sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Code
67,156 Commits 60 Branches 1,144 Tags 452 MiB
6676142347
Commit Graph

3112 Commits

Author SHA1 Message Date
Jeremy Allison
03841f9e44 Fix bug #7698 - Assert causes smbd to panic on invalid NetBIOS session request. 
Found by the CodeNomicon test suites at the SNIA plugfest.

http://www.codenomicon.com/

If an invalid NetBIOS session request is received the code in name_len() in
libsmb/nmblib.c can hit an assert.

Re-write name_len() and name_extract() to use "buf/len" pairs and
always limit reads.

Jeremy.
 2010-09-26 03:01:03 -07:00
Volker Lendecke
bf6ca13346 s3: Remove talloc_autofree_context() from smbpasswd 
In both cases, pwd is freed immediately
 2010-09-26 03:29:29 +02:00
Volker Lendecke
77e96d3229 s3: Remove talloc_autofree_context() from net_sam_provision() 2010-09-26 03:29:29 +02:00
Volker Lendecke
e81db37a87 s3: Fix bug 7470 
S_IREAD and S_IWRITE are not standard.

Thanks to Joachim Schmitz <schmitz@hp.com> for reporting!
 2010-09-25 10:59:15 -07:00
Günther Deschner
ffdfcfb514 s3-dsgetdcname: always pass in messaging context. 
Volker, please check.

Guenther
 2010-09-23 10:26:25 -07:00
Günther Deschner
a11d6c77e4 s3-build: fix the build of split_tokens. 
Guenther
 2010-09-23 00:15:22 -07:00
Günther Deschner
fe4576dff0 s3-registry: fix some c++ build warnings. 
Guenther
 2010-09-22 12:57:34 -07:00
Michael Adam
cb5c86e502 s3:net: add subcommand net registry deletekey_recursive 
to delete a key including subkeys
 2010-09-22 06:30:01 +02:00
Michael Adam
7a25d13742 s3:registry: remove unneeded TALLOC_CTX argument from reg_deletekey_recursive 2010-09-22 06:30:01 +02:00
Gregor Beck
a52b7e7229 s3-net: add command rpc registry import 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Gregor Beck
96ba0cb8f2 s3-net: add command rpc registry export 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Gregor Beck
0afc83c255 s3-net: add command registry convert 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Gregor Beck
e7c2724c81 s3-net: add command registry export 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Gregor Beck
2a10fd769b s3-net: add command registry import 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Gregor Beck
44d10d0546 s3-net: let rpccli_winreg_Connect optionally return WERROR 
Signed-off-by: Michael Adam <obnox@samba.org>
 2010-09-22 06:30:00 +02:00
Michael Adam
2d67730daf s3:registry: move regio.h from include/ to registry/ 2010-09-21 09:08:33 +02:00
Michael Adam
0bd2756b97 s3:registry: move prototypes from reg_init_basic.c to their own header. 2010-09-21 08:52:06 +02:00
Michael Adam
b11cc30508 s3:registry: move the reg_api prototypes to their own header. 2010-09-21 08:52:06 +02:00
Günther Deschner
102a70e809 s3-util: use shared dom_sid_dup. 
Guenther
 2010-09-20 14:05:07 -07:00
Günther Deschner
4dbd743e46 s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions. 
Guenther
 2010-09-20 14:04:37 -07:00
Günther Deschner
62544c5d2b s3-build: only include smbldap.h where needed. 
Guenther
 2010-09-20 13:54:56 -07:00
Volker Lendecke
0858b7546e s3: Add the PAC info3 struct to the netsamlogon_cache in ntlm_auth 2010-09-16 12:02:57 -07:00
Volker Lendecke
547b268cfa s3: Correctly unwrap the krb ticket in gss-spnego 2010-09-16 12:02:56 -07:00
Volker Lendecke
70ab7eb530 s3: Fall back to raw NTLMSSP for the gss-spnego protocol 
This is to handle the mod_auth_ntlm_winbind protocol
sending "Negotiate" to IE, which sends raw NTLMSSP
instead of a SPNEGO wrapped NTLMSSP blob.
 2010-09-16 12:02:56 -07:00
Volker Lendecke
de2c143f4d s3: Split off output generation from manage_squid_ntlmssp_request 2010-09-16 12:02:56 -07:00
Volker Lendecke
ae483bbe9a s3: Wrap the ntlm_auth loop with a talloc_stackframe 2010-09-16 12:02:56 -07:00
Andrew Bartlett
6832d5e933 libcli/auth/ntlmssp Be clear about talloc parents for session keys 
The previous API was not clear as to who owned the returned session key.
This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code,
and avoids making allocations - we steal and zero instead.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-16 21:09:17 +10:00
Volker Lendecke
6400f3ee62 s3: Fix some debug msgs in ntlm_auth 2010-09-15 10:31:00 -07:00
Volker Lendecke
9271570516 s3: Remove some unnecessary if-statements 2010-09-13 22:02:44 -07:00
Volker Lendecke
69db4b4ccf ntlm_auth: Fix a valgrind error 2010-09-13 16:41:14 -07:00
Volker Lendecke
95a0b6830f s3: Fix a typo 2010-09-13 10:27:27 -07:00
Volker Lendecke
e03f8ded01 s3: Fix a typo (authentictaion->authentication) 2010-09-13 10:15:27 -07:00
Andrew Bartlett
ad5ec58a71 s3-privs Hide the bitmap-based grant_privilege and revoke_privilege 
The new wrappers avoid anything but the core privileges code
dealing with the bitmap values directly.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:11 +10:00
Andrew Bartlett
4080ff7af5 s3-privs Make privilege_enum_sids() take an LUID, not a bitmap 
This moves one more privileges call away from direct bitmap manipuation.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:11 +10:00
Andrew Bartlett
b057867de3 s3-privs Remove a pointer from grant_privilege() 
Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:09 +10:00
Andrew Bartlett
a02ae674dd s3-privs Remove a pointer indirection from revoke_privilege() 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:08 +10:00
Andrew Bartlett
cbd72ab93b libcli/security Don't export privs[] as a global variable 
Instead, provide access functions for the LSA and net sam callers
for the information they need.

They still only enumerate the first 8 privileges that have traditionally
been exposed.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:08 +10:00
Andrew Bartlett
d1bb21b0d5 s3:auth Remove NT_USER_TOKEN 
The all UPPER case typedef is no longer the preferred Samba style
and this makes it easier to see that this is the IDL-derivied structure

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:06 +10:00
Andrew Bartlett
4bfc8d3b1a s3-auth Change struct nt_user_token -> struct security_token 
This common structure is defined in security.idl

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:05 +10:00
Andrew Bartlett
fcaa86f402 s3-privs Further changes to remove SE_PRIV 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-09-11 18:46:04 +10:00
Jeremy Allison
e850958928 Check all SMB_MALLOC returns correctly. Found by Andreas Moroder <andreas.moroder@gmx.net>. 
Jeremy
 2010-09-10 11:56:26 -07:00
Günther Deschner
f1aa9ebb08 s3-utils: remove unused variable in smbget. 
Guenther
 2010-09-09 11:11:04 +02:00
Björn Jacke
b4b453a287 s3: use time_mono throughout in smbget 2010-09-08 22:33:32 +02:00
Björn Jacke
b4ae2efa96 s3: use monotonic clock for time deltas in smbget 2010-08-31 13:10:45 +02:00
Andrew Bartlett
8c15cf54ae s3-auth Rename NT_USER_TOKEN user_sids -> sids 
This is closer to the struct security_token from security.idl
 2010-08-31 10:20:14 +10:00
Volker Lendecke
0f83aa8650 s3: Remove the dependency of g_lock on procid_self 
procid_self() references global vars, don't depend on them unnecessarily
 2010-08-28 12:28:53 +02:00
Günther Deschner
7a05ca2c9c s3-build: use dbwrap.h only where needed. 
Guenther
 2010-08-26 00:25:55 +02:00
Günther Deschner
ca765d2f50 s3-build: only include krb5 environment variables where required. 
Guenther
 2010-08-26 00:20:29 +02:00
Günther Deschner
2b41f421fd s3-idmap: only include idmap headers where needed. 
Guenther
 2010-08-26 00:20:29 +02:00
Günther Deschner
b5bdcdd65e s3-build: only include "fake_file.h" where needed. 
Guenther
 2010-08-26 00:20:28 +02:00