summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2009-05-08Fix bug #6330 - DFS doesn't work on AIX. Jeremy.Jeremy Allison3-0/+47
2009-05-08Expand the comment explaining why user_in_group_sid isJeremy Allison1-1/+6
not reliable for winbindd users from foreign domains. Jeremy.
2009-05-08s3:smbd: fix posix acls when setting an ACL without explicit ACE for the ↵Stefan Metzmacher1-3/+18
owner (bug#2346) The problem of bug #2346 remains for users exported by winbindd, because create_token_from_username() just fakes the token when the user is not in the local sam domain. This causes user_in_group_sid() to give totally wrong results. In uid_entry_in_group() we need to check if we already have the full unix token in the current_user struct. If so we should use the current_user unix token, instead of doing a very complex user_in_group_sid() which doesn't give reliable results anyway. metze
2009-05-08s3:smbd: fix the fix for mapped IPv4 address handling in release_ip().Michael Adam1-2/+2
It was too late... Thanks Metze for noticing. Michael
2009-05-08s3-selftest: run RPC-LSA-GETUSER against Samba 3.Günther Deschner1-1/+2
Guenther
2009-05-08s4-smbtorture: Fix printf info-level mismatch in RPC-SAMR.Günther Deschner1-1/+1
Guenther
2009-05-08s3-samr: implement more info levels in _samr_QueryDomainInfo().Günther Deschner1-0/+82
Gets us closer to pass RPC-SAMR. Guenther
2009-05-08s3-samr: Fix potential memory leak in _samr_ChangePasswordUser().Günther Deschner1-1/+2
Guenther
2009-05-08s4:loadparm: fix a comment typo. and line wrapping.Michael Adam1-1/+2
Michael
2009-05-08s4:loadparm: fix brace indentation and add brace for clarityMichael Adam1-2/+4
Michael
2009-05-08s3: make release_ip() call (ctdb) cope with IPv4 mapped addressesMichael Adam1-1/+8
Michael
2009-05-08s3-selftest: finally enable RPC-SAMR-PASSWORDS which samba3 now passes.Günther Deschner1-1/+1
Guenther
2009-05-08s4-smbtorture: avoid acct_flags check at the end of RPC-SAMR-PASSWORDS for ↵Günther Deschner1-1/+4
Samba3. I don't get this, why would the account suddenly get ACB_PWNOTREQ ? Guenther
2009-05-08s3-selftest: need to enable lanman auth in order make RPC-SAMR-PASSWORDS pass.Günther Deschner3-0/+6
Guenther
2009-05-08s3-samr: Do not leak information whether a user exist or not in pwd change ↵Günther Deschner1-0/+11
calls. Found by torture test. Guenther
2009-05-08s3-samr: implement _samr_ChangePasswordUser().Günther Deschner1-10/+106
This is vastly copied from samba4 samr server. Guenther
2009-05-08s3-samr: implement _samr_OemChangePasswordUser2().Günther Deschner1-10/+48
Guenther
2009-05-08s3-samr: disable check for ACB_DISABLED in check_oem_password().Günther Deschner1-1/+4
It is a bad idea to just tell everyone that an account is disabled without really having checked the password first. Found by torture test. Guenther
2009-05-08s3-samr: rework check_oem_password() to take a struct samu, not to return one.Günther Deschner1-39/+27
Guenther
2009-05-08s4-smbtorture: prepare for running RPC-SAMR-USERS against samba3.Günther Deschner1-16/+24
In Samba 3 there are no pdb calls to store comments, codepages and countrycodes (yet). Guenther
2009-05-08s3-samr: Let _samr_TestPrivateFunctionsUser() return not supported.Günther Deschner1-1/+0
This is to get us closer to pass RPC-SAMR-USERS. Guenther
2009-05-08s3-samr: Do not return users in _samr_QueryDisplayInfo() for builtin domain.Günther Deschner1-0/+5
Found by torture test. Guenther
2009-05-08s3-samr: let set_user_info_16 and 20 follow the same pattern as all other ↵Günther Deschner3-29/+40
levels. Guenther
2009-05-08s3-samr: support some more info levels in samr_SetUserInfo calls.Günther Deschner3-0/+468
Guenther
2009-05-08s3-samr: support some more info levels in samr_QueryUser calls.Günther Deschner1-0/+266
Guenther
2009-05-08s3/ldap: also handle DirX return codesBjörn Jacke1-0/+2
2009-05-08s3:configure: "test" only takes one "="Björn Jacke1-1/+1
2009-05-07Fix some type-punned warningsVolker Lendecke3-7/+13
2009-05-07Remove a misleading commentVolker Lendecke1-2/+0
2009-05-07Fix some nonempty blank linesVolker Lendecke1-11/+10
2009-05-07Convert lib/wb_reqtrans.c to unix calling conventionsVolker Lendecke3-97/+113
2009-05-07Adapt wb_reqtrans to "recent" coding conventionsVolker Lendecke1-44/+28
2009-05-07s3-auth: use full 16byte session key in make_user_info_netlogon_interactive().Günther Deschner2-3/+2
Patch from Jeremy. With this patch, I was able to join Windows 7 RC to a Samba3 DC, and login into a Samba 3 Domain. There are still two registry settings required: HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0 Do *not* modify the other netlogon registry parameters that were passed around, they weaken security. Guenther (cherry picked from commit b5097d54cb74ca0ea328f9e029562f65f4a01134)
2009-05-07Async API needs all parameters to be kept around until sent,Jeremy Allison1-55/+15
ensure they're attached to the state structure. Thanks to Metze for pointing this out. Jeremy.
2009-05-07Fix a typoVolker Lendecke1-1/+1
2009-05-07Add simple test chaining up sesssetup and tconVolker Lendecke1-0/+53
2009-05-07Make cli_tcon_andx chainableVolker Lendecke2-15/+48
2009-05-07Make cli_session_setup_guest chainableVolker Lendecke2-9/+35
2009-05-07s3-samr: Fix _samr_Connect5(). In error case it still needs to return empty ↵Günther Deschner1-1/+2
info1. Guenther
2009-05-07Fix missing backtick.Praveen Arimbrathodiyil1-1/+1
2009-05-07s3-rpcclient: rework enumdrivers call a bit to allow queries like win7 does.Günther Deschner1-69/+97
Guenther
2009-05-07s3-credentials: protect netlogon_creds_server_step() against NULL creds.Günther Deschner1-0/+4
Found by SCHANNEL torture tests. Guenther
2009-05-07s3-selftest: run RPC-SCHANNEL, RPC-SCHANNEL2 and RPC-BENCH-SCHANNEL1 against ↵Günther Deschner1-0/+1
Samba3. Guenther
2009-05-07s4-smbtorture: Avoid failing RPC-SCHANNEL when testing lsa_GetUserName ↵Günther Deschner1-2/+8
behaviour against Samba 3. Guenther
2009-05-07Fix bug 6336: "net groupmap set" segfaultsVolker Lendecke1-2/+4
2009-05-07tevent: fix typo async_req_done() => tevent_req_done()Stefan Metzmacher1-1/+1
metze
2009-05-06Make cli_setatr async.Jeremy Allison7-8/+145
Jeremy.
2009-05-06After getting confirmation from Guenther, add 3 changes we'llJeremy Allison1-13/+23
ultimately need to fix bug #6099 Samba returns incurrate capabilities list. 1). Add a comment to point out that r->in.negotiate_flags is an aliased pointer to r->out.negotiate_flags. 2). Ensure we return NETLOGON_NEG_STRONG_KEYS in our flags return if the client requested it. 3). Clean up the error exits so we always return the same way. Signed off by Guenther. Jeremy.
2009-05-06Make cli_setattrE async.Jeremy Allison4-31/+112
Jeremy.
2009-05-06s3-netlogon: Fix NETLOGON credential chain. Fixes Bug #6099 (Windows 7 ↵Günther Deschner1-2/+6
joining Samba3) and probably many, many more. Jeremy, with 9a5d5cc1db0ee60486f932e34cd7961b90c70a56 you alter the in negotiate flags (which are a pointer to the out negotiate flags assigned in the generated netlogon server code). So, while you wanted to just set the *out* negflags, you did in fact reset the *in* negflags, effectively eliminating the NETLOGON_NEG_STRONG_KEYS bit (formerly known as NETLOGON_NEG_128BIT) which then caused creds_server_init() to generate 64bit creds instead of 128bit, causing the whole chain to break. *Please* check. Guenther