diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2009-01-21 14:24:16 +0100 |
---|---|---|
committer | Jelmer Vernooij <jelmer@samba.org> | 2009-01-21 14:24:16 +0100 |
commit | d3199276eac8caa55c8334458d156fd4badae338 (patch) | |
tree | 71e8d48b4ee545eab9ad50addbada3069f36f31e | |
parent | 1d59fd4d733007ccabb69c945e1da2208c376b96 (diff) | |
parent | 157864d1e8cb069a3be0aadf71e114f9ae827df3 (diff) | |
download | samba-d3199276eac8caa55c8334458d156fd4badae338.tar.gz samba-d3199276eac8caa55c8334458d156fd4badae338.tar.bz2 samba-d3199276eac8caa55c8334458d156fd4badae338.zip |
Merge branch 'master' of ssh://git.samba.org/data/git/samba
-rw-r--r-- | docs-xml/Makefile | 5 | ||||
-rwxr-xr-x | release-scripts/build-docs | 3 | ||||
-rwxr-xr-x | release-scripts/create-tarball | 4 | ||||
-rwxr-xr-x | selftest/selftest.pl | 14 | ||||
-rw-r--r-- | selftest/target/Samba4.pm | 43 | ||||
-rw-r--r-- | source3/auth/auth_util.c | 2 | ||||
-rw-r--r-- | source3/samba4.mk | 5 | ||||
-rw-r--r-- | source4/auth/auth_sam_reply.c | 139 | ||||
-rw-r--r-- | source4/auth/gensec/gensec_krb5.c | 2 | ||||
-rw-r--r-- | source4/auth/ntlm/auth_winbind.c | 2 | ||||
-rw-r--r-- | source4/auth/session.c | 140 | ||||
-rw-r--r-- | source4/auth/session.h | 5 | ||||
-rw-r--r-- | source4/scripting/python/config.mk | 2 | ||||
-rwxr-xr-x | source4/selftest/tests.sh | 16 | ||||
-rw-r--r-- | source4/smbd/service_named_pipe.c | 1 | ||||
-rw-r--r-- | source4/torture/auth/pac.c | 2 |
16 files changed, 208 insertions, 177 deletions
diff --git a/docs-xml/Makefile b/docs-xml/Makefile index 2acef3e243..08e3f5ebaa 100644 --- a/docs-xml/Makefile +++ b/docs-xml/Makefile @@ -320,7 +320,10 @@ xslt/man.xsl: xslt/pearson.xsl: distclean clobber:: clean - rm Makefile.settings config.status config.log configure + rm -f Makefile.settings config.status config.log + +realdistclean:: distclean + rm -f configure rm -rf autom4te.cache diff --git a/release-scripts/build-docs b/release-scripts/build-docs index c138149f6c..bde87f49bd 100755 --- a/release-scripts/build-docs +++ b/release-scripts/build-docs @@ -25,4 +25,7 @@ cd ../docs || exit 1 mv manpages-3 manpages mv htmldocs/manpages-3 htmldocs/manpages +cd ../docs-xml || exit 1 +make distclean + exit diff --git a/release-scripts/create-tarball b/release-scripts/create-tarball index ab27f08222..3e80cd1f07 100755 --- a/release-scripts/create-tarball +++ b/release-scripts/create-tarball @@ -183,6 +183,10 @@ function main if [ -n "$vendor_version" ]; then version="$version-$vendor_version" fi + vendor_patch=`grep "define SAMBA_VERSION_VENDOR_PATCH" $VER_H | awk '{print $3}'` + if [ -n "$vendor_patch" ]; then + version="$version-$vendor_patch" + fi version=`echo $version | sed 's/\"//g'` echo "Creating release tarball for Samba $version" diff --git a/selftest/selftest.pl b/selftest/selftest.pl index 292a2d2dd6..6f0883c585 100755 --- a/selftest/selftest.pl +++ b/selftest/selftest.pl @@ -13,7 +13,7 @@ selftest - Samba test runner selftest --help -selftest [--srcdir=DIR] [--builddir=DIR] [--target=samba4|samba3|win|kvm] [--socket-wrapper] [--quick] [--exclude=FILE] [--include=FILE] [--one] [--prefix=prefix] [--immediate] [--testlist=FILE] [TESTS] +selftest [--srcdir=DIR] [--builddir=DIR] [--exeext=EXT][--target=samba4|samba3|win|kvm] [--socket-wrapper] [--quick] [--exclude=FILE] [--include=FILE] [--one] [--prefix=prefix] [--immediate] [--testlist=FILE] [TESTS] =head1 DESCRIPTION @@ -35,6 +35,10 @@ Source directory. Build directory. +=item I<--exeext=EXT> + +Executable extention + =item I<--prefix=DIR> Change directory to run tests in. Default is 'st'. @@ -156,6 +160,7 @@ my @testlists = (); my $srcdir = "."; my $builddir = "."; +my $exeext = ""; my $prefix = "./st"; my @expected_failures = (); @@ -294,6 +299,7 @@ Paths: --prefix=DIR prefix to run tests in [st] --srcdir=DIR source directory [.] --builddir=DIR output directory [.] + --exeext=EXT executable extention [] Target Specific: --socket-wrapper-pcap save traffic to pcap directories @@ -334,6 +340,7 @@ my $result = GetOptions ( 'include=s' => \@opt_include, 'srcdir=s' => \$srcdir, 'builddir=s' => \$builddir, + 'exeext=s' => \$exeext, 'verbose' => \$opt_verbose, 'testenv' => \$opt_testenv, 'ldap:s' => \$ldap, @@ -443,9 +450,10 @@ my $testenv_default = "none"; if ($opt_target eq "samba4") { $testenv_default = "member"; require target::Samba4; - $target = new Samba4($opt_bindir or "$srcdir/bin", $ldap, "$srcdir/setup"); + $target = new Samba4($opt_bindir or "$builddir/bin", + $ldap, "$srcdir/setup", $exeext); } elsif ($opt_target eq "samba3") { - my $bindir = ($opt_bindir or "$srcdir/bin"); + my $bindir = ($opt_bindir or "$builddir/bin"); if ($opt_socket_wrapper and `$bindir/smbd -b | grep SOCKET_WRAPPER` eq "") { die("You must include --enable-socket-wrapper when compiling Samba in order to execute 'make test'. Exiting...."); } diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index 1dfb67e896..83f62d45ec 100644 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -10,18 +10,26 @@ use Cwd qw(abs_path); use FindBin qw($RealBin); use POSIX; -sub new($$$$) { - my ($classname, $bindir, $ldap, $setupdir) = @_; +sub new($$$$$) { + my ($classname, $bindir, $ldap, $setupdir, $exeext) = @_; + $exeext = "" unless defined($exeext); my $self = { vars => {}, ldap => $ldap, bindir => $bindir, - setupdir => $setupdir + setupdir => $setupdir, + exeext => $exeext }; bless $self; return $self; } +sub bindir_path($$) { + my ($self, $path) = @_; + + return "$self->{bindir}/$path$self->{exeext}"; +} + sub openldap_start($$$) { my ($slapd_conf, $uri, $logs) = @_; my $oldpath = $ENV{PATH}; @@ -50,7 +58,8 @@ sub slapd_start($$) } elsif ($self->{ldap} eq "openldap") { openldap_start($env_vars->{SLAPD_CONF}, $uri, "$env_vars->{LDAPDIR}/logs"); } - while (system("$self->{bindir}/ldbsearch -H $uri -s base -b \"\" supportedLDAPVersion > /dev/null") != 0) { + my $ldbsearch = $self->bindir_path("ldbsearch"); + while (system("$ldbsearch -H $uri -s base -b \"\" supportedLDAPVersion > /dev/null") != 0) { $count++; if ($count > 40) { $self->slapd_stop($env_vars); @@ -116,20 +125,21 @@ sub check_or_start($$$) if (defined($ENV{SMBD_OPTIONS})) { $optarg.= " $ENV{SMBD_OPTIONS}"; } - my $ret = system("$valgrind $self->{bindir}/samba $optarg $env_vars->{CONFIGURATION} -M single -i --leak-report-full"); + my $samba = $self->bindir_path("samba"); + my $ret = system("$valgrind $samba $optarg $env_vars->{CONFIGURATION} -M single -i --leak-report-full"); if ($? == -1) { - print "Unable to start samba: $ret: $!\n"; + print "Unable to start $samba: $ret: $!\n"; exit 1; } unlink($env_vars->{SMBD_TEST_FIFO}); my $exit = $? >> 8; if ( $ret == 0 ) { - print "samba exits with status $exit\n"; + print "$samba exits with status $exit\n"; } elsif ( $ret & 127 ) { - print "samba got signal ".($ret & 127)." and exits with $exit!\n"; + print "$samba got signal ".($ret & 127)." and exits with $exit!\n"; } else { $ret = $? >> 8; - print "samba failed with status $exit!\n"; + print "$samba failed with status $exit!\n"; } exit $exit; } @@ -169,7 +179,8 @@ sub write_ldb_file($$$) { my ($self, $file, $ldif) = @_; - open(LDIF, "|$self->{bindir}/ldbadd -H $file >/dev/null"); + my $ldbadd = $self->bindir_path("ldbadd"); + open(LDIF, "|$ldbadd -H $file >/dev/null"); print LDIF $ldif; return close(LDIF); } @@ -690,12 +701,13 @@ nogroup:x:65534:nobody close(GRP); #Ensure the config file is valid before we start - if (system("$self->{bindir}/testparm $configuration -v --suppress-prompt >/dev/null 2>&1") != 0) { - system("$self->{bindir}/testparm -v --suppress-prompt $configuration >&2"); - die("Failed to create a valid smb.conf configuration!"); + my $testparm = $self->bindir_path("testparm"); + if (system("$testparm $configuration -v --suppress-prompt >/dev/null 2>&1") != 0) { + system("$testparm -v --suppress-prompt $configuration >&2"); + die("Failed to create a valid smb.conf configuration $testparm!"); } - (system("($self->{bindir}/testparm $configuration -v --suppress-prompt --parameter-name=\"netbios name\" --section-name=global 2> /dev/null | grep -i \"^$netbiosname\" ) >/dev/null 2>&1") == 0) or die("Failed to create a valid smb.conf configuration! $self->{bindir}/testparm $configuration -v --suppress-prompt --parameter-name=\"netbios name\" --section-name=global"); + (system("($testparm $configuration -v --suppress-prompt --parameter-name=\"netbios name\" --section-name=global 2> /dev/null | grep -i \"^$netbiosname\" ) >/dev/null 2>&1") == 0) or die("Failed to create a valid smb.conf configuration! $self->{bindir}/testparm $configuration -v --suppress-prompt --parameter-name=\"netbios name\" --section-name=global"); my @provision_options = (); push (@provision_options, "NSS_WRAPPER_PASSWD=\"$nsswrap_passwd\""); @@ -792,10 +804,11 @@ sub provision_member($$$) $ret or die("Unable to provision"); + my $net = $self->bindir_path("net"); my $cmd = ""; $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" "; $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; - $cmd .= "$self->{bindir}/net join $ret->{CONFIGURATION} $dcvars->{DOMAIN} member"; + $cmd .= "$net join $ret->{CONFIGURATION} $dcvars->{DOMAIN} member"; $cmd .= " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}"; system($cmd) == 0 or die("Join failed\n$cmd"); diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index d2a8591ae6..e3677c41a4 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -573,7 +573,7 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info, } result->sam_account = sampass; - /* Ensure thaat the sampass will be freed with the result */ + /* Ensure that the sampass will be freed with the result */ talloc_steal(result, sampass); result->unix_name = pwd->pw_name; /* Ensure that we keep pwd->pw_name, because we will free pwd below */ diff --git a/source3/samba4.mk b/source3/samba4.mk index c79694edb0..49afa3a2e2 100644 --- a/source3/samba4.mk +++ b/source3/samba4.mk @@ -170,8 +170,11 @@ everything:: $(patsubst %,%4,$(BINARIES)) setup: @ln -sf ../source4/setup setup -SELFTEST4 = $(LD_LIBPATH_OVERRIDE) $(PERL) $(selftestdir)/selftest.pl --prefix=st4 \ +LD_LIBPATH_OVERRIDE = $(LIB_PATH_VAR)="$(builddir)/bin/shared" + +SELFTEST4 = $(LD_LIBPATH_OVERRIDE) EXEEXT="4" $(PERL) $(selftestdir)/selftest.pl --prefix=st4 \ --builddir=$(builddir) --srcdir=$(samba4srcdir) \ + --exeext=4 \ --expected-failures=$(samba4srcdir)/selftest/knownfail \ --format=$(SELFTEST_FORMAT) \ --exclude=$(samba4srcdir)/selftest/skip --testlist="$(samba4srcdir)/selftest/tests.sh|" \ diff --git a/source4/auth/auth_sam_reply.c b/source4/auth/auth_sam_reply.c index 839553632e..dfa76234b4 100644 --- a/source4/auth/auth_sam_reply.c +++ b/source4/auth/auth_sam_reply.c @@ -147,3 +147,142 @@ NTSTATUS auth_convert_server_info_saminfo3(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } +/** + * Make a server_info struct from the info3 returned by a domain logon + */ +NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx, + const char *account_name, + uint16_t validation_level, + union netr_Validation *validation, + struct auth_serversupplied_info **_server_info) +{ + struct auth_serversupplied_info *server_info; + struct netr_SamBaseInfo *base = NULL; + int i; + + switch (validation_level) { + case 2: + if (!validation || !validation->sam2) { + return NT_STATUS_INVALID_PARAMETER; + } + base = &validation->sam2->base; + break; + case 3: + if (!validation || !validation->sam3) { + return NT_STATUS_INVALID_PARAMETER; + } + base = &validation->sam3->base; + break; + case 6: + if (!validation || !validation->sam6) { + return NT_STATUS_INVALID_PARAMETER; + } + base = &validation->sam6->base; + break; + default: + return NT_STATUS_INVALID_LEVEL; + } + + server_info = talloc(mem_ctx, struct auth_serversupplied_info); + NT_STATUS_HAVE_NO_MEMORY(server_info); + + /* + Here is where we should check the list of + trusted domains, and verify that the SID + matches. + */ + server_info->account_sid = dom_sid_add_rid(server_info, base->domain_sid, base->rid); + NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid); + + + server_info->primary_group_sid = dom_sid_add_rid(server_info, base->domain_sid, base->primary_gid); + NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid); + + server_info->n_domain_groups = base->groups.count; + if (base->groups.count) { + server_info->domain_groups = talloc_array(server_info, struct dom_sid*, base->groups.count); + NT_STATUS_HAVE_NO_MEMORY(server_info->domain_groups); + } else { + server_info->domain_groups = NULL; + } + + for (i = 0; i < base->groups.count; i++) { + server_info->domain_groups[i] = dom_sid_add_rid(server_info, base->domain_sid, base->groups.rids[i].rid); + NT_STATUS_HAVE_NO_MEMORY(server_info->domain_groups[i]); + } + + /* Copy 'other' sids. We need to do sid filtering here to + prevent possible elevation of privileges. See: + + http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp + */ + + if (validation_level == 3) { + struct dom_sid **dgrps = server_info->domain_groups; + size_t sidcount = server_info->n_domain_groups + validation->sam3->sidcount; + size_t n_dgrps = server_info->n_domain_groups; + + if (validation->sam3->sidcount > 0) { + dgrps = talloc_realloc(server_info, dgrps, struct dom_sid*, sidcount); + NT_STATUS_HAVE_NO_MEMORY(dgrps); + + for (i = 0; i < validation->sam3->sidcount; i++) { + dgrps[n_dgrps + i] = talloc_reference(dgrps, validation->sam3->sids[i].sid); + } + } + + server_info->n_domain_groups = sidcount; + server_info->domain_groups = dgrps; + + /* Where are the 'global' sids?... */ + } + + if (base->account_name.string) { + server_info->account_name = talloc_reference(server_info, base->account_name.string); + } else { + server_info->account_name = talloc_strdup(server_info, account_name); + NT_STATUS_HAVE_NO_MEMORY(server_info->account_name); + } + + server_info->domain_name = talloc_reference(server_info, base->domain.string); + server_info->full_name = talloc_reference(server_info, base->full_name.string); + server_info->logon_script = talloc_reference(server_info, base->logon_script.string); + server_info->profile_path = talloc_reference(server_info, base->profile_path.string); + server_info->home_directory = talloc_reference(server_info, base->home_directory.string); + server_info->home_drive = talloc_reference(server_info, base->home_drive.string); + server_info->logon_server = talloc_reference(server_info, base->logon_server.string); + server_info->last_logon = base->last_logon; + server_info->last_logoff = base->last_logoff; + server_info->acct_expiry = base->acct_expiry; + server_info->last_password_change = base->last_password_change; + server_info->allow_password_change = base->allow_password_change; + server_info->force_password_change = base->force_password_change; + server_info->logon_count = base->logon_count; + server_info->bad_password_count = base->bad_password_count; + server_info->acct_flags = base->acct_flags; + + server_info->authenticated = true; + + /* ensure we are never given NULL session keys */ + + if (all_zero(base->key.key, sizeof(base->key.key))) { + server_info->user_session_key = data_blob(NULL, 0); + } else { + server_info->user_session_key = data_blob_talloc(server_info, base->key.key, sizeof(base->key.key)); + NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data); + } + + if (all_zero(base->LMSessKey.key, sizeof(base->LMSessKey.key))) { + server_info->lm_session_key = data_blob(NULL, 0); + } else { + server_info->lm_session_key = data_blob_talloc(server_info, base->LMSessKey.key, sizeof(base->LMSessKey.key)); + NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data); + } + + ZERO_STRUCT(server_info->pac_srv_sig); + ZERO_STRUCT(server_info->pac_kdc_sig); + + *_server_info = server_info; + return NT_STATUS_OK; +} + diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c index 16867366a4..6c6b928917 100644 --- a/source4/auth/gensec/gensec_krb5.c +++ b/source4/auth/gensec/gensec_krb5.c @@ -30,7 +30,6 @@ #include "auth/auth.h" #include "lib/ldb/include/ldb.h" #include "auth/auth_sam.h" -#include "system/network.h" #include "lib/socket/socket.h" #include "librpc/rpc/dcerpc.h" #include "auth/credentials/credentials.h" @@ -39,6 +38,7 @@ #include "auth/gensec/gensec_proto.h" #include "param/param.h" #include "auth/session_proto.h" +#include "auth/auth_sam_reply.h" enum GENSEC_KRB5_STATE { GENSEC_KRB5_SERVER_START, diff --git a/source4/auth/ntlm/auth_winbind.c b/source4/auth/ntlm/auth_winbind.c index ac63b242e4..bf75ad9eca 100644 --- a/source4/auth/ntlm/auth_winbind.c +++ b/source4/auth/ntlm/auth_winbind.c @@ -24,7 +24,7 @@ #include "includes.h" #include "auth/auth.h" #include "auth/ntlm/auth_proto.h" -#include "auth/session_proto.h" +#include "auth/auth_sam_reply.h" #include "nsswitch/winbind_client.h" #include "librpc/gen_ndr/ndr_netlogon.h" #include "librpc/gen_ndr/ndr_winbind.h" diff --git a/source4/auth/session.c b/source4/auth/session.c index 885b2b96c2..ef5646fd37 100644 --- a/source4/auth/session.c +++ b/source4/auth/session.c @@ -201,143 +201,3 @@ void auth_session_info_debug(int dbg_lev, security_token_debug(dbg_lev, session_info->security_token); } -/** - * Make a server_info struct from the info3 returned by a domain logon - */ -_PUBLIC_ NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx, - const char *account_name, - uint16_t validation_level, - union netr_Validation *validation, - struct auth_serversupplied_info **_server_info) -{ - struct auth_serversupplied_info *server_info; - struct netr_SamBaseInfo *base = NULL; - int i; - - switch (validation_level) { - case 2: - if (!validation || !validation->sam2) { - return NT_STATUS_INVALID_PARAMETER; - } - base = &validation->sam2->base; - break; - case 3: - if (!validation || !validation->sam3) { - return NT_STATUS_INVALID_PARAMETER; - } - base = &validation->sam3->base; - break; - case 6: - if (!validation || !validation->sam6) { - return NT_STATUS_INVALID_PARAMETER; - } - base = &validation->sam6->base; - break; - default: - return NT_STATUS_INVALID_LEVEL; - } - - server_info = talloc(mem_ctx, struct auth_serversupplied_info); - NT_STATUS_HAVE_NO_MEMORY(server_info); - - /* - Here is where we should check the list of - trusted domains, and verify that the SID - matches. - */ - server_info->account_sid = dom_sid_add_rid(server_info, base->domain_sid, base->rid); - NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid); - - - server_info->primary_group_sid = dom_sid_add_rid(server_info, base->domain_sid, base->primary_gid); - NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid); - - server_info->n_domain_groups = base->groups.count; - if (base->groups.count) { - server_info->domain_groups = talloc_array(server_info, struct dom_sid*, base->groups.count); - NT_STATUS_HAVE_NO_MEMORY(server_info->domain_groups); - } else { - server_info->domain_groups = NULL; - } - - for (i = 0; i < base->groups.count; i++) { - server_info->domain_groups[i] = dom_sid_add_rid(server_info, base->domain_sid, base->groups.rids[i].rid); - NT_STATUS_HAVE_NO_MEMORY(server_info->domain_groups[i]); - } - - /* Copy 'other' sids. We need to do sid filtering here to - prevent possible elevation of privileges. See: - - http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp - */ - - if (validation_level == 3) { - struct dom_sid **dgrps = server_info->domain_groups; - size_t sidcount = server_info->n_domain_groups + validation->sam3->sidcount; - size_t n_dgrps = server_info->n_domain_groups; - - if (validation->sam3->sidcount > 0) { - dgrps = talloc_realloc(server_info, dgrps, struct dom_sid*, sidcount); - NT_STATUS_HAVE_NO_MEMORY(dgrps); - - for (i = 0; i < validation->sam3->sidcount; i++) { - dgrps[n_dgrps + i] = talloc_reference(dgrps, validation->sam3->sids[i].sid); - } - } - - server_info->n_domain_groups = sidcount; - server_info->domain_groups = dgrps; - - /* Where are the 'global' sids?... */ - } - - if (base->account_name.string) { - server_info->account_name = talloc_reference(server_info, base->account_name.string); - } else { - server_info->account_name = talloc_strdup(server_info, account_name); - NT_STATUS_HAVE_NO_MEMORY(server_info->account_name); - } - - server_info->domain_name = talloc_reference(server_info, base->domain.string); - server_info->full_name = talloc_reference(server_info, base->full_name.string); - server_info->logon_script = talloc_reference(server_info, base->logon_script.string); - server_info->profile_path = talloc_reference(server_info, base->profile_path.string); - server_info->home_directory = talloc_reference(server_info, base->home_directory.string); - server_info->home_drive = talloc_reference(server_info, base->home_drive.string); - server_info->logon_server = talloc_reference(server_info, base->logon_server.string); - server_info->last_logon = base->last_logon; - server_info->last_logoff = base->last_logoff; - server_info->acct_expiry = base->acct_expiry; - server_info->last_password_change = base->last_password_change; - server_info->allow_password_change = base->allow_password_change; - server_info->force_password_change = base->force_password_change; - server_info->logon_count = base->logon_count; - server_info->bad_password_count = base->bad_password_count; - server_info->acct_flags = base->acct_flags; - - server_info->authenticated = true; - - /* ensure we are never given NULL session keys */ - - if (all_zero(base->key.key, sizeof(base->key.key))) { - server_info->user_session_key = data_blob(NULL, 0); - } else { - server_info->user_session_key = data_blob_talloc(server_info, base->key.key, sizeof(base->key.key)); - NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data); - } - - if (all_zero(base->LMSessKey.key, sizeof(base->LMSessKey.key))) { - server_info->lm_session_key = data_blob(NULL, 0); - } else { - server_info->lm_session_key = data_blob_talloc(server_info, base->LMSessKey.key, sizeof(base->LMSessKey.key)); - NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data); - } - - ZERO_STRUCT(server_info->pac_srv_sig); - ZERO_STRUCT(server_info->pac_kdc_sig); - - *_server_info = server_info; - return NT_STATUS_OK; -} - - diff --git a/source4/auth/session.h b/source4/auth/session.h index bdb63ec4a2..15570c4414 100644 --- a/source4/auth/session.h +++ b/source4/auth/session.h @@ -53,11 +53,6 @@ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, struct auth_serversupplied_info *server_info, struct auth_session_info **_session_info) ; -NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx, - const char *account_name, - uint16_t validation_level, - union netr_Validation *validation, - struct auth_serversupplied_info **_server_info); NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, struct tevent_context *ev_ctx, struct loadparm_context *lp_ctx, diff --git a/source4/scripting/python/config.mk b/source4/scripting/python/config.mk index 71432042fc..4d33ed2219 100644 --- a/source4/scripting/python/config.mk +++ b/source4/scripting/python/config.mk @@ -17,7 +17,7 @@ python_uuid_OBJ_FILES = $(pyscriptsrcdir)/uuidmodule.o [PYTHON::python_glue] LIBRARY_REALNAME = samba/glue.$(SHLIBEXT) -PRIVATE_DEPENDENCIES = LIBNDR LIBLDB SAMDB CREDENTIALS swig_ldb python_dcerpc_misc python_dcerpc_security swig_auth +PRIVATE_DEPENDENCIES = LIBNDR LIBLDB SAMDB CREDENTIALS pyldb python_dcerpc_misc python_dcerpc_security swig_auth python_glue_OBJ_FILES = $(pyscriptsrcdir)/pyglue.o diff --git a/source4/selftest/tests.sh b/source4/selftest/tests.sh index 56cbacbdaf..88b83631ba 100755 --- a/source4/selftest/tests.sh +++ b/source4/selftest/tests.sh @@ -54,10 +54,10 @@ plansmbtorturetest() { plantest "$modname" "$env" $cmdline } -bin/smbtorture -V - samba4srcdir=. samba4bindir=$samba4srcdir/bin +smb4torture="$samba4bindir/smbtorture${EXEEXT}" +$smb4torture -V prefix_abs="$SELFTEST_PREFIX/s4client" @@ -76,7 +76,7 @@ TORTURE_OPTIONS="$TORTURE_OPTIONS --format=subunit" if [ -n "$SELFTEST_QUICK" ]; then TORTURE_OPTIONS="$TORTURE_OPTIONS --option=torture:quick=yes" fi -smb4torture="$samba4bindir/smbtorture $TORTURE_OPTIONS" +smb4torture="$smb4torture $TORTURE_OPTIONS" echo "OPTIONS $TORTURE_OPTIONS" @@ -264,9 +264,10 @@ for t in `$smb4torture --list | grep "^LOCAL-" | xargs`; do plansmbtorturetest "$t" none ncalrpc: "$*" done -if test -f $samba4bindir/tdbtorture +tdbtorture4="$samba4bindir/tdbtorture${EXEEXT}" +if test -f $tdbtorture4 then - plantest "tdb.stress" none $VALGRIND $samba4bindir/tdbtorture + plantest "tdb.stress" none $VALGRIND $tdbtorture4 fi # Pidl tests @@ -379,9 +380,10 @@ for env in dc member; do done done -if test -f $samba4bindir/nsstest +nsstest4="$samba4bindir/nsstest${EXEEXT}" +if test -f $nsstest4 then - plantest "nss.test using winbind" member $VALGRIND $samba4bindir/nsstest $samba4bindir/shared/libnss_winbind.so + plantest "nss.test using winbind" member $VALGRIND $nsstest4 $samba4bindir/shared/libnss_winbind.so fi PYTHON=/usr/bin/python diff --git a/source4/smbd/service_named_pipe.c b/source4/smbd/service_named_pipe.c index 02b71de7c3..e3c0908a15 100644 --- a/source4/smbd/service_named_pipe.c +++ b/source4/smbd/service_named_pipe.c @@ -25,6 +25,7 @@ #include "smbd/service.h" #include "param/param.h" #include "auth/session.h" +#include "auth/auth_sam_reply.h" #include "lib/stream/packet.h" #include "librpc/gen_ndr/ndr_named_pipe_auth.h" #include "system/passwd.h" diff --git a/source4/torture/auth/pac.c b/source4/torture/auth/pac.c index f6f2fcb498..fd54863686 100644 --- a/source4/torture/auth/pac.c +++ b/source4/torture/auth/pac.c @@ -28,7 +28,7 @@ #include "samba3/samba3.h" #include "libcli/security/security.h" #include "torture/torture.h" -#include "auth/session_proto.h" +#include "auth/auth_sam_reply.h" static bool torture_pac_self_check(struct torture_context *tctx) { |