summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
* s3-smbd: Publish nt printers.Andreas Schneider2010-08-132-5/+15
| | | | | | | Reloading of the printers requires rpc services up and running! The first call in reload_services will be skipped. Signed-off-by: Simo Sorce <idra@samba.org>
* s3-smbd: Move rpc services init to smbd parent.Andreas Schneider2010-08-132-42/+46
| | | | | | | | | | | | | | | The move to the parent makes it possible to use an internal rpc pipe really early and as we migrated serveral parts of samba to rpc function this is required. This should speed up the fork of a smbd a bit cause the rpc services are already running. We still have several problems here which aren't solved. We don't have a dependency tree here. For example we have to make sure that the registry is initialized before we can use the winreg pipe. The spoolss server requires winreg, so we have to start winreg before we can start the spoolss server. I'm sure there are more dependencies. Signed-off-by: Simo Sorce <idra@samba.org>
* s3-smbd: Regroup some init functions.Andreas Schneider2010-08-131-12/+12
| | | | Signed-off-by: Simo Sorce <idra@samba.org>
* s3-smbd: Fixed indent.Andreas Schneider2010-08-131-2/+3
| | | | Signed-off-by: Simo Sorce <idra@samba.org>
* s3-loadparm: Added some comments to lp_load_ex calls.Andreas Schneider2010-08-131-9/+10
| | | | Signed-off-by: Simo Sorce <idra@samba.org>
* s3-smbd: Cleanup the order of the init functions.Andreas Schneider2010-08-131-5/+6
| | | | Signed-off-by: Simo Sorce <idra@samba.org>
* s3-smbd: Make sure the event context is initialized.Andreas Schneider2010-08-131-0/+3
| | | | Signed-off-by: Simo Sorce <idra@samba.org>
* s3-build: remove pointless RPC_PARSE_OBJ2.Günther Deschner2010-08-131-6/+4
| | | | Guenther
* s3-waf: remove pointless RPC_PARSE_SRC2.Günther Deschner2010-08-131-4/+2
| | | | Guenther
* s3: Replace some cli_errstr calls by nt_errstrVolker Lendecke2010-08-131-23/+44
|
* s3-libnet: also remove libnet/libnet_samsync_keytab.c.orig.Günther Deschner2010-08-131-305/+0
| | | | | | Guys, what are you doing here ? ;-) Guenther
* s3-libnet: remove source3/libnet/libnet_join.c.orig, added by a previous commit.Günther Deschner2010-08-131-2187/+0
| | | | Guenther
* s3-dcerpc: fix build warning seen with -O3.Günther Deschner2010-08-131-3/+3
| | | | | | "warning: assuming signed overflow does not occur when assuming that (X + c) < X is always false" Guenther
* s3-krb5 Only build ADS support if arcfour-hmac-md5 is availableAndrew Bartlett2010-08-1310-21/+2520
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Modern Kerberos implementations have either defines or enums for these key types, which makes doing #ifdef difficult. This shows up in files such as libnet_samsync_keytab.c, the bulk of which is not compiled on current Fedora 12, for example. The downside is that this makes Samba unconditionally depend on the arcfour-hmac-md5 encryption type at build time. We will no longer support libraries that only support the DES based encryption types. However, the single-DES types that are supported in common with AD are already painfully weak - so much so that they are disabled by default in modern Kerberos libraries. If not found, ADS support will not be compiled in. This means that our 'net ads join' will no longer set the ACB_USE_DES_KEY_ONLY flag, and we will always try to use arcfour-hmac-md5. A future improvement would be to remove the use of the DES encryption types totally, but this would require that any ACB_USE_DES_KEY_ONLY flag be removed from existing joins. Andrew Bartlett Signed-off-by: Simo Sorce <idra@samba.org>
* s3:libnet Add other required headers for libnet_samsync_keytab.cAndrew Bartlett2010-08-131-0/+3
| | | | | | | | | Due to missing defines in modern kerberos libraries, this code was not compiled and so this wasn't noticed. Andrew Bartlett Signed-off-by: Simo Sorce <idra@samba.org>
* tdb: add TDB_DEPS variable filled with required librariesBjörn Jacke2010-08-132-1/+3
| | | | | This is required for Solaris, which needs to link in librt to make use of fdatasync().
* s3-build: pointless to link in libads and dcutils into smbcacls.Günther Deschner2010-08-131-1/+1
| | | | Guenther
* s3-build: separate out libads_printer.Günther Deschner2010-08-131-3/+5
| | | | Guenther
* s3-waf: separate out libads_printer.Günther Deschner2010-08-131-2/+4
| | | | Guenther
* s3-selftest: add testparm tests to selftest.Günther Deschner2010-08-131-0/+1
| | | | Guenther
* Fix bug #7617 - smbd coredump due to uninitialized variables in the ↵Jeremy Allison2010-08-121-2/+2
| | | | | | | | | | | | | | | | | | performance counter code. In the file rpc_server.c, function _winreg_QueryValue() uint8_t *outbuf Should be : uint8_t *outbuf = NULL; As it is later freed by if (free_buf) SAFE_FREE(outbuf); in some cases, this frees the unintialized outbuf, which causes a coredump.
* s3-libnet: fix bug #6364: Pull realm from supplied username on libnet joinJim McDonough2010-08-121-0/+7
|
* s3-waf: fix the build.Günther Deschner2010-08-121-0/+21
| | | | Guenther
* s3: fall back to cups-config for underlinked libsBjörn Jacke2010-08-121-4/+10
| | | | | | some OpenBSD systems have underlinked cups libraries. If linking against cups alone fails, try to link against all the cups-config --libs cruft, which we usually don't want. (bugzila #7244)
* Revert "s3: Use cups-config --libs"Björn Jacke2010-08-121-1/+1
| | | | | This reverts commit 911db761148. This was introduced in 18f1f5b56b140 intentionally.
* s3:Makefile: link in dcerpc client stubsStefan Metzmacher2010-08-121-0/+20
| | | | metze
* s3:winbindd: add wbint dcerpc_binding_handle backendStefan Metzmacher2010-08-121-0/+262
| | | | metze
* s3:rpc_server: add rpc_pipe_open_internal dcerpc_binding_handle backendStefan Metzmacher2010-08-121-0/+272
| | | | metze
* s3:rpc_client: add dcerpc_binding_handle backendStefan Metzmacher2010-08-124-0/+376
| | | | metze
* s3: Reduce the load on the echo handlerVolker Lendecke2010-08-121-0/+2
| | | | | | | If the parent is fast enough, the echo handler should not step in. When the socket becomes readable, the echo handler goes to sleep for a second. If within that second, the parent has picked up the SMB request from the net, the echo handler will just go back to select().
* s3: Slightly simplify the logic in smbd_server_echo_handlerVolker Lendecke2010-08-121-1/+4
|
* s3: Slightly simplify the logic in smbd_server_connection_handlerVolker Lendecke2010-08-121-1/+4
|
* s3: ?true:false is a *bit* pointless :-)Volker Lendecke2010-08-121-1/+1
|
* s3-waf: fix the waf build with more recent MIT krb5 libs.Günther Deschner2010-08-112-1/+4
| | | | | | | | | | (such as MIT krb5 1.7.1 on fedora 13). This whole area needs more work and love later, for now it builds at least. Kai, please check. Guenther
* libcli/auth Make the source3/ implementation of the NTLMSSP server commonAndrew Bartlett2010-08-101-527/+0
| | | | | | | | | This means that the core logic (but not the initialisation) of the NTLMSSP server is in common, but uses different authentication backends. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp Split the NTLMSSP server into before and after authenticationAndrew Bartlett2010-08-101-62/+148
| | | | | | | | | | | | | | | This allows for a future where the auth subsystem is async, and the session key generation needs to happen in a callback. This code is originally reworked into this style by metze for the source4/ implementation. The other change here is to introduce an 'out_mem_ctx', which makes the API match that used in source4. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp Always call ntlmssp_sign_init()Andrew Bartlett2010-08-101-3/+1
| | | | | | | | | There is no code path that sets nt_status before this point, without a return. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp Don't use talloc_tos() for NTLMSSP blobs for nowAndrew Bartlett2010-08-101-2/+2
| | | | | | | | | | This code will, I hope, soon be merged in common, and the Samba4 use case does not currently support talloc_tos() properly. Use another context for now. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp Don't permit LM_KEY in combination with NTLMv2Andrew Bartlett2010-08-101-1/+4
| | | | | | | | | This is another 'belts and braces' check to avoid the use of the weak 'LM_KEY' encryption when the client has chosen NTLMv2. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp Don't reply with the LM_KEY negotiation flag when not availableAndrew Bartlett2010-08-101-0/+15
| | | | | | | | | This ensures the client isn't confused and we don't enter this weaker authentication scheme when we don't really, really need to. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp Don't use the lm key if the user didn't supply one.Andrew Bartlett2010-08-101-3/+3
| | | | | | | | | | | This may help to avoid a number of possible MITM attacks where LM_KEY is spoofed into the session. If the login wasn't with lanman (and so the user chose to disclose their lanman response), don't disclose back anything based on their lanman password. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp Add extra DEBUG() message for auth system failuresAndrew Bartlett2010-08-101-0/+2
| | | | | | Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3:ntlmssp Redirect lp_lanman_auth() via 'allow_lm_key'Andrew Bartlett2010-08-101-2/+4
| | | | | | | | This will allow this to be handled via common code in the future Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* s3: fix the waf build.Günther Deschner2010-08-101-1/+2
| | | | Guenther
* libcli/auth Move some source3/ NTLMSSP functions to the common code.Andrew Bartlett2010-08-102-88/+2
| | | | | | | | libcli/auth Use true and false rather than True and False in common code Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
* Fix bug #7608 - Win7 SMB2 authentication causes smbd panicJeremy Allison2010-08-091-2/+4
| | | | | | | | We need to call setup_ntlmssp_server_info() if status==NT_STATUS_OK, or if status is anything except NT_STATUS_MORE_PROCESSING_REQUIRED, as this can trigger map to guest. Jeremy.
* s3-winbind: Fix Bug #7568: Make sure cm_connect_lsa_tcp does not reset the ↵Günther Deschner2010-08-091-7/+13
| | | | | | | | | | | | | | | | | | | secure channel. This is an important fix as the following could and is happening: * winbind authenticates a user via schannel secured netlogon samlogonex call, current secure channel cred state is stored in winbind state, winbind sucessfully decrypts session key from the info3 * winbind sets up a new schannel ncacn_ip_tcp lsa pipe (and thereby resets the secure channel on the dc) * subsequent samlogonex calls use the new secure channel creds on the dc to encrypt info3 session key, while winbind tries to use old schannel creds for decryption Guenther
* s3: Remove the smbd_messaging_context from load_printersVolker Lendecke2010-08-084-7/+8
|
* s3: Remove the smbd_messaging_context from pcap_cache_reloadVolker Lendecke2010-08-084-7/+10
|
* s3: Remove the smbd_messaging_context from cups_cache_reloadVolker Lendecke2010-08-083-9/+9
|
generated by cgit (git 2.34.1) at 2025-09-26 10:22:41 +0000