Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Nov 2 10:09:36 CET 2012 on sn-devel-104
|
|
We should use the latest supported dialect.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewd-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Nov 1 18:11:27 CET 2012 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
This should be a short term hack until the upper layers have implemented
re-authentication.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
aes256-cts-hmac-sha1-96 and aes128-cts-hmac-sha1-96
should have a higher priority than arcfour-hmac-md5,
otherwise the KDC still gives us arcfour-hmac-md5 session keys.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
The removal of consumption of the time field from the centry
as "removal of unused variable" in 21528da9cd12a4f5c3792a482a5d18fe946a6f7a
had the side effect of changing the offset for reading the following
nt password hash, so the read password hash was wrong.
This patch re-installs the consumption of the time,
thereby fixing the bug without changing the disk format of the cache.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
|
|
This avoids the whole fileserver.conf thing, and simply handles everything in C.
The main challenge is that if s3fs is enabled in a member server
configuration (unlikely) then these options will not be set, and it
overrides any other attempt to set these as globals. (The previous
approach essentially just changed defaults, because the include =
of smb.conf was after the values were set in fileserver.conf).
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Nov 1 11:47:22 CET 2012 on sn-devel-104
|
|
This allows any ACL to be set from the client, without restriction
from the Samba side.
Based on advise from Jermey at https://lists.samba.org/archive/samba-technical/2012-October/088414.html
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
use samba-tool drs options which does both RPC and LDAP connections
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Tridgell <tridge@samba.org>
Autobuild-Date(master): Thu Nov 1 07:21:17 CET 2012 on sn-devel-104
|
|
similar to what was done for rpc and cifs, we now retry once on logon
failure for ldap, allowing for a new ticket to be fetched when a
server password changes while we have a valid ticket for the old
password
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this allows the client code to trigger a retry with a new password
callback for NTLM connections
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this gives us a handy pure RPC client test for use in blackbox testing
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
not all servers give LOGON_FAILURE on authentication failures, so we
need to do the retry with a new ticket on a wider range of error types
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
with ltdb_pack_data() and ltdb_unpack_data() now moved into common, we
need to increase the minor version and fixup callers of the API
Note that this relies on struct ldb_val being the same shape as
TDB_DATA, in much the same way as we rely on ldb_val and DATA_BLOB
being the same shape.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this code should not be tied to the ldb_tdb backend, both because it
could be used for any record oriented backend, and because it should
be exposed for use by diagnosis/repair tools such as the recently
added ldbdump tool
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This allows our RPC client code to cope with a kerberos server
changing password while we have a valid service ticket
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this tests that we correctly retry with a new ccache entry when a
server changes its password while we have a valid ticket
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
if a server changes while we have a valid ticket we want to retry
after removing the ccache entry.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this is used to support retrying kerberos connections after removing a
ccache entry, to cope with a server being re-built while our client
still has a valid service ticket
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Wed Oct 31 19:25:30 CET 2012 on sn-devel-104
|
|
crash smbd.
Ensure we exercise the SeBackup code path on directory listings.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Oct 31 03:21:38 CET 2012 on sn-devel-104
|
|
This uses a tdb_traverse or (more usefully) the tdb_rescue API, like tdbdump.
The difference here is that it uses ldb helper functions to further
eliminate faulty records, which avoids creating duplicates in the output.
(The duplicates come from parts of records that are left in blank space
in the db, which tdb_rescue finds, but which are not actually a full
record).
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Oct 30 23:56:11 CET 2012 on sn-devel-104
|
|
|
|
It always de-references the module to find the ldb anyway.
Andrew Bartlett
|
|
This will allow administrators to inspect the process list in a
similar way to what running on a platform with setproctitle might
permit.
--pid= returns the registered server names for a PID (eg kdc, cldap_server)
--name= returns the pids registered with a particular name.
Andrew Bartlett
|
|
This will allow python scripts to inspect the process list.
Andrew Bartlett
|
|
This will make it easier to pass this structure in and out. The tuple is still
accepted as input.
Andrew Bartlett
|
|
This is implemented with a tdb_traverse_read(), and will allow a tool
to disover the name and server_id of all Samba processes, as each
process registers itself to recieve messages.
Andrew Bartlett
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 30 20:22:46 CET 2012 on sn-devel-104
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed by: Jeremy Allison <jra@samba.org>
|
|
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Oct 30 18:32:57 CET 2012 on sn-devel-104
|
|
(bug #9341)
Reported-by: Sebastien LAVEZE <sebastien.laveze@mindspeed.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Tested-by: Sebastien LAVEZE <sebastien.laveze@mindspeed.com>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Oct 30 16:49:26 CET 2012 on sn-devel-104
|
|
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Tue Oct 30 15:04:30 CET 2012 on sn-devel-104
|
|
|
|
|
|
checked last
|
|
|
|
as in the autoconf build this must be "-errwarn=%all"
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Oct 30 13:17:02 CET 2012 on sn-devel-104
|
|
Reviewed by Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 30 00:05:34 CET 2012 on sn-devel-104
|
|
Reviewed by Jeremy Allison <jra@samba.org>
|
|
set_variable()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Ira Cooper <ira@samba.org>
Autobuild-Date(master): Mon Oct 29 21:55:35 CET 2012 on sn-devel-104
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
|
|
This has been done.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Mon Oct 29 20:12:18 CET 2012 on sn-devel-104
|
|
We don't get a realm back from the server which is useable as a realm on
Unix. On Unix they are case sensitive and on Windows they aren't. This
confuses uses and if we write realm they try to use it as it came back
in lowercase.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Mon Oct 29 18:26:19 CET 2012 on sn-devel-104
|
|
When we do a become_root()/unbecome_root() pair to temporarily
raise privilege, this NULLs out the NT token. If we're within
a become_root()/unbecome_root() pair then return the previous
token on the stack as our NT token. This is what we should be
using to check against NT ACLs in the file server. This copes
with security context changing when removing a file on close
under the context of another user (when 2 users have a file
open, one sets delete on close and then the other user has
to actually do the delete).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Oct 29 16:26:20 CET 2012 on sn-devel-104
|
|
This also removes all the duplicate smbprint scripts.
This fixes bug #9301.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Oct 29 14:08:37 CET 2012 on sn-devel-104
|
|
This in turn causes an include of <net/if.h> to hang on some systems, as
/net/ means to run the automounter!
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Oct 29 01:23:39 CET 2012 on sn-devel-104
|