sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-09 08:58:35 +03:00
Code
92,537 Commits 62 Branches 1,155 Tags
Commit Graph

92537 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Björn Jacke
f8363dd22a crypto: fix build on OS X 
we also need to use the CC_MD5_CTX from CommonCrypto here instead of the MD5_CTX

Signed-off-by: Bjoern Jacke <bj@sernet.de>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jan  8 08:12:29 CET 2014 on sn-devel-104
 2014-01-08 08:12:29 +01:00
Björn Jacke
af5102fe00 build: test the generic md5 function after importing it from hashlib 
otherwise we used the one from md5 which lead to the following warning on SerNet-imini:

the md5 module is deprecated; use hashlib instead import md5

Signed-off-by: Bjoern Jacke <bj@sernet.de>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-08 18:20:19 +13:00
Günther Deschner
8e5f4eab76 libgpo: apply some const. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jan  7 18:52:42 CET 2014 on sn-devel-104
 2014-01-07 18:52:42 +01:00
Günther Deschner
f1685427ed libgpo: when running in verbose mode, printout the parsed PReg file. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:39 +01:00
Günther Deschner
88a0c401fc libgpo: only use libgpo/gpext/gpext.h where really needed. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:39 +01:00
Günther Deschner
c3f9d9929c libgpo: allow to pass down a list of deleted GPOs in gpo_process_gpo_list(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:39 +01:00
Günther Deschner
a78b4d4f65 libgpo: remove some unused code and remove that important FIXME note. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:39 +01:00
Günther Deschner
f6bc219850 libgpo: directly call gpext_process_extension() from gpo_process_gpo_list. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
685da81365 libgpo: implement CSE filtering in gpext_process_extension(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
bb351dec9b libgpo: remove gpext_process_gpo_list_with_extension in favor of gpext_process_extension. 
gpext_preocess_extension properly deals with GPO lists now.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
1010a01119 libgpo: remove extension_guid and snapin_guid (the tool guid) from the process callback. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
a9cb3031bc libgpo: allow to pass down deleted and changed gpo list to CSE plugins. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
19268c5c26 libgpo/gpext: add new gpext_check_gpo_for_gpext_presence() helper function. 
It will be used to inspect single members of a gpo list for the presence of a CSE guid.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
288e883fb0 libgpo: add gpo_copy(). 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
57498dc569 libgpo: make gpo_get_gp_ext_from_gpo public. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
3ef7919e3a libgpo: make gpo_process_a_gpo() static to the util code. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
0a15360f35 libgpo: remove unused gp_registry_entry2 struct. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
9a4e007d90 libgpo: remove ads reference from dump calls and make them take const structs. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
c39425f14b libgpo: prefix some more calls with gpext_. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
69997e2911 libgpo: rename debug_gpext_header to gpext_debug_header. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:38 +01:00
Günther Deschner
0e3c964fab libgpo/CSE/scripts: fix a build warning. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:37 +01:00
Günther Deschner
53bff63383 s3-registry: fix typo in DEBUG statement. 
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2014-01-07 16:59:37 +01:00
Stefan Metzmacher
7d2abf520d s4:netlogon: implement "allow nt4 crypto" and "reject md5 clients" features. 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jan  7 16:53:31 CET 2014 on sn-devel-104
 2014-01-07 16:53:31 +01:00
Stefan Metzmacher
2e36fbc77d s4:netlogon: don't generate a debug message for SEC_CHAN_NULL. 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:18 +01:00
Stefan Metzmacher
3b77b804cd s4:netlogon: correctly calculate the negotiate_flags 
We need to bit-wise AND the client and server flags.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:18 +01:00
Stefan Metzmacher
0d4806f9f0 selftest/Samba4: use "allow nt4 crypto = yes" for testing 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:17 +01:00
Stefan Metzmacher
807bcb4981 lib/param: add "reject md5 client" option, defaulting to false 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:17 +01:00
Stefan Metzmacher
87bdc88328 lib/param: add "allow nt4 crypto" option, defaulting to false 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:17 +01:00
Stefan Metzmacher
3d45d4dc3c libcli/auth: remove unused netlogon_creds_cli_context_copy() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:16 +01:00
Stefan Metzmacher
c0761c3eae s3:rpc_client: finally remove unused rpc_pipe_client->netlogon_creds 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:16 +01:00
Stefan Metzmacher
3f41b58384 s3:rpc_client: remove unused rpccli_netlogon_sam_network_logon() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:16 +01:00
Stefan Metzmacher
e4fea80693 s3:rpc_client: remove unused rpccli_netlogon_sam_logon() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:16 +01:00
Stefan Metzmacher
a4faf57b47 s3:rpc_client: remove unused rpccli_netlogon_setup_creds() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:15 +01:00
Stefan Metzmacher
6d457ad9c1 s3:rpc_client: remove unused rpccli_netlogon_set_trust_password() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:15 +01:00
Stefan Metzmacher
660150b12a s3:rpc_client: make cli_rpc_pipe_open_schannel() more flexible 
It expects a messaging_context now
and returns a netlogon_creds_cli_context.

This way we can finally avoid having a rpc_pipe_client->netlogon_creds.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:15 +01:00
Stefan Metzmacher
a34c837fdb s3:winbindd: make use of rpccli_netlogon_network_logon() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:15 +01:00
Stefan Metzmacher
c6bb47f2f1 s3:rpcclient: make use of rpccli_netlogon_password_logon() in the 'samlogon' cmd 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:14 +01:00
Stefan Metzmacher
4c99e49898 s3:rpcclient: remove optional auth_level parameter of the 'samlogon' cmd 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:14 +01:00
Garming Sam
a012e2fdd6 s3:rpcclient: give errors and clean up correctly after failing to obtain secret 
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:14 +01:00
Stefan Metzmacher
5107ca02a4 s3:rpcclient: make use of rpccli_{create,setup}_netlogon_creds() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:14 +01:00
Stefan Metzmacher
77defb175e s3:libnet: pass in struct netlogon_creds_cli_context from the caller. 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:13 +01:00
Stefan Metzmacher
a8ecebe3e8 s3:libsmb: remove unused trust_pw_find_change_and_store_it() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:13 +01:00
Stefan Metzmacher
3c30e19c4a s3:winbindd: make use of trust_pw_change() in _wbint_ChangeMachineAccount() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:13 +01:00
Stefan Metzmacher
57741dd4ba s3:winbindd: make use of trust_pw_change() for periodic password changes 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:13 +01:00
Stefan Metzmacher
dbd49d90bb s3:winbindd: use invalidate_cm_connection() to kill the netlogon connection 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:12 +01:00
Stefan Metzmacher
cfd139347c s3:net_rpc: make use of trust_pw_change() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:12 +01:00
Stefan Metzmacher
a9281e6570 s3:rpcclient: make use of trust_pw_change() 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:12 +01:00
Stefan Metzmacher
16c6e4992f s3:libsmb: add trust_pw_change() 
This protects the password change using a domain specific g_lock,
so multiple parts 'net rpc', 'rpcclient', 'winbindd', 'wbinfo --change-secret'
even on multiple cluster nodes doesn't race anymore.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:12 +01:00
Stefan Metzmacher
d1340c20b0 s3:net_rpc: add net_context->netlogon_creds 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:11 +01:00
Stefan Metzmacher
3bf77812e8 s3:rpcclient: make use of rpcclient_netlogon_creds instead of cli->netlogon_creds 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2014-01-07 12:47:11 +01:00