sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-19 10:03:58 +03:00
Code
49,738 Commits 60 Branches 1,145 Tags
Commit Graph

2442 Commits

Author SHA1 Message Date
Günther Deschner
ff7b8bcebf doserr: Add WERR_GROUP_EXISTS and WERR_SPECIAL_ACCOUNT. 
Guenther
(This used to be commit 058cf7001e8a57ff0a1e19aadf3e0e068b7e69f4)
 2008-06-03 01:27:40 +02:00
Chere Zhou
70b37891f9 minor memory leak fix 
(This used to be commit 0c61631f345436bf88e93219c139af8cfbeea18b)
 2008-05-30 17:55:14 -07:00
Jeremy Allison
d36434f312 Security fix for CVE-2008-1105: Boundary failure when parsing SMB responses 
can result in a buffer overrun.
Jeremy.
(This used to be commit 23b825e9d2c74c5b940cf4d3aa56c18692259972)
 2008-05-28 09:31:42 -07:00
Jeremy Allison
d5d4a9511d Memory leak fixes from Chere Zhou <czhou@isilon.com>. 
Jeremy.
(This used to be commit 201bcc8ed291b51be6f4508c6aa1cb17ce6dcbe3)
 2008-05-27 12:27:57 -07:00
Günther Deschner
c73cc63e92 dsgetdcname: use family (instead of sa_family). 
Guenther
(This used to be commit 355fb81e9e42e507717f33a11793258db9169199)
 2008-05-27 11:40:50 +02:00
Günther Deschner
372a6c0360 doserr: add WERR_REVISION_MISMATCH. 
Guenther
(This used to be commit 017ad275e51ff2d9ddfb4390979f16868f3e6a3f)
 2008-05-27 11:01:30 +02:00
Volker Lendecke
aacfa7b3ad Fix two bogus uninitalized variable warnings 
(This used to be commit 194ea682d9a5c12a0125fecc20349ca9cc3d3ea1)
 2008-05-25 13:53:44 +02:00
Günther Deschner
6b3bcb3724 drsuapi: add all code required for our drsuapi rpc client. 
Guenther
(This used to be commit 7c93190843e77764be4d0f6d4f0b93061c192c98)
 2008-05-23 23:56:21 +02:00
Gerald W. Carter
4d2f71e53f Manually merge Steven Danneman's patch for SPNEGO auth to a trusted 
Win2008 domain (merged from v3-0-test).

   commit 8dc4e979776aae0ecaa74b51dc1eac78a7631405
   Author: Steven Danneman <sdanneman@isilon.com>
   Date:   Wed May 7 13:34:26 2008 -0700

      spnego SPN fix when contacting trusted domains

      cli_session_setup_spnego() was not taking into consideration the situation
      where we're connecting to a trusted domain, specifically one (like W2K8)
      which doesn't return a SPN in the NegTokenInit.

      This caused two problems:

      1) When guessing the SPN using kerberos_get_default_realm_from_ccache() we
      were always using our default realm, not the realm of the domain we're
      connecting to.

      2) When falling back on NTLMSSP for authentication we were passing the name
      of the domain we're connecting to for use in our credentials when we should be
      passing our own workgroup name.

      The fix for both was to split the single "domain" parameter into
      "user_domain" and "dest_realm" parameters.  We use the "user_domain"
      parameter to pass into the NTLM call, and we used "dest_realm" to create an SPN
      if none was returned in the NegTokenInit2 packet.  If no "dest_realm" is
      provided we assume we're connecting to our own domain and use the credentials
      cache to build the SPN.

      Since we have a reasonable guess at the SPN, I removed the check that defaults
      us directly to NTLM when negHint is empty.
(This used to be commit b78b14c88e8354aadf9ba7644bdb1c29245fe419)
 2008-05-23 16:01:45 -05:00
Jeremy Allison
b04bcefc58 Fix bug #5479, print spool shares require max_xmit to 
be adhered to.
Jeremy.
(This used to be commit 478a359edead0677281a3ca4e64db6521941b0f3)
 2008-05-21 12:39:08 -07:00
Volker Lendecke
e2d8b0a792 Fix some signed/unsigned warnings 
(This used to be commit dbb4d8107a61051d8bcf6c4c69ee976efc50b961)
 2008-05-20 23:06:38 +02:00
Tim Prouty
fb37f15600 Cleanup size_t return values in callers of convert_string_allocate 
This patch is the second iteration of an inside-out conversion to cleanup
functions in charcnv.c returning size_t == -1 to indicate failure.
(This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
 2008-05-20 22:40:13 +02:00
Günther Deschner
175cca1729 dsgetdcname: store client sitename for mailslot and cldap replies. 
Guenther
(This used to be commit a01ed719c31998620927dc9b1664ba8e36bd9b21)
 2008-05-16 11:58:24 +02:00
Günther Deschner
4d593cdb19 dsgetdcname: add site support. 
Guenther
(This used to be commit e305368538eaa72e3008a5517db3708936924297)
 2008-05-15 16:59:46 +02:00
Günther Deschner
2e8b43c58d dsgetdcname: check for invalid sitename/flag combinations. 
Guenther
(This used to be commit 255e509474cae92802e90613ccaddb6627ee77cd)
 2008-05-15 16:41:18 +02:00
Günther Deschner
5547e5a416 dsgetdcname: In case we didn't get a mailslot reply, don't cache the nodestatus. 
Guenther
(This used to be commit 12e47be02f93e2f41af5772f6a83568b3574d032)
 2008-05-14 09:45:39 +02:00
Günther Deschner
c49487805b mailslot: Also pick domain name and pdc name from type 15 cldap reply. 
Guenther
(This used to be commit 836877c4005ba081c0a4cc97726830d6dbd62d34)
 2008-05-14 09:45:39 +02:00
Volker Lendecke
44b7f672b8 Fix signing problem in the client with transs requests 
This is a different fix than Jeremy put into 3-0-test with 040db1ce85 and other
branches with different hashes. Jeremy, I think your fix led to bug 5436, so I
reverted your fix. This fixes the original problem I found with the transs
requests for large rpc queries in a different way. Please check!

Thanks,

Volker
(This used to be commit c572d537e088a3fffb057181cad9a3692e40b815)
 2008-05-13 16:29:47 +02:00
Volker Lendecke
8ef2ada0ef Revert "Fix signing bug found by Volker. That one was *subtle*." 
This reverts commit 816aea6c1a426eb2450061b847729e22bdac33a0.
(This used to be commit e402e6508ca0806deef4c4044cfa6461b682850a)
 2008-05-13 16:29:47 +02:00
Günther Deschner
1830d6b159 dsgetdcname: add reminder that we need to support ipv6 here once we know how. 
Guenther
(This used to be commit 4b3617bf505a835a6d4bb9b80c4ad837a2082dea)
 2008-05-09 17:56:04 +02:00
Günther Deschner
d59cf703ba dsgetdcname: make use of nbt_cldap_netlogon_15. 
Guenther
(This used to be commit 5b0eda98f3d127399770f7a037ad3277dbe23393)
 2008-05-09 17:41:50 +02:00
Günther Deschner
67c644aa59 dsgetdcname: use existing messaging_context if possible. 
Guenther
(This used to be commit 7889516a384c155a9045aad4409c041fddd0d98d)
 2008-05-09 14:59:20 +02:00
Günther Deschner
c58ab8f3b2 dsgetdcname: the forest name should never be empty. 
Guenther
(This used to be commit 2c0a96f1e5fc065fdbeb5671cfa693009321dde8)
 2008-05-09 14:59:20 +02:00
Günther Deschner
e668cb4594 dsgetdcname: add map_dc_and_domain_names() for consolidating returned names. 
Guenther
(This used to be commit eb7fee6e2a00326c03aa013058247e06279a4930)
 2008-05-09 14:59:19 +02:00
Günther Deschner
4bd94c8338 cldap: move out cldap object to fix the build. 
Guenther
(This used to be commit 56be9c98d24e64bf855439df21766d30f448f407)
 2008-05-09 14:59:19 +02:00
Günther Deschner
5e24d83e41 dsgetdcname: fix gencache store for dsgetdcname(). 
While storing always a type 29 reply structure in gencache, we are now able to
deliver correct data according to return flags such as DS_RETURN_FLAT_NAME and
DS_RETURN_DNS_NAME out of the cached data from gencache.

Guenther
(This used to be commit c67b6dc0ca866781043e443177d550e23b83ae36)
 2008-05-09 14:59:19 +02:00
Günther Deschner
5d7a60afd8 dsgetdcname: pure cosmetics. 
Guenther
(This used to be commit 4b56c294e8ba045c84cab538b3d286e433d292ed)
 2008-05-09 14:59:19 +02:00
Günther Deschner
9adc40a38f dsgetdcname: simply call ourself with DS_FORCE_REDISCOVERY after cache expiry. 
Guenther
(This used to be commit 847f258632f6d49a3fd45f466c5d3d8c6222ff85)
 2008-05-09 14:59:19 +02:00
Günther Deschner
8441681819 dsgetdcname: be more paranoid about the existance of an ip_address. 
Guenther
(This used to be commit d13fe66f3d9ba152e3e8197ee6682e175163a6cd)
 2008-05-09 14:59:19 +02:00
Günther Deschner
eaef936523 dsgetdcname: remove invalid assumption in discover_dc_dns(). 
Guenther
(This used to be commit f48b2e844b673e99c84cb24f3c3718352ab93ce5)
 2008-05-09 14:59:19 +02:00
Günther Deschner
9be17e2187 dsgetdcname: mailslot replies are identical to the cldap ones, use cldap everywhere. 
Guenther
(This used to be commit fe904ee77a7fec1674e9db660978c40c17897f77)
 2008-05-09 14:59:19 +02:00
Günther Deschner
926cc82897 dsgetdcname: wait a little longer for mailslot replies. 
Guenther
(This used to be commit bc0d7a90dcc7bf702b24feb16abf4634ff178671)
 2008-05-09 14:59:18 +02:00
Günther Deschner
9d99ef899c dsgetdcname: map additional flags to nt_version. 
Guenther
(This used to be commit 1009123b8600e6ccebe180f4a2f87c217638fef8)
 2008-05-09 14:59:18 +02:00
Günther Deschner
0354d00ddf dsgetdcname: use make_dc_info_from_cldap_reply() for cldap replies. 
Guenther
(This used to be commit a3e5b073f0474543ca74b40775ce1d7f80719c96)
 2008-05-09 14:59:18 +02:00
Günther Deschner
81aa670343 dsgetdcname: add make_dc_info_from_cldap_reply(). 
Guenther
(This used to be commit 9db2e50a20caabaf90ce03203a066ddd7820d33a)
 2008-05-09 14:59:18 +02:00
Günther Deschner
9b4ea32c2d dsgetdcname: add get_cldap_reply_server_flags(). 
Guenther
(This used to be commit 3c05c56d4c0aac8106684cda3152c65299c63075)
 2008-05-09 14:59:18 +02:00
Günther Deschner
cdd9913c4a cldap: let ads_cldap_netlogon() return all possible cldap replies. 
Guenther
(This used to be commit 6f9d5e1cc94bc90685b54c04622b8f3357bd2f69)
 2008-05-09 14:59:18 +02:00
Günther Deschner
64cb9461fb dsgetdcname: add pull_mailslot_cldap_reply(). 
Guenther
(This used to be commit 95fb01d8702342265f8837a368dc42f4a4d394d5)
 2008-05-09 14:59:18 +02:00
Günther Deschner
fcdee39988 dsgetdcname: add map_ds_flags_to_nt_version. 
Guenther
(This used to be commit 1809ea22c31ee28e109f49701f91534177027165)
 2008-05-09 14:59:18 +02:00
Günther Deschner
7b5ec90b72 dsgetdcname: remove invalid assumptions when using DNS for the DC query. 
Guenther
(This used to be commit a81818ae54159755df441cc6421e5b272035f412)
 2008-05-07 14:09:41 +02:00
Günther Deschner
611d79d0ed build: fix the build w/o ldap. 
Guenther
(This used to be commit a159ec5f1f3ec8e9232b8f3230a996a3f9986bc1)
 2008-05-06 09:48:16 +02:00
Günther Deschner
1f6065765c mailslot/cldap: use nt_version bits in queries. 
Guenther
(This used to be commit b261f063125f8454d8f4e8f6b6f8aa5bc393ea34)
 2008-05-06 09:41:41 +02:00
Günther Deschner
5c02872a10 dsgetdcname: use correct dc name for name cache store. 
Guenther
(This used to be commit ce1556d0fb993b78f02ac4cc4f8a45ab7a0b5397)
 2008-05-06 09:41:41 +02:00
Volker Lendecke
7245a8e3b8 Fix a C++ warning 
(This used to be commit e7a4027acf38bf5800d9d8ba477afb5daaf517ce)
 2008-05-05 18:28:59 +02:00
Günther Deschner
4d8836ab96 Fix client authentication with -P switch in client tools (Bug 5435). 
Guenther
(This used to be commit d077ef64cd1d9bbaeb936566c2c70da508de829f)
 2008-05-05 16:59:53 +02:00
Günther Deschner
e7142ef180 ntlmssp: replace UNKNOWN_02000000 with NTLMSSP_NEGOTIATE_VERSION. 
Guenther
(This used to be commit 2c41d69bcf6f0897ef9d444a8f167aff1772d562)
 2008-04-30 18:55:57 +02:00
Günther Deschner
d0411c19dc errors: add WERR_NOT_FOUND. 
Guenther
(This used to be commit b9ac03bdfa5763c713674acd966ab5d4371992a5)
 2008-04-29 20:22:01 +02:00
Günther Deschner
dddac2bc8f errors: add WERR_INVALID_DOMAINNAME. 
Guenther
(This used to be commit b11a5e70d38239fb50ba4606656e2168cc398a12)
 2008-04-25 14:49:31 +02:00
Volker Lendecke
9e9d40d097 Refactoring: Make cli_pipe_auth_data a pointer off rpc_pipe_client 
(This used to be commit f665afaaa3eff9ef54112e08ed034a6e1bb30edc)
 2008-04-25 11:12:50 +02:00
Günther Deschner
051ff45c60 mailslot/dsgetdcname: do what XP does and request nt_version 11. 
This allows dsgetdcname to query for a flat, non-dns domain name and
come back with all information about the DC (site names, guid, forest,
etc.) based on a mailslot reply. The version 11 request is downgraded
to version 1 in case we do a query against NT4.

Guenther
(This used to be commit d8b2ff3c8769e8da9c21dec483e6edb7aa2d00f3)
 2008-04-24 22:01:52 +02:00