sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-31 17:18:04 +03:00
Code
47,981 Commits 60 Branches 1,144 Tags 452 MiB
b9890af546
Commit Graph

16999 Commits

Author SHA1 Message Date
Jelmer Vernooij
b9890af546 Merge branch 'master' of ssh://git.samba.org/data/git/samba into crypto 2008-09-24 16:11:13 +02:00
Jelmer Vernooij
3023a56b64 Clean .o files in lib/ and libcli/ too. 2008-09-24 16:10:34 +02:00
Jelmer Vernooij
6925202bde Move source4/lib/crypto to lib/crypto. 2008-09-24 15:30:23 +02:00
Simo Sorce
83b0c5d43f Fix nasty bug that would come up only if a client connection to a remote 
ldap server suddenly dies.
We were creating a wrong talloc hierarchy, so the event.fde was not
freed automatically as expected. This in turn made the event system call
the ldap io handlers with a null packet structure, causing a segfault.
Fix also the ordering in ldap_connection_dead()
Thanks to Metze for the huge help in tracking down this one.
 2008-09-24 01:43:57 -04:00
Simo Sorce
7b20cbb115 Fix python test, we can't check only the first member, because the order 
is not guaranteed
 2008-09-24 01:42:30 -04:00
Jelmer Vernooij
1ca2e4b99f Use new binary name in merged build. 2008-09-24 04:41:30 +02:00
Jelmer Vernooij
4b942c2a72 Merge branch 'master' of ssh://git.samba.org/data/git/samba 2008-09-24 04:34:54 +02:00
Stefan Metzmacher
b7d2ff38f5 s4:libcli/smb_composite: we only check the signature when the server return OK 
We need to manually free the request, otherwise the timeout handler is
triggered later.

metze
 2008-09-24 04:08:31 +02:00
Günther Deschner
1ea185a340 s3: fix merged_build. 
Guenther
 2008-09-24 03:30:50 +02:00
Jelmer Vernooij
6a689c23e8 Rename smbd -> samba. 
This reverts commit 05ea5e23cf.

Conflicts:

	source4/smbd/server.c
 2008-09-24 03:16:15 +02:00
Günther Deschner
ed23c66bf7 s4: remove autogeneration of libcli/netlogon protos. 
we do need to have them around for samba3.

Guenther
 2008-09-24 01:20:42 +02:00
Simo Sorce
508527890a Merge ldb_search() and ldb_search_exp_fmt() into a simgle function. 
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
 2008-09-23 18:17:46 -04:00
Günther Deschner
1147d05b47 s4-nbt: use moved libcli netlogon helpers. 
Guenther
 2008-09-23 23:18:00 +02:00
Günther Deschner
9d541f314f s4-libcli: move nbt/netlogon helper functions up one level. 
Guenther
 2008-09-23 23:17:51 +02:00
Volker Lendecke
1f8fe94ff3 S3 puts smb.conf and lmhosts in lib/, s4 into etc/ 2008-09-23 23:13:03 +02:00
Stefan Metzmacher
5477e1cbf9 s4:lib/charset: add missing prototype of talloc_strdup_upper() 
metze
 2008-09-23 21:07:43 +02:00
Andrew Tridgell
1c2e6978b8 fixed problem with ACLs with an empty DACL list 2008-09-23 11:17:43 -07:00
Andrew Tridgell
66092ced5e Merge branch 'master' of ssh://git.samba.org/data/git/samba 2008-09-23 11:15:46 -07:00
Stefan Metzmacher
353aaf26c5 selftest: run smb signing tests as part of make quicktest 
metze
 2008-09-23 11:30:04 +02:00
Stefan Metzmacher
61a38d9180 selftest: test some smb signing combinations against the member server 
metze
 2008-09-23 11:30:04 +02:00
Stefan Metzmacher
171349bc21 s4:smb_server: remove the bogus smbsrv_signing_restart() 
Real signing always starts with seqnumber 2, and once signing
is on the session key never change anymore for the complete
smb connection.

metze
 2008-09-23 11:30:04 +02:00
Stefan Metzmacher
c01426ce73 libcli/smb_composite: for spnego session setups check the smb signature manually 
We need to start signing when we got NT_STATUS_OK from the server
and manually check the signature of the servers response.

This is needed as the response might be signed with the krb5 acceptor subkey,
which comes within the server response.

With NTLMSSP this happens for the session setup:

request1  => BSRSPYL		seqnum: 0
response1 => BSRSPYL		seqnum: 0
request2  => BSRSPYL		seqnum: 0
response2  => <SIGNATURE>	seqnum: 1

and with krb5:

request1  => BSRSPYL		seqnum: 0
response1  => <SIGNATURE>	seqnum: 1

metze
 2008-09-23 11:30:03 +02:00
Stefan Metzmacher
8c3d969934 libcli/raw: real signing starts at seqnumber 2 
metze
 2008-09-23 11:30:03 +02:00
Stefan Metzmacher
7deacc615e libcli/raw: in SMB_SIGNING_ENGINE_BSRSPYL state it's ok to accept any signature 
Even if signing is mandatory.

With NTLMSSP this happens for the session setup:

request1  => BSRSPYL
response1 => BSRSPYL
request2  => BSRSPYL
response2  => <SIGNATURE>

and with krb5:

request1  => BSRSPYL
response1  => <SIGNATURE>

metze
 2008-09-23 11:30:03 +02:00
Stefan Metzmacher
e00ab641b4 libcli/raw: give the caller the chance to do the signing checks on its own. 
metze
 2008-09-23 11:30:02 +02:00
Stefan Metzmacher
781d7c4c1c libcli/raw: give the caller the chance to prevent the talloc_free(req) in the _recv functions 
metze
 2008-09-23 11:30:02 +02:00
Stefan Metzmacher
588af6901b gensec_krb5: only give away the session key, when the authentication is done 
metze
 2008-09-23 11:30:02 +02:00
Stefan Metzmacher
02cffed79d gensec_gssapi: only give away the session key, when the authentication is done 
metze
 2008-09-23 11:30:01 +02:00
Stefan Metzmacher
23e31350f5 ntlmssp: only give away the session key, when the authentication is done 
metze
 2008-09-23 11:30:01 +02:00
Stefan Metzmacher
70b0c8f79a RPC-PAC: loop in gensec_update() untill the server side is ready 
metze
 2008-09-23 11:30:01 +02:00
Günther Deschner
a1a92688ba s4-nbt: use ../libcli/nbt 
Guenther
 2008-09-23 09:37:24 +02:00
Günther Deschner
6f33f3e4c2 s4-nbt: move libcli/nbt up one level. 
Guenther
 2008-09-23 09:37:24 +02:00
Günther Deschner
be8b72dd55 s4-nbt: merge some fixes from samba3 nbt helper. 
Guenther
 2008-09-23 09:37:24 +02:00
Günther Deschner
13a3971438 s4-nbt: use private_data instead of private. 
Guenther
 2008-09-23 09:37:24 +02:00
Günther Deschner
9216153827 s4-nbt: remove unrequired include. 
Guenther
 2008-09-23 09:37:23 +02:00
Günther Deschner
b60d612cde s4: add talloc_strdup_upper. 
Guenther
 2008-09-23 09:37:23 +02:00
Andrew Tridgell
9cf29abee2 test setinfo FULL_EA_INFORMATION in gentest 2008-09-23 16:45:55 +10:00
Andrew Tridgell
219aa1b4fd added FULL_EA_INFORMATION setea call 2008-09-23 16:45:10 +10:00
Andrew Tridgell
e3a562b1cd fixed a memory error in change notify handling in gentest 2008-09-23 15:20:24 +10:00
Andrew Tridgell
2b6e139206 fixed readonly handling in deltree 2008-09-23 15:16:46 +10:00
Andrew Tridgell
f4e212323f added some debug code 2008-09-23 12:09:56 +10:00
Andrew Bartlett
c39d1b829b Remove unused parameter from decode_pw_buffer and fail on invalid 
UTF-16 input

The input checking is important, as otherwise we could set the wrong
password.

Andrew Bartlett
 2008-09-22 17:50:43 -07:00
Andrew Bartlett
aaa45c8325 Remove unused variable 2008-09-22 17:24:57 -07:00
Andrew Bartlett
3b5060fdba Explain why we use signing for DCs, but not file servers 2008-09-22 16:32:04 -07:00
Andrew Bartlett
7831169af5 Test re-setting the challenge after an auth3 in RPC-NETLOGON 2008-09-22 15:37:16 -07:00
Andrew Bartlett
cebd9a9013 This torture test and skipping of the server-side check was bogus. 
The IDL is declared to force the MessageType to 3 on output, so we
instead checked the same thing 255 times...

Andrew Bartlett
 2008-09-22 14:23:22 -07:00
Stefan Metzmacher
1d92b2211c s4: allways initialize the process model before it's used 
metze
 2008-09-22 18:16:09 +02:00
Stefan Metzmacher
bee2b6c3a3 process incoming connections and fork a samba3 in inetd mode 2008-09-22 04:38:06 +02:00
Jelmer Vernooij
bc794246df Fix merged build. 2008-09-21 23:57:59 +02:00
Matthias Dieter Wallnöfer
89b23974d3 Torture suite: Revert some changes because they aren't necessary 
This reverts some changes made by me because they aren't necessary. The "ZERO_STRUCT"'s remain in.
 2008-09-21 23:18:01 +02:00