summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-08-29s4-dsdb: Avoid printing secret attributes in ldb trace logsAndrew Bartlett1-0/+8
These are printed when Samba has debug level 10, which is often used for debugging. To indicate that these attributes are secret, we set an opaque. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Aug 29 06:04:33 CEST 2012 on sn-devel-104
2012-08-29lib/ldb: Avoid printing secret attributes in ldb trace logsAndrew Bartlett8-14/+352
These are printed when Samba has debug level 10, which is often used for debugging. Instead, print a note to say that this attribute has been skipped. Andrew Bartlett
2012-08-29auth/credentials: Remove unused, and un-declared cli_credentials_set_krbtgt()Andrew Bartlett1-29/+0
2012-08-29auth/credentials: Better integrate fetch of secrets.tdb and secrets.ldb recordsAndrew Bartlett1-32/+61
By checking first if there is a secrets.tdb record and passing in the password and last change time we avoid setting one series of values and then replacing them. We also avoid the need to work around the setting of anonymous. Andrew Bartlett
2012-08-29auth/credentials: Improve memory handling in cli_credentials_set_machine_accountAndrew Bartlett1-26/+26
By using a tempoary talloc context this is much tidier and more reliable code. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Aug 29 03:11:10 CEST 2012 on sn-devel-104
2012-08-29selftest: Add a test for smbclient --machine-pass without secrets.tdbAndrew Bartlett2-1/+10
Errors in handling the upgrade case without a matching secrets.tdb caused segfaults in the server. This essentially tests both sides. Andrew Bartlett
2012-08-29auth/credentials: Avoid double-free in the failure caseAndrew Bartlett1-1/+1
This pointer is only valid if dbwrap_fetch returned success. Andrew Bartlett
2012-08-28s3-smbd: Fix flooding the logs with records we don't find in pcap.Andreas Schneider1-1/+1
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Aug 28 16:38:55 CEST 2012 on sn-devel-104
2012-08-28s3-classicupgrade: Fix import from ldapAndrew Bartlett1-2/+2
We must not reference result before provision(), and do not need session_info and lp for reading a normal ldap backend anyway. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 28 09:49:39 CEST 2012 on sn-devel-104
2012-08-28lib/ldb: Bump ldb version to 1.1.11Andrew Bartlett3-1/+262
This will ensure the next Samba release requires an ldb with the recent fixes. Andrew Bartlett
2012-08-28s3-vfs: Indicate the symlink destination when failing check_reduced_nameAndrew Bartlett1-2/+2
2012-08-28s3-vfs: Try to be consistent about localtime vs GMT handling in vfs_shadow_copy2Andrew Bartlett1-12/+19
With the ability to handle times a abolute time_t values since 1970 this becomes more important to get absolutly correct. Andrew Bartlett
2012-08-28s3-vfs_shadow_copy2: Also accept a sscanf resultAndrew Bartlett1-18/+46
2012-08-28VERSION: Move on to beta8Andrew Bartlett1-2/+2
We actually expect beta7 to be the last beta, but to avoid confusion I won't mark it as rc1 until the actual release candidate. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 28 01:48:16 CEST 2012 on sn-devel-104
2012-08-28VERSION: Mark as the beta7 releaseAndrew Bartlett1-1/+1
2012-08-28WHATSNEW: prepare for 4.0 beta7Andrew Bartlett1-28/+42
2012-08-28selftest: Fix comment in blackbox_s3upgrade.shAndrew Bartlett1-1/+1
2012-08-28s4-classicupgrade: Do the setting of the sysvol ACLs last, after idmap is ↵Andrew Bartlett2-7/+14
configured This will allow files to be correctly owned by the idmap that is imported. This appears to fix an issue that came up after s3fs-compatible ACLs were merged into provision. Andrew Bartlett
2012-08-28s3-passdb: Allow reload of the static passdb from pythonAndrew Bartlett3-2/+23
This is then used in provision when the passdb backend is forced. Andrew Bartlett
2012-08-28auth/credentials: Rework credentials handling to try and find the most ↵Andrew Bartlett1-33/+71
recent machine pw As winbindd will update secrets.tdb but not secrets.ldb, we need to detect this and use secrets.tdb Andrew Bartlett
2012-08-28selftest: Add test of smbclient --machine-pass against and using both s3 and s4Andrew Bartlett5-0/+62
This uses both smbclient binaries to ensure that both work in both environments. Andrew Bartlett
2012-08-28auth/credentials: Expand secrets.tdb fetch of secrets to preserve ↵Andrew Bartlett1-0/+4
workstation and realm These would otherwise be set during the fetch from the secrets.ldb, but are wiped when that fails. Andrew Bartlett
2012-08-28s4-dsdb: Remove double-free in update_keytab moduleAndrew Bartlett1-2/+0
2012-08-28s4-dsdb: Add secrets_tdb_sync - an ldb module to keep secrets.tdb in syncAndrew Bartlett6-2/+543
secrets_tdb_sync is a new ldb module designed to sync secrets.ldb entries with the secrets.tdb file. While not ideal to keep two copies of this data, this routine will assist in allowing the samba-tool domain join code to operate correctly in most cases where winbindd and smbd are used. Andrew Bartlett
2012-08-28s3-secrets: Use talloc_stackframe() in secrets_init_path()Andrew Bartlett1-3/+6
2012-08-28s3-secrets: Handle all valid ROLE_ values in get_default_sec_channel()Andrew Bartlett1-1/+2
2012-08-28s3-secrets: Add helper function to set machine account password from ↵Andrew Bartlett2-0/+92
secrets_tdb_sync secrets_tdb_sync will be a new ldb module designed to sync secrets.ldb entries with the secrets.tdb file. While not ideal to keep two copies of this data, this routine will assist in allowing the samba-tool domain join code to operate correctly in most cases where winbindd and smbd are used. Andrew Bartlett
2012-08-28lib/krb5_wrap: Move enctype conversion functions into a simple helper fileAndrew Bartlett5-81/+109
2012-08-28s4-classicupgrade: Read WINS DB before the provisionAndrew Bartlett1-6/+7
2012-08-28s4-classicupgrade: Do all the queries of data before the provision()Andrew Bartlett1-35/+35
This allows provision to change the s3 smb.conf settings if required. Andrew Bartlett
2012-08-28s4-classicupgrade: Use s3param.get_context() instead of result.lpAndrew Bartlett1-1/+1
We should not need the guessed values here, but by changing to using the s3 loadparm context we can move this block to before the provision. Andrew Bartlett
2012-08-28lib/krb5_wrap: Move kerberos_enctype_to_bitmap() into krb5_wrapAndrew Bartlett3-20/+23
2012-08-28lib/krb5_wrap: Bring list of all enc types into krb5_wrapAndrew Bartlett3-10/+17
2012-08-28s4-libnet: Ensure termination of enctype array in libnet_export_keytab()Andrew Bartlett1-1/+2
2012-08-28examples: Remove security=share and security=server from example smb.confAndrew Bartlett1-1/+1
2012-08-28s3-param: Avoid assert on use of talloc_tos() without stackframeAndrew Bartlett1-2/+3
This is hit during samba-tool domain classicupgrade Andrew Bartlett
2012-08-27s4-torture: Test for #9058Volker Lendecke2-0/+73
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Aug 27 17:43:09 CEST 2012 on sn-devel-104
2012-08-25s4:winbind: let wb_update_rodc_dns_send/recv use netlogon_queue (bug #9097)Stefan Metzmacher1-3/+30
metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Aug 25 05:06:18 CEST 2012 on sn-devel-104
2012-08-25s4:winbind: let wb_sam_logon_send/recv() use the netlogon_queue (bug #9097)Stefan Metzmacher1-3/+30
metze
2012-08-25s4:winbind: add a netlogon_queue (tevent_queue)Stefan Metzmacher2-0/+12
This will protect the netlogon_creds later. metze
2012-08-25s4:winbind: convert wb_update_rodc_dns_send/recv to tevent_reqStefan Metzmacher2-78/+122
metze
2012-08-25s4:winbind: convert wb_sam_logon_send/recv to tevent_reqStefan Metzmacher3-93/+140
metze
2012-08-25s4:winbind: convert wb_sid2domain to tevent_req internallyStefan Metzmacher1-74/+174
The public wrapper still uses composite_context, because I don't have time to fix all the callers... metze
2012-08-25s4:librpc/rpc: don't do async requests if gensec doesn't support async ↵Stefan Metzmacher1-0/+32
replies (bug #9097) metze
2012-08-25s4:librpc/rpc: also call dcerpc_schedule_io_trigger() after bind and ↵Stefan Metzmacher1-0/+7
alter_context responses metze
2012-08-25s4:librpc/rpc: use dcerpc_req_dequeue() in dcerpc_request_recv_data()Stefan Metzmacher1-1/+1
metze
2012-08-25s4:librpc/rpc: use talloc_zero for 'struct rpc_request'Stefan Metzmacher1-11/+1
metze
2012-08-25libcli/smb: split out a smb_transport private libraryStefan Metzmacher1-3/+15
metze
2012-08-25libcli/smb: wscript_build => wscriptStefan Metzmacher1-1/+2
We'll need some configure checks in future. metze
2012-08-24Remove useless bool "upper_case_domain" parameter from ntv2_owf_gen().Jeremy Allison3-13/+3
The code in SMBNTLMv2encrypt_hash() should not be requesting case changes on the domain name. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Aug 24 21:39:42 CEST 2012 on sn-devel-104