summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-05-04krb5samba: Add compat krb5_make_principal for MIT buildSimo Sorce5-1/+49
2012-05-04Fix compiler warningSimo Sorce1-1/+1
2012-05-04s4-auth-krb: Use compat code to initialize keyblock contentsSimo Sorce1-1/+1
2012-05-04krb5samba: Add compat code to initialize keyblock contentsSimo Sorce3-0/+28
2012-05-04s4-auth-krb: Disable code in MIT buildSimo Sorce1-1/+4
Unfortunately these functions are not available in MIT and there is no easy workaround or compat funciton I can see at this stage. Will fix properly once MIT gets the necessary functions or if another workaround can be found.
2012-05-04Move keytab_copy to krb5samba libSimo Sorce4-4/+14
This is a helper fucntion that uses purely krb5 code, so it belongs to krb5samba which is the krb5 wrapper for samba.
2012-05-04Fix keytab_copy to compile with MIT librariues tooSimo Sorce1-10/+12
2012-05-04keytab_copy: Fix style, whitespacesSimo Sorce1-8/+17
2012-05-04kerberos_pac: Fix code to work with MIT tooSimo Sorce1-3/+3
2012-05-04s4-auth-krb: smb_rd_req_return_stuff is used only in gensec_krb5Simo Sorce5-2/+13
Make it clearly a gensec_krb5 accessory file. This function should never be used anywhere else. This function was copied out from the Heimdal tree and is kept in a separate file for clarity and to keep the original license boilerplate.
2012-05-04Split normal kinit from s4u2 flavored kinitSimo Sorce3-38/+92
This makes it simpler to slowly integrate MIT support and also amkes it somewhat clearer what operation is really requested. The 24u2 part is really only used by the cifs proxy code so we can temporarily disable it in the MIT build w/o major consequences.
2012-05-04Move kerberos_kinit_password_cc to krb5samba libSimo Sorce5-427/+406
2012-05-04Move kerberos_kinit_keyblock_cc to krb5samba libSimo Sorce7-56/+102
Make it also work with MIT where krb5_get_in_tkt_with_keyblock is not available.
2012-05-04krb-init: define out heimdal specific stuff in mitkrb buildSimo Sorce1-3/+12
2012-05-04s4-auth-krb: avoid useless conditionSimo Sorce1-1/+1
Code bails out with ENOMEM 2 lines a bove if config_file is NULL anyways
2012-05-04krb5samba: Remove unnecessary include fileSimo Sorce1-1/+0
2012-05-04Fix krb5_samba.c buildSimo Sorce1-0/+4
2012-05-04s4:torture: add a check for talloc success in test_session_reauthVolker Lendecke1-0/+1
Autobuild-User: Volker Lendecke <vl@samba.org> Autobuild-Date: Fri May 4 16:50:59 CEST 2012 on sn-devel-104
2012-05-04s3: remove some unused codeVolker Lendecke2-28/+0
2012-05-04s3: Fix a typoVolker Lendecke1-1/+1
2012-05-04s4-dsdb: Use data_blob_string_const and add explaination for open-coded ↵Andrew Bartlett1-4/+6
function in samldb Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri May 4 02:34:41 CEST 2012 on sn-devel-104
2012-05-04s4-dsdb: Use strcasecmp_m() to compare possibly multibyte strings in samldbAndrew Bartlett1-5/+5
2012-05-04s4:samldb LDB module - make sure to not add identical ↵Matthias Dieter Wallnöfer2-16/+88
"servicePrincipalName"s more than once The service principal names need to be case-insensitively unique, otherwise we end up in a LDB ERR_ATTRIBUTE_OR_VALUE_EXISTS error. This issue has been discovered on the technical mailing list (thread: cannot rename windows xp machine in samba4) when trying to rename a AD client workstation.
2012-05-03s3:passdb fix a compiler warningChristian Ambach1-1/+1
this one could have caused crashes Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Thu May 3 23:22:05 CEST 2012 on sn-devel-104
2012-05-03s3:vfs fix compiler warningChristian Ambach1-0/+5
vfs_default.c:1875:10: warning: no previous prototype for 'vfswrap_audit_file'
2012-05-03s3:lib fix compiler warningsChristian Ambach1-0/+6
g_lock.c:182:20: warning: no previous prototype for ‘g_lock_lock_send’ g_lock.c:270:10: warning: no previous prototype for ‘g_lock_lock_recv’
2012-05-03UTIL_TDB: lowercase name.Jelmer Vernooij6-9/+9
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu May 3 20:18:22 CEST 2012 on sn-devel-104
2012-05-03libtorture: Improve suggestion to mention torture_assert_*() rather thanJelmer Vernooij1-1/+1
torture_result().
2012-05-03s4:torture: add a new smb2.session.reauth3 test - getting security descriptorMichael Adam1-0/+100
Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Thu May 3 17:38:14 CEST 2012 on sn-devel-104
2012-05-03torture: Suggest torture_fail() / torture_result().Jelmer Vernooij1-1/+2
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu May 3 15:31:06 CEST 2012 on sn-devel-104
2012-05-03provision: remove reference to no longer existing template files.Jelmer Vernooij2-9/+6
2012-05-03s4-samba-tool: make new samba-tool group listmembers use samAccountNameAndrew Bartlett2-4/+4
This is the unique username value. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu May 3 01:57:41 CEST 2012 on sn-devel-104
2012-05-03s4-s3upgrade: Force ldapsam:trusted = yesAndrew Bartlett1-0/+3
While this setting is not the default in Samba3, any domain that is in a suitable condition to upgrade to Samba4 should already be in the layout that ldapsam:trusted uses. It can be turned off by setting ldapsam:trusted=false in the smb.conf. Many upgrades to Samba4 happen on a different host to the old Samba3 domain and this avoids the need to configure nss_ldap only for the duration of the upgrade. Andrew Bartlett
2012-05-03Extension to the samba-tool group subcommand functionality to allow listing ↵Lukasz Zalewski3-0/+91
of the members of an AD group
2012-05-03s4-s3upgrade: Try harder to get group memberships on upgradeAndrew Bartlett1-5/+20
This fixes an issue where some group types were not upgraded, as we did not upgrade alias memberships. It also uses enum_group_memberships() to try and find the memberships from the other direction, by asking which groups a user is a member of. As Samba3 (and NT4) does not implement nested groups, this should be safe. Andrew Bartlett
2012-05-03s3-pypassdb: add wrapper for enum_group_membershipsAndrew Bartlett1-1/+57
This will be used in samba3upgrade to try and get the group memberships by instead asking for the groups each user is in. This reverse lookup may be more reliable, as this is used at login time. Andrew Bartlett
2012-05-03s3-pypassdb: remove unused variableAndrew Bartlett1-2/+0
2012-05-02s4:torture:rpc: add a new test samba3.smb2-pipe-read-logoffMichael Adam1-0/+85
- open a pipe via smb2 - trigger a read which hangs since there is nothing to read - do a logoff - wait for the read to return and check the status (STATUS_PIPE_BROKEN) Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed May 2 19:57:45 CEST 2012 on sn-devel-104
2012-05-02s4:torture:rpc: add a new test samba3.smb2.pipe-read-tdisMichael Adam1-0/+85
- open a pipe via smb2 - trigger a read which hangs since there is nothing to read - do a tree disconnect - wait for the read to return and check the status (STATUS_PIPE_BROKEN)
2012-05-02s4:torture:rpc: add a test samba3.smb2-pipe-read-closeMichael Adam1-0/+87
* open a pipe via smb2 * trigger a read which hangs since there is nothing to read * close the pipe file handle * wait for the read to reaturn and check the status (NT_STATUS_PIPE_BROKEN)
2012-05-02s4:torture:rpc: fix a comment typo in samba3.smb2-reauth2Michael Adam1-1/+1
2012-05-02s4:torture:rpc: remove an accidentially committed character (in a comment)Michael Adam1-1/+1
2012-05-02s3-passdb: Add extra debug on ID mapping failuresAndrew Bartlett1-0/+7
Signed-off-by: Michael Adam <obnox@samba.org> Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed May 2 15:34:13 CEST 2012 on sn-devel-104
2012-05-02s3-idmap: remove (now) unused function idmap_cache_set_sid2both()Andrew Bartlett2-25/+0
Signed-off-by: Michael Adam <obnox@samba.org>
2012-05-02s3-idmap: convert most idmap_cache callers to unixid APIAndrew Bartlett4-55/+52
This will eventually allow the struct unixid to be passed all the way up and down the stack. Andrew Bartlett Signed-off-by: Michael Adam <obnox@samba.org>
2012-05-02s3-idmap: Rework idmap_cache to store ID_TYPE_BOTH valuesAndrew Bartlett2-176/+240
This required that the lower level cache store a UID/GID and a type, and that we operate on struct unixid rather than just uid/gid. The ID_TYPE_BOTH is then handled as being a positive mapping for both a UID and GID value. Wrapper functions are provided so that callers are not changed in this patch. Andrew Bartlett Signed-off-by: Michael Adam <obnox@samba.org>
2012-05-02s3-winbindd: Do not use WBC_ types internally in winbinddAndrew Bartlett1-3/+5
Use the types from idmap.idl instead Signed-off-by: Michael Adam <obnox@samba.org>
2012-05-02s3:passdb: remove a forward declaration of wbcSidToUnixId that has become ↵Michael Adam1-1/+0
unnecessary
2012-05-02s3:passdb: rename sids_to_unix_ids() --> sids_to_unixids() for consistencyMichael Adam3-4/+4
2012-05-02s3-passdb: Use struct unixid in sids_to_unix_idsAndrew Bartlett3-24/+39
This avoids the union in the struct wbcUnixId and moves us to using only struct unixid internally. Andrew Bartlett Signed-off-by: Michael Adam <obnox@samba.org>