summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2011-10-21s3-seal Remove struct smb_srv_trans_enc_ctxAndrew Bartlett3-104/+54
This structure added no value, particularly after the move to gensec. It was added at a time when auth_ntlmssp_state was not available in the client. This changed a while back (the wrapper was extended with client calls), and the move to gensec again reinforced that we do not need the extra complexity. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove references to auth_ntlmssp_context from the smb sealing codeAndrew Bartlett4-46/+54
Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_session_key()Andrew Bartlett4-17/+12
We now just call the gensec_session_key() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_want_feature()Andrew Bartlett9-31/+17
We now just call the gensec_want_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-seal use gensec_[un]wrap() instead of gensec_[un]seal_packet()Andrew Bartlett1-54/+41
This should not make a difference for NTLMSSP as it still calls the low level ntlmssp_[un]seal_packet() functions with the same input parameters. If we convert the gss-api/krb5 based code to gensec we have to use gensec_[un]wrap() as the wire format is different compared to gensec_[un]seal_packet() there. Andrew Bartlett Split from another commit by Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp use gensec_{seal,unseal,sign,check}_packetAndrew Bartlett5-125/+55
This avoids the indirection via the auth_ntlmsssp wrapper functions. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_negotiated_sign() and ↵Andrew Bartlett4-16/+4
auth_ntlmssp_negotiated_seal() We now just call the gensec_have_feature() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-ntlmssp Remove auth_ntlmssp_update wrapperAndrew Bartlett10-47/+41
We now just call gensec_update directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3-auth remove auth_ntlmssp_session_info()Andrew Bartlett5-23/+11
Instead, call gensec_session_info() directly. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-21s3:smbd/seal: pass talloc_tos() auth_ntlmssp_update(), because we free a few ↵Stefan Metzmacher1-1/+1
lines later metze
2011-10-21s3:libsmb/smb_seal: always use SAFE_FREE(buf) in common_free_enc_buffer()Stefan Metzmacher1-14/+1
There's no need to do gss-api specific stuff, the buffer is always malloc'ed. metze
2011-10-21s3:libsmb/smb_seal: use plain malloc() in common_ntlm_encrypt_buffer()Stefan Metzmacher1-2/+7
metze
2011-10-21s3:libsmb/smb_seal: avoid ads_errstr() dependency and use gssapi_error_string()Stefan Metzmacher1-9/+28
metze
2011-10-21s3:libsmb/smb_seal: make use of common [_]smb_[set]len_nbt() macrosStefan Metzmacher1-11/+11
metze
2011-10-21s3:include: make smb_setlen() a macroStefan Metzmacher3-15/+1
metze
2011-10-21libcli/smb: move some common defines to smb_constants.hStefan Metzmacher1-27/+0
metze
2011-10-21build: compile (but do not install) netapi examplesAndrew Bartlett2-0/+65
The only example not yet built is the GTK domain join gui. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Oct 21 01:31:55 CEST 2011 on sn-devel-104
2011-10-20s3:Makefile: make DSO_EXPORTS_CMD more portable (#8531)Björn Jacke1-1/+1
It sems like every not completely trivial sed expression should be tested with Solaris' sed. Its regexp engine is way more limited than the one of GNU sed. Thanks to Michael Pelletier for finding this! This fixes bug #8531 Autobuild-User: Björn Jacke <bj@sernet.de> Autobuild-Date: Thu Oct 20 23:15:05 CEST 2011 on sn-devel-104
2011-10-20Refactor to create check_parent_access() which can be called for file ↵Jeremy Allison1-23/+64
creation too. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Oct 20 20:29:22 CEST 2011 on sn-devel-104
2011-10-20Make mkdir_internal() check the parent ACL for SEC_DIR_ADD_SUBDIR rights.Jeremy Allison1-2/+33
2011-10-20s3-netapi Compile (but do not install) netapi testsAndrew Bartlett2-1/+7
2011-10-20s3:libsmb/async_smb: in cli_state_notify_pending() we always disconnectStefan Metzmacher1-7/+5
So we should always set state->mid = 0. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Oct 20 11:34:23 CEST 2011 on sn-devel-104
2011-10-20Fix error return to be NT_STATUS_NOT_A_DIRECTORY.Jeremy Allison1-2/+2
2011-10-20Make use of the "dir_exists" we already have on directory open.Jeremy Allison1-8/+28
2011-10-19s3-waf: make sure we always compile (not install) our libsmbclient testcode.Günther Deschner1-0/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Oct 19 20:42:52 CEST 2011 on sn-devel-104
2011-10-19s3:libsmb/smb_seal: move smb_set_enclen() to smb_seal.c and make it static thereStefan Metzmacher3-14/+13
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Oct 19 19:06:35 CEST 2011 on sn-devel-104
2011-10-19s3:libsmb/smb_seal: s/uint16/uint16_tStefan Metzmacher2-5/+5
metze
2011-10-19s3:include: move smb_seal.c prototypes to smb_crypt.hStefan Metzmacher3-9/+10
metze
2011-10-19s3:libsmb/smb_seal: make common_ntlm_[en|de]crypt_buffer staticStefan Metzmacher2-7/+2
metze
2011-10-19s3:include: use smb_[set]len_[nbt|tcp]() macrosStefan Metzmacher1-4/+4
metze
2011-10-19s3: Remove duplicate fsctl function definitionsDavid Disseldorp4-52/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-19s3: Avoid a winbind 100% cpu loopVolker Lendecke1-0/+8
When a DC goes down hard, winbind can end up in a 100% CPU loop. The next (small) RPC request to the DC ends up as a trans2 request. If the connection goes down, we end up trying to discard the request via the loop in cli_state_notify_pending(). Because this is a trans2 request, cli_smb_req_unset_pending will not kick in. Thus the pending array will always remain at length 1. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Oct 19 01:39:35 CEST 2011 on sn-devel-104
2011-10-19vfs_netatalk should be using strstr_m, not strstr to find .AppleDouble paths.Jeremy Allison1-5/+5
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 19 00:05:45 CEST 2011 on sn-devel-104
2011-10-18The last argument to atalk_build_paths() is always false, remove it.Jeremy Allison1-12/+9
2011-10-18s3-util: dbwrap_tool: add fetch fuctions for hex and stringBjörn Baumbach1-0/+61
Signed-off-by: Michael Adam <obnox@samba.org>
2011-10-18s3-util: dbwrap_tool: add store hex functionBjörn Baumbach1-3/+43
Allows the user to store hex blobs in a tdb. Signed-off-by: Michael Adam <obnox@samba.org>
2011-10-18pdb-interface: Do not use unid_t hereSimo Sorce8-52/+59
This interface needs to be publicly available, unid_t here is not really useful and makes it harder to use it as unid_t is not a public union. Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Tue Oct 18 20:57:16 CEST 2011 on sn-devel-104
2011-10-18s3-auth move the s3 auth context onto gensec_ntlmssp once we startAndrew Bartlett1-2/+2
We do not need it on the auth_ntlmssp_state any longer. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 18 13:54:36 CEST 2011 on sn-devel-104
2011-10-18s3-libsmb Use a gensec module to provide the ntlmssp client in ntlmssp_wrap.cAndrew Bartlett2-85/+198
This removes the need to have if (ans->gensec_security) everywhere. Andrew Bartlett
2011-10-18s3-ntlmssp split auth_ntlmssp_client_start() into two partsAndrew Bartlett5-25/+34
This will allow it to be a wrapper around a gensec module, which requires that they options be set on a context, but before the mechanism is started. This also simplfies the callers, by moving the lp_*() calls into one place. Andrew Bartlett
2011-10-18s3-rpc_client remove cli_auth_ntlmssp_data_destructorAndrew Bartlett1-9/+1
This can be an ordinary talloc child without causing any problem. This seems to have been inherited from a time when ntlmssp_client_start() returned malloc() based memory. Andrew Bartlett
2011-10-18s3:auth_util: add the uid with WBC_ID_TYPE_BOTH also to the group arrayStefan Metzmacher1-2/+4
This will help with having "sidHistory" support in future. metze
2011-10-18s3-auth: use typedefs in auth.hAndrew Bartlett1-8/+14
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18gensec: move event context from gensec_*_init() to gensec_update()Andrew Bartlett2-2/+3
This avoids keeping the event context around on a the gensec_security context structure long term. In the Samba3 server, the event context we either supply is a NULL pointer as no server-side modules currently use the event context. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18s3-auth fix comment after s3 ntlmssp gensec moduleAndrew Bartlett1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18s3-smbd Give the nt error string when failing to set up encrypted transportAndrew Bartlett1-3/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18s3-ntlmssp Implement the server-side auth_ntlmssp code as a GENSEC moduleAndrew Bartlett4-87/+229
This uses the top level gensec_ntlmssp helper functions which are identical to the parts of ntlmssp_wrap.c that are now not called. (Includes formatting and correctness fixes from Metze) Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18ntlmssp: Move ntlmssp code to auth/ntlmsspAndrew Bartlett18-23/+23
This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18build: compile gensec_start.c and credentials.c in the autoconf buildAndrew Bartlett1-0/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-10-18s3-auth Add my copyrightAndrew Bartlett2-2/+2
I have done plenty of work here, I deserve some of the blame :-) Andrew Bartlett