summaryrefslogtreecommitdiff
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* s4:lib: Add FALL_THROUGH statements in http.cAndreas Schneider2018-03-011-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:dsdb: Add FALL_THROUGH statements in password_hash.cAndreas Schneider2018-03-011-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:torture: Add FALL_THROUGH statements in rpc/spoolss.cAndreas Schneider2018-03-011-0/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:torture: Add FALL_THROUGH statements in basic/misc.cAndreas Schneider2018-03-011-0/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:rpc_server: Add FALL_THROUGH statements in dcesrv_srvsvc.cAndreas Schneider2018-03-011-0/+4
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:auth: Add FALL_THROUGH statements in gensec_krb5.cAndreas Schneider2018-03-011-4/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:auth: Add FALL_THROUGH statements in auth_sam.cAndreas Schneider2018-03-011-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:auth: Add FALL_THROUGH statements in auth_util.cAndreas Schneider2018-03-011-3/+6
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:samdb: Add FALL_THROUGH statements in linked_attributes.cAndreas Schneider2018-03-011-2/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:samdb: Add FALL_THROUGH statements in cracknames.cAndreas Schneider2018-03-011-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:lib:com: Fix function declartionsAndreas Schneider2018-03-012-4/+4
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb python tests: convert 'except X, (tuple)' to 'except X as e'Noel Power2018-02-2819-452/+904
| | | | | | | | | In addition to converting the except line another line is also added for each except to extract the tuple contents. Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* drs torture python: convert 'except X, (tuple)' to 'except X as e'Noel Power2018-02-288-23/+46
| | | | | | | | | In addition to converting the except line another line is also added for each except to extract the tuple contents. Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:kdc: disable support for CROSS_ORGANIZATION domainsStefan Metzmacher2018-02-281-0/+9
| | | | | | | | | | | | | | We don't support selective authentication yet, so we shouldn't silently allow domain wide authentication for such a trust. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Feb 28 19:45:13 CET 2018 on sn-devel-144
* s4:kdc: only support LSA_TRUST_TYPE_UPLEVEL domains in ↵Stefan Metzmacher2018-02-281-0/+10
| | | | | | | | | samba_kdc_trust_message2entry() BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4:kdc: make use of dsdb_trust_parse_tdo_info() in ↵Stefan Metzmacher2018-02-281-10/+19
| | | | | | | | | samba_kdc_trust_message2entry() BUG: https://bugzilla.samba.org/show_bug.cgi?id=13299 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* nbt_server: Factor out packet generation for netlogon replyVolker Lendecke2018-02-271-54/+102
| | | | | | | | | | | | | | | This also fixes an inaccuracy (or even a bug?): The previous code pulled the reply mailslot always through req.logon.mailslot_name, which is the union for LOGON_SAM_LOGON_REQUESTs. The LOGON_PRIMARY_QUERY must be referenced by req.pdc.mailslot_name. It might have worked by chance, but this should be more correct. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Feb 27 14:10:14 CET 2018 on sn-devel-144
* nbt_server: nbtd_netlogon_getdc doesn't need "src"Volker Lendecke2018-02-271-2/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: Avoid a talloc callVolker Lendecke2018-02-271-2/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: Avoid an "else" branchVolker Lendecke2018-02-271-4/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: nbtd_netlogon_samlogon needs the dst_name, not the packetVolker Lendecke2018-02-271-8/+11
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: nbtd_netlogon_getdc needs just the dst_nameVolker Lendecke2018-02-271-6/+8
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: Fix a typo ("domian->domain")Volker Lendecke2018-02-271-1/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: nbtd_netlogon_samlogon needs the nbtsrv, not the intefaceVolker Lendecke2018-02-271-5/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: nbtd_netlogon_getdc needs the nbtsrv, not the interfaceVolker Lendecke2018-02-271-8/+8
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: Centralize a consistency checkVolker Lendecke2018-02-271-8/+7
| | | | | | | | This is a "should NEVER happen" and applies to both LOGON_PRIMARY_QUERY and LOGON_SAM_LOGON_REQUEST Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: Make nbtd_mailslot_netlogon_handler a bit more idiomaticVolker Lendecke2018-02-271-3/+5
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: Factor out dgram sending from reply constructionVolker Lendecke2018-02-271-42/+76
| | | | | | | | Separation of concerns. Only one call to dgram_mailslot_netlogon_reply, which does the UDP send. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: Remove a pointless assignmentVolker Lendecke2018-02-271-2/+0
| | | | | | | | | | | I don't see how data.msg.dest_name.type is accessed further down dgram_mailslot_netlogon_reply only accesses packet->src_addr, packet->src_port and packet->data.msg.source_name, *not* data.msg.dest_name. Also, "packet" is thrown away after this call. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* nbt_server: Remove some unused parametersVolker Lendecke2018-02-271-8/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libdgram: Remove an unused parameterVolker Lendecke2018-02-274-8/+7
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libdgram: Remove an unused parameterVolker Lendecke2018-02-273-5/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libsocket: Add "mem_ctx" to socket_create()Volker Lendecke2018-02-279-31/+31
| | | | | | | | Every caller did a talloc_steal() after socket_create(). Just pass in the correct memory context. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* Minor cleanup to libnet_join_memberSwen Schillig2018-02-241-27/+19
| | | | | | | | | | | | Prevent code duplication by consolidating cleanup task at the end of the function. Signed-off-by: Swen Schillig <swen@vnet.ibm.com> Reviewed-by: Christof Schmitt <cs@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Feb 24 23:19:05 CET 2018 on sn-devel-144
* s4:lib:com: Fix function declartionsAndreas Schneider2018-02-241-6/+19
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* repl_md: avoid returning LDB_SUCCESS on failureDouglas Bagnall2018-02-241-1/+9
| | | | | | Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb/encrypted_secrets: remove dependency to libnettle and use our own ↵Stefan Metzmacher2018-02-235-245/+111
| | | | | | | | | | | | | | | | | | aes_gcm_128_*() We already rely on gnutls in order to implement SSL/TLS, so using that to speed up crypto like aes gcm 128 is fine, but as we already have code for that algorithm, we should use that instead of adding a new dependency to libnettle. Some (I guess newer versions) of gnutls use nettle internally, so we may end up using that code, but we should not have a direct dependency. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13276 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:auth_sam: allow logons with an empty domain nameStefan Metzmacher2018-02-231-6/+10
| | | | | | | | | | | | It turns out that an empty domain name maps to the local SAM. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13206 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Feb 23 04:08:26 CET 2018 on sn-devel-144
* util/rfc1738_unescape(): return end pointer or NULL on errorDouglas Bagnall2018-02-221-4/+7
| | | | | | | At present we don't detect errors, but when we do we'll return NULL. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:rpc_server: fix call_id truncation in dcesrv_find_fragmented_call()Stefan Metzmacher2018-02-211-1/+1
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13289 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Wed Feb 21 19:02:56 CET 2018 on sn-devel-144
* heimdal_build: use closefrom from libreplaceBjoern Jacke2018-02-211-0/+5
| | | | | | | | this silences a lot of "... has been redefined" compiler warnings on platforms that don't have closefrom Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:rpc_server/lsa: implement forwarding lsa_Lookup{Sids,Names}() requests to ↵Stefan Metzmacher2018-02-211-2/+525
| | | | | | | | | | | | | winbindd This might not be perfect yet, but it's enough to allow names from trusted forests/domain to be resolved, which is very important for samba based domain members. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4:rpc_server/lsa: rewrite lookup sids/names code to honor the given lookup ↵Stefan Metzmacher2018-02-211-557/+855
| | | | | | | | | | | | | | | | | | | | | | | | | level [MS-LSAT] 2.2.16 LSAP_LOOKUP_LEVEL defines the which views each level should consult. Up to now we support some wellknown sids, the builtin domain and our account domain, but all levels query all views. This commit implements 3 views (predefined, builtin, account domain) + a dummy winbind view (which will later be used to implement the gc, forest and trust views).. Depending on the level we select the required views. This might not be perfect in all details, but it's enough to pass all existing tests, which already revealed bugs during the development of this patch. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4:dsdb: add dsdb_trust_domain_by_{sid,name}()Stefan Metzmacher2018-02-211-0/+222
| | | | | | | | | | | | This gets the lsa_ForestTrustDomainInfo for the searched domain as well as the lsa_TrustDomainInfoInfoEx for the direct trust (which might be the same for external trust or the forest root domain). Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4:rpc_server/lsa: prepare dcesrv_lsa_LookupNames* for async processingStefan Metzmacher2018-02-211-142/+250
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4:rpc_server/lsa: prepare dcesrv_lsa_LookupSids* for async processingStefan Metzmacher2018-02-211-58/+157
| | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4:rpc_server/lsa: base dcesrv_lsa_LookupNames2() on ↵Stefan Metzmacher2018-02-211-56/+58
| | | | | | | | | dcesrv_lsa_LookupNames_common() Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4:rpc_server/lsa: base dcesrv_lsa_LookupNames() on ↵Stefan Metzmacher2018-02-211-7/+36
| | | | | | | | | dcesrv_lsa_LookupNames_common() Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in ↵Stefan Metzmacher2018-02-211-9/+12
| | | | | | | | | dcesrv_lsa_LookupNames2() Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s4:rpc_server/lsa: rename 'state' variable to 'policy_state' in ↵Stefan Metzmacher2018-02-211-5/+5
| | | | | | | | | dcesrv_lsa_LookupSids2() Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
View Lorry Controller Status