summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2010-12-15s3-waf: fix winbind-client subsystem.Günther Deschner1-7/+9
Guenther
2010-12-15s3-waf: add libkrb5 winbind locator plugin.Günther Deschner1-0/+6
Guenther
2010-12-15s3-waf: rework rpc_server handling a bit.Günther Deschner2-21/+21
Guenther
2010-12-15Protect the onefs sendfile from EAGAIN/EWOULDBLOCK.Jeremy Allison1-1/+5
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Dec 15 03:26:43 CET 2010 on sn-devel-104
2010-12-15Implement "use sendfile = yes" for SMB2. (cherry picked from commit ↵Jeremy Allison4-3/+164
95cb7adcd03a1abbd0af395b6c96dd8e0eebd3d1) Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Dec 15 02:24:08 CET 2010 on sn-devel-104
2010-12-15Fix read/write calls over sockets to cope with EAGAIN/EWOULDBLOCK for ↵Jeremy Allison2-16/+68
non-blocking sockets.
2010-12-15Change interface of schedule_smb2_aio_read() to allocate the return DATA_BLOB.Jeremy Allison3-10/+27
Change smb2_read code to allocate return DATA_BLOB just before the read. Preparing for SMB2 sendfile change which will not need to allocate return buffer. Jeremy
2010-12-15s3-waf: libwbclient does not depend on talloc anymore.Günther Deschner1-1/+1
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Dec 15 00:50:08 CET 2010 on sn-devel-104
2010-12-14s3-waf: add missing libnss_wins.so.2 library.Günther Deschner1-2/+8
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue Dec 14 23:29:25 CET 2010 on sn-devel-104
2010-12-14s3-waf: recurse into ../libcli/ldap.Günther Deschner1-13/+7
Guenther
2010-12-14s3-waf: recurse into ../libcli/smb.Günther Deschner1-1/+2
Guenther
2010-12-14s3-waf: recurse into ../libcli/samsync.Günther Deschner1-3/+3
Guenther
2010-12-14s3-waf: recurse into ../libcli/named_pipe_auth.Günther Deschner1-8/+3
Guenther
2010-12-14s3-waf: recurse into ../libcli/drsuapi.Günther Deschner1-3/+3
Guenther
2010-12-14s3-waf: add pam_ and nss_winbind.Günther Deschner1-1/+14
Guenther
2010-12-14s3-waf: check for "WITH_PAM_MODULES" to determine pam_smbpass build.Günther Deschner1-1/+1
Guenther
2010-12-14s3-waf: fix pamsmbpass libwbclient dependency.Günther Deschner1-1/+1
Guenther
2010-12-14s3-waf: recurse into ../libcli/auth.Günther Deschner1-12/+6
Guenther
2010-12-14s3-waf: add CHARSET subsystem.Günther Deschner1-5/+11
Guenther
2010-12-14s3-waf: convert UTIL_SRC into a subsystem samba-util, similar to the s4 one.Günther Deschner1-2/+6
Guenther
2010-12-14s3-waf: convert lib/util_tdb.c into a subsystem.Günther Deschner1-2/+5
Guenther
2010-12-14s3-waf: use shared LIBASYNC_REQ subsystem.Günther Deschner1-2/+3
Guenther
2010-12-14s3/net: don't use external "date" to make "net time set" more portableBjörn Jacke1-14/+10
the "date" syntax is different for example on *BSD Autobuild-User: Björn Jacke <bj@sernet.de> Autobuild-Date: Tue Dec 14 15:31:03 CET 2010 on sn-devel-104
2010-12-14Ensure we use vfs_fsp_stat(), not VFS_STAT directly, and store into ↵Jeremy Allison1-19/+20
fsp->fsp_name->st instead of a SMB_STRUCT_STAT on the stack. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Dec 14 05:05:50 CET 2010 on sn-devel-104
2010-12-14s3-libsmb Improve error message when denying LM encryptionAndrew Bartlett1-9/+9
Now that 'client ntlmv2 auth = yes' is the default, make it more clear what options a user may need to enable to get this to work. Andrew Bartlett
2010-12-14Change crediting so that the credits are returned on the interim async response.Jeremy Allison1-4/+7
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Dec 14 01:09:05 CET 2010 on sn-devel-104
2010-12-13As we handle missing sendfile() inside lib/sendfile.c, remove the ↵Jeremy Allison2-9/+0
WITH_SENDFILE ifdefs. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Dec 13 23:47:07 CET 2010 on sn-devel-104
2010-12-13We need to start off with smb2.credits_granted == 0. That wayJeremy Allison1-2/+3
when processing the faked up SMB2 NegProt from the SMB1 packet we always allocate one credit on reply. Jeremy.
2010-12-13Remove extra unused credit arg. to smbd_smb2_request_setup_out()Jeremy Allison1-3/+3
2010-12-13s3-waf: try to fix the build with snow leopard.Günther Deschner1-1/+5
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Dec 13 15:03:08 CET 2010 on sn-devel-104
2010-12-13s3:selftest: fix knownfail for ↵Stefan Metzmacher1-1/+1
samba3.posix_s3.rpc.spoolss.*printserver.enum_printers_old The name is in lowercase since commit 35fbc7bbda5851f7172538f79fc79be201f1d521 (s4-smbtorture: Make test names lowercase and dot-separated.) This should avoid intermittent failures in make test. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Dec 13 13:52:18 CET 2010 on sn-devel-104
2010-12-13s3-selftest: support differing VFSLIBDIR in autoconf and waf build.Günther Deschner2-0/+2
With this change make test in the s3 waf build (w/o s4 smbtorture yet) works! Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon Dec 13 13:06:05 CET 2010 on sn-devel-104
2010-12-13s3-waf: add -Wl,--export-dynamic to LDFLAGS.Günther Deschner1-0/+2
Our binaries did not export symbols so e.g. smbd could not load vfs modules. Patch from tridge. We might remove this later on, once we decide to resolve all symbols and fix all dependencies in s3 modules. Guenther
2010-12-11s4-smbtorture: Make test names lowercase and dot-separated.Jelmer Vernooij2-57/+50
This is consistent with the test names used by selftest, should make the names less confusing and easier to integrate with other tools. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Dec 11 04:16:13 CET 2010 on sn-devel-104
2010-12-10Add a SMB2 crediting algorithm, by default the same as Windows. Defaults to ↵Jeremy Allison5-28/+163
128 credits. Jeremy.
2010-12-10s3-vfstest: fixed paths in vfstestAndrew Tridgell1-0/+2
vfstest tries to create /messages.tdb as loadparm has not been initialised
2010-12-10s3-dns Don't use DELEG_FLAG in DNS update, Windows 2008R2 does not like itAndrew Bartlett1-1/+1
2010-12-10s3-dns Don't use SEQUENCE_FLAG in DNS update, Windows 2008R2 does not like itAndrew Bartlett1-1/+1
Andrew Bartlett
2010-12-10s3-net Allow 'net ads dns register' to take an optional hostname argumentAndrew Bartlett1-6/+10
This allows the administrator to more carefully chose what name to register. Andrew Bartlett
2010-12-10s3-winbind Improve memory handling in NTLMv2-backend plaintext authenticationAndrew Bartlett1-17/+6
Andrew Bartlett
2010-12-10s3-winbind Don't send the LM password to the server, everAndrew Bartlett1-11/+1
This is for the case where we have the plaintext password locally, and can construct the challenge-response values here. We should never ever use the LM password in domain authentication. The last domain controller to only have LM passwords stored was NT 3.5. Andrew Bartlett
2010-12-10s3-libsmb Don't ever ask for machine$ principals as a target.Andrew Bartlett1-30/+6
It is never correct to ask for a machine$ principal as the target of a kerberos connection. You should always connect via the servicePrincipalName. This current code appears to have built up from a series of minimal changes, as the codebase adapted the to lack of a SPNEGO principal from Windows 2008. Andrew Bartlett
2010-12-10s3-client Use NTLMv2 by default in the Samba clientAndrew Bartlett1-2/+2
This matches the improved security measures of Windows Vista. Andrew Bartlett
2010-12-10s3-smbd Don't send SPNEGO principal (rfc4178 hint) by defaultAndrew Bartlett3-0/+15
This patch, based on the suggestion by Goldberg, Neil R. <ngoldber@mitre.org> turns off the sending of the principal in the negprot by default, matching Windows 2008 behaviour. This slowly works us back from this hack, which from an RFC perspective was never the right thing to do in the first place, but we traditionally follow windows behaviour. It also discourages client implmentations from relying on it, as if they do they are more open to man-in-the-middle attacks. Andrew Bartlett
2010-12-10s3-libads Default to NOT using the server-supplied principal from SPNEGOAndrew Bartlett4-6/+19
This principal is not supplied by later versions of windows, and using it opens up some oportunities for man in the middle attacks. (Becuase it isn't the name being contacted that is verified with the KDC). This adds the option 'client use spnego principal' to the smb.conf (as used in Samba4) to control this behaivour. As in Samba4, this defaults to false. Against 2008 servers, this will not change behaviour. Against earlier servers, it may cause a downgrade to NTLMSSP more often, in environments where server names are not registered with the KDC as servicePrincipalName values. Andrew Bartlett
2010-12-08libcli/auth bring ADS_IGNORE_PRINCIPAL in commonAndrew Bartlett1-2/+0
2010-12-08s3-waf: fixed version number handlingAndrew Tridgell2-13/+5
2010-12-07s3:ntlm_auth: support clients which offer a spnego mechs we don't supportStefan Metzmacher1-110/+169
Before we rejected the authentication if we don't support the first spnego mech the client offered. We now negotiate the first mech we support. This fix works arround problems, when a client sends the NEGOEX (1.3.6.1.4.1.311.2.2.30) oid, which we don't support. metze
2010-12-07s3:ntlm_auth: free session key, as we don't use it (at least for now)Stefan Metzmacher1-1/+2
metze
2010-12-07s3:ntlm_auth: fix memory leak in the raw ntlmssp code pathStefan Metzmacher1-0/+2
metze
generated by cgit (git 2.34.1) at 2024-11-12 23:05:31 +0000