Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
According to coding guidelines.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
This reverts commit a6be8a97f705247c1b1cbb0595887d8924740a71.
We fail (often) to parse a krb5pac type 12 buffer due to the incomplete change
which came in via a6be8a97f705247c1b1cbb0595887d8924740a71. This change came
into master and has only been released in RCs so no regression to published
4.0.x releases. We should revert this for 4.1 for now until we can make it work
in all cases (see work on this in
https://git.samba.org/?p=gd/samba/.git;a=shortlog;h=refs/heads/master-krb5pac_type12).
Without this revert the entire PAC parsing may fail which can effect serious
implications (krb5 smb session setup not working).
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10178
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Oct 3 17:08:46 CEST 2013 on sn-devel-104
|
|
array or associated counter.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@suse.de>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 3 03:22:36 CEST 2013 on sn-devel-104
|
|
don't have a sesseion
I.e. when the request is a session setup.
We replied with ACCESS_DENIED, but windows expects USER_SESSION_DELETED
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 2 22:07:44 CEST 2013 on sn-devel-104
|
|
Windows (at least the test suites) may skip the SMB2_HDR_FLAG_SIGNED
in a reauth session setup, but still provide a valid signature.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Oct 2 15:02:07 CEST 2013 on sn-devel-104
|
|
Don't endlessly loop
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
bits of 64 bit value are not 0
Signed-off-by: Matthieu Patou <mat@matws.net>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Omission of SID parameter lists ranges for all domains.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Oct 2 12:23:33 CEST 2013 on sn-devel-104
|
|
by allowing handed in domsid to be NULL
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Inspired by a patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
This uses the new idmap_autorid_iterate_domain_ranges() function.
Based on earlier patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Implemented using the idmap_autorid_iterate_domain_ranges_read() function.
Based on earlier patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Functions to perform an action on all domain range mappings for
a given domain, specified by the domain sid.
Inspired by a previous patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
query and delete a mapping specified by the range number.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Delete a range mapping as specified by domain SID and range index.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
talloc version of idmap_autorid_build_keystr()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
the HWM
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
get the range for a domain sid and range index.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
mem_ctx.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
This lets the admin store a range for a domain/index pair.
Call syntax is:
net idmap set range <RANGE> <DOMSID> [<INDEX>]
INDEX defaults to 0.
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
This has no subcommands yet and is added in preparation of adding some.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Store a configuration as provided by a config string
after parsing and validating the string.
Based on similar patch by Atul Kulkarni <atul.kulkarni@in.ibm.com>.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
This checks the backend is autorid, and opens the db if so.
If readonly == true, the DB is simply opened for reading.
If readonly == false, the DB is created if necessary and
initialized with HWMs.
Pair-Programmed-With: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
This started specific, but is now generic.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
delete mapping"
This is in preparation of adding more types of entries to delete...
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
mapping"
This is in preparation of adding more "net idmap set" subcommands for the autorid backend.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
With idmap autorid "dump ID mappings" is not precise enough any more.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
idmap_autorid_addrange()
This one calls into the HWM bumping acquire code path.
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
This allows to directly set a range for a domsid#index pair.
It fails if a stored range is found which is different from
the requested one.
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
This also adds a new mode to the new idmap_autorid_addrange() function
that allows to set a provided range if the range is available, instead
of the original only mode of automatically allocating a new range
by incrementing the HWM counter.
Pair-Programmed-With: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Atul Kulkarni <atul.kulkarni@in.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
|
|
Wrapper to idmap_autorid_getrange_int().
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
|