IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
patterns like ????????.??? - even if using an NT1 protocol.
Matches W2K3 behavior.
Jeremy.
(This used to be commit 67f6473f50f3284b9ccbe6f983f23cd42b3b7c9f)
pulling back all recent rpc changes from trunk into
3.0. I've tested a compile and so don't think I've missed
any files. But if so, just mail me and I'll clean backup
in a couple of hours.
Changes include \winreg, \eventlog, \svcctl, and
general parse_misc.c updates.
I am planning on bracketing the event code with an
#ifdef ENABLE_EVENTLOG until I finish merging Marcin's
changes (very soon).
(This used to be commit 4e0ac63c36527cd8c52ef720cae17e84f67e7221)
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
I've been grumbling about under-efficient calls in SAMR, and finally
got around to fixing some of them.
We now call sys_getgroups() (which in turn calls initgroups(), until
glibc 3.4 is released) to figure out a user's group membership. This
is far, far more efficient than scanning all the groups looking for a
match, and is still the 'posix way', just using an effiecient call.
The seperate issue of 'who is in this group' remains, but this one has
been biting some people.
I need to talk to VL about how best to exersise nasty corner cases,
but my initial tests hold strong. (The code is also much simpiler
than before, which has to count for something :-)
Andrew Bartlett
(This used to be commit dc19f161698dab5b71d61fa2bacc7e7b8da5fbba)
very rarely used, but we sohuldn't be removing a feature in a minor
release of this kind.
(This used to be commit 4ce0505bc369243aa77013519ce4e4f6e50f5a48)
At least temporarily, since I've got the impression that _real_ fix
is more complex...
rafal
(This used to be commit 982912f0c8547b0f0edc8d0b26e36e9701cdee82)
* BUG 1627: fix for NIS compiles on HPUX 11.00, AIX 4.3 and 5.1
patch from Olaf Flebbe <o.flebbe@science-computing.de>.
Will need to watch this one in the build farm.
* Fix bug found by rwf@loonybin.net where the PRINT_ATTRIBUTE_PUBLISHED
was getting reset by attempts to sanitize the defined attributes
(PRINTER_ATTRIBUTE_SAMBA)
* Resolve name conflict on DEC OSF-5.1 (inspired by patch from
Adharsh Praveen <rprav@india.hp.com>)
* Work around parsing error in the print change notify code
(not that the alignment bug is still there but reording the
entries in the array works around it).
* remove duplicate declaration of getprintprocdir from rpcclient.
(This used to be commit 7474c6a446037f3ca2546cb6984d800bfc524029)
haven't broken krb5 ticket verification in the mainline code path,
also need to check with valgrind. Everything now compiles (MIT, need
to also check Heimdal) and the "net keytab" utility code will follow.
Jeremy.
(This used to be commit f0f2e28958cb9abfed216c71f291f19ea346d630)
to connection struct entries (as they should have been from
the start). Jerry, once you've cut over to 3.0.4 release
branch I'll add this to 3.0 also.
- Jerry cut over :-).
Jeremy.
(This used to be commit 578a508509d21226ad3332fc54c3ab54cd8ae452)
things more by calling SAFE_FREE() just before we exit our panic handler.
Andrew Bartlett
(This used to be commit d0b820562b8a7f8e5d0224926d46590b9f1ca9a3)
* remove corrupt tdb and shutdown (only for printing tdbs, connections,
sessionid & locking)
* decrement smbd counter in connections.tdb in smb_panic()
* various Makefile hack to get things to link
'max smbd processes' looks like it might be broken. The counter KEY is not
being set. Will look into that tomorrow.
(This used to be commit 6e22c5da929b6d9a4e32dc704c83112b2ad8fcfd)
to pstr_sprintf() and fstr_sprintf() to try to standardize.
lots of snprintf() calls were using len-1; some were using
len. At least this helps to be consistent.
(This used to be commit 9f835b85dd38cbe655eb19021ff763f31886ac00)
the schannel code, but I've included that anyway. :-)
This patch revives the client-side NTLMSSP support for RPC named pipes
in Samba, and cleans up the client and server schannel code. The use of the
new code is enabled by the 'sign', 'seal' and 'schannel' commands in
rpcclient.
The aim was to prove that our separate NTLMSSP client library actually
implements NTLMSSP signing and sealing as per Microsoft's NTLMv1 implementation,
in the hope that knowing this will assist us in correctly implementing
NTLMSSP signing for SMB packets. (Still not yet functional)
This patch replaces the NTLMSSP implementation in rpc_client/cli_pipe.c with
calls to libsmb/ntlmssp.c. In the process, we have gained the ability to
use the more secure NT password, and the ability to sign-only, instead of
having to seal the pipe connection. (Previously we were limited to sealing,
and could only use the LM-password derived key).
Our new client-side NTLMSSP code also needed alteration to cope with our
comparatively simple server-side implementation. A future step is to replace
it with calls to the same NTLMSSP library.
Also included in this patch is the schannel 'sign only' patch I submitted to
the team earlier. While not enabled (and not functional, at this stage) the
work in this patch makes the code paths *much* easier to follow. I have also
included similar hooks in rpccleint to allow the use of schannel on *any* pipe.
rpcclient now defaults to not using schannel (or any other extra per-pipe
authenticiation) for any connection. The 'schannel' command enables schannel
for all pipes until disabled.
This code is also much more secure than the previous code, as changes to our
cli_pipe routines ensure that the authentication footer cannot be removed
by an attacker, and more error states are correctly handled.
(The same needs to be done to our server)
Andrew Bartlett
(This used to be commit 5472ddc9eaf4e79c5b2e1c8ee8c7f190dc285f19)
*) consolidates the dc location routines again (dns
and netbios) get_dc_list() or get_sorted_dc_list()
is the authoritative means of locating DC's again.
(also inludes a flag to get_dc_list() to define
if this should be a DNS only lookup or not)
(however, if you set "name resolve order = hosts wins"
you could still get DNS queries for domain name IFF
ldap_domain2hostlist() fails. The answer? Fix your DNS
setup)
*) enabled DOMAIN<0x1c> lookups to be funneled through
resolve_hosts resulting in a call to ldap_domain2hostlist()
if lp_security() == SEC_ADS
*) enables name cache for winbind ADS backend
*) enable the negative connection cache for winbind
ADS backend
*) removes some old dead code
*) consolidates some duplicate code
*) moves the internal_name_resolve() to use an IP/port pair
to deal with SRV RR dns replies. The namecache code
also supports the IP:port syntax now as well.
*) removes 'ads server' and moves the functionality back
into 'password server' (which can support "hostname:port"
syntax now but works fine with defaults depending on
the value of lp_security())
(This used to be commit d7f7fcda425bef380441509734eca33da943c091)
1. Allows to change quota settings for shared mount points from Win2K and WinXP from Explorer properties tab
2. Disabled by default and when requested, will be probed and enabled only on Linux where it works
3. Was tested for approx. two weeks now on Linux by two independent QA teams, have not found any bugs so far
Documentation to follow
(This used to be commit 4bf022ce9e45be85609426762ba2644ac2031326)
include a domain portion, do a gethostbyname() lookup on that name.
Use this name in our PolicyPrimaryDomainInformation reply (_lsa_query_info2)
that Win2k uses when trying to trust us as a trusted domain.
(We need to do a better mapping between our Netbios and Win2k domain names,
but this will do for now - particularly annoying is the way this possibly needs
to map with our kerberos realm).
Andrew Bartlett
(This used to be commit 3be03271030208a69da29c6e2a7b92cdbaa8c6aa)
