summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* doc-xml: Add 'sharesec' reference to 'access based share enum'Andreas Schneider2015-03-021-1/+4
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11127 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Mar 2 14:33:33 CET 2015 on sn-devel-104
* selftest: shuffle msdfs-share DFS referral responsesDavid Disseldorp2015-02-281-1/+3
| | | | | | | | | | | | Add a secondary server path to the msdfs-src1 DFS link, and test "msdfs shuffle referrals" behaviour during selftest using the existing samba3.blackbox.smbclient_s3 suite. Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Feb 28 01:22:36 CET 2015 on sn-devel-104
* MSDFS referral shufflingRobin McCorkell2015-02-274-3/+52
| | | | | | | | | | Shuffle MSDFS referral list in smbd in accordance with [MS-DFSC] 3.2.1.1 When parsing an MSDFS symlink, the names are shuffled with a Fisher-Yates algorithm. Signed-off-by: Robin McCorkell <rmccorkell@karoshi.org.uk> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* winbind: Slightly simplify wb_sids2xidsVolker Lendecke2015-02-271-7/+8
| | | | | | | | We only needs "names" and "domains" wb_sids2xids_lookupsids_done. It confused me when reading this code that these variables are stored in "state". Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Fix talloc hierarchy in init_lsa_ref_domain_listVolker Lendecke2015-02-271-1/+5
| | | | | | | The sid is copied, so the name should also be copied. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib/util: Build iov_buf library only when building sambaAmitay Isaacs2015-02-271-5/+8
| | | | | | | | | | | | | lib/util can be built with SAMBA_UTIL_CORE_ONLY for building standalone ctdb. Any new libraries if not required by ctdb should be built only when SAMBA_UTIL_CORE_ONLY is not specified. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Fri Feb 27 09:06:01 CET 2015 on sn-devel-104
* libsmb: Make "ip_service_compare" staticVolker Lendecke2015-02-272-2/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Feb 27 06:20:58 CET 2015 on sn-devel-104
* tevent: version 0.9.23Michael Adam2015-02-272-1/+89
| | | | | | | | | | | | * Add Solaris ports as tevent backend. * Improvements to the tevent_data tutorial. * Remove use of the 'staticforward' macro. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Fri Feb 27 03:48:57 CET 2015 on sn-devel-104
* winbind: Simplify winbindd_dsgetdcname_recvVolker Lendecke2015-02-271-5/+5
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Feb 27 01:16:10 CET 2015 on sn-devel-104
* vfs_catia: Simplify init_mappings()Volker Lendecke2015-02-261-1/+2
| | | | | | | | | | No else required after return Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Feb 26 21:22:30 CET 2015 on sn-devel-104
* smbd: Simplify ReadDirNameVolker Lendecke2015-02-261-4/+6
| | | | | | | In the if-branches we return, so no "else" necessary Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: ZERO_STRUCT -> struct initVolker Lendecke2015-02-261-6/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: ZERO_STRUCT -> struct assignmentVolker Lendecke2015-02-261-3/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: ZERO_STRUCT -> struct assignmentVolker Lendecke2015-02-261-2/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: ZERO_STRUCTP -> talloc_zero()Volker Lendecke2015-02-261-3/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* param: Remove lib/param/generic.cVolker Lendecke2015-02-263-298/+1
| | | | | | | This seems completely unused. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libsmb: Use tevent_req_poll_ntstatusVolker Lendecke2015-02-262-6/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib: Simplify pidfile.cVolker Lendecke2015-02-261-13/+6
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Feb 26 18:28:31 CET 2015 on sn-devel-104
* Fix whitespaceVolker Lendecke2015-02-263-28/+28
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* ntdb: always return int from tdb_store_flag_to_ntdb()David Disseldorp2015-02-261-0/+1
| | | | | | | | Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Thu Feb 26 13:49:05 CET 2015 on sn-devel-104
* registry: Fix an aligment increase warningVolker Lendecke2015-02-261-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Feb 26 05:35:33 CET 2015 on sn-devel-104
* smbd: Fix a typoVolker Lendecke2015-02-261-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* vfs: Add a brief vfs_ceph manpage.Günther Deschner2015-02-252-0/+109
| | | | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=11088 Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Wed Feb 25 20:56:01 CET 2015 on sn-devel-104
* Fix the developer O3 buildVolker Lendecke2015-02-2523-34/+38
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Wed Feb 25 16:32:29 CET 2015 on sn-devel-104
* heimdal: Fix the developer O3 buildVolker Lendecke2015-02-251-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* s3-pam_smbpass: Add a deprecation warning.Andreas Schneider2015-02-251-0/+8
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Feb 25 03:37:34 CET 2015 on sn-devel-104
* s4/scripting/devel: Add tool to roll over the krbtgt passwordAndrew Bartlett2015-02-252-0/+82
| | | | | | | | This may be handy if this key is compromised, or along with chgtdcpass to isolate test copies of production domains in such a way that they cannot mix. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* testprogs-test_chgdcpass.sh: Improve comments to explain why we check about ↵Andrew Bartlett2015-02-251-1/+2
| | | | | | | changing the password twice Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* selftest: Improve renamedc tests to confirm more than just the exit codeAndrew Bartlett2015-02-251-3/+38
| | | | | | | This now confirms that the DC has been renamed Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* s4/scripting/bin/renamedc: Fix up rename DC scriptAndrew Bartlett2015-02-251-34/+26
| | | | | | | We now have a reliable handler for backlinks so this we can now rename both objects Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
* lib/crypto: Document nettle supported cryptoMichael Ledford2015-02-251-0/+21
| | | | | | Signed-off-by: Michael Ledford <michael@ledford.cc> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Explain more why we use GnuTLS hereAndrew Bartlett2015-02-251-0/+20
| | | | | | Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* build: amend typo for address sanitizer helpGarming Sam2015-02-251-1/+1
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* torture-backupkey: Check the dcerpc call return code before calling ndr pullGarming Sam2015-02-251-3/+5
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* backupkey: replace heimdal rsa key generation with GnuTLSGarming Sam2015-02-251-44/+82
| | | | | | | | | | | We use GnuTLS because it can reliably generate 2048 bit keys every time. Windows clients strictly require 2048, no more since it won't fit and no less either. Heimdal would almost always generate a smaller key. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=10980
* build: Require GnuTLS if building with Active DirectoryGarming Sam2015-02-251-0/+3
| | | | | | | | | Without GnuTLS, we don't have ldaps:// support and we are unable to readily create RSA keys of the correct length for the BackupKey protocol. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* torture-backupkey: Add tests that read the secret from the server, and validateAndrew Bartlett2015-02-251-9/+312
| | | | | | | | | These show that MS-BKRP 3.1.4.1.1 BACKUPKEY_BACKUP_GUID is incorrect when it states that the key must be the leading 64 bytes, it must be the whole 256 byte buffer. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Better handling for different wrap version headersAndrew Bartlett2015-02-252-12/+25
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Add tests for ServerWrap protocolAndrew Bartlett2015-02-251-2/+645
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Change expected error codes to match Windows 2008R2 and Windows ↵Andrew Bartlett2015-02-252-4/+11
| | | | | | | | | 2012R2 This is done in both smbtoture and in our server Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Implement ServerWrap DecryptAndrew Bartlett2015-02-251-51/+186
| | | | | | | | | | | We implement both modes in BACKUPKEY_RESTORE_GUID, as it may decrypt both ServerWrap and ClientWrap data, and we implement BACKUPKEY_RESTORE_GUID_WIN2K. BUG: https://bugzilla.samba.org/attachment.cgi?bugid=11097 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Handle more clearly the case where we find the secret, but it has ↵Andrew Bartlett2015-02-251-45/+33
| | | | | | | | | no value This happen on the RODC, a case that we try not to permit at all. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Improve variable names to make clear this is client-provided dataAndrew Bartlett2015-02-251-13/+13
| | | | | | | The values we return here are client-provided passwords or other keys, that we decrypt for them. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Use the name lsa_secret rather than just secretAndrew Bartlett2015-02-251-20/+20
| | | | | | | | This makes it clear that this is the data stored on the LSA secrets store and not the client-provided data to be encrypted. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Implement ServerWrap Encrypt protocolAndrew Bartlett2015-02-251-13/+299
| | | | | | | BUG: https://bugzilla.samba.org/attachment.cgi?bugid=11097 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Improve function names and comments for clarityAndrew Bartlett2015-02-251-8/+34
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Move SID comparison to inside get_and_verify_access_check()Andrew Bartlett2015-02-251-29/+26
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* backupkey: Improve IDLGarming Sam2015-02-251-7/+7
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* backupkey: begin by factoring out the server wrap functionsGarming Sam2015-02-251-3/+15
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* torture-backupkey: Assert dcerpc_bkrp_BackupKey_r call was successfulAndrew Bartlett2015-02-251-0/+6
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
generated by cgit (git 2.34.1) at 2025-09-26 21:41:28 +0000