1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-13 13:18:06 +03:00

65295 Commits

Author SHA1 Message Date
Günther Deschner
73a69e2d0f s3-waf: fix the build.
Guenther
2010-08-12 16:51:48 +02:00
Björn Jacke
616e187d68 s3: fall back to cups-config for underlinked libs
some OpenBSD systems have underlinked cups libraries. If linking against cups
alone fails, try to link against all the cups-config --libs cruft, which we
usually don't want. (bugzila #7244)
2010-08-12 16:30:35 +02:00
Björn Jacke
1d443f6bc2 Revert "s3: Use cups-config --libs"
This reverts commit 911db761148. This was introduced in 18f1f5b56b140
intentionally.
2010-08-12 16:30:35 +02:00
Günther Deschner
feb432292e ntlmssp: fix unitialized variable in ntlmssp_server_postauth().
Guenther
2010-08-12 16:28:10 +02:00
Stefan Metzmacher
5130e664b9 pidl:Samba3/ClientNDR: implement rpccli_ stubs on top of dcerpc_ stubs
metze
2010-08-12 14:31:23 +02:00
Stefan Metzmacher
56a6a972f2 s3:Makefile: link in dcerpc client stubs
metze
2010-08-12 14:31:23 +02:00
Stefan Metzmacher
7e24d1dd57 s3:winbindd: add wbint dcerpc_binding_handle backend
metze
2010-08-12 14:31:22 +02:00
Stefan Metzmacher
262dcfcd87 s3:rpc_server: add rpc_pipe_open_internal dcerpc_binding_handle backend
metze
2010-08-12 14:31:22 +02:00
Stefan Metzmacher
2c0e296dd7 s3:rpc_client: add dcerpc_binding_handle backend
metze
2010-08-12 14:31:21 +02:00
Stefan Metzmacher
b34209006f s4:librpc/rpc: make struct dcerpc_binding_handle private
metze
2010-08-12 14:31:21 +02:00
Stefan Metzmacher
51fb4c3860 pidl:Samba4/NDR/Client: add sync dcerpc_pipe based stubs as compat for OpenChange
This will activate the compat wrappers for all functions of an interface:
 #define DCERPC_IFACE_MYPROTO_COMPAT 1
 #include <ndr_myproto_c.h>

This will activates the compat wrappers just for specific functions:
 #define DCERPC_CALL_MYFN1_COMPAT 1
 #define DCERPC_CALL_MYFN2_COMPAT 1
 #include <ndr_myproto_c.h>

metze
2010-08-12 14:31:20 +02:00
Stefan Metzmacher
719981adfd pidl:Samba4/NDR/Client: add non struct base dcerpc_binding_handle client stubs
metze
2010-08-12 14:31:20 +02:00
Stefan Metzmacher
62297dff8f pidl:Samba4/NDR/Client: convert code to $self->pidl()
metze
2010-08-12 14:31:19 +02:00
Stefan Metzmacher
570eefc57a pidl:Samba4/NDR/Client: s/interface/if/
metze
2010-08-12 14:31:19 +02:00
Stefan Metzmacher
76691e9eaf pidl:Samba4/NDR/Client: make use of the new dcerpc_binding_handle_call() infrastructure
metze
2010-08-12 14:31:18 +02:00
Stefan Metzmacher
db89fdac73 pidl:Samba4/NDR/Client: remove old dcerpc_pipe based sync stubs
They're unused in Samba and only used by OpenChange.
I'll add a compat functions for OpenChange later.

metze
2010-08-12 14:31:18 +02:00
Stefan Metzmacher
7eef08cc63 s4:librpc/rpc: add dcerpc_binding_handle dcerpc_pipe backend
metze
2010-08-12 14:31:17 +02:00
Stefan Metzmacher
4030bc9b2d librpc/rpc: add dcerpc_binding_handle abstration
metze
2010-08-12 14:31:17 +02:00
Stefan Metzmacher
2828318743 s4:librpc/rpc: fix dcerpc_log_packet() prototype
metze
2010-08-12 14:31:17 +02:00
Stefan Metzmacher
af89b460f7 s4:librpc/rpc: autodetect the need of async call logic
metze
2010-08-12 14:31:16 +02:00
Stefan Metzmacher
a2e1f54b3e pidl:Samba3/ClientNDR: ignore "todo" functions
metze
2010-08-12 14:31:16 +02:00
Stefan Metzmacher
6fe216642a testprogs/midltests: add some example IDL files and there midltests.exe output
metze
2010-08-12 14:31:15 +02:00
Volker Lendecke
f7e14a8e5e s3: Reduce the load on the echo handler
If the parent is fast enough, the echo handler should not step in. When the
socket becomes readable, the echo handler goes to sleep for a second. If within
that second, the parent has picked up the SMB request from the net, the echo
handler will just go back to select().
2010-08-12 13:32:16 +02:00
Volker Lendecke
c672797a0a s3: Slightly simplify the logic in smbd_server_echo_handler 2010-08-12 13:31:51 +02:00
Volker Lendecke
c7a2e52ef1 s3: Slightly simplify the logic in smbd_server_connection_handler 2010-08-12 13:31:51 +02:00
Volker Lendecke
277248a4a7 s3: ?true:false is a *bit* pointless :-) 2010-08-12 12:26:56 +02:00
Volker Lendecke
f62756e8f0 Fix a typo 2010-08-12 08:07:50 +02:00
James Peach
44de839dab smbtorture: Don't crash RAW-QFILEINFO if there's no alternate name. 2010-08-11 11:11:28 -07:00
James Peach
88d48a7d92 smbtorture: Make BASE-OPENATTR report a failure if it fails. 2010-08-11 11:11:11 -07:00
Günther Deschner
c43e832c51 s3-waf: fix the waf build with more recent MIT krb5 libs.
(such as MIT krb5 1.7.1 on fedora 13).

This whole area needs more work and love later, for now it builds at least.

Kai, please check.

Guenther
2010-08-11 12:47:57 +02:00
Kamen Mazdrashki
03bfd4290f s4-test: Implement DRS-RPC-msDSIntId test case 2010-08-11 00:18:15 +03:00
Kamen Mazdrashki
d595f070f6 s4-dsdb: fix attributes_by_msDS_IntId index sorting 2010-08-11 00:18:14 +03:00
Kamen Mazdrashki
06f59855a7 s4-test: Move dsdb_schema loading into public function
I will use this function for tests implementation later
2010-08-11 00:18:14 +03:00
Kamen Mazdrashki
c30f9bd734 s4-test: Move RPC-DSSYNC test in DRS-RPC test suite 2010-08-11 00:18:14 +03:00
Kamen Mazdrashki
da074f10e3 s4-test: Move dssync.c to torture/drs/rpc 2010-08-11 00:18:13 +03:00
Kamen Mazdrashki
f3c06892ec s4-test: strip trailing white-spaces 2010-08-11 00:18:13 +03:00
Matthias Dieter Wallnöfer
067b5721c7 s4:objectclass LDB module - weak the check for the "rIDSet" delete constraint
Perform it only when a "rIDSet" does exist. Requested by ekacnet for
"upgradeprovision".
2010-08-10 21:01:11 +02:00
Matthias Dieter Wallnöfer
303089f5b8 s4:dsdb/common/util.c - provide a call which returns the forest function level
Sooner or later we'll need this too since not all operations depend only on the
current's domain function level (see the MS-ADTS docs).
2010-08-10 19:08:56 +02:00
Matthias Dieter Wallnöfer
3b1d74f4b6 libds/common/flags.h - fix a comment's typo 2010-08-10 19:08:56 +02:00
Matthias Dieter Wallnöfer
e53fc1228f s4:dsdb/common/util.c - use LDB constants whenever possible 2010-08-10 19:08:56 +02:00
Andrew Bartlett
75adca63f2 libcli/auth Make the source3/ implementation of the NTLMSSP server common
This means that the core logic (but not the initialisation) of the
NTLMSSP server is in common, but uses different authentication backends.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-10 16:22:04 +02:00
Andrew Bartlett
979b672dcb s3:ntlmssp Split the NTLMSSP server into before and after authentication
This allows for a future where the auth subsystem is async, and the
session key generation needs to happen in a callback.

This code is originally reworked into this style by metze for the
source4/ implementation.

The other change here is to introduce an 'out_mem_ctx', which makes
the API match that used in source4.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-10 16:17:10 +02:00
Andrew Bartlett
4969b3de63 s3:ntlmssp Always call ntlmssp_sign_init()
There is no code path that sets nt_status before this point, without
a return.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-10 12:13:00 +02:00
Andrew Bartlett
617ec0733d s3:ntlmssp Don't use talloc_tos() for NTLMSSP blobs for now
This code will, I hope, soon be merged in common, and the Samba4
use case does not currently support talloc_tos() properly.  Use another
context for now.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-10 12:13:00 +02:00
Andrew Bartlett
d112557a05 s3:ntlmssp Don't permit LM_KEY in combination with NTLMv2
This is another 'belts and braces' check to avoid the use of the
weak 'LM_KEY' encryption when the client has chosen NTLMv2.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-10 12:13:00 +02:00
Andrew Bartlett
f6cc686036 s3:ntlmssp Don't reply with the LM_KEY negotiation flag when not available
This ensures the client isn't confused and we don't enter this
weaker authentication scheme when we don't really, really need to.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-10 12:13:00 +02:00
Andrew Bartlett
3c0a17a127 s3:ntlmssp Don't use the lm key if the user didn't supply one.
This may help to avoid a number of possible MITM attacks where LM_KEY is
spoofed into the session.  If the login wasn't with lanman
(and so the user chose to disclose their lanman response),
don't disclose back anything based on their lanman password.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-10 12:13:00 +02:00
Andrew Bartlett
f744e42bd0 s3:ntlmssp Add extra DEBUG() message for auth system failures
Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-10 12:13:00 +02:00
Andrew Bartlett
e0c94d14b3 s3:ntlmssp Redirect lp_lanman_auth() via 'allow_lm_key'
This will allow this to be handled via common code in the future

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
2010-08-10 12:13:00 +02:00
Günther Deschner
78fa58f8c3 libcli/auth/ntlmssp: remove outdated comment. The version flag is well understood now.
Guenther
2010-08-10 11:56:33 +02:00