1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

490 Commits

Author SHA1 Message Date
Tim Potter
a2bac4d2ca A collection of fixes/cleanups to the security descriptor code by
matt_zinkevicius@hp.com
(This used to be commit ce22267ec8)
2001-08-07 00:01:41 +00:00
Andrew Bartlett
986372901e This is my 'Authentication Rewrite' version 1.01, mostly as submitted to
samba-technical a few weeks ago.

The idea here is to standardize the checking of user names and passwords,
thereby ensuring that all authtentications pass the same standards.  The
interface currently implemented in as

nt_status = check_password(user_info, server_info)

where user_info contains (mostly) the authentication data, and server_info
contains things like the user-id they got, and their resolved user name.

The current ugliness with the way the structures are created will be killed
the next revision, when they will be created and malloced by creator functions.

This patch also includes the first implementation of NTLMv2 in HEAD, but which
needs some more testing.  We also add a hack to allow plaintext passwords to be
compared with smbpasswd, not the system password database.

Finally, this patch probably reintroduces the PAM accounts bug we had in
2.2.0, I'll fix that once this hits the tree.  (I've just finished testing
it on a wide variety of platforms, so I want to get this patch in).
(This used to be commit b30b6202f3)
2001-08-03 13:09:23 +00:00
Tim Potter
8dad2a1310 Fix for smbpasswd set_userinfo24 was in the wrong place!
(This used to be commit c9cbe3237e)
2001-08-03 03:43:24 +00:00
Jeremy Allison
65bf96ed06 Allow smbpasswd to join a W2K hosted AD domain.
Jeremy.
(This used to be commit c51cfc7f0d)
2001-08-02 23:48:51 +00:00
Tim Potter
648528196c Held a shoot-out between NT_STATUS_NO_PROBLEMO and NT_STATUS_NOPROBLEMO.
According to the incorruptible judges find and grep, the latter won.

Mmm - procrastination.  (-:
(This used to be commit 2e33940360)
2001-07-25 06:42:05 +00:00
Andrew Bartlett
7265d46388 This backs out my last change, which broke some of the finer points of RPC
coding :-).  I'll be more carfull in this area in future.

This does not back out the cli_login change, so domain logons still work, but
only for english.

Andrew Bartlett
(This used to be commit bd3c2a0cdd)
2001-07-11 04:27:03 +00:00
Andrew Bartlett
e4b6f641e8 This fixes security=domain, which has been broke since the big charset
changeover.  For my own sainity I have created a new function to fill out both
the header and buffer for a string in an RPC struct.  This DOES NOT take a
length argument, only the actual string to be placed.

The RPC code is currently littered with code that does init_uni_hdr() followed
immidiatly by init_unistr2(), and often the length argument is wrong.  (It was
for the code I changed, even before the charset stuff).  Another bug where we
made strings AT LEAST MAX_UNICODE_LEN long hid this bug.

This works for loopback connections to Samba, and can't be any more broke than
it was before :-).  (We had double and revese conversions, fun...).

In particular this makes us multibyte complient.

In any case, if there are no objections I will slowly convert other bits of
code to the same system.
(This used to be commit cf1d1cd9d6)
2001-07-10 17:02:02 +00:00
Jean-François Micouleau
0a33cb45c1 implement:
LSA_ENUM_PRIVS
	LSA_PRIV_GET_DISPNAME
	LSA_ENUM_ACCOUNTS
	LSA_OPENACCOUNT
	LSA_ENUMPRIVSACCOUNT
	LSA_GETSYSTEMACCOUNT

It's a work in progress. nobody should expect it to work

	J.F.
(This used to be commit 3056357cd8)
2001-07-09 18:32:54 +00:00
Jean-François Micouleau
62d399f3cf add query user info level 20 (for RAS)
add query dominfo level 5
some cleanup, don't free talloced memory.
implement delete domain and local groups.

	J.F.
(This used to be commit 3f14dda2a2)
2001-07-09 18:25:40 +00:00
Jean-François Micouleau
db77d64a20 when converting ascii to unicode, if the ascii string is NULL, don't
convert it, rpcstr_push doesn't like it.
(This used to be commit a8006e6f3e)
2001-07-09 18:21:03 +00:00
Jeremy Allison
df68e652d6 Added JF's fix for max_entries being 0.
Jeremy.
(This used to be commit 5059fbbb76)
2001-07-06 17:40:16 +00:00
Andrew Tridgell
87fbb7092b The big character set handling changeover!
This commit gets rid of all our old codepage handling and replaces it with
iconv. All internal strings in Samba are now in "unix" charset, which may
be multi-byte. See internals.doc and my posting to samba-technical for
a more complete explanation.
(This used to be commit debb471267)
2001-07-04 07:15:53 +00:00
Jeremy Allison
6780f050e1 Missing prs_align() was causing Win9x nexus tools to fail. security_info_sent
was being miss-parsed.
Jeremy.
(This used to be commit 1685e41da0)
2001-07-02 21:56:20 +00:00
Jeremy Allison
3d90180af4 Fixed auto-alloc of dispinfo code when unmarshalling.
Jeremy.
(This used to be commit d4872c94c2)
2001-07-02 21:23:13 +00:00
Jeremy Allison
8d0b9cf534 Added LsaGetConnectedCredentials patch from Manoj Naik <manoj@almaden.ibm.com>.
Jeremy.
(This used to be commit 7079300da6)
2001-06-29 23:12:55 +00:00
Jeremy Allison
2cddd5fe8c From JF....
hi jeremy,

can you commit the following patch against HEAD. I can't do it right now

Thanks Tim for me. He changed the SAM_DISPINFO_1 array without checking if
he didn't break the server code. And he did.

So on my way I cleaned info_1, 2, .. 5

it may break winbind. I leave to tim the pleasure to fix it ;-)

        jf.

I added some talloc changes and checks for alloc fails.

Jeremy.
(This used to be commit 001e9b7b54)
2001-06-29 18:41:31 +00:00
Tim Potter
00ecce9630 Removed another silly static array.
(This used to be commit 008628fb8a)
2001-06-29 07:55:41 +00:00
Herb Lewis
c2cfcb34e1 SGI compiler fixes.
Jeremy
(This used to be commit 45bf995bf6)
2001-06-26 20:23:45 +00:00
Jeremy Allison
96ff4b8ee2 Ensure we always have a valid pointer on unmarshalling an SD with zero
ace entries.
Jeremy.
(This used to be commit 274c0f5028)
2001-06-26 06:31:55 +00:00
Tim Potter
742609a21d Fixed bug introduced by changeover of security descriptor code from
malloc() to talloc().  Previously, creating an ACL containing zero ACEs
would return a non-NULL pointer to zero bytes of memory.  The talloc() code
would return a NULL pointer making the ACL a NULL ACL instead of an empty
one.  The difference is a NULL ACL allows all access and an empty ACL
denies all access.

We solve this by calling talloc(ctx, sizeof(SEC_ACE) * num_aces + 1).
Heh.
(This used to be commit 89eaaafe7d)
2001-06-26 06:11:40 +00:00
Tim Potter
6e0605c3ab Cosmetic fixups found while playing with the server manager. Added support
for NET_SRV_SET_INFO rpc call which is made when double-clicking on a
computer in the server manager and changing the description.  We always
return NT_STATUS_NOPROBLEMO as NT doesn't seem to decode any error messages
passed back.

Maybe the changed comment string could be stored in a tdb and regurgitated
instead of the "server string" smb.conf parameter?
(This used to be commit d936ffedd9)
2001-06-25 06:13:27 +00:00
Gerald Carter
3281f6f076 sync this function with 2.2 (single check for NULL parameter)
(This used to be commit 3ab50e648d)
2001-06-22 14:18:27 +00:00
Jeremy Allison
9a89a5b4fa Removed unused (and potentially crash-causing) free function.
Jeremy.
(This used to be commit 54ea00fa87)
2001-06-22 02:37:52 +00:00
Jeremy Allison
3a6019b0eb Merging Gerry's spoolss changes.
Jeremy.
(This used to be commit 6b4a70cd82)
2001-06-21 17:46:14 +00:00
Jeremy Allison
3f1254bee1 Fixed W2K SP2 joining a Samba PDC hosted domain.
Jermey.
(This used to be commit 05a2911403)
2001-06-20 19:55:59 +00:00
Jeremy Allison
9203386063 INFO_24 sometimes has a 2 byte length, sometimes doesn't. Safer to not
depend on it...
Jeremy.
(This used to be commit 0fe11c329f)
2001-06-19 19:56:06 +00:00
Jeremy Allison
af604fe769 Modified version of Jim's 0x27 and 0x28 Win9x Secdesc patch.
Jeremy.
(This used to be commit 5690ec77c8)
2001-06-16 00:32:13 +00:00
Jeremy Allison
438e89b187 Jim McDonough's parse patches for Win9x get SD calls.
Jeremy.
(This used to be commit bc366f3153)
2001-06-15 20:08:12 +00:00
Jeremy Allison
cf30d3bc91 Fixed typo spotted by "Jim McDonough" <jmcd@us.ibm.com>....
Jeremy.
(This used to be commit a600c96e59)
2001-06-15 19:48:03 +00:00
Tim Potter
b7e382bfb2 Add password length field to SAM_USER_INFO24 structure and fix init
and parse function.
(This used to be commit d2eafa7483)
2001-06-15 05:09:40 +00:00
Tim Potter
5eee0f1968 Added some msdfs client routines.
(This used to be commit 13df2304b3)
2001-06-13 06:37:02 +00:00
Tim Potter
b627b65d2b Converted init_samr_q_lookup_names() and samr_io_q_lookup_names()
to use tallocated memory instead of dodgy static arrays.
(This used to be commit 35d2794114)
2001-06-06 07:15:34 +00:00
Tim Potter
e07b85ab19 Added *.po to .cvsignore files.
(This used to be commit 870e9e4e89)
2001-06-01 11:26:20 +00:00
Tim Potter
69ffa0f16d Added a init function for net_q_logon_ctrl2 so we can make this call
from rpcclient.

Added init and i/o functions for net_{q,r}_logon_ctrl functions so we
can call from rpcclient and respond to this call from smbd.
(This used to be commit 8ba30031a4)
2001-05-24 07:58:49 +00:00
Gerald Carter
013b454d1a merge from 2.2 DeletePrinterDriver() server side stud coming
in separate commit after I get it working in 2.2.
(This used to be commit 09506ac0e6)
2001-05-17 18:57:25 +00:00
Tim Potter
f179319cee Reverted samr_io_userinfo_ctr() patch because it broke too much other
stuff.  (-:
(This used to be commit 5bbd946d59)
2001-05-10 00:03:36 +00:00
Tim Potter
989ece4b26 So the samr_io_userinfo_ctr was requiring a SAM_USERINFO_CTR to be passed
in as well as tallocating space for one itself.  I've deleted code so the
passed in container is used to store the SAM user info.  This may have
broken some server side SAM stuff which probably isn't used anyway.  )-:
(This used to be commit fc44cec0de)
2001-05-09 05:05:01 +00:00
Jean-François Micouleau
b6a6b4b02e fixes to the group mapping code.
Not ready yet.

	J.F.
(This used to be commit 62a7a567fd)
2001-05-08 16:33:18 +00:00
Tim Potter
12ef6bc03e Fixed typo in comment.
(This used to be commit a8c49d1e60)
2001-05-08 04:00:01 +00:00
Tim Potter
706a1188c5 iinit_samr_q_lookup_rids() didn't actually copy the rids into the
parse structure.
(This used to be commit 139e767e78)
2001-05-08 03:50:42 +00:00
Tim Potter
5d58cf895c Renamed unknown field to access mask in open alias parsing functions.
(This used to be commit d384cae570)
2001-05-04 07:33:10 +00:00
Jeremy Allison
8bd2a11c86 Added code from "Nigel Williams" <nigel@veritas.com> (yes, the same famous
Nigel Williams who did NIS/GINA !) to implement add/modify/delete shares
for Win2k. Needs testing as I made a few mods to the original code.
Jeremy.
(This used to be commit 9b3dd80176)
2001-05-01 01:01:19 +00:00
Gerald Carter
3a44e2364b few cleanups to bring in line with 2.2
(This used to be commit 0feaac00a1)
2001-04-28 01:07:27 +00:00
Gerald Carter
e40449fa72 rpcclient merge from 2.2 (including Jeremy's non-void return fix)
(This used to be commit 0a6ceed279)
2001-04-28 00:32:56 +00:00
Jeremy Allison
b8a2c65a18 Added Herb's comment fix.
Jeremy.
(This used to be commit f4f4aae675)
2001-04-27 17:32:46 +00:00
Jeremy Allison
3e4c6d130c Fix "proc num out of range" error. Missing rpc call.
Jeremy.
(This used to be commit 6248fb2292)
2001-04-23 23:31:09 +00:00
Jeremy Allison
2ef68c7e92 Merge of Andrew's changes in 2.2.
Jeremy.
(This used to be commit fc76681812)
2001-04-13 19:12:06 +00:00
Jeremy Allison
2b9e23855e Set SD's for share. Added level 1501. Map GENERIC file bits to specific bits.
Jeremy.
(This used to be commit 04976c32f3)
2001-04-09 08:00:19 +00:00
Jeremy Allison
f9a15ce1a6 Got "medieval on our ass" about adding the -1 to slprintf.
Jeremy.
(This used to be commit 94747b4639)
2001-04-08 20:22:39 +00:00
Jeremy Allison
97cf9d3a3d Implemented stub function for NET_SHARE_DELETE. Now to implement the real
internals to support server manager.
Jeremy
(This used to be commit 3512ba1f65)
2001-04-06 18:25:17 +00:00