Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Oct 24 10:18:06 CEST 2011 on sn-devel-104
|
|
metze
|
|
metze
|
|
metze
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Oct 22 13:15:52 CEST 2011 on sn-devel-104
|
|
metze
|
|
metze
|
|
metze
|
|
We don't include "includes.h" anymore...
metze
|
|
metze
|
|
symlink target is outside of the share.
Missed passing ucf_flags instead of hard coded flags in findfirst call.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 22 06:30:16 CEST 2011 on sn-devel-104
|
|
symlink target is outside of the share.
The statcache has to do lstat instead of stat when returning cached
posix pathnames.
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Oct 22 04:55:54 CEST 2011 on sn-devel-104
|
|
The amount of possible fd's might be restricted, so close them early.
metze
|
|
We need to convert the errno based error to NTSTATUS
before calling tevent_req_error (via tevent_req_nterror).
metze
|
|
outside of the share.
The key is to only allow the lookup to succeed if it's a UNIX level lookup or readlink,
but disallow all other operations.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Oct 22 01:37:41 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat Oct 22 00:02:00 CEST 2011 on sn-devel-104
|
|
|
|
metze
Signed-off-by: Matthieu Patou <mat@matws.net>
|
|
|
|
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Oct 21 21:51:18 CEST 2011 on sn-devel-104
|
|
document the need that excessive use of local users/group might
require increasing the rangesize
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Fri Oct 21 18:04:50 CEST 2011 on sn-devel-104
|
|
this is needed to allocate gids for BUILTIN\Users and
BUILTIN\Administrators and for local users/group that
admins might want to create
autorid will now allocate one range for this purpose
and can so give out as many uids and gids as the
configured rangesize allows
|
|
we will need some more HWM soon, so move out initialization and
optimize the logic using the new interface of dbwrap_fetch_uint32
|
|
this prepares for allocation of non-domain ranges that cannot be
expressed by a SID (e.g. an allocation pool)
|
|
commit 355b5e3a831415d9bef97 changed the module system to
expect 'samba_init_module' as fixed initializer function
|
|
This reverts commit 0aa558718ad7427ee8b02046da73eea1838a5a32.
just having 500 uid/gids values is not good enough for
users using local users and groups in the order of thousands
better solution which will use a complete range for allocated
uids/gids will come next.
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri Oct 21 15:52:36 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Oct 21 10:22:39 CEST 2011 on sn-devel-104
|
|
We always dereferenced auth_ntlmssp_state->gensec_security, so now we
do not bother passing around the whole auth_ntlmssp_state.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This structure added no value, particularly after the move to gensec.
It was added at a time when auth_ntlmssp_state was not available in
the client. This changed a while back (the wrapper was extended with
client calls), and the move to gensec again reinforced that we do not
need the extra complexity.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
We now just call the gensec_session_key() directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
We now just call the gensec_want_feature() directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This should not make a difference for NTLMSSP as it still calls the
low level ntlmssp_[un]seal_packet() functions with the same input parameters.
If we convert the gss-api/krb5 based code to gensec we have to use
gensec_[un]wrap() as the wire format is different compared to
gensec_[un]seal_packet() there.
Andrew Bartlett
Split from another commit by Stefan Metzmacher <metze@samba.org>
|
|
This avoids the indirection via the auth_ntlmsssp wrapper functions.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
auth_ntlmssp_negotiated_seal()
We now just call the gensec_have_feature() directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
We now just call gensec_update directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Instead, call gensec_session_info() directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
lines later
metze
|
|
There's no need to do gss-api specific stuff, the buffer is always
malloc'ed.
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|