Age | Commit message (Collapse) | Author | Files | Lines |
|
With this change (and setting lanman auth = no in smb.conf)
we have *identical* NTLMSSP flags to W2K3 in SPNEGO auth.
Jeremy
(This used to be commit 93ca3eee55297eb7fdd38fca38103ce129987e2a)
|
|
call.
Jeremy.
(This used to be commit 44b0d856ae867d1c407507dcf7940dd39f4f963a)
|
|
into 3.0. Also merge the new POSIX lock code - this
is not enabled unless -DDEVELOPER is defined.
This doesn't yet map onto underlying system POSIX
locks. Updates vfs to allow lock queries.
Jeremy.
(This used to be commit 08e52ead03304ff04229e1bfe544ff40e2564fc7)
|
|
Implement enhancement request 3505. Two additional features are added here.
There is now a method of saving an opaque user data handle in the smbc_
context, and there is now a way to request that the context be passed to the
authentication function. See examples/libsmbclient/testbrowse.c for an example
of using these features.
(This used to be commit 203b4911c16bd7e10198a6f0e63960f2813025ef)
|
|
Guenther
(This used to be commit d45b9abb0ec7d943e9fb374d64385d6c540fffe2)
|
|
Might need to rework prs_dcerpc_status().
Guenther
(This used to be commit 38b18f428ba941f4d9a14fa2de45cb0cd793a754)
|
|
kerberos_kinit_password_ext provides access to more options.
Guenther
(This used to be commit afc519530f94b420b305fc28f83c16db671d0d7f)
|
|
Guenther
(This used to be commit aae8f8ae7a79d06c74151186f3c2470bdec5687d)
|
|
implicit function contract explicit.
Jeremy.
(This used to be commit 6de5e9ae4628d384631db9b66e22d439a303b75c)
|
|
aliasing clearer. This isn't a bug but a code
clarification.
Jeremy.
(This used to be commit 7ada96a1cfb1e928b7dfde101ca250b20024243f)
|
|
Free grp_sid and owner_sid before returning. Also, only allow one group
or owner.
(This used to be commit 1043e0d90ccb3493417f7bf05b70bdf5513bb1a3)
|
|
(This used to be commit 97789ec8fc4ae2d31f6dd554d9979abce186eb30)
|
|
(This used to be commit 019dff53f906a6eb7961a95089bff12361e31e57)
|
|
(This used to be commit 26d471c02c6ddff15836a3c0d30f9e37f018b66d)
|
|
(This used to be commit 8a8d9057d98b24710c98fa48df9d7f330a8ebdc0)
|
|
(This used to be commit 26377b63a3a3d2d5ed23bdbb5f22b70ec7d3fcad)
|
|
their existence
(This used to be commit 6b52423033b2eccdfad1e91e9d59619664f570ac)
|
|
(This used to be commit 5007f53eb54eddff3d13df929d78385d6b158057)
|
|
(This used to be commit b824245c4e04353f0d3fd0ccf6bc5776a601daed)
|
|
(This used to be commit 6dc79e6b12e221e9af85a1edf487b5fb5aae222b)
|
|
Thanks,
Volker
(This used to be commit 86f62484dd7db43e036d9edf29e459b8bd0e5fbe)
|
|
realloc can return NULL in one of two cases - (1) the realloc failed,
(2) realloc succeeded but the new size requested was zero, in which
case this is identical to a free() call.
The error paths dealing with these two cases should be different,
but mostly weren't. Secondly the standard idiom for dealing with
realloc when you know the new size is non-zero is the following :
tmp = realloc(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
However, there were *many* *many* places in Samba where we were
using the old (broken) idiom of :
p = realloc(p, size)
if (!p) {
return error;
}
which will leak the memory pointed to by p on realloc fail.
This commit (hopefully) fixes all these cases by moving to
a standard idiom of :
p = SMB_REALLOC(p, size)
if (!p) {
return error;
}
Where if the realloc returns null due to the realloc failing
or size == 0 we *guarentee* that the storage pointed to by p
has been freed. This allows me to remove a lot of code that
was dealing with the standard (more verbose) method that required
a tmp pointer. This is almost always what you want. When a
realloc fails you never usually want the old memory, you
want to free it and get into your error processing asap.
For the 11 remaining cases where we really do need to keep the
old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR,
which can be used as follows :
tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size);
if (!tmp) {
SAFE_FREE(p);
return error;
} else {
p = tmp;
}
SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the
pointer p, even on size == 0 or realloc fail. All this is
done by a hidden extra argument to Realloc(), BOOL free_old_on_error
which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR
macros (and their array counterparts).
It remains to be seen what this will do to our Coverity bug count :-).
Jeremy.
(This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
|
|
think is a direct bug, but some code that needs clarification :-).
Jeremy.
(This used to be commit 61901a3f10de64a72b655d9aa884424a4fc88a44)
|
|
Jeremy.
(This used to be commit 46e10980927f1dfa4a1995e778df880cf823cbdb)
|
|
Add the missing comment about needing to save the new share name.
(This used to be commit bb3b15e631c8dae7aaea303be18e086d63ee16d6)
|
|
When only allowing one connection per server, the cache needs to track which
share is currently connected, or we never know whether a tdis()/tcon() for the
new share is required.
(This used to be commit ad0a725ef5f68db442b3b217c5a852086eff9297)
|
|
(This used to be commit 70e7c9de9dee9317164c0f96a44827ae8b959254)
|
|
(This used to be commit 249dba0386833803805a742aa6697cc75566f05c)
|
|
DO NOT MERGE FOR 3.0.21c PLEASE.
Jeremy.
(This used to be commit 3de0d9af6925e3dc0328c02c2a30127ea5c82a83)
|
|
This code needs a tidyup and common code with libsmb/errormap.c
merging. Should fix the winbindd crash Jerry found (I hope).
Jeremy.
(This used to be commit e81227d044fbe7c73c121e540ccafc7f6517c4ea)
|
|
against server with schannel disabled. Second part
will come tomorrow (fixing net_rpc_join_ok()).
Jeremy.
(This used to be commit 7de1ee18619bf99c5db45692e085d0646e52378f)
|
|
macro which sets the freed pointer to NULL.
(This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2)
|
|
Jeremy.
(This used to be commit ea82958349a57ef4b7ce9638eec5f1388b0fba2a)
|
|
Bartlett's
Samba4 code.
Jeremy.
(This used to be commit a2fb436fc5dd536cfe860be93f55f9cb58139a0e)
|
|
I mean it this time :-).
Jeremy.
(This used to be commit 80f4868944d349015d2b64c2414b06466a8194aa)
|
|
running. More generic error return cleanup in libsmb/
needs doing (everything returning NTSTATUS not BOOL).
Jeremy
(This used to be commit 654bb9853b450c5d509d182f67ec26ac320fd590)
|
|
Guenther
(This used to be commit c0d91f9d19b33995237847389e4c37e086938b9e)
|
|
Jeremy.
(This used to be commit 4204794cc7c5e2671259652879c33f539d26958c)
|
|
(This used to be commit c15f1d553f03ad1ed4e1d52b8e46c52202bc3a83)
|
|
-----------------------------------
Thanks to a report from VL:
We were causing mayhem by weakening the keys at the wrong point in time.
I think this is the correct place to do it. The session key for SMB
signing, and the 'smb session key' (used for encrypting password sets)
is never weakened.
The session key used for bulk data encryption/signing is weakened.
This also makes more sense, when we look at the NTLM2 code.
Andrew Bartlett
-----------------------------------
With more 'try all options' testing, I found this 'simple' but in the
NTLM2 signing code.
Andrew Bartlett
-----------------------------------
After Volker's advise, try every combination of parameters. This
isn't every parameter on NTLMSSP, but it is most of the important
ones.
This showed up that we had the '128bit && LM_KEY' case messed up.
This isn't supported, so we must look instead at the 56 bit flag.
Andrew Bartlett
-----------------------------------
We should now try retesting with NT4. This should be standalone
enough to port into a SAMBA_3_0_RELEASE branch fix.
Jeremy.
(This used to be commit b9b8cd1752aeab049983c1a6038edf2231ec10a4)
|
|
makes fixes much easier to port. Fix the size of dc->sess_key to
be 16 bytes, not 8 bytes - only store 8 bytes in the inter-smbd
store in secrets.tdb though. Should fix some uses of the dc->sess_key
where we where assuming we could read 16 bytes.
Jeremy.
(This used to be commit 5b3c2e63c73fee8949108abe19ac7a448a033a7f)
|
|
from Samba4 on how to decode the 532 byte password buffers.
Getting closer to passing samba4 RPC-SCHANNEL test.
Jeremy.
(This used to be commit 205db6968a26c43dec64c14d8053d8e66807086f)
|
|
Jeremy.
(This used to be commit 2aed5b36409e05ac25b4492669f47d50be988f2c)
|
|
Less trouble than I thought plus it didn't need an interface
change (thank goodness !).
Jeremy.
(This used to be commit dbe2572d1c713f46b0d1d0c405f88456c9336297)
|
|
Jeremy.
(This used to be commit 6196446a03abeb4100bac1721977488ae5843f42)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
(This used to be commit 6c3480f9aecc061660ad5c06347b8f1d3e11a330)
|
|
jason qian <jason@infrant.com> was a *fantastic*
help in tracking this down.
Jeremy.
(This used to be commit 9f4a9c70fa232047868e5d8a3f132a2dd6bfee82)
|
|
always update the failed time when we are adding a failed
connection.
Jeremy.
(This used to be commit 6f5af1dd413d07430ead9382422dda14acf3464d)
|
|
Fix cli_setpathinfo() to actually do what it's supposed to.
Also, get rid of some apparently drug-induced code to deal with create time
which isn't being manipulated anyway.
(This used to be commit aa25dc1248b15e8e1b39cf8a98496e5aba475c4a)
|