sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-15 23:24:37 +03:00
Code
47,961 Commits 60 Branches 1,145 Tags
Commit Graph

16989 Commits

Author SHA1 Message Date
Günther Deschner
ed23c66bf7 s4: remove autogeneration of libcli/netlogon protos. 
we do need to have them around for samba3.

Guenther
 2008-09-24 01:20:42 +02:00
Simo Sorce
508527890a Merge ldb_search() and ldb_search_exp_fmt() into a simgle function. 
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
 2008-09-23 18:17:46 -04:00
Günther Deschner
1147d05b47 s4-nbt: use moved libcli netlogon helpers. 
Guenther
 2008-09-23 23:18:00 +02:00
Günther Deschner
9d541f314f s4-libcli: move nbt/netlogon helper functions up one level. 
Guenther
 2008-09-23 23:17:51 +02:00
Volker Lendecke
1f8fe94ff3 S3 puts smb.conf and lmhosts in lib/, s4 into etc/ 2008-09-23 23:13:03 +02:00
Stefan Metzmacher
5477e1cbf9 s4:lib/charset: add missing prototype of talloc_strdup_upper() 
metze
 2008-09-23 21:07:43 +02:00
Andrew Tridgell
1c2e6978b8 fixed problem with ACLs with an empty DACL list 2008-09-23 11:17:43 -07:00
Andrew Tridgell
66092ced5e Merge branch 'master' of ssh://git.samba.org/data/git/samba 2008-09-23 11:15:46 -07:00
Stefan Metzmacher
353aaf26c5 selftest: run smb signing tests as part of make quicktest 
metze
 2008-09-23 11:30:04 +02:00
Stefan Metzmacher
61a38d9180 selftest: test some smb signing combinations against the member server 
metze
 2008-09-23 11:30:04 +02:00
Stefan Metzmacher
171349bc21 s4:smb_server: remove the bogus smbsrv_signing_restart() 
Real signing always starts with seqnumber 2, and once signing
is on the session key never change anymore for the complete
smb connection.

metze
 2008-09-23 11:30:04 +02:00
Stefan Metzmacher
c01426ce73 libcli/smb_composite: for spnego session setups check the smb signature manually 
We need to start signing when we got NT_STATUS_OK from the server
and manually check the signature of the servers response.

This is needed as the response might be signed with the krb5 acceptor subkey,
which comes within the server response.

With NTLMSSP this happens for the session setup:

request1  => BSRSPYL		seqnum: 0
response1 => BSRSPYL		seqnum: 0
request2  => BSRSPYL		seqnum: 0
response2  => <SIGNATURE>	seqnum: 1

and with krb5:

request1  => BSRSPYL		seqnum: 0
response1  => <SIGNATURE>	seqnum: 1

metze
 2008-09-23 11:30:03 +02:00
Stefan Metzmacher
8c3d969934 libcli/raw: real signing starts at seqnumber 2 
metze
 2008-09-23 11:30:03 +02:00
Stefan Metzmacher
7deacc615e libcli/raw: in SMB_SIGNING_ENGINE_BSRSPYL state it's ok to accept any signature 
Even if signing is mandatory.

With NTLMSSP this happens for the session setup:

request1  => BSRSPYL
response1 => BSRSPYL
request2  => BSRSPYL
response2  => <SIGNATURE>

and with krb5:

request1  => BSRSPYL
response1  => <SIGNATURE>

metze
 2008-09-23 11:30:03 +02:00
Stefan Metzmacher
e00ab641b4 libcli/raw: give the caller the chance to do the signing checks on its own. 
metze
 2008-09-23 11:30:02 +02:00
Stefan Metzmacher
781d7c4c1c libcli/raw: give the caller the chance to prevent the talloc_free(req) in the _recv functions 
metze
 2008-09-23 11:30:02 +02:00
Stefan Metzmacher
588af6901b gensec_krb5: only give away the session key, when the authentication is done 
metze
 2008-09-23 11:30:02 +02:00
Stefan Metzmacher
02cffed79d gensec_gssapi: only give away the session key, when the authentication is done 
metze
 2008-09-23 11:30:01 +02:00
Stefan Metzmacher
23e31350f5 ntlmssp: only give away the session key, when the authentication is done 
metze
 2008-09-23 11:30:01 +02:00
Stefan Metzmacher
70b0c8f79a RPC-PAC: loop in gensec_update() untill the server side is ready 
metze
 2008-09-23 11:30:01 +02:00
Günther Deschner
a1a92688ba s4-nbt: use ../libcli/nbt 
Guenther
 2008-09-23 09:37:24 +02:00
Günther Deschner
6f33f3e4c2 s4-nbt: move libcli/nbt up one level. 
Guenther
 2008-09-23 09:37:24 +02:00
Günther Deschner
be8b72dd55 s4-nbt: merge some fixes from samba3 nbt helper. 
Guenther
 2008-09-23 09:37:24 +02:00
Günther Deschner
13a3971438 s4-nbt: use private_data instead of private. 
Guenther
 2008-09-23 09:37:24 +02:00
Günther Deschner
9216153827 s4-nbt: remove unrequired include. 
Guenther
 2008-09-23 09:37:23 +02:00
Günther Deschner
b60d612cde s4: add talloc_strdup_upper. 
Guenther
 2008-09-23 09:37:23 +02:00
Andrew Tridgell
9cf29abee2 test setinfo FULL_EA_INFORMATION in gentest 2008-09-23 16:45:55 +10:00
Andrew Tridgell
219aa1b4fd added FULL_EA_INFORMATION setea call 2008-09-23 16:45:10 +10:00
Andrew Tridgell
e3a562b1cd fixed a memory error in change notify handling in gentest 2008-09-23 15:20:24 +10:00
Andrew Tridgell
2b6e139206 fixed readonly handling in deltree 2008-09-23 15:16:46 +10:00
Andrew Tridgell
f4e212323f added some debug code 2008-09-23 12:09:56 +10:00
Andrew Bartlett
c39d1b829b Remove unused parameter from decode_pw_buffer and fail on invalid 
UTF-16 input

The input checking is important, as otherwise we could set the wrong
password.

Andrew Bartlett
 2008-09-22 17:50:43 -07:00
Andrew Bartlett
aaa45c8325 Remove unused variable 2008-09-22 17:24:57 -07:00
Andrew Bartlett
3b5060fdba Explain why we use signing for DCs, but not file servers 2008-09-22 16:32:04 -07:00
Andrew Bartlett
7831169af5 Test re-setting the challenge after an auth3 in RPC-NETLOGON 2008-09-22 15:37:16 -07:00
Andrew Bartlett
cebd9a9013 This torture test and skipping of the server-side check was bogus. 
The IDL is declared to force the MessageType to 3 on output, so we
instead checked the same thing 255 times...

Andrew Bartlett
 2008-09-22 14:23:22 -07:00
Stefan Metzmacher
1d92b2211c s4: allways initialize the process model before it's used 
metze
 2008-09-22 18:16:09 +02:00
Stefan Metzmacher
bee2b6c3a3 process incoming connections and fork a samba3 in inetd mode 2008-09-22 04:38:06 +02:00
Jelmer Vernooij
bc794246df Fix merged build. 2008-09-21 23:57:59 +02:00
Matthias Dieter Wallnöfer
89b23974d3 Torture suite: Revert some changes because they aren't necessary 
This reverts some changes made by me because they aren't necessary. The "ZERO_STRUCT"'s remain in.
 2008-09-21 23:18:01 +02:00
Matthias Dieter Wallnöfer
08953e44db Registry client: Remove all conversion helper functions 2008-09-21 23:18:01 +02:00
Matthias Dieter Wallnöfer
4c7203367f Registry client library: Remove two elementar conversion functions 2008-09-21 23:18:01 +02:00
Matthias Dieter Wallnöfer
5c3e76eddd Revert "Registry tool "regtree": Removing an error message" 
This reverts commit f37a57fa366e2b0d77f9c1bd232d42a0f2cceb52.
 2008-09-21 23:18:01 +02:00
Matthias Dieter Wallnöfer
9038f2a0fd Torture suite: Fixes the tests to not segfault again SAMBA 4 registry server 2008-09-21 23:18:00 +02:00
Matthias Dieter Wallnöfer
03e582cc86 Registry client: Fixup the "patchfile" library 
Rework and enhance the "patchfile" library (used in "regdiff")
 2008-09-21 23:18:00 +02:00
Matthias Dieter Wallnöfer
f25f0dd744 Registry client: Implement the "winreg_QueryValue" call 
This is needed for the registry patchfile library
 2008-09-21 23:18:00 +02:00
Matthias Dieter Wallnöfer
9b70485207 Registry client library: Use "talloc_zero" to avoid uninitialized values 2008-09-21 23:18:00 +02:00
Matthias Dieter Wallnöfer
db829f04ad Registry tool "regdiff": Add the event context for remote connections 
Adds the event context for remote connections to make the tool working again.
 2008-09-21 23:18:00 +02:00
Matthias Dieter Wallnöfer
04f29b84a4 Registry client library: Fixes the creation of new keys 
Giving the right permissions
 2008-09-21 23:17:59 +02:00
Matthias Dieter Wallnöfer
1e178ffc03 Registry client library: Fix some buffer problems 
This buffer maximum values are used in Windows (2000), so I take them also for SAMBA 4.
 2008-09-21 23:17:59 +02:00