summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-09-27s3-waf: convert AUTH into subsystem.Günther Deschner1-0/+59
Guenther
2010-09-26s4-ldbmodules: Added new module aclread to handle access checks on LDAP searchNadezhda Ivanova4-0/+327
It is currently enabled only if the request comes from the LDAP server, and is disabled by default. Use acl:search=true in smb.conf to enable it. It filters out all objects the user is not allowed to see, and all attributes the user does not have RP on. Extended access not supported yet.
2010-09-26s4-tests: Added tests for search checks on attributesNadezhda Ivanova2-5/+102
The ACL reach tests are in the knowfail because aclread module is not enabled by default
2010-09-26s4-tests: Removed search tests with anonymous credentials as they fail ↵Nadezhda Ivanova2-4/+4
againts Windows These tests will fail in make test as well if the acl_read module is enabled.
2010-09-26s4-dsdb: Added a function to check access on a particular object by its guidNadezhda Ivanova1-0/+37
Similar to dsdb_check_access_on_dn, only it searches by guid.
2010-09-26s4-dsdb: A helper to determine if an attribute is part of the search filterNadezhda Ivanova1-0/+46
2010-09-26s4-dsdb: Moved some helper functions to a separate fileNadezhda Ivanova5-222/+260
We need these to be accessible to the aclread module as well.
2010-09-26s4-ldap: Added a control to apply the access checks on read via LDAPNadezhda Ivanova3-0/+6
2010-09-26autobuild: use killbysubdir if availableAndrew Tridgell1-2/+4
this will reduce the spurious test output while processes are being killed
2010-09-26autobuild: exit immediately if no changes from masterAndrew Tridgell1-1/+9
we don't need to test master in autobuild
2010-09-26s3-waf: convert LIBGPO into a subsystem.Günther Deschner1-2/+5
Guenther
2010-09-26s3-waf: convert PLAINTEXT_AUTH, SLCACHE and DCUTIL into subsystems.Günther Deschner1-11/+19
Guenther
2010-09-26s3-vfs: fix the build of nfs4_acls.cGünther Deschner1-1/+2
Guenther
2010-09-26s3-waf: Link smbd against RPCECHO.Andreas Schneider1-1/+1
2010-09-26s3: Remove talloc_autofree_context() from nametouid()Volker Lendecke1-1/+1
pass is freed a few lines down
2010-09-26s3: Remove talloc_autofree_context() from guest_user_info()Volker Lendecke1-1/+2
pwd is freed a few lines down
2010-09-26s3: Remove talloc_autofree_context() from getpwnam_alloc()Volker Lendecke1-1/+1
This is given to the memcache a few lines down
2010-09-26s3: Remove talloc_autofree_context() from notify_internal_parent_init()Volker Lendecke3-6/+5
2010-09-26Fix bug #7698 - Assert causes smbd to panic on invalid NetBIOS session request.Jeremy Allison6-57/+134
Found by the CodeNomicon test suites at the SNIA plugfest. http://www.codenomicon.com/ If an invalid NetBIOS session request is received the code in name_len() in libsmb/nmblib.c can hit an assert. Re-write name_len() and name_extract() to use "buf/len" pairs and always limit reads. Jeremy.
2010-09-26s4:schannel: handle move flag combinations in the serverStefan Metzmacher1-13/+23
This fixes some testsuites in the CIFS plugfest. metze
2010-09-26s4-auth: fixed the SID list for DCs in the PACAndrew Tridgell4-29/+16
the S-1-5-9 SID is added in the PAC by the KDC, not on the server that receives the PAC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Sep 26 07:09:08 UTC 2010 on sn-devel-104
2010-09-26autobuild: fixed detection of master changesAndrew Tridgell1-3/+4
2010-09-26s3-selftest: added samba3.posix_s3.rap.printing as a knownfailAndrew Tridgell1-0/+1
this fails intermittently on sn-devel, Günther suggests adding this to knownfail for now
2010-09-26idl-pac: add a decoder for the pac info ctrAndrew Tridgell1-0/+4
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-26s4-drs: use the system sam_ctx for updaterefsAndrew Tridgell1-8/+9
this is needed for RODC clients calling updaterefs
2010-09-26s4-spn: don't try to do SPN updates as a RODCAndrew Tridgell1-0/+4
we don't have the permissions to do it
2010-09-26libcli/ldap: let ldap_full_packet() use asn1_peek_tag_needed_size()Stefan Metzmacher1-1/+1
This allows us to read a full packet without read byte after byte or possible read to much. metze
2010-09-26lib/util/asn1: add asn1_peek_tag_needed_size() and asn1_peek_full_tag()Stefan Metzmacher2-0/+85
We need a way to ask for the length of a tag without having the full buffer yet. metze
2010-09-26libcli/util: let tstream_read_pdu_blob_* cope with variable length headersStefan Metzmacher1-5/+13
metze
2010-09-26s4-kerberos Don't segfault if the password isn't specified in keytab generationAndrew Bartlett1-0/+7
Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Sun Sep 26 03:29:34 UTC 2010 on sn-devel-104
2010-09-26upgradeprovision: fix a typoMatthieu Patou1-1/+1
2010-09-26upgradeprovision: Fix a bug with renamed entriesMatthieu Patou1-2/+13
The SD was not refetched for renamed entries, resulting with a try to add an additional SD when there was already one.
2010-09-26upgradeprovision: fix a bug with not updated linksMatthieu Patou1-0/+1
2010-09-26s4 provision: start with gpo of version 0 and be consistent between ↵Matthieu Patou2-3/+3
different policies
2010-09-26s4 upgradeprovision: fix a bug with empty reference objectsMatthieu Patou1-1/+9
Thanks to lukas@eecs.qmul.ac.uk for poiting it to me
2010-09-26s4 upgradeprovision: Copy versionNumber if not present it helps to make gpo ↵Matthieu Patou1-3/+3
valid
2010-09-26s4 provision: Make GPO folder group writableMatthieu Patou1-3/+3
The group of this folder is domain administrator and it seems sensible that all domain administrators have the right to modify the gpo (they have it at the NT ACLs level ...)
2010-09-26s3: Remove talloc_autofree_context() from change_to_guest()Volker Lendecke1-1/+1
pass is freed at the exit of this routine
2010-09-26s3: Remove talloc_autofree_context() from swatVolker Lendecke1-2/+2
In both cases, pass is freed immediately
2010-09-26s3: Remove talloc_autofree_context() from smbpasswdVolker Lendecke1-2/+2
In both cases, pwd is freed immediately
2010-09-26s3: Remove talloc_autofree_context() from net_sam_provision()Volker Lendecke1-1/+1
2010-09-26s3: Remove talloc_autofree_context() from lookup_unix_user_name()Volker Lendecke1-1/+1
pwd is freed in this routine immediately
2010-09-26s3: Remove talloc_autofree_context() from pdb_init_ads()Volker Lendecke1-1/+1
2010-09-26s3: Remove two talloc_autofree_context() callsVolker Lendecke1-2/+2
Both allocated blobs are freed in their routines
2010-09-26s3: Remove talloc_autofree_context() from serverid_db()Volker Lendecke1-2/+2
If we needed an explicit tdb_close() in the destructor, we'd be hosed long ago.
2010-09-26s3: Remove talloc_autofree_context() from serverid_parent_init()Volker Lendecke3-5/+4
2010-09-26s3: Remove talloc_autofree_context() from messaging_tdb_parent_init()Volker Lendecke3-5/+4
2010-09-26s3: Remove talloc_autofree_context() from ctdb_read_req()Volker Lendecke1-1/+2
2010-09-26s3: Remove talloc_autofree_context() from get_root_nt_token()Volker Lendecke1-1/+1
The memcache_add_talloc() later on steals it anyway
2010-09-26upgradeprovision: use the same case for hostname in reference provision as ↵Matthieu Patou1-1/+1
in the current provision Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Sep 26 01:21:52 UTC 2010 on sn-devel-104
generated by cgit (git 2.34.1) at 2024-11-05 00:34:40 +0000