Age | Commit message (Collapse) | Author | Files | Lines |
|
The previous code incorrectly assumed that attributes such as
subClassOf come over the wire as strings. In fact they come over as 32
bit integers which refer to goversIDs. We have to post-process these
as it sometimes happens that a governsID comes over the wire before
the record that defines what it means.
|
|
|
|
The correct name is ldb.ERR_INVALID_DN_SYNTAX
|
|
|
|
- This changes the attribute "forceLogoff" to its' default
values according to Windows Server 2003 R2
- Also this corrects the "subRefs" attribute of the base-DN which only refers
to direct child partitions (and therefore not to the complete transitive closure)
|
|
Don't remove pending writetime changes if no time changes
are sent in UNIX_BASIC infolevel.
Jeremy
|
|
extensions=yes" are set - and using latest cifs vfs client
Cancel out any pending "sticky" writes or "last write" changes when
doing a UNIX info level set.
Jeremy.
|
|
metze
|
|
metze
|
|
metze
|
|
Michael
|
|
Michael
|
|
replace.h needs to be included first.
Michael
|
|
|
|
|
|
This fixes bug #6519.
|
|
|
|
this works around some terrible use of talloc in the libnet code
|
|
|
|
These changes follow from the discussions on samba-technical. The
changes are in several parts, and stem from the inherent ambiguity
that was in talloc_free() and talloc_steal() when the pointer that is
being changes has more than one parent, via references.
The changes are:
1) when you call talloc_free() on a pointer with more than one parent
the free will fail, and talloc will log an error to stderr like this:
ERROR: talloc_free with references at some/foo.c:123
reference at other/bar.c:201
reference at other/foobar.c:641
2) Similarly, when you call talloc_steal() on a pointer with more
than one parent, the steal will fail and talloc will log an error to
stderr like this:
ERROR: talloc_steal with references at some/foo.c:123
reference at other/bar.c:201
3) A new function talloc_reparent() has been added to change a parent
in a controlled fashion. You need to supply both the old parent and
the new parent. It handles the case whether either the old parent was
a normal parent or a reference
The use of stderr in the logging is ugly (and potentially dangerous),
and will be removed in a future patch. We'll need to add a debug
registration function to talloc.
|
|
|
|
A dcerpc request may have a reference from a still completing async
callback, but we now consider the request to be complete. We want to
lose the main parent, leaving just the reference, if any.
|
|
|
|
This is one of the few cases where we want the object to be owned by
both the python object and C code
|
|
|
|
The previous code caused memory leaks, and also caused situations
where talloc_free could be called on pointers with multiple parents
The new approach is to have two functions:
py_talloc_import : steals the pointer, so it becomes wholly owned by
the python object
py_talloc_reference: uses a reference, so it is owned by both python
and C
|
|
|
|
|
|
|
|
The previous use of talloc_steal could cause a steal of a pointer that
had references. This ensures that doesn't happen
|
|
The upcoming talloc_free/talloc_reference changes change talloc_free
to be a macro. These two bits of code relied on it being a function
pointer
|
|
Set the values like Windows Server 2003 R2.
|
|
DC object
Found after some comparisons against Windows Server 2003 R2.
|
|
the display specifiers
The object version showed up in the Windows 2003 Server R2 AD.
The "systemFlags" attribute has been set to the right value.
|
|
parameters
|
|
consumed_ucs is the number of bytes
of the UCS2 path consumed not counting any
terminating null. We need to convert
back to unix charset and count again
to get the number of bytes consumed from
the incoming path.
|
|
Guenther
|
|
Now that the sanity checks for mount.cifs default to matching the
behavior of /bin/mount, then there is virtually no need for umount.cifs.
The only exception is when someone enables the loose setuid behavior in
mount.cifs.
If an unprivileged user mounts a share that isn't in /etc/fstab, then
/bin/mount won't allow that user to unmount it. In that situation,
umount.cifs will be necessary to allow unmounting the share.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Steve French <smfrench@us.ibm.com>
|
|
Search for groups without group suffix, group suffix is only used for new entries.
|
|
Found while testing Xerox WorkCentre 133 PCL driver, now also tested with
torture test.
Guenther
|
|
Guenther
|
|
Guenther
|
|
This reworks the notes file to be less stream-of-consciousness and more
task for porting, with a very particular focus on a potential port of
Samba4 to use MIT Kerberos.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
It seems quite reasonable to allow modules to re-initialise the set of
cached DNs on the ldb context.
Andrew Bartlett
|
|
This job is not complete (the partition module remains a unfinished
task), but now we do use the private ldb headers much less.
Andrew Bartlett
|
|
The previous code only allowed an KRB5_NT_ENTERPRISE name (an e-mail
list user principal name) in an AS-REQ. Evidence from the wild
(Win2k8 reportadely) indicates that this is instead valid for all
types of requests.
While this is now handled in heimdal/kdc/misc.c, a flag is now defined
in Heimdal's hdb so that we can take over this handling in future (once we start
using a system Heimdal, and if we find out there is more to be done
here).
Andrew Bartlett
|
|
|
|
The function LDB_lookup_principal() has been eliminated, and it's
contents spread back to it's callers. Removing the abstraction makes
the code clearer.
Also ensure we never pass unescaped user input to a LDB search
function.
Andrew Bartlett
|
|
|
|
Guenther
|