summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-02-18tevent: rename tevent_req_set_timeout() => tevent_req_set_endtime()Stefan Metzmacher2-2/+2
This makes more clear what the function does. metze
2009-02-18s4:netlogon: don't mix in and out negotiate_flags in ↵Stefan Metzmacher1-3/+4
dcesrv_netr_ServerAuthenticate() metze
2009-02-18Merge branch 'master' of ssh://git.samba.org/data/git/samba into master-develAndrew Bartlett8-11/+69
2009-02-18paper over failure to reprovision with os.unlink()Andrew Bartlett1-1/+2
We need to figure out why the deletes on the database fail, but for now doing an unlink of templates_tdb isn't too bad. Andrew Bartlett
2009-02-18Worked around a problem with select/poll/epoll and gnutls Andrew Tridgell5-1/+47
Our packet layer relies on the event system reliably telling us when a packet is available. When we are using a socket layer like TLS then things get a bit trickier, as there may be bytes in the encryption buffer which could be read even if there are no bytes at the socket level. The GNUTLS library is supposed to prevent this happening by always leaving some data at the socket level when there is data to be processed in its buffers, but it seems that this is not always reliable. To work around this I have added a new packet option packet_set_unreliable_select() which tells the packet layer to not assume that the socket layer has a reliable select, and to instead keep trying to read from the socket until it gets back no data. This option is set for the ldap client and server when TLS is negotiated. This seems to fix the problems with the ldaps tests.
2009-02-18fixed some of the TLS problemsAndrew Tridgell3-10/+22
This fixes two things in the TLS support for Samba4. The first is to use a somewhat more correct hostname instead of 'Samba' when generating the test certificates. That allows TLS test clients (such as gnutls-cli) to connect to Samba4 using auto-generated certificates. The second fix is to add a call to gcry_control() to tell gcrypt to use /dev/urandom instead of /dev/random (on systems that support that). That means that test certificate generation is now very fast, which was previously an impediment to putting the TLS tests on the build farm.
2009-02-17Don't miss an absolute pathname as a kerberos keytab path. From Glenn Machin ↵Jeremy Allison1-0/+5
<gmachin@sandia.gov>. Jeremy.
2009-02-17Fix bug #6117 - Samba 3.3.0: pdbedit -a core dumps.Jeremy Allison1-1/+12
Jeremy.
2009-02-17Fix warning about missmatch of uint32_t and size_t.Jeremy Allison1-1/+1
Jeremy.
2009-02-17docs: extend the example in the idmp_rid manpage to configure 2 domains with ridMichael Adam1-1/+13
Michael
2009-02-17docs: extend the idmap_rid manpageMichael Adam1-5/+24
Michael
2009-02-17s3:winbindd: make do_async_domain() static.Michael Adam2-12/+6
Michael
2009-02-17s3:build: improve the check for a working krb5-config.Michael Adam1-1/+1
Not only check if it exists and is executable, but also check whether it accepts the command line "krb5-config --libs gssapi". Chris Hoogendyk <hoogendyk@bio.umass.edu> has reported configure failing on a Solaris machine due to krb5-config raising errors on these options. Michael
2009-02-17s4-smbtorture: fix spoolss test after count out,ref idl changes.Günther Deschner3-10/+38
Guenther
2009-02-17s4-spoolss: fix spoolss server after out,ref count pointer changes.Günther Deschner2-15/+14
Guenther
2009-02-17spoolss: fix spoolss helper for out ref count pointer.Günther Deschner1-2/+4
Guenther
2009-02-17s3: re-run make samba3-idl.Günther Deschner5-112/+294
Guenther
2009-02-17spoolss: in enum-calls make [out] count a ref pointer.Günther Deschner1-28/+28
Guenther
2009-02-17s3-spoolss: remove old spoolss_ResetPrinter.Günther Deschner3-62/+0
Guenther
2009-02-17s3-spoolss: use pidl for _spoolss_ResetPrinter.Günther Deschner2-38/+10
Guenther
2009-02-17s3: re-run make samba3-idl.Günther Deschner4-0/+80
Guenther
2009-02-17spoolss: fill in spoolss_ResetPrinter.Günther Deschner1-1/+4
Guenther
2009-02-17s3-netapi: fix Coverity #881 and #882.Günther Deschner1-7/+56
Guenther
2009-02-17Fix an invalid typecastingVolker Lendecke1-1/+7
entry->num_of_strings is a uint16_t. Casting it with (int *)&entry->num_of_strings is wrong, because it gives add_string_to_array the illusion that the object "num" points to is an int, which it is not. In case we are running on a machine where "int" is 32 or 64 bits long, what happens with that cast? "add_string_to_array" interprets the byte field that starts where "num_of_strings" starts as an int. Under very particular circumstances this might work in a limited number of cases: When the byte order of an int is such that the lower order bits of the int are stored first, the subsequent bytes which do not belong to the uint16_t anymore happen to be 0 and the result of the increment still fits into the first 2 bytes of that int, i.e. the result is < 65536. The correct solution to this problem is to use the implicit type conversion that happens when an assignment is done. BTW, this bug is found if you compile with -O3 -Wall, it shows up as a warning: rpc_server/srv_eventlog_lib.c:574: warning: dereferencing type-punned pointer will break strict-aliasing rules Thanks, Volker
2009-02-17async_sock: Use tevent_timeval instead of timeval functionsKai Blin1-3/+4
2009-02-17tevent: Rename ev_timeval* functions to tevent_timeval, export them.Kai Blin7-23/+61
Also add tevent_timeval_add() and tevent_timeval_current_ofs() to help not depending on lub/util/time.c for things that just need tevent
2009-02-17s3-rpcclient: use rpccli_spoolss_RemoteFindFirstPrinterChangeNotifyEx.Günther Deschner1-20/+29
Guenther
2009-02-17s4-spoolss: fix dcesrv_spoolss_RemoteFindFirstPrinterChangeNotifyEx server.Günther Deschner1-5/+6
Guenther
2009-02-17s4-smbtorture: fix spoolss notify test.Günther Deschner1-14/+14
Guenther
2009-02-17s3: re-run make samba3-idl.Günther Deschner5-125/+125
Guenther
2009-02-17spoolss: fix idl for spoolss_RouterRefreshPrinterChangeNotify.Günther Deschner1-1/+1
Guenther
2009-02-17spoolss: change some type names in spoolss_RemoteFindFirstPrinterChangeNotifyEx.Günther Deschner1-6/+6
Guenther
2009-02-16Fix bug 5920Yasuma Takeda1-1/+1
The length of the memcpy was calculated wrong, r->out.return_authenticator is a pointer
2009-02-16s3:netlogon: implement _netr_LogonGetCapabilities() with ↵Stefan Metzmacher1-4/+3
NT_STATUS_NOT_IMPLEMENTED This hopefully fixes bug #6100. metze
2009-02-16s4:netlogon: implement netr_LogonGetCapabilities with NT_STATUS_NOT_IMPLEMENTEDStefan Metzmacher1-4/+5
This hopefully fixes bug #6109. metze
2009-02-16librpc: rerun make idlStefan Metzmacher7-46/+282
metze
2009-02-16netlogon.idl: add idl for netr_LogonGetCapabilities()Stefan Metzmacher1-1/+12
metze
2009-02-16s4:netlogon: always return correct negotiate_flags in Authenticate[2|3]()Stefan Metzmacher1-1/+31
metze
2009-02-16librpc: rerun make idlStefan Metzmacher2-4/+8
metze
2009-02-16netlogon.idl: add NETLOGON_REG_SUPPORTS_AES_SHA2 flags and use correct names ↵Stefan Metzmacher1-2/+6
for some other flags metze
2009-02-16tevent: fix compiler warning in pytevent.cStefan Metzmacher1-1/+3
metze
2009-02-16s3 auth: Add parameter that forces every user through an NSS lookupZach Loafman3-4/+35
When set to yes, "force username map" forces every user, even AD users, through an NSS lookup. This allows the token to be overridden with information from NSS in certain broken environments.
2009-02-16s3 perfcount: Fix segfault with smbclient 'echo 3 foo'Tim Prouty1-33/+11
2009-02-16s3 OneFS: Add defaults to the fake timestamp parametersTim Prouty2-8/+19
2009-02-16make receive_smb_raw_talloc more readableTim Prouty1-4/+4
2009-02-16lib/tevent: change to LGPLv3+Stefan Metzmacher16-188/+253
metze
2009-02-15Attempt to fix bug #6099. According to MicrosoftJeremy Allison1-17/+26
Windows 7 looks at the negotiate_flags returned in this structure *even if the call fails with access denied ! So in order to allow Win7 to connect to a Samba NT style PDC we set the flags before we know if it's an error or not. Jeremy.
2009-02-14remove accidental white spaceDerrell Lipman1-1/+0
2009-02-14enums are traditionally signed. Avoid use of high bit in bit flags.Derrell Lipman1-3/+3
2009-02-14Get rid of the warnings I had for testingDerrell Lipman1-5/+0