1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-28 07:21:54 +03:00
Commit Graph

33 Commits

Author SHA1 Message Date
Jeremy Allison
ce72beb2b5 Removed strupper/strlower macros that automatically map to strupper_m/strlower_m.
I really want people to think about when they're using multibyte strings.
Jeremy.
(This used to be commit ff222716a0)
2003-07-03 19:11:31 +00:00
Andrew Bartlett
8a20407442 Cleanups: (merge from HEAD)
- use safe_strcpy() instead of pstrcpy() for malloc()ed strings

 - CUPS: a failure in an attempt to automaticly add a printer is not level 0 stuff.

 - Fix up a possible Realloc() failure segfault

Andrew Bartlett
(This used to be commit c1cfc296c2)
2003-02-10 11:47:21 +00:00
Andrew Bartlett
ad8a22e570 Updates from Samba HEAD:
- Fix segfaults in the 'net ads' commands when no password is provided
 - Readd --with-ldapsam for 2.2 compatability.  This conditionally compiles the
   old options, but the actual code is available on all ldap systems.
 - Fix shadow passwords (as per work with vl)
 - Fix sending plaintext passwords to unicode servers (again vl)
 - Add a bit of const to secrets.c functions
 - Fix some spelling and grammer by vance.
 - Document the -r option in smbgroupedit.

There are more changes in HEAD, I'm only merging the changes I've been involved
with.

Andrew Bartlett
(This used to be commit 83973c3893)
2002-10-01 13:10:57 +00:00
Andrew Tridgell
e90b652848 updated the 3.0 branch from the head branch - ready for alpha18
(This used to be commit 03ac082dcb)
2002-07-15 10:35:28 +00:00
Tim Potter
cd68afe312 Removed version number from file header.
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06)
2002-01-30 06:08:46 +00:00
Andrew Bartlett
c311d24ce3 A nice *big* change to the fundemental way we do things.
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps
them around for a long time - often past the next call...

This adds a getpwnam_alloc and a getpwuid_alloc to the collection.

These function as expected, returning a malloced structure that can be
free()ed with passwd_free(&passwd).

This patch also cuts down on the number of calls to getpwnam - mostly by
taking advantage of the fact that the passdb interface is already
case-insensiteve.

With this patch most of the recursive cases have been removed (that I know
of) and the problems are reduced further by not using the sys_ interface
in the new code.  This means that pointers to the cache won't be affected.
(This is a tempoary HACK, I intend to kill the password cache entirly).

The only change I'm a little worried about is the change to
rpc_server/srv_samr_nt.c for private groups.  In this case we are getting
groups from the new group mapping DB.  Do we still need to check for private
groups?  I've toned down the check to a case sensitve match with the new code,
but we might be able to kill it entirly.

I've also added a make_modifyable_passwd() function, that copies a passwd
struct into the form that the old sys_getpw* code provided.  As far as I can
tell this is only actually used in the pass_check.c crazies, where I moved
the final 'special case' for shadow passwords (out of _Get_Pwnam()).

The matching case for getpwent() is dealt with already, in lib/util_getent.c

Also included in here is a small change to register the [homes] share at vuid
creation rather than just in one varient of the session setup.  (This picks
up the SPNEGO cases).  The home directory is now stored on the vuid, and I
am hoping this might provide a saner way to do %H substitions.

TODO:  Kill off remaining Get_Pwnam_Modify calls (they are not needed), change
the remaining sys_getpwnam() callers to use getpwnam_alloc() and move
Get_Pwnam to return an allocated struct.

Andrew Bartlett
(This used to be commit 1d86c7f942)
2002-01-17 08:45:58 +00:00
Andrew Bartlett
7de42a4faf Remove built-in support for clear-text kerberos authentication.
This should remove some confusion from the ./configure, but does not affect the
'real' kerberos support currently residing in smbd/sesssetup.c.

This code is vunerable to a spoofed KDC, and is best replaced by --with-pam and
the pam_krb5 module.  This module includes measures to prevent such spoofing.

Andrew Bartlett
(This used to be commit 3235880b41)
2001-11-11 10:42:07 +00:00
Jeremy Allison
c416ff851b Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.
Ensure make_conection() can only be called as root.
Jeremy.
(This used to be commit 8d23a7441b)
2001-10-18 20:15:12 +00:00
Tim Potter
dc1fc3ee8e Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.
(This used to be commit 2d0922b0ea)
2001-10-02 04:29:50 +00:00
Andrew Bartlett
fa6713bf8b Move pass_check.c over to NTSTATUS, allowing full NTSTATUS from PAM to wire!
Add the ability for swat to run in non-root-mode (ie non-root from inetd).
 - we still need some of the am_root() calls fixed however.
(This used to be commit 2c2317c56e)
2001-09-20 13:15:35 +00:00
Andrew Bartlett
6adafe50d4 Remove the ugly hacks to get around the Get_Pwnam() calls in pass_check.c by
simply not doing Get_Pwnam() calls in pass_check.c

We now make *one* sys_getpnam() call in cgi.c and we always call PAM no matter
what it returns.  We also no longer run the password cracker for these logins.

The truly parinod will note the slight difference in call paths, in that we only
call crypt for valid password structs (if not --with-pam).  The truly parinoid
don't run SWAT either, so I don't think this is an issue.

Andrew Bartlett
(This used to be commit 9020d88493)
2001-09-19 05:26:11 +00:00
Andrew Tridgell
19fea3242c the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but the client code still needs some work
(This used to be commit dcd6e735f7)
2001-09-04 07:13:01 +00:00
Jeremy Allison
58ed70f378 Fixed silly typo.
Jeremy.
(This used to be commit 6ee2b41429)
2001-08-30 20:09:49 +00:00
Jeremy Allison
8debe5b629 Fix from Paul Green to set correct lengths.
Jeremy.
(This used to be commit 52b9b6d519)
2001-08-30 19:16:56 +00:00
Andrew Tridgell
b031af348c converted another bunch of stuff to NTSTATUS
(This used to be commit 1d36250e33)
2001-08-27 19:46:22 +00:00
Andrew Bartlett
5b8d230e39 This removes unused paramaters from various authtication functions, and should
not change behaviour.

This should make my later diffs smaller, where I actualy start cleaning up this
mess...

Andrew Bartlett
(This used to be commit 04f090c224)
2001-07-08 14:10:30 +00:00
Jeremy Allison
5197ccfef4 Added Andrew Bartlett's fixes to my changes to his original patch (at the
court of king caractacus, was just passing by... :-).
Jeremy.
(This used to be commit acc3e7a057)
2001-05-01 17:19:42 +00:00
Jeremy Allison
ae8418d0c4 Added smb_ prefix to all Samba wrapper pam functions.
Fixed off by one bug using StrnCpy instead of strdup().
Jeremy.
(This used to be commit d4b1c0be2e)
2001-04-23 04:15:35 +00:00
Jeremy Allison
e277c08631 Commit of a modified version of Andrew Bartlett's patch that removes the
horrid utmp hostname parameter - now uses the client name instead.
Also tidies up some of the unencrypted password checking when PAM
is compiled in.
FIXME ! An pam_accountcheck() is being called even when smb encrypted
passwords are negotiated. Is this the correct thing to do when winbindd
is running ! This needs *SEVERE* testing....
Jeremy.
(This used to be commit 071c799f47)
2001-04-22 07:20:24 +00:00
Jeremy Allison
6d96224f81 passdb/pass_check.c: Ensure second check is done only if given username is all in caps.
rpc_server/srv_srvsvc_nt.c: Added "CONFIGFILE" arg to scripts so path to smb.conf is given.
Jeremy.
(This used to be commit 3c4c649951)
2001-04-10 19:43:14 +00:00
Jeremy Allison
ef1a7311ce Added JohnT and Andrew Bartlett's PAM changes.
Jeremy.
(This used to be commit ecd00e258c)
2001-04-10 18:10:38 +00:00
Gerald Carter
b5eb73d9aa add pam_setcred() call to pam_auth(). Patch was submited last Oct.
jerry
(This used to be commit 57165d1578)
2001-02-08 18:39:36 +00:00
Jeremy Allison
f0080e5a39 Getting back to a compilable state (not there yet but close).
Added patches for random -> sys_random.
Added set_effective_xxx patches for AFS code.
Memory allocation changes in spoolss code.
Jeremy.
(This used to be commit c2099cfb03)
2000-06-01 17:01:34 +00:00
Jeremy Allison
693ffb8466 Added sys_fork() and sys_getpid() functions to stop the overhead
of doing a system call every time we want to just get our pid.
Jeremy.
(This used to be commit 148628b616)
2000-05-02 02:23:41 +00:00
Luke Leighton
2864ac574b indent update to make t easier to see setuid mods in TNG. some
code from these modules i had to leave out (nothing to do withj setuid)
(This used to be commit 96717211ed)
2000-03-21 21:08:07 +00:00
Andrew Tridgell
3db52feb1f first pass at updating head branch to be to be the same as the SAMBA_2_0 branch
(This used to be commit 453a822a76)
1999-12-13 13:27:58 +00:00
Tim Potter
731c7f2ecf Moved code that changes the pw_passwd entry (i.e shadow password and
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug.

Note that the Get_Pwnam() function now returns a const struct passwd *
as a hint to other developers not to change entries in the struct
passwd.
(This used to be commit 36d7cb4ccc)
1999-06-13 04:14:24 +00:00
Luke Leighton
269f11bfa9 pass_check.c could receive encrypted password: printing it out as a %s
results in garbage.  with no password length argument doing dump_data(
100, password, strlen(password)) is the next best alternative.
(This used to be commit 073c8652c1)
1999-03-08 18:43:50 +00:00
Jeremy Allison
b053652d49 Added Kerberos4 support patches from Johan Hedin <johanh@fusion.kth.se>
Jeremy.
(This used to be commit 548634915f)
1998-09-26 03:30:15 +00:00
Andrew Tridgell
f6044c87c0 some cleanups to use ZERO_STRUCT() and friends
(This used to be commit 7b154dc431)
1998-09-05 13:24:20 +00:00
Andrew Tridgell
48514704c2 got rid of calls to update_protected_database(). It was causing core
dumps. It is gone until someone can tell us why its needed and what it
does. (It was only used on OSF1 and core dumped there anyway!)
(This used to be commit a564e46627)
1998-08-29 14:08:17 +00:00
Andrew Tridgell
37d5ba8eae use user instead of this_user to prevent global shadowing
(This used to be commit 76e523907c)
1998-08-15 03:31:57 +00:00
Andrew Tridgell
fa88efbbac split the system password checking routines out of smbd/password.c and
into passdb/pass_check.c. This means SWAT no longer needs to link to
smbd/password.c
(This used to be commit 90d93889d7)
1998-08-10 07:04:53 +00:00