summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
...
* s3:pdb_samba_dsdb: add pdb_samba_dsdb_get_trusteddom_credsStefan Metzmacher2014-12-191-1/+225
| | | | | | | | | | We have the password as raw UTF16 blob, which might not be valid utf16, so we need to use cli_credentials_set_utf16_password(). Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: make use of cli_rpc_pipe_open_schannel_with_creds()Stefan Metzmacher2014-12-191-17/+40
| | | | | | | This way we pass down enough information for SEC_CHAN_DNS_DOMAIN to work. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: make use of rpccli_{create,setup}_netlogon_creds_with_creds()Stefan Metzmacher2014-12-191-23/+9
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: we only need a an netlogon connection to a rwdc if we're a rodc ↵Stefan Metzmacher2014-12-191-2/+2
| | | | | | | | | | ourself If we're a member or RWDC there's no need to require talking to a rwdc, an rodc will forward the request if required. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: make sure we try to use NCACN_IP_TCP in cm_connect_netlogonStefan Metzmacher2014-12-191-0/+5
| | | | | | | | We need to call init_dc_connection_rpc() before we can decide if we want to try NCACN_IP_TCP. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:rpc_client: add cli_rpc_pipe_open_schannel_with_creds() helper functionStefan Metzmacher2014-12-192-0/+93
| | | | | | | | | This will simplify the callers and add potential support for SEC_CHAN_DNS_DOMAIN as cli_credentials_get_realm() will return the correct value compared to cli_credentials_get_domain(). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:cli_netlogon: add rpccli_{create,setup}_netlogon_creds_with_creds() ↵Stefan Metzmacher2014-12-192-0/+65
| | | | | | | | | helper functions This simplifies the callers, then can just pass in a cli_credentials structure. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: use find_domain_from_name_noinit() in winbindd_ping_dc_send()Stefan Metzmacher2014-12-191-1/+1
| | | | | | | | We should not try to connect to the given domain from within the winbindd parent. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: report our own name for PING_DC and internal domainsStefan Metzmacher2014-12-191-0/+22
| | | | | | | | This means "wbinfo --ping-dc" works fine on a DC. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nsswitch: fix soname of linux nss_*.so.2 modulesStefan Metzmacher2014-12-191-7/+0
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=9299 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* vfs_fruit: Avoid double ()Volker Lendecke2014-12-181-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Thu Dec 18 19:19:04 CET 2014 on sn-devel-104
* vfs_fruit: Avoid double initializationVolker Lendecke2014-12-181-1/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s3-libsmb: Remove obsolete support for dns_host_file.Andreas Schneider2014-12-181-27/+0
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* addns: Remove support for dns_host_file.Andreas Schneider2014-12-185-45/+64
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* nmblookup: Return if the lookup was successful or not.Andreas Schneider2014-12-181-7/+18
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10803 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Jeremy Allison <jra@samba.org>
* s3:winbindd: try to use the trust account with kerberos if possibleStefan Metzmacher2014-12-181-7/+19
| | | | | | | | | | This trust account is usable for SMB authentication via kerberos, so we should try that if we think the domain is active directory. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11010 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: fix anon fallback in cm_prepare_connection()Stefan Metzmacher2014-12-181-18/+1
| | | | | | | | | We should not crash with machine_password==NULL. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11010 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:winbindd: also try to fallback to anonymous if we get ↵Stefan Metzmacher2014-12-181-0/+1
| | | | | | | | | | | NT_STATUS_INVALID_ACCOUNT_NAME Kerberos authentication may return NT_STATUS_INVALID_ACCOUNT_NAME (PRINCIPAL_UNKNOWN) Bug: https://bugzilla.samba.org/show_bug.cgi?id=11010 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: let cli_session_setup_kerberos_recv() return a useful error codeStefan Metzmacher2014-12-181-6/+22
| | | | | | | | | | Forcing NT_STATUS_UNSUCCESSFUL is not a good idea, we should return NT_STATUS_LOGON_FAILURE instead. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11010 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:passdb: let pdb_get_trust_credentials() try pdb_get_trusteddom_creds() firstStefan Metzmacher2014-12-181-21/+44
| | | | | | | | | | | | | NT_STATUS_NOT_IMPLEMENTED lets it fallback to the old get_trust_pw_clear2() code. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Dec 18 06:46:05 CET 2014 on sn-devel-104
* s3:passdb: add optional get_trusteddom_creds() hooksStefan Metzmacher2014-12-184-1/+339
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* pdb: fix build issues with shared modulesGarming Sam2014-12-181-0/+1
| | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=10355 Change-Id: I26e78b56ead0c66afcda6b3fb8b1fd09130b24a5 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* s3:locking: fix uninitialiazed variable in brl_get_locks_readonly_parser()Stefan Metzmacher2014-12-181-0/+1
| | | | | | | | | | | | | In a cluster this can be called with an empty record, while brl_parse_data() relies on an initialized structure. This is a regression in commit 837e29035c911f3509135252c3f423d0f56b606d. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10911 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* vfs/glusterfs: Change xattr key to match gluster key.raghavendra talur2014-12-171-1/+1
| | | | | | | | | | | | | | Gluster changed the key used to do get_real_filename in 3.5. This changes Samba's glusterfs vfs-module to use the same key. This will render SMB_VFS_GET_REALFILENAME() working again under 3.5 and will remove support for that functionality for Gluster 3.4 and older. Signed-off-by: raghavendra talur <raghavendra.talur@gmail.com> Reviewed-by: Ira Cooper <ira@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* vfs_glusterfs: Implement AIO supportPoornima G2014-12-172-12/+243
| | | | | | | | | | Signed-off-by: Poornima G <pgurusid@redhat.com> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Wed Dec 17 16:35:37 CET 2014 on sn-devel-104
* vfs_glusterfs: Change sys_get_acl_file/fd to return ACLs corresponding to ↵Poornima G2014-12-171-0/+59
| | | | | | | | | mode bits when there are no ACLs set. Signed-off-by: Poornima G <pgurusid@redhat.com> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s3:lib: fix allocation check in messages_ctdbd.cStefan Metzmacher2014-12-171-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Amitay Isaacs <amitay@gmail.com>
* notify: Move path construction to notify_triggerVolker Lendecke2014-12-163-15/+20
| | | | | | | | | | | notify_msg won't need to construct the path anymore, it will be able to put the parts into iovecs Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Dec 16 21:22:26 CET 2014 on sn-devel-104
* lib: Add ctdbd_messaging_send to ctdb_dummy.cVolker Lendecke2014-12-161-0/+7
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Add messaging_handler_send/recvVolker Lendecke2014-12-162-0/+89
| | | | | | | | | This repeatedly listens on msg_type. It's similar to messaging_register with talloc based autocleanup. The handler is free to talloc_move a way the record for later use. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Add messaging_send_iov_fromVolker Lendecke2014-12-162-10/+25
| | | | | | | In the notifyd code it will be very helpful to fake source server_ids Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* messaging3: Add messaging_names_dbVolker Lendecke2014-12-163-0/+21
| | | | | | | | This will enable messaging3 users to more easily register themselves under a name Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbstatus: Tell the user that smbstatus can only be run as root.Andreas Schneider2014-12-161-0/+7
| | | | | | | | | | | | | | | In the meantime smbstatus tries to collection information from tdb's which are only accessible by root as they contain sensitive information like session keys and other secrets. This means smbstatus can no longer be executed as a user. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11012 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Dec 16 18:54:41 CET 2014 on sn-devel-104
* s3:smb2_server: allow reauthentication without signingStefan Metzmacher2014-12-122-5/+4
| | | | | | | | | | If signing is not required we should not require it for reauthentication. Windows clients would otherwise fail to reauthenticate. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10958 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libsmb: Simplify netsamlogon_cache_getVolker Lendecke2014-12-121-2/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libsmb: Only print decoded netsamlogon cache entriesVolker Lendecke2014-12-121-4/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libsmb: Fix removing invalid samlogon cache entriesVolker Lendecke2014-12-121-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* vfs_streams_xattr: add missing call to SMB_VFS_NEXT_CONNECTRalph Boehme2014-12-121-0/+6
| | | | | | | | Signed-off-by: Ralph Boehme <slow@samba.org> Rewviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Dec 12 02:09:24 CET 2014 on sn-devel-104
* selftest: Add test for joining a Samba classic DC as a BDCAndrew Bartlett2014-12-112-0/+29
| | | | | | | | | | | | | This does not join the DC itself, so as not to pertrub the test environment mid-run, but does confirm that the join works and the password can be changed. Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Dec 11 21:40:27 CET 2014 on sn-devel-104
* libsmb: Allow change of BDC trust account passwordAndrew Bartlett2014-12-111-0/+3
| | | | | | | | | | This account is otherwise just like the workstation trust acocunt, so use that code. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10891 Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth: Allow domain join to itself when we are a PDCAndrew Bartlett2014-12-111-1/+3
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=10891 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* selftest: Add 'net dom join' test which fails cause we are a DCAndreas Schneider2014-12-112-0/+27
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* netapi: Move DC check to NetJoinDomain() where it is needed.Andrew Bartlett2014-12-112-4/+4
| | | | | | | | | | This partially reverts 15f6e27bd5a9065c8b781fa21f5989ce2c355776. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10891 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
* vfs_glusterfs: Set connectpath as snapdir-entry-path.raghavendra talur2014-12-101-0/+11
| | | | | | | | | | | | snapview client in gluster would require connectpath in order add snapdir entry to readdir result. Signed-off-by: raghavendra talur <raghavendra.talur@gmail.com> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Wed Dec 10 16:38:27 CET 2014 on sn-devel-104
* vfs_glusterfs: Remember the connect path too for reopening.raghavendra talur2014-12-101-5/+15
| | | | | | | | | | As Samba allows us to share subdirs, lets re-use preopened connections to glusterfs only if they are for same volume AND same connectpath. Signed-off-by: raghavendra talur <raghavendra.talur@gmail.com> Reviewed-by: Guenther Deschner <gd@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* vfs_glusterfs: In vfs_gluster_sys_acl_get_file/fd, reduce the number of ↵Poornima G2014-12-101-10/+32
| | | | | | | | getxattr calls. Signed-off-by: Poornima G <pgurusid@redhat.com> Reviewed-by: Ira Cooper <ira@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* notify_inotify: Simplify inotify_dispatchVolker Lendecke2014-12-091-15/+17
| | | | | | | | | | | | Normally, I'm trying to simplify things with early returns. But in this case I think the reverse makes the if-condition easier to understand Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Dec 9 06:37:24 CET 2014 on sn-devel-104
* smbd: Compile notify_inotify only if availableVolker Lendecke2014-12-092-6/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* notify_inotify: inotify_watch now takes a mem_ctxVolker Lendecke2014-12-093-4/+13
| | | | | | | This will make it easier to integrate into proper memory hierarchies. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* notify: Add "dir" to notify_eventVolker Lendecke2014-12-092-3/+9
| | | | | | | | | | | | | "notify_event" only reports names relative to some path that is only implicitly known via "private_data". Right now "private_data" is the fsp of the directory holding this notify. I want to use inotify_watch in a notify-daemon that does not have a fsp available and has more problems getting the path right out of "private_data". notify_inotify has the directory under which the event happened available, so make it known to the callback. Right now no caller uses it yet. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
generated by cgit (git 2.34.1) at 2025-09-26 22:42:07 +0000