summaryrefslogtreecommitdiffstats
path: root/source/smbd/sesssetup.c
Commit message (Collapse)AuthorAgeFilesLines
* r25387: Sync with 3.2.0 svn treeGerald Carter2007-09-271-1/+1
|
* r24720: Resolve differences in 3.2 and 3.2.0. 3.2 versionJeremy Allison2007-08-271-1/+2
| | | | | was correct. Jeremy.
* r24702: Remove the old API pointersVolker Lendecke2007-08-271-1/+1
|
* r24660: Merge the inbuf/outbuf changesVolker Lendecke2007-08-251-192/+209
|
* r24608: Minimize differences between 3.2 and 3.2.0. This is essentially a ↵Jeremy Allison2007-08-211-262/+374
| | | | | | | back-port of the 3.2 sessionsetup code to enable vl's merge to go easier. Jeremy.
* r24607: Merge the sessionsetup fix from 3.2Jeremy Allison2007-08-211-40/+89
| | | | Jeremy.
* r24546: Fix some C++ and type-punned warningsVolker Lendecke2007-08-191-1/+1
|
* r24471: Revert inadvertant commit.Jeremy Allison2007-08-151-62/+41
| | | | Jeremy.
* r24470: Start fixing up the mapping of OBJECT_NAME_COLLISIONJeremy Allison2007-08-151-41/+62
| | | | | to DOS error ERRDOS, ERRfilexists on open calls. Jeremy.
* r24050: Fix a typoVolker Lendecke2007-07-251-1/+3
|
* r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell2007-07-101-2/+1
|
* r23780: Find and fix more GPL2 -> GPL3.Jeremy Allison2007-07-091-1/+1
| | | | Jeremy.
* r23742: Merge Jeremy's r23736:Volker Lendecke2007-07-071-14/+16
| | | | Use local variable of smb_flag2 instead of using the macro every time.
* r23741: Combined merge of 23726, 23727 and 23731 from 3_0:Volker Lendecke2007-07-071-14/+29
| | | | | | | | | | | | | | | | | | | | | 23726: Explicitly pass down the FLAGS2 field to srvstr_pull_buf. The next checkin will pull this up to srvstr_get_path. At that point we can get more independent of the inbuf, the base_ptr in pull_string will only be used to satisfy UCS2 alignment constraints. 23731: Explicitly pass down FLAGS2 to srvstr_get_path. Next step is to remove the bug that in the trans2 code we use the inbuf as the base pointer to decide whether we need ucs2 alignment where we need to use the beginning of the params buffer 23731: Forgot one reference to inbuf
* r23474: Here's a small patch that disables the libkrb5.so replay cache Gerald Carter2007-06-131-1/+3
| | | | | | | | | | | | | | | | | | when verifying a ticket from winbindd_pam.c. I've found during multiple, fast, automated SSH logins (such as from a cron script) that the replay cache in MIT's krb5 lib will occasionally fail the krb5_rd_req() as a replay attack. There seems to be a small window during which the MIT krb5 libs could reproduce identical time stamps for ctime and cusec in the authenticator since Unix systems only give back milli-seconds rather than the micro-seconds needed by the authenticator. Checked against MIT 1.5.1. Have not researched how Heimdal does it. My thinking is that if someone can spoof the KDC and TDS services we are pretty hopeless anyways.
* r23172: Change shutdown_other_smbds to use connections_traverse instead ofVolker Lendecke2007-05-281-9/+10
| | | | session_traverse.
* r22868: Replace some message_send_pid calls with messaging_send_pid calls. MoreVolker Lendecke2007-05-141-2/+2
| | | | tomorrow.
* r22844: Introduce const DATA_BLOB data_blob_null = { NULL, 0, NULL }; andVolker Lendecke2007-05-141-10/+10
| | | | replace all data_blob(NULL, 0) calls.
* r22751: Next step for the cluster merge: sessionid.tdb should contain a 'structVolker Lendecke2007-05-071-3/+3
| | | | server_id' instead of a 'uint32 pid'
* r22095: BUG 4484: Add more checks to set %a for Vista clients (based on ↵Gerald Carter2007-04-051-0/+5
| | | | absence of native OS and Lanman strings in the session setup request)
* r21847: Fix memory leaks in error paths (and in main code path in one case...)Jeremy Allison2007-03-151-0/+1
| | | | | in sasl bind. Wonder why coverity didn't find these ? Jeremy.
* r21845: Refactor the sessionsetupX code a little to allow usJeremy Allison2007-03-151-42/+193
| | | | | | | | | | | to return a NT_STATUS_TIME_DIFFERENCE_AT_DC error to a client when there's clock skew. Will help people debug this. Prepare us for being able to return the correct sessionsetupX "NT_STATUS_MORE_PROCESSING_REQUIRED" error with associated krb5 clock skew error to allow clients to re-sync time with us when we're eventually able to be a KDC. Jeremy.
* r21483: Fix use of uninitialized variable.Jeremy Allison2007-02-211-3/+6
| | | | Jeremy.
* r21478: Add 65k length limit for split SPNEGO blobs.Jeremy Allison2007-02-201-9/+19
| | | | Jeremy
* r21471: Merge from Volker. Jeremy Allison2007-02-201-0/+4
| | | | | | Not strictly necessary, as data_blob() panics if it can't allocate. But I'd see this as a design flaw in data_blob() and it made me look in that routine. Jeremy.
* r21460: Fix for server-side processing of SPNEGO authJeremy Allison2007-02-201-10/+216
| | | | | | | fragmented into "max xmit" size security blob chunks. Bug #4400. Needs limits adding, and also a client-side version. Jeremy.
* r21128: Fix Vista connecting to Samba in share level security.Jeremy Allison2007-02-021-0/+1
| | | | | | | | Vista sends the NTLMv2 blob by default in the tconX packet. Make sure we save off the workgroup the user was logged into on the client in the sessionsetupX and re-use it for the NTLMv2 calc. Jeremy.
* r20156: clean up nested extern declaration warningsHerb Lewis2006-12-131-6/+6
|
* r19985: sync up woith 3_0Simo Sorce2006-12-011-7/+2
|
* r19983: sync up pam and memleak patches from SAMBA_3_0Simo Sorce2006-12-011-3/+23
|
* r18907: W00t. My original fix was correct after all :-).Jeremy Allison2006-09-251-1/+1
| | | | | | | Re-checking it in. Fix bug #4095 - username composed into domain\user twice in spnego path. Jeremy.
* r18403: Revert until we get this sorted out correctly.Jeremy Allison2006-09-111-1/+1
| | | | Jeremy.
* r18399: Fix bug #4095 - username composed into domain\userJeremy Allison2006-09-111-1/+1
| | | | | | | | twice in spnego path. Jerry please check. Jeremy. line, and those below, will be ignored-- M source/smbd/sesssetup.c
* r17909: ensure we do not call map_username() twice on Krb5 session setupsGerald Carter2006-08-291-1/+5
|
* r16418: Pull in more Klocwork fixes (up to r16415)Gerald Carter2006-06-201-0/+1
|
* r15837: starting sync up for 3.0.23rc1 (in sync with SAMBA_3_0 r15822)Gerald Carter2006-05-231-40/+53
|
* r15115: Fix error return on sessionsetup. Ensure noJeremy Allison2006-04-181-11/+15
| | | | | data blob is added if the logon call failed. Jeremy.
* r14790: Fix possible null deref. Coverity #277.Jeremy Allison2006-03-291-1/+3
| | | | Jeremy.
* r14170: Paranioa fix for sesssetup.Jeremy Allison2006-03-101-0/+5
| | | | | Fix Coverity bug #26. Guard against NULL ref. Jeremy.
* r14168: Fix Coverity #219. I think this is a false coverityJeremy Allison2006-03-101-1/+4
| | | | | | warning as it seems to get confused with assignment and comparison. Clarify the code anyway. Jeremy.
* r14130: Remove make_server_info_pac alltogether, make_server_info_info3 doesGünther Deschner2006-03-101-3/+3
| | | | | | already do what we need. Guenther
* r14112: * fix checks on return code from register_vuid() which could actuallyGerald Carter2006-03-091-4/+19
| | | | | | | fail and we would still return success in the SMBsesssetup reply :-( * Make sure to create the local token for the server_fino struct in reply_spnego_kerberos() so that register_vuid() does not fail. (how did this ever work?)
* r13604: Fix for bug #3512 "use spnego=no" and "server signing=auto" cause ↵Jeremy Allison2006-02-211-22/+20
| | | | | | | | client to disconnect after negprot" We missed one case of ignoring "BSRSPYL ". Merge for 3.0.21c. Jeremy.
* r13316: Let the carnage begin....Gerald Carter2006-02-031-11/+19
| | | | Sync with trunk as off r13315
* r11909: Implement 'reset on zero vc'. This kills other connections when a ↵Volker Lendecke2005-11-251-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | session setup comes in with the vc (virtual connection) field set to zero. This is done by Windows, probably you can tweak that by some registry key. This boolean option controls whether an incoming session setup should kill other connections coming from the same IP. This matches the default Windows 2003 behaviour. Setting this parameter to yes becomes necessary when you have a flaky network and windows decides to reconnect while the old connection still has files with share modes open. These files become inaccessible over the new connection. The client sends a zero VC on the new connection, and Windows 2003 kills all other connections coming from the same IP. This way the locked files are accessible again. Please be aware that enabling this option will kill connections behind a masquerading router. Volker
* r11846: Destroy the TALLOC_CTX on error in the Kerberos session setup and give aGünther Deschner2005-11-221-0/+7
| | | | | | more precise inline comment why PAC verification may fail. Guenther
* r11661: Store the INFO3 in the PAC data into the netsamlogon_cache.Gerald Carter2005-11-111-4/+8
| | | | | | | Also remove the mem_ctx from the netsamlogon_cache_store() API. Guenther, what should we be doing with the other fields in the PAC_LOGON_INFO?
* r11655: Two small fixesGerald Carter2005-11-101-3/+0
| | | | | | | | | | | * remove redundant call to sub_set_smb_name() in session setup code. * Fix lockup when running 'wbinfo -t' on a Samba PDC. Cause was new authenticated session setup from winbindd which resulted in a mangled username (machine_) that was not found in the local files and so was queiued up to nss_winbindd. Deadlock.... So now make sure to keep the trailing '$' for machine account names when calling sub_set_smb_name().
* r11213: Fix the buildGünther Deschner2005-10-201-1/+0
| | | | Guenther
* r11183: add small helper function to return a PAC_LOGON_INFO.Günther Deschner2005-10-191-10/+1
| | | | Guenther
generated by cgit (git 2.34.1) at 2025-09-27 04:55:10 +0000