IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This can be used to force signing for individual requests.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
With SMB2_HDR_FLAG_SIGNED we make sure that we either use smb2 signing
or smb2 encryption for the request.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Bug #10831 - SIGCLD Signal handler not correctly reinstalled on old library code use - smbrun etc.
https://bugzilla.samba.org/show_bug.cgi?id=10831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Bug #10831 - SIGCLD Signal handler not correctly reinstalled on old library code use - smbrun etc.
https://bugzilla.samba.org/show_bug.cgi?id=10831
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Use the same mechanism as setup for smbd and winbindd.
Fixes bug #10830 - nmbd can leave unreaped zombies.
https://bugzilla.samba.org/show_bug.cgi?id=10830
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Tue Sep 30 19:01:30 CEST 2014 on sn-devel-104
This is the only way to correctly transfer bigger messages.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
If the caller wants to use passed fds, he should copy them away
and set them to -1.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This allows the callback to consume the fds and e.g. set
them to -1 so that the caller can then treat (close) only those
fds that have not been consumed.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Do this in queue_msg, instead.
This renders unix_dgram_send_job() as simple as it was before
we introduced fd-passing -- as it is intended.
This also changes struct unix_dgram_msg to not contain
the fd-array, but the correspondingly filled msghdr and cmsg buf.
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Variant of close_fd_array() operating on fd_array inside msghdr.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This allows for early direct return instead of the goto invalid,
since the fds_copy array is filled later.
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This is equivalent, reads more easily and makes extraction
more obvious.
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This is more obvious to read and a preparation for following commits.
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
These pthread-pool-jobs should be minimal and ideally only do one
syscall. The closing of the fds is done in unix_dgram_job_finished().
Pair-Programmed-With: Volker Lendecke <vl@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
* pkgconfig fixes
* Bug #10640 - smbd is not responding - tevent_common_signal_handler()
increments non-atomic variables.
https://bugzilla.samba.org/show_bug.cgi?id=10640
* Minor compile fixes
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
We know what realm we need to contact, so avoid trying to correctly get a referral from our KDC.
Andrew Bartlett
Change-Id: I154ff72f3176d581b64e0c67d4a9c5f1f76b7924
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 30 14:58:50 CEST 2014 on sn-devel-104
This is to disrupt MITM attacks between us and our DC
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
The requirement is that we have "winbind sealed pipes = false" and
"require strong key = false" before we make anonymous connections.
These are a security risk as we cannot prevent MITM attacks.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Windows 2003 is going out of support shortly, and we want users to have AES by default
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Create a new lsa_RefDomainList and populate it with the domain SID from
the original query. That avoids the problem that for migrated objects,
LookupSids returns the SID of the new domain, and combining that with
the RID from the input results in an invalid SID.
A better fix would be querying the RID of the user in the new domain,
but the approach here at least avoids id mappings entries for invalid
SIDs.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep 29 13:15:18 CEST 2014 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Sep 29 10:51:37 CEST 2014 on sn-devel-104
This avoids the two lists getting out of sync, and only applies to a Samba build due to the surrounding #ifdef
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This makes it much harder to impersonate the DC, but allows this to be
turned off or returned to IF_REQUIRED with a simple change to the
'client signing' smb.conf parameter.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Sep 28 06:25:55 CEST 2014 on sn-devel-104
