| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Jeremy.
|
|
|
|
| |
Jeremy.
|
|
|
|
| |
Jeremy.
|
|
|
|
| |
Jeremy.
|
| |
|
|
|
|
| |
Jeremy.
|
|
|
|
|
|
|
| |
smb.conf
file in utf8.
Jeremy.
|
| |
|
|
|
|
| |
Jeremy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will probably break 2.2 for a while.
Do *NOT* checkout unless you like core dumps.
This is the first merge of the TNG SAMR code into 2.2.
It will eventually give us a wonderful PDC, but maybe painful
in the short term. It had to be done however, and this touches
almost every file (mostly just removing the OLD_NT_DOMAIN) stuff.
I removed some SAMR functionality from rpcclient that would
no longer compile.
Also changed fstring to 256 bytes to better match an NT pathname.
Jeremy.
|
|
|
|
| |
Jeremy.
|
|
|
|
|
|
| |
<rcalex@home.com>.
Jeremy.
|
| |
|
|
|
|
|
| |
the same time.
Jeremy.
|
| |
|
|
|
|
| |
Alexander" <rcalex@home.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
assumption that we have one socket everywhere
while doing so I discovered a few bugs!
1) the clientgen session retarget code if used from smbd or nmbd would
cause a crash as it called close_sockets() which closed our main
socket! fixed by removing close_sockets() completely - it is unnecessary
2) the caching in client_addr() and client_name() was bogus - it could
easily get fooled and give the wrong result. fixed.
3) the retarget could could recurse, allowing an easy denial of
service attack on nmbd. fixed.
|
|
|
|
| |
putmsg() inside their send() doesn't kill swat and the scond is to open /dev/null to replace stdin after we close that
|
|
|
|
|
|
|
| |
libsmb/clientgen.c: Fixes for Win2k smbclient browsing.
Other fixes implement smbpasswd -x user to delete users. Also allows swat
to do the same.
Jeremy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
two places i found where it was appropriate to _use_ that third argument,
in locking.c and brlock.c! there was a static traverse_function and
i removed the static variable, typecast it to a void*, passed it to
tdb_traverse and re-cast it back to the traverse_function inside the
tdb_traverse function. this makes the use of tdb_traverse() reentrant,
which is never going to happen, i know, i just don't like to see
statics lying about when there's no need for them.
as i had to do in samba-tng, all uses of tdb_traverse modified to take
the new void* state argument.
2) disabled rpcclient: referring people to use SAMBA_TNG rpcclient.
i don't know how the other samba team members would react if i deleted
rpcclient from cvs main. damn, that code's so old, it's unreal.
20 rpcclient commands, instead of about 70 in SAMBA_TNG.
|
|
|
|
| |
responding. They could be stuck
|
|
|
|
|
|
|
|
|
|
|
|
| |
this means "nmblookup -S" now always works, even with broken servers
the database stores all unexpected replies and these can be accessed
by any client.
while doing this I cleaned up a couple of functions, and put in place
a better trn_id generator. in most places the code got quite a bit
simpler due to the addition of simple helper functions.
I haven't yet put the code in to take advantage of this for pdc
replies - that will be next. Jeremys pdc finding code will then work :)
|
| |
|
|
|
|
|
|
|
|
|
| |
- added TDB_CLEAR_IF_FIRST flag to clear the database if this is the
first attached process. Useful for non-persistent databases like our
locking area (this will also make upgrades to new database layouts easier)
- use lock_path() in a couple of places
- leave connections database open while smbd running
- cleaned up some tdb code a little, using macros for constants
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
instead of either sysv or mmap shared memory or lock files.
this means we can now completely remove
locking_shm.c
locking_slow.c
shmem.c
shmem_sysv.c
and lots of other things also got simpler
locking.c got a bit larger, but is much better compartmentalised now
|
|
|
|
|
| |
SWAT status page and smbstatus. It made the code _much_ simpler, I
wish we'd done a database module a long time ago!
|
| |
|
|
|
|
|
|
|
|
| |
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug.
Note that the Get_Pwnam() function now returns a const struct passwd *
as a hint to other developers not to change entries in the struct
passwd.
|
|
|
|
| |
using smbpasswd command.
|
|
|
|
|
|
|
|
|
|
| |
samr_query_aliasmembers (cool!)
util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c :
pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID
if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5)
to obtain member and pdc sids.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
|
|
|
|
| |
docs and do configuration at the same time.
|
| |
|
|
|
|
| |
use all_string_sub() if you don't want this.
|
|
|
|
|
| |
any attempt to run swat from a host that is disallowed will give an
error.
|
|
|
|
|
| |
web/swat.c: Changed '?' to help.
Jeremy.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.
This code still needs surgery :-(.
Jeremy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
|
|
|
|
|
| |
- much as I hate doing it I've removed the "commit changes" button for
users that don't have write access to smb.conf (Jeremy insisted)
|
| |
|
|
|
|
| |
swat will now give an error message if run via cgi
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
UNIXWARE.
groupdb/aliasdb.c groupdb/aliasfile.c groupdb/groupfile.c: Don't use snprinf, use slprintf.
include/includes.h: Fix YP problem.
include/smb.h: Fix ZERO_STRUCTP.
lib/util_sock.c: Added strerror() in debugs.
passdb/ldap.c: Don't use snprinf, use slprintf.
rpc_client/cli_lsarpc.c rpc_client/cli_pipe.c rpc_parse/parse_sec.c rpc_server/srv_pipe.c: Don't use snprinf, use slprintf.
script/installman.sh: DGUX changes.
smbd/open.c smbd/oplock.c: Fixed gcc warnings.
web/swat.c: Changes USER to SWAT_USER.
|
| |
|
|
|
|
| |
Now passes strings instead.
|
|
|
|
|
|
|
|
|
|
|
|
| |
client/client.c:
include/client.h: Added some debug messages that the old client used to
generate. These are needed to make scripts such as
'findsmb' work - there may be other changes to keep
backwards output compatibility. Do we need a -old-client-compat
argument ?
libsmb/clientgen.c: Fixed crash bug where malloc'ed data wasn't being
cleared - corrupted malloc chains.
web/swat.c: John's changes to get rid of "ghost" table entries.
|
| |
|
| |
|
| |
|
| |
|