Andrew Bartlett [Tue, 18 Oct 2011 09:58:47 +0000 (20:58 +1100)]
s3-auth remove auth_ntlmssp_session_info()
Instead, call gensec_session_info() directly.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 20 Oct 2011 14:40:14 +0000 (16:40 +0200)]
s3:smbd/seal: pass talloc_tos() auth_ntlmssp_update(), because we free a few lines later
metze
Stefan Metzmacher [Thu, 20 Oct 2011 11:46:05 +0000 (13:46 +0200)]
s3:libsmb/smb_seal: always use SAFE_FREE(buf) in common_free_enc_buffer()
There's no need to do gss-api specific stuff, the buffer is always
malloc'ed.
metze
Stefan Metzmacher [Thu, 20 Oct 2011 11:44:14 +0000 (13:44 +0200)]
s3:libsmb/smb_seal: use plain malloc() in common_ntlm_encrypt_buffer()
metze
Stefan Metzmacher [Thu, 20 Oct 2011 11:23:27 +0000 (13:23 +0200)]
s3:libsmb/smb_seal: avoid ads_errstr() dependency and use gssapi_error_string()
metze
Stefan Metzmacher [Thu, 20 Oct 2011 07:47:53 +0000 (09:47 +0200)]
s3:libsmb/smb_seal: make use of common [_]smb_[set]len_nbt() macros
metze
Stefan Metzmacher [Thu, 20 Oct 2011 07:44:02 +0000 (09:44 +0200)]
s3:include: make smb_setlen() a macro
metze
Stefan Metzmacher [Thu, 20 Oct 2011 07:42:10 +0000 (09:42 +0200)]
libcli/smb: add smb_setlen_[nbt|tcp] macros
metze
Stefan Metzmacher [Thu, 20 Oct 2011 07:40:01 +0000 (09:40 +0200)]
libcli/smb: move some common defines to smb_constants.h
metze
Andrew Bartlett [Thu, 20 Oct 2011 22:02:23 +0000 (09:02 +1100)]
build: compile (but do not install) netapi examples
The only example not yet built is the GTK domain join gui.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Oct 21 01:31:55 CEST 2011 on sn-devel-104
Björn Jacke [Thu, 20 Oct 2011 19:39:38 +0000 (21:39 +0200)]
s3:Makefile: make DSO_EXPORTS_CMD more portable (#8531)
It sems like every not completely trivial sed expression should be tested with
Solaris' sed. Its regexp engine is way more limited than the one of GNU
sed. Thanks to Michael Pelletier for finding this! This fixes bug #8531
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Thu Oct 20 23:15:05 CEST 2011 on sn-devel-104
Jeremy Allison [Thu, 20 Oct 2011 17:01:12 +0000 (10:01 -0700)]
Refactor to create check_parent_access() which can be called for file creation too.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Oct 20 20:29:22 CEST 2011 on sn-devel-104
Jeremy Allison [Wed, 19 Oct 2011 23:56:00 +0000 (16:56 -0700)]
Make mkdir_internal() check the parent ACL for SEC_DIR_ADD_SUBDIR rights.
Andrew Bartlett [Thu, 20 Oct 2011 09:40:58 +0000 (20:40 +1100)]
build: compile (but do not install) all the libsmbclient tests
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Oct 20 13:49:39 CEST 2011 on sn-devel-104
Andrew Bartlett [Thu, 20 Oct 2011 02:41:30 +0000 (13:41 +1100)]
s3-netapi Compile (but do not install) netapi tests
Andrew Bartlett [Thu, 20 Oct 2011 02:40:01 +0000 (13:40 +1100)]
examples: compile libsmbclient tests using just SAMBA_BINARY
This ensures that these compile without the extra includes that SAMBA3_BINARY adds.
Andrew Bartlett
Stefan Metzmacher [Wed, 19 Oct 2011 12:26:20 +0000 (14:26 +0200)]
s3:libsmb/async_smb: in cli_state_notify_pending() we always disconnect
So we should always set state->mid = 0.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Oct 20 11:34:23 CEST 2011 on sn-devel-104
Andrew Bartlett [Tue, 18 Oct 2011 10:30:17 +0000 (21:30 +1100)]
Revert "selftest: Avoid being run over by armies of the undead"
This reverts commit
2b47aface434000b29aa29f4ff6348cc147ae757 because
it had a typo in $SIG{CHILD} (it needed to be $SIG{CHLD}), which when
fixed simply broke the whole selftest system.
Andrew Bartlett
Andrew Tridgell [Thu, 20 Oct 2011 03:57:13 +0000 (14:57 +1100)]
build: explain the passing of make options to waf
add a comment explaining how we pass make command line options into
waf
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Oct 20 07:24:02 CEST 2011 on sn-devel-104
Amitay Isaacs [Tue, 18 Oct 2011 23:45:28 +0000 (10:45 +1100)]
ldb: ldb_errstring() takes ldb_contxt as an argument
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Tue, 18 Oct 2011 04:20:14 +0000 (15:20 +1100)]
s4-dns: Update serial number for zone on dns updates
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Tue, 18 Oct 2011 01:44:02 +0000 (12:44 +1100)]
s4-selftest: Add tests for RPC dnsserver
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Mon, 17 Oct 2011 02:15:40 +0000 (13:15 +1100)]
samba-tool: Added dns command for DNS management
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Tue, 27 Sep 2011 06:53:45 +0000 (16:53 +1000)]
s4-dns: Added DCERPC dns server for DNS management
dnsserver.h - typedefs and prototypes
dnsserver.c - RPC API and implementation methods
dnsdb.c - samdb operations
dnsdata.c - functions to manipulate dns structures
dnsutils.c - function for serverinfo and zoneinfo structures
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Fri, 7 Oct 2011 04:39:58 +0000 (15:39 +1100)]
s4-provision: Provision DNS records with correct rank
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 28 Sep 2011 03:15:02 +0000 (13:15 +1000)]
werror: Added missing DNS error codes
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Tue, 27 Sep 2011 07:10:14 +0000 (17:10 +1000)]
s4-dns: Added support for multiple DNS_RPC_RECORDS structures
Windows returns multiple DNS_RPC_RECORDS structures, but there is
no well defined structure in [MS-DNSP] doc. Added hand-written
code to parse ndr.
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Tue, 27 Sep 2011 07:07:04 +0000 (17:07 +1000)]
s4-dns: Added more data types for dnsserver implementation
Windows uses WERROR on dnsserver pipe.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 21 Sep 2011 04:56:19 +0000 (14:56 +1000)]
ldb-samba: Added handler to decode dnsProperty attribute
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 21 Sep 2011 04:55:06 +0000 (14:55 +1000)]
dnsp: Added typedefs to interpret dnsProperty attribute for dnsZone objectclass
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Tridgell [Thu, 20 Oct 2011 02:25:22 +0000 (13:25 +1100)]
s4-test: added test suite for common.py code
this tests the dsdb_Dn() class
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Oct 20 05:51:28 CEST 2011 on sn-devel-104
Andrew Tridgell [Thu, 20 Oct 2011 02:24:45 +0000 (13:24 +1100)]
s4-dsdb: moved dsdb_Dn() into common.py
this gives a method for dealing with binary DNs from python
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
Andrew Tridgell [Thu, 20 Oct 2011 02:24:04 +0000 (13:24 +1100)]
subunitrun: give more useful help
give some examples and more useful description for subunitrun command
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
Jeremy Allison [Wed, 19 Oct 2011 21:52:41 +0000 (14:52 -0700)]
Fix a boatload of warnings in the examples.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Oct 20 02:29:52 CEST 2011 on sn-devel-104
Jeremy Allison [Wed, 19 Oct 2011 21:25:45 +0000 (14:25 -0700)]
Fix error return to be NT_STATUS_NOT_A_DIRECTORY.
Jeremy Allison [Wed, 19 Oct 2011 21:23:38 +0000 (14:23 -0700)]
Make use of the "dir_exists" we already have on directory open.
Andrew Tridgell [Wed, 19 Oct 2011 21:02:40 +0000 (08:02 +1100)]
dsdb: improve debug message
show the reply type in "Invalid reply type" messages
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Oct 20 00:57:05 CEST 2011 on sn-devel-104
Günther Deschner [Wed, 19 Oct 2011 11:56:42 +0000 (13:56 +0200)]
s3-waf: make sure we always compile (not install) our libsmbclient testcode.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Oct 19 20:42:52 CEST 2011 on sn-devel-104
Stefan Metzmacher [Wed, 19 Oct 2011 15:37:29 +0000 (17:37 +0200)]
s3:libsmb/smb_seal: move smb_set_enclen() to smb_seal.c and make it static there
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Oct 19 19:06:35 CEST 2011 on sn-devel-104
Stefan Metzmacher [Wed, 19 Oct 2011 13:35:23 +0000 (15:35 +0200)]
s3:libsmb/smb_seal: s/uint16/uint16_t
metze
Stefan Metzmacher [Wed, 19 Oct 2011 13:33:16 +0000 (15:33 +0200)]
s3:include: move smb_seal.c prototypes to smb_crypt.h
metze
Stefan Metzmacher [Wed, 19 Oct 2011 13:32:14 +0000 (15:32 +0200)]
s3:libsmb/smb_seal: make common_ntlm_[en|de]crypt_buffer static
metze
Stefan Metzmacher [Wed, 19 Oct 2011 12:02:57 +0000 (14:02 +0200)]
s4:libcli/raw: remove unused smb_len(), _smb_setlen() and _smb2_setlen() macros
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Wed Oct 19 17:15:23 CEST 2011 on sn-devel-104
Stefan Metzmacher [Wed, 19 Oct 2011 12:02:30 +0000 (14:02 +0200)]
s4:smb_server/smb2: make use of _smb_setlen_tcp()
metze
Stefan Metzmacher [Wed, 19 Oct 2011 12:02:09 +0000 (14:02 +0200)]
s4:smb_server/smb: make use of _smb_setlen_nbt()
metze
Stefan Metzmacher [Wed, 19 Oct 2011 12:01:29 +0000 (14:01 +0200)]
s4:libcli/smb2: make use of _smb_setlen_tcp()
metze
Stefan Metzmacher [Wed, 19 Oct 2011 12:01:01 +0000 (14:01 +0200)]
s4:libcli/raw: make use of _smb_setlen_nbt()
metze
Stefan Metzmacher [Wed, 19 Oct 2011 12:00:12 +0000 (14:00 +0200)]
s4:lib/stream: make use of smb_len_tcp()
metze
Stefan Metzmacher [Wed, 19 Oct 2011 11:48:09 +0000 (13:48 +0200)]
s3:include: use smb_[set]len_[nbt|tcp]() macros
metze
Stefan Metzmacher [Wed, 19 Oct 2011 11:48:09 +0000 (13:48 +0200)]
libcli/smb: add smb_[set]len_[nbt|tcp]() macros
metze
David Disseldorp [Tue, 18 Oct 2011 11:55:22 +0000 (13:55 +0200)]
s3: remove duplicate fsctl fn definitions
Signed-off-by: Stefan Metzmacher <metze@samba.org>
David Disseldorp [Tue, 18 Oct 2011 11:54:33 +0000 (13:54 +0200)]
libcli: Move smb2 fsctl fn defs into common code
Signed-off-by: Stefan Metzmacher <metze@samba.org>
David Disseldorp [Tue, 18 Oct 2011 10:23:26 +0000 (12:23 +0200)]
s3: Remove duplicate fsctl function definitions
Signed-off-by: Stefan Metzmacher <metze@samba.org>
David Disseldorp [Tue, 18 Oct 2011 09:47:05 +0000 (11:47 +0200)]
libcli: move ioctl function field defs to smb_constants
Currently there are a lot of duplicate ioctl function field definitions
between source3 and source4.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 18 Oct 2011 22:37:47 +0000 (09:37 +1100)]
s4-s3-upgrade rename samba-tool domain samba3upgrade --libdir to --dbdir for clarity
The things pointed at are not typically in a directory called lib,
so avoid confusing our administrators.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Oct 19 15:43:04 CEST 2011 on sn-devel-104
Andrew Bartlett [Tue, 18 Oct 2011 22:31:40 +0000 (09:31 +1100)]
s4-s3-upgrade fix format string for secrets.tdb exception
Andrew Bartlett [Wed, 19 Oct 2011 12:07:14 +0000 (23:07 +1100)]
s4-s3-upgrade test upgrade without a wins.dat
Andrew Bartlett [Tue, 18 Oct 2011 22:31:16 +0000 (09:31 +1100)]
s4-s3-upgrade Fix samba3upgrade code to cope with a missing wins.dat
Andrew Bartlett [Tue, 18 Oct 2011 21:31:48 +0000 (08:31 +1100)]
s4-smb_server do not set credentials on gensec twice
The samba_server_gensec_start() has already set the credentials
on the gensec_security context.
Andrew Bartlett
Andrew Tridgell [Wed, 19 Oct 2011 05:34:32 +0000 (16:34 +1100)]
build: added deletion of stale .so and .o files
when we change our build rules to move a C file, we need to remove the
old ('stale') .so and .o files from the build directory, or they may
be used as part of the new build, which means that old code will be
linked in.
This expands the list of stale files that we remove on rule changes to
include .so and .o files
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Oct 19 09:02:23 CEST 2011 on sn-devel-104
Jelmer Vernooij [Wed, 19 Oct 2011 01:35:22 +0000 (03:35 +0200)]
samba.getopt: Add some basic tests.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Wed Oct 19 05:04:33 CEST 2011 on sn-devel-104
Jelmer Vernooij [Tue, 18 Oct 2011 23:30:40 +0000 (01:30 +0200)]
samba.getopt: Keep exception message when setting a lp option fails.
Giampaolo Lauria [Mon, 17 Oct 2011 19:34:47 +0000 (15:34 -0400)]
samba-tool: Improve getopt.py error handling
Modified code to handle -k and --kerberos options to:
1. Throw the correct exception
2. On error, display the correct user's specified option
Giampaolo Lauria [Mon, 17 Oct 2011 19:31:30 +0000 (15:31 -0400)]
samba-tool: Improve getopt.py error handling
Throw an exception when the --option value is invalid
Giampaolo Lauria [Mon, 17 Oct 2011 19:28:52 +0000 (15:28 -0400)]
samba-tool: Improve getopt.py error handling
Throw an exception when --option value is not in the form "a=b"
Giampaolo Lauria [Mon, 17 Oct 2011 19:22:01 +0000 (15:22 -0400)]
samba-tool: Improve getopt.py error handling
Raise exception when -d or --debuglevel value is <0
Günther Deschner [Tue, 18 Oct 2011 22:31:07 +0000 (00:31 +0200)]
s3-docs: Add a clarification note for nss_info primary group membership calculation.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Oct 19 03:10:40 CEST 2011 on sn-devel-104
Günther Deschner [Tue, 18 Oct 2011 22:19:58 +0000 (00:19 +0200)]
s3-docs: Document Services for Unix 2.0 (sfu20) nss_info ldap schema support.
Guenther
Volker Lendecke [Tue, 18 Oct 2011 19:36:44 +0000 (21:36 +0200)]
s3: Avoid a winbind 100% cpu loop
When a DC goes down hard, winbind can end up in a 100% CPU loop. The next
(small) RPC request to the DC ends up as a trans2 request. If the connection
goes down, we end up trying to discard the request via the loop in
cli_state_notify_pending(). Because this is a trans2 request,
cli_smb_req_unset_pending will not kick in. Thus the pending array will always
remain at length 1.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Oct 19 01:39:35 CEST 2011 on sn-devel-104
Jeremy Allison [Tue, 18 Oct 2011 18:54:53 +0000 (11:54 -0700)]
vfs_netatalk should be using strstr_m, not strstr to find .AppleDouble paths.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Oct 19 00:05:45 CEST 2011 on sn-devel-104
Jeremy Allison [Tue, 18 Oct 2011 18:24:35 +0000 (11:24 -0700)]
The last argument to atalk_build_paths() is always false, remove it.
Michael Adam [Tue, 18 Oct 2011 16:10:00 +0000 (18:10 +0200)]
lib/util: skip single hex digit at the end of the input sting - fix potential segfault
The second of two digits was read without checking for the length of the input
string. For a non-zero-terminated input string, this might have caused a
segfault.
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Tue Oct 18 22:32:59 CEST 2011 on sn-devel-104
Michael Adam [Tue, 18 Oct 2011 16:07:54 +0000 (18:07 +0200)]
lib/util: fix function header comment to strhex_to_str()
The description did not match the function's behaviour.
Michael Adam [Tue, 18 Oct 2011 16:03:10 +0000 (18:03 +0200)]
lib/util: untangle assignent from check in strhex_to_str()
Björn Baumbach [Mon, 17 Oct 2011 14:08:38 +0000 (16:08 +0200)]
s3-util: dbwrap_tool: add fetch fuctions for hex and string
Signed-off-by: Michael Adam <obnox@samba.org>
Björn Baumbach [Mon, 17 Oct 2011 14:05:52 +0000 (16:05 +0200)]
s3-util: dbwrap_tool: add store hex function
Allows the user to store hex blobs in a tdb.
Signed-off-by: Michael Adam <obnox@samba.org>
Michael Adam [Tue, 18 Oct 2011 09:37:25 +0000 (11:37 +0200)]
selftest:Samba3: fix signature for check_or_start()
Michael Adam [Tue, 18 Oct 2011 09:34:22 +0000 (11:34 +0200)]
selftest:Samba3: fix a message printed when starting winbindd
Simo Sorce [Tue, 18 Oct 2011 14:44:52 +0000 (10:44 -0400)]
pdb-interface: Do not use unid_t here
This interface needs to be publicly available, unid_t here is not really useful
and makes it harder to use it as unid_t is not a public union.
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Tue Oct 18 20:57:16 CEST 2011 on sn-devel-104
Andrew Bartlett [Tue, 18 Oct 2011 05:34:27 +0000 (16:34 +1100)]
s3-auth move the s3 auth context onto gensec_ntlmssp once we start
We do not need it on the auth_ntlmssp_state any longer.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 18 13:54:36 CEST 2011 on sn-devel-104
Andrew Bartlett [Tue, 18 Oct 2011 05:16:02 +0000 (16:16 +1100)]
s3-libsmb Use a gensec module to provide the ntlmssp client in ntlmssp_wrap.c
This removes the need to have if (ans->gensec_security) everywhere.
Andrew Bartlett
Andrew Bartlett [Mon, 17 Oct 2011 09:19:11 +0000 (20:19 +1100)]
s3-ntlmssp split auth_ntlmssp_client_start() into two parts
This will allow it to be a wrapper around a gensec module, which
requires that they options be set on a context, but before the
mechanism is started.
This also simplfies the callers, by moving the lp_*() calls
into one place.
Andrew Bartlett
Andrew Bartlett [Mon, 17 Oct 2011 09:00:02 +0000 (20:00 +1100)]
s3-rpc_client remove cli_auth_ntlmssp_data_destructor
This can be an ordinary talloc child without causing any problem.
This seems to have been inherited from a time when ntlmssp_client_start()
returned malloc() based memory.
Andrew Bartlett
Björn Jacke [Tue, 18 Oct 2011 08:54:56 +0000 (10:54 +0200)]
s3/doc: add man page for aio_fork vfs module
thanks to Volker for the content
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Tue Oct 18 12:24:35 CEST 2011 on sn-devel-104
Stefan Metzmacher [Mon, 17 Oct 2011 12:20:45 +0000 (14:20 +0200)]
s4:auth/unix_token: match s3 behavior and add uid/gid to the groups array
If mappings use ID_TYPE_BOTH.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Oct 18 10:39:54 CEST 2011 on sn-devel-104
Andrew Bartlett [Tue, 18 Oct 2011 00:33:33 +0000 (11:33 +1100)]
lib/param: Remove parameters for wins and spoolss databases
This removes the smb.conf parameters per-database, replacing these
with hard-coded database names in well known (and configurable)
directories.
The wins.ldb is now always in the "state dir", rather than being in
both state and lock dir (ie, a bug).
Less smb.conf parameters means less parameters to try and sync up
between the loadparm subsystems.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 18 05:39:54 CEST 2011 on sn-devel-104
Andrew Bartlett [Tue, 18 Oct 2011 00:30:52 +0000 (11:30 +1100)]
ldb: Output more error information when a connect fails
Stefan Metzmacher [Wed, 12 Oct 2011 18:52:09 +0000 (20:52 +0200)]
s3:auth_util: add the uid with WBC_ID_TYPE_BOTH also to the group array
This will help with having "sidHistory" support in future.
metze
Andrew Bartlett [Mon, 17 Oct 2011 04:56:44 +0000 (15:56 +1100)]
s3-auth: use typedefs in auth.h
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 17 Oct 2011 07:22:33 +0000 (09:22 +0200)]
gensec: move event context from gensec_*_init() to gensec_update()
This avoids keeping the event context around on a the gensec_security
context structure long term.
In the Samba3 server, the event context we either supply is a NULL
pointer as no server-side modules currently use the event context.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 17 Oct 2011 03:00:39 +0000 (14:00 +1100)]
s3-auth fix comment after s3 ntlmssp gensec module
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 17 Oct 2011 02:46:57 +0000 (13:46 +1100)]
gensec: move event-using code to gensec_update() hooks out of gensec_start*()
This ensures that only gensec_update() will require an event context argument
when the API is refactored.
Andrew Bartlett
Andrew Bartlett [Sat, 15 Oct 2011 03:56:11 +0000 (14:56 +1100)]
ntlmssp: Refuse to seal if we did not negotiate to sign
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sat, 15 Oct 2011 03:56:01 +0000 (14:56 +1100)]
gensec: Refuse to seal if we did not negotiate to sign
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sat, 15 Oct 2011 02:19:41 +0000 (13:19 +1100)]
s4-auth: match the new s3 gensec client and always negotiate SIGN with SEAL
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sat, 15 Oct 2011 02:17:33 +0000 (13:17 +1100)]
gensec: Assert that we have not been subject to a downgrade attack in DCE/RPC clients
Because of the calling convention, this is the best place to assert
that we have not been subject to a downgrade attack on the negotiated
features. (In DCE/RPC, this isn't a negotiation, the client simply
specifies the level of protection that is required).
Andrew Bartlett
(some formatting fixes)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 11 Oct 2011 05:13:49 +0000 (16:13 +1100)]
s3-smbd Give the nt error string when failing to set up encrypted transport
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Tue, 26 Jul 2011 02:35:09 +0000 (12:35 +1000)]
s3-ntlmssp Implement the server-side auth_ntlmssp code as a GENSEC module
This uses the top level gensec_ntlmssp helper functions which are identical
to the parts of ntlmssp_wrap.c that are now not called.
(Includes formatting and correctness fixes from Metze)
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Sat, 15 Oct 2011 06:27:30 +0000 (17:27 +1100)]
gensec: an event context is no longer mandetory
If you do not specify one however, you better know that the modules
you are using do not need one!
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Andrew Bartlett [Mon, 25 Jul 2011 07:43:50 +0000 (17:43 +1000)]
ntlmssp: Put members from auth_ntlmssp_state into gensec_ntlmssp_state
Signed-off-by: Stefan Metzmacher <metze@samba.org>
git.samba.org / rusty / samba.git / log