IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This makes the authentication consistent between
SMB1 with CAP_EXTENDED_SECURITY (introduced in Windows 2000)
and SNB2.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11841
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
We need NT1 => LATEST in order to work against all servers which support
DCERPC over ncacn_np.
This is a mini step in using SMB2/3 in our client side by default.
This gives us a higher chance that SMB signing is supported by the
server (as it can't be turned off for SMB2 and higher).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This pares a fix for https://bugzilla.samba.org/show_bug.cgi?id=10288
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
It will be possible to use this for more than just NTLMSSP in future.
This prepares a fix for https://bugzilla.samba.org/show_bug.cgi?id=10288
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This pares a fix for https://bugzilla.samba.org/show_bug.cgi?id=10288
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This pares a fix for https://bugzilla.samba.org/show_bug.cgi?id=10288
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bug 10888 - smbclient doesn't ignore "not_defined_in_RFC4178@please_ignore"
https://bugzilla.samba.org/show_bug.cgi?id=10888
Code patch from <martin.wilck@ts.fujitsu.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan (metze) Metzmacher <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 26 00:56:25 CET 2015 on sn-devel-104
The functions called futher down can cope with host == NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058
This is part one of the bugfix:
This ensures that it is enough to pass one of host or address to the function.
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Forcing NT_STATUS_UNSUCCESSFUL is not a good idea, we should return
NT_STATUS_LOGON_FAILURE instead.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11010
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: I45e44405ea51ecb1aa38c72f4fc6243a1d3d531a
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Change-Id: I7333140906bb3a487205b5760396dcc00a9f49b0
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Change-Id: Ia6b33a25628ae08be8a8c6baeb71ce390315cb45
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This should aid debugging when this is called from an automated process.
Andrew Bartlett
Change-Id: I2c7291ab3f67f9f7462d7c52c8c9a4b042f7ec5a
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Coverity is confused by the dual-use of "pss" as an array of size 1. This
is not strictly a bug here, but it is admittedly a small subtlety. It
should fix a whole bunch of Coverity issues. Normally I would resist to
change our code in response to a deficient static checker, but here I
would vote for this compromise.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Aug 15 10:53:21 CEST 2013 on sn-devel-104
The CC compiler on openindiana is not pleased with a void function doing
a return of another void function.
It should help the build of openindiana on the buildfarm
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon May 6 08:35:10 CEST 2013 on sn-devel-104
spnego_parse_negTokenInit does a asn_load of that blob, which does a data copy
itself. So we don't have to had it a copy as well.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This worked fine so far, but for the wrong reason: We only ever called
this through the sync wrapper. The tevent_req_nterror in the NT_STATUS_OK
case does not call tevent_req_finish. So the tevent_loop_poll did call
into the core send/receive smb code. This is a fix for the case when
smb1cli_req_chain_submit fails for some reason.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Apr 3 18:39:30 CEST 2013 on sn-devel-104
This should allow smbclient to keep using large reads against older Samba versions
(<= 3.6.x) and other servers that may also require this.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Avoid overriding default ccache for ads operations.
Nowadays various samba components may need to use GSSAPI and a default cred
cache to perform their tasks.
This code was completely overriding the whole process default ccache name, thus
altering the current credentials and sometimes hijacking them (or getting
preemptively hijaked).
By using gss_krb5_import_cred we can instead use a private ccache (necessary
sometimes to use a different set of credentials fromt he default
cifs/fqdn@realm one, for example when contacting foreign DCs using trust
credentials) that does not affect the rest of the process.
For the kerberos versions which don't have gss_krb5_import_cred
we fallback to temp override of KRB5CCNAME and gss_acquire_cred.
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed Sep 12 21:18:09 CEST 2012 on sn-devel-104
Also make all the message say the same thing.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Jun 6 10:17:55 CEST 2012 on sn-devel-104
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Jun 3 23:37:02 CEST 2012 on sn-devel-104
Signed-off-by: Luk Claes <luk@debian.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon May 28 16:58:03 CEST 2012 on sn-devel-104
Windows server doesn't set the SMB2_SESSION_FLAG_IS_GUEST nor
SMB2_SESSION_FLAG_IS_NULL flag.
This fix makes sure we don't try to verify a signature on the
final session setup response.
metze
We only need the session, and under some circumstances, it might complicate
things for the caller to have to cope with the whole structure (talloc...).
The signing_key is fix across all channels and is used for session setups
on a channel binding.
Note:
- the last session setup response is signed with the new channel signing key.
- the reauth session setups are signed with the channel signing key.
It's also not needed to remember the main session key.
metze
This is now used in the GSE GSSAPI client, so that when we connect to
a target server at the CIFS level, we use the same name to connect
at the DCE/RPC level.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
