CVS update: samba/source/auth
Date: Sat Apr 3 15:41:32 2004 Author: abartlet Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv5679/source/auth Modified Files: Tag: SAMBA_3_0 auth_ntlmssp.c auth_sam.c auth_util.c Log Message: Fix most of bug #169. For a (very) long time, we have had a bug in Samba were an NTLMv2-only PDC would fail, because it converted the password into NTLM format for checking. This patch performs the direct comparison required for interactive logons to function in this situation. It also removes the 'auth flags', which simply where not ever used. Natrually, this plays with the size of structures, so rebuild, rebuild rebuild... Andrew Bartlett Revisions: auth_ntlmssp.c 1.4.2.6 = 1.4.2.7 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_ntlmssp.c.diff?r1=1.4.2.6r2=1.4.2.7 auth_sam.c 1.36.2.28 = 1.36.2.29 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.28r2=1.36.2.29 auth_util.c 1.39.2.55 = 1.39.2.56 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.55r2=1.39.2.56
CVS update: samba/source/auth
Date: Wed Mar 31 15:41:46 2004 Author: idra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv12086/auth Modified Files: auth_util.c Log Message: volker said it right better use a list of SIDs instead of NT_USER_TOKEN here Revisions: auth_util.c 1.91 = 1.92 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.91r2=1.92
CVS update: samba/source/auth
Date: Thu Mar 18 17:09:37 2004 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv12592/source/auth Modified Files: Tag: SAMBA_3_0_RELEASE auth_domain.c auth_sam.c auth_server.c auth_unix.c auth_util.c Log Message: starting to sync the cvs tree Revisions: auth_domain.c 1.77.2.7 = 1.77.2.8 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.77.2.7r2=1.77.2.8 auth_sam.c 1.55.2.8 = 1.55.2.9 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.55.2.8r2=1.55.2.9 auth_server.c 1.33.2.4 = 1.33.2.5 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.33.2.4r2=1.33.2.5 auth_unix.c 1.28.2.1 = 1.28.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_unix.c.diff?r1=1.28.2.1r2=1.28.2.2 auth_util.c 1.72.2.11 = 1.72.2.12 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.72.2.11r2=1.72.2.12
CVS update: samba/source/auth
Date: Tue Mar 16 16:41:54 2004 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv18875/auth Modified Files: Tag: SAMBA_3_0 auth_server.c auth_util.c auth_unix.c Log Message: BUG 1165, 1126: Fix bug with secondary groups (security = ads) and winbind use default domain = yes Revisions: auth_server.c 1.21.2.11 = 1.21.2.12 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.21.2.11r2=1.21.2.12 auth_util.c 1.39.2.53 = 1.39.2.54 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.53r2=1.39.2.54 auth_unix.c 1.19.2.6 = 1.19.2.7 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_unix.c.diff?r1=1.19.2.6r2=1.19.2.7
CVS update: samba/source/auth
Date: Tue Mar 16 16:44:54 2004 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv19133/auth Modified Files: auth_server.c auth_util.c auth_unix.c Log Message: BUG 1165, 1126: Fix bug with secondary groups (security = ads) and winbind use default domain = yes Revisions: auth_server.c 1.36 = 1.37 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.36r2=1.37 auth_util.c 1.89 = 1.90 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.89r2=1.90 auth_unix.c 1.29 = 1.30 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_unix.c.diff?r1=1.29r2=1.30
CVS update: samba/source/auth
Date: Tue Mar 16 20:28:47 2004 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv29750/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: fix overlapping memory bug when copying username Revisions: auth_util.c 1.39.2.54 = 1.39.2.55 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.54r2=1.39.2.55
CVS update: samba/source/auth
Date: Tue Mar 16 20:32:14 2004 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv30802/auth Modified Files: auth_util.c Log Message: merges from 3.0 Revisions: auth_util.c 1.90 = 1.91 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.90r2=1.91
CVS update: samba/source/auth
Date: Wed Mar 10 16:40:41 2004 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv10563 Modified Files: auth_util.c Log Message: Remove expanding sids from smbd, this will be done in winbindd. Volker Revisions: auth_util.c 1.88 = 1.89 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.88r2=1.89
CVS update: samba/source/auth
Date: Tue Mar 2 14:19:44 2004 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv20054 Modified Files: auth_util.c Log Message: Idra, your privileges patch allowed login only with tdbsam. The problem is that pdb_default_get_privilege_set returns NOT_IMPLEMENTED and not a privilege set that does not grant anything. I don't really understand privileges yet, so work around that by not failing if pdb_get_privilege_set fails. Volker Revisions: auth_util.c 1.87 = 1.88 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.87r2=1.88
Re: CVS update: samba/source/auth
Right, I just committed a patch the should be more polite with inferior* backends :-) Can you confirm it works now? * of course I'm joking On Tue, 2004-03-02 at 15:19, [EMAIL PROTECTED] wrote: Date: Tue Mar 2 14:19:44 2004 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv20054 Modified Files: auth_util.c Log Message: Idra, your privileges patch allowed login only with tdbsam. The problem is that pdb_default_get_privilege_set returns NOT_IMPLEMENTED and not a privilege set that does not grant anything. I don't really understand privileges yet, so work around that by not failing if pdb_get_privilege_set fails. Volker Revisions: auth_util.c 1.87 = 1.88 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.87r2=1.88 -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. - http://www.xsec.it via Garofalo, 39 - 20133 - Milano mobile: +39 329 328 7702 tel. +39 02 2953 4143 - fax: +39 02 700 442 399
CVS update: samba/source/auth
Date: Mon Mar 1 13:02:05 2004 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv12081/auth Modified Files: auth_util.c Log Message: Add aliases to winbindd_getgroups(). su - WINDOWS\\vl now includes the locally defined aliases I'm member of. Next will be getent group. Volker Revisions: auth_util.c 1.85 = 1.86 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.85r2=1.86
CVS update: samba/source/auth
Date: Sun Feb 29 16:48:19 2004 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv14749/auth Modified Files: auth_util.c Log Message: Apply my experimental aliases support to HEAD. This will be a bit difficult to merge to 3_0, as the pdb interfaces has changed a bit between the two. This has not been tested too severly (which means it's completely broken ;-), but I want it in for review. Feel free to revert it :-) TODO: make 'net groupmap' a bit more friendly for alias members. Put that stuff into pdb_ldap. Getting the information over to winbind. One plan without linking pdb into winbind would be to fill group_mapping.tdb with the membership information and have that as a cache (or use gencache.tdb?). smbd on a PDC or stand-alone could trigger that itself, the problem is a BDC using LDAP. This needs to do it on a regular basis. The BDC smbd needs to be informed about SAM changes somehow... Volker Revisions: auth_util.c 1.84 = 1.85 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.84r2=1.85
Re: CVS update: samba/source/auth
On Sun, Feb 29, 2004 at 04:48:19PM +, [EMAIL PROTECTED] wrote: Date: Sun Feb 29 16:48:19 2004 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv14749/auth Modified Files: auth_util.c Log Message: Apply my experimental aliases support to HEAD. This will be a bit difficult to merge to 3_0, as the pdb interfaces has changed a bit between the two. This has not been tested too severly (which means it's completely broken ;-), but I want it in for review. Feel free to revert it :-) TODO: make 'net groupmap' a bit more friendly for alias members. Put that stuff into pdb_ldap. Getting the information over to winbind. One plan without linking pdb into winbind would be to fill group_mapping.tdb with the membership information and have that as a cache (or use gencache.tdb?). Yes, use it. That's what it's been implemented for :) smbd on a PDC or stand-alone could trigger that itself, the problem is a BDC using LDAP. This needs to do it on a regular basis. The BDC smbd needs to be informed about SAM changes somehow... cheers, -- Rafal Szczesniak Samba Team member http://www.samba.org
CVS update: samba/source/auth
Date: Sat Feb 21 17:41:28 2004 Author: jmcd Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv29723/auth Modified Files: Tag: SAMBA_3_0 auth_sam.c Log Message: Add calls to password lockout functions. Should now work against tdbsam only. Revisions: auth_sam.c 1.36.2.27 = 1.36.2.28 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.27r2=1.36.2.28
CVS update: samba/source/auth
Date: Sat Feb 21 17:41:32 2004 Author: jmcd Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv29737/auth Modified Files: auth_sam.c Log Message: Add calls to password lockout functions. Should now work against tdbsam only. Revisions: auth_sam.c 1.62 = 1.63 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.62r2=1.63
CVS update: samba/source/auth
Date: Mon Feb 2 07:53:56 2004 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv15541 Modified Files: Tag: SAMBA_3_0 auth_domain.c Log Message: Remove bogus check. No functional change, just cosmetics. Volker Revisions: auth_domain.c 1.33.2.35 = 1.33.2.36 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.33.2.35r2=1.33.2.36
CVS update: samba/source/auth
Date: Mon Feb 2 07:54:43 2004 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv15699 Modified Files: auth_domain.c Log Message: Remove bogus check. Cosmetics. Volker Revisions: auth_domain.c 1.84 = 1.85 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.84r2=1.85
CVS update: samba/source/auth
Date: Thu Jan 15 21:35:04 2004 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv14325/source/auth Modified Files: Tag: SAMBA_3_0_RELEASE auth_domain.c Log Message: sync tree for 3.0.2rc1 Revisions: auth_domain.c 1.77.2.6 = 1.77.2.7 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.77.2.6r2=1.77.2.7
CVS update: samba/source/auth
Date: Thu Jan 15 06:55:10 2004 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv5838/auth Modified Files: Tag: SAMBA_3_0 auth_domain.c Log Message: BUG 936: fix bind credentials for schannel binds in smbd (and add a comment to winbindd_cm about this Revisions: auth_domain.c 1.33.2.34 = 1.33.2.35 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.33.2.34r2=1.33.2.35
CVS update: samba/source/auth
Date: Thu Jan 15 06:56:00 2004 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv6385/auth Modified Files: auth_domain.c Log Message: BUG 936: fix bind credentials for schannel binds in smbd (and add a comment to winbindd_cm about this Revisions: auth_domain.c 1.83 = 1.84 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.83r2=1.84
CVS update: samba/source/auth
Date: Tue Jan 13 17:55:38 2004 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv2653/auth Modified Files: auth_domain.c Log Message: sync HEAD with recent changes in 3.0 Revisions: auth_domain.c 1.82 = 1.83 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.82r2=1.83
CVS update: samba/source/auth
Date: Wed Jan 7 21:47:37 2004 Author: mimir Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv29631/auth Modified Files: auth_domain.c Log Message: Fixes to doxygen comment. Revisions: auth_domain.c 1.81 = 1.82 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.81r2=1.82
CVS update: samba/source/auth
Date: Wed Jan 7 22:43:37 2004 Author: mimir Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv7449/auth Modified Files: Tag: SAMBA_3_0 auth_domain.c Log Message: Doxygen comment fix. rafal Revisions: auth_domain.c 1.33.2.33 = 1.33.2.34 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.33.2.33r2=1.33.2.34
CVS update: samba/source/auth
Date: Mon Jan 5 23:22:00 2004 Author: abartlet Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv3287/source/auth Modified Files: auth_sam.c Log Message: (merge from 3.0) Refactor our authentication and authentication testing code. The next move will be to remove our password checking code from the SAM authentication backend, and into a file where other parts of samba can use it. The ntlm_auth changes provide for better use of common code. Andrew Bartlett Revisions: auth_sam.c 1.60 = 1.61 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.60r2=1.61
CVS update: samba/source/auth
Date: Mon Jan 5 23:23:59 2004 Author: abartlet Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv3400/source/auth Modified Files: auth_sam.c Log Message: (merge from 3.0) Move our basic password checking code from inside the authentication subsystem into a seperate file - ntlm_check.c. This allows us to call these routines from ntlm_auth. The purpose of this exercise is to allow ntlm_auth (when operating as an NTLMSSP server) to avoid talking to winbind. This should allow for easier debugging. ntlm_auth itself has been reorgainised, so as to share more code between the SPNEGO-wrapped and 'raw' NTLMSSP modes. A new 'client' NTLMSSP mode has been added, for use with a Cyrus-SASL module I am writing (based on vl's work) Andrew Bartlett Revisions: auth_sam.c 1.61 = 1.62 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.61r2=1.62
CVS update: samba/source/auth
Date: Mon Jan 5 23:37:06 2004 Author: abartlet Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv6065/source/auth Modified Files: auth_util.c Log Message: (merge from 3.0) auth/auth_util.c: - Fill in the 'backup' idea of a domain, if the DC didn't supply one. This doesn't seem to occour in reality, hence why we missed the typo. lib/charcnv.c: lib/smbldap.c: libads/ldap.c: libsmb/libsmbclient.c: printing/nt_printing.c: - all the callers to pull_utf8_allocate() pass a char ** as the first parammeter, so don't make them all cast it to a void ** nsswitch/winbind_util.c: - Allow for a more 'correct' view of when usernames should be qualified in winbindd. If we are a PDC, or have 'winbind trusted domains only', then for the authentication returns stip the domain portion. - Fix valgrind warning about use of free()ed name when looking up our local domain. lp_workgroup() is maniplated inside a procedure that uses it's former value. Instead, use the fact that our local domain is always the first in the list. -- Jerry rightly complained that we can't assume that the first domain is our primary domain - new domains are added to the front of the list. :-( Use a much more reliable 'flag test' instead. (note: changes winbind structures, make clean). -- Forgot to commit this for the 'get our primary domain' change. Andrew Bartlett Revisions: auth_util.c 1.83 = 1.84 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.83r2=1.84
CVS update: samba/source/auth
Date: Tue Jan 6 00:13:55 2004 Author: abartlet Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv13768/source/auth Modified Files: auth_domain.c Log Message: (merge from 3.0) Change our Domain controller lookup routines to more carefully seperate DNS names (realms) from NetBIOS domain names. Until now, we would experience delays as we broadcast lookups for DNS names onto the local network segments. Now if DNS comes back negative, we fall straight back to looking up the short name. Andrew Bartlett Revisions: auth_domain.c 1.80 = 1.81 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.80r2=1.81
CVS update: samba/source/auth
Date: Mon Jan 5 04:10:27 2004 Author: abartlet Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv12921/auth Modified Files: Tag: SAMBA_3_0 auth_domain.c Log Message: Change our Domain controller lookup routines to more carefully seperate DNS names (realms) from NetBIOS domain names. Until now, we would experience delays as we broadcast lookups for DNS names onto the local network segments. Now if DNS comes back negative, we fall straight back to looking up the short name. Andrew Bartlett Revisions: auth_domain.c 1.33.2.32 = 1.33.2.33 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.33.2.32r2=1.33.2.33
CVS update: samba/source/auth
Date: Tue Dec 30 07:33:58 2003 Author: abartlet Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv16715/auth Modified Files: Tag: SAMBA_3_0 auth_sam.c Log Message: Move our basic password checking code from inside the authentication subsystem into a seperate file - ntlm_check.c. This allows us to call these routines from ntlm_auth. The purpose of this exercise is to allow ntlm_auth (when operating as an NTLMSSP server) to avoid talking to winbind. This should allow for easier debugging. ntlm_auth itself has been reorgainised, so as to share more code between the SPNEGO-wrapped and 'raw' NTLMSSP modes. A new 'client' NTLMSSP mode has been added, for use with a Cyrus-SASL module I am writing (based on vl's work) Andrew Bartlett Revisions: auth_sam.c 1.36.2.26 = 1.36.2.27 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.26r2=1.36.2.27
CVS update: samba/source/auth
Date: Wed Dec 31 00:31:42 2003 Author: abartlet Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv31985/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: auth/auth_util.c: - Fill in the 'backup' idea of a domain, if the DC didn't supply one. This doesn't seem to occour in reality, hence why we missed the typo. lib/charcnv.c: lib/smbldap.c: libads/ldap.c: libsmb/libsmbclient.c: printing/nt_printing.c: - all the callers to pull_utf8_allocate() pass a char ** as the first parammeter, so don't make them all cast it to a void ** nsswitch/winbind_util.c: - Allow for a more 'correct' view of when usernames should be qualified in winbindd. If we are a PDC, or have 'winbind trusted domains only', then for the authentication returns stip the domain portion. - Fix valgrind warning about use of free()ed name when looking up our local domain. lp_workgroup() is maniplated inside a procedure that uses it's former value. Instead, use the fact that our local domain is always the first in the list. Andrew Bartlett Revisions: auth_util.c 1.39.2.52 = 1.39.2.53 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.52r2=1.39.2.53
CVS update: samba/source/auth
Date: Tue Dec 30 05:02:32 2003 Author: abartlet Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv20775/source/auth Modified Files: Tag: SAMBA_3_0 auth_sam.c Log Message: Refactor our authentication and authentication testing code. The next move will be to remove our password checking code from the SAM authentication backend, and into a file where other parts of samba can use it. The ntlm_auth changes provide for better use of common code. Andrew Bartlett Revisions: auth_sam.c 1.36.2.25 = 1.36.2.26 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.25r2=1.36.2.26
CVS update: samba/source/auth
Date: Fri Dec 19 00:33:09 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv28092/auth Modified Files: Tag: SAMBA_3_0 auth_util.c auth_winbind.c Log Message: * add a few useful debug lines * fix bug involving Win9x clients. Make sure we save the right case for the located username in fill_sam_account() Revisions: auth_util.c 1.39.2.51 = 1.39.2.52 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.51r2=1.39.2.52 auth_winbind.c 1.6.2.18 = 1.6.2.19 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.6.2.18r2=1.6.2.19
CVS update: samba/source/auth
Date: Fri Dec 19 00:33:27 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv28120/auth Modified Files: auth_util.c auth_winbind.c Log Message: * add a few useful debug lines * fix bug involving Win9x clients. Make sure we save the right case for the located username in fill_sam_account() Revisions: auth_util.c 1.82 = 1.83 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.82r2=1.83 auth_winbind.c 1.24 = 1.25 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.24r2=1.25
CVS update: samba/source/auth
Date: Fri Dec 12 18:25:11 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv23695/auth Modified Files: Tag: APPLIANCE_HEAD auth_util.c Log Message: more syncs with 3.0 Revisions: auth_util.c 1.74.2.2 = 1.74.2.3 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.74.2.2r2=1.74.2.3
CVS update: samba/source/auth
Date: Tue Dec 9 18:34:29 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv28552/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: Final part of fix for #445. Don't add user for machine accounts. Jeremy. Revisions: auth_util.c 1.39.2.50 = 1.39.2.51 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.50r2=1.39.2.51
CVS update: samba/source/auth
Date: Wed Dec 10 04:34:08 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv13830/auth Modified Files: Tag: SAMBA_3_0_RELEASE auth_util.c Log Message: sync source for 3.0.1rc2 Revisions: auth_util.c 1.72.2.9 = 1.72.2.10 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.72.2.9r2=1.72.2.10
CVS update: samba/source/auth
Date: Thu Dec 4 20:35:30 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv32220/source/auth Modified Files: Tag: SAMBA_3_0_RELEASE auth.c auth_ntlmssp.c auth_sam.c auth_server.c auth_util.c Log Message: syncing tree for 3.0.1rc1 Revisions: auth.c 1.55.2.5 = 1.55.2.6 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.55.2.5r2=1.55.2.6 auth_ntlmssp.c 1.7.2.1 = 1.7.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_ntlmssp.c.diff?r1=1.7.2.1r2=1.7.2.2 auth_sam.c 1.55.2.6 = 1.55.2.7 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.55.2.6r2=1.55.2.7 auth_server.c 1.33.2.3 = 1.33.2.4 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.33.2.3r2=1.33.2.4 auth_util.c 1.72.2.8 = 1.72.2.9 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.72.2.8r2=1.72.2.9
CVS update: samba/source/auth
Date: Sat Nov 22 13:19:36 2003 Author: abartlet Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv21668/auth Modified Files: Tag: SAMBA_3_0 auth.c auth_ntlmssp.c auth_sam.c auth_util.c Log Message: Changes all over the shop, but all towards: - NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... Revisions: auth.c 1.32.2.24 = 1.32.2.25 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.32.2.24r2=1.32.2.25 auth_ntlmssp.c 1.4.2.5 = 1.4.2.6 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_ntlmssp.c.diff?r1=1.4.2.5r2=1.4.2.6 auth_sam.c 1.36.2.24 = 1.36.2.25 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.24r2=1.36.2.25 auth_util.c 1.39.2.48 = 1.39.2.49 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.48r2=1.39.2.49
CVS update: samba/source/auth
Date: Sat Nov 22 13:29:01 2003 Author: abartlet Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv23686/auth Modified Files: auth.c auth_ntlmssp.c auth_sam.c auth_util.c Log Message: (merge from 3.0) Changes all over the shop, but all towards: - NTLM2 support in the server - KEY_EXCH support in the server - variable length session keys. In detail: - NTLM2 is an extension of NTLMv1, that is compatible with existing domain controllers (unlike NTLMv2, which requires a DC upgrade). * This is known as 'NTLMv2 session security' * (This is not yet implemented on the RPC pipes however, so there may well still be issues for PDC setups, particuarly around password changes. We do not fully understand the sign/seal implications of NTLM2 on RPC pipes.) This requires modifications to our authentication subsystem, as we must handle the 'challege' input into the challenge-response algorithm being changed. This also needs to be turned off for 'security=server', which does not support this. - KEY_EXCH is another 'security' mechanism, whereby the session key actually used by the server is sent by the client, rather than being the shared-secret directly or indirectly. - As both these methods change the session key, the auth subsystem needed to be changed, to 'override' session keys provided by the backend. - There has also been a major overhaul of the NTLMSSP subsystem, to merge the 'client' and 'server' functions, so they both operate on a single structure. This should help the SPNEGO implementation. - The 'names blob' in NTLMSSP is always in unicode - never in ascii. Don't make an ascii version ever. - The other big change is to allow variable length session keys. We have always assumed that session keys are 16 bytes long - and padded to this length if shorter. However, Kerberos session keys are 8 bytes long, when the krb5 login uses DES. * This fix allows SMB signging on machines not yet running MIT KRB5 1.3.1. * - Add better DEBUG() messages to ntlm_auth, warning administrators of misconfigurations that prevent access to the privileged pipe. This should help reduce some of the 'it just doesn't work' issues. - Fix data_blob_talloc() to behave the same way data_blob() does when passed a NULL data pointer. (just allocate) REMEMBER to make clean after this commit - I have changed plenty of data structures... Andrew Bartlett Revisions: auth.c 1.58 = 1.59 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.58r2=1.59 auth_ntlmssp.c 1.8 = 1.9 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_ntlmssp.c.diff?r1=1.8r2=1.9 auth_sam.c 1.59 = 1.60 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.59r2=1.60 auth_util.c 1.79 = 1.80 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.79r2=1.80
CVS update: samba/source/auth
Date: Sun Nov 23 00:16:54 2003 Author: abartlet Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv30766/auth Modified Files: Tag: SAMBA_3_0 auth.c auth_server.c Log Message: Patch by [EMAIL PROTECTED] Emil Rasamat to ensure we always always free() each auth method. (We had relied on the use of talloc() only, despite providing the free() callback) Andrew Bartlett Revisions: auth.c 1.32.2.25 = 1.32.2.26 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.32.2.25r2=1.32.2.26 auth_server.c 1.21.2.10 = 1.21.2.11 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.21.2.10r2=1.21.2.11
CVS update: samba/source/auth
Date: Sun Nov 23 00:23:26 2003 Author: abartlet Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv31932/source/auth Modified Files: auth.c auth_server.c Log Message: (Merge from 3.0) Patch by [EMAIL PROTECTED] Emil Rasamat to ensure we always always free() each auth method. (We had relied on the use of talloc() only, despite providing the free() callback) Andrew Bartlett Revisions: auth.c 1.59 = 1.60 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.59r2=1.60 auth_server.c 1.35 = 1.36 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.35r2=1.36
CVS update: samba/source/auth
Date: Mon Nov 10 19:33:40 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv3486/auth Modified Files: auth_server.c Log Message: Patch from Andrew Bartlett [EMAIL PROTECTED] for security=server core dump if server goes away. Jeremy. Revisions: auth_server.c 1.34 = 1.35 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.34r2=1.35
CVS update: samba/source/auth
Date: Mon Nov 10 19:33:42 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv3428/auth Modified Files: Tag: SAMBA_3_0 auth_server.c Log Message: Patch from Andrew Bartlett [EMAIL PROTECTED] for security=server core dump if server goes away. Jeremy. Revisions: auth_server.c 1.21.2.9 = 1.21.2.10 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.21.2.9r2=1.21.2.10
CVS update: samba/source/auth
Date: Sun Nov 9 17:23:57 2003 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv9356 Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: Skip over the winbind separator when looking up a user. Volker Revisions: auth_util.c 1.39.2.47 = 1.39.2.48 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.47r2=1.39.2.48
CVS update: samba/source/auth
Date: Sun Nov 9 17:24:16 2003 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv9411 Modified Files: auth_util.c Log Message: From 3_0: Skip over the winbind separator when looking up a user. Volker Revisions: auth_util.c 1.78 = 1.79 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.78r2=1.79
CVS update: samba/source/auth
Date: Fri Nov 7 15:52:18 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv13296/source/auth Modified Files: Tag: SAMBA_3_0_RELEASE auth_builtin.c auth_sam.c auth_util.c Log Message: syncing tree with SAMBA_3_0 Revisions: auth_builtin.c 1.22.2.1 = 1.22.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_builtin.c.diff?r1=1.22.2.1r2=1.22.2.2 auth_sam.c 1.55.2.5 = 1.55.2.6 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.55.2.5r2=1.55.2.6 auth_util.c 1.72.2.6 = 1.72.2.7 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.72.2.6r2=1.72.2.7
CVS update: samba/source/auth
Date: Thu Nov 6 17:28:44 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv32080/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: run krb5 logins through the username map if the winbindd lookup fails; bug 698 Revisions: auth_util.c 1.39.2.46 = 1.39.2.47 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.46r2=1.39.2.47
CVS update: samba/source/auth
Date: Thu Nov 6 17:31:43 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv32753/auth Modified Files: auth_util.c Log Message: run krb5 logins through the username map if the winbindd lookup fails; bug 698 Revisions: auth_util.c 1.77 = 1.78 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.77r2=1.78
CVS update: samba/source/auth
Date: Fri Oct 24 01:18:56 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv14603/auth Modified Files: Tag: SAMBA_3_0 auth_sam.c Log Message: Andrew Bartlett patch to cope with Exchange 5.5 cleartext pop password auth. Jeremy. Revisions: auth_sam.c 1.36.2.23 = 1.36.2.24 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.23r2=1.36.2.24
CVS update: samba/source/auth
Date: Fri Oct 24 01:19:23 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv14747/auth Modified Files: auth_sam.c Log Message: Andrew Bartlett patch to cope with Exchange 5.5 cleartext pop password auth. Jeremy. Revisions: auth_sam.c 1.58 = 1.59 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.58r2=1.59
CVS update: samba/source/auth
Date: Wed Oct 22 23:38:15 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv18979/auth Modified Files: auth_builtin.c Log Message: Put strcasecmp/strncasecmp on the banned list (except for needed calls in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. Revisions: auth_builtin.c 1.23 = 1.24 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_builtin.c.diff?r1=1.23r2=1.24
CVS update: samba/source/auth
Date: Wed Oct 22 23:38:19 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv18798/auth Modified Files: Tag: SAMBA_3_0 auth_builtin.c Log Message: Put strcasecmp/strncasecmp on the banned list (except for needed calls in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. Revisions: auth_builtin.c 1.8.2.11 = 1.8.2.12 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_builtin.c.diff?r1=1.8.2.11r2=1.8.2.12
CVS update: samba/source/auth
Date: Mon Oct 20 16:49:45 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv8566/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: more 2.2.x compatibility fixes - allow user looksup in the kerb5 sesssetup to fall back to 'user' instaed of failing is REA.LM\user doesn't exist. also fix include line in smb_acls.h as requested by metze Revisions: auth_util.c 1.39.2.45 = 1.39.2.46 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.45r2=1.39.2.46
CVS update: samba/source/auth
Date: Mon Oct 20 16:50:12 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv8691/auth Modified Files: auth_util.c Log Message: more 2.2.x compatibility fixes - allow user looksup in the kerb5 sesssetup to fall back to 'user' instaed of failing is REA.LM\user doesn't exist. also fix include line in smb_acls.h as requested by metze Revisions: auth_util.c 1.76 = 1.77 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.76r2=1.77
CVS update: samba/source/auth
Date: Fri Oct 10 18:03:54 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv8527/source/auth Modified Files: Tag: SAMBA_3_0_RELEASE auth_sam.c auth_util.c auth_winbind.c Log Message: syncing up for 3.0.1pre1 Revisions: auth_sam.c 1.55.2.4 = 1.55.2.5 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.55.2.4r2=1.55.2.5 auth_util.c 1.72.2.5 = 1.72.2.6 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.72.2.5r2=1.72.2.6 auth_winbind.c 1.21.2.4 = 1.21.2.5 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.21.2.4r2=1.21.2.5
CVS update: samba/source/auth
Date: Tue Oct 7 16:34:23 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv8119/auth Modified Files: Tag: SAMBA_3_0 auth_util.c auth_winbind.c Log Message: make sure to call get_user_groups() with the full winbindd name for a user if he;she has one; bug 406 Revisions: auth_util.c 1.39.2.44 = 1.39.2.45 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.44r2=1.39.2.45 auth_winbind.c 1.6.2.17 = 1.6.2.18 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.6.2.17r2=1.6.2.18
CVS update: samba/source/auth
Date: Sat Sep 27 16:54:26 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv10870/source/auth Modified Files: Tag: APPLIANCE_HEAD auth.c auth_rhosts.c auth_sam.c pampass.c Log Message: syncing tree with 3.0 Revisions: auth.c 1.57.2.1 = 1.57.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.57.2.1r2=1.57.2.2 auth_rhosts.c 1.26.2.1 = 1.26.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_rhosts.c.diff?r1=1.26.2.1r2=1.26.2.2 auth_sam.c 1.57.2.1 = 1.57.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.57.2.1r2=1.57.2.2 pampass.c 1.39.2.2 = 1.39.2.3 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pampass.c.diff?r1=1.39.2.2r2=1.39.2.3
CVS update: samba/source/auth
Date: Mon Sep 8 14:13:29 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv26836/source/auth Modified Files: Tag: SAMBA_3_0_RELEASE auth.c auth_rhosts.c pampass.c Log Message: syncing files for rc3 Revisions: auth.c 1.55.2.4 = 1.55.2.5 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.55.2.4r2=1.55.2.5 auth_rhosts.c 1.25.2.3 = 1.25.2.4 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_rhosts.c.diff?r1=1.25.2.3r2=1.25.2.4 pampass.c 1.41.2.1 = 1.41.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pampass.c.diff?r1=1.41.2.1r2=1.41.2.2
CVS update: samba/source/auth
Date: Mon Sep 8 20:42:33 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv9651/auth Modified Files: Tag: SAMBA_3_0 auth_sam.c Log Message: Tidy up some formatting. Get ready for allowing bad password lockout. (based on a patch posted from Richard Renard [EMAIL PROTECTED]. Jeremy. Revisions: auth_sam.c 1.36.2.22 = 1.36.2.23 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.22r2=1.36.2.23
CVS update: samba/source/auth
Date: Tue Sep 9 04:07:01 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv31563/auth Modified Files: auth.c auth_domain.c auth_rhosts.c auth_sam.c auth_util.c auth_winbind.c pampass.c Log Message: sync 3.0 into HEAD for the last time Revisions: auth.c 1.57 = 1.58 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.57r2=1.58 auth_domain.c 1.79 = 1.80 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.79r2=1.80 auth_rhosts.c 1.26 = 1.27 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_rhosts.c.diff?r1=1.26r2=1.27 auth_sam.c 1.57 = 1.58 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.57r2=1.58 auth_util.c 1.74 = 1.75 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.74r2=1.75 auth_winbind.c 1.22 = 1.23 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.22r2=1.23 pampass.c 1.42 = 1.43 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pampass.c.diff?r1=1.42r2=1.43
CVS update: samba/source/auth
Date: Fri Sep 5 19:59:53 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv16391/auth Modified Files: Tag: SAMBA_3_0 auth.c auth_rhosts.c pampass.c Log Message: More tuning from cachegrind. Change most trim_string() calls to trim_char(0, as that's what they do. Fix string_replace() to fast-path ascii. Jeremy. Revisions: auth.c 1.32.2.23 = 1.32.2.24 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.32.2.23r2=1.32.2.24 auth_rhosts.c 1.15.2.9 = 1.15.2.10 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_rhosts.c.diff?r1=1.15.2.9r2=1.15.2.10 pampass.c 1.36.2.3 = 1.36.2.4 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pampass.c.diff?r1=1.36.2.3r2=1.36.2.4
CVS update: samba/source/auth
Date: Tue Sep 2 22:17:50 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv20033/auth Modified Files: Tag: APPLIANCE_HEAD pampass.c pass_check.c Log Message: starting to sync up app_head with 3.0 Revisions: pampass.c 1.39.2.1 = 1.39.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pampass.c.diff?r1=1.39.2.1r2=1.39.2.2 pass_check.c1.11.2.1 = 1.11.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pass_check.c.diff?r1=1.11.2.1r2=1.11.2.2
CVS update: samba/source/auth
Date: Tue Sep 2 23:06:35 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv28057/auth Added Files: Tag: APPLIANCE_HEAD auth.c auth_builtin.c auth_compat.c auth_domain.c auth_ntlmssp.c auth_rhosts.c auth_sam.c auth_server.c auth_unix.c auth_util.c auth_winbind.c Log Message: more syncs with 3.0 Revisions: auth.c NONE = 1.57.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c?rev=1.57.2.1 auth_builtin.c NONE = 1.23.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_builtin.c?rev=1.23.2.1 auth_compat.c NONE = 1.7.4.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_compat.c?rev=1.7.4.1 auth_domain.c NONE = 1.79.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c?rev=1.79.2.1 auth_ntlmssp.c NONE = 1.8.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_ntlmssp.c?rev=1.8.2.1 auth_rhosts.c NONE = 1.26.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_rhosts.c?rev=1.26.2.1 auth_sam.c NONE = 1.57.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c?rev=1.57.2.1 auth_server.c NONE = 1.34.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c?rev=1.34.2.1 auth_unix.c NONE = 1.29.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_unix.c?rev=1.29.2.1 auth_util.c NONE = 1.74.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c?rev=1.74.2.1 auth_winbind.c NONE = 1.22.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c?rev=1.22.2.1
CVS update: samba/source/auth
Date: Thu Aug 28 23:57:34 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv13121/auth Modified Files: Tag: SAMBA_3_0 auth_domain.c Log Message: Fix bug found by tridge in 2.2.x. Ensure that %U substitution is restored on next valid packet if a logon fails. This has relevence if people are using su.exe within logon scripts ! Jeremy. Revisions: auth_domain.c 1.33.2.31 = 1.33.2.32 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.33.2.31r2=1.33.2.32
CVS update: samba/source/auth
Date: Fri Aug 29 03:17:13 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv31335/source/auth Modified Files: Tag: SAMBA_3_0_RELEASE auth_domain.c Log Message: last sync before RC2 Revisions: auth_domain.c 1.77.2.4 = 1.77.2.5 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.77.2.4r2=1.77.2.5
CVS update: samba/source/auth
Date: Fri Aug 15 04:42:03 2003 Author: herb Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv7162/samba/source/auth Modified Files: Tag: SAMBA_3_0 auth.c auth_util.c auth_winbind.c Log Message: get rid of more compiler warnings Revisions: auth.c 1.32.2.22 = 1.32.2.23 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.32.2.22r2=1.32.2.23 auth_util.c 1.39.2.43 = 1.39.2.44 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.43r2=1.39.2.44 auth_winbind.c 1.6.2.16 = 1.6.2.17 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.6.2.16r2=1.6.2.17
CVS update: samba/source/auth
Date: Sat Aug 9 23:12:35 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv28354/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: fix for BUG #267 (problem with supplementary groups). Use winbindd to get the group list if possible since we already know it from netsamlogon_cache.tdb. More effecient than letting libc call getgrent() to get seconary groups. Tested by Ken Cross. Revisions: auth_util.c 1.39.2.42 = 1.39.2.43 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.42r2=1.39.2.43
CVS update: samba/source/auth
Date: Fri Aug 8 05:11:11 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv21773/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: need to be able to connect to a domain member as a local account; don't always map to the domain name Revisions: auth_util.c 1.39.2.41 = 1.39.2.42 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.41r2=1.39.2.42
CVS update: samba/source/auth
Date: Sat Aug 2 20:06:44 2003 Author: idra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv26703/auth Modified Files: auth.c auth_domain.c auth_ntlmssp.c auth_sam.c auth_util.c Log Message: port latest changes from SAMBA_3_0 tree Revisions: auth.c 1.56 = 1.57 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.56r2=1.57 auth_domain.c 1.78 = 1.79 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.78r2=1.79 auth_ntlmssp.c 1.7 = 1.8 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_ntlmssp.c.diff?r1=1.7r2=1.8 auth_sam.c 1.56 = 1.57 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.56r2=1.57 auth_util.c 1.73 = 1.74 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.73r2=1.74
CVS update: samba/source/auth
Date: Wed Jul 30 23:49:28 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv7618/auth Modified Files: Tag: SAMBA_3_0 auth_domain.c Log Message: Add a command line option (-S on|off|required) to enable signing on client connections. Overrides smb.conf parameter if set. Jeremy. Revisions: auth_domain.c 1.33.2.30 = 1.33.2.31 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.33.2.30r2=1.33.2.31
CVS update: samba/source/auth
Date: Sat Jul 26 01:21:06 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv1042/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: Correctly detect an add user script - check that *lp_adduser_script() != '\0', not lp_adduser_script() != NULL. Jeremy. Revisions: auth_util.c 1.39.2.40 = 1.39.2.41 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.40r2=1.39.2.41
CVS update: samba/source/auth
Date: Thu Jul 24 23:46:27 2003 Author: tpot Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv4084/auth Modified Files: Tag: SAMBA_3_0 auth_util.c auth_sam.c Log Message: More printf fixes - size_t is long on some architectures. Revisions: auth_util.c 1.39.2.38 = 1.39.2.39 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.38r2=1.39.2.39 auth_sam.c 1.36.2.20 = 1.36.2.21 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.20r2=1.36.2.21
CVS update: samba/source/auth
Date: Fri Jul 25 04:24:40 2003 Author: tpot Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv1694/auth Modified Files: Tag: SAMBA_3_0 auth_util.c auth_sam.c Log Message: More printf portability fixes. Got caught out by some gcc'isms last time. )-: Revisions: auth_util.c 1.39.2.39 = 1.39.2.40 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.39r2=1.39.2.40 auth_sam.c 1.36.2.21 = 1.36.2.22 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.21r2=1.36.2.22
CVS update: samba/source/auth
Date: Wed Jul 23 12:33:57 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv22586/auth Modified Files: Tag: SAMBA_3_0 auth_domain.c Log Message: convert snprintf() calls using pstrings fstrings to pstr_sprintf() and fstr_sprintf() to try to standardize. lots of snprintf() calls were using len-1; some were using len. At least this helps to be consistent. Revisions: auth_domain.c 1.33.2.29 = 1.33.2.30 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.33.2.29r2=1.33.2.30
CVS update: samba/source/auth
Date: Thu Jul 24 04:25:37 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv6994/auth Modified Files: Tag: SAMBA_3_0 auth_ntlmssp.c Log Message: Server side NTLM signing works - until the first async packet. Working on this next Jeremy. Revisions: auth_ntlmssp.c 1.4.2.4 = 1.4.2.5 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_ntlmssp.c.diff?r1=1.4.2.4r2=1.4.2.5
CVS update: samba/source/auth
Date: Fri Jul 18 11:36:16 2003 Author: vlendec Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv23650 Modified Files: Tag: SAMBA_3_0 auth.c Log Message: Fix memleak Revisions: auth.c 1.32.2.21 = 1.32.2.22 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.32.2.21r2=1.32.2.22
CVS update: samba/source/auth
Date: Wed Jul 16 04:25:53 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv30855/source/auth Modified Files: Tag: SAMBA_3_0_RELEASE auth.c auth_builtin.c auth_domain.c auth_rhosts.c auth_sam.c auth_server.c auth_util.c auth_winbind.c pampass.c pass_check.c Log Message: starting to sync up for beta3 Revisions: auth.c 1.55.2.2 = 1.55.2.3 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.55.2.2r2=1.55.2.3 auth_builtin.c 1.22 = 1.22.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_builtin.c.diff?r1=1.22r2=1.22.2.1 auth_domain.c 1.77.2.2 = 1.77.2.3 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.77.2.2r2=1.77.2.3 auth_rhosts.c 1.25.2.2 = 1.25.2.3 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_rhosts.c.diff?r1=1.25.2.2r2=1.25.2.3 auth_sam.c 1.55.2.2 = 1.55.2.3 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.55.2.2r2=1.55.2.3 auth_server.c 1.33.2.1 = 1.33.2.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.33.2.1r2=1.33.2.2 auth_util.c 1.72.2.3 = 1.72.2.4 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.72.2.3r2=1.72.2.4 auth_winbind.c 1.21.2.2 = 1.21.2.3 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.21.2.2r2=1.21.2.3 pampass.c 1.41 = 1.41.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pampass.c.diff?r1=1.41r2=1.41.2.1 pass_check.c1.36 = 1.36.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pass_check.c.diff?r1=1.36r2=1.36.2.1
CVS update: samba/source/auth
Date: Wed Jul 16 05:34:35 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv4827/source/auth Modified Files: auth.c auth_builtin.c auth_domain.c auth_rhosts.c auth_sam.c auth_server.c auth_unix.c auth_util.c auth_winbind.c pampass.c pass_check.c Log Message: trying to get HEAD building again. If you want the code prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE Revisions: auth.c 1.55 = 1.56 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.55r2=1.56 auth_builtin.c 1.22 = 1.23 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_builtin.c.diff?r1=1.22r2=1.23 auth_domain.c 1.77 = 1.78 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.77r2=1.78 auth_rhosts.c 1.25 = 1.26 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_rhosts.c.diff?r1=1.25r2=1.26 auth_sam.c 1.55 = 1.56 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.55r2=1.56 auth_server.c 1.33 = 1.34 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.33r2=1.34 auth_unix.c 1.28 = 1.29 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_unix.c.diff?r1=1.28r2=1.29 auth_util.c 1.72 = 1.73 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.72r2=1.73 auth_winbind.c 1.21 = 1.22 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.21r2=1.22 pampass.c 1.41 = 1.42 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pampass.c.diff?r1=1.41r2=1.42 pass_check.c1.36 = 1.37 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pass_check.c.diff?r1=1.36r2=1.37
CVS update: samba/source/auth
Date: Fri Jul 11 05:33:39 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv19632/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: moving more code around. * move rid allocation into IDMAP. See comments in _api_samr_create_user() * add winbind delete user/group functions I'm checking this in to sync up with everyone. But I'm going to split the add a separate winbindd_allocate_rid() function for systems that have an 'add user script' but need idmap to give them a RID. Life would be so much simplier without 'enable rid algorithm'. The current RID allocation is horrible due to this one fact. Tested idmap_tdb but not idmap_ldap yet. Will do that tomorrow. Nothing has changed in the way a samba domain is represented, stored, or search in the directory so things should be ok with previous installations. going to bed now. Revisions: auth_util.c 1.39.2.36 = 1.39.2.37 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.36r2=1.39.2.37
CVS update: samba/source/auth
Date: Tue Jul 8 17:04:11 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv2274/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: fix bone head mistake when setting the uid in the server_info struct. Revisions: auth_util.c 1.39.2.33 = 1.39.2.34 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.33r2=1.39.2.34
CVS update: samba/source/auth
Date: Tue Jul 8 17:19:37 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv3407/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: standlone servers don't have any trusted domains Revisions: auth_util.c 1.39.2.34 = 1.39.2.35 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.34r2=1.39.2.35
CVS update: samba/source/auth
Date: Tue Jul 8 01:04:06 2003 Author: tpot Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv15462 Modified Files: Tag: SAMBA_3_0 auth_sam.c Log Message: Spelling. Revisions: auth_sam.c 1.36.2.19 = 1.36.2.20 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.19r2=1.36.2.20
CVS update: samba/source/auth
Date: Tue Jul 8 02:19:16 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv20872/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: fix temporary bug so people can test 3.0 again; make sure to initialize the uid for the server_info struct Revisions: auth_util.c 1.39.2.31 = 1.39.2.32 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.31r2=1.39.2.32
CVS update: samba/source/auth
Date: Tue Jul 8 05:37:13 2003 Author: tpot Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv4303 Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: Initialise the uid and gid values to a safe default in make_server_info() Revisions: auth_util.c 1.39.2.32 = 1.39.2.33 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.32r2=1.39.2.33
CVS update: samba/source/auth
Date: Mon Jul 7 05:11:09 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv10743/auth Modified Files: Tag: SAMBA_3_0 auth_util.c auth_winbind.c Log Message: and so it begins * remove idmap_XX_to_XX calls from smbd. Move back to the the winbind_XXX and local_XXX calls used in 2.2 * all uid/gid allocation must involve winbindd now * move flags field around in winbindd_request struct * add WBFLAG_QUERY_ONLY option to winbindd_sid_to_[ug]id() to prevent automatic allocation for unknown SIDs * add 'winbind trusted domains only' parameter to force a domain member server to use matching users names from /etc/passwd for its domain (needed for domain member of a Samba domain) * rename 'idmap only' to 'enable rid algorithm' for better clarity (defaults to yes) code has been tested on * domain member of native mode 2k domain * ads domain member of native mode 2k domain * domain member of NT4 domain * domain member of Samba domain * Samba PDC running winbindd with trusts Logons tested using 2k clients and smbclient as domain users and trusted users. Tested both 'winbind trusted domains only = [yes|no]' This will be a long week of changes. The next item on the list is winbindd_passdb.c machine trust accounts not in /etc/passwd (done via winbindd_passdb) Revisions: auth_util.c 1.39.2.29 = 1.39.2.30 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.29r2=1.39.2.30 auth_winbind.c 1.6.2.15 = 1.6.2.16 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.6.2.15r2=1.6.2.16
Re: CVS update: samba/source/auth
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 7 Jul 2003 [EMAIL PROTECTED] wrote: Date: Mon Jul 7 05:11:09 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv10743/auth Modified Files: Tag: SAMBA_3_0 auth_util.c auth_winbind.c Log Message: and so it begins * remove idmap_XX_to_XX calls from smbd. Move back to the the winbind_XXX and local_XXX calls used in 2.2 * all uid/gid allocation must involve winbindd now * move flags field around in winbindd_request struct * add WBFLAG_QUERY_ONLY option to winbindd_sid_to_[ug]id() to prevent automatic allocation for unknown SIDs * add 'winbind trusted domains only' parameter to force a domain member server to use matching users names from /etc/passwd for its domain (needed for domain member of a Samba domain) * rename 'idmap only' to 'enable rid algorithm' for better clarity (defaults to yes) code has been tested on * domain member of native mode 2k domain * ads domain member of native mode 2k domain * domain member of NT4 domain * domain member of Samba domain * Samba PDC running winbindd with trusts Logons tested using 2k clients and smbclient as domain users and trusted users. Tested both 'winbind trusted domains only = [yes|no]' This will be a long week of changes. The next item on the list is winbindd_passdb.c machine trust accounts not in /etc/passwd (done via winbindd_passdb) Also fixed a misc bug that prevented a domain member from finding its machine trust account password when authenticating users from remote domains. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/CQGEIR7qMdg1EfYRAqvEAJ9BwcONTp/23+EvtLEMp0lVgKvC0gCfQSOr 3c6WzjwVZe62S83cKrxvWS0= =1iTt -END PGP SIGNATURE-
CVS update: samba/source/auth
Date: Mon Jul 7 05:28:51 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv12861/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: temporarily disable a sanity check to prevent winbindd from deadlocking on a Samba PDC. Will be re-enabled after winbind_passdb is done. Revisions: auth_util.c 1.39.2.30 = 1.39.2.31 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.30r2=1.39.2.31
CVS update: samba/source/auth
Date: Sat Jul 5 08:05:08 2003 Author: abartlet Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv27116/auth Modified Files: Tag: SAMBA_3_0 auth.c Log Message: PAM should operate on the Unix username, not the NT username (which might not have the domain\ qualification). Andrew Bartlett Revisions: auth.c 1.32.2.20 = 1.32.2.21 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.32.2.20r2=1.32.2.21
CVS update: samba/source/auth
Date: Fri Jul 4 18:50:21 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv2717/auth Modified Files: Tag: SAMBA_3_0 pampass.c Log Message: Fixed strlower changes I missed. Pointed out by metze. Jeremy Revisions: pampass.c 1.36.2.2 = 1.36.2.3 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pampass.c.diff?r1=1.36.2.2r2=1.36.2.3
CVS update: samba/source/auth
Date: Thu Jul 3 14:36:42 2003 Author: abartlet Update of /home/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv19109/auth Modified Files: Tag: SAMBA_3_0 auth.c auth_builtin.c auth_domain.c auth_rhosts.c auth_server.c auth_util.c auth_winbind.c Log Message: This patch takes the work the jerry did for beta2, and generalises it: - The 'not implmented' checks are now done by all auth modules - the ntdomain/trustdomain/winbind modules are more presise as to what domain names they can and cannot handle - The become_root() calls are now around the winbind pipe opening only, not the entire auth call - The unix username is kept seperate from the NT username, removing the need for 'clean off the domain\' in parse_net.c - All sid-uid translations are now validated with getpwuid() to put a very basic stop to logins with 'half deleted' accounts. Andrew Bartlett Revisions: auth.c 1.32.2.19 = 1.32.2.20 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.32.2.19r2=1.32.2.20 auth_builtin.c 1.8.2.9 = 1.8.2.10 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_builtin.c.diff?r1=1.8.2.9r2=1.8.2.10 auth_domain.c 1.33.2.28 = 1.33.2.29 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.33.2.28r2=1.33.2.29 auth_rhosts.c 1.15.2.7 = 1.15.2.8 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_rhosts.c.diff?r1=1.15.2.7r2=1.15.2.8 auth_server.c 1.21.2.7 = 1.21.2.8 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.21.2.7r2=1.21.2.8 auth_util.c 1.39.2.27 = 1.39.2.28 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.27r2=1.39.2.28 auth_winbind.c 1.6.2.14 = 1.6.2.15 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.6.2.14r2=1.6.2.15
CVS update: samba/source/auth
Date: Thu Jul 3 19:11:27 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv12062/auth Modified Files: Tag: SAMBA_3_0 auth_builtin.c auth_server.c pass_check.c Log Message: Removed strupper/strlower macros that automatically map to strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. Revisions: auth_builtin.c 1.8.2.10 = 1.8.2.11 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_builtin.c.diff?r1=1.8.2.10r2=1.8.2.11 auth_server.c 1.21.2.8 = 1.21.2.9 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_server.c.diff?r1=1.21.2.8r2=1.21.2.9 pass_check.c1.29.2.3 = 1.29.2.4 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/pass_check.c.diff?r1=1.29.2.3r2=1.29.2.4
CVS update: samba/source/auth
Date: Tue Jul 1 17:51:52 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv11122/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: * fixed volker's wbinfo -a lockup again. This one was my fault. It was caused by the winbind_ping() call in is_trusted_domain() o if we are a DC then we check our own direct trust relationships we have to rely on winbindd to update the truatdom_cache o if we are a domain member, then we can update the trustdom_cache ourselves if winbindd is not there Revisions: auth_util.c 1.39.2.26 = 1.39.2.27 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.26r2=1.39.2.27
CVS update: samba/source/auth
Date: Tue Jul 1 18:39:20 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv16644/source/auth Modified Files: Tag: SAMBA_3_0_RELEASE auth_util.c Log Message: syncing up latest changes Revisions: auth_util.c 1.72.2.2 = 1.72.2.3 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.72.2.2r2=1.72.2.3
CVS update: samba/source/auth
Date: Mon Jun 30 17:24:59 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv10702/auth Modified Files: Tag: SAMBA_3_0 auth_sam.c auth_util.c Log Message: * rename samstrict auth method to sam * rename original sam auth method to sam_ignoredomain * remove samstrict_dc auth method (now covered by 'sam') * fix wbinfo -a '...' and getent passwd bugs when running winbindd on a samba PDC (reported by Volker) Revisions: auth_sam.c 1.36.2.18 = 1.36.2.19 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_sam.c.diff?r1=1.36.2.18r2=1.36.2.19 auth_util.c 1.39.2.22 = 1.39.2.23 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.22r2=1.39.2.23
CVS update: samba/source/auth
Date: Mon Jun 30 20:41:40 2003 Author: jra Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv29989/auth Modified Files: Tag: SAMBA_3_0 auth_winbind.c Log Message: Valgrind found a bug (subtracting a pointer from a length rather than the length of what the pointer points to). Jeremy. Revisions: auth_winbind.c 1.6.2.13 = 1.6.2.14 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_winbind.c.diff?r1=1.6.2.13r2=1.6.2.14
CVS update: samba/source/auth
Date: Mon Jun 30 20:45:13 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv29095/auth Modified Files: Tag: SAMBA_3_0 auth_domain.c auth_util.c Log Message: * cleanup more DC name resolution issues in check_*domain_security() * is_trusted_domain() is broken without winbind. Still working on this. * get_global_sam_name() should return the workgroup name unless we are a standalone server (verified by volker) * Get_Pwnam() should always fall back to the username (minus domain name) even if it is not our workgroup so that TRUSTEDOMAIN\user can logon if 'user' exists in the local list of accounts (on domain members w/o winbind) Tested using Samba PDC with trusts (running winbindd) and a Samba 3.0 domain member not running winbindd. notes: make_user_info_map() is slightly broken now due to the fact that is_trusted_domain() only works with winbindd. disabled checks temporarily until I can sort this out. Revisions: auth_domain.c 1.33.2.27 = 1.33.2.28 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_domain.c.diff?r1=1.33.2.27r2=1.33.2.28 auth_util.c 1.39.2.23 = 1.39.2.24 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.23r2=1.39.2.24
CVS update: samba/source/auth
Date: Tue Jul 1 03:49:41 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv32212/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: * fix the trustdom_cache to work when winbindd is not running. smbd will update the trustdom_cache periodically after locking the timestamp key Revisions: auth_util.c 1.39.2.24 = 1.39.2.25 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.24r2=1.39.2.25
CVS update: samba/source/auth
Date: Tue Jul 1 04:11:42 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv1973/auth Modified Files: Tag: SAMBA_3_0 auth_util.c Log Message: * revert change to get_global_sam_name() * add get_default_sam_name() to be used by make_user_info_map() * add comments describing get_*_sam_name() Revisions: auth_util.c 1.39.2.25 = 1.39.2.26 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth_util.c.diff?r1=1.39.2.25r2=1.39.2.26
CVS update: samba/source/auth
Date: Tue Jul 1 05:45:16 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv9278/auth Modified Files: Tag: SAMBA_3_0 auth.c Log Message: fix typos in log messages and comments. Revisions: auth.c 1.32.2.18 = 1.32.2.19 http://www.samba.org/cgi-bin/cvsweb/samba/source/auth/auth.c.diff?r1=1.32.2.18r2=1.32.2.19
Re: CVS update: samba/source/auth
On Sun, 2003-06-29 at 05:39, [EMAIL PROTECTED] wrote: Date: Sun Jun 29 03:39:50 2003 Author: jerry Update of /data/cvs/samba/source/auth In directory dp.samba.org:/tmp/cvs-serv16648/auth Modified Files: Tag: SAMBA_3_0 auth.c auth_domain.c auth_util.c Log Message: Here's the code to make winbindd work on a Samba DC to handle domain trusts. Jeremy and I talked about this and it's going in as working code. It keeps winbind clean and solves the trust problem with minimal changes. To summarize, there are 2 basic cases where the deadlock would occur. (1) lookuping up secondary groups for a user, and (2) get[gr|pw]nam() calls that fall through the NSS layer because they don't exist anywhere. o To handle case #1, we bypass winbindd in sys_getgrouplist() unless the username includes the 'winbind separator'. o Case #2 is handled by adding checks in winbindd to return failure if we are a DC and the domain matches our own. Jerry, does this mean it will be more difficult to code use winbind_passdb on PDCs in future? Simo. -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. - http://www.xsec.it via Durando 10 Ed. G - 20158 - Milano mobile: +39 329 328 7702 tel. +39 02 2399 7130 - fax: +39 02 700 442 399 signature.asc Description: This is a digitally signed message part