Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 0e84e3bb800cec2b63df4692afbf9c40850b108f)
|
|
This is a security descriptor level function only.
Michael
(This used to be commit 5931540fa1681f026fed42df387d17e43c493c47)
|
|
Guenther
(This used to be commit cb7ace209c2051ae02647188715fa6ee324c2bf6)
|
|
Guenther
(This used to be commit ec86852fc6ce2d88ad5835c8fcb337c68fd6f6bc)
|
|
(This used to be commit dee60935d443bd215e384e626d1114ae65c1a62d)
|
|
The current vuid is not only available there, it is also in the current
smb_request structure.
(This used to be commit c8fd5eef32a86888c7a28317f0fdf717a26b7d4c)
|
|
(cherry picked from commit cb91a47576e820390bc62195702aaae93a2feba6)
(This used to be commit 90d7bc6da3c92e104fadd5965a730fbe01be33d5)
|
|
(This used to be commit b2390aa738f6384016600dffb8065bd0bcda6ef1)
|
|
(This used to be commit 1943e2752d4dcb5bbbd4e40cf854efba4aed8f45)
|
|
(cherry picked from commit 435b80a9a2e9324cc20594d922b3d8d6418c27af)
(This used to be commit 055bb54fa646f6de7d7b748deaebd69ddeff33d1)
|
|
Fix Coverity ID 552 and 553
(This used to be commit c46e10d2605b22d31675976e62e5ae61d73c8a0a)
|
|
(This used to be commit 097446c3c82c42ca4a7909201119c0cf431321ba)
|
|
Guenther
(This used to be commit 7f8b0b4d151fa4d07758b6fd7b47b0b7c07dda17)
|
|
Guenther
(This used to be commit 06b597213a25c3370d3b7e29cf80ddd42fa35e0c)
|
|
controlled via the ldap connection timeout parameter. This fixes fallbacks to secondary LDAP servers in multi LDAP server setups like in #4544
(This used to be commit 8e59a2fedc940b081222b0e8f90fe0c5a0981c06)
|
|
Guenther
(This used to be commit 973de861c98c62ba31ceb63b3434dc201ae8bf06)
|
|
Guenther
(This used to be commit 058cf7001e8a57ff0a1e19aadf3e0e068b7e69f4)
|
|
can result in a buffer overrun.
Jeremy.
(This used to be commit 23b825e9d2c74c5b940cf4d3aa56c18692259972)
|
|
Can someone with gpfs available test this ? The only codepath using this
function is the modules/gpfs.c module. The fix resolves at least the build
issues Samba has with recent kernel / libcap versions by using the portable
cap_get_proc()/cap_set_proc() interface (instead of using capget/capset).
Guenther
(This used to be commit 177955141247a4eb56ba0d82dc1add7f52175c40)
|
|
Michael
(This used to be commit 1a6f91755c412ab683c09f54e8ce76a66ed2bd19)
|
|
Michael
(This used to be commit d96634d037c76c36519bc9cac14dfa29c37a3213)
|
|
Guenther
(This used to be commit 68327e577dd12c157b0d7581b38c7a8dc06e08c7)
|
|
Jeremy.
(This used to be commit 7eeed8bb41059ec2bddedb6a71deddeec7f33af2)
|
|
Guenther
(This used to be commit 017ad275e51ff2d9ddfb4390979f16868f3e6a3f)
|
|
This combined check has been replaced by is_dc_trusted_domain_situation()
which does not check for lp_allow_trusted_domains().
Michael
(This used to be commit 0a24c038b7bc6edef0021eb121a072cc7e8f9165)
|
|
This is like is_trusted_domain_situation() except that it does not
check for lp_allow_trusted_domains().
Michael
(This used to be commit a284c8843528972904d142b573f1170a08c97751)
|
|
(This used to be commit 2dbbd81677af9c470ee9370ca5414876d21c6b9b)
|
|
This required to pass around the domain a bit
(This used to be commit 17b0db20d28d1b737c5e86b78106657e8ca5ce9c)
|
|
Guenther
(This used to be commit 7c93190843e77764be4d0f6d4f0b93061c192c98)
|
|
Win2008 domain (merged from v3-0-test).
commit 8dc4e979776aae0ecaa74b51dc1eac78a7631405
Author: Steven Danneman <sdanneman@isilon.com>
Date: Wed May 7 13:34:26 2008 -0700
spnego SPN fix when contacting trusted domains
cli_session_setup_spnego() was not taking into consideration the situation
where we're connecting to a trusted domain, specifically one (like W2K8)
which doesn't return a SPN in the NegTokenInit.
This caused two problems:
1) When guessing the SPN using kerberos_get_default_realm_from_ccache() we
were always using our default realm, not the realm of the domain we're
connecting to.
2) When falling back on NTLMSSP for authentication we were passing the name
of the domain we're connecting to for use in our credentials when we should be
passing our own workgroup name.
The fix for both was to split the single "domain" parameter into
"user_domain" and "dest_realm" parameters. We use the "user_domain"
parameter to pass into the NTLM call, and we used "dest_realm" to create an SPN
if none was returned in the NegTokenInit2 packet. If no "dest_realm" is
provided we assume we're connecting to our own domain and use the credentials
cache to build the SPN.
Since we have a reasonable guess at the SPN, I removed the check that defaults
us directly to NTLM when negHint is empty.
(This used to be commit b78b14c88e8354aadf9ba7644bdb1c29245fe419)
|
|
Slim the interface...
Michael
(This used to be commit 9971118c23900d81e885a013e738a67df790c90c)
|
|
Michael
(This used to be commit f7db445c828c0eef2c08b538bd07d485dc248689)
|
|
(This used to be commit fe8f9e427af3eb42d63fde96c4fe20a255facb95)
|
|
(This used to be commit 24ac40518f79fd480baaedc1d42f3b6fe8ea1c94)
|
|
(This used to be commit be5d54a363a57113e494202a2d22dd9bbcf13b41)
|
|
(This used to be commit 2ff908a902ec857856518eaddb5246dd5067063d)
|
|
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
|
|
the msdfs.c code.
Jeremy
(This used to be commit 54556df561d03d30b2fc21b9eaabe56b8c758301)
|
|
Michael
(This used to be commit ff7f0cad2eb108daa61a910cd9171ab0811a5f60)
|
|
(This used to be commit 93111ea0a1191e8547ad6cf112e2699d3bb3799b)
|
|
(This used to be commit 368454a27cb53a408ec416cbf37235b304592fb5)
|
|
(This used to be commit 35438a940734340d5d6389ae0551fe3c25902f93)
|
|
(This used to be commit 2834dacc8d49f77fe55fb5d7e3eb2dda431d1d3d)
|
|
(This used to be commit a3738aef59e97d4533010b048534d937d36c0950)
|
|
Jeremy, please check!
(This used to be commit a34f73521712e3820d417f0d9ed811723b7681d6)
|
|
This will replace all the user identity stuff in connection_struct, for now it
is just a source where the other fields in connection_struct are filled from.
(This used to be commit 0f53f9e7db9f99f239c4d0950452d0e2cde2ae8b)
|
|
(This used to be commit 03944f8d8934cff74e19fc036f7611c1491e0d57)
|
|
(This used to be commit 1e9319cf88b65a2a8d4f5099a1fe5297e405ed2e)
|
|
this can only be done via fset_nt_acl() using an open
file/directory handle. I'd like to do the same with
get_nt_acl() but am concerned about efficiency
problems with "hide unreadable/hide unwritable" when
doing a directory listing (this would mean opening
every file in the dir on list).
Moving closer to rationalizing the ACL model and
maybe moving the POSIX calls into a posix_acl VFS
module rather than having them as first class citizens
of the VFS.
Jeremy.
(This used to be commit f487f742cb903a06fbf2be006ddc9ce9063339ed)
|
|
"nss_token" from my point of view much better reflects what this flag actually
represents
(This used to be commit b121a5acb2ef0bb3067d953b028696175432f10d)
|