1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

171 Commits

Author SHA1 Message Date
Rusty Russell
2f4b21bb57 ntdb: switch between secrets.tdb and secrets.ntdb depending on 'use ntdb'
Since we open with dbwrap, it auto-converts old tdbs (which it will
rename to secrets.tdb.bak once it's done).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date(master): Wed Feb 20 07:09:19 CET 2013 on sn-devel-104
2013-02-20 07:09:19 +01:00
Andrew Bartlett
f2d9be5af6 s3-secrets: Use talloc_stackframe() in secrets_init_path() 2012-08-28 07:57:29 +10:00
Rusty Russell
fe72740e82 loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.
They use talloc_tos() internally: hoist that up to the callers, some
of whom don't want to us talloc_tos().

A simple patch, but hits a lot of files.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 15:07:23 +09:30
Volker Lendecke
07d6c25525 dbwrap: dbwrap_trans_change_int32_atomic->dbwrap_trans_change_int32_atomic_bystring
Signed-off-by: Michael Adam <obnox@samba.org>
2012-06-15 12:14:28 +02:00
Jelmer Vernooij
c0288e0612 lib/util: Remove obsolete sys_getpid() and sys_fork().
The performance of these is minimal (these days) and they can return
invalid results when used as part of applications that do not use
sys_fork().

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Mar 24 21:55:41 CET 2012 on sn-devel-104
2012-03-24 21:55:40 +01:00
Andrew Bartlett
a431f80457 s3-secrets: Remove unused secrets_delete_generic()
Found by callcatcher.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Sat Feb 18 09:01:15 CET 2012 on sn-devel-104
2012-02-18 09:01:15 +01:00
Volker Lendecke
45e61fcf61 s3: Add a "lock_order" argument to db_open
This will be used to enforce a lock hierarchy between the databases. We have
seen deadlocks between locking.tdb, brlock.tdb, serverid.tdb and notify*.tdb.
These should be fixed by refusing a dbwrap_fetch_locked that does not follow a
defined lock hierarchy.
2012-01-18 14:48:04 +01:00
Günther Deschner
e75c436fe6 s3-passdb: trying to decouple passdb and secrets a little.
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Jan 18 14:46:18 CET 2012 on sn-devel-104
2012-01-18 14:46:18 +01:00
Michael Adam
3f214284c7 s3:secrets: convert to use dbwrap wrapper functions only
Avoid direct use of the db_record and db_context structs.
2011-10-11 14:17:57 +02:00
Amitay Isaacs
08ccc6ed51 passdb: Add a function to read secrets db from a specified path
This allows to load secrets db from a different location. The original
secrets_init() now calls secrets_init_path() with lp_private_dir().
2011-08-13 10:25:06 +10:00
Michael Adam
0b5c4a601a s3:dbwrap: move all .c and .h files of dbwrap to lib/dbwrap/
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Fri Jul 29 13:34:22 CEST 2011 on sn-devel-104
2011-07-29 13:34:22 +02:00
Michael Adam
1abdd9b2bb s3:dbwrap: move db_open() to a file dbwrap_open.c of its own.
Also start new folder lib/dbwrap/ where dbwrap_open.c is stored and
make the fallbacke implementation functoins non-static and create a
dbwrap_private.h header file that contains their prototypes.
2011-07-29 12:23:13 +02:00
Andrew Bartlett
d5e6a47f06 s3-talloc Change TALLOC_P() to talloc()
Using the standard macro makes it easier to move code into common, as
TALLOC_P isn't standard talloc.
2011-06-09 12:40:08 +02:00
Andrew Bartlett
3d15137653 s3-talloc Change TALLOC_ARRAY() to talloc_array()
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
2011-06-09 12:40:08 +02:00
Günther Deschner
d8cfca3a9b s3: only include tdb headers where needed.
Guenther
2011-05-06 10:48:10 +02:00
Günther Deschner
2f36ef7225 s3-passdb: add passdb.h where needed.
Guenther
2011-03-30 01:13:07 +02:00
Günther Deschner
0e771263ee s3-includes: only include system/filesys.h when needed.
Guenther
2011-03-30 01:13:07 +02:00
Volker Lendecke
4668ac8b16 s3: Fix Coverity ID 1034, CHECKED_RETURN
In all other places we check the result of secrets_init.
2011-03-16 21:14:58 +01:00
Volker Lendecke
d515c6cd5c s3: Fix auth_netlogond to cope with netlogon_creds_CredentialState
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Feb  6 17:30:48 CET 2011 on sn-devel-104
2011-02-06 17:30:48 +01:00
Volker Lendecke
47d07df37f s3: Fix a potential memleak in secrets_fetch_trusted_domain_password 2011-02-06 16:44:56 +01:00
Andrew Bartlett
f768b32e37 libcli/security Provide a common, top level libcli/security/security.h
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.

This includes (along with other security headers) dom_sid.h and
security_token.h

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-12 05:54:10 +00:00
Günther Deschner
7a05ca2c9c s3-build: use dbwrap.h only where needed.
Guenther
2010-08-26 00:25:55 +02:00
Günther Deschner
c136b84f0d s3-secrets: only include secrets.h when needed.
Guenther
2010-08-05 10:12:25 +02:00
Andrew Bartlett
cba7f8b827 s3:dom_sid Global replace of DOM_SID with struct dom_sid
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-21 10:39:59 +02:00
Andrew Bartlett
7a8e34fe86 s3:split secrets.c to put machine account secrets in a new file
This helps the s3compat effort by allowing these functions to be
replaced by functions that query the cli_credentials and secrets.ldb
APIs.

Also, this changes a couple of DOM_SID to struct dom_sid along the
way.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-18 21:39:42 +02:00
Jelmer Vernooij
b8268cf7b0 s3: Remove use of iconv_convenience. 2010-05-18 11:45:31 +02:00
Karolin Seeger
7fdbbddf42 s3-passdb: Fix typo in debug message.
Karolin
2010-03-10 12:08:27 +01:00
Günther Deschner
184afaa04c s3-secrets: use autogenerated code for TRUSTED_DOM_PASS struct parsing from a tdb.
Guenther
2009-10-29 10:49:39 +01:00
Günther Deschner
4df8426768 s3-passdb: move open_schannel_session_store() to passdb/secrets_schannel.c.
Guenther
2009-10-28 12:37:39 +01:00
Günther Deschner
bda047afbc s3-passdb: add secrets_delete_generic().
Guenther
2009-10-28 12:37:38 +01:00
Jeremy Allison
5cc895983d Fix valgrind memory leak in bug #6814 - Fixes for problems reported by valgrind
Jeremy.
2009-10-15 16:55:40 -07:00
Günther Deschner
ebe0e64ba9 s3: use enum netr_SchannelType all over the place.
Guenther
2009-10-13 10:21:46 +02:00
Stefan Metzmacher
9801ec5f1a s3:secrets_schannel: revert to using version 1
It doesn't really matter if the entries
have invalid context in it. Older versions of samba
refuse to open the file if the version doesn't match.

If we can't parse individual records, we'll fail schannel binds,
but the clients are supposed to reestablish the netlogon secure channel
by doing ServerReqChallenge/ServerAuthenticate* again. This
will just overwrite the old record.

metze
2009-09-21 06:33:25 +02:00
Günther Deschner
360868b6e8 s3-schannel: remove remaining code that was using "struct dcinfo".
Guenther
2009-08-27 15:55:20 +02:00
Günther Deschner
b089506136 s3-schannel: upgrade old format schannel_store.tdb.
Guenther
2009-08-27 15:55:20 +02:00
Günther Deschner
a09b627ecc s3-schannel: add simple wrappers to fetch and store schannel auth info.
Guenther
2009-08-27 15:55:19 +02:00
Günther Deschner
7c972d83d2 s3-schannel: make open_schannel_session_store() public.
Guenther
2009-08-27 15:55:19 +02:00
Michael Adam
8da2f93716 s3:secrets: use transaction wrapped store in get rand seed.
Now secrets.tdb is only writen with transactions.

Michael
2009-07-29 16:26:29 +02:00
Andrew Bartlett
f28f113d8e Rework Samba3 to use new libcli/auth code (partial)
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).

We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server

Andrew Bartlett
2009-04-14 16:23:35 +10:00
Andrew Bartlett
3b3e21bd9b Convert Samba3 to use the common lib/util/charset API
This removes calls to push_*_allocate() and pull_*_allocate(), as well
as convert_string_allocate, as they are not in the common API

To allow transition to a common charcnv in future, provide Samba4-like
strupper functions in source3/lib/charcnv.c

(the actual implementation remains distinct, but the API is now shared)

Andrew Bartlett
2009-04-14 12:53:56 +10:00
Jelmer Vernooij
81fabeff2d Use libutil genrand. 2008-10-23 18:46:35 +02:00
Jelmer Vernooij
389cfee579 Use GUID_random. 2008-10-14 02:41:20 +02:00
Volker Lendecke
f3ba7fc0b9 Store a local schannel key in secrets.tdb 2008-10-06 09:54:16 +02:00
Andrew Tridgell
0f41961e4f first cut at adding full transactions for ctdb to samba3
(This used to be commit f91a3e0f7b)
2008-08-13 11:54:08 +02:00
Volker Lendecke
0e7d1aae2f Fix a memleak in secrets_fetch_afs_key
Coverity ID 570
(This used to be commit 0f52dc3f7e)
2008-06-07 08:51:35 +02:00
Volker Lendecke
8c98f5af6f Fix a memleak in secrets_fetch_trust_account_password_legacy
Coverity ID 571
(This used to be commit a551773e34)
2008-06-07 08:50:02 +02:00
Volker Lendecke
32452565be Fix a memleak in fetch_ldap_pw
Fix Coverity ID 572, also fix the error check for secrets_fetch failing
(This used to be commit 2663c81a78)
2008-06-07 08:48:13 +02:00
Tim Prouty
fb37f15600 Cleanup size_t return values in callers of convert_string_allocate
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc5)
2008-05-20 22:40:13 +02:00
Volker Lendecke
16198dc51e Convert dbwrap_trans_delete to NTSTATUS
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(This used to be commit dead193f46)
2008-04-01 14:04:22 +02:00
Volker Lendecke
fcdfff1cc8 Convert dbwrap_trans_store to NTSTATUS
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(This used to be commit 5f4de856af)
2008-04-01 14:04:22 +02:00