summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-08-10s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done()Stefan Metzmacher1-12/+7
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:rpcclient: try to use NETLOGON_NEG_SUPPORTS_AESStefan Metzmacher2-2/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:rpc_client: try to use NETLOGON_NEG_SUPPORTS_AESStefan Metzmacher2-3/+6
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:libnet_join: try to use NETLOGON_NEG_SUPPORTS_AESStefan Metzmacher1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:auth_domain: try to use NETLOGON_NEG_SUPPORTS_AESStefan Metzmacher1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:libsmb: remove unused cli_state->is_guestloginStefan Metzmacher2-6/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-09torture: add smb2 FSCTL_[GET/SET]_COMPRESSION testDavid Disseldorp1-0/+84
This test simply creates a file and checks the compression state before and after FSCTL_SET_COMPRESSION(COMPRESSION_FORMAT_DEFAULT). The test expects the compression state to be COMPRESSION_FORMAT_LZNT1 after set, conforming to Windows Server behaviour. If the server responds to the first FSCTL_GET_COMPRESSION request with NT_STATUS_NOT_SUPPORTED or NT_STATUS_INVALID_DEVICE_REQUEST, then the test is skipped. This allows it to run during selftest. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 9 22:03:39 CEST 2013 on sn-devel-104
2013-08-09lib: add FSCTL_[GET/SET]_COMPRESSION constantsDavid Disseldorp2-0/+14
Values taken from MS-FSCC. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-09torture: split out ioctl test file creation helperDavid Disseldorp1-56/+43
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-09VFS plugin was sending the actual size of the volume instead of the total ↵Susant Kumar Palai1-7/+4
number of block units because of which windows was getting the wrong volume capacity. Signed-off-by: Susant Kumar Palai <spalai@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christopher R. Hertel <crh@samba.org>
2013-08-09doc: Fix prefix parameter name in vfs_full_audit man pageChristof Schmitt1-1/+1
Commit 2314f47 fixed two other instances, but forgot to change the last one. Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Aug 9 16:53:28 CEST 2013 on sn-devel-104
2013-08-09docs: Add basic man page for vfs_syncops.Karolin Seeger1-0/+99
Fix bug #7364 - man vfs_syncops missing. Signed-off-by: Karolin Seeger <kseeger@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Aug 9 13:19:12 CEST 2013 on sn-devel-104
2013-08-07drs-cracknames: Add some debugs in the torture to know better which test has ↵Matthieu Patou1-0/+4
failed Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-By: Andrew Bartlett <abarlett@samba.org> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Wed Aug 7 08:10:58 CEST 2013 on sn-devel-104
2013-08-06Remove the knownfail flag on cracknames as it didn't fail anymoreMatthieu Patou1-2/+0
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06drs-cracksname: fix problems that prevented to pass our torture testsMatthieu Patou1-6/+21
Some of the problems where also reported by Microsoft testing tools Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06drs-crackname: Fix error code so that we have the same as windowsMatthieu Patou1-0/+1
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06drs-cracknames: When cracking NT4 names we should just look at netbios for ↵Matthieu Patou1-2/+1
the match Looking at dnsRoot will yield a result for domain.tld\username when it shouldn't work. Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06drs-crackname: Fix cracknames for the format UNKNOWN when the data is ↵Matthieu Patou1-1/+4
actually a GUID The cannonical crackname expect a "/" or it returns DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR, when doing UNKNOWN format it's not an error to not have a "/" in the name to crack it's just a sign the name is not a cannonical one. Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06drs-cracknames: Reorganise the cracknames list so that similar format names ↵Matthieu Patou1-6/+6
are group together It makes easier when reviewing failed test case in DRSR testsuite Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06Add Notes related to DRSUAPIMatthieu Patou1-0/+1
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06s4-netlogon: honnor DS_RETURN_DNS_NAME flagMatthieu Patou1-0/+9
Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06s4-netlogon: do not add \\ it has already be done in the ↵Matthieu Patou1-1/+3
fill_netlogon_samlogon_response Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06torture: Quiet a warning about set but not used variableMatthieu Patou1-8/+7
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06torture-drsuapi: Make the name of the dc variableMatthieu Patou1-3/+5
In case some tests fails or if the removal takes sometime to replicate to all the DCs Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06s3-netlogon: Connecting with the system token should be sufficient.Andreas Schneider1-2/+0
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Tue Aug 6 18:22:06 CEST 2013 on sn-devel-104
2013-08-06s3-rpc_server: Grant the system token full access.Andreas Schneider1-6/+18
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2013-08-06libcli: Add security_token_system_privilege().Andreas Schneider2-0/+23
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2013-08-06FSCTL_GET_SHADOW_COPY_DATA: Don't return 4 extra bytes at endChristof Schmitt1-2/+2
labels_data_count already accounts for the unicode null character at the end of the array. There is no need in adding space for it again. Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Aug 6 04:03:17 CEST 2013 on sn-devel-104
2013-08-05FSCTL_GET_SHADOW_COPY_DATA: Initialize output array to zeroChristof Schmitt1-1/+1
Otherwise num_volumes and the end marker can return uninitialized data to the client. Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org>
2013-08-05s3:smbd: allow info class SMB_QUERY_FS_ATTRIBUTE_INFO to return partial dataRalph Wuerthner1-0/+6
Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2013-08-05s3:smbd: allow info class SMB_QUERY_FS_VOLUME_INFO to return partial dataRalph Wuerthner1-0/+6
Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2013-08-05s3:smbd: allow status code in smbd_do_qfsinfo() to be set by information ↵Ralph Wuerthner1-1/+2
class handler Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2013-08-05s3:smbd: allow GetInfo responses with STATUS_BUFFER_OVERFLOW to return ↵Ralph Wuerthner1-3/+10
partial, but valid data Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2013-08-05s3:smbd: return NT_STATUS_INFO_LENGTH_MISMATCH for GetInfo in case ↵Ralph Wuerthner1-0/+5
output_buffer_length is too small Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2013-08-06pyldb: decrement ref counters on py_results and quiet warningsMatthieu Patou1-0/+4
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Tue Aug 6 00:32:46 CEST 2013 on sn-devel-104
2013-08-05Fix bug #10010 - Missing integer wrap protection in EA list reading can ↵Jeremy Allison1-2/+5
cause server to loop with DOS. Fix client-side parsing also. Found by David Disseldorp <ddiss@suse.de> Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Mon Aug 5 14:39:04 CEST 2013 on sn-devel-104
2013-08-05Fix bug #10010 - Missing integer wrap protection in EA list reading can ↵Jeremy Allison1-0/+12
cause server to loop with DOS. Ensure we never wrap whilst adding client provided input. Signed-off-by: Jeremy Allison <jra@samba.org>
2013-08-05s3-libads: Print a message if no realm has been specified.Andreas Schneider1-1/+7
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Aug 5 12:24:44 CEST 2013 on sn-devel-104
2013-08-05s3:rpc_client: rename same variables in cli_rpc_pipe_open_schannel_with_key()Stefan Metzmacher1-15/+15
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s3:rpc_client: use the correct context for netlogon_creds_copy() in ↵Stefan Metzmacher1-1/+4
rpccli_schannel_bind_data() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s3:rpc_client: make rpccli_schannel_bind_data() staticStefan Metzmacher2-10/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s3:netlogon: make use of netlogon_creds_decrypt_samlogon_logon()Stefan Metzmacher1-24/+21
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s4:netlogon: make use of netlogon_creds_decrypt_samlogon_logon()Stefan Metzmacher1-22/+6
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05libcli/auth: add netlogon_creds_shallow_copy_logon()Stefan Metzmacher2-0/+76
This can be used before netlogon_creds_encrypt_samlogon_logon() in order to keep the provided buffers unchanged. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05libcli/auth: add netlogon_creds_[de|en]crypt_samlogon_logon()Stefan Metzmacher2-0/+124
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05libcli/auth: fix shadowed declaration in ↵Stefan Metzmacher1-4/+4
netlogon_creds_crypt_samlogon_validation() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05libcli/auth: make netlogon_creds_crypt_samlogon_validation more robustStefan Metzmacher1-1/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s3:rpcclient: use talloc_stackframe() in do_cmd()Stefan Metzmacher1-2/+6
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s4:librpc: fix netlogon connections against servers without AES supportStefan Metzmacher1-2/+6
LogonGetCapabilities() only works on the credential chain if the server supports AES, so we need to work on a temporary copy until we know the server replied a valid return authenticator. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
2013-08-05s3-net: avoid confusing output in net_rpc_oldjoin() if ↵Stefan Metzmacher3-3/+14
NET_FLAGS_EXPECT_FALLBACK is passed "net rpc join" tries net_rpc_oldjoin() first and falls back to net_rpc_join_newstyle(). We should not print the join failed if just net_rpc_oldjoin() failed. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>