summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2013-08-10s3:rpc_server: make use of netsec_create_state()Stefan Metzmacher1-8/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:cli_pipe.c: return NO_USER_SESSION_KEY in cli_get_session_key() for schannelStefan Metzmacher1-7/+0
SCHANNEL connections don't have a user session key, they're like anonymous connections. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:cli_pipe: pass down creds->computer_name to NL_AUTH_MESSAGEStefan Metzmacher1-7/+6
We need to use the same computer_name value as in the netr_Authenticate3() request. We abuse cli->auth->user_name to pass the value down. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:cli_pipe: make use of netsec_create_state()Stefan Metzmacher1-8/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10libcli/auth: add netsec_create_state()Stefan Metzmacher2-0/+26
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10libcli/auth: maintain the sequence number for the NETLOGON SSP as 64bitStefan Metzmacher3-7/+16
See [MS-NPRC] 3.3.4.2 The Netlogon Signature Token. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10auth/gensec: add gensec_security_by_auth_type()Stefan Metzmacher2-0/+29
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10auth/gensec: first check GENSEC_FEATURE_SESSION_KEY before returning ↵Stefan Metzmacher1-3/+4
NOT_IMPLEMENTED Preferr NT_STATUS_NO_USER_SESSION_KEY as return value of gensec_session_key(). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:rpc_client: remove unused cli_rpc_pipe_open_ntlmssp_auth_schannel()Stefan Metzmacher2-89/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:rpc_client: remove netr_LogonGetCapabilities check from rpc_pipe_bind*Stefan Metzmacher1-149/+1
It's done in the caller now. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:rpc_client: add netr_LogonGetCapabilities to ↵Stefan Metzmacher1-0/+101
cli_rpc_pipe_open_schannel_with_key() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:rpc_client: use netlogon_creds_copy before rpc_pipe_bindStefan Metzmacher1-12/+12
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:rpc_client: fix/add AES downgrade detection to rpc_pipe_bind_step_two_done()Stefan Metzmacher1-12/+7
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:rpcclient: try to use NETLOGON_NEG_SUPPORTS_AESStefan Metzmacher2-2/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:rpc_client: try to use NETLOGON_NEG_SUPPORTS_AESStefan Metzmacher2-3/+6
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:libnet_join: try to use NETLOGON_NEG_SUPPORTS_AESStefan Metzmacher1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:auth_domain: try to use NETLOGON_NEG_SUPPORTS_AESStefan Metzmacher1-1/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-10s3:libsmb: remove unused cli_state->is_guestloginStefan Metzmacher2-6/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-08-09torture: add smb2 FSCTL_[GET/SET]_COMPRESSION testDavid Disseldorp1-0/+84
This test simply creates a file and checks the compression state before and after FSCTL_SET_COMPRESSION(COMPRESSION_FORMAT_DEFAULT). The test expects the compression state to be COMPRESSION_FORMAT_LZNT1 after set, conforming to Windows Server behaviour. If the server responds to the first FSCTL_GET_COMPRESSION request with NT_STATUS_NOT_SUPPORTED or NT_STATUS_INVALID_DEVICE_REQUEST, then the test is skipped. This allows it to run during selftest. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 9 22:03:39 CEST 2013 on sn-devel-104
2013-08-09lib: add FSCTL_[GET/SET]_COMPRESSION constantsDavid Disseldorp2-0/+14
Values taken from MS-FSCC. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-09torture: split out ioctl test file creation helperDavid Disseldorp1-56/+43
Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
2013-08-09VFS plugin was sending the actual size of the volume instead of the total ↵Susant Kumar Palai1-7/+4
number of block units because of which windows was getting the wrong volume capacity. Signed-off-by: Susant Kumar Palai <spalai@redhat.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Christopher R. Hertel <crh@samba.org>
2013-08-09doc: Fix prefix parameter name in vfs_full_audit man pageChristof Schmitt1-1/+1
Commit 2314f47 fixed two other instances, but forgot to change the last one. Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Aug 9 16:53:28 CEST 2013 on sn-devel-104
2013-08-09docs: Add basic man page for vfs_syncops.Karolin Seeger1-0/+99
Fix bug #7364 - man vfs_syncops missing. Signed-off-by: Karolin Seeger <kseeger@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Aug 9 13:19:12 CEST 2013 on sn-devel-104
2013-08-07drs-cracknames: Add some debugs in the torture to know better which test has ↵Matthieu Patou1-0/+4
failed Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-By: Andrew Bartlett <abarlett@samba.org> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Wed Aug 7 08:10:58 CEST 2013 on sn-devel-104
2013-08-06Remove the knownfail flag on cracknames as it didn't fail anymoreMatthieu Patou1-2/+0
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06drs-cracksname: fix problems that prevented to pass our torture testsMatthieu Patou1-6/+21
Some of the problems where also reported by Microsoft testing tools Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06drs-crackname: Fix error code so that we have the same as windowsMatthieu Patou1-0/+1
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06drs-cracknames: When cracking NT4 names we should just look at netbios for ↵Matthieu Patou1-2/+1
the match Looking at dnsRoot will yield a result for domain.tld\username when it shouldn't work. Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06drs-crackname: Fix cracknames for the format UNKNOWN when the data is ↵Matthieu Patou1-1/+4
actually a GUID The cannonical crackname expect a "/" or it returns DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR, when doing UNKNOWN format it's not an error to not have a "/" in the name to crack it's just a sign the name is not a cannonical one. Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06drs-cracknames: Reorganise the cracknames list so that similar format names ↵Matthieu Patou1-6/+6
are group together It makes easier when reviewing failed test case in DRSR testsuite Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06Add Notes related to DRSUAPIMatthieu Patou1-0/+1
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06s4-netlogon: honnor DS_RETURN_DNS_NAME flagMatthieu Patou1-0/+9
Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06s4-netlogon: do not add \\ it has already be done in the ↵Matthieu Patou1-1/+3
fill_netlogon_samlogon_response Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06torture: Quiet a warning about set but not used variableMatthieu Patou1-8/+7
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06torture-drsuapi: Make the name of the dc variableMatthieu Patou1-3/+5
In case some tests fails or if the removal takes sometime to replicate to all the DCs Reviewed-By: Andrew Bartlett <abarlett@samba.org>
2013-08-06s3-netlogon: Connecting with the system token should be sufficient.Andreas Schneider1-2/+0
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Tue Aug 6 18:22:06 CEST 2013 on sn-devel-104
2013-08-06s3-rpc_server: Grant the system token full access.Andreas Schneider1-6/+18
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2013-08-06libcli: Add security_token_system_privilege().Andreas Schneider2-0/+23
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
2013-08-06FSCTL_GET_SHADOW_COPY_DATA: Don't return 4 extra bytes at endChristof Schmitt1-2/+2
labels_data_count already accounts for the unicode null character at the end of the array. There is no need in adding space for it again. Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Aug 6 04:03:17 CEST 2013 on sn-devel-104
2013-08-05FSCTL_GET_SHADOW_COPY_DATA: Initialize output array to zeroChristof Schmitt1-1/+1
Otherwise num_volumes and the end marker can return uninitialized data to the client. Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Simo Sorce <idra@samba.org>
2013-08-05s3:smbd: allow info class SMB_QUERY_FS_ATTRIBUTE_INFO to return partial dataRalph Wuerthner1-0/+6
Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2013-08-05s3:smbd: allow info class SMB_QUERY_FS_VOLUME_INFO to return partial dataRalph Wuerthner1-0/+6
Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2013-08-05s3:smbd: allow status code in smbd_do_qfsinfo() to be set by information ↵Ralph Wuerthner1-1/+2
class handler Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2013-08-05s3:smbd: allow GetInfo responses with STATUS_BUFFER_OVERFLOW to return ↵Ralph Wuerthner1-3/+10
partial, but valid data Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2013-08-05s3:smbd: return NT_STATUS_INFO_LENGTH_MISMATCH for GetInfo in case ↵Ralph Wuerthner1-0/+5
output_buffer_length is too small Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2013-08-06pyldb: decrement ref counters on py_results and quiet warningsMatthieu Patou1-0/+4
Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Tue Aug 6 00:32:46 CEST 2013 on sn-devel-104
2013-08-05Fix bug #10010 - Missing integer wrap protection in EA list reading can ↵Jeremy Allison1-2/+5
cause server to loop with DOS. Fix client-side parsing also. Found by David Disseldorp <ddiss@suse.de> Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Mon Aug 5 14:39:04 CEST 2013 on sn-devel-104
2013-08-05Fix bug #10010 - Missing integer wrap protection in EA list reading can ↵Jeremy Allison1-0/+12
cause server to loop with DOS. Ensure we never wrap whilst adding client provided input. Signed-off-by: Jeremy Allison <jra@samba.org>
2013-08-05s3-libads: Print a message if no realm has been specified.Andreas Schneider1-1/+7
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Aug 5 12:24:44 CEST 2013 on sn-devel-104