svn commit: lorikeet r799 - in trunk/heimdal: . admin appl/su appl/telnet/libtelnet cf doc doc/standardisation kadmin kdc kpasswd kuser lib lib/gssapi lib/gssapi/gssapi lib/gssapi/krb5 lib/gssapi/mech
Author: abartlet Date: 2008-07-28 06:20:35 + (Mon, 28 Jul 2008) New Revision: 799 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=799 Log: Merged with upstream Heimdal -r 23473. Dropped gss_wrap_ex patch (will maintain this with metze in GIT, then commit it here when finished). Andrew Bartlett Added: trunk/heimdal/cf/symbol-version.py trunk/heimdal/doc/standardisation/draft-ietf-krb-wg-gss-cb-hash-agility-04.txt trunk/heimdal/doc/standardisation/draft-ietf-krb-wg-kerberos-referrals-11.txt trunk/heimdal/doc/standardisation/draft-ietf-krb-wg-otp-preauth-05.txt trunk/heimdal/doc/standardisation/draft-ietf-krb-wg-preauth-framework-08.txt trunk/heimdal/lib/krb5/send_to_kdc_plugin.h trunk/heimdal/lib/roken/cloexec.c trunk/heimdal/lib/roken/xfree.c Removed: trunk/heimdal/lib/gssapi/mech/gss_unwrap_ex.c trunk/heimdal/lib/gssapi/mech/gss_wrap_ex.c trunk/heimdal/lib/krb5/keytab_krb4.c Modified: trunk/heimdal/ChangeLog trunk/heimdal/admin/change.c trunk/heimdal/admin/get.c trunk/heimdal/appl/su/ChangeLog trunk/heimdal/appl/su/Makefile.am trunk/heimdal/appl/su/su.c trunk/heimdal/appl/telnet/libtelnet/encrypt.c trunk/heimdal/appl/telnet/libtelnet/genget.c trunk/heimdal/cf/ChangeLog trunk/heimdal/cf/krb-ipv6.m4 trunk/heimdal/cf/krb-readline.m4 trunk/heimdal/cf/version-script.m4 trunk/heimdal/doc/ack.texi trunk/heimdal/kadmin/ank.c trunk/heimdal/kdc/default_config.c trunk/heimdal/kdc/digest.c trunk/heimdal/kdc/kerberos5.c trunk/heimdal/kdc/krb5tgs.c trunk/heimdal/kdc/kx509.c trunk/heimdal/kdc/misc.c trunk/heimdal/kdc/pkinit.c trunk/heimdal/kdc/process.c trunk/heimdal/kdc/set_dbinfo.c trunk/heimdal/kdc/windc.c trunk/heimdal/kpasswd/kpasswd-generator.c trunk/heimdal/kpasswd/kpasswdd.c trunk/heimdal/kuser/kinit.c trunk/heimdal/lib/Makefile.am trunk/heimdal/lib/gssapi/ChangeLog trunk/heimdal/lib/gssapi/Makefile.am trunk/heimdal/lib/gssapi/gssapi/gssapi.h trunk/heimdal/lib/gssapi/gssapi/gssapi_krb5.h trunk/heimdal/lib/gssapi/gssapi_mech.h trunk/heimdal/lib/gssapi/krb5/accept_sec_context.c trunk/heimdal/lib/gssapi/krb5/delete_sec_context.c trunk/heimdal/lib/gssapi/krb5/display_status.c trunk/heimdal/lib/gssapi/krb5/external.c trunk/heimdal/lib/gssapi/krb5/gsskrb5_locl.h trunk/heimdal/lib/gssapi/krb5/init_sec_context.c trunk/heimdal/lib/gssapi/krb5/set_cred_option.c trunk/heimdal/lib/gssapi/krb5/set_sec_context_option.c trunk/heimdal/lib/gssapi/krb5/wrap.c trunk/heimdal/lib/gssapi/mech/gss_krb5.c trunk/heimdal/lib/gssapi/mech/gss_mech_switch.c trunk/heimdal/lib/gssapi/ntlm/crypto.c trunk/heimdal/lib/gssapi/ntlm/external.c trunk/heimdal/lib/gssapi/ntlm/init_sec_context.c trunk/heimdal/lib/gssapi/test_context.c trunk/heimdal/lib/hcrypto/ChangeLog trunk/heimdal/lib/hcrypto/rand-egd.c trunk/heimdal/lib/hcrypto/rand-fortuna.c trunk/heimdal/lib/hcrypto/rand-unix.c trunk/heimdal/lib/hcrypto/rand.c trunk/heimdal/lib/hcrypto/test_rsa.c trunk/heimdal/lib/hcrypto/ui.c trunk/heimdal/lib/hdb/Makefile.am trunk/heimdal/lib/hdb/common.c trunk/heimdal/lib/hdb/db.c trunk/heimdal/lib/hdb/db3.c trunk/heimdal/lib/hdb/dbinfo.c trunk/heimdal/lib/hdb/ext.c trunk/heimdal/lib/hdb/hdb-ldap.c trunk/heimdal/lib/hdb/hdb.c trunk/heimdal/lib/hdb/keys.c trunk/heimdal/lib/hdb/keytab.c trunk/heimdal/lib/hdb/mkey.c trunk/heimdal/lib/hdb/ndbm.c trunk/heimdal/lib/hdb/print.c trunk/heimdal/lib/hdb/version-script.map trunk/heimdal/lib/hx509/ChangeLog trunk/heimdal/lib/hx509/Makefile.am trunk/heimdal/lib/hx509/cert.c trunk/heimdal/lib/hx509/cms.c trunk/heimdal/lib/hx509/file.c trunk/heimdal/lib/hx509/hxtool-commands.in trunk/heimdal/lib/hx509/hxtool.c trunk/heimdal/lib/hx509/ks_dir.c trunk/heimdal/lib/hx509/ks_file.c trunk/heimdal/lib/hx509/ks_p12.c trunk/heimdal/lib/hx509/req.c trunk/heimdal/lib/hx509/revoke.c trunk/heimdal/lib/hx509/softp11.c trunk/heimdal/lib/hx509/version-script.map trunk/heimdal/lib/kadm5/ad.c trunk/heimdal/lib/kadm5/chpass_s.c trunk/heimdal/lib/kadm5/init_c.c trunk/heimdal/lib/kadm5/ipropd_slave.c trunk/heimdal/lib/kadm5/log.c trunk/heimdal/lib/kadm5/password_quality.c trunk/heimdal/lib/kafs/ChangeLog trunk/heimdal/lib/kafs/common.c trunk/heimdal/lib/krb5/Makefile.am trunk/heimdal/lib/krb5/acache.c trunk/heimdal/lib/krb5/acl.c trunk/heimdal/lib/krb5/addr_families.c trunk/heimdal/lib/krb5/auth_context.c trunk/heimdal/lib/krb5/build_auth.c trunk/heimdal/lib/krb5/cache.c trunk/heimdal/lib/krb5/changepw.c trunk/heimdal/lib/krb5/config_file.c trunk/heimdal/lib/krb5/context.c trunk/heimdal/lib/krb5/convert_creds.c trunk/heimdal/lib/krb5/copy_host_realm.c trunk/heimdal/lib/krb5/creds.c trunk/heimdal/lib/krb5/crypto.c trunk/heimdal/lib/krb5/data.c
svn commit: lorikeet r800 - in trunk/heimdal: .
Author: abartlet Date: 2008-07-28 06:24:17 + (Mon, 28 Jul 2008) New Revision: 800 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=800 Log: Remove gss_wrap_ex patch from heimdal-lorikeet.diff Keep the NTLM parts in wrap_ex_ntlm.diff for the moment (re-integrate when we finish the work with metze on a working gss_wrap_ex()). Andrew Bartlett Added: trunk/heimdal/wrap_ex_ntlm.diff Modified: trunk/heimdal/heimdal-lorikeet.diff Changeset: Sorry, the patch is too large (1852 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=800
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-171-g88970c4
The branch, v4-0-test has been updated via 88970c4d4192635544cf63e79e929e9bb05ecb5f (commit) from 7e90cc197c4fb2884f368cd72f391d0d8016fb96 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 88970c4d4192635544cf63e79e929e9bb05ecb5f Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Jul 28 09:29:42 2008 +0200 auth/credentials: explain why we need to the enctypes for the gssapi layer metze --- Summary of changes: source/auth/credentials/credentials_krb5.c | 12 +++- 1 files changed, 11 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/credentials/credentials_krb5.c b/source/auth/credentials/credentials_krb5.c index c4c5839..1a2d5fa 100644 --- a/source/auth/credentials/credentials_krb5.c +++ b/source/auth/credentials/credentials_krb5.c @@ -392,7 +392,17 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, return ret; } - /* transfer the enctypes from the smb_krb5_context to the gssapi layer */ + /* +* transfer the enctypes from the smb_krb5_context to the gssapi layer +* +* We use 'our' smb_krb5_context to do the AS-REQ and it is possible +* to configure the enctypes via the krb5.conf. +* +* And the gss_init_sec_context() creates it's own krb5_context and +* the TGS-REQ had all enctypes in it and only the ones configured +* and used for the AS-REQ, so it wasn't possible to disable the usage +* of AES keys. +*/ min_stat = krb5_get_default_in_tkt_etypes(ccache-smb_krb5_context-krb5_context, etypes); if (min_stat == 0) { -- Samba Shared Repository
svn commit: lorikeet r801 - in trunk/heimdal: . lib/krb5
Author: abartlet Date: 2008-07-28 09:31:00 + (Mon, 28 Jul 2008) New Revision: 801 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=801 Log: Revert back to using the extra argument on send_to_kdc, until Samba moves to the plugin version of this function. Andrew Bartlett Modified: trunk/heimdal/heimdal-lorikeet.diff trunk/heimdal/lib/krb5/krb5.h trunk/heimdal/lib/krb5/send_to_kdc.c Changeset: Modified: trunk/heimdal/heimdal-lorikeet.diff === --- trunk/heimdal/heimdal-lorikeet.diff 2008-07-28 06:24:17 UTC (rev 800) +++ trunk/heimdal/heimdal-lorikeet.diff 2008-07-28 09:31:00 UTC (rev 801) @@ -180,3 +180,28 @@ ret = _krb5_principalname2krb5_principal (context, tmp_principal, rep-kdc_rep.cname, +Index: lib/krb5/send_to_kdc.c +=== +--- lib/krb5/send_to_kdc.c (revision 800) lib/krb5/send_to_kdc.c (working copy) +@@ -385,7 +385,7 @@ +struct send_to_kdc *s = context-send_to_kdc; + +ret = (*s-func)(context, s-data, +-hi, send_data, receive); ++hi, context-kdc_timeout, send_data, receive); +if (ret == 0 receive-length != 0) +goto out; +continue; +Index: lib/krb5/krb5.h +=== +--- lib/krb5/krb5.h(revision 800) lib/krb5/krb5.h(working copy) +@@ -725,6 +725,7 @@ + typedef krb5_error_code (*krb5_send_to_kdc_func)(krb5_context, +void *, +krb5_krbhst_info *, ++ time_t timeout, +const krb5_data *, +krb5_data *); + Modified: trunk/heimdal/lib/krb5/krb5.h === --- trunk/heimdal/lib/krb5/krb5.h 2008-07-28 06:24:17 UTC (rev 800) +++ trunk/heimdal/lib/krb5/krb5.h 2008-07-28 09:31:00 UTC (rev 801) @@ -725,6 +725,7 @@ typedef krb5_error_code (*krb5_send_to_kdc_func)(krb5_context, void *, krb5_krbhst_info *, +time_t timeout, const krb5_data *, krb5_data *); Modified: trunk/heimdal/lib/krb5/send_to_kdc.c === --- trunk/heimdal/lib/krb5/send_to_kdc.c2008-07-28 06:24:17 UTC (rev 800) +++ trunk/heimdal/lib/krb5/send_to_kdc.c2008-07-28 09:31:00 UTC (rev 801) @@ -385,7 +385,7 @@ struct send_to_kdc *s = context-send_to_kdc; ret = (*s-func)(context, s-data, - hi, send_data, receive); + hi, context-kdc_timeout, send_data, receive); if (ret == 0 receive-length != 0) goto out; continue;
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-178-g4b13708
The branch, v4-0-test has been updated via 4b137085c8b89773d4639372bbffd516a41dfc8f (commit) via bace931ad674b5071d53bf9c99c383f1d8957e1b (commit) via b1d05e7d14c65133e8ab0ff9d41a26fa7e3d41d3 (commit) via 486891bb5167034e54b7477ba09e8f5f914b93e4 (commit) via 31a303c099e26423160010c48b305434d4cbea25 (commit) via e2d16397606d38e90684d2d916b5b967cde4 (commit) via b8770a4fd8408473593fa4c6600bce056183958d (commit) from 88970c4d4192635544cf63e79e929e9bb05ecb5f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 4b137085c8b89773d4639372bbffd516a41dfc8f Author: Andrew Bartlett [EMAIL PROTECTED] Date: Mon Jul 28 20:51:02 2008 +1000 We don't use EXTENSIBLEOBJECT any more. commit bace931ad674b5071d53bf9c99c383f1d8957e1b Author: Andrew Bartlett [EMAIL PROTECTED] Date: Mon Jul 28 20:26:14 2008 +1000 Make it even clearer what to do next in the LDAP backend setup commit b1d05e7d14c65133e8ab0ff9d41a26fa7e3d41d3 Author: Andrew Bartlett [EMAIL PROTECTED] Date: Mon Jul 28 20:18:17 2008 +1000 Always print the slapd startup command commit 486891bb5167034e54b7477ba09e8f5f914b93e4 Merge: 31a303c099e26423160010c48b305434d4cbea25 88970c4d4192635544cf63e79e929e9bb05ecb5f Author: Andrew Bartlett [EMAIL PROTECTED] Date: Mon Jul 28 18:39:37 2008 +1000 Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet commit 31a303c099e26423160010c48b305434d4cbea25 Author: Andrew Bartlett [EMAIL PROTECTED] Date: Mon Jul 28 08:04:43 2008 +1000 Remove unused variable commit e2d16397606d38e90684d2d916b5b967cde4 Author: Andrew Bartlett [EMAIL PROTECTED] Date: Mon Jul 28 08:04:15 2008 +1000 Remove unused function and make sensitive directories private. commit b8770a4fd8408473593fa4c6600bce056183958d Author: Andrew Bartlett [EMAIL PROTECTED] Date: Mon Jul 28 08:02:18 2008 +1000 Fix warnings in new prefixMap code --- Summary of changes: source/dsdb/samdb/ldb_modules/schema_fsmo.c |1 - source/dsdb/schema/schema_init.c|5 ++- source/scripting/python/samba/provision.py | 36 ++ 3 files changed, 12 insertions(+), 30 deletions(-) Changeset truncated at 500 lines: diff --git a/source/dsdb/samdb/ldb_modules/schema_fsmo.c b/source/dsdb/samdb/ldb_modules/schema_fsmo.c index 2acc5c0..87ada85 100644 --- a/source/dsdb/samdb/ldb_modules/schema_fsmo.c +++ b/source/dsdb/samdb/ldb_modules/schema_fsmo.c @@ -150,7 +150,6 @@ static int schema_fsmo_add(struct ldb_module *module, struct ldb_request *req) static int schema_fsmo_extended(struct ldb_module *module, struct ldb_request *req) { - WERROR status; struct ldb_dn *schema_dn; struct dsdb_schema *schema; char *error_string = NULL; diff --git a/source/dsdb/schema/schema_init.c b/source/dsdb/schema/schema_init.c index 9b89594..85fdbe9 100644 --- a/source/dsdb/schema/schema_init.c +++ b/source/dsdb/schema/schema_init.c @@ -566,9 +566,10 @@ WERROR dsdb_read_prefixes_from_ldb(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, return WERR_NOMEM; } for (i=0; i blob-ctr.dsdb.num_mappings; i++) { + char *oid; (*prefixes)[i].id = blob-ctr.dsdb.mappings[i].id_prefix16; - (*prefixes)[i].oid = talloc_strdup(mem_ctx, blob-ctr.dsdb.mappings[i].oid.oid); - (*prefixes)[i].oid = talloc_asprintf_append((*prefixes)[i].oid, .); + oid = talloc_strdup(mem_ctx, blob-ctr.dsdb.mappings[i].oid.oid); + (*prefixes)[i].oid = talloc_asprintf_append(oid, .); (*prefixes)[i].oid_len = strlen(blob-ctr.dsdb.mappings[i].oid.oid); } diff --git a/source/scripting/python/samba/provision.py b/source/scripting/python/samba/provision.py index 0119f40..441d662 100644 --- a/source/scripting/python/samba/provision.py +++ b/source/scripting/python/samba/provision.py @@ -133,26 +133,6 @@ findnss_uid = lambda names: findnss(pwd.getpwnam, names)[2] findnss_gid = lambda names: findnss(grp.getgrnam, names)[2] -def open_ldb(session_info, credentials, lp, dbname): -Open a LDB, thrashing it if it is corrupt. - -:param session_info: auth session information -:param credentials: credentials -:param lp: Loadparm context -:param dbname: Path of the database to open. -:return: a Ldb object - -assert session_info is not None -try: -return Ldb(dbname, session_info=session_info, credentials=credentials, - lp=lp) -except LdbError, e: -print e -os.unlink(dbname) -return Ldb(dbname, session_info=session_info, credentials=credentials, - lp=lp) - - def read_and_sub_file(file, subst_vars): Read a file and sub in
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3432-g6dd1582
The branch, v3-3-test has been updated via 6dd1582e3583ed3c0766db552a368ddb30af5f7d (commit) via e8ae49fc2aadfeee696ad7fde1fee643e167537c (commit) via e5d95c4f41c2fe25920b0b707f637a562cb23ed8 (commit) via 67de7455b66b6c6c959e5e4ca1b8d97e2f4cf71d (commit) via 18ea033909a5363c92530ed2a06a2b89be5e7c79 (commit) from 1970eed1b79a5d9dc45eb96098d653ad62a20871 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit 6dd1582e3583ed3c0766db552a368ddb30af5f7d Author: Michael Adam [EMAIL PROTECTED] Date: Mon Jul 28 14:17:11 2008 +0200 run make idl after idl change to unify Primary:Kerberos* structs (e8ae49f) Michael commit e8ae49fc2aadfeee696ad7fde1fee643e167537c Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Thu Jul 24 08:20:06 2008 +0200 drsblobs.idl: unify the Primary:Kerberos and Primary:Kerberos-Newer-Keys structs metze (cherry picked from commit 4b79a7678571ac2f7d5f827913fdcb419f5d2e20) commit e5d95c4f41c2fe25920b0b707f637a562cb23ed8 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Jul 28 14:15:27 2008 +0200 run make idl after idl change give some unknowns a meaning (67de745) Michael commit 67de7455b66b6c6c959e5e4ca1b8d97e2f4cf71d Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Thu Jul 24 07:53:55 2008 +0200 drsblobs.idl: give some unknowns a meaning metze (cherry picked from commit 231e6f5ab2dc8a3e991a9872be252c6f14c6) commit 18ea033909a5363c92530ed2a06a2b89be5e7c79 Author: Michael Adam [EMAIL PROTECTED] Date: Mon Jul 28 14:08:34 2008 +0200 rpcclient: Set the pid filed of the outgoing DsBindInfo to 0. This is for debugging and informational purposes only. The assignment is implementation specific. (WSPP docs, sec. 5.35). Michael --- Summary of changes: source/librpc/gen_ndr/drsblobs.h | 61 ++--- source/librpc/gen_ndr/ndr_drsblobs.c | 445 +- source/librpc/gen_ndr/ndr_drsblobs.h | 23 +-- source/librpc/idl/drsblobs.idl | 61 ++--- source/rpcclient/cmd_drsuapi.c |2 +- 5 files changed, 233 insertions(+), 359 deletions(-) Changeset truncated at 500 lines: diff --git a/source/librpc/gen_ndr/drsblobs.h b/source/librpc/gen_ndr/drsblobs.h index c0db9e9..b0ab9ae 100644 --- a/source/librpc/gen_ndr/drsblobs.h +++ b/source/librpc/gen_ndr/drsblobs.h @@ -190,7 +190,7 @@ struct package_PrimaryKerberosString { const char * string;/* [relative,subcontext_size(size),subcontext(0),flag(LIBNDR_FLAG_STR_NOTERM|LIBNDR_FLAG_REMAINING)] */ }; -struct package_PrimaryKerberosKey { +struct package_PrimaryKerberosKey3 { uint16_t reserved1;/* [value(0)] */ uint16_t reserved2;/* [value(0)] */ uint32_t reserved3;/* [value(0)] */ @@ -203,8 +203,8 @@ struct package_PrimaryKerberosCtr3 { uint16_t num_keys; uint16_t num_old_keys; struct package_PrimaryKerberosString salt; - struct package_PrimaryKerberosKey *keys; - struct package_PrimaryKerberosKey *old_keys; + struct package_PrimaryKerberosKey3 *keys; + struct package_PrimaryKerberosKey3 *old_keys; uint32_t padding1;/* [value(0)] */ uint32_t padding2;/* [value(0)] */ uint32_t padding3;/* [value(0)] */ @@ -212,43 +212,38 @@ struct package_PrimaryKerberosCtr3 { uint32_t padding5;/* [value(0)] */ }; -union package_PrimaryKerberosCtr { - struct package_PrimaryKerberosCtr3 ctr3;/* [case(3)] */ -}/* [nodiscriminant] */; - -struct package_PrimaryKerberosBlob { - uint32_t version;/* [value(3)] */ - union package_PrimaryKerberosCtr ctr;/* [switch_is(version)] */ -}/* [public] */; - -struct package_PrimaryKerberosNewerKey { - uint32_t unknown1;/* [value(0)] */ - uint32_t unknown2;/* [value(0)] */ - uint32_t unknown3;/* [value(0x1000)] */ +struct package_PrimaryKerberosKey4 { + uint16_t reserved1;/* [value(0)] */ + uint16_t reserved2;/* [value(0)] */ + uint32_t reserved3;/* [value(0)] */ + uint32_t iteration_count; uint32_t keytype; uint32_t value_len;/* [value((value?value-length:0))] */ DATA_BLOB *value;/* [relative,subcontext_size(value_len),subcontext(0),flag(LIBNDR_FLAG_REMAINING)] */ }; -struct package_PrimaryKerberosNewerCtr4 { +struct package_PrimaryKerberosCtr4 { uint16_t num_keys; - uint16_t unknown1;/* [value(0)] */ - uint16_t num_old_keys1; - uint16_t num_old_keys2; + uint16_t num_service_keys;/* [value(0)] */ + uint16_t num_old_keys; + uint16_t num_older_keys; struct package_PrimaryKerberosString salt; - uint32_t unknown2;/* [value(0x1000)] */ - struct package_PrimaryKerberosNewerKey *keys; - struct
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2772-g0d4a3c2
The branch, v3-2-test has been updated via 0d4a3c2dfb07663dc9fded298e6b7b6c67029f71 (commit) from 3282f7289b7b33beeaa1ca649651cca6537a69af (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 0d4a3c2dfb07663dc9fded298e6b7b6c67029f71 Author: Karolin Seeger [EMAIL PROTECTED] Date: Mon Jul 28 15:26:19 2008 +0200 WHATSNEW: Update changes since 3.2.0. Karolin --- Summary of changes: WHATSNEW.txt |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 88bee81..c5f8b3c 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -43,6 +43,7 @@ o Jeremy Allison [EMAIL PROTECTED] * Canonicalize servername in the printer functions to remove leading '\\' characters. * Fix option processing in smbcacls - add POPT_COMMON_CONNECTION. +* Fix bug creating files using DOS clients with mixed case files. o Jim Brown [EMAIL PROTECTED] -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0-100-gda771f1
The branch, v3-2-stable has been updated via da771f13af99388005df60e2bec5c5ee5a2f5d95 (commit) via 9fcced79a072c5c44f42c8fd3755da03c052a45e (commit) via 0c6c114d8f6ec0b06cf32471ec860271c18bbbc6 (commit) from 807e2842db8ac88798f454e7b32c52cb53229fc5 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable - Log - commit da771f13af99388005df60e2bec5c5ee5a2f5d95 Author: Karolin Seeger [EMAIL PROTECTED] Date: Mon Jul 28 15:26:19 2008 +0200 WHATSNEW: Update changes since 3.2.0. Karolin (cherry picked from commit 0d4a3c2dfb07663dc9fded298e6b7b6c67029f71) commit 9fcced79a072c5c44f42c8fd3755da03c052a45e Author: Volker Lendecke [EMAIL PROTECTED] Date: Fri Jul 25 23:30:53 2008 +0200 Fix an incompatible pointer warning (cherry picked from commit 3282f7289b7b33beeaa1ca649651cca6537a69af) commit 0c6c114d8f6ec0b06cf32471ec860271c18bbbc6 Author: Jeremy Allison [EMAIL PROTECTED] Date: Fri Jul 25 13:14:57 2008 -0700 Fix bug creating files using DOS clients with mixed case files. Reported by Daniel Johnson [EMAIL PROTECTED]. The smb_set_file_time() call to set the filetimes is failing because it's using the unmodified name passed in by the client, not the modified name (matching case on the disk) that comes out from create_file(). Jeremy. (cherry picked from commit d54fe83b16c187847a975df373e73d56111d7f21) --- Summary of changes: WHATSNEW.txt|1 + source/smbd/reply.c |2 +- source/winbindd/winbindd_user.c |4 ++-- 3 files changed, 4 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 88bee81..c5f8b3c 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -43,6 +43,7 @@ o Jeremy Allison [EMAIL PROTECTED] * Canonicalize servername in the printer functions to remove leading '\\' characters. * Fix option processing in smbcacls - add POPT_COMMON_CONNECTION. +* Fix bug creating files using DOS clients with mixed case files. o Jim Brown [EMAIL PROTECTED] diff --git a/source/smbd/reply.c b/source/smbd/reply.c index 2506ff9..ac9ccd6 100644 --- a/source/smbd/reply.c +++ b/source/smbd/reply.c @@ -2000,7 +2000,7 @@ void reply_mknew(struct smb_request *req) } ts[0] = get_atimespec(sbuf); /* atime. */ - status = smb_set_file_time(conn, fsp, fname, sbuf, ts, true); + status = smb_set_file_time(conn, fsp, fsp-fsp_name, sbuf, ts, true); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); reply_openerror(req, status); diff --git a/source/winbindd/winbindd_user.c b/source/winbindd/winbindd_user.c index 4591838..19feec3 100644 --- a/source/winbindd/winbindd_user.c +++ b/source/winbindd/winbindd_user.c @@ -184,7 +184,7 @@ static void getpwsid_queryuser_recv(void *private_data, bool success, const char *full_name, const char *homedir, const char *shell, - uint32 gid, + gid_t gid, uint32 group_rid); static void getpwsid_sid2uid_recv(void *private_data, bool success, uid_t uid); static void getpwsid_sid2gid_recv(void *private_data, bool success, gid_t gid); @@ -223,7 +223,7 @@ static void getpwsid_queryuser_recv(void *private_data, bool success, const char *full_name, const char *homedir, const char *shell, - uint32 gid, + gid_t gid, uint32 group_rid) { fstring username; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-185-g73964f0
The branch, v4-0-test has been updated via 73964f069056f46f2f27fc690e42e5c91ae1fe19 (commit) via 0c6d988f2083067e1ac7b07a492f88cefd3ba906 (commit) via 2844e361730a6bc640ea89d0e10059deca1ca867 (commit) via 5b3ba3f3556e8031133128853cd2324ee3852aa1 (commit) via 8bc12dc77a59e792830d96e84a4e8d1b2c651505 (commit) via 93203e8e318dd10b9e7096e586187eb271d42134 (commit) via 35ee165b146b9157b0cff49e1139a0cb37d98926 (commit) from 4b137085c8b89773d4639372bbffd516a41dfc8f (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 73964f069056f46f2f27fc690e42e5c91ae1fe19 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Jul 28 16:11:30 2008 +0200 gensec_gssapi: use gsskrb5_get_subkey() to make smb2 signing with aes keys work SMB signing with aes doesn't work, but still works with arcfour-hmac-md5, des-cbc-md5 and des-cbc-crc. metze commit 0c6d988f2083067e1ac7b07a492f88cefd3ba906 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Jul 28 15:49:46 2008 +0200 libcli/smb2: the session key for SMB2 signing is truncated to 16 bytes To make that work (as a client) with aes128 and aes256 krb5 keys we need to use gsskrb5_get_subkey(). metze commit 2844e361730a6bc640ea89d0e10059deca1ca867 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Jun 9 21:57:05 2008 +0200 smb2srv: sign SMB2 Logoff replies metze commit 5b3ba3f3556e8031133128853cd2324ee3852aa1 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Jun 9 21:45:19 2008 +0200 smb2srv: correctly hold the signing state per session metze commit 8bc12dc77a59e792830d96e84a4e8d1b2c651505 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Jun 9 21:57:41 2008 +0200 libcli/smb2: fix per session signing state metze commit 93203e8e318dd10b9e7096e586187eb271d42134 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Jun 9 21:41:55 2008 +0200 SMB2-CONNECT: remove reference to req-session before calling smb2_logoff_recv() on the invalid session metze commit 35ee165b146b9157b0cff49e1139a0cb37d98926 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Jun 9 21:41:06 2008 +0200 libcli/smb2: sign SMB2 Logoff requests metze --- Summary of changes: source/auth/gensec/gensec_gssapi.c |6 +++--- source/libcli/smb2/connect.c |8 source/libcli/smb2/logoff.c|2 ++ source/libcli/smb2/session.c | 10 +- source/libcli/smb2/signing.c |9 - source/libcli/smb2/smb2.h |9 +++-- source/libcli/smb2/transport.c |6 ++ source/smb_server/smb2/negprot.c |2 +- source/smb_server/smb2/receive.c | 21 +++-- source/smb_server/smb2/sesssetup.c | 34 ++ source/smb_server/smb_server.h |7 ++- source/torture/smb2/connect.c | 11 ++- 12 files changed, 81 insertions(+), 44 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/gensec/gensec_gssapi.c b/source/auth/gensec/gensec_gssapi.c index 205d8a0..c20cf4f 100644 --- a/source/auth/gensec/gensec_gssapi.c +++ b/source/auth/gensec/gensec_gssapi.c @@ -1152,9 +1152,9 @@ static NTSTATUS gensec_gssapi_session_key(struct gensec_security *gensec_securit return NT_STATUS_OK; } - maj_stat = gsskrb5_get_initiator_subkey(min_stat, - gensec_gssapi_state-gssapi_context, - subkey); + maj_stat = gsskrb5_get_subkey(min_stat, + gensec_gssapi_state-gssapi_context, + subkey); if (maj_stat != 0) { DEBUG(1, (NO session key for this mech\n)); return NT_STATUS_NO_USER_SESSION_KEY; diff --git a/source/libcli/smb2/connect.c b/source/libcli/smb2/connect.c index cdb5e3b..c89c109 100644 --- a/source/libcli/smb2/connect.c +++ b/source/libcli/smb2/connect.c @@ -112,19 +112,19 @@ static void continue_negprot(struct smb2_request *req) composite_error(c, NT_STATUS_ACCESS_DENIED); return; } - transport-signing.doing_signing = false; + transport-signing_required = false; break; case SMB_SIGNING_SUPPORTED: case SMB_SIGNING_AUTO: if (transport-negotiate.security_mode SMB2_NEGOTIATE_SIGNING_REQUIRED) { - transport-signing.doing_signing = true; + transport-signing_required = true; } else { - transport-signing.doing_signing = false; +
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-186-gc2186d5
The branch, v4-0-test has been updated via c2186d5d60aa2b57ecafaa57f9fd41f2a6717046 (commit) from 73964f069056f46f2f27fc690e42e5c91ae1fe19 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit c2186d5d60aa2b57ecafaa57f9fd41f2a6717046 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Jul 28 16:40:21 2008 +0200 rpc_server: remove unused variable metze --- Summary of changes: source/rpc_server/dcerpc_server.c |1 - 1 files changed, 0 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/rpc_server/dcerpc_server.c b/source/rpc_server/dcerpc_server.c index cb07f6e..9558949 100644 --- a/source/rpc_server/dcerpc_server.c +++ b/source/rpc_server/dcerpc_server.c @@ -947,7 +947,6 @@ _PUBLIC_ NTSTATUS dcesrv_reply(struct dcesrv_call_state *call) uint32_t length; struct data_blob_list_item *rep; struct ncacn_packet pkt; - const uint32_t overhead = (DCERPC_MAX_SIGN_SIZE+DCERPC_RESPONSE_LENGTH); rep = talloc(call, struct data_blob_list_item); NT_STATUS_HAVE_NO_MEMORY(rep); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2773-g8ab79b1
The branch, v3-2-test has been updated via 8ab79b1d009d53e414b90e4a0ab8fc7a4889b6df (commit) from 0d4a3c2dfb07663dc9fded298e6b7b6c67029f71 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 8ab79b1d009d53e414b90e4a0ab8fc7a4889b6df Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Jul 28 17:52:35 2008 +0200 Attempt to fix bug 5616 We were calculating the session key but did not return it to the caller... --- Summary of changes: source/rpc_client/cli_netlogon.c | 15 ++- 1 files changed, 6 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source/rpc_client/cli_netlogon.c b/source/rpc_client/cli_netlogon.c index 851a4a8..38ff41c 100644 --- a/source/rpc_client/cli_netlogon.c +++ b/source/rpc_client/cli_netlogon.c @@ -424,8 +424,6 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli, union netr_Validation validation; struct netr_ChallengeResponse lm; struct netr_ChallengeResponse nt; - struct netr_UserSessionKey user_session_key; - struct netr_LMSessionKey lmsesskey; *info3 = NULL; @@ -500,15 +498,14 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli, return result; } - user_session_key = validation.sam3-base.key; - lmsesskey = validation.sam3-base.LMSessKey; - - if (memcmp(zeros, user_session_key.key, 16) != 0) { - SamOEMhash(user_session_key.key, cli-dc-sess_key, 16); + if (memcmp(zeros, validation.sam3-base.key.key, 16) != 0) { + SamOEMhash(validation.sam3-base.key.key, + cli-dc-sess_key, 16); } - if (memcmp(zeros, lmsesskey.key, 8) != 0) { - SamOEMhash(lmsesskey.key, cli-dc-sess_key, 8); + if (memcmp(zeros, validation.sam3-base.LMSessKey.key, 8) != 0) { + SamOEMhash(validation.sam3-base.LMSessKey.key, + cli-dc-sess_key, 8); } if (memcmp(zeros, ret_creds.cred.data, sizeof(ret_creds.cred.data)) != 0) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3433-gb63a6a1
The branch, v3-3-test has been updated via b63a6a1fd6a96bbafd88cacb9493bfea9944d404 (commit) from 6dd1582e3583ed3c0766db552a368ddb30af5f7d (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit b63a6a1fd6a96bbafd88cacb9493bfea9944d404 Author: Volker Lendecke [EMAIL PROTECTED] Date: Mon Jul 28 17:52:35 2008 +0200 Attempt to fix bug 5616 We were calculating the session key but did not return it to the caller... (cherry picked from commit 8ab79b1d009d53e414b90e4a0ab8fc7a4889b6df) --- Summary of changes: source/rpc_client/cli_netlogon.c | 15 ++- 1 files changed, 6 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/source/rpc_client/cli_netlogon.c b/source/rpc_client/cli_netlogon.c index fcce18d..e96d724 100644 --- a/source/rpc_client/cli_netlogon.c +++ b/source/rpc_client/cli_netlogon.c @@ -333,8 +333,6 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli, union netr_Validation validation; struct netr_ChallengeResponse lm; struct netr_ChallengeResponse nt; - struct netr_UserSessionKey user_session_key; - struct netr_LMSessionKey lmsesskey; *info3 = NULL; @@ -409,15 +407,14 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli, return result; } - user_session_key = validation.sam3-base.key; - lmsesskey = validation.sam3-base.LMSessKey; - - if (memcmp(zeros, user_session_key.key, 16) != 0) { - SamOEMhash(user_session_key.key, cli-dc-sess_key, 16); + if (memcmp(zeros, validation.sam3-base.key.key, 16) != 0) { + SamOEMhash(validation.sam3-base.key.key, + cli-dc-sess_key, 16); } - if (memcmp(zeros, lmsesskey.key, 8) != 0) { - SamOEMhash(lmsesskey.key, cli-dc-sess_key, 8); + if (memcmp(zeros, validation.sam3-base.LMSessKey.key, 8) != 0) { + SamOEMhash(validation.sam3-base.LMSessKey.key, + cli-dc-sess_key, 8); } if (memcmp(zeros, ret_creds.cred.data, sizeof(ret_creds.cred.data)) != 0) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-187-g9678085
The branch, v4-0-test has been updated via 9678085f75b6cb0ed068e22f3d9f94247b200ce2 (commit) from c2186d5d60aa2b57ecafaa57f9fd41f2a6717046 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 9678085f75b6cb0ed068e22f3d9f94247b200ce2 Author: Stefan Metzmacher [EMAIL PROTECTED] Date: Mon Jul 28 17:59:17 2008 +0200 Revert gensec_gssapi: use gsskrb5_get_subkey() to make smb2 signing with aes keys work This reverts commit 73964f069056f46f2f27fc690e42e5c91ae1fe19. This breaks more than it gains:-( It seems to break the ncacn_np session key metze --- Summary of changes: source/auth/gensec/gensec_gssapi.c |6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/gensec/gensec_gssapi.c b/source/auth/gensec/gensec_gssapi.c index c20cf4f..205d8a0 100644 --- a/source/auth/gensec/gensec_gssapi.c +++ b/source/auth/gensec/gensec_gssapi.c @@ -1152,9 +1152,9 @@ static NTSTATUS gensec_gssapi_session_key(struct gensec_security *gensec_securit return NT_STATUS_OK; } - maj_stat = gsskrb5_get_subkey(min_stat, - gensec_gssapi_state-gssapi_context, - subkey); + maj_stat = gsskrb5_get_initiator_subkey(min_stat, + gensec_gssapi_state-gssapi_context, + subkey); if (maj_stat != 0) { DEBUG(1, (NO session key for this mech\n)); return NT_STATUS_NO_USER_SESSION_KEY; -- Samba Shared Repository
Build status as of Tue Jul 29 00:00:03 2008
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2008-07-28 00:00:32.0 + +++ /home/build/master/cache/broken_results.txt 2008-07-29 00:00:30.0 + @@ -1,20 +1,20 @@ -Build status as of Mon Jul 28 00:00:02 2008 +Build status as of Tue Jul 29 00:00:03 2008 Build counts: Tree Total Broken Panic build_farm 0 0 0 -ccache 33 8 0 +ccache 32 8 0 ctdb 0 0 0 distcc 1 0 0 -ldb 32 32 0 +ldb 33 32 0 libreplace 32 12 0 lorikeet-heimdal 26 19 0 pidl 18 18 0 ppp 10 0 0 rsync33 11 0 samba-docs 0 0 0 -samba-gtk3 3 0 -samba_3_2_test 33 20 0 +samba-gtk4 4 0 +samba_3_2_test 32 21 0 samba_4_0_test 31 28 0 smb-build31 5 0 talloc 33 7 0