summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-09-27s3-waf: move idmap subsystem to winbindd/wscript_build.Günther Deschner2-77/+77
Guenther
2010-09-27s3-waf: move pdb subsystem to pdb/wscript_build.Günther Deschner2-50/+51
Guenther
2010-09-27s3-waf: move auth subsystem to auth/wscript_build.Günther Deschner2-83/+85
Guenther
2010-09-27s3-waf: support --with-acl-support, at least for posix acls.Günther Deschner2-22/+55
Guenther
2010-09-27s3-waf: move VFS subsystem to modules/wscript_build.Günther Deschner2-389/+403
Guenther
2010-09-27s3-waf: add some module specific functions for s3 waf build.Günther Deschner2-0/+23
Thanks to Kai. Guenther
2010-09-27s3-waf: convert VFS into a subsystem.Günther Deschner1-0/+340
Guenther
2010-09-27s3-waf: convert GPEXT into a subsystem.Günther Deschner1-0/+27
Guenther
2010-09-27s3-waf: convert PERFCOUNT into a subsystem.Günther Deschner1-0/+20
Guenther
2010-09-27s3-waf: convert CHARSET into a subsystem.Günther Deschner1-0/+34
Guenther
2010-09-27s3-waf: convert IDMAP into subsystem.Günther Deschner1-0/+55
Guenther
2010-09-27s3-waf: convert PDB into subsystem.Günther Deschner1-0/+41
Guenther
2010-09-27s3-waf: convert AUTH into subsystem.Günther Deschner1-0/+59
Guenther
2010-09-26s4-ldbmodules: Added new module aclread to handle access checks on LDAP searchNadezhda Ivanova4-0/+327
It is currently enabled only if the request comes from the LDAP server, and is disabled by default. Use acl:search=true in smb.conf to enable it. It filters out all objects the user is not allowed to see, and all attributes the user does not have RP on. Extended access not supported yet.
2010-09-26s4-tests: Added tests for search checks on attributesNadezhda Ivanova2-5/+102
The ACL reach tests are in the knowfail because aclread module is not enabled by default
2010-09-26s4-tests: Removed search tests with anonymous credentials as they fail ↵Nadezhda Ivanova2-4/+4
againts Windows These tests will fail in make test as well if the acl_read module is enabled.
2010-09-26s4-dsdb: Added a function to check access on a particular object by its guidNadezhda Ivanova1-0/+37
Similar to dsdb_check_access_on_dn, only it searches by guid.
2010-09-26s4-dsdb: A helper to determine if an attribute is part of the search filterNadezhda Ivanova1-0/+46
2010-09-26s4-dsdb: Moved some helper functions to a separate fileNadezhda Ivanova5-222/+260
We need these to be accessible to the aclread module as well.
2010-09-26s4-ldap: Added a control to apply the access checks on read via LDAPNadezhda Ivanova3-0/+6
2010-09-26autobuild: use killbysubdir if availableAndrew Tridgell1-2/+4
this will reduce the spurious test output while processes are being killed
2010-09-26autobuild: exit immediately if no changes from masterAndrew Tridgell1-1/+9
we don't need to test master in autobuild
2010-09-26s3-waf: convert LIBGPO into a subsystem.Günther Deschner1-2/+5
Guenther
2010-09-26s3-waf: convert PLAINTEXT_AUTH, SLCACHE and DCUTIL into subsystems.Günther Deschner1-11/+19
Guenther
2010-09-26s3-vfs: fix the build of nfs4_acls.cGünther Deschner1-1/+2
Guenther
2010-09-26s3-waf: Link smbd against RPCECHO.Andreas Schneider1-1/+1
2010-09-26s3: Remove talloc_autofree_context() from nametouid()Volker Lendecke1-1/+1
pass is freed a few lines down
2010-09-26s3: Remove talloc_autofree_context() from guest_user_info()Volker Lendecke1-1/+2
pwd is freed a few lines down
2010-09-26s3: Remove talloc_autofree_context() from getpwnam_alloc()Volker Lendecke1-1/+1
This is given to the memcache a few lines down
2010-09-26s3: Remove talloc_autofree_context() from notify_internal_parent_init()Volker Lendecke3-6/+5
2010-09-26Fix bug #7698 - Assert causes smbd to panic on invalid NetBIOS session request.Jeremy Allison6-57/+134
Found by the CodeNomicon test suites at the SNIA plugfest. http://www.codenomicon.com/ If an invalid NetBIOS session request is received the code in name_len() in libsmb/nmblib.c can hit an assert. Re-write name_len() and name_extract() to use "buf/len" pairs and always limit reads. Jeremy.
2010-09-26s4:schannel: handle move flag combinations in the serverStefan Metzmacher1-13/+23
This fixes some testsuites in the CIFS plugfest. metze
2010-09-26s4-auth: fixed the SID list for DCs in the PACAndrew Tridgell4-29/+16
the S-1-5-9 SID is added in the PAC by the KDC, not on the server that receives the PAC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Sep 26 07:09:08 UTC 2010 on sn-devel-104
2010-09-26autobuild: fixed detection of master changesAndrew Tridgell1-3/+4
2010-09-26s3-selftest: added samba3.posix_s3.rap.printing as a knownfailAndrew Tridgell1-0/+1
this fails intermittently on sn-devel, Günther suggests adding this to knownfail for now
2010-09-26idl-pac: add a decoder for the pac info ctrAndrew Tridgell1-0/+4
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-26s4-drs: use the system sam_ctx for updaterefsAndrew Tridgell1-8/+9
this is needed for RODC clients calling updaterefs
2010-09-26s4-spn: don't try to do SPN updates as a RODCAndrew Tridgell1-0/+4
we don't have the permissions to do it
2010-09-26libcli/ldap: let ldap_full_packet() use asn1_peek_tag_needed_size()Stefan Metzmacher1-1/+1
This allows us to read a full packet without read byte after byte or possible read to much. metze
2010-09-26lib/util/asn1: add asn1_peek_tag_needed_size() and asn1_peek_full_tag()Stefan Metzmacher2-0/+85
We need a way to ask for the length of a tag without having the full buffer yet. metze
2010-09-26libcli/util: let tstream_read_pdu_blob_* cope with variable length headersStefan Metzmacher1-5/+13
metze
2010-09-26s4-kerberos Don't segfault if the password isn't specified in keytab generationAndrew Bartlett1-0/+7
Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Sun Sep 26 03:29:34 UTC 2010 on sn-devel-104
2010-09-26upgradeprovision: fix a typoMatthieu Patou1-1/+1
2010-09-26upgradeprovision: Fix a bug with renamed entriesMatthieu Patou1-2/+13
The SD was not refetched for renamed entries, resulting with a try to add an additional SD when there was already one.
2010-09-26upgradeprovision: fix a bug with not updated linksMatthieu Patou1-0/+1
2010-09-26s4 provision: start with gpo of version 0 and be consistent between ↵Matthieu Patou2-3/+3
different policies
2010-09-26s4 upgradeprovision: fix a bug with empty reference objectsMatthieu Patou1-1/+9
Thanks to lukas@eecs.qmul.ac.uk for poiting it to me
2010-09-26s4 upgradeprovision: Copy versionNumber if not present it helps to make gpo ↵Matthieu Patou1-3/+3
valid
2010-09-26s4 provision: Make GPO folder group writableMatthieu Patou1-3/+3
The group of this folder is domain administrator and it seems sensible that all domain administrators have the right to modify the gpo (they have it at the NT ACLs level ...)
2010-09-26s3: Remove talloc_autofree_context() from change_to_guest()Volker Lendecke1-1/+1
pass is freed at the exit of this routine
generated by cgit (git 2.34.1) at 2024-07-09 12:20:35 +0000