IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Win2008 domain (merged from v3-0-test).
commit 8dc4e97977
Author: Steven Danneman <sdanneman@isilon.com>
Date: Wed May 7 13:34:26 2008 -0700
spnego SPN fix when contacting trusted domains
cli_session_setup_spnego() was not taking into consideration the situation
where we're connecting to a trusted domain, specifically one (like W2K8)
which doesn't return a SPN in the NegTokenInit.
This caused two problems:
1) When guessing the SPN using kerberos_get_default_realm_from_ccache() we
were always using our default realm, not the realm of the domain we're
connecting to.
2) When falling back on NTLMSSP for authentication we were passing the name
of the domain we're connecting to for use in our credentials when we should be
passing our own workgroup name.
The fix for both was to split the single "domain" parameter into
"user_domain" and "dest_realm" parameters. We use the "user_domain"
parameter to pass into the NTLM call, and we used "dest_realm" to create an SPN
if none was returned in the NegTokenInit2 packet. If no "dest_realm" is
provided we assume we're connecting to our own domain and use the credentials
cache to build the SPN.
Since we have a reasonable guess at the SPN, I removed the check that defaults
us directly to NTLM when negHint is empty.
(This used to be commit b78b14c88e)
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc5)
but the code suffered from bitrot and is not now reentrant. That means
we can get bizarre behaviour
i've fixed this by making next_token() reentrant and creating a
next_token_nr() that is a small non-reentrant wrapper for those lumps
of code (mostly smbclient) that have come to rely on the non-reentrant
behaviour
(This used to be commit 674ee2f1d1)
send unaligned unicode strings sometimes!
Fixed our handling of the workgroup name tacked on the end of the
NT1 negprot response (a unaligned unicode)
fixed a couple of places where we should be using the message_end fns instead
of pre-calculated buffer lengths
(This used to be commit 86613493a9)
it will avoid problems with lists being longer than 1024 bytes
just now only ip list parameters have been converted to the new type
(hosts allow, hosts deny, ssl hosts, ssl hosts resign)
(This used to be commit e1572f85d6)
+ a fix to an infinite loop in srv_samr_nt.c caused by misuse of
setgrent/getgrent/endgrent solved by these new functions
(This used to be commit 97dbb54a13)
the pam password change code to ensure that existing and working password
chat scripts don't break with 2.2.1. PAM password changing has to be explicitly
requested.
Allowed wildcards in pam password change matching (matches password chat
script matching). Had to add const (sorry Tim :-) to ms_fnmatch() to
stop warnings. Don't worry - the const changes are isolated and don't
cause any other warnings :-).
Jeremy.
(This used to be commit 47b4d82536)
Nigel Williams who did NIS/GINA !) to implement add/modify/delete shares
for Win2k. Needs testing as I made a few mods to the original code.
Jeremy.
(This used to be commit 9b3dd80176)
remove global static PAM variables, and to tidy up the PAM internals code.
Now looks like the rest of Samba.
Still needs testing.
Jeremy.
(This used to be commit 1648ac64a7)
- cleaned up GNUC printf attribute macros
- added enum handling in mkproto
- removed non-vararg code
- made slprintf and vslprintf just macros for snprintf and vsnprintf
- don't need slprintf code any more
(This used to be commit c7aeb2254d)
for memory allocation. This fixes a long standing seg fault
(i knew i would get around to it one day :) )
Tested with NT4 and Win2k. Needs a little more testing with the
"create the machine account on the fly" code for NT4.
Simo, this is probably going to break the tdb passdb code.
Can you look at that when you get a chance and see what you think?
(This used to be commit 1c13110873)
Only set this to "on" if you know you have your PAM set up correctly.....
NB. Doesn't apply to plaintext password authentication, which must use
pam when compiled in.
Jeremy.
(This used to be commit 59aa99f390)
horrid utmp hostname parameter - now uses the client name instead.
Also tidies up some of the unencrypted password checking when PAM
is compiled in.
FIXME ! An pam_accountcheck() is being called even when smb encrypted
passwords are negotiated. Is this the correct thing to do when winbindd
is running ! This needs *SEVERE* testing....
Jeremy.
(This used to be commit 071c799f47)
configure.in:
include/config.h.in:
include/profile.h:
smbd/vfs-wrap.c:
smbd/vfs.c:
Added fchmod and fchown to VFS (sorry Gerald - but we needed them anyway).
smbd/dosmode.c:
smbd/files.c:
printing/printfsp.c:
smbd/close.c:
smbd/open.c:
Fixed "dos filemode" correctly so there are no race conditions. Forces test
of open of file O_WRONLY before allowing fchmod as root. Afterwards, calls
standard close function that preserves POSIX locks due to POSIX-me-harder
braindamage. :-). Andrew please review this code.
Also - in removing the tmpdir param in smbrun an extra NULL parameter
was missed in each print_run_command() call (which is a varargs fn.).
Now fixed.
Jeremy.
(This used to be commit 32397e5bc6)
return a malloced area so added sys_acl_free_qualifier() calls to all supported
ACL interfaces to code with this (only Linux needs actual free call).
Jeremy.
(This used to be commit 5870e6019b)
exist for printer. Rather than using pid for suffix, use a 16 byte random
string. Created generate_random_str() function in genrand.c. Still needs
more testing but this is the way to go.
Jeremy.
(This used to be commit 71a330987f)
function (same for NET_SHARE_DELETE and NET_SHARE_SET) we will be able to manage
the shares section in smb.conf via NT server manager........
This should enhance the friendliness of Samba in NT-only shops by an order of
magnitude.
Jeremy.
(This used to be commit a2cd5f2ba1)
I worked out and added the per-share get/set RPCs for security descriptors.
Currently this code returns Everyone, full access on get and permission denied
on set, but backending this with a tdb and checking it on tconX (to give full NT
semantics for security on shares) is now an excersise for the reader... :-).
Jeremy.
(This used to be commit 3bfd155ba7)
rpc_server/srv_lsa_hnd.c: Remove back pointer from policy handle list as the pipe
that opened the handle may have been closed. We were dereferencing
into something that had been closed.
rpc_parse/parse_spoolss.c: Sync up with Gerald's changes in 2.2.
lib/replace.c: Don't do proto on setlinebuf as it differs between systems.
Jeremy.
(This used to be commit 887ef3e12d)
for setlinebuf which apparantly doesn't exist on HPUX 11.
include/byteorder.h:
rpc_parse/parse_prs.c:
Ding Dong the witch is dead ! :-). Ok, I'm happy 'cos I've finally deleted
all the *HORRIBLE* DBG_RW_XXX and RW_XXX macros from include/byteorder.h.
They were macros that included macros that had conditional macros included.
No one understood them (they were the cause of most of the bigendian issue
bugs). Finally, I went into parse_prs.c and inlined all of that stuff with
regular function calls. They're understandable, they're easy to edit and
they don't include macros !
JF - please look at the one comment I added (JF PLEASE CHECK). I have
tested this partly with IRIX (a bigendian system) running with AS/U on
a Solaris box in SGI's lab, and I've also confirmed these new changes
work with W2K (vmware) but there may be the odd bug lurking. Herb, if
you could re-checkout and test again with this code that would help.
Extra. Fixed bug spotted by the sharp eyes of JF - big endian unicode
packet would cause a early truncate of string parsing as we were checking for a char *
0, not a uint16 * 0.
Jeremy.
(This used to be commit 13765eca71)
added srvstr_push_ascii() and srvstr_pull_ascii() as convenience
routines to replace the current usage of strncpy() like fns
for packet pull/push. We need to do this in *lots* of places
in Samba in order to get our codepage handling right
(This used to be commit 8b0e3679a6)
when copying to a full disk problem, I discovered that we were not allowing
the delete on close flag to be set properly, this led to other things, and
after investigation of the proper delete on close semantics and their relationship
to the file_share_delete flag I discovered there were some cases where we
weren't doing the deny modes properly. And this after only 5 years working
on them..... :-) :-).
So here's the latest attempt. I realised the delete on close flag needs to
be set across all smbds with a dev/ino pair open - in addition, the delete
on close flag, allow share delete and delete access requested all need to
be stored in the share mode tdb.
The "delete_on_close" entry in the fsp struct is now redundant and should
really be removed. This may also mean we can get rid of the "iterate_fsp"
calls that I didn't like adding in the first place. Whilst doing this patch,
I also discovered we needed to do the se_map_generic() call for file opens
and POSIX ACL mapping, so I added that also.
This code, although ugly, now passes the deny mode torture tests plus the
delete on close tests I added. I do need to add one more multiple connection
delete on close test to make sure I got the semantics exactly right, plus we
should also (as Andrew suggested) move to random testing here.
The good news is that NT should now correctly delete the file on disk
full error when copying to a disk :-).
Jeremy.
(This used to be commit 51987684bd)
First one adds a new info level into the lanman printing and an ioctl to the trans2 code.
Andrew - this uses ASCII only. It looks ok to me but please check !
Second one adds a parameter "os2 driver map" that allows OS/2 driver names to be mapped.
Jeremy.
(This used to be commit da79b519e0)
include/proto.h: Fix missing (void) in proto.
rpc_server/srv_samr_nt.c: Fix user private group problem by filtering out groups that
clash with users.
smbd/posix_acls.c: Ensure default ACE's are sensible.
utils/pdbedit.c: Fix from Simo Sorce.
Jeremy.
(This used to be commit 29414fe0d6)
this allows users to disable the cross-subnet browse extensions that I
added to Samba a couple of years ago. This may be useful for getting
rid of empty workgroups.
(This used to be commit 978980050e)
it now uses outbuf not inbuf for the unicode flag, which
allows for some server fns to be ascii and means one less
parameter in push calls
(This used to be commit a6dd666226)
now in pipe struct (where used) rather than user_struct.
Secured machine account password changing in srv_netlog_nt.c - ensure
that only the given machine can change its own password. May need to
free this up later for NT admin tools, but this is a fail-safe secure
position for now.
Jeremy.
(This used to be commit 46b12f2275)
We were reading the endainness in the RPC header and then never propagating
it to the internal parse_structs used to parse the data.
Also removed the "align" argument to prs_init as it was *always* set to
4, and if needed can be set differently on a case by case basis.
Now ready for AS/U testing when Herb gets it set up :-).
Jeremy.
(This used to be commit 0cd37c831d)
I'm having problems with talloc_realloc in the 2.2 branch and I
want a stable reference.
The only problem is this breaks the clean auto-generated code
in *one* call in srv_spoolss.c (the rfnpcnex call).
Jeremy.
(This used to be commit 57a9340cba)
pool is getting bloated. Also added a talloc_zero function to return zeroed memory.
Added debug in rpc_server/srv_pipe_hnd.c so we know when a talloc pool is being
freed. Syncup with srv_pipe_hnd.c from 2.2 so we are freeing memory at the same time.
Jeremy.
(This used to be commit d3a56c6042)
rpc_parse/parse_dfs.c: Had to add buffer overrun checking ! HOW DID THIS GET IN HERE !
rpc_parse/parse_prs.c: Ensure prs_alloc_mem does a memset of zero before returning.
Jeremy.
(This used to be commit c9a6a17025)
I've currently got this code disabled by default as it is
incomplete. You enable it by setting a USE_UNICODE environment
variable. Once the support is complete this check will be removed and
the CAP_UNICODE capability bit will be the sole determination of
whether the client library code uses unicode
right now I have converted session_setup and tconx. I will do more fns
over the next few days.
see clistr.c for the new client side string interface. Luckily it
tends to make the code smaller and neater while adding unicode
support.
(This used to be commit e1a04e621f)
srv_samr.c: duplicate gid fix.
srv_spoolss_nt.c: Merge of JF's work.
uid.c: Fix for returning names when a PDC.
Jeremy.
(This used to be commit d938ad6963)
with a PDC that has international netbios name and domain name. There's
still quite a bit of i18n stuff to fix though...
(This used to be commit 79045bd72a)
source/rpc_server/srv_spoolss_nt.c
source/rpc_server/srv_spoolss.c
source/include/proto.h
- correct checking of access_required in openprinterex as talked
with John R. and Jerry.
You can only do server stuff (adding printers, changing forms,
..) if you're root or if user is in printer admin list.
Printers options are grayed if you don't have the
PRINTER_ADMINISTER flag in the secdesc.
(This used to be commit f449d871bf)
source/include/proto.h
- make proto
source/printing/nt_printing.c
source/rpc_server/srv_spoolss_nt.c
- Fix for the overwriting of printerdata entries when WinNT and
Win2k are modifying printer parameters on PCL printers. Turns out
that Win2k creates a printer with a NULL devmode entry and then
expects to set it on *OPEN* (yes this is insane). So we cannot
return a "default" devmode for a printer - and we must allow an
open to set it.
source/tdb/tdb.c
- Show freelist in an easier format. Show total free.
- When storing a new record, allocate memory for the key + data
before the tdb_allocate() as if the malloc fails a (sparse) hole
is left in the tdb.
source/tdb/tdbtool.c
- Show freelist in an easier format. Show total free.
source/tdb/Makefile
- cleaned up Makefile dependancies
source/smbd/lanman.c
- Fix for Win9x corrupting it's own parameter string.
source/printing/printfsp.c
source/printing/printing.c
source/rpc_server/srv_spoolss_nt.c
source/smbd/close.c
- Added normal close parameter into print_fsp_end() which treats an
abnormal close as error condition and deletes the spool file.
(This used to be commit 025f7a092a)
clients. Did this by importing Samba-TNG code that correctly handles LSA
lookups.
*MANY* thanks to Luke, Sander, Elrond and the rest of the TNG gang !
Jeremy
(This used to be commit f76dc952f7)
source/rpc_server/srv_spoolss_nt.c
- add an access check to _spoolss_deleteprinter() to stop random
users and passers by from deleting printers.
source/lib/messages.c
- converted global msg_all struct to a local in message_send_all()
function.
source/include/smb.h
- added a success error code to the spoolss return codes.
source/include/proto.h
source/param/loadparm.c
source/printing/printing.c
- Added new parameter "total print jobs" to limit the total number
of print jobs across all queues. Currently individual queues are
limited by "max print jobs".
(This used to be commit 02f154e729)
smbd/vfs-wrap.c:
smbd/vfs.c: Added fchmod_acl and chmod_acl.
lib/substitute.c:
smbd/lanman.c:
smbd/open.c:
smbd/process.c:
smbd/reply.c:
smbd/service.c: Removed sessetup_user variable. Added current_user_info struct
which conatins domain info etc. Added '%D' for client domain parameter.
Jeremy.
(This used to be commit 2844ec3d51)
source/include/proto.h
source/include/rpc_spoolss.h
source/rpc_parse/parse_spoolss.c
source/rpc_server/srv_spoolss.c
source/rpc_server/srv_spoolss_nt.c
- speedups in printer queue enumeration - still room for
improvement. The construct_dev_mode() still creates and destroys
a printer info_2 structure every time it is called.
- fixed job->devmode memory leak
- converted printer job notification routines to use tallocated
memory rather than a fixed 2K buffer. This reduces the memory
requirements of a 4500 job queue enumeration from 90MB to about
16MB.
(This used to be commit 7853b27bc1)
smbd/reply.c:
Added fix needed for appliances. When using winbindd - a new user may
exist (from winbind) but have no home directory. Extend add user script
so it is called with a %H substitution when a user exists but their home
directory does not. Thanks to Alex Win at VA Linux for finding this one
and testing the fix.
libsmb/clidgram.c: Fixed missing return statements.
smbd/uid.c: Fixed typo in debug.
Jeremy.
(This used to be commit 7ba0a2192b)
source/include/proto.h
source/param/loadparm.c
source/passdb/passdb.c
source/rpc_server/srv_samr.c
- add support for "hide local users" option to HEAD.
(This used to be commit 44dc339fe7)
to allow a chmod to be done if the user has write access to a file, just
like Windows allows. Off by default (compare with "dos filetimes" parameter).
Jeremy.
(This used to be commit 8abdf0e29f)
source/Makefile.in
- changes to ctags and etags rules that somehow got lost along the way.
source/include/proto.h
- make proto
source/smbd/sec_ctx.c
source/smbd/password.c
- merge debugs for debugging user groups and NT token stuff.
source/lib/util_str.c
- capitalise domain name returned from parse_domain_user()
source/nsswitch/wb_client.c
- fix broken conditional in debug statement.
source/include/rpc_secdes.h
source/include/rpc_spoolss.h
source/printing/nt_printing.c
source/lib/util_seaccess.c
- fix printer permission bugs related to ACE masks for printers.
This adds mapping of generic access rights to object specific
rights for NT printers. Still need to work out whether or not to
ignore ACEs with certain flags set, though. See comments in
util_seaccess.c:check_ace() for details.
source/printing/nt_printing.c
source/printing/printing.c
- use PRINTER_ACCESS_ADMINISTER instead of JOB_ACCESS_ADMINISTER
until we sort out printer/printjob permission stuff.
(This used to be commit 1dba9c5cd1)
list of structures rather than the dodgy parsing code we had before
this also gets smbw working correctly with no initial workgroup (using
name_status_find on __MSBROWSE__ returns)
(This used to be commit f2be88a873)
to search for a DC to authenticate to using the "*" syntax than ensure
that for the first hour after the password change is searches for the
PDC using the 1B name not the 1C name as domain replication may not
have occured.
Jeremy.
(This used to be commit c25533de99)
When chaining together long lines of bloody "if" statements, which should
logically be separated, and one of them allocates memory, remember to
*free* it *WHETHER OR NOT THE IF STATEMENTS SUCCEEDED* !!!!
Yes I do consider this a bug in the coding style of Tridge, Rusty, Tim et al. :-).
I'm just pissed 'cos this took 4 hours to track down even with an insure error report
stating me in the face and also Ben Woodward looking over the code with me :-).
Jeremy.
(This used to be commit 506b5e34c3)
rewrote unistr2_to_ascii() to correct a bug seen on SGI boxes.
rpc_parse/parse_misc.c:
rpc_parse/parse_prs.c:
rewrote of BUFFER5 handling to NOT byteswap when it was already in
network byte order.
rpc_parse/parse_samr.c:
cleanup of samr_io_q_lookup_domain(), remove the over-parsing by 2
bytes.
rpc_server/srv_lsa.c:
UNISTR2 strings need to be NULL terminated to pleased W2K.
rpc_server/srv_spoolss_nt.c:
use snprintf instead of safe_strcpy as we want the string
truncated at 32 chars.
That should fix SUN and SGI box not able to act as printserver and the
problem with joining from a W2K wks.
J.F.
(This used to be commit 69fe739303)
TNG branch.
Re-instated lsa_lookup_sids and lsa_lookup_names functions in rpcclient.
This requires most samba binaries to link in another handful of object
files due to uncessary coupling between modules. )-:
(This used to be commit 817819d0cc)
ACL patch from http://acl.bestbits.at/.
configure support needs more work (just assumes correct headers at
the moment). ACL writing needs adding.
Jeremy.
(This used to be commit 6ae63e502e)
Currently does exactly the same thing (returns ACLs the same way). This
code is written to try and get a POSIX ACL via the abstract sys_XX interface,
then fall back to providing a UNIX based ACL if the calls fail. Seems to
work. Next step is to add a --with-posix-acls to configure.in and then
check on a POSIX ACL system that a complex ACL is returned correctly
as an NT ACL. Note that the ACL set (a more complex problem) is not
addressed yet.
Jeremy.
(This used to be commit 4339e20202)
a --with-spinlocks option to configure, this does mean the on-disk tdb
format has changed, so 2.2alphaX sites will need to re-create their
tdb's. The upside is no more tdb fragmentation and a +5% on netbench.
Swings and roundabouts....
Jeremy.
(This used to be commit 9dea7b7c25)
written to transition from an old DOMAIN.MACHINE.MAC file to secrets.tdb.
printing/nt_printing.c: Fix case insensitive name lookups for driver files.
John - this should fix the Win9x/WinME problem correctly.
Jeremy.
(This used to be commit 8f3332a9ac)
messaging system as a notification mechanism, and the speed of notification
greatly exceeds the speed of message recovery, then you get a massively (>75Mb)
growing tdb. If the message is a simple notification, then the message is
static, and you only need one of them in transit to a target process at
any one time.
This patch adds a BOOL "allow_duplicates" to the message_send_XX primitives.
If set to False, then before sending a message the sender checks the existing
message queue for a target pid for a duplicate of this message, and doesn't
add to it if one already exists.
Also added code into msgtest.c to test this.
Jeremy.
(This used to be commit 3aa7995660)
a byte range lock (write lock only, but Win2k breaks on read lock also so I
do the same) - if you think about why, this is obvious. Also fixed our client
code to do level II oplocks, if requested, and fixed the code where we would
assume the client wanted level II if it advertised itself as being level II
capable - it may not want that.
Jeremy.
(This used to be commit 213cd0b519)
Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+)
are broken, but they were somewhat broken before. :)
The following functions implement the storage manipulation interface
/*The following definitions come from passdb/pdb_smbpasswd.c */
BOOL pdb_setsampwent (BOOL update);
void pdb_endsampwent (void);
SAM_ACCOUNT* pdb_getsampwent (void);
SAM_ACCOUNT* pdb_getsampwnam (char *username);
SAM_ACCOUNT* pdb_getsampwuid (uid_t uid);
SAM_ACCOUNT* pdb_getsampwrid (uint32 rid);
BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass);
BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override);
BOOL pdb_delete_sam_account (char* username);
There is also a host of pdb_set..() and pdb_get..() functions for
manipulating SAM_ACCOUNT struct members. Note that the struct
passdb_ops {} has gone away. Also notice that struct smb_passwd
(formally in smb.h) has been moved to passdb/pdb_smbpasswd.c
and is not accessed outisde of static internal functions in this
file. All local password searches should make use of the the SAM_ACCOUNT
struct and the previously mentioned functions.
I'll write some documentation for this later. The next step is to fix
the TDB passdb backend, then work on spliting the backends out into
share libraries, and finally get the LDAP backend going.
What works and may not:
o domain logons from Win9x works
o domain logons from WinNT 4 works
o user and group enumeration
as implemented by Tim works
o file and print access works
o changing password from
Win9x & NT ummm...i'll fix this tonight :)
If I broke anything else, just yell and I'll fix it. I think it
should be fairly quite.
-- jerry
(This used to be commit 0b92d0838e)
with PCL drivers. The problem was we were updating the changeid on every
SETPRINTERDATA/DELETEPRINTERDATA call. We should not do this, we should
just update the 'setprinter' called count. We update the changeid on calls
to SETPRINTER/ADDPRINTER/ADDPRINTEREX etc. Also fixed the correct returning
of the create time on printers.
Jeremy.
(This used to be commit 521f09829f)
I hope not). If you encounter strange file-serving behavior after this
patch then back it out. I analysed our stat() usage and realised we
were doing approx. 3 stat calls per open, and 2 per getattr/setattr.
This patch should fix all that. It causes the stat struct returned
from unix_convert() (which now *must* be passed a valid SMB_STRUCT_STAT
pointer) to be passed through into the open code. This should prevent
the multiple stats that were being done so as not to violate layer
encapsulation in the API's.
Herb - if you could run a NetBench test with this code and do a
padc/par syscall test and also run with the current 2.2.0 code
and test the padc/par syscalls I'd appreciate it - you should
find the number of stat calls reduced - not sure by how much.
The patch depends on unix_convert() actually finding the file
and returning a stat struct, or returning a zero'd out stat
struct if the file didn't exist. I believe we can guarentee this
to be the case - I just wasn't confident enough to make this
an assertion before.
Ok ok - I did write this whilst at the Miami conference.....
sometimes you get a little free time at these things :-).
Jeremy.
(This used to be commit 66a5c05ec4)
the trust domain list reply on netlogon pipe was wrong, interim hack until
we have full trust relationships.
changed some unistr2 to parse the ending NULL char.
added a prs_align_needed() function. much like a prs_align but with a
condition. needed for the unistr2 parsing.
J.F.
(This used to be commit d8bf81553c)
falling back to the UNIX calls on error. This should fix all problems with
smbd enumerating all users in all groups in all trusted domains via winbindd.
Also changed GETDC to query 1C name rather than 1b name as only the PDC
registers 1b.
Jeremy.
(This used to be commit 5b0038a2af)
on exit. Needed to fix printing.tdb from groving to 300Mb+ if being
driven by smbclient clients that never ask for status... (effective
DOS attack :-).
Jeremy.
(This used to be commit 6581066b93)
a sam_user_info_24 doesn't have a uint16 at end
samr_create_user also creates the unix account now
samr_set_userinfo changes the password.
J.F.
(This used to be commit 94f4024481)
cleanup of create_user
cleanup of rid/sid mix in samr. now we only have sid.
some prs_align() missing in parse_samr.c
a small debug change in srv_pipe.c
You still can't change a user's password in this commit.
Will be availble in the next one.
J.F.
(This used to be commit b655bc281f)
a conn struct depending on the call.
We need this to have a clean NT ACL call interface.
This will break any existing VFS libraries (that's why this is pre-release
code).
Andrew gets credit for this one :-) :-).
In addition - added Herb's WITH_PROFILE changes - Herb - please examine
the changes I've made to the smbd/reply.c code you added. The original
code was very ugly and I have replaced it with a
START_PROFILE(x)/END_PROFILE(x) pair using the preprocessor.
Please check this compiles ok with the --with-profile switch.
Jeremy.
(This used to be commit b07611f815)
through the VFS. All file access/directory access code in smbd should now
go via the vfs. Added vfs_chown/vfs_chmod calls. Still looking at vfs_get_nt_acl()
vfs_set_nt_acl() call API design.
Jeremy.
(This used to be commit f96625ec12)
allows Samba to turn off the display of APW (hmmm. This should probably
be a share specific parameter, I'll fix that in another commit).
Also a few small changes to JF's code to fix compiler warnings about
missing return statements and also change '//' comments (C++) to /* .. */
comments (C).
Jeremy.
(This used to be commit 0a9ccc99b3)
not sure why (JF - a glance at this would be appreciated). Removed code
that JF objected to with enumprinterdata. Added translations to/from
level 6 - but Win2k still not happy... hmmm...
Jeremy.
(This used to be commit e5d98ba9e9)
easier to add new message types to messages.h without breaking old
binaries
- added a MSG_FORCE_ELECTION message to force nmbd to hold an election
(This used to be commit f1c49ca7ce)
allowing new bits of code or vfs modules to register functions without
impacting on the messaging code itself.
Also note that multiple registrations for the same message type are
possible allowing the same message to be delivered to multiple parts
of the code (possibly useful for reload messages).
(This used to be commit c3350c77f5)
The motivation for this system is to replace the UDP message for
oplocks, but this commit only does the "set debug level" message.
(This used to be commit 2a34ee95f3)
- make proto
- addition of function to convert from errno values to NT status codes
(source/lib/error.c)
- purge queue done without full access permission will purge only the
jobs owned by that user, rather than failing.
- unlock job database tdb before sending job to printer
- in print_job_start(), ensure that we don't pick a jobid with an existing
temporary file that may be owned by another user, as it causes silent
failures.
- fixes for printer permission checking for NT5 clients
(source/include/rpc_spoolss.h, source/printing/nt_printing.c,
source/printing/printing.c, source/rpc_server/srv_spoolss_nt.c)
- change from uint8 to 'enum SID_NAME_USE' (source/rpc_server/srv_lsa.c)
- fixed memory leaks for win95 driver download process
(source/smbd/lanman.c)
- properly free prs_structs and dacl in testsuite/printing/psec.c
(This used to be commit 74af3e2cae)
