1
0
mirror of https://github.com/samba-team/samba.git synced 2025-07-15 16:59:09 +03:00
Commit Graph

124 Commits

Author SHA1 Message Date
161eb6f511 amazing. the improvements to NT continue, evidence for which shows up
now as "RPC fault" if the UNIHDR structure lengths do not exactly
match up to the length of the data stream.

so, all versions of samba prior to this one have an off-by-one bug
in unicode string lengths.

all versions of NT prior to NT 5 beta 2 could possibly have buffer
problems when receiving badly formatted UNICODE strings.
-
da40f26f4b domain aliases added a bit better: does local aliases if you query
for sid S-1-5-20 and does (nothing at the moment) if you query for
your own sid.
-
399035098f the next dialog: user-groups. it's not very sensible what appears, but hey:
it appears!
-
0b44d27d0b Fixed mainly signed/unsigned issues found by SGI cc in -fullwarn mode.
smbd/chgpasswd.c: Fixed (my) stupid bug where I was returning stack based variables. Doh !
smbd/trans2.c: Allows SETFILEINFO as well as QFILEINFO on directory handles.
Jeremy.
-
500e5536be oops! -
bd2fc6bb85 signed / unsigned issues -
06cc6eaa50 calls to prs_grow() on array structures so that data construction doesn't
over-run buffers
-
29434f496c dce/rpc -
a7fccd807b bug-fixing against:
AS/U:
      it returns dce/rpc "first" and "last" bits _clear_ in a bind/ack
      response, when they should be set in a (small) packet.  they also,
      in the bind/ack do not set a secondary address string at all, so
      we can't check against that...

Win95:
      client-side dce/rpc code is a bit odd.  it does a "WaitNamedPipeState"
      and has slightly different pipe-naming (\PIPE\LANMAN is joined by
      \PIPE\SRVSVC, \PIPE\WINREG etc whereas nt just has \PIPE\LANMAN
      and \PIPE\).

Win95-USRMGR.EXE:
      added LsaOpenPolicy (renamed existing to LsaOpenPolicy2).
      added SamrConnect (renamed existing to SamrConnect2).
-
8a7ac4a25d dce/rpc -
3a00023efe rpcclient: got samr command "enumusers -g -u" working -
d0f7b0d915 added in samr commands. assistance in returning the missing functions,
automatically removed because they were "unused", would be appreciated.
-
7776002218 took out #ifdef'd code in make_samr_r_query_usergroups that copied
DOM_GID static-size array, because it's malloc'd now.
-
3f98697cd5 this fixes the last of the issues where USRMGR.EXE and SRVMGR.EXE were
failing.  running these two programs on a samba pdc now work.


parse_samr.c:

- removed __LINE__ from debug macros.

- removed call to SMB_ASSERT_ARRAY() in samr_r_query_usergroups.  the
  DOM_GID array is a malloc'd array (by make_dom_gids) not a static
  array.


srv_samr.c:

- replaced all "struct smb_passwd"s with sam_passwds instead.  there
  were uid to rid confusion issues (assumptions that uids were equal
  to rids).

- #if 0'd the pdb_rid_is_user() call which, given the above corrections,
  would probably work now.


srv_util.c:

- replaced "struct smb_passwd" with sam_passwd in lookup_user_rid, as
  assumptions were being made that uids were equal to rids.
-
2204475c87 tridge the destroyer returns!
prompted by the interpret_security() dead code that Jean-Francois
pointed out I added a make target "finddead" that finds potentially
dead (ie. unused) code. It spat out 304 function names ...

I went through these are deleted many of them, making others static
(finddead also reports functions that are used only in the local
file).

in doing this I have almost certainly deleted some useful code. I may
have even prevented compilation with some compile options. I
apologise. I decided it was better to get rid of this code now and add
back the one or two functions that are needed than to keep all this
baggage.

So, if I have done a bit too much "destroying" then let me know. Keep
the swearing to a minimum :)

One bit I didn't do is the ubibt code. Chris, can you look at that?
Heaps of unused functions there. Can they be made static?
-
dbe6ad014a Changed ASSERT macros to SMB_ASSERT macros as some systems already
have an ASSERT macro defined.
Jeremy.
-
e6ce1c5b5a added ASSERT() and ASSERT_ARRAY() macros and sprinkled them liberally
in the rpc code.
-
c7ee025ead this is the bug change to using connection_struct* instead of cnum.
Connections[] is now a local array in server.c

I might have broken something with this change. In particular the
oplock code is suspect and some .dll files aren't being oplocked when
I expected them to be. I'll look at it after I've got some sleep.
-
3b8f5aef57 passdb.c
server.c: Moved generate_machine_sid() into passdb.c for Jean-Francois
          (who might want an LDAP version). Changed locking to free exclusive
          lock as soon as possible to prevent contention.
lib/rpc/parse/parse_samr.c
lib/rpc/server/srv_samr.c: Changed last SID-as-string manipulation
                           function to use DOM_SID structure.
Jeremy.
-
134d6fa79c chgpasswd.c: Added comments to #ifdefs
ipc.c: Caused samba password changing not to be done if UNIX password
       changing requested and not successful.
util.c: Added string_to_sid() and sid_to_string() functions.
lib/rpc/client/cli_samr.c:
lib/rpc/include/rpc_misc.h:
lib/rpc/parse/parse_lsa.c:
lib/rpc/parse/parse_misc.c:
lib/rpc/parse/parse_net.c:
lib/rpc/parse/parse_samr.c:
lib/rpc/server/srv_lsa.c:
lib/rpc/server/srv_lsa_hnd.c:
lib/rpc/server/srv_netlog.c:
lib/rpc/server/srv_samr.c:
lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs
around as char *, they are converted to DOM_SID at the earliest
opportunity, and passed around as that. Also added dynamic memory
allocation of group sids. Preparing to auto-generate machine sid.
Jeremy.
-
6074d09dbf initialise some variables (stops warning) -
da11063cbd function comments wrong -
2d77445400 This is a security audit change of the main source.
It removed all ocurrences of the following functions :

sprintf
strcpy
strcat

The replacements are slprintf, safe_strcpy and safe_strcat.

It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.

Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.

Jeremy.
-
118ba4d77a "For I have laboured mightily on Luke's code, and hath broken
all I saw" - the book of Jeremy, chapter 1 :-).

So here is the mega-merge of the NTDOM branch server code.
It doesn't include the new client side pieces, we'll look
at that later.

This should give the same functionality, server wise, as
the NTDOM branch does, only merged into the main branch.

Any fixes to domain controler functionality should be
added to the main branch, not the NTDOM branch.

This code compiles without warnings on gcc2.8, but will
need further testing before we are sure all the working
functionality of the NTDOM server branch has been
correctly carried over.

I hereby declare the server side of the NTDOM branch
dead (and all who sail in her :-).

Jeremy.
-