Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Tue Aug 9 19:29:08 CEST 2011 on sn-devel-104
|
|
The max_data parameter of trans2/nttrans calls are not bound
to cli->max_xmit. Even with cli->max_xmit, which means the max
size of the whole SMB pdu, we would get fragmented trans2/nttrans
replies. That's why we can also use our maximum, which is CLI_BUFFER_SIZE.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Aug 9 18:14:38 CEST 2011 on sn-devel-104
|
|
The max_data parameter of trans2/nttrans calls are not bound
to cli->max_xmit. Even with cli->max_xmit, which means the max
size of the whole SMB pdu, we would get fragmented trans2/nttrans
replies. That's why we can also use our maximum, which is CLI_BUFFER_SIZE.
metze
|
|
We need for named pipes we need to send each fragment on its own to be a
message.
Signed-off-by: Simo Sorce <idra@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Tue Aug 9 11:55:18 CEST 2011 on sn-devel-104
|
|
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Free the children of p->mem_ctx after processing a complete incoming and
outgoing request.
Signed-off-by: Simo Sorce <idra@samba.org>
|
|
Ignore fd events without EVENT_FD_READ or EVENT_FD_WRITE also in
run_events_poll(). They are ignore when building the array
for the syscall in event_add_to_poll_args(), so we need to
ignore them run_events_poll() too.
metze
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Aug 9 10:11:54 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Mon Aug 8 19:18:41 CEST 2011 on sn-devel-104
|
|
The description of the function net conf delincludes had a wrong
usage message: "net conf setincludes" instead of "net conf delincludes".
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
There was a missing ']' in net conf addshare usage message.
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Mon Aug 8 16:44:08 CEST 2011 on sn-devel-104
|
|
registry.tdb
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
reg_deletekey_recursive
this changes the complexity from O(n^2) to O(n) and reduces the time of
a 'net conf drop' with 10000 shares from 6min to 1.5s
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
OpenChange needs this library.
Andrew Bartlett
|
|
This is needed so that OpenChange can get at _tevent_req_nterr(), which is referenced
by generated PIDL output.
Andrew Bartlett
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Aug 8 04:34:35 CEST 2011 on sn-devel-104
|
|
(bug #8357)
Currently we skip, the "gone async" interim response on read and write,
this caused the aio code path to grant 0 credits to the client
in the read/write responses.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Aug 7 22:23:57 CEST 2011 on sn-devel-104
|
|
This is more portable, as we have a strtoll replacement
in lib/replace.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Aug 6 11:55:45 CEST 2011 on sn-devel-104
|
|
Currently the caller doesn't cope with multiple async requests anyway,
so this is just protection for the future.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Aug 5 22:31:12 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Aug 5 18:29:24 CEST 2011 on sn-devel-104
|
|
|
|
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Fri Aug 5 16:58:37 CEST 2011 on sn-devel-104
|
|
|
|
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Fri Aug 5 12:48:55 CEST 2011 on sn-devel-104
|
|
do the alarm termination of the the ldap search a bit delayed so the LDAP
server has a chance to tell us that the time limit was reached and the
search was abandoned. If the search is terminated this way we also get
the correct LDAP return code in the logs. If alarm() stops the search the ldap
search routine will report that the LDAP server is down which would trigger us
to rebind to the server needlessly which we also want to avoid.
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Aug 4 19:06:39 CEST 2011 on sn-devel-104
|
|
SLES 9's glibc for example had weird macros where the use of strncat resulted
in the use of strcat which we don't allow.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Thu Aug 4 17:50:24 CEST 2011 on sn-devel-104
|
|
Removing the return is reasonable here because while no callers
currently specify more than one flag at a time, the
ntlmssp_want_feature code allows it.
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Aug 4 02:19:46 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 3 22:00:19 CEST 2011 on sn-devel-104
|
|
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Aug 3 17:48:33 CEST 2011 on sn-devel-104
|
|
This avoids having the same check in 3 different parts of the code
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Aug 3 12:45:04 CEST 2011 on sn-devel-104
|
|
This is explained where SESSION_KEY maps to SIGN at the NTLMSSP layer
Andrew Bartlett
|
|
|
|
Changes to the s3 epmapper behaviour seem to have fixed the rest of these
tests.
Andrew Bartlett
|
|
|
|
|
|
|
|
There is no longer any theft of memory as the underlying routines now
produce a new auth_session_info for this caller, allocating it
on the supplied memory context.
Andrew Bartlett
|
|
The NTLMSSP code always specified "" as the username, and this makes
guest logins via the old-style session setup do the same.
Andrew Bartlett
|
|
This tests if the auth_generic_start() hook is available on the auth
context during the negprot, and if so it uses auth_generic_start() to
hook to GENSEC to handle the full SPNEGO blob.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This comment can be clarified now the auth subsystem does not use the same
structure as the rest of the code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This structure element was only written to, not read.
It is filled into the companion structure, auth_session_info()
by create_local_token().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Rather than passing this value around the callers, and eventually
setting it in register_existing_vuid(), we simply pass it to
create_local_token(). This also removes the need for
auth_ntlmssp_get_username().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
This helps map on to the GENSEC semantics better, and ensures that the
full set of desired features are set before the mechanism starts.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
GENSEC has the concept of starting the GENSEC subsystem before starting the
actual mechansim. Between these two stages is when most context methods
are called, to specify credentials and features.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
There is no need to mask out these flags as they simply are not set
yet.
The correct abstraction is to ask for NTLMSSP features.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The session key we want here (the only one that is availble to the
encryption layer) is the one obtained by cli_get_session_key(), as
NTLMSSP creates a per-session session key via key exchange and NTLMv2
negotiation.
The key was never directly the NT hash anyway (this is simply a
mistake, the extra MD4() was lost during my previous cleanup
f28f113d8e76824b080359c90efd9c92de533740 in 2008), but was MD4(NT
hash) in early implementations of NTLMSSP.
However, regardless this call is not available on domain trusts
between AD domains and Windows 2003 R2, making this less useful.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|