Jeremy Allison [Fri, 23 Jul 2010 17:54:46 +0000 (10:54 -0700)]
Fix bug 7583 - Smbclient fails to kerberos connect to a Alfresco JLAN CIFS Server
Correctly calculate the gssapi channel binding checkum.
Jeremy
Signed off by: simo <idra@samba.org>
Björn Jacke [Tue, 20 Jul 2010 17:48:39 +0000 (19:48 +0200)]
s3: not use as-needed by default and auto use if enable-developer is active
as discussed on samba-technical, we don't want people out there to use it
unwittingly by default. However by enabling it when enable-developer is used we
make sure that we don't break the feature.
Simo Sorce [Sat, 17 Jul 2010 20:34:33 +0000 (16:34 -0400)]
s3-rpc_server: Cleanup the way we free pipe auth data
Simo Sorce [Mon, 19 Jul 2010 19:43:22 +0000 (15:43 -0400)]
cleaup: Reformat cli_get_session_key()
merge cli_get_session_key
Simo Sorce [Sat, 17 Jul 2010 20:01:07 +0000 (16:01 -0400)]
s3-dcerpc: Fix potential memleak
Use a free function for schannel data too for now.
Simo Sorce [Tue, 20 Jul 2010 17:56:25 +0000 (13:56 -0400)]
s3-dcerpc: Properly initialize output buffers on nak/fault
Simo Sorce [Wed, 21 Jul 2010 00:00:12 +0000 (20:00 -0400)]
s3-libsmb: Use data_blob_talloc to get krb5 ticket and session keys
Simo Sorce [Tue, 20 Jul 2010 23:45:00 +0000 (19:45 -0400)]
misc: cleanup get_krb5_smb_session_key()
Simo Sorce [Tue, 20 Jul 2010 23:41:19 +0000 (19:41 -0400)]
misc: cleanup cli_krb5_get_ticket()
Jeremy Allison [Tue, 20 Jul 2010 23:17:58 +0000 (16:17 -0700)]
Add approriate TALLOC_CTX's thoughout the spnego code. No more implicit NULL contexts.
Jeremy.
Jeremy Allison [Tue, 20 Jul 2010 22:12:07 +0000 (15:12 -0700)]
Fix warning on 64-bit machines.
Jeremy.
Jeremy Allison [Tue, 20 Jul 2010 21:59:31 +0000 (14:59 -0700)]
Fix one more data_blob -> data_blob_talloc. Move away from implicit NULL context tallocs.
Jeremy.
Jeremy Allison [Tue, 20 Jul 2010 20:35:43 +0000 (13:35 -0700)]
Add TALLOC_CTX argument to spnego_parse_negTokenInit, reduce
use of malloc, and data_blob().
Jeremy.
Volker Lendecke [Tue, 20 Jul 2010 19:54:45 +0000 (21:54 +0200)]
s3: Fix two uninitialized variables
Jeremy Allison [Tue, 20 Jul 2010 18:14:49 +0000 (11:14 -0700)]
Rename spnego_gen_negTokenTarg() -> spnego_gen_krb5_negTokenInit()
as this correctly describes what this function does.
Jeremy.
Jeremy Allison [Tue, 20 Jul 2010 18:04:19 +0000 (11:04 -0700)]
Remove gen_negTokenTarg(), as it's not actually creating a TokenTarg frame, but a TokenInit one.
Move to using spnego_gen_negTokenInit() instead.
Jeremy
Jeremy Allison [Tue, 20 Jul 2010 16:51:48 +0000 (09:51 -0700)]
Fixes pointed out by <david.kondrad@legrand.us>. Free memory if not being
returned to caller. Remove unneeded asn1_tag_remaining() calls.
Jeremy.
Jeremy Allison [Tue, 20 Jul 2010 16:34:32 +0000 (09:34 -0700)]
Fix warning - no return value for a non-void fn.
Jeremy.
Björn Jacke [Tue, 20 Jul 2010 16:03:13 +0000 (18:03 +0200)]
s3: also run the test prog from the explicit external lib bug check
on Linux linking already stops with a broken ld, on FreeBSD8 linking works but
the binary is broken, so we must check both.
this should be the final fix for bug #7561
Simo Sorce [Mon, 19 Jul 2010 22:57:12 +0000 (18:57 -0400)]
dcerpc: Clarify what the arguments of dcerpc_pull_auth_trailer() actually represent.
Björn Jacke [Tue, 20 Jul 2010 11:39:59 +0000 (13:39 +0200)]
s3: check for explicit external lib bug in ld's as-needed code
Second part of fix for bug #7561
Based on test provided by Olaf Flebbe.
Björn Jacke [Tue, 20 Jul 2010 11:35:03 +0000 (13:35 +0200)]
s3: add configure swtich to manually disable as-needed
first part fix for bug #7561
based on earlier patch from metze
Björn Jacke [Tue, 20 Jul 2010 09:13:51 +0000 (11:13 +0200)]
Revert "s3: Don't use as-needed"
This reverts commit
b9835a1f9d8b81e4121a01a190dffaefe67cbe5c.
Simo Sorce [Sat, 17 Jul 2010 20:58:50 +0000 (16:58 -0400)]
s3-dcerpc: Unifiy cli_pipe_auth_data and pipe_auth_data
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Mon, 19 Jul 2010 17:39:01 +0000 (13:39 -0400)]
s3-auth: Add auth_ntlmssp wrapper for client side
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Mon, 19 Jul 2010 17:36:33 +0000 (13:36 -0400)]
s3-auth: Move auth_ntlmssp wrappers in their own file
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Fri, 16 Jul 2010 22:33:38 +0000 (18:33 -0400)]
s3-auth: Refactor and rename auth_ntlmssp_server_info()
Rename it to auth_ntlmssp_steal_server_info() to make it clear that
the server_info struct is stolen from the auth_ntlmssp_state structure.
Use talloc_move instead of manual steal&clear
Add comments to explain what is going on.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Jeremy Allison [Tue, 20 Jul 2010 00:14:26 +0000 (17:14 -0700)]
Remove gen_negTokenInit() - change all callers to spnego_gen_negTokenInit().
We now have one function to do this in all calling code. More rationalization
to follow.
Jeremy.
Jeremy Allison [Mon, 19 Jul 2010 23:45:16 +0000 (16:45 -0700)]
Move the addition of the 16 byte guid out of spnego_gen_negTokenInit() and
into negprot_spnego() where it belongs (it's not an SPNEGO operation).
Add a TALLOC_CTX for callers of negprot_spnego(). Closer to unifying all
the gen_negTokenXXX calls.
Jeremy.
Jeremy Allison [Mon, 19 Jul 2010 22:41:45 +0000 (15:41 -0700)]
Remove parse_negTokenTarg(), as it's actually incorrect. We're processing
negTokenInit's here. Use common code in spnego_parse_negTokenInit().
Jeremy.
Jeremy Allison [Mon, 19 Jul 2010 21:21:01 +0000 (14:21 -0700)]
Fix [Bug 7577] SPNEGO auth fails when contacting Win7 system using Microsoft Live Sign-in Assistant
Based on code from <david.kondrad@legrand.us>. Cope with every NegTokenInit ::= SEQUENCE value.
Jeremy.
Volker Lendecke [Mon, 19 Jul 2010 14:15:01 +0000 (16:15 +0200)]
s3: Avoid pwrite calls for the 1-byte writes with zero content
When a write cache is empty and we write one 0, there is no point in actually
writing into the write cache, which would trigger a potentially superfluous
write cache flush. We can rely on posix semantics to give us 0's when
subsequent read calls want to read from file areas not written yet.
Jeremy, please check!
Simo Sorce [Mon, 19 Jul 2010 17:53:34 +0000 (13:53 -0400)]
s3-auth: Remove unused variable.
It was a spurious remnant after a rebase.
Simo Sorce [Mon, 19 Jul 2010 17:48:31 +0000 (13:48 -0400)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Andrew Tridgell [Mon, 19 Jul 2010 04:26:20 +0000 (14:26 +1000)]
waf: make the error msg when gen_ndr directory is missing clearer
the next time someone removes gen_ndr/README the fix should be more
obvious.
Andrew Tridgell [Mon, 19 Jul 2010 04:20:33 +0000 (14:20 +1000)]
waf-idl: put the gen_ndr/README file for source3 back
This was removed by
100d37fc4624690423f6a932709b3f9046d05c64, probably
accidentially.
Andreas Schneider [Fri, 16 Jul 2010 12:52:42 +0000 (14:52 +0200)]
s3-rpc_server: Added callbacks for init and shutdown of a rpc service.
This adds two callback function for each rpc service. One is for
initialisation and the other for shutdown. rpc_<service>_unregister()
needs to be called to execute the shutdown function.
Andreas Schneider [Thu, 15 Jul 2010 10:47:19 +0000 (12:47 +0200)]
s3-rpc_server: Don't register the same rpc commands twice.
Volker Lendecke [Mon, 19 Jul 2010 10:47:09 +0000 (12:47 +0200)]
s3-docs: Add more verbose description of "log writeable files on exit".
Volker Lendecke [Mon, 19 Jul 2010 10:35:58 +0000 (12:35 +0200)]
s3-docs: Add more verbose description of "ctdb locktime warn threshold".
Volker Lendecke [Mon, 19 Jul 2010 10:22:05 +0000 (12:22 +0200)]
s3-docs: Add more verbose description of "username map cache time".
Karolin Seeger [Mon, 19 Jul 2010 09:54:05 +0000 (11:54 +0200)]
s3-docs: Remove older documentation of smb2 parameters.
Jeremy, these parameters were already documented. My fault.
Sorry for the noise!
Karolin
Kamen Mazdrashki [Fri, 16 Jul 2010 11:19:07 +0000 (14:19 +0300)]
s4: Remove trailing whitespaces
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 11:18:49 +0000 (14:18 +0300)]
ldb: Mark _DEPRECATED_ ldb_msg_diff() and ldb_msg_canonicalize() functions
They are not quite safe to use (requires caller to steal
resulting message in own context) and may lead to holding
memory for too long.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 11:18:14 +0000 (14:18 +0300)]
s4-dsdb: use ldb_msg_normalize() in ldb_msg_difference()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 11:16:38 +0000 (14:16 +0300)]
s4-test: Use ldb_msg_normalize() in sqlite3 backend
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 11:13:20 +0000 (14:13 +0300)]
s4-test: Use ldb_msg_normalize() in torture/rpc/dssync.c test
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 11:03:53 +0000 (14:03 +0300)]
s4-dsdb: use ldb_msg_normalize() in ldbadd-process_file()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 11:01:49 +0000 (14:01 +0300)]
s4-dsdb: use ldb_msg_normalize() in source4/lib/ldb/common/ldb.c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 10:59:40 +0000 (13:59 +0300)]
s4-dsdb: use ldb_msg_normalize() in source4/dsdb/schema/schema_set.c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 10:55:42 +0000 (13:55 +0300)]
s4-ldb: Add ldb_msg_normalize() to accept a memory context from client
Previos implementation from ldb_msg_canonicalize()
was moved into this function and now ldb_msg_canonicalize()
is based on ldb_msg_normalize()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 10:47:41 +0000 (13:47 +0300)]
s4-ldb: Use _ldb_msg_add_el() in ldb_msg_add()
Previous implementation was 'leaking' attribute name
string, that is allocated by ldb_msg_add_empty()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 10:46:05 +0000 (13:46 +0300)]
s4-ldb: Use _ldb_msg_add_el() in ldb_msg_add_empty()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 10:44:13 +0000 (13:44 +0300)]
s4-ldb: Add separate function to add empty element into ldb_msg
It just adds another element, nothing more.
Caller is responsible to fill-in the added element and
determine how to handle data allocation contexts.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 10:41:57 +0000 (13:41 +0300)]
s4-ldb: Write more explanatory comment for ldb_msg_add()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 10:40:50 +0000 (13:40 +0300)]
s4-pyldb: Use ldb_msg_difference() in py_ldb_msg_diff()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 10:38:09 +0000 (13:38 +0300)]
s4-test: Use ldb_msg_difference() in torture/rpc/dssync.c test
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 10:35:07 +0000 (13:35 +0300)]
s4-tools: use ldb_msg_difference() in ldbedit - modify_record()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 11:27:30 +0000 (14:27 +0300)]
s4-dsdb/schema/schema_set.c: fix trailing spaces and comments spelling
Few comments split on several lines also...
(Sorry Metze, I know you hate reviewing "and this, and that"
type of patches, but those are just cosmetics)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 10:26:45 +0000 (13:26 +0300)]
s4-dsdb: use ldb_msg_difference() in source4/dsdb/schema/schema_set.c
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Kamen Mazdrashki [Fri, 16 Jul 2010 11:23:24 +0000 (14:23 +0300)]
s4-ldb: Implement ldb_msg_difference() function to accept a memory context from client
Old implementation from ldb_msg_diff() was moved into
this this function but with changed interface
so that a memory context may be passed.
ldb_msg_diff() function is now based on ldb_msg_difference(),
which fixes a hidden leak - internal ldb_msg object
(returned from ldb_msg_canonicalize) wasn't freed
and stays attached to ldb_context for the connection lifetime.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Fri, 16 Jul 2010 23:44:22 +0000 (19:44 -0400)]
s3-auth: Use talloc hierarchies to properly free auth_ntlmssp_state contexts
Turn auth_ntlmssp_end into a destructor and attach it to auth_ntlmssp_state.
Remote auth_ntlmssp_end and use TALLOC_FREE in the callers.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Sat, 17 Jul 2010 14:22:04 +0000 (10:22 -0400)]
s3-auth: auth_make ntlmssp_state the parent context
There is no need for a separate mem_ctx member.
Also make the ntlmssp_state a children of auth_ntlmssp_state
Also cleanup auth_ntlmssp_end to free only what is not automatically freed
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Fri, 16 Jul 2010 22:23:55 +0000 (18:23 -0400)]
s3-auth: Simplify how we free the auth_context
Turn the freeing function into a destructor and attach it to the
auth_context.
Make all callers TALLOC_FREE() the auth_context instead of calling
the free function.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Fri, 16 Jul 2010 21:47:21 +0000 (17:47 -0400)]
s3-auth: Cleanup and readability fixes
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Fri, 16 Jul 2010 21:30:14 +0000 (17:30 -0400)]
s3-ntlmssp: Remove ntlmssp_end and let the talloc hierarchy handle it.
All the members are children of ntlmssp_state anyway.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Simo Sorce [Mon, 19 Jul 2010 00:04:42 +0000 (20:04 -0400)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Volker Lendecke [Sun, 18 Jul 2010 15:12:30 +0000 (17:12 +0200)]
s3: Actually use the usecs in aio_fork_suspend
Jeremy, please check!
Volker Lendecke [Sun, 18 Jul 2010 15:12:11 +0000 (17:12 +0200)]
s3: Fix an uninitialized variable
Volker Lendecke [Sun, 18 Jul 2010 12:40:43 +0000 (14:40 +0200)]
s3: Work better without the aio sighandler
Refuse async I/O if we can't set up the signal handler
Volker Lendecke [Sun, 18 Jul 2010 11:39:51 +0000 (13:39 +0200)]
s3: Fix some nonempty blank lines
Volker Lendecke [Sat, 17 Jul 2010 21:16:26 +0000 (23:16 +0200)]
s3: Remove a direct use of procid_self()
Andreas Schneider [Sun, 18 Jul 2010 13:04:20 +0000 (15:04 +0200)]
s3-rpc_client: Fixed a segfault in rpccli_samr_chng_pswd_auth_crap().
This fixes the WINBIND-WBCLIENT test. The test set
old_lm_hash_enc_blob.length to 0 and we don't check the length here. So
the memcpy segfaulted.
Andreas Schneider [Sun, 18 Jul 2010 09:28:24 +0000 (11:28 +0200)]
s3-waf: Fixed the build.
Volker Lendecke [Sun, 18 Jul 2010 09:56:17 +0000 (11:56 +0200)]
s3: Don't use as-needed
This is just broken. RHEL5 can't deal with it, FreeBSD8 is broken with it, and
who knows what other platforms are broken. I can rather live with a system that
links in a bit too much than a system that does not work at all.
Volker Lendecke [Sat, 17 Jul 2010 19:37:43 +0000 (21:37 +0200)]
pam_winbind: Fix shadowing a global on FreeBSD
FreeBSD defines a function pam_error()
Simo Sorce [Sat, 17 Jul 2010 19:43:28 +0000 (15:43 -0400)]
s3-dcerpc: Fix build and remove unneeded headers
Sorry, botched a rebase.
Simo Sorce [Sat, 17 Jul 2010 19:22:26 +0000 (15:22 -0400)]
s3-dcerpc: Move mere processing functions from srv_pipe_hnd.c to srv_pipe.c
Volker Lendecke [Sat, 17 Jul 2010 19:13:11 +0000 (21:13 +0200)]
Fix a typo
Simo Sorce [Sat, 17 Jul 2010 19:00:24 +0000 (15:00 -0400)]
s3-dcerpc: Move common cli/srv functions into a common file
Volker Lendecke [Sat, 17 Jul 2010 18:20:14 +0000 (20:20 +0200)]
s3: Really fix the 64-bit warnings
Hmm. Forgot to git commit this piece, sorry :-(
Volker Lendecke [Sat, 17 Jul 2010 15:20:03 +0000 (17:20 +0200)]
s3: Fix some 64-bit warnings
Volker Lendecke [Sat, 17 Jul 2010 15:08:30 +0000 (17:08 +0200)]
s3: Right now we do not have includes in Makefile.in
Skip the expansion step on non-GNU-make systems
Matthieu Patou [Sat, 17 Jul 2010 17:45:12 +0000 (21:45 +0400)]
s4 pam_winbind: don't build if pam header are not installed
Matthieu Patou [Sat, 17 Jul 2010 16:07:52 +0000 (20:07 +0400)]
s4 nss_switch: fix build problem on computer without the iniparser
Although the build was ok on my workstation it appears that on build
server it was not because the include path was not correct.
Matthieu Patou [Sat, 5 Jun 2010 15:16:20 +0000 (19:16 +0400)]
s4-waf: add the missing bits for builing nss_winbind and pam_winbind
This is something that was not picked up during the migration to waf
Matthieu Patou [Sun, 11 Jul 2010 20:07:20 +0000 (00:07 +0400)]
s4 unittests: add blackblox test for ktpass
Matthieu Patou [Mon, 28 Jun 2010 17:38:35 +0000 (21:38 +0400)]
s4: create a simple version of ktpass
This script is intended to be a replacement for the ktutil of Windows.
It's use is for exporting keytab that will be used for kerberized
services.
Günther Deschner [Fri, 16 Jul 2010 21:25:12 +0000 (23:25 +0200)]
s3-build: add LIBNDR_XATTR_OBJ.
Guenther
Jeremy Allison [Fri, 16 Jul 2010 21:39:52 +0000 (14:39 -0700)]
Fix bug #7570 - New smb2 max parameters are undocumented.
Jeremy.
Günther Deschner [Fri, 16 Jul 2010 21:09:54 +0000 (23:09 +0200)]
s3-dcerpc: rename SCHANNEL_SIG_SIZE to NL_AUTH_SIGNATURE_SIZE and move to IDL.
Guenther
Günther Deschner [Fri, 16 Jul 2010 21:00:17 +0000 (23:00 +0200)]
s3-perfcount: make it possible to compile the example perfcount daemon.
Guenther
Günther Deschner [Fri, 16 Jul 2010 20:46:58 +0000 (22:46 +0200)]
s4-smbtorture: run all testcases with bigendian push as well in RPC-BIND.
Guenther
Günther Deschner [Fri, 16 Jul 2010 20:42:11 +0000 (22:42 +0200)]
s4-smbtorture: rearrange testlist in RPC-BIND.
Guenther
Günther Deschner [Fri, 16 Jul 2010 20:41:32 +0000 (22:41 +0200)]
s4-smbtorture: make sure to wipe out dcerpc auth flags before RPC-BIND starts.
Guenther
Simo Sorce [Fri, 16 Jul 2010 19:15:48 +0000 (15:15 -0400)]
s3-dcerpc: Fix ability to receive Big Endian PDUs
James Peach [Fri, 16 Jul 2010 18:07:31 +0000 (11:07 -0700)]
smbtorture shell: Allow any config option to be set.
Not sure what I was thinking by restricting the shell to "torture:"
parametric options. It's really extemely useful to be able to set
arbitrary options.
Jeremy Allison [Fri, 16 Jul 2010 18:05:34 +0000 (11:05 -0700)]
Make the "map to guest" parameter work correctly with NTLMSSP (spnego
and raw) under SMB2. Still need to investigate fixing this with krb5
auth (does this make sense ?).
Jeremy.
Simo Sorce [Fri, 16 Jul 2010 13:57:03 +0000 (09:57 -0400)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Andrew Tridgell [Fri, 16 Jul 2010 04:32:42 +0000 (14:32 +1000)]
s4-loadparm: 2nd half of lp_ to lpcfg_ conversion
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>