summaryrefslogtreecommitdiffstats
path: root/source4
Commit message (Collapse)AuthorAgeFilesLines
* s4-smbtorture: remove trailing whitespace from RPC-SPOOLSS.Günther Deschner2009-06-301-98/+98
| | | | Guenther
* Rework the kerberos-notes.txt in order and formatDon Davis2009-06-301-0/+803
| | | | | | | | This reworks the notes file to be less stream-of-consciousness and more task for porting, with a very particular focus on a potential port of Samba4 to use MIT Kerberos. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldb Allow rootdse module to build without ldb_private.hAndrew Bartlett2009-06-303-2/+4
| | | | | | | It seems quite reasonable to allow modules to re-initialise the set of cached DNs on the ldb context. Andrew Bartlett
* s4: dsdb Avoid using the internal ldb_private.h headerAndrew Bartlett2009-06-305-118/+122
| | | | | | | This job is not complete (the partition module remains a unfinished task), but now we do use the private ldb headers much less. Andrew Bartlett
* s4:heimdal Allow KRB5_NT_ENTERPRISE names in all DB lookupsAndrew Bartlett2009-06-304-24/+33
| | | | | | | | | | | | | | The previous code only allowed an KRB5_NT_ENTERPRISE name (an e-mail list user principal name) in an AS-REQ. Evidence from the wild (Win2k8 reportadely) indicates that this is instead valid for all types of requests. While this is now handled in heimdal/kdc/misc.c, a flag is now defined in Heimdal's hdb so that we can take over this handling in future (once we start using a system Heimdal, and if we find out there is more to be done here). Andrew Bartlett
* s4:kdc Only get the lp_ctx once for a LDB_fetch()Andrew Bartlett2009-06-301-11/+18
|
* Rework hdb-samba4 to remove useless abstractions.Andrew Bartlett2009-06-301-84/+44
| | | | | | | | | | | The function LDB_lookup_principal() has been eliminated, and it's contents spread back to it's callers. Removing the abstraction makes the code clearer. Also ensure we never pass unescaped user input to a LDB search function. Andrew Bartlett
* s4:dsdb Explain the parsing steps for userPrincipalName cracknames callsAndrew Bartlett2009-06-301-0/+4
|
* s4-smbtorture: use torture_comment & torture_warning in RPC samr tests.Günther Deschner2009-06-291-205/+206
| | | | Guenther
* s4-smbtorture: correctly test comment behaviour in RPC-SAMR-USERS against s3.Günther Deschner2009-06-291-7/+4
| | | | Guenther
* s4-smbtorture: add RPC-SAMR-MACHINE-AUTH test.Günther Deschner2009-06-292-1/+486
| | | | | | | | | | | | This test talks to a DC as a joined workstation member - in the same way winbindd does, in particular the calls used in this test's query pattern will all request for SEC_FLAG_MAXIMUM_ALLOWED access_mask (which pretty much all of samba's client code does as well). In fact this test verifies that winbind can correctly talk to a samba dc using samr dcerpc calls. Guenther
* s4-smbtorture: add torture_suite_add_machine_workstation_rpc_iface_tcase.Günther Deschner2009-06-295-10/+65
| | | | | | | Unlike torture_suite_add_machine_bdc_rpc_iface_tcase() which joins as a BDC (ACB_SRVTRUST) this joins as a member workstation (ACB_WSTRUST). Guenther
* Adds the impersonation level in ntcreatex requests to SAMBA 3 misc torture testMatthias Dieter Wallnöfer2009-06-291-0/+4
| | | | Specifies the impersonation level according to the reporter commit in bug #6283
* Correct some typos in the LDB partition moduleMatthias Dieter Wallnöfer2009-06-291-5/+5
|
* SAMDB: Don't check for "sAMAccountName" twiceMatthias Dieter Wallnöfer2009-06-291-1/+0
|
* Enhancement of "simple ldap map" with "systemFlags" attributeMatthias Dieter Wallnöfer2009-06-291-0/+22
| | | | | Enhance the simple ldap map to support also the "systemFlags" attribute in the correct way.
* ldb: Properly handle NULL when copying attr lists.Andrew Kroeger2009-06-291-4/+4
| | | | | When copying an attribute list, ensure the list itself is not NULL before attempting to access elements of the list.
* Correct the headers of some SAMBA 4 setup python scriptsMatthias Dieter Wallnöfer2009-06-293-3/+3
|
* Two patches which fix issues on cross compiling/buildingNathaniel McCallum2009-06-291-1/+3
|
* Fixes for SAMBA3RPC torture testMatthias Dieter Wallnöfer2009-06-291-4/+11
| | | | | | On calls where both NT_STATUS and WERROR results are returned and consulted we have to make sure to form function results considering both. This errors have been found through a run against SAMBA 4.
* Small patch for SPOOLSS pipeMatthias Dieter Wallnöfer2009-06-291-5/+5
| | | | | Prevents a crash of the SAMBA 4 daemon on the torture SPOOLSS test due to not initialised structures.
* Upgrade ntvfs_map_*info to ntvfs_map_async_setup/ntvfs_map_async_finishSam Liddicott2009-06-261-33/+80
| | | | | | | | | | | | | ntvfs_map_fsinfo, ntvfs_map_qpathinfo, ntvfs_map_qfileinfo used an old synchronous mapping technique, acceptable on the grounds that they were only used by the simple vfs which was synchronous. Other vfs may/do use these functions, and by upgrading them to use the ntvfs_map_async_setup/ntvfs_map_async_finish framework, they can now be used asynchronously. Signed-off-by: Sam Liddicott <sam@liddicott.com> Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4 auth_winbind: Internally, info3 has utf8 buffers, not utf16 buffers.Kai Blin2009-06-251-63/+16
| | | | Thanks to gd for the catch.
* s4 auth_winbind: Don't allocate the rids for the info3 structure within the loopKai Blin2009-06-251-4/+4
|
* s4: Add libwbclient backend to auth_winbindKai Blin2009-06-252-1/+216
|
* Reenable the LDAPI socket for the merged buildVolker Lendecke2009-06-241-2/+0
| | | | | | | | | | | It seems that the samba4 part of the merged build does not pick up the DEVELOPER flag from the s3 configure. Jelmer, can you fix that properly? Thanks, Volker
* s4-smbtorture: more paranoid checks while testing group membership in RPC-SAMR.Günther Deschner2009-06-241-1/+27
| | | | Guenther
* s4-smbtorture: fix test_GetInfoLevel crash bug in RPC-DFS.Günther Deschner2009-06-191-0/+2
| | | | Guenther
* Allow developers access the the privilaged ldapi socket for the momentAndrew Bartlett2009-06-191-0/+4
| | | | This allows us some time to get the EXTERNAL bind working
* On our way to alpha9!Andrew Bartlett2009-06-191-2/+2
|
* Mark as release versionsamba-4.0.0alpha8Andrew Bartlett2009-06-191-1/+1
|
* s4:ldapsrv Place the 'privilaged' ldapi socket under an #ifdefAndrew Bartlett2009-06-191-1/+11
| | | | | | | | This makes it clear to our users that this particular implementation isn't final (all parties are agreed that an EXTERNAL bind is the right way to do this, but it has not been implemented yet). Andrew Bartlett
* s4:ldb Add test for integer normalisation behaviourAndrew Bartlett2009-06-191-0/+17
| | | | | | | This uses groupType as the example, but this actually applies to all integer types in AD. Andrew Bartlett
* Fixed some uninitialised variablesMatthias Dieter Wallnöfer2009-06-195-18/+20
| | | | I tried hard to not change the program logic. Should fix bug #6439.
* Correct handling of 32-bit integer attributes in SAMBA 4Matthias Dieter Wallnöfer2009-06-194-41/+88
| | | | | | | | | | - LDB handles now all 32-bit integer attributes correctly (also with overflows) according to the schema - LDAP backends handle the attributes "groupType", "userAccountControl" and "sAMAccountType" correctly. This handling doesn't yet use the schema but the conversion file "simple_ldap.map.c" which contains them hardcoded. Did also a refactoring of the conversion function there. - Bug #6136 should be gone
* Remove unused variableAndrew Bartlett2009-06-181-3/+0
|
* Bump the ldb version and the version Samba4 requires.Andrew Bartlett2009-06-182-2/+2
| | | | | | | | We have made a lot of useful changes to LDB since the last realese, that Samba4 now relies on. This ensures that a build against a system LDB will only succeed against the right version. Andrew Bartlett
* s4: Add tests and 'must change password' flags in setpassword and newuserAndrew Bartlett2009-06-184-12/+25
| | | | | | | In particular, ensure that we can acutally change the password under these circumstances. Andrew Bartlett
* s4:libnet Allow 'net password change' to work on expired passwordsAndrew Bartlett2009-06-1811-9/+41
| | | | | | | | | We need to pass down flags to the DCE/RPC layer to allow fallback to anonymous connections, as we can't log in with an expired password. The anonymous connection can then change the password with SAMR. Andrew Bartlett
* s4:kdc Allow a password change when the password is expiredAndrew Bartlett2009-06-1812-70/+98
| | | | | | | | | | | | | | This requires a rework on Heimdal's windc plugin layer, as we want full control over what tickets Heimdal will issue. (In particular, in case our requirements become more complex in future). The original problem was that Heimdal's check would permit the ticket, but Samba would then deny it, not knowing it was for kadmin/changepw Also (in hdb-samba4) be a bit more careful on what entries we will make the 'change_pw' service mark that this depends on. Andrew Bartlett
* s4:setup Add an option to 'setpassword' to force password change at next loginAndrew Bartlett2009-06-183-3/+17
|
* s4:gensec Print GSSAPI error message when unable to find PACAndrew Bartlett2009-06-181-1/+3
|
* Require the new tdb 1.1.5 (for performance reasons)Andrew Bartlett2009-06-182-2/+2
| | | | | | | | While tdb has not changed ABI in a way that requires this, we don't want Samba4 somehow built against the old version with performance problems on large, growing databases. Andrew Bartlett
* Fixes for the "cldap" testsMatthias Dieter Wallnöfer2009-06-182-6/+19
| | | | | | | - Insert a check after the "tsocket" library call to make sure that the call terminated correctly - Add a comment to explain why on further calls of "cldap_socket_init" the destination address hasn't to be specified
* source4/client/client.c: Possible memory leaksSlava Semushin2009-06-181-2/+5
| | | | | | | | | | | Patch for bug #6446 cppcheck found 2 possible memory leaks: [./source4/client/client.c:3305]: (error) Memory leak: base_directory [./source4/client/client.c:3305]: (error) Memory leak: desthost Patch in attach.
* Fix resource leak in lib/ldb/tools/ldbmodify.cSlava Semushin2009-06-181-0/+1
| | | | Patch for bug #6389
* Fix syntax error in lib/ldb/ldb_sqlite3/base160.cSlava Semushin2009-06-181-1/+1
| | | | Patch for bug #6388
* LDB: Link against both tevent and tallocEric Sandall2009-06-181-1/+1
| | | | | | | Patch for bug #6269 When linking against tevent you also need to link against talloc. This patch fixes external/libevent.m4 to do so.
* s4: Call va_end() after all va_start()/va_copy() calls.Andrew Kroeger2009-06-181-0/+1
| | | | | | | | This corrects the issues reaised in bug #6129, and some others that were not originally identified. It also accounts for some code that was in the original bug report but appears to have since been made common between S3 and S4. Thanks to Erik Hovland <erik@hovland.org> for the original bug report.
* NETLOGON pipe improvementsMatthias Dieter Wallnöfer2009-06-182-33/+81
| | | | | | | | | | | | | | | Patch for bug #4939 This refactors the NETLOGON code related to this bug: - Introduces a new "SYNCSTATE" enum required by the "DatabaseSync2" call (acc. to WSPP) - Make "DatabaseSync" dependant from "DatabaseSync2" (acc. to WSPP) - Let "DatabaseSync2" return NT_STATUS_NOT_IMPLEMENTED (I'm not sure if this is also true when a domain is running in mixed mode) - Make "LogonControl" and "LogonControl2" dependant form "LogonControl2Ex" (acc. to WSPP) - Let "LogonControl2Ex" return WERR_NOT_SUPPORTED for now
generated by cgit (git 2.34.1) at 2025-02-01 11:53:41 +0000