| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
| |
Sadly this fails in the test environement for now. It needs a /etc/krb5.keytab
which we do not provide.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Jan 13 04:57:22 CET 2012 on sn-devel-104
|
| |
|
|
|
| |
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Fri Jan 13 03:11:20 CET 2012 on sn-devel-104
|
| |
|
|
|
| |
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Jan 13 01:35:03 CET 2012 on sn-devel-104
|
| |
|
|
|
|
|
| |
This forces us to only do one real get_share_mode_lock call and
share the data between the nested get_share_mode_lock calls.
Signed-off-by: Jeremy Allison <jra@samba.org>
|
| |
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
|
| |
|
|
| |
Signed-off-by: Jeremy Allison <jra@samba.org>
|
| |
|
|
|
|
|
|
| |
This slightly simplifies the code path for all callers which assume
that a share mode exists already. Only the callers in open_file_ntcreate
and open_directory will ever create new share modes.
Signed-off-by: Jeremy Allison <jra@samba.org>
|
| |
|
|
|
|
|
|
| |
This replaces fill_share_mode_lock() with the two routines
fresh_share_mode_lock() and parse_share_modes(). This lifts the
decision whether a share mode already existed on level up.
Signed-off-by: Jeremy Allison <jra@samba.org>
|
| |
|
|
|
|
|
|
|
|
| |
Not all cleartext password (machine passwords) can be converted to utf8,
let's export the raw uint16_t array.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Jan 12 23:58:12 CET 2012 on sn-devel-104
|
| |
|
|
| |
metze
|
| |
|
|
| |
metze
|
| |
|
|
|
| |
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Jan 12 17:33:10 CET 2012 on sn-devel-104
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Jan 12 14:47:05 CET 2012 on sn-devel-104
|
| |
|
|
| |
metze
|
| |
|
|
| |
metze
|
| |
|
|
|
|
|
| |
This is only a hint for the backend, which may want to fragment
update tokens.
metze
|
| |
|
|
|
| |
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Jan 12 13:10:19 CET 2012 on sn-devel-104
|
| |
|
|
|
|
|
| |
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Jan 12 11:22:53 CET 2012 on sn-devel-104
|
| |
|
|
|
|
|
|
|
|
|
| |
This reverts commit c25af51232616061bb08eea86aae595b4f029490 because
otherwise we could attempt to check a CKSUMTYPE_HMAC_SHA1_96_AES_256 key with a
KRB5_ENCTYPE_ARCFOUR_HMAC_MD5 key.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Jan 12 09:43:07 CET 2012 on sn-devel-104
|
| | |
|
| |
|
|
|
|
|
| |
This allows a strict link between checksum types and key types to be
enforced.
Andrew Bartlett
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The checking of the KDC signature is more complex than it looks, it may be of a different
enc type to that which the ticket is encrypted with, and may even be prefixed
with the RODC number.
This is better handled in the plugin which can easily look up the DB for the
correct key to verify this with, and can also quickly determine if this is
an interdomain trust, which we cannot verify the PAC for.
Andrew Bartlett
|
| | |
|
| |
|
|
|
|
|
| |
Here we can fetch the right key, and check if the PAC is likely to be signed by a key that
we know. We cannot check the KDC signature on incoming trusts.
Andrew Bartlett
|
| | |
|
| |
|
|
|
| |
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Thu Jan 12 06:43:01 CET 2012 on sn-devel-104
|
| | |
|
| |
|
|
|
|
|
| |
call out of smbd_aio_complete_aio_ex() and into the caller.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Jan 12 03:10:52 CET 2012 on sn-devel-104
|
| |
|
|
|
|
|
|
|
|
|
| |
Ensure we process the entire ACE list instead of returning ACCESS_DENIED
and terminating the walk - ensure we only return the exact bits that cause
the access to be denied. Some of the S3 fileserver needs to know if we
are only denied DELETE access before overriding it by looking at the
containing directory ACL.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jan 11 19:24:53 CET 2012 on sn-devel-104
|
| |
|
|
|
| |
Simplify the logic in the unlink/rmdir calls - makes it readable
(and correct).
|
| |
|
|
|
|
|
|
|
|
|
| |
The memory reduction compared of talloc_reference() over talloc_strdup()
is typically very low. As the strings are typically short compared
to the talloc header overhead.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 11 16:13:50 CET 2012 on sn-devel-104
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The spoolss DeletePrinterDriverEx command offers three flags for
controlling how associated files and other versions of the driver are
effected: DPD_DELETE_UNUSED_FILES (1), DPD_DELETE_SPECIFIC_VERSION (2)
and DPD_DELETE_ALL_FILES (4).
This commit adds an optional numeric flags argument to the rpcclient
deldriverex command.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: David Disseldorp <ddiss@samba.org>
Autobuild-Date: Wed Jan 11 14:39:35 CET 2012 on sn-devel-104
|
| |
|
|
|
|
|
|
|
| |
If DeletePrinterDriverEx is called with DPD_DELETE_ALL_FILES and files
assigned to the to-be-deleted driver overlap with other drivers then an
error is returned. Change the error code here to match Windows 2k8r2.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
These are optional to supply - some callers only provide an auth_context for the
other plugin functions, and so we need to deal with this cleanly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Jan 11 10:49:13 CET 2012 on sn-devel-104
|
| |
|
|
|
|
|
|
|
| |
These are optional to supply - some callers only provide an auth_context for the
other plugin functions, and so we need to deal with this cleanly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
|
|
|
|
| |
This make it clearer what type of flags these are.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
|
|
|
|
|
| |
This will make it easier to share elements of the GSSAPI gensec mechs,
in much the same way elements of the NTLMSSP mech are shared.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
|
|
|
|
| |
This can handle any gensec auth type now.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
|
|
|
|
| |
This will allow cli_rpc_pipe_open_generic_auth() to handle kerberos mechanisms.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
|
|
|
|
|
|
| |
This also includes renaming the helper function
rpccli_ntlmssp_bind_data, and allows this function to operate on any
gensec-supplied auth type.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
|
|
|
|
| |
To do this some defines need to move to common_auth.h
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
|
|
|
|
|
|
| |
By providing this context, a function pointer for
generate_session_info_pac() can be inserted into gensec, allowing the
s3 PAC processing in an otherwise more generic gensec module.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
| |
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
