summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-05-20s3:smbd: fix initialized memory in SMB2 responsesStefan Metzmacher1-4/+4
MESSAGE_ID and SESSION_ID are both 64bit. metze
2009-05-20Add a security model to LSA. Similar to the SAMR code - usingJeremy Allison1-88/+227
the MS-LSA docs. Jeremy.
2009-05-20s4:libcli/smb2: fix session setup with raw NTLMSSPStefan Metzmacher1-13/+17
metze
2009-05-20s4:libcli/smb2: use raw ntlmssp if the server didn't provide a sec blobStefan Metzmacher1-1/+8
metze
2009-05-20s4:libcli/smb2: fill in transport->negotiate.secblob with the correct dataStefan Metzmacher1-0/+2
metze
2009-05-20Use SMB_VFS_NEXT_CLOSE. This VFS stuff is really opaque to me...Volker Lendecke1-5/+1
Thanks Michael to provide some transparency :-)
2009-05-20s3:smbd: add support for SMB2 Keepalive (SMB2 Echo)Stefan Metzmacher4-0/+93
metze
2009-05-20s3:smbd: allow SMB 2.002 dialect in SMB1 negprotStefan Metzmacher3-0/+38
We create a dummy SMB2 Negotiate inbuf and pass the connection to the SMB2 engine. metze
2009-05-20s3:smbd: add support for SMB2 NegotiateStefan Metzmacher4-1/+132
This is not complete, but a start that makes the samba4 smb2 client happy. metze
2009-05-20s3:smbd: make negprot_spnego() non staticStefan Metzmacher2-1/+3
metze
2009-05-20s3:smbd: add infrastructure for SMB2 supportStefan Metzmacher4-0/+1050
This is disabled by default and activated by "max protocol = SMB2". metze
2009-05-20s3:param: add PROTOCOL_SMB2Stefan Metzmacher2-1/+10
metze
2009-05-20SMB2-LOCK: let the test pass against samba4Stefan Metzmacher1-1/+7
metze
2009-05-20Fix bug disclosed by lock8 torture testVolker Lendecke1-0/+17
We have to drop the gpfs level share modes, regardless of whether we put the file into the pending close queue.
2009-05-20Demonstrate a bug we have when dealing with real os-level share modesVolker Lendecke1-0/+75
Another one of those where you stare at logfiles for hours, and when you found it, it's absolutely obvious what is happening...
2009-05-20s4: try to fix privileges implementation in order to pass the ↵Günther Deschner3-3/+10
RPC-SAMR-USERS-PRIVILEGES test. Guenther
2009-05-20Have ntvfs_connect() accept union smb_tcon *tcon instead of char* sharenameSam Liddicott14-47/+202
This change brings ntvfs_connect into compliance with other ntvfs functions which take an ntvfs module, an ntvfs request and an smb io union. It now becomes the responsibility of ntvfs modules to examine tcon->generic.level themselves and derive the share name and any other options directly; e.g. const char *sharename; switch (tcon->generic.level) { case RAW_TCON_TCON: sharename = tcon->tcon.in.service; break; case RAW_TCON_TCONX: sharename = tcon->tconx.in.path; break; case RAW_TCON_SMB2: default: return NT_STATUS_INVALID_LEVEL; } if (strncmp(sharename, "\\\\", 2) == 0) { char *p = strchr(sharename+2, '\\'); if (p) { sharename = p + 1; } } service.c smbsrv_tcon_backend() is called before ntvfs_connect and fills in some of the tcon->..out values. For the case of RAW_TCON_TCONX, it filles out tcon->tconx.out.tid and tcon->tconx.out.options For the case of RAW_TCON_TCON it fills out tcon->tcon.out.tid and tcon->tcon.out.max_xmit Thus the ntvfs_connect function for vfs modules may override these values if desired, but are not required to. ntvfs_connect functions are required to fill in the tcon->tconx.out.*_type fields, for RAW_TCON_TCONX, perhaps something like: if (tcon->generic.level == RAW_TCON_TCONX) { tcon->tconx.out.fs_type = ntvfs->ctx->fs_type; tcon->tconx.out.dev_type = ntvfs->ctx->dev_type; } Signed-off-by: Sam Liddicott <sam@liddicott.com> (I fixed the ntvfs_connect() in the smb_server/smb2/ and the RAW_TCON_SMB2 switch case in the modules) Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-05-20s3-selftest: add add and delete group scripts using nss_wrapper.Günther Deschner2-0/+4
Guenther
2009-05-20nsswrapper: implement group_del() in nss_wrapper.pl.Günther Deschner1-1/+22
Guenther
2009-05-20nsswrapper: implement group_add() in nss_wrapper.pl.Günther Deschner1-4/+105
Guenther
2009-05-20s4:smb_server: initialy read the first 4 bytes onlySam Liddicott1-0/+1
Stop packet_recv getting greedy and reading the whole socket and then dispatching te extra packets in a timer loop Signed-off-by: Sam Liddicott <sam@liddicott.com> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-05-20s4:libcli/raw: initialy read the first 4 bytes onlyStefan Metzmacher1-0/+1
metze
2009-05-20Do not do a merged build without shared libsVolker Lendecke1-0/+1
Jelmer, you might want to take a look at Andrew B's problem with --enable-developer --disable-shared --disable-shared-libs
2009-05-20Only build the krb5 locator when building shared libsVolker Lendecke1-1/+3
2009-05-19Set errno=ENOMEM if tevent_add_fd failsVolker Lendecke1-0/+4
tevent_add_fd does not properly set that. At least in epoll and select this is the only error condition. Metze, please check!
2009-05-19Added mapping table for account object in lsa.Jeremy Allison2-0/+24
Jeremy.
2009-05-19Simplify the logic of tsocket_bsd_pendingVolker Lendecke1-24/+26
Remove two indentation levels by returning early on error. Metze, please check!
2009-05-19tevent/python: Makefile was still trying to build some non AC_SUBST python ↵Jelmer Vernooij1-7/+1
targets Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
2009-05-19Make local-wbclient flexible in # of connections and opsVolker Lendecke1-4/+6
2009-05-19Fix wb_trans_done after conversion to unix calling conventionsVolker Lendecke1-2/+2
2009-05-19Fix an uninitialized variable in wb_context_initVolker Lendecke1-0/+1
2009-05-19Another attempt at fixing the static build of vfs_notify_famVolker Lendecke1-5/+6
2009-05-19Fix detection of "enum FAMCodes"Volker Lendecke1-1/+1
2009-05-19s3 onefs: Removing an incorrect TALLOC_FREEAravind Srinivasan1-1/+0
Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-05-19Use TDB_VOLATILE instead of tdb_set_max_dead()Volker Lendecke1-5/+2
2009-05-19s3/docs: Fix shutdown script example.Karolin Seeger1-4/+5
This fixes bug #5897. Thanks to TAKAHASHI Motonobu <monyo [at] samba.gr.jp> for reporting and providing the example! Karolin
2009-05-18s3: Always allocate memory in dptr_ReadDirNameAravind Srinivasan3-18/+45
This is a follow up to 69d61453df6019caef4e7960fa78c6a3c51f3d2a to adjust the API to allow the lower layers allocate memory. Now the memory can explicitly be freed rather than relying on talloc_tos(). Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-05-18s4 torture: Fix typoTim Prouty1-1/+1
2009-05-18s3 sendfile: Fix two bugs in sendfileTim Prouty1-3/+4
These were found interally via code inspection. 1) fake_sendfile was incorrectly writing zeros over real data on a short read. 2) sendfile_short_send was doing 4 byte writes instead of 1024 byte writes due to an incorrect sizeof usage. Jermey, Vl please check
2009-05-19s4-smbtorture: Fix build warning in RPC-SAMR tests.Günther Deschner1-2/+2
Guenther
2009-05-19s3: re-run make samba3-idl.Günther Deschner3-0/+106
Guenther
2009-05-19lsa: add access_masks for accounts, secrets and trusted domains to IDL.Günther Deschner1-1/+24
Guenther
2009-05-18Change access_check_samr_object -> access_check_object.Jeremy Allison3-24/+25
Make map_max_allowed_access global. Change lsa_get_generic_sd to add Everyone:LSA_POLICY_READ|LSA_POLICY_EXECUTE, not just LSA_POLICY_EXECUTE. Jeremy.
2009-05-19s3-lsa: let _lsa_OpenPolicy() just call _lsa_OpenPolicy2().Günther Deschner1-37/+6
Guenther
2009-05-18s3-selftest: enable RPC-SAMR-USERS-PRIVILEGES.Günther Deschner1-1/+1
Guenther
2009-05-18Fix SAMR server for winbindd access. Ensure we allowJeremy Allison1-2/+2
MAX_ACCESS to be mapped to what we're giving Everyone. Jeremy.
2009-05-18s3-lsa: let _lsa_GetSystemAccessAccount() call into _lsa_EnumPrivsAccount().Günther Deschner1-3/+23
Inspired by lsa server from Samba 4. Just removing a user in SAMR does not remove a user in LSA. If you use usermanager from windows, the "User Rights" management gui gets unaccessable as soon as you delete a user that had privileges granted. With this fix, that no longer existing user would properly appear as an unknown account in the GUI (as it does while using usermanager with windows domains). This almost makes Samba3 pass the RPC-SAMR-USERS-PRIVILEGES test. Guenther
2009-05-18s3-lsa: start a very basic implementation of _lsa_DeleteObject().Günther Deschner1-1/+23
Certainly not the full story but this gets us closer to pass the RPC-SAMR-USERS-PRIVILEGES test. Guenther
2009-05-18s4-smbtorture: add RPC-SAMR-USERS-PRIVILEGES test.Günther Deschner2-9/+387
This test demonstrates the independence of the lsa and samr accounts while remove a samr users that still has privileges granted. Guenther
2009-05-18Move down the become_root()/unbecome_root() calls into the VFS modulesVolker Lendecke2-8/+22
The aio_fork module does not need this, as it does not communicate via signals but with pipes. Watching a strace log with those become_root() calls in aio.c is absolutely awful, and it does affect performance.