Age | Commit message (Collapse) | Author | Files | Lines |
|
metze
(This used to be commit 1768a698a461bfb8aeaa8f28efaab4ad300823a2)
|
|
it currently doesn't do much, but it's later
prevent adding corrupted records via ldbedit,
and will take care of the versionID counter
metze
(This used to be commit a6f279bc43c74cf4dc116cb6ba99f1aed13a4de9)
|
|
as '-' make problems with popt
metze
(This used to be commit d300d56fb724642887c9b43058ef858298846288)
|
|
metze
(This used to be commit b206c5e87c791ac8f2ecf5b7ef6b2622ad735f54)
|
|
metze
(This used to be commit c52436108d1628feb50c9bf720ae30c4dc469b34)
|
|
not yet enforced except for the initial connection timeout
(This used to be commit fa1ae9a44b0321b8e458bcb7fd1dcc9475b9bad3)
|
|
the remote sever, and to query it for domain information.
Provide and use this information in the SamSync/Vampire callbacks, to allow a
parallel connection to LDAP, if we are talking to AD. This allows us
to get at some important attributes not exposed in the old protocol.
With this, we are able to do a all-GUI vampire of a AD domain from
SWAT, including getting all the SIDs, servicePrincipalNames and the
like correct.
Andrew Bartlett
(This used to be commit 918358cee0b4a1b2c9bc9e68d9d53428a634281e)
|
|
Andrew Bartlett
(This used to be commit c2eca05074ee7af6e3ddffc25dac5a939bdd7e9a)
|
|
- fix compilation of auth/kerberos/krb5_init_context.c on AIX
metze
(This used to be commit 0e1ad08a8515056f4ed0923889bef04d85b84964)
|
|
script ...'
metze
(This used to be commit d28c8ce66db61cff193ac06e8e5d7d6aa5059e9e)
|
|
(just for testing)
metze
(This used to be commit 677c1aa4663e9e5f0729a312152565a6740dbab2)
|
|
as normal IRIX make doesn't support shell commands or functions
in $(FOO) variables
metze
(This used to be commit de7b0b2dc9616c007916cce9d69051f76d4fd559)
|
|
err, they save time at least. The correct use of an error string in
this case quickly pinpoited an overzealous check, and saved me hours
of painful debugging.
Andrew Bartlett
(This used to be commit 26946c90e87a94453a5ad3e9e26ef19b36656237)
|
|
Andrew Bartlett
(This used to be commit 31fd39f356c9bc40827b22c0cdb622044d896a85)
|
|
do not propogate back to the user, they just end up in the logfile.
Andrew Bartlett
(This used to be commit 7c9f8e524bf7f030c56ed42ee7e3a25563a34db4)
|
|
Doing this required reworking ejsnet, particularly so it could take a
set of credentials, not just a username and password argument.
This required fixing the ejsnet.js test script, which now adds and
deletes a user, and is run from 'make test'. This should prevent it
being broken again.
Deleting a user from ejsnet required that the matching backend be
added to libnet, hooking fortunetly onto already existing code for the
actual deletion.
The js credentials interface now handles the 'set machine account' flag.
New functions have been added to provision.js to wrap the basic
operations (so we can write a command line version, as well as the web
based version).
Andrew Bartlett
(This used to be commit a5e7c17c348c45e61699cc1626a0d5eae2df4636)
|
|
Andrew Bartlett
(This used to be commit 7b169aad3f94f1695b1f99cc91ff928cb2ca0389)
|
|
Andrew Bartlett
(This used to be commit 630b4b4dc516fc28c74f815a0c1fb467ec576029)
|
|
Andrew Bartlett
(This used to be commit a3b3e09a9acc66dff7baf1a4ba0ea913bccdbd7d)
|
|
Andrew Bartlett
(This used to be commit 8f7d14048fe29fd2c8b3e3c7aa73b4a854615016)
|
|
Andrew Bartlett
(This used to be commit f4f4dcf217314980aa114d61a1546d2c18b55baa)
|
|
Andrew Bartlett
(This used to be commit c9402f9227a02ff0ee77f264f79ef47207ad50ef)
|
|
will not use it anyway as we plan to support
partitions in ldb directly like with rootdse
Merge ldap_simple_ldb into ldap_backend, it is
not simple anymore and makes no sense to have
it separated now that ldap partitions are gone
Initial attempt at working to some limit to avoid DOSs
for the ldap server.
Simo.
(This used to be commit 97bff3e049eba48019f2b0f3eb5a19e32fef2e23)
|
|
gnutls-devel installed do not miss the first test.
Andrew Bartlett
(This used to be commit 6e17864c5d2ffc6b4e532e693426574fc57741bf)
|
|
Andrew Bartlett
(This used to be commit 38e8a6477a112faa78e0791d20ce9bd2e68fd619)
|
|
Andrew Bartlett
(This used to be commit cefba10bd5ed1f6d10a071e4239088d91f661a36)
|
|
Andrew Bartlett
(This used to be commit 18eb3ca7cc1a728b7cc5d7102ca765c323f1a6fe)
|
|
Andrew Bartlett
(This used to be commit a30a359c45c3dac4b910ec130b73cc01324b399a)
|
|
(This used to be commit a6833db4e6ab8046c8e7f808dfff90bb0529d2d7)
|
|
multiple protocols, replacing it with the packet handling subsystem.
We don't have multiple protocols at present, and the abstraction layer
only serves to confuse matters. Also, the new packet subsystem removes
the need to handle partial reads.
We can easily add new protocols from the socket up instead, becaue the
difficult bits are done by the packet layer.
Andrew Bartlett
(This used to be commit acf9dc8fe9e66f1dd3f18c0245375f502f03a24c)
|
|
In librpc, always try SMB level authentication, even if trying
schannel, but allow fallback to anonymous. This should better
function with servers that set restrict anonymous.
There are too many parts of Samba that get, parse and modify the
binding parameters. Avoid the extra work, and add a binding element
to the struct dcerpc_pipe
The libnet vampire code has been refactored, to reduce extra layers
and to better conform with the standard argument pattern. Also, take
advantage of the new libnet_Lookup code, so we don't require the silly
'password server' smb.conf parameter.
To better support forcing traffic to be sealed for the vampire
operation, the dcerpc_bind_auth() function now takes an auth level
parameter.
Andrew Bartlett
(This used to be commit d65b354959842326fdd4bd7eb7fbeea0390f4afa)
|
|
Andrew Bartlett
(This used to be commit 21f87f87a9b79da4463bddc993df502beae50a16)
|
|
gsskrb5_get_initiator_subkey() routine is bougs. We can indeed use
gss_krb5_get_subkey().
This is fortunate, as there was a segfault bug in 'initiator' version.
Andrew Bartlett
(This used to be commit ec11870ca1f9231dd3eeae792fc3268b31477e11)
|
|
Andrew Bartlett
(This used to be commit 3e90e7edfa7d343a6b6bf073b8f4d018e3b463d0)
|
|
another case where we have to fallback to the node status request.
Andrew Bartlett
(This used to be commit 181064dbcf102de80937fc30b3d3ba5114194a72)
|
|
Andrew Bartlett
(This used to be commit daa4b76800024c1494eeda675c46af3790fac788)
|
|
far at this point, and there is no point being in between.
Andrew Bartlett
(This used to be commit 10fb19add65ba534ea7cf3357b02d642e94fe535)
|
|
the remote server's name, or in the absence of a local nbt_server to
communicate with (or without root access), a node status request.
The result is that we are in a better position to use kerberos, as well
as to remove the 'password server' mandatory parameter for the samsync
and samdump commands. (I need this to put these into SWAT).
The only problem I have is that I must create a messaging context, which
requires a server ID. As a client process, I don't expect to get
messages, but it is currently required for replies, so I generate a
random() number. We probably need the servers to accept connections on
streamed sockets too, for client-only tasks that want IRPC.
Because I wanted to test this code, I have put the NET-API-* tests into
our test scripts, to ensure they pass and keep passing. They are good
frontends onto the libnet system, and I see no reason not to test them.
In doing so the NET-API-RPCCONNECT test was simplified to take a
binding string on the command line, removing duplicate code, and
testing the combinations in the scripts instead.
(I have done a bit of work on the list shares code in libnet_share.c
to make it pass 'make test')
In the future, I would like to extend the libcli/findds.c code (based
off volker's winbind/wb_async_helpers.c, which is why it shows up a bit
odd in the patch) to handle getting multiple name replies, sending a
getdc request to each in turn.
(posted to samba-technical for review, and I'll happily update with
any comments)
Andrew Bartlett
(This used to be commit 7ccddfd3515fc2c0d6f447c768ccbf7a220c3380)
|
|
metze
(This used to be commit ed4a3e53fd71679fbdfc2f2932c1098e03026285)
|
|
(This used to be commit 61ae77beecd573809d917dd86d1fac6cc40e967d)
|
|
- 'make doxygen' generated the api documentation under apidocs/
Many thanks to Brad Hards <bradh@frogmouth.net> for the patches!
metze
(This used to be commit e98d483174c555366e62dd27600e6b242cab7a7f)
|
|
metze
(This used to be commit 552e12c05d10ddad55bfc0997303096055ddecdd)
|
|
metze
(This used to be commit 4d32d50ccd8bd0bfb3e2d6f5aee23bce38abbc03)
|
|
metze
(This used to be commit bf6065b11fd84454f8bc881ff96fb1846a59405b)
|
|
metze
(This used to be commit 5d0ae1d2aef3fc7ddb4cb9269bb028beeaee6dfb)
|
|
metze
(This used to be commit 75a98047d6829cadf4b9082bec2733055dad3465)
|
|
metze
(This used to be commit bb68f2e602dbcc94c05b2dd764c163be1e5a583d)
|
|
metze
(This used to be commit 976052c6561dee7232c1a10fb977b1c4776825a2)
|
|
metze
(This used to be commit 41a564fdba5969fc7e518439520764fd56cfa280)
|
|
-D_PUBLIC_="__attribute__((visibility(\"default\")))"
if the compiler supports it, this will cause that modules can only access
public functions (gcc 4 supports this)
metze
(This used to be commit bcf4c362556b8168fc0b63af5708e4a78c7b93fb)
|