IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
added become_root / unbecome_root around the get machine account password.
smbpass.c:
cleaning up code.
- turning if (BOOL_expr == False) into if (BOOL_expr)
what if you test if (BOOL_expr == True) and someone defines
True to be -1 on one system and 1 on another? or if you get
inconsistent return results between developers
- removed if ((FILE*) == 0) and made this if ((FILE*) == NULL) -
cannot assume that NULL is zero integer. plus there are typecast
issues to deal with
- removed return (ret == 0) ? True : False and made this return ret == 0
rely on the compiler to return correct BOOL value: not all developers
will return True or False #defines: stick with BOOL test (non-zero).
- removed if (ret == False) replaced with if (!ret)
- bug where instead of if (sizeof(pstring)-len-len-6 < 0) it had a
boolean test if (pstring-len-len-6).
- removed "." after debugging of filenames: the "." - a fullstop -
looked like it was part of the filename, making things difficult
to sort out.
still to be resolved: the global_myname isn't set up, such that the
machine account password file is named "TEST3..mac".
WARNING - so far this has only been tested against a Samba PDC
(still waiting for IS to add me the machine accounts :-).
Still missing is the code in smbpasswd that will add a machine
account password and change it on the domain controller, but
this is not hard, and I will check it in soon.
Jeremy.
It is changing the global variables "myname" and "myworkgroup"
to "global_myname" and "global_myworkgroup" respectively.
This is to make it very explicit when we are messing
with a global (don't ask - it makes the domain client
code much clearer :-).
Jeremy.
clientgen.c: Added nt_error as an entry in the struct client_state.
password.c: Open the netlogon pipe.
smb.h: Added nt_error as an entry in the struct client_state.
lib/rpc/parse/parse_net.c: Added comments on net logon.
lib/rpc/server/srv_netlog.c: Added comments on net logon.
Jeremy.
password.c: Changed global cli -> pw_cli, removed strtok (bad strtok, bad :-)
use in security=server, started to extend security=domain code.
smbpasswd.c: Removed rap error code functions.
Jeremy.
password.c: Started the initial code for domain_client_validate(). All
bracketed with #ifdef DOMAIN_CLIENT for now.
reply.c: Call to domain_client_validate(). All
bracketed with #ifdef DOMAIN_CLIENT for now.
smbpass.c: New code to get/set machine passwords. Tidied up nesting
of lock calls.
Jeremy.
loadparm.c: Started add of 'security=domain' code.
password.c: Fix for security=server NT bugs.
reply.c: Started add of 'security=domain' code.
server.c: Started add of 'security=domain' code.
smb.h: Started add of 'security=domain' code.
Jeremy.
clientgen.c: Changed to fill change password buffer with random stuff.
password.c: Changed to get challenge from genrand.c
server.c: Added #ifdef around O_SYNC.
version.h: Changed to 1.9.19prealpha.
genrand.c:
New code to generate (hopefully) good random numbers for
use in crypto challenges/session keys etc.
PLEASE REVIEW THIS CODE AND SUGGEST IMPROVEMENTS !!!!!!
Jeremy.
internals after Andrews' code had memset it to zero (this was causing core
dumps).
charcnv.c: Fixes for ISO8859-2 from Petr Hubeny <psh@capitol.cz>.
Jeremy.
nmbd.c: Fix for always overwriting log despite append setting.
smb.h: Addition of last time password changed entry to account info.
smbpass.c: Changes to support last time changed field in smbpasswd file.
smbpasswd.c: Changes to support last time changed field in smbpasswd file.
util.c: Fix for always overwriting log despite append setting.
Jeremy.
get_smbpwd_entry (now an internal function to smbpass.c)
to a more UNIX-like :
getsmbpwnam() - get entry by name.
getsmbpwuid() - get entry by uid.
Changed the type returned by the smbpasswd enumeration
functions to be a void * so that people don't come to
depend on it being a FILE *.
These abstractions should make it much easier to
replace the smbpasswd file with a better backend
in future.
Other files changed are to match the above changes.
Jeremy.
proto.h: The unusual. ;)
reply.c: I changes some function names, and updated reply.c to match.
See mangle.c below for more.
server.c: Changed function names and parameters in file mangle.c, so
changed server.c calls to match. See mangle.c below for more.
mangle.c:
I replaced the caching mechanism used for caching reverse mangled name
maps. The old method was a large array of 256-byte strings. Movement
in the stack (including push and pop) was done by memcpy()ing whole
chunks of memory around.
The new system uses the ubi_Cache module which, in turn, uses a splay
tree. Entries are dynamically allocated using a minimum amount of
memory. Searches are non-linear, which should speed things up a bit,
too. Overall, this should save memory and be faster.
Other changes: I streamlined the is_mangled() test and made other
speed enhancements including replacing some static functions with
macros. Added comments, etc.
Note: Per an E'mail conversation with Andrew, the 'mangled stack'
parameter in smb.conf doesn't do anything anymore. The cache is
now set for 16K bytes maximum memory usage. The mangle stack
parameter is silently ignored. This can easily be changed, but
I'd rather introduce a 'mangled cache memory' parameter and
remove 'mangled stack'.
Remaining problems:
While testing the module, I noticed that something is calling
name_map_mangle() twice. The result is that names which contain
illegal characters are getting mangled twice.
Also, the entire module works by overwriting the input string.
This has a variety of nasty side effects.
Summary:
There's a lot still to be done, but the changes I have in place *should*
work in exactly the same way (except for the mangle stack parameter).
The rest of the bugs and other issues are separate.
Chris -)-----
ipc.c: Added Luke's debug statement.
locking_slow.c: Added FTRUNCATE_NEEDS_ROOT code for broken systems that
need it (not sure what these are yet).
membuffer.c ntdomain.h proto.h
lib/rpc/include/rpc_dce.h lib/rpc/include/rpc_srvsvc.h
lib/rpc/parse/parse_prs.c lib/rpc/parse/parse_rpc.c
lib/rpc/server/srv_pipe_hnd.c lib/rpc/server/srv_util.c:
Re-merge of Luke's NTDOM changes 'cos he's a lazy git with
carpel tunnel syndrome :-).
Jeremy.
load time (patch from "Marty Leisner" <leisner@sdsp.mc.xerox.com>.
server.c: Patch from Josef Hinteregger <joehtg@joehtg.co.at> - string
could be overwritten when find_service() called recursively.
Jeremy.
parameter which allows the new change password code to change the
unix password also. Defaults to OFF.
includes.h: Added termios.h to FreeBSD to allow password changing.
namequery.c: Fixed missing name parameters to debug statements.
Jeremy.
was so large that when used with -DUSE_MMAP it caused the unsigned
subtraction to wrap aound and become positive - thus causing
a silly memcpy offset. Thanks to "Michael St. Laurent" <rowl@earthlink.net>
for giving me the core dump that allowed me to track this one
down.
Jeremy.
quotas.c: Linux quota fix.
util.c: Ensure smb_read_error is zero in all calls that can set it.
lib/rpc/include/rpc_misc.h lib/rpc/include/rpc_netlogon.h
lib/rpc/parse/parse_misc.c lib/rpc/parse/parse_net.c
lib/rpc/server/srv_netlog.c : Modify Luke's code to call
SamOEMhash().
Jeremy.
Changed smbpasswd to be client-server for a normal user, rather
than accessing the private/smbpasswd file directly (it still accesses
this file directly when run as root, so root can add users/change a
users password without knowing the old password).
A shakeout of this change is that smbpasswd can now be used to
change a users password on a remote NT machine (yep - you heard
that one right - we can now change a NT password from UNIX !!!!!).
Jeremy.
I needed the client_name() and client_addr() functions in swat so I
could tell who was connecting from where. The problem was that these
functions didn't take a file descriptor parameter they just used
the global "Client".
So I needed to change all calls to pass a parameter ... lots of files.
"name resolve order" parameter.
source/Makefile: Re-ordered link for name resolve order code.
source/clientgen.c:
source/clientutil.c: Added calls to resolve_name().
source/includes.h: Added HPUX zombie fix.
source/loadparm.c: Added new name resolve order parameter.
source/namequery.c: Re-wrote to include parsing of lmhosts file, new resolve_name()
function requested by John.
source/nmbd.c: Tell resolve_name not to do WINS lookups if we are the WINS server.
source/nmbd_lmhosts.c: Call lmhosts parsing functions in namequery.c
source/password.c: Call resolve_name() to lookup security=server name.
source/reply.c:
source/time.c:
source/trans2.c: "fake directory create times" fix from Jim Hague - hague@research.canon.com.au.
source/util.c: Removed isalnum() test in Get_Hostname() that seems to cause
problems on many systems.
Jeremy.
problem.
password.c: Fix for Thursby to stop Dave clients failing in share
mode security (this was their bug - they were interpreting the uid
field in share mode which is explicitly denied by the spec but
it's easier for us to fix it than them :-).
Jeremy.
the status page)
- split the claim_connection() code into its own file
- fixed the claim_connection() code to lock the file when manipulating
it
- always claim a null connection at startup
- fixed a bug in the pidfile code
I needed to modify the way the pidfile is handled in nmbd and smbd to
do this. Jeremy, you may wish to look at what I've done as it probably
breaks the Whistle use of pidfiles. In particular I've removed the -f
option and instead smbd and nmbd always create a pidfile in the lock
directory.
testparm.
In particular I added:
- ability to optionally save default values of all parameters when
calling lp_load(). This can then be used to save only non-default
parameters in lp_dump(). This makes the saved smb.conf (and viewed
parameters in testparm) much shorter
- ability to not load ipc share in lp_load()
- separators in parm_table[] so parameters can be grouped logically.
- flag to mark parameters that are local but which should be also
viewed as global as far as parameters editing is concerned
all I saw" - the book of Jeremy, chapter 1 :-).
So here is the mega-merge of the NTDOM branch server code.
It doesn't include the new client side pieces, we'll look
at that later.
This should give the same functionality, server wise, as
the NTDOM branch does, only merged into the main branch.
Any fixes to domain controler functionality should be
added to the main branch, not the NTDOM branch.
This code compiles without warnings on gcc2.8, but will
need further testing before we are sure all the working
functionality of the NTDOM server branch has been
correctly carried over.
I hereby declare the server side of the NTDOM branch
dead (and all who sail in her :-).
Jeremy.
algorithm was correct).
Finally (I think) fixed the mangled directory stack issue in
scan_directory() correctly. Mangled & non-mangled names are
now being checked correctly. Hurrah to Ulrik Dickow <ukd@kampsax.dk>
who helped isolate this one.
Jeremy.
