Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2009-07-17 | s3-lsa: add (not yet activate) level specific access checks for ↵ | Günther Deschner | 1 | -0/+42 | |
_lsa_QueryInfoPolicy. Guenther | |||||
2009-07-17 | s3-lsa: also implement level 13 in lsa_QueryInfoPolicy. | Günther Deschner | 1 | -19/+24 | |
Guenther | |||||
2009-07-17 | s3-lsa: Fix policy handle memleak and handle type check in _lsa_DeleteObject(). | Günther Deschner | 1 | -4/+14 | |
Guenther | |||||
2009-07-17 | s3-rpcclient: add LSA storeprivatedata command. | Günther Deschner | 1 | -0/+56 | |
Guenther | |||||
2009-07-17 | s3-rpcclient: add LSA retrieveprivatedata command. | Günther Deschner | 1 | -0/+60 | |
Guenther | |||||
2009-07-17 | s3-rpcclient: add LSA setsecret command. | Günther Deschner | 1 | -0/+71 | |
Guenther | |||||
2009-07-17 | s3-rpcclient: add LSA querysecret command. | Günther Deschner | 1 | -0/+86 | |
Guenther | |||||
2009-07-17 | s3-rpcclient: add LSA deletesecret command. | Günther Deschner | 1 | -0/+50 | |
Guenther | |||||
2009-07-17 | s3-rpcclient: add LSA createsecret command. | Günther Deschner | 1 | -0/+43 | |
Guenther | |||||
2009-07-17 | lsa: fill in lsa_StorePrivateData and lsa_RetrievePrivateData and rerun make ↵ | Günther Deschner | 6 | -7/+214 | |
samba3-idl. Guenther | |||||
2009-07-18 | s3: compile warning and upn handling | Bo Yang | 3 | -14/+31 | |
Signed-off-by: Bo Yang <boyang@samba.org> | |||||
2009-07-18 | s3: don't do this, upper callbacks will check it | Bo Yang | 1 | -4/+0 | |
Signed-off-by: Bo Yang <boyang@samba.org> | |||||
2009-07-18 | s3: Fix crsh in net usershare list | Bo Yang | 1 | -0/+1 | |
Signed-off-by: Bo Yang <boyang@samba.org> | |||||
2009-07-16 | More conversions of NULL -> talloc_autofree_context() | Jeremy Allison | 3 | -19/+24 | |
so we at least know when we're using a long-lived context. Jeremy. | |||||
2009-07-16 | Replace more long-lived contexts with talloc_autofree_context(). | Jeremy Allison | 2 | -2/+2 | |
Jeremy. | |||||
2009-07-16 | Replace short-lived NULL talloc contexts with talloc_tos(). | Jeremy Allison | 3 | -22/+22 | |
Jeremy. | |||||
2009-07-16 | Remove an unused talloc context. | Jeremy Allison | 1 | -8/+2 | |
Jeremy. | |||||
2009-07-17 | Revert "s4:heimdal_build: predefine GSSAPI_DEPRECATED depending on the ↵ | Andrew Bartlett | 1 | -8/+0 | |
compiler version" This is now handled correctly in the newly imported Heimdal This reverts commit 4a754d029b0eb229b23980aa4a80dae2b485a302. | |||||
2009-07-17 | s4:heimdal: import lorikeet-heimdal-200907162216 (commit ↵ | Andrew Bartlett | 6 | -23/+60 | |
d09910d6803aad96b52ee626327ee55b14ea0de8) This includes in particular changes to the KDC to resolve bug 6272, originally by Matthieu Patou <mat+Informatique.Samba@matws.net>. We need to sort the AuthorizationData elements to put the PAC first, or else WinXP breaks when browsed from Win2k8. Andrew Bartlett | |||||
2009-07-17 | s4:kdc Rework KDC to pull in less attributes for krbtgt lookups | Andrew Bartlett | 3 | -31/+62 | |
Each attribute we request from LDB comes with a small cost, so don't lookup any more than we must for the (very) frequent krbtgt lookup case. Similarly, we don't need to build a PAC for a server (as a target), so don't ask for the PAC attributes here either. Andrew Bartlett | |||||
2009-07-17 | s4:kdc rename functions from LDB_ to hdb_samba4 | Andrew Bartlett | 1 | -71/+71 | |
The LDB_ prefix is misleading, and stomps on the LDB namespace. This is a Samba4 hdb module, and not something generic. Andrew Bartlett | |||||
2009-07-17 | Revert "fix LSA-PRIVILEGES" | Günther Deschner | 1 | -3/+2 | |
This reverts commit 0d9fdbceedddb08dbea8ed84e06a218d3ec562f4. | |||||
2009-07-17 | Revert "fix LSA-TRUSTED-DOMAINS" | Günther Deschner | 1 | -3/+2 | |
This reverts commit 3c9b26276083002124674678ac757e859fb6b20e. | |||||
2009-07-17 | s4-smbtorture: use secinfo flags instead of numbers in lsa test. | Günther Deschner | 1 | -1/+3 | |
Guenther | |||||
2009-07-17 | s3-lsa: Fix pointless check for sec_info flags in _lsa_QuerySecurity(). | Günther Deschner | 1 | -13/+3 | |
Guenther | |||||
2009-07-17 | s3-lsa: implement _lsa_LookupPrivName(). | Günther Deschner | 1 | -6/+45 | |
Guenther | |||||
2009-07-17 | s3-lsa: implement _lsa_EnumAccountsWithUserRight(). | Günther Deschner | 1 | -6/+57 | |
Guenther | |||||
2009-07-16 | Tidyup prompted by #6554 - Wrong deallocation in sam_account_ok. | Jeremy Allison | 1 | -2/+3 | |
Jeremy. | |||||
2009-07-16 | s4:heimdal_build: predefine GSSAPI_DEPRECATED depending on the compiler version | Stefan Metzmacher | 1 | -0/+8 | |
Otherwise heimdal/lib/gssapi/gssapi/gssapi.h will just define it to __attribute__ ((deprecated)) which is not supported by all compilers we care about. This should fix the build on Tru64 metze | |||||
2009-07-16 | s4:heimdal_build: try to fix the build on systems without ifaddrs.h | Stefan Metzmacher | 2 | -0/+10 | |
metze | |||||
2009-07-16 | tevent: try to fix the build on QNX qnx18 6.4.1 it doesn't have SA_RESTART ↵ | Stefan Metzmacher | 1 | -1/+11 | |
defined metze | |||||
2009-07-16 | s4:heimdal_build: tell heimdal we have inet_aton() | Stefan Metzmacher | 1 | -0/+4 | |
This should fix problems on Solaris. metze | |||||
2009-07-16 | s4-smbtorture: use torture_comment in RPC-LSA tests. | Günther Deschner | 1 | -204/+204 | |
Guenther | |||||
2009-07-16 | fix LSA-PRIVILEGES | Günther Deschner | 1 | -2/+3 | |
2009-07-16 | fix LSA-TRUSTED-DOMAINS | Günther Deschner | 1 | -2/+3 | |
2009-07-16 | s4-smbtorture: move all privilege tests to RPC-LSA-PRIVILEGES. | Günther Deschner | 2 | -12/+54 | |
Guenther | |||||
2009-07-16 | s4-smbtorture: move all trusted domain tests to RPC-LSA-TRUSTED-DOMAINS. | Günther Deschner | 2 | -7/+49 | |
Guenther | |||||
2009-07-16 | s4:heimdal_build: try to fix the build on Solaris | Stefan Metzmacher | 1 | -0/+1 | |
The problem seems to be #define flock rk_flock heimdal/../heimdal_build/replace.c: In function `rk_flock': heimdal/../heimdal_build/replace.c:64: error: storage size of 'lock' isn't known heimdal/../heimdal_build/replace.c:64: warning: unused variable `lock' metze | |||||
2009-07-16 | tsocket: rename sa_len => sa_socklen, because sa_len is a macro on some ↵ | Stefan Metzmacher | 1 | -21/+21 | |
platforms metze | |||||
2009-07-16 | s4:kdc Initialise new hdb function pointers. | Andrew Bartlett | 1 | -0/+3 | |
Soon we will add implementations for these. | |||||
2009-07-16 | s4:heimdal: import lorikeet-heimdal-200907152325 (commit ↵ | Andrew Bartlett | 67 | -590/+1210 | |
2bef9cd5378c01e9c2a74d6221761883bd11a5c5) | |||||
2009-07-16 | lsa: fix typo in lsa_TrustDomInfoEnum enum in IDL. | Günther Deschner | 4 | -12/+12 | |
Guenther | |||||
2009-07-16 | s3-ldapsam: bring Fedora DS LDAP schema in line with OpenLDAP schema. | Günther Deschner | 1 | -0/+8 | |
Guenther | |||||
2009-07-16 | s3-rpc_parse: remove more unused code. | Günther Deschner | 2 | -334/+0 | |
Guenther | |||||
2009-07-16 | s3-spoolss: make some of the command hooks static. | Günther Deschner | 2 | -6/+3 | |
Guenther | |||||
2009-07-16 | s4-smbtorture: some work on getprinterdriver and getprinterdriver2 tests. | Günther Deschner | 1 | -23/+46 | |
Guenther | |||||
2009-07-16 | s4:gensec Rework gensec_krb5 mutual authentication defaults | Andrew Bartlett | 1 | -24/+28 | |
When emulating Samba3 (which we do to ensure we don't break compatability), don't do mutual authentication by default, as it breaks the session key with AES and isn't what Samba3 does anyway. Andrew Bartlett | |||||
2009-07-16 | s4:heimdal The implied GSS_C_MUTUAL_FLAG depends on AP_OPTS_MUTUAL_REQUIRED | Andrew Bartlett | 1 | -1/+4 | |
We had previously assumed it was unconditional. Samba3 didn't mind very much, but Samba4's samba3-like client did, and the behaviour differed to Win2008 behaviour. Andrew Bartlett | |||||
2009-07-16 | s4:gensec Allow mutual auth to be turned off in 'fake_gssapi_krb5' | Andrew Bartlett | 1 | -5/+15 | |
This allows the older 'like Samba3' GENSEC krb5 implementation to work against Windows 2008. I'm using this to track down interop issues in this area. Andrew Bartlett | |||||
2009-07-16 | s4:dsdb Handle dc/domain/forest functional levels properly | Andrew Bartlett | 9 | -21/+174 | |
Rather than have the functional levels scattered in 4 different, unconnected locations, the provision script now sets it, and the rootdse module maintains it's copy only as a cached view onto the original values. We also use the functional level to determine if we should store AES Kerberos keys. Andrew Bartlett |