Age | Commit message (Collapse) | Author | Files | Lines |
|
This makes it a little easier for it to writen in terms of GENSEC in future.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
We don't keep sampass in server_info anymore
So it makes no sense to keep it around.
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
All the callers just want the PAC_LOGON_INFO, so search for that in
ads_verify_ticket(), and don't bother the callers with the rest of the
PAC.
This change makes sense on it's own (removing boilerplate wrappers
that just confuse the code), but it also makes it much easier to
implement a matching ads_verify_ticket() function in Samba4 for the
s3compat proposal.
Andrew Bartlett
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:
ccache build w/o patch
real 4m21.529s
ccache build with patch
real 3m6.402s
pch build w/o patch
real 4m26.318s
pch build with patch
real 3m6.932s
Guenther
|
|
Found by Laurent Gaffie <laurent.gaffie@gmail.com>
Thanks for that,
Volker
|
|
In a cluster, this makes a large difference: For r/w traverse, we have to do a
fetch_locked on every record which for most users of connections_forall is just
overkill.
|
|
To provide the user with the same SID when doing Kerberos logins, attempt to do
a make_server_info_sam instead of a make_server_info_pw.
|
|
|
|
|
|
Andrew Bartlett
|
|
This reverts commit c85a4c9ba4a7de65a7850f6f9708df66bd24deea.
|
|
|
|
Jeremy.
|
|
Guenther
|
|
samba-3.4.0.
The values of vuid and tid were not being correctly updated in the struct smb_request
when passed to chain_reply inside sessionsetupX and tconX.
Jeremy.
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
We keep the seqnum/mid mapping in the smb_request structure.
This also moves one global variable into the
smbd_server_connection struct.
metze
|
|
Jeremy.
|
|
|
|
lp_use_kerberos_keytab parameter.
The first is "kerberos method" and replaces the "use kerberos keytab"
with an enum. Valid options are:
secrets only - use only the secrets for ticket verification (default)
system keytab - use only the system keytab for ticket verification
dedicated keytab - use a dedicated keytab for ticket verification.
secrets and keytab - use the secrets.tdb first, then the system keytab
For existing installs:
"use kerberos keytab = yes" corresponds to secrets and keytab
"use kerberos keytab = no" corresponds to secrets only
The major difference between "system keytab" and "dedicated keytab" is
that the latter method relies on kerberos to find the correct keytab
entry instead of filtering based on expected principals.
The second parameter is "dedicated keytab file", which is the keytab
to use when in "dedicated keytab" mode. This keytab is only used in
ads_verify_ticket.
|
|
version.h changes rather frequently. Since it is included via includes.h,
this means each C file will be a cache miss. This applies to the following
situations:
* When building a new package with a new Samba version
* building in a git branch after calling mkversion.sh
after a new commit (i.e. virtually always)
This patch improves the situation in the following way:
* remove inlude "version.h" from includes.h
* Use samba_version_string() instead of SAMBA_VERSION_STRING
in files that use no other macro from version.h instead of
SAMBA_VERSION_STRING.
* explicitly include "version.h" in those files that use more
macros from "version.h" than just SAMBA_VERSION_STRING.
Michael
|
|
The goal is to move all this variables into a big context structure.
metze
|
|
|
|
Karolin
|
|
|
|
|
|
|
|
Now that "req" is available everywhere, use it. Rename srvstr_pull_buf_talloc()
to srvstr_pull_req()
|
|
|
|
|
|
This removes some explicit inbuf references and also removes a pointless check
in reply_echo. The buflen can never be more than 64k, this is just a 16 bit
value.
|
|
This call expanded to
(smb_buflen(req->inbuf)
- PTR_DIFF(smb_buf(req->inbuf) - smb_buf(req->inbuf)))
which seems pretty pointless :-)
|
|
Guenther
|
|
Guenther
|
|
|
|
Sending the data at this level breaks the assumption at higher levels that
req->outbuf == NULL means this request is deferred. It also breaks potential
chaining (Kerberos session setup and tcon X in one request)
|
|
farm failures when winbindd connects as guest.
This one took a *lot* of tracking down :-).
Jeremy.
(This used to be commit dca827791276906436452c650062164eb819dfe0)
|
|
(This used to be commit eb281532b1721ded39c39bb00c26202080dcd735)
|
|
Log when we kill other smbd sessions like when we hit the VC == 0 case.
This one fixes BUG #5476.
Initial patch from Björn Jacke <bj@sernet.de>.
Karolin
(This used to be commit 1429f3b7cf293994b334052428fcdadcee162dea)
|
|
(This used to be commit f23e970848b6e6655453fa65f6f160f624acfcff)
|
|
(This used to be commit 9891c7c30858a3bea9adbea1c5bfa5c6b1b85221)
|
|
(This used to be commit e4a9492967f3d2b64f27943f99414608e0c03d21)
|
|
"nss_token" from my point of view much better reflects what this flag actually
represents
(This used to be commit b121a5acb2ef0bb3067d953b028696175432f10d)
|
|
(This used to be commit 8047a1991a09191fec254815f3bfc85a2c36674a)
|
|
This one took a bit -- I hope I covered all data paths
(This used to be commit 74c88a44422f88d6e2f2cdbfdfa0bafe0dbe06c4)
|