Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Dec 15 00:50:08 CET 2010 on sn-devel-104
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Dec 14 23:29:25 CET 2010 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
the "date" syntax is different for example on *BSD
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Tue Dec 14 15:31:03 CET 2010 on sn-devel-104
|
|
fsp->fsp_name->st
instead of a SMB_STRUCT_STAT on the stack.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Dec 14 05:05:50 CET 2010 on sn-devel-104
|
|
Now that 'client ntlmv2 auth = yes' is the default, make it more clear
what options a user may need to enable to get this to work.
Andrew Bartlett
|
|
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Dec 14 01:09:05 CET 2010 on sn-devel-104
|
|
WITH_SENDFILE ifdefs.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Dec 13 23:47:07 CET 2010 on sn-devel-104
|
|
when processing the faked up SMB2 NegProt from the SMB1 packet we
always allocate one credit on reply.
Jeremy.
|
|
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Dec 13 15:03:08 CET 2010 on sn-devel-104
|
|
samba3.posix_s3.rpc.spoolss.*printserver.enum_printers_old
The name is in lowercase since commit 35fbc7bbda5851f7172538f79fc79be201f1d521
(s4-smbtorture: Make test names lowercase and dot-separated.)
This should avoid intermittent failures in make test.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Dec 13 13:52:18 CET 2010 on sn-devel-104
|
|
With this change make test in the s3 waf build (w/o s4 smbtorture yet) works!
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Mon Dec 13 13:06:05 CET 2010 on sn-devel-104
|
|
Our binaries did not export symbols so e.g. smbd could not load vfs modules.
Patch from tridge.
We might remove this later on, once we decide to resolve all symbols and fix all
dependencies in s3 modules.
Guenther
|
|
This is consistent with the test names used by selftest, should
make the names less confusing and easier to integrate with other tools.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Dec 11 04:16:13 CET 2010 on sn-devel-104
|
|
128 credits.
Jeremy.
|
|
vfstest tries to create /messages.tdb as loadparm has not been
initialised
|
|
|
|
Andrew Bartlett
|
|
This allows the administrator to more carefully chose what name to register.
Andrew Bartlett
|
|
Andrew Bartlett
|
|
This is for the case where we have the plaintext password locally, and
can construct the challenge-response values here.
We should never ever use the LM password in domain authentication.
The last domain controller to only have LM passwords stored was NT
3.5.
Andrew Bartlett
|
|
It is never correct to ask for a machine$ principal as the target of a
kerberos connection. You should always connect via the
servicePrincipalName.
This current code appears to have built up from a series of minimal
changes, as the codebase adapted the to lack of a SPNEGO principal
from Windows 2008.
Andrew Bartlett
|
|
This matches the improved security measures of Windows Vista.
Andrew Bartlett
|
|
This patch, based on the suggestion by Goldberg, Neil R. <ngoldber@mitre.org>
turns off the sending of the principal in the negprot by default, matching
Windows 2008 behaviour.
This slowly works us back from this hack, which from an RFC
perspective was never the right thing to do in the first place, but we
traditionally follow windows behaviour. It also discourages client
implmentations from relying on it, as if they do they are more open to
man-in-the-middle attacks.
Andrew Bartlett
|
|
This principal is not supplied by later versions of windows, and using
it opens up some oportunities for man in the middle attacks. (Becuase
it isn't the name being contacted that is verified with the KDC).
This adds the option 'client use spnego principal' to the smb.conf (as
used in Samba4) to control this behaivour. As in Samba4, this
defaults to false.
Against 2008 servers, this will not change behaviour. Against earlier
servers, it may cause a downgrade to NTLMSSP more often, in
environments where server names are not registered with the KDC as
servicePrincipalName values.
Andrew Bartlett
|
|
|
|
|
|
Before we rejected the authentication if we don't support the
first spnego mech the client offered.
We now negotiate the first mech we support.
This fix works arround problems, when a client
sends the NEGOEX (1.3.6.1.4.1.311.2.2.30) oid,
which we don't support.
metze
|
|
metze
|
|
metze
|
|
account.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Dec 7 17:37:52 CET 2010 on sn-devel-104
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Dec 7 16:50:23 CET 2010 on sn-devel-104
|
|
Guenther
|
|
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Dec 7 15:18:03 CET 2010 on sn-devel-104
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Dec 7 14:01:46 CET 2010 on sn-devel-104
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Tue Dec 7 13:07:51 CET 2010 on sn-devel-104
|
|
Guenther
|