summaryrefslogtreecommitdiffstats
path: root/source3
Commit message (Collapse)AuthorAgeFilesLines
...
* s3: Add an error msg when a share mode entry is discardedVolker Lendecke2012-02-221-0/+2
|
* s3: Fix smbd -iVolker Lendecke2012-02-211-0/+1
| | | | | | | We end up in a nested event loop without this. Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Tue Feb 21 17:24:28 CET 2012 on sn-devel-104
* s3: Fix typosVolker Lendecke2012-02-211-2/+2
|
* s3: Fix bug 8567 -- segfault in dom_sid_compareVolker Lendecke2012-02-201-0/+1
| | | | | | | | The underlying problem was that with ldapsam:trusted we require the a group mapping for the primary group of every user, including root. Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Mon Feb 20 22:36:23 CET 2012 on sn-devel-104
* s3-vfstest: Remove an unused variableVolker Lendecke2012-02-201-2/+0
| | | | | Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Mon Feb 20 17:01:11 CET 2012 on sn-devel-104
* selftest: test member server tests in security=adsAndrew Bartlett2012-02-201-13/+13
| | | | | | | By testing more things against s3member (which is security=ads against samba4) we can improve our test coverage. Andrew Bartlett
* s3-selftest: Add test for ntlm_auth --diagnosticsAndrew Bartlett2012-02-202-0/+26
|
* s3-ntlm_auth: allow ntlm_auth --diagnostics to pass againAndrew Bartlett2012-02-203-8/+12
| | | | | | | This still requires that the server permit LM passwords, but our s3dc test environment has this enabled. Andrew Bartlett
* s3-winbindd: pass logon parmeters down to check_sam_security()Andrew Bartlett2012-02-201-2/+6
| | | | | | | This allows ntlm_auth --diagnostics to work against the local DC, just as it works against a member server. Andrew Bartlett
* s3: Remove a pointless else branchVolker Lendecke2012-02-191-2/+1
| | | | | Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Sun Feb 19 23:14:15 CET 2012 on sn-devel-104
* s3: Fix some blank line endingsVolker Lendecke2012-02-191-3/+3
|
* s3-vfstest: Initialize some moreVolker Lendecke2012-02-191-0/+12
|
* s3: get_share_mode_lock_fresh->get_share_mode_lockVolker Lendecke2012-02-194-12/+12
| | | | | | | get_share_mode_lock_fresh is just a confusing name Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Sun Feb 19 19:16:41 CET 2012 on sn-devel-104
* s3: get_share_mode_lock->get_existing_share_mode_lockVolker Lendecke2012-02-197-16/+17
|
* s3-secrets: Remove unused secrets_delete_generic()Andrew Bartlett2012-02-182-17/+0
| | | | | | | | | Found by callcatcher. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Sat Feb 18 09:01:15 CET 2012 on sn-devel-104
* s3-secrets: Remove unused secrets_delete_machine_password()Andrew Bartlett2012-02-182-14/+0
| | | | | | Found by callcatcher. Andrew Bartlett
* s3-build: allow gcov testing by linking timelimit with --coverageAndrew Bartlett2012-02-181-1/+1
|
* Fix a bunch of "unused variable" warnings.Jeremy Allison2012-02-1819-133/+11
| | | | | Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Feb 18 06:22:40 CET 2012 on sn-devel-104
* auth: Reorder arguments to generate_session_infoAndrew Bartlett2012-02-182-4/+4
| | | | | | | | | This matches check_ntlm_password() and generate_session_info_pac() Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Sat Feb 18 02:19:35 CET 2012 on sn-devel-104
* lib/util: Remove unused sys_sendto()Andrew Bartlett2012-02-172-19/+0
| | | | | | | | | Found by callcatcher. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Feb 17 13:48:05 CET 2012 on sn-devel-104
* lib/util: Remove unused sys_recv()Andrew Bartlett2012-02-172-19/+0
| | | | | | Found by callcatcher. Andrew Bartlett
* s3-lib: Remove unused standard_sub_conn()Andrew Bartlett2012-02-172-20/+0
|
* s3-lib Remove unused sys_fcntl_long()Andrew Bartlett2012-02-172-15/+0
|
* s3-lib Remove unused sys_fseek()Andrew Bartlett2012-02-172-18/+0
|
* s3-registry Remove unused dup_registry_value() and free_registry_value()Andrew Bartlett2012-02-172-56/+0
|
* auth: Make more of the ntlmssp code private or staticAndrew Bartlett2012-02-171-0/+1
| | | | | | | | | | Now that there is only one gensec_ntlmssp server, some of these functions can be static For the rest, put the implemtnation of the gensec_ntlmssp code into ntlmssp_private.h Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Use common gensec_ntlmsspAndrew Bartlett2012-02-173-40/+5
| | | | | | | | There is no longer any samba3-specific code left here. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Use common gensec_ntlmssp_server_startAndrew Bartlett2012-02-171-127/+1
| | | | | | | | This is now identical code, so there is no need to duplicate it. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Use the gensec-supplied DNS domain name and hostname.Andrew Bartlett2012-02-172-28/+76
| | | | | | | | Also have a reasonable fallback for when it is not set. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Allow NTLMSSP features to be disabled with smb.conf options for testingAndrew Bartlett2012-02-171-9/+23
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Use the lpcfg_ wrapper calls to set some variablesAndrew Bartlett2012-02-171-31/+10
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Remove a layer of indirection and reorder to match ↵Andrew Bartlett2012-02-171-18/+15
| | | | gensec_ntlmssp_server_start()
* s3-auth: Only allow LM_KEY cryptography when extra options are setAndrew Bartlett2012-02-171-1/+6
| | | | | | | | | | This crypto is incredibly poor, and can technically be enabled on an otherwise more secure connection that uses NTLM for the actual authentication leg. Therefore disable it by default. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Inline ntlmssp_server_start() into gensec_ntlmssp3_server_start()Andrew Bartlett2012-02-171-9/+60
| | | | | | | | This will help syncing this rotuine up with gensec_ntlmssp_server_start(). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth Use the common gensec_ntlmssp_update in gensec_ntlmssp3_serverAndrew Bartlett2012-02-172-21/+3
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Use common gensec_ntlmssp server functions for more of ↵Andrew Bartlett2012-02-172-182/+3
| | | | | | | | | | | gensec_ntlmssp3_server This is possible because we now supply the auth4_context abstraction that this code is looking for. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth: Add extra error messages on authentication or authorization failureAndrew Bartlett2012-02-172-0/+19
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* auth: Move the rest of the source4 gensec_ntlmssp code to the top levelAndrew Bartlett2012-02-171-6/+6
| | | | | | | | | | The ntlmssp_server code will be in common shortly, and aside from a symbol name or two, moving the client code causes no harm and makes less mess. We will also get the client code in common very soon. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth Hook checking passwords and generating session_info via the ↵Andrew Bartlett2012-02-173-59/+259
| | | | | | | | | | | | | | auth4_context This avoids creating a second auth_context, as it is a private pointer in the auth4_context that has already been passed in, and makes the gensec_ntlmssp code agnostic to the type of authentication backend behind it. This will in turn allow the ntlmssp server code to be further merged. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-build: Use credentials_ntlm.c in the autoconf build as wellAndrew Bartlett2012-02-171-0/+1
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* auth/kerberos: Move gse_get_session_key() to common code and use in ↵Andrew Bartlett2012-02-172-125/+3
| | | | | | | | | gensec_gssapi Thie ensures that both code bases use the same logic to determine the use of NEW_SPNEGO. Andrew Bartlett
* s3-gse: Allow kerberos key type OID to be optionalAndrew Bartlett2012-02-171-4/+11
|
* s3-gse: Fix OID to read for kerberos key typeAndrew Bartlett2012-02-171-2/+2
|
* s3-librpc: Remove backup declaration of GSS_C_DCE_STYLEAndrew Bartlett2012-02-171-4/+0
| | | | | | All our supported krb5 libs provide this. Andrew Bartlett
* s3-gse: Remove unused OID declarationAndrew Bartlett2012-02-171-9/+0
|
* Replace smbd_server_connection_loop_once() with tevent_loop_once() directly.Jeremy Allison2012-02-171-63/+6
| | | | | | | We no longer need to call poll() directly inside smbd ! Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Feb 17 02:49:13 CET 2012 on sn-devel-104
* lib/util: Remove sys_poll as it is no longer neededAndrew Bartlett2012-02-166-19/+14
| | | | | | | | | | | sys_poll() is only needed if the signal pipe is set up and used, but as no signal handler ever writes to the pipe, this can all be removed. signal based events are now handled via tevent. Andrew Bartlett Signed-off-by: Jeremy Allison <jra@samba.org>
* s3-librpc: Remove gse_verify_server_auth_flagsAndrew Bartlett2012-02-161-50/+0
| | | | | | | | | | | | | | | | gensec_update() ensures that DCE-style and sign/seal are negotiated correctly for DCE/RPC pipes. Also, the smb sealing client/server already check for the gensec_have_feature(). This additional check just keeps causing trouble, and is 'protecting' an already secure negoitated exchange. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Feb 16 21:19:44 CET 2012 on sn-devel-104
* s3-param Remove off-by-default and unused "send spnego principal"Andrew Bartlett2012-02-162-11/+0
| | | | | | | | | | | | This is not honoured by the common SPNEGO code. This matches mondern windows versions which do not send this value, as it would be insecure for a client to rely on it. (See also the depricated client use spnego principal directive). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-smbd Remove unused code now we always have SPNEGO via gensecAndrew Bartlett2012-02-164-49/+7
| | | | | | | | This was previously needed because SPNEGO was only available in the AD DC. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
generated by cgit (git 2.34.1) at 2025-09-26 23:37:17 +0000