summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
...
* s3:libsmb: avoid calling cli_set_username() cliconnect.cStefan Metzmacher2014-10-171-33/+1
| | | | | | Change-Id: I45e44405ea51ecb1aa38c72f4fc6243a1d3d531a Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: avoid calling cli_set_username() in clidfsStefan Metzmacher2014-10-171-3/+0
| | | | | | Change-Id: I8b32be8a10d2bff33bb468cc68c98e555b220bde Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: avoid cli_set_username() in SMBC_server_internal()Stefan Metzmacher2014-10-171-7/+0
| | | | | | Change-Id: I32e19078a4d4948e405f39dc2a479ff925ad3684 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:lib/netapi: avoid calling cli_set_username()Stefan Metzmacher2014-10-171-3/+1
| | | | | | Change-Id: I3ab768d2df06749187555a16d7b930f7cc8f8b9f Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:torture: avoid unused cli_set_username()Stefan Metzmacher2014-10-171-6/+0
| | | | | | Change-Id: Ia774b256093aff5f2b3338e7827e2d798fb06a96 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libsmb: Remove unused domain copy stored in cli_stateStefan Metzmacher2014-10-1710-83/+10
| | | | | | Change-Id: I7333140906bb3a487205b5760396dcc00a9f49b0 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:libsmb: Remove unused password copy stored in cli_stateAndrew Bartlett2014-10-179-36/+13
| | | | | | Change-Id: Ia6b33a25628ae08be8a8c6baeb71ce390315cb45 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: use cli_rpc_pipe_open_with_creds()Andrew Bartlett2014-10-171-39/+22
| | | | | | | Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-librpc: Add cli_rpc_pipe_open_with_creds()Andrew Bartlett2014-10-174-0/+141
| | | | | | | | | | | This provides a credentials-based interface. In the long term, we will want to change this not to reference the credentials, but for now this suits the caller in winbindd_cm.c Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: Use own machine account to connect to trusted domains as wellAndrew Bartlett2014-10-171-6/+11
| | | | | | | | | | | | | This relies on a two-way trust, which we may not have, but is the only secure way to do this. To do this correctly we need to split NETLOGON from normal authentication, as we need to use the machine account for the SMB level, but the inter-domain trust account for the NETLOGON level. Change-Id: Ib93eb6a4d704ef26df8234be7cb71c47ad519c8a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: use a cli_credentials structure to hold the trust credentialsStefan Metzmacher2014-10-171-207/+395
| | | | | | | | | | | | Later we can pass this down directly and have a much more sane handling of credentials and the spnego handshake. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Change-Id: If12ef0b105d8c7af60190d4eed3c8c07849da2ca Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* libsmb: Print the principal name that we failed to kinit for.Andrew Bartlett2014-10-171-6/+7
| | | | | | | | | | This should aid debugging when this is called from an automated process. Andrew Bartlett Change-Id: I2c7291ab3f67f9f7462d7c52c8c9a4b042f7ec5a Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* passdb: Use common code in cli_credentials_set_machine_account_db_ctx()Andrew Bartlett2014-10-171-16/+50
| | | | | | | | | | | | | | | | | | This avoids some duplication in setting the machine account passsword for the domain member and DC case. This does not yet remove the duplication, that requires a bigger restructure of the various routines used here to obtain the machine and domain trust secrets. Also no longer used is the timeout/2 code to not set the previous password. It is now always passed to the caller. Andrew Bartlett Change-Id: Idd5bafedf4cbac30b174955d743ec4128a6902ee Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:smb2_server: pass xconn->smb2.server.cipher to ↵Stefan Metzmacher2014-10-161-5/+5
| | | | | | | smb2_signing_[de|en]ncrypt_pdu() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_server: check xconn->smb2.server.cipher instead of ↵Stefan Metzmacher2014-10-163-3/+3
| | | | | | | | | | | xconn->smb2.server.capabilities SMB 3.10 and later won't have SMB2_CAP_ENCRYPTION anymore. xconn->smb2.server.cipher == 0 is the indication that we don't support encryption on the connection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3:smb2_negprot: remember xconn->smb2.server.cipherStefan Metzmacher2014-10-162-0/+5
| | | | | | | | For now we always use SMB2_ENCRYPTION_AES128_CCM or 0. 0 is the indication that we don't support encryption on the connection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* vfs_posixacl: catch ACL_EVERYONE on FreeBSDRalph Boehme2014-10-122-0/+6
| | | | | | | | | | | | Using POSIX ACL API on FreeBSD may return NFSv4 style tag type ACL_EVERYONE. Catch the error and issue a helpful log message telling users to enable zfsacl VFS module. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sun Oct 12 00:22:19 CEST 2014 on sn-devel-104
* smbd: Fix a use-after-freeVolker Lendecke2014-10-101-1/+4
| | | | | | | | | | We can't reference xconn->next after it was talloc_free'ed Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Oct 10 14:32:53 CEST 2014 on sn-devel-104
* s3: smbd: Preparation for leases code merge. Ensure VFS is ready for 4.2.0.Jeremy Allison2014-10-101-0/+7
| | | | | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Oct 10 02:55:53 CEST 2014 on sn-devel-104
* s3-net: display full value of "msDS-SupportedEncryptionTypes".Günther Deschner2014-10-081-4/+3
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Wed Oct 8 18:18:50 CEST 2014 on sn-devel-104
* registry: Don't leave dangling transactionsVolker Lendecke2014-10-081-1/+1
| | | | | | | | When a createkey fails due to access denied, we need to do a transaction_cancel. Otherwise the lock on the db will stay around. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org>
* s3-winbindd: Attempt to connect to NETLOGON over NCACN_IP_TCP if we canAndrew Bartlett2014-10-087-15/+59
| | | | | | | | | | | | This is very helpful in the trusted domain situation, as we may not have a two-way trust but we can use our domain trust account to set up a connection to NETLOGON Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Oct 8 12:48:15 CEST 2014 on sn-devel-104
* s3-rpc_client: Migrate to cli_rpc_pipe_open_generic_auth and remove ↵Andrew Bartlett2014-10-084-92/+16
| | | | | | | | | | cli_rpc_pipe_open_spnego Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Oct 8 03:36:52 CEST 2014 on sn-devel-104
* s3-rpc_client: Adapt cli_rpc_pipe_open_generic_auth to use enum ↵Andrew Bartlett2014-10-085-0/+5
| | | | | | | | | | | credentials_kerberos_state This allows us to pass this value in directly from the cli_credentials structure in winbindd, once we merge this with cli_rpc_pipe_open_spnego(). Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-rpc_client: Adapt cli_rpc_pipe_open_spnego to use enum ↵Andrew Bartlett2014-10-084-18/+11
| | | | | | | | | | | | credentials_kerberos_state This allows us to pass this value in directly from the cli_credentials structure in winbindd. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: Allow winbindd to connect over SMB2 to serversAndrew Bartlett2014-10-083-2/+22
| | | | | | | | | | | This allows SMB signing to work against many more DCs, and so improves network security. The default for "client max protocol" remains NT1 in the rest of the code. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3-winbindd: Pass the whole winbindd_domain to invalidate_cm_connection()Andrew Bartlett2014-10-087-20/+21
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:torture: add PROTOCOL_SMB3_10 handlingStefan Metzmacher2014-10-071-0/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* printer_list: fix talloc tos leak of tdb recordDavid Disseldorp2014-10-071-0/+1
| | | | | | | | | Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Oct 7 19:25:09 CEST 2014 on sn-devel-104
* idl: Fix a typoVolker Lendecke2014-10-071-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Tue Oct 7 17:03:42 CEST 2014 on sn-devel-104
* smbd: Simplify remove_child_pidVolker Lendecke2014-10-071-1/+1
| | | | | | | In this if-branch ret is always != 0. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* status: 80 chars per lineVolker Lendecke2014-10-071-367/+734
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* smbd: Fix nonempty line endingsVolker Lendecke2014-10-071-15/+14
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* lanman: don't leak cache_path onto talloc tosDavid Disseldorp2014-10-061-2/+9
| | | | | | | | | | | Also check for allocation failures. Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Mon Oct 6 21:41:22 CEST 2014 on sn-devel-104
* samlogon_cache: don't leak cache_path onto talloc tosDavid Disseldorp2014-10-061-1/+6
| | | | | | | | Also check for allocation failures. Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* nmbd: don't leak cache_path onto talloc tosDavid Disseldorp2014-10-061-0/+7
| | | | | | Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* printing: don't leak cache_path onto talloc tosDavid Disseldorp2014-10-062-5/+25
| | | | | | | | Also check for allocation failures. Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* gpo: don't leak cache_path onto talloc tosDavid Disseldorp2014-10-064-17/+50
| | | | | | | | Also check for allocation failures. Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* gencache: don't leak cache_path onto talloc tosDavid Disseldorp2014-10-061-0/+11
| | | | | | | | Also check for allocation failures. Reported-by: Franz Pförtsch <franz.pfoertsch@brose.com> Signed-off-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* winbindd: Do not overwrite domain list with conflicting info from a trusted ↵Andrew Bartlett2014-10-061-0/+75
| | | | | | | | | | | | | | | | domain This places less trust in our primary DC or trusted domain DC and refuses to update info that is conflicting This does not currently reject the connection to the DC, but only ensures it can only update missing information or to correct the case of the domain. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Oct 6 17:21:03 CEST 2014 on sn-devel-104
* s3: lib, s3: modules: Fix compilation on Solaris.Jeremy Allison2014-10-062-10/+14
| | | | | | | | | | | | | | | | Based on work from YOUZHONG YANG <youzhong@gmail.com>. Code needs fixing when HAVE_STRUCT_MSGHDR_MSG_CONTROL is not defined. Also Solaris doesn't have msg_flags field (which we set to zero anyway, so if we initialize the entire struct to zero, we never need to refer to it). https://bugzilla.samba.org/show_bug.cgi?id=10849 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Oct 6 12:33:36 CEST 2014 on sn-devel-104
* windbindd: Make cm_connect_lsa_tcp staticChristof Schmitt2014-10-042-6/+3
| | | | | | | | | | It is only used in winbindd_cm.c Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Oct 4 02:34:49 CEST 2014 on sn-devel-104
* smbd: Always use uint8_t for inbuf pointerChristof Schmitt2014-10-041-7/+8
| | | | | | | This avoids some casts from char pointers. Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbd: Pass only cmd to construct_reply_common instead of complete reqChristof Schmitt2014-10-041-6/+5
| | | | | | | construct_reply_common only needs the commands code and the inbuf field, not the complete request. Signed-off-by: Christof Schmitt <cs@samba.org>
* smbd: Use MIN macro in fake_sendfileChristof Schmitt2014-10-041-5/+1
| | | | | Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3-winbindd: Make wcache_sid_to_name staticChristof Schmitt2014-10-042-12/+6
| | | | | | | It is only used in winbindd_cache.c Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3-winbindd: Remove extern declaration for cache_methods from winbindd_dual.cChristof Schmitt2014-10-041-1/+0
| | | | | | | cache_methods is not used in winbindd_dual.c Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* profiling: Make WITH_PROFILE span more in smbprofile.hVolker Lendecke2014-10-031-2/+3
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Oct 3 22:17:46 CEST 2014 on sn-devel-104
* profiling: Remove a big DEBUG statementVolker Lendecke2014-10-031-25/+0
| | | | | | | | | | | | | | | | | | | | | I would like to have the freedom to play with the profiling implementation. This is kindof in the way. This code is from pre-SVN days: > commit 7914e9351abb5271ebb4990c3b1fe495d15a4eda > Author: Jeremy Allison <jra@samba.org> > AuthorDate: Thu Oct 5 18:50:18 2000 +0000 > Commit: Jeremy Allison <jra@samba.org> > CommitDate: Thu Oct 5 18:50:18 2000 +0000 > > Herb's fixes for profiling & compiler warnings. > Jeremy. Herb, please speak up quickly if you still need this :-) Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* profiling: Remove some #ifdefsVolker Lendecke2014-10-032-8/+0
| | | | | | | | | The DO_PROFILE_INC thingies already #define to nothing without WITH_PROFILE, and any sane compiler will just not compile the if-condition if there is no body to be executed. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
generated by cgit (git 2.34.1) at 2025-09-24 23:58:31 +0000