IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
* pkgconfig fixes
* Bug #10640 - smbd is not responding - tevent_common_signal_handler()
increments non-atomic variables.
https://bugzilla.samba.org/show_bug.cgi?id=10640
* Minor compile fixes
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
We know what realm we need to contact, so avoid trying to correctly get a referral from our KDC.
Andrew Bartlett
Change-Id: I154ff72f3176d581b64e0c67d4a9c5f1f76b7924
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 30 14:58:50 CEST 2014 on sn-devel-104
This is to disrupt MITM attacks between us and our DC
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
The requirement is that we have "winbind sealed pipes = false" and
"require strong key = false" before we make anonymous connections.
These are a security risk as we cannot prevent MITM attacks.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Windows 2003 is going out of support shortly, and we want users to have AES by default
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Create a new lsa_RefDomainList and populate it with the domain SID from
the original query. That avoids the problem that for migrated objects,
LookupSids returns the SID of the new domain, and combining that with
the RID from the input results in an invalid SID.
A better fix would be querying the RID of the user in the new domain,
but the approach here at least avoids id mappings entries for invalid
SIDs.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep 29 13:15:18 CEST 2014 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Sep 29 10:51:37 CEST 2014 on sn-devel-104
This avoids the two lists getting out of sync, and only applies to a Samba build due to the surrounding #ifdef
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This makes it much harder to impersonate the DC, but allows this to be
turned off or returned to IF_REQUIRED with a simple change to the
'client signing' smb.conf parameter.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Sep 28 06:25:55 CEST 2014 on sn-devel-104
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10843
Change-Id: I7f1c1d9dd03acd35e59f2d16cc94ee0e8f3f1271
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Sun Sep 28 03:59:35 CEST 2014 on sn-devel-104
This reduces spamming during 'make test' runs.
This change is consistent with aad5eeb9b4f67b03988ceefb7888cb63ecefcf30, which raised the log level for logging of new non-IPC connections.
Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Change-Id: I4343570c8d6158b6715e514a8a7cd323a9c727ae
Reviewed-by: Michael Adam <obnox@samba.org>
The count is already checked for 0 above this line so it can never be 0
at this point.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Sep 27 22:09:29 CEST 2014 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Sep 27 12:44:55 CEST 2014 on sn-devel-104
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Sep 27 04:01:33 CEST 2014 on sn-devel-104
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
The fix in ac2d31e24cfa24f6674b645b3661a1a2ce9ab060 picked the wrong function name. This is meant
to be the remote address, not the local one, if we ever have to re-instate this code.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Change-Id: Iaf8b13010b52e03db2eefe1ad565d7ca768ffb48
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This does require that we always fill in the gensec pointer, but the
simplification is worth the extra allocations.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Found by AddressSanitizer
Change-Id: Ie3bb4054201382cacb4b296308d561a3548f8cff
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Found at MS interop event while working on AES kerberos key support.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Fri Sep 26 23:37:09 CEST 2014 on sn-devel-104
For instance you can type make bin/smbd to build just smbd (and it's
dependencies still) or make bin/smbd bin/smbtorture
You can also do make service_drepl if you want just to build the stuff
related to DRS
Change-Id: I61bdaeff79ecfb1a15728c2de7e6a6a14dd8bc7d
Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Matthieu Patou <mat@samba.org>
Autobuild-Date(master): Fri Sep 26 11:48:11 CEST 2014 on sn-devel-104
This adds all SPNs defined in the DC for the computer account to the
keytab using 'net ads keytab create -P'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9985
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
If the name passed to the net command with the -S options is the long
hostname of the domaincontroller and not the 15 char NetBIOS name we
should construct a FQDN with the realm to get a Kerberos ticket.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10829
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 26 03:15:00 CEST 2014 on sn-devel-104
