summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-06-29Revert "s4/auth: Fixed authsam_expand_nested_groups() to find entry SID if ↵Matthias Dieter Wallnöfer1-21/+4
not available in the DN." This reverts commit fa9557fee3ca546878d99b77f1ff37f724c37024. See post "Endi's Bug 7530 patches (LDAP backend)" on samba-technical.
2010-06-29s4-smbtorture: add NDR torture test for winreg_QueryMultipleValues2.Günther Deschner1-0/+47
Guenther
2010-06-29s4-smbtorture: add RPC torture test for winreg_QueryMultipleValues2.Günther Deschner1-0/+41
Guenther
2010-06-29winreg: fix winreg_QueryMultipleValues2 IDL.Günther Deschner1-4/+5
Guenther
2010-06-29winreg: fix winreg_QueryMultipleValues() IDL and torture tests.Günther Deschner3-29/+30
Guenther
2010-06-29s3-client: Make sure we only write to an opened file.Andreas Schneider1-4/+10
Found by clang-analyzer.
2010-06-29s3-winbind: Make sure we crash if domain is really not found.Andreas Schneider1-1/+1
Found by clang-analyzer.
2010-06-29s3-net: Make sure we don't call free on garbage.Andreas Schneider1-1/+1
Found by clang-analyzer.
2010-06-29s3-net: Use talloc_asprintf and return if file is in wrong format.Andreas Schneider1-19/+16
Found by clang-analyzer.
2010-06-29s3-librpc: Fixed GUID_from_data_blob() with length of 32.Andreas Schneider1-5/+5
If we hit the case that the blob length is 32. The code goes to the end of the function and generates a GUID with garbage. So try to convert the blob to the GUID and return.
2010-06-29Fixed incorrect use of cn instead of lDAPDisplayNameNadezhda Ivanova1-2/+2
2010-06-29s4:secrets Ensure secrets.ldb uses the same hooks as the rest of SambaAndrew Bartlett2-46/+13
This ensures that, for example, the utf8 functions are the same, the GUID handler is the same and the NOSYNC flag is applied. Andrew Bartlett
2010-06-29s4:selftest Split out PKINIT tests from test_kinit.sh and test enc typesAndrew Bartlett3-15/+83
This allows us to run the PKINIT tests only against the main DC (for which the certificates were generated), while testing the available encryption types in each functional level. In particular, we need to assert that AES encryption is available in the 2008 functional level. Andrew Bartlett
2010-06-29s4:kdc Rework the 'allowed enc types' calculationAndrew Bartlett1-41/+35
This changes the calculation to apply the allowed enc types to all uses of the key (no point allowing a weak kinit to a key the server wanted strongly protected). It also ensures that all the non-DES keys are available on the krbtgt in particular, even as it does not have a msds-SupportedEncryptionTypes attributes. Andrew Bartlett
2010-06-29s4:auth Query LDB for msds-SupportedEncryptionTypes for the KDCAndrew Bartlett1-0/+1
The KDC needs this to determine what encryption types an entry supports Andrew Bartlett
2010-06-29s4:kerberos Add functions to convert msDS-SupportedEncryptionTypesAndrew Bartlett2-0/+60
This will allow us to interpret this attibute broadly in Samba. Andrew Bartlett
2010-06-29s4:libnet_join Fix typo in msDS-SupportedEncryptionTypesAndrew Bartlett1-1/+1
2010-06-29s4:provision Add an msDS-SupportedEncryptionTypes entry to our DCAndrew Bartlett3-2/+35
This ensures that our DC will use all the available encyption types. (The KDC reads this entry to determine what the server supports) Andrew Bartlett
2010-06-29build: only use git when found by configureAndrew Tridgell3-17/+35
this rebuilds version.h whenever the git version changes, so we always get the right version with samba -V. That adds about 15s to the build time on each git commit, which shouldn't be too onerous
2010-06-29build: allow LOAD_ENVIRONMENT() to pass when no configure has been runAndrew Tridgell1-2/+5
this returns an empty environment
2010-06-29build: allow always=True/False on SAMBA_GENERATOR()Andrew Tridgell1-1/+5
this allows us to force a rule to always run. Will be used by samba_version Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-29s4/repl_meta_data: remove duplicated (and commented out) logKamen Mazdrashki1-6/+0
2010-06-29s4/ndr: Fix tuncating of constant to a 'long' typeKamen Mazdrashki1-2/+2
2010-06-28s4:lib/registry/ldb.c - add a missing braceMatthias Dieter Wallnöfer1-1/+1
Sorry didn't check that earlier.
2010-06-28s4:lib/registry/ldb.c - fix memory handling in "ldb_open_key"Matthias Dieter Wallnöfer1-1/+4
2010-06-28s4:lib/ldb/registry.c - handle the classname in the right wayMatthias Dieter Wallnöfer1-1/+8
This is for "ldb_get_key_info".
2010-06-28s4:lib/registry/ldb.c - remove really useless "local_ctx"Matthias Dieter Wallnöfer1-8/+2
"mem_ctx" should fit for these few local allocations.
2010-06-28s4:lib/registry/ldb.c - retrieve the classname correctly in ↵Matthias Dieter Wallnöfer1-7/+6
"ldb_get_subkey_by_id"
2010-06-28s4:lib/registry/ldb.c - change the "ldb_get_value" implementation to use the ↵Matthias Dieter Wallnöfer1-20/+17
value cache and not an LDB lookup In addition this fixes the use of special characters in registry object names.
2010-06-28 s3: Change exit on immediate socket failure.Ira Cooper1-4/+4
This change makes it so socket errors early in the smbd child process cause orderly exits not coredumps. Signed-off-by: Jeremy Allison <jra@samba.org>
2010-06-28s4:auth/sam.c - "authsam_expand_nested_groups" - small performance improvementMatthias Dieter Wallnöfer1-3/+7
We can save one search operation if "only_childs" is false and when we had no SID passed as extended DN component.
2010-06-28s4:auth/sam.c - "authsam_expand_nested_groups" - cosmetic/commentsMatthias Dieter Wallnöfer1-9/+11
2010-06-28s4:auth/sam.c - "authsam_expand_nested_groups" - use "dsdb_search_dn" where ↵Matthias Dieter Wallnöfer1-3/+11
possible And always catch LDB errors
2010-06-28selftest: Remove accidentally committed dummy test.Jelmer Vernooij1-1/+0
2010-06-28s4/spnupdate: Fixed spnupdate to use secrets credentials when accessing SamDB.Endi S. Dewata1-3/+30
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-06-28s4/libcli: Register LDB_CONTROL_REVEAL_INTERNALS and ↵Endi S. Dewata1-0/+4
DSDB_CONTROL_PASSWORD_CHANGE_STATUS_OID controls. Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-06-28s4/dsdb: Fixed partition_search() not to pass special DN's to LDAP backend.Endi S. Dewata1-6/+8
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-06-28s4/auth: Fixed authsam_expand_nested_groups() to find entry SID if not ↵Endi S. Dewata1-1/+8
available in the DN. Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-06-28s3: Make some routines static in smbldapVolker Lendecke2-4/+2
2010-06-28s4:repl_meta_data LDB module - fix counter typeMatthias Dieter Wallnöfer1-1/+1
2010-06-28s4:acl LDB module - fix counter typeMatthias Dieter Wallnöfer1-1/+2
2010-06-28s4:dcesrv_drsuapi.c - fix a counter variableMatthias Dieter Wallnöfer1-2/+1
2010-06-28s4:selftest - also "rpc.samr.users.privileges" does work nowMatthias Dieter Wallnöfer1-1/+0
2010-06-28s4:lsa RPC server - Fix up "dcesrv_lsa_DeleteObject"Matthias Dieter Wallnöfer1-3/+6
- Return always "NT_STATUS_OK" on success - Remove "talloc_free"s on handles since the frees are automatically performed by the DCE/RPC server code
2010-06-28s4:knownfail - "pwdLastSet" test does work nowMatthias Dieter Wallnöfer1-1/+0
2010-06-28s4:torture/rpc/samr.c - test_SetPassword_LastSet - introduce the delays also ↵Matthias Dieter Wallnöfer1-1/+2
for s4
2010-06-28s4:torture - SAMR password tests - activate support for password sets on ↵Matthias Dieter Wallnöfer1-22/+17
level "18" and "21"
2010-06-28s4:selftest - activate the lanman password changesMatthias Dieter Wallnöfer1-0/+1
This is needed for a working "OemChangePasswordUser2" operation.
2010-06-28s4:dcesrv_samr_SetUserInfo - implement right "pwdLastSet" behaviourMatthias Dieter Wallnöfer1-1/+72
Behaviour as the torture SAMR passwords tests show.
2010-06-28s4:dcesrv_samr_SetUserInfo - deny operations when "fields_present" is 0Matthias Dieter Wallnöfer1-0/+9
Taken from s3