summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* SEC_RIGHTS_DIR_PRIV_BACKUP and SEC_RIGHTS_DIR_PRIV_RESTORE aren't used ↵Jeremy Allison2012-08-311-8/+7
| | | | | | | | anywhere. Remove (can re-add if needed). Ensure the privilege rights are always specific rights, not generic. By the time the privilege rights are examined, we've already mapped from generic to specific in the access_mask.
* s4-dsdb: Remove unused variablesAndrew Bartlett2012-09-011-3/+0
| | | | | Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Sep 1 05:10:47 CEST 2012 on sn-devel-104
* s4-kdc: Improve grammer and clarity of password change failure messages.Andrew Bartlett2012-09-011-4/+3
| | | | | | | This can still be improved further, but avoid mentioning reasons that clearly do not apply in this case. Andrew Bartlett
* s3: Fix warnings in aio_fork.cVolker Lendecke2012-09-011-2/+4
|
* s3: Remove a shadowing variable declarationVolker Lendecke2012-09-011-2/+0
|
* s4-dsdb: Remove unused tmp_ctx leaked onto long-term ldb_contextAndrew Bartlett2012-09-011-2/+0
| | | | | | | This was found based on a log provided by Ricky Nance <ricky.nance@weaubleau.k12.mo.us>. Thanks Ricky! Andrew Bartlett
* s4 dns: Store TKEYs in a ringbufferKai Blin2012-08-313-57/+106
| | | | | | | This stops us from potentially being DoSed by tons of TKEYs Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Aug 31 22:46:01 CEST 2012 on sn-devel-104
* tdb: return unpack error on strdup failureDavid Disseldorp2012-08-311-0/+3
| | | | | | | Signed-off-by: Lars Müller <lars@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Fri Aug 31 21:05:21 CEST 2012 on sn-devel-104
* s3: Fix a few "warning: ISO C90 forbids mixed declarations and code"Volker Lendecke2012-08-311-154/+234
| | | | | Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Fri Aug 31 19:24:47 CEST 2012 on sn-devel-104
* s3:build fix autoconf build on RHEL5Christian Ambach2012-08-311-0/+236
| | | | | | | | RHEL5 only has autoconf 2.59, so autogen.sh still needs to find autoconf-2.60.m4 somewhere, but it was removed with 5f58359 Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Fri Aug 31 12:50:03 CEST 2012 on sn-devel-104
* s3:doc Fix name of timeout parameter in documentationChristof Schmitt2012-08-311-3/+3
| | | | | | The name is time_audit:timeout, not time_audit:audit_timeout. Signed-off-by: Christian Ambach <ambi@samba.org>
* s3:dbwrap_ctdb: Add DB name and key to warning messageChristof Schmitt2012-08-311-1/+8
| | | | | | | When a operation takes too long, it is useful for debugging to know the DB and the key. Signed-off-by: Christian Ambach <ambi@samba.org>
* s4 dns: Negotiate GSSAPI-based TKEYsKai Blin2012-08-314-1/+254
| | | | | Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Fri Aug 31 10:38:35 CEST 2012 on sn-devel-104
* s4-kdc: Give information on how long the password history isAndrew Bartlett2012-08-311-1/+2
| | | | | Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Aug 31 08:06:17 CEST 2012 on sn-devel-104
* s4-libnet: Fix memory leak of lsa_RefDomainList and lsa_String onto libnet_ctxAndrew Bartlett2012-08-311-2/+2
| | | | | | | | | | These are only needed for as long as the call, and should be children of the private context. This was found based on a log provided by Ricky Nance <ricky.nance@weaubleau.k12.mo.us>. Thanks Ricky! Andrew Bartlett
* auth/credentials: Do not print passwords in a talloc memory dumpAndrew Bartlett2012-08-311-0/+8
| | | | | | | The fact that a password was created here is enough information, so overwrite with the function name and line. Andrew Bartlett
* VERSION: Move on to beta9Andrew Bartlett2012-08-311-2/+2
| | | | | | | | | | | We home beta8 will be the last beta, but to avoid confusion and allow more releases if required I won't mark it as rc1 until the actual release candidate. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Aug 31 02:07:23 CEST 2012 on sn-devel-104
* VERSION: Mark as the beta8 releaseAndrew Bartlett2012-08-311-1/+1
|
* WHATSNEW: prepare for 4.0 beta8Andrew Bartlett2012-08-311-35/+30
|
* The NTVFS server doesn't pass the SMB1 INHERITFLAGS test.Jeremy Allison2012-08-301-0/+1
| | | | | Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Aug 30 21:38:02 CEST 2012 on sn-devel-104
* Now ACL inheritance flags are working, add test_inheritance_flags() back ↵Jeremy Allison2012-08-301-5/+10
| | | | into raw.acls to ensure we don't regress.
* With the inheritance ACL changes we now pass samba3.smb2.acls.INHERITFLAGS.Jeremy Allison2012-08-301-1/+0
|
* Fix bug #9124 - Samba fails to set "inherited" bit on inherited ACE's.Jeremy Allison2012-08-301-3/+7
| | | | Change se_create_child_secdesc() to handle inheritance correctly.
* Windows does canonicalization of inheritance bits. Do the same.Jeremy Allison2012-08-301-0/+35
| | | | | | | | | | | | | We need to filter out the SEC_DESC_DACL_AUTO_INHERITED|SEC_DESC_DACL_AUTO_INHERIT_REQ bits. If both are set we store SEC_DESC_DACL_AUTO_INHERITED as this alters whether SEC_ACE_FLAG_INHERITED_ACE is set when an ACE is inherited. Otherwise we zero these bits out. See: http://social.msdn.microsoft.com/Forums/eu/os_fileservices/thread/11f77b68-731e-407d-b1b3-064750716531 for details.
* Change the other two places where we set a security descriptor given by the ↵Jeremy Allison2012-08-302-25/+2
| | | | | | client to got through set_sd(), the canonicalize sd function.
* Re-add set_sd(), called from set_sd_blob(). Allows us to centralize all ACL ↵Jeremy Allison2012-08-302-14/+28
| | | | canonicalization.
* Rename set_sd() to set_sd_blob() - this describes what it does.Jeremy Allison2012-08-303-6/+6
|
* s3:libsmb correctly set isFsctl for snapshot listChristian Ambach2012-08-301-1/+1
| | | | | | | | | FSCTL_GET_SHADOW_COPY_DATA is a FSCTL, so set the isFsctl marker otherwise smbclient allinfo will not report snapshots any more with the changes made for Bug #8311 Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Thu Aug 30 18:57:24 CEST 2012 on sn-devel-104
* selftest: Remove spoolss tests from knownfail.Andreas Schneider2012-08-301-66/+0
| | | | | Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Aug 30 17:17:55 CEST 2012 on sn-devel-104
* selftest: Add missing printing options for plugin_s4_dc.Andreas Schneider2012-08-301-0/+24
|
* file_server: Fix spoolss support with s3fs.Andreas Schneider2012-08-301-1/+1
|
* selftest: Define the log directory for s3fs.Andreas Schneider2012-08-301-0/+3
|
* auth/credentials: Support match-by-key in cli_credentials_get_server_gss_creds()Andrew Bartlett2012-08-303-3/+10
| | | | | | | | | | | | | This allows a password alone to be used to accept kerberos tickets. Of course, we need to have got the salt right, but we do not need also the correct kvno. This allows gensec_gssapi to accept tickets based on a secrets.tdb entry. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Aug 30 01:26:12 CEST 2012 on sn-devel-104
* s4-torture: Add start of a test to confirm winbindd PAC parsingAndrew Bartlett2012-08-293-2/+157
| | | | | | | So far this confirms that we can accept a ticket using the secrets.tdb entry. Andrew Bartlett
* lib/krb4_wrap: Add const to kt_copy_one_principalAndrew Bartlett2012-08-292-2/+2
|
* s3:vfs_gpfs: Use directory not file to get fileset idChristof Schmitt2012-08-292-5/+35
| | | | | | | | | | | | | | | The query of the fileset quota needs to determine the file set id first. With the currently available interface, this requires opening the file to get a file descriptor. For files, this open can fail when a share mode is set. Workaround this by querying the fileset id on the directory instead. The proper solution would be getting an interface for getting the fileset id that does not require opening the file. Autobuild-User(master): Christian Ambach <ambi@samba.org> Autobuild-Date(master): Wed Aug 29 18:58:34 CEST 2012 on sn-devel-104
* vfs_media_harmony: fix some compile warnings with llvmBjörn Jacke2012-08-291-66/+66
| | | | | Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Wed Aug 29 16:05:10 CEST 2012 on sn-devel-104
* s3-printing: fix bug 9123 lprng job tracking errorsDavid Disseldorp2012-08-292-3/+3
| | | | | | | | | | | | The lprng printing back-end is truncating the print job filename in the lpq output, which means that Samba is not able to determine the back-end job ID for a newly submitted print job. Remove the unneeded spoolss job ID from the print job file name to ensure the job filename is not truncated. Also log these warnings at a higher log level. Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Wed Aug 29 14:25:13 CEST 2012 on sn-devel-104
* libkrb5: Fix build with MIT Kerberos.Andreas Schneider2012-08-291-6/+6
| | | | | Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Aug 29 12:23:37 CEST 2012 on sn-devel-104
* s4-libnet: Fix passing samba_all_enctypes as a fn rather than the encrypt ↵Andrew Bartlett2012-08-291-1/+1
| | | | | | | array it returns Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Aug 29 09:56:27 CEST 2012 on sn-devel-104
* s4-dsdb: Avoid printing secret attributes in ldb trace logsAndrew Bartlett2012-08-291-0/+8
| | | | | | | | | | | These are printed when Samba has debug level 10, which is often used for debugging. To indicate that these attributes are secret, we set an opaque. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Aug 29 06:04:33 CEST 2012 on sn-devel-104
* lib/ldb: Avoid printing secret attributes in ldb trace logsAndrew Bartlett2012-08-298-14/+352
| | | | | | | | These are printed when Samba has debug level 10, which is often used for debugging. Instead, print a note to say that this attribute has been skipped. Andrew Bartlett
* auth/credentials: Remove unused, and un-declared cli_credentials_set_krbtgt()Andrew Bartlett2012-08-291-29/+0
|
* auth/credentials: Better integrate fetch of secrets.tdb and secrets.ldb recordsAndrew Bartlett2012-08-291-32/+61
| | | | | | | | By checking first if there is a secrets.tdb record and passing in the password and last change time we avoid setting one series of values and then replacing them. We also avoid the need to work around the setting of anonymous. Andrew Bartlett
* auth/credentials: Improve memory handling in cli_credentials_set_machine_accountAndrew Bartlett2012-08-291-26/+26
| | | | | | | | | By using a tempoary talloc context this is much tidier and more reliable code. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Aug 29 03:11:10 CEST 2012 on sn-devel-104
* selftest: Add a test for smbclient --machine-pass without secrets.tdbAndrew Bartlett2012-08-292-1/+10
| | | | | | | Errors in handling the upgrade case without a matching secrets.tdb caused segfaults in the server. This essentially tests both sides. Andrew Bartlett
* auth/credentials: Avoid double-free in the failure caseAndrew Bartlett2012-08-291-1/+1
| | | | | | This pointer is only valid if dbwrap_fetch returned success. Andrew Bartlett
* s3-smbd: Fix flooding the logs with records we don't find in pcap.Andreas Schneider2012-08-281-1/+1
| | | | | Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Aug 28 16:38:55 CEST 2012 on sn-devel-104
* s3-classicupgrade: Fix import from ldapAndrew Bartlett2012-08-281-2/+2
| | | | | | | | | | We must not reference result before provision(), and do not need session_info and lp for reading a normal ldap backend anyway. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 28 09:49:39 CEST 2012 on sn-devel-104
* lib/ldb: Bump ldb version to 1.1.11Andrew Bartlett2012-08-283-1/+262
| | | | | | | This will ensure the next Samba release requires an ldb with the recent fixes. Andrew Bartlett
generated by cgit (git 2.34.1) at 2025-04-27 14:00:09 +0000