IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
It is changing the global variables "myname" and "myworkgroup"
to "global_myname" and "global_myworkgroup" respectively.
This is to make it very explicit when we are messing
with a global (don't ask - it makes the domain client
code much clearer :-).
Jeremy.
loadparm.c: Started add of 'security=domain' code.
password.c: Fix for security=server NT bugs.
reply.c: Started add of 'security=domain' code.
server.c: Started add of 'security=domain' code.
smb.h: Started add of 'security=domain' code.
Jeremy.
load time (patch from "Marty Leisner" <leisner@sdsp.mc.xerox.com>.
server.c: Patch from Josef Hinteregger <joehtg@joehtg.co.at> - string
could be overwritten when find_service() called recursively.
Jeremy.
+ improvement to smbtar to allow exclusion/inclusion of system and
hidden files, and to generate a listing of what has been archived
in a format useful for automated backup systems.
+ add the "Softq" spooling system to samba's printing capabilities.
+ I have "fixed" the intrusion of US style dates into samba reporting
as well. The format yyyy/mm/dd is not only uunambiguous, but also
has the benefit of making lexicographic sorts work correctly.
Jeremy.
parameter which allows the new change password code to change the
unix password also. Defaults to OFF.
includes.h: Added termios.h to FreeBSD to allow password changing.
namequery.c: Fixed missing name parameters to debug statements.
Jeremy.
"name resolve order" parameter.
source/Makefile: Re-ordered link for name resolve order code.
source/clientgen.c:
source/clientutil.c: Added calls to resolve_name().
source/includes.h: Added HPUX zombie fix.
source/loadparm.c: Added new name resolve order parameter.
source/namequery.c: Re-wrote to include parsing of lmhosts file, new resolve_name()
function requested by John.
source/nmbd.c: Tell resolve_name not to do WINS lookups if we are the WINS server.
source/nmbd_lmhosts.c: Call lmhosts parsing functions in namequery.c
source/password.c: Call resolve_name() to lookup security=server name.
source/reply.c:
source/time.c:
source/trans2.c: "fake directory create times" fix from Jim Hague - hague@research.canon.com.au.
source/util.c: Removed isalnum() test in Get_Hostname() that seems to cause
problems on many systems.
Jeremy.
testparm.
In particular I added:
- ability to optionally save default values of all parameters when
calling lp_load(). This can then be used to save only non-default
parameters in lp_dump(). This makes the saved smb.conf (and viewed
parameters in testparm) much shorter
- ability to not load ipc share in lp_load()
- separators in parm_table[] so parameters can be grouped logically.
- flag to mark parameters that are local but which should be also
viewed as global as far as parameters editing is concerned
all I saw" - the book of Jeremy, chapter 1 :-).
So here is the mega-merge of the NTDOM branch server code.
It doesn't include the new client side pieces, we'll look
at that later.
This should give the same functionality, server wise, as
the NTDOM branch does, only merged into the main branch.
Any fixes to domain controler functionality should be
added to the main branch, not the NTDOM branch.
This code compiles without warnings on gcc2.8, but will
need further testing before we are sure all the working
functionality of the NTDOM server branch has been
correctly carried over.
I hereby declare the server side of the NTDOM branch
dead (and all who sail in her :-).
Jeremy.
These are some hacks on SWAT. Maybe users will actually be able to
work out how to use it now.
Unfortunately these changes required some editing in loadparm.c and
smb.h which will make Jeremys merge job harder. Sorry!
Kanji support is one case of multibyte character
support, rather than being a specific case in
single byte character support.
This allows us to add Big5 Chinese support (code page 950)
and Korean Hangul support (code page 949) at very little
cost. Also allows us to easily add future multibyte
code pages.
Makefile: Added codepages 949, 950 as we now support more multibyte
codepages.
asyncdns.c: Fixed problem with child being re-spawned when parent killed.
charcnv.c
charset.c
client.c
clitar.c
kanji.c
kanji.h
smb.h
util.c
loadparm.c: Generic multibyte codepage support (adding Big5 Chinese
and Korean Hangul).
nmbd.c: Fixed problem with child being re-spawned when parent killed.
mangle.c: Modified str_checksum so that first 15 characters have more
effect on outcome. This helps with short name mangling as
most 'long' names are still shorter than 15 chars (bug was
foobar_mng and foobar_sum would hash to the same value, with
the modified code they hash differently.
Jeremy.
This is the checkin that fixes the infamous Visual C++ 'file
has changed' bug.
I feel *SO* good about that :-).
charset.c: Added (void) to fix Herb's fussy compiler.
loadparm.c: Removed "win95 bug compatibility" (didn't
like it much anyway :-). Added "dos filetime resolution"
instead.
reply.c: Added the 2 second timestamp resolution fix that the song above is about.
time.c: Removed unneeded get_access_time() function.
trans2.c : Removed unneeded "win95 bug compatibility" code.
Jeremy.
loadparm.c: Added "win95 bug compatibility" parameter.
local.h: Replaced MAX_OPEN_FILES back to 100 from 10 (oops).
reply.c: Fixed ulogoff check against uid - changed to vuid.
server.c: Changed file struct save of uid - changed to vuid.
smb.h: Changed id in struct current_user to vuid.
Changed file struct uid to vuid.
time.c: Added "win95 bug compatibility" atime -> mtime return.
trans2.c: Added "win95 bug compatibility" fixes.
uid.c: Changed id in struct current_user to vuid - added checks
to set/reset it.
util.c: Added code to expand environment variables.
version.h : still at 1.9.18 (head branch doesn't matter too much at present).
Jeremy.
chgpasswd.c: Fixed typo in debug message.
includes.h: Fix include for aix.
kanji.c: Added cap_to_sj as inverse of sj_to_cap.
loadparm.c:
local.h:
password.c: Added code for "networkstation user login" parameter.
- patch from Rob Nielsen <ran@adc.com>.
printing.c: Added further aix printing fixes.
reply.c: Changed access time fetch to a function.
trans2.c: Changed access time fetch to a function.
time.c: Changed access time fetch to a function.
server.c: Made NT redirector workaround final.
util.c: Added debug for write_socket failing.
Jeremy.
I checked this out and it looks ok - the bzero() in init_service() was
overwriting the pointers pservice->szService and pservice->copymap
that should have been freed in copy_service() the line later. This
fix frees pservice->szService and pservice->copymap inside free_service()
and sets them to zero so they won't be freed again.
Jeremy.
server.c, util.c: Added fix for oplock break requests blocking due to server being
blocked in read call. Bug found by Charles Hoch <hoch@hplcgh.hpl.hp.com>.
Jeremy.
docs/smb.conf.5: Removed unused NTDOMAIN params. Added new params.
source/loadparm.c: Put #ifdef NTDOMAIN around unused params.
source/nmbd_become_lmb.c: Removed check for workgroup name in lmb name.
Jeremy.
back into the main tree.
For the cvs logs of all the files starting nmbd_*.c, look
in the JRA_NMBD_REWRITE branch. That branch has now been
discontinued.
Jeremy.
to use lpstat to obtain the printer list on systemV systems.
I've now made this the default on all SYSV systems.
Jeremy, you were a little worried about the security of this patch. I
believe it's OK as the user has no control over the options given to
popen() and the pipe is only open for reading.
[%U]
path = %H
to get a new homes area. I wonder when it broke?
Anyway, I've fixed it. We can all rest easy now, knowing that you
really can produce an incomprehensible smb.conf and get it to work.
"interpret_security" and similar functions. This also means that
testparm produces string values for these enumerated types rather than
an integer. This was done to make the web interface much cleaner.
While I was doing this I found a couple of very nasty bugs in the
parm_table code. Someone had added a handle_character_set() function
that treated the char** pointer for a P_STRING as an integer! This
would have caused memory corruption for anyone using the "character
set" option. The loadparm code is delicate - please be careful about
using it's more esoteric features!
I've also removed the "coding system" global and made it a
P_STRING. The integer value was never used anywhere in Samba.
Modified Files:
---------------
Makefile:
adding extra files
ipc.c :
send_trans_reply() - alignment issue. this makes the alignment
the same as that in NT. this should be looked at by people who
understand the SMB stuff better than i.
api_fd_commands[] - added samr and wkssvc pipes.
loadparm.c :
lp_domain_controller() changed to mean "samba is a domain controller".
it's a "yes/no" parameter, now. no, it isn't used _anywhere_.
namedbwork.c nameelect.c :
if "domain controller = yes" then add SV_TYPE_DOMAIN_CTRL to the
host _and_ workgroup announcements. yes, you must do both: nt does.
namelogon.c :
important NETLOGON bug in SAMLOGON request parsing, which may be
the source of some people's problems with logging on to the Samba PDC.
password.c :
get_smbpwnam() renamed to get_smbpwd_entry().
pipes.c :
added samr and wkssvc pipes.
proto.h :
usual. can we actually _remove_ proto.h from the cvs tree, and
have it as one of the Makefile dependencies, or something?
reply.c :
get_smbpwnam() renamed to get_smbpwd_entry() - also changed response
error code when logging in from a WORKSTATION$ account. yes, paul
is right: we need to know when to return the right error code, and why.
server.c :
added call to reset_chain_pnum().
#ifdef NTDOMAIN added call to init_lsa_policy_hnd() #endif. jeremy,
you'd be proud: i did a compile without NTDOMAIN, and caught a link
error for this function.
smb.h :
defines and structures for samr and wkssvc pipes.
smbpass.c :
modified get_smbpwnam() to get_smbpwd_entry() and it now takes
two arguments. one for the name; if this is null, it looks up
by smb_userid instead.
oh, by the way, smb_userids are actually domain relative ids
(RIDs). concatenate a RID with the domain SID, and you have
an internet globally unique way of identifying a user.
we're using RIDs in the wrong way....
added mod_smbpwnam() function. this was based on code in smbpasswd.c
rpc_pipes/lsaparse.c :
added enum trusted domain parsing. this is incomplete: i need
a packet trace to write it properly.
rpc_pipes/pipe_hnd.c :
added reset_chain_pnum() function.
rpc_pipes/pipenetlog.c :
get_smbpwnam() function renamed to get_smbpwd_entry().
arcfour() issues.
removed capability of get_md4pw() function to automatically add
workstation accounts. this should either be done using
smbpasswd -add MACHINE$, or by using \PIPE\samr.
rpc_pipes/pipe_util.c :
create_pol_hnd() - creates a unique LSA Policy Handle. overkill
function: uses a 64 bit sequence number; current unix time and
the smbd pid.
rpc_pipes/smbparse.c :
arcfour() issues.
smb_io_unistr2() should advance by uni_str_len not uni_max_len.
smb_io_smb_hdr_rb() - request bind uses uint16 for the context
id, and uint8 for the num_syntaxes. oops, i put these both as
uint32s.
Added Files:
------------
rpc_pipes/lsa_hnd.c :
on the samr pipe, allocate and associate an LSA Policy Handle
with a SID. you receive queries with the LSA Policy Handle,
and have to turn this back into a SID in order to answer the
query...
rpc_pipes/pipesamr.c rpc_pipes/samrparse.c
\PIPE\samr processing. samr i presume is the SAM Replication pipe.
rpc_pipes/pipewkssvc.c rpc_pipes/wksparse.c
\PIPE\wkssvc processing. the Workstation Service pipe?
holy cow.
loadparm.c : to equivalent to version 1.67
reply.c : to equivalent to version 1.69
server.c : to equivalent to version 1.122
util.c : to equivalent to version 1.98
to remove the incorrect changes.
proto.h: The usual.
rpc_pipes/smbparse.c : Backeting stuff that SHOULD NOT BE IN THE
none-NTDOMAIN build !
Jeremy.
'<' and '|' characters indicate read file and execute command respectively,
and feed the output into the parameter (!!!).
'<$' and '|$' means run standard_sub_basic() on them.
this is going to be fun to document in smb.conf.5....
also, Christian created a new "online" service parameter. services can
be taken "off-line"....
added "domain hosts allow" and "domain hosts deny". these are to be
used to specify which workstations can log in to a samba PDC from.
it is also used to check whether to add an initial machine password
into the smbpasswd database or not
smbpass.c :
added capability to add a machine password to the smbpasswd database.
***** the default uid is zero *****
rpc_pipes/pipenetlog.c :
use of "domain hosts allow/deny" parameters to allow login access.
proto.h :
usual.
and made it private to the 2 shmem implementations. Added new
shmops->hash_size() function.
Added code to handle the IPC system limits by looping decreasing the
size of the resources (semaphores and shared memory) that we request
until we get under the system limits, which can be quite low on some
systems!
Added checks that the creator of the IPC objects is root. Otherwise we
would be open to a security hole where someone pre-creates the shared
memory segment and attaches.
added "domain other sids" parameter
pipenetlog.c :
using "domain other sids" parameter in SAM Logon response.
using new name_to_rid() function for r_uid and r_gid.
pipentlsa.c :
minor mods to do with new name_to_rid() function.
pipesrvsvc.c :
in the "net share enum" response, allocate some more space for the buffer.
there can be only 32 share entries in the response anyway. this needs
to be dealt with.
pipeutil.c :
modified name_to_rid() function to use new parameters "domain admin users"
and "domain guest users", but will otherwise do unix uid + 1000.
moved make_dom_gids() here.
proto.h:
the usual.
smb.h smbparse.c :
renamed sid_no to sid_rev_num in DOM_SID, and gid to r_gid in DOM_GID.
util.c :
moved make_dom_gids() from here.
created char *unistrn2(uint16* uni_buffer, int max_len)
added "domain admin users" parameter
added "domain guest users" parameter
these two complement the "domain groups" parameter. the "domain groups"
parameter should be for your own groups, and well-known aliases.
util.c :
added ability to do "domain groups = power_users admin_users backup_ops"
which are well-known RID aliases, not well-known RID groups.
pipenetlog.c :
combine the "domain admin users"; "domain guest users" and "domain groups"
parameters to give an array of RID groups to include in the SAM Logon
response.
ipc.c smb.h :
moved REALLOC() into smb.h
added RID #defines.
proto.h:
usual.
'dos filetimes' parameter for UTIME fix.
locking_shm.c: Fixed typo (sorry Andrew :-).
namepacket.c: Changed lp_interfaces_only() to lp_bind_interfaces_only().
proto.h: The usual.
reply.c: Made filetime calls use new file_utime call (wrapper for sys_utime).
server.c: Made filetime calls use new file_utime call (wrapper for sys_utime).
system.c: Added Andrew's sanity checks to times in sys_utime().
time.c: Moved set_filetime() to server.c. Made null_mtime()global.
trans2.c: Made filetime calls use new file_utime call (wrapper for sys_utime).
Jeremy (jallison@whistle.com)
added automount_server() function which, if -DAUTOMOUNT is in use,
returns the server name of the NIS auto.map entry. otherwise,
it returns local_server.
added use of automount_server() for a new substitution %N for NIS
home server. this defaults, via automount_server(), to the same
functionality as %L if -DAUTOMOUNT is not used.
removed vuser->home_share. moved code that grabbed the servername
into the separate function automount_server().
loadparm.c :
created "logon drive" (default of "")
created "logon home" (default of "\\%N\%U")
changed default of "logon path" from NULL to "\\%N\%U\profile".
ipc.c pipenetlog.c :
use lp_logon_drive(), lp_logon_home() and lp_logon_path() in their
now easier-to-use form (don't have to check if *lp_logon_path() and
manually substitute a default of \\%L\%U and do a standard_sub_basic()
on the result, because the default automatically does this.
