| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
what I
have been able to reproduce with smbtorture4 for bug number 4059. It's too
late here now to check with W2k native, I'll do that tomorrow or over the
weekend. I'll then also check in a samba4 torture test to walk this from now
on.
Abartlet, can you do me a favor and look over this? It is a 1:1 copy of the
corresponding Samba4 code.
Thanks,
Volker
(This used to be commit fb5ebab873ba5196f35a9801ab2e21811b0fa8a0)
|
|
(This used to be commit 410d6b9de2ad059fe239c6f155e80a81952ed701)
|
|
struct so we can see when they match - only create
the ugly krb5 hack when they do.
Jeremy.
(This used to be commit 9be4ecf24b6b5dacf4c2891bddb072fa7543753f)
|
|
writing out a custom krb5.conf file containing
the KDC I need. This may suck.... Needs some
testing :-).
Jeremy.
(This used to be commit d500e1f96d92dfcc6292c448d1b399195f762d89)
|
|
Jeremy.
(This used to be commit 2829dbc3e01d967887e25d1bcacb1d538fc11e59)
|
|
the code to redo the CLDAP query to restrict DC
DNS lookups to the sitename. Jerry, please check
to stop me going insane :-).
Jeremy.
(This used to be commit 8d22cc111579c57aec65be8884b41564b79b133a)
|
|
support when looking up DC's. On every CLDAP
call store the returned client sitename (if
present, delete store if not) in gencache with
infinate timeout. On AD DNS DC lookup, try looking
for sitename DC's first, only try generic if
sitename DNS lookup failed.
I still haven't figured out yet how to ensure
we fetch the sitename with a CLDAP query before
doing the generic DC list lookup. This code is
difficult to understand. I'll do some experiments
and backtraces tomorrow to try and work out where
to force a CLDAP site query first.
Jeremy.
(This used to be commit ab3f0c5b1e9c5fd192c5514cbe9451b938f9cd5d)
|
|
Jeremy.
(This used to be commit e8b0649fe167c3446eb6121ed666254fdf53aa58)
|
|
do what it's supposed to.
Jeremy.
(This used to be commit 4b7387a054bfc1587e0b9b7088f420a5bcf0bad9)
|
|
get_sorted_dc_list
return NTSTATUS.
If we want to differentiate different name resolution problems we might want
to introduce yet another error class for Samba-internal errors. Things like no
route to host to the WINS server, a DNS server explicitly said host not found
etc might be worth passing up.
Because we can not stash everything into the existing NT_STATUS codes, what
about a Samba-specific error class like NT_STATUS_DOS and NT_STATUS_LDAP?
Volker
(This used to be commit 60a166f0347170dff38554bed46193ce1226c8c1)
|
|
Jeremy.
(This used to be commit 2894310cc8cddaec2a67f1af0ab62cc559283e77)
|
|
Stanford checker to flag null deref.
Jeremy.
(This used to be commit b7fc023e9025127855fab71002d556e5f84e00b4)
|
|
(This used to be commit 2e9f5c520a843ad22088388d155a172a63c140d5)
|
|
Thanks to Michael Adam <ma@sernet.de>
Volker
(This used to be commit 91878f9b6fbe5187fb7d0464008ea0abe7f11a73)
|
|
on the wire. This allows us to go to nsec resolution
for systems that support it. It should also now be
easy to add a correct "create time" (birth time)
for systems that support it (*BSD). I'll be watching
the build farm closely after this one for breakage :-).
Jeremy.
(This used to be commit 425280a1d23f97ef0b0be77462386d619f47b21d)
|
|
error. Fix our DNS SRV lookup code to deal with multi-homed hosts.
We were noly remembering one IP address per host from the Additional
records section in the SRV response which could have been an unreachable
address.
(This used to be commit 899179d2b9fba13cc6f4dab6efc3c22e44e062bc)
|
|
Fixes bugs reported in libsmbclient.
Jeremy.
(This used to be commit 42a417fb75313b093948602c3be8e2f386048b5f)
|
|
use the generic IP list sort in get_sorted_dc_list().
(This used to be commit 03a767539d5b09ebd6564c0c9157de2a6e0e6b89)
|
|
Michael Adam/Volker, please check.
Guenther
(This used to be commit d0feb85781f69325ee70aff98370cfac037c4cc2)
|
|
Michael Adam <ma@sernet.de>)
(This used to be commit 7b51e27d026f2511edcde054f0d2deb9932d2fe8)
|
|
(This used to be commit d7246284e0117f7a97b3cbb80ff45b532559bf63)
|
|
a copy of the plaintext password, only the NT and LM
hashes (all it needs). Fix smbencrypt to expose hash
verions of plaintext function. Andrew Bartlett, you
might want to look at this for gensec.
This should make it easier for winbindd to store
cached credentials without having to store plaintext
passwords in an NTLM-only environment (non krb5).
Jeremy.
(This used to be commit 629faa530f0422755823644f1c23bea74830912f)
|
|
Thanks to Michael Adam <ma@sernet.de>
Volker
(This used to be commit 6e641c90b8f52a822a83701cdf305c60416d7f0c)
|
|
client smb signing to be correctly turned off.
Jeremy.
(This used to be commit 61f052b0a67b8a05b5d925bf8bbad73369ac03bd)
|
|
Volker
(This used to be commit 990da03f0940371d20f89c145b7ebdbe8e9bf4c4)
|
|
Volker
(This used to be commit 94817a8ef53589011bc4ead4e17807a101acf5c9)
|
|
Volker
(This used to be commit ea83001d3ed0b5da67cf367c17fdef662bc01681)
|
|
NTcancel doesn't send a reply, so in this case the signing
sequence number is only incremented by 1, not 2.
Jeremy.
(This used to be commit 85841a01987e653a085af00c7c437145686a332b)
|
|
(This used to be commit fd82f185a2e0f94bfb75f4eee072556ad94bf27d)
|
|
(This used to be commit be9aaffdaccae06c8c035eaf31862e34b7cfbe38)
|
|
calls introduced by signing code simplification.
Please test if you've seen signing problems with
3.0.23a.
Jeremy.
(This used to be commit f462daf02c12cfba634f92e681eb23a09e7d0acf)
|
|
Jeremy.
(This used to be commit deaac5bd463e5b8fd0b9915b553fdac3a4271293)
|
|
turns out that EDQUOTA must map to NT_STATUS_DISK_FULL
for Windows apps to work correctly. My mistake.
Jeremy.
(This used to be commit de1e3f7a7ae9e8a41b45130e2cdfc22f43cf53b5)
|
|
Based on an idea from Shlomi Yaakobovich <Shlomi@exanet.com>.
Jeremy.
(This used to be commit 9c440925f879d1e4ef99d04e2dfbe41077869204)
|
|
A patch to make ntlm_auth recognize three new commands in
ntlmssp-client-1 and squid-2.5-ntlmssp:
The commands are the following:
Command: SF <hex number>
Reply: OK
Description: Takes feature request flags similar to samba4's
gensec_want_feature() call. So far, only NTLMSSP_FEATURE_SESSION_KEY,
NTLMSSP_FEATURE_SIGN and NTLMSSP_FEATURE_SEAL are implemented, using the same
values as the corresponding GENSEC_FEATURE_* flags in samba4.
Command: GF
Reply: GF <hex number>
Description: Returns the negotiated flags.
Command: GK
Reply: GK <base64 encoded session key>
Description: Returns the negotiated session key.
(These commands assist a wine project to use ntlm_auth for signing and
sealing of bulk data).
Andrew Bartlett
(This used to be commit bd3e06a0e4435f1c48fa3b7862333efe273119ee)
|
|
(This used to be commit 1a5874588686fb4ece9be70059ff75b975ed2bd5)
|
|
DCs isn't resolvable in DNS. The fix is to leave that DC out of the
returned list of DCs. I think the original code intended that anyway,
just didn't quite get it right ('i' wasn't incremented in that code
path, so the loop didn't terminate)
(This used to be commit d7ec9f3cc0439e9e0f4c98988b14ae2155d931b9)
|
|
(This used to be commit 2e7afa9e19b117d7a8ce1238c1b9b80ececec729)
|
|
to be selected.
Jeremy.
(This used to be commit 2d8d4bd77bac6f5e7865657e12affd8b94aa85c3)
|
|
(This used to be commit 083ef11cc9be8f1299f233bde194173e092e2c3c)
|
|
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
|
|
signing bug.
Jeremy.
(This used to be commit 3b7fbe856cea7cbb5bf91844f94f221be0a2c627)
|
|
by converting the lookup_XX functions to correctly
return SID_NAME_TYPE enums.
Jeremy.
(This used to be commit ee2b2d96b60c668e37592c79e86c2fd851e15f69)
|
|
Jeremy.
(This used to be commit ec0a47b94c12b64d351ca8e6bdd467578528f3da)
|
|
Jeremy.
(This used to be commit d1a1c4e092877a6ea0f98eed2a37a96d42c36323)
|
|
where we don't correctly check the return from memdup.
Jeremy.
(This used to be commit ce14daf51c7ee2f9c68c77f7f4674e6f0e35c9ca)
|
|
Added a next_token_no_ltrim() function which does not strip leading separator
characters. The new function is used only where really necessary, even though
it could reasonably be used in many more places, to avoid superfluous code
changes.
Derrell
(This used to be commit d90061aa933f7d8c81973918657dd72cbc88bab5)
|
|
Although I've never met a computer or compiler that produced pointers to
functions which are a different size than pointers to data, I suppose they
probably exist. Assigning a pointer to a function is technically illegal in C
anyway.
Change casts of the option_value based on the option_name to use of variable
argument lists.
For binary compatibility, I've maintained but deprecated the old behavior of
debug_stderr (which expected to be passed a NULL or non-NULL pointer) and
added a new option debug_to_stderr which properly expects a boolean (int)
parameter.
Derrell
(This used to be commit c1b4c510530ca3118d1eccb9615a8cad732c7373)
|
|
Jeremy.
(This used to be commit 09e11dcb2304eec9656e76c24921c82f4a870914)
|
|
Guenther
(This used to be commit 840ac23ec007df445892d851144d6458c4e06a6b)
|
