summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* s3:libsmb: remove unused cli_set_username() functionStefan Metzmacher2014-10-173-18/+0
| | | | | | Change-Id: Ib432b4ff66f966de9e733e01de6de2f486c0c728 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: avoid calling cli_set_username() cliconnect.cStefan Metzmacher2014-10-171-33/+1
| | | | | | Change-Id: I45e44405ea51ecb1aa38c72f4fc6243a1d3d531a Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: avoid calling cli_set_username() in clidfsStefan Metzmacher2014-10-171-3/+0
| | | | | | Change-Id: I8b32be8a10d2bff33bb468cc68c98e555b220bde Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: avoid cli_set_username() in SMBC_server_internal()Stefan Metzmacher2014-10-171-7/+0
| | | | | | Change-Id: I32e19078a4d4948e405f39dc2a479ff925ad3684 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:lib/netapi: avoid calling cli_set_username()Stefan Metzmacher2014-10-171-3/+1
| | | | | | Change-Id: I3ab768d2df06749187555a16d7b930f7cc8f8b9f Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:torture: avoid unused cli_set_username()Stefan Metzmacher2014-10-171-6/+0
| | | | | | Change-Id: Ia774b256093aff5f2b3338e7827e2d798fb06a96 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: Remove unused domain copy stored in cli_stateStefan Metzmacher2014-10-1710-83/+10
| | | | | | Change-Id: I7333140906bb3a487205b5760396dcc00a9f49b0 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:libsmb: Remove unused password copy stored in cli_stateAndrew Bartlett2014-10-179-36/+13
| | | | | | Change-Id: Ia6b33a25628ae08be8a8c6baeb71ce390315cb45 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: use cli_rpc_pipe_open_with_creds()Andrew Bartlett2014-10-171-39/+22
| | | | | | | Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-librpc: Add cli_rpc_pipe_open_with_creds()Andrew Bartlett2014-10-174-0/+141
| | | | | | | | | | | This provides a credentials-based interface. In the long term, we will want to change this not to reference the credentials, but for now this suits the caller in winbindd_cm.c Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: Use own machine account to connect to trusted domains as wellAndrew Bartlett2014-10-171-6/+11
| | | | | | | | | | | | | This relies on a two-way trust, which we may not have, but is the only secure way to do this. To do this correctly we need to split NETLOGON from normal authentication, as we need to use the machine account for the SMB level, but the inter-domain trust account for the NETLOGON level. Change-Id: Ib93eb6a4d704ef26df8234be7cb71c47ad519c8a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: use a cli_credentials structure to hold the trust credentialsStefan Metzmacher2014-10-171-207/+395
| | | | | | | | | | | | Later we can pass this down directly and have a much more sane handling of credentials and the spnego handshake. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Change-Id: If12ef0b105d8c7af60190d4eed3c8c07849da2ca Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libsmb: Print the principal name that we failed to kinit for.Andrew Bartlett2014-10-171-6/+7
| | | | | | | | | | This should aid debugging when this is called from an automated process. Andrew Bartlett Change-Id: I2c7291ab3f67f9f7462d7c52c8c9a4b042f7ec5a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* passdb: Use common code in cli_credentials_set_machine_account_db_ctx()Andrew Bartlett2014-10-171-16/+50
| | | | | | | | | | | | | | | | | | This avoids some duplication in setting the machine account passsword for the domain member and DC case. This does not yet remove the duplication, that requires a bigger restructure of the various routines used here to obtain the machine and domain trust secrets. Also no longer used is the timeout/2 code to not set the previous password. It is now always passed to the caller. Andrew Bartlett Change-Id: Idd5bafedf4cbac30b174955d743ec4128a6902ee Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth/credentials: Ensure that we set the realm when reading secrets.tdbAndrew Bartlett2014-10-171-0/+3
| | | | | | | | | | Otherwise, we try and kinit as host$@DOMAIN and that will not work. Andrew Bartlett Change-Id: Id2fde673423e74dfa1e6ac48f47f49c61ee59779 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* credentials: Allow the secret.tdb handle to be passed in to ↵Andrew Bartlett2014-10-172-13/+64
| | | | | | | | | | | | cli_credentials_set_machine_account() This adds a new wrapper, cli_credentials_set_machine_account_db_ctx() Andrew Bartlett Change-Id: Ia2cceefede4ba9cf7f8de41986daf9372c19d997 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* credentials: Improve error message on failure to set machine account passwordAndrew Bartlett2014-10-171-4/+6
| | | | | | Change-Id: I4136067d6d0e5cfe92770a2e7efa39f4ebcb2aca Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* credentials: Set secure_channel_type from secrets.tdb in ↵Andrew Bartlett2014-10-171-0/+13
| | | | | | | | | | | | | cli_credentials_set_machine_account This should ensure more parts of the source4 code can work with a password set in secrets.tdb. Andrew Bartlett Change-Id: I4a890a719246b073898333d2e04841904c6e1a5d Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: Run samba.tests.messaging in an environment where it has servers ↵Andrew Bartlett2014-10-171-1/+1
| | | | | | | | | | | | to list The previous code would run on empty databases. Andrew Bartlett Change-Id: I8f8e736b9ad475b5b3d10e32834450c76edc5ca2 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* tests: Allow "max open files" to differ from the documentationAndrew Bartlett2014-10-171-1/+2
| | | | | | | | | | It is system-dependent. Andrew Bartlett Change-Id: Icf21476c00295a428ad808bc56ab8153f109627f Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* ctdb-tools: Fix heap-use-after-free problemAmitay Isaacs2014-10-171-2/+6
| | | | | | | | | | Found by address sanitizer. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Fri Oct 17 12:56:02 CEST 2014 on sn-devel-104
* libcli/smb: try to negotiate SMB2_ENCRYPTION_AES128_GCMStefan Metzmacher2014-10-161-4/+8
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Oct 16 21:53:32 CEST 2014 on sn-devel-104
* libcli/smb: support SMB2_ENCRYPTION_AES128_GCM in ↵Stefan Metzmacher2014-10-161-0/+32
| | | | | | | smb2_signing_[de|en]crypt_pdu() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib/crypto: add aes_gcm_128 support.Stefan Metzmacher2014-10-166-2/+644
| | | | | | | | Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: prepare smb2_signing_[de|en]crypt_pdu() to support multiple ciphersStefan Metzmacher2014-10-161-30/+52
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_server: pass xconn->smb2.server.cipher to ↵Stefan Metzmacher2014-10-161-5/+5
| | | | | | | smb2_signing_[de|en]ncrypt_pdu() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_server: check xconn->smb2.server.cipher instead of ↵Stefan Metzmacher2014-10-163-3/+3
| | | | | | | | | | | xconn->smb2.server.capabilities SMB 3.10 and later won't have SMB2_CAP_ENCRYPTION anymore. xconn->smb2.server.cipher == 0 is the indication that we don't support encryption on the connection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_negprot: remember xconn->smb2.server.cipherStefan Metzmacher2014-10-162-0/+5
| | | | | | | | For now we always use SMB2_ENCRYPTION_AES128_CCM or 0. 0 is the indication that we don't support encryption on the connection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: pass the negotiated cipher to smb2_signing_[de|en]ncrypt_pdu()Stefan Metzmacher2014-10-161-2/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: pass 'uint16_t cipher_id' to smb2_signing_[de|en]crypt_pdu()Stefan Metzmacher2014-10-162-4/+4
| | | | | | | | enum protocol_types protocol was unused before and cipher_id is unused as well for now. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: use conn->smb2.server.cipher != 0 instead of ↵Stefan Metzmacher2014-10-161-23/+8
| | | | | | | | | | | conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION SMB 3.10 servers don't report SMB2_CAP_ENCRYPTION anymore. So using conn->smb2.server.cipher != 0 is a more consistent way to decide if encryption is supported on the connection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib/util: Protect time_basic.h against multiple inclusionMartin Schwenke2014-10-161-0/+5
| | | | | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Oct 16 16:35:59 CEST 2014 on sn-devel-104
* update-external.sh: Update upstream URLs for testtools and subunit.Jelmer Vernooij2014-10-161-2/+4
| | | | | | | | | Change-Id: Iaba422aa5dec30c3a4953907d9d73e018206e0e6 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Oct 16 01:35:19 CEST 2014 on sn-devel-104
* Fix path to zlib in update-external.sh.Jelmer Vernooij2014-10-151-7/+11
| | | | | | Change-Id: I25f308d037cc47bacd3a371cafca9c3e22f4a92d Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Update zlib using update-external.sh.Jelmer Vernooij2014-10-151-0/+5
| | | | | | Change-Id: I9465ef84084a70187f693fea4762f3d68274fe99 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nss_wrapper: check for nss.hAndreas Schneider2014-10-151-1/+3
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Wed Oct 15 14:06:11 CEST 2014 on sn-devel-104
* libcli/smb: use lib/crypto SHA512 functions, do not depend on heimdal.Günther Deschner2014-10-141-13/+13
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Tue Oct 14 13:13:08 CEST 2014 on sn-devel-104
* lib/crypto: add and build a copied version of SHA512 functions.Günther Deschner2014-10-143-1/+358
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* filter-subunit: Drop support for allow_empty_output hack.Jelmer Vernooij2014-10-141-6/+2
| | | | | | | | | Change-Id: If4f336ef770202dcf69484b9bccc6c0c80bd5f9b Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Oct 14 09:06:05 CEST 2014 on sn-devel-104
* samba3dump: Add subunit-enabled test for samba3dump.Jelmer Vernooij2014-10-142-1/+15
| | | | | | Change-Id: Ie9682c715fc91d923dcd1951236f8b36fa519327 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* urgent_replication: Use subunit reporting, remove allow_empty_output.Jelmer Vernooij2014-10-143-75/+50
| | | | | | Change-Id: I6d479b218eff6c4292fbb99e4760bbd62ce1f380 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* testr: Use waf testonly and create a custom directory for new workers.Jelmer Vernooij2014-10-141-1/+1
| | | | | | | | | Using waf testonly helps speed up test runs, and the custom directory is required to run multiple workers in parallel. Change-Id: I339420c5c503c270a04888a1c990836cb0c91e94 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Actually honor --with-selftest-prefix.Jelmer Vernooij2014-10-141-7/+11
| | | | | | Change-Id: Ie8c995a273781309224e17b8970a864479444036 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Don't import into testr when --load-list was specified, as testr willJelmer Vernooij2014-10-141-1/+3
| | | | | | | | take care of that itself. Change-Id: I3d57f4cfafdd48751dfbd145f220dc5cf000ec3f Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Don't ignore testsuites without --list support, but consider them asJelmer Vernooij2014-10-141-0/+3
| | | | | | | | | | | | atomic entities. This prevents any such testsuites from being skipped when run using testr. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10874 Change-Id: I6ae8c92bb70e86a3b848b9cb3a53e2af466c3fe3 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Run duplicate symbol check as just another test, rather than as part of "waf ↵Jelmer Vernooij2014-10-143-3/+13
| | | | | | | | | | | | test". This allows it to be scheduled independently as part of a parallel test run, and reduces the overhead of "waf test". Change-Id: I780fd2c4dd711ed27df73f56de98e7f1ffd53aaf Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=10875
* samba.tests.unicodenames: Fix docstring formatting so pydoctor understands it.Jelmer Vernooij2014-10-141-3/+2
| | | | | | Change-Id: I8983cd4483c380fd0c9e4da843eb70750450a0fa Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* py_net: Fix typo in change_password docstring, and indentation inJelmer Vernooij2014-10-141-4/+2
| | | | | | | | set_password docstring. Change-Id: I93e9ed79ee43233fc3c1bb69d8eb0a5c6e0e3940 Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_tool_drs: Fix docstring formatting so pydoctor groks it.Jelmer Vernooij2014-10-141-23/+28
| | | | | | Change-Id: I827044ef876118935b0f91e318d3c815326a2f01 Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Fix pydoctor invocation.Jelmer Vernooij2014-10-141-3/+7
| | | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=10754 Change-Id: I1ca311dcba52350dc284439119a8166dee1de50a
generated by cgit (git 2.34.1) at 2025-09-28 10:29:34 +0000