summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* passdb: Use common code in cli_credentials_set_machine_account_db_ctx()Andrew Bartlett2014-10-171-16/+50
| | | | | | | | | | | | | | | | | | This avoids some duplication in setting the machine account passsword for the domain member and DC case. This does not yet remove the duplication, that requires a bigger restructure of the various routines used here to obtain the machine and domain trust secrets. Also no longer used is the timeout/2 code to not set the previous password. It is now always passed to the caller. Andrew Bartlett Change-Id: Idd5bafedf4cbac30b174955d743ec4128a6902ee Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* auth/credentials: Ensure that we set the realm when reading secrets.tdbAndrew Bartlett2014-10-171-0/+3
| | | | | | | | | | Otherwise, we try and kinit as host$@DOMAIN and that will not work. Andrew Bartlett Change-Id: Id2fde673423e74dfa1e6ac48f47f49c61ee59779 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* credentials: Allow the secret.tdb handle to be passed in to ↵Andrew Bartlett2014-10-172-13/+64
| | | | | | | | | | | | cli_credentials_set_machine_account() This adds a new wrapper, cli_credentials_set_machine_account_db_ctx() Andrew Bartlett Change-Id: Ia2cceefede4ba9cf7f8de41986daf9372c19d997 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* credentials: Improve error message on failure to set machine account passwordAndrew Bartlett2014-10-171-4/+6
| | | | | | Change-Id: I4136067d6d0e5cfe92770a2e7efa39f4ebcb2aca Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* credentials: Set secure_channel_type from secrets.tdb in ↵Andrew Bartlett2014-10-171-0/+13
| | | | | | | | | | | | | cli_credentials_set_machine_account This should ensure more parts of the source4 code can work with a password set in secrets.tdb. Andrew Bartlett Change-Id: I4a890a719246b073898333d2e04841904c6e1a5d Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: Run samba.tests.messaging in an environment where it has servers ↵Andrew Bartlett2014-10-171-1/+1
| | | | | | | | | | | | to list The previous code would run on empty databases. Andrew Bartlett Change-Id: I8f8e736b9ad475b5b3d10e32834450c76edc5ca2 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* tests: Allow "max open files" to differ from the documentationAndrew Bartlett2014-10-171-1/+2
| | | | | | | | | | It is system-dependent. Andrew Bartlett Change-Id: Icf21476c00295a428ad808bc56ab8153f109627f Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* ctdb-tools: Fix heap-use-after-free problemAmitay Isaacs2014-10-171-2/+6
| | | | | | | | | | Found by address sanitizer. Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Fri Oct 17 12:56:02 CEST 2014 on sn-devel-104
* libcli/smb: try to negotiate SMB2_ENCRYPTION_AES128_GCMStefan Metzmacher2014-10-161-4/+8
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Oct 16 21:53:32 CEST 2014 on sn-devel-104
* libcli/smb: support SMB2_ENCRYPTION_AES128_GCM in ↵Stefan Metzmacher2014-10-161-0/+32
| | | | | | | smb2_signing_[de|en]crypt_pdu() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib/crypto: add aes_gcm_128 support.Stefan Metzmacher2014-10-166-2/+644
| | | | | | | | Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: prepare smb2_signing_[de|en]crypt_pdu() to support multiple ciphersStefan Metzmacher2014-10-161-30/+52
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_server: pass xconn->smb2.server.cipher to ↵Stefan Metzmacher2014-10-161-5/+5
| | | | | | | smb2_signing_[de|en]ncrypt_pdu() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_server: check xconn->smb2.server.cipher instead of ↵Stefan Metzmacher2014-10-163-3/+3
| | | | | | | | | | | xconn->smb2.server.capabilities SMB 3.10 and later won't have SMB2_CAP_ENCRYPTION anymore. xconn->smb2.server.cipher == 0 is the indication that we don't support encryption on the connection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_negprot: remember xconn->smb2.server.cipherStefan Metzmacher2014-10-162-0/+5
| | | | | | | | For now we always use SMB2_ENCRYPTION_AES128_CCM or 0. 0 is the indication that we don't support encryption on the connection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: pass the negotiated cipher to smb2_signing_[de|en]ncrypt_pdu()Stefan Metzmacher2014-10-161-2/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: pass 'uint16_t cipher_id' to smb2_signing_[de|en]crypt_pdu()Stefan Metzmacher2014-10-162-4/+4
| | | | | | | | enum protocol_types protocol was unused before and cipher_id is unused as well for now. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libcli/smb: use conn->smb2.server.cipher != 0 instead of ↵Stefan Metzmacher2014-10-161-23/+8
| | | | | | | | | | | conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION SMB 3.10 servers don't report SMB2_CAP_ENCRYPTION anymore. So using conn->smb2.server.cipher != 0 is a more consistent way to decide if encryption is supported on the connection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* lib/util: Protect time_basic.h against multiple inclusionMartin Schwenke2014-10-161-0/+5
| | | | | | | | Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Oct 16 16:35:59 CEST 2014 on sn-devel-104
* update-external.sh: Update upstream URLs for testtools and subunit.Jelmer Vernooij2014-10-161-2/+4
| | | | | | | | | Change-Id: Iaba422aa5dec30c3a4953907d9d73e018206e0e6 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Oct 16 01:35:19 CEST 2014 on sn-devel-104
* Fix path to zlib in update-external.sh.Jelmer Vernooij2014-10-151-7/+11
| | | | | | Change-Id: I25f308d037cc47bacd3a371cafca9c3e22f4a92d Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Update zlib using update-external.sh.Jelmer Vernooij2014-10-151-0/+5
| | | | | | Change-Id: I9465ef84084a70187f693fea4762f3d68274fe99 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nss_wrapper: check for nss.hAndreas Schneider2014-10-151-1/+3
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Wed Oct 15 14:06:11 CEST 2014 on sn-devel-104
* libcli/smb: use lib/crypto SHA512 functions, do not depend on heimdal.Günther Deschner2014-10-141-13/+13
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Tue Oct 14 13:13:08 CEST 2014 on sn-devel-104
* lib/crypto: add and build a copied version of SHA512 functions.Günther Deschner2014-10-143-1/+358
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* filter-subunit: Drop support for allow_empty_output hack.Jelmer Vernooij2014-10-141-6/+2
| | | | | | | | | Change-Id: If4f336ef770202dcf69484b9bccc6c0c80bd5f9b Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Oct 14 09:06:05 CEST 2014 on sn-devel-104
* samba3dump: Add subunit-enabled test for samba3dump.Jelmer Vernooij2014-10-142-1/+15
| | | | | | Change-Id: Ie9682c715fc91d923dcd1951236f8b36fa519327 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* urgent_replication: Use subunit reporting, remove allow_empty_output.Jelmer Vernooij2014-10-143-75/+50
| | | | | | Change-Id: I6d479b218eff6c4292fbb99e4760bbd62ce1f380 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* testr: Use waf testonly and create a custom directory for new workers.Jelmer Vernooij2014-10-141-1/+1
| | | | | | | | | Using waf testonly helps speed up test runs, and the custom directory is required to run multiple workers in parallel. Change-Id: I339420c5c503c270a04888a1c990836cb0c91e94 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Actually honor --with-selftest-prefix.Jelmer Vernooij2014-10-141-7/+11
| | | | | | Change-Id: Ie8c995a273781309224e17b8970a864479444036 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Don't import into testr when --load-list was specified, as testr willJelmer Vernooij2014-10-141-1/+3
| | | | | | | | take care of that itself. Change-Id: I3d57f4cfafdd48751dfbd145f220dc5cf000ec3f Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Don't ignore testsuites without --list support, but consider them asJelmer Vernooij2014-10-141-0/+3
| | | | | | | | | | | | atomic entities. This prevents any such testsuites from being skipped when run using testr. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10874 Change-Id: I6ae8c92bb70e86a3b848b9cb3a53e2af466c3fe3 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Run duplicate symbol check as just another test, rather than as part of "waf ↵Jelmer Vernooij2014-10-143-3/+13
| | | | | | | | | | | | test". This allows it to be scheduled independently as part of a parallel test run, and reduces the overhead of "waf test". Change-Id: I780fd2c4dd711ed27df73f56de98e7f1ffd53aaf Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=10875
* samba.tests.unicodenames: Fix docstring formatting so pydoctor understands it.Jelmer Vernooij2014-10-141-3/+2
| | | | | | Change-Id: I8983cd4483c380fd0c9e4da843eb70750450a0fa Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* py_net: Fix typo in change_password docstring, and indentation inJelmer Vernooij2014-10-141-4/+2
| | | | | | | | set_password docstring. Change-Id: I93e9ed79ee43233fc3c1bb69d8eb0a5c6e0e3940 Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_tool_drs: Fix docstring formatting so pydoctor groks it.Jelmer Vernooij2014-10-141-23/+28
| | | | | | Change-Id: I827044ef876118935b0f91e318d3c815326a2f01 Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Fix pydoctor invocation.Jelmer Vernooij2014-10-141-3/+7
| | | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=10754 Change-Id: I1ca311dcba52350dc284439119a8166dee1de50a
* samba.tests.source: Fix lint.Jelmer Vernooij2014-10-141-2/+2
| | | | | | Change-Id: I3dc614c34aa2c4fca6f2ca68196e71b9129b5b76 Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Remove obsolete pep8 test.Jelmer Vernooij2014-10-141-54/+0
| | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I7f6634a035e9c93820cd4eef0261ecd5dd3865ab
* Fix more pep8 issues in code I touched recently.Jelmer Vernooij2014-10-149-39/+78
| | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I35f3204bdf5d00b3280d703427ded2fa2163a6f7
* Remove last instances of pep8 error E602 (old style exceptions).Jelmer Vernooij2014-10-141-3/+3
| | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Change-Id: If709757643e6eed8cffa8950170c337f51edb9d9
* Remove last instances of pep8 error E712 (use 'is' rather than '==' for ↵Jelmer Vernooij2014-10-143-6/+6
| | | | | | | | booleans) Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I43b394a6225b4c2049d979fda75548c82d781f67
* pep8: Import new version.Jelmer Vernooij2014-10-141-784/+1383
| | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I22d897a8f46a4ac57a91db3ad05286d9d0066806
* Remove last instance of pep8 error E701 (more statements on one line).Jelmer Vernooij2014-10-141-1/+2
| | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I419f0536b43d98ce6bb52c5907413a02ea1a6937
* Remove remaining instance of pep8 E211 (too many spaces before operator).Jelmer Vernooij2014-10-146-22/+21
| | | | | | Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Change-Id: I9af3bf582bba8fc1094addb12cd0a5ce04406b5b
* lib/util: Add RFC3339 timestamp support to timeval_str_buf()Martin Schwenke2014-10-134-7/+33
| | | | | | | | | | | | Note that this can't be done more simply or portably with strftime(3) since "%z" isn't portable. Signed-off-by: Martin Schwenke <martin@meltin.net> Pair-programmed-with: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Oct 13 12:27:04 CEST 2014 on sn-devel-104
* lib/util: Use snprintf() instead of strftime() in timeval_str_buf()Martin Schwenke2014-10-132-10/+6
| | | | | | | | | This removes conditional code and ensures that the output is always as expected. Signed-off-by: Martin Schwenke <martin@meltin.net> Pair-programmed-with: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Volker Lendecke <vl@samba.org>
* dsdb: Do not attempt to return beyond the end of the password history arrayAndrew Bartlett2014-10-131-2/+2
| | | | | | | | | | | Found by AddressSanitizer Change-Id: I82e35aea60726053c79510ba8ed3eedfaf553eb7 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Mon Oct 13 08:28:15 CEST 2014 on sn-devel-104
* vfs_posixacl: catch ACL_EVERYONE on FreeBSDRalph Boehme2014-10-122-0/+6
| | | | | | | | | | | | Using POSIX ACL API on FreeBSD may return NFSv4 style tag type ACL_EVERYONE. Catch the error and issue a helpful log message telling users to enable zfsacl VFS module. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sun Oct 12 00:22:19 CEST 2014 on sn-devel-104
* dsdb: Fix a crash in an error returnVolker Lendecke2014-10-111-1/+1
| | | | | | | | | | | | | | In an error return we have /* Back it out, if it fails on one */ for (i--; i >= 0; i--) { ldb_next_del_trans(data->partitions[i]->module); } With unsigned int i this will spin and del_trans somewhere far off :-) Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
generated by cgit (git 2.34.1) at 2025-09-27 19:42:25 +0000