summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r24059: Fix bug 4822 reported by Matthias Wallnöfer <mwallnoefer@yahoo.de>.Andrew Bartlett2-155/+188
Any SAMR client (usrmgr.exe in this case) that attempted to set a property to a zero length string found instead the the old value was kept. In fixing this, rework the macros to be cleaner (add the always-present .string) to every macro, and remove the use of the samdb_modify() and samdb_replace() wrappers where possible. Andrew Bartlett (This used to be commit b05fe693047c09b85c7fc0e1ea8d931c99910375)
2007-10-10r24054: Fix some warningsVolker Lendecke1-2/+2
(This used to be commit b3473db397476d05e7ffca50a5f7a9b65e0a5b4a)
2007-10-10r24053: Ensure we filter EnumDomainUsers with the supplied mask.Andrew Bartlett2-34/+100
Should fix another part (list of domains in usrmgr incorrectly including accounts) of bug #4815 by mwallnoefer@yahoo.de. Andrew Bartlett (This used to be commit 7f7e4fe2989ef4cb7ec0f855b25e558f3bbd18c5)
2007-10-10r24052: Fix some of the NT4 usrmgr.exe portions of bug 4815.Andrew Bartlett3-16/+209
- The icons in usermgr were incorrect, because the acct_flags were not filled in (due to missing attribute in ldb query) - The Full name was missing, and the description used as the full name (due to missing attributes in ldb query and incorrect IDL) To prove the correctness of these fixes, I added a substantial new test to RPC-SAMR-USERS, to ensure cross-consistancy between QueryDisplayInfo and QueryUserInfo on each user. This showed that for some reason, we must add ACB_NORMAL to the acct_flags on level 2 queries (for machine trust accounts)... Getting this right is important, because Samba3's RPC winbind methods uses these queries. Andrew Bartlett (This used to be commit 9475d94a61e36b3507e5fd2e6bb6f0667db4a607)
2007-10-10r24051: more monitor function calls and monitor msg namesRafal Szczesniak7-44/+103
convention change. rafal (This used to be commit 6ab10b2ed256fa3c55d1af8ddcc9dfdaf4598a1e)
2007-10-10r24041: After metze's ack, check in torture_comment from Zack KrischVolker Lendecke1-2/+2
<zack.kirsch@isilon.com> (This used to be commit b1148b7ab84a18d4fea771c887ed7d535841982b)
2007-10-10r24012: Remove duplicate code block (from bad merge).Andrew Bartlett1-17/+0
Andrew Bartlett (This used to be commit 68bdbd732fc02ce5a8ef8eb0107459ff3b7eb723)
2007-10-10r24011: Keep the connect handle around in libnet, in case we want it.Andrew Bartlett2-0/+2
Andrew Bartlett (This used to be commit e6ccdb6cea267b992d1b586757f0b84afbc5e45f)
2007-10-10r24010: Fix warning for the function paramter to qsort().Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 51862c4c5299da02d3d781b3e9255823bc9b59af)
2007-10-10r23995: Work to allow mimir's libnet code to be called from winbind.Andrew Bartlett9-57/+53
We now setup a libnet_ctx for each domain. We should then be able to replace/merge some more of the winbind code with libnet calls, referencing domain->libnet_ctx. Andrew Bartlett (This used to be commit bad2dc14d704be59300f619c84694c11620559e0)
2007-10-10r23994: Finish my work to ensure that non-root and non-administrator usersAndrew Bartlett4-166/+193
cannot vampire, provision or upgrade a Samba4 server via SWAT. (The previous commit was an accident, and not complete). This should get Samba4 closer to being 'secure' for an alpha release. Andrew Bartlett (This used to be commit 3b6695de36bcea8a76001c9a5585eac871646450)
2007-10-10r23993: Attempt to fix bug #4808, reported by mwallnoefer@yahoo.de. The issueAndrew Bartlett1-1/+4
is that when we all ldb_msg_add_empty(), we might realloc() the msg->elements array. We need to ensure the source pointer (when copying an element from the same msg) is still valid, or the data copied. Andrew Bartlett (This used to be commit 0fbea30577233d00e7c6cdd4faaece0f99fc57b1)
2007-10-10r23982: Fix use-after-realloc() found by valgrind and mwallnoefer@yahoo.de.Andrew Bartlett1-1/+5
Should fix bug #4804. Andrew Bartlett (This used to be commit 848336dc617b72d189fe82e10c0b08a518d6d073)
2007-10-10r23980: Fix one more use of pwrite in expand_file.Michael Adam1-1/+10
Michael (This used to be commit b97acdc67b1a55529e69bb7b2b78a317a34b1eba)
2007-10-10r23979: Fix another occurence of (written != requested) as anMichael Adam1-5/+22
error condition to write. This is in tdb_new_database. Fix one call to tdb_new_database in tdb_open_ex to not overwrite the newly propagated errno (typically ENOSPC). Michael (This used to be commit eb524df0a52783de6c94a11b44f268e0f26fbb2c)
2007-10-10r23978: Merge r23161 from Samba3:Michael Adam2-0/+5
Add TDB_VOLATILE as open_flag to activate the per-hashchain dead record optimization. (This used to be commit 868cdb1781fe94afbc1658e72bf06de20193bcd7)
2007-10-10r23977: Im prove the pwrite-patch to tdb_expand_file of r23972:Michael Adam1-7/+20
* prevent infinite loops due to 0 bytes written: try once more. if we still get 0 as return, set errno to ENOSPC and return -1 (error) * replace int by correct types (ssize_t and size_t). * print a warning log message in case "written < requested to write" usually this means, that the next call to pwrite will fail with return value -1 and set errno accordingly. Note that the former error condition "written != requested to write" is not a correct error condition of write/pwrite. If this is due to an error, a subsequent call to (p)write will reveal the cause (typically "no space left on device" - ENOSPC). Michael (This used to be commit 7f415d12239fc67eb2c7894c6359b9507fe122c6)
2007-10-10r23972: Fix a bug in pwrite error detection in tdb_expand_file():Michael Adam1-3/+3
The proper error condition is (ret == -1) instead of (ret != number_of_byte_told_to_write). Michael (This used to be commit 4c3c6363f860ec01d3c789ef8ee2aa3eb77000dc)
2007-10-10r23966: It isn't great, but at least now we have some access control in SWATAndrew Bartlett4-50/+112
This patch prevents non-root and non-administrator users from running the provision, upgrade and vampire pages. *I think* the rest of SWAT is LDB operations, or otherwise authenticated, so we should now be secure. I wish I had a better way to 'prove' we got this right, but this is better than nothing, and moves us closer to an alpha. Andrew Bartlett (This used to be commit d61061052dc4711f886199e49bc303002c8f9b11)
2007-10-10r23965: Add testing the 'net time' command to the script.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit 4fab53432a3599cf62a7ebef977bc33ef5a5f734)
2007-10-10r23964: Update blackbox selftest scripts to cover more code, and to moreAndrew Bartlett3-38/+83
consistantly report errors. (Some were being lost due to the "echo foo | cmd" calling convention). Andrew Bartlett (This used to be commit d0a994d0ce7b1d4a33bbca5348c2da868401971f)
2007-10-10r23961: Allow SWAT to operate on x86_64 machines.Andrew Bartlett5-20/+29
On machines with a 4 byte int, and a 8 byte pointer, the ESP could would fail. The problem is that 0 != NULL. 0 is an int (4 bytes) and NULL is a pointer (8), and this matters critically to varargs functions. If a 0 was passed as the 'terminating' argument, then only 4 bytes would be written to the stack, but va_arg(ap, char *) would try and pull 8, reading uninitalised memory. Andrew Bartlett (This used to be commit 72ca8e3b2a45179b731790e6329b978b22ac1ec0)
2007-10-10r23960: Don't destory the 'reason' for terminating the service before ↵Andrew Bartlett1-1/+3
printing it. Andrew Bartlett (This used to be commit 18d2680f357cef68e0e9714ce5404be70759d2ad)
2007-10-10r23959: add more monitor messages support that's been sitting around on myRafal Szczesniak6-55/+216
laptop for a while. rafal (This used to be commit c257363adbc2e8ab577bb86a5b4dbef3caf802ef)
2007-10-10r23950: unlink before rename is superfluous.Michael Adam1-1/+0
Michael (This used to be commit dc0104be9acfcd97f95388029a421204723b641a)
2007-10-10r23925: Use NULL instead of 0 for a void * argument.Michael Adam1-1/+1
(This used to be commit bf7774360bbcf557e3cbc4ef0c45f750b4ba89c3)
2007-10-10r23912: We always accept / as a seperator, and it is far less confusingAndrew Bartlett1-1/+1
compared with a shell-escape (\). Fixes bug #4765 Andrew Bartlett (This used to be commit 417e0ef87fdf8ea69c66089485bd4e0f7b4ca495)
2007-10-10r23907: Fix bug 4790 reported by mwallnoefer@yahoo.de:Andrew Bartlett1-5/+7
Before the provisioning enters to the function provision_default_paths (in scripting/libjs/provision.js), the variable subobj.DNSDOMAIN isn't properly set (for example for the filename of the DNS zonefile). Andrew Bartlett (This used to be commit 07a9db1438df93442c5b50b1b97ca69662749608)
2007-10-10r23905: SATOH Fumiyasu <fumiyas@osstech.jp> points out that we want &&, not ↵Andrew Bartlett1-1/+1
; here... (We don't want to make a distclean of the main user tree, just because they don't have the parent directory checked out). Andrew Bartlett (This used to be commit 70bf6936850dede51d085a1f1f22f43b98823ff2)
2007-10-10r23895: reapply rev 23493:Stefan Metzmacher1-27/+6
regenerate lex.c files with flex 2.5.33 this makes sure we include config.h as first header hopefully fixes the build on SerNet-aix abartlet: please don't revert that again with your next heimdal merge...:-) metze (This used to be commit 8da4e9a9ac0fb09a7b84de87e1671a8689e20fcb)
2007-10-10r23890: Allow wbinfo -a to work against Samba4's winbind.Andrew Bartlett8-331/+397
Add a test for wbinfo -a to test_member.sh Reimplement the server-side 'pam_auth' and 'pam_auth_crap' calls to use the same SamLogon code as auth_winbind uses. In my previous code, we did not bind to the LSA and SAMR pipes, before attempting operations. We now do this (how we passed any tests before is beyond me). This required some rework, particularly to make it easier to setup secondary connections. The new rpc_secondary_auth_connection() function also performs the bind. The dcerpc_connect.c file was getting to big, so things have been merged into dcerpc_secondary.c. Andrew Bartlett (This used to be commit 365778a993b7d76af6d53ba2a598b7e271741dc5)
2007-10-10r23881: A quick fix from davecb@spamcop.net to be more portable to non-GNUAndrew Bartlett1-1/+1
make in autogen.sh. Andrew Bartlett (This used to be commit f47e5f716137b08380b17fdd95d2f454f53d6ce6)
2007-10-10r23880: Don't crash when we run wbinfo -a against our own winbind when we ↵Andrew Bartlett2-3/+6
are a DC. Next step is to make it work... Andrew Bartlett (This used to be commit a1b6c9ecb9a6f17bcbabf81a8128398df6447490)
2007-10-10r23876: Prepare to run nsstest from make test, just not add it to ↵Kai Blin3-1/+31
tests_all.sh yet. (This used to be commit f45ae8a878c3d34ea2e4e1c7770e57cd96fa845b)
2007-10-10r23875: As pointed out by mwallnoefer@yahoo.de:Andrew Bartlett1-6/+6
On default Active Directory installations, the NETLOGON share isn't an indipendent directory. In fact it's mapped to the subdirectory "scripts" from the share SYSVOL under <Domain name>. Andrew Bartlett (This used to be commit 923d67ea9d78da46235221375b49b6f1d0d6a862)
2007-10-10r23862: Explain who requested unknown dependency. Helps a lot in chasing ↵Alexander Bokovoy1-1/+1
dependency hell when trimming down s4 platform (This used to be commit 6c95eabac684c70ac0080b6ab7ca723f5c58869b)
2007-10-10r23860: export WINBINDD_SOCKET_DIR into the testenvStefan Metzmacher1-1/+2
metze (This used to be commit 0d27c1b54e2ea2f7cc0bdcd80f484faa2933a998)
2007-10-10r23859: Work to have Group Policy work 'out of the box' in Samba4.Andrew Bartlett6-38/+94
This involves creating the SYSVOL and NETLOGON shares at provision time, and creating the right subdirectories. This also changes the behaviour of lp.get("foo") in ejs - we now return undefined, rather than syntax error, if the parameter doesn't exist (perhaps because the share isn't defined). Andrew Bartlett (This used to be commit 45cadf3bc0d38f6600666511a392e1ce353adee7)
2007-10-10r23853: Fix a very misleading error message in tdbbackup.Michael Adam1-1/+1
Michael (This used to be commit 1685057927e0ae37ed6be780ee0fb4b3bbefc00f)
2007-10-10r23852: Merge Samba 3.2's wbinfo into Samba4, so Kai can use it for testing.Andrew Bartlett2-0/+1271
Andrew Bartlett (This used to be commit 0fc9b015d734463416e7acb1981eb65216d200fc)
2007-10-10r23851: export _ABS versions of PREFIX and SRCDIRStefan Metzmacher1-0/+2
metze (This used to be commit 759b5d94b378429a35c9901b870a89c99dad14f2)
2007-10-10r23849: ldap_server: Provide more info in debug tracesAndrew Bartlett3-7/+21
blackbox tests: increase test coverage by running more options. Andrew Bartlett (This used to be commit 46abf82675ea0ce06a162be5d733da0c236880c2)
2007-10-10r23848: Thanks to derrell for pointing out that I had not finished my patch toAndrew Bartlett2-4/+6
split out the auth methods. This caused all SWAT logins to fail, except when using local system authentication. Andrew Bartlett (This used to be commit b5a9d507a37cd46bd325ff3118c08b4362f267f2)
2007-10-10r23821: Extend the winreg test by a test for DeleteKey on aMichael Adam1-0/+66
key that has subkeys. This should return WERR_ACCESS_DENIED. Michael (This used to be commit 9b8789a4b5f444e643ed7ee3ff55dc0c41986d07)
2007-10-10r23816: A little more static, but leave the dead code testjoin.c as ↵Andrew Bartlett3-13/+5
documentation. Andrew Bartlett (This used to be commit 6679003c0553804333f0090a91e1fe53837ceb47)
2007-10-10r23815: Thanks to Matthias Wallnoefer <mwallnoefer@yahoo.de> for pointing outAndrew Bartlett3-8/+8
that we had the wrong objectClass for OU=Domain Controllers,${DOMAINDN} (was CN=Domain Controllers,${DOMAINDN}) This fixes both the SAMR server and the LDIF templates. Andrew Bartlett (This used to be commit 625a9e6c041bedc93925bdebb3a60af1dbdde317)
2007-10-10r23812: Remove more code found as dead by the find_static script, and makeAndrew Bartlett1-43/+4
other functions just static. Andrew Bartlett (This used to be commit 64fcec1da613dc8f16f0fba02fb3de0ec840671f)
2007-10-10r23811: Try to ensure struct nbt_name is always pre-declared. Might fix theAndrew Bartlett1-9/+10
build on aico. Andrew Bartlett (This used to be commit 5609bd9d219f517c25dbc6e6d265eed3ed517883)
2007-10-10r23810: Make things static, and remove unsued code.Andrew Bartlett6-463/+22
This includes some of the original ildap ldap client API. ldb provides a much easier abstraction on this to use, and doesn't use these functions. Andrew Bartlett (This used to be commit dc27a7e41c297472675e8c251bb14327a1af3902)
2007-10-10r23809: Don't give users the fantasy that we can control choice of GENSECAndrew Bartlett2-8/+1
security mechanisms at the moment. I'll put this back when I implement the functionality. Andrew Bartlett (This used to be commit 9a38ddc86fe8c68520622678eae81e4e90f427cf)