IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
based on the flags2 values in the negprot request.
This also includes some code for testing the dialect
strings for "SMB 2.001" but this is unreliable as Vista
only sends that in the 1st negprot and caches the fact
that we don't support it. Restartnig the WOrkstation
service on the client clears the cache.
(This used to be commit d781eeb0e4)
anymore, we don't have to truncate the length to 255 anymore.
The test I did for this: I sent 50 times the NTLMSSP oid. With truncating
Vista said Access Denied, without truncating it liked the response.
Volker
(This used to be commit f1512cb43c)
key length in the case of extended security. It does make sense because with
SPNEGO our beloved ASN1 structure gives us the length.
Next test I did to verify this: I modified the server to put in random
garbage, and W2kwks, XP, Vista and W2k3srv still talked to us.
Volker
(This used to be commit f19bd479ce)
logic in smbd/process.c. All interested (Volker,
Jerry, James etc). PLEASE REVIEW THIS CHANGE.
The logic should be identical but *much* easier
to follow and change (and shouldn't confuse Klockwork :-).
Jeremy.
(This used to be commit d357f8b335)
of the Samba4 timezone handling code back into Samba3.
Gets rid of "kludge-gmt" and removes the effectiveness
of the parameter "time offset" (I can add this back
in very easily if needed) - it's no longer being
looked at. I'm hoping this will fix the problems people
have been having with DST transitions. I'll start comprehensive
testing tomorrow, but for now all modifications are done.
Splits time get/set functions into srv_XXX and cli_XXX
as they need to look at different timezone offsets.
Get rid of much of the "efficiency" cruft that was
added to Samba back in the day when the C library
timezone handling functions were slow.
Jeremy.
(This used to be commit 414303bc02)
Our sessionsetup code now handles raw NTLMSSP connects, so we can go
back to doing what W2K3 does here which is to send no OID's in
the negprot reply when not in a security=ads mode.
Jeremy.
(This used to be commit 38a70185b7)
reply code to the negprot reply code to cope with
client connections on port 445. Fixes the spurious
"register_message_flags: tdb fetch failed" errors.
* don't run the backgroup LPQ daemon when we are running
in interactive mode.
(This used to be commit 88747a7da3)
then is the client supports it (current clients supported are Samba and
CIFSVFS - detected by the negprot strings "Samba", "POSIX 2" and a bare
"NT LM 0.12" string) then the setting of the per packet flag smb_flag
FLAG_CASELESS_PATHNAMES is taken into account per packet. This allows
the linux CIFS client to use Samba in a case sensitive manner.
Additional command in smbclient "case_sensitive", toggles the
flag in subsequent packets.
Docs to follow.
Jeremy.
(This used to be commit cf84c0fe1a)
patch removes the 'unicode' smb.conf option.
Clients are as always free not to negotiate unicode, but Samba will always
accept unicode in smbd.
Setting 'unicode = no' caused me more client BSODs than any other option
I have seen, and I really want to protect some of our more silly users, who
will, no matter what, select and change every option...
Andrew Bartlett
(This used to be commit 3f9177bd5d)
Don't use nstrings to hold workgroup and netbios names. The problem with them is that MB netbios
and workgroup names in unix charset (particularly utf8) may be up to 3x bigger than the name
when represented in dos charset (ie. cp932). So go back to using fstrings for these but
translate into nstrings (ie. 16 byte length values) for transport on the wire.
Jeremy.
(This used to be commit b4ea493599)
I think (my changes haven't affected this I believe). Initial support on the
server side for smbclient. Still doesn't work for w2k clients I think...
Work in progress..... (don't change).
Jeremy.
(This used to be commit e5714edc23)
This patch catches up on the rest of the work - as much string checking
as is possible is done at compile time, and the rest at runtime.
Lots of code converted to pstrcpy() etc, and other code reworked to correctly
call sizeof().
Andrew Bartlett
(This used to be commit c5b604e2ee)
Also more insertion of parenthesis to handle struct members called
'free'.
You can now get useful dmalloc output, as long as it is compatible
with your C library. On RH7.1 it looks like you have to rebuild
dmalloc to allow free(0) by default, because something in libcrypt
does that. (sigh)
(This used to be commit 391cbb6901)
The auth_authsupplied_info typedef is now just a plain struct - auth_context,
but it has been modified to contain the function pointers to the rest
of the auth subsystem's components.
(Who needs non-static functions anyway?)
In working all this mess out, I fixed a number of memory leaks and moved the
entire auth subsystem over to talloc().
Note that the TALLOC_CTX attached to the auth_context can be rather long-lived,
it is provided for things that are intended to live as long. (The
global_negprot_auth_context lasts the whole life of the smbd).
I've also adjusted a few things in auth_domain.c, mainly passing the domain as
a paramater to a few functions instead of looking up lp_workgroup(). I'm
hopign to make this entire thing a bit more trusted domains (as PDC) freindly
in the near future.
Other than that, I moved a bit of the code around, hence the rather messy diff.
Andrew Bartlett
(This used to be commit 12f5515f55)
you need to set "use spnego = no" for w2k to be able to join a samba
domain. Otherwise the w2k box will assume we can do kerberos as a KDC
(This used to be commit b5cb57a367)