Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
|
|
flags.trusted_for_delegation
metze
|
|
Otherwise we would not impersonate the desired principal.
This still doesn't work for plaintext auth, but should
avoid ntlmssp.
metze
|
|
cli_credentials_set_impersonate_principal()
This also adds a cli_credentials_get_self_service() helper function.
In order to support S4U2Proxy we need to be able to set
the service principal for the S4U2Self step independent of the
target principal.
metze
|
|
metze
|
|
TODO: we need to add a S4U_DELEGATION_INFO to the PAC later.
metze
|
|
Depending on S4U2Proxy the principal name for the resulting
ticket is not the principal of the client ticket.
metze
|
|
For a normal TGS-REQ they're both signed with krbtgt key.
But for S4U2Proxy requests which ask for contrained delegation,
the keys differ.
metze
|
|
The extra checks added for Windows correctness in our metadata changing paths
to ensure the file handle has been opened with the correct access mask to
allow FILE_WRITE_ATTRIBUTES etc. caused problems with the POSIX open code.
The old POSIX open code maped O_RDONLY into FILE_READ, O_WRONLY into FILE_WRITE,
and O_RDWR into FILE_READ|FILE_WRITE. This patch extends the mapping to add
FILE_WRITE_ATTRIBUTES, FILE_READ_ATTRIBUTES and FILE_WRITE_EA, FILE_READ_EA to
allow POSIX opens to set these values.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed May 18 02:22:32 CEST 2011 on sn-devel-104
|
|
|
|
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue May 17 20:05:42 CEST 2011 on sn-devel-104
|
|
Prevents side-effects when src is a function call.
|
|
herb@samba.org
|
|
"struct smbd_server_connection" is called sconn elsewhere, avoid confusion
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue May 17 19:00:20 CEST 2011 on sn-devel-104
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue May 17 16:16:59 CEST 2011 on sn-devel-104
|
|
with 0700
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue May 17 13:01:14 CEST 2011 on sn-devel-104
|
|
This reverts commit a032c9c8fe8aff455407485169b9445860f89606.
|
|
Reported by: John Danks <john.danks@gmail.com>
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue May 17 11:56:08 CEST 2011 on sn-devel-104
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue May 17 10:49:13 CEST 2011 on sn-devel-104
|
|
This is similar to commit 6f51a1f45bf4de062cce7a562477e8140630a53d.
metze
|
|
metze
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue May 17 09:43:01 CEST 2011 on sn-devel-104
|
|
This way we the pool based valgrind code.
metze
|
|
metze
|
|
*talloc_pool_objectcount(pool_tc) == 2 doesn't mean the one of the objects
is the pool itself! So we better check for == 1 and calculate the chunk count.
metze
|
|
This should follow the same logic...
metze
|
|
The optimization of the object_count == 1 case should only happen
for when we're not destroying the pool itself. And it should only
happen if the pool itself is still valid.
If the pool isn't valid (it has TALLOC_FLAG_FREE),
object_count == 1 does not mean that the pool is the last object,
which can happen if you use talloc_steal/move() on memory
from the pool and then free the pool itself.
Thanks to Volker for noticing this!
metze
|
|
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Tue May 17 01:33:27 CEST 2011 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In the oplock refactoring, the algorithm underwent an unnoticed change.
In 3.5.x stat_opens were silently (i.e. no explicit code had comments
explaining this) ignored when looking for oplock breaks and share mode
violations. After the refactoring, the function find_oplock_types()
no longer ignored stat_open entries in the share mode table when looking
for batch and exclusive oplocks. This patch adds two changes to find_oplock_types()
to ignore the case where the incoming open request is a stat open being
tested against existing opens, and also when the incoming open request
is a non-stat open being tested against existing stat opens. Neither
of these cause an oplock break or share mode violation. Thanks a *lot*
to Volker, who persevered in reproducing this problem.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon May 16 22:38:20 CEST 2011 on sn-devel-104
|
|
table entries.
|
|
This completes aae9353ecf56323b63da66aa84d8a0a4f219d94d.
directory_create_or_exist() is not needed cause create_pipe_sock() takes
care of setting up the directory correctly.
Andrew please check!
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Mon May 16 17:54:20 CEST 2011 on sn-devel-104
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon May 16 16:03:57 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon May 16 15:00:40 CEST 2011 on sn-devel-104
|
|
This enables optimizations for shared file access on gpfs
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon May 16 13:57:01 CEST 2011 on sn-devel-104
|
|
Thanks to Bjoern Baumbach for pointing this out!
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon May 16 12:45:52 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|