summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-01-31s3:smbd: rework reply_spnego_ntlmssp to reply_spnego_genericStefan Metzmacher1-27/+5
This removes the unused spnego_gen_auth_response() wrapping. metze
2012-01-31s3:smbd: remove unused code from sesssetup.cStefan Metzmacher2-549/+0
metze
2012-01-31s3:smbd: remove pending_auth_data logicStefan Metzmacher2-269/+0
This is handled by the gensec_spnego module. metze
2012-01-31s3:smbd: always use the gensec code path in sesssetup.cStefan Metzmacher1-67/+32
The other code pathes are unused, because we always have the spnego gensec module. metze
2012-01-31s3:smbd: rework smbd_smb2_*_ntlmssp_auth* to smbd_smb2_auth_generic*Stefan Metzmacher1-22/+28
metze
2012-01-31s3:smbd: always use the gensec code path in smb2_sesssetup.cStefan Metzmacher1-460/+7
The other code pathes are unused, because we always have the spnego gensec module. metze
2012-01-31libcli/smb: Convert struct smb_trans_enc_state to tallocAndrew Bartlett5-81/+20
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-31s3-libsmb: Remove unused enum smb_trans_enc_typeAndrew Bartlett2-11/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-31s3-libsmb: Use gensec_spnego in smb seal clientAndrew Bartlett2-41/+7
This is intead of the inline, manual spnego code currently in use. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-31s3-smbd: Use gensec_spnego in smb seal serverAndrew Bartlett1-304/+29
This is instead of the inline, manual spnego code currently in use. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2012-01-31s3:libsmb/auth_generic: make use of gensec_spnego in the clientStefan Metzmacher1-4/+9
metze
2012-01-31s3:auth/auth_generic: make use of gensec_spnego in the serverStefan Metzmacher1-4/+9
metze
2012-01-31s3: Unify stream testing in open_directoryVolker Lendecke1-9/+5
The second if-statement could never have kicked in, assuming the SMB_ASSERT above was right. Jeremy, please check! Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Jan 31 20:15:36 CET 2012 on sn-devel-104
2012-01-31s3: Re-indent an && sequence for better understandingVolker Lendecke1-2/+2
2012-01-31s3: Fix "smbcontrol smbd close-share"Volker Lendecke1-0/+11
2012-01-31s3:net ads join: remove a useless empty comment blockMichael Adam1-2/+1
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Tue Jan 31 18:37:45 CET 2012 on sn-devel-104
2012-01-31s3:net ads join: add a comment for the call to _net_ads_join_dns_update()Michael Adam1-0/+5
2012-01-31s3:net ads join: reduce indentation in _net_ads_join_dns_updates()Michael Adam1-46/+47
2012-01-31s3:net ads join: move dns update code out to new function ↵Michael Adam1-77/+84
_net_ads_join_dns_updates()
2012-01-31s3:net ads join: improve comment for dns update blockMichael Adam1-4/+4
2012-01-31s3:net ads join: improve status evaluation for call to net_update_dns()Michael Adam1-2/+5
untangle assignment from check and log error code in message if failed.
2012-01-31s3:net ads join: interpret return code of ads_kinit_password() in dns update ↵Michael Adam1-1/+8
block If failed, print according error message and skip the attempt to do dns update.
2012-01-31s3:net ads join: check for malloc success and react accordingly in dns ↵Michael Adam1-0/+5
update block
2012-01-31s3:net ads join: check for success of fetching machine password in dns ↵Michael Adam1-0/+5
update block log and cleanup accordingly if failed
2012-01-31s3:net ads join: untangle assignment from check, fix return code and improve ↵Michael Adam1-2/+8
error logging only the dns update failed, not the join. Also do proper memory cleanup
2012-01-31s3:net ads join: reduce indentation and improve logging in the dns update ↵Michael Adam1-13/+17
code block by doing an early goto done upon error condition
2012-01-31s3:net ads join: untangle assignment from check.Michael Adam1-1/+2
2012-01-31s3:net registry: fix a copy and paste error in a help textMichael Adam1-2/+2
2012-01-31tevent: Fix python documentation stringsAmitay Isaacs1-2/+2
Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue Jan 31 16:59:29 CET 2012 on sn-devel-104
2012-01-31replace: Only include C files from which there are actually functions used.Jelmer Vernooij1-2/+21
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Tue Jan 31 15:21:04 CET 2012 on sn-devel-104
2012-01-31replace: use libbsd for strlcat/strlcpy when available.Jelmer Vernooij1-15/+21
2012-01-31s4-s3-upgrade: Check if there are duplicate sids for users and groupsAmitay Isaacs1-0/+4
Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue Jan 31 02:23:17 CET 2012 on sn-devel-104
2012-01-31s4-s3-upgrade: Use lowercase hostname as hostname for provisionAmitay Isaacs1-1/+1
2012-01-31Fix bug #8139 - smbclient fails if server does not support Echo request.Jeremy Allison1-1/+5
Based on work by Matthias Scheler <tron@NetBSD.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Jan 31 00:47:19 CET 2012 on sn-devel-104
2012-01-30s3-winbind: don't try to do clever thing if the username is not found while ↵Matthieu Patou1-1/+2
authenticating through winbind This could cause that we authenticate a user with a bogus domain to winbind's domain if the password supplied for the PAM_AUTH match. The problem was reported by Jeff Venable (jvenable@juniper.net). Patch from Andrew Bartlett (abartlett@samba.org). Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Mon Jan 30 18:58:12 CET 2012 on sn-devel-104
2012-01-30s3: check that a user in a bogus domain name is mapped to the localnetbios ↵Matthieu Patou2-0/+21
name of a domain member This means that if we authentify for BOGUS\administrator in AD domain FOREST with samba being domain member with the netbiosname MEMBER then BOGUS\administrator will be mapped to MEMBER\administrator if the password match.
2012-01-30s3-auth: Remove duplicate check for NT_STATUS_IS_OK(nt_status)Andrew Bartlett1-4/+0
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Jan 30 09:38:47 CET 2012 on sn-devel-104
2012-01-30gensec: inline gensec_generate_session_info() into only callerAndrew Bartlett4-43/+27
This avoids casting to and from the struct auth_user_info_dc *user_info_dc to to this, the if (user_info_dc->info->authenticated) is moved into auth_generate_session_info_wrapper(), which is the function that gensec_security->auth_context->generate_session_info points to. Andrew Bartlett
2012-01-30s4-auth: Return NT_STATUS_NOT_IMPLEMENTED if the challenge cannot be obtainedAndrew Bartlett1-1/+1
2012-01-30auth: Make check_password and generate_session_info hook genericAndrew Bartlett6-41/+74
gensec_ntlmssp does not need to know the internal form of the struct user_info_dc or auth_serversupplied_info. This will allow the calling logic to be put in common. Andrew Bartlett
2012-01-30tdb2: make --enable-tdb2 the default.Rusty Russell1-2/+2
We still use the tdb1 on-disk format, but we do so via the tdb2 library. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Autobuild-User: Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date: Mon Jan 30 08:02:43 CET 2012 on sn-devel-104
2012-01-30tdb2: add -1 and -2 options to tdbtortureRusty Russell1-1/+18
(For now, -1 is the default).
2012-01-30tdb2:tdbtorture: use TEST_DATA_PREFIX for filesRusty Russell1-9/+34
TDB2 version of commit b83672b36c1ea8c35833c40c3919b63809f16624. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-01-30tdb2: name tools the same as TDB1 tools.Rusty Russell1-5/+5
Otherwise, when we switch everyone's scripts will break (including our own tests!). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-01-30tdb2: tools/tdb2backupRusty Russell2-0/+374
Minor changes from tdb/tools/tdbbackup.c. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-01-30samdb: use compat wrappers for tdb_fetch().Rusty Russell1-6/+6
TDB2's tdb_fetch() returns an error code; use tdb_fetch_compat() for now. Similarly, tdb_errorstr() -> tdb_errorstr_compat(). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-01-30tdb_compat: only use hashsize attribute when O_CREATRusty Russell1-1/+1
tdb2 complains if you specify a tdb1 hashsize, and you're not actually trying to create a new database. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-01-30ldb_wrap.c: fix TDB2-incompatible API usage.Rusty Russell1-1/+1
Auditing revealed one place still expecting a -1 return on failure: tdb2 returns the (negative) errcode directly, so the portable way to do this is to check for != 0. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-01-30tdb2: copy tdb1's changed expansion logic.Rusty Russell3-27/+40
TDB2 uses the same expansion logic as TDB1, which got factored out recently. So update TDB2 to match. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (Imported from CCAN commit c438ec17d7b2efe76e56e5fc5ab88bd4a02735e8)
2012-01-30tdb2: careful on wrap.Rusty Russell6-20/+29
It's much harder to wrap a 64-bit tdb2 than a 32-bit tdb1, but we should still take care against bugs. Also, we should *not* cast the length to a size_t when comparing it to the stat result, in case size_t is 32 bit. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (Imported from CCAN commit 6f7cb26e589cea081e71c59801eae87178967861)