summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* samba-tool: Improve getopt.py error handlingGiampaolo Lauria2011-10-191-1/+5
| | | | Throw an exception when the --option value is invalid
* samba-tool: Improve getopt.py error handlingGiampaolo Lauria2011-10-191-2/+1
| | | | Throw an exception when --option value is not in the form "a=b"
* samba-tool: Improve getopt.py error handlingGiampaolo Lauria2011-10-191-0/+3
| | | | Raise exception when -d or --debuglevel value is <0
* s3-docs: Add a clarification note for nss_info primary group membership ↵Günther Deschner2011-10-192-1/+5
| | | | | | | | | calculation. Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Wed Oct 19 03:10:40 CEST 2011 on sn-devel-104
* s3-docs: Document Services for Unix 2.0 (sfu20) nss_info ldap schema support.Günther Deschner2011-10-192-3/+6
| | | | Guenther
* s3: Avoid a winbind 100% cpu loopVolker Lendecke2011-10-191-0/+8
| | | | | | | | | | | | When a DC goes down hard, winbind can end up in a 100% CPU loop. The next (small) RPC request to the DC ends up as a trans2 request. If the connection goes down, we end up trying to discard the request via the loop in cli_state_notify_pending(). Because this is a trans2 request, cli_smb_req_unset_pending will not kick in. Thus the pending array will always remain at length 1. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Oct 19 01:39:35 CEST 2011 on sn-devel-104
* vfs_netatalk should be using strstr_m, not strstr to find .AppleDouble paths.Jeremy Allison2011-10-191-5/+5
| | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 19 00:05:45 CEST 2011 on sn-devel-104
* The last argument to atalk_build_paths() is always false, remove it.Jeremy Allison2011-10-181-12/+9
|
* lib/util: skip single hex digit at the end of the input sting - fix ↵Michael Adam2011-10-181-1/+2
| | | | | | | | | | | potential segfault The second of two digits was read without checking for the length of the input string. For a non-zero-terminated input string, this might have caused a segfault. Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Tue Oct 18 22:32:59 CEST 2011 on sn-devel-104
* lib/util: fix function header comment to strhex_to_str()Michael Adam2011-10-181-9/+8
| | | | The description did not match the function's behaviour.
* lib/util: untangle assignent from check in strhex_to_str()Michael Adam2011-10-181-2/+6
|
* s3-util: dbwrap_tool: add fetch fuctions for hex and stringBjörn Baumbach2011-10-181-0/+61
| | | | Signed-off-by: Michael Adam <obnox@samba.org>
* s3-util: dbwrap_tool: add store hex functionBjörn Baumbach2011-10-181-3/+43
| | | | | | Allows the user to store hex blobs in a tdb. Signed-off-by: Michael Adam <obnox@samba.org>
* selftest:Samba3: fix signature for check_or_start()Michael Adam2011-10-181-1/+1
|
* selftest:Samba3: fix a message printed when starting winbinddMichael Adam2011-10-181-1/+1
|
* pdb-interface: Do not use unid_t hereSimo Sorce2011-10-188-52/+59
| | | | | | | | This interface needs to be publicly available, unid_t here is not really useful and makes it harder to use it as unid_t is not a public union. Autobuild-User: Simo Sorce <idra@samba.org> Autobuild-Date: Tue Oct 18 20:57:16 CEST 2011 on sn-devel-104
* s3-auth move the s3 auth context onto gensec_ntlmssp once we startAndrew Bartlett2011-10-181-2/+2
| | | | | | | | | We do not need it on the auth_ntlmssp_state any longer. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 18 13:54:36 CEST 2011 on sn-devel-104
* s3-libsmb Use a gensec module to provide the ntlmssp client in ntlmssp_wrap.cAndrew Bartlett2011-10-182-85/+198
| | | | | | This removes the need to have if (ans->gensec_security) everywhere. Andrew Bartlett
* s3-ntlmssp split auth_ntlmssp_client_start() into two partsAndrew Bartlett2011-10-185-25/+34
| | | | | | | | | | | This will allow it to be a wrapper around a gensec module, which requires that they options be set on a context, but before the mechanism is started. This also simplfies the callers, by moving the lp_*() calls into one place. Andrew Bartlett
* s3-rpc_client remove cli_auth_ntlmssp_data_destructorAndrew Bartlett2011-10-181-9/+1
| | | | | | | | | This can be an ordinary talloc child without causing any problem. This seems to have been inherited from a time when ntlmssp_client_start() returned malloc() based memory. Andrew Bartlett
* s3/doc: add man page for aio_fork vfs moduleBjörn Jacke2011-10-181-0/+86
| | | | | | | thanks to Volker for the content Autobuild-User: Björn Jacke <bj@sernet.de> Autobuild-Date: Tue Oct 18 12:24:35 CEST 2011 on sn-devel-104
* s4:auth/unix_token: match s3 behavior and add uid/gid to the groups arrayStefan Metzmacher2011-10-181-17/+31
| | | | | | | | | If mappings use ID_TYPE_BOTH. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Oct 18 10:39:54 CEST 2011 on sn-devel-104
* lib/param: Remove parameters for wins and spoolss databasesAndrew Bartlett2011-10-184-36/+10
| | | | | | | | | | | | | | | | | This removes the smb.conf parameters per-database, replacing these with hard-coded database names in well known (and configurable) directories. The wins.ldb is now always in the "state dir", rather than being in both state and lock dir (ie, a bug). Less smb.conf parameters means less parameters to try and sync up between the loadparm subsystems. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 18 05:39:54 CEST 2011 on sn-devel-104
* ldb: Output more error information when a connect failsAndrew Bartlett2011-10-182-1/+6
|
* s3:auth_util: add the uid with WBC_ID_TYPE_BOTH also to the group arrayStefan Metzmacher2011-10-181-2/+4
| | | | | | This will help with having "sidHistory" support in future. metze
* s3-auth: use typedefs in auth.hAndrew Bartlett2011-10-181-8/+14
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* gensec: move event context from gensec_*_init() to gensec_update()Andrew Bartlett2011-10-1824-86/+93
| | | | | | | | | | | | This avoids keeping the event context around on a the gensec_security context structure long term. In the Samba3 server, the event context we either supply is a NULL pointer as no server-side modules currently use the event context. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth fix comment after s3 ntlmssp gensec moduleAndrew Bartlett2011-10-181-1/+1
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* gensec: move event-using code to gensec_update() hooks out of gensec_start*()Andrew Bartlett2011-10-183-39/+77
| | | | | | | This ensures that only gensec_update() will require an event context argument when the API is refactored. Andrew Bartlett
* ntlmssp: Refuse to seal if we did not negotiate to signAndrew Bartlett2011-10-181-0/+5
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* gensec: Refuse to seal if we did not negotiate to signAndrew Bartlett2011-10-181-0/+3
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4-auth: match the new s3 gensec client and always negotiate SIGN with SEALAndrew Bartlett2011-10-181-0/+1
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* gensec: Assert that we have not been subject to a downgrade attack in ↵Andrew Bartlett2011-10-183-1/+48
| | | | | | | | | | | | | | DCE/RPC clients Because of the calling convention, this is the best place to assert that we have not been subject to a downgrade attack on the negotiated features. (In DCE/RPC, this isn't a negotiation, the client simply specifies the level of protection that is required). Andrew Bartlett (some formatting fixes) Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-smbd Give the nt error string when failing to set up encrypted transportAndrew Bartlett2011-10-181-3/+5
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-ntlmssp Implement the server-side auth_ntlmssp code as a GENSEC moduleAndrew Bartlett2011-10-184-87/+229
| | | | | | | | | | | This uses the top level gensec_ntlmssp helper functions which are identical to the parts of ntlmssp_wrap.c that are now not called. (Includes formatting and correctness fixes from Metze) Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* gensec: an event context is no longer mandetoryAndrew Bartlett2011-10-181-10/+0
| | | | | | | | | If you do not specify one however, you better know that the modules you are using do not need one! Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* ntlmssp: Put members from auth_ntlmssp_state into gensec_ntlmssp_stateAndrew Bartlett2011-10-181-1/+17
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* ntlmssp: Prepare gensec_ntlmssp_start() for broader useAndrew Bartlett2011-10-183-15/+28
| | | | | | | | This moves the allocation of the ntlmssp pointer back to the callers. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* ntlmssp: Move ntlmssp code to auth/ntlmsspAndrew Bartlett2011-10-1834-193/+220
| | | | | | | | | This brings in the code from both libcli/auth and source4/auth/ntlmssp. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* build: compile gensec_start.c and credentials.c in the autoconf buildAndrew Bartlett2011-10-182-0/+53
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4-s3-upgrade: Give a better clue when we cannot open secrets.tdbAndrew Bartlett2011-10-182-2/+5
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth Add my copyrightAndrew Bartlett2011-10-182-2/+2
| | | | | | I have done plenty of work here, I deserve some of the blame :-) Andrew Bartlett
* credentials: Prioritise command-line specified options above defaults from ↵Andrew Bartlett2011-10-183-3/+37
| | | | | | | | | | | | | | smb.conf If a user specified -W or --realm on the command line, then this is of level SPECIFIED, not UNINITIALISED, despite it going via the loadparm system. This helps us to ensure that -W server -Ulocaluser is parsed the same as -Userver\localuser. This matters as otherwise we might instead attempt to use kerberos to the realm from the smb.conf. Andrew Bartlett
* s4-selftest When testing for a credentials cache, do not specify a domainAndrew Bartlett2011-10-185-5/+5
| | | | | | | If we specify a domain, then we indicate that we must use that domain which overrides the credentials cache we found in the environment. Andrew Bartlett
* Revert "s4: Mark the winsreplication test as knownfail"Andrew Bartlett2011-10-181-1/+1
| | | | | | | | This reverts commit f7f6992a20dd29bd7643291e3b3d05bc8f6c9c76 because 75953f18469fa8746d9d8ad20bbbb3bcbd0df9dd solved the root cause, which was a race in ldb startup. Andrew Bartlett
* Revert "s4:selftest: skip flakey samba4.nbt.winsreplication for now"Andrew Bartlett2011-10-181-1/+0
| | | | | | | | This reverts commit 16fd935fc659555c203354b6c96fc23a55be5a3b because 75953f18469fa8746d9d8ad20bbbb3bcbd0df9dd solved the root cause, which was a race in ldb startup. Andrew Bartlett
* ldb: fixed a race in ldb initialisationAndrew Tridgell2011-10-181-1/+9
| | | | | | | | | | | This fixes a race when two processes initialise the same ldb database at the same time. One of them could fail due to the other creating the @BASEINFO record first. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Oct 18 03:54:42 CEST 2011 on sn-devel-104
* libsmbclient: initial ABI signaturesAndrew Tridgell2011-10-181-0/+170
|
* libsmbclient: add ABI checking and pc fileAndrew Tridgell2011-10-182-2/+15
| | | | | | | | | this gives us ABI checking for libsmbclient so that the waf build will prevent ABI breakage, and a public version number. The addition of the pc file makes this library available via pkgconfig, including querying of the version number Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* Fix uninitialized memory problem in group_sids_to_info3 (fixes bug #8455).Wilco Baan Hofman2011-10-171-2/+2
| | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Oct 17 23:32:58 CEST 2011 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-09-26 03:05:43 +0000