| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes (again...) our system md5 detection to cope with how
OpenIndiana does md5. I'm becoming increasingly convinced this isn't
worth our while (we should have just done samba_md5...), but for now
this change seems to work on FreeBSD, OpenIndiana and Linux with
libbsd.
This needs us to rename struct MD5Context -> MD5_CTX, but we provide a
config.h define to rename the type bad if MD5_CTX does not exist (it does
however exist in the md5.h from libbsd).
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 19 21:32:36 CEST 2013 on sn-devel-104
|
|
|
|
| |
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Existing installations running ntp as group 'ntp' will need to change
the permissions on the ntp_signd socket directory (eg
PREFIX/lib/ntp_signd or /var/lib/samba/ntp_signd)
The reason is that allowing other users on the host access to this
directory would allow them to potentially spoof time on the network,
or attack the password database with a chosen plaintext attack.
Permissions should be changed to:
ownership root:ntp (if ntp runs as gid ntp)
mode 0750 (this is what it will be created as)
If the permissions are not changed, Samba will refuse to start the
ntp_signd server, and NTP operations will not be signed. As the error
is declared fatal, in the future, Samba may totally refused to start.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Nov 12 12:36:30 CET 2012 on sn-devel-104
|
|
|
|
|
|
|
| |
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Aug 14 17:16:54 CEST 2012 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
System MIT krb5 build also enabled by specifying --without-ad-dc
When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level
configure in WAF build we are trying to detect and use system-wide MIT krb5
libraries. As result, Samba 4 DC functionality will be disabled due to the fact
that it is currently impossible to implement embedded KDC server with MIT krb5.
Thus, --with-system-mitkrb5/--without-ad-dc build will only produce
* Samba 4 client libraries and their Python bindings
* Samba 3 server (smbd, nmbd, winbindd from source3/)
* Samba 3 client libraries
In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture.
This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
|
| |
|
|
|
|
|
|
|
|
| |
thi ensures we are using the header corresponding to the version of
ldb we're linking against. Otherwise we could use the system ldb for
link and the in-tree one for include
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
| |
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Mon Nov 15 03:04:41 UTC 2010 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
|
|
| |
We previously allocated sockets as direct children of the event
context. That led to crashes if a service called
task_server_terminate(), as it left the socket open and handling
events for a dead protocol.
Making them a child of the task allows the task to terminate and take
all its sockets with it.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
| |
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Nov 14 17:58:05 UTC 2010 on sn-devel-104
|
| |
|
|
|
|
|
|
|
|
| |
The new waf-based build system now has all the same functionality, and
the old build system has been broken for quite some time.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
|
|
|
|
|
|
|
|
|
| |
this also removes the event_context parameter from process model
initialisation. It isn't needed, and is confusing when a process model
init can be called from more than one place, possibly with different
event contexts.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
|
|
|
|
| |
LDAP filters
This makes also lookups through special backends as "samba3sam" work.
|
|
|
|
|
|
|
| |
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
| |
|
| |
|
|
|
|
|
| |
We should use the "ldb_get_*_basedn" calls since they are available in the LDB
library.
|
|
|
|
| |
we won't be using the mk -> wscript generator again
|
|
|
|
| |
them
|
| |
|
|
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
|
|
| |
This patch adds a system_session cache, preventing us from having to
recreate it on every ldb open, and allowing us to detect when the same
session is being used in ldb_wrap
|
|
|
|
|
|
| |
When one of our core tasks fails to initialise it can now ask for the
server as a whole to die, rather than limping along in a degraded
state.
|
|
|
|
|
|
|
| |
The change to protocol version 1 was not intentional, and broke the
protocol established with the ntp.org project.
Andrew Bartlett
|
|
|
|
|
|
|
|
| |
This is used by at patch to the NTP project to supply authenticated
time as required by MS-SNTP. (ie, to keep windows clients in time sync
in the domain)
Andrew Bartlett
|
|
|
|
| |
metze
|
|
|
|
| |
metze
|
| |
|
|
|
|
| |
metze
|
| |
|
|
|
|
|
|
|
|
| |
This reverts commit 05ea5e23cf4e70de0bd658b1c5c0ead133967091.
Conflicts:
source4/smbd/server.c
|
|
|
|
|
| |
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
|
|
|
|
| |
metze
|
|
|
|
| |
This reverts commit 0e9008be35a5b334bd65e6417193d4b8f27bdc36.
|
| |
|
|
|
|
| |
(This used to be commit 30da1b534f00ba6ef6cf86cba603732bc6e1ad43)
|
|
|
|
|
|
|
| |
(As this would allow an offline attack on their password)
Andrew Bartlett
(This used to be commit e28481fc0976231c6f4cb7a5f7c7708f4becdb18)
|
|
|
|
|
|
|
|
| |
This will allow distributions to hard-code this path, particularly for
selinux, and matches how we handle the winbind socket dir.
Andrew Bartlett
(This used to be commit c8b441650400ed1b24c89991f5752dad3c87795f)
|
|
|
|
|
| |
Andrew Bartlett
(This used to be commit 4dcc0cd06ef2f6c496e2112f6378088a1c27d2f2)
|
|
|
|
|
|
|
| |
This starts ntp_signd at startup, and fixes some build issues.
Andrew Bartlett
(This used to be commit cb0dcd5c3dfe2a46755270a4594b7289f555d814)
|
|
I am modifying the ntp.org server to talk to this service, to sign
packets per MS-SNTP.
Andrew Bartlett
(This used to be commit 0c15385e6068d2f70ff11aa5837adbd6d78410ae)
|