summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* s3-librpc Make cli_rpc_pipe_open_spnego_ntlmssp() genericAndrew Bartlett2012-01-185-130/+56
| | | | | | | | | This also avoids passing NULL as the server to gensec_set_target_hostname() in spnego_generic_init_client(). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-gse gss_wrap_iov_length() only needs the type and lengthStefan Metzmacher2012-01-181-2/+4
| | | | metze
* s3-gse Make seal parameter a boolean for clarityAndrew Bartlett2012-01-181-2/+2
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-librpc Remove special case for spnego session keyAndrew Bartlett2012-01-183-16/+8
| | | | | | | | SPNEGO is implemented only in terms of gensec mechanisms now. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-librpc Remove special case for spnego dcerpc sign/sealAndrew Bartlett2012-01-181-92/+18
| | | | | | | | SPNEGO is implemented only in terms of gensec mechanisms now. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-gse Move GSS_C_DCE_STYLE backup definition to gse.cAndrew Bartlett2012-01-182-4/+4
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-gse Add constAndrew Bartlett2012-01-181-4/+4
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-gse Remove or make static unused/local-only GSE functionsAndrew Bartlett2012-01-182-270/+33
| | | | | | | | | The GSE layer is now used via the GENSEC module, so we do not need these functions exposed any more. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-librpc Remove unused dcesrv_gssapi.[ch] functionsAndrew Bartlett2012-01-186-269/+1
| | | | | | | | | The code from dcesrv_gssapi.c is now in source3/auth/auth_generic.c as an auth callback. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-librpc Remove layer around struct gensec_securityAndrew Bartlett2012-01-183-13/+11
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-librpc: Simplify SPNEGO code now that all mechs use a struct gensec_securityAndrew Bartlett2012-01-185-96/+32
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensecAndrew Bartlett2012-01-186-231/+53
| | | | | | | | | | This simplifies a lot of code, as we know we are always dealing with a struct gensec_security, and allows the gensec module being used to implement GSSAPI to be swapped for AD-server operation. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-librpc Allow spnego_generic_init_client to handle kerberos tooAndrew Bartlett2012-01-181-0/+2
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-librpc Call GSSAPI via the auth_generic layer and gensecAndrew Bartlett2012-01-185-329/+17
| | | | | | | | | | This simplifies a lot of code, as we know we are always dealing with a struct gensec_security, and allows the gensec module being used to implement GSSAPI to be swapped when required for AD-server operation. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-libsmb Use the gse_krb5 gensec module as clientAndrew Bartlett2012-01-182-2/+7
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-gse Make gse available as a gensec client moduleAndrew Bartlett2012-01-182-1/+3
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-build: Rework object lists to allow gse gensec moduleAndrew Bartlett2012-01-183-73/+40
| | | | | | | | This also allows the spnego_parse_krb5_wrap() function to be shared. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-gse: Add gensec wrapper for gse GSSAPI clientAndrew Bartlett2012-01-182-0/+441
| | | | | | | | | This brings in part of the s4 gensec_gssapi as the boilerplate for the new module. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth Match session setup handling of krb5, store the PACAndrew Bartlett2012-01-181-1/+4
| | | | | | | | | This will allow non-krb5 services to get the full user groups without need to do an online s4u2self. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth Add auth hook for PAC parsingAndrew Bartlett2012-01-181-2/+128
| | | | | | | | | | | This will allow gensec_gse to parse the PAC. This is a copy from source3/rpc_server/dcesrv_generic.c to preserve behaviour. A future commit will enable the samlogon cache. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3: Use lock_order for setting the db priorityVolker Lendecke2012-01-181-0/+18
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Jan 18 16:21:52 CET 2012 on sn-devel-104
* s3: Pass down lock_order to db_open_ctdbVolker Lendecke2012-01-183-4/+10
|
* Revert "Fix bug #8175 - smbd deadlock."Volker Lendecke2012-01-181-68/+26
| | | | This reverts commit 5a2b5b6cfed74e0e9c2965525995f64cdad7b7c9.
* s3: Change locking order between brlock and lockingVolker Lendecke2012-01-181-8/+58
| | | | | | | | But 8175 was fixed in a way that brlock.tdb was always locked before locking.tdb. This patch fixes the bug in a different way. locking.tdb is the central tdb for files and should always be locked first. This patch solves the problem by postponing the level2 break messages, which are async anyway.
* s3: Enforce a lock order in dbwrapVolker Lendecke2012-01-184-1/+85
| | | | | | | This makes sure we do not deadlock from doing two dbwrap_fetch_locked in two processes in different orders. At open time, we assign a strict order to all databases. lock_order 1 will be locked first, lock_order 2 second. No two records of the same lock order may be locked at the same time.
* s3: Add a "lock_order" argument to db_openVolker Lendecke2012-01-1830-40/+97
| | | | | | | This will be used to enforce a lock hierarchy between the databases. We have seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb. These should be fixed by refusing a dbwrap_fetch_locked that does not follow a defined lock hierarchy.
* s3-passdb: trying to decouple passdb and secrets a little.Günther Deschner2012-01-188-105/+173
| | | | | | | Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Jan 18 14:46:18 CET 2012 on sn-devel-104
* s3: Fix bug 8695Volker Lendecke2012-01-171-0/+1
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Jan 17 18:55:01 CET 2012 on sn-devel-104
* RHEL-CTDB: *.msg files movedVolker Lendecke2012-01-171-1/+1
|
* RHEL-CTDB: *.dat files movedVolker Lendecke2012-01-171-3/+3
|
* RHEL-CTDB: CP*so are no moreVolker Lendecke2012-01-171-2/+0
|
* RHEL-CTDB: --with-mandir -> --mandirVolker Lendecke2012-01-172-2/+2
|
* dynconfig: overwrite --with-privatelibdir as a Samba optionStefan Metzmacher2012-01-171-1/+8
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Jan 17 17:17:56 CET 2012 on sn-devel-104
* dynconfig: --with-modulesdir should be a Samba optionStefan Metzmacher2012-01-172-11/+29
| | | | | | | This also restores the defaults from Samba 3.6.x: "${libdir}" or "${libdir}/samba" in FHS mode. metze
* dynconfig/config.m4: expand prefix, exec_prefix, sysconfdir, localstatedir ↵Stefan Metzmacher2012-01-171-18/+18
| | | | | | | | and datarootdir in Makefile Otherwise $prefix is "NONE" without explicit --prefix metze
* s3:lib/messages: remove unused messaging_event_context()Stefan Metzmacher2012-01-172-6/+0
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Jan 17 09:45:30 CET 2012 on sn-devel-104
* s3:smbcontrol: avoid using messaging_event_context()Stefan Metzmacher2012-01-171-10/+7
| | | | metze
* s3:smbcontrol: pass tevent_context down to wait_replies()Stefan Metzmacher2012-01-171-10/+11
| | | | metze
* s3:smbcontrol: pass tevent_context down to subcommandsStefan Metzmacher2012-01-171-38/+69
| | | | metze
* s3:printing: avoid messaging_event_context() in print_queue_housekeeping()Stefan Metzmacher2012-01-171-6/+21
| | | | metze
* s3-install: Don't let MANDIR and SRCDIR be overwrittenVolker Lendecke2012-01-161-1/+2
| | | | | | | In installman.sh, we get them via cmd line args Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon Jan 16 18:55:40 CET 2012 on sn-devel-104
* s4:dsdb/password_hash: require a "Primary:Kerberos" blob in ↵Stefan Metzmacher2012-01-161-0/+16
| | | | | | | | | | | | supplementalCredentials If this is missing a w2k8r2 server will reboot, when someone tries to change a password. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Jan 16 17:10:07 CET 2012 on sn-devel-104
* s3:selftest: rpcclient doesn't support smb2Stefan Metzmacher2012-01-161-29/+27
| | | | metze
* s3: ADS support is needed for dns updatesVolker Lendecke2012-01-141-1/+1
| | | | | Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sat Jan 14 15:32:15 CET 2012 on sn-devel-104
* KCC importldif/exportldif and intersite topologyDave Craft2012-01-142-376/+2429
| | | | | | | | | | | | Add options for extracting an LDIF file from a database and reimporting the LDIF into a schema-less database for subsequent topology test/debug. Add intersite topology generation with computation of ISTG and bridgehead servers Signed-off-by: Andrew Tridgell <tridge@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sat Jan 14 07:45:11 CET 2012 on sn-devel-104
* Intersite KCC flags for pythonDave Craft2012-01-141-0/+5
| | | | | | | Add NTDSSITELINK options to dsdb class for use in python samba_kcc Signed-off-by: Andrew Tridgell <tridge@samba.org>
* Intersite KCC flagsDave Craft2012-01-141-0/+5
| | | | | | NTDSSITELINK option flags added Signed-off-by: Andrew Tridgell <tridge@samba.org>
* idl: add to_null propertyDavid Disseldorp2012-01-141-1/+8
| | | | | | | | | | to_null specifies that character conversion should only occur until the null pointer in an array based string. Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Jan 14 00:51:54 CET 2012 on sn-devel-104
* idl: add to_null attribute to the spoolss devicename arrayDavid Disseldorp2012-01-131-1/+1
| | | | | | | | OpenPrinterEx requests have also been observed in the wild carrying non-utf16 garbage after the device mode devicename field null terminator. Signed-off-by: Jeremy Allison <jra@samba.org>
* idl: add to_null attribute to the spoolss formname arrayDavid Disseldorp2012-01-131-1/+1
| | | | | | | | | | | | | | OpenPrinterEx requests have been observed in the wild carrying a device mode formname "A4" followed by non-utf16 garbage after the null terminator. Such requests currently fail during unmarshalling in the ndr_pull_charset() codepath, causing intermittent print job failures. This change ensures that garbage after the device mode formname null terminator is not processed in unmarshalling. https://bugzilla.samba.org/show_bug.cgi?id=8606 Signed-off-by: Jeremy Allison <jra@samba.org>
generated by cgit (git 2.34.1) at 2025-09-26 18:28:47 +0000