Andrew Bartlett [Thu, 9 Apr 2009 04:28:51 +0000 (14:28 +1000)]
Rework Samba3 to use new common schannel and credentials API in netlogon
Andrew Bartlett [Thu, 9 Apr 2009 04:26:04 +0000 (14:26 +1000)]
Rework to use new API for common netlogon credential chaining
Andrew Bartlett [Thu, 9 Apr 2009 04:25:50 +0000 (14:25 +1000)]
Link in the common samsync decryption code
Andrew Bartlett [Thu, 9 Apr 2009 04:22:04 +0000 (14:22 +1000)]
libcli/auth Push schannel check into common libcli/auth
This means we have a single choke point to ensure the remote client is
using schannel.
Andrew Bartlett
Andrew Bartlett [Thu, 9 Apr 2009 04:21:09 +0000 (14:21 +1000)]
s4:torture Rework smbtorture to for creds_ -> netlogon_creds_ rename
Andrew Bartlett [Mon, 6 Apr 2009 12:56:13 +0000 (22:56 +1000)]
Make Samba3 use the new common libcli/auth code, particularly in netlogon.
Andrew Bartlett [Mon, 6 Apr 2009 12:55:47 +0000 (22:55 +1000)]
Rework other common libcli/ code after the rename of creds_ to netlogon_creds_
Andrew Bartlett [Mon, 6 Apr 2009 12:54:44 +0000 (22:54 +1000)]
Rework Samba4 to use the new common libcli/auth code
In particular, this is the rename from creds_ to netlogon_creds_, as
well as other links to use the new common crypto.
Andrew Bartlett
Andrew Bartlett [Mon, 6 Apr 2009 12:53:01 +0000 (22:53 +1000)]
Rework netlogon credentials for the top level
This makes constructor functions that return the allocated structure,
rather than having the caller pass them in, and makes the server init
function also check the first credential.
The rename of creds_ to netlogon_creds should make it more clear what
this code works with.
Andrew Bartlett
Andrew Bartlett [Mon, 6 Apr 2009 12:51:32 +0000 (22:51 +1000)]
Push schannel_state.c into the top level.
This is the server side state for netlogon credential chaining
Andrew Bartlett
Andrew Bartlett [Fri, 27 Mar 2009 01:16:17 +0000 (12:16 +1100)]
Use common samsync delta decryption functions in libnet_samsync.c
Andrew Bartlett
Andrew Bartlett [Tue, 17 Mar 2009 09:08:31 +0000 (20:08 +1100)]
More work to adapt to merged libcli/auth function prototypes
Andrew Bartlett [Tue, 17 Mar 2009 09:06:46 +0000 (20:06 +1100)]
Adapt to common crypto functions: sam_pwd_hash() -> sam_rid_crypt()
Andrew Bartlett [Tue, 17 Mar 2009 09:03:32 +0000 (20:03 +1100)]
libcli/auth Don't compile against un-needed Samba4 headers
Andrew Bartlett [Tue, 17 Mar 2009 03:03:02 +0000 (14:03 +1100)]
Port Samba4 to the new combined libcli/auth functions
For example, some of the new shared functionality was previously in the wkssvc
torture test.
Andrew Bartlett
Andrew Bartlett [Mon, 16 Mar 2009 23:02:45 +0000 (10:02 +1100)]
Move ntlm_check.h into the common libcli/auth
Andrew Bartlett [Mon, 16 Mar 2009 10:27:58 +0000 (21:27 +1100)]
Rework Samba3 to use new libcli/auth code (partial)
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).
Andrew Bartlett
Andrew Bartlett [Mon, 16 Mar 2009 10:19:10 +0000 (21:19 +1100)]
Merge smbencrypt.c between Samba3 and Samba4
Andrew Bartlett [Mon, 16 Mar 2009 10:17:29 +0000 (21:17 +1100)]
Rework trivial msrpc parser to use convert_string_talloc()
Also avoid still string conversions when trying to match NTLMSSP in
the header of the NTLMSSP packet.
This also changes a few things to avoid const warnings.
Andrew Bartlett
Andrew Bartlett [Mon, 16 Mar 2009 07:08:15 +0000 (18:08 +1100)]
Move MSRPC-PARSE into the common libcli/auth
This is a depenceny of smbencrypt.c
Andrew Bartlett [Mon, 16 Mar 2009 04:20:28 +0000 (15:20 +1100)]
Move DRSUAPI per-attribute decryption into a common file
This file (contining metze's decryption routines) is now also be used by
Samba3's DRSUAPI implementation
Andrew Bartlett
Andrew Bartlett [Mon, 16 Mar 2009 02:26:38 +0000 (13:26 +1100)]
Move libcli/auth to the top level
Andrew Bartlett [Mon, 23 Mar 2009 22:42:59 +0000 (09:42 +1100)]
s3:charcnv Remove last calls to push_*_allocate()
Also removes last calls to convert_string_allocate()
Andrew Bartlett [Mon, 23 Mar 2009 22:47:39 +0000 (09:47 +1100)]
s3:charcnv Don't use strdup_upper any more
To allow transition to a common charcnv in future, provide Samba4-like
strupper functions in source3/lib/charcnv.c
Andrew Bartlett [Thu, 19 Mar 2009 08:20:08 +0000 (19:20 +1100)]
s3:charcnv Remove unused unistrcpy() and unistrlen()
Andrew Bartlett [Thu, 19 Mar 2009 08:18:14 +0000 (19:18 +1100)]
s3:rpc_parse remove unused prs_unistr2()
Andrew Bartlett [Thu, 19 Mar 2009 08:14:36 +0000 (19:14 +1100)]
s3:charcnv Remove unused unistr2 functions
Natrually, the hard work to make these unsued was done by GD, not me :-)
Andrew Bartlett
Andrew Bartlett [Thu, 19 Mar 2009 08:11:15 +0000 (19:11 +1100)]
s3:charcnv Remove unused ucs2_to_unistr2()
Andrew Bartlett [Wed, 18 Mar 2009 07:05:17 +0000 (18:05 +1100)]
s3:lib Use push_ucs2_talloc() in ms_fnmatch()
Andrew Bartlett [Wed, 18 Mar 2009 07:04:35 +0000 (18:04 +1100)]
s3:smbldap convert the easy cases to push_utf8_talloc()
Andrew Bartlett [Wed, 18 Mar 2009 06:36:35 +0000 (17:36 +1100)]
s3:charcnv remove now unused malloc() based conversion functions
Andrew Bartlett [Wed, 18 Mar 2009 06:35:03 +0000 (17:35 +1100)]
s3:libads Make ads_get_dn() take a talloc context
Also remove ads_memfree(), which was only ever a wrapper around
SAFE_FREE, used only to free the DN from ads_get_ds().
This actually makes libgpo more consistant, as it mixed a talloc and a
malloc based string on the same element.
Andrew Bartlett
Andrew Bartlett [Wed, 18 Mar 2009 05:31:51 +0000 (16:31 +1100)]
s3:printing Convert nt_printer_publish_ads() to use talloc better
In particular, this removes one more user of pull_utf8_allocate()
Andrew Bartlett
Andrew Bartlett [Wed, 18 Mar 2009 05:23:27 +0000 (16:23 +1100)]
s3:kerberos Rework smb_krb5_unparse_name() to take a talloc context
Andrew Bartlett [Wed, 18 Mar 2009 05:19:19 +0000 (16:19 +1100)]
s3:smbtorture Convert charcnv torture suite to use push_ucs2_talloc()
Andrew Bartlett [Wed, 18 Mar 2009 04:29:43 +0000 (15:29 +1100)]
s3:util_str Remove calls to pull_*_allocate() and pull_*_allocate()
The end goal is to remove convert_string_allocate(), which is not
provided by the common lib/util/charcnv code.
Andrew Bartlett
Andrew Bartlett [Wed, 18 Mar 2009 04:29:02 +0000 (15:29 +1100)]
s3:smbldap Remove smbldap_get_dn
This removes one more caller to pull_utf8_allocate()
Andrew Bartlett [Thu, 19 Mar 2009 01:20:11 +0000 (12:20 +1100)]
Convert Samba3 to use the common lib/util/charset code (partial)
This parital commit has it's focus on converting Samba3 code to use
the common function prototypes where possible
Andrew Bartlett
Andrew Bartlett [Tue, 17 Mar 2009 03:04:43 +0000 (14:04 +1100)]
Solve some of the conflict between Samba3 and Samba4 push_string
This renames push_string in Samba3 into push_string_base and
push_string_check for the two different use cases.
This should allow push_string to be imported from Samba4, using it's
calling conventions.
David Kwan [Fri, 20 Mar 2009 16:03:08 +0000 (16:03 +0000)]
s3 onefs: Change error status to NT_ACCESS_DENIED for errors in SET_SECURITY_DESC
Tim Prouty [Wed, 25 Mar 2009 00:05:16 +0000 (17:05 -0700)]
s3: parse_packet can return NULL which is then dereferenced in match_mailslot_name
Volker Lendecke [Tue, 24 Mar 2009 20:57:01 +0000 (21:57 +0100)]
Fix two memleaks in the encryption code
ntlmssp_seal_packet creates its own signature data blob, which we then
have to free.
Jeremy, please check and merge appropriately (Yes, I'm asking you to do the
janitor work, I want you to *look* at this :-))
Volker
Günther Deschner [Tue, 24 Mar 2009 15:07:46 +0000 (16:07 +0100)]
s4-install: add new location of generated dcerpc headers to headermap file.
Guenther
Kai Blin [Tue, 24 Mar 2009 13:59:11 +0000 (14:59 +0100)]
wbclient: Fix use of wb_int_trans_send, queue parameter must not be NULL
Volker Lendecke [Mon, 23 Mar 2009 22:38:04 +0000 (23:38 +0100)]
Convert rpc_pipe_bind to tevent_req
Volker Lendecke [Mon, 23 Mar 2009 22:30:18 +0000 (23:30 +0100)]
Convert rpc_cli_transport->trans to tevent_req
Volker Lendecke [Mon, 23 Mar 2009 22:20:03 +0000 (23:20 +0100)]
Convert rpc_cli_transport->write to tevent_req
Volker Lendecke [Mon, 23 Mar 2009 22:03:37 +0000 (23:03 +0100)]
Convert rpc_cli_transport->read to tevent_req
Volker Lendecke [Mon, 23 Mar 2009 21:49:29 +0000 (22:49 +0100)]
Convert rpc_api_pipe_req to tevent_req
Volker Lendecke [Mon, 23 Mar 2009 21:33:00 +0000 (22:33 +0100)]
Convert rpc_api_pipe to tevent_req
Volker Lendecke [Mon, 23 Mar 2009 21:13:44 +0000 (22:13 +0100)]
Convert cli_api_pipe to tevent_req
Volker Lendecke [Mon, 23 Mar 2009 20:57:19 +0000 (21:57 +0100)]
Convert get_complete_frag to tevent_req
Volker Lendecke [Mon, 23 Mar 2009 20:49:19 +0000 (21:49 +0100)]
Convert rpc_write to tevent_req
Volker Lendecke [Mon, 23 Mar 2009 20:37:27 +0000 (21:37 +0100)]
Convert rpc_read to tevent_req
Volker Lendecke [Sun, 1 Mar 2009 21:25:51 +0000 (22:25 +0100)]
Add tevent_req_simple_recv_ntstatus()
Volker Lendecke [Tue, 24 Mar 2009 10:07:16 +0000 (11:07 +0100)]
Fix bug 6097
A client sent a SID with authority 0 and 0 sub-authorities. W2k3 replies with
NT_STATUS_INVALID_SID, even if other SIDs in the list are valid.
Thanks to Pavel <wylda@volny.cz> for the bug report!
Günther Deschner [Fri, 20 Mar 2009 23:10:14 +0000 (00:10 +0100)]
s3: use generated dcerpc code.
Guenther
Günther Deschner [Fri, 20 Mar 2009 22:27:15 +0000 (23:27 +0100)]
s3: add generated dcerpc files.
Guenther
Günther Deschner [Fri, 20 Mar 2009 22:25:53 +0000 (23:25 +0100)]
move dcerpc.idl to main directory.
Guenther
Günther Deschner [Tue, 24 Mar 2009 10:02:40 +0000 (11:02 +0100)]
s3: add missing prototype for auth_wbc_init().
Guenther
Björn Jacke [Mon, 23 Mar 2009 11:26:03 +0000 (12:26 +0100)]
s3:dsgetdcname: use parentheses in if condition to make negation clear
Signed-off-by: Günther Deschner <gd@samba.org>
Andrew Tridgell [Tue, 24 Mar 2009 05:29:24 +0000 (16:29 +1100)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Andrew Tridgell [Tue, 24 Mar 2009 05:28:39 +0000 (16:28 +1100)]
the start of a possibleInferiors test suite
we haven't implemented possibleInferiors yet. This test is meant to
help us understand how it works. It tries to construct
possibleInferiors via searches on other attributes, and compares it to
the servers constructed possibleInferiors attribute for each class in
the servers schema.
see [MS-ADTS] section 3.1.1.4.5.21
Andrew Tridgell [Mon, 23 Mar 2009 23:53:06 +0000 (10:53 +1100)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Tim Prouty [Mon, 23 Mar 2009 18:57:13 +0000 (11:57 -0700)]
s3 OneFS: Remove usage of non-existant function
The function was removed in:
c16c90a1cb3b0e2ceadd3dea835a4e69acfc2fae
Tim Prouty [Mon, 23 Mar 2009 18:55:58 +0000 (11:55 -0700)]
s3: Remove redundant comment
Michael Adam [Mon, 23 Mar 2009 16:47:26 +0000 (17:47 +0100)]
s3:build: make SHOWFLAGS target phony and add alias showflags
Michael
Michael Adam [Mon, 23 Mar 2009 16:36:46 +0000 (17:36 +0100)]
libreplace: use libreplace_SAVE_CPPFLAGS instead of SAVE_CPPFLAGS
This fixes Samba3's double listing of -I options in CFLAGS,
since samba3's configure wraps the call to AC_LIBREPLACE_NETWORK_CHECKS
into a SAVE_CPPFLAGS="${CPPFLAGS}" .. CPPFLAGS="${SAVE_CPPFLAGS}"
sequence... :-)
Michael
Volker Lendecke [Sun, 22 Mar 2009 14:59:33 +0000 (15:59 +0100)]
Use avahi to register _smb._tcp in smbd
Volker Lendecke [Fri, 20 Mar 2009 13:55:05 +0000 (14:55 +0100)]
Add tevent avahi binding
Volker Lendecke [Fri, 20 Mar 2009 13:53:10 +0000 (14:53 +0100)]
Add avahi detection to configure
Volker Lendecke [Fri, 20 Mar 2009 13:39:19 +0000 (14:39 +0100)]
Disable dns_sd by default
Michael Adam [Mon, 23 Mar 2009 13:22:37 +0000 (14:22 +0100)]
s3:build: prevent from setting "-O -g", check for $debug first.
This makes configure actually behave as the comments describe.
The reversal of order was introduced by mistake in
90ea8ae9b1ed3b7ed1c93076517e026e629ea1aa
Michael
Björn Jacke [Wed, 18 Mar 2009 21:19:06 +0000 (22:19 +0100)]
don't set -O twice
Signed-off-by: Michael Adam <obnox@samba.org>
Björn Jacke [Thu, 19 Mar 2009 00:16:46 +0000 (01:16 +0100)]
remove non standard way to point to ctdb path
we can provide the path to ctdb via the --with-ctdb=... configure flag like we
do it with other packageѕ, too. There is no need for another redundnant
Makefile hack to point the ctdb header location
Signed-off-by: Michael Adam <obnox@samba.org>
Björn Jacke [Mon, 23 Mar 2009 12:02:57 +0000 (13:02 +0100)]
ѕ3/winbind_pam: fix gcc 4.4 compile warning
Stefan Metzmacher [Fri, 6 Mar 2009 15:35:34 +0000 (16:35 +0100)]
selftest/Samba3: Test smb signing against the member server
metze
Stefan Metzmacher [Mon, 9 Mar 2009 08:50:36 +0000 (09:50 +0100)]
s3:libsmb: use new simplified smb_signing code for the client side
We store the seqnum/mid mapping in the cli_request structure
for async requests and in the cli_state structure for sync calls.
We skip the signing check for oplock requests while waiting
for async requests coming in.
metze
Stefan Metzmacher [Mon, 9 Mar 2009 08:47:59 +0000 (09:47 +0100)]
s3:smbd: use new simplified snb_signing code in the server
We keep the seqnum/mid mapping in the smb_request structure.
This also moves one global variable into the
smbd_server_connection struct.
metze
Stefan Metzmacher [Mon, 9 Mar 2009 07:42:05 +0000 (08:42 +0100)]
s3:libsmb: add a much simplified smb_siging infrastructure
It's the job of the caller to maintain the seqnum/mid mapping.
Hopefully we can use this code in s4 later too.
metze
Stefan Metzmacher [Sun, 8 Mar 2009 16:47:08 +0000 (17:47 +0100)]
s3:libsmb: rename smb_signing.c => clisigning.c
This prepares a large simplification of the smb_signing code
metze
Stefan Metzmacher [Mon, 23 Mar 2009 10:44:00 +0000 (11:44 +0100)]
s3:smbd: if we allow trans2 on the IPC$ share, then we have to allow transs2 too.
Otherwise we'll confuse the client signing engine, when we reply an error to each transs2.
metze
Stefan Metzmacher [Mon, 23 Mar 2009 08:16:18 +0000 (09:16 +0100)]
socket_wrapper: fix connect() for dgram sockets, if the destination isn't there yet
Now we defer the real_connect() for dgram sockets to the first send()/sendto() call,
as the destination might not be there at connect time.
Commit
66dc53ee017d74a6f610bbe04337f064901fe2a1 was an incomplete fix for this
problem.
metze
Volker Lendecke [Mon, 23 Mar 2009 11:05:02 +0000 (12:05 +0100)]
Fix connect to port 139 only -- thanks gd for bugging me :-)
Andrew Tridgell [Mon, 23 Mar 2009 00:47:38 +0000 (11:47 +1100)]
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Volker Lendecke [Sun, 22 Mar 2009 21:07:58 +0000 (22:07 +0100)]
talloc_array_length: talloc_get_size deals fine with NULL
Volker Lendecke [Sun, 22 Mar 2009 12:14:15 +0000 (13:14 +0100)]
Only build the dirsort module if we have the dirfd function
Fix the build on HP/UX
Stefan Metzmacher [Sun, 22 Mar 2009 11:36:38 +0000 (12:36 +0100)]
Revert "socket_wrapper: fix connect() for dgram sockets, if the destination isn't there yet"
This reverts commit
66dc53ee017d74a6f610bbe04337f064901fe2a1.
Somehow this leads to timeouts in some tests, samba4.ldb.ldapi
and samba4.rpc.schannel. I need to look at it more closely later...
metze
Stefan Metzmacher [Sun, 22 Mar 2009 11:19:56 +0000 (12:19 +0100)]
LDAP-CLDAP: remove temporary debug statements...
metze
Volker Lendecke [Sun, 22 Mar 2009 10:39:32 +0000 (11:39 +0100)]
Document the dirsort module
Volker Lendecke [Sun, 22 Mar 2009 10:39:10 +0000 (11:39 +0100)]
Use StrCaseCmp in the dirsort module
Andy Kelk [Sun, 22 Mar 2009 10:06:52 +0000 (11:06 +0100)]
Add dirsort module
Volker Lendecke [Sun, 22 Mar 2009 08:48:54 +0000 (09:48 +0100)]
Revert "Add a basic Doxyfile for talloc"
This reverts commit
f55e84e904173bed8dc9099ad523ca1e7be12355.
Volker Lendecke [Sun, 22 Mar 2009 08:48:48 +0000 (09:48 +0100)]
Revert "Convert the contents of talloc_guide.txt to doxygen-style talloc.h comments"
This reverts commit
d21212c9192b41a3fdc7e96cb9bf0125a1dc6c2d.
Volker Lendecke [Sun, 22 Mar 2009 08:48:41 +0000 (09:48 +0100)]
Revert "Delete talloc_guide.txt"
This reverts commit
3f9c30022a53a37ad829f8882a9a5161fcadda8b.
Volker Lendecke [Sun, 22 Mar 2009 08:48:34 +0000 (09:48 +0100)]
Revert "Add a default "undocumented" module"
This reverts commit
ba42320c7e9f5ccbd32eccbfb1f2d77e13b3a318.
Volker Lendecke [Sun, 22 Mar 2009 08:48:27 +0000 (09:48 +0100)]
Revert "Add some initial hook to the front page"
This reverts commit
cfce2d3611f225244fadf3d27d76371827fd6422.
Volker Lendecke [Sun, 22 Mar 2009 08:48:19 +0000 (09:48 +0100)]
Revert "Reformatting"
This reverts commit
db447d0c476699dbf7fa0567c67f5938674ec811.
Volker Lendecke [Sun, 22 Mar 2009 08:48:14 +0000 (09:48 +0100)]
Revert "Document talloc_pool()"
This reverts commit
27944ed7452207ef3c686ff6bcd9c4e1cb7f36d8.
Volker Lendecke [Sun, 22 Mar 2009 08:48:06 +0000 (09:48 +0100)]
Revert "Add a talloc_internal "module""
This reverts commit
02662d56c64f367bffa2febba9a396c15454cfdb.