summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* s3:unix_msg: factor extract_fd_array_from_msghdr() out of ↵Michael Adam2014-09-301-19/+27
| | | | | | | | | | unix_dgram_recv_handler() For re-use. Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3:unix_msg: simplify queue_msg() by moving space calculations up.Michael Adam2014-09-301-19/+17
| | | | | | | | | | | | This allows for early direct return instead of the goto invalid, since the fds_copy array is filled later. Pair-Programmed-With: Volker Lendecke <vl@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:unix_msg: use an iov in unix_dgram_msg/queue_msg instead of buffer and lengthMichael Adam2014-09-301-10/+12
| | | | | | | | | | | | This is equivalent, reads more easily and makes extraction more obvious. Pair-Programmed-With: Volker Lendecke <vl@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:unix_msg: rename a variable buflen->data_len in queue_msg()Michael Adam2014-09-301-6/+6
| | | | | | | | | Pair-Programmed-With: Volker Lendecke <vl@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:unix_msg: use a buffer pointer instead of array indexes for the iov bufferMichael Adam2014-09-301-4/+7
| | | | | | | | | | | This is more obvious to read and a preparation for following commits. Pair-Programmed-With: Volker Lendecke <vl@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:unix_msg: remember errno in unix_dgram_send_job in case of send error.Michael Adam2014-09-301-0/+4
| | | | | | | | | Pair-Programmed-With: Volker Lendecke <vl@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:unix_msg: don't close the fd-array at the end of unix_dgram_send_job()Michael Adam2014-09-301-2/+0
| | | | | | | | | | | | These pthread-pool-jobs should be minimal and ideally only do one syscall. The closing of the fds is done in unix_dgram_job_finished(). Pair-Programmed-With: Volker Lendecke <vl@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3:unix_msg: add "close_fds" exit point to unix_msg_recv()Michael Adam2014-09-301-10/+10
| | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3:messaging: msg_type int->uint32_t in struct messaging_hdrMichael Adam2014-09-301-1/+1
| | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3:messaging: fix uninitialized data introduced by paddingMichael Adam2014-09-301-0/+1
| | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* tevent: version 0.9.22Stefan Metzmacher2014-09-302-1/+89
| | | | | | | | | | | * pkgconfig fixes * Bug #10640 - smbd is not responding - tevent_common_signal_handler() increments non-atomic variables. https://bugzilla.samba.org/show_bug.cgi?id=10640 * Minor compile fixes Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* tevent: remove unused exit_code in tevent_select.cStefan Metzmacher2014-09-301-4/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* tevent: remove unused exit_code in tevent_poll.cStefan Metzmacher2014-09-301-3/+0
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* repl: Specify the target realm in dreplsrv_get_target_principal()Andrew Bartlett2014-09-301-2/+2
| | | | | | | | | | | | | We know what realm we need to contact, so avoid trying to correctly get a referral from our KDC. Andrew Bartlett Change-Id: I154ff72f3176d581b64e0c67d4a9c5f1f76b7924 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Sep 30 14:58:50 CEST 2014 on sn-devel-104
* WHATSNEW: Include info on secured winbindd connectionsAndrew Bartlett2014-09-301-0/+15
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* winbindd: Change value of "ldap sasl wrapping" to signAndrew Bartlett2014-09-303-5/+7
| | | | | | | | This is to disrupt MITM attacks between us and our DC Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* winbindd: Do not make anonymous connections by defaultAndrew Bartlett2014-09-301-0/+29
| | | | | | | | | | | The requirement is that we have "winbind sealed pipes = false" and "require strong key = false" before we make anonymous connections. These are a security risk as we cannot prevent MITM attacks. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* provision: Change the default functional level of new Samba domains to 2008R2.Andrew Bartlett2014-09-303-4/+4
| | | | | | | Windows 2003 is going out of support shortly, and we want users to have AES by default Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* ldb: fix a typo in the comment, LDB_FLAGS_MOD_xxx -> LDB_FLAG_MOD_xxxMatthieu Patou2014-09-301-2/+2
| | | | | | | | | Change-Id: I99ac6e272aa0f54a2720c58f630ae472068f255b Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Kamen Mazdrashki <kamenim@samba.org> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Tue Sep 30 08:19:55 CEST 2014 on sn-devel-104
* s3-winbindd: Do not use domain SID from LookupSids for Sids2UnixIDs callChristof Schmitt2014-09-291-3/+30
| | | | | | | | | | | | | | | | | Create a new lsa_RefDomainList and populate it with the domain SID from the original query. That avoids the problem that for migrated objects, LookupSids returns the SID of the new domain, and combining that with the RID from the input results in an invalid SID. A better fix would be querying the RID of the user in the new domain, but the approach here at least avoids id mappings entries for invalid SIDs. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Sep 29 13:15:18 CEST 2014 on sn-devel-104
* s3: Move init_lsa_ref_domain_list to libChristof Schmitt2014-09-295-48/+98
| | | | | | | This will be used in the next patch in winbind. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* s3:net_rpc_printer: make use of cli_credentials_get_username()Stefan Metzmacher2014-09-291-19/+13
| | | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Sep 29 10:51:37 CEST 2014 on sn-devel-104
* lib/util: Do not duplicate the protocol list, use smb_constants.hAndrew Bartlett2014-09-291-11/+1
| | | | | | | | | This avoids the two lists getting out of sync, and only applies to a Samba build due to the surrounding #ifdef Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* lib/param: set the kccsrv:samba_kcc option to false by defaultStefan Metzmacher2014-09-291-1/+1
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10697 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-winbindd: Require SMB signing by default to disrupt MITM attacks with our DCAndrew Bartlett2014-09-281-1/+33
| | | | | | | | | | | | | | This makes it much harder to impersonate the DC, but allows this to be turned off or returned to IF_REQUIRED with a simple change to the 'client signing' smb.conf parameter. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Sep 28 06:25:55 CEST 2014 on sn-devel-104
* pidl: Strip trailing whitespace from pidl, for easier exchange of patches ↵Guy Harris2014-09-281-93/+93
| | | | | | | | | | | | | with wireshark. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10843 Change-Id: I7f1c1d9dd03acd35e59f2d16cc94ee0e8f3f1271 Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Sun Sep 28 03:59:35 CEST 2014 on sn-devel-104
* fileserver: raise debug level for share connection closing for non-IPC to 2.Jelmer Vernooij2014-09-281-1/+1
| | | | | | | | | | This reduces spamming during 'make test' runs. This change is consistent with aad5eeb9b4f67b03988ceefb7888cb63ecefcf30, which raised the log level for logging of new non-IPC connections. Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Change-Id: I4343570c8d6158b6715e514a8a7cd323a9c727ae Reviewed-by: Michael Adam <obnox@samba.org>
* libcli: Remove unreachable code in cldap.Andreas Schneider2014-09-281-6/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libcli: Remove unreachable code in dns_hosts_file.Andreas Schneider2014-09-281-2/+0
| | | | | | | | The count is already checked for 0 above this line so it can never be 0 at this point. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* Declare empty target as phony otherwise they are caught by the '%' ruleMatthieu Patou2014-09-281-1/+1
| | | | | | | | | | | | | | | | | Without that build on the build farm is broken: 'build' finished successfully (8.162s) WAF_MAKE=1 python ./buildtools/bin/waf --targets=everything Selected embedded Heimdal build Waf: Entering directory `/memdisk/build/samba_4_0_test/bin' Selected embedded Heimdal build Waf: Leaving directory `/memdisk/build/samba_4_0_test/bin' target 'everything' does not exist make: *** [everything] Error 1 Change-Id: Id5bc37f803efd764f00c37f8add560d6de2e3a2f Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Michael Adam <obnox@samba.org>
* samba_dnsupdate: Look for ForestDnsZones in the right placeAndrew Bartlett2014-09-271-1/+3
| | | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Sep 27 22:09:29 CEST 2014 on sn-devel-104
* s3:passdb: add pdb_get_trust_credentials()Stefan Metzmacher2014-09-275-24/+563
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
* acl: Fix typo: structrual -> structuralJelmer Vernooij2014-09-271-1/+1
| | | | | | Change-Id: I859f62042e16d146ab4cb1490ab725d2bfa06db1 Signed-off-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb: Be less verbose when announcing kcc is being invoked.Jelmer Vernooij2014-09-271-1/+1
| | | | | | Change-Id: I94ab7d92e7e4f4311f0b20b1072c3ad05155d068 Signed-Off-By: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:torture: in LOCAL-MESSAGING-FDPASS2, close fds after passing themMichael Adam2014-09-271-0/+3
| | | | | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Sat Sep 27 12:44:55 CEST 2014 on sn-devel-104
* s3:unix_msg: fix a tab<->space mixup in unix_msg_recv()Michael Adam2014-09-271-1/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* smbd:smb2: improve smbd_smb2_protocol_dialect_match(), removing code duplicationMichael Adam2014-09-271-73/+25
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* WHATSNEW: Update WHATSNEW for new default winbind implementationAndrew Bartlett2014-09-271-0/+17
| | | | | | | | Reviewed-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Sep 27 04:01:33 CEST 2014 on sn-devel-104
* credentials: Allow the secrets.tdb password to be newer than the secrets.ldb ↵Andrew Bartlett2014-09-271-0/+2
| | | | | | | | password Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* Fix commented out code in kpasswd server to use correct functionAndrew Bartlett2014-09-271-1/+1
| | | | | | | | | | The fix in ac2d31e24cfa24f6674b645b3661a1a2ce9ab060 picked the wrong function name. This is meant to be the remote address, not the local one, if we ever have to re-instate this code. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* provision: explain why this is requiredAndrew Bartlett2014-09-271-0/+8
| | | | | | Change-Id: Iaf8b13010b52e03db2eefe1ad565d7ca768ffb48 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* librpc: gensec is our security provider abstraction, remove a void *Andrew Bartlett2014-09-274-22/+11
| | | | | | | Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* librpc: Remove user/domain from struct pipe_auth_dataAndrew Bartlett2014-09-274-32/+49
| | | | | | | | This does require that we always fill in the gensec pointer, but the simplification is worth the extra allocations. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* idl: Merge NETR_TRUST and LSA_TRUST definitions into one set only in lsa.idlAndrew Bartlett2014-09-2713-40/+26
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* librpc/ndr_drsuapi: Allow ndrdump to dump dsinfo52 blobsMatthieu Patou2014-09-271-0/+34
| | | | | | | Change-Id: I6968b25c67587296b928b2193a9d48093c69c01a Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* torture: Fix use-after-free in ldap.nested-searchAndrew Bartlett2014-09-271-2/+4
| | | | | | | | Found by AddressSanitizer Change-Id: Ie3bb4054201382cacb4b296308d561a3548f8cff Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4-auth/kerberos: fix salting principal, make sure hostname is lowercase.Günther Deschner2014-09-261-1/+1
| | | | | | | | | | | | Found at MS interop event while working on AES kerberos key support. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Sep 26 23:37:09 CEST 2014 on sn-devel-104
* s3-libnet: set list of allowed krb5 encryption types in AD >= 2008.Günther Deschner2014-09-261-0/+65
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-net: add manpage documentation for "net ads enctypes".Günther Deschner2014-09-261-0/+53
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-net: add "net ads enctypes {list,set,delete}".Günther Deschner2014-09-261-0/+308
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
generated by cgit (git 2.34.1) at 2025-09-22 01:40:23 +0000