sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-23 09:57:40 +03:00
Code
66,497 Commits 62 Branches 1,153 Tags
Commit Graph

66497 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Tridgell
898674cb1c s4-finddcs: added finddcs_cldap() 
this finds DCs with a specified set of server_type bit using SRV
lookups and CLDAP

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:35 +10:00
Andrew Tridgell
5bbfe2b42f s4-secrets: fixed shadowed variable warning 
we already have a 'v' in scope
 2010-09-15 15:39:35 +10:00
Andrew Tridgell
4ff452151a cldap: use ipv4 not up for unbound cldap sockets 
If we use "ip" we end up with a PF_INET6 socket which breaks sendto()
for v4 addresses.
 2010-09-15 15:39:35 +10:00
Andrew Tridgell
dbc9b185af s4-resolve: added resolve_name_multiple_recv() 
this allows for multiple replies to a SRV lookup

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:35 +10:00
Andrew Tridgell
fa7fd4f261 s4-dns: fixed lookup of SRV records using dns_ex 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:35 +10:00
Andrew Tridgell
ce2004d631 s4: fixed some printf format errors 2010-09-15 15:39:35 +10:00
Andrew Tridgell
041c699f3a s4-libnet: converted finddcs call to tevent_req 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
94fb6120d8 s4-secrets: fetch secure channel type with domain SID 
The secure channel type is needed to work out what DC to connect to

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
bd51d30809 s4-auth: when we are a DC enable winbind auth 
As a RODC we need to forward some auth requests to a writable DC

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
67ac8555b1 s4-auth: set the RODC bit for RODC schannel 
When we are using SEC_CHAN_RODC we need to set the
NETLOGON_NEG_RODC_PASSTHROUGH bit in the negotiated flags in
ServerAuthenticate2

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
52445e1583 s4-schannel: fixed reference to context after free 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
5b02cf1eb0 s4-auth: allow multiple active auth backends 
when we are an RODC we need to be able to allow multiple auth backends
to process a single auth request. First the sam backend will try to
authenticate, using locally stored passwords. If this backend can't
find local passwords then it will try the winbind backend and
authenticate via a writeable DC

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
890a33c99b s4-smb: serialise session setup operations 
the mixture of async and sync code in gensec makes a EOF on a socket
during a session setup cause a crash. The simplest solution is to
stop processing events on the socket until the session setup is
complete.
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
ba2c394ed4 talloc: fixed spelling errors in comment 2010-09-15 15:39:34 +10:00
Andrew Tridgell
13a8745cae s4-rodc: add a trigger message for REPL_SECRET to auth_sam 
when an RODC tries to authenticate against an account and the account
has no password information it needs to send a message to the drepl
server to tell it to try and replicate the secret information from
a writeable DC

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
f6d85be528 s4-messaging: add support for no_reply in irpc messages 
It can be useful for a irpc message to be one-way, where the client
sends a messages and the server does not reply. This will be used for
things like a triger message from an auth context to the drepl server
to tell it to try a REPL_SECRET on a user in a RODC.

Previously we've used raw messaging for messages that have no reply,
but that doesn't allow us to use messages described by IDL

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
b9393e4896 s4-kcc: removed redundent loop check 
el has already been checked for NULL
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
2fbf10ea1b s4-smb: smbsrv_blob_push_string() can return -1 
need to use ssize_t, not size_t for error handling
 2010-09-15 15:39:34 +10:00
Andrew Tridgell
a17da70785 s4-dsdb: check for invalid backend type 2010-09-15 15:39:34 +10:00
Andrew Tridgell
3e88f3cf33 s4-rootdse: setup length after NULL check 2010-09-15 15:39:34 +10:00
Andrew Tridgell
d00cb8b3d3 s4-dsdb: fixed use after free for RODC 2010-09-15 15:39:33 +10:00
Andrew Tridgell
597372df34 s4-dsdb: free right context on failure 
down_req is not initialised yet
 2010-09-15 15:39:33 +10:00
Andrew Tridgell
cbd8297b4d s4-dsdb: defer ac->msg after check for NULL ac 2010-09-15 15:39:33 +10:00
Andrew Tridgell
5a4a11cb98 s4-anr: check for allocation failure before use 2010-09-15 15:39:33 +10:00
Volker Lendecke
ba726b5580 s4: Fix two typos 2010-09-14 22:26:17 -07:00
Pierre Carrier
eeb24afd78 Allows changing the maximum number of simultaneous clients in winbindd through an smb.conf option. 
Signed-off-by: Jeremy Allison <jra@samba.org>
 2010-09-14 16:43:39 -07:00
Jeremy Allison
0b270f014f Ensure incoming timespec values correctly wrap at nsecs. 
Jeremy.
 2010-09-14 14:53:17 -07:00
Jeremy Allison
55b315094e Fix string_to_sid() to allow non '\0' termination of the string - allows 
string_to_sid() to be used in formatted strings like FOO/S-1-5-XXXX-YYYY/BAR.

Jeremy.
 2010-09-14 14:48:50 -07:00
Andrew Bartlett
15abd86d54 s3-torture Add tests to show that the dom_sid parsing was faulty. 
Andrew Bartlett
 2010-09-14 14:48:49 -07:00
Andrew Bartlett
1892df6ca8 s3-util_sid Use the NDR parser to parse struct dom_sid 
The manual parser failed to constrain the maximum number of
sub-authorities to 15, allowing an overflow of the array.

Andrew Bartlett
 2010-09-14 14:48:49 -07:00
Andrew Bartlett
46f585e364 libcli/security Use sid_append_rid() in dom_sid_append_rid() 
This ensures that the maximum number of sub-authorities is respected,
otherwise we may run off the end of the array.

Andrew Bartlett
 2010-09-14 14:48:49 -07:00
Andrew Bartlett
51ecf79654 libcli/security Merge source3/ string_to_sid() to common code 
The source3 code repsects the limit of a maximum of 15 subauths,
while the source4 code does not, creating a security issue as
we parse string-form SIDs from clients.

Andrew Bartlett
 2010-09-14 14:48:49 -07:00
Andrew Bartlett
72a8ea4d15 s3-util_sid use ARRAY_SIZE() to ensure we never overflow the dom_sid 
This ensures that this, unlike the MAXSUBAUTHS macro, can't get
out of sync with the structure.

Andrew Bartlett
 2010-09-14 14:48:49 -07:00
Andrew Bartlett
9d44688681 s3-util_sid Accept S-1-5 as a SID 2010-09-14 14:48:48 -07:00
Andrew Bartlett
ce1e273a47 s3-dom_sid Use C99 types in dom_sid handling 
Andrew Bartlett
 2010-09-14 14:48:48 -07:00
Björn Jacke
4e8d6a779c s3/profile: remove the magical clock initialization from the profile code 
there's no point in not profiling times if no monotonic clock is found -
monotonic and realtime clock are equally fast. Just use clock_gettime_mono
instead.
 2010-09-14 22:45:07 +02:00
Björn Jacke
5f6a145800 s3/profiling: don't use CLOCK_PROCESS_CPUTIME_ID 
that clock is a CPU burnometer but we need a chronometer for profiling.
 2010-09-14 22:17:47 +02:00
Björn Jacke
9c00fb4aa6 libreplace: use CLOCK_HIGHRES when available 
in Solaris 8 CLOCK_HIGHRES was the (only) name for CLOCK_MONOTONIC
 2010-09-14 22:11:59 +02:00
Günther Deschner
33da33c59e ntlmssp: when pushing an ntlmssp NEGOTIATE_MESSAGE deal with NULL strings. 
Guenther
 2010-09-14 18:00:30 +02:00
Jelmer Vernooij
48976ac497 rpc_server: Remove unnecessary dependency on server modules, build 
system will take care of that.
 2010-09-14 17:24:05 +02:00
Jelmer Vernooij
8209198998 waf: work around circular dependency finder erroneously removing dependency of gensec on dcerpc. 2010-09-14 17:24:05 +02:00
Jelmer Vernooij
d286b1755c selftest: Error out rather than die() when setting up an environment 
fails.
 2010-09-14 17:24:04 +02:00
Jelmer Vernooij
d98754ca93 selftest: If setting up environment fails, mark testsuites that use it as 
errorring, don't skip it.
 2010-09-14 17:24:04 +02:00
Günther Deschner
73edd661ea s4-smbtorture: try to fix spoolss winreg Form tests on bigendian machines. 
Guenther
 2010-09-14 15:27:38 +02:00
Stefan Metzmacher
4c3e6a59af tdb: add ABI/tdb-1.2.4.sigs 
metze
 2010-09-14 13:10:47 +02:00
Jelmer Vernooij
3db545ece4 nss_winbind: Fix soname. 2010-09-14 12:48:57 +02:00
Jelmer Vernooij
dcadb90bd3 subunit: Use RemoteError when passing errors to upstream subunit. 2010-09-14 10:54:28 +02:00
Jelmer Vernooij
8e328c4e32 param: Add prototype for lpcfg_private_dir(), used by openchange. 2010-09-14 10:54:28 +02:00
Jelmer Vernooij
1e5ea0be84 subunit.pm: Fold Subunit::Filter into Subunit, trim further. 2010-09-14 10:54:28 +02:00
Jelmer Vernooij
c0923cfac1 subunit.pm: Remove output_msg/control_msg functions. 2010-09-14 10:54:28 +02:00