IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
source/Makefile.in
- changes to ctags and etags rules that somehow got lost along the way.
source/include/proto.h
- make proto
source/smbd/sec_ctx.c
source/smbd/password.c
- merge debugs for debugging user groups and NT token stuff.
source/lib/util_str.c
- capitalise domain name returned from parse_domain_user()
source/nsswitch/wb_client.c
- fix broken conditional in debug statement.
source/include/rpc_secdes.h
source/include/rpc_spoolss.h
source/printing/nt_printing.c
source/lib/util_seaccess.c
- fix printer permission bugs related to ACE masks for printers.
This adds mapping of generic access rights to object specific
rights for NT printers. Still need to work out whether or not to
ignore ACEs with certain flags set, though. See comments in
util_seaccess.c:check_ace() for details.
source/printing/nt_printing.c
source/printing/printing.c
- use PRINTER_ACCESS_ADMINISTER instead of JOB_ACCESS_ADMINISTER
until we sort out printer/printjob permission stuff.
(This used to be commit 1dba9c5cd1e6389734c648f6903abcb7c8d5b2f0)
rewrote unistr2_to_ascii() to correct a bug seen on SGI boxes.
rpc_parse/parse_misc.c:
rpc_parse/parse_prs.c:
rewrote of BUFFER5 handling to NOT byteswap when it was already in
network byte order.
rpc_parse/parse_samr.c:
cleanup of samr_io_q_lookup_domain(), remove the over-parsing by 2
bytes.
rpc_server/srv_lsa.c:
UNISTR2 strings need to be NULL terminated to pleased W2K.
rpc_server/srv_spoolss_nt.c:
use snprintf instead of safe_strcpy as we want the string
truncated at 32 chars.
That should fix SUN and SGI box not able to act as printserver and the
problem with joining from a W2K wks.
J.F.
(This used to be commit 69fe739303b105f2c488f266f13977da1b6b201d)
in fixes from appliance-head and 2.2. Fixed multiple connection.tdb open
problem.
Jeremy.
(This used to be commit 0a40bc83e14c69a09948ec09bb6fc5026c4f4c14)
o added some comments
o abstracted a few code bits
o cleaned up some code by removing unused code paths
-- jerry
(This used to be commit 679453af36c06ae9c82dd20742a56272ec73f427)
o check the username in all lowercase
o check the username as transmitted if this would be a different case
o check the username in all upper case if this is a new version
-- jerry
(This used to be commit 059f4fee5d8ad72cd699995c660263ed2cc4f25f)
Gerald, could you check to see I haven't introduced any bugs into
rpcclient/cmd_spoolss.c?
(This used to be commit 77b0bda4df3217cd186d5b8f902a50f35346d98d)
ACL patch from http://acl.bestbits.at/.
configure support needs more work (just assumes correct headers at
the moment). ACL writing needs adding.
Jeremy.
(This used to be commit 6ae63e502e6adf3666a34aa87860c74e106fdb84)
Currently does exactly the same thing (returns ACLs the same way). This
code is written to try and get a POSIX ACL via the abstract sys_XX interface,
then fall back to providing a UNIX based ACL if the calls fail. Seems to
work. Next step is to add a --with-posix-acls to configure.in and then
check on a POSIX ACL system that a complex ACL is returned correctly
as an NT ACL. Note that the ACL set (a more complex problem) is not
addressed yet.
Jeremy.
(This used to be commit 4339e20202a876dbadc07980b731f711463b7299)
a --with-spinlocks option to configure, this does mean the on-disk tdb
format has changed, so 2.2alphaX sites will need to re-create their
tdb's. The upside is no more tdb fragmentation and a +5% on netbench.
Swings and roundabouts....
Jeremy.
(This used to be commit 9dea7b7c257db487f8ced7dad3fce92fba03ea91)
o added BOOL own_memory flag in SAM_ACCOUNT so we could
use static memory for string pointer assignment or
allocate a new string
o added a reference TDB passdb backend. This is only a reference
and should not be used in production because
- RID's are generated using the same algorithm as with smbpasswd
- a TDB can only have one key (w/o getting into problems) and we
need three. Therefore the pdb_sam-getpwuid() and
pdb_getsampwrid() functions are interative searches :-(
we need transaction support, multiple indexes, and a nice open
source DBM. The Berkeley DB (from sleepycat.com seems to fit
this criteria now)
o added a new parameter "private dir" as many places in the code were
using lp_smb_passwd_file() and chopping off the filename part.
This makes more sense to me and I will docuement it in the man pages
o Ran through Insure-lite and corrected memory leaks. Need for
a public flogging this time Jeremy (-:
-- jerry
(This used to be commit 4792029a2991bd84251d152a62b1033dec62cee2)
the problem had nothing to do with being your own pid, it was instead
a problem with IPC$ connections not being registered in the
connections database and an incorrect test for -1 in the messaging
code.
These changes also mean that IPC$ shares now show up in
smbstatus. That is probably a good thing.
(This used to be commit 3575ad10985a18f897e38179ca69fa9a49a7ea02)
messaging system as a notification mechanism, and the speed of notification
greatly exceeds the speed of message recovery, then you get a massively (>75Mb)
growing tdb. If the message is a simple notification, then the message is
static, and you only need one of them in transit to a target process at
any one time.
This patch adds a BOOL "allow_duplicates" to the message_send_XX primitives.
If set to False, then before sending a message the sender checks the existing
message queue for a target pid for a duplicate of this message, and doesn't
add to it if one already exists.
Also added code into msgtest.c to test this.
Jeremy.
(This used to be commit 3aa7995660395ecb85c8e35b638fa9fbbb952558)
a byte range lock (write lock only, but Win2k breaks on read lock also so I
do the same) - if you think about why, this is obvious. Also fixed our client
code to do level II oplocks, if requested, and fixed the code where we would
assume the client wanted level II if it advertised itself as being level II
capable - it may not want that.
Jeremy.
(This used to be commit 213cd0b5192307cd4b0026cae94b2f52fb1b0c02)
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+)
are broken, but they were somewhat broken before. :)
The following functions implement the storage manipulation interface
/*The following definitions come from passdb/pdb_smbpasswd.c */
BOOL pdb_setsampwent (BOOL update);
void pdb_endsampwent (void);
SAM_ACCOUNT* pdb_getsampwent (void);
SAM_ACCOUNT* pdb_getsampwnam (char *username);
SAM_ACCOUNT* pdb_getsampwuid (uid_t uid);
SAM_ACCOUNT* pdb_getsampwrid (uint32 rid);
BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass);
BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override);
BOOL pdb_delete_sam_account (char* username);
There is also a host of pdb_set..() and pdb_get..() functions for
manipulating SAM_ACCOUNT struct members. Note that the struct
passdb_ops {} has gone away. Also notice that struct smb_passwd
(formally in smb.h) has been moved to passdb/pdb_smbpasswd.c
and is not accessed outisde of static internal functions in this
file. All local password searches should make use of the the SAM_ACCOUNT
struct and the previously mentioned functions.
I'll write some documentation for this later. The next step is to fix
the TDB passdb backend, then work on spliting the backends out into
share libraries, and finally get the LDAP backend going.
What works and may not:
o domain logons from Win9x works
o domain logons from WinNT 4 works
o user and group enumeration
as implemented by Tim works
o file and print access works
o changing password from
Win9x & NT ummm...i'll fix this tonight :)
If I broke anything else, just yell and I'll fix it. I think it
should be fairly quite.
-- jerry
(This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389)
the list of groups a user is in succeeds via winbind, we must allow the
lookup of the group name -> gid we are checking if the user is a member
of to go via winbind or /etc/group - as it may be a group on the local
box we are checking against. This is a subtle one.....
Jeremy.
(This used to be commit 4ffda462b97e4f35c6d050c579dfe3e3b64e2c9f)
CVS commit access :-) has written a simple routine that peeks inside the
MS PE printer driver file format and can tell if a driver is W2K or NT4.x.
So we can now correctly return the driver version number. Hurrah !
JF - this is the code you always wanted ..... :-) :-).
Jeremy.
(This used to be commit fd17374e6d888813f4ed7142480cf93b8a16bfef)
falling back to the UNIX calls on error. This should fix all problems with
smbd enumerating all users in all groups in all trusted domains via winbindd.
Also changed GETDC to query 1C name rather than 1b name as only the PDC
registers 1b.
Jeremy.
(This used to be commit 5b0038a2afd8abbd6fd4a58f5477a40d1926d498)
REQ_DEBUGLEVEL messages
utils/smbcontrol.c allow "q" to exit interactive mode. Exit on error
from message_init.
(This used to be commit cda8c0439113dcce02a681b0aaddf69326c0ec9a)
