IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 26 22:35:02 CEST 2015 on sn-devel-104
Bug 11361 - Reading of EA's (Extended Attributes) fails using SMB2 and above
protocols
Tested against Win2k12r2 server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11361
Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
When composing the list of servers out of the server affinity cache
and "password server" parameter, there's fallback to DNS-SRV-record-
based search if the "password server" + session affinity yield an empty
list. However:
1. The way the code is written, it never gets executed because the empty list
is not an empty string (it contains a comma)
2. This fallback is doe in any case just a few lines down the function
Therefore this patch simply removes this fallback code.
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
When finding DCs, there are three sources of addresses:
1. "Last good server"
2. Configured password server
3. SRV DNS queries
Since those different sources may return the same addresses, the
IP list is checked for duplicates, e.g. in order to save on
the LDAP ping that usually follows. Both IP address and port are
compared.
This change fixes the address duplicate removal for the case of KDC
search, where the "last good server" or configured password server
also appears in the DNS SRV query response.
An (undocumented?) assumption is that the "password server" parameter
is applicable to KDCs as well, but if a port is specified (e.g.
dc1.example.com:390), then this is the ldap port.
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
get_kdc_list() should look for _kerberos.xxx SRV records rather
than _ldap.xxx records. This has significance in two cases:
- Non-default DNS configurations
- When building a custom krb5.conf file for a domain, an attempt is
made to get site-specific as well as site-less records, but the
search for _ldap records yields a cached site-specific result even
for the site-less query.
Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
This simplifies/fixes the cleanup, because we need to remove any
tevent_fd object before closing the socket fd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
By using the tstream abstraction we don't need to take care
error handling regarding dangling tevent_fd structures.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
By using the tstream abstraction we don't need to take care
error handling regarding dangling tevent_fd structures.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
The need to destroy the tevent_fd before closing the socket fd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Once we got an error or a valid connection we should destroy all other
connection attempts as early as possible.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
open_socket_out_send() or nb_connect_send() likely use socket fds and
tevent_fd objects. We should clean them up as early as possible.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
cli_session_request_send() is likely to use tevent_fd objects on the given
socket fd, so we need to destroy the request before closing the socket fd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Bug 11295 - Excessive cli_resolve_path() usage can slow down transmission.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11295
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Jun 10 04:09:36 CEST 2015 on sn-devel-104
Cache targetcli on file open in the SMBCFILE struct.
Bug 11295 - Excessive cli_resolve_path() usage can slow down transmission.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11295
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
To reflect new splice ABI.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 29 05:30:06 CEST 2015 on sn-devel-104
Introduce a new operation, splice, which copies data from one SMBCFILE
to another. Implement this operation using FSCTL_SRV_COPYCHUNK_WRITE for
SMB2+ protocols and using read+write for older protocols. Since the
operation may be long running, it takes a callback which gets called
periodically to indicate progress to the application and given an
opportunity to stop it.
Signed-off-by: Ross Lagerwall <rosslagerwall@gmail.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
I still need to fix the rpc stuff, but we are almost there.
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 14 22:16:56 CEST 2015 on sn-devel-104
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu May 14 16:49:39 CEST 2015 on sn-devel-104
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <rb@sernet.de>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 15 05:57:25 CEST 2015 on sn-devel-104
Bug #11186: Crash seen in libsmbclient due to free of server structure during SMBC_getxattr() call
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11186
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Apr 14 02:58:43 CEST 2015 on sn-devel-104
Instead of having every 2nd byte as '\0' in the utf16 password,
because the utf8 form is based on an ascii subset, we convert
the random buffer from CH_UTF16MUNGED to CH_UTF8.
This way we have a random but valid utf8 string,
which is almost like what Windows is doing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
We should maintain current and previous passwords on both sides of the trust,
which mean we need to pass our view of the new version to the remote DC.
This avoid problems with replication delays and make sure the kvno
for cross-realm tickets is in sync.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Using pdb_get_trust_credentials() works for all kind of trusts
and gives us much more details regarding the credentials.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
SEC_CHAN_DNS_DOMAIN trusts use longer passwords, Windows uses 240 UTF16 bytes.
Some trustAttribute flags may also make impact on the length on Windows,
but we could be better if we know that the remote domain is an AD domain.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Bug 11177 - no talloc stackframe at ../source3/libsmb/clifsinfo.c:444, leaking memory
https://bugzilla.samba.org/show_bug.cgi?id=11177
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Mar 26 22:21:30 CET 2015 on sn-devel-104
Bug 10888 - smbclient doesn't ignore "not_defined_in_RFC4178@please_ignore"
https://bugzilla.samba.org/show_bug.cgi?id=10888
Code patch from <martin.wilck@ts.fujitsu.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan (metze) Metzmacher <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 26 00:56:25 CET 2015 on sn-devel-104
Uses an cli_echo() call to do so.
Based on code from <shargagan@novell.com>
Bug 11079 - libsmbclient not checking the cached connection alive status before re-using it from connection cache
https://bugzilla.samba.org/show_bug.cgi?id=11079
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Mar 20 13:48:26 CET 2015 on sn-devel-104
Packet traces showing such servers are found in the bug this fixes:
https://bugzilla.samba.org/show_bug.cgi?id=10016
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Mar 19 12:05:56 CET 2015 on sn-devel-104
If this fails we can still fallback to the old password...
Before trying the password change we verify the dc knows our current password.
This should make the password changes much more robust.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 27 06:20:58 CET 2015 on sn-devel-104
6c9de0cd056afc0b478c02f1bdb0e06532388037 requires this extra change.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jan 21 04:29:06 CET 2015 on sn-devel-104
libsmbclient uses the smbc_init->smbc_get_auth_data_fn() provided
workgroup/domain in initial connections, but then switches to the
default smb.conf workgroup/domain when handling DFS referrals.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11059
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
[MS-DFSC] 3.2.1.1 and 3.2.1.2 states that DFS targets with the same site
location or relative cost are placed in random order in a DFS referral
response.
libsmbclient currently resolves DFS referrals on every API call, always
using the first entry in the referral response. With random ordering,
libsmbclient may open a new server connection, rather than reuse an
existing (cached) connection established in a previous DFS referred API
call.
This change sees libsmbclient check the connection cache for any of the
DFS referral response entries before creating a new connection.
This change is based on a patch by Har Gagan Sahai
<SHarGagan@novell.com>.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10123
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The functions called futher down can cope with host == NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11058
This is part one of the bugfix:
This ensures that it is enough to pass one of host or address to the function.
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Forcing NT_STATUS_UNSUCCESSFUL is not a good idea, we should return
NT_STATUS_LOGON_FAILURE instead.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11010
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
