summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-06-24s3-printing: eliminate another non sec_initial_uid using security check.Günther Deschner1-1/+1
Guenther
2009-06-24s3-spoolss: restructure _spoolss_EndDocPrinter().Günther Deschner1-30/+32
Guenther
2009-06-23s3-lsa: Fix error path in _lsa_EnumAccountRights.Günther Deschner1-2/+11
This needs to return NT_STATUS_OBJECT_NAME_NOT_FOUND again as described in MS-LSAD 3.1.4.5.10 and tested with the RPC-SAMR-USER-PRIVILEGES test. Guenther
2009-06-23s3-eventlog: implement _eventlog_ReportEventW().Günther Deschner1-6/+77
Guenther
2009-06-23s3: re-run make idl.Günther Deschner5-42/+216
Guenther
2009-06-23samr: add samr_UserInfoLevel and samr_DomainInfoClass enums based on MS-SAMR.Günther Deschner1-7/+51
Guenther
2009-06-22s3: forward MSG_DEBUG from smbd parent to all childrenAravind Srinivasan5-15/+63
Before 3.3, an smbcontrol debug message sent to the target "smbd" would actually be sent to all running processes including nmbd and winbindd. This behavior was changed in 3.3 so that the "smbd" target would only send a message to the process found in smbd.pid, while the "all" target would send a message to all processes. The ability to set the debug level of all processes within a single daemon, without specifying each pid is quite useful. This was implemented in winbindd in 065760ed. This patch does the same thing for smbd. Upon receiving a MSG_DEBUG the parent smbd will rebroadcast it to all of its children. The printing process has been added to the list of smbd child processes, and we now always track the number of smbd children regardless of the "max smbd processes" setting.
2009-06-22s3-libnet: fix libnet_unjoin_remove_machine_acct() when called without ads ↵Günther Deschner1-1/+7
struct. Guenther
2009-06-20Add tldap paged searches, together with two helper routinesVolker Lendecke4-0/+345
2009-06-20Reorganize retrieving errors and server-sent controlsVolker Lendecke3-93/+72
This attaches the data to the tldap_message instead of the tevent_req. It adds tldap_ctx_lastmsg() to retrieve the last message for the users of the sync wrappers.
2009-06-20Move asn1_load_nocopy() to lib/util/asn1.cVolker Lendecke3-7/+11
2009-06-20Move asn1_blob() to lib/util/asn1.cVolker Lendecke3-13/+17
2009-06-20Add tldap_supports_controlVolker Lendecke2-0/+12
2009-06-20Add tldap_entry_has_attrvalueVolker Lendecke2-0/+22
2009-06-20tldap control supportVolker Lendecke2-9/+128
2009-06-20Prepare control supportVolker Lendecke4-58/+90
We will have arrays of controls passed to tldap.c. Follow a mantra from the classic book "Thinking Forth" by Leo Brodie: Favor counts over terminators :-) This makes the parameter lists to tldap pretty long, but everyone will have wrapper routines anyway, see for example tldap_search_fmt. And the OpenLDAP manpages call the non-_ext routines deprecated, probably for a reason.
2009-06-20Fix setting passwords in pdb_adsVolker Lendecke1-6/+7
The samba4 password_hash module does not allow changing the password fields via the "delete oldval" -> "add newval" set of modify operations, it requires a single "replace with newval" operation. Andrew, Samba3 by default uses that delete/add pair to detect if between fetching the old value and storing the new one the old value has changed. This is lost by using the "replace" operation. Would it make sense to add this to the password_hash module? Volker
2009-06-20Fix empty linesVolker Lendecke1-3/+0
2009-06-20talloc_tos() aborts if it can not get a stackframeVolker Lendecke1-3/+0
2009-06-19Fix coverity #729. Resource leak in error path.Jeremy Allison1-1/+4
Jeremy.
2009-06-19Fix coverity #740. Resource leak in error paths. We shouldJeremy Allison1-3/+2
always return queue here as the caller will free. Jeremy.
2009-06-19Fix coverity #900. Resource leak.Jeremy Allison1-0/+5
Jeremy.
2009-06-19Fix coverity #920. Possible NULL deref.Jeremy Allison1-0/+4
Jeremy.
2009-06-19Fix coverity #676. Forward NULL.Jeremy Allison1-0/+6
Jeremy.
2009-06-19s3: fix make test with external libtalloc or libtdb.Michael Adam1-4/+13
This skips the talloctort and tdbtorture tests when the corresponding binaries are not present. There might be more clever ways of detecting wether samba has been linked with internal or external libraries, but as a first approximation, this seems valid. Michael
2009-06-19s3:build: build talloctort only when using the internal liballocMichael Adam2-3/+8
Fixes the build with the external libtalloc. And is the reasonable thing to do anyways. Michael
2009-06-19s3:build: build the tdb tools only when using the internal libtdbMichael Adam2-4/+18
This fixes the build when internal libtdb is used. Michael
2009-06-19s3:build: remove LIBTDB_OBJ from TDBTORTURE_OBJ collectionMichael Adam1-1/+1
tdbtorture is linked with LIBTDB_LIBS, which is whatever configure has determined to be (-ltdb or LIBTDB_OBJ ...). Michael
2009-06-19s3:build: check for availability of external libtdb and use it if availableMichael Adam1-18/+34
Link internal libtalloc statiaclly if extenal libtalloc is not found or does not have appropriate version. Michael
2009-06-19s3:build: link libtalloc statically if using internal libtallocMichael Adam1-0/+1
Michael
2009-06-19Don't require "Modify property" perms to unjoin bug #6481)Jim McDonough6-18/+50
"net ads leave" stopped working when "modify properties" permissions were not granted (meaning you had to be allowed to disable the account that you were about to delete). Libnetapi should not delete machine accounts, as this does not happen on win32. The WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE flag really means "disable" (both in practice and docs). However, to keep the functionality in "net ads leave", we will still try to do the delete. If this fails, we try to do the disable. Additionally, it is possible in windows to not disable or delete the account, but just tell the local machine that it is no longer in the account. libnet can now do this as well.
2009-06-19Add a missing talloc_move() in tldap_search_recvVolker Lendecke1-1/+1
2009-06-19Fix Coverity IDs 922 and 933Volker Lendecke2-3/+6
In copy_internals(), if the !CAN_WRITE(conn) kicks in, we end up dereferencing a NULL smb_filename. This adds a simple protection around it. Tim, please check! Volker
2009-06-19s3/docs: Fix typo.Karolin Seeger1-1/+1
This fixes bug #6412. Thanks to Carsten Dumke <carsten [at] cdumke.de> for reporting! Karolin
2009-06-19Add tiny tldap testVolker Lendecke2-1/+37
2009-06-19Add tldap_fetch_rootdseVolker Lendecke2-0/+138
2009-06-19Make tevent_req_is_ldap_error publicVolker Lendecke2-1/+3
2009-06-19Add tldap_context_[gs]etattrVolker Lendecke2-0/+81
This adds the ability to attach extended information to a tldap_context. This will become useful once we start to do automatic reconnects for example, a callback function might want attach a pointer to credentials so that it can rebind. The initial user of this will be a cached rootdse, so that things like the ability to do paged searches can be cached.
2009-06-19s3:dmapi: prefer dmapi libs from gpfs over system libsBjörn Jacke1-4/+4
Patch from William Jojo sent to samba-technical: This is based on some pain felt when building 32-bit and 64-bit Clustered Samba on AIX with GPFS support. Part of the problem lies in AIX only providing 32-bit shared object in libxdsm.a(shr.o). So without libdmapi.a from gpfs.base, you get no DMAPI support under 64-bit.
2009-06-19s4-smbtorture: fix test_GetInfoLevel crash bug in RPC-DFS.Günther Deschner1-0/+2
Guenther
2009-06-19Merge branch 'master' of ssh://git.samba.org/data/git/samba into master-develAndrew Bartlett2-0/+287
2009-06-19Allow developers access the the privilaged ldapi socket for the momentAndrew Bartlett1-0/+4
This allows us some time to get the EXTERNAL bind working
2009-06-19On our way to alpha9!Andrew Bartlett1-2/+2
2009-06-19Mark as release versionAndrew Bartlett1-1/+1
2009-06-19Partially revert restriction of socket_wrapper to 1500 byte writesAndrew Bartlett1-10/+32
This keeps the restriction for stream sockets (where the caller will retry), without creating problems on datagram sockets (CLDAP is not defined, as far as I know, across multiple UDP packets). The commit adding this restriction was 47b106c0ae8b91c9cccfc21bf8e4e416b1abfd5d Andrew Bartlett
2009-06-19s4:ldapsrv Place the 'privilaged' ldapi socket under an #ifdefAndrew Bartlett1-1/+11
This makes it clear to our users that this particular implementation isn't final (all parties are agreed that an EXTERNAL bind is the right way to do this, but it has not been implemented yet). Andrew Bartlett
2009-06-19added some basic documentation for the idmap script optionAndrew Tridgell1-0/+168
2009-06-19added a sample script for the "idmap script" optionAndrew Tridgell1-0/+119
2009-06-19Partially revert restriction of socket_wrapper to 1500 byte writesAndrew Bartlett1-10/+32
This keeps the restriction for stream sockets (where the caller will retry), without creating problems on datagram sockets (CLDAP is not defined, as far as I know, across multiple UDP packets). The commit adding this restriction was 47b106c0ae8b91c9cccfc21bf8e4e416b1abfd5d Andrew Bartlett
2009-06-19s4:ldb Add test for integer normalisation behaviourAndrew Bartlett1-0/+17
This uses groupType as the example, but this actually applies to all integer types in AD. Andrew Bartlett