summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* s3-ntlmssp Remove auth_ntlmssp_and_flags()Andrew Bartlett2011-08-035-20/+0
| | | | | | | | | | | There is no need to mask out these flags as they simply are not set yet. The correct abstraction is to ask for NTLMSSP features. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Remove rpccli_get_pwd_hash and auth_ntlmssp_get_nt_hashAndrew Bartlett2011-08-036-74/+26
| | | | | | | | | | | | | | | | | | | The session key we want here (the only one that is availble to the encryption layer) is the one obtained by cli_get_session_key(), as NTLMSSP creates a per-session session key via key exchange and NTLMv2 negotiation. The key was never directly the NT hash anyway (this is simply a mistake, the extra MD4() was lost during my previous cleanup f28f113d8e76824b080359c90efd9c92de533740 in 2008), but was MD4(NT hash) in early implementations of NTLMSSP. However, regardless this call is not available on domain trusts between AD domains and Windows 2003 R2, making this less useful. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* selftest: Test encrypted RPC pipes against plugin_s4_dcAndrew Bartlett2011-08-031-4/+5
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* selftest: use the s4 winbindd in plugin_s4_dc testAndrew Bartlett2011-08-032-2/+2
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Add hook to start a GENSEC mech to auth_samba4Andrew Bartlett2011-08-032-1/+89
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Remove auth_ntlmssp_or_flagsAndrew Bartlett2011-08-035-15/+7
| | | | | | | | | We now just use auth_ntlmssp_want_feature to get extra flags on the NTLMSSP context Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Remove calls to auth_ntlmssp_and_flags from the serverAndrew Bartlett2011-08-037-11/+15
| | | | | | | | | | | | This is changed so that the callers ask for the additional flags that they need, starting with no additional flags. This helps to create a proper abstraction layer in ntlmssp_wrap/auth_ntlmssp. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_updateAndrew Bartlett2011-08-039-37/+36
| | | | | | | | This clarifies the lifetime of the returned token. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp NTLMSSP sealing implies signing, so set both flagsAndrew Bartlett2011-08-031-0/+1
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Add hooks to optionally call into GENSEC in auth_ntlmsspAndrew Bartlett2011-08-037-15/+95
| | | | | | | | | | This allows the current behaviour of the NTLMSSP code to be unchanged while adding a way to hook in an alternate implementation via an auth module. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Add mem_ctx argument to auth_ntlmssp_get_session_key()Andrew Bartlett2011-08-034-8/+8
|
* s3-auth Allow auth modules to provide an initialised GENSEC contextAndrew Bartlett2011-08-032-2/+18
| | | | | | | | | This will allow auth plugins such as auth_samba4 to provide an initialised GENSEC context to auth subsystem callers. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Use auth_ntlmssp_*() functions in more placesAndrew Bartlett2011-08-037-29/+30
| | | | | | | | This allows auth_ntlmssp_get_ntlmssp_state() to be removed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Remove unused auth_ntlmssp_get_domain()Andrew Bartlett2011-08-031-6/+1
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-ntlmssp Remove unused auth_ntlmssp_get_clientAndrew Bartlett2011-08-031-5/+0
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-rpc_server use session_info to print user detailsAndrew Bartlett2011-08-031-4/+3
| | | | | | | | | | | | | | | This is the authoritative source for what the user was actually authenticated as. The previous message printed only what they claimed, and the DC might map this. The workstation is no longer printed in the logs, as it allows auth_ntlmssp_get_client() to be removed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Use else if in do_map_to_guest_server_infoAndrew Bartlett2011-08-031-3/+1
| | | | | | | | This means we can't ever call make_server_info_guest() twice. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Move map to guest to directly after the check_password callsAndrew Bartlett2011-08-035-97/+49
| | | | | | | | | This means we no longer need two different map to guest functions and have consistent logic with fewer layering violations. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* gensec: clarify memory ownership for gensec_session_info() and ↵Andrew Bartlett2011-08-0324-75/+74
| | | | | | | | | | | | | | | gensec_session_key() This is slightly less efficient, because we no longer keep a cache on the gensec structures, but much clearer in terms of memory ownership. Both gensec_session_info() and gensec_session_key() now take a mem_ctx and put the result only on that context. Some duplication of memory in the callers (who were rightly uncertain about who was the rightful owner of the returned memory) has been removed to compensate for the internal copy. Andrew Bartlett
* gensec: Remove mem_ctx from calls that do not return memoryAndrew Bartlett2011-08-0312-38/+21
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* gensec: split GENSEC into mechanism-dependent and runtime functionsAndrew Bartlett2011-08-0318-696/+787
| | | | | | | | | The startup and runtime functions that have no dependencies are moved into the top level. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3:libsmb/clifile: make use of cli_set_timeout()Stefan Metzmacher2011-08-031-12/+22
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Wed Aug 3 10:16:18 CEST 2011 on sn-devel-104
* s3:cli_np_tstream: make use of cli_set_timeout()Stefan Metzmacher2011-08-031-1/+2
| | | | metze
* s3:torture: make use of cli_set_timeout()Stefan Metzmacher2011-08-031-2/+2
| | | | metze
* s3:winbindd_cm: make use of cli_set_timeout()Stefan Metzmacher2011-08-031-1/+1
| | | | metze
* s3:libsmb/clidfs: make use of cli_state_encryption_on()Stefan Metzmacher2011-08-031-2/+2
| | | | metze
* s4-libcli: Fix the fd leak. Close open file descriptor before return.Amitay Isaacs2011-08-031-2/+4
| | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Aug 3 07:49:12 CEST 2011 on sn-devel-104
* samba-tool: Rename samba-tool command gpo2 --> gpoAmitay Isaacs2011-08-031-1/+1
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: Remove C version of samba-toolAmitay Isaacs2011-08-036-1173/+0
| | | | | | | Python version of samba-tool has now implemented all the commands from C version and more. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: Add implementation of gpo create commandAmitay Isaacs2011-08-031-1/+176
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: Add functions to create directories and copy files over SMB shareAmitay Isaacs2011-08-031-0/+32
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-libcli: get_acl and set_acl require raw_open to set security descriptorAmitay Isaacs2011-08-031-15/+75
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-libcli: Check if short_name is not null, before converting to python stringAmitay Isaacs2011-08-031-1/+8
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-libcli: Replace smb_composite_connect() with smb_full_connection()Amitay Isaacs2011-08-031-24/+20
| | | | | | Python smb connection now uses smb_full_connection method. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-policy: Use the correct local directory for stat.Amitay Isaacs2011-08-031-1/+1
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: Rename copy_directory_recurse to copy_directory_remote_to_localAmitay Isaacs2011-08-031-11/+19
| | | | | | | | gpo fetch is remote->local and gpo create is local->remote local is local filesystem and remote is smb share. Need two functions to copy local->remote and remote->local. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: Addd functions to print GPO flags and GPlink optionsAmitay Isaacs2011-08-031-28/+22
| | | | | | | Use methods from python wrapper to convert gpo flags and gplink options to string. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-policy: Add python wrapper for ads_to_dir_access_mask() functionAmitay Isaacs2011-08-031-2/+17
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-policy: Expose gp_ads_to_dir_access_mask() functionAmitay Isaacs2011-08-032-1/+2
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-libcli: Added python SMB methods for mkdir(), rmdir(), chkpath()Amitay Isaacs2011-08-031-11/+97
| | | | | | Updated docstrings for all methods. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* pyldb: return a copy of key constant DNs via python interfaceAndrew Tridgell2011-08-031-4/+21
| | | | | | | | | | this prevents an easy coding error where the caller modifies one of the key DNs for the database, by using an add_child function or similar Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* We don't need check_name() here. All possible paths to dptr_create()Jeremy Allison2011-08-031-4/+0
| | | | | | | have already called check_name. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Aug 3 03:00:55 CEST 2011 on sn-devel-104
* s3: Fix smb2 handling error returns from aioVolker Lendecke2011-08-021-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Found when reading with aio_fork beyond the end of file. Metze, Jeremy, please check! Without this we get [2011/08/02 21:02:54.082661, 0] lib/util.c:778(smb_panic_s3) PANIC (pid 2302): smbd/smb2_read.c:593: Type mismatch: name[NULL] expected[struct smbd_smb2_read_state] [2011/08/02 21:02:54.094316, 0] lib/util.c:882(log_stack_trace) BACKTRACE: 23 stack frames: #0 bin/smbd(log_stack_trace+0x2d) [0xb72873d8] #1 bin/smbd(smb_panic_s3+0x7c) [0xb7287529] #2 bin/smbd(smb_panic+0x2f) [0xb7277e1f] #3 /root/git/s3-work/source3/bin/libtalloc.so.2 [0xb6c6bc48] #4 /root/git/s3-work/source3/bin/libtalloc.so.2 [0xb6c6ec79] #5 /root/git/s3-work/source3/bin/libtalloc.so.2(_talloc_get_type_abort+0x34) [0xb6c6ecb3] #6 bin/smbd [0xb6fbc405] #7 bin/smbd(_tevent_req_notify_callback+0x4a) [0xb729a85a] #8 bin/smbd [0xb729a888] #9 bin/smbd(_tevent_req_done+0x19) [0xb729aa73] #10 bin/smbd [0xb6fae517] #11 bin/smbd [0xb6fad258] #12 bin/smbd(smbd_aio_complete_aio_ex+0xf5) [0xb6fad6e8] #13 /root/git/inst/modules/vfs/aio_fork.so [0xb66d4992] #14 bin/smbd(run_events_poll+0x400) [0xb7297df2] #15 bin/smbd(smbd_process+0xd75) [0xb6f9d3a7] #16 bin/smbd [0xb756f07b] #17 bin/smbd(run_events_poll+0x400) [0xb7297df2] #18 bin/smbd [0xb7298254] #19 bin/smbd(_tevent_loop_once+0x9e) [0xb72986ac] #20 bin/smbd(main+0x185c) [0xb7570e59] #21 /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb6b08455] #22 bin/smbd [0xb6f14e01] Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Aug 2 22:33:15 CEST 2011 on sn-devel-104
* s3: Remove unused ERROR_FORCE_NT macroVolker Lendecke2011-08-021-1/+0
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Aug 2 20:32:08 CEST 2011 on sn-devel-104
* s3: Remove unused ERROR_DOS macroVolker Lendecke2011-08-021-1/+0
|
* s3: Move deferred_open_queue to smbd_server_connectionVolker Lendecke2011-08-023-10/+12
|
* s3: Pass sconn explicitly to get_deferred_open_message_smbVolker Lendecke2011-08-021-4/+6
|
* s3: Pass sconn explicitly to open_was_deferredVolker Lendecke2011-08-027-18/+18
|
* s3: Pass sconn explicitly to schedule_deferred_open_message_smbVolker Lendecke2011-08-024-7/+22
|
* s3: Explicitly pass sconn to remove_deferred_open_message_smbVolker Lendecke2011-08-023-6/+8
|
generated by cgit (git 2.34.1) at 2024-11-12 19:47:03 +0000