sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-26 10:04:02 +03:00
Code
28,607 Commits 60 Branches 1,146 Tags
Commit Graph

618 Commits

Author SHA1 Message Date
Volker Lendecke
88423a17b9 Make sure we have serversupplied_info->sanitized_username everywhere 2008-05-11 00:25:55 +02:00
Volker Lendecke
88e43097ca Add function make_serverinfo_from_username() 
This will be used for 'security=share' and 'force user'
 2008-05-10 11:17:00 +02:00
Volker Lendecke
e4a9492967 Add a mem_ctx argument to make_server_info_guest() 2008-05-10 11:16:59 +02:00
Volker Lendecke
a3651ced9e Make copy_serverinfo non-static, add mem_ctx 2008-05-10 11:16:59 +02:00
Volker Lendecke
b121a5acb2 Rename server_info->was_mapped to server_info->nss_token 
"nss_token" from my point of view much better reflects what this flag actually
represents
 2008-05-07 14:47:29 +02:00
Volker Lendecke
420de03523 Remove "userdom_struct user" from "struct user_struct" 2008-05-05 18:28:59 +02:00
Volker Lendecke
964bd02220 Fix a typo 2008-05-05 18:28:59 +02:00
Volker Lendecke
a33e8d2ffa Remove unused set_current_user_guest() 2008-05-05 18:28:59 +02:00
Gerald W. Carter
2983b9dc79 BUG 5429: Clarify log msgs re: failure to create BUILTIN\{Administrators,Users} 
Raise the debug msgs from Lvl 0 in the create_builtin_XX() functions
to prevent unnecessary panic from people reading the logs.
 2008-04-30 09:43:00 -05:00
Michael Adam
6bb107b17d auth: add SeDiskOperatorsPrivilege to get_root_nt_token to fix registry shares. 
Michael
 2008-04-15 20:41:14 +02:00
Karolin Seeger
6cee347035 Fix typos. 
Karolin
 2008-04-09 16:14:04 +02:00
Günther Deschner
65b4cb20ea Use sid_array_from_info3 in lookup_usergroups_cached(). 
Guenther
 2008-04-04 02:53:40 +02:00
Günther Deschner
0970369ca0 Fix NETLOGON credential chain with Windows 2008 all over the place. 
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8
netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate
flags everywhere (not only when running in security=ads). Only for NT4 we need
to do a downgrade to the returned negotiate flags.

Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6.

Guenther
 2008-04-02 11:12:47 +02:00
Günther Deschner
0ad00a452f Add debug statement in auth_winbind to display wbcAuthenticateUserEx error code. 
Guenther
 2008-03-26 01:29:56 +01:00
Günther Deschner
dbc7237a8a Fix crash bug in check_sam_security() when make_server_info_sam() did a 
talloc_steal and talloc_free on the sam account already.

Guenther
 2008-03-20 00:54:20 +01:00
Volker Lendecke
f18a805759 Fix bug 5317 
Thanks to oster@cs.usask.ca
 2008-03-14 22:23:44 +01:00
Volker Lendecke
f94a63cd8f Use a separate tdb for mutexes 
Another preparation to convert secrets.c to dbwrap: The dbwrap API does not
provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC
mutex is needed per-node anyway, so it is perfectly fine to use a local mutex
only.
 2008-03-10 21:08:45 +01:00
Günther Deschner
18b8c2c19e Be more verbose why create local token has failed during 
NTLMSSP and Kerberos session setup

Guenther
 2008-03-06 12:27:11 +01:00
Günther Deschner
92fca97951 Use netr_SamInfo3 in remaining places. 
Guenther
 2008-02-17 02:12:01 +01:00
Günther Deschner
5866c11b28 Use netr_SamInfo3 in make_server_info_info3(). 
Guenther
 2008-02-17 02:11:59 +01:00
Jeremy Allison
b7628f3a47 Allow auth_ntlmssp_end() to ignore null pointers passed in. 
Jeremy.
 2008-02-14 18:05:37 -08:00
Stefan Metzmacher
e3435930a3 auth_winbind: use wbcAuthenticateUserEx() 
smbd doesn't need $(WBCOMMON_OBJ) anymore,
it works with any libwbclient.so now
and may talk to an older winbindd.

metze
 2008-02-13 13:30:16 +01:00
Karolin Seeger
906e19bad4 Fix typo. 
Karolin
 2008-02-05 16:23:09 +01:00
Volker Lendecke
e2c9fc4cf5 Always pass a TALLOC_CTX to str_list_make and str_list_copy 2008-02-04 20:57:49 +01:00
Volker Lendecke
22e49ef2c0 tiny simplification 2008-02-04 19:41:04 +01:00
Andreas Schneider
5aadfcdaac Windows 2008 (Longhorn) auth2 flag fixes. 
Interop fixes for AD specific flags. Original patch from Todd Stetcher.
 2008-01-23 14:55:22 -08:00
Jeremy Allison
d61831164b Fix CID 460 - resource leak on error. 
Jeremy.
 2008-01-08 18:48:04 -08:00
Michael Adam
6b2b9a60ef Convert add_sid_to_array() add_sid_to_array_unique() to return NTSTATUS. 
Michael
 2008-01-09 01:47:10 +01:00
Jeremy Allison
e289a0c859 More logical operations on booleans. IBM checker. 
Jeremy.
 2008-01-04 23:24:15 -08:00
Volker Lendecke
22a98bf7b8 Fix a panic 
get_root_nt_token asks for "struct nt_user_token". talloc_get_type is not smart
enough to see that this is the same as NT_USER_TOKEN... :-)
 2007-12-29 21:42:56 +01:00
Volker Lendecke
fada689893 Convert get_root_nt_token to memcache 2007-12-28 17:24:39 +01:00
Volker Lendecke
dbcc213710 Remove static zeros 2007-12-28 17:02:34 +01:00
James Peach
22ac34a329 Fix "may be used uninitialized" compiler warnings. 2007-12-22 14:10:06 -08:00
Gerald (Jerry) Carter
42787bccff De-couple smbd from staticly linking against winbindd client files. 
Implements a wrapper layer in winbind_util.c which are just stubs
if compiled --without-winbind.  When building with winbindd, it
is now required to build the libwbclient DSO first (in the Makefile)
and then either set LD_LIBRARY_PATH or /etc/ld.so.conf to pick up the
library PATH.
 2007-12-21 11:59:56 -06:00
Volker Lendecke
735f593154 Remove Get_Pwnam and its associated static variable 
All callers are replaced by Get_Pwnam_alloc
 2007-12-19 21:09:10 +01:00
Jeremy Allison
299ea5d122 Correctly define prototypes for accessor functions. 
Jeremy.
 2007-12-17 17:13:31 -08:00
Jeremy Allison
dcf624aa02 More static fstring removal. 
Jeremy.
 2007-12-17 17:02:48 -08:00
Michael Adam
5249b3d204 Reformat: Remove trailing spaces. 
Michael
 2007-12-17 13:25:49 +01:00
Michael Adam
46bfbf5c8a Fix flags in caller of lookup_name() in create_builtin_administrators(). 
Michael
 2007-12-17 13:06:09 +01:00
Jeremy Allison
2a700c5a57 Remove another static string and static passwd. 
Jeremy.
 2007-12-16 18:32:03 -08:00
Volker Lendecke
bb35e794ec Replace sid_string_static by sid_string_dbg in DEBUGs 2007-12-15 22:09:36 +01:00
Volker Lendecke
f00ab810d2 Use sid_string_talloc where we have a tmp talloc ctx 2007-12-15 22:09:35 +01:00
Michael Adam
da23684261 Fix typo in debug statement. 
Michael
 2007-12-13 14:38:05 +01:00
Michael Adam
0cde7ac9cb Rename get_trust_pw() to get_trust_pw_hash(). 
Michael
 2007-12-13 10:15:19 +01:00
Michael Adam
6ced4a7f88 Let get_trust_pw() determine the machine_account_name to use. 
Up to now each caller used its own logic.

This eliminates code paths where there was a special treatment
of the following situation: the domain given is not our workgroup
(i.e. our own domain) and we are not a DC (i.e. it is not a typical
trusted domain situation). In situation the given domain name was
previously used as the machine account name, resulting in an account
name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me.
get_trust_pw would not have obtained a password in this situation
anyways.

I hope I have not missed an important point here!

Michael
 2007-12-13 10:15:17 +01:00
Volker Lendecke
aec5f15126 Correctly unbecome_root() on error 2007-12-10 12:37:37 +01:00
Volker Lendecke
60500fac30 Fix two incompatible pointer warnings 
Jeremy, please check
 2007-12-08 09:39:20 -08:00
Jeremy Allison
ec003f3936 Remove next_token - all uses must now be next_token_talloc. 
No more temptations to use static length strings.
Jeremy.
 2007-12-07 17:32:32 -08:00
Jeremy Allison
0002a9e96b Remove pstrings from everything except srv_spoolss_nt.c. 
Jeremy.
 2007-11-27 14:35:30 -08:00
Jeremy Allison
72c19d114b Remove pstring from auth/* 
Jeremy.
 2007-11-14 10:37:18 -08:00