Age | Commit message (Collapse) | Author | Files | Lines |
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Thu Aug 18 22:16:38 CEST 2011 on sn-devel-104
|
|
gensec_session_key()
This is slightly less efficient, because we no longer keep a cache on
the gensec structures, but much clearer in terms of memory ownership.
Both gensec_session_info() and gensec_session_key() now take a mem_ctx
and put the result only on that context.
Some duplication of memory in the callers (who were rightly uncertain
about who was the rightful owner of the returned memory) has been
removed to compensate for the internal copy.
Andrew Bartlett
|
|
|
|
metze
|
|
metze
|
|
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Thu Jun 23 01:50:39 CEST 2011 on sn-devel-104
|
|
This is needed for OpenChange, which prints Samba struct server_id
values in debug messages.
Andrew Bartlett
|
|
XP seems to have problems working at a correct speed (or even
working at all if we return referral of level 4).
|
|
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Tue May 17 01:33:27 CEST 2011 on sn-devel-104
|
|
|
|
|
|
|
|
This also changes some DEBUG messages to use cluster_id_string()
rather than .id, to isolate them from this and other changes.
Andrew Bartlett
|
|
This avoids a conflict with the source3/ lock_path()
|
|
Since the "set" will be free'd afterwards "talloc_steal" is enough.
Reviewed-by: Tridge
|
|
Preparation for cleaning up this API.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Mar 29 21:01:49 CEST 2011 on sn-devel-104
|
|
convert_string*()
we shouldn't accept bad multi-byte strings, it just hides problems
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Mar 24 01:47:26 CET 2011 on sn-devel-104
|
|
Guenther
|
|
This changes auth_serversupplied_info into the IDL-defined struct
auth_user_info_dc. This then in turn contains a struct
auth_user_info, which is the only part of the structure that is
mainted into the struct session_info.
The idea here is to avoid keeping the incomplete results of the
authentication (such as session keys, lists of SID memberships etc) in
a namespace where it may be confused for the finalised results.
Andrew Barltett
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Nov 7 01:48:44 UTC 2010 on sn-devel-104
|
|
The new waf-based build system now has all the same functionality, and
the old build system has been broken for quite some time.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
|
|
|
|
Order of referral is now like w2k8/w2k8r2 as it seems it has an
influence on how clients manage to get it.
|
|
the mixture of async and sync code in gensec makes a EOF on a socket
during a session setup cause a crash. The simplest solution is to
stop processing events on the socket until the session setup is
complete.
|
|
This also changes the calling convention slightly - we should always
allocate this with talloc_zero() to allow some elements to be
optional. Some elements may only make sense in Samba3, which I hope
will use this common structure.
Andrew Bartlett
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This allows us to control what groups should be added in what use
cases, and in particular to more carefully control the introduction of
the 'authenticated' group.
In particular, in the 'service_named_pipe' protocol, we do not have
control over the addition of the authenticated users group, so we key
of 'is this user the anonymous SID'.
This also takes more care to allocate the right length ptoken->sids
Andrew Bartlett
|
|
Obviously this isn't needed and in general site names shouldn't be hardcoded
anymore (except there is a good reason).
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
metze
|
|
metze
|
|
The auth context was in the past only for NTLM authentication, but we
need a SAM, an event context and and loadparm context for calculating
the local groups too, so re-use that infrustructure we already have in
place.
However, to avoid problems where we may not have an auth_context (in
torture tests, for example), allow a simpler 'session_info' to be
generated, by passing this via an indirection in gensec and an
generate_session_info() function pointer in the struct auth_context.
In the smb_server (for old-style session setups) we need to change the
async context to a new 'struct sesssetup_context'. This allows us to
use the auth_context in processing the authentication reply .
Andrew Bartlett
|
|
we won't be using the mk -> wscript generator again
|
|
them
|
|
|
|
Re-using two of the create_options bits was bound to eventually
cause problems, and indeed, Windows7 now uses one of those bits
when opening text files.
Fixes bug 7189
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
metze
|
|
metze
|
|
metze
|
|
It is just easier to fill in the known to be 8 byte challenge than
stuff about with allocated pointers.
Andrew Bartlett
|
|
Thanks to Metze for spotting this.
|
|
This helps with the CIFS NTVFS backend, but doesn't solve all problems
|
|
|
|
In order to implement root_fid in the s4 SMB server we need to declare
it as a handle type, just as for other fnum values in SMB. This
required some extensive (but simple) changes in many bits of code.
|
|
|
|
see bug #6610
The MacOSX SMB client sets the BCC value in SMBwriteX calls to zero
instead of the correct size. Checking against WindowsXP, I've found
that Windows uses the maximum of the computed buffer size and the
given BCC value. I've changed Samba4 to do the same to allow MacOSX to
work.
I've limited this change to non-chained packets to ensure we don't get
the possibility of exploits based on overlapping chained requests
|
|
|