Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-09-30 | s3-spoolss: Fix servername/printername handling which turns out to be very ↵ | Günther Deschner | 6 | -141/+189 | |
important to get right. Guenther | |||||
2010-09-30 | s4-smbtorture: add new EnumPrinters test to test printername/servername | Günther Deschner | 1 | -13/+207 | |
behaviour in EnumPrinter and GetPrinter calls. Guenther | |||||
2010-09-29 | s4-samldb: also set a password on the krbtgt_NNNN account | Andrew Tridgell | 1 | -0/+11 | |
when we setup the krbtgt_NNNN account using the DCPROMO_OID control, we also need to set an initial password for this account Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-29 | s4-devel: added new options to getncchanges script | Andrew Tridgell | 1 | -9/+65 | |
added --pas, --dest-dsa and --replica-flags options Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> | |||||
2010-09-29 | s4-drs: implement PAS checks and access checks for getncchanges | Andrew Tridgell | 1 | -26/+130 | |
This implements partial attribute set checking on getncchanges. If the client sends a partial_attribute_set then we only return the specified attributes. This also implements access checking on the NC root for the access right GUIDs for requests with and without reveal secrets Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> | |||||
2010-09-29 | s4-drs: added drs_security_access_check_nc_root() | Andrew Tridgell | 2 | -12/+63 | |
this checks securiity on the NC root of the specified naming context | |||||
2010-09-29 | util: added BINARY_ARRAY_SEARCH_V() | Andrew Tridgell | 1 | -0/+16 | |
this is used to search an array of values | |||||
2010-09-29 | s4-sam: added DOMAIN_RID_ENTERPRISE_READONLY_DCS for RODCs in the PAC | Andrew Tridgell | 1 | -0/+16 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-29 | libds: added more UF_ -> ACB_ flags mappings | Andrew Tridgell | 2 | -2/+5 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> | |||||
2010-09-29 | midltests: add midltests-pipe-sync-ndr32-downgrade-02.idl | Stefan Metzmacher | 2 | -0/+3566 | |
metze | |||||
2010-09-29 | midltests: support for fragmented RPC traffic | Stefan Metzmacher | 1 | -5/+57 | |
metze | |||||
2010-09-29 | midltests: print out the alloc_hint for requests and responses | Stefan Metzmacher | 1 | -4/+4 | |
metze | |||||
2010-09-29 | midltests: improve NDR64 downgrade | Stefan Metzmacher | 1 | -4/+21 | |
metze | |||||
2010-09-29 | midltests: revert to a simple default midltests.idl | Stefan Metzmacher | 1 | -248/+3 | |
metze | |||||
2010-09-29 | s3-waf: add basic make test infrastructure, not able to test yet. | Günther Deschner | 3 | -0/+158 | |
Guenther | |||||
2010-09-29 | s3-waf: clean up socket-wrapper and nss-wrapper a little. | Günther Deschner | 1 | -15/+5 | |
Guenther | |||||
2010-09-29 | s3-waf: add vlp binary. | Günther Deschner | 1 | -0/+5 | |
Guenther | |||||
2010-09-29 | s4-spnupdate: when we are a RODC we need to use the WriteSPN DRS call | Andrew Tridgell | 1 | -10/+57 | |
we can't do SPN updates via sam writes and replication, as the sam is read-only | |||||
2010-09-29 | s4-drsutils: expose DsBind() call in drs_utils.py | Andrew Tridgell | 1 | -37/+38 | |
this will be used by samba_spnupdate | |||||
2010-09-29 | s4-kerberos: use TZ=GMT when we are invoking krb5 code in helpers | Andrew Tridgell | 2 | -0/+12 | |
Our helper scripts can fail on Fedora with the PDT timezone (Western USA). This is the same issue we found with Heimdal earlier today, the 24 second difference between GMT and UTC, but this time in MIT Kerberos as linked into bind9. By forcing TZ=GMT in these scripts we avoid the problem Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-29 | s4-rodc: RODC should not accept requests for role transfer | Nadezhda Ivanova | 1 | -0/+12 | |
A RODC cannot assume a role, and unwillingToPerform must be returned if such request is sent via LDAP | |||||
2010-09-28 | s4-provision: simplify our generated krb5.conf | Andrew Tridgell | 1 | -14/+1 | |
we don't want to force the KDC to be ourselves, we should be using DNS to find a live KDC. Also remove some other options and allow the krb5 lib to use defaults. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-28 | s4-kdc: RODC DCs should be able to produce forwardable tickets | Andrew Tridgell | 1 | -1/+1 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-28 | heimdal: fixed timegm UTC/GMT bug | Andrew Tridgell | 1 | -15/+6 | |
This was a wonderful bug! On some Fedora systems, but not on Ubuntu, there is a difference between UTC and GMT. Heimdal replaced timegm() with _der_timegm() which did not account for that difference (which is 24 seconds at the moment). This led to a mutual authentication failure. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-28 | s4-sam: fixed termination of krbtgt_attrs (comma and NULL) | Andrew Tridgell | 1 | -4/+4 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-09-28 | ldb-dn: don't crash on NULL in ldb_binary_encode_string() | Andrew Tridgell | 1 | -0/+3 | |
Thanks to Nadya for finding this one! | |||||
2010-09-28 | s4-kdc Ensure that an RODC may act as a server (needed to fill | Andrew Bartlett | 1 | -5/+24 | |
the krbtgt role). Andrew Bartlett | |||||
2010-09-28 | heimdal Use a seperate krb5_auth_context for the delegated credentials | Andrew Bartlett | 3 | -1/+35 | |
If we re-use this context, we overwrite the timestamp while talking to the KDC and fail the mutual authentiation with the target server. Andrew Bartlett | |||||
2010-09-29 | midltests/todo: add some random idl files I had tested month ago | Stefan Metzmacher | 8 | -0/+1014 | |
metze | |||||
2010-09-29 | midltests: add midltests-pipe-sync-ndr32-downgrade-01.idl example | Stefan Metzmacher | 3 | -3/+682 | |
metze | |||||
2010-09-29 | midltests: add some usefull defines to midltests.idl | Stefan Metzmacher | 1 | -0/+24 | |
metze | |||||
2010-09-29 | midltests: make it possible to allow downgrades to NDR32 | Stefan Metzmacher | 1 | -4/+8 | |
metze | |||||
2010-09-29 | midltests: add a midltests_tcp.exe tool | Stefan Metzmacher | 5 | -5/+611 | |
This uses a man in the middle approach in order to dump the request and response pdus. It also tests NDR32 and NDR64. metze | |||||
2010-09-29 | midltests: move the current implementation to midltests_simple.exe | Stefan Metzmacher | 3 | -22/+34 | |
metze | |||||
2010-09-29 | testprogs/win32: add vs2010-metze.cmd | Stefan Metzmacher | 1 | -0/+24 | |
metze | |||||
2010-09-29 | s3-printing: skip metadata entry when traversing printerlist. | Günther Deschner | 1 | -0/+5 | |
We were creating a new printer (with a very broken name) out of the lasttimestamp entry all the time. Simo, please check. Guenther | |||||
2010-09-28 | pidl: add support for pointers in typedefs | Stefan Metzmacher | 4 | -249/+270 | |
metze | |||||
2010-09-28 | pidl:NDR/Parser: remove unused code for array element index | Stefan Metzmacher | 1 | -6/+0 | |
metze | |||||
2010-09-28 | pidl:NDR/Parser: simplify logic in ParseMemCtxPullFlags() | Stefan Metzmacher | 1 | -6/+4 | |
metze | |||||
2010-09-28 | pidl:NDR/Client: make the generated code look a bit nicer | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2010-09-28 | librpc/ndr: remove 'async' from ndr_interface_call | Stefan Metzmacher | 1 | -1/+0 | |
metze | |||||
2010-09-28 | pidl: remove unused async property handling | Stefan Metzmacher | 2 | -7/+1 | |
metze | |||||
2010-09-28 | pidl/Python: use has_property($d, "noopnum") helper function | Stefan Metzmacher | 1 | -1/+1 | |
metze | |||||
2010-09-28 | pidl:NDR/Client.pm: remove unreached code | Stefan Metzmacher | 1 | -3/+0 | |
metze | |||||
2010-09-28 | pidl/Python: remove todo handling from PythonFunction(), it's done by the caller | Stefan Metzmacher | 1 | -15/+6 | |
metze | |||||
2010-09-28 | pidl/Typelist: let typeIs() do TYPEDEF dereference in the HASH case | Stefan Metzmacher | 1 | -0/+1 | |
metze | |||||
2010-09-28 | s3-waf: add in a little hack to deal with the ECHO rpc module for ↵ | Günther Deschner | 1 | -0/+4 | |
non-developer builds. This will be removed once we have the rpc modules subsystem in place. Guenther | |||||
2010-09-28 | autobuild: use git notes for autobuild messages | Andrew Tridgell | 1 | -1/+1 | |
This avoids changing the commit ID when we add a note that the autobuild has passed thanks to Jelmer for this suggestion! | |||||
2010-09-28 | selftest: enable FAIL_IMMEDIATELY in autobuild make test | Andrew Tridgell | 1 | -2/+2 | |
this should reduce the time we wait for previous failing builds. Right now this will only work for s4, as we need a makefile change for s3 support | |||||
2010-09-28 | s4-drs: added support for DRSUAPI_EXOP_REPL_OBJ | Andrew Tridgell | 1 | -1/+32 | |
this extended getncchanges operation replicates a single object |