1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

925 Commits

Author SHA1 Message Date
Volker Lendecke
bfeab64ebf s3: Fix a typo 2010-04-09 16:49:49 +02:00
Stefan Metzmacher
dee63fe4ca s3:ntlmssp: use client.netbios_name instead of workstation
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24 17:34:56 +01:00
Stefan Metzmacher
ca2a5693bf s3:ntlmssp: rename void *auth_context; into void *callback_private;
metze

Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24 17:34:55 +01:00
Stefan Metzmacher
eb17809812 s3:ntlmssp: pass names to ntlmssp_server_start() and store them in ntlmssp_state
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24 17:34:54 +01:00
Stefan Metzmacher
eca118614c s3:ntlmssp: replace server_role by a server.is_standalone in ntlmssp_state
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24 17:34:54 +01:00
Jeremy Allison
12f97c0576 Fix valgrind error when running under share level security. plaintext_password
is a data blob with a data pointer pointing to an allocation of length zero.

Jeremy.
2010-03-22 13:05:29 -07:00
Volker Lendecke
48d6ed7cac s3: Fix some nonempty blank lines 2010-02-20 18:59:30 +01:00
Volker Lendecke
185815a647 s3: Remove some calls to memset -- reduces text size by some bytes for me 2010-01-24 14:52:33 +01:00
Michael Adam
8573471154 s3:auth: fix account unlock regression introduced with fix for bug #4347
By an oversight, the patchset for #4347 made the unlocking of a locked
account after the lockout duration ineffective.
Thanks to Björn for finding this!

Michael
2010-01-14 15:48:09 +01:00
Michael Adam
444ecac2d2 s3:auth: add comment to nulling out stolen sampass
Adding this comment makes me think, I could also
have changed make_server_info_sam() talloc_move
instead of talloc_steal, but that would have
changed the signature... Well the comment is a
first step. :-)

Michael
2010-01-12 16:19:56 +01:00
Volker Lendecke
3ea64e0ad8 s3: Replace most calls to sid_append_rid() by sid_compose() 2010-01-10 20:56:16 +01:00
Volker Lendecke
081573091b s3: Remove the typedef for "auth_serversupplied_info" 2010-01-10 20:56:16 +01:00
Volker Lendecke
9bb4766bba s3: Remove the typedef for "auth_usersupplied_info" 2010-01-10 20:56:16 +01:00
Michael Adam
dc68982711 s3:auth: don't update the bad pw count if pw is among last 2 history entries
This conforms to the behaviour of Windows 2003:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/bpactlck.mspx

This is supposed to fixes Bug #4347 .

Michael
2010-01-07 16:51:18 +01:00
Michael Adam
46111dc4e4 s3:auth:check_sam_security: introduce a bool var to control pad_pw_count incrementation
This is a preparatory patch for the last part in fixing bug #4347 .

Michael
2010-01-07 16:51:18 +01:00
Michael Adam
7248873b48 s3:auth:check_sam_security: improve calling and logging of pdb_update_sam_account
Log what went wrongl, and also call pdb_update_sam_account inside
become_root/unbecome_root: do the logging outside.

Michael
2010-01-07 11:07:57 +01:00
Michael Adam
5ad1b7e0c5 s3:auth:check_sam_security: fix a leading tab/ws mixup
Michael
2010-01-07 11:07:57 +01:00
Michael Adam
970317c413 s3:auth:check_sam_security: create (and use) a common exit point
for use after sam_password_ok() has been called.

Michael
2010-01-07 11:07:56 +01:00
Michael Adam
de4fb80bee s3:auth:check_sam_security: null out sampass after it has been stolen.
So that a later talloc_free would not harm. I could have used
talloc_move instead of talloc steal in make_server_info_sam(),
but this would have required a change of the signature.

Michael
2010-01-07 11:07:56 +01:00
Michael Adam
3634859450 s3:auth:sam_password_ok: take username, acct_ctrl and nt/lm hashes, not sampass
This is in preparation to extending check_sam_security to also check
against the password history before updating the bad password count.
This way, sam_password_ok can more easily be reused for that purpose.

Michael
2010-01-07 11:07:56 +01:00
Michael Adam
c0f404a2e4 s3:auth: use data_blob_null instead of data_blob(NULL, 0) in sam_password_ok()
This way it is more explicit that there is no allocated data here
that may leak.

Michael
2010-01-07 11:07:56 +01:00
Michael Adam
0172587d8d s3:auth:sam_password_ok: fix allocation of a data blob.
data_blob(mem_ctx, 16) does not use mem_ctx as a talloc ctx but
copies 16 bytes from mem_ctx into the newly allocated data blob.
This can not have been intentional. A blank uint8_t array of
length 16 is allocated by passing NULL instead of mem_ctx.
And using data_blob_talloc(mem_ctx, NULL, 16) adds the allocated
blank 16 byte array to mem_ctx - so this is what must have been
intended.

Michael
2010-01-07 11:07:56 +01:00
Michael Adam
7ac18c743b s3:auth:sam_password_ok: enhance readability (imho) by adding some pointers
and removing bool variables and several checks.

Michael
2010-01-07 11:07:55 +01:00
Michael Adam
b5fcb34d6c s3:check_sam_security: untangle assignment from statement
Michael
2010-01-07 11:07:55 +01:00
Stefan Metzmacher
c9b6ad2500 s3:ntlmssp: change get_challange() to return NTSTATUS
metze
2009-12-29 17:06:22 +01:00
Andrew Bartlett
802e9328ed s3:ntlmssp: only include ntlmssp.h where actually needed
Andrew Bartlett
2009-12-22 21:07:53 +01:00
Karolin Seeger
71018ebe53 s3:auth: Fix typo in debug message.
Karolin
2009-12-07 14:38:18 +01:00
Michael Adam
0ac3c1693c s3:fix a comment typo
Michael
2009-11-14 01:28:58 +01:00
Michael Adam
2e3d9abeaf s3:is_trusted_domain: shortcut if domain name == global_sam_name
A domain can't have a trust with itself.
This saves some roundtrips to the ldap server for ldapsam.

Michael
2009-11-14 01:28:57 +01:00
Michael Adam
144c23893e s3:is_trusted_domain: shortcut if domain name is NULL or empty
This saves some roundtrips to LDAP in an ldapsm setup.

Michael
2009-11-14 01:28:57 +01:00
Björn Jacke
ec49f28a52 s3/pam: move variable declaration into belonging ifdef section
This fixes a unused variable 'addr' warning on some platforms
2009-11-13 23:32:04 +01:00
Jeremy Allison
5363d6e62c Ensure all callers to the rpc_client/cli_pipe functions correctly
initialize return variables.
Jeremy.
2009-11-12 13:56:33 -08:00
Günther Deschner
463b1eb2b5 s3-passdb: cleanup some callers of pdb_get_trusteddom_pw().
Guenther
2009-11-03 22:10:31 +01:00
Günther Deschner
ebe0e64ba9 s3: use enum netr_SchannelType all over the place.
Guenther
2009-10-13 10:21:46 +02:00
Günther Deschner
799f8d7e13 schannel: fully share schannel sign/seal between s3 and 4.
Guenther
2009-09-16 01:55:06 +02:00
Günther Deschner
d3af0346c8 s3-dcerpc: use dcerpc_AuthLevel and remove duplicate set of flags.
Guenther
2009-09-15 17:49:34 +02:00
Günther Deschner
bea8e5fa60 s3-rpc_client: add dcerpc_transport_t to cli_rpc_pipe_open_schannel().
Guenther
2009-09-11 09:59:04 +02:00
Jeremy Allison
da9356711b Implement Metze's suggestion of trying getpwuid(0) then getpwnam(root).
Jeremy.
2009-08-22 09:40:58 -07:00
Jeremy Allison
47c7063dc6 Try and fix the buildfarm by using getpwnam(root) instead
of getpwuid(0) if DEVELOPER is defined. I'm hoping the
build farm defines DEVELOPER...
Jeremy.
2009-08-21 21:08:02 -07:00
Michael Adam
6afb02cb53 s3: fix bug #6650, authentication at member servers when winbindd is not running
Authentication of domain users on the member server fails when winbindd
is not running. This is because the is_trusted_domain() check  behaves
differently when winbindd is running and when it isn't:
Since wb_is_trusted_domain() calls wbcDomainInfo(), and this will also
give a result for our own domain, this succeeds for the member
server's own domain when winbindd is running. When winbindd is not
running, is_trusted_domain() checks (and possibly updates) the trustdom
cache, and this does the lsa_EnumTrustDom() rpc call to the DC which
does not return its own domain.

In case of winbindd not running, before 3.4, the domain part was _silently_
mapped to the workgroup in auth_util.c:make_user_info_map(),
which effectively did nothing in the member case.

But then the parameter "map untrusted to domain" was introduced
and the mapping was made to the workstation name instead of
the workgroup name by default unless "map untrusted to domain = yes".
(Commits
 d8c54fddda,
 5cd4b7b7c0, and
 fbca269239)
This was ok as long as winbindd was running, but with winbindd not running,
these changes actually uncovered the above logic bug in the check.

So the correct check is to treat the workgroup as trusted / or known
in the member case. This is most easily achieved by not comparing the
domain name against get_global_sam_name() which is the host name unless
for a DC but against my_sam_name() which is the workgroup for a DC and for
a member, too. (These names are not very intuitive...)

I admit that this is a very long commit message for a one-liner, but this has
needed some tracking down, and I think the change deserves some justification.

Michael
2009-08-21 12:41:31 -07:00
Jeremy Allison
8c347ed177 Fix bug #6647 - get_root_nt_token: getpwnam("root") failed!
Not all systems may have a "root" user, but all must have a passwd
entry for a uid of zero.
Jeremy.
2009-08-19 16:55:26 -07:00
Jeremy Allison
5d05d22999 Added prefer_ipv4 bool parameter to resolve_name().
W2K3 DC's can have IPv6 addresses but won't serve
krb5/ldap or cldap on those addresses. Make sure when
we're asking for DC's we prefer IPv4.
If you have an IPv6-only network this prioritizing code
will be a no-op. And if you have a mixed network then you
need to prioritize IPv4 due to W2K3 DC's.
Jeremy.
2009-07-28 11:51:58 -07:00
Jeremy Allison
9f0bdd4e17 Remove an unused talloc context.
Jeremy.
2009-07-16 18:12:17 -07:00
Jeremy Allison
74c405db40 Tidyup prompted by #6554 - Wrong deallocation in sam_account_ok.
Jeremy.
2009-07-16 09:54:14 -07:00
Stefan Metzmacher
75d03970b7 s3:smbd: move more session specific globals to struct smbd_server_connection
metze
2009-06-03 17:54:37 +02:00
Stefan Metzmacher
e16e7146b3 s3:smbd: move negprot related globals to struct smbd_server_connection
metze
2009-06-03 17:54:37 +02:00
Steven Danneman
fbca269239 s3/auth map NULL domains to our global sam name
This is an addendum to d8c54fdd, which made make_user_info_map() match
Windows behavior by mapping untrusted domains given to smbd on the wire
with the users credentials to smbd's global sam name.

This fix was being circumvented in the case where the client passed
a NULL domain.  Vista clients do this.  In that case smbd was always
remapping the name to the machine workgroup.  The NULL domain case
should also be mapped to the global sam name.

Removing the code in this patch, causes us to fall down to the logic
added in d8c54fdd and properly map the domain.
2009-05-28 13:21:15 -07:00
Dan Sledz
c71d4530b4 s3 auth: Make debug message louder and more useful 2009-05-12 17:13:40 -07:00
Jeremy Allison
b4c9cfb2af Fix a bunch of compiler warnings about wrong format types.
Should make Solaris 10 builds look cleaner.
Jeremy.
2009-05-11 21:56:57 -07:00
Günther Deschner
2d5e0eadb8 s3-auth: use full 16byte session key in make_user_info_netlogon_interactive().
Patch from Jeremy.

With this patch, I was able to join Windows 7 RC to a Samba3 DC, and login into a
Samba 3 Domain.

There are still two registry settings required:

        HKLM\System\CCS\Services\LanmanWorkstation\Parameters
	            DWORD  DomainCompatibilityMode = 1
		    DWORD  DNSNameResolutionRequired = 0

Do *not* modify the other netlogon registry parameters that were passed around,
they weaken security.

Guenther
(cherry picked from commit b5097d54cb)
2009-05-07 19:25:46 +02:00
Jeremy Allison
d47669684d Fix bug #6291 - force user stop working.
A previous fix broke the invariant that *uid is always
initialized on return from create_token_from_username().
Restore it.
Jeremy.
2009-04-28 11:07:51 -07:00
Andrew Bartlett
8ee7b4ce29 s3:auth Fix segfault: Always initialise returned session keys 2009-04-19 21:50:13 +02:00
Andrew Bartlett
baf7274fed Make Samba3 use the new common libcli/auth code
This is particuarly in the netlogon client (but not server at this
stage)
2009-04-14 16:23:44 +10:00
Andrew Bartlett
f28f113d8e Rework Samba3 to use new libcli/auth code (partial)
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).

We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server

Andrew Bartlett
2009-04-14 16:23:35 +10:00
Günther Deschner
01a942d8ab s3-auth: rename static smb_create_user(). Sorry...
Guenther
2009-04-01 21:44:14 +02:00
Steven Danneman
61bedb4263 s3: fix guest auth when winbindd is running
This fix is very subtle.  If a server is configured with "security = share"
and "guest ok = yes" and winbindd is running authorization will fail during
tree connect.

This is due to our inability to map the guest sid S-1-5-21-X-501 to a uid
through sid_to_uid().  Winbindd is unaware of the hard coded mapping
between this sid and whatever uid the name in lp_guestaccount() is assigned.
So sid_to_uid() fails and we exit create_token_from_username() without
ever calling pdb_getsampwsid() which IS aware of the hard coded mapping.

This patch just reorganizes the code, moving sid_to_uid() down to the
block of code in which it is needed, avoiding this early failure.
2009-02-26 19:47:43 -08:00
Tim Prouty
662f996b15 s3: Fix 'assignment differ in signedness' warning 2009-02-25 00:14:23 -08:00
Dan Sledz
aeab22b55c s3: Rename auth_onefs_wb and pdb_onefs_sam
auth_onefs_wb.c -> auth_wbc.c
pdb_onefs_sam.c -> pdb_wbc_sam.c

No changes to functionality
2009-02-24 16:08:06 -08:00
Tim Prouty
1ff9696306 Revert "s3 auth: Add parameter that forces every user through an NSS lookup"
After the discussion on samba-technical, it was decided that the best
answer for now was to revert this change.  The right way to do this is
to rewrite the token api to use opaque tokens with pluggable modules.

This reverts commit 8e19a28805.
2009-02-21 14:00:14 -08:00
Volker Lendecke
4a2e2c0c12 Fix the build on Solaris 2009-02-21 18:55:35 +01:00
Volker Lendecke
a3127ea9d7 Fix some nonempty blank lines 2009-02-21 14:04:16 +01:00
Volker Lendecke
4aed9abbf8 Remove the static "chal" from ntlmssp.c:get_challenge() 2009-02-21 14:04:14 +01:00
Dan Sledz
c383022f89 Introduce a new authentication backend auth_onefs_wb
This new backend is custom tailored to onefs' unique requirements:
1) No fallback logic
2) Does not validate the domain of the user
3) Handles unencrypted passwords
2009-02-20 19:39:07 -08:00
Zach Loafman
8e19a28805 s3 auth: Add parameter that forces every user through an NSS lookup
When set to yes, "force username map" forces every user, even AD
users, through an NSS lookup. This allows the token to be overridden
with information from NSS in certain broken environments.
2009-02-16 00:29:21 -08:00
Stefan Metzmacher
e7f7ed8bf6 s3:auth: only create_local_token() should add S-1-22-X-Y sids
metze
2009-02-13 10:40:37 +01:00
Stefan Metzmacher
f14e4d4e54 s3:auth: add S-1-22-X-Y sids to the local token
metze
2009-02-13 10:40:37 +01:00
Steven Danneman
5cd4b7b7c0 s3: Added new parameter "map untrusted to domain"
When enabled this reverts smbd to the legacy domain remapping behavior when
a user provides an untrusted domain

This partially reverts d8c54fdd
2009-02-12 13:55:44 -08:00
Dan Sledz
d8c54fddda s3: Change behavior when seeing an unknown domain.
After a lot of testing against various Windows servers (W2K, W2K3, W2K8),
within an AD domain it seems that unknown domains will only be translated
to the local account domain, not the netbios name of the member server's
domain.  This makes samba act more like Windows.
2009-02-11 19:39:18 -08:00
Dan Sledz
4e69f23857 Fix double free caused by incorrect talloc_steal usage. 2009-02-11 19:39:14 -08:00
todd stecher
9d4d2f70cb S3: Fixes for coverity issues. 2009-02-10 14:43:14 -08:00
Volker Lendecke
1cbc58d3be Fix some nonempty blank lines 2009-02-10 21:55:13 +01:00
Volker Lendecke
9b3cce096c Fix a valgrind error: rpc_bind talloc_move()s the auth struct 2009-02-04 18:11:46 +01:00
Volker Lendecke
8eb562a81d Ensure null termination of the password in mymachinepw, remove a debug 2009-02-04 18:11:46 +01:00
todd stecher
989ad44d32 Memory leaks and other fixes found by Coverity 2009-01-21 17:13:03 -08:00
Volker Lendecke
2bb1266796 Fix a typo 2009-01-21 11:21:00 +01:00
Volker Lendecke
d7d251f8c7 Fix some nonempty blank lines 2009-01-20 23:10:16 +01:00
Volker Lendecke
bb8ca0fdbf Make cli_negprot return NTSTATUS instead of bool 2008-12-19 10:28:30 +01:00
Jeremy Allison
15e1fd7c54 Fix bug #1254 - write list not working under share-level security
A somewhat more elegant fix than I could use for 3.2.x or 3.0.x.
Turns out the only part of check_user_ok() that needs to change
for share level security is the VUID cache pieces, so I can just
always use check_user_ok() for all lp_security() cases.
Jeremy
2008-12-04 11:20:57 -08:00
Volker Lendecke
3c98d5bd98 Make memcache_add_talloc NULL out the source pointer
This is an orthogonality measure to make clear this pointer now belongs to the
cache.
(cherry picked from commit e6080c6e87d6fe3995b121a772bf3f6343fa666f)
2008-11-14 20:27:46 +01:00
Jeremy Allison
8962be69c7 Make us clean under valgrind --leak-check=full by using talloc_autofree_context() instead of NULL.
Remove the code in memcache that does a TALLOC_FREE on stored pointers. That's a disaster waiting
to happen. If you're storing talloc'ed pointers, you can't know their lifecycle and they should
be deleted when their parent context is deleted, so freeing them at some arbitrary point later
will be a double-free.
Jeremy.
2008-11-06 20:48:13 -08:00
Jeremy Allison
8b4b5c3a92 Add wrapper str_list_make_v3() to replace the old S3 behavior of
str_list_make(). From Dan Sledz <dan.sledz@isilon.com>:
In samba 3.2 passing NULL or an empty string returned NULL.
In master, it now returns a list of length 1 with the first string set
to NULL (an empty list).
Jeremy.
2008-11-06 18:53:00 -08:00
Jelmer Vernooij
d6a5476ee7 Use sockaddr_storage only where we rely on the size, use sockaddr
otherwise (to clarify we can also pass in structs smaller than
sockaddr_storage, such as sockaddr_in).
2008-10-23 19:53:15 +02:00
Jelmer Vernooij
aa982895e5 Add data_blob_string_const_null() function that includes the terminating
null byte and use it in Samba 3.

This matches the behaviour prior to my data_blob changes.
2008-10-13 05:20:26 +02:00
Jelmer Vernooij
218f482fbf Use common strlist implementation in Samba 3 and Samba 4. 2008-10-12 00:56:56 +02:00
Jelmer Vernooij
cb78d4593b Cope with changed signature of http_timestring(). 2008-10-11 23:57:44 +02:00
Volker Lendecke
439086099a Add netlogond auth method
This authenticates against a local running samba4 using SamLogonEx. We retrieve
the machine password using samba4's mymachinepwd script and store the schannel
key for re-use in secrets.tdb.
2008-10-06 09:54:17 +02:00
Jeremy Allison
f6c883b4b0 Simply our main loop processing. A lot :-). Correctly use events for all the previous "special" cases.
A step on the way to adding signals to the events and being able to merge the S3 event system with
the S4 one.
Jeremy.
2008-10-03 14:18:35 -07:00
Simo Sorce
3fa16da8c7 Revert "Split lookup_name() and create a new functiong called"
This reverts commit 8594edf666.
(This used to be commit ad462e2e2d)
2008-09-03 14:36:43 -04:00
Simo Sorce
a1de4e988d Merge branch 'v3-devel' of ssh://git.samba.org/data/git/samba into v3-devel
(This used to be commit e038f1cf9f)
2008-08-26 18:56:49 -04:00
Günther Deschner
ab5076d9fd auth: Fix build warning.
Guenther
(This used to be commit 4661ef625a)
2008-08-25 11:36:56 +02:00
Simo Sorce
5e7655fa27 Split lookup_name() and create a new functiong called
lookup_domain_name(). This new function accept separated
strings for domain and name.
(This used to be commit 8594edf666)
2008-08-17 19:54:41 -04:00
Jeremy Allison
8bda4e059e Fix show-stopper for 3.2. Smbd depends on group SID
position zero being the primary group sid. Authenicating
via winbindd call returned a non-sorted sid list. This
fixes is for both a winbindd call and a pac list from
an info3 struct. Without this we mess up the
primary group associated with created files. Found by
Herb.
Jeremy.
(This used to be commit cb925dec85)
2008-08-14 21:52:11 -07:00
Jeremy Allison
9ab5cffcfa Make it clear that this is a temporary context byusing a talloc stackframe instead.
Jeremy
(This used to be commit 7f7dd5e888)
2008-08-14 14:36:02 -07:00
Tim Prouty
f18076cb32 Removed redundant logging from create_builtin_users and create_builtin_administrators
The Debug messages in create_builtin_users and create_builtin_users have now
been encapsulated in add_sid_to_builtin.
(This used to be commit ca153139b1)
2008-07-30 15:00:49 -07:00
Tim Prouty
097b27dbcc Enabled domain groups to be added to builtin groups at domain join time
Previously this was done at token creation time if the Administrators and Users
builtins hadn't been created yet.  A major drawback to this approach is that if
a customer is joined to a domain and decides they want to join a different
domain, the domain groups from this new domain will not be added to the
builtins.

It would be ideal if these groups could be added exclusively at domain join
time, but we can't rely solely on that because there are cases where winbindd
must be running to allocate new gids for the builtins.  In the future if there
is a way to allocate gids for builtins without running winbindd, this code
can be removed from create_local_nt_token.

- Made create_builtin_users and create_builtin_administrators non-static so
they can be called from libnet
- Added a new function to libnet_join that will make a best effort to add
domain administrators and domain users to BUILTIN\Administrators and
BUILTIN\Users, respectively.  If the builtins don't exist yet, winbindd must be
running to allocate new gids, but if the builtins already exist, the domain
groups will be added even if winbindd is not running.  In the case of a
failure the error will be logged, but the join will not be failed.
- Plumbed libnet_join_add_dom_rids_to_builtins into the join post processing.
(This used to be commit e92faf5996)
2008-07-30 14:06:36 -07:00
Tim Prouty
bbb02aa8e9 Refactored the code that adds Domain Admins to BUILTIN\Administrators to use the new helper functions.
- Modified create_builtin_administrators and add_builtin_administrators to take
in the domain sid to reduce the number of times it needs to be looked up.
- Changed create_builtin_administrators to call the new helper functions.
- Changed create_local_nt_token to call the new version of
create_builtin_administrators and handle the new error that can be returned.
- Made it more explicit that add_builtin_administrators is only called when
winbindd can't be pinged.
(This used to be commit f6411ccb4a)
2008-07-30 14:06:15 -07:00
Tim Prouty
fb41bb762f Refactored the code that adds Domain Users to BUILTIN\Users to use the new helper functions.
- Modified create_builtin_users to take in the domain sid to reduce the number
of times it needs to be looked up.
- Changed create_builtin_users to call the new helper functions.
- Changed create_local_nt_token to call the new version of create_builtin_users
and handle the new error that can be returned.
(This used to be commit 8d75d40b9f)
2008-07-30 14:06:00 -07:00
Tim Prouty
f738f9f7c9 Helper functions to enable domain groups to be added to builtin groups at domain join time
Added two new helper functions which wrap the raw pdb alias functions so they
can be more conveniently called while adding domain groups to builtin groups.
(This used to be commit 668ef31455)
2008-07-30 14:03:13 -07:00
Zach Loafman
06d0790c07 Fix various build warnings
This fixes various build warnings on our platform. I'm sure I haven't
caught them all, but it's a start.
(This used to be commit 6b73f259cb)
2008-07-22 15:00:48 +02:00
Volker Lendecke
99526d391d Refactoring: Change calling conventions for cli_rpc_pipe_open_schannel
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit 1fcfca007f)
2008-07-20 17:37:14 +02:00
Volker Lendecke
1335da2a7c Refactoring: Change calling conventions for cli_rpc_pipe_open_noauth
Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS
(This used to be commit 9abc9dc4dc)
2008-07-20 17:37:11 +02:00
Jeremy Allison
799252f635 Fix the non-LDAP, non-krb5 build, fix gcc -O3 warnings.
Jeremy.
(This used to be commit 9e2ab30d3c)
2008-06-26 19:46:18 -07:00
Volker Lendecke
d331624fdf Add server_info to pipes_struct
(This used to be commit d621867bb8)
2008-06-26 13:13:22 +02:00
Jeremy Allison
da70f8ab1e Fix for bug #5551, smbd recursing back into winbindd from a winbindd call.
Jeremy.
(This used to be commit a07fe72538)
2008-06-24 18:01:59 -07:00
Jeremy Allison
ee6b168e6e Fix bug #5555. Don't return NT_STATUS_PASSWORD_MUST_CHANGE error on machine account logon.
Jeremy.
(This used to be commit 10da498a23)
2008-06-24 16:37:15 -07:00
Volker Lendecke
40f5eab5eb Wrap the unix token info in a unix_user_token in auth_serversupplied_info
No functional change, this is a preparation for more current_user ref removal
(This used to be commit dcaedf345e)
2008-06-19 18:51:37 +02:00
Volker Lendecke
4f0626ee09 Fix security=server, bug 5502
This has brown paper bag quality and is definitely needed for 3.2.0.

Thanks to Orion Poplawski for reporting this!

Volker
(This used to be commit 3b31f8cce3)
2008-05-30 11:46:34 +02:00
Volker Lendecke
87803073ec Make sure we have serversupplied_info->sanitized_username everywhere
(This used to be commit 88423a17b9)
2008-05-11 00:25:55 +02:00
Volker Lendecke
b446bb05d0 Add function make_serverinfo_from_username()
This will be used for 'security=share' and 'force user'
(This used to be commit 88e43097ca)
2008-05-10 11:17:00 +02:00
Volker Lendecke
0283e95a7c Add a mem_ctx argument to make_server_info_guest()
(This used to be commit e4a9492967)
2008-05-10 11:16:59 +02:00
Volker Lendecke
505205b1cb Make copy_serverinfo non-static, add mem_ctx
(This used to be commit a3651ced9e)
2008-05-10 11:16:59 +02:00
Volker Lendecke
64ddd381b7 Rename server_info->was_mapped to server_info->nss_token
"nss_token" from my point of view much better reflects what this flag actually
represents
(This used to be commit b121a5acb2)
2008-05-07 14:47:29 +02:00
Volker Lendecke
bec1dfab27 Remove "userdom_struct user" from "struct user_struct"
(This used to be commit 420de03523)
2008-05-05 18:28:59 +02:00
Volker Lendecke
a683625d7f Fix a typo
(This used to be commit 964bd02220)
2008-05-05 18:28:59 +02:00
Volker Lendecke
dd11f1d8a8 Remove unused set_current_user_guest()
(This used to be commit a33e8d2ffa)
2008-05-05 18:28:59 +02:00
Gerald W. Carter
d6aa45d29c BUG 5429: Clarify log msgs re: failure to create BUILTIN\{Administrators,Users}
Raise the debug msgs from Lvl 0 in the create_builtin_XX() functions
to prevent unnecessary panic from people reading the logs.
(This used to be commit 2983b9dc79)
2008-04-30 09:43:00 -05:00
Michael Adam
b64be89a6d auth: add SeDiskOperatorsPrivilege to get_root_nt_token to fix registry shares.
Michael
(This used to be commit 6bb107b17d)
2008-04-15 20:41:14 +02:00
Karolin Seeger
a8124367b4 Fix typos.
Karolin
(This used to be commit 6cee347035)
2008-04-09 16:14:04 +02:00
Günther Deschner
bea4541e11 Use sid_array_from_info3 in lookup_usergroups_cached().
Guenther
(This used to be commit 65b4cb20ea)
2008-04-04 02:53:40 +02:00
Günther Deschner
99d3590455 Fix NETLOGON credential chain with Windows 2008 all over the place.
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8
netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate
flags everywhere (not only when running in security=ads). Only for NT4 we need
to do a downgrade to the returned negotiate flags.

Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6.

Guenther
(This used to be commit 0970369ca0)
2008-04-02 11:12:47 +02:00
Günther Deschner
5b8591c05f Add debug statement in auth_winbind to display wbcAuthenticateUserEx error code.
Guenther
(This used to be commit 0ad00a452f)
2008-03-26 01:29:56 +01:00
Günther Deschner
e3731bd148 Fix crash bug in check_sam_security() when make_server_info_sam() did a
talloc_steal and talloc_free on the sam account already.

Guenther
(This used to be commit dbc7237a8a)
2008-03-20 00:54:20 +01:00
Volker Lendecke
6b2da4d2f4 Fix bug 5317
Thanks to oster@cs.usask.ca
(This used to be commit f18a805759)
2008-03-14 22:23:44 +01:00
Volker Lendecke
1ebfc66b2c Use a separate tdb for mutexes
Another preparation to convert secrets.c to dbwrap: The dbwrap API does not
provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC
mutex is needed per-node anyway, so it is perfectly fine to use a local mutex
only.
(This used to be commit f94a63cd8f)
2008-03-10 21:08:45 +01:00
Günther Deschner
23cd8e5ea7 Be more verbose why create local token has failed during
NTLMSSP and Kerberos session setup

Guenther
(This used to be commit 18b8c2c19e)
2008-03-06 12:27:11 +01:00
Günther Deschner
7dfeae6073 Use netr_SamInfo3 in remaining places.
Guenther
(This used to be commit 92fca97951)
2008-02-17 02:12:01 +01:00
Günther Deschner
c52dcc7b92 Use netr_SamInfo3 in make_server_info_info3().
Guenther
(This used to be commit 5866c11b28)
2008-02-17 02:11:59 +01:00
Jeremy Allison
4f1cc7b495 Allow auth_ntlmssp_end() to ignore null pointers passed in.
Jeremy.
(This used to be commit b7628f3a47)
2008-02-14 18:05:37 -08:00
Stefan Metzmacher
b397b5cb8f auth_winbind: use wbcAuthenticateUserEx()
smbd doesn't need $(WBCOMMON_OBJ) anymore,
it works with any libwbclient.so now
and may talk to an older winbindd.

metze
(This used to be commit e3435930a3)
2008-02-13 13:30:16 +01:00
Karolin Seeger
95eb2f2eba Fix typo.
Karolin
(This used to be commit 906e19bad4)
2008-02-05 16:23:09 +01:00
Volker Lendecke
2762b9a975 Always pass a TALLOC_CTX to str_list_make and str_list_copy
(This used to be commit e2c9fc4cf5)
2008-02-04 20:57:49 +01:00
Volker Lendecke
b47672656b tiny simplification
(This used to be commit 22e49ef2c0)
2008-02-04 19:41:04 +01:00
Andreas Schneider
691c4b1a41 Windows 2008 (Longhorn) auth2 flag fixes.
Interop fixes for AD specific flags. Original patch from Todd Stetcher.
(This used to be commit 5aadfcdaac)
2008-01-23 14:55:22 -08:00
Jeremy Allison
b47d491489 Fix CID 460 - resource leak on error.
Jeremy.
(This used to be commit d61831164b)
2008-01-08 18:48:04 -08:00
Michael Adam
f3603d5a5a Convert add_sid_to_array() add_sid_to_array_unique() to return NTSTATUS.
Michael
(This used to be commit 6b2b9a60ef)
2008-01-09 01:47:10 +01:00
Jeremy Allison
99e349b35d More logical operations on booleans. IBM checker.
Jeremy.
(This used to be commit e289a0c859)
2008-01-04 23:24:15 -08:00
Volker Lendecke
99bd615a80 Fix a panic
get_root_nt_token asks for "struct nt_user_token". talloc_get_type is not smart
enough to see that this is the same as NT_USER_TOKEN... :-)
(This used to be commit 22a98bf7b8)
2007-12-29 21:42:56 +01:00
Volker Lendecke
245537f9bd Convert get_root_nt_token to memcache
(This used to be commit fada689893)
2007-12-28 17:24:39 +01:00
Volker Lendecke
533d6f617e Remove static zeros
(This used to be commit dbcc213710)
2007-12-28 17:02:34 +01:00
James Peach
4dc0c1b88b Fix "may be used uninitialized" compiler warnings.
(This used to be commit 22ac34a329)
2007-12-22 14:10:06 -08:00
Gerald (Jerry) Carter
59ce7650f2 De-couple smbd from staticly linking against winbindd client files.
Implements a wrapper layer in winbind_util.c which are just stubs
if compiled --without-winbind.  When building with winbindd, it
is now required to build the libwbclient DSO first (in the Makefile)
and then either set LD_LIBRARY_PATH or /etc/ld.so.conf to pick up the
library PATH.
(This used to be commit 42787bccff)
2007-12-21 11:59:56 -06:00
Volker Lendecke
e518e19bc0 Remove Get_Pwnam and its associated static variable
All callers are replaced by Get_Pwnam_alloc
(This used to be commit 735f593154)
2007-12-19 21:09:10 +01:00
Jeremy Allison
5bfe3c49a1 Correctly define prototypes for accessor functions.
Jeremy.
(This used to be commit 299ea5d122)
2007-12-17 17:13:31 -08:00
Jeremy Allison
2b0a570c77 More static fstring removal.
Jeremy.
(This used to be commit dcf624aa02)
2007-12-17 17:02:48 -08:00
Michael Adam
3fa2183941 Reformat: Remove trailing spaces.
Michael
(This used to be commit 5249b3d204)
2007-12-17 13:25:49 +01:00
Michael Adam
720c65faed Fix flags in caller of lookup_name() in create_builtin_administrators().
Michael
(This used to be commit 46bfbf5c8a)
2007-12-17 13:06:09 +01:00
Jeremy Allison
26daf2b479 Remove another static string and static passwd.
Jeremy.
(This used to be commit 2a700c5a57)
2007-12-16 18:32:03 -08:00
Volker Lendecke
900288a2b8 Replace sid_string_static by sid_string_dbg in DEBUGs
(This used to be commit bb35e794ec)
2007-12-15 22:09:36 +01:00
Volker Lendecke
105635e23c Use sid_string_talloc where we have a tmp talloc ctx
(This used to be commit f00ab810d2)
2007-12-15 22:09:35 +01:00
Michael Adam
0d8146d5de Fix typo in debug statement.
Michael
(This used to be commit da23684261)
2007-12-13 14:38:05 +01:00
Michael Adam
31f221ed93 Rename get_trust_pw() to get_trust_pw_hash().
Michael
(This used to be commit 0cde7ac9cb)
2007-12-13 10:15:19 +01:00
Michael Adam
f793c99ca5 Let get_trust_pw() determine the machine_account_name to use.
Up to now each caller used its own logic.

This eliminates code paths where there was a special treatment
of the following situation: the domain given is not our workgroup
(i.e. our own domain) and we are not a DC (i.e. it is not a typical
trusted domain situation). In situation the given domain name was
previously used as the machine account name, resulting in an account
name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me.
get_trust_pw would not have obtained a password in this situation
anyways.

I hope I have not missed an important point here!

Michael
(This used to be commit 6ced4a7f88)
2007-12-13 10:15:17 +01:00
Volker Lendecke
af082d096e Correctly unbecome_root() on error
(This used to be commit aec5f15126)
2007-12-10 12:37:37 +01:00
Volker Lendecke
0cdcd255a5 Fix two incompatible pointer warnings
Jeremy, please check
(This used to be commit 60500fac30)
2007-12-08 09:39:20 -08:00
Jeremy Allison
42cfffae80 Remove next_token - all uses must now be next_token_talloc.
No more temptations to use static length strings.
Jeremy.
(This used to be commit ec003f3936)
2007-12-07 17:32:32 -08:00
Jeremy Allison
6b6655edd9 Remove pstrings from everything except srv_spoolss_nt.c.
Jeremy.
(This used to be commit 0002a9e96b)
2007-11-27 14:35:30 -08:00
Jeremy Allison
d07eabcb44 Remove pstring from auth/*
Jeremy.
(This used to be commit 72c19d114b)
2007-11-14 10:37:18 -08:00
Jeremy Allison
052efa9a33 Remove last pstring from smbd/*.c
Jeremy.
(This used to be commit f1680bada9)
2007-11-13 12:51:31 -08:00
Jeremy Allison
5b0b4f23ef Remove most of the remaining globals out of lib/util_sock.c.
I have a plan for dealing with the remaining..... Watch
this space.
Jeremy.
(This used to be commit 963fc76852)
2007-11-03 23:20:10 -07:00
Jeremy Allison
25074433f4 I can't get away without a 'length' arg. :-).
Jeremy.
(This used to be commit 95d01279a5)
2007-11-03 18:41:26 -07:00
Jeremy Allison
6658165d5e Stop get_peer_addr() and client_addr() from using global
statics. Part of my library cleanups.
Jeremy.
(This used to be commit e848506c85)
2007-11-03 18:15:45 -07:00
Jeremy Allison
f88b7a076b This is a large patch (sorry). Migrate from struct in_addr
to struct sockaddr_storage in most places that matter (ie.
not the nmbd and NetBIOS lookups). This passes make test
on an IPv4 box, but I'll have to do more work/testing on
IPv6 enabled boxes. This should now give us a framework
for testing and finishing the IPv6 migration. It's at
the state where someone with a working IPv6 setup should
(theorecically) be able to type :
smbclient //ipv6-address/share
and have it work.
Jeremy.
(This used to be commit 98e154c312)
2007-10-24 14:16:54 -07:00
Jeremy Allison
30191d1a57 RIP BOOL. Convert BOOL -> bool. I found a few interesting
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3c)
2007-10-18 17:40:25 -07:00
Michael Adam
ea33a1c22f Add become_root/unbecome_root around one call of getsampwsid()
in create_token_from_username(). This caused set_nt_acl to
partially fail in certain circumstances.

This is expected to bring an improvement to bug #4308.

Michael
(This used to be commit e68671b595)
2007-10-12 13:20:07 +02:00
Jeremy Allison
8e54530b52 Add start of IPv6 implementation. Currently most of this is avoiding
IPv6 in winbindd, but moves most of the socket functions that were
wrongly in lib/util.c into lib/util_sock.c and provides generic
IPv4/6 independent versions of most things. Still lots of work
to do, but now I can see how I'll fix the access check code.
Nasty part that remains is the name resolution code which is
used to returning arrays of in_addr structs.
Jeremy.
(This used to be commit 3f6bd0e1ec)
2007-10-10 18:25:16 -07:00
Gerald (Jerry) Carter
e5a951325a [GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch.
(This used to be commit 5c6c8e1fe9)
2007-10-10 15:34:30 -05:00
Michael Adam
57482469b3 r25598: Add missing become_root/unbecome_root around calls of add_aliases.
This triggered a "cannot access LDAP when not root"-bug with
"passdb backend = ldap" and "winbind nested groups = yes".

This *might* be a step towards fixing bug #4308, since the
failure was observerd when triggered by acl code.

Michael
(This used to be commit ba8c48244e)
2007-10-10 12:31:17 -05:00
Gerald Carter
5221ebb299 r25407: Revert Longhorn join patch as it is not correct for the 3.2 tree.
The translate_name() used by cli_session_setup_spnego() cann rely
Winbindd since it is needed by the join process (and hence before
Winbind can be run).
(This used to be commit 00a93ed336)
2007-10-10 12:31:03 -05:00
Gerald Carter
99b031e190 r25401: BUG 4982: Don't delete lanman hashes on invalid logins when
using the "lanman auth = no".  Tested by Guenter Kukkukk.
(This used to be commit 611fdd95a5)
2007-10-10 12:31:02 -05:00
Gerald Carter
3529156971 r25400: Windows 2008 (Longhorn) Interop fixes for AD specific auth2 flags,
and client fixes.  Patch from Todd Stetcher <todd.stetcher@isilon.com>.
(This used to be commit 8304ccba73)
2007-10-10 12:31:02 -05:00
Günther Deschner
4b4a3c7df1 r23928: Merge all "copy-info3-groups-to-sid-array" blocks to a sid_array_from_info3()
function.

Guenther
(This used to be commit 1e1e480115)
2007-10-10 12:28:45 -05:00
Andrew Tridgell
153cfb9c83 r23801: The FSF has moved around a lot. This fixes their Mass Ave address.
(This used to be commit 87c91e4362)
2007-10-10 12:28:27 -05:00
Andrew Tridgell
5e54558c6d r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text
(This used to be commit b0132e94fc)
2007-10-10 12:28:22 -05:00
Jeremy Allison
d824b98f80 r23779: Change from v2 or later to v3 or later.
Jeremy.
(This used to be commit 407e6e695b)
2007-10-10 12:28:20 -05:00
Jeremy Allison
ce02d0dfcb r23554: Fix bug #4711 by makeing cli_connect return an NTSTATUS.
Long overdue fix....
Jeremy.
(This used to be commit 073fdc5a58)
2007-10-10 12:23:28 -05:00
Jeremy Allison
a4354d399d r23530: Fix bugs #4678 and #4697 which had the same root cause.
In make_server_info_pw() we assign a user SID in our
authoritative SAM, even though this may be from a
pure "Unix User" that doesn't exist in the SAM.
This causes lookups on "[in]valid users" to fail as they
will lookup this name as a "Unix User" SID to check against
the user token. Fix this by adding the "Unix User"\unix_username
SID to the sid array. The correct fix should probably be
changing the server_info->sam_account user SID to be a
S-1-22 Unix SID, but this might break old configs where
plaintext passwords were used with no SAM backend.
Jeremy
(This used to be commit 80d1da7e6c)
2007-10-10 12:23:26 -05:00
Michael Adam
6090601c8b r23485: This checkin consists mostly of refactorings in preparation of the
activation of global registry options in loadparm.c, mainly to
extract functionality from net_conf.c to be made availabel elsewhere
and to minimize linker dependencies.

In detail:

* move functions registry_push/pull_value from lib/util_reg.c to new file
  lib/util_reg_api.c

* create a fake user token consisting of builtin administrators sid and
  se_disk_operators privilege by hand instead of using get_root_nt_token()
  to minimize linker deps for bin/net.

  + new function registry_create_admin_token() in new lib/util_reg_smbconf.c
  + move dup_nt_token from auth/token_util.c to new file lib/util_nttoken.c
  + adapt net_conf.c and Makefile.in accordingly.

* split lib/profiles.c into two parts: new file lib/profiles_basic.c
  takes all the low level mask manipulation and format conversion functions
  (se_priv, privset, luid). the privs array is completely hidden from
  profiles.c by adding some access-functions. some mask-functions are not
  static anymore.

  Generally, SID- and LUID-related stuff that has more dependencies
  is kept in lib/profiles.c

* Move initialization of regdb from net_conf.c into a function
  registry_init_regdb() in lib/util_reg_smbconf.c.

Michael
(This used to be commit efd3e2bfb7)
2007-10-10 12:23:21 -05:00
Jeremy Allison
55ac16ba74 r23358: Fix from Justin Maggard <jmaggard@infrant.com> - ensure we don't
expire a password if it's explicitly set as ACB_PWNOTREQ.
Jeremy.
(This used to be commit 2ea5a6bd33)
2007-10-10 12:23:09 -05:00
James Peach
f4ae285763 r23095: Support systems that have their PAM headers in /usr/include/pam.
(This used to be commit f1e8de4b57)
2007-10-10 12:22:45 -05:00
Jeremy Allison
0b38bfa9ea r22956: Fix security=server (bug #4622). Volker's patch
(slightly truncated by me). Will be in 3.0.25a.
Jeremy.
(This used to be commit 039fb906af)
2007-10-10 12:22:11 -05:00
Volker Lendecke
9b48f7d76d r22953: Well, this apparently has never been tested. But *this* code never saw a
release yet .... ;-))
(This used to be commit f93b6353fe)
2007-10-10 12:22:11 -05:00
Volker Lendecke
b4a7b7a888 r22844: Introduce const DATA_BLOB data_blob_null = { NULL, 0, NULL }; and
replace all data_blob(NULL, 0) calls.
(This used to be commit 3d3d61687e)
2007-10-10 12:22:01 -05:00
Volker Lendecke
8190e04663 r22819: Fix Bug 4613. We just dumped the must change & friends. With the
pass_last_changed == 0 we now return "Change now!" instead of "Change
never"
(This used to be commit 450e4d94f6)
2007-10-10 12:22:00 -05:00
Volker Lendecke
d4799f5c7a r22740: Move debug_*_user_token to token_utils.c
(This used to be commit 4ad9f8aa61)
2007-10-10 12:21:53 -05:00
Jeremy Allison
be8b0685a5 r22589: Make TALLOC_ARRAY consistent across all uses.
Jeremy.
(This used to be commit 8968808c3b)
2007-10-10 12:19:49 -05:00
Jeremy Allison
12ba88574b r22542: Move over to using the _strict varients of the talloc
calls. No functional changes. Looks bigger than it is :-).
Jeremy.
(This used to be commit f6fa3080fe)
2007-10-10 12:19:44 -05:00
Gerald Carter
36da6cb584 r22390: Patchset sent to samba-technical to address the winbind
loop when allocating a new id for a SID:

auth_util.patch		Revert create_local_token() to
			the 3.0.24 codebase

idmap_type.patch	Have the caller fillin the
			id_map.xid.type field when
			resolving a SID so that if we allocate
			a new id, we know what type to use

winbindd_api.patch	Remove the WINBINDD_SIDS_TO_XIDS calls
			from the public winbindd interface
			for the 3.0.25 release

idmap_rid.patch		Cleanup the idmap_rid backend to not
			call back into winbindd to resolve
			the SID in order to verify it's type.
(This used to be commit 3b24dae9e7)
2007-10-10 12:19:30 -05:00
Volker Lendecke
a40df6f92d r22135: Check in most of Michael Adam's net conf utility. A good share of this patch
is moving functions around to fix some linker dependencies for the registry.

Michael, I've renamed your auth_utils2.c to token_utils.c.

Thanks!

Volker
(This used to be commit 9de16f25c1)
2007-10-10 12:19:16 -05:00
Andrew Bartlett
ccc06f8441 r22022: - Clarify the comments
- make sure never to free an uninitialised variable

- ensure to free result on getpwnam_alloc failure

Andrew Bartlett
(This used to be commit 5fe3328e66)
2007-10-10 12:19:03 -05:00
Andrew Bartlett
fb3835846e r22020: Make it more clear that both the vuser struct and it's contents are
talloc_free()'ed at the end of a session.

Rework the passwd cache code to use talloc_unlink and
talloc_reference, to more carefully manage the cache.

Andrew Bartlett
(This used to be commit e3e0ec25e6)
2007-10-10 12:19:03 -05:00
Stefan Metzmacher
56ba447668 r22001: change prototype of dump_data(), so that it takes unsigned char * now,
which matches what samba4 has.

also fix all the callers to prevent compiler warnings

metze
(This used to be commit fa322f0cc9)
2007-10-10 12:18:59 -05:00
Stefan Metzmacher
5b7c813104 r21999: remove useless casts
metze
(This used to be commit f948005ca6)
2007-10-10 12:18:58 -05:00
Gerald Carter
5b105eaf7c r21940: Sorry Volker, I have to revert your revert in r21935.
We can talk about this later if you still feel that strongly
but I need to fix the build for now.
(This used to be commit c7df0cad82)
2007-10-10 12:18:50 -05:00
Volker Lendecke
719f4657e8 r21935: Revert obviously not sufficiently tested code -- sorry for the pain. I am afraid I was basically off the net for the day
(This used to be commit 08c29abc03)
2007-10-10 12:18:50 -05:00
Volker Lendecke
3fdef9433a r21878: Fix a bug with smbd serving a windows terminal server: If winbind decides smbd
to be idle it might happen that smbd needs to do a winbind operation (for
example sid2name) as non-root. This then fails to get the privileged
pipe. When later on on the same connection another authentication request
comes in, we try to do the CRAP auth via the non-privileged pipe.

This adds a winbindd_priv_request_response() request that kills the existing
winbind pipe connection if it's not privileged.

Volker
(This used to be commit e5741e27c4)
2007-10-10 12:18:42 -05:00
Volker Lendecke
c0e37a7496 r21870: Move sending auth_server keepalives out of the main loop into an idle event.
Volker
(This used to be commit 6226b30f38)
2007-10-10 12:18:41 -05:00
Volker Lendecke
3bd2394b20 r21642: Fix bug 4365. Please note that this was only tested with Vista so far, it
needs testing with other clients as well. I'm afraid I'm visiting a conference
tomorrow and saturday, so I'd be happy to get support in this.

Thanks,

Volker
(This used to be commit 2186e276a0)
2007-10-10 12:18:20 -05:00
Günther Deschner
6784d54a77 r21536: Fix copy/paste typo.
Guenther
(This used to be commit 7edbb636f7)
2007-10-10 12:18:11 -05:00
Jeremy Allison
299e16112d r21383: More possible "security=share" fixes. If a client
is sending LMv2 make sure we test with the password
blob in the LM field as well as the NT field.
Jeremy.
(This used to be commit a6b55beae7)
2007-10-10 12:17:59 -05:00
Jeremy Allison
685ca94ac2 r21128: Fix Vista connecting to Samba in share level security.
Vista sends the NTLMv2 blob by default in the tconX
packet. Make sure we save off the workgroup the user
was logged into on the client in the sessionsetupX
and re-use it for the NTLMv2 calc.
Jeremy.
(This used to be commit 45dcf62960)
2007-10-10 12:17:41 -05:00
Volker Lendecke
b906886e9e r20824: Send access to the trusted domain passwords through the pdb backend, so that
in the next step we can store them in LDAP to be replicated across DCs.

Thanks to Michael Adam <ma@sernet.de>

Volker
(This used to be commit 3c879745cf)
2007-10-10 12:17:10 -05:00
Simo Sorce
c50c8d0dc3 r20774: I thought I committed this before Xmas holidays ...
This change is needed to make it possible to not expire
caches in disconnected mode.

Jerry, please can you look at this and confirm it is ok?

Simo.
(This used to be commit 9e8715e4e1)
2007-10-10 12:17:08 -05:00
Herb Lewis
84cd4d05e0 r20268: merge -r 20261:20263 from samba_3_0_24
get rid of previous prototype warnings
(This used to be commit 90265c83ff)
2007-10-10 12:16:38 -05:00
James Peach
5bb49b08f3 r20237: Replace exit_server with exit_server_cleanly where appropriate. All
send_smb failures should be clean exits. All times when we exit as
a matter of policy should also be clean exits.
(This used to be commit d6382092e7)
2007-10-10 12:16:34 -05:00
Simo Sorce
35a3773a6d r20169: Support for fallback to legacy mapping code was not completely tested.
Add necessary fixes.
(This used to be commit 4a81ee9608)
2007-10-10 12:16:28 -05:00
Simo Sorce
4225f9a4bd r20116: Start merging in the work done to create the new idmap subsystem.
Simo.
(This used to be commit 50cd8bffee)
2007-10-10 12:16:25 -05:00
Jeremy Allison
25d6eaae8d r20098: Properly fix issues with create_token_from_username()
reported by James. Ensure that this function allocates
everything on the temporary context except the return
memory. Never call this with a null mem context, and
now use conn->mem_ctx instead in smbd/service.c.
Remove separate free functions for conn->ngroups
and conn->nt_user_token as they are now always
talloc'ed off the conn->mem_ctx. Future optimization
will be to remove conn->mem_ctx and make all objects
pointed to in the conn struct talloc'ed off conn itself.
Easy to free then :-).
Jeremy.
(This used to be commit f83b6de44f)
2007-10-10 12:16:24 -05:00
Jeremy Allison
63609fbb04 r20090: Fix a class of bugs found by James Peach. Ensure
we never mix malloc and talloc'ed contexts in the
add_XX_to_array() and add_XX_to_array_unique()
calls. Ensure that these calls always return
False on out of memory, True otherwise and always
check them. Ensure that the relevent parts of
the conn struct and the nt_user_tokens are
TALLOC_DESTROYED not SAFE_FREE'd.
James - this should fix your crash bug in both
branches.
Jeremy.
(This used to be commit 0ffca7559e)
2007-10-10 12:16:24 -05:00
Volker Lendecke
ecf90c495e r19991: Sorry for this 2000-liner...
The main thing here is a rewrite of srv_winreg_nt.c. The core functionality
has moved to registry/reg_api.c which is then usable by the rest of Samba as
well.

On that way it fixes creating keys with more than one element in the
path. This did not work before.

Two things that sneaked in (sorry :-) is the change of some routines from
NTSTATUS to WERROR the removed "parent" argument to regkey_open_internal.

Volker
(This used to be commit fea52801de)
2007-10-10 12:16:18 -05:00
Simo Sorce
cb0402c2d3 r19980: Implement pam account stack checks when obey pam restrictions is true.
It was missing for security=server/domain/ads

Simo.
(This used to be commit 550f651499)
2007-10-10 12:16:17 -05:00
Volker Lendecke
5e48602456 r19773: TALLOC_FREE checks for NULL itself
(This used to be commit fb3983ae1f)
2007-10-10 12:15:54 -05:00
Jim McDonough
dc1f0804dd r19058: Implement "user cannot change password", and complete "user must change
password at next logon" code.  The "password last set time" of zero now
means "user must change password", because that's how windows seems to
use it.  The "can change" and "must change" times are now calculated
based on the "last set" time and policies.

We use the "can change" field now to indicate that a user cannot change
a password by putting MAX_TIME_T in it (so long as "last set" time isn't
zero).  Based on this, we set the password-can-change bit in the
faked secdesc.
(This used to be commit 21abbeaee9)
2007-10-10 12:15:06 -05:00
Volker Lendecke
2b7d1fc779 r19008: Fix a segfault
(This used to be commit adfc82f0e6)
2007-10-10 12:14:57 -05:00
Volker Lendecke
72e9a5d9e6 r18665: Remove two type-punned warnings
(This used to be commit 157b2c0c26)
2007-10-10 12:00:45 -05:00
Gerald Carter
4646147a39 r18616: fix breakage after DLIST_ADD_END() changes for --with-pam
(This used to be commit 5c00b5497b)
2007-10-10 11:52:00 -05:00
Stefan Metzmacher
258a465e20 r18605: sync dlinklist.h with samba4, that means DLIST_ADD_END()
and DLIST_DEMOTE() now take the type of the tmp pointer
not the tmp pointer itself anymore.

metze
(This used to be commit 2f58645b70)
2007-10-10 11:51:59 -05:00
Gerald Carter
2b27c93a9a r18271: Big change:
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
  gen_ndr/ndr_security.c in SAMBA_4_0

The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
(This used to be commit 3da9f80c28)
2007-10-10 11:51:18 -05:00
Volker Lendecke
6655e1e997 r18029: More C++ stuff
(This used to be commit 089b51e28c)
2007-10-10 11:43:23 -05:00
Volker Lendecke
3bc4fd1bb9 r17924: Get rid of warnings now that talloc is merged.
Destructors now take a pointer to the "real" destroyed object as an argument.

Volker
(This used to be commit 70edd716ef)
2007-10-10 11:38:59 -05:00
Jeremy Allison
9ab430ac4b r17875: Fix (rather theoretical, but still...) null deref found by
Stanford checker.
Jeremy.
(This used to be commit 45d77ae122)
2007-10-10 11:38:56 -05:00
Gerald Carter
049fcc8dd5 r17736: Apply the Unix group patch when creating the token for a
username map.
(This used to be commit 0298a3466b)
2007-10-10 11:38:47 -05:00
Gerald Carter
21e35f8e73 r17710: Thanks to Thomas Bork for testing and continued feedback on this.
Comments from the patch:

/* Add the "Unix Group" SID for each gid to catch mapped groups
   and their Unix equivalent.  This is to solve the backwards
   compatibility problem of 'valid users = +ntadmin' where
   ntadmin has been paired with "Domain Admins" in the group
   mapping table.  Otherwise smb.conf would need to be changed
   to 'valid user = "Domain Admins"'.  --jerry */
(This used to be commit 3848199287)
2007-10-10 11:38:46 -05:00
Volker Lendecke
f852fdbe06 r17626: Some C++ Warnings
(This used to be commit 09e7c010f0)
2007-10-10 11:38:44 -05:00
Volker Lendecke
0691ed55ca r17584: Some C++ Warnings
(This used to be commit f6194cf4b2)
2007-10-10 11:38:41 -05:00
Volker Lendecke
097bd537ad r17573: Fix typo
(This used to be commit fd6e3f133b)
2007-10-10 11:38:40 -05:00
Volker Lendecke
b29915d611 r17571: Change the return code of cli_session_setup from BOOL to NTSTATUS
Volker
(This used to be commit 94817a8ef5)
2007-10-10 11:38:39 -05:00
Jeremy Allison
f8aa1c75f4 r17402: Added lookup_name_smbconf() to be called when looking
up names from smb.conf. If the name is unqualified it
causes the lookup to be done in WORKGROUP\name, then
"Unix [users|groups]"\name rather than searching the
domain. Should fix the problems with "force user"
selecting a domain user by preference.
Jeremy.
(This used to be commit 1e1fcb5eb2)
2007-10-10 11:38:31 -05:00
Volker Lendecke
749c8d587c r17399: Some C++ warnings
(This used to be commit d12b08fc61)
2007-10-10 11:38:31 -05:00
Jeremy Allison
4905106778 r17393: Remove Volker's ASSERT that num_groupsids > 0.
For guest connection they may well be zero.
This should fix up the buildfarm (fingers
crossed).
Jeremy.
(This used to be commit 16ebccbc58)
2007-10-10 11:38:31 -05:00
Jeremy Allison
87b2b16cbf r17392: Commit Volker's fix for the valid users problem.
Let's look at the build farm now... :-).
Jeremy.
(This used to be commit 6d822b8567)
2007-10-10 11:38:31 -05:00
Jeremy Allison
74ee62a45b r17391: Revert the second part of the valid users fix - the
netlogon code uses pdb_get_group_sid() which could
return a S-1-1-22 unix sid. Who knew.... :-(.
I'm going to test Volker's fix instead. Once
3.0.23b is out we *have* to rip out the pdb_set_group_sid()
code....
Jeremy.
(This used to be commit 65003e1b25)
2007-10-10 11:38:31 -05:00
Jeremy Allison
ba5f9c4ef9 r17388: Fix the "valid users"/token issue for now. Volker,
please come in and fix it in a less ugly way once
you have some time. Thanks,
Jeremy.
(This used to be commit 79b1e668e2)
2007-10-10 11:38:30 -05:00
Jeremy Allison
dca7d08e61 r17378: Fix the issues people have been having with mapped
users (username map) and failure to connect to a
share. Essentially, even on a standalone system
we were going into the create_token_from_username()
code (I think by mistake) if the username was mapped.
Fixes bug #3991.

Volker & Jerry - please go over this with a very careful eye
and let me know if this isn't correct (I think it is,
but this isn't my code and it's a dangerous area for
me to be playing in :-).

Jeremy
(This used to be commit 0b5b2b53ec)
2007-10-10 11:38:29 -05:00
Volker Lendecke
413ec64f27 r17022: Fix the build farm -- maybe this is the real fix, testing more
(This used to be commit 19d0269000)
2007-10-10 11:19:20 -05:00
Volker Lendecke
f8004328f4 r17016: Different and smaller fix for the valid users = username problem.
If no winbind is around, the best we can do to get the user's token correct is
to ask unix via create_token_from_username. More investigation is needed if
this also fixes the +groupname for unmapped groups problems more cleanly.

Volker
(This used to be commit f6e3ee147f)
2007-10-10 11:19:20 -05:00
Volker Lendecke
de4492b28d r17011: Back out r17010 after talking to Jerry. Another fix pending...
Volker
(This used to be commit 7a629118ee)
2007-10-10 11:19:19 -05:00
Volker Lendecke
a85395e0f5 r17010: If winbind is not around, add S-1-22-1-<uid> to the user's token.
See the comment in the patch for the reason.

Volker
(This used to be commit 5e07ab750a)
2007-10-10 11:19:19 -05:00
Jeremy Allison
fbdcf2663b r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need
to do the upper layer directories but this is what
everyone is waiting for....

Jeremy.
(This used to be commit 9dafb7f48c)
2007-10-10 11:19:14 -05:00
Volker Lendecke
3899f95e1f r16865: This is a proposal to fix bug 3915. Before sending patches around, this is
what svn is for.

The idea is that we fall back to a pure unix user with S-1-22 SIDs in the
token in case anything weird is going on with the 'force user'.

Volker
(This used to be commit 9ec5ccfe85)
2007-10-10 11:19:12 -05:00
Volker Lendecke
fc4abcf028 r16864: Intermediate checkin -- swap the sid_check_is_in_unix_users and
sid_check_is_in_our_domain cases.

Volker
(This used to be commit dc403cec88)
2007-10-10 11:19:12 -05:00
Volker Lendecke
355cbde8df r16766: A warning found by RHEL3. This might actually be 3.0.23 code, maybe there are
vasprintf implementations that don't like a NULL format.

Volker
(This used to be commit 03c665c307)
2007-10-10 11:19:10 -05:00
Gerald Carter
9d0ccba34c r16749: BUG 3905: don't fail in create_local_nt_token() when a
checking for the builtin Administrators group membership.
security = server has no domain info in secrets.tdb
(This used to be commit fa477969fb)
2007-10-10 11:19:09 -05:00
Jeremy Allison
8322d26276 r16632: Fix bug #3882 reported by jason@ncac.gwu.edu.
Jeremy.
(This used to be commit 6b39f53e43)
2007-10-10 11:19:04 -05:00
Gerald Carter
600b0ae2e9 r16471: Bug reported by Vitaly Protsko <villy@sft.ru> in 3.0.23rc1.
Add missing automatic add of the Administrators SID in the absence
of winbindd and precense of Domain Admins SID in the user's token.
(This used to be commit ce7846d6f1)
2007-10-10 11:18:55 -05:00
Jeremy Allison
f9147c4e40 r16241: Fix Klocwork #106 and others like it.
Make 2 important changes. pdb_get_methods()
returning NULL is a *fatal* error. Don't try
and cope with it just call smb_panic. This
removes a *lot* of pointless "if (!pdb)" handling
code. Secondly, ensure that if samu_init()
fails we *always* back out of a function. That
way we are never in a situation where the pdb_XXX()
functions need to start with a "if (sampass)"
test - this was just bad design, not defensive
programming.
Jeremy.
(This used to be commit a0d368197d)
2007-10-10 11:17:27 -05:00
Jeremy Allison
a1e0a0e928 r16230: Fix Klocwork #861 and others. localtime and asctime
can return NULL. Ensure we check all returns correctly.
Jeremy.
(This used to be commit 6c61dc8ed6)
2007-10-10 11:17:26 -05:00
Jeremy Allison
d4a80fdf38 r16209: Klocwork bug #66, ensure no null deref.
Jeremy.
(This used to be commit 79e693798c)
2007-10-10 11:17:25 -05:00
Volker Lendecke
0372e03722 r16204: Fix Klocwork # 14
localtime() can return NULL.

Volker
(This used to be commit 07c5dcb863)
2007-10-10 11:17:25 -05:00
Volker Lendecke
780f121462 r16150: Fix possible NULL dereference found by Klocwork ID # 17
(This used to be commit 3159bd3a4e)
2007-10-10 11:17:22 -05:00
Volker Lendecke
21eeddb80d r16141: Dummy commit to make the build farm re-test against Samba4 16140
(This used to be commit a1fcacf756)
2007-10-10 11:17:22 -05:00