danw [Fri, 3 Oct 1997 17:31:18 +0000 (17:31 +0000)]
Move UNIX->SQL wildcard conversion from the validation stage to the
query-building stage since we know we have to do it iff the argument
was preceded by a `LIKE'. Also, redo build_qual and build_sql_statment
such that they aren't vulnerable to buffer overruns.
From mbarker: Remove the `char *whoami;' local to main so that it's
setting the global whoami. Otherwise it will be uninitialized and the
program will dump core if it tries to print an error message.
Do a better job with returning error codes: add ERROR_TABLE_BASE_krb
to error codes returned by krb functions, and use
connection_errno(conn) for the error value from send_object and
receive_object (not their return value, which is a non-useful GDB
error number).
menu.c: fix Linux/NetBSD ncurses display problems
main.c, namespace.c: use fgets() instead of gets() to make NetBSD (and
other?) cc not complain about possible buffer overruns
danw [Sat, 23 Aug 1997 22:27:52 +0000 (22:27 +0000)]
don't free(groups) at end of do_everyone, because you might need it
again when doing quotas. (Now there's a memory leak, but who cares,
since it exits shortly after anyway.)
WARNING: "STRING:danwn" was just added to list "danw-test-1".
If danw-test-1 is a mailing list, this may cause it to stop working.
You should consider removing "STRING:danwn" from the list.
to give the `No records in database match ... while adding ...' error
since `danwn' was probably a typo. Because it only makes sense to add
a local string to a list if that string is the same as a list or a
user (otherwise, as the warning above states, you'll break the list).
Since blanche tries those cases first, if we reach the string case,
the string isn't the same as a user or list, so the user probably
doesn't want to add it to the list, so we assume it was a typo.
If the user had really wanted to add it as a string, he should have
said STRING:danwn, which will still work (although it will no longer
give the warning since it's not the sort of thing you're likely to do
accidentally).
Imakefile: use the same debug flag as everyone else
afs.c: don't log an error when you try to create a user/group and find
there's already a user/group with the same name and id. (Do still
flame if only one of them matches.)
afs_rename.pl: don't log an error when trying to restore Xuser.foo if
it doesn't exist, but user.foo does and is mounted in the right place
remove support for automatically building in a separate tree (because it
was too hard to get gdss to work with it, and because all of the other
packages that used to do it have moved away from it--if you want to
build off a symlink farm, you can use synctree)
mr_server.h, qrtn.pc: punt get_client and change find_member to take a
struct client, and compare against both the users_id and the
client_id, so USER foo is recognized as being KERBEROS foo @ the local
kerberos realm.
qaccess.pc: use new find_member interface. also, add code in
access_list and fix existing code in access_member to allow kerberos
principals to glom, gaus, dmfl, and amtl [to public lists] themselves.
Always sort the result in get_members_of_list. (Previously this was
only done for lists of more than 50 members, and implemented such that
the server had to do twice as much work in that case.)
Fix the logic and explanation for one of the guess-what-the-user-meant
cases. (Fixes a bug where blanche would claim MR_NO_MATCH instead of
MR_PERM when you tried to remove a list from a list that you weren't
on the ACL for.)
Make a half-hearted attempt at returning a useful exit status, instead
of always claiming success. (See the man page for details.) We could
probably do better, but it would take a major rewrite.
Check for uniqueness of subnet, filesys, and printer names. (These
were listed in the FIXES file, but not implemented.)
Document the phase 2 printcap checks in the FIXES file.
fix typo in get_ace_use. (This, plus the addition of `gaus TYPE KERBEROS'
and `gaus TYPE RKERBEROS' aliases, allows get_ace_use to be used on
kerberos principals in addition to users and lists.)
Check `strings_id' in the numvalues table at startup. A server crash
in the right place could leave it pointing to an already-filled part
of the table, which makes the server unable to add new strings to the
db until it's fixed. (See [687]-[690] in moira-admin.)
Implement AUTH_002, which isn't vulnerable to replay attacks. Remove
support for AUTH_001 from the update_server (to prevent an AUTH_002
authentication from being replayed as an AUTH_001 authentication.)
Remove INST_001 since it wasn't being used.
Remove code from update_test that was duplicated in client.c
Send data files (but not instruction files) encrypted by default.
When authenticating, try the AUTH_002 protocol first, and fall back to
AUTH_001 if the server doesn't understand AUTH_002.
danw [Tue, 17 Jun 1997 20:20:24 +0000 (20:20 +0000)]
Don't create a user group with new accounts.
Don't allow users to rename a list to someone else's username. Also,
allow users to get `MR_NO_MATCH' if they get_user_account_by_login on
a non-existent account. (Used by the client to be able to check for
this case.)
danw [Thu, 29 May 1997 16:50:04 +0000 (16:50 +0000)]
Fix another freeing-memory-we-didn't-malloc bug in AddMachine. This
should fix the core-dumping bug from [1056] in Moira and several
transactions in bugs.
tytso [Fri, 14 Feb 1997 19:21:01 +0000 (19:21 +0000)]
New version which includes enrolled, half-enrolled, and half-registered
accounts as well. Also write a control file and ship a compressed tar file
to the warehouse.
tytso [Fri, 7 Feb 1997 19:42:27 +0000 (19:42 +0000)]
If we're using GDSS, #define DO_GDSS, so that the gen/Imakefile
can test against DO_GDSS. (gen/Imakefile was previously testing against
GDSS, which was unfortunately getting #undef'ed in Imake.rules; thus,
the sis.gen program was never getting built.)
danw [Tue, 4 Feb 1997 22:53:41 +0000 (22:53 +0000)]
in ASCII backups, write `|'s within fields as \174 instead of \| so
that `awk -F\|' will always break up the fields correctly. (mrrestore
already deals with \xxx, so no changes were needed there.)
danw [Wed, 29 Jan 1997 23:35:53 +0000 (23:35 +0000)]
Imake.rules:
Got rid of `PROFILED_LIBS' and lint libraries.
Got rid of the silly cc, ld, mv process for compiling and just use cc.
(which also gets rid of DEBUG_LIBS since you don't need to do anything
special to get that effect now.)
Got rid of some other unused rules.
Got rid of .dc -> .pc rule since we have .pc files instead now.
Imake.tmpl:
Add in room for extra options (LOCAL_INCLUDES, etc)
Makefile:
fix SRCTOP in config.Imakefile automatically when doing makeconfig
(also, fix reference to /mit/kerberos/src, since we're moira, not
kerberos :-} )
config.Imakefile:
Add all the various new variables used in various places.
Add stuff for __NetBSD__, linux, and __alpha. (Alpha isn't really
supported, although we _think_ it works.)
danw [Wed, 29 Jan 1997 23:24:06 +0000 (23:24 +0000)]
POSIX, ANSI, sanity fixes
s/#endif lint/#endif/ for irix cc
#include <crypt.h> in idno.c for OSes that don't have crypt in stdlib
64-bit OS fixes in mr_param.c
fill in missing return values in sq.c
danw [Wed, 29 Jan 1997 23:16:36 +0000 (23:16 +0000)]
#include file and prototype fixes
s/#endif lint/#endif/ for irix cc
did a modified version of Ezra's alpha patches to make everything work
on 64-bit systems. (Most instances of `long' became `int32' with
appropriate typedefs in the header files. Also, be more careful about
casting between ints and pointers.)