Lars Müller [Thu, 23 Feb 2006 01:38:00 +0000 (01:38 +0000)]
r13644: Do not shift anything inside the for loop away. We ineterate over $@.
Lars Müller [Thu, 23 Feb 2006 01:05:51 +0000 (01:05 +0000)]
r13643: Enable script debug output to get some more details why some hosts
return with !=0 after calling installmodules.sh AUTH_MODULES.
Lars Müller [Wed, 22 Feb 2006 21:41:14 +0000 (21:41 +0000)]
r13642: Fix install* scripts to use DESTDIR.
Always pass the INSTALLPERMS and DESTDIR as first and second arg to the
scripts.
No longer prepend DESTDIR to the remaining args.
To fix bug #3282 it is important _not_ to prepend DESTDIR to the source
of the sym link pointing to smbmount.
Jeremy Allison [Wed, 22 Feb 2006 21:18:23 +0000 (21:18 +0000)]
r13641: Finish fix for #3510. Don't use client schannel when told
not to, cope with a server that doesn't offer schannel also.
Jeremy
Günther Deschner [Wed, 22 Feb 2006 20:40:24 +0000 (20:40 +0000)]
r13639: Never overwrite the acct_flags in rpccli_netlogon_sam_network_logon().
Guenther
Günther Deschner [Wed, 22 Feb 2006 11:47:41 +0000 (11:47 +0000)]
r13625: Now that Heimdal 0.7.2 is released, we reenable our strict checking for
c++ reserved names.
Guenther
Günther Deschner [Wed, 22 Feb 2006 10:28:02 +0000 (10:28 +0000)]
r13622: Allow to rename machine accounts in a Samba Domain. This still uses the
"rename user script" to do the rename of the posix machine account (this
might be changed later). Fixes #2331.
Guenther
Jeremy Allison [Wed, 22 Feb 2006 04:56:53 +0000 (04:56 +0000)]
r13614: First part of the bugfix for #3510 - net join fails
against server with schannel disabled. Second part
will come tomorrow (fixing net_rpc_join_ok()).
Jeremy.
Tim Potter [Wed, 22 Feb 2006 03:12:00 +0000 (03:12 +0000)]
r13612: #define NO_SYSLOG is dead as a doornail.
Jeremy Allison [Wed, 22 Feb 2006 01:31:43 +0000 (01:31 +0000)]
r13610: Patch from Bjoern JACKE <samba@j3e.de>. Don't default to
/tmp if there is no path in the share, make it unavailable.
All printer shares should have a path and IPC$ is already
explicitly set to tmpdir().
Jeremy.
Jeremy Allison [Wed, 22 Feb 2006 00:34:35 +0000 (00:34 +0000)]
r13607: Fix compile - don't ref auto variable in a structure initialization.
Fix from Richard Bollinger <rabollinger@gmail.com>.
Jeremy.
Jeremy Allison [Tue, 21 Feb 2006 23:21:28 +0000 (23:21 +0000)]
r13604: Fix for bug #3512 "use spnego=no" and "server signing=auto" cause client to disconnect after negprot"
We missed one case of ignoring "BSRSPYL ".
Merge for 3.0.21c.
Jeremy.
Gerald Carter [Tue, 21 Feb 2006 19:22:49 +0000 (19:22 +0000)]
r13601: * Remove unused code from pdb_ldap.c
* Add a 'struct passwd *' to the struct samu for later reference
(I know this may be controversial but its easily reverted which is
is why I'm checking this is as a seaparate patch before I get
too deep).
* Remove unix_homedir from struct samu {} and update the pdb wrapper
functions associated with it.
Gerald Carter [Tue, 21 Feb 2006 19:02:22 +0000 (19:02 +0000)]
r13600: Move functions local to tdbsam to pdb_tdb.c
Lars Müller [Tue, 21 Feb 2006 17:48:20 +0000 (17:48 +0000)]
r13599: krb5 error codes are defined as long. Also for the other direction.
Lars Müller [Tue, 21 Feb 2006 17:35:52 +0000 (17:35 +0000)]
r13598: Defining KRB5KRB_ERR_RESPONSE_TOO_BIG if not defined which is the case
for older krb5 implementations.
Patch slightly modified from the version provided by Björn Jacke <bjoern
at j3e dot de> at the samba-technical list after discussion on the list
and by IRC. Thanks Björn!
Lars Müller [Tue, 21 Feb 2006 17:19:20 +0000 (17:19 +0000)]
r13597: krb5 error codes are defined as long.
Jeremy Allison [Tue, 21 Feb 2006 17:00:00 +0000 (17:00 +0000)]
r13594: Got sense of NTSTATUS check reversed.
Jeremy.
Gerald Carter [Tue, 21 Feb 2006 16:46:21 +0000 (16:46 +0000)]
r13593: consolidate pdb_set_sam_sids() into samu_set_unix() which
was the only place it was called from.
Gerald Carter [Tue, 21 Feb 2006 15:47:19 +0000 (15:47 +0000)]
r13591: I really have no idea how this code ever worked. And I have
no idea why no one (including myself) caught this with a compiler
warning....Make sure new_chunk() actually returns a pointer
to the allocated memory.
SAMBA_3_0 now works again on Solaris.
Gerald Carter [Tue, 21 Feb 2006 14:34:11 +0000 (14:34 +0000)]
r13590: * replace all pdb_init_sam[_talloc]() calls with samu_new()
* replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix()
Gerald Carter [Tue, 21 Feb 2006 14:03:15 +0000 (14:03 +0000)]
r13589: Make sure we only try to close the tdbsam file in endsampwent() when we
have a valid pwent list from a setsampwent(). Fixes a bug with the
reference count on the open tdb.
Jeremy Allison [Tue, 21 Feb 2006 03:29:02 +0000 (03:29 +0000)]
r13588: Second attempt to fix Bug #3330 - treat the string as a
uint8 array and copy as such. Gunther please check (sorry
I reverted your earlier fix).
Jeremy.
Jeremy Allison [Tue, 21 Feb 2006 03:08:42 +0000 (03:08 +0000)]
r13585: Sorry Gunther, had to revert this. It's got a buffer
overrun. Spoke to Jerry about the correct fix. Will add
this after.
Jeremy.
Günther Deschner [Mon, 20 Feb 2006 23:22:56 +0000 (23:22 +0000)]
r13581: Correctly parse a non-null terminated, little-endian UCS2 string in the
PAC_LOGON_NAME structure. This was broken on big-endian machines
(Solaris SPARC and ppc). Fixes Bug #3330.
Jerry, this should be in 3.0.21c.
Guenther
Volker Lendecke [Mon, 20 Feb 2006 21:58:33 +0000 (21:58 +0000)]
r13579: Next try to fix the AIX build. Thanks to Björn for nagging...
Volker
Gerald Carter [Mon, 20 Feb 2006 20:09:36 +0000 (20:09 +0000)]
r13576: This is the beginnings of moving the SAM_ACCOUNT data structure
to make full use of the new talloc() interface. Discussed with Volker
and Jeremy.
* remove the internal mem_ctx and simply use the talloc()
structure as the context.
* replace the internal free_fn() with a talloc_destructor() function
* remove the unnecessary private nested structure
* rename SAM_ACCOUNT to 'struct samu' to indicate the current an
upcoming changes. Groups will most likely be replaced with a
'struct samg' in the future.
Note that there are now passbd API changes. And for the most
part, the wrapper functions remain the same.
While this code has been tested on tdb and ldap based Samba PDC's
as well as Samba member servers, there are probably still
some bugs. The code also needs more testing under valgrind to
ensure it's not leaking memory.
But it's a start......
Gerald Carter [Mon, 20 Feb 2006 18:55:15 +0000 (18:55 +0000)]
r13574: fix build; talloctort.c should not use the TALLOC_FREE() macro
Gerald Carter [Mon, 20 Feb 2006 18:24:30 +0000 (18:24 +0000)]
r13573: removing wrepld from SAMBA_3_0. The Samba 4 work is more current and any integration into Samba 3 would most likely be from scratch
Gerald Carter [Mon, 20 Feb 2006 17:59:58 +0000 (17:59 +0000)]
r13571: Replace all calls to talloc_free() with thye TALLOC_FREE()
macro which sets the freed pointer to NULL.
Günther Deschner [Mon, 20 Feb 2006 11:57:47 +0000 (11:57 +0000)]
r13566: Fix EA support for AIX.
Patch from Bjoern Jacke <bjacke-at-sernet-dot-de>.
Guenther
James Peach [Mon, 20 Feb 2006 05:45:09 +0000 (05:45 +0000)]
r13564: Remove trailing backslash. Makes other than GNU make choke on this.
Jeremy Allison [Sun, 19 Feb 2006 21:01:21 +0000 (21:01 +0000)]
r13563: Fix bug #3526 found and diagnosed by corinna@vinschen.de.
trans2findfirst recognises two info levels *not* recognised
by trans2findnext. Add them. Needed for 3.0.21c.
Jeremy.
Jeremy Allison [Sat, 18 Feb 2006 02:02:11 +0000 (02:02 +0000)]
r13559: Fix bug #3522 reported by Sandeep Tamhankar <sandman@electric-cloud.com>.
mkdir foo returns the wrong error message when file foo exists.
Jeremy.
Jeremy Allison [Sat, 18 Feb 2006 01:21:18 +0000 (01:21 +0000)]
r13557: (Hopefully) get the creds store/restore key right from
the correct part of the netlogon and schannel packets.
Jeremy.
Jeremy Allison [Sat, 18 Feb 2006 00:39:31 +0000 (00:39 +0000)]
r13556: Ensure that any potential creds operation are protected
by schannel if "server schannel = true" was set.
Jeremy.
Jeremy Allison [Sat, 18 Feb 2006 00:27:31 +0000 (00:27 +0000)]
r13553: Fix all our warnings at -O6 on an x86_64 box.
Jeremy.
Jeremy Allison [Fri, 17 Feb 2006 23:57:28 +0000 (23:57 +0000)]
r13552: Make sure we're using the same name to load the stored
creds under all circumstances. This may be wrong, but
at least we're now consistent.
Jeremy.
Gerald Carter [Fri, 17 Feb 2006 23:16:13 +0000 (23:16 +0000)]
r13550: remove pdb_guest
Jeremy Allison [Fri, 17 Feb 2006 21:32:31 +0000 (21:32 +0000)]
r13548: Always use the get_remote_macinhe_name() as the key
for the creds store. This should fix the problems
Jerry reported (but I have still to run tests :-).
Jeremy.
Gerald Carter [Fri, 17 Feb 2006 21:07:26 +0000 (21:07 +0000)]
r13547: add earlier checks to deny deleting a printer driver. The previous
code relied upon file permissions alone. Now we check that
the user is a printer administrator and that the share has not been
marked read only for that user.
Gerald Carter [Fri, 17 Feb 2006 19:19:25 +0000 (19:19 +0000)]
r13546: NSS soname merge from trunk
Gerald Carter [Fri, 17 Feb 2006 19:07:58 +0000 (19:07 +0000)]
r13545: A patch which I think it's time has come. VOlker, we can talk about
this more but it gets around the primary group issue.
* don't map a SID to a name from the group mapping code if
the map doesn't have a valid gid. This is only an issue
in a tdb setup
* Always allow S-1-$DOMAIN-513 to resolve (just like Windows)
* if we cannot resolve a users primary GID to a SID, then set
it to S-1-$DOMAIN-513
* Ignore the primary group SID inside pdb_enum_group_memberships().
Only look at the Unix group membersip.
Jeremy, this fixes a fresh install startup for smbd as far as my tests
are concerned.
Volker Lendecke [Fri, 17 Feb 2006 17:20:53 +0000 (17:20 +0000)]
r13544: -O1 janitor work :-)
Jeremy Allison [Fri, 17 Feb 2006 15:51:25 +0000 (15:51 +0000)]
r13542: Don't reuse a pointer we just freed (Doh!).
Jeremy.
Gerald Carter [Fri, 17 Feb 2006 13:30:34 +0000 (13:30 +0000)]
r13541: we have to wrap pen_enum_group_memberships() in become/unbecome_root()
blocks. This fixes the problem I had with missing groups in the
net_samlogon() reply from a Samba PDC.
Jeremy Allison [Fri, 17 Feb 2006 04:22:32 +0000 (04:22 +0000)]
r13539: Add 128 bit creds processing client and server. Thanks to Andrew Bartlett's
Samba4 code.
Jeremy.
Jeremy Allison [Fri, 17 Feb 2006 01:26:21 +0000 (01:26 +0000)]
r13538: Make sure we store all 16 bytes of credentials session
key and delete records that are old. We will need this
for the full 16 byte session key support.
Jeremy.
Jeremy Allison [Thu, 16 Feb 2006 23:08:12 +0000 (23:08 +0000)]
r13535: Fix #2353 based on a patch by William Jojo.
Jeremy.
Lars Müller [Thu, 16 Feb 2006 21:49:22 +0000 (21:49 +0000)]
r13532: Add SWAT welcome _no_ doc page default page. This is required by
revision 13383.
Jeremy Allison [Thu, 16 Feb 2006 20:50:41 +0000 (20:50 +0000)]
r13530: Fix from William Jojo for #1970. Make nmblookup do
a node status on all IP's when requested.
Jeremy.
Lars Müller [Thu, 16 Feb 2006 20:22:54 +0000 (20:22 +0000)]
r13529: No functional, line break changes to let it fit into 80 chares screen
width again.
Lars Müller [Thu, 16 Feb 2006 18:33:08 +0000 (18:33 +0000)]
r13528: Mention the tools and commandline option names used.
Lars Müller [Thu, 16 Feb 2006 18:28:04 +0000 (18:28 +0000)]
r13527: Adjust copyright header with information got from the 2.2 cvs tree.
Lars Müller [Thu, 16 Feb 2006 17:36:35 +0000 (17:36 +0000)]
r13526: Remove superfuous extra spaces at EOL.
Lars Müller [Thu, 16 Feb 2006 16:45:58 +0000 (16:45 +0000)]
r13525: This is only a cleanup to have the memset() and SAFE_FREE() only one
time in the code.
Even if we now have an additional if statement after the free I prefer
this solution in opposite to the duplicated code we had before.
Lars Müller [Thu, 16 Feb 2006 16:22:44 +0000 (16:22 +0000)]
r13524: Add -t|--password-from-stdin option to pdbedit as we had with Samba 2.2.
This fixes bug #1386.
The initial changes had been made by Carsten Höger <choeger at
open-xhange dot com> for Samba 2.2 while being at SuSE. *sigh*
To not duplicate code from smbpasswd in pdbedit stdin_new_passwd() and
get_pass() are moved from smbpasswd to utils/passwd_util.c.
Günther Deschner [Thu, 16 Feb 2006 15:51:04 +0000 (15:51 +0000)]
r13523: Fix indent.
Guenther
Günther Deschner [Thu, 16 Feb 2006 13:18:17 +0000 (13:18 +0000)]
r13522: Add SAMR_GET_USRDOM_PWINFO client-side.
Guenther
Jeremy Allison [Thu, 16 Feb 2006 01:06:21 +0000 (01:06 +0000)]
r13521: Implement LOOKUPNAME3 and 4.
Jeremy.
Jeremy Allison [Wed, 15 Feb 2006 23:15:55 +0000 (23:15 +0000)]
r13519: Fix the credentials chaining across netlogon pipe disconnects.
I mean it this time :-).
Jeremy.
Volker Lendecke [Wed, 15 Feb 2006 21:54:58 +0000 (21:54 +0000)]
r13517: Fix typo -- thanks to Karolin Seeger <ks@sernet.de>
Gerald Carter [Wed, 15 Feb 2006 18:45:25 +0000 (18:45 +0000)]
r13515: Make sure to store the correct domain name in the server affinity cache.
Gerald Carter [Wed, 15 Feb 2006 18:41:35 +0000 (18:41 +0000)]
r13514: fix small glitch in the update procedure from /var/cache/samba mishap
Gerald Carter [Wed, 15 Feb 2006 18:27:06 +0000 (18:27 +0000)]
r13513: Changing defaults:
* enable privileges = yes
* enable asu support = no
Remove unused function after the tdbsam rewrite.
Gerald Carter [Wed, 15 Feb 2006 18:26:06 +0000 (18:26 +0000)]
r13512: Rewrite tdbsam code to use a reference count based open/close
on the tdb file. This allow recusive calls to succeed
without complaining about failed opens since a tdb can
only be opened once per process. We probably still need to backport
the transaction support from Samba 4 here though.
Gerald Carter [Wed, 15 Feb 2006 18:24:16 +0000 (18:24 +0000)]
r13511: Fix bug in the samr dispinfo enumeration code.
Make sure to associate the DOMAIN dispinfo cache
with a User/Group SAMR handle (not the SID of the user or group).
Ensure that enumeration after deleting a user works.
Gerald Carter [Wed, 15 Feb 2006 18:22:00 +0000 (18:22 +0000)]
r13510: plug memory leak in WINS server code.
Gerald Carter [Wed, 15 Feb 2006 18:21:13 +0000 (18:21 +0000)]
r13509: remove unnecessary sql flags
Jeremy Allison [Wed, 15 Feb 2006 02:07:14 +0000 (02:07 +0000)]
r13502: Fix error messages for usershares when smbd is not
running. More generic error return cleanup in libsmb/
needs doing (everything returning NTSTATUS not BOOL).
Jeremy
James Peach [Wed, 15 Feb 2006 01:05:06 +0000 (01:05 +0000)]
r13500: Fix ordering of FD_* arguments.
Jeremy Allison [Tue, 14 Feb 2006 23:00:39 +0000 (23:00 +0000)]
r13498: Fix the kernel oplocks code for IRIX. Should fix #3515.
Jeremy.
Jeremy Allison [Tue, 14 Feb 2006 20:26:38 +0000 (20:26 +0000)]
r13497: Fix #3508 from jason@ncac.gwu.edu
Jeremy.
Günther Deschner [Tue, 14 Feb 2006 12:35:56 +0000 (12:35 +0000)]
r13495: Derell, I'm removing that double setup_logging(), just a typo.
Guenther
Volker Lendecke [Mon, 13 Feb 2006 17:08:25 +0000 (17:08 +0000)]
r13494: Merge the stuff I've done in head the last days.
Volker
Volker Lendecke [Mon, 13 Feb 2006 16:48:24 +0000 (16:48 +0000)]
r13493: module_name and module_location are the same string. Fix a valgrind
error.
Volker
Günther Deschner [Mon, 13 Feb 2006 15:12:22 +0000 (15:12 +0000)]
r13492: As noone objected on the mailing-list:
Fix parse_domain_user to fail when splitting a full name like "DOM\user"
when "winbind use default domain" and "winbind trusted domains only" are
not enabled.
This allows pam_winbind to behave correctly when more modules are
stacked in the "account" or "password" PAM facility. pam_winbindd calls
WINBINDD_GETPWNAM which can decide whether or not a user is a winbind
user and return correct PAM error codes.
Guenther
Jeremy Allison [Mon, 13 Feb 2006 13:36:22 +0000 (13:36 +0000)]
r13491: Fix bug # 3498 from jason@ncac.gwu.edu. Unsigned comparison
with < 0.
Jeremy.
Jeremy Allison [Mon, 13 Feb 2006 13:25:36 +0000 (13:25 +0000)]
r13489: Fix #3496 from jason@ncac.gwu.edu. Variable set but never used.
Jeremy.
Volker Lendecke [Mon, 13 Feb 2006 04:58:13 +0000 (04:58 +0000)]
r13486: Two more -- fix bug 3503
James Peach [Mon, 13 Feb 2006 04:29:42 +0000 (04:29 +0000)]
r13484: Add missing semi-colon.
James Peach [Mon, 13 Feb 2006 04:07:15 +0000 (04:07 +0000)]
r13482: Push the FAM notification file descriptor into the select
set to avoid unnecessary polling.
Volker Lendecke [Sun, 12 Feb 2006 17:49:04 +0000 (17:49 +0000)]
r13477: Fix code before declaration
Jeremy Allison [Sun, 12 Feb 2006 16:45:50 +0000 (16:45 +0000)]
r13475: Fix erroneous initialization caused by my renaming types.
Jeremy.
Jeremy Allison [Sun, 12 Feb 2006 16:44:30 +0000 (16:44 +0000)]
r13473: Back port r13470, r13471, r13472 from Samba4. Thanks Andrew:
-----------------------------------
Thanks to a report from VL:
We were causing mayhem by weakening the keys at the wrong point in time.
I think this is the correct place to do it. The session key for SMB
signing, and the 'smb session key' (used for encrypting password sets)
is never weakened.
The session key used for bulk data encryption/signing is weakened.
This also makes more sense, when we look at the NTLM2 code.
Andrew Bartlett
-----------------------------------
With more 'try all options' testing, I found this 'simple' but in the
NTLM2 signing code.
Andrew Bartlett
-----------------------------------
After Volker's advise, try every combination of parameters. This
isn't every parameter on NTLMSSP, but it is most of the important
ones.
This showed up that we had the '128bit && LM_KEY' case messed up.
This isn't supported, so we must look instead at the 56 bit flag.
Andrew Bartlett
-----------------------------------
We should now try retesting with NT4. This should be standalone
enough to port into a SAMBA_3_0_RELEASE branch fix.
Jeremy.
Gerald Carter [Sat, 11 Feb 2006 21:27:08 +0000 (21:27 +0000)]
r13460: by popular demand....
* remove pdb_context data structure
* set default group for DOMAIN_RID_GUEST user as RID 513 (just
like Windows)
* Allow RID 513 to resolve to always resolve to a name
* Remove auto mapping of guest account primary group given the
previous 2 changes
Jeremy Allison [Sat, 11 Feb 2006 05:36:27 +0000 (05:36 +0000)]
r13458: Add parsing functions - but stub internals for lookupnames3 and 4.
Jeremy.
Jeremy Allison [Sat, 11 Feb 2006 04:25:06 +0000 (04:25 +0000)]
r13456: Add lsa_lookup_names2.
Jeremy.
Jeremy Allison [Sat, 11 Feb 2006 02:46:41 +0000 (02:46 +0000)]
r13455: Prepare to add lookupnames2.
Jeremy.
Günther Deschner [Sat, 11 Feb 2006 00:08:57 +0000 (00:08 +0000)]
r13451: Fix build warning.
Guenther
Jeremy Allison [Sat, 11 Feb 2006 00:04:39 +0000 (00:04 +0000)]
r13449: Ensure we don't crash if no dc struct on pipe.
Jeremy.
Günther Deschner [Fri, 10 Feb 2006 23:54:45 +0000 (23:54 +0000)]
r13448: Fix the build (again).
Guenther
Jeremy Allison [Fri, 10 Feb 2006 23:52:53 +0000 (23:52 +0000)]
r13447: Added LSA_LOOKUPSIDS2 and LSA_LOOKUPSIDS3.
Jeremy.
Günther Deschner [Fri, 10 Feb 2006 23:49:52 +0000 (23:49 +0000)]
r13445: We already made the decision whether to include the dominfo and
changereject.
Guenther
Günther Deschner [Fri, 10 Feb 2006 23:41:41 +0000 (23:41 +0000)]
r13444: Add REJECT_REASON_OTHER for samr_chgpasswd_user3
Guenther
Günther Deschner [Fri, 10 Feb 2006 23:23:10 +0000 (23:23 +0000)]
r13443: Fix the build.
Guenther
Günther Deschner [Fri, 10 Feb 2006 23:09:00 +0000 (23:09 +0000)]
r13442: Implement samr_chgpasswd_user3 server-side.
Guenther
Jeremy Allison [Fri, 10 Feb 2006 19:16:50 +0000 (19:16 +0000)]
r13439: Fix NET_SAM_LOGON_EX.
Jeremy.
Jeremy Allison [Fri, 10 Feb 2006 18:51:18 +0000 (18:51 +0000)]
r13436: Add in NET_SAM_LOGON_EX. Still needs testing.
Jeremy
Jeremy Allison [Fri, 10 Feb 2006 18:05:55 +0000 (18:05 +0000)]
r13434: Add stub for NET_SAM_LOGON_EX.
Jeremy.