IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- split smbpass.c "password file lock" routines into smbpassfile.c: moved
trust account routines into smbpassfile.c as well
(This used to be commit 3e48b4eb11)
- added nisppass.c and NISPLUS_FLAGS
includes.h:
- renamed USE_LDAP to USE_LDAP_DB. renamed NISPLUS to USE_NISPLUS_DB.
added default define of USE_SMBPASS_DB.
- removed ldap headers: they are local only to ldap.c
ldap.c :
- made all ldap-specific functions static.
- added dummy sam21 functions
loadparm.c :
- renamed NISPLUS to NISPLUS_HOME
mkproto.awk
- commented out ldap-specific #ifdef generation code: it's not
needed now that ldap-specific functions in ldap.c are static
nisppass.c :
- first attempt at an add function from
(This used to be commit f215d375f0)
server.c: Moved generate_machine_sid() into passdb.c for Jean-Francois
(who might want an LDAP version). Changed locking to free exclusive
lock as soon as possible to prevent contention.
lib/rpc/parse/parse_samr.c
lib/rpc/server/srv_samr.c: Changed last SID-as-string manipulation
function to use DOM_SID structure.
Jeremy.
(This used to be commit 3b8f5aef57)
server.c: Added MACHINE.SID file generation - use lp_domain_sid() be default.
smbpass.c: Exposed do_file_lock() as I now use it in server.c
Jeremy.
(This used to be commit 5bf17840ac)
ipc.c: Caused samba password changing not to be done if UNIX password
changing requested and not successful.
util.c: Added string_to_sid() and sid_to_string() functions.
lib/rpc/client/cli_samr.c:
lib/rpc/include/rpc_misc.h:
lib/rpc/parse/parse_lsa.c:
lib/rpc/parse/parse_misc.c:
lib/rpc/parse/parse_net.c:
lib/rpc/parse/parse_samr.c:
lib/rpc/server/srv_lsa.c:
lib/rpc/server/srv_lsa_hnd.c:
lib/rpc/server/srv_netlog.c:
lib/rpc/server/srv_samr.c:
lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs
around as char *, they are converted to DOM_SID at the earliest
opportunity, and passed around as that. Also added dynamic memory
allocation of group sids. Preparing to auto-generate machine sid.
Jeremy.
(This used to be commit 134d6fa79c)
have vsnprintf.
locking_slow.c: slight tidy.
make_smbcodepage.c: Use safe_strcpy instead of pstrcpy.
nmbd_winsserver.c: Use pstrcpy instead of fstrcpy.
smbmount.c: Fixed reported bug.
util.c: Removed old fstrcpy/fstrcat functions.
Jeremy.
(This used to be commit f257d2e4ba)
kludge. It is a safe kludge with our current code but I would like to
revisit it at some point in the future.
The problem with the one I committed yesterday is it used non-portable
functions. (it also had a bug in it, but that's another matter)
This one works by just using vsprintf() into a 8k buffer and a memcpy
from there. No memory protection tricks or other non-portable
stuff. This is safe because all calls to slprintf() in samba use
strings which have been through a pstrcpy and thus are less than 1024
bytes. No call uses more than 2 of these strings. See what I mean by
kludge? Note that the 8k is way overkill but I like overkill :)
Someday (after autoconf) we will replace this with something better,
but meanwhile this is simple, secure and portable.
(This used to be commit 4cfcc398c3)
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
(This used to be commit 2d77445400)
ldap.c :
- added getldap21pwent() function
passdb.c :
- getsam21pwent() no longer a stub: calls ldap21 or smb21
smbpass.c :
- added getsmb21pwent() function (he he :-)
lib/rpc/server/srv_samr.c :
- removed "specific" calls to ldap functions; replaced with
call to get_sampwd_entries instead (which is unfinished).
- rewrote get_user_info_21 function to call getsam21pwrid.
(This used to be commit c760ebbf12)
and null session setup done.
smbpasswd.c: Fix from Gerald Carter <cartegw@Eng.Auburn.EDU> to fix incorrect
use of pointer.
Jeremy.
(This used to be commit 69ace07609)
from which an NT user can log in from. empty (default) indicates no
restrictions. exactly how this is enforced is unknown. from past experience
it's likely that the enforcement is left to the client to carry out...
(This used to be commit 6b2f9ea68f)
Makefile:
created PASSBD_OBJ group
includes.h:
added #ifdef USE_LDAP to #include <ldap> headers
ldap.c:
- renamed "_machine" to "_trust" everywhere.
- added sam_passwd support routines
- removed get_ldappwd_entry function: replaced with get_sampwd_entry
- removed getldappwnam/uid: replaced with getsampwnam/uid
- other messing about bits which are probably going to annoy the
hell out of jean-francois (sorry!)
mkproto.awk:
- added stuff to wrap ldap.c protos with #ifdef USE_LDAP
- added uid_t and gid_t return results to the prototype generation
passdb.c:
- created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry.
- modified getsampwnam/uid and created getsam21pwnam/rid functions
to replace the local get_smbpwd_entry() and get_ldappwd_entry()
functions, which jeremy didn't like anyway because they were
dual-purpose.
- added utility routines which are or may be useful to all the
password database routines.
password.c:
- renamed "machine_" to "trust_" everywhere.
smbpass.c:
- removed get_smbpwd_entry function: replaced it with get_sampwd_entry
functions in passdb.c
- moved code that decoded acct_ctrl into passdb.c
- moved encode_acct_ctrl into passdb.c
- removed getsmbpwnam/uid: replaced with getsampwnam/uid
- renamed "machine_" to "trust_" everywhere.
smbpasswd.c:
- renamed "machine_" to "trust_" everywhere.
util.c:
- moved gethexpwd function into passdb.c
lib/rpc/server/srv_util.c:
- moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c
(This used to be commit 673ab50c4c)
this but it really is necessary (sorry Chris!)
ubiqx code didn't compile on SunOS4 otherwise as stdlib didn't define
NULL.
(This used to be commit 4989db8b0b)
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit ee09e9dadb)
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
(This used to be commit 6b0c1733d2)
This now tries Enhanced passwords first and if this fails trys Basic
mode (ie: Unix /etc/passwd) authentication. This only happens when
OSF1_ENH_SEC is defined at compilation.
(This used to be commit 29462c8d7a)
messages.
nttrans.c: More updates.
smb.h: Removed stuff that didn't belong in the smb_passwd struct. Persuaded Luke
to use a new structure.
web/swat.c: Fixed gcc complaints about shadowing global 'string'.
Jeremy.
(This used to be commit 61c1dbb978)
I now only have one warning in my code which is the result of some code I have started
working on but am not yet using in the code, along with a warning that is caused
by one of the include files (a nested comment).
I used -Wall -Wshadow -Wstrict-prototypes
(This used to be commit 7b98fd5b69)
and "if (bool==False)" code from ldap.c - a boolean test may not necessarily
return exactly True or exactly False: True may be defined to be -1: you never
know...
(This used to be commit 9bf9752134)
the smbpw functions are expected to fill in the blanks by reading the
appropriate smb.conf parameters.
the ldappw functions are expected to fill in the fields from the ldap
database. a separate utility can be written to fill in the ldap database
fields from the smb.conf parameters, at a later date.
(This used to be commit 0b6394c83e)
