Age | Commit message (Collapse) | Author | Files | Lines |
|
On LSA and SAMR pipes session_key is truncated to 16 byte when doing encryption/decryption.
However, this was not done for trusted domain-related modifying operations.
As result, Samba 4 client libraries do not work against Samba 3 while working
against Windows 2008 r2.
Solved this by introducing "session_extract_session_key()" function that allows to specify
intent of use of the key.
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Mar 13 12:23:44 CET 2012 on sn-devel-104
|
|
talloc_dict_set() expects a pointer to an talloc'ed pointer.
metze
|
|
metze
|
|
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Sun Mar 11 14:18:04 CET 2012 on sn-devel-104
|
|
It's a bit confusing to mix low-level and high-level libraries. We had
multiple libraries in one directory, and there were have circular
dependencies with other libraries outside that directory (in this case,
samba-hostconfig).
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Mar 10 23:13:01 CET 2012 on sn-devel-104
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sat Mar 10 20:46:05 CET 2012 on sn-devel-104
|
|
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Sat Mar 10 19:07:20 CET 2012 on sn-devel-104
|
|
This is used to enable async chained command sequences. A synchronous
reply_xxx command does not need to take are anymore about and_x
chaining. The async commands (pipe r/w at this moment) must do so
however. When finished, they must inform the main chain engine that
they are finished with a smb_request_done call.
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Sat Mar 10 17:14:05 CET 2012 on sn-devel-104
|
|
|
|
|
|
This is fixed up in construct_reply_chain
|
|
|
|
<insert your favourite tombstone ascii art here>
|
|
This is a new implementation of our andx handling code. The old
code was quite involved in that it was called from within the reply_
handlers. This leads to pretty complex faking of smb_request
structures to give them the same environment, independent of whether
they are called directly or from within chain_reply.
chain_reply needs to go because it blocks really async handling of
chained requests.
|
|
This is in preparation of getting rid of chain_reply.
|
|
Normally chain_reply took care of this. This will go away soon.
|
|
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Sat Mar 10 15:27:09 CET 2012 on sn-devel-104
|
|
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Mar 10 03:47:04 CET 2012 on sn-devel-104
|
|
16-bit int read, not a 32-bit one.
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
for all requests that have max_???? checks, also do a check of the
creditcharge the client has sent (when using largemtu)
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Fri Mar 9 19:01:06 CET 2012 on sn-devel-104
|
|
|
|
|
|
This just means there is one less pointer to ensure we initialise.
Andrew Bartlett
|
|
The ->get_ntlm_challenge and ->check_ntlm_password elements of struct auth_context
were only ever initialised to a single value. Make it easier to follow by
just calling the function directly.
Andrew Bartlett
|
|
This patch ensures consistency in behaviour between NTLMSSP and NTLM
session setup handlers. By calling the same layer that auth_ntlmssp
calls, we can not only allow redirection of all authentication to the
AD DC, we ensure that map to guest and username map handling is
consistent, even in the file server alone.
Andrew Bartlett
|
|
|
|
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 7 22:41:21 CET 2012 on sn-devel-104
|
|
Since the piddir got moved from the lockdir by default, the default piddir
wasn't getting created, stopping some configurations from running.
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
uuid_t is not defined without including sys/uuid.h, configure+waf checks added.
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
Since the piddir got moved from the lockdir by default, the default piddir
wasn't getting created stopping some configurations from running.
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
The end point mapper is primarily in support of lsasd, and the key
SAMR, LSA and NETLOGON services being accessed over TCP/IP. The end
point mapper does not appear to be used for the well-known mappings to
named pipes, and we have a problem with how to safely register the
embedded pipes. For now, disable this to avoid re-registration storms
in production, until we sort out a better way.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Mar 7 14:27:38 CET 2012 on sn-devel-104
|
|
This ensures that these services are not accidentally registered in
these child processes.
Andrew Bartlett
|
|
Embedded RPC services are those not launched in the preforked lsasd
and spoolssd children.
The reason that these child processes were created is that is is not
possible to correctly listen for ncalrpc and TCP connections without
creating a child process. Therefore, we should not have these
embedded RPC services to listen on these sockets just because the
endpoint mapper has been enabled.
Andrew Bartlett
|
|
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Mar 7 01:34:05 CET 2012 on sn-devel-104
|
|
The plan is to have files_struct as some kind of low level
abstraction for a smb1/smb2 opens, that can be used by SMB_VFS modules.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Mar 6 23:04:01 CET 2012 on sn-devel-104
|
|
smbd_server_connection
The plan is to have connection_struct as some kind of low level
abstraction for a smb1/smb2 tree connects, that can be used by SMB_VFS modules.
metze
|
|
The plan is to have users_struct as some kind of low level
abstraction for a smb1/smb2 session, that can be used by SMB_VFS modules.
metze
|
|
metze
|
|
This is only used for AS_GUEST requests
Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Tue Mar 6 14:29:50 CET 2012 on sn-devel-104
|
|
We were printing nmb->header.name_trn_id with %hu, which denotes a
short. However, header.name_trn_id is an int for the better or
worse.
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Mon Mar 5 23:14:33 CET 2012 on sn-devel-104
|
|
This consults the two definitions for embedded, that is if the deamon is forking
or if the rpc_server:<interface> line is set to embedded.
Andrew Bartlett
Signed-off-by: Andreas Schneider <asn@samba.org>
|