summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-09-15cldap: prevent crashes when freeing cldap socketAndrew Tridgell1-6/+15
As a callback may destroy the cldap socket we need to ensure we don't reference the cldap structure after the callback Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-server: check the return of irpc_binding_handle_by_nameAndrew Tridgell1-3/+4
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-finddcs: ensure we free previous cldap requests before starting a new oneAndrew Tridgell1-1/+1
2010-09-15s4-selftest: enable logging in valgrind server xtermAndrew Tridgell1-1/+1
when running with valgrind on the server, enable logging in the xterm so you get a permanent record of any errors
2010-09-15s4-rpc: fixed double free in RPC proxyAndrew Tridgell1-12/+4
the unbind method is only called when the dcesrv_connection_context is being destroyed (its called from the destructor). That means that priv is either already free, or is about to be freed, so don't free it again
2010-09-15tsocket: we return -1 on error, not fdAndrew Tridgell1-7/+7
the code used this pattent: if (fd < 0) { ...various cleanups... return fd; } it is much clearer to do this: if (fd < 0) { ...various cleanups... return -1; } as otherwise when reading the code you think this function may return a fd. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-libnet: print the domain name on domain open failureAndrew Tridgell2-2/+4
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-libnet: force IDL printing for high debug levelsAndrew Tridgell1-0/+4
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-resolve: the file backend should not look at the name typeAndrew Tridgell1-1/+1
this matches the behaviour of our DNS resolver Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-finddcs: show required server type bits on failureAndrew Tridgell1-2/+3
when we skip a DC because it doesn't have the required server type bits, show what bits we wanted Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-repl: use consistent API calls for getting DN GUIDAndrew Tridgell1-1/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-netlogon: fixed logic for setting DS_SERVER_WRITABLEAndrew Tridgell1-1/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-finddc: use NBT lookup for a 1C name if joining a short domain nameAndrew Tridgell6-20/+105
once we get the 1C lookup reply, use a CLDAP query to find the details for the server Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-selftest: use the full domain name in joinsAndrew Tridgell1-4/+4
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-join: give a clear error when using short domain formAndrew Tridgell1-1/+4
we now require the full domain name, for the DNS/CLDAP lookup Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-rodc: use python finddc code to avoid the need for --serverAndrew Tridgell1-6/+12
The DC is now found via DNS/CLDAP Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-pynet: added finddc callAndrew Tridgell1-0/+45
this gives access to the CLDAP/DNS finddc code from python Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-libcli: change finddcs.h -> finddc.hAndrew Tridgell5-4/+4
this prevents conflicts with old generated files and we can only even return one DC with this interface. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-finddcs: rename finddcs to finddcs_nbtAndrew Tridgell2-37/+34
finddcs_nbt is currently unused, but will later be a fallback is a cldap DC find fails. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-winbind: use finddcs_cldap() in winbindAndrew Tridgell5-40/+52
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-libnet: use finddcs_cldap() in libnet_lookupAndrew Tridgell1-11/+17
this may later be changed to do fallback to NBT as well, but for now cldap is sufficient Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-cldap: don't set the writable bit when we are a RODCAndrew Tridgell1-2/+6
when we are a RODC, don't respond with the writable bit in the server type response of netlogon requests Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-finddcs: added finddcs_cldap()Andrew Tridgell4-4/+284
this finds DCs with a specified set of server_type bit using SRV lookups and CLDAP Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-secrets: fixed shadowed variable warningAndrew Tridgell1-4/+4
we already have a 'v' in scope
2010-09-15cldap: use ipv4 not up for unbound cldap socketsAndrew Tridgell1-1/+5
If we use "ip" we end up with a PF_INET6 socket which breaks sendto() for v4 addresses.
2010-09-15s4-resolve: added resolve_name_multiple_recv()Andrew Tridgell1-0/+34
this allows for multiple replies to a SRV lookup Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-dns: fixed lookup of SRV records using dns_exAndrew Tridgell1-2/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4: fixed some printf format errorsAndrew Tridgell3-3/+3
2010-09-15s4-libnet: converted finddcs call to tevent_reqAndrew Tridgell4-89/+128
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-secrets: fetch secure channel type with domain SIDAndrew Tridgell4-4/+27
The secure channel type is needed to work out what DC to connect to Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-auth: when we are a DC enable winbind authAndrew Tridgell1-1/+3
As a RODC we need to forward some auth requests to a writable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-auth: set the RODC bit for RODC schannelAndrew Tridgell2-1/+5
When we are using SEC_CHAN_RODC we need to set the NETLOGON_NEG_RODC_PASSTHROUGH bit in the negotiated flags in ServerAuthenticate2 Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-schannel: fixed reference to context after freeAndrew Tridgell1-2/+3
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-auth: allow multiple active auth backendsAndrew Tridgell1-35/+43
when we are an RODC we need to be able to allow multiple auth backends to process a single auth request. First the sam backend will try to authenticate, using locally stored passwords. If this backend can't find local passwords then it will try the winbind backend and authenticate via a writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-smb: serialise session setup operationsAndrew Tridgell2-0/+16
the mixture of async and sync code in gensec makes a EOF on a socket during a session setup cause a crash. The simplest solution is to stop processing events on the socket until the session setup is complete.
2010-09-15talloc: fixed spelling errors in commentAndrew Tridgell1-2/+2
2010-09-15s4-rodc: add a trigger message for REPL_SECRET to auth_samAndrew Tridgell3-0/+73
when an RODC tries to authenticate against an account and the account has no password information it needs to send a message to the drepl server to tell it to try and replicate the secret information from a writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-messaging: add support for no_reply in irpc messagesAndrew Tridgell2-0/+8
It can be useful for a irpc message to be one-way, where the client sends a messages and the server does not reply. This will be used for things like a triger message from an auth context to the drepl server to tell it to try a REPL_SECRET on a user in a RODC. Previously we've used raw messaging for messages that have no reply, but that doesn't allow us to use messages described by IDL Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-15s4-kcc: removed redundent loop check Andrew Tridgell1-1/+1
el has already been checked for NULL
2010-09-15s4-smb: smbsrv_blob_push_string() can return -1Andrew Tridgell1-8/+11
need to use ssize_t, not size_t for error handling
2010-09-15s4-dsdb: check for invalid backend typeAndrew Tridgell1-0/+2
2010-09-15s4-rootdse: setup length after NULL checkAndrew Tridgell1-2/+2
2010-09-15s4-dsdb: fixed use after free for RODCAndrew Tridgell1-2/+1
2010-09-15s4-dsdb: free right context on failureAndrew Tridgell1-1/+1
down_req is not initialised yet
2010-09-15s4-dsdb: defer ac->msg after check for NULL acAndrew Tridgell1-1/+3
2010-09-15s4-anr: check for allocation failure before useAndrew Tridgell1-1/+1
2010-09-14s4: Fix two typosVolker Lendecke1-2/+2
2010-09-14Allows changing the maximum number of simultaneous clients in winbindd ↵Pierre Carrier5-9/+30
through an smb.conf option. Signed-off-by: Jeremy Allison <jra@samba.org>
2010-09-14Ensure incoming timespec values correctly wrap at nsecs.Jeremy Allison2-0/+11
Jeremy.
2010-09-14Fix string_to_sid() to allow non '\0' termination of the string - allowsJeremy Allison1-11/+6
string_to_sid() to be used in formatted strings like FOO/S-1-5-XXXX-YYYY/BAR. Jeremy.