summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2012-03-05selftest: run smbtorture_s3 tests against the ntvfs file serverAndrew Bartlett1-0/+1
This checks not only the behaviour of the NTVFS file server, but also the client library and authentication stack. Andrew Bartlett
2012-03-05s3-ctdb: Enable CTDB readonly support only if CTDB supports itAmitay Isaacs3-1/+40
Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Mon Mar 5 02:47:36 CET 2012 on sn-devel-104
2012-03-05dbwrap_ctdb: only fetch a read-only copy if we had a record already.Rusty Russell3-5/+12
Because revoking read-only copies of records is expensive, we only want ctdbd to do it for high-turnover records. A basic heuristic is that if we don't find a local copy of the record, don't ask for a read-only copy. The fetch itself will cause ctdbd to migrate the record, so eventually we will have a local copy. Next time it gets migrated away, we'll call ctdbd_fetch() with local_copy = true. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-03-05ctdbd_conn: fetch read-only copies of records.Rusty Russell1-2/+2
This means we try to get a read-only copy of a record, which we can then place in the local tdb. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-03-05dbwrap_ctdb: handle read-only records.Rusty Russell1-9/+26
The new read-only record flags make determining if we can use a record a bit more complex, so extract it into its own function. The OLD logic was: 1) If the record doesn't exist, we can't use it. 2) If we are the dmaster for the record, we can use it. The new logic is: 1) If the record doesn't exist, we can't use it. 2) If we are the dmaster for the record, we can use it IF we only want read-only access, OR there are no read-only delegations. 3) If we are not dmaster, we can only use it if we want read-only access and it is marked as a read-only copy. This logic is unused until the next patches which begin to ask for read-only copies of records. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-03-05selftest: remove unused config.h checkAndrew Bartlett1-6/+0
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Mar 5 01:10:01 CET 2012 on sn-devel-104
2012-03-04s3-smbd: vuser and session_info cannot be NULL hereAndrew Bartlett1-37/+31
The callers always supply it. (this is a hold-over from the security=share removal). Andrew Bartlett
2012-03-04s3-rpc_server: consolidate rpc server init routinesAndrew Bartlett1-484/+64
This uses a helper function to reduce duplication. Andrew Bartlett
2012-03-04s3-auth Add make_session_info_from_pw to avoid multiple getpwnam() callsAndrew Bartlett1-12/+34
2012-03-04s3-auth: Remove security=share (depricated since 3.6).Andrew Bartlett18-827/+67
This patch removes security=share, which Samba implemented by matching the per-share password provided by the client in the Tree Connect with a selection of usernames supplied by the client, the smb.conf or guessed from the environment. The rationale for the removal is that for the bulk of security=share users, we just we need a very simple way to run a 'trust the network' Samba server, where users mark shares as guest ok. This is still supported, and the smb.conf options are documented at https://wiki.samba.org/index.php/Public_Samba_Server At the same time, this closes the door on one of the most arcane areas of Samba authentication. Naturally, full user-name/password authentication remain available in security=user and above. This includes documentation updates for username and only user, which now only do a small amount of what they used to do. Andrew Bartlett -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SHARE | | security=share | | | | | | 5 March | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______
2012-03-04s3:smbd/globals.h: remove unused pollfd pointerStefan Metzmacher1-6/+0
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Mar 4 23:18:10 CET 2012 on sn-devel-104
2012-03-04s3: Fix some && vs & warningsVolker Lendecke1-3/+3
Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Sun Mar 4 13:31:25 CET 2012 on sn-devel-104
2012-03-04s3-winbindd: Add stdin handler for winbindAndrew Bartlett2-3/+48
This will help avoid runaway processes in the test env, particularly when the whole selftest.pl is killed. Andrew Bartlett
2012-03-04s3-nmbd: Add stdin handler for nmbdAndrew Bartlett1-0/+33
This will help avoid runaway processes in the test env, particularly when the whole selftest.pl is killed. Andrew Bartlett
2012-03-04change low FDs are handled in SambaAndrew Bartlett4-19/+2
We now only close fds 0, 1, 2 when we are a forked daemon, and take care not to close a file descriptor that we might need for foreground stdin monitoring. This should fix stdout logging in the lsa and epmapper deamons (ie in make test). Andrew Bartlett
2012-03-04s3: don't replace the error message if already definedMatthieu Patou1-3/+5
Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Sun Mar 4 10:13:24 CET 2012 on sn-devel-104
2012-03-04s3: print a nice warning when HAVE_ADS is not enabled but you still try to ↵Matthieu Patou1-0/+5
do net rpc keytab vampire
2012-03-03s3: Fix a bogus if (client_len < 0)Volker Lendecke1-1/+1
On some platforms socklen_t might be unsigned, so comparing for <0 always returns true. Also, tsocket_address_bsd_sockaddr returns ssize_t. Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Sat Mar 3 23:38:31 CET 2012 on sn-devel-104
2012-03-03s3:libsmb: pass smb2 capabilities and client guid in cli_state_create()Stefan Metzmacher1-2/+7
metze Signed-off-by: Michael Adam <obnox@samba.org>
2012-03-03smbXcli: add the possiblilty to negotiate client capabilites in smb >= 2.2Michael Adam1-1/+2
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
2012-03-03s3:smbd:smb2_write: improve logging in the error caseMichael Adam1-4/+14
2012-03-02s3:smb2_server: use SMB2_WATCH_TREEChristian Ambach1-1/+1
it makes the code easier to understand if it uses the names specified in MS-SMB2 instead of just the underlying values
2012-03-02s3:smb2_server fix a typoChristian Ambach1-1/+1
2012-03-03s3: Fix some blank line endingsVolker Lendecke1-5/+5
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Sat Mar 3 03:41:03 CET 2012 on sn-devel-104
2012-03-02s3: Test for statfs before statfs64Volker Lendecke1-20/+20
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Fri Mar 2 12:04:35 CET 2012 on sn-devel-104
2012-03-02s3: Further fix for bug 8777Brad Smith3-12/+35
2012-03-02s3: Enable statvfs usage on NetBSDVolker Lendecke1-30/+30
linux_statvfs is pretty much what you use when you have susv4. No real code change, this moves linux_statvfs to the bottom of the (LINUX) to #ifdef (STAT_STAVFS).
2012-03-02s3:rpc_server: initialize struct schannel_state to zeroStefan Metzmacher1-2/+1
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Mar 2 08:48:23 CET 2012 on sn-devel-104
2012-03-02s3:rpc_client: initialize struct schannel_state to zeroStefan Metzmacher1-2/+1
metze
2012-03-02s3-selftest: Add tests for ntlm_auth gss-spnego client and serverAndrew Bartlett3-0/+46
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Mar 2 07:05:44 CET 2012 on sn-devel-104
2012-03-02s3-rpcclient: Ensure interfaces are loaded after smb.confAndrew Bartlett1-2/+3
This ensures that the interfaces line in the smb.conf is honoured. Andrew Bartlett
2012-03-02s3-libsmb: Initialise ticket to ensure we do not invalid memoryAndrew Bartlett1-0/+1
The free is however a talloc_free(), which has additional protection against freeing the wrong thing. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Mar 2 01:45:19 CET 2012 on sn-devel-104
2012-03-01Move to talloc from malloc.Jeremy Allison1-3/+7
2012-03-01Fix mixup between talloc/malloc.Jeremy Allison1-1/+1
2012-03-01s3-selftest: make ntlm_auth test more robust to bad inputAndrew Bartlett1-2/+5
If we do not know the helper protocol, make sure to error. Andrew Bartlett
2012-03-01s3-selftest: Add more tests for ntlm_authAndrew Bartlett2-19/+79
2012-03-01s3-ntlm_auth fix up gss-spnego-client so as to work with gss-spnegoAndrew Bartlett1-16/+5
The SPNEGO code changed since this was last tested. Andrew Bartlett
2012-03-01s3-ntlm_auth: Wrap kerberos token in GSSAPIAndrew Bartlett1-2/+6
While windows will accept this ticket without the wrapping, it is nicer to follow the standard and wrap it up in GSSAPI. This should allow the ntlm_auth gss-spnego-client to talk to the ntlm_auth gss-spengo server. Reported by Christof Schmitt <christof.schmitt@us.ibm.com> Andrew Bartlett
2012-03-01s3-ntlm_auth: Add --target-service and --target-hostname optionsAndrew Bartlett1-9/+40
This will allow the gss-spnego-client protocol to work with modern SPNEGO servers that do not send the principal in the mechListMIC. Andrew Bartlett
2012-03-01build: look for backtrace_symbols in libexecAndrew Bartlett1-1/+1
2012-03-01Trivial Comment fix: Supply a missing word in a commentRichard Sharpe1-1/+1
Autobuild-User: Richard Sharpe <sharpe@samba.org> Autobuild-Date: Thu Mar 1 06:55:44 CET 2012 on sn-devel-104
2012-03-01s3: Fix "make bin/smbtorture4" in the autoconf buildVolker Lendecke1-1/+1
tdb2 support does not work with a system-supplied libtdb yet Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Thu Mar 1 05:23:57 CET 2012 on sn-devel-104
2012-03-01Add open_dir_with_privilege() to ensure we're opening the correct directory ↵Jeremy Allison5-3/+72
when doing backup requests. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Mar 1 03:50:40 CET 2012 on sn-devel-104
2012-02-29Implement FLAG_TRANS2_FIND_BACKUP_INTENT for trans2 with privileges.Jeremy Allison1-4/+46
2012-02-29Add accessor functions to set a bool "priv" on a directory handle. Not yet ↵Jeremy Allison2-0/+13
used, but will be part of FLAG_TRANS2_FIND_BACKUP_INTENT code.
2012-02-29Add the implementation of check_reduced_name_with_privilege(). Now to plumb intoJeremy Allison5-8/+177
SMB1 requests.
2012-02-29Add check_reduced_name_with_privilege(), filename_convert_with_privilege() ↵Jeremy Allison3-5/+103
(currently unimplemented) in order to prepare for adding SeBackup/SeRestore code to the main fileserver. Not yet plumbed into the main SMB1/SMB2 code.
2012-02-29s3:torture/test_smb2: test path based calls during reauth in SMB2-MULTI-CHANNELStefan Metzmacher1-3/+51
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Feb 29 07:23:14 CET 2012 on sn-devel-104
2012-02-29s3:torture/test_smb2: test handle based calls during reauth in ↵Stefan Metzmacher1-0/+18
SMB2-MULTI-CHANNEL metze
2012-02-29s3:torture/test_smb2: do a reauth over multiple channels in SMB2-MULTI-CHANNELStefan Metzmacher1-0/+100
metze