summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-05-18s4:kdc: split s4u2self and s4u2proxy checksStefan Metzmacher4-23/+55
metze
2011-05-18s4:kdc: UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION => ↵Stefan Metzmacher1-0/+14
flags.trusted_for_delegation metze
2011-05-18s4:auth/credentials: S4U2Self should force CRED_MUST_USE_KERBEROSStefan Metzmacher1-0/+1
Otherwise we would not impersonate the desired principal. This still doesn't work for plaintext auth, but should avoid ntlmssp. metze
2011-05-18s4:auth/credentials: pass 'self_service' to ↵Stefan Metzmacher5-10/+36
cli_credentials_set_impersonate_principal() This also adds a cli_credentials_get_self_service() helper function. In order to support S4U2Proxy we need to be able to set the service principal for the S4U2Self step independent of the target principal. metze
2011-05-18s4:gensec_gssapi: avoid delegation if s4u2self/proxy is usedStefan Metzmacher1-0/+4
metze
2011-05-18HEIMDAL:kdc: check and regenerate the PAC in the s4u2proxy caseStefan Metzmacher1-13/+38
TODO: we need to add a S4U_DELEGATION_INFO to the PAC later. metze
2011-05-18HEIMDAL:kdc: pass the correct principal name for the resulting service ticketStefan Metzmacher1-38/+36
Depending on S4U2Proxy the principal name for the resulting ticket is not the principal of the client ticket. metze
2011-05-18HEIMDAL:kdc: let check_PAC() to verify the incoming server and krbtgt cheksumsStefan Metzmacher1-4/+7
For a normal TGS-REQ they're both signed with krbtgt key. But for S4U2Proxy requests which ask for contrained delegation, the keys differ. metze
2011-05-18Fix bug #8144 - touch /mnt/newfile fails to set timestamp with CIFS client.Jeremy Allison1-10/+15
The extra checks added for Windows correctness in our metadata changing paths to ensure the file handle has been opened with the correct access mask to allow FILE_WRITE_ATTRIBUTES etc. caused problems with the POSIX open code. The old POSIX open code maped O_RDONLY into FILE_READ, O_WRONLY into FILE_WRITE, and O_RDWR into FILE_READ|FILE_WRITE. This patch extends the mapping to add FILE_WRITE_ATTRIBUTES, FILE_READ_ATTRIBUTES and FILE_WRITE_EA, FILE_READ_EA to allow POSIX opens to set these values. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed May 18 02:22:32 CEST 2011 on sn-devel-104
2011-05-17Fix redefinition of fstrcpy.Jeremy Allison1-1/+7
2011-05-17is_my_ipaddr() should recognise loopback addresses as ours.Jeremy Allison1-5/+5
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue May 17 20:05:42 CEST 2011 on sn-devel-104
2011-05-17Don't evaluate the src argument to fstrcpy/fstrcat/nstrcpy/unstrcpy twice. ↵Jeremy Allison1-5/+25
Prevents side-effects when src is a function call.
2011-05-17Remove duplicate definition of SMB_VFS_NEXT_STRICT_UNLOCK. Found by ↵Jeremy Allison1-3/+0
herb@samba.org
2011-05-17s3: conn->sconn in smbd_server_connection_read/write_handlerVolker Lendecke1-9/+10
"struct smbd_server_connection" is called sconn elsewhere, avoid confusion Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue May 17 19:00:20 CEST 2011 on sn-devel-104
2011-05-17lib/util/charset: fix the toplevel MacOS X build.Günther Deschner1-2/+3
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue May 17 16:16:59 CEST 2011 on sn-devel-104
2011-05-17s3:rpc_server: create lp_ncalrpc_dir() with 0755 before lp_ncalrpc_dir()/np ↵Stefan Metzmacher1-0/+11
with 0700 metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 17 13:01:14 CEST 2011 on sn-devel-104
2011-05-17Revert "s3-rpc_server: Force ncalrpc dir to be mode 755."Stefan Metzmacher1-1/+13
This reverts commit a032c9c8fe8aff455407485169b9445860f89606.
2011-05-17Fix typos in LDAP schema filesSumit Bose5-6/+6
Reported by: John Danks <john.danks@gmail.com> Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Tue May 17 11:56:08 CEST 2011 on sn-devel-104
2011-05-17talloc: splitout _talloc_free_children_internal()Stefan Metzmacher1-50/+27
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 17 10:49:13 CEST 2011 on sn-devel-104
2011-05-17talloc: fixed a use after free error in talloc_free_children()Stefan Metzmacher1-1/+16
This is similar to commit 6f51a1f45bf4de062cce7a562477e8140630a53d. metze
2011-05-17talloc: use _talloc_free_internal() in talloc_free_children()Stefan Metzmacher1-1/+1
metze
2011-05-17talloc: test talloc_steal out of a talloc_poolStefan Metzmacher1-0/+69
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue May 17 09:43:01 CEST 2011 on sn-devel-104
2011-05-17talloc: add memset() calls to test_pool()Stefan Metzmacher1-0/+17
This way we the pool based valgrind code. metze
2011-05-17talloc: setup the new 'tc' before TC_UNDEFINE_GROW_CHUNK() _talloc_realloc()Stefan Metzmacher1-0/+1
metze
2011-05-17talloc: make really sure only optimize realloc if there's only one pool chunkStefan Metzmacher1-1/+6
*talloc_pool_objectcount(pool_tc) == 2 doesn't mean the one of the objects is the pool itself! So we better check for == 1 and calculate the chunk count. metze
2011-05-17talloc: make use of _talloc_free_poolmem() in _talloc_realloc()Stefan Metzmacher1-15/+1
This should follow the same logic... metze
2011-05-17talloc: split the handling of FLAG_POOL/FLAG_POOLMEM in _talloc_free_internalStefan Metzmacher1-32/+66
The optimization of the object_count == 1 case should only happen for when we're not destroying the pool itself. And it should only happen if the pool itself is still valid. If the pool isn't valid (it has TALLOC_FLAG_FREE), object_count == 1 does not mean that the pool is the last object, which can happen if you use talloc_steal/move() on memory from the pool and then free the pool itself. Thanks to Volker for noticing this! metze
2011-05-17s4-dfs: Use a workaround for ndr relative pointer bug/limitationMatthieu Patou1-11/+8
Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Tue May 17 01:33:27 CEST 2011 on sn-devel-104
2011-05-17s4-torture: Add more tests to DFS referral suiteMatthieu Patou1-4/+30
2011-05-17torture: adapt to idl evolutionroot2-48/+48
2011-05-17s4-dfs: clean the codeMatthieu Patou1-44/+50
2011-05-17s4-dfs: fix bugs in idl and adapt code accordinglyMatthieu Patou2-32/+25
2011-05-17s4-python: add an option for just fixing gpo foldersMatthieu Patou1-189/+196
2011-05-17s4-python: keep wheel_gid as an integerMatthieu Patou1-1/+1
2011-05-17s4-python: raise an error if unable to bind remote ldap while joiningMatthieu Patou1-0/+11
2011-05-16Fix the SMB2 showstopper, found by an extended torture test from Volker.Jeremy Allison1-3/+25
In the oplock refactoring, the algorithm underwent an unnoticed change. In 3.5.x stat_opens were silently (i.e. no explicit code had comments explaining this) ignored when looking for oplock breaks and share mode violations. After the refactoring, the function find_oplock_types() no longer ignored stat_open entries in the share mode table when looking for batch and exclusive oplocks. This patch adds two changes to find_oplock_types() to ignore the case where the incoming open request is a stat open being tested against existing opens, and also when the incoming open request is a non-stat open being tested against existing stat opens. Neither of these cause an oplock break or share mode violation. Thanks a *lot* to Volker, who persevered in reproducing this problem. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon May 16 22:38:20 CEST 2011 on sn-devel-104
2011-05-16Ensure we always write the correct incoming mid into the share modeJeremy Allison2-4/+8
table entries.
2011-05-16s3-rpc_server: Force ncalrpc dir to be mode 755.Andreas Schneider1-13/+1
This completes aae9353ecf56323b63da66aa84d8a0a4f219d94d. directory_create_or_exist() is not needed cause create_pipe_sock() takes care of setting up the directory correctly. Andrew please check! Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Mon May 16 17:54:20 CEST 2011 on sn-devel-104
2011-05-16s3-printing: remove cups_pull_comment_location from header fileDavid Disseldorp1-4/+0
Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon May 16 16:03:57 CEST 2011 on sn-devel-104
2011-05-16s3: Document gpfs:syncioVolker Lendecke1-0/+20
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Mon May 16 15:00:40 CEST 2011 on sn-devel-104
2011-05-16gpfs.so: Add gpfs:syncio optionGregor Beck1-0/+13
This enables optimizations for shared file access on gpfs
2011-05-16waf: Enable Samba3 torture tests in top level build.Andreas Schneider1-12/+12
Signed-off-by: Günther Deschner <gd@samba.org> Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon May 16 13:57:01 CEST 2011 on sn-devel-104
2011-05-16s3-selftest: no point in running base.chkpath and base.delaywrite twice.Günther Deschner1-3/+3
Thanks to Bjoern Baumbach for pointing this out! Guenther Signed-off-by: Günther Deschner <gd@samba.org>
2011-05-16s3-printing: Remove obsolete and unused cups_pull_comment_location().Andreas Schneider1-157/+0
Signed-off-by: Günther Deschner <gd@samba.org>
2011-05-16s3-spoolss: Get the printer location from cups.Andreas Schneider1-2/+33
Signed-off-by: Günther Deschner <gd@samba.org>
2011-05-16s3-printing: Get the location info from cups.Günther Deschner12-32/+85
Signed-off-by: Günther Deschner <gd@samba.org>
2011-05-16s3: Added waf build header locations for clang complete.Andreas Schneider1-0/+1
Signed-off-by: Günther Deschner <gd@samba.org>
2011-05-16s4-smbtorture: add test_netremotetod.Günther Deschner2-0/+18
Guenther Autobuild-User: Günther Deschner <gd@samba.org> Autobuild-Date: Mon May 16 12:45:52 CEST 2011 on sn-devel-104
2011-05-16s4-libcli/rap: add smbcli_rap_netremotetod().Günther Deschner1-0/+47
Guenther
2011-05-16s3-rap: add rap_NetRemoteTOD to IDL.Günther Deschner1-0/+22
Guenther
generated by cgit (git 2.34.1) at 2024-07-03 03:59:04 +0000