1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00
Commit Graph

107 Commits

Author SHA1 Message Date
Andrew Bartlett
086c06e361 kerberos: Remove un-used event context argument from smb_krb5_init_context()
The event context here was only specified in the server or admin-tool
context, which does not do network communication, so this only caused
a talloc_reference() and never any useful result.

The actual network communication code sets an event context directly
before making the network call.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Apr 28 02:24:57 CEST 2014 on sn-devel-104
2014-04-28 02:24:57 +02:00
Andrew Bartlett
7a26989d4c dsdb: Specify no event context to smb_krb5_init_context() in dsdb
These routines parse principals and generate keys only, no network
communication is done.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-04-28 00:09:21 +02:00
Matthieu Patou
7fe4630bad drs-cracksname: fix problems that prevented to pass our torture tests
Some of the problems where also reported by Microsoft testing tools

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:22:10 -07:00
Matthieu Patou
029e80da9d drs-crackname: Fix error code so that we have the same as windows
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:22:07 -07:00
Matthieu Patou
552b4f3e02 drs-cracknames: When cracking NT4 names we should just look at netbios for the match
Looking at dnsRoot will yield a result for domain.tld\username when it
shouldn't work.

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:22:05 -07:00
Matthieu Patou
aa17a2c01d drs-crackname: Fix cracknames for the format UNKNOWN when the data is actually a GUID
The cannonical crackname expect a "/" or it returns
DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR, when doing UNKNOWN format it's not
an error to not have a "/" in the name to crack it's just a sign the
name is not a cannonical one.

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
2013-08-06 21:22:02 -07:00
Stefan Metzmacher
63c05e820f dsdb/samdb: use RECYCLED it implies DELETED...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2013-07-25 09:01:08 +02:00
Matthieu Patou
123954d94e dsdb-cracknames: Fix potential double free and memory leaks
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-02-08 15:06:25 +11:00
Andreas Schneider
53f5443283 s4-dsdb: Make it clear that we want to fall trough here.
Found by Coverity.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-21 13:56:01 +01:00
Volker Lendecke
26faa8fe3a dsdb: Simplify DsCrackNameOneFilter a bit
For me "else" branches clutter my flow reading code. If we do a hard
return at the end of an "if" branch, "else" is not required.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2012-11-06 08:27:44 +11:00
Andrew Bartlett
9dbb64563c dsdb-cracknames: Return DRSUAPI_DS_NAME_STATUS_NO_MAPPING when there is no SID
If there is no SID for an object being mapped, then there is no NT4 name.

We need to return DRSUAPI_DS_NAME_STATUS_NO_MAPPING rather than
error out with anything other than WERR_OK as the return value.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Oct 25 04:43:25 CEST 2012 on sn-devel-104
2012-10-25 04:43:25 +02:00
Andrew Bartlett
8697acd4b0 dsdb-cracknames: Always use talloc_zero()
Otherwise, we will return un-initialised values to the caller, which will
attempt to push them onto the wire.

Found by Greg Dickie <greg@justaguy.ca>.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Oct 24 05:12:04 CEST 2012 on sn-devel-104
2012-10-24 05:12:04 +02:00
Matthieu Patou
f98abc7baa drs-crackname: if there is no sid do not return the domain 2012-10-07 21:51:01 -07:00
Matthieu Patou
9269870a70 Implement the LIST_INFO_FOR_SERVER input format 2012-10-07 21:51:01 -07:00
Matthieu Patou
884d66d959 s4-drsuapi: Fix a const warning 2012-06-22 23:22:02 -07:00
Matthieu Patou
392e83ffe6 s4-drsuapi: rework the crackname implementation of functionnal names 2012-06-22 23:22:02 -07:00
Alexander Bokovoy
2ddf89a2bc Introduce system MIT krb5 build with --with-system-mitkrb5 option.
System MIT krb5 build also enabled by specifying --without-ad-dc

When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level
configure in WAF build we are trying to detect and use system-wide MIT krb5
libraries. As result, Samba 4 DC functionality will be disabled due to the fact
that it is currently impossible to implement embedded KDC server with MIT krb5.

Thus, --with-system-mitkrb5/--without-ad-dc build will only produce
  * Samba 4 client libraries and their Python bindings
  * Samba 3 server (smbd, nmbd, winbindd from source3/)
  * Samba 3 client libraries

In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture.
This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
2012-05-23 17:51:50 +03:00
Simo Sorce
87c95e49ef Cracknames: use krb wrapper functions so it works with MIT
Also avoid a silly game with directly modifying the principal and
then calling krb5_principal_unparse_flags to get out a string.
If we already assume it is a 2 components name and know what outcome we are
going to get, just go ahead and talloc_asprintf the linearized string.
2012-04-23 19:20:39 -04:00
Andrew Tridgell
e0c5f1c1ab s4-cracknames: use consistent search for crossRef objects
This matches the search in other places

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Sep  8 05:02:54 CEST 2011 on sn-devel-104
2011-09-08 05:02:54 +02:00
Andrew Tridgell
50648760e7 s4-cracknames: fixed cracknames to use more specific search
this uses the bitwise comparison ldap operators to ensure we only get
NC roots

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Sep  5 12:48:39 CEST 2011 on sn-devel-104
2011-09-05 12:48:39 +02:00
Andrew Tridgell
345220b762 s4-dsdb: fixed newlines in DEBUG() calls in cracknames
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-08-25 07:39:39 +10:00
Andrew Tridgell
559d92a8df s4-dsdb: fixed all partitions search in cracknames
when searching all partitions we must use the NULL basedn, or we will
miss partitions in multi-domain setups

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-08-25 07:39:37 +10:00
Matthieu Patou
87e7802722 s4-drsuapi: crackname search also for deleted objects 2011-08-10 01:44:43 +04:00
Andrew Tridgell
8dc92c8f71 ldb: use #include <ldb.h> for ldb
thi ensures we are using the header corresponding to the version of
ldb we're linking against. Otherwise we could use the system ldb for
link and the in-tree one for include

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-10 06:51:07 +01:00
Matthias Dieter Wallnöfer
536622e7d1 s4:dsdb/samdb/cracknames.c - fix another memory leak
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Dec  4 17:26:39 CET 2010 on sn-devel-104
2010-12-04 17:26:39 +01:00
Matthias Dieter Wallnöfer
6f42da795e s4:dsdb/samdb/cracknames.c - fix various KRB5 memory leaks
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Dec  2 12:35:03 CET 2010 on sn-devel-104
2010-12-02 12:35:03 +01:00
Matthias Dieter Wallnöfer
a3f61dea40 Revert "s4:remove "util_ldb" submodule and integrate the three gendb_* calls in "dsdb/common/util.c""
This reverts commit 8a2ce5c47c.

Jelmer pointed out that these are also in use by other LDB databases - not only
SAMDB ones.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 13:37:16 UTC 2010 on sn-devel-104
2010-10-17 13:37:16 +00:00
Matthias Dieter Wallnöfer
8a2ce5c47c s4:remove "util_ldb" submodule and integrate the three gendb_* calls in "dsdb/common/util.c"
They're only in use by SAMDB code.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 17 09:40:13 UTC 2010 on sn-devel-104
2010-10-17 09:40:13 +00:00
Matthias Dieter Wallnöfer
a0e9814c0d s4:dsdb - remove "samdb_result_uint", "samdb_result_int64", "samdb_result_uint64" and "samdb_result_string"
We have ldb_msg_find_attr_as_* calls which do exactly the same. Therefore this
reduces only code redundancies.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-15 08:36:01 +11:00
Jelmer Vernooij
93126b3315 samdb: Add flags argument to samdb_connect(). 2010-10-10 23:08:49 +02:00
Anatoliy Atanasov
b4eba4268d s4/dcdiag: Handle ListRoles command for dcdiag:KnowsOfRoleHolders test 2010-09-20 09:46:10 -07:00
Anatoliy Atanasov
faeeb5c8e7 s4/drs: use type enum drsuapi_DsNameFormat in DsCrackNames code 2010-09-20 09:41:00 -07:00
Andrew Tridgell
df14f645b3 s4-dsdb: cope with cracknames of form dnsdomain\account
this is used by w2k8r2 when doing a RODC dcpromo

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17 21:21:50 +10:00
Karolin Seeger
3eab655e54 s4-cracknames: Fix typo in debug message.
Karolin
2010-06-01 09:33:53 +02:00
Matthias Dieter Wallnöfer
ad9e407357 Revert "s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions"
We should use the "ldb_get_*_basedn" calls since they are available in the LDB
library.
2010-04-13 08:55:15 +02:00
Matthias Dieter Wallnöfer
98ce053efd s4:prefer "samdb_*_dn" basedn calls over the "ldb_get_*_dn" functions
Purely cosmetic change.
2010-04-12 18:49:01 +02:00
Matthias Dieter Wallnöfer
c695ce729b s4:cracknames - Change two counter variables to unsigned
In both cases the unsigned counter fits better:
- in the first one since we are counting LDB objects starting from 0
- in the second since we are counting an array starting from 0
2010-03-05 13:38:00 +01:00
Andrew Tridgell
86f8ddf754 s4-samdb: use dsdb_search() in cracknames
greatly simplifies some of the cracknames code

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-16 21:10:52 +11:00
Andrew Tridgell
98e4393df9 s4-dsdb: create a static system_session context
This patch adds a system_session cache, preventing us from having to
recreate it on every ldb open, and allowing us to detect when the same
session is being used in ldb_wrap
2009-10-23 14:52:17 +11:00
Matthias Dieter Wallnöfer
60ec0f1ae7 s4:dsdb/samdb/cracknames - Remove unused header and add more "const"
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-10-22 10:02:48 +11:00
Andrew Bartlett
ff9fc4e4e0 s4:dsdb Fix crash from LDAP login of DOM\\
The issue here is that when we resolve DOM\\ into an NT4 name, we
would not initilise the nt4_account output.

Andrew Bartlett
2009-10-02 12:45:08 +02:00
Matthias Dieter Wallnöfer
6dab7c9dbe s4: cracknames.c: Change the handling of the NT_STATUS_NO_MEMORY status results
With the previous check I got random failures when trying to connect to the
LDAP server.
2009-08-14 00:14:14 +02:00
Volker Lendecke
ee5236e2d2 Fix some nonempty blank lines 2009-07-05 23:50:11 +02:00
Andrew Bartlett
db89b42c3b s4:dsdb Explain the parsing steps for userPrincipalName cracknames calls 2009-06-30 10:19:19 +10:00
Andrew Bartlett
9b261c008a s4:heimdal: import lorikeet-heimdal-200906080040 (commit 904d0124b46eed7a8ad6e5b73e892ff34b6865ba)
Also including the supporting changes required to pass make test

A number of heimdal functions and constants have changed since we last
imported a tree (for the better, but inconvenient for us).

Andrew Bartlett
2009-06-12 07:45:48 +10:00
Stefan Metzmacher
183c379fe5 s4:lib/tevent: rename structs
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"

for s in $list; do
	o=`echo $s | cut -d ':' -f1`
	n=`echo $s | cut -d ':' -f2`
	r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
	files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
	for f in $files; do
		cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
		mv $f.tmp $f
	done
done

metze
2008-12-29 20:46:40 +01:00
Jelmer Vernooij
9565999755 Fix include paths to new location of libutil. 2008-10-11 21:31:42 +02:00
Andrew Bartlett
8256717c76 Implement 'type unknown' names in the CrackNames code.
This guesses the type by running each of the possible options.

Andrew Bartlett
2008-10-06 14:28:24 -07:00
Simo Sorce
b2901da479 LDB ASYNC: misc changes 2008-09-29 04:22:20 +02:00
Simo Sorce
508527890a Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.
The previous ldb_search() interface made it way too easy to leak results,
and being able to use a printf-like expression turns to be really useful.
2008-09-23 18:17:46 -04:00