Gerald Carter [Tue, 30 Dec 2003 22:18:40 +0000 (22:18 +0000)]
Move to short lived TALLOC_CTX* for allocating printer
objects from the print handle cache. Fixes bug that
caused smbd to consume large amounts of RAM when
(a) a printer handle was kept open over an extended
period of time, and
(b) the client issued frequent requests that resulted
in a call to get_a_printer()
(This used to be commit
b84ea23f99481f9260dedbe8dd715112ccdc7d7a)
Volker Lendecke [Tue, 30 Dec 2003 21:12:57 +0000 (21:12 +0000)]
Another little one: Make pdb_test.c at least compile, although its way out of
date.
Volker
(This used to be commit
0a84173555b29b77b241741c7b1ae4fac595c28f)
Volker Lendecke [Tue, 30 Dec 2003 16:01:24 +0000 (16:01 +0000)]
The AFS pts command always generates completely lower-case user names. As case
is not significant in windows user names we should not lose information by
lower-casing the name before handing it to AFS.
Volker
(This used to be commit
097e8d44b4a6eb49f36debae1f2cc8af7565b0eb)
Volker Lendecke [Tue, 30 Dec 2003 15:20:07 +0000 (15:20 +0000)]
Fix Bug # 924
Volker
(This used to be commit
1f0e045502f802f819738d1b89574b07dfaa6bc6)
Volker Lendecke [Sat, 27 Dec 2003 10:13:20 +0000 (10:13 +0000)]
Preliminary fix for our signing problem with failed NTLMSSP logins. This patch
solves the problem for me here, I can still successfully set up signing using
NTLMSSP against w2k3 and it does not show a signing error anymoe when the
password was wrong.
Jeremy, you might want to take a further look at it as this is not
particularly elegant.
Volker
(This used to be commit
8a82060e3aee6d5ef38b1448035d865f9bce63a7)
Volker Lendecke [Fri, 26 Dec 2003 21:35:39 +0000 (21:35 +0000)]
Collecting another little patch from gd@suse.de
As broken as it might be, smbwrapper.so should be put into the
libdir and not bindir.
Volker
(This used to be commit
c374fd982e63209cf555fe8fbf15cfae0f79aca1)
Volker Lendecke [Fri, 26 Dec 2003 19:39:50 +0000 (19:39 +0000)]
Collecting some minor patches...
This adds the ability to specify the new user password for 'net ads password'
on the command line. As this needs the admin password on the command line, the
information leak is minimally more.
Patch from gd@suse.de
Volker
(This used to be commit
68af56f517014476ab4549de72a0585a0a07c72f)
Andrew Bartlett [Thu, 25 Dec 2003 23:35:27 +0000 (23:35 +0000)]
(merge from 3.0)
ldap rebind sleep -> ldap replication sleep
While writing documentation for metze's patch, it became clear that this is a
better name.
Andrew Bartlett
(This used to be commit
bac2c20adf6a8f541f227652d4da3d8f31f1a648)
Volker Lendecke [Thu, 25 Dec 2003 22:45:15 +0000 (22:45 +0000)]
This is metze's LDAP rebind sleep patch:
When smb.conf tells us to write to a read-only LDAP replica and we are
redirected by the LDAP server, the replication might take some seconds,
especially over slow links. This patch delays the next read after a rebind for
'ldap rebind sleep' milliseconds.
Metze, thanks for your patience.
Volker
(This used to be commit
7293550e3642e2553684a7011084dabb0b78fd24)
Volker Lendecke [Thu, 25 Dec 2003 22:31:30 +0000 (22:31 +0000)]
Fix our parsing of the LDAP url. We get around it as all decent systems seem
to have ldap_initialize.
Thanks to abartlet for the fix (and the bug in the first place ;-))
Volker
(This used to be commit
943e156788ea361cb3ec0ab37a87653494e47f2e)
Volker Lendecke [Thu, 25 Dec 2003 10:10:49 +0000 (10:10 +0000)]
abartlet pointed me at the fact that the order and flags in loadparm.c are
actually used.... 'afs username map' should not show up in the swat basic
view. :-)
Maybe I should use swat from time to time....
Volker
(This used to be commit
82f47aeca3d376d766efc36fdf2efe158f975484)
Andrew Bartlett [Thu, 25 Dec 2003 09:57:39 +0000 (09:57 +0000)]
(merge from 3.0)
Fix bug 916 - do not perform a + -> space substitution for squid URL encoded
strings, only form input in SWAT.
Andrew Bartlett
(This used to be commit
794ff4da03a3c5b6afa3ee4802f83f04571a5652)
Andrew Bartlett [Wed, 24 Dec 2003 10:02:57 +0000 (10:02 +0000)]
(merge from 3.0)
Thanks to Serassio Guido for noticing issues in our Squid NTLMSSP
implementation. We were not resetting the NTLMSSP state for new
negotiate packets.
Andrew Bartlett
(This used to be commit
ada064af72e120aacd733245292e988dd696d059)
Jeremy Allison [Tue, 23 Dec 2003 07:33:38 +0000 (07:33 +0000)]
Fix for special files being hidden from admins by Dmitry Butskoj <buc@odusz.elektra.ru>
Jeremy.
(This used to be commit
a14259d885291c138d3d62d36737472048840aa6)
Gerald Carter [Mon, 22 Dec 2003 21:26:29 +0000 (21:26 +0000)]
correct typo in delete user script; bug 887
(This used to be commit
44ef3dd2b346176e756b5e361a38da19ea93e071)
Gerald Carter [Mon, 22 Dec 2003 21:24:40 +0000 (21:24 +0000)]
add well known rid for pre win2k compatible access group; bug 897
(This used to be commit
426a02cf678236f902c143b56eaaf854fca2237f)
Jeremy Allison [Mon, 22 Dec 2003 11:12:12 +0000 (11:12 +0000)]
Patch from Jianliang Lu j.lu@tiesse.com to manage Power Users
group.
Jeremy.
(This used to be commit
72174634aa26c01431ccf85331aaa8b51e70c8ff)
Gerald Carter [Fri, 19 Dec 2003 00:33:27 +0000 (00:33 +0000)]
* add a few useful debug lines
* fix bug involving Win9x clients. Make sure we
save the right case for the located username
in fill_sam_account()
(This used to be commit
d22b4097d4c2bde7989af31ccb572871c6e63424)
Jeremy Allison [Wed, 17 Dec 2003 21:57:29 +0000 (21:57 +0000)]
Add in comments explaining NTLMv2 selection. Use lm session key if that's
all there is.
Jeremy.
(This used to be commit
3e6abeffe176cdba43d251f55f3b7aecd8fa55b1)
Jeremy Allison [Wed, 17 Dec 2003 20:11:35 +0000 (20:11 +0000)]
Tidyup debug message in ntlmssp code. Add brackets around dodgy if statement.
Jeremy
(This used to be commit
6cd0f6e7c0a28ddccf55acb1e411e5ed5bd3cf47)
Gerald Carter [Wed, 17 Dec 2003 06:18:41 +0000 (06:18 +0000)]
Make sure we correctly generate the lm session key.
This fixes a problem joining a Samba domain from a
vanilla win2k client that doesn't set the
NTLMSSP_NEGOTIATE_NTLM2 flag.
Reported on samba ml as "decode_pw: incorrect password length"
when handling a samr_set_userinfo(23 or 24) RPC.
(This used to be commit
14558c942beb05cd12c0e40c1bb30c3dcde8ce48)
Gerald Carter [Tue, 16 Dec 2003 18:36:05 +0000 (18:36 +0000)]
make sure we delete the group mapping before calling the delete group script; patch from Jianliang Lu <j.lu@tiesse.com>
(This used to be commit
66edeb855e7d7a0bfa20cbe93275c86880bd453d)
Jeremy Allison [Sat, 13 Dec 2003 01:43:52 +0000 (01:43 +0000)]
Fix from ndb@theghet.to to allow an existing LDAP machine account to be
re-used, rather than created from scratch.
Jeremy.
(This used to be commit
1bcc4c244dd127643c66ed75550f405e90c99c76)
Jeremy Allison [Fri, 12 Dec 2003 22:54:41 +0000 (22:54 +0000)]
Fix for bug #815. Make plaintext unicode passwords work with NT4.x
Jeremy.
(This used to be commit
29bac18b6971f459c3cb138366ae493d5805f643)
Jeremy Allison [Fri, 12 Dec 2003 20:15:47 +0000 (20:15 +0000)]
Fix detection of elements in in-memory keytab code.
Jeremy.
(This used to be commit
c208ea44aa4cc8c0cde6aa02d98d87f36aed9589)
Gerald Carter [Thu, 11 Dec 2003 22:31:00 +0000 (22:31 +0000)]
fix bug that prevent --mandir from overriding the defaults given in the --with-fhs macro
(This used to be commit
824218d086d90f6fcf3789e8e87f047e2da55c25)
Jeremy Allison [Thu, 11 Dec 2003 20:54:55 +0000 (20:54 +0000)]
Correctly detect in-memory krb5 keytab support. Fix for bug #863 from
gschafer@zip.com.au (Greg Schafer).
Jeremy.
(This used to be commit
25d91f8d8c4e3bd8237716052b53350587ffb8dc)
Jeremy Allison [Thu, 11 Dec 2003 19:59:05 +0000 (19:59 +0000)]
Patch from James Peach <jpeach@sgi.com>. Remove the MAX_CONNECTIONS limit
by increasing bitmap size. Limited by "max connections" parameter.
Bug #716.
Jeremy.
(This used to be commit
0be57a2eb015f832c6bb6d84525719a3d632f741)
Gerald Carter [Thu, 11 Dec 2003 15:35:44 +0000 (15:35 +0000)]
fixed bad formal parameter type in get_static(); patch Andy Polyakov
(This used to be commit
67d893701f09f29e8af56cd98f04131658b39713)
Alexander Bokovoy [Thu, 11 Dec 2003 10:31:20 +0000 (10:31 +0000)]
Fix uninitialized variable in passdb code. Reported by Andy Polyakov <appro@fy.chalmers.se>
(This used to be commit
ca21dd3bb682700d628e9fc1aeedd1594cda3094)
Gerald Carter [Wed, 10 Dec 2003 21:14:39 +0000 (21:14 +0000)]
Fix UNISTR2 length bug in LsaQueryInfo(3) that cause SID resolution to fail on local files on on domain members; bug 875
(This used to be commit
a5c5dde1c34ba44f8d9bbb38720a089a6d61806c)
Gerald Carter [Wed, 10 Dec 2003 16:42:44 +0000 (16:42 +0000)]
more group lookup access fixes on the neverending bug 281
(This used to be commit
975ac6f5aa4d8d709733757e4e003f3c551fc9ba)
Alexander Bokovoy [Wed, 10 Dec 2003 16:01:20 +0000 (16:01 +0000)]
Fix #558 -- support ISO-8859-1 internally. Makes Solaris users a bit happier
(This used to be commit
808fc7e9d52ccc61ceb56821f6b977936817b88b)
Gerald Carter [Wed, 10 Dec 2003 14:10:39 +0000 (14:10 +0000)]
patch from TAKEDA yasuma to bypass any missing language files
(This used to be commit
c65f63be1eb8bb9350cc7e843c858050c5ce5095)
Jeremy Allison [Tue, 9 Dec 2003 22:32:55 +0000 (22:32 +0000)]
IRIX spinlock patch from James Peach <jpeach@sgi.com>.
Jeremy.
(This used to be commit
04abff372b8939bd33c6dceb48baac9fdb7e27b6)
Gerald Carter [Tue, 9 Dec 2003 21:31:38 +0000 (21:31 +0000)]
working on packaging; also fixed some path issues in configure.in & Makefile.in
(This used to be commit
c16e51bfaf59b2d5b1b800ee272ac45b13b9a9fc)
Jeremy Allison [Tue, 9 Dec 2003 18:34:26 +0000 (18:34 +0000)]
Final part of fix for #445. Don't add user for machine accounts.
Jeremy.
(This used to be commit
0785295fe067093ea1483fc19e30c63512018db3)
Gerald Carter [Tue, 9 Dec 2003 18:20:48 +0000 (18:20 +0000)]
fix bug in get_peer_name() caused by --enable-developer and using the same src & dest strings to alpha_strcpy(); reported by Michael Young
(This used to be commit
0054ce8707038444bec8c4ac8f0deea12ef65820)
Jeremy Allison [Tue, 9 Dec 2003 02:29:24 +0000 (02:29 +0000)]
Make intent to return only one address clear.
Jeremy.
(This used to be commit
08b6b1e43ce354cfb77701c8953565e1163ff76b)
Gerald Carter [Mon, 8 Dec 2003 17:42:26 +0000 (17:42 +0000)]
working on bug 687; protect against null src strings in alloc_sub_basic()
(This used to be commit
b187511920dc6245faeb5ea6b48132bd5ba69ef9)
Gerald Carter [Mon, 8 Dec 2003 17:42:21 +0000 (17:42 +0000)]
make sure we use a real network address in case there are extra non-zero octets in hosts allow/deny
(This used to be commit
f891d434a1406d18f9842ac6b3d1ea49ee96b9bc)
Andrew Bartlett [Sun, 7 Dec 2003 11:06:40 +0000 (11:06 +0000)]
Merge from 3.0:
source/libsmb/ntlmssp.c:
Picked up by the build farm - despite all my efforts, security=server was
broken by my NTLM2 commit. This should correctly cause the NTLM2 case
not to be negotiated when 'security=server' is in effect.
testsuide/build_farm/runlist:
Without 'non unix accounts' we can't test security=domain on the build farm.
source/rpc_server/srv_samr_nt.c:
Match Win2k and return 'invalid parameter' for creating of a new account with
account flags of 0.
Andrew Bartlett
(This used to be commit
e97f1eb62ae01b5259d7ecfab9b55b07103379c7)
Jeremy Allison [Sat, 6 Dec 2003 02:33:59 +0000 (02:33 +0000)]
Fix for bug #445 (missing unix user on kerberos auth doesn't call add user
script).
Jeremy.
(This used to be commit
881c5c60977d15b5d4b34fde8743deac80f11a99)
Gerald Carter [Fri, 5 Dec 2003 21:52:17 +0000 (21:52 +0000)]
fix %a variable for Windows 2003 -> Win2K3
(This used to be commit
d7db1439a626ae13b77dc262c82e713fcab1ab4f)
Jeremy Allison [Fri, 5 Dec 2003 21:01:23 +0000 (21:01 +0000)]
Janitor for tridge...
Jeremy.
(This used to be commit
d9790a76d88b8c46d665f2294878ee13d438b791)
Gerald Carter [Fri, 5 Dec 2003 17:21:00 +0000 (17:21 +0000)]
packaging updates from Buchan
(This used to be commit
9a5b5be68e6ba2c3ab06eb4a8104b7d2d71f0c2a)
Gerald Carter [Fri, 5 Dec 2003 15:27:58 +0000 (15:27 +0000)]
create libdir for installclientlib; patch from Bill Knox
(This used to be commit
915b5eb67f8d4acc901d78b7b7d4d615aef817cd)
Gerald Carter [Thu, 4 Dec 2003 20:22:19 +0000 (20:22 +0000)]
fix process_incoming_data() to return the number of bytes handled this call whether we have a complete pdu or not; fixes bug with multiple pdu request rpc's broken over SMBwriteX calls each
(This used to be commit
514acc655d58a660b2a2542ff81a880f1bdfc3f6)
Gerald Carter [Thu, 4 Dec 2003 16:39:11 +0000 (16:39 +0000)]
typo in BASEDIR; patch from Darren Chew
(This used to be commit
c0710a34ba737ebdd078beb223df528b297057a1)
Gerald Carter [Thu, 4 Dec 2003 05:02:25 +0000 (05:02 +0000)]
readding schema items that were accidentally deleted
(This used to be commit
14dd4403fe006345a9cdf55b2b35a31176463349)
Gerald Carter [Thu, 4 Dec 2003 04:52:49 +0000 (04:52 +0000)]
support munged dial for ldapsam; patch from Aurélien Degrémont; bug 800
(This used to be commit
acf9eae7b0c95776358292c3463951477575bcc6)
Gerald Carter [Thu, 4 Dec 2003 04:32:22 +0000 (04:32 +0000)]
don't crash on a NULL priviledge pointer; patch from Jianliang Lu
(This used to be commit
5bbfa9989bcade2e1192a68596de3e574faed1d5)
Gerald Carter [Thu, 4 Dec 2003 04:08:32 +0000 (04:08 +0000)]
* fix RemoveSidForeignDomain() ; bug 252
* don't fall back to unmapped UNIX group for
get_local_group_from_sid()
* remove an extra become/unbecome_root() pair
from group enumeration
(This used to be commit
c0f34b42a6a4af09ae4b76721bc350784d87f686)
Jeremy Allison [Wed, 3 Dec 2003 23:16:24 +0000 (23:16 +0000)]
Fix for "hash" (not hash2) type mangling. Noticed by "Forrest W. Christian" <fwc@mt.net>
Jeremy.
(This used to be commit
b2d63007608944fff05e45b1f6b312373d022062)
Volker Lendecke [Tue, 2 Dec 2003 11:41:42 +0000 (11:41 +0000)]
Two trivial warnings
Volker
(This used to be commit
6b46ee6fd5c47d04e9c61e6cec3f0b16b268cd2d)
Jeremy Allison [Mon, 1 Dec 2003 22:55:41 +0000 (22:55 +0000)]
Client connect signing error messages should be level zero else
they're easy to miss.
Jeremy.
(This used to be commit
b5f32a0869017a3ce457bf45e4aa2c1b621162c6)
Jeremy Allison [Mon, 1 Dec 2003 22:46:49 +0000 (22:46 +0000)]
Get a little paranoid about memfree use in convert_string_allocate..
Looking at crash bugs #809 and others.
Jeremy.
(This used to be commit
e122891bebd33fc7bd654146a5cbec1feb307555)
Gerald Carter [Mon, 1 Dec 2003 19:58:53 +0000 (19:58 +0000)]
another strequal() == 0 fix
(This used to be commit
818bba4b796440453e5911369adf5bd147e9b961)
Gerald Carter [Mon, 1 Dec 2003 19:26:32 +0000 (19:26 +0000)]
fix inverted logic caused by s/strcmp/strequal/; host allow/deny works again; bug 846
(This used to be commit
18fe1681c15cc25a41e738e615b759d759f9ecf4)
Gerald Carter [Mon, 1 Dec 2003 18:38:08 +0000 (18:38 +0000)]
add Replicator and RAS Servers to list of builtin SIDs we resolve; bug 608
(This used to be commit
1bb2281e177d1f312c0c3c117c5b0dcabe57125b)
Gerald Carter [Mon, 1 Dec 2003 18:02:30 +0000 (18:02 +0000)]
don't mistake pre-existing UNIX jobs for smb jobs; patch from SATOH Fumiyasu bug 770
(This used to be commit
d6333ae8d707c17a6fa26a39b14a802bc816ab3f)
Volker Lendecke [Mon, 1 Dec 2003 14:13:20 +0000 (14:13 +0000)]
In the brief 'net rpc group' listing, don't cut off group names at 21 chars.
Volker
(This used to be commit
d623f695c48736f21a79f02cf669d5bcf39cd920)
Volker Lendecke [Mon, 1 Dec 2003 14:08:15 +0000 (14:08 +0000)]
Beautify the net status help message a bit
Volker
(This used to be commit
f8ffa207e05920f28502b45b550a394aba9648a7)
Volker Lendecke [Mon, 1 Dec 2003 14:02:24 +0000 (14:02 +0000)]
I needed a decently parseable format of smbstatus. Looking at smbstatus code
tells me that this should not be expanded, so I implemented
net status [sessions|shares] [parseable]
Volker
(This used to be commit
ed38341c8a6454a8ec0f8240d83239f6869536b8)
Jeremy Allison [Mon, 1 Dec 2003 06:59:56 +0000 (06:59 +0000)]
Fix spurious error msg. when seq=0.
Jeremy.
(This used to be commit
fd71acd1ffb3d3c2f2f82395c86512124769d592)
Jeremy Allison [Mon, 1 Dec 2003 06:53:21 +0000 (06:53 +0000)]
Ensure the server can cope with multiple secondary trans
requests when signing is turned on.
Jeremy.
(This used to be commit
b97596df7834a80b648022e22983cab5dfb0f7dd)
Jeremy Allison [Mon, 1 Dec 2003 06:19:14 +0000 (06:19 +0000)]
Subtract NT_STATUS from common flag, don't add it...
Jeremy.
(This used to be commit
0ed153af55279ba1e621c688b5e78f842e72ea1e)
Jeremy Allison [Mon, 1 Dec 2003 03:24:53 +0000 (03:24 +0000)]
Ensure we use the same mid for the secondary trans requests, W2K3
does this.
Jeremy.
(This used to be commit
e5bb3fdf4c8b2bb5b098bfbc0b4b80d947aeac6c)
Jeremy Allison [Mon, 1 Dec 2003 02:25:53 +0000 (02:25 +0000)]
Don't automatically set nt status code flag unless client tells us it can
cope.
Jeremy.
(This used to be commit
dd1ac8d5eba060dcd7fdde7449d07bee1dc12b27)
Jeremy Allison [Mon, 1 Dec 2003 01:04:02 +0000 (01:04 +0000)]
Better fix for client signing bug. Ensure we don't malloc/free trans signing
state info each packet.
Jeremy.
(This used to be commit
c662e2dbc4d953b3718f69fef4517a3e7539151e)
Jeremy Allison [Sun, 30 Nov 2003 19:40:53 +0000 (19:40 +0000)]
Fix signing bug with secondary client trans requests. Turns out the last
packet is the one that matters for checking the signing replies. Need to
check the server code does this correctly too....
Bug #832 reported by Volker.
Jeremy.
(This used to be commit
315f25fc1710e20051414bbf084cb5648129c3bb)
Volker Lendecke [Fri, 28 Nov 2003 15:10:30 +0000 (15:10 +0000)]
Implement 'net rpc group list [global|local|builtin]*' for a select listing of
the respective user databases.
Volker
(This used to be commit
53b592f4a64742767f37f9c7f8ee0fdf42e686c6)
Jeremy Allison [Thu, 27 Nov 2003 18:34:40 +0000 (18:34 +0000)]
Fix for pdbedit error code returns (sorry, forgot who sent in the patch).
Jeremy.
(This used to be commit
37c96290592607b5e731d0b8933be825d93b70f0)
Volker Lendecke [Thu, 27 Nov 2003 17:32:13 +0000 (17:32 +0000)]
Only ask for 512 names at a time.
Volker
(This used to be commit
73cdf724e90d76e97895ae5b1326825bb59bf90e)
Gerald Carter [Thu, 27 Nov 2003 04:40:58 +0000 (04:40 +0000)]
use samr_dispinfo(level == 1) for enumerating domain users so we can include the full name in gecos field; bug 587
(This used to be commit
5482ff71729b623c4561e42b82467bf2d5d64082)
Jeremy Allison [Wed, 26 Nov 2003 20:58:51 +0000 (20:58 +0000)]
Patch from Benjamin Riefenstahl <Benjamin.Riefenstahl@epost.de> to add
MacOSX (Darwin) specific charset module code. Also had to add AC_CHECK_CPP
to configure.in (this took a *long* time to track down) to make autoconf
work correctly on Fedora Core 1.
Jeremy.
(This used to be commit
a5711943428e4b586fb7f064739c78fa0a3ebd52)
Volker Lendecke [Wed, 26 Nov 2003 10:09:59 +0000 (10:09 +0000)]
Implement "net rpc group members": Get members of a domain group in
human-readable format.
Volker
(This used to be commit
e5770a9433099f86a1f828a35bbecbe5691c000c)
Volker Lendecke [Wed, 26 Nov 2003 10:01:31 +0000 (10:01 +0000)]
Get rid of a const warning
Volker
(This used to be commit
ab1096d58e2447bc91370e0a7f913d9375658c4c)
Andrew Bartlett [Wed, 26 Nov 2003 00:07:55 +0000 (00:07 +0000)]
Merge from 3.0:
- NTLM2 fixes, don't force NTLM2
- Don't use NTLM2 for RPC, it doesn't work yet
- Add comments to winbindd_pam.c
- Merge 64 bit fixes and better debug messages in winbindd.c
Andrew Bartlett
(This used to be commit
ba94e4a1ab6dc3335bbb29686ca6795d0ffad5b0)
Jeremy Allison [Tue, 25 Nov 2003 23:25:15 +0000 (23:25 +0000)]
Patch from Jim McDonough for bug #802. Retrieve the correct ACL group bits
if the file has an ACL.
Jeremy.
(This used to be commit
a51d9e947ef012fabf5a13250df6232d23722f68)
Gerald Carter [Tue, 25 Nov 2003 19:17:20 +0000 (19:17 +0000)]
allow users to delete jobs with cups printing backend
The changes the name of the job passed off to cups
from "Test Page" to "smbprn.
00000033 Test Page" so that
we can get the smb jobid back from lpq. Working on bug
770.
(This used to be commit
3a84daf24f80cf44605841c844a0ba516354420b)
Jeremy Allison [Tue, 25 Nov 2003 18:15:49 +0000 (18:15 +0000)]
If signing starts successfully, don't just turn it off automatically if
it fails later. Only turn it off automatically if it fails at the start.
Jeremy.
(This used to be commit
2a00d538da61253455db1734b74ef1debaea24ea)
Jeremy Allison [Tue, 25 Nov 2003 02:04:10 +0000 (02:04 +0000)]
Patch for #263 from jpjanosi@us.ibm.com.
Jeremy.
(This used to be commit
6543bca0cbf6030d2400e30bb7491237d9c818f8)
Jeremy Allison [Tue, 25 Nov 2003 00:32:48 +0000 (00:32 +0000)]
When server signing is set to "auto", if the client doesn't sign just
ignore it. Only fail if signing is set to "required".
Jeremy.
(This used to be commit
ab5db8873e2882900baa1c74706bb907baaff7fd)
Gerald Carter [Mon, 24 Nov 2003 20:22:41 +0000 (20:22 +0000)]
strequal() returns a BOOL, not an int like strcmp(); this fixes a bug in check_bind_response()
(This used to be commit
84f0e97e5882375b765b818e89a6d96736cd5932)
Jeremy Allison [Mon, 24 Nov 2003 20:18:44 +0000 (20:18 +0000)]
Added "passwd chat timeout" parameter. Docs to follow.
Jeremy.
(This used to be commit
4d49fb806db6868f97069a603a28a85dc31cfe21)
Gerald Carter [Mon, 24 Nov 2003 18:38:15 +0000 (18:38 +0000)]
patch from Matthias Hilbig for bug 467; use the dns name (or IP) as the originating client name when using CUPS
(This used to be commit
eae48cda0f7f1346cd66d5a581c1273880f214d4)
Gerald Carter [Mon, 24 Nov 2003 17:33:15 +0000 (17:33 +0000)]
more access fixes for group enumeration in LDAP; bug 281
(This used to be commit
c4ce92e80688fe7fd4b2fde2c31e94baf3e4dca0)
Andrew Bartlett [Sun, 23 Nov 2003 00:23:26 +0000 (00:23 +0000)]
(Merge from 3.0)
Patch by emil@disksites.com <Emil Rasamat> to ensure we always always
free() each auth method. (We had relied on the use of talloc() only,
despite providing the free() callback)
Andrew Bartlett
(This used to be commit
58c4963a8389dff4d925548217fabed1c9932abd)
Andrew Bartlett [Sun, 23 Nov 2003 00:22:17 +0000 (00:22 +0000)]
Merge from 3.0:
Add support for variable-length session keys in our client code.
This means that we now support 'net rpc join' with KRB5 (des based)
logins. Now, you need to hack 'net' to do that, but the principal is
important...
When we add kerberos to 'net rpc', it should be possible to still do
user management and the like over RPC.
-
Add server-side support for variable-length session keys (as used by
DES based krb5 logins).
Andrew Bartlett
(This used to be commit
1287cf5f921327c9ea758de46220c4e2dedc485c)
Andrew Bartlett [Sat, 22 Nov 2003 13:29:02 +0000 (13:29 +0000)]
(merge from 3.0)
Changes all over the shop, but all towards:
- NTLM2 support in the server
- KEY_EXCH support in the server
- variable length session keys.
In detail:
- NTLM2 is an extension of NTLMv1, that is compatible with existing
domain controllers (unlike NTLMv2, which requires a DC upgrade).
* This is known as 'NTLMv2 session security' *
(This is not yet implemented on the RPC pipes however, so there may
well still be issues for PDC setups, particuarly around password
changes. We do not fully understand the sign/seal implications of
NTLM2 on RPC pipes.)
This requires modifications to our authentication subsystem, as we
must handle the 'challege' input into the challenge-response algorithm
being changed. This also needs to be turned off for
'security=server', which does not support this.
- KEY_EXCH is another 'security' mechanism, whereby the session key
actually used by the server is sent by the client, rather than being
the shared-secret directly or indirectly.
- As both these methods change the session key, the auth subsystem
needed to be changed, to 'override' session keys provided by the
backend.
- There has also been a major overhaul of the NTLMSSP subsystem, to
merge the 'client' and 'server' functions, so they both operate on a
single structure. This should help the SPNEGO implementation.
- The 'names blob' in NTLMSSP is always in unicode - never in ascii.
Don't make an ascii version ever.
- The other big change is to allow variable length session keys. We
have always assumed that session keys are 16 bytes long - and padded
to this length if shorter. However, Kerberos session keys are 8 bytes
long, when the krb5 login uses DES.
* This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. *
- Add better DEBUG() messages to ntlm_auth, warning administrators of
misconfigurations that prevent access to the privileged pipe. This
should help reduce some of the 'it just doesn't work' issues.
- Fix data_blob_talloc() to behave the same way data_blob() does when
passed a NULL data pointer. (just allocate)
REMEMBER to make clean after this commit - I have changed plenty of
data structures...
Andrew Bartlett
(This used to be commit
57a895aaabacc0c9147344d097d333793b77c947)
Gerald Carter [Sat, 22 Nov 2003 06:17:46 +0000 (06:17 +0000)]
debug and swat fixes from 3.0
(This used to be commit
52c1973f39f4c4161097843fcf395e0102531575)
Gerald Carter [Sat, 22 Nov 2003 04:49:32 +0000 (04:49 +0000)]
fix winbind ping call so that SWAT correctly determines if winbindd is running; bug 398
(This used to be commit
cb12d519cc40b964d022886538044e8613931199)
Gerald Carter [Sat, 22 Nov 2003 04:35:36 +0000 (04:35 +0000)]
Ensure that items in a list of strings containing whitespace
are written out surrounded by single quotes. This means that
both double and single quotes are now used to surround
strings in smb.conf. This is a slight change from the previous
behavior but needed or else things like
printer admin = +ntadmin, 'VALE\Domain, Admin'
get written to smb.conf by SWAT.
(This used to be commit
59e9d6e301c752e99fb6a50204d7941f7f84566a)
Jeremy Allison [Fri, 21 Nov 2003 23:01:34 +0000 (23:01 +0000)]
Fix for rename across filesystems. Noticed by Rainer Link <link@foo.fh-furtwangen.de>.
Jeremy.
(This used to be commit
f68c2ff0f3307612ddbe62b8cc2ea12251d54ec6)
Jeremy Allison [Fri, 21 Nov 2003 19:20:51 +0000 (19:20 +0000)]
Fix Jerry's no-proto bug :-).
Jeremy.
(This used to be commit
2b39e3f12a12f0863bf76d996c0d0db422d593bc)
Gerald Carter [Fri, 21 Nov 2003 19:12:33 +0000 (19:12 +0000)]
make sure we don't append the ldap suffix when writing out the ldap XXX suffix values in SWAT; based on tpot's original patch; bug 328
(This used to be commit
b1d5173b16c40d55cfb6265f1d1947ec78952b6f)
Rafal Szczesniak [Thu, 20 Nov 2003 23:54:13 +0000 (23:54 +0000)]
Rafal Szczesniak [Wed, 19 Nov 2003 23:14:21 +0000 (23:14 +0000)]
Added useful information to debug lines.
Patch by metze.
rafal
(This used to be commit
91e1be66b1a3aa002f68d8f1c2fc148c1374d365)
Jeremy Allison [Wed, 19 Nov 2003 22:57:53 +0000 (22:57 +0000)]
Look at error before using it in debug statement.
Jeremy.
(This used to be commit
42114b75f2c082522f7806a1af11409609785b06)