Age | Commit message (Collapse) | Author | Files | Lines |
|
On LSA and SAMR pipes session_key is truncated to 16 byte when doing encryption/decryption.
However, this was not done for trusted domain-related modifying operations.
As result, Samba 4 client libraries do not work against Samba 3 while working
against Windows 2008 r2.
Solved this by introducing "session_extract_session_key()" function that allows to specify
intent of use of the key.
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Mar 13 12:23:44 CET 2012 on sn-devel-104
|
|
This is used to enable async chained command sequences. A synchronous
reply_xxx command does not need to take are anymore about and_x
chaining. The async commands (pipe r/w at this moment) must do so
however. When finished, they must inform the main chain engine that
they are finished with a smb_request_done call.
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Sat Mar 10 17:14:05 CET 2012 on sn-devel-104
|
|
|
|
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
The ->get_ntlm_challenge and ->check_ntlm_password elements of struct auth_context
were only ever initialised to a single value. Make it easier to follow by
just calling the function directly.
Andrew Bartlett
|
|
Because revoking read-only copies of records is expensive, we only
want ctdbd to do it for high-turnover records. A basic heuristic is
that if we don't find a local copy of the record, don't ask for a
read-only copy.
The fetch itself will cause ctdbd to migrate the record, so eventually
we will have a local copy. Next time it gets migrated away, we'll
call ctdbd_fetch() with local_copy = true.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Thu Mar 1 06:55:44 CET 2012 on sn-devel-104
|
|
SMB1 requests.
|
|
This adds an alisas to ensure that both our loadparm systems know all
the names.
I would like to move to the 'server ..' name as canonical, and this
will be raised on the list.
Andrew Bartlett
|
|
|
|
This will allow us to use the same layer that auth_ntlmssp does
in the non-SPNEGO session setup, which will in turn make the
authentication code more consistent in the AD server case.
Andrew Bartlett
|
|
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Thu Feb 23 12:37:23 CET 2012 on sn-devel-104
|
|
|
|
Found by callcatcher.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sat Feb 18 09:01:15 CET 2012 on sn-devel-104
|
|
Found by callcatcher.
Andrew Bartlett
|
|
Found by callcatcher.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Feb 17 13:48:05 CET 2012 on sn-devel-104
|
|
Found by callcatcher.
Andrew Bartlett
|
|
|
|
|
|
|
|
gensec_gssapi
Thie ensures that both code bases use the same logic to determine the use
of NEW_SPNEGO.
Andrew Bartlett
|
|
This is not honoured by the common SPNEGO code.
This matches mondern windows versions which do not send this value, as
it would be insecure for a client to rely on it. (See also the
depricated client use spnego principal directive).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Replaced the undescriptive SMB_PORT1 and SMB_PORT2 defined constants
with the slightly more descriptive names NBT_SMB_PORT and TCP_SMB_PORT.
Also replaced several hard-coded references to the well-known port
numbers (139 and 445, respectively) as appropriate.
Small changes to clarify some comments regarding the two transport
types.
Signed-off-by: Simo Sorce <idra@samba.org>
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Feb 16 08:29:41 CET 2012 on sn-devel-104
|
|
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Feb 15 21:10:22 CET 2012 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Tue Feb 14 19:14:29 CET 2012 on sn-devel-104
|
|
Found by callcatcher: http://www.skynet.ie/~caolan/Packages/callcatcher.html
Andrew Bartlett
|
|
Found by callcatcher: http://www.skynet.ie/~caolan/Packages/callcatcher.html
Andrew Bartlett
|
|
Also remove now-unused configure checks for krb5_mk_error().
Found by callcatcher: http://www.skynet.ie/~caolan/Packages/callcatcher.html
Andrew Bartlett
|
|
Found by callcatcher: http://www.skynet.ie/~caolan/Packages/callcatcher.html
Andrew Bartlett
|
|
piddir.c calls lp_piddir() directly.
Found by callcatcher: http://www.skynet.ie/~caolan/Packages/callcatcher.html
Andrew Bartlett
|
|
Found by callcatcher: http://www.skynet.ie/~caolan/Packages/callcatcher.html
Andrew Bartlett
|
|
This fixes bug #8554, #8612 and #8748.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Feb 9 16:39:04 CET 2012 on sn-devel-104
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Feb 9 14:58:57 CET 2012 on sn-devel-104
|
|
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Feb 7 20:56:28 CET 2012 on sn-devel-104
|
|
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Feb 2 10:33:13 CET 2012 on sn-devel-104
|
|
This creates its own header file for util_cmdline so it doesn't need to
link against popt.
This should fix linking on FreeBSD.
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Feb 1 04:18:50 CET 2012 on sn-devel-104
|
|
This is causing circular depdnendcies that bring libpdb in all code and this is
BAD.
This change 'protects' the sid and guid of the domain by adding a special key
that makes them effectively read only.
Limit this temporarily to the samba 4 build, once it gets some good testing the
samba4 ifdefs can be dropped.
fix pdb dependencies
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Jan 18 14:46:18 CET 2012 on sn-devel-104
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jan 17 09:45:30 CET 2012 on sn-devel-104
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
Guenther
|
|
|
|
When E_deshash() returns false, it indicates that the password is either > 14 chars
in length, or could not be represented as an LM hash value for some other
reason. In this case, we should not regard the LM hash being missing
as an error or a no-password situation.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jan 6 14:59:13 CET 2012 on sn-devel-104
|
|
As well as renaming, this allows us to start the mech by DCE/RPC auth
type or OID.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
and tunes the aio threads.
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|