samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2010-11-17	s4-heimdal: implement KERB_AP_ERR_TYPE_SKEW_RECOVERY	Andrew Tridgell	1	-1/+5
	this e_data field in a kerberos error packet tells windows to do clock skew recovery. See [MS-KILE] 2.2.1 KERB-ERROR-DATA Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-17	s4-gensec: zero the gssapi_state	Andrew Tridgell	1	-1/+1
	this fixes a use of the target_principal before initialisation Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-17	s4-provision: use the command line lp in provision	Andrew Tridgell	1	-1/+1
	this ensures that provision options are stored in the generated smb.conf
2010-11-17	s4-provision: add log messages about IP lookup	Andrew Tridgell	1	-0/+2
	the IPv6 lookup can be very slow if a DNS server in the search list is unavailable. It's good to let the user know what its doing.
2010-11-17	s4-dns: catch more expections in samba_dnsupdate	Andrew Tridgell	1	-1/+5

2010-11-17	s3: Remove a reference to "winbindd_cli_state" from append_auth_data	Volker Lendecke	1	-13/+14
	Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Nov 17 12:02:34 UTC 2010 on sn-devel-104
2010-11-17	s3: Remove a reference to "winbindd_cli_state" from append_info3_as_txt	Volker Lendecke	1	-28/+29

2010-11-17	s3: Remove a reference to "winbindd_cli_state" from append_afs_token	Volker Lendecke	1	-8/+6

2010-11-17	s3: Remove a reference to "winbindd_cli_state" from append_info3_as_ndr	Volker Lendecke	1	-4/+5

2010-11-17	s3: Remove a reference to "winbindd_cli_state" from append_unix_username	Volker Lendecke	1	-6/+6

2010-11-17	s3: Remove a reference to "winbindd_cli_state" from append_auth_data	Volker Lendecke	1	-11/+11

2010-11-17	"bool ? true : false" is a bit pointless	Volker Lendecke	1	-2/+1

2010-11-17	s3: Move parse_sidlist to the only calling file	Volker Lendecke	3	-44/+42

2010-11-17	s3: Remove some unused code	Volker Lendecke	2	-23/+0

2010-11-17	ldb:ldb_dn.c - ldb_dn_explode - free also the extended components on error cases	Matthias Dieter Wallnöfer	1	-1/+4
	Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Wed Nov 17 08:45:53 UTC 2010 on sn-devel-104
2010-11-17	tevent: Fix docstring, tevent_req_is_in_progress does not destroy private data	Kai Blin	1	-2/+0
	Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Nov 17 07:23:51 UTC 2010 on sn-devel-104
2010-11-17	s4-test: added testing of w2k3 DC join to test-howto.py	Andrew Tridgell	2	-19/+105
	Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Nov 17 01:16:19 UTC 2010 on sn-devel-104
2010-11-17	s4-join: fixed join to w2k3	Andrew Tridgell	1	-1/+1
	w2k3 does need msDS-Behavior-Version
2010-11-17	s4-join: show a reasonable error on DsAddEntry() failing	Andrew Tridgell	1	-1/+6
	DsAddEntry() gives errors in a reply container
2010-11-17	s4-join: enable NDR printing at debug levels >= 5	Andrew Tridgell	1	-2/+9
	this is handy for debugging joins
2010-11-17	s4-loadparm: set debuglevel and logfile in tables	Andrew Tridgell	1	-0/+5
	this allows the debug level and logfile to be queried from python using lp.get(). Otheriwse they are set only in the globals, and not in the tables.
2010-11-17	s4-loadparm: fixed a memory leak in handle_realm()	Andrew Tridgell	1	-0/+3
	we need to free the lowercase and uppercase varients
2010-11-16	s4-kdc Rework supported encryption type logic to match Microsoft	Andrew Bartlett	1	-37/+16
	Thanks to Hongwei Sun for the clear description of the algorithim involved. Importantly, it isn't possible to remove encryption types from the list, only to add them over the defaults (DES and arcfour-hmac-md5, and additional AES for DCs and RODCs). This changes the behaviour for entries with msDS-supportedEncryptionTypes: 0, which Angelos Oikonomopoulos reported finding set by ADUC when attempting to store cleartext passwords. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Nov 16 21:24:43 UTC 2010 on sn-devel-104
2010-11-16	s4:acl LDB module - use also here "dsdb_find_nc_root" to implement the ↵	Matthias Dieter Wallnöfer	1	-28/+57
	NC-specific checks Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Nov 16 15:12:13 UTC 2010 on sn-devel-104
2010-11-16	s4:descriptor LDB module - also "get_default_ag" should make use of ↵	Matthias Dieter Wallnöfer	1	-12/+12
	"dsdb_find_nc_root"
2010-11-16	s4:descriptor LDB module - handle the NCs in a more generic way by using ↵	Matthias Dieter Wallnöfer	1	-10/+22
	"dsdb_find_nc_root"
2010-11-16	s4:"dsdb_find_nc_root" - let it work also when the "namingContexts" ↵	Matthias Dieter Wallnöfer	1	-8/+34
	attribute isn't available yet This is needed on provisioning when the modules aren't set up yet.
2010-11-16	s4:descriptor LDB module - make more clear that special control entries ↵	Matthias Dieter Wallnöfer	1	-0/+7
	never should be handled by modules
2010-11-16	s4:objectclass LDB module - the "olddn" is the special DN for rename requests	Matthias Dieter Wallnöfer	1	-1/+1

2010-11-16	s4-schema_load: Don't clean in_transaction flag until transaction is really ↵	Kamen Mazdrashki	1	-7/+6
	finished Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Tue Nov 16 11:00:35 UTC 2010 on sn-devel-104
2010-11-16	s4:subtree_rename LDB module - make use of "dsdb_find_nc_root"	Matthias Dieter Wallnöfer	1	-22/+27
	This is exactly what's needed there. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Nov 16 08:42:07 UTC 2010 on sn-devel-104
2010-11-16	s4:objectclass LDB module - free "nc_root" after name context comparisons	Matthias Dieter Wallnöfer	1	-0/+2

2010-11-16	s4-test: fixes for test-howto.py	Andrew Tridgell	2	-25/+36
	this fixes some timing issues, plus ensures we test both with and without kerberos Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Nov 16 07:58:55 UTC 2010 on sn-devel-104
2010-11-16	s4-spoolss: fixed warning in call to torture_warning()	Andrew Tridgell	1	-2/+2

2010-11-16	s4-eventlog: fixed dcerpc handle return	Andrew Tridgell	1	-4/+12

2010-11-16	samba-tool Add test for --store-plaintext	Andrew Bartlett	1	-1/+1
	Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Nov 16 06:29:04 UTC 2010 on sn-devel-104
2010-11-16	Update dcerpc_server.pc library name to match reality.	Brad Hards	1	-1/+1

2010-11-16	samba-tool pwsettings Allow setting 'store cleartext'	Andrew Bartlett	1	-2/+17
	This allows the 'store cleartext' password policy flag to be (un)set. Andrew Bartlett
2010-11-16	s4-ldif_handlers Add handler for printing supplementalCredentials	Andrew Bartlett	2	-1/+24

2010-11-16	s4-test_kinit Add tests for lowercase realm combinations	Andrew Bartlett	1	-0/+4
	This tests that the handling of lowercase realms works in our KDC and libraries. Andrew Bartlett
2010-11-16	heimdal Build ticket with the canonical server name	Andrew Bartlett	1	-1/+1
	We need to use the name that the HDB entry returned, otherwise we will not canonicalise the reply as requested. Andrew Bartlett
2010-11-16	s4-kdc Fix the realm handling again, this time pay attention to the flags	Andrew Bartlett	1	-20/+20
	The KDC sets different flags for the AS-REQ (this is client-depenent) and the TGS-REQ to determine if the realm should be forced to the canonical value. If we do this always, or do this never, we get into trouble, so it's much better to honour the flags we are given. Andrew Bartlett
2010-11-16	s4-kdc use 'flags' to only create the 'admin data' elements when requested	Andrew Bartlett	1	-15/+19
	This avoids setting these values when the caller simply does not care Andrew Bartlett
2010-11-16	s4-kdc Add 'flags' parameter to db fetch calls	Andrew Bartlett	1	-8/+35
	This will allow these calls to honour the flags passed in from the KDC Andrew Bartlett
2010-11-16	waf: added --git-local-changes configure option	Andrew Tridgell	5	-29/+38
	if you use --git-local-changes then the version number that waf extracts from git will have a '+' on the end if you have local changes, as determined by running 'git diff'. This used to be the default, but unfortunately it is far too slow on some systems. On a NFS build system I was using the first line of configure took about 2 minutes. Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Nov 16 01:51:54 UTC 2010 on sn-devel-104
2010-11-15	s4-kdc Don't regenerate the PAC for cross-realm tickets	Andrew Bartlett	1	-0/+3
	We should never get a cross-realm ticket that was not issued by a full DC, but if someone claims to have such a thing, reject it rather than segfaulting on the NULL client pointer. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Mon Nov 15 23:59:34 UTC 2010 on sn-devel-104
2010-11-15	s4-kdc Don't always regenerate the PAC	Andrew Bartlett	1	-2/+4
	The PAC was being regenerated on all normal DCs, because they don't have a msDS-SecondaryKrbTgtNumber attribute. Instead we need to check if it's set and not equal to our RODC number, allowing RODCs to trust the full DCs and itself, but not other RODCs. Andrew Bartlett
2010-11-15	heimdal Fetch the client before the PAC check, but after obtaining krbtgt_out	Andrew Bartlett	1	-31/+30
	By checking the client principal here, we compare the realm based on the normalised realm, but do so early enough to validate the PAC (and regenerate it if required). Andrew Bartlett
2010-11-15	s4-gensec Indicate if GENSEC is in client or server mode in the debug	Andrew Bartlett	1	-2/+4

2010-11-15	s4:heimdal - fix the return code of a non-void function	Matthias Dieter Wallnöfer	1	-0/+2
	Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 15 23:14:57 UTC 2010 on sn-devel-104