summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* waf: the libXX.inst.so file also depends on the vscriptAndrew Tridgell2010-12-101-0/+4
| | | | | | | | this fixes a problem with installed libraries not relinking after a git version change Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Fri Dec 10 09:30:46 CET 2010 on sn-devel-104
* s3-vfstest: fixed paths in vfstestAndrew Tridgell2010-12-101-0/+2
| | | | | vfstest tries to create /messages.tdb as loadparm has not been initialised
* wintest flush DNS on Windows clients to improve reliablityAndrew Bartlett2010-12-101-0/+2
| | | | | Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Dec 10 08:45:28 CET 2010 on sn-devel-104
* s3-dns Don't use DELEG_FLAG in DNS update, Windows 2008R2 does not like itAndrew Bartlett2010-12-101-1/+1
|
* s3-dns Don't use SEQUENCE_FLAG in DNS update, Windows 2008R2 does not like itAndrew Bartlett2010-12-101-1/+1
| | | | Andrew Bartlett
* wintest More work to make test-s3.py workAndrew Bartlett2010-12-101-4/+17
| | | | | | | | | | | - Set the password on the newly added 'root' user so we can connect with a user that exists in getpwnam() without further configuration - bind interfaces only so we don't conflict with other Samba instances - use the full DNS name for smbclient - don't connect to localhost (as we will be on ${INTERFACE_IP} only - Use the windows domain in the wbinfo command (winbindd won't take bare name here). - Register our IP address in DNS using 'net ads dns register' Andrew Bartlett
* s3-net Allow 'net ads dns register' to take an optional hostname argumentAndrew Bartlett2010-12-101-6/+10
| | | | | | This allows the administrator to more carefully chose what name to register. Andrew Bartlett
* wintest Share more of the S4 test code with the s3 testAndrew Bartlett2010-12-103-257/+298
| | | | | | | | This allows us to run a private BIND in the S3 test, and allows the S3 test to join a freshly provisioned AD instance if the VM isn't already configured. Andrew Bartlett
* s3-winbind Improve memory handling in NTLMv2-backend plaintext authenticationAndrew Bartlett2010-12-101-17/+6
| | | | Andrew Bartlett
* s3-winbind Don't send the LM password to the server, everAndrew Bartlett2010-12-101-11/+1
| | | | | | | | | | | This is for the case where we have the plaintext password locally, and can construct the challenge-response values here. We should never ever use the LM password in domain authentication. The last domain controller to only have LM passwords stored was NT 3.5. Andrew Bartlett
* s3-libsmb Don't ever ask for machine$ principals as a target.Andrew Bartlett2010-12-101-30/+6
| | | | | | | | | | | | It is never correct to ask for a machine$ principal as the target of a kerberos connection. You should always connect via the servicePrincipalName. This current code appears to have built up from a series of minimal changes, as the codebase adapted the to lack of a SPNEGO principal from Windows 2008. Andrew Bartlett
* s3-docs Add docs for 'client use spnego principal' and 'send spengo principal'Andrew Bartlett2010-12-102-0/+56
| | | | Andrew Bartlett
* s3-docs Explain change to NTLMv2 by default in the clientAndrew Bartlett2010-12-101-6/+7
|
* s3-client Use NTLMv2 by default in the Samba clientAndrew Bartlett2010-12-101-2/+2
| | | | | | This matches the improved security measures of Windows Vista. Andrew Bartlett
* s3-smbd Don't send SPNEGO principal (rfc4178 hint) by defaultAndrew Bartlett2010-12-103-0/+15
| | | | | | | | | | | | | | This patch, based on the suggestion by Goldberg, Neil R. <ngoldber@mitre.org> turns off the sending of the principal in the negprot by default, matching Windows 2008 behaviour. This slowly works us back from this hack, which from an RFC perspective was never the right thing to do in the first place, but we traditionally follow windows behaviour. It also discourages client implmentations from relying on it, as if they do they are more open to man-in-the-middle attacks. Andrew Bartlett
* s3-libads Default to NOT using the server-supplied principal from SPNEGOAndrew Bartlett2010-12-104-6/+19
| | | | | | | | | | | | | | | | | This principal is not supplied by later versions of windows, and using it opens up some oportunities for man in the middle attacks. (Becuase it isn't the name being contacted that is verified with the KDC). This adds the option 'client use spnego principal' to the smb.conf (as used in Samba4) to control this behaivour. As in Samba4, this defaults to false. Against 2008 servers, this will not change behaviour. Against earlier servers, it may cause a downgrade to NTLMSSP more often, in environments where server names are not registered with the KDC as servicePrincipalName values. Andrew Bartlett
* subunitrun: Use unittest.TestProgram if subunit.TestProgram is notJelmer Vernooij2010-12-102-27/+12
| | | | | | | available. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Fri Dec 10 03:49:03 CET 2010 on sn-devel-104
* s4-python: Add convenience function for forcibly importing bundledJelmer Vernooij2010-12-102-4/+17
| | | | package.
* subunitrun: Extend hack to cope with older system subunit run installs.Jelmer Vernooij2010-12-101-0/+2
|
* subunitrun: Remove global subunit module when reimporting from aJelmer Vernooij2010-12-101-1/+6
| | | | different location.
* s4-dist: Remove no longer existing files from blacklist (fixes 'makeJelmer Vernooij2010-12-101-2/+1
| | | | dist' inclusion of configure)
* s4-python: Fix use of bundled modules.Jelmer Vernooij2010-12-101-1/+1
|
* s4-python: Split up ensure_external_module.Jelmer Vernooij2010-12-102-10/+23
|
* selftest: Make sure system subunit.run has TestProgram.Jelmer Vernooij2010-12-101-1/+1
|
* smbtorture: Rename --list to --list-suites, add stub --list.Jelmer Vernooij2010-12-104-13/+14
|
* selftest: Check exit code when listing tests.Jelmer Vernooij2010-12-101-0/+11
|
* s4-selftest: Add convenience function for running testsuites usingJelmer Vernooij2010-12-101-9/+17
| | | | subunitrun.
* selftest: Allow discovering tests in pure python testsuites.Jelmer Vernooij2010-12-101-2/+2
|
* subunitrun: Support --list.Jelmer Vernooij2010-12-101-3/+8
|
* selftest: Rename $LIST to $LISTOPT for consistency with testrepository.Jelmer Vernooij2010-12-101-2/+2
|
* dnspython: Update to newer upstream snapshot.Jelmer Vernooij2010-12-1022-95/+1175
|
* subunit: Update to newer upstream snapshot.Jelmer Vernooij2010-12-108-16/+47
|
* testtools: Import new upstream snapshot.Jelmer Vernooij2010-12-1036-367/+3694
|
* selftest: add --list option.Jelmer Vernooij2010-12-102-1/+25
|
* selftest: Document --testenv in --help output, remove documentation forJelmer Vernooij2010-12-101-1/+1
| | | | now obsolete --analyse-cmd.
* pidl: use $CC -E if $CPP is not defined, if both undefined use cppMatthieu Patou2010-12-101-2/+8
| | | | | Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Fri Dec 10 01:26:44 CET 2010 on sn-devel-104
* build: use CPP and CC values when calling pidlMatthieu Patou2010-12-102-1/+19
|
* build: introduce SAMBA_CHECK_PYTHON_HEADERSMatthieu Patou2010-12-105-4/+13
| | | | | | | | | | | | | | | | | | | | | | | This function is a wrapper around waf's check_python_header. It avoids searching more than once for the headers bringing a small speed improvement and a better lisibility of the logs. But it's mainly to avoid a nasty bug when python libraries are in path pointed by python_LIBPL (ie. /usr/local/lib/python2.6/config/) instead of python_LIBDIR (ie. /usr/local/lib). On the first call waf will correctly find that in order to link with python libs it needs to add -L$python_LIBPL. But on the next calls of check_python_headers, waf will use both the current library path value (ie. -L/usr/local/lib/python2.6/config) and -L$python_LIBDIR (ie. /usr/local/lib/) which will make him beleive that python libraries are in $python_LIBDIR which at the end will make the final link test fails in check_python_headers as it will not use the good directory. So by avoiding calling check_python_headers more than once we avoid making waf fooling itself.
* build: finishing fixing broken libiconv on hpuxMatthieu Patou2010-12-101-0/+2
|
* s4 libcli: Add libcli_echo lib and torture testKai Blin2010-12-098-0/+372
| | | | | Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Thu Dec 9 23:57:03 CET 2010 on sn-devel-104
* s4: Implement UDP echo server exampleKai Blin2010-12-094-0/+388
| | | | | This is a simple UDP-based echo server. It is mainly intended as an example on how to do server service tasks in s4.
* s4:pyrpc_util: s/typename/type_name to avoid c++ warningsStefan Metzmacher2010-12-092-6/+6
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Dec 9 17:55:57 CET 2010 on sn-devel-104
* talloc: pytalloc-util should not have an ABI-file yetStefan Metzmacher2010-12-091-2/+0
| | | | | | Somehow I forgot to remove this after discussion with Jelmer. metze
* wintest Remove the password expiry as the first stepAndrew Bartlett2010-12-092-4/+13
| | | | | | | | | | This is particularly important before dcpromo, as the password will otherwise be expired in the new domain. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Dec 9 13:33:00 CET 2010 on sn-devel-104
* waf: remove the restriction that private libraries must not have a vnumAndrew Tridgell2010-12-095-19/+6
| | | | | | | | we need the vnum for ABI checking for public libraries built as private libraries when bundled Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu Dec 9 12:47:41 CET 2010 on sn-devel-104
* waf: fixed path to abi_directoryAndrew Tridgell2010-12-091-1/+1
| | | | this broke in a recent patch
* s4-spnego Match Windows 2008, and no longer supply a name in the CIFS NegprotAndrew Bartlett2010-12-091-10/+1
| | | | | | | Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Dec 9 08:50:28 CET 2010 on sn-devel-104
* s4-lsa Implement kerberos ticket life policyAndrew Bartlett2010-12-098-11/+117
| | | | | | | | We now no longer print tickets with a potentially infinite life, and we report the same life over LSA as we use in the KDC. We should get this from group policy, but for now it's parametric smb.conf options. Andrew Bartlett
* s4-tests Workaround new default of 'client ntlmv2 auth = yes' in testsAndrew Bartlett2010-12-092-3/+3
| | | | | | The new default breaks some tests that were assuming LM or NTLM auth Andrew Bartlett
* s4-client Use NTLMv2 by default in the Samba4 client.Andrew Bartlett2010-12-091-0/+1
|
generated by cgit (git 2.34.1) at 2025-09-26 11:58:03 +0000