Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This allows us some time to get the EXTERNAL bind working
|
|
|
|
|
|
This keeps the restriction for stream sockets (where the caller will
retry), without creating problems on datagram sockets (CLDAP is not
defined, as far as I know, across multiple UDP packets).
The commit adding this restriction was
47b106c0ae8b91c9cccfc21bf8e4e416b1abfd5d
Andrew Bartlett
|
|
This makes it clear to our users that this particular implementation
isn't final (all parties are agreed that an EXTERNAL bind is the right
way to do this, but it has not been implemented yet).
Andrew Bartlett
|
|
|
|
|
|
This keeps the restriction for stream sockets (where the caller will
retry), without creating problems on datagram sockets (CLDAP is not
defined, as far as I know, across multiple UDP packets).
The commit adding this restriction was
47b106c0ae8b91c9cccfc21bf8e4e416b1abfd5d
Andrew Bartlett
|
|
This uses groupType as the example, but this actually applies to all
integer types in AD.
Andrew Bartlett
|
|
This fixes an uninitialised structure. It has been found through valgrind
in the RAW-ACLs test suite (Bug #6397).
|
|
I tried hard to not change the program logic. Should fix bug #6439.
|
|
- LDB handles now all 32-bit integer attributes correctly (also with overflows)
according to the schema
- LDAP backends handle the attributes "groupType", "userAccountControl" and
"sAMAccountType" correctly. This handling doesn't yet use the schema but
the conversion file "simple_ldap.map.c" which contains them hardcoded.
Did also a refactoring of the conversion function there.
- Bug #6136 should be gone
|
|
Based on patch from Blindauer Emmanuel <samba@mooby.net>.
Guenther
|
|
|
|
down from above (as const).
Jeremy.
|
|
Fix a couple more unix_convert uses to filename_convert.
Fix bug in acl_group_override() where an uninitialized
struct could be used. Move unix_convert with wildcard
use in SMBsearch reply to boilerplate code.
Jeremy.
|
|
resolve_dfspath() -> unix_convert() -> get_full_smb_filename() -> check_name()
with a new function filename_convert().
This restores the check_name() calls that had gone missing
since the default create_file was changed. All "standard"
pathname processing now goes through filename_convert().
I'll take a look at the non-standard pathname processing
next. As a benefit, fixed a missing resolve_dfspath()
in the trans2 mkdir call.
Jeremy.
|
|
That function could return emtpy blobs for username and ccache for e.g. cached
logins.
Guenther
|
|
Guenther
|
|
This reverts commit b112cc5503350b248949bdbcce8072f5523ce877.
tevent_util.h is a private header. Must not be installed.
|
|
This is part of a fix for bug #6328.
Karolin
|
|
|
|
|
|
We have made a lot of useful changes to LDB since the last realese,
that Samba4 now relies on. This ensures that a build against a system
LDB will only succeed against the right version.
Andrew Bartlett
|
|
In particular, ensure that we can acutally change the password under
these circumstances.
Andrew Bartlett
|
|
The purpose of this test is to ensure that the Kerberos credentials
cache is valid. If the username and password is specified, this
overrides the very thing we are trying to test.
Andrew Bartlett
|
|
We need to pass down flags to the DCE/RPC layer to allow fallback to
anonymous connections, as we can't log in with an expired password.
The anonymous connection can then change the password with SAMR.
Andrew Bartlett
|
|
This requires a rework on Heimdal's windc plugin layer, as we want
full control over what tickets Heimdal will issue. (In particular, in
case our requirements become more complex in future).
The original problem was that Heimdal's check would permit the ticket,
but Samba would then deny it, not knowing it was for kadmin/changepw
Also (in hdb-samba4) be a bit more careful on what entries we will
make the 'change_pw' service mark that this depends on.
Andrew Bartlett
|
|
|
|
|
|
While tdb has not changed ABI in a way that requires this, we don't
want Samba4 somehow built against the old version with
performance problems on large, growing databases.
Andrew Bartlett
|
|
- Insert a check after the "tsocket" library call to make sure that the call
terminated correctly
- Add a comment to explain why on further calls of "cldap_socket_init" the
destination address hasn't to be specified
|
|
Patch for bug #6446
cppcheck found 2 possible memory leaks:
[./source4/client/client.c:3305]: (error) Memory leak: base_directory
[./source4/client/client.c:3305]: (error) Memory leak: desthost
Patch in attach.
|
|
Patch for bug #6389
|
|
Patch for bug #6388
|
|
Patch for bug #6270
This patch is for the future when samba4 builds using external libraries. With
this patch, tevent now installs tevent_util.h which is required by samba4.
|
|
Patch for bug #6269
When linking against tevent you also need to link against talloc. This patch
fixes external/libevent.m4 to do so.
|
|
This corrects the issues reaised in bug #6129, and some others that were not
originally identified. It also accounts for some code that was in the original
bug report but appears to have since been made common between S3 and S4.
Thanks to Erik Hovland <erik@hovland.org> for the original bug report.
|
|
Patch for bug #4939
This refactors the NETLOGON code related to this bug:
- Introduces a new "SYNCSTATE" enum required by the "DatabaseSync2" call (acc.
to WSPP)
- Make "DatabaseSync" dependant from "DatabaseSync2" (acc. to WSPP)
- Let "DatabaseSync2" return NT_STATUS_NOT_IMPLEMENTED (I'm not sure if this is
also true when a domain is running in mixed mode)
- Make "LogonControl" and "LogonControl2" dependant form "LogonControl2Ex"
(acc. to WSPP)
- Let "LogonControl2Ex" return WERR_NOT_SUPPORTED for now
|
|
|
|
at a higher level
|
|
This was a little messy because of all of the vfs modules I had to
touch. Most of them were pretty straight forward, but the streams
modules required a little attention to handle smb_filename. Since the
use of smb_filename enables the vfs modules to access the raw,
over-the-wire stream, a little bit of the handling that was being done
by split_ntfs_stream_name has now been shifted into the individual
stream modules. It may be a little more code, but overall it gives
more flexibility to the streams modules, while also allowing correct
stream handling.
|
|
I used the smb_filename struct everywhere that was feasible for the
first pass. There are still some places in this path that need to be
changed to use smb_filename, but this is a good start.
I also:
- Removed fname/path arguments from a few functions that weren't
really using them.
- Added a utility function for detecting whether an smb_filename is a
stream.
|
|
|
|
|
|
|
|
conditions.
|
|
since they can't be included in the static library.
|
|
|