IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
No more ugly static library buffers and all functions take a destination
string length (especially unistrcpy was rather dangerous; we were only
saved by the fact that datagrams are limited in size).
representation in the underlying database: removed this code.
for example, with the nt->unix mapping system (don't know about the ldap
one) if you want "Domain Admins" to appear you _must_ put it in the
domaingroup.map file.
the previous code was adding builtin aliases and well-known groups even
if they weren't in the domain maps. bad idea.
pwdb_sam_map_names() was using a "blank" static string instead of
a NULL pointer for nt names. NULL means over-ride, so the nt name
got left as "blank".
this causes nt clients to terminate with extreme prejudice.
around anyway.
The real problem is, once again, the brokenness of pwdb_sam_map_names et al.
This time it is deciding to return blank NT usernames, which NT's redirector
objects to.
I'm currently working on improving the pwdb/mapping code, should be ready in a
couple of weeks.
endlessly repeating a network SAMLOGON (hoping it to change, hmmm...).
( Guess what I found in pwdb_init_sam...
unix_to_nt_time(&user->logon_time, (time_t)-1);
unix_to_nt_time(&user->logoff_time, (time_t)-1);
unix_to_nt_time(&user->kickoff_time, (time_t)-1);
... )
1) The earlier fix for the smbmount race conditions broke the PID
registration with smbfs. That fix has been backed out and
replaced by a signalling convention from the child smbmount
process back to the parent telling the parent when it is safe
to exit.
2) Fixing all of this uncovered a NASTY deadly embrace between smbmount,
smbmnt, and autofs. This was caused by the setsid call in the
daemon code. The smbmnt process no longer was registered as
"magic" because it was no longer in the autofs process group.
Many many kudos and thanks to H Peter Anvin for giving me the
clue to solving this agravating puzzle. The setsid was moved
down the where the child signals the parent and a warn left in
its place in the daemonize code.
3) Fixed (actually worked around with a BUTT UGLY HACK) a problem with
SMB_GET_MOUNTPID in smbumount.c. The smb_fs.h header file has
the parameter to this ioctl defined as a uid_t. Unfortunately
that's a 32 bit quantity under glibc and it's currently a 16 bit
quantity in kernel space. Undefined the macro and redefined
it with a parameter of __kernel_uid_t. That should keep us
out of trouble till I can have someone fix smb_fs.h in the
kernel sources...
also needed to use start index properly and generate next index.
both client and server code need to recognise error code 0x105
when there's not enough room to store all the users in one call.
sort this out another time.
validation checks and also added capability to send plaintext passwords.
send "ntpasslen" of zero to do this. sending same plaintext password
for pass and ntpass arguments will result in previous behaviour of
encrypting password if server supports it.
needed this for some tests.
- removed code that said "if lm password is not encrypted then encrypt both
lm and nt passwords". actually it said "if lm password length is not 24
bytes and we're in security=user mode..."
it didn't bother to check whether the nt password was NULL or not, and
doing the encryption inside cli_session_setup is the wrong place.
- checked all instances where cli_session_setup is called with cleartext
passwords that are expected to then be encrypted (see above) with the
test "if pwlen != 24...". there was only one: all the others either
provide encrypted passwords, do null sessions or use
cli_establish_connection.
* recommendation: use cli_establish_connection() in smbwrapper/smbw.c
A whole bunch of string variables in loadparm.c were
not being initialized properly. Programs crashed as a result.
This set of code not tested, but same code tested elsewhere,
and all this guarded by #ifdef HAVE_SSL
