right place...
Andrew Bartlett
Andrew Bartlett [Mon, 12 Apr 2004 10:17:48 +0000 (10:17 +0000)]
r171: Continue the 'rename nt_session_key' work. This attempts to rename
this variable to 'user_session_key', where possible. The command line
parameter is currently unchanged).
Andrew Bartlett
Volker Lendecke [Sun, 11 Apr 2004 10:33:05 +0000 (10:33 +0000)]
r160: Fix msdfs proxy. Could others please also test this, this code is soo
cluttered. I've tested with w2k and xp with msdfs proxy and normal msdfs root,
but I would like others to also look at the code.
Thanks,
Volker
Gerald Carter [Sat, 10 Apr 2004 22:37:47 +0000 (22:37 +0000)]
r155: real for for BUG 761 -- allow printing parameter to set defaults on a per share basis
Volker Lendecke [Sat, 10 Apr 2004 21:38:05 +0000 (21:38 +0000)]
r153: Fix memleak
Jeremy Allison [Sat, 10 Apr 2004 20:02:46 +0000 (20:02 +0000)]
r150: Make 3.x pass the Samba 4.x RAW-SEARCH tests - except for the
UNIX info levels, and the short case preserve names. Tested
with NT - needs more testing. Will work on this more on Monday.
Jeremy.
Andrew Bartlett [Sat, 10 Apr 2004 19:24:31 +0000 (19:24 +0000)]
r148: Ensure we do not dereference a null pointer when we return the user
session key.
Volker Lendecke [Sat, 10 Apr 2004 16:09:48 +0000 (16:09 +0000)]
r145: pdb_create_alias now returns NTSTATUS. More of this to follow.
Volker
Paul Green [Sat, 10 Apr 2004 14:26:19 +0000 (14:26 +0000)]
r144: Move first use of AC_CHECK_HEADERS so it is always executed. Tidy up indendation.
Volker Lendecke [Sat, 10 Apr 2004 06:03:55 +0000 (06:03 +0000)]
r139: Apply some const
Gerald Carter [Wed, 7 Apr 2004 12:49:36 +0000 (12:49 +0000)]
r119: missed a file in volker patch
Gerald Carter [Wed, 7 Apr 2004 12:48:55 +0000 (12:48 +0000)]
r118: adding some recent checkins to commit list
Gerald Carter [Wed, 7 Apr 2004 12:43:44 +0000 (12:43 +0000)]
r116: volker's patch for local group and group nesting
Gerald Carter [Wed, 7 Apr 2004 12:42:03 +0000 (12:42 +0000)]
r115: finally checking in tridge's winbindd_schannel patch for connections
Andrew Bartlett [Wed, 7 Apr 2004 09:27:50 +0000 (09:27 +0000)]
r104: Fix ntlm_auth by adding the new strhex_to_data_blob() call.
Andrew Bartlett
Jeremy Allison [Tue, 6 Apr 2004 23:01:09 +0000 (23:01 +0000)]
r96: Stupid f&%'n UNIX extensions.... SETPATHINFO
normally takes as it's param entry the filename to
be acted upon.... Unless it's UNIX extensions create
hardlink, or UNIX extensions create symlink. Then it's
param -> newfile name
data -> oldfile name.
This caused me to stuff them up in 3.0.2 (and the
client commands link and symlink). Fixed them, everything
is now called oldname and newname - thus specifying which
name should already exist (hint - the old one...) and which
will be created (newname).
Jeremy.
Paul Green [Tue, 6 Apr 2004 22:12:21 +0000 (22:12 +0000)]
r93: Update VOS _POSIX_C_SOURCE macro to 200112L.
Jim McDonough [Tue, 6 Apr 2004 22:02:47 +0000 (22:02 +0000)]
r91: Fix lsalookupnames. Previously we'd fail if we didn't find the name, but
we never checked if it was a domain user and didn't find a local one.
Steve French [Tue, 6 Apr 2004 21:56:59 +0000 (21:56 +0000)]
r88: Add missing guest mount option for mount.cifs
Jeremy Allison [Tue, 6 Apr 2004 21:13:53 +0000 (21:13 +0000)]
r87: Fix the build that Andrew Bartlett broke. Andrew - don't check *ANYTHING* in
unless you have done a make clean; make.
Jeremy.
Andrew Bartlett [Tue, 6 Apr 2004 16:49:09 +0000 (16:49 +0000)]
r86: This function was moved to lib/nterr.h
Andrew Bartlett
Andrew Bartlett [Tue, 6 Apr 2004 16:45:38 +0000 (16:45 +0000)]
r85: Update the winbind interface version, as I just extended the struct.
Andrew Bartlett
Andrew Bartlett [Tue, 6 Apr 2004 16:44:24 +0000 (16:44 +0000)]
r84: Implement --required-membership-of=, an ntlm_auth option that restricts
all authentication to members of this particular group.
Also implement an option to allow ntlm_auth to get 'squashed' error codes,
which are safer to communicate to remote network clients.
Andrew Bartlett
Jeremy Allison [Tue, 6 Apr 2004 14:24:13 +0000 (14:24 +0000)]
r81: Make EA's case independent - fix smbtorture to test for this.
Jeremy.
Steve French [Tue, 6 Apr 2004 12:57:41 +0000 (12:57 +0000)]
r77: Fix path canonicalization of the mount target path and help text display in the cifs mount helper
Alexander Bokovoy [Tue, 6 Apr 2004 11:45:02 +0000 (11:45 +0000)]
r76: Fix smbfs problem with Tree Disconnect issued before smbfs starts its work.
We use cli_state.smb_rw_error to pass this specific case into cli_close_connection()
from smbmount as smb_rw_error can have only selected number of states and
it is ignored in cli_close_connection().
Compiled and tested by Lars Mueller from SuSE on x86, x86_64, ppc, ppc64, s390 and
s390x.
Gerald Carter [Tue, 6 Apr 2004 11:27:59 +0000 (11:27 +0000)]
r75: patch from Cal Heldenbrand <calzplace@yahoo.com> for 'pam_smbpass migrate'
Gerald Carter [Tue, 6 Apr 2004 09:27:43 +0000 (09:27 +0000)]
r73: bumping version to 3.0.3pre3
Andrew Bartlett [Tue, 6 Apr 2004 08:11:16 +0000 (08:11 +0000)]
r69: Global rename of 'nt_session_key' -> 'user_session_key'. The session key could
be anything, and may not be based on anything 'NT'. This is also what microsoft
calls it.
Volker Lendecke [Tue, 6 Apr 2004 06:22:59 +0000 (06:22 +0000)]
r63: Remove -lcrypto from wbinfo. Sorry.
Volker
Andrew Tridgell [Mon, 5 Apr 2004 16:57:40 +0000 (16:57 +0000)]
r59: revert session key problem
Jim McDonough [Mon, 5 Apr 2004 14:45:24 +0000 (14:45 +0000)]
r53: Remove modifyTimestamp from list of our attributes. We just check it for
cache entry time comparisons in password lockout. Fixes problems where
pdb_ldap tries to delete the operational attribute modifyTimestamp when
deleting a user account.
Jeremy Allison [Mon, 5 Apr 2004 14:27:48 +0000 (14:27 +0000)]
r50: Fix bug 1139 as per fix suggested by jdev@panix.com,
swap lookups for user and group - group will do an
algorithmic lookup if it fails, user won't.
Jeremy.
Andrew Bartlett [Mon, 5 Apr 2004 14:27:23 +0000 (14:27 +0000)]
r49: Support SMB signing on connections using only the
LANMAN password. This also corrects the 'session key'
for these connections.
Jeremy Allison [Mon, 5 Apr 2004 13:55:39 +0000 (13:55 +0000)]
r48: Fix types for debug message parameters.
Jeremy.
Gerald Carter [Mon, 5 Apr 2004 12:19:50 +0000 (12:19 +0000)]
r39: * importing .cvsignore files
* updateing WHATSNEW with vl's change
Volker Lendecke [Mon, 5 Apr 2004 12:14:31 +0000 (12:14 +0000)]
r38: Fix caching of name->sid lookups
Volker
Gerald Carter [Mon, 5 Apr 2004 08:43:35 +0000 (08:43 +0000)]
r22: release notes for 3.0.3pre2
Andrew Bartlett [Mon, 5 Apr 2004 08:31:58 +0000 (08:31 +0000)]
r21: Ensure 'net' follows the behaviour of all other samba client tools,
and honours the 'netbios name' in the smb.conf.
Steve French [Sun, 4 Apr 2004 15:20:46 +0000 (15:20 +0000)]
r18: Fix free of incremented pointer
Andrew Bartlett [Sat, 3 Apr 2004 15:41:32 +0000 (15:41 +0000)]
Fix most of bug #169.
For a (very) long time, we have had a bug in Samba were an NTLMv2-only
PDC would fail, because it converted the password into NTLM format for
checking.
This patch performs the direct comparison required for interactive
logons to function in this situation. It also removes the 'auth flags', which
simply where not ever used.
Natrually, this plays with the size of structures, so rebuild, rebuild
rebuild...
Andrew Bartlett
Jeremy Allison [Sat, 3 Apr 2004 01:21:13 +0000 (01:21 +0000)]
Fix wildcard src with wildcard dest renames.
Jeremy.
Jeremy Allison [Sat, 3 Apr 2004 00:17:18 +0000 (00:17 +0000)]
Fix wildcard unlink.
Jeremy.
Jeremy Allison [Sat, 3 Apr 2004 00:04:31 +0000 (00:04 +0000)]
Fix typo in check_path_syntax.
Jeremy.
Jeremy Allison [Fri, 2 Apr 2004 22:11:08 +0000 (22:11 +0000)]
Fix reply_ctemp - make compatible with w2k3.
Jeremy.
Jeremy Allison [Fri, 2 Apr 2004 19:51:27 +0000 (19:51 +0000)]
Fix wildcard identical rename.
Jeremy.
Jeremy Allison [Fri, 2 Apr 2004 19:05:57 +0000 (19:05 +0000)]
check_path improvements found by samba4 raw-checkpath tests.
Jeremy.
Jeremy Allison [Fri, 2 Apr 2004 18:46:19 +0000 (18:46 +0000)]
Added per-share parameter "store dos attributes". When set, will store
dos attributes in an EA. Based on an original patch from tridge, but
modified somewhat to cover all cases.
Jeremy.
Volker Lendecke [Fri, 2 Apr 2004 12:56:18 +0000 (12:56 +0000)]
Implement NETLOGON GetDCName client side. You can ask a DC for the name of
a DC it trusts.
Volker
Steve French [Fri, 2 Apr 2004 00:11:27 +0000 (00:11 +0000)]
Fix credential file mountinf for cifs vfs
Jeremy Allison [Thu, 1 Apr 2004 19:42:36 +0000 (19:42 +0000)]
"Fixing my FORTRAN". Ensure we always have some valid char converter for the
neccessary types before we will run at all. If we can't get one, use ASCII
but complain mightily.
Jeremy.
Gerald Carter [Thu, 1 Apr 2004 15:15:13 +0000 (15:15 +0000)]
BUG 1023: surround get_group_from_gid() with become_unbecome_root() block
Volker Lendecke [Thu, 1 Apr 2004 12:31:50 +0000 (12:31 +0000)]
This restructures lib/afs.c so that the token data can be but into a
stream. This is to implement wbinfo -k that asks winbind for authentication
which then creates the AFS token for the authenticated user.
Volker
Volker Lendecke [Thu, 1 Apr 2004 08:54:01 +0000 (08:54 +0000)]
Cosmetic: Fix a const warning.
Volker
Jeremy Allison [Wed, 31 Mar 2004 22:46:15 +0000 (22:46 +0000)]
Reformat in preparation for EA dosmode attributes.
Jeremy
Herb Lewis [Wed, 31 Mar 2004 20:24:10 +0000 (20:24 +0000)]
fix typo
Volker Lendecke [Wed, 31 Mar 2004 15:21:48 +0000 (15:21 +0000)]
Apply some const
Volker Lendecke [Wed, 31 Mar 2004 14:36:25 +0000 (14:36 +0000)]
Remove some unused code
Jeremy Allison [Wed, 31 Mar 2004 02:20:16 +0000 (02:20 +0000)]
Added support for OS/2 EA's in smbd server. Test with smbtorture eatest.
New protocol option "ea support" to turn them on (off by default). Conrad
at Apple may like this as it allows MacOS resource forks to be stored on
a file. Passes valgrind. Documentation to follow.
Jeremy.
Jeremy Allison [Tue, 30 Mar 2004 18:38:21 +0000 (18:38 +0000)]
Ensure we cope correctly with ea length of zero. Detect torture fail correctly.
Jeremy.
Volker Lendecke [Tue, 30 Mar 2004 08:11:59 +0000 (08:11 +0000)]
Merge a fix from HEAD to 3_0
Volker
Volker Lendecke [Tue, 30 Mar 2004 08:03:32 +0000 (08:03 +0000)]
Apply some const
Jeremy Allison [Mon, 29 Mar 2004 23:42:48 +0000 (23:42 +0000)]
Committed test code by mistake... removing.
Jeremy.
Jeremy Allison [Mon, 29 Mar 2004 23:39:13 +0000 (23:39 +0000)]
Setting EA's to zero length deletes them.
Jeremy.