IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Fix parse_domain_user to fail when splitting a full name like "DOM\user"
when "winbind use default domain" and "winbind trusted domains only" are
not enabled.
This allows pam_winbind to behave correctly when more modules are
stacked in the "account" or "password" PAM facility. pam_winbindd calls
WINBINDD_GETPWNAM which can decide whether or not a user is a winbind
user and return correct PAM error codes.
Guenther
-----------------------------------
Thanks to a report from VL:
We were causing mayhem by weakening the keys at the wrong point in time.
I think this is the correct place to do it. The session key for SMB
signing, and the 'smb session key' (used for encrypting password sets)
is never weakened.
The session key used for bulk data encryption/signing is weakened.
This also makes more sense, when we look at the NTLM2 code.
Andrew Bartlett
-----------------------------------
With more 'try all options' testing, I found this 'simple' but in the
NTLM2 signing code.
Andrew Bartlett
-----------------------------------
After Volker's advise, try every combination of parameters. This
isn't every parameter on NTLMSSP, but it is most of the important
ones.
This showed up that we had the '128bit && LM_KEY' case messed up.
This isn't supported, so we must look instead at the 56 bit flag.
Andrew Bartlett
-----------------------------------
We should now try retesting with NT4. This should be standalone
enough to port into a SAMBA_3_0_RELEASE branch fix.
Jeremy.
* remove pdb_context data structure
* set default group for DOMAIN_RID_GUEST user as RID 513 (just
like Windows)
* Allow RID 513 to resolve to always resolve to a name
* Remove auto mapping of guest account primary group given the
previous 2 changes
always assume we can get a struct timespec out of a stat
struct. This will allow us to portably move to nsec timestamps
on files and directories in the file server code in future.
Jeremy.
makes fixes much easier to port. Fix the size of dc->sess_key to
be 16 bytes, not 8 bytes - only store 8 bytes in the inter-smbd
store in secrets.tdb though. Should fix some uses of the dc->sess_key
where we where assuming we could read 16 bytes.
Jeremy.
internally in services_db.c now. This prevents internal services from
being listed twice (one internal and one external) when no
'svcctl list' parameter is explcitly set in smb.conf
