Gerald Carter [Tue, 27 Jan 2004 15:29:30 +0000 (15:29 +0000)]
prepping the SAMBA_3_0 branch for 3.0.3 work
Gerald Carter [Tue, 27 Jan 2004 15:28:33 +0000 (15:28 +0000)]
bug 977 - don't create a homes share for a user if a static share already exists by the same name
Andrew Bartlett [Tue, 27 Jan 2004 10:01:30 +0000 (10:01 +0000)]
Clarify comment on set_effective_uid()
Andrew Bartlett
Andrew Bartlett [Mon, 26 Jan 2004 09:03:09 +0000 (09:03 +0000)]
Revise our server-side password change code to cope with the various
different feilds that different clients send. (For example, not all clients
send both password types).
This also cleans up the code to make it clearer what is really going on,
and to make better use of common functions.
Andrew Bartlett
Andrew Bartlett [Mon, 26 Jan 2004 08:45:02 +0000 (08:45 +0000)]
This adds client-side support for the unicode/SAMR password change scheme.
As well as avoiding DOS charset issues, this scheme returns useful error
codes, that we can map back via the pam interface.
This patch also cleans up the interfaces used for password buffers, to
avoid duplication of code.
Andrew Bartlett
Andrew Bartlett [Mon, 26 Jan 2004 08:38:34 +0000 (08:38 +0000)]
Add a few more NTSTATUS <=> PAM error mappings.
Andrew Bartlett
Andrew Bartlett [Mon, 26 Jan 2004 02:19:44 +0000 (02:19 +0000)]
Patch by Luca Bolcioni <Luca.Bolcioni@yacme.com>. Ensure we always
initialise the session key. Fixes segfaults with security=server, and
encrypt passwords = no.
Andrew Bartlett
Volker Lendecke [Sun, 25 Jan 2004 10:14:50 +0000 (10:14 +0000)]
Fix memleak just introduced. Thanks to abartlet :-)
Volker
Volker Lendecke [Sun, 25 Jan 2004 10:04:10 +0000 (10:04 +0000)]
On my SuSE 8.2 (glibc 2.3.2) the getpwnam inside pdb_getsampwnam reset
the surrounding getpwent loop to the first entry. So smbd went into an
endless loop.
Volker
Andrew Bartlett [Sun, 25 Jan 2004 01:11:10 +0000 (01:11 +0000)]
Fix the initialisation vectors for NTLM2, so that they at least make sense,
even if they don't work yet.
Andrew Bartlett
Andrew Bartlett [Sun, 25 Jan 2004 01:02:39 +0000 (01:02 +0000)]
If we are providing strndup(), ensure we provide a prototype too.
Andrew Bartlett
Andrew Bartlett [Sun, 25 Jan 2004 00:50:39 +0000 (00:50 +0000)]
Fix removal of attributes in LDAP - we would not actually remove the old
value in the previous code.
Andrew Bartlett
Andrew Bartlett [Sat, 24 Jan 2004 10:46:55 +0000 (10:46 +0000)]
A Samba DC is nothing special these days - so every domain controller
location packet from the client is not a DEBUG(1) event anymore...
(Yes, we printed this for each of these UDP packets...)
Andrew Bartlett
Volker Lendecke [Fri, 23 Jan 2004 12:57:29 +0000 (12:57 +0000)]
Fix typo
Volker Lendecke [Fri, 23 Jan 2004 12:04:07 +0000 (12:04 +0000)]
Fix decoding of base64. We got the length wrong when the result was not
an exact multiple of 3.
I also wrote a torture test and it survived some minutes of random stuff
coded/decoded up to 16 MB data. But that would be a bit too embarassing to
commit... :-)
Volker
Andrew Bartlett [Thu, 22 Jan 2004 10:12:26 +0000 (10:12 +0000)]
Fix for debian Bug#225328 by LaMont Jones <lamont@debian.org>, where
the failure of our LFS test caused the _GNU_SOURCE define not to be
added, causeing strndup() not to be defined...
I'll into when we really should define _GNU_SOURCE shortly, but the
fix is correct anyway.
Andrew Bartlett
Stefan Metzmacher [Thu, 22 Jan 2004 01:50:58 +0000 (01:50 +0000)]
* Add SIGABRT to fault handling
so we now got a backtrace, if we crash
in libldap with SIGABRT
metze
Volker Lendecke [Wed, 21 Jan 2004 14:48:02 +0000 (14:48 +0000)]
Fix compiler warning
Volker Lendecke [Wed, 21 Jan 2004 14:36:56 +0000 (14:36 +0000)]
Display some nicer error messages for login via 'net'. I don't
see a reason why we have so many special cases and not simply use
nt_errstr(nt_status).
Comments?
Volker
Gerald Carter [Sat, 17 Jan 2004 01:48:36 +0000 (01:48 +0000)]
include tdbdump man page in file list
Jeremy Allison [Sat, 17 Jan 2004 00:30:35 +0000 (00:30 +0000)]
Fix for a signing bug when the mid wraps.
Found by Fran Fabrizio <fran@cis.uab.edu>.
Add to the *start* of the list not the end of the list.
This ensures that the *last* send sequence with this mid
is returned by preference.
This can happen if the mid wraps and one of the early
mid numbers didn't get a reply and is still lurking on
the list.
Jeremy.
Gerald Carter [Fri, 16 Jan 2004 22:48:59 +0000 (22:48 +0000)]
starting WHATSNEW for thepost 3.0.2rc1 release
Gerald Carter [Fri, 16 Jan 2004 22:15:35 +0000 (22:15 +0000)]
fix another bug caused by cli_lsa_query_info_policy() changes
Gerald Carter [Fri, 16 Jan 2004 19:01:20 +0000 (19:01 +0000)]
remove unneeded man pages from packages
Gerald Carter [Fri, 16 Jan 2004 17:46:38 +0000 (17:46 +0000)]
BUG 891 & 949: Fedora Packaging Fixes
Jim McDonough [Fri, 16 Jan 2004 15:07:28 +0000 (15:07 +0000)]
Fix another join problem. Don't use a TALLOC_CTX before it has been
initialized.
Also split out the oldstyle join into a new fn, allowing us to call it
with no failure message from net rpc join, but displaying a failure message
when used with net rpc oldjoin.
Volker Lendecke [Fri, 16 Jan 2004 15:01:09 +0000 (15:01 +0000)]
Patch from "Stoian Ivanov" <sdr@bultra.com>: Add -g (greppable..) to
smbclient -L to make the output usable in pipes.
Volker
Volker Lendecke [Fri, 16 Jan 2004 13:11:01 +0000 (13:11 +0000)]
Commit sid<->[ug]id extensions to libnss_winbind.so on Linux, as well as a
factored-out nss_winbind.[ch]. I took tridge's public domain license comment
for the nss_winbind.[ch].
This is probably not the last word on that extension, but as it is quite
non-intrusive to the main samba code, I would like to give it a start.
Volker
Gerald Carter [Thu, 15 Jan 2004 20:47:30 +0000 (20:47 +0000)]
Bug 381: check builtin (not local) group SID. Patch from Jianliang Lu <j.lu@tiesse.com>
Gerald Carter [Thu, 15 Jan 2004 20:32:27 +0000 (20:32 +0000)]
setting version to 3.0.2rc2
Gerald Carter [Thu, 15 Jan 2004 20:14:02 +0000 (20:14 +0000)]
adding changelog for 3.0.2rc1
Jim McDonough [Thu, 15 Jan 2004 19:45:36 +0000 (19:45 +0000)]
Fix net rpc join (at least newstyle) after it was broken by changing
the parms to cli_lsa_query_info_policy without changing them here...
Gerald Carter [Thu, 15 Jan 2004 19:03:18 +0000 (19:03 +0000)]
* BUG 446
- setup_logging() in smbclient to be interactive (remove the timestamps)
- Fix bad return value in pull_ucs2( needs more testing to make sure this
didn't break something else) that caused clistr_pull() to always read
the same string from the buffer (pull_usc2() could return -1 if the original
source length was given as -1)
- increment some debugging messages to avoid printing them out so often
Gerald Carter [Thu, 15 Jan 2004 17:18:39 +0000 (17:18 +0000)]
BUG 958; don't use the -N option when invoking smbclient from the smbtar script
Volker Lendecke [Thu, 15 Jan 2004 17:17:58 +0000 (17:17 +0000)]
reply_spnego_kerberos did not set the domain of the user handed to
register_vuid correctly. We ended up with the local netbios name in
substitutions for %D later.
Volker
P.S: Tridge, I can *really* see why you want to get rid of global variables
:-)
Volker Lendecke [Thu, 15 Jan 2004 17:05:08 +0000 (17:05 +0000)]
Don't substitute stuff in lp_afs_username_map, this is explicitly
done later.
Volker
Volker Lendecke [Thu, 15 Jan 2004 15:36:01 +0000 (15:36 +0000)]
And another memory corruption in winbind. Arg 3 of safe_strcpy does not
include the terminating 0.
Volker
Volker Lendecke [Thu, 15 Jan 2004 15:00:44 +0000 (15:00 +0000)]
Fix a segfault in winbindd. Calling getusersids with a SID that results in 0
groups winbind ended up freeing an uninitialised pointer.
Volker
Stefan Metzmacher [Thu, 15 Jan 2004 09:08:06 +0000 (09:08 +0000)]
* Fix sys_chown() when no chown() is presend
metze
Stefan Metzmacher [Thu, 15 Jan 2004 08:49:30 +0000 (08:49 +0000)]
* Fix XFS quotas: XFS_USER_QUOTA -> USRQUOTA
XFS_GROUP_QUOTA -> GRPQUOTA
* Fix disk_free calculation with group quotas.
* Add debug class 'quota' and a lot of DEBUG()'s
to the quota code.
metze
Gerald Carter [Thu, 15 Jan 2004 06:55:10 +0000 (06:55 +0000)]
BUG 936: fix bind credentials for schannel binds in smbd (and add a comment to winbindd_cm about this
Tim Potter [Thu, 15 Jan 2004 06:51:20 +0000 (06:51 +0000)]
Fix for bug 905. Remove POBAD_CC as it doesn't seem to be applicable
anymore.
Gerald Carter [Thu, 15 Jan 2004 05:16:29 +0000 (05:16 +0000)]
BUG 972; check pointer in cli_ds_getprimarydominfo() before trying to copy a structure
Herb Lewis [Wed, 14 Jan 2004 22:53:50 +0000 (22:53 +0000)]
source/rpc_parse/parse_prs.c ZERO_STRUCTP(ps) not needed as it is done
in prs_init now
testsuite/printing/psec.c cannot do a prs_mem_free() when tdb_prs_fetch fails
as the prs structure has not been initialized
Gerald Carter [Wed, 14 Jan 2004 21:22:30 +0000 (21:22 +0000)]
Fix initgroups() call nss_winbind on solaris; patch from John Klinger <john.klinger@lmco.com>
Gerald Carter [Wed, 14 Jan 2004 20:56:26 +0000 (20:56 +0000)]
bug 770; correct fix this time; Make sure that we send the SMBjobid for unix jobs back to the client. Allows windows client to remove print jobs submitted from lpr
Gerald Carter [Wed, 14 Jan 2004 19:12:06 +0000 (19:12 +0000)]
bug 660; using byte order safe macros (or tdb_unpack) when reading 2 or 4 byte values from a tdb buffer
Gerald Carter [Wed, 14 Jan 2004 17:34:41 +0000 (17:34 +0000)]
revert the cracklib changes until post 3.0.2
Gerald Carter [Wed, 14 Jan 2004 16:25:39 +0000 (16:25 +0000)]
* Revert to using rpc for mixed mode AD domains.
The reason for this are:
(a) the set_dc_type_and_flags() cannot tell the different
between connecting to an NT4 domain and an NT4 BDC
of a mixed mode domain.
(b) the connection management for the rpc backend only
provides on named pipe per cli_state. So it is possible
to connect to an NT4 BDC for netlogon and an AD mixed mode
DC for lsarpc. RPC is the lowest common demonimator here.
(c) Issue with the sequence number value between the
highestCommittedUSN LDAP attribute and the seq_num returned
via RPC.
We will revisit this later, but the changes need to make this
work right now are too broad and risky.
Jeremy Allison [Wed, 14 Jan 2004 06:44:20 +0000 (06:44 +0000)]
Remove duplicate extern.
Jeremy.
Jeremy Allison [Wed, 14 Jan 2004 06:41:50 +0000 (06:41 +0000)]
Remove references to 'jn' which gcc-3.4 with precompiled headers
doesn't like.
Jeremy.
Stefan Metzmacher [Wed, 14 Jan 2004 02:51:41 +0000 (02:51 +0000)]
fix XFS quotas the macro changed from HAVE_XFS_QUOTA -> HAVE_XFS_QUOTAS
metze
Andrew Bartlett [Wed, 14 Jan 2004 01:17:21 +0000 (01:17 +0000)]
Remove duplicate comment.
Andrew Bartlett
Andrew Bartlett [Wed, 14 Jan 2004 01:14:22 +0000 (01:14 +0000)]
Finish adding cracklib support - this adds the configure test to enable
it, on machines that actually have a working cracklib, for which we have
the correct path to the dictionary.
Andrew Bartlett
Gerald Carter [Tue, 13 Jan 2004 19:42:53 +0000 (19:42 +0000)]
* allow dns lookups to be disabled for DOMAIN#1c (and #1b)
names
* fix some a mispelled variable name
Andrew Bartlett [Mon, 12 Jan 2004 21:12:47 +0000 (21:12 +0000)]
On systems without a working cracklib, ensure we don't include the header
(the actual call to crack was already in this #ifdef)
Andrew Bartlett
Gerald Carter [Mon, 12 Jan 2004 14:26:50 +0000 (14:26 +0000)]
fixing compile problems due to my recent ads.h changes
Andrew Bartlett [Mon, 12 Jan 2004 12:18:11 +0000 (12:18 +0000)]
First stab at cracklib support (password quality checking) in Samba 3.0
This adds a configure test, that tries to find out if we have a working
cracklib installation, and tries to pick up the debian hints on where
the dictionary might be found. Default is per my Fedora Core 1 system -
I'm not sure how much it changes.
Andrew Bartlett
Gerald Carter [Sun, 11 Jan 2004 14:15:12 +0000 (14:15 +0000)]
fix formatting
Stefan Metzmacher [Sun, 11 Jan 2004 13:23:50 +0000 (13:23 +0000)]
update copyright to -2004
metze
Jelmer Vernooij [Sat, 10 Jan 2004 22:05:38 +0000 (22:05 +0000)]
Fix swatdir location for --with-fhs
Gerald Carter [Fri, 9 Jan 2004 16:02:42 +0000 (16:02 +0000)]
starting new version of release notes -- post 3.0.2pre1
Gerald Carter [Fri, 9 Jan 2004 14:54:33 +0000 (14:54 +0000)]
fix some warnings from the Sun compiler
Andrew Bartlett [Fri, 9 Jan 2004 02:47:35 +0000 (02:47 +0000)]
Romve debugging assertions (oops...)
Andrew Bartlett
Andrew Bartlett [Fri, 9 Jan 2004 02:38:58 +0000 (02:38 +0000)]
Add a new type of name lookup 'ads'. This seperates this from normal
hostname lookups, and ensures that we don't lookup 'short' (ie NetBIOS)
domain names in DNS.
Andrew Bartlett
Jelmer Vernooij [Thu, 8 Jan 2004 22:53:37 +0000 (22:53 +0000)]
Use StrCaseCmp, not strcasecmp. Should fix winbind build on IRIX
Gerald Carter [Thu, 8 Jan 2004 22:21:29 +0000 (22:21 +0000)]
fix segfault when sid_ptr == 0 in DsEnumDomainTrusts() reply
Gerald Carter [Thu, 8 Jan 2004 19:56:40 +0000 (19:56 +0000)]
fix a seg fault caused by abartlet's last checkin; there's no way this could have been tested against an NT4 DC
Andrew Bartlett [Thu, 8 Jan 2004 08:44:39 +0000 (08:44 +0000)]
We might not have the 'samba' directory in the samba_3_0 build.
Andrew Bartlett
Andrew Bartlett [Thu, 8 Jan 2004 08:41:26 +0000 (08:41 +0000)]
use SAFE_FREE(), not free().
Andrew Bartlett
Andrew Bartlett [Thu, 8 Jan 2004 08:19:18 +0000 (08:19 +0000)]
This merges in my 'always use ADS' patch. Tested on a mix of NT and ADS
domains, this patch ensures that we always use the ADS backend when
security=ADS, and the remote server is capable.
The routines used for this behaviour have been upgraded to modern Samba
codeing standards.
This is a change in behaviour for mixed mode domains, and if the trusted
domain cannot be reached with our current krb5.conf file, we will show
that domain as disconnected.
This is in line with existing behaviour for native mode domains, and for
our primary domain.
As a consequence of testing this patch, I found that our kerberos error
handling was well below par - we would often throw away useful error
values. These changes move more routines to ADS_STATUS to return
kerberos errors.
Also found when valgrinding the setup, fix a few memory leaks.
While sniffing the resultant connections, I noticed we would query our
list of trusted domains twice - so I have reworked some of the code to
avoid that.
Andrew Bartlett
Andrew Bartlett [Thu, 8 Jan 2004 05:37:23 +0000 (05:37 +0000)]
In tdb_allocate(), we would create a new record by writing a local variable
'newrec' into the tdb.
This was not initialised, so valgrind warned about it.
(Note: valgrind only makes sense on tdbs with 'mmap = no' in your smb.conf)
Andrew Bartlett
Andrew Bartlett [Thu, 8 Jan 2004 02:57:42 +0000 (02:57 +0000)]
Make it clearer that the domain here is the domain of the user for
authentication.
Andrew Bartlett
Andrew Bartlett [Thu, 8 Jan 2004 02:15:46 +0000 (02:15 +0000)]
Move more of winbind to use 'find_our_domain()' rather than the dangerous
find_domain_from_name(lp_workgroup()).
(as find_domain_from_name() can change the data in lp_workgroup())
Andrew Bartlett
Andrew Bartlett [Thu, 8 Jan 2004 00:55:13 +0000 (00:55 +0000)]
The correct test for 'is our primary domain' is domain->primary
Andrew Bartlett [Wed, 7 Jan 2004 23:46:47 +0000 (23:46 +0000)]
Machines are people too!
While machine accounts cannot use an NTLM login (NT4 style), they are
otherwise full and valid members of the domain, and expect to be able to
use kerberos to connect to CIFS servers.
This means that the LocalSystem account, used by various services, can
perform things like backups, without the admin needing to enter further
passwords.
This particular issue (bug 722) has started to come up a lot on the lists.
I have only enabled it for winbindd-based systems, as the macros use use
to call the 'add user script' will strip the $ from the username for
security reasons.
Andrew Bartlett
Jeremy Allison [Wed, 7 Jan 2004 23:21:36 +0000 (23:21 +0000)]
Fix for bug #922. Fast path not called for strlower_m() and strupper_m().
From ab@samba.org (Alexander Bokovoy).
Jeremy.
Rafal Szczesniak [Wed, 7 Jan 2004 22:44:28 +0000 (22:44 +0000)]
Typo fix.
rafal
Rafal Szczesniak [Wed, 7 Jan 2004 22:43:36 +0000 (22:43 +0000)]
Doxygen comment fix.
rafal
Jeremy Allison [Wed, 7 Jan 2004 21:08:42 +0000 (21:08 +0000)]
Fix from Justin Baugh <justin.baugh@request.com> for bugid #948 for
FreeBSD winbindd.
Jeremy.
Gerald Carter [Wed, 7 Jan 2004 19:57:08 +0000 (19:57 +0000)]
commiting jra's fix for Exchange clear test auth
Jeremy Allison [Wed, 7 Jan 2004 19:55:01 +0000 (19:55 +0000)]
Fix from Luke Howard <lukeh@PADL.COM> for incorrect early free().
Jeremy.
Andrew Bartlett [Wed, 7 Jan 2004 10:11:24 +0000 (10:11 +0000)]
Don't duplicate pulling the 'IPC' username from secrets.tdb, instead
just use one function for both places.
Andrew Bartlett
Volker Lendecke [Wed, 7 Jan 2004 10:02:10 +0000 (10:02 +0000)]
There is a German translation of swat -- surprise :-)
Fix some msgs
Volker
Jelmer Vernooij [Wed, 7 Jan 2004 00:43:52 +0000 (00:43 +0000)]
Add smbget utility, a simple wget-like utility that uses libsmbclient.
Supports recursive downloads and resume, progress indication and shows
estimated time remaining.
Andrew Bartlett [Tue, 6 Jan 2004 23:57:12 +0000 (23:57 +0000)]
Fix segfualt caused by incorrect configuration. If lp_realm() was not set,
but security=ADS, we would attempt to free the principal name that krb5
never allocated.
Also fix the dump_data() of the session key, now that we use a data_blob to
store that.
Andrew Bartlett
Jeremy Allison [Tue, 6 Jan 2004 22:34:06 +0000 (22:34 +0000)]
Patch penguin. Cleaning out old mbp patch.
Jeremy.
Gerald Carter [Tue, 6 Jan 2004 20:56:59 +0000 (20:56 +0000)]
more commits logged
Jelmer Vernooij [Tue, 6 Jan 2004 20:03:34 +0000 (20:03 +0000)]
Write bug number like in the rest of the file
Jelmer Vernooij [Tue, 6 Jan 2004 20:01:48 +0000 (20:01 +0000)]
Fix -s option to smbcontrol (#908)
Gerald Carter [Tue, 6 Jan 2004 19:57:14 +0000 (19:57 +0000)]
remove unused seek_file(); don't hardcode '\' when printing the auth-user
Gerald Carter [Tue, 6 Jan 2004 19:14:22 +0000 (19:14 +0000)]
bumping to 3.0.2pre2
Gerald Carter [Tue, 6 Jan 2004 19:05:23 +0000 (19:05 +0000)]
more commit logs
Gerald Carter [Tue, 6 Jan 2004 18:42:09 +0000 (18:42 +0000)]
* making sure contributors are listed in alphabetical order
* adding jra's fix for bug 815
Gerald Carter [Tue, 6 Jan 2004 18:26:18 +0000 (18:26 +0000)]
isolate ldap debug messages to the common smbldap_XXX() functions
Jeremy Allison [Tue, 6 Jan 2004 18:13:32 +0000 (18:13 +0000)]
XFS quota patch from Stefan Metzmacher <metze@metzemix.de>.
Jeremy.
Jeremy Allison [Tue, 6 Jan 2004 17:53:34 +0000 (17:53 +0000)]
Updates for pread/pwrite code.
Jeremy.
Volker Lendecke [Tue, 6 Jan 2004 15:41:32 +0000 (15:41 +0000)]
Correctly detect AFS headers on SuSE in /usr/include/afs/afs/
Volker
Gerald Carter [Tue, 6 Jan 2004 14:40:35 +0000 (14:40 +0000)]
fix case in objectclass name (not that it really matters); patch from Darren Chew <darrenc@vicscouts.asn.au>
Andrew Bartlett [Tue, 6 Jan 2004 10:22:13 +0000 (10:22 +0000)]
Patch by Stefan Metzmacher <metze@metzemix.de>:
here's a small fix that fixes the new quota system on irix.
I need to reanable XFS quotas on irix for the new quota system
(Jerry do you want to wait for this for the release ?)
But the old system works and is the default on irix!