summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* s4:dsdb/acl_read: do search for instanceType AS_SYSTEM and with SHOW_RECYCLEDStefan Metzmacher2012-11-301-1/+3
| | | | | | | Note that SHOW_RECYCLED implies SHOW_DELETED. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/acl: calculate the correct access_mask when modifying ↵Stefan Metzmacher2012-11-301-1/+14
| | | | | | | | | nTSecurityDescriptor The access_mask depends on the SD Flags. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/acl: don't protect confidential attributes when "acl:search = yes" ↵Stefan Metzmacher2012-11-301-0/+11
| | | | | | | | | is set In that case the acl_read module does the protection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/acl: remove unused "acl:perform" optionStefan Metzmacher2012-11-301-3/+0
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/acl: do helper searches AS_SYSTEM and with SHOW_RECYCLEDStefan Metzmacher2012-11-301-5/+15
| | | | | | | | | | The searches are done in order to do access checks and the results are not directly exposed to the client. Note that SHOW_RECYCLED implies SHOW_DELETED. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/descriptor: make it clear that the SD Flags are ignored on addStefan Metzmacher2012-11-301-1/+7
| | | | | | | | | | | See [MS-ADTS] 6.1.3.2 SD Flags Control: ... When performing an LDAP add operation, the client can supply an SD flags control with the operation; however, it will be ignored by the server. ... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/descriptor: make use of dsdb_request_sd_flags()Stefan Metzmacher2012-11-301-47/+15
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/descriptor: always use descriptor_search_callback if we return ↵Stefan Metzmacher2012-11-301-1/+12
| | | | | | | | | | | | | nTSecurityDescriptor If the nTSecurityDescriptor is explicitly specified without the SD Flags control we should go through descriptor_search_callback(). This is not strictly needed at the moment, but makes the code clearer and might avoid surprises in the future. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/descriptor: do searches for nTSecurityDescriptor AS_SYSTEM and with ↵Stefan Metzmacher2012-11-301-11/+12
| | | | | | | | | SHOW_RECYCLED Note that SHOW_RECYCLED implies SHOW_DELETED. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/acl_util: add dsdb_request_sd_flags() helper functionStefan Metzmacher2012-11-301-0/+37
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/acl_util: do helper searches AS_SYSTEMStefan Metzmacher2012-11-301-0/+1
| | | | | | | The search is done in order to do access checks. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/extended_dn_store: do helper searches AS_SYSTEMStefan Metzmacher2012-11-301-1/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/extended_dn_in: do helper searches AS_SYSTEM and with SHOW_RECYCLEDStefan Metzmacher2012-11-301-12/+13
| | | | | | | Note that SHOW_RECYCLED implies SHOW_DELETED. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/objectclass: do helper searches AS_SYSTEM and with SHOW_RECYCLEDStefan Metzmacher2012-11-301-3/+31
| | | | | | | Note that SHOW_RECYCLED implies SHOW_DELETED. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/rootdse: do helper searches AS_SYSTEMStefan Metzmacher2012-11-301-7/+29
| | | | | | | | | As anonymous users can read all rootdse attributes, we should do helper searches with DSDB_FLAG_AS_SYSTEM in order to avoid unnecessary access checks. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/rootdse: remove unused variableStefan Metzmacher2012-11-301-1/+0
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:tests/samba_tool/gpo.py: fix accidential line breakMichael Adam2012-11-301-2/+1
| | | | | Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:tests/samba_tool/gpo.py: add test_show_as_admin()Stefan Metzmacher2012-11-301-0/+5
| | | | | | | | This calls samba-tool gpo show as admin (which should be able to see the full nTSecurityDescriptor. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:netcmd/gpo.py: let get_gpo_info explicitly ask for the full ↵Stefan Metzmacher2012-11-301-2/+4
| | | | | | | ntSecurityDescriptor Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:netcmd/gpo.py: only ask for OWNER/GROUP/DACL when validating the ↵Stefan Metzmacher2012-11-301-5/+6
| | | | | | | nTSecurityDescriptor Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:netcmd/gpo.py: the nTSecurityDescriptor may not be visible for the ↵Stefan Metzmacher2012-11-301-3/+7
| | | | | | | current user Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:netcmd/gpo.py: s/ntSecurityDescriptor/nTSecurityDescriptorStefan Metzmacher2012-11-301-5/+5
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/dirsync: explicitly ask for sdctr->secinfo_flags = 0xFStefan Metzmacher2012-11-301-2/+2
| | | | | | | A value of 0 is mapped to 0xF. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/dirsync: use the correct nc_root to fetch replUpToDateVectorStefan Metzmacher2012-11-301-3/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/dirsync: check result of replUpToDateVector fetch on nc_rootStefan Metzmacher2012-11-301-0/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* s4:dsdb/schema_data: fix debug message in schema_data_modify()Stefan Metzmacher2012-11-301-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* libnet: Fix a typo in dbsync error message.Michael Adam2012-11-301-1/+1
| | | | Signed-off-by: Michael Adam <obnox@samba.org>
* libnet: Fix copy and paste error in dbsync error message.Andreas Schneider2012-11-301-1/+1
|
* torture: Fix copy and paste error in debug message.Andreas Schneider2012-11-301-1/+1
| | | | Found by Coverity.
* torture: Fix copy and paste error.Andreas Schneider2012-11-301-1/+1
| | | | Found by Coverity.
* docs: man oLschema2ldif: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Nov 29 15:27:45 CET 2012 on sn-devel-104
* docs: man ntlm_auth4: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: man smbtorture: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: man masktest: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: man locktest: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: man gentest: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: man 8 samba: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: man regtree: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: man regshell: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: man regpatch: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: man regdiff: Add missing meta data.Karolin Seeger2012-11-291-0/+3
| | | | | | | | | This avoids warnings during the waf build and removes "FIXME" entries from the manpage. Karolin Reviewed-by: Andreas Schneider <asn@samba.org>
* docs: Rename man ntlm_auth.Karolin Seeger2012-11-282-38/+38
| | | | | | | | | | | Rename man ntlm_auth to ntlm_auth4. Karolin Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Nov 28 20:41:48 CET 2012 on sn-devel-104
* s4:torture/rpc/handles: try to make all assoc_group tests less flakeyStefan Metzmacher2012-11-261-0/+5
| | | | | | | | | | | Just incrementing the assoc_group_id makes it too likely to hit a number that is already in use. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Nov 26 13:53:22 CET 2012 on sn-devel-104
* web_server: Load SWAT if it is available.Jelmer Vernooij2012-11-231-3/+31
| | | | | | | Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Fri Nov 23 01:39:38 CET 2012 on sn-devel-104
* web_server: the web server is not multi-process, indicate so in WSGI.Jelmer Vernooij2012-11-221-1/+1
| | | | | | This is a requirement for some of the paster middleware used by SWAT2. Reviewed-by: Matthieu Patou <mat@matws.net>
* web_server: Properly decrement reference counters for python objects in wsgi.Jelmer Vernooij2012-11-221-29/+81
| | | | Reviewed-by: Matthieu Patou <mat@matws.net>
* web_server: Properly set SCRIPT_NAME and PATH_INFO.Jelmer Vernooij2012-11-221-2/+5
| | | | Reviewed-by: Matthieu Patou <mat@matws.net>
* web_server: Create a string object for SERVER_PORT variable.Jelmer Vernooij2012-11-221-1/+1
| | | | | | This matches the behaviour of other wsgi server implementations. Reviewed-by: Matthieu Patou <mat@matws.net>
* web_server/wsgi: Don't segfault when wsgi app doesn't return iterable.Jelmer Vernooij2012-11-221-0/+5
| | | | | | | There is a bug in the application if this happens, but invalid Python code shouldn't cause segfaults. Reviewed-by: Matthieu Patou <mat@matws.net>
* build: Use ntlm_auth from source3 as the only ntlm_auth installed on the systemAndrew Bartlett2012-11-221-6/+8
| | | | | | | | | | The ntlm_auth4 binary is untested, and is missing major features compared with the source3 binary. The two are being slowly merged, but I have not finished that. Andrew Bartlett Reviewed-by: Andreas Schneider <asn@samba.org>
generated by cgit (git 2.34.1) at 2025-09-25 22:51:35 +0000