summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-06-19Merge branch 'master' of ssh://git.samba.org/data/git/samba into master-develAndrew Bartlett2-0/+287
2009-06-19Allow developers access the the privilaged ldapi socket for the momentAndrew Bartlett1-0/+4
This allows us some time to get the EXTERNAL bind working
2009-06-19On our way to alpha9!Andrew Bartlett1-2/+2
2009-06-19Mark as release versionAndrew Bartlett1-1/+1
2009-06-19Partially revert restriction of socket_wrapper to 1500 byte writesAndrew Bartlett1-10/+32
This keeps the restriction for stream sockets (where the caller will retry), without creating problems on datagram sockets (CLDAP is not defined, as far as I know, across multiple UDP packets). The commit adding this restriction was 47b106c0ae8b91c9cccfc21bf8e4e416b1abfd5d Andrew Bartlett
2009-06-19s4:ldapsrv Place the 'privilaged' ldapi socket under an #ifdefAndrew Bartlett1-1/+11
This makes it clear to our users that this particular implementation isn't final (all parties are agreed that an EXTERNAL bind is the right way to do this, but it has not been implemented yet). Andrew Bartlett
2009-06-19added some basic documentation for the idmap script optionAndrew Tridgell1-0/+168
2009-06-19added a sample script for the "idmap script" optionAndrew Tridgell1-0/+119
2009-06-19Partially revert restriction of socket_wrapper to 1500 byte writesAndrew Bartlett1-10/+32
This keeps the restriction for stream sockets (where the caller will retry), without creating problems on datagram sockets (CLDAP is not defined, as far as I know, across multiple UDP packets). The commit adding this restriction was 47b106c0ae8b91c9cccfc21bf8e4e416b1abfd5d Andrew Bartlett
2009-06-19s4:ldb Add test for integer normalisation behaviourAndrew Bartlett1-0/+17
This uses groupType as the example, but this actually applies to all integer types in AD. Andrew Bartlett
2009-06-19A fix in the ACL code used by both SAMBA 3 and 4Matthias Dieter Wallnöfer1-1/+1
This fixes an uninitialised structure. It has been found through valgrind in the RAW-ACLs test suite (Bug #6397).
2009-06-19Fixed some uninitialised variablesMatthias Dieter Wallnöfer5-18/+20
I tried hard to not change the program logic. Should fix bug #6439.
2009-06-19Correct handling of 32-bit integer attributes in SAMBA 4Matthias Dieter Wallnöfer5-42/+88
- LDB handles now all 32-bit integer attributes correctly (also with overflows) according to the schema - LDAP backends handle the attributes "groupType", "userAccountControl" and "sAMAccountType" correctly. This handling doesn't yet use the schema but the conversion file "simple_ldap.map.c" which contains them hardcoded. Did also a refactoring of the conversion function there. - Bug #6136 should be gone
2009-06-19s3-pam_winbind: Fix Bug 6253: Use correct value for password expiry calculation.Günther Deschner1-1/+2
Based on patch from Blindauer Emmanuel <samba@mooby.net>. Guenther
2009-06-18Fix bug 4699: Remove pidfile on clean shutdownVolker Lendecke5-8/+28
2009-06-18acl_group_override() doesn't need to call stat. Pass thisJeremy Allison1-28/+17
down from above (as const). Jeremy.
2009-06-18Add some const to the stat struct in the dosmode calls.Jeremy Allison8-102/+72
Fix a couple more unix_convert uses to filename_convert. Fix bug in acl_group_override() where an uninitialized struct could be used. Move unix_convert with wildcard use in SMBsearch reply to boilerplate code. Jeremy.
2009-06-18Replace the boilerplate calls to :Jeremy Allison6-270/+154
resolve_dfspath() -> unix_convert() -> get_full_smb_filename() -> check_name() with a new function filename_convert(). This restores the check_name() calls that had gone missing since the default create_file was changed. All "standard" pathname processing now goes through filename_convert(). I'll take a look at the non-standard pathname processing next. As a benefit, fixed a missing resolve_dfspath() in the trans2 mkdir call. Jeremy.
2009-06-18libwbclient: fix returned LogonInfo in wbc_LogonUser().Günther Deschner1-2/+4
That function could return emtpy blobs for username and ccache for e.g. cached logins. Guenther
2009-06-18wbinfo: use wbcLogonUser for wbinfo -K.Günther Deschner1-35/+76
Guenther
2009-06-18Revert "For tevent to install tevent_util.h"Simo Sorce1-1/+0
This reverts commit b112cc5503350b248949bdbcce8072f5523ce877. tevent_util.h is a private header. Must not be installed.
2009-06-18s3/docs: Add documentation for 'net sam rights'.Karolin Seeger1-0/+27
This is part of a fix for bug #6328. Karolin
2009-06-18s3:netlogon Cope with recent rename in netlogon.idlAndrew Bartlett1-1/+1
2009-06-18Remove unused variableAndrew Bartlett1-3/+0
2009-06-18Bump the ldb version and the version Samba4 requires.Andrew Bartlett2-2/+2
We have made a lot of useful changes to LDB since the last realese, that Samba4 now relies on. This ensures that a build against a system LDB will only succeed against the right version. Andrew Bartlett
2009-06-18s4: Add tests and 'must change password' flags in setpassword and newuserAndrew Bartlett5-12/+146
In particular, ensure that we can acutally change the password under these circumstances. Andrew Bartlett
2009-06-18s4:testprogs Don't specify a username/password when checking the ccacheAndrew Bartlett1-1/+1
The purpose of this test is to ensure that the Kerberos credentials cache is valid. If the username and password is specified, this overrides the very thing we are trying to test. Andrew Bartlett
2009-06-18s4:libnet Allow 'net password change' to work on expired passwordsAndrew Bartlett11-9/+41
We need to pass down flags to the DCE/RPC layer to allow fallback to anonymous connections, as we can't log in with an expired password. The anonymous connection can then change the password with SAMR. Andrew Bartlett
2009-06-18s4:kdc Allow a password change when the password is expiredAndrew Bartlett12-70/+98
This requires a rework on Heimdal's windc plugin layer, as we want full control over what tickets Heimdal will issue. (In particular, in case our requirements become more complex in future). The original problem was that Heimdal's check would permit the ticket, but Samba would then deny it, not knowing it was for kadmin/changepw Also (in hdb-samba4) be a bit more careful on what entries we will make the 'change_pw' service mark that this depends on. Andrew Bartlett
2009-06-18s4:setup Add an option to 'setpassword' to force password change at next loginAndrew Bartlett3-3/+17
2009-06-18s4:gensec Print GSSAPI error message when unable to find PACAndrew Bartlett1-1/+3
2009-06-18Require the new tdb 1.1.5 (for performance reasons)Andrew Bartlett2-2/+2
While tdb has not changed ABI in a way that requires this, we don't want Samba4 somehow built against the old version with performance problems on large, growing databases. Andrew Bartlett
2009-06-18Fixes for the "cldap" testsMatthias Dieter Wallnöfer2-6/+19
- Insert a check after the "tsocket" library call to make sure that the call terminated correctly - Add a comment to explain why on further calls of "cldap_socket_init" the destination address hasn't to be specified
2009-06-18source4/client/client.c: Possible memory leaksSlava Semushin1-2/+5
Patch for bug #6446 cppcheck found 2 possible memory leaks: [./source4/client/client.c:3305]: (error) Memory leak: base_directory [./source4/client/client.c:3305]: (error) Memory leak: desthost Patch in attach.
2009-06-18Fix resource leak in lib/ldb/tools/ldbmodify.cSlava Semushin2-0/+2
Patch for bug #6389
2009-06-18Fix syntax error in lib/ldb/ldb_sqlite3/base160.cSlava Semushin2-2/+2
Patch for bug #6388
2009-06-18For tevent to install tevent_util.hEric Sandall1-0/+1
Patch for bug #6270 This patch is for the future when samba4 builds using external libraries. With this patch, tevent now installs tevent_util.h which is required by samba4.
2009-06-18LDB: Link against both tevent and tallocEric Sandall1-1/+1
Patch for bug #6269 When linking against tevent you also need to link against talloc. This patch fixes external/libevent.m4 to do so.
2009-06-18s4: Call va_end() after all va_start()/va_copy() calls.Andrew Kroeger4-5/+16
This corrects the issues reaised in bug #6129, and some others that were not originally identified. It also accounts for some code that was in the original bug report but appears to have since been made common between S3 and S4. Thanks to Erik Hovland <erik@hovland.org> for the original bug report.
2009-06-18NETLOGON pipe improvementsMatthias Dieter Wallnöfer9-65/+184
Patch for bug #4939 This refactors the NETLOGON code related to this bug: - Introduces a new "SYNCSTATE" enum required by the "DatabaseSync2" call (acc. to WSPP) - Make "DatabaseSync" dependant from "DatabaseSync2" (acc. to WSPP) - Let "DatabaseSync2" return NT_STATUS_NOT_IMPLEMENTED (I'm not sure if this is also true when a domain is running in mixed mode) - Make "LogonControl" and "LogonControl2" dependant form "LogonControl2Ex" (acc. to WSPP) - Let "LogonControl2Ex" return WERR_NOT_SUPPORTED for now
2009-06-18Add const to cast, to fix warningAndrew Bartlett1-2/+2
2009-06-17s3 onefs: Remove dfs resolution from create_file() now that it's being done ↵Tim Prouty1-22/+1
at a higher level
2009-06-17s3: Change SMB_VFS_OPEN to take an smb_filename structTim Prouty25-131/+398
This was a little messy because of all of the vfs modules I had to touch. Most of them were pretty straight forward, but the streams modules required a little attention to handle smb_filename. Since the use of smb_filename enables the vfs modules to access the raw, over-the-wire stream, a little bit of the handling that was being done by split_ntfs_stream_name has now been shifted into the individual stream modules. It may be a little more code, but overall it gives more flexibility to the streams modules, while also allowing correct stream handling.
2009-06-17s3: Plumb smb_filename from create_file all of the way down to fd_openTim Prouty5-206/+282
I used the smb_filename struct everywhere that was feasible for the first pass. There are still some places in this path that need to be changed to use smb_filename, but this is a good start. I also: - Removed fname/path arguments from a few functions that weren't really using them. - Added a utility function for detecting whether an smb_filename is a stream.
2009-06-18Use system Python LDB bindings, if present.Jelmer Vernooij1-1/+9
2009-06-18Use system LDB by default if the right version was found.Jelmer Vernooij1-2/+2
2009-06-18dsdb: Fix build against system ldb.Jelmer Vernooij3-3/+3
2009-06-18selftest: Use common function when skipping testsuites based on run-timeJelmer Vernooij1-11/+32
conditions.
2009-06-18smb_build: Always build modules for system-libraries as shared libraries,Jelmer Vernooij1-2/+3
since they can't be included in the static library.
2009-06-18Fix build with system LDB.Jelmer Vernooij4-4/+4