sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-15 23:24:37 +03:00
Code
4,971 Commits 60 Branches 1,145 Tags
Commit Graph

4971 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Tridgell
6277c3923e r7714: enable samba credentials handling in ldb tools. So you can now do a 
encrypted ldbedit against w2k3
 2007-10-10 13:18:25 -05:00
Andrew Tridgell
abc9f4bd89 r7713: fixed error display in ildap_search() 2007-10-10 13:18:25 -05:00
Andrew Tridgell
aec0544962 r7712: ldb/common/util.c is gone 2007-10-10 13:18:25 -05:00
Andrew Tridgell
f852661463 r7711: update callers of ldb_connect() for new syntax 2007-10-10 13:18:24 -05:00
Andrew Tridgell
5e8db1c9b3 r7710: new command line handling code for ldb 2007-10-10 13:18:24 -05:00
Andrew Tridgell
f648fdf187 r7709: - convert ldb to use popt, so that it can interact with the samba 
cmdline credentials code (which will be done soon)

- added a ldb_init() call, and changed ldb_connect() to take a ldb
  context. This allows for much better error handling in
  ldb_connect(), and also made the popt conversion easier

- fixed up all the existing backends with the new syntax

- improved error handling in *_connect()

- fixed a crash bug in the new case_fold_required() code

- ensured that ltdb_rename() and all ltdb_search() paths get the read lock

- added a ldb_oom() macro to make it easier to report out of memory
  situations in ldb code
 2007-10-10 13:18:24 -05:00
Jelmer Vernooij
72efb69529 r7706: Move ParseExpr() to util. 2007-10-10 13:18:24 -05:00
Andrew Tridgell
0163d7fe99 r7705: prevent SIGPIPE. this is what causes BASE-NEGNOWAIT to sometimes fail 2007-10-10 13:18:24 -05:00
Andrew Tridgell
1011b1bf51 r7704: - fixed open_nbt_connection() to return NULL when the connection failed 
- got rid of smbcli_shutdown() and use talloc_free() instead.
 2007-10-10 13:18:23 -05:00
Jelmer Vernooij
7012e10bb6 r7702: Implement [charset()] attribute. 2007-10-10 13:18:23 -05:00
Jelmer Vernooij
a73a35cfc7 r7695: Add support for the [string] attribute that works in the traditional sense. Not 
used anywhere yet.
 2007-10-10 13:18:23 -05:00
Andrew Bartlett
00b8588c68 r7690: Move the NT hash generation into the credentials system, rather than 
in all the callers.  This also allows us to be more flexible in the
type of password we store.

Andrew Bartlett
 2007-10-10 13:18:23 -05:00
Andrew Bartlett
fbec0ed13b r7689: Add new file from previous commit (seperate file for session key test). 2007-10-10 13:18:23 -05:00
Andrew Bartlett
337cb20ac4 r7688: Fix the internal heimdal build - push one #define back to 
heimdal_build/config.h

Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
898f72d196 r7687: Some more tests that must be done only when krb5_config is absent. 
Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
7520879bb0 r7686: Check for a type of invalid account name. 
Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
a32066a9ec r7685: Simply the test for session key logic, so we pass against NT4. 
Now, to try and figure out why this logic failed for jra...

Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
47f433708b r7684: Add a test aimed at checking we have agreement between client and 
server as to the CIFS session key.

JRA had pain with this being wrong against NT4 (without spnego), hence
this specific test.

Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
31f7ec38e6 r7683: The other file from the last commit. And it's include/system/kerberos.h that I'm putting the #defines in... 
Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
3f473a9377 r7682: Move the properties of our heimdal build from heimdal_build/config.h 
(which gets included by heimdal, or shoudl be) into
auth/kerberos/kerberos.h (which is used by Samba, but not by the
Heimdal code).

Andrew Barteltt
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
2a22f413c9 r7681: This #define is unused. 
Andrew Bartlett
 2007-10-10 13:18:21 -05:00
Andrew Bartlett
fb83465dbc r7680: Move to using our own private enum for the principal type inside the 
hdb-ldb module.  This removes the need for the KRBTGT case to exist in
the broader heimdal code.

Andrew Bartlett
 2007-10-10 13:18:21 -05:00
Stefan Metzmacher
6ad7ffab04 r7679: update the documentation of security_description_create() 
metze
 2007-10-10 13:18:21 -05:00
Andrew Tridgell
df29f25140 r7678: fixed typo 2007-10-10 13:18:21 -05:00
Andrew Tridgell
f6abed5660 r7677: fixed ldap server to honor 'private path' 2007-10-10 13:18:21 -05:00
Andrew Bartlett
eb1d37c5a9 r7676: Make VUID and TID choice random, as this gives us protection against 
replay attacks under SMB signing, where the session key is a fixed
derivitive of the user's password.

This removes the VID offset, but I'm not worried about random client
bytes mattering here, given the space (and the fact that it applies to
very, very old clients).

Andrew Bartlett
 2007-10-10 13:18:21 -05:00
Andrew Bartlett
36dc2491d7 r7675: Use correct memory context for anonymous session setup auth context 
(no need for it to hang around forever).

Add test for this behaviour.

Andrew Bartlett
 2007-10-10 13:18:21 -05:00
Andrew Bartlett
4c254754d2 r7674: Fix the printf() attribute suggestion by correctly prototyping, then 
declaring the static function.  The attribute only works on the
prototype, not the function.

Andrew Bartlett
 2007-10-10 13:18:20 -05:00
Andrew Bartlett
005e2c0cfe r7673: With current Heimdal we don't need this (correct) fix. 
This will however still be useful when we have crypt() based
authentication.

Andrew Bartlett
 2007-10-10 13:18:20 -05:00
Andrew Tridgell
3fe00b6114 r7672: this should fix the crypt dependency problem (I hope!) 2007-10-10 13:18:20 -05:00
Andrew Tridgell
dcdf44024a r7671: added ldap testing to the set of standard tests 2007-10-10 13:18:20 -05:00
Andrew Tridgell
0981a375cf r7670: fixed rootDSE search in ldap server 2007-10-10 13:18:20 -05:00
Andrew Tridgell
844d2a2083 r7669: removed ldap from our configure tests 
This takes our link dependencies from this:

tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch
        libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000)
        libldap_r.so.2 => /usr/lib/libldap_r.so.2 (0xb7f92000)
        liblber.so.2 => /usr/local/lib/liblber.so.2 (0xb7f85000)
        libpam.so.0 => /lib/libpam.so.0 (0xb7f7d000)
        libc.so.6 => /lib/tls/libc.so.6 (0xb7e48000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000)
        libresolv.so.2 => /lib/tls/libresolv.so.2 (0xb7e36000)
        libcrypt.so.1 => /lib/tls/libcrypt.so.1 (0xb7e09000)
        libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7df3000)
        libgnutls.so.11 => /usr/lib/libgnutls.so.11 (0xb7d8c000)
        libpthread.so.0 => /lib/tls/libpthread.so.0 (0xb7d7d000)
        libtasn1.so.2 => /usr/lib/libtasn1.so.2 (0xb7d6d000)
        libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb7d20000)
        libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7d1c000)
        libz.so.1 => /usr/lib/libz.so.1 (0xb7d09000)
        libnsl.so.1 => /lib/tls/libnsl.so.1 (0xb7cf5000)

to this:

tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch
        libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000)
        libpam.so.0 => /lib/libpam.so.0 (0xb7fc0000)
        libc.so.6 => /lib/tls/libc.so.6 (0xb7e8b000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000)

this finally gets rid of the implicit dependency on pthreads! Yay!
 2007-10-10 13:18:20 -05:00
Andrew Tridgell
3f77b879a0 r7668: - setup HAVE_ILDAP to enable the ildap backend in ldb 
- fixed a bug in socket_connect_ev()
 2007-10-10 13:18:20 -05:00
Andrew Tridgell
74841dbb2a r7667: added a ldb ildap backend, using our internal ldap client library. Next step is to 
remove the check for the ldap libraries in configure
 2007-10-10 13:18:19 -05:00
Andrew Tridgell
ac3f33c615 r7666: fixed a memory leak in the ldap ldb backend 2007-10-10 13:18:19 -05:00
Andrew Tridgell
b34a29dcf2 r7665: - added a ildap_*() interface to our internal ldap library. This 
interface is very similar to the traditional ldap interface, and will
  be used as part of a ldb backend based on the current ldb_ldap backend

- fixed some allocation issues in ldb_msg.c
 2007-10-10 13:18:19 -05:00
Andrew Tridgell
ffe1b5e6f4 r7661: patch from tburdi1@uic.edu to fix autogen.sh on freebsd 2007-10-10 13:18:18 -05:00
Andrew Tridgell
4013c2ddea r7660: improved error handling in socket_connect_ev() (it matters when name 
resolution fails)
 2007-10-10 13:18:18 -05:00
Andrew Tridgell
bec5e9f80a r7659: fixup the ordering of socket destruction for ncacn_ip_tcp so we don't try and 
remove an epoll descriptor for a closed fd
 2007-10-10 13:18:18 -05:00
Andrew Tridgell
9df569f023 r7658: don't timeout at the smb level for rpc requests as otherwise some rpc 
level sign/seal mechanisms can break
 2007-10-10 13:18:18 -05:00
Andrew Tridgell
9f7f70124f r7657: test addone again after request timeout and destruction to ensure the pipe is still OK 2007-10-10 13:18:18 -05:00
Andrew Tridgell
eddf41d5e4 r7656: added testing of rpc request timeouts and destruction 2007-10-10 13:18:18 -05:00
Andrew Tridgell
b9ed92d550 r7655: test the evnt friendly socket_connect() in the LOCAL-SOCKET test 2007-10-10 13:18:18 -05:00
Andrew Tridgell
72c6988767 r7654: - add a timeout to all smb requests (default 60 seconds) 
- add a request destructor, to make it safe to destroy a pending
   request with talloc_free()
 2007-10-10 13:18:17 -05:00
Andrew Tridgell
d47477c5c3 r7653: when a dcerpc request times out, we need to ensure that if the server 
does finally answer the request and it is on the smb transport that we
don't die in the callback code as the rpc request state is gone.
 2007-10-10 13:18:17 -05:00
Andrew Tridgell
154effd781 r7652: use event friendly connect in dcerpc socket code 2007-10-10 13:18:17 -05:00
Andrew Bartlett
a948e743bb r7651: Only convert SERVER requests to KRBTGT requests. 
Andrew Bartlett
 2007-10-10 13:18:17 -05:00
Andrew Tridgell
331afee4ca r7650: fixed a typo 2007-10-10 13:18:17 -05:00
Stefan Metzmacher
87b1f9a2e0 r7646: - only allow modification of SPOOLSS_FORM_USER Froms 
- some minor fixes and comments

metze
 2007-10-10 13:18:17 -05:00